Florian Kammueller (from Middlesex University) is visiting the Scale team from April 22 to April 25
Subject of the talk: Invalidating Policies using Structural Information
Abstract:
Insider threats are a major threat to many organisations. Even
worse, insider attacks are usually hard to detect, especially if an
attack is based on actions that the attacker has the right to
perform. In this paper we present a step towards detecting the risk
for this kind of attacks by invalidating policies using structural
information of the organisational model. Based on this structural
information and a description of the organisation’s policies, our
approach invalidates the policies and identifies exemplary sequences
of actions that lead to a violation of the policy in question. Based
on these examples, the organisation can identify real attack vectors
that might result in an insider attack. This information can be used
to refine access control system or policies.
