NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Modeling and Mitigating the Insider Threat of Remote Administrators in Clouds

Published

Author(s)

Nawaf Alhebaishi, Lingyu Wang, Sushil Jajodia, Anoop Singhal

Abstract

As today's cloud providers strive to attract customers with better services and less downtime in a highly competitive market, they increasingly rely on remote administrators including those from third party providers for fulfilling regular maintenance tasks. In such a scenario, the privileges granted for remote administrators to complete their assigned tasks may allow an attacker with stolen credentials of an administrator, or a dishonest remote administrator, to pose severe insider threats to both the cloud tenants and provider. In this paper, we take the first step towards understanding and mitigating such a threat. Specifically, we model the maintenance task assignments and their corresponding security impact due to privilege escalation. We then mitigate such impact through optimizing the task assignments with respect to given constraints. The simulation results demonstrate the effectiveness of our solution in various situations.
Proceedings Title
DBSec 2018: Data and Applications Security and Privacy XXXII
Volume
10980
Conference Dates
July 16-18, 2018
Conference Location
Bergamo, IT
Conference Title
IFIP International Conference on Database and Application Security and Privacy (DBSEC 2018)
Pub Type
Conferences

Download Paper

https://doi.org/10.1007/978-3-319-95729-6
Local Download

Keywords

Insider Threats, Cloud Security, Attack Mitigation, Privilege Escalation
Cybersecurity and privacy, Complex systems and Cloud computing and virtualization

Citation

Alhebaishi, N. , Wang, L. , Jajodia, S. and Singhal, A. (2018), Modeling and Mitigating the Insider Threat of Remote Administrators in Clouds, DBSec 2018: Data and Applications Security and Privacy XXXII , Bergamo, IT, [online], https://doi.org/10.1007/978-3-319-95729-6, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=925918 (Accessed October 8, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created July 9, 2018, Updated October 12, 2021
Was this page helpful?