Understanding the Insider Threat: Proceedings of a March 2004 Workshop (Conference Proceedings / Rand Corporation)
معرفی کتاب «Understanding the Insider Threat: Proceedings of a March 2004 Workshop (Conference Proceedings / Rand Corporation)» نوشتهٔ Richard C. Brackney; Robert Helms Anderson، منتشرشده توسط نشر RAND Corporation در سال 2005. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
Reports the results of a workshop on ensuring to the security of information againist malevolent actions by insiders in the intelligence community with access to sensitive information and information systems. Perhaps the greatest threat that the intelligence community (IC) must address in the area of information assurance is the "insider threat"--Malevolent (or possibly inadvertent) actions by an already trusted person with access to sensitive information and information systems. This document reports the results of a workshop that brought together IC members with specific knowledge of IC document management systems and IC business practices; persons with knowledge of insider attackers, both within and outside the IC; and researchers involved in developing technology to counter insider threats. Plenary and breakout sessions discussed various aspects of the problem, including intelligence community system models, vulnerabilities and exploits, attacker models, and event characterization. Participants listed the following challenges: defining an effective way of monitoring what people do with their cyber access; developing policies and procedures to create as bright a line as possible between allowed and disallowed behaviors; considering sociological and psychological factors and creating better cooperation between information systems personnel and human resources personnel; and combining events from one or more sensors (possibly of various types or different levels of abstraction) to facilitate building systems that test hypotheses about malicious insider activity. Workshop members also considered what databases would aid in this research if they were available Reports the results of a workshop on the problems of ensuring the security of information against malevolent actions by insiders in the intelligence community (IC) with access to sensitive information and information systems. Attendees discussed community system models, vulnerabilities and exploits, attacker models, and event characterization, and discussed databases that would aid them in their work Preliminaries......Page 1 Preface......Page 4 Contents......Page 6 Introduction......Page 24 IC System Models......Page 28 Vulnerabilities and Exploits......Page 34 Attacker Models......Page 44 Event Characterization......Page 52 APPENDIX......Page 62 Bibliogrpahy......Page 136 The operations and analyses of the United States intelligence community (IC) are based heavily on a set of information systems and networks containing extremely sensitive information. Richard C. Brackney, Robert H. Anderson. Cf-196-arda--p. [4] Of Cover. Prepared For The Advanced Research And Development Activity. Includes Bibliographical References (p. 113).
دانلود کتاب Understanding the Insider Threat: Proceedings of a March 2004 Workshop (Conference Proceedings / Rand Corporation)