Lyon, G.
, Mink, A.
and Van dyck, R.
(2005),
Toward an Architectural Framework to Improve Accountability in the Use of Electronic Records, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.7157, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=150309
(Accessed May 6, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Toward an Architectural Framework to Improve Accountability in the Use of Electronic Records
Published
Author(s)
, , R E. Van dyck
Abstract
Sensitive electronic record systems (ERSs) raise questions about their proper use. Insider-threat involves hidden, unknown and unanticipated activities that constitute unacceptable use of an ERS, even while operating within individual access privileges. Insider-threat detection and control is an ERS monitoring and management challenge of the first order. A flexible preliminary framework can encourage discussion and comparison among various monitoring elements for the insider-threat. Responding to a lack of such a framework, one is sketched here: It employs two perspectives of an ERS user -- structural and intentional. The structural view is short term, whereas the intentional view seeks to discover general content topics of interest to a user, and to follow these over time. Discussion includes details of a possible architecture that uses untrained classification methods to amplify the concern set beyond that specifically defined at the onset of monitoring. The general framework may expedite development of common guidelines and methodologies to monitor insider threats. Although developed for medical services (e.g., an E-Health RS), the framework likely has applicability in other similar database areas such as security and intelligence archiving.Citation
NIST Interagency/Internal Report (NISTIR) - 7157
Report Number
7157
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Citation
Created April 30, 2005, Updated October 12, 2021