Protecting information systems from insider threats - concepts and issues


Summary form only given. Past research on information security has focused on protecting valuable resources from attacks by outsiders. However, statistics show that a large amount of security and privacy breaches are due to insider attacks. Protection from insider threats is challenging because insiders may have access to many sensitive resources and high-privileged system accounts. Suitable approaches need to combine several security techniques, like fine-grained access control, stronger authentication protocols, integrated digital identity management, intrusion detection, with techniques from areas like information integration, machine learning, and risk assessment. In this talk, after an introduction to the problem of insider threats, we will present recent work addressing the problem of anomaly detection and response policies for database management systems and then discuss open research issues, by emphasizing the role of techniques from the area of information integration.


authorisation, data privacy, database management systems, inforamtion systems, learning, artificial intelligence, risk management

Date of this Version



This paper appears in: Information Reuse and Integration (IRI), 2011 IEEE International Conference on
Issue Date: 3-5 Aug. 2011
On page(s): xxiv - xxv
Location: Las Vegas, NV