Research and Development Initiatives Focused on Preventing, Detecting, and Responding to Insider Misuse of Critical Defense Information Systems

by Robert H. Anderson

View related products

Download

Download eBook for Free

FormatFile SizeNotes
PDF file 0.1 MB

Use Adobe Acrobat Reader version 7.0 or higher for the best experience.

Purchase

Purchase This Item

 FormatList Price Price
Add to Cart paperback43 pages $23.00 $18.40 20% Web Discount

Abstract

It is widely acknowledged that "insider misuse" is one of the major threats to (and obstacles to achieving) defense information system security. To combat such misuse, the Office of the Assistant Secretary of Defense (Command, Control, Communications, and Information) has requested that workshops be conducted to develop recommendations on mitigating insider threats and reducing information system vulnerabilities. These conference proceedings report on one such workshop, which included input from military officials, researchers, and industry participants. The workshop's main purpose was to propose technical research initiatives regarding how to identify threats and vulnerabilities, how to prevent such threats through security controls, how to detect that misuse has occurred, and how best to respond to such misuse. The workshop participants also identified the need for policies and procedures including (1) a clear definition of "insider," (2) guidance from legal and law enforcement communities regarding the attribution, collection, maintenance, processing, and storage of data to permit proper forensic analysis and trails that lead to appropriate legal prosecution, (3) cost/benefit analyses that will help determine the true value of new security procedures, (4) technology transfer plans, and (5) support for multiple, diverse, concurrent security approaches.

This workshop was cosponsored by RAND's National Security Research Division.

This report is part of the RAND Corporation conference proceeding series. RAND conference proceedings present a collection of papers delivered at a conference or a summary of the conference.

Permission is given to duplicate this electronic document for personal use only, as long as it is unaltered and complete. Copies may not be duplicated for commercial purposes. Unauthorized posting of RAND PDFs to a non-RAND Web site is prohibited. RAND PDFs are protected under copyright law. For information on reprint and linking permissions, please visit the RAND Permissions page.

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.