Buch, Englisch, 91 Seiten, Paperback, Format (B × H): 187 mm x 235 mm
Buch, Englisch, 91 Seiten, Paperback, Format (B × H): 187 mm x 235 mm
Reihe: Synthesis Lectures on Data Management
ISBN: 978-1-60845-768-7
Verlag: Morgan & Claypool Publishers
Chapter One introduces the notion of insider threat and reports some data about data breaches due to insider threats. Chapter Two covers authentication and access control techniques, and Chapter Three shows how these general security techniques can be extended and used in the context of protection from insider threats. Chapter Four addresses anomaly detection techniques that are used to determine anomalies in data accesses by insiders. These anomalies are often indicative of potential insider data attacks and therefore play an important role in protection from these attacks.
Security information and event management (SIEM) tools and fine-grained auditing are discussed in Chapter Five. These tools aim at collecting, analyzing, and correlating -- in real-time -- any information and event that may be relevant for the security of an organization. As such, they can be a key element in finding a solution to such undesirable insider threats. Chapter Six goes on to provide a survey of techniques for separation-of-duty (SoD). SoD is an important principle that, when implemented in systems and tools, can strengthen data protection from malicious insiders. However, to date, very few approaches have been proposed for implementing SoD in systems. In Chapter Seven, a short survey of a commercial product is presented, which provides different techniques for protection from malicious users with system privileges - such as a DBA in database management systems. Finally, in Chapter Eight, the book concludes with a few remarks and additional research directions.
Autoren/Hrsg.
Weitere Infos & Material
- Introduction
- Authentication
- Access Control
- Anomaly Detection
- Security Information and Event Management and Auditing
- Separation of Duty
- Case Study: Oracle Database Vault
- Conclusion