NotesFAQContact Us
Collection
Advanced
Search Tips
ERIC Number: ED517352
Record Type: Non-Journal
Publication Date: 2010
Pages: 237
Abstractor: As Provided
Reference Count: 0
ISBN: ISBN-978-1-1097-3736-3
ISSN: N/A
The Insider Threat Security Architecture: An Integrated, Inseparable, and Uninterrupted Self-Protection Autonomic Framework
Jabbour, Ghassan
ProQuest LLC, Ph.D. Dissertation, George Mason University
The increasing proliferation of globally interconnected complex information systems has elevated the magnitude of attacks and the level of damage that they inflict on such systems. This open environment of intertwined financial, medical, defense, and other systems has attracted hackers to increase their malicious activities to cause harm or to gain unlawful access. However, with the rise of such a problem came the proliferation of a plethora of software tools that claim to solve the problem. A wide variety of software monitoring tools has been deployed to protect against unauthorized access to systems. But, one facet of the problem had been overlooked. Until recently, little or nothing had been done to address the attacks that originate from within the organization. The insider threat did not generally mean much to the organization, specifically to the guardians of its computing infrastructure. In fact, it is the norm to entrust the information system infrastructure to the system and database administrators. But, unfortunately things have changed. The insider, who was always trusted to do what was in the best interest of the organization, is now becoming the one who is, in many cases, harming the organization. News media have reported numerous stories about attacks by insiders and the damage that they caused. As the insider threat problem started to get recognized, software vendors started to design and deploy new protection systems to address this challenge. However, all of these newly designed approaches have failed, so far, to provide a self-protection mechanism that is innate to the system that is being protected. The premise of this dissertation is based on the notion that providing an uninterruptable autonomic self-protection mechanism that is totally integrated into and inseparable from the computing system that is being protected is critical to ensuring continuous and unconditional protection. This approach to designing system defense mechanisms ensures a solid mitigation to the threat, and an affordable, and assured compliance with system security requirements and government imposed regulations. This dissertation presents solid evidence that demonstrates the seriousness, risk, and malice of security attacks by insiders. Then, it presents the Insider Threat Security Architecture (ITSA) framework and describes its various components. It describes security breach scenarios where privileged users can compromise the computing system that they are entrusted with protecting; then, it shows how the same scenarios can be mitigated under the ITSA framework. The dissertation details the foundational premise that the ITSA framework is built upon. It draws the distinction between the proposed approach and the traditional most common approaches to providing system protection. It emphasizes the unquestionable importance of making the self-protection mechanism as an integral part of the core components of the system that is being protected. A proof-of-concept prototype of the ITSA framework was used by skilled database administrators and security professionals of one of the most security sensitive agencies of the US government. They all found ITSA to be capable of countering the threats that were possible under an equivalent system not protected by ITSA. [The dissertation citations contained here are published with the permission of ProQuest LLC. Further reproduction is prohibited without permission. Copies of dissertations may be obtained by Telephone (800) 1-800-521-0600. Web page: http://www.proquest.com/en-US/products/dissertations/individuals.shtml.]
ProQuest LLC. 789 East Eisenhower Parkway, P.O. Box 1346, Ann Arbor, MI 48106. Tel: 800-521-0600; Web site: http://www.proquest.com/en-US/products/dissertations/individuals.shtml
Publication Type: Dissertations/Theses - Doctoral Dissertations
Education Level: N/A
Audience: N/A
Language: English
Sponsor: N/A
Authoring Institution: N/A