{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,5]],"date-time":"2025-04-05T09:48:14Z","timestamp":1743846494931,"version":"3.40.3"},"publisher-location":"Boston, MA","reference-count":26,"publisher":"Springer US","isbn-type":[{"type":"print","value":"9781441971326"},{"type":"electronic","value":"9781441971333"}],"license":[{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-1-4419-7133-3_2","type":"book-chapter","created":{"date-parts":[[2010,7,27]],"date-time":"2010-07-27T18:09:37Z","timestamp":1280254177000},"page":"17-44","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Combatting Insider Threats"],"prefix":"10.1007","author":[{"given":"Peter G.","family":"Neumann","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2010,7,28]]},"reference":[{"key":"2_CR1","volume-title":"Integrity considerations for secure computer systems. Technical Report MTR 3153","author":"K.J. Biba","year":"1975","unstructured":"K.J. Biba. Integrity considerations for secure computer systems. Technical Report MTR 3153, The Mitre Corporation, Bedford, Massachusetts, June 1975. Also available from USAF Electronic Systems Division, Bedford, Massachusetts, as ESD-TR-76-372, April 1977."},{"key":"2_CR2","doi-asserted-by":"crossref","unstructured":"M. Bishop. Position: \u2019Insider\u2019 is relative. In Proceedings of the 2005 New Security Paradigms Workshop, pages 77\u201378, Lake Arrowhead, California, October 2005.","DOI":"10.1145\/1146269.1146288"},{"key":"2_CR3","doi-asserted-by":"crossref","unstructured":"M. Bishop, S. Engle, C. Gates, S. Peisert, and S. Whalen. We have met the enemy and he is us. In Proceedings of the 2008 New Security Paradigms Workshop, Olympic Valley, California, 2008.","DOI":"10.1145\/1595676.1595678"},{"key":"#cr-split#-2_CR4.1","doi-asserted-by":"crossref","unstructured":"D.D. Clark and D.R. Wilson. A comparison of commercial and military computer security policies. In Proceedings of the 1987","DOI":"10.1109\/SP.1987.10001"},{"key":"#cr-split#-2_CR4.2","unstructured":"Symposium on Security and Privacy, pages 184-194, Oakland, California, April 1987. IEEE Computer Society."},{"issue":"9","key":"2_CR5","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1145\/114669.114686","volume":"34","author":"F.J. Corbat\u00f3","year":"1991","unstructured":"F.J. Corbat\u00f3. On building systems that will fail (1990 Turing Award Lecture, with a following interview by Karen Frenkel). Communications of the ACM, 34(9):72\u201390, September 1991.","journal-title":"Communications of the ACM"},{"key":"2_CR6","doi-asserted-by":"crossref","unstructured":"R.C. Daley and P.G. Neumann. A general-purpose file system for secondary storage. In AFIPS\n                Conference Proceedings, Fall Joint Computer Conference, pages 213\u2013229. Spartan Books, November 1965.","DOI":"10.1145\/1463891.1463915"},{"key":"2_CR7","doi-asserted-by":"crossref","unstructured":"V.D. Gligor et al. Design and implementation of Secure Xenix[TM]. In Proceedings of the 1986 Symposium on Security and Privacy, Oakland, California, April 1986. IEEE Computer Society. also in IEEE Transactions on Software Engineering, vol. SE-13, 2, February 1987, 208\u2013221.","DOI":"10.1109\/TSE.1987.232893"},{"key":"2_CR8","doi-asserted-by":"crossref","unstructured":"P. A. Karger. Limiting the damage potential of discretionary Trojan horses. In Proceedings of the 1987 Symposium on Security and Privacy, pages 32\u201337, Oakland, California, April 1987. IEEE Computer Society.","DOI":"10.1109\/SP.1987.10011"},{"key":"2_CR9","volume-title":"A taxonomy of computer program security flaws, with examples","author":"C.E. Landwehr","year":"1993","unstructured":"C.E. Landwehr, A.R. Bull, J.P. McDermott, and W.S. Choi. A taxonomy of computer program security flaws, with examples. Technical report, Center for Secure Information Technology, Information Technology Division, Naval Research Laboratory, Washington, D.C., November 1993."},{"key":"2_CR10","unstructured":"D. Maughan et al. A roadmap for cybersecurity research. Technical report, Department of Homeland Security, November 2009."},{"key":"2_CR11","volume-title":"Computer-Related Risks","author":"P.G Neumann","year":"1995","unstructured":"P.G. Neumann. Computer-Related Risks. ACM Press, New York, and Addison-Wesley, Reading, Massachusetts, 1995."},{"key":"2_CR12","volume-title":"Practical architectures for survivable systems and networks","author":"P.G Neumann","year":"2000","unstructured":"P.G. Neumann. Practical architectures for survivable systems and networks. Technical report, Final Report, Phase Two, Project 1688, SRI International, Menlo Park, California, June 2000. http:\/\/www.csl.sri.com\/neumann\/survivability.html."},{"key":"2_CR13","volume-title":"Principled assuredly trustworthy composable architectures","author":"P.G Neumann","year":"2004","unstructured":"P.G. Neumann. Principled assuredly trustworthy composable architectures. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, December 2004. http:\/\/www.csl.sri.com\/neumann\/chats\n                4.html, .pdf, and .ps."},{"key":"2_CR14","doi-asserted-by":"crossref","unstructured":"P.G. Neumann. Reflections on system trustworthiness. In Marvin Zelkowitz, editor, Advances in Computers, volume 70, pages 269\u2013310. Elsevier Inc., 2007.","DOI":"10.1016\/S0065-2458(06)70006-7"},{"key":"2_CR15","unstructured":"P.G. Neumann. Security and privacy in the employment eligibility verification system (eevs) and related systems. In Congressional Record, Washington, DC, Jun 7 2007. U.S. House of Representatives."},{"key":"2_CR16","unstructured":"P.G. Neumann. Illustrative risks to the public in the use of computer systems and related technology, index to RISKS cases. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, 2009. Updated now and then:http:\/\/www.csl.sri.com\/neumann\/illustrative.html; also in .ps and .pdf form for printing in a denser format."},{"key":"2_CR17","unstructured":"P.G. Neumann, R.S. Boyer, R.J. Feiertag, K.N. Levitt, and L. Robinson. A Provably Secure Operating System: The system, its applications, and proofs. Technical report, Computer Science Laboratory, SRI International, Menlo Park, California, May 1980. 2nd edition, Report CSL-116."},{"key":"2_CR18","unstructured":"P.G. Neumann and P.A. Porras. Experience with EMERALD to date. In Proceedings of the First USENIX Workshop on Intrusion Detection and Network Monitoring, pages 73\u201380, Santa Clara, California, April 1999. USENIX. Best paper."},{"key":"2_CR19","unstructured":"P.A. Porras and P.G. Neumann. EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances. In Proceedings of the Nineteenth National Computer Security Conference, pages 353\u2013365, Baltimore, Maryland, 22-25 October 1997. NIST\/NCSC."},{"key":"2_CR20","doi-asserted-by":"crossref","unstructured":"J.H. Saltzer. Protection and the control of information sharing in Multics. Communications of the ACM, 17(7):388\u2013402, July 1974.","DOI":"10.1145\/361011.361067"},{"key":"2_CR21","doi-asserted-by":"crossref","unstructured":"J.H. Saltzer and F. Kaashoek. Principles of Computer System Design. Morgan Kauffman, 2009. Chapters 1-6 only. Chapters 7-11 are online: http:\/\/ocw.mit.edu\/Saltzer-Kaashoek .","DOI":"10.1016\/B978-0-12-374957-4.00010-4"},{"key":"2_CR22","doi-asserted-by":"crossref","unstructured":"J.H. Saltzer and M.D. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278\u20131308, September 1975.","DOI":"10.1109\/PROC.1975.9939"},{"key":"2_CR23","doi-asserted-by":"crossref","unstructured":"S. Stolfo, S. Bellovin, S. Hershkop, S. Sinclair, and S. Smith. Insider Attack and Cyber Security: Beyond the Hacker. Springer, 2008.","DOI":"10.1007\/978-0-387-77322-3"},{"key":"2_CR24","unstructured":"K.-P. Yee. Building Reliable Voting Machine Software. PhD thesis, University of California, Berkeley, 2007. Technical Report 2007-167; see also Technical Note 2007-136 for the security review; http:\/\/pvote.org."},{"key":"2_CR25","doi-asserted-by":"crossref","unstructured":"L.S. Zegans. The psychology of risks. Communications of the ACM, 51(1):152, January 2008. Inside Risks column.","DOI":"10.1145\/1327452.1327496"}],"container-title":["Advances in Information Security","Insider Threats in Cyber Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-1-4419-7133-3_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,2,18]],"date-time":"2023-02-18T03:00:37Z","timestamp":1676689237000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-1-4419-7133-3_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9781441971326","9781441971333"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-1-4419-7133-3_2","relation":{},"ISSN":["1568-2633"],"issn-type":[{"type":"print","value":"1568-2633"}],"subject":[],"published":{"date-parts":[[2010]]},"assertion":[{"value":"28 July 2010","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}