Invalidating Policies using Structural Information

Florian Kammuller; Christian W. Probst

doi:10.1109/SPW.2013.36

Invalidating Policies using Structural Information

Authors:

Kammuller, Florian ;
Close
Middlesex University
Probst, Christian W.
Close
0000-0002-4947-355X
Department of Applied Mathematics and Computer Science, Technical University of Denmark

DOI:

10.1109/SPW.2013.36

Abstract:

Insider threats are a major threat to many organisations. Even worse, insider attacks are usually hard to detect, especially if an attack is based on actions that the attacker has the right to perform. In this paper we present a step towards detecting the risk for this kind of attacks by invalidating policies using structural information of the organisational model. Based on this structural information and a description of the organisation's policies, our approach invalidates the policies and identifies exemplary sequences of actions that lead to a violation of the policy in question. Based on these examples, the organisation can identify real attack vectors that might result in an insider attack. This information can be used to refine access control system or policies.

ISBN:

9781479904587

Type:

Conference paper

Language:

English

Published in:

2013 Ieee Security and Privacy Workshops, 2013, p. 76-81

Main Research Area:

Science/technology

Publication Status:

Published

Review type:

Peer Review

Conference:

2013 IEEE Security and Privacy Workshops (SPW), 2013

Publisher:

IEEE

Submission year:

2013

Scientific Level:

Scientific

ID:

243727388

Invalidating Policies using Structural Information

Full text access

On-site access

At institution

Metrics

Example	Finds records
water{}	containing the word "water".
water supplies"{}"	containing the phrase "water supplies".
author:"Doe, John"author:"{}"	containing the prase "Doe, John" in the author field.
title:IEEEtitle:{}	containing the word "IEEE" in the title field.
Need more help?	Advanced search tutorial