TOP
Suche auf der Schloss Dagstuhl Webseite
Sie suchen nach Informationen auf den Webseiten der einzelnen Seminare? - Dann:
Nicht fündig geworden? - Einige unserer Dienste laufen auf separaten Webseiten mit jeweils eigener Suche. Bitte beachten Sie folgende Liste:
Schloss Dagstuhl - LZI - Logo
Schloss Dagstuhl Services
Seminare
Innerhalb dieser Seite:
Externe Seiten:
  • DOOR (zum Registrieren eines Dagstuhl Aufenthaltes)
  • DOSA (zum Beantragen künftiger Dagstuhl Seminare oder Dagstuhl Perspektiven Workshops)
Publishing
Innerhalb dieser Seite:
Externe Seiten:
dblp
Innerhalb dieser Seite:
Externe Seiten:
  • die Informatik-Bibliographiedatenbank dblp


Dagstuhl-Seminar 08302

Countering Insider Threats

( 20. Jul – 25. Jul, 2008 )

(zum Vergrößern in der Bildmitte klicken)

Permalink
Bitte benutzen Sie folgende Kurz-Url zum Verlinken dieser Seite: https://www.dagstuhl.de/08302

Organisatoren





Press Room

Press Reviews


Summary

The “insider threat” or “insider problem” has received considerable attention, and is cited as the most serious security problem in many studies. It is also considered the most difficult problem to deal with, because an “insider” has information and capabilities not known to other, external attackers. However, the term “insider threat” is usually either not defined at all, or defined nebulously.

The difficulty in handling the insider threat is reasonable under those circumstances; if one cannot define a problem precisely, how can one approach a solution, let alone know when the problem is solved? It is noteworthy that, despite this imponderability, definitions of the insider threat still have some common elements. For example, a workshop report defined the problem as malevolent (or possibly inadvertent) actions by an already trusted person with access to sensitive information and information systems. Elsewhere, that same report defined an insider as someone with access, privilege, or knowledge of information systems and services. Another report implicitly defined an insider as anyone operating inside the security perimeter—while already the assumption of only having a single security perimeter may be optimistic.

The goal of this Dagstuhl seminar was to bring together researchers and practitioners from different communities to discuss in a multi-national setting what the problems are we care about, what our response is, which factors influence the cost of dealing with insider threats and attacks, and so on. In a time where we barely understand which factors cause insider threats, and our solutions are scattered all over communities, areas, and instruments, this coordinated action between the involved communities seems to be needed more than ever.

This Dagstuhl seminar was, to our knowledge, the first European seminar focusing on insider threats bringing together US and European researchers and practitioners. The five days of the seminar allowed not only for a rich assortment of presentations, but even more importantly for extended discussions, both formal and informal, among the participants. We even had the opportunity for a structured exercise that challenged participants to define specific insider threats, develop the appropriate responses, and critique each others problem-solution formulation.

We would like to thank all participants of the seminar for making it a fruitful and inspiring event—and especially Dagstuhl’s wonderful staff, for their endless efforts, both before and during the seminar, to make the stay in Dagstuhl as successful as possible.

As stated above we believe that the week in Dagstuhl has been influential in heightening awareness among communities for activities and developments. During the seminar many participants expressed the wish for a community website to establish a central focal point, both for communication between communities, but also to the outside, governmental agencies, and companies. This web portal is currently under construction


Teilnehmer
  • Andre Adelsbach (Telindus S.A. - Luxemburg, LU)
  • Tuomas Aura (Microsoft Research UK - Cambridge, GB)
  • Rebecca Bace (Infidel Inc, US)
  • Matt Bishop (University of California - Davis, US) [dblp]
  • Doina Bucur (University of Oxford, GB)
  • Lizzie Coles-Kemp (RHUL - London, GB) [dblp]
  • Sophie Engle (University of California - Davis, US)
  • Ulrich Flegel (SAP SE - Karlsruhe, DE) [dblp]
  • Deborah A. Frincke (Pacific Northwest National Lab. - Richland, US)
  • Carrie Gates (CA Labs - Islandia, US) [dblp]
  • Dieter Gollmann (TU Hamburg-Harburg, DE) [dblp]
  • Jeffrey Hunker (Carnegie Mellon University, US)
  • Michael Huth (Imperial College London, GB) [dblp]
  • Jan Jürjens (The Open University - Milton Keynes, GB) [dblp]
  • Volker Kozok (Bundesministerium der Verteidigung - Bonn, DE)
  • Matias Madou (Fortify Software Inc. - San Mateo, US)
  • George Magklaras (University of Plymouth, GB)
  • Jan Meier (TU Hamburg-Harburg, DE)
  • Vebjørn Moen (Det Norske Veritas - Stavanger, NO)
  • Sean Peisert (University of California - Davis, US) [dblp]
  • Shari Lawrence Pfleeger (RAND - Arlington, US) [dblp]
  • Joel B. Predd (RAND - Pittsburgh, US)
  • Christian W. Probst (Technical University of Denmark - Lyngby, DK) [dblp]
  • Colby Raley (Strategic Analysis, Inc. - Washington, US)
  • Martina Angela Sasse (University College London, GB) [dblp]
  • Ludwig Seitz (Axiomatics AB - Kista, SE)
  • Sara Sinclair (Dartmouth College - Hanover, US)
  • Salvatore Stolfo (Columbia University, US)
  • Marianthi Theoharidou (Athens University of Economics and Business, GR)
  • Patricia Wolfhope (U. S. Department of Homeland Security - Washington, US)
  • Alec Yasinsac (University of South Alabama, US)

Verwandte Seminare
  • Dagstuhl-Seminar 10341: Insider Threats: Strategies for Prevention, Mitigation, and Response (2010-08-22 - 2010-08-26) (Details)
  • Dagstuhl-Seminar 12501: Organizational Processes for Supporting Sustainable Security (2012-12-09 - 2012-12-12) (Details)

Klassifikation
  • modelling / simulation
  • security / cryptography
  • society / HCI

Schlagworte
  • Insider Threat
  • Security Policies
  • Threat Modelling