Understanding the insider threat : (Record no. 600215)
[ view plain ]
| 000 -LEADER | |
|---|---|
| fixed length control field | 04276cam a2200517 i 4500 |
| 001 - CONTROL NUMBER | |
| control field | rnd000000000110385 |
| 003 - CONTROL NUMBER IDENTIFIER | |
| control field | RAND |
| 005 - DATE AND TIME OF LATEST TRANSACTION | |
| control field | 20200811100943.0 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION | |
| fixed length control field | 041209s2004 caua b 100 0 eng d |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER | |
| International Standard Book Number | 0833036807 |
| 027 ## - STANDARD TECHNICAL REPORT NUMBER | |
| Standard technical report number | RAND/CF-196-ARDA |
| 035 ## - SYSTEM CONTROL NUMBER | |
| System control number | (Sirsi) a489030 |
| 037 ## - SOURCE OF ACQUISITION | |
| Terms of availability | $35.00 |
| Form of issue | paperback |
| 040 ## - CATALOGING SOURCE | |
| Original cataloging agency | CstmoR |
| Transcribing agency | CstmoR |
| 043 ## - GEOGRAPHIC AREA CODE | |
| Geographic area code | n-us--- |
| 050 #4 - LIBRARY OF CONGRESS CALL NUMBER | |
| Classification number | UB247 |
| Item number | .U53 2004 |
| 245 10 - TITLE STATEMENT | |
| Title | Understanding the insider threat : |
| Remainder of title | proceedings of a March 2004 workshop / |
| Statement of responsibility, etc | Richard C. Brackney, Robert H. Anderson. |
| 264 #1 - PRODUCTION, PUBLICATION, DISTRIBUTION, MANUFACTURE STATEMENTS | |
| Place of production, publication, distribution, manufacture | Santa Monica, CA : |
| Name of producer, publisher, distributor, manufacturer | RAND, |
| Date of production, publication, distribution, manufacture | 2004. |
| 300 ## - PHYSICAL DESCRIPTION | |
| Extent | xxii, 113 pages : |
| Other physical details | illustrations ; |
| Dimensions | 28 cm |
| 336 ## - CONTENT TYPE | |
| Content Type Term | text |
| Content Type Code | txt |
| Source | rdacontent |
| 337 ## - MEDIA TYPE | |
| Media Type Term | computer |
| Media Type Code | c |
| Source | rdamedia |
| 337 ## - MEDIA TYPE | |
| Media Type Term | unmediated |
| Media Type Code | n |
| Source | rdamedia |
| 338 ## - CARRIER TYPE | |
| Carrier Type Term | online resource |
| Carrier Type Code | cr |
| Source | rdacarrier |
| 338 ## - CARRIER TYPE | |
| Carrier Type Term | volume |
| Carrier Type Code | nc |
| Source | rdacarrier |
| 490 1# - SERIES STATEMENT | |
| Series statement | Conference proceedings / RAND ; |
| Volume number/sequential designation | 196 |
| 500 ## - GENERAL NOTE | |
| General note | "National Security Research Division." |
| 504 ## - BIBLIOGRAPHY, ETC. NOTE | |
| Bibliography, etc | Includes bibliographical references (p. 113). |
| 505 0# - FORMATTED CONTENTS NOTE | |
| Formatted contents note | Introduction -- IC System Models -- Vulnerabilities and Exploits -- Attacker Models -- Event Characterization -- |
| Miscellaneous information | Appendix: |
| Title | Workshop Invitation -- Workshop Agenda -- Links to Read-Ahead Materials -- Workshop Participants -- |
| Miscellaneous information | Presentation: |
| Title | The Robert Hanssen Case: An Example of the Insider Threat to Sensitive U.S. Information Systems |
| Miscellaneous information | Presentation: |
| Title | Overview of the Results of a Recent ARDA Workshop on Cyber Indications and Warning |
| Miscellaneous information | Presentation: |
| Title | Intelink Factoids |
| Miscellaneous information | Presentation: |
| Title | Glass Box Analysis Project |
| Miscellaneous information | Presentation: |
| Title | Interacting with Information: Novel Intelligence from Massive Data. |
| 520 ## - SUMMARY, ETC. | |
| Summary, etc | Perhaps the greatest threat that the intelligence community (IC) must address in the area of information assurance is the "insider threat"-malevolent (or possibly inadvertent) actions by an already trusted person with access to sensitive information and information systems. This document reports the results of a workshop that brought together IC members with specific knowledge of IC document management systems and IC business practices; persons with knowledge of insider attackers, both within and outside the IC; and researchers involved in developing technology to counter insider threats. Plenary and breakout sessions discussed various aspects of the problem, including intelligence community system models, vulnerabilities and exploits, attacker models, and event characterization. Participants listed the following challenges: defining an effective way of monitoring what people do with their cyber access; developing policies and procedures to create as bright a line as possible between allowed and disallowed behaviors; considering sociological and psychological factors and creating better cooperation between information systems personnel and human resources personnel; and combining events from one or more sensors (possibly of various types or different levels of abstraction) to facilitate building systems that test hypotheses about malicious insider activity. Workshop members also considered what databases would aid in this research if they were available. |
| 530 ## - ADDITIONAL PHYSICAL FORM AVAILABLE NOTE | |
| Additional physical form available note | Also available on the internet via WWW in PDF format. |
| 588 ## - | |
| -- | Description based on print version record. |
| 610 10 - SUBJECT ADDED ENTRY--CORPORATE NAME | |
| Corporate name or jurisdiction name as entry element | United States. |
| Subordinate unit | Department of Defense |
| General subdivision | Computer networks |
| -- | Security measures |
| Form subdivision | Congresses. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name as entry element | Command and control systems |
| General subdivision | Security measures |
| Geographic subdivision | United States |
| Form subdivision | Congresses. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name as entry element | Computer networks |
| General subdivision | Security measures |
| Geographic subdivision | United States |
| Form subdivision | Congresses. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name as entry element | Information services |
| General subdivision | Security measures |
| Geographic subdivision | United States |
| Form subdivision | Congresses. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name as entry element | Information warfare |
| Geographic subdivision | United States |
| Form subdivision | Congresses. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM | |
| Topical term or geographic name as entry element | National security |
| Geographic subdivision | United States |
| Form subdivision | Congresses. |
| 651 #0 - SUBJECT ADDED ENTRY--GEOGRAPHIC NAME | |
| Geographic name | United States |
| General subdivision | Defenses |
| Form subdivision | Congresses. |
| 700 1# - ADDED ENTRY--PERSONAL NAME | |
| Personal name | Brackney, Richard C. |
| Relator term | author. |
| 700 1# - ADDED ENTRY--PERSONAL NAME | |
| Personal name | Anderson, Robert H. |
| Fuller form of name | (Robert Helms), |
| Dates associated with a name | 1939- |
| Relator term | author. |
| 710 2# - ADDED ENTRY--CORPORATE NAME | |
| Corporate name or jurisdiction name as entry element | Rand Corporation. |
| Subordinate unit | National Security Research Division. |
| 710 2# - ADDED ENTRY--CORPORATE NAME | |
| Corporate name or jurisdiction name as entry element | Rand Corporation. |
| 710 2# - ADDED ENTRY--CORPORATE NAME | |
| Corporate name or jurisdiction name as entry element | Advanced Research and Development Activity. |
| 711 2# - ADDED ENTRY--MEETING NAME | |
| Meeting name or jurisdiction name as entry element | Understanding the Insider Threat |
| Date of meeting | (2004 : |
| Location of meeting | McAfee Security, Rockville, MD) |
| 830 #0 - SERIES ADDED ENTRY--UNIFORM TITLE | |
| Uniform title | Conference proceedings (Rand Corporation) ; |
| Volume number/sequential designation | 196. |
| 856 41 - ELECTRONIC LOCATION AND ACCESS | |
| Link text | Online Access |
| Uniform Resource Identifier | <a href="http://www.rand.org/publications/CF/CF196/">http://www.rand.org/publications/CF/CF196/</a> |
No items available.