Defense against Insider Threat: a Framework for Gathering Goal-based Requirements

V. Nunes Leal Franqueira, Pascal van Eck

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    Abstract

    Insider threat is becoming comparable to outsider threat in frequency of security events. This is a worrying situation, since insider attacks have a high probability of success because insiders have authorized access and legitimate privileges. Despite their importance, insider threats are still not properly addressed by organizations. We contribute to reverse this situation by introducing a framework composed of a method for identification and assessment of insider threat risks and of two supporting deliverables for awareness of insider threat. The deliverables are: (i) attack strategies structured in four decomposition trees, and (ii) a matrix which correlates defense strategies, attack strategies and control principles. The method output consists of goal-based requirements for the defense against insiders.
    Original languageUndefined
    Title of host publicationProceedings of the 12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design (EMMSAD 2007), held in conjuction with CAISE'07
    EditorsB Pernici, J.A. Gulla
    Place of PublicationTrondheim
    PublisherTapir Academic Press
    Pages193-202
    Number of pages10
    ISBN (Print)978-82-519-2245-6
    Publication statusPublished - 2007
    Event12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design, EMMSAD 2007 - Trondheim, Norway
    Duration: 11 Jun 200715 Jun 2007
    Conference number: 12

    Publication series

    Name
    PublisherTapir Academic Press
    Number2

    Workshop

    Workshop12th International Workshop on Exploring Modeling Methods in Systems Analysis and Design, EMMSAD 2007
    Abbreviated titleEMMSAD
    CountryNorway
    CityTrondheim
    Period11/06/0715/06/07

    Keywords

    • SCS-Services
    • EWI-9623
    • IR-63987
    • METIS-241567

    Cite this