Photograph of me lecturing at the blackboard (credit: R. Benjamin Shapiro, 2002).
Activities and upcoming events that I'm involved with:
IEEE Security & Privacy (ongoing)
NSA SoS Best Paper Competition (annually, deadlines in April)
IEEE Cybersecurity Award for Practice (annually, next deadline: July 1, 2023)
CSET 2023 (August 7, 2023)
NSPW 2023 (September 18–21, 2023)
2023 NSF Cybersecurity Summit (Oct. 24–26, 2023)
IEEE S&P (Oakland) 2024 (May 20–23, 2024)
Insider ThreatThis project is looking at defining, analyzing, and seeking methods of ameliorating the insider threat. Whereas security has traditionally been defined with respect to a perimeter, using static and binary access control decisions, we assert that such a perimeter no longer exists and that traditional access control techniques inhibit authorized users from performing their job. We define the "insider threat" as a combination of (a) access to a particular resource, (b) knowledge of a particular resource, and/or (c) trust of an individual by a particular organization. Moreover, the insider threat is clearly also not binary, but a spectrum of "insiderness" based on the aforementioned qualities. In the past, we have sought to develop access control solutions that integrate this understanding in combination while also being informed by social science of how users may react most optimally to system access control and countermeasures. More recently, we have used a process modeling and analysis approach in the context of elections to evaluate insider threats.
Researchers involved at UC Davis:
Researchers previously involved:
More information on our past insider threat work on Sophie Engle's page
No sponsors yet.
Publications resulting from this project:
The definitive versions of the papers posted on this page were first published in the venues indicated. In accordance with publisher copyright policies, these papers are pre-prints or post-prints, and are not the pubilsher's version.
Personal use of the material posted on this page is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the original publishers.
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
Last modified: Saturday, 10-Dec-2022 10:07:41 PST