08302 Abstracts Collection -- Countering Insider Threats

From July 20 to July 25, 2008, the Dagstuhl Seminar 08302 ``Countering Insider Threats \u27\u27 was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Cybersecurity: Shared Risks, Shared Responsibility

Cybersecurity: Shared Risks, Shared Responsibility conference looks at how cybersecurity -– whether in contexts as gripping as "cyberwar" or as mundane (but potentially devastating) as identity theft -– is now the stuff of daily headlines. Organized by I/S: A Journal of Law and Policy for the Information Society, this conference approaches the subject with two ambitions. The first is to move beyond generalities in specifying the roles and responsibilities both the public and private sectors will have to shoulder in order for the United States to share global leadership in cybersecurity. The second is to bring together the many sub-communities of researchers, policy makers, and professionals around the globe who focus on cybersecurity from its many angles into a larger community interested in developing this analysis.I/S: A Journal of Law and Policy for the Information SocietyMicrosoftOhio State University. Center for Interdisciplinary Law and Policy StudiesOhio State University. Mershon Center for International Security StudiesEvent Web page, streaming video, event photo

10341 Abstracts Collection -- Insider Threats: Strategies for Prevention, Mitigation, and Response

From August 22 to 26, 2010, the Dagstuhl Seminar 10341 ``Insider Threats: Strategies for Prevention, Mitigation, and Response\u27\u27 was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Attribution in the Future Internet: The Second Summer of the Sisterhood

Abstract: Attribution is the binding of data to an entity. An attribution framework is an infrastructure for managing attributes and their values. It consists of four components: a set of entities (actors) having an interest in attribution with respect to a transaction; a set of data to be attributed; the level of assurance with which values of attributes can be determined, and with which they can be associated with an entity; and a policy negotiation engine that actors use to negotiate an acceptable set of attributes and levels of assurance for their values in order to conduct a transaction (the "policy"). The actors include the sender and recipient, the sender's and recipient's organizations, ISPs, backbones, and political entities. This paper assumes that such a general attribution framework has been implemented. It examines the implications of such a framework upon the Internet, and upon transactions (specifically, the sending and receiving of packets) among actors. The embedding of attribution requirements in policies controlling communications between parties raises the question of who can communicate with whom. Specifically, how does the use and enforcement of policies based upon attributes affect users of the Internet? We examine this question in two contexts: that of the societal revolution known as "Arab Spring", and that of elections in the United States. We present requirements and the attributes that must be supplied to meet those requirements. We then examine some of the implications of supplying the attributes from the point of view of servers, clients, and intermediaries (such a ISPs and governments). We conclude with a discussion of when attribution is desirable, and when the inability to attribute actions is desirable

Control Demonstration of Multiple Doubly-Fed Induction Motors for Hybrid Electric Propulsion

The Convergent Aeronautics Solutions (CAS) High Voltage-Hybrid Electric Propulsion (HVHEP) task was formulated to support the move into future hybrid-electric aircraft. The goal of this project is to develop a new AC power architecture to support the needs of higher efficiency and lower emissions. This proposed architecture will adopt the use of the doubly-fed induction machine (DFIM) for propulsor drive motor application.The Convergent Aeronautics Solutions (CAS) High Voltage-Hybrid Electric Propulsion (HVHEP) task was formulated to support the move into future hybrid-electric aircraft. The goal of this project is to develop a new AC power architecture to support the needs of higher efficiency and lower emissions. This proposed architecture will adopt the use of the doubly-fed induction machine (DFIM) for propulsor drive motor application. DFIMs are attractive for several reasons, including but not limited to the ability to self-start, ability to operate sub- and super-synchronously, and requiring only fractionally rated power converters on a per-unit basis depending on the required range of operation. The focus of this paper is based specifically on the presentation and analysis of a novel strategy which allows for independent operation of each of the aforementioned doubly-fed induction motors. This strategy includes synchronization, soft-start, and closed loop speed control of each motor as a means of controlling output thrust; be it concurrently or differentially. The demonstration of this strategy has recently been proven out on a low power test bed using fractional horsepower machines. Simulation and hardware test results are presented in the paper

Insiders and Insider Threats:An Overview of Definitions and Mitigation Techniques

Threats from the inside of an organization’s perimeters are a significant problem, since it is diffi-cult to distinguish them from benign activity. In this overview article we discuss defining properties of insiders and insider threats. After presenting definitions of these terms, we go on to discuss a num-ber of approaches from the technological, the sociological, and the socio-technical domain. We draw two main conclusions. Tackling insider threats requires a combination of techniques from the tech-nical, the sociological, and the socio-technical domain, to enable qualified detection of threats, and their mitigation. Another important observation is that the distinction between insiders and outsiders seems to loose significance as IT infrastructure is used in performing insider attacks. Little real-world data is available about the insider threat [1], yet recognizing when insiders are attempting to do something they should not on a corporate or organizational (computer) system is an important problem in cyber and organizational security in general. This “insider threat ” has received considerable attention, and is cited as one of the most serious security problems [2]1. It is also considered the most difficult problem to deal with because insiders often have information and capabilities not known to external attackers, and as a consequence can cause serious harm. Yet, little real-world data i