Document Information
Research on Mitigating the Insider Threat to Information Systems - #2
Proceedings of a Workshop Held August, 2000
This is the second in a series of conference reports on the topic of R&D initiatives to mitigate and thwart the insider threat to critical U.S. defense and infrastructure information systems. (The first conference, held August 1999, is reported on in RAND/CF-151-OSD.) This August 2000 workshop's three main focus areas were long-term (2-5 year) research challenges and goals toward mitigating the insider threat; developing insider threat models; and developing near-term solutions using commercial off-the-shelf(COTS) and government off-the-shelf (GOTS) products. The long-term research recommendations stressed the need to develop an underlying system architecture designed explicitly with security and survivability in mind (unlike essentially all operating systems and network architectures in use today). Other topics included R&D needed on differential access controls, means of recording and saving the provenance of a digital document, and dealing with the increasing use of mobile code (e.g., in the form of applets, viruses, worms, or macros) in complex information systems. The report also contains a number of recommendations regarding the purposes and design of models of insider behavior, and near-term recommendations for helping to prevent, discover, and mitigate the threat ofinsider misuse of information systems.
See Also:
Support RAND Research — Buy This Product!
Paperback Cover Price: $35.00
Discounted Web Price: $31.50
Pages: 134
ISBN/EAN: 0-8330-2962-2
Free, downloadable PDF file(s) are available below.
RAND makes an electronic version of this document available for free as a public service. If you find this information valuable, please consider purchasing a paper copy of the full document to help support RAND research.
Use Adobe Acrobat Reader version 7.0 or higher for the best experience.
Contents
Preface
Figures and Tables
Summary
List of Symbols
Chapter 1:
Background
Chapter 2:
Long-Term (2-5 Yr.) Research Challenges and Goals
Chapter 3:
Insider Threat Models
Chapter 4:
Near-Term Solutions
Chapter 5:
Concluding Remarks
Appendix A:
An Insider Threat Model for Model Adversaries
Appendix B:
An Insider Threat Model for Adversary Simulation
Appendix C:
Modeling Behavior of the Cyber-Terrorist
Appendix D:
Can Technology Reduce the Insider Threat?
Appendix E:
The Insider Threat to Information Systems
Appendix F:
The Insider Espionage Threat
Appendix G:
Insider Threat - A Theoretical Model
Appendix H:
Information Assurance Cyberecology
Chapter I:
Workshop Agenda
Appendix J:
Workshop Participants
References
The study was under the auspices of RAND's National Security Research Division.
This product is part of the RAND Corporation conference proceedings series. RAND conference proceedings present a collection of papers delivered at a conference or a summary of the conference. The material herein has been vetted by the conference attendees and both the introduction and the post-conference material have been reviewed and approved for publication by the sponsoring research unit at RAND.
Permission is given to duplicate this electronic document for personal use only, as long as it is unaltered and complete. Copies may not be duplicated for commercial purposes. Unauthorized posting of RAND PDFs to a non-RAND Web site is prohibited. RAND PDFs are protected under copyright law. For information on reprint and linking permissions, please visit the RAND Permissions page.
The RAND Corporation is a nonprofit research organization providing objective analysis and effective solutions that address the challenges facing the public and private sectors around the world. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.
* RAND research is conducted across divisions, centers, and projects; these organizational components are represented in the "Related RAND Divisions" section above.
Top
RAND® is a registered trademark. Copyright © 1994-2008 RAND Corporation. 