Protecting information systems from insider threats - concepts and issues
Abstract
Summary form only given. Past research on information security has focused on protecting valuable resources from attacks by outsiders. However, statistics show that a large amount of security and privacy breaches are due to insider attacks. Protection from insider threats is challenging because insiders may have access to many sensitive resources and high-privileged system accounts. Suitable approaches need to combine several security techniques, like fine-grained access control, stronger authentication protocols, integrated digital identity management, intrusion detection, with techniques from areas like information integration, machine learning, and risk assessment. In this talk, after an introduction to the problem of insider threats, we will present recent work addressing the problem of anomaly detection and response policies for database management systems and then discuss open research issues, by emphasizing the role of techniques from the area of information integration.
Keywords
authorisation, data privacy, database management systems, inforamtion systems, learning, artificial intelligence, risk management
Date of this Version
8-2011
Comments
This paper appears in: Information Reuse and Integration (IRI), 2011 IEEE International Conference on
Issue Date: 3-5 Aug. 2011
On page(s): xxiv - xxv
Location: Las Vegas, NV