ºÝºÝߣ

ºÝºÝߣShare a Scribd company logo

InsiderAttack_p3.ppt

Download as PPT, PDF
V
VaishnavGhadge1

The document discusses insider threats and proposes implementing the Hitachi ID Identity Manager solution. It provides background on insider threats, including sources like maliciousness, disregard of security practices, carelessness, and ignorance. It analyzes vulnerabilities in telecommunications, credit cards, and healthcare. It then summarizes Hitachi ID features like role-based access control, automatic deactivation of terminated users, and centralized access management. Implementing Hitachi ID could reduce productivity losses, save costs, and help comply with regulations by better controlling access.

1 of 17
Download to read offline
Impact on Confidentiality due to Insider Attacks Project Part 3 Submitted by the Team: AVATAR (Jonathon Raclaw, Marek Jakubik, Rajesh Augustine, and Rao Pathangi)
? Impact on Confidentiality due to Insider Attacks ? An insider is anyone with access to an organization's protected assets ? Insider attack is someone using that access to violate protocol or cause harm intentionally or unintentionally ? Protocol violations with good intentions are still considered threats ? We have already identified a variety of fields that have vulnerabilities due to Insider Attacks ? A Telecommunications Company and it¡¯s employees having default access to sensitive test data ? A Credit Card Company and it¡¯s employees having access to customer credit card numbers ? A Health Care Company and the diverse collection of people/employees that have access to user health data [2] Introduction and Background
? There are four basic sources of insider security problems: ?Maliciousness ¨C that results in compromise or destruction of information, or disruption of services to other insiders ?Disdain of Security Practices ¨C that results in compromise or destruction of information, or disruption of services to other insiders. ?Carelessness ¨C in the use of an information system and/or the protection of company information ?Ignorance ¨C of security policy, security practices and information system use ? Current state of work: ?Basic User ID/ password validation ¨C missing role based access, department based access. If you know the User ID/ Password then you have pretty much every thing ?Policy and procedures ¨C Not strictly enforced [3]
? Develop stronger authentication mechanisms ¨C Some apps do have generic User ID/ Password ? Implement role based access control ¨C Provide just what they are eligible to see ? Provide access to the information based on their department¡¯s business need ¨C Provide just what they need ? Enforce the security policy ¨C tie the violations to job performance [5]
? Purchase Hitachi ID Identity Manager ¨C To better manage user access identities and privileges on a variety of IT systems ? Hitachi ID Identity Manager ¨C A complete user provisioning solution that also automates and simplifies the routine tasks of managing users across multiple systems ? Features provided by Hitachi ID Identity Manager ? Provides the Role Based Access Control (RBAC) ? Enables prompt and complete access deactivation across multiple systems ? Automatically deactivates access for terminated users ? Enforces authorization rules over security change requests ? Existing work ? No Role Based Access Control ¨C If you know User ID/ Password then you are good to go ? No centralized control of access control ? Each system has it¡¯s own way of authenticating users, some with no authentication!!!
Architectural view of Hitachi ID Integration [1]
? Cost Analysis ¨C Following example gives a cost savings example for an organization with 10,000 people per year Benefits: ? With 10% turnover, 5 day for manual setup, 1 day for automatic setup - $60,000 per year productivity ? With 1 change per user per year ¨C wait time is reduced from 4 hr to 1 hr ? 8 administrative FTEs reduced to 4 ? Risks ? Additional cost ¨C Cost to acquire, setup cost, maintenance cost ? Inherent risks of a new IT system ? Need of experts of Hitachi ID Item Current Cost Reduced Cost Productivity lost by new users waiting for access $1,200,000 $240,000 Productivity lost by current users waiting for changes $1,200,000 $300,000 Direct cost of security administration $480,000 $240,000 Total $2,880,000 $780,000 Total savings per year $2,100,000
? Suited for large companies ¨C Large companies where we have many systems and large number of employees ? Build vs. Buy ¨C Building Custom solution would be more costly and may not produce an effective security solution, so go for a ready made solution ? Enterprise wide solution ¨C This strategy is to be adopted by the IT and other users of the company¡¯s resources such as contractors, visitors, etc ? Incremental Deployment ¨C Is it incrementally deployable and would not require a require complete tear-down. ? Cost ¨C Cost is an obstacle but security needs to be implemented and enforced ? Lack of expertise ¨C Most of the companies lack expertise in building security solutions, so trust the leader in the field
? Benefits of Hitachi ID versus Sun Identity Server ? More platform-neutral solution for their IDM products as opposed to Sun that is tied to Oracle ? Recognized by industry as more scalable and reliable ? Integrates equally well with all the major databases, operating systems, web servers and ERP applications ? User provisioning is open to allow easy integration ? Lower lifetime support costs for deployed systems since the customer has a stronger bargaining position at maintenance renewal time, since replacing one product is much easier than replacing many. [1]
A basic tenet of legal liability should compel a company to address security issues and to eliminate or mitigate hazardous conditions promptly. ? Business: ? No lost revenue due to malicious activities ? Reputation is maintained/ increased by reducing the information breaches and fraud ? Increased user productivity by automating and centralizing the access control ? Cost savings in a longer run ? Safeguard of the confidential information ? Legal: ? Regulatory Compliance such as Sarbanes-Oxley, HIPAA ? Avoid regulatory penalties for non compliance ? Avoid Lawsuits by customers for information leakage
? With the Hitachi ID solution in place, we could more easily limit access to certain tools, such as make only development and test teams have access to test tools. Thus reducing the temptation of insider attacks by parties that are outside of the target environment. ? As the Hitachi implementation would work with the existing employee grade and position matrix, the Role Based Access Control (RBAC) could be targeted and changed easily if there is a restructure effort from management. ? Easy monitor of access to telecom systems, provisioning data, customer data, technical and product development data Fit of Proposed Solution for Telecom sector
? Complex nature of business with several applications need a centralized control ? Cost savings by using Hitachi ID product does makes business sense ? Access for Customer Service Agents ?Role based, Example: regular agents, supervisors ?Based on their department, Example: marketing, collections, product sales ? Access to Intranet Applications ¨C Based on roles, Example: employee, manager, director ? Access to specific functionalities within a Application ¨C Based on roles, Example: in the time entry tool managers to see their staff information
? Large number of applications for a educational setup ? Constant need of creating and removing the access for students ? Hitachi ID enables to propagate the password changes to multiple applications ? Access to Intranet Applications ¨C Based on roles, Example: student, professor ? Access to specific functionalities within a Application ¨C Based on roles Example: for teaching aid apps such as black board, professors to have more access than student
Risk Assessment Outcomes Threats Prioritized Risks Select Countermeasures System Design Policies Requirements Available Countermeasures Security Components Develop Security Architecture Security Architecture [4]
Source: ¡°A Survey of Insider Attack Detection Research¡± by Malek Ben Salem, Shlomo Hershkop, and Salvatore J. Stolfo ? Modeling Unix shell commands: identify signature behavior of users based on the sequence of shell commands executed. ? Support Vector Machines ¨C Pattern Recognition: Model ¡±insider¡± click behavior based on ¡°click¡± data to monior ¡°web¡± traffic. ? Network Observable User Actions (ELICIT): Model data flow patterns relating to searching, browsing, downloading, printing, sensitive search terms, printer choice, anomalous browsing activity, and retrieving documents outside of one¡¯s social network. ? Honeypots: Systems deliberately placed in the infrastructure to weed out malicious insiders. ? Future Research: ? Develop profile models that reveal ¡°user intent¡± as opposed to ¡°user activity.¡± ? Develop integrated systems that follow the ELICIT model. ? Develop systems that preserve privacy in the event of a false positive ? Intelligent challenge/response model based on suspicion of anamalous activity ? ¡°Trap the traitor¡± solutions (IT + Psychology)
What How [4]
1. http://hitachi-id.com/ 2. http://www.secretservice.gov/ntac/its_report_040820.pdf 3. http://www.itsecurity.com/ 4. ¡°Security Attribute Evaluation Method: A Cost Benefit Analysis¡±, Shawn A. Butler, Computer Science Department, Carnegie Mellon University 5. ITM Whitepaper, An Introduction to Insider Threat Management, Presented by infoLock Technologies 6. ¡°A Survey of Insider Attack Detection Research¡± by Malek Ben Salem, Shlomo Hershkop, and Salvatore J. Stolfo

Recommended

Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the Hour
Techdemocracy
?
How much does it cost to be Secure?
How much does it cost to be Secure?How much does it cost to be Secure?
How much does it cost to be Secure?
mbmobile
?
Securing your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSecuring your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEs
Sonny Hashmi
?
Securing your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSecuring your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb es
Sonny Hashmi
?
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013
Turvallisuus2013
?
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
Career Communications Group
?
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
abhichowdary16
?
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
?
The Federal Information Security Management Act
The Federal Information Security Management ActThe Federal Information Security Management Act
The Federal Information Security Management Act
Michelle Singh
?
Identity and access management
Identity and access managementIdentity and access management
Identity and access management
Piyush Jain
?
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offering
eeaches
?
Co p
Co pCo p
Co p
Allyn McGillicuddy
?
Mobile Application Security by Design
Mobile Application Security by DesignMobile Application Security by Design
Mobile Application Security by Design
DMI
?
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
Karen Oliver
?
Aplication data security compliances
Aplication data security compliancesAplication data security compliances
Aplication data security compliances
Ahmadi Madi
?
I Series User Management
I Series User ManagementI Series User Management
I Series User Management
SJeffrey23
?
SOC Service in India.pdf
SOC Service in India.pdfSOC Service in India.pdf
SOC Service in India.pdf
ACS Networks & Technologies
?
Dstca
DstcaDstca
Dstca
ajay vj
?
Co p
Co pCo p
Co p
Allyn McGillicuddy
?
User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016
Karla Sasser, CPA CITP, CIA, CGMA
?
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
Tiffany Graham
?
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
Core Security Technologies
?
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data security
Priyanka Aash
?
Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206
Apoorva Ajmani
?
Meletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information security
Meletis Belsis MPhil/MRes/BSc
?
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
North Texas Chapter of the ISSA
?
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern
?
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-security
skumartarget
?
reinforcement-learning-141009013546-conversion-gate02.pdf
reinforcement-learning-141009013546-conversion-gate02.pdfreinforcement-learning-141009013546-conversion-gate02.pdf
reinforcement-learning-141009013546-conversion-gate02.pdf
VaishnavGhadge1
?
digitalmarketingfinal-151111124851-lva1-app6891.pdf
digitalmarketingfinal-151111124851-lva1-app6891.pdfdigitalmarketingfinal-151111124851-lva1-app6891.pdf
digitalmarketingfinal-151111124851-lva1-app6891.pdf
VaishnavGhadge1
?

More Related Content

Similar to InsiderAttack_p3.ppt (20)

The Federal Information Security Management Act
The Federal Information Security Management ActThe Federal Information Security Management Act
The Federal Information Security Management Act
Michelle Singh
?
Identity and access management
Identity and access managementIdentity and access management
Identity and access management
Piyush Jain
?
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offering
eeaches
?
Co p
Co pCo p
Co p
Allyn McGillicuddy
?
Mobile Application Security by Design
Mobile Application Security by DesignMobile Application Security by Design
Mobile Application Security by Design
DMI
?
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
Karen Oliver
?
Aplication data security compliances
Aplication data security compliancesAplication data security compliances
Aplication data security compliances
Ahmadi Madi
?
I Series User Management
I Series User ManagementI Series User Management
I Series User Management
SJeffrey23
?
SOC Service in India.pdf
SOC Service in India.pdfSOC Service in India.pdf
SOC Service in India.pdf
ACS Networks & Technologies
?
Dstca
DstcaDstca
Dstca
ajay vj
?
Co p
Co pCo p
Co p
Allyn McGillicuddy
?
User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016
Karla Sasser, CPA CITP, CIA, CGMA
?
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
Tiffany Graham
?
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
Core Security Technologies
?
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data security
Priyanka Aash
?
Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206
Apoorva Ajmani
?
Meletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information security
Meletis Belsis MPhil/MRes/BSc
?
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
North Texas Chapter of the ISSA
?
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern
?
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-security
skumartarget
?
The Federal Information Security Management Act
The Federal Information Security Management ActThe Federal Information Security Management Act
The Federal Information Security Management Act
Michelle Singh
?
Identity and access management
Identity and access managementIdentity and access management
Identity and access management
Piyush Jain
?
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offering
eeaches
?
Co p
Co pCo p
Co p
Allyn McGillicuddy
?
Mobile Application Security by Design
Mobile Application Security by DesignMobile Application Security by Design
Mobile Application Security by Design
DMI
?
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
Karen Oliver
?
Aplication data security compliances
Aplication data security compliancesAplication data security compliances
Aplication data security compliances
Ahmadi Madi
?
I Series User Management
I Series User ManagementI Series User Management
I Series User Management
SJeffrey23
?
SOC Service in India.pdf
SOC Service in India.pdfSOC Service in India.pdf
SOC Service in India.pdf
ACS Networks & Technologies
?
Dstca
DstcaDstca
Dstca
ajay vj
?
Co p
Co pCo p
Co p
Allyn McGillicuddy
?
User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016
Karla Sasser, CPA CITP, CIA, CGMA
?
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
Tiffany Graham
?
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
Core Security Technologies
?
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data security
Priyanka Aash
?
Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206
Apoorva Ajmani
?
Meletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information security
Meletis Belsis MPhil/MRes/BSc
?
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
North Texas Chapter of the ISSA
?
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern
?
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-security
skumartarget
?

More from VaishnavGhadge1 (6)

reinforcement-learning-141009013546-conversion-gate02.pdf
reinforcement-learning-141009013546-conversion-gate02.pdfreinforcement-learning-141009013546-conversion-gate02.pdf
reinforcement-learning-141009013546-conversion-gate02.pdf
VaishnavGhadge1
?
digitalmarketingfinal-151111124851-lva1-app6891.pdf
digitalmarketingfinal-151111124851-lva1-app6891.pdfdigitalmarketingfinal-151111124851-lva1-app6891.pdf
digitalmarketingfinal-151111124851-lva1-app6891.pdf
VaishnavGhadge1
?
seminar.pptx
seminar.pptxseminar.pptx
seminar.pptx
VaishnavGhadge1
?
medicalmirror-170210123013.pdf
medicalmirror-170210123013.pdfmedicalmirror-170210123013.pdf
medicalmirror-170210123013.pdf
VaishnavGhadge1
?
big-data-8722-m8RQ3h1.pptx
big-data-8722-m8RQ3h1.pptxbig-data-8722-m8RQ3h1.pptx
big-data-8722-m8RQ3h1.pptx
VaishnavGhadge1
?
data.2.pptx
data.2.pptxdata.2.pptx
data.2.pptx
VaishnavGhadge1
?
reinforcement-learning-141009013546-conversion-gate02.pdf
reinforcement-learning-141009013546-conversion-gate02.pdfreinforcement-learning-141009013546-conversion-gate02.pdf
reinforcement-learning-141009013546-conversion-gate02.pdf
VaishnavGhadge1
?
digitalmarketingfinal-151111124851-lva1-app6891.pdf
digitalmarketingfinal-151111124851-lva1-app6891.pdfdigitalmarketingfinal-151111124851-lva1-app6891.pdf
digitalmarketingfinal-151111124851-lva1-app6891.pdf
VaishnavGhadge1
?
seminar.pptx
seminar.pptxseminar.pptx
seminar.pptx
VaishnavGhadge1
?
medicalmirror-170210123013.pdf
medicalmirror-170210123013.pdfmedicalmirror-170210123013.pdf
medicalmirror-170210123013.pdf
VaishnavGhadge1
?
big-data-8722-m8RQ3h1.pptx
big-data-8722-m8RQ3h1.pptxbig-data-8722-m8RQ3h1.pptx
big-data-8722-m8RQ3h1.pptx
VaishnavGhadge1
?
data.2.pptx
data.2.pptxdata.2.pptx
data.2.pptx
VaishnavGhadge1
?

Recently uploaded (20)

Week5_UsefulArt_Impact.pdfWeek5_UsefulArt_Impact.pdf
Week5_UsefulArt_Impact.pdfWeek5_UsefulArt_Impact.pdfWeek5_UsefulArt_Impact.pdfWeek5_UsefulArt_Impact.pdf
Week5_UsefulArt_Impact.pdfWeek5_UsefulArt_Impact.pdf
afeng0320241
?
nasha mukt press coverage agecny reporter
nasha mukt press coverage agecny reporternasha mukt press coverage agecny reporter
nasha mukt press coverage agecny reporter
Uddhav Parab
?
Dehancer Pro 7.2.0 Beta 2 for Adobe Premiere Pro Crack
Dehancer Pro 7.2.0 Beta 2 for Adobe Premiere Pro CrackDehancer Pro 7.2.0 Beta 2 for Adobe Premiere Pro Crack
Dehancer Pro 7.2.0 Beta 2 for Adobe Premiere Pro Crack
crackstore786
?
A concise presentation on Western Art through History.pptx
A concise presentation on Western Art through History.pptxA concise presentation on Western Art through History.pptx
A concise presentation on Western Art through History.pptx
rabeebhatti1
?
MBE Why Add - Storyboards by Johanna Xue
MBE Why Add - Storyboards by Johanna XueMBE Why Add - Storyboards by Johanna Xue
MBE Why Add - Storyboards by Johanna Xue
johannaxuework
?
Waiting in paintings .ppsx
Waiting in paintings .ppsxWaiting in paintings .ppsx
Waiting in paintings .ppsx
guimera
?
hiSAlhtjfhjifhjitkhjthjhltrjthlrtjhnrtljhnxrljx
hiSAlhtjfhjifhjitkhjthjhltrjthlrtjhnrtljhnxrljxhiSAlhtjfhjifhjitkhjthjhltrjthlrtjhnrtljhnxrljx
hiSAlhtjfhjifhjitkhjthjhltrjthlrtjhnrtljhnxrljx
abc441494
?
·ÇÉ« Hijiki: Reclaiming Clay¡¯s Essence in Contemporary Ceramics
·ÇÉ« Hijiki: Reclaiming Clay¡¯s Essence in Contemporary Ceramics·ÇÉ« Hijiki: Reclaiming Clay¡¯s Essence in Contemporary Ceramics
·ÇÉ« Hijiki: Reclaiming Clay¡¯s Essence in Contemporary Ceramics
Makoto Hatori
?
Lecture asfasf safasNo 09 Data Mining.pptx
Lecture asfasf safasNo 09 Data Mining.pptxLecture asfasf safasNo 09 Data Mining.pptx
Lecture asfasf safasNo 09 Data Mining.pptx
2423551
?
Final Cut Pro Crack Version 2025 Here! FREE
Final Cut Pro Crack Version 2025 Here! FREEFinal Cut Pro Crack Version 2025 Here! FREE
Final Cut Pro Crack Version 2025 Here! FREE
raheemk1122g
?
MBE Travel Insurance - Storyboards by JX
MBE Travel Insurance - Storyboards by JXMBE Travel Insurance - Storyboards by JX
MBE Travel Insurance - Storyboards by JX
johannaxuework
?
Enscape 3D 3.5.5 Crack + License key 2025-250214194216-028f8763.pdf
Enscape 3D 3.5.5 Crack + License key 2025-250214194216-028f8763.pdfEnscape 3D 3.5.5 Crack + License key 2025-250214194216-028f8763.pdf
Enscape 3D 3.5.5 Crack + License key 2025-250214194216-028f8763.pdf
asad02kp
?
Week1_IntroductiontoUnit2025.pdfWeek1_IntroductiontoUnit2025.pdfWeek1_Introdu...
Week1_IntroductiontoUnit2025.pdfWeek1_IntroductiontoUnit2025.pdfWeek1_Introdu...Week1_IntroductiontoUnit2025.pdfWeek1_IntroductiontoUnit2025.pdfWeek1_Introdu...
Week1_IntroductiontoUnit2025.pdfWeek1_IntroductiontoUnit2025.pdfWeek1_Introdu...
afeng0320241
?
gfhf ngmhgghnbbbbbbbbbj8hmb igbky kio.pptx
gfhf ngmhgghnbbbbbbbbbj8hmb igbky kio.pptxgfhf ngmhgghnbbbbbbbbbj8hmb igbky kio.pptx
gfhf ngmhgghnbbbbbbbbbj8hmb igbky kio.pptx
sandeepbeniwal74
?
YTD Video Downloader Pro 7.6.2.1 Full Crack [Latest]
YTD Video Downloader Pro 7.6.2.1 Full Crack [Latest]YTD Video Downloader Pro 7.6.2.1 Full Crack [Latest]
YTD Video Downloader Pro 7.6.2.1 Full Crack [Latest]
raheemk1122g
?
HUMAN funtodne thentenste htnethstjuudnfgubsdfbsdbnbsdgbfhdbghdsb
HUMAN funtodne thentenste htnethstjuudnfgubsdfbsdbnbsdgbfhdbghdsbHUMAN funtodne thentenste htnethstjuudnfgubsdfbsdbnbsdgbfhdbghdsb
HUMAN funtodne thentenste htnethstjuudnfgubsdfbsdbnbsdgbfhdbghdsb
hossainjunaed55
?
Adguard Premium Crack + License Key [Latest Version]
Adguard Premium Crack + License Key [Latest Version]Adguard Premium Crack + License Key [Latest Version]
Adguard Premium Crack + License Key [Latest Version]
kamrantariq2x1
?
Wondershare Dr.Fone Toolkit For Pc 13.8.9.87 FULL Crack
Wondershare Dr.Fone Toolkit For Pc 13.8.9.87 FULL CrackWondershare Dr.Fone Toolkit For Pc 13.8.9.87 FULL Crack
Wondershare Dr.Fone Toolkit For Pc 13.8.9.87 FULL Crack
crackstore786
?
SM_Mall of India, sm mall of india, sm mall
SM_Mall of India, sm mall of india, sm mallSM_Mall of India, sm mall of india, sm mall
SM_Mall of India, sm mall of india, sm mall
Muskaankhanna7
?
The Story of Visual Pattern and Photography 101
The Story of Visual Pattern and Photography 101The Story of Visual Pattern and Photography 101
The Story of Visual Pattern and Photography 101
Shiraje Monjirul Ahmed
?
Week5_UsefulArt_Impact.pdfWeek5_UsefulArt_Impact.pdf
Week5_UsefulArt_Impact.pdfWeek5_UsefulArt_Impact.pdfWeek5_UsefulArt_Impact.pdfWeek5_UsefulArt_Impact.pdf
Week5_UsefulArt_Impact.pdfWeek5_UsefulArt_Impact.pdf
afeng0320241
?
nasha mukt press coverage agecny reporter
nasha mukt press coverage agecny reporternasha mukt press coverage agecny reporter
nasha mukt press coverage agecny reporter
Uddhav Parab
?
Dehancer Pro 7.2.0 Beta 2 for Adobe Premiere Pro Crack
Dehancer Pro 7.2.0 Beta 2 for Adobe Premiere Pro CrackDehancer Pro 7.2.0 Beta 2 for Adobe Premiere Pro Crack
Dehancer Pro 7.2.0 Beta 2 for Adobe Premiere Pro Crack
crackstore786
?
A concise presentation on Western Art through History.pptx
A concise presentation on Western Art through History.pptxA concise presentation on Western Art through History.pptx
A concise presentation on Western Art through History.pptx
rabeebhatti1
?
MBE Why Add - Storyboards by Johanna Xue
MBE Why Add - Storyboards by Johanna XueMBE Why Add - Storyboards by Johanna Xue
MBE Why Add - Storyboards by Johanna Xue
johannaxuework
?
Waiting in paintings .ppsx
Waiting in paintings .ppsxWaiting in paintings .ppsx
Waiting in paintings .ppsx
guimera
?
hiSAlhtjfhjifhjitkhjthjhltrjthlrtjhnrtljhnxrljx
hiSAlhtjfhjifhjitkhjthjhltrjthlrtjhnrtljhnxrljxhiSAlhtjfhjifhjitkhjthjhltrjthlrtjhnrtljhnxrljx
hiSAlhtjfhjifhjitkhjthjhltrjthlrtjhnrtljhnxrljx
abc441494
?
·ÇÉ« Hijiki: Reclaiming Clay¡¯s Essence in Contemporary Ceramics
·ÇÉ« Hijiki: Reclaiming Clay¡¯s Essence in Contemporary Ceramics·ÇÉ« Hijiki: Reclaiming Clay¡¯s Essence in Contemporary Ceramics
·ÇÉ« Hijiki: Reclaiming Clay¡¯s Essence in Contemporary Ceramics
Makoto Hatori
?
Lecture asfasf safasNo 09 Data Mining.pptx
Lecture asfasf safasNo 09 Data Mining.pptxLecture asfasf safasNo 09 Data Mining.pptx
Lecture asfasf safasNo 09 Data Mining.pptx
2423551
?
Final Cut Pro Crack Version 2025 Here! FREE
Final Cut Pro Crack Version 2025 Here! FREEFinal Cut Pro Crack Version 2025 Here! FREE
Final Cut Pro Crack Version 2025 Here! FREE
raheemk1122g
?
MBE Travel Insurance - Storyboards by JX
MBE Travel Insurance - Storyboards by JXMBE Travel Insurance - Storyboards by JX
MBE Travel Insurance - Storyboards by JX
johannaxuework
?
Enscape 3D 3.5.5 Crack + License key 2025-250214194216-028f8763.pdf
Enscape 3D 3.5.5 Crack + License key 2025-250214194216-028f8763.pdfEnscape 3D 3.5.5 Crack + License key 2025-250214194216-028f8763.pdf
Enscape 3D 3.5.5 Crack + License key 2025-250214194216-028f8763.pdf
asad02kp
?
Week1_IntroductiontoUnit2025.pdfWeek1_IntroductiontoUnit2025.pdfWeek1_Introdu...
Week1_IntroductiontoUnit2025.pdfWeek1_IntroductiontoUnit2025.pdfWeek1_Introdu...Week1_IntroductiontoUnit2025.pdfWeek1_IntroductiontoUnit2025.pdfWeek1_Introdu...
Week1_IntroductiontoUnit2025.pdfWeek1_IntroductiontoUnit2025.pdfWeek1_Introdu...
afeng0320241
?
gfhf ngmhgghnbbbbbbbbbj8hmb igbky kio.pptx
gfhf ngmhgghnbbbbbbbbbj8hmb igbky kio.pptxgfhf ngmhgghnbbbbbbbbbj8hmb igbky kio.pptx
gfhf ngmhgghnbbbbbbbbbj8hmb igbky kio.pptx
sandeepbeniwal74
?
YTD Video Downloader Pro 7.6.2.1 Full Crack [Latest]
YTD Video Downloader Pro 7.6.2.1 Full Crack [Latest]YTD Video Downloader Pro 7.6.2.1 Full Crack [Latest]
YTD Video Downloader Pro 7.6.2.1 Full Crack [Latest]
raheemk1122g
?
HUMAN funtodne thentenste htnethstjuudnfgubsdfbsdbnbsdgbfhdbghdsb
HUMAN funtodne thentenste htnethstjuudnfgubsdfbsdbnbsdgbfhdbghdsbHUMAN funtodne thentenste htnethstjuudnfgubsdfbsdbnbsdgbfhdbghdsb
HUMAN funtodne thentenste htnethstjuudnfgubsdfbsdbnbsdgbfhdbghdsb
hossainjunaed55
?
Adguard Premium Crack + License Key [Latest Version]
Adguard Premium Crack + License Key [Latest Version]Adguard Premium Crack + License Key [Latest Version]
Adguard Premium Crack + License Key [Latest Version]
kamrantariq2x1
?
Wondershare Dr.Fone Toolkit For Pc 13.8.9.87 FULL Crack
Wondershare Dr.Fone Toolkit For Pc 13.8.9.87 FULL CrackWondershare Dr.Fone Toolkit For Pc 13.8.9.87 FULL Crack
Wondershare Dr.Fone Toolkit For Pc 13.8.9.87 FULL Crack
crackstore786
?
SM_Mall of India, sm mall of india, sm mall
SM_Mall of India, sm mall of india, sm mallSM_Mall of India, sm mall of india, sm mall
SM_Mall of India, sm mall of india, sm mall
Muskaankhanna7
?
The Story of Visual Pattern and Photography 101
The Story of Visual Pattern and Photography 101The Story of Visual Pattern and Photography 101
The Story of Visual Pattern and Photography 101
Shiraje Monjirul Ahmed
?

InsiderAttack_p3.ppt

  • 1. Impact on Confidentiality due to Insider Attacks Project Part 3 Submitted by the Team: AVATAR (Jonathon Raclaw, Marek Jakubik, Rajesh Augustine, and Rao Pathangi)
  • 2. ? Impact on Confidentiality due to Insider Attacks ? An insider is anyone with access to an organization's protected assets ? Insider attack is someone using that access to violate protocol or cause harm intentionally or unintentionally ? Protocol violations with good intentions are still considered threats ? We have already identified a variety of fields that have vulnerabilities due to Insider Attacks ? A Telecommunications Company and it¡¯s employees having default access to sensitive test data ? A Credit Card Company and it¡¯s employees having access to customer credit card numbers ? A Health Care Company and the diverse collection of people/employees that have access to user health data [2] Introduction and Background
  • 3. ? There are four basic sources of insider security problems: ?Maliciousness ¨C that results in compromise or destruction of information, or disruption of services to other insiders ?Disdain of Security Practices ¨C that results in compromise or destruction of information, or disruption of services to other insiders. ?Carelessness ¨C in the use of an information system and/or the protection of company information ?Ignorance ¨C of security policy, security practices and information system use ? Current state of work: ?Basic User ID/ password validation ¨C missing role based access, department based access. If you know the User ID/ Password then you have pretty much every thing ?Policy and procedures ¨C Not strictly enforced [3]
  • 4. ? Develop stronger authentication mechanisms ¨C Some apps do have generic User ID/ Password ? Implement role based access control ¨C Provide just what they are eligible to see ? Provide access to the information based on their department¡¯s business need ¨C Provide just what they need ? Enforce the security policy ¨C tie the violations to job performance [5]
  • 5. ? Purchase Hitachi ID Identity Manager ¨C To better manage user access identities and privileges on a variety of IT systems ? Hitachi ID Identity Manager ¨C A complete user provisioning solution that also automates and simplifies the routine tasks of managing users across multiple systems ? Features provided by Hitachi ID Identity Manager ? Provides the Role Based Access Control (RBAC) ? Enables prompt and complete access deactivation across multiple systems ? Automatically deactivates access for terminated users ? Enforces authorization rules over security change requests ? Existing work ? No Role Based Access Control ¨C If you know User ID/ Password then you are good to go ? No centralized control of access control ? Each system has it¡¯s own way of authenticating users, some with no authentication!!!
  • 6. Architectural view of Hitachi ID Integration [1]
  • 7. ? Cost Analysis ¨C Following example gives a cost savings example for an organization with 10,000 people per year Benefits: ? With 10% turnover, 5 day for manual setup, 1 day for automatic setup - $60,000 per year productivity ? With 1 change per user per year ¨C wait time is reduced from 4 hr to 1 hr ? 8 administrative FTEs reduced to 4 ? Risks ? Additional cost ¨C Cost to acquire, setup cost, maintenance cost ? Inherent risks of a new IT system ? Need of experts of Hitachi ID Item Current Cost Reduced Cost Productivity lost by new users waiting for access $1,200,000 $240,000 Productivity lost by current users waiting for changes $1,200,000 $300,000 Direct cost of security administration $480,000 $240,000 Total $2,880,000 $780,000 Total savings per year $2,100,000
  • 8. ? Suited for large companies ¨C Large companies where we have many systems and large number of employees ? Build vs. Buy ¨C Building Custom solution would be more costly and may not produce an effective security solution, so go for a ready made solution ? Enterprise wide solution ¨C This strategy is to be adopted by the IT and other users of the company¡¯s resources such as contractors, visitors, etc ? Incremental Deployment ¨C Is it incrementally deployable and would not require a require complete tear-down. ? Cost ¨C Cost is an obstacle but security needs to be implemented and enforced ? Lack of expertise ¨C Most of the companies lack expertise in building security solutions, so trust the leader in the field
  • 9. ? Benefits of Hitachi ID versus Sun Identity Server ? More platform-neutral solution for their IDM products as opposed to Sun that is tied to Oracle ? Recognized by industry as more scalable and reliable ? Integrates equally well with all the major databases, operating systems, web servers and ERP applications ? User provisioning is open to allow easy integration ? Lower lifetime support costs for deployed systems since the customer has a stronger bargaining position at maintenance renewal time, since replacing one product is much easier than replacing many. [1]
  • 10. A basic tenet of legal liability should compel a company to address security issues and to eliminate or mitigate hazardous conditions promptly. ? Business: ? No lost revenue due to malicious activities ? Reputation is maintained/ increased by reducing the information breaches and fraud ? Increased user productivity by automating and centralizing the access control ? Cost savings in a longer run ? Safeguard of the confidential information ? Legal: ? Regulatory Compliance such as Sarbanes-Oxley, HIPAA ? Avoid regulatory penalties for non compliance ? Avoid Lawsuits by customers for information leakage
  • 11. ? With the Hitachi ID solution in place, we could more easily limit access to certain tools, such as make only development and test teams have access to test tools. Thus reducing the temptation of insider attacks by parties that are outside of the target environment. ? As the Hitachi implementation would work with the existing employee grade and position matrix, the Role Based Access Control (RBAC) could be targeted and changed easily if there is a restructure effort from management. ? Easy monitor of access to telecom systems, provisioning data, customer data, technical and product development data Fit of Proposed Solution for Telecom sector
  • 12. ? Complex nature of business with several applications need a centralized control ? Cost savings by using Hitachi ID product does makes business sense ? Access for Customer Service Agents ?Role based, Example: regular agents, supervisors ?Based on their department, Example: marketing, collections, product sales ? Access to Intranet Applications ¨C Based on roles, Example: employee, manager, director ? Access to specific functionalities within a Application ¨C Based on roles, Example: in the time entry tool managers to see their staff information
  • 13. ? Large number of applications for a educational setup ? Constant need of creating and removing the access for students ? Hitachi ID enables to propagate the password changes to multiple applications ? Access to Intranet Applications ¨C Based on roles, Example: student, professor ? Access to specific functionalities within a Application ¨C Based on roles Example: for teaching aid apps such as black board, professors to have more access than student
  • 15. Source: ¡°A Survey of Insider Attack Detection Research¡± by Malek Ben Salem, Shlomo Hershkop, and Salvatore J. Stolfo ? Modeling Unix shell commands: identify signature behavior of users based on the sequence of shell commands executed. ? Support Vector Machines ¨C Pattern Recognition: Model ¡±insider¡± click behavior based on ¡°click¡± data to monior ¡°web¡± traffic. ? Network Observable User Actions (ELICIT): Model data flow patterns relating to searching, browsing, downloading, printing, sensitive search terms, printer choice, anomalous browsing activity, and retrieving documents outside of one¡¯s social network. ? Honeypots: Systems deliberately placed in the infrastructure to weed out malicious insiders. ? Future Research: ? Develop profile models that reveal ¡°user intent¡± as opposed to ¡°user activity.¡± ? Develop integrated systems that follow the ELICIT model. ? Develop systems that preserve privacy in the event of a false positive ? Intelligent challenge/response model based on suspicion of anamalous activity ? ¡°Trap the traitor¡± solutions (IT + Psychology)
  • 17. 1. http://hitachi-id.com/ 2. http://www.secretservice.gov/ntac/its_report_040820.pdf 3. http://www.itsecurity.com/ 4. ¡°Security Attribute Evaluation Method: A Cost Benefit Analysis¡±, Shawn A. Butler, Computer Science Department, Carnegie Mellon University 5. ITM Whitepaper, An Introduction to Insider Threat Management, Presented by infoLock Technologies 6. ¡°A Survey of Insider Attack Detection Research¡± by Malek Ben Salem, Shlomo Hershkop, and Salvatore J. Stolfo
AboutCopyright
? 2025 ºÝºÝߣ