Access Continuum
Access Continuum
Definitions
Definition 1
Entities have varying levels of access to organizations' resources. The binary classification insider versus outsider is a highly simplified model. In contrast, considering access levels as a continuum allows for a more sophisticated model and may help focus on the most critical aspect: access, rather than statute.
Illustration
Related Terms
https://open-measure.atlassian.net/wiki/spaces/DIC/pages/123962347
Continuum
Insider
Insider Threat
Level of Access
Outsider
Outsider Threat
Quotes
Our theme is that the distinction between “insider” and “outsider” is not binary; rather, there are “attackers” with varying degrees and types of access. One can call some set of these attackers “insiders,” with the complement being the “outsiders,” but countermeasures should focus on the access and not on whether the attackers are insiders. Thus, we see attacks as spanning a continuum of levels and types of access, and use that as the basis of our discussion. We emphasize that people comfortable thinking in terms of “insiders” and “outsiders” can superimpose that partition on our notion of “attackers with varying levels of access.” That partition, however, will vary based on circumstances and environment.
Bibliography
See Also
-
Access Continuum (Dictionary)
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.
