@CONFERENCE\{IMM2006-04747,
    author       = "C. W. Probst and R. R. Hansen and F. Nielson",
    title        = "Where can an Insider attack?",
    year         = "2006",
    month        = "aug",
    keywords     = "process calculus, insider threat, system modelling, static analysis",
    booktitle    = "Workshop on Formal Aspects in Security and Trust ({FAST} 2006)",
    volume       = "",
    series       = "",
    editor       = "",
    publisher    = "",
    organization = "",
    address      = "",
    url          = "http://www2.compute.dtu.dk/pubdb/pubs/4747-full.html",
    abstract     = "By definition, an insider has better access, is more trusted, and
  has better information about internal procedures, high-value
  targets, and potential weak spots in the security, than an outsider.
  Consequently, an insider attack has the potential to cause
  significant, even catastrophic, damage to the targeted
  organisation.
  While the problem is well recognised in the security community as
  well as in law-enforcement and intelligence communities, the main
  resort still is to audit log files \$\backslash\$emph\{after the fact\}.
  There has
  been little research into developing models, automated tools, and
  techniques for analysing and solving (parts of) the problem.
  
  In this paper we first develop a formal model of systems, that can
  describe real-world scenarios. These high-level models are then
  mapped to acKlaim, a process algebra with support for access
  control, that is used to study and analyse properties of the
  modelled systems. Our analysis of processes identifies which
  actions may be performed by whom, at which locations, accessing
  which data.  This allows to compute a superset of audit
  results---before an incident occurs."
}