The problem of insiders in organizations is one of the most complex problems to deal with. This is because insiders have to be trusted to perform their daily business processes. In Cloud, the problem of insiders is even more complicated, as the domain of insiders is bigger than organizations and insiders have higher motivation to attack Cloud applications. This chapter analyzes this problem and provides a systematic method to identify potential and malicious insiders in the Cloud environment.

11.1 Introduction

The insider problem is cited as the most serious security problem and the most difficult problem to deal with [1, 2]. As discussed by Alawneh and Abbadi [3], the insider problem in organizations is caused mainly by the holders of authorized credentials who are typically the internal and authorized employees. Such employees should successfully pass several security checks before being employed by an organization. Also, such employees have a direct contract with the organization and the organization to a certain level trusts them (e.g., based on prior experience).

In a Cloud computing context, the insider problem is more significant than in traditional organizations for the following reasons: (1) the insider domain has expanded from the organization's internal employees and contractors to also include the Cloud internal employees and contractors, Cloud customers, and Cloud third-party suppliers; (2) the organization does not have a direct relationship with ...