{"title":"在不限制并发未声明任务可用性的情况下减轻内部威胁","authors":"Qussai M. Yaseen, B. Panda","doi":"10.1109/SERE.2012.36","DOIUrl":null,"url":null,"abstract":"Insider threat is a critical problem due to the immense harm that it poses to organizations. This paper investigates this problem in relational database systems. Generally, defending systems against insider threat may require rejecting insiders' requests to access some data items. The paper focuses on preventing unauthorized knowledge acquisition by insiders in concurrent undeclared tasks, where a task is executed as one operation at a time instead of a batch of operations, without affecting the availability of data items. It proposes approaches to predict the complete operations of undeclared tasks, and then, to organize the operations in a safe sequence that prevents the possible threat of insiders without rejecting any request. Theorems, proofs and simulations are provided to show the effectiveness of the proposed approaches.","PeriodicalId":191716,"journal":{"name":"2012 IEEE Sixth International Conference on Software Security and Reliability","volume":"38 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Mitigating Insider Threat without Limiting the Availability in Concurrent Undeclared Tasks\",\"authors\":\"Qussai M. Yaseen, B. Panda\",\"doi\":\"10.1109/SERE.2012.36\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Insider threat is a critical problem due to the immense harm that it poses to organizations. This paper investigates this problem in relational database systems. Generally, defending systems against insider threat may require rejecting insiders' requests to access some data items. The paper focuses on preventing unauthorized knowledge acquisition by insiders in concurrent undeclared tasks, where a task is executed as one operation at a time instead of a batch of operations, without affecting the availability of data items. It proposes approaches to predict the complete operations of undeclared tasks, and then, to organize the operations in a safe sequence that prevents the possible threat of insiders without rejecting any request. Theorems, proofs and simulations are provided to show the effectiveness of the proposed approaches.\",\"PeriodicalId\":191716,\"journal\":{\"name\":\"2012 IEEE Sixth International Conference on Software Security and Reliability\",\"volume\":\"38 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-06-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 IEEE Sixth International Conference on Software Security and Reliability\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SERE.2012.36\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE Sixth International Conference on Software Security and Reliability","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERE.2012.36","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Mitigating Insider Threat without Limiting the Availability in Concurrent Undeclared Tasks
Insider threat is a critical problem due to the immense harm that it poses to organizations. This paper investigates this problem in relational database systems. Generally, defending systems against insider threat may require rejecting insiders' requests to access some data items. The paper focuses on preventing unauthorized knowledge acquisition by insiders in concurrent undeclared tasks, where a task is executed as one operation at a time instead of a batch of operations, without affecting the availability of data items. It proposes approaches to predict the complete operations of undeclared tasks, and then, to organize the operations in a safe sequence that prevents the possible threat of insiders without rejecting any request. Theorems, proofs and simulations are provided to show the effectiveness of the proposed approaches.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
