Borrow it
Coverart for item
The Resource Data protection from insider threats, Elisa Bertino, (electronic resource)

Data protection from insider threats, Elisa Bertino, (electronic resource)

Creator
Contributor
Summary
As data represent a key asset for today's organizations, the problem of how to protect this data from theft and misuse is at the forefront of these organizations' minds. Even though today several data security techniques are available to protect data and computing infrastructures, many such techniques--such as firewalls and network security tools--are unable to protect data from attacks posed by those working on an organization's "inside." These "insiders" usually have authorized access to relevant information systems, making it extremely challenging to block the misuse of information while still allowing them to do their jobs. This book discusses several techniques that can provide effective protection against attacks posed by people working on the inside of an organization. Chapter 1 introduces the notion of insider threat and reports some data about data breaches due to insider threats. Chapter 2 covers authentication and access control techniques, and Chapter 3 shows how these general security techniques can be extended and used in the context of protection from insider threats. Chapter 4 addresses anomaly detection techniques that are used to determine anomalies in data accesses by insiders. These anomalies are often indicative of potential insider data attacks and therefore play an important role in protection from these attacks. Security information and event management (SIEM) tools and fine-grained auditing are discussed in Chapter 5. These tools aim at collecting, analyzing, and correlating--in real-time--any information and event that may be relevant for the security of an organization. As such, they can be a key element in finding a solution to such undesirable insider threats. Chapter 6 goes on to provide a survey of techniques for separation-of-duty (SoD). SoD is an important principle that, when implemented in systems and tools, can strengthen data protection from malicious insiders. However, to date, very few approaches have been proposed for implementing SoD in systems. In Chapter 7, a short survey of a commercial product is presented, which provides different techniques for protection from malicious users with system privileges--such as a DBA in database management systems. Finally, in Chapter 8, the book concludes with a few remarks and additional research directions
Language
eng
Work
Publication
Extent
1 online resource (xiii, 77 p.)
Note
Part of: Synthesis digital library of engineering and computer science
Contents
  • Acknowledgments -- 1. Introduction -- 1.1 A definition of insider threat -- 1.2 Some data about insider attacks -- 1.3 Overview of the lecture --
  • 2. Authentication -- 2.1 The auth-SL system, a system for flexible, policy-based authentication -- 2.2 Continuous authentication -- 2.3 Research directions --
  • 3. Access control -- 3.1 Access control concepts and models -- 3.2 Content-based access control -- 3.3 Time-based access control -- 3.4 Location-based access control -- 3.5 Purpose-based access control -- 3.6 Usage control -- 3.7 Tools for authoring and managing access control policies -- 3.8 Research directions --
  • 4. Anomaly detection -- 4.1 Syntax-based anomaly detection -- 4.2 Data-based anomaly detection -- 4.3 Anomaly response systems -- 4.4 Research directions --
  • 5. Security information and event management and auditing -- 5.1 Components of a SIEM tool -- 5.2 Fine-grained auditing -- 5.3 Research directions --
  • 6. Separation of duty -- 6.1 SoD for workflow systems, the BFA model -- 6.2 The joint threshold administration model -- 6.3 Proximity location constraints -- 6.4 Research directions --
  • 7. Case study, Oracle database vault -- 7.1 Realms -- 7.2 Rule sets -- 7.3 Command rules -- 7.4 Multi-factor authorization -- 7.5 Separation of duty -- 7.6 Concluding remarks --
  • 8. Conclusion -- Bibliography -- Author's biography
Isbn
9781608457694
Instance
Label
Data protection from insider threats
Title
Data protection from insider threats
Statement of responsibility
Elisa Bertino
Creator
Contributor
Provider
Subject
Genre
Language
eng
Summary
As data represent a key asset for today's organizations, the problem of how to protect this data from theft and misuse is at the forefront of these organizations' minds. Even though today several data security techniques are available to protect data and computing infrastructures, many such techniques--such as firewalls and network security tools--are unable to protect data from attacks posed by those working on an organization's "inside." These "insiders" usually have authorized access to relevant information systems, making it extremely challenging to block the misuse of information while still allowing them to do their jobs. This book discusses several techniques that can provide effective protection against attacks posed by people working on the inside of an organization. Chapter 1 introduces the notion of insider threat and reports some data about data breaches due to insider threats. Chapter 2 covers authentication and access control techniques, and Chapter 3 shows how these general security techniques can be extended and used in the context of protection from insider threats. Chapter 4 addresses anomaly detection techniques that are used to determine anomalies in data accesses by insiders. These anomalies are often indicative of potential insider data attacks and therefore play an important role in protection from these attacks. Security information and event management (SIEM) tools and fine-grained auditing are discussed in Chapter 5. These tools aim at collecting, analyzing, and correlating--in real-time--any information and event that may be relevant for the security of an organization. As such, they can be a key element in finding a solution to such undesirable insider threats. Chapter 6 goes on to provide a survey of techniques for separation-of-duty (SoD). SoD is an important principle that, when implemented in systems and tools, can strengthen data protection from malicious insiders. However, to date, very few approaches have been proposed for implementing SoD in systems. In Chapter 7, a short survey of a commercial product is presented, which provides different techniques for protection from malicious users with system privileges--such as a DBA in database management systems. Finally, in Chapter 8, the book concludes with a few remarks and additional research directions
Member of
Cataloging source
CaBNvSL
Citation source
  • Compendex
  • INSPEC
  • Google scholar
  • Google book search
http://library.link/vocab/creatorName
Bertino, Elisa
Illustrations
illustrations
Index
no index present
LC call number
QA76.9.A25
LC item number
B473 2012
Literary form
non fiction
Nature of contents
  • dictionaries
  • bibliography
http://library.link/vocab/relatedWorkOrContributorName
ebrary
Series statement
Synthesis lectures on data management,
Series volume
#28
http://library.link/vocab/subjectName
  • Data protection
  • Internal security
  • Computer security
  • Anomaly detection (Computer security)
  • COMPUTERS / Internet / Security
  • COMPUTERS / Networking / Security
  • COMPUTERS / Security / General
  • Anomaly detection (Computer security)
  • Computer security
  • Data protection
  • Internal security
Target audience
specialized
Label
Data protection from insider threats, Elisa Bertino, (electronic resource)
Instantiates
Publication
Note
Part of: Synthesis digital library of engineering and computer science
Bibliography note
Includes bibliographical references (p. 69-75)
Color
multicolored
Contents
  • Acknowledgments -- 1. Introduction -- 1.1 A definition of insider threat -- 1.2 Some data about insider attacks -- 1.3 Overview of the lecture --
  • 2. Authentication -- 2.1 The auth-SL system, a system for flexible, policy-based authentication -- 2.2 Continuous authentication -- 2.3 Research directions --
  • 3. Access control -- 3.1 Access control concepts and models -- 3.2 Content-based access control -- 3.3 Time-based access control -- 3.4 Location-based access control -- 3.5 Purpose-based access control -- 3.6 Usage control -- 3.7 Tools for authoring and managing access control policies -- 3.8 Research directions --
  • 4. Anomaly detection -- 4.1 Syntax-based anomaly detection -- 4.2 Data-based anomaly detection -- 4.3 Anomaly response systems -- 4.4 Research directions --
  • 5. Security information and event management and auditing -- 5.1 Components of a SIEM tool -- 5.2 Fine-grained auditing -- 5.3 Research directions --
  • 6. Separation of duty -- 6.1 SoD for workflow systems, the BFA model -- 6.2 The joint threshold administration model -- 6.3 Proximity location constraints -- 6.4 Research directions --
  • 7. Case study, Oracle database vault -- 7.1 Realms -- 7.2 Rule sets -- 7.3 Command rules -- 7.4 Multi-factor authorization -- 7.5 Separation of duty -- 7.6 Concluding remarks --
  • 8. Conclusion -- Bibliography -- Author's biography
Dimensions
unknown
Extent
1 online resource (xiii, 77 p.)
File format
multiple file formats
Form of item
online
Isbn
9781608457694
Isbn Type
(electronic bk.)
Other control number
10.2200/S00431ED1V01Y201207DTM028
Other physical details
ill.
Reformatting quality
access
Specific material designation
remote
Stock number
CL0500000332
System control number
  • (OCoLC)799363515
  • (OCoLC)ocn799363515
Label
Data protection from insider threats, Elisa Bertino, (electronic resource)
Publication
Note
Part of: Synthesis digital library of engineering and computer science
Bibliography note
Includes bibliographical references (p. 69-75)
Color
multicolored
Contents
  • Acknowledgments -- 1. Introduction -- 1.1 A definition of insider threat -- 1.2 Some data about insider attacks -- 1.3 Overview of the lecture --
  • 2. Authentication -- 2.1 The auth-SL system, a system for flexible, policy-based authentication -- 2.2 Continuous authentication -- 2.3 Research directions --
  • 3. Access control -- 3.1 Access control concepts and models -- 3.2 Content-based access control -- 3.3 Time-based access control -- 3.4 Location-based access control -- 3.5 Purpose-based access control -- 3.6 Usage control -- 3.7 Tools for authoring and managing access control policies -- 3.8 Research directions --
  • 4. Anomaly detection -- 4.1 Syntax-based anomaly detection -- 4.2 Data-based anomaly detection -- 4.3 Anomaly response systems -- 4.4 Research directions --
  • 5. Security information and event management and auditing -- 5.1 Components of a SIEM tool -- 5.2 Fine-grained auditing -- 5.3 Research directions --
  • 6. Separation of duty -- 6.1 SoD for workflow systems, the BFA model -- 6.2 The joint threshold administration model -- 6.3 Proximity location constraints -- 6.4 Research directions --
  • 7. Case study, Oracle database vault -- 7.1 Realms -- 7.2 Rule sets -- 7.3 Command rules -- 7.4 Multi-factor authorization -- 7.5 Separation of duty -- 7.6 Concluding remarks --
  • 8. Conclusion -- Bibliography -- Author's biography
Dimensions
unknown
Extent
1 online resource (xiii, 77 p.)
File format
multiple file formats
Form of item
online
Isbn
9781608457694
Isbn Type
(electronic bk.)
Other control number
10.2200/S00431ED1V01Y201207DTM028
Other physical details
ill.
Reformatting quality
access
Specific material designation
remote
Stock number
CL0500000332
System control number
  • (OCoLC)799363515
  • (OCoLC)ocn799363515

Subject

Genre

Member of

Library Locations

  • African Studies LibraryBorrow it
    771 Commonwealth Avenue, 6th Floor, Boston, MA, 02215, US
    42.350723 -71.108227
  • Alumni Medical LibraryBorrow it
    72 East Concord Street, Boston, MA, 02118, US
    42.336388 -71.072393
  • Astronomy LibraryBorrow it
    725 Commonwealth Avenue, 6th Floor, Boston, MA, 02445, US
    42.350259 -71.105717
  • Fineman and Pappas Law LibrariesBorrow it
    765 Commonwealth Avenue, Boston, MA, 02215, US
    42.350979 -71.107023
  • Frederick S. Pardee Management LibraryBorrow it
    595 Commonwealth Avenue, Boston, MA, 02215, US
    42.349626 -71.099547
  • Howard Gotlieb Archival Research CenterBorrow it
    771 Commonwealth Avenue, 5th Floor, Boston, MA, 02215, US
    42.350723 -71.108227
  • Mugar Memorial LibraryBorrow it
    771 Commonwealth Avenue, Boston, MA, 02215, US
    42.350723 -71.108227
  • Music LibraryBorrow it
    771 Commonwealth Avenue, 2nd Floor, Boston, MA, 02215, US
    42.350723 -71.108227
  • Pikering Educational Resources LibraryBorrow it
    2 Silber Way, Boston, MA, 02215, US
    42.349804 -71.101425
  • School of Theology LibraryBorrow it
    745 Commonwealth Avenue, 2nd Floor, Boston, MA, 02215, US
    42.350494 -71.107235
  • Science & Engineering LibraryBorrow it
    38 Cummington Mall, Boston, MA, 02215, US
    42.348472 -71.102257
  • Stone Science LibraryBorrow it
    675 Commonwealth Avenue, Boston, MA, 02445, US
    42.350103 -71.103784

Library Links

Zepheira Logo
Structured data from the Bibframe namespace is licensed under the Creative Commons Attribution 4.0 International License by Boston University Libraries. Additional terms may apply to data associated with third party namespaces.
Processing Feedback ...