@inproceedings{Bishop2009,
abstract = {Much of the literature on insider threat assumes, explicitly or implicitly, a binary, perimeter-based notion of an insider. However, it is generally accepted that this notion is unrealistic. The Attribute-Based Group Access Control (ABGAC) framework is a generalization of Role-Based Access Control (RBAC) which allows us to define a non-binary notion of "insiderness". In this paper, we illustrate how to use ABGAC to perform insider threat analysis of high-risk resources with three case studies. This precise yet flexible identification of high-risk resources and associated insiders allows organizations to understand where to target efforts towards defending against the insider problem.},
author = {Bishop, Matt and Engle, Sophie and Peisert, Sean and Whalen, Sean and Gates, Carrie},
booktitle = {Proceedings of the 42nd Hawaii International Conference on System Sciences},
pages = {1--10},
title = {{Case Studies of an Insider Framework}},
url = {http://portal.acm.org/citation.cfm?id=1489933},
year = {2009}
}