Link to the University of Pittsburgh Homepage
Link to the University Library System Homepage Link to the Contact Us Form

A Trust-and-Risk Aware RBAC Framework: Tackling Insider Threat

Baracaldo, Nathalie and Joshi, James B.D. (2012) A Trust-and-Risk Aware RBAC Framework: Tackling Insider Threat. In: SACMAT '12: Proceedings of the 17th ACM symposium on Access Control Models and Technologies, 20 June 2012 - 22 June 2012, Newark, New Jersey, USA.

[img] Plain Text (licence)
Available under License : See the attached license file.

Download (1kB)

Abstract

Insider Attacks are one of the most dangerous threats or- ganizations face today. An insider attack occurs when a person authorized to perform certain actions in an organi- zation decides to abuse the trust, and harm the organization. These attacks may negatively impact the reputation of the organization, its productivity, and may produce losses in revenue and clients. Avoiding insider attacks is a daunting task. While it is necessary to provide privileges to employees so they can perform their jobs efficiently, providing too many privileges may backfire when users accidentally or intentionally abuse their privileges. Hence, finding a middle ground, where the necessary privileges are provided and malicious usage are avoided, is necessary. In this paper, we propose a framework that extends the role-based access control (RBAC) model by incorporating a risk assessment process, and the trust the system has on its users. Our framework adapts to suspicious changes in users' behavior by removing privileges when users' trust falls below a certain threshold. This threshold is computed based on a risk assessment process that includes the risk due to inference of unauthorized information. We use a Coloured-Petri net to detect inferences. We also redefine the existing role activation problem,and propose an algorithm that reduces the risk exposure. We present experimental evaluation to validate our work.


Share

Citation/Export:
Social Networking:
Share |

Details

Item Type: Conference or Workshop Item (Paper)
Status: Published
Creators/Authors:
CreatorsEmailPitt UsernameORCID
Baracaldo, Nathalie
Joshi, James B.D.jjoshi@pitt.eduJJOSHI
Date: 2012
Date Type: Publication
Access Restriction: No restriction; Release the ETD for access worldwide immediately.
Publisher: ACM
Page Range: 167 - 176
Event Title: SACMAT '12: Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Event Dates: 20 June 2012 - 22 June 2012
Event Type: Conference
DOI or Unique Handle: 10.1145/2295136.2295168
Institution: University of Pittsburgh
Schools and Programs: School of Information Sciences > Information Science
Refereed: Yes
Official URL: http://doi.acm.org/10.1145/2295136.2295168
Date Deposited: 08 Aug 2012 15:42
Last Modified: 01 Nov 2017 12:58
URI: http://d-scholarship.pitt.edu/id/eprint/13459

Metrics

Monthly Views for the past 3 years

Plum Analytics

Altmetric.com


Actions (login required)

View Item View Item