Lawrence Berkeley National Laboratory
Case studies of an insider framework
- Author(s): Bishop, M
- Engle, S
- Peisert, S
- Whalen, S
- Gates, C
- et al.
Published Web Locationhttps://doi.org/10.1109/HICSS.2009.104
Much of the literature on insider threat assumes, explicitly or implicitly, a binary, perimeter-based notion of an insider. However, it is generally accepted that this notion is unrealistic. The Attribute-Based Group Access Control (ABGAC) framework is a generalization of Role-Based Access Control (RBAC) which allows us to define a non-binary notion of "insiderness". In this paper, we illustrate how to use AB-GAC to perform insider threat analysis of high-risk resources with three case studies. This precise yet flexible identification of high-risk resources and associated insiders allows organizations to understand where to target efforts towards defending against the insider problem. © 2009 IEEE.