Location of Repository

Monitoring corporate password sharing using social network analysis

By Andrew S. Patrick

Abstract

Corporations are facing increasing demands to monitor their compliance with policies and regulations. This research demonstrated one type of analysis tool for monitoring corporate security and privacy practices. Using the Enron email corpus as an example of corporate communications, the research explored methods to identify instances of password sharing, a practice that should be a security concern to any organization. Social network analysis was able to identify key creators and sharers of passwords, and an analysis of the passwords themselves showed that quality was clearly a problem. The network analysis was also able to reveal interesting communication patterns, such as sharing passwords with external accounts owned by the same person, which might have been useful as indicators of a problem in corporate systems or practices. The research also uncovered cases of possible policy violations, such as the sharing of internal and external accounts. 1

Year: 2008
OAI identifier: oai:CiteSeerX.psu:10.1.1.183.8740
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://www.andrewpatrick.ca/cv... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.