PKK Library

Your cart is empty.

Welcome to P K Kelkar Library, Online Public Access Catalogue (OPAC)

Normal view MARC view ISBD view

Data protection from insider threats

By: Bertino, Elisa.
Material type: materialTypeLabelBookSeries: Synthesis digital library of engineering and computer science: ; Synthesis lectures on data management: # 28.Publisher: San Rafael, Calif. (1537 Fourth Street, San Rafael, CA 94901 USA) : Morgan & Claypool, c2012Description: 1 electronic text (xiii, 77 p.) : ill., digital file.ISBN: 9781608457694 (electronic bk.).Subject(s): Data protection | Internal security | Computer security | Anomaly detection (Computer security) | data security | data privacy | authentication | access control | anomaly detection | separation of-dutyDDC classification: 005.8 Online resources: Abstract with links to resource Also available in print.
Contents:
Acknowledgments -- 1. Introduction -- 1.1 A definition of insider threat -- 1.2 Some data about insider attacks -- 1.3 Overview of the lecture --
2. Authentication -- 2.1 The auth-SL system, a system for flexible, policy-based authentication -- 2.2 Continuous authentication -- 2.3 Research directions --
3. Access control -- 3.1 Access control concepts and models -- 3.2 Content-based access control -- 3.3 Time-based access control -- 3.4 Location-based access control -- 3.5 Purpose-based access control -- 3.6 Usage control -- 3.7 Tools for authoring and managing access control policies -- 3.8 Research directions --
4. Anomaly detection -- 4.1 Syntax-based anomaly detection -- 4.2 Data-based anomaly detection -- 4.3 Anomaly response systems -- 4.4 Research directions --
5. Security information and event management and auditing -- 5.1 Components of a SIEM tool -- 5.2 Fine-grained auditing -- 5.3 Research directions --
6. Separation of duty -- 6.1 SoD for workflow systems, the BFA model -- 6.2 The joint threshold administration model -- 6.3 Proximity location constraints -- 6.4 Research directions --
7. Case study, Oracle database vault -- 7.1 Realms -- 7.2 Rule sets -- 7.3 Command rules -- 7.4 Multi-factor authorization -- 7.5 Separation of duty -- 7.6 Concluding remarks --
8. Conclusion -- Bibliography -- Author's biography.
Abstract: As data represent a key asset for today's organizations, the problem of how to protect this data from theft and misuse is at the forefront of these organizations' minds. Even though today several data security techniques are available to protect data and computing infrastructures, many such techniques--such as firewalls and network security tools--are unable to protect data from attacks posed by those working on an organization's "inside." These "insiders" usually have authorized access to relevant information systems, making it extremely challenging to block the misuse of information while still allowing them to do their jobs. This book discusses several techniques that can provide effective protection against attacks posed by people working on the inside of an organization. Chapter 1 introduces the notion of insider threat and reports some data about data breaches due to insider threats. Chapter 2 covers authentication and access control techniques, and Chapter 3 shows how these general security techniques can be extended and used in the context of protection from insider threats. Chapter 4 addresses anomaly detection techniques that are used to determine anomalies in data accesses by insiders. These anomalies are often indicative of potential insider data attacks and therefore play an important role in protection from these attacks. Security information and event management (SIEM) tools and fine-grained auditing are discussed in Chapter 5. These tools aim at collecting, analyzing, and correlating--in real-time--any information and event that may be relevant for the security of an organization. As such, they can be a key element in finding a solution to such undesirable insider threats. Chapter 6 goes on to provide a survey of techniques for separation-of-duty (SoD). SoD is an important principle that, when implemented in systems and tools, can strengthen data protection from malicious insiders. However, to date, very few approaches have been proposed for implementing SoD in systems. In Chapter 7, a short survey of a commercial product is presented, which provides different techniques for protection from malicious users with system privileges--such as a DBA in database management systems. Finally, in Chapter 8, the book concludes with a few remarks and additional research directions.
    average rating: 0.0 (0 votes)
Item type Current location Call number Status Date due Barcode Item holds
E books E books PK Kelkar Library, IIT Kanpur
Available EBKE420
Total holds: 0

Mode of access: World Wide Web.

System requirements: Adobe Acrobat Reader.

Part of: Synthesis digital library of engineering and computer science.

Series from website.

Includes bibliographical references (p. 69-75).

Acknowledgments -- 1. Introduction -- 1.1 A definition of insider threat -- 1.2 Some data about insider attacks -- 1.3 Overview of the lecture --

2. Authentication -- 2.1 The auth-SL system, a system for flexible, policy-based authentication -- 2.2 Continuous authentication -- 2.3 Research directions --

3. Access control -- 3.1 Access control concepts and models -- 3.2 Content-based access control -- 3.3 Time-based access control -- 3.4 Location-based access control -- 3.5 Purpose-based access control -- 3.6 Usage control -- 3.7 Tools for authoring and managing access control policies -- 3.8 Research directions --

4. Anomaly detection -- 4.1 Syntax-based anomaly detection -- 4.2 Data-based anomaly detection -- 4.3 Anomaly response systems -- 4.4 Research directions --

5. Security information and event management and auditing -- 5.1 Components of a SIEM tool -- 5.2 Fine-grained auditing -- 5.3 Research directions --

6. Separation of duty -- 6.1 SoD for workflow systems, the BFA model -- 6.2 The joint threshold administration model -- 6.3 Proximity location constraints -- 6.4 Research directions --

7. Case study, Oracle database vault -- 7.1 Realms -- 7.2 Rule sets -- 7.3 Command rules -- 7.4 Multi-factor authorization -- 7.5 Separation of duty -- 7.6 Concluding remarks --

8. Conclusion -- Bibliography -- Author's biography.

Abstract freely available; full-text restricted to subscribers or individual document purchasers.

Compendex

INSPEC

Google scholar

Google book search

As data represent a key asset for today's organizations, the problem of how to protect this data from theft and misuse is at the forefront of these organizations' minds. Even though today several data security techniques are available to protect data and computing infrastructures, many such techniques--such as firewalls and network security tools--are unable to protect data from attacks posed by those working on an organization's "inside." These "insiders" usually have authorized access to relevant information systems, making it extremely challenging to block the misuse of information while still allowing them to do their jobs. This book discusses several techniques that can provide effective protection against attacks posed by people working on the inside of an organization. Chapter 1 introduces the notion of insider threat and reports some data about data breaches due to insider threats. Chapter 2 covers authentication and access control techniques, and Chapter 3 shows how these general security techniques can be extended and used in the context of protection from insider threats. Chapter 4 addresses anomaly detection techniques that are used to determine anomalies in data accesses by insiders. These anomalies are often indicative of potential insider data attacks and therefore play an important role in protection from these attacks. Security information and event management (SIEM) tools and fine-grained auditing are discussed in Chapter 5. These tools aim at collecting, analyzing, and correlating--in real-time--any information and event that may be relevant for the security of an organization. As such, they can be a key element in finding a solution to such undesirable insider threats. Chapter 6 goes on to provide a survey of techniques for separation-of-duty (SoD). SoD is an important principle that, when implemented in systems and tools, can strengthen data protection from malicious insiders. However, to date, very few approaches have been proposed for implementing SoD in systems. In Chapter 7, a short survey of a commercial product is presented, which provides different techniques for protection from malicious users with system privileges--such as a DBA in database management systems. Finally, in Chapter 8, the book concludes with a few remarks and additional research directions.

Also available in print.

Title from PDF t.p. (viewed on July 14, 2012).

There are no comments for this item.

Log in to your account to post a comment.

Powered by Koha