@MASTERSTHESIS\{IMM2007-05165,
    author       = "D. Gunnarsson",
    title        = "Static Analysis of the Insider Problem",
    year         = "2007",
    school       = "Informatics and Mathematical Modelling, Technical University of Denmark, {DTU}",
    address      = "Richard Petersens Plads, Building 321, {DK-}2800 Kgs. Lyngby",
    type         = "",
    note         = "Supervised by Christian W. Probst, {IMM,} {DTU}.",
    url          = "http://www2.compute.dtu.dk/pubdb/pubs/5165-full.html",
    abstract     = "Every organization or company relies on data in one form or another both digital data and physical data. One of the main challenges companies and organizations face is securing data and other valuable assets. For some organizations security is more important than others, e.g., a bank’s most valuable asset is its data, transactions and other financial data. Defining security policies is a major task, enforcing security policies an even bigger one.

Security policies should be defined to protect data from malicious attackers from the outside world as well as from people that have inside knowledge of the inner workings of the organization. Methods have been developed to secure the {IT-}infrastructure from the outside world, but there is not much focus on securing data from the inside.

In this thesis we address the problem of analyzing insider threats or the ”insider problem” by using static program analysis methods. We develop a framework for specifying real-world systems and develop methods for finding insider threats in these systems."
}