Segregation-of-duties conflicts in the insider threat landscape: an overview and case study
Contribuinte(s) |
Shaw, P. |
---|---|
Data(s) |
01/01/2015
|
Resumo |
Many insider attacks originate from misuse of privileges granted by organizations to their internal employees, contractors or third-party service providers. A fundamental means of ensuring that conflicts of privilege cannot occur is to segregate role allocations in order to ensure that no individual can perform a task from beginning to end. In this paper, we provide background on insider attacks in connection with conflicts in Segregation of Duties, and present the current strategies for preventing and detecting such conflicts. To illustrate how a conflict can occur and what can result, we present an in-depth case study demonstrating a conflict in Segregation of Dutiesin an organization, along with the consequent fraud, and we discuss how it might have been prevented. |
Identificador | |
Idioma(s) |
eng |
Publicador |
Atlantis Press |
Relação |
http://dro.deakin.edu.au/eserv/DU:30078512/li-segregationof-2015.pdf http://dro.deakin.edu.au/eserv/DU:30078512/li-segregationof-evid-2015.pdf http://www.dx.doi.org/10.2991/ermm-15.2015.96 |
Direitos |
2015, Atlantic Press |
Palavras-Chave | #Social Sciences #Education & Educational Research #Social Sciences, Interdisciplinary #Social Sciences - Other Topics #insider threats #segregation-of-duties #SoD #misuse of privileges |
Tipo |
Conference Paper |