Addressing the insider threat
Computers have come to play a major role in the processing of information vital to our national security. As we grow more dependent on computers, we also become more vulnerable to their misuse. Misuse may be accidental, or may occur deliberately for purposes of personal gain, espionage, terrorism, or revenge. While it is difficult to obtain exact statistics on computer misuse, clearly it is growing. It is also clear that insiders -- authorized system users -- are responsible for most of this increase. Unfortunately, their insider status gives them a greater potential for harm This paper takes an asset-based approach to the insider threat. We begin by characterizing the insider and the threat posed by variously motivated insiders. Next, we characterize the asset of concern: computerized information of strategic or economic value. We discuss four general ways in which computerized information is vulnerable to adversary action by the insider: disclosure, violation of integrity, denial of service, and unauthorized use of resources. We then look at three general remedies for these vulnerabilities. The first is formality of operations, such as training, personnel screening, and configuration management. The second is the institution of automated safeguards, such as single-use passwords, encryption, and biometric devices. The third is the development of automated systems that collect and analyze system and user data to look for signs of misuse.
- Research Organization:
- Los Alamos National Laboratory (LANL), Los Alamos, NM (United States)
- Sponsoring Organization:
- USDOE; USDOE, Washington, DC (United States)
- DOE Contract Number:
- W-7405-ENG-36
- OSTI ID:
- 6230731
- Report Number(s):
- LA-UR-93-1181; CONF-9305151-3; ON: DE93012626
- Resource Relation:
- Conference: 15. computer security group training conference: mission possible - connected and protected, Albuquerque, NM (United States), 3-6 May 1993
- Country of Publication:
- United States
- Language:
- English
Similar Records
LAVA/CS. Computer Security Risk Assessment
Computer Security Risk Assessment
Related Subjects
98 NUCLEAR DISARMAMENT, SAFEGUARDS, AND PHYSICAL PROTECTION
COMPUTERS
SECRECY PROTECTION
ADVERSARIES
SAFEGUARDS
SECURITY
TRAINING
VULNERABILITY
EDUCATION
990200* - Mathematics & Computers
055001 - Nuclear Fuels- Safeguards
Inspection
& Accountability- Technical Aspects