Invalidating policies using structural information

Florian Kammüller, Christian W. Probst

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    27 Citations (Scopus)
    9 Downloads (Pure)


    Insider threats are a major threat to many organisations. Even worse, insider attacks are usually hard to detect, especially if an attack is based on actions that the attacker has the right to perform. In this paper we present a step towards detecting the risk for this kind of attacks by invalidating policies using structural information of the organisational model. Based on this structural information and a description of the organisation’s policies, our approach invalidates the policies and identifies exemplary sequences of actions that lead to a violation of the policy in question. Based on these examples, the organisation can identify real attack vectors that might result in an insider attack. This information can be used to refine access control system or policies.
    Original languageEnglish
    Title of host publicationIEEE Security and Privacy Workshops (SPW 2013)
    Place of PublicationLos Alamitos, CA, USA
    PublisherIEEE Computer Society
    Number of pages6
    ISBN (Print)978-1-4799-0458-7
    Publication statusPublished - May 2013
    EventIEEE Security and Privacy Workshops, SPW 2013 - San Francisco, United States
    Duration: 23 May 201324 May 2013


    WorkshopIEEE Security and Privacy Workshops, SPW 2013
    Country/TerritoryUnited States
    CitySan Francisco


    • EC Grant Agreement nr.: FP7/2007-2013
    • EC Grant Agreement nr.: FP7/318003
    • Policies
    • Insider threats
    • Formal methods


    Dive into the research topics of 'Invalidating policies using structural information'. Together they form a unique fingerprint.

    Cite this