Composite Role-Based Monitoring (CRBM) for countering insider threats

Joon S. Park, Shuyuan Mary Ho

Research output: Chapter in Book/Report/Conference proceedingChapter

14 Scopus citations

Abstract

Through their misuse of authorized privileges, insiders have caused great damage and loss to corporate internal information assets, especially within the Intelligence Community (IC). Intelligence management has faced increasing complexities of delegation and granular protection as more corporate entities have worked together in a dynamic collaborative environment. We have been confronted by the issue of how to share and simultaneously guard information assets from one another. Although many existing security approaches help to counter insiders' unlawful behavior, it is still found at a preliminary level. Efficiently limiting internal resources to privileged insiders remains a challenge today. In this paper we introduce the CRBM (Composite Role-Based Monitoring) approach by extending the current role-based access control (RBAC) model to overcome its limitations in countering insider threats. CRBM not only inherits the RBAC's advantages, such as scalable administration, least privilege, and separation of duties, but also provides scalable and reusable mechanisms to monitor insiders' behavior in organizations, applications, and operating systems based on insiders' current tasks.

Original languageEnglish (US)
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
EditorsHsinchun Chen, Daniel D. Zeng, Reagan Moore, John Leavitt
PublisherSpringer Verlag
Pages201-213
Number of pages13
ISBN (Electronic)9783540221258
DOIs
StatePublished - 2004

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3073
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Composite Role-Based Monitoring (CRBM) for countering insider threats'. Together they form a unique fingerprint.

Cite this