Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ISSA
2004
2004
A Framework For Monitoring Insider Misuse Of It Applications
Many security incidents involve legitimate users who misuse their existing privileges, such that they have the system-level right to perform an action, but not the moral or ethical rights to do so. Current Intrusion Detection Systems are ineffective in this context, because they do not have knowledge of user responsibilities, the normal working scope for a particular position, or the separation of duties that should be enforced. This paper outlines a novel framework for solving the problem of insider misuse monitoring. The approach argues that users with similar roles and responsibilities will exhibit similar behaviour within the system, enabling any activity that deviates from the normal profile to be flagged for further examination. Established access control principles are utilised for defining user roles, and the relationships between them, and a misuse-monitoring agent is proposed that will police application-level activities for signs of unauthorised behaviour. Practical impleme...
Real-time Traffic| Added | 31 Oct 2010 |
| Updated | 31 Oct 2010 |
| Type | Conference |
| Year | 2004 |
| Where | ISSA |
| Authors | Aung Htike Phyo |
Comments (0)
Researcher Info
|
