- Jason R.C. Nurse
Department of Computer Science, University of Oxford, UK
jason.nurse@cs.ox.ac.uk - Elisa Bertino
Department of Computer Science, Purdue University, USA
bertino@purdue.edu
Guest Editorial: Insider Threat Solutions – Moving from Concept to Reality
As society has embraced technology and systems to promote services, trade and ubiquitous communication, it has also inadvertently exposed itself to a plethora of security risks. One of the most significant of these risks is that of insider threat, where privileged insiders (be they employees or trusted thirdparties) within an enterprise, intentionally or inadvertently cause harm their organisations [1]. While the topic of insider threat has been examined and researched for decades [2, 3], the problem still persists, and some would even argue that it is becoming worse [4]. Could this be the result of a disconnect between approaches and solutions being researched and those that are (or can be) actually implemented? In this special issue titled, “Insider Threat Solutions: Moving from Concept to Reality”, we focus on novel systems to tackle insider threat which also provide a clear path for how they can be deployed in organisations. Our aim is to help bridge the gap between research concepts and the reality that businesses face day-to-day as they seek to prevent, detect and respond to insider attacks. This special issue includes four papers that outline novel and practical approaches to addressing the insider threat challenge. They focus on various solution perspectives, from multi-policy access control systems to formal approaches for network security policy validation. These best papers are selected from articles submitted to, and presented in, the 8th International Workshop on Managing Insider Security Threats (MIST) [3] which was held in Conjunction with ACM SIGSAC Conference on Computer and Communications Security 2016 at the Hofburg Palace, Vienna, Austria, on October 24-28, 2016. The first article, “Linear Time Algorithms to Restrict Insider Access using Multi-Policy Access Control Systems” [5], discusses an implementation of the Next Generation Access Control (NGAC) standard from the American National Standards Institute (ANSI). The main contributions of their research are: (a) being the first ever study to demonstrate the scalability of the NGAC multi-policy access control system; (b) the creation of a novel visualization approach to enable review of user object access on NGAC systems; and (c) the definition of linear time algorithms for performing access control decisions and review of user access rights.