Link to the University of Pittsburgh Homepage
Link to the University Library System Homepage Link to the Contact Us Form
D-Scholarship @ Pitt Banner and Links to Homepage

A trust-and-risk aware RBAC framework: Tackling insider threat

Baracaldo, N and Joshi, J (2012) A trust-and-risk aware RBAC framework: Tackling insider threat. In: UNSPECIFIED.

[img] Plain Text (licence)
Available under License : See the attached license file.
Download (1kB)

Abstract

Insider Attacks are one of the most dangerous threats organizations face today. An insider attack occurs when a person authorized to perform certain actions in an organization decides to abuse the trust, and harm the organization. These attacks may negatively impact the reputation of the organization, its productivity, and may produce losses in revenue and clients. Avoiding insider attacks is a daunting task. While it is necessary to provide privileges to employees so they can perform their jobs efficiently, providing too many privileges may backfire when users accidentally or intentionally abuse their privileges. Hence, finding a middle ground, where the necessary privileges are provided and malicious usage are avoided, is necessary. In this paper, we propose a framework that extends the role-based access control (RBAC) model by incorporating a risk assessment process, and the trust the system has on its users. Our framework adapts to suspicious changes in users' behavior by removing privileges when users' trust falls below a certain threshold. This threshold is computed based on a risk assessment process that includes the risk due to inference of unauthorized information. We use a Coloured-Petri net to detect inferences. We also redefine the existing role activation problem, and propose an algorithm that reduces the risk exposure. We present experimental evaluation to validate our work. Copyright 2012 ACM.

Share

Citation/Export:
Social Networking:
Share |

Details

Item Type: Conference or Workshop Item (UNSPECIFIED)
Status: Published
Creators/Authors:
CreatorsEmailPitt UsernameORCID
Baracaldo, N
Joshi, Jjjoshi@pitt.eduJJOSHI0000-0003-4519-9802
Date: 25 July 2012
Date Type: Publication
Access Restriction: No restriction; Release the ETD for access worldwide immediately.
Journal or Publication Title: Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
Page Range: 167 - 176
Event Type: Conference
DOI or Unique Handle: 10.1145/2295136.2295168
Institution: University of Pittsburgh
Schools and Programs: School of Information Sciences > Information Science
Refereed: Yes
ISBN: 9781450312950
Date Deposited: 08 Aug 2012 15:42
Last Modified: 01 May 2020 12:55
URI: http://d-scholarship.pitt.edu/id/eprint/13459

Metrics

Monthly Views for the past 3 years

Plum Analytics

Altmetric.com

Actions (login required)

View Item View Item