期刊名称:Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications
印刷版ISSN:2093-5374
电子版ISSN:2093-5382
出版年度:2011
卷号:2
期号:1
页码:1-3
出版社:Innovative Information Science & Technology Research Group
摘要:Insider threats are one of the problems of organizational security that are most difficult to handle. It is often unclear whether or not an actor is an insider, or what we actually mean by "insider". It also is often impossible to determine whether an insider action is permissible, or whether it constitutes an insider attack. From a technical standpoint, the biggest concern is the discrimination between legal insider actions representing a threat, and legal insider actions representing normal work. This is where many of the standard techniques fail, since they require a clear separation between insiders and outsiders, between "good" employees and attackers. A successful defense against insider threats must therefore not only consider technical approaches, it must also integrate sociological and socio-technical approaches to help identifying insider threats
