SlideShare a Scribd company logo

InsiderAttack_p3.ppt

Download as PPT, PDF
V
VaishnavGhadge1

The document discusses insider threats and proposes implementing the Hitachi ID Identity Manager solution. It provides background on insider threats, including sources like maliciousness, disregard of security practices, carelessness, and ignorance. It analyzes vulnerabilities in telecommunications, credit cards, and healthcare. It then summarizes Hitachi ID features like role-based access control, automatic deactivation of terminated users, and centralized access management. Implementing Hitachi ID could reduce productivity losses, save costs, and help comply with regulations by better controlling access.

Art & Photos
1 of 17
Impact on Confidentiality due to Insider Attacks Project Part 3 Submitted by the Team: AVATAR (Jonathon Raclaw, Marek Jakubik, Rajesh Augustine, and Rao Pathangi)
 Impact on Confidentiality due to Insider Attacks  An insider is anyone with access to an organization's protected assets  Insider attack is someone using that access to violate protocol or cause harm intentionally or unintentionally  Protocol violations with good intentions are still considered threats  We have already identified a variety of fields that have vulnerabilities due to Insider Attacks  A Telecommunications Company and it’s employees having default access to sensitive test data  A Credit Card Company and it’s employees having access to customer credit card numbers  A Health Care Company and the diverse collection of people/employees that have access to user health data [2] Introduction and Background
 There are four basic sources of insider security problems: Maliciousness – that results in compromise or destruction of information, or disruption of services to other insiders Disdain of Security Practices – that results in compromise or destruction of information, or disruption of services to other insiders. Carelessness – in the use of an information system and/or the protection of company information Ignorance – of security policy, security practices and information system use  Current state of work: Basic User ID/ password validation – missing role based access, department based access. If you know the User ID/ Password then you have pretty much every thing Policy and procedures – Not strictly enforced [3]
 Develop stronger authentication mechanisms – Some apps do have generic User ID/ Password  Implement role based access control – Provide just what they are eligible to see  Provide access to the information based on their department’s business need – Provide just what they need  Enforce the security policy – tie the violations to job performance [5]
 Purchase Hitachi ID Identity Manager – To better manage user access identities and privileges on a variety of IT systems  Hitachi ID Identity Manager – A complete user provisioning solution that also automates and simplifies the routine tasks of managing users across multiple systems  Features provided by Hitachi ID Identity Manager  Provides the Role Based Access Control (RBAC)  Enables prompt and complete access deactivation across multiple systems  Automatically deactivates access for terminated users  Enforces authorization rules over security change requests  Existing work  No Role Based Access Control – If you know User ID/ Password then you are good to go  No centralized control of access control  Each system has it’s own way of authenticating users, some with no authentication!!!
Architectural view of Hitachi ID Integration [1]
 Cost Analysis – Following example gives a cost savings example for an organization with 10,000 people per year Benefits:  With 10% turnover, 5 day for manual setup, 1 day for automatic setup - $60,000 per year productivity  With 1 change per user per year – wait time is reduced from 4 hr to 1 hr  8 administrative FTEs reduced to 4  Risks  Additional cost – Cost to acquire, setup cost, maintenance cost  Inherent risks of a new IT system  Need of experts of Hitachi ID Item Current Cost Reduced Cost Productivity lost by new users waiting for access $1,200,000 $240,000 Productivity lost by current users waiting for changes $1,200,000 $300,000 Direct cost of security administration $480,000 $240,000 Total $2,880,000 $780,000 Total savings per year $2,100,000
 Suited for large companies – Large companies where we have many systems and large number of employees  Build vs. Buy – Building Custom solution would be more costly and may not produce an effective security solution, so go for a ready made solution  Enterprise wide solution – This strategy is to be adopted by the IT and other users of the company’s resources such as contractors, visitors, etc  Incremental Deployment – Is it incrementally deployable and would not require a require complete tear-down.  Cost – Cost is an obstacle but security needs to be implemented and enforced  Lack of expertise – Most of the companies lack expertise in building security solutions, so trust the leader in the field
 Benefits of Hitachi ID versus Sun Identity Server  More platform-neutral solution for their IDM products as opposed to Sun that is tied to Oracle  Recognized by industry as more scalable and reliable  Integrates equally well with all the major databases, operating systems, web servers and ERP applications  User provisioning is open to allow easy integration  Lower lifetime support costs for deployed systems since the customer has a stronger bargaining position at maintenance renewal time, since replacing one product is much easier than replacing many. [1]
A basic tenet of legal liability should compel a company to address security issues and to eliminate or mitigate hazardous conditions promptly.  Business:  No lost revenue due to malicious activities  Reputation is maintained/ increased by reducing the information breaches and fraud  Increased user productivity by automating and centralizing the access control  Cost savings in a longer run  Safeguard of the confidential information  Legal:  Regulatory Compliance such as Sarbanes-Oxley, HIPAA  Avoid regulatory penalties for non compliance  Avoid Lawsuits by customers for information leakage
 With the Hitachi ID solution in place, we could more easily limit access to certain tools, such as make only development and test teams have access to test tools. Thus reducing the temptation of insider attacks by parties that are outside of the target environment.  As the Hitachi implementation would work with the existing employee grade and position matrix, the Role Based Access Control (RBAC) could be targeted and changed easily if there is a restructure effort from management.  Easy monitor of access to telecom systems, provisioning data, customer data, technical and product development data Fit of Proposed Solution for Telecom sector
 Complex nature of business with several applications need a centralized control  Cost savings by using Hitachi ID product does makes business sense  Access for Customer Service Agents Role based, Example: regular agents, supervisors Based on their department, Example: marketing, collections, product sales  Access to Intranet Applications – Based on roles, Example: employee, manager, director  Access to specific functionalities within a Application – Based on roles, Example: in the time entry tool managers to see their staff information
 Large number of applications for a educational setup  Constant need of creating and removing the access for students  Hitachi ID enables to propagate the password changes to multiple applications  Access to Intranet Applications – Based on roles, Example: student, professor  Access to specific functionalities within a Application – Based on roles Example: for teaching aid apps such as black board, professors to have more access than student
Risk Assessment Outcomes Threats Prioritized Risks Select Countermeasures System Design Policies Requirements Available Countermeasures Security Components Develop Security Architecture Security Architecture [4]
Source: “A Survey of Insider Attack Detection Research” by Malek Ben Salem, Shlomo Hershkop, and Salvatore J. Stolfo • Modeling Unix shell commands: identify signature behavior of users based on the sequence of shell commands executed. • Support Vector Machines – Pattern Recognition: Model ”insider” click behavior based on “click” data to monior “web” traffic. • Network Observable User Actions (ELICIT): Model data flow patterns relating to searching, browsing, downloading, printing, sensitive search terms, printer choice, anomalous browsing activity, and retrieving documents outside of one’s social network. • Honeypots: Systems deliberately placed in the infrastructure to weed out malicious insiders. • Future Research: • Develop profile models that reveal “user intent” as opposed to “user activity.” • Develop integrated systems that follow the ELICIT model. • Develop systems that preserve privacy in the event of a false positive • Intelligent challenge/response model based on suspicion of anamalous activity • “Trap the traitor” solutions (IT + Psychology)
What How [4]
1. http://hitachi-id.com/ 2. http://www.secretservice.gov/ntac/its_report_040820.pdf 3. http://www.itsecurity.com/ 4. “Security Attribute Evaluation Method: A Cost Benefit Analysis”, Shawn A. Butler, Computer Science Department, Carnegie Mellon University 5. ITM Whitepaper, An Introduction to Insider Threat Management, Presented by infoLock Technologies 6. “A Survey of Insider Attack Detection Research” by Malek Ben Salem, Shlomo Hershkop, and Salvatore J. Stolfo

Recommended

Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the Hour
Techdemocracy
 
How much does it cost to be Secure?
How much does it cost to be Secure?How much does it cost to be Secure?
How much does it cost to be Secure?mbmobile
 
Securing your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSecuring your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSonny Hashmi
 
Securing your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSecuring your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb es
Sonny Hashmi
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Turvallisuus2013
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
Career Communications Group
 
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
abhichowdary16
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
 

Recommended

Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the Hour
Techdemocracy
 
How much does it cost to be Secure?
How much does it cost to be Secure?How much does it cost to be Secure?
How much does it cost to be Secure?mbmobile
 
Securing your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSecuring your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSonny Hashmi
 
Securing your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSecuring your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb es
Sonny Hashmi
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Turvallisuus2013
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
Career Communications Group
 
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
abhichowdary16
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
 
The Federal Information Security Management Act
The Federal Information Security Management ActThe Federal Information Security Management Act
The Federal Information Security Management Act
Michelle Singh
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access management
Piyush Jain
 
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offering
eeaches
 
Co p
Co pCo p
Co pAllyn McGillicuddy
 
Mobile Application Security by Design
Mobile Application Security by DesignMobile Application Security by Design
Mobile Application Security by Design
DMI
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
Karen Oliver
 
Aplication data security compliances
Aplication data security compliancesAplication data security compliances
Aplication data security compliances
Ahmadi Madi
 
I Series User Management
I Series User ManagementI Series User Management
I Series User Management
SJeffrey23
 
SOC Service in India.pdf
SOC Service in India.pdfSOC Service in India.pdf
SOC Service in India.pdf
ACS Networks & Technologies
 
Dstca
DstcaDstca
Dstca
ajay vj
 
Co p
Co pCo p
Co pAllyn McGillicuddy
 
User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016Karla Sasser, CPA CITP, CIA, CGMA
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
Tiffany Graham
 
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
Core Security Technologies
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Apoorva Ajmani
 
Meletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information security
Meletis Belsis MPhil/MRes/BSc
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
North Texas Chapter of the ISSA
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-security
skumartarget
 
reinforcement-learning-141009013546-conversion-gate02.pdf
reinforcement-learning-141009013546-conversion-gate02.pdfreinforcement-learning-141009013546-conversion-gate02.pdf
reinforcement-learning-141009013546-conversion-gate02.pdf
VaishnavGhadge1
 
digitalmarketingfinal-151111124851-lva1-app6891.pdf
digitalmarketingfinal-151111124851-lva1-app6891.pdfdigitalmarketingfinal-151111124851-lva1-app6891.pdf
digitalmarketingfinal-151111124851-lva1-app6891.pdf
VaishnavGhadge1
 

More Related Content

Similar to InsiderAttack_p3.ppt

The Federal Information Security Management Act
The Federal Information Security Management ActThe Federal Information Security Management Act
The Federal Information Security Management Act
Michelle Singh
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access management
Piyush Jain
 
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offering
eeaches
 
Mobile Application Security by Design
Mobile Application Security by DesignMobile Application Security by Design
Mobile Application Security by Design
DMI
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
Karen Oliver
 
Aplication data security compliances
Aplication data security compliancesAplication data security compliances
Aplication data security compliances
Ahmadi Madi
 
I Series User Management
I Series User ManagementI Series User Management
I Series User Management
SJeffrey23
 
SOC Service in India.pdf
SOC Service in India.pdfSOC Service in India.pdf
SOC Service in India.pdf
ACS Networks & Technologies
 
Dstca
DstcaDstca
Dstca
ajay vj
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
Tiffany Graham
 
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
Core Security Technologies
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Apoorva Ajmani
 
Meletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information security
Meletis Belsis MPhil/MRes/BSc
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
North Texas Chapter of the ISSA
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-security
skumartarget
 

Similar to InsiderAttack_p3.ppt (20)

The Federal Information Security Management Act
The Federal Information Security Management ActThe Federal Information Security Management Act
The Federal Information Security Management Act
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access management
 
Information Security Assessment Offering
Information Security Assessment OfferingInformation Security Assessment Offering
Information Security Assessment Offering
 
Co p
Co pCo p
Co p
 
Mobile Application Security by Design
Mobile Application Security by DesignMobile Application Security by Design
Mobile Application Security by Design
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
 
Aplication data security compliances
Aplication data security compliancesAplication data security compliances
Aplication data security compliances
 
I Series User Management
I Series User ManagementI Series User Management
I Series User Management
 
SOC Service in India.pdf
SOC Service in India.pdfSOC Service in India.pdf
SOC Service in India.pdf
 
Dstca
DstcaDstca
Dstca
 
Co p
Co pCo p
Co p
 
User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
 
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data security
 
Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206Enterprise Information Security Architecture_Paper_1206
Enterprise Information Security Architecture_Paper_1206
 
Meletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information securityMeletis BelsisManaging and enforcing information security
Meletis BelsisManaging and enforcing information security
 
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob DavisLuncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
Luncheon 2015-11-19 - Lessons Learned from Avid Life Media by Rob Davis
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-security
 

More from VaishnavGhadge1

reinforcement-learning-141009013546-conversion-gate02.pdf
reinforcement-learning-141009013546-conversion-gate02.pdfreinforcement-learning-141009013546-conversion-gate02.pdf
reinforcement-learning-141009013546-conversion-gate02.pdf
VaishnavGhadge1
 
digitalmarketingfinal-151111124851-lva1-app6891.pdf
digitalmarketingfinal-151111124851-lva1-app6891.pdfdigitalmarketingfinal-151111124851-lva1-app6891.pdf
digitalmarketingfinal-151111124851-lva1-app6891.pdf
VaishnavGhadge1
 
seminar.pptx
seminar.pptxseminar.pptx
seminar.pptx
VaishnavGhadge1
 
medicalmirror-170210123013.pdf
medicalmirror-170210123013.pdfmedicalmirror-170210123013.pdf
medicalmirror-170210123013.pdf
VaishnavGhadge1
 
big-data-8722-m8RQ3h1.pptx
big-data-8722-m8RQ3h1.pptxbig-data-8722-m8RQ3h1.pptx
big-data-8722-m8RQ3h1.pptx
VaishnavGhadge1
 
data.2.pptx
data.2.pptxdata.2.pptx
data.2.pptx
VaishnavGhadge1
 

More from VaishnavGhadge1 (6)

reinforcement-learning-141009013546-conversion-gate02.pdf
reinforcement-learning-141009013546-conversion-gate02.pdfreinforcement-learning-141009013546-conversion-gate02.pdf
reinforcement-learning-141009013546-conversion-gate02.pdf
 
digitalmarketingfinal-151111124851-lva1-app6891.pdf
digitalmarketingfinal-151111124851-lva1-app6891.pdfdigitalmarketingfinal-151111124851-lva1-app6891.pdf
digitalmarketingfinal-151111124851-lva1-app6891.pdf
 
seminar.pptx
seminar.pptxseminar.pptx
seminar.pptx
 
medicalmirror-170210123013.pdf
medicalmirror-170210123013.pdfmedicalmirror-170210123013.pdf
medicalmirror-170210123013.pdf
 
big-data-8722-m8RQ3h1.pptx
big-data-8722-m8RQ3h1.pptxbig-data-8722-m8RQ3h1.pptx
big-data-8722-m8RQ3h1.pptx
 
data.2.pptx
data.2.pptxdata.2.pptx
data.2.pptx
 

Recently uploaded

Caffeinated Pitch Bible- developed by Claire Wilson
Caffeinated Pitch Bible- developed by Claire WilsonCaffeinated Pitch Bible- developed by Claire Wilson
Caffeinated Pitch Bible- developed by Claire Wilson
ClaireWilson398082
 
IrishWritersCtrsPersonalEssaysMay29.pptx
IrishWritersCtrsPersonalEssaysMay29.pptxIrishWritersCtrsPersonalEssaysMay29.pptx
IrishWritersCtrsPersonalEssaysMay29.pptx
Aine Greaney Ellrott
 
thGAP - BAbyss in Moderno!! Transgenic Human Germline Alternatives Project
thGAP - BAbyss in Moderno!! Transgenic Human Germline Alternatives ProjectthGAP - BAbyss in Moderno!! Transgenic Human Germline Alternatives Project
thGAP - BAbyss in Moderno!! Transgenic Human Germline Alternatives Project
Marc Dusseiller Dusjagr
 
一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理
一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理
一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理
taqyed
 
2137ad - Characters that live in Merindol and are at the center of main stories
2137ad - Characters that live in Merindol and are at the center of main stories2137ad - Characters that live in Merindol and are at the center of main stories
2137ad - Characters that live in Merindol and are at the center of main stories
luforfor
 
Codes n Conventionss copy (2).pptx new new
Codes n Conventionss copy (2).pptx new newCodes n Conventionss copy (2).pptx new new
Codes n Conventionss copy (2).pptx new new
ZackSpencer3
 
Memory Rental Store - The Chase (Storyboard)
Memory Rental Store - The Chase (Storyboard)Memory Rental Store - The Chase (Storyboard)
Memory Rental Store - The Chase (Storyboard)
SuryaKalyan3
 
Sundabet | Slot gacor dan terpercaya mudah menang
Sundabet | Slot gacor dan terpercaya mudah menangSundabet | Slot gacor dan terpercaya mudah menang
Sundabet | Slot gacor dan terpercaya mudah menang
Sundabet | Situs Slot gacor dan terpercaya
 
Inter-Dimensional Girl Boards Segment (Act 3)
Inter-Dimensional Girl Boards Segment (Act 3)Inter-Dimensional Girl Boards Segment (Act 3)
Inter-Dimensional Girl Boards Segment (Act 3)
CristianMestre
 
2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...
2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...
2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...
luforfor
 
一比一原版(DU毕业证)迪肯大学毕业证成绩单
一比一原版(DU毕业证)迪肯大学毕业证成绩单一比一原版(DU毕业证)迪肯大学毕业证成绩单
一比一原版(DU毕业证)迪肯大学毕业证成绩单
zvaywau
 
ashokathegreat project class 12 presentation
ashokathegreat project class 12 presentationashokathegreat project class 12 presentation
ashokathegreat project class 12 presentation
aditiyad2020
 
The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎
The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎
The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎
iraqartsandculture
 
一比一原版(GU毕业证)格里菲斯大学毕业证成绩单
一比一原版(GU毕业证)格里菲斯大学毕业证成绩单一比一原版(GU毕业证)格里菲斯大学毕业证成绩单
一比一原版(GU毕业证)格里菲斯大学毕业证成绩单
zvaywau
 
The Legacy of Breton In A New Age by Master Terrance Lindall
The Legacy of Breton In A New Age by Master Terrance LindallThe Legacy of Breton In A New Age by Master Terrance Lindall
The Legacy of Breton In A New Age by Master Terrance Lindall
BBaez1
 
一比一原版UPenn毕业证宾夕法尼亚大学毕业证成绩单如何办理
一比一原版UPenn毕业证宾夕法尼亚大学毕业证成绩单如何办理一比一原版UPenn毕业证宾夕法尼亚大学毕业证成绩单如何办理
一比一原版UPenn毕业证宾夕法尼亚大学毕业证成绩单如何办理
beduwt
 
CLASS XII- HISTORY-THEME 4-Thinkers, Bes
CLASS XII- HISTORY-THEME 4-Thinkers, BesCLASS XII- HISTORY-THEME 4-Thinkers, Bes
CLASS XII- HISTORY-THEME 4-Thinkers, Bes
aditiyad2020
 
ART FORMS OF KERALA: TRADITIONAL AND OTHERS
ART FORMS OF KERALA: TRADITIONAL AND OTHERSART FORMS OF KERALA: TRADITIONAL AND OTHERS
ART FORMS OF KERALA: TRADITIONAL AND OTHERS
Sandhya J.Nair
 
Memory Rental Store - The Ending(Storyboard)
Memory Rental Store - The Ending(Storyboard)Memory Rental Store - The Ending(Storyboard)
Memory Rental Store - The Ending(Storyboard)
SuryaKalyan3
 

Recently uploaded (20)

European Cybersecurity Skills Framework Role Profiles.pdf
European Cybersecurity Skills Framework Role Profiles.pdfEuropean Cybersecurity Skills Framework Role Profiles.pdf
European Cybersecurity Skills Framework Role Profiles.pdf
 
Caffeinated Pitch Bible- developed by Claire Wilson
Caffeinated Pitch Bible- developed by Claire WilsonCaffeinated Pitch Bible- developed by Claire Wilson
Caffeinated Pitch Bible- developed by Claire Wilson
 
IrishWritersCtrsPersonalEssaysMay29.pptx
IrishWritersCtrsPersonalEssaysMay29.pptxIrishWritersCtrsPersonalEssaysMay29.pptx
IrishWritersCtrsPersonalEssaysMay29.pptx
 
thGAP - BAbyss in Moderno!! Transgenic Human Germline Alternatives Project
thGAP - BAbyss in Moderno!! Transgenic Human Germline Alternatives ProjectthGAP - BAbyss in Moderno!! Transgenic Human Germline Alternatives Project
thGAP - BAbyss in Moderno!! Transgenic Human Germline Alternatives Project
 
一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理
一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理
一比一原版(qut毕业证)昆士兰科技大学毕业证如何办理
 
2137ad - Characters that live in Merindol and are at the center of main stories
2137ad - Characters that live in Merindol and are at the center of main stories2137ad - Characters that live in Merindol and are at the center of main stories
2137ad - Characters that live in Merindol and are at the center of main stories
 
Codes n Conventionss copy (2).pptx new new
Codes n Conventionss copy (2).pptx new newCodes n Conventionss copy (2).pptx new new
Codes n Conventionss copy (2).pptx new new
 
Memory Rental Store - The Chase (Storyboard)
Memory Rental Store - The Chase (Storyboard)Memory Rental Store - The Chase (Storyboard)
Memory Rental Store - The Chase (Storyboard)
 
Sundabet | Slot gacor dan terpercaya mudah menang
Sundabet | Slot gacor dan terpercaya mudah menangSundabet | Slot gacor dan terpercaya mudah menang
Sundabet | Slot gacor dan terpercaya mudah menang
 
Inter-Dimensional Girl Boards Segment (Act 3)
Inter-Dimensional Girl Boards Segment (Act 3)Inter-Dimensional Girl Boards Segment (Act 3)
Inter-Dimensional Girl Boards Segment (Act 3)
 
2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...
2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...
2137ad Merindol Colony Interiors where refugee try to build a seemengly norm...
 
一比一原版(DU毕业证)迪肯大学毕业证成绩单
一比一原版(DU毕业证)迪肯大学毕业证成绩单一比一原版(DU毕业证)迪肯大学毕业证成绩单
一比一原版(DU毕业证)迪肯大学毕业证成绩单
 
ashokathegreat project class 12 presentation
ashokathegreat project class 12 presentationashokathegreat project class 12 presentation
ashokathegreat project class 12 presentation
 
The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎
The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎
The Last Polymath: Muntadher Saleh‎‎‎‎‎‎‎‎‎‎‎‎
 
一比一原版(GU毕业证)格里菲斯大学毕业证成绩单
一比一原版(GU毕业证)格里菲斯大学毕业证成绩单一比一原版(GU毕业证)格里菲斯大学毕业证成绩单
一比一原版(GU毕业证)格里菲斯大学毕业证成绩单
 
The Legacy of Breton In A New Age by Master Terrance Lindall
The Legacy of Breton In A New Age by Master Terrance LindallThe Legacy of Breton In A New Age by Master Terrance Lindall
The Legacy of Breton In A New Age by Master Terrance Lindall
 
一比一原版UPenn毕业证宾夕法尼亚大学毕业证成绩单如何办理
一比一原版UPenn毕业证宾夕法尼亚大学毕业证成绩单如何办理一比一原版UPenn毕业证宾夕法尼亚大学毕业证成绩单如何办理
一比一原版UPenn毕业证宾夕法尼亚大学毕业证成绩单如何办理
 
CLASS XII- HISTORY-THEME 4-Thinkers, Bes
CLASS XII- HISTORY-THEME 4-Thinkers, BesCLASS XII- HISTORY-THEME 4-Thinkers, Bes
CLASS XII- HISTORY-THEME 4-Thinkers, Bes
 
ART FORMS OF KERALA: TRADITIONAL AND OTHERS
ART FORMS OF KERALA: TRADITIONAL AND OTHERSART FORMS OF KERALA: TRADITIONAL AND OTHERS
ART FORMS OF KERALA: TRADITIONAL AND OTHERS
 
Memory Rental Store - The Ending(Storyboard)
Memory Rental Store - The Ending(Storyboard)Memory Rental Store - The Ending(Storyboard)
Memory Rental Store - The Ending(Storyboard)
 

InsiderAttack_p3.ppt

  • 1. Impact on Confidentiality due to Insider Attacks Project Part 3 Submitted by the Team: AVATAR (Jonathon Raclaw, Marek Jakubik, Rajesh Augustine, and Rao Pathangi)
  • 2.  Impact on Confidentiality due to Insider Attacks  An insider is anyone with access to an organization's protected assets  Insider attack is someone using that access to violate protocol or cause harm intentionally or unintentionally  Protocol violations with good intentions are still considered threats  We have already identified a variety of fields that have vulnerabilities due to Insider Attacks  A Telecommunications Company and it’s employees having default access to sensitive test data  A Credit Card Company and it’s employees having access to customer credit card numbers  A Health Care Company and the diverse collection of people/employees that have access to user health data [2] Introduction and Background
  • 3.  There are four basic sources of insider security problems: Maliciousness – that results in compromise or destruction of information, or disruption of services to other insiders Disdain of Security Practices – that results in compromise or destruction of information, or disruption of services to other insiders. Carelessness – in the use of an information system and/or the protection of company information Ignorance – of security policy, security practices and information system use  Current state of work: Basic User ID/ password validation – missing role based access, department based access. If you know the User ID/ Password then you have pretty much every thing Policy and procedures – Not strictly enforced [3]
  • 4.  Develop stronger authentication mechanisms – Some apps do have generic User ID/ Password  Implement role based access control – Provide just what they are eligible to see  Provide access to the information based on their department’s business need – Provide just what they need  Enforce the security policy – tie the violations to job performance [5]
  • 5.  Purchase Hitachi ID Identity Manager – To better manage user access identities and privileges on a variety of IT systems  Hitachi ID Identity Manager – A complete user provisioning solution that also automates and simplifies the routine tasks of managing users across multiple systems  Features provided by Hitachi ID Identity Manager  Provides the Role Based Access Control (RBAC)  Enables prompt and complete access deactivation across multiple systems  Automatically deactivates access for terminated users  Enforces authorization rules over security change requests  Existing work  No Role Based Access Control – If you know User ID/ Password then you are good to go  No centralized control of access control  Each system has it’s own way of authenticating users, some with no authentication!!!
  • 6. Architectural view of Hitachi ID Integration [1]
  • 7.  Cost Analysis – Following example gives a cost savings example for an organization with 10,000 people per year Benefits:  With 10% turnover, 5 day for manual setup, 1 day for automatic setup - $60,000 per year productivity  With 1 change per user per year – wait time is reduced from 4 hr to 1 hr  8 administrative FTEs reduced to 4  Risks  Additional cost – Cost to acquire, setup cost, maintenance cost  Inherent risks of a new IT system  Need of experts of Hitachi ID Item Current Cost Reduced Cost Productivity lost by new users waiting for access $1,200,000 $240,000 Productivity lost by current users waiting for changes $1,200,000 $300,000 Direct cost of security administration $480,000 $240,000 Total $2,880,000 $780,000 Total savings per year $2,100,000
  • 8.  Suited for large companies – Large companies where we have many systems and large number of employees  Build vs. Buy – Building Custom solution would be more costly and may not produce an effective security solution, so go for a ready made solution  Enterprise wide solution – This strategy is to be adopted by the IT and other users of the company’s resources such as contractors, visitors, etc  Incremental Deployment – Is it incrementally deployable and would not require a require complete tear-down.  Cost – Cost is an obstacle but security needs to be implemented and enforced  Lack of expertise – Most of the companies lack expertise in building security solutions, so trust the leader in the field
  • 9.  Benefits of Hitachi ID versus Sun Identity Server  More platform-neutral solution for their IDM products as opposed to Sun that is tied to Oracle  Recognized by industry as more scalable and reliable  Integrates equally well with all the major databases, operating systems, web servers and ERP applications  User provisioning is open to allow easy integration  Lower lifetime support costs for deployed systems since the customer has a stronger bargaining position at maintenance renewal time, since replacing one product is much easier than replacing many. [1]
  • 10. A basic tenet of legal liability should compel a company to address security issues and to eliminate or mitigate hazardous conditions promptly.  Business:  No lost revenue due to malicious activities  Reputation is maintained/ increased by reducing the information breaches and fraud  Increased user productivity by automating and centralizing the access control  Cost savings in a longer run  Safeguard of the confidential information  Legal:  Regulatory Compliance such as Sarbanes-Oxley, HIPAA  Avoid regulatory penalties for non compliance  Avoid Lawsuits by customers for information leakage
  • 11.  With the Hitachi ID solution in place, we could more easily limit access to certain tools, such as make only development and test teams have access to test tools. Thus reducing the temptation of insider attacks by parties that are outside of the target environment.  As the Hitachi implementation would work with the existing employee grade and position matrix, the Role Based Access Control (RBAC) could be targeted and changed easily if there is a restructure effort from management.  Easy monitor of access to telecom systems, provisioning data, customer data, technical and product development data Fit of Proposed Solution for Telecom sector
  • 12.  Complex nature of business with several applications need a centralized control  Cost savings by using Hitachi ID product does makes business sense  Access for Customer Service Agents Role based, Example: regular agents, supervisors Based on their department, Example: marketing, collections, product sales  Access to Intranet Applications – Based on roles, Example: employee, manager, director  Access to specific functionalities within a Application – Based on roles, Example: in the time entry tool managers to see their staff information
  • 13.  Large number of applications for a educational setup  Constant need of creating and removing the access for students  Hitachi ID enables to propagate the password changes to multiple applications  Access to Intranet Applications – Based on roles, Example: student, professor  Access to specific functionalities within a Application – Based on roles Example: for teaching aid apps such as black board, professors to have more access than student
  • 15. Source: “A Survey of Insider Attack Detection Research” by Malek Ben Salem, Shlomo Hershkop, and Salvatore J. Stolfo • Modeling Unix shell commands: identify signature behavior of users based on the sequence of shell commands executed. • Support Vector Machines – Pattern Recognition: Model ”insider” click behavior based on “click” data to monior “web” traffic. • Network Observable User Actions (ELICIT): Model data flow patterns relating to searching, browsing, downloading, printing, sensitive search terms, printer choice, anomalous browsing activity, and retrieving documents outside of one’s social network. • Honeypots: Systems deliberately placed in the infrastructure to weed out malicious insiders. • Future Research: • Develop profile models that reveal “user intent” as opposed to “user activity.” • Develop integrated systems that follow the ELICIT model. • Develop systems that preserve privacy in the event of a false positive • Intelligent challenge/response model based on suspicion of anamalous activity • “Trap the traitor” solutions (IT + Psychology)
  • 17. 1. http://hitachi-id.com/ 2. http://www.secretservice.gov/ntac/its_report_040820.pdf 3. http://www.itsecurity.com/ 4. “Security Attribute Evaluation Method: A Cost Benefit Analysis”, Shawn A. Butler, Computer Science Department, Carnegie Mellon University 5. ITM Whitepaper, An Introduction to Insider Threat Management, Presented by infoLock Technologies 6. “A Survey of Insider Attack Detection Research” by Malek Ben Salem, Shlomo Hershkop, and Salvatore J. Stolfo