all InfoSec news
An Insider Threat Mitigation Framework Using Attribute Based Access Control. (arXiv:2305.19477v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Insider Threat is a significant and potentially dangerous security issue in
corporate settings. It is difficult to mitigate because, unlike external
threats, insiders have knowledge of an organization's access policies, access
hierarchy, access protocols, and access scheduling. Several approaches to
reducing insider threat have been proposed in the literature. However, the
integration of access control and moving target defense (MTD) for deceiving
insiders has not been adequately discussed. In this paper, we combine MTD,
deception, and attribute-based access control to …
access access control access scheduling attribute based access control control corporate external framework hierarchy insider insiders insider threat issue knowledge mitigation organization policies protocols security settings threat threat mitigation threats