DEFENDING AGAINST MALEVOLENT INSIDERS USING ACCESS CONTROL

DALE W. MURRAY

DoD Security System Analysis Department, Sandia National Laboratories, Albuquerque, New Mexico

BETTY E. BIRINGER

Security Risk Assessment Department, Sandia National Laboratories, Albuquerque, New Mexico

1 INTRODUCTION

The greatest challenge to any security system is protecting against the malevolent insider because the he or she may be authorized to own ‘the keys to the kingdom’. An insider is defined as anyone with knowledge of operations, sensitive information, and/or security systems and who has unescorted access to the facilities or critical assets. A malevolent insider is an insider who has decided to become an adversary. Protecting against the malevolent insider threat requires an integrated security system that minimizes the potential for hiring an adversary and deters the on-staff employee from becoming an adversary. The security system must integrate such protection functions as personnel security, physical security, cyber security, and operations security to make it easy for the insider to do the right thing and very difficult for the insider to do the wrong thing. If the insider decides to do the wrong thing, the security system should be able to protect against the adversarial acts or, if the malevolent insider is able to overcome the security system, the system should photograph, record, or otherwise document the event in order to provide evidence for prosecution. The physical security system ...