Mitigating Inadvertent Insider Threats With Incentives
Source: Indiana University
Inadvertent insiders are trusted insiders who do not have malicious intent (as with malicious insiders) but do not responsibly managing security. The result is often enabling a malicious outsider to use the privileges of the inattentive insider to implement an insider attack. This risk is as old as conversion of a weak user password into root access, but the term inadvertent insider is recently coined to identify the link between the behavior and the vulnerability. In this paper, the authors propose to mitigate this threat using a novel risk budget mechanism that offers incentives to an insider to behave according to the risk posture set by the organization.
| Format: | Size: | 482.60 | |
| Date: | Jan 2009 |
People who downloaded this item also downloaded
- Magic Quadrant for Wireless LAN Infrastructure (Global)
- Understanding Linux Deployment Strategies: The Business Case for Standardizing on Red Hat Enterprise Linux
- Towards Achieving Accountability, Auditability and Trust in Cloud Computing
- Analysis of the Characteristics and Trusted Security of Cloud Computing
- Insider Threats, Privileged User Abuse and Mitigation Techniques
