Cargando…
Analysing potential data security losses in organisations based on subsequent users logins
Multi-user computer environments pose potential threats to users data in organisations, in that unauthorised subsequent users who log on to the same computer could leak, alter or delete data belonging to users who previously logged in to the same computer. Such a threat is inspired by Locard’s excha...
| Autor principal: | |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
Public Library of Science
2023
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10449169/ https://www.ncbi.nlm.nih.gov/pubmed/37616258 http://dx.doi.org/10.1371/journal.pone.0286856 |
| _version_ | 1785094891162828800 |
|---|---|
| author | Aziz, Benjamin |
| author_facet | Aziz, Benjamin |
| author_sort | Aziz, Benjamin |
| collection | PubMed |
| description | Multi-user computer environments pose potential threats to users data in organisations, in that unauthorised subsequent users who log on to the same computer could leak, alter or delete data belonging to users who previously logged in to the same computer. Such a threat is inspired by Locard’s exchange principle, which states (in its digital form) that every interaction with a system must ultimately leave some trace, and as a result, such trace could carry with it sensitive information that subsequent interactions may obtain without authorisation. Therefore, we attempt in this paper to define a subsequent users analysis that calculates this potential loss in data security based on data visibility and sensitivity values. We outline how such analysis can be used in the real world to enhance decision making process when logging in to a shared computer. We adopt a data-driven approach in defining our analysis and we demonstrate the validity of the analysis over a large open Cybersecurity dataset, which associates users with computers. |
| format | Online Article Text |
| id | pubmed-10449169 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2023 |
| publisher | Public Library of Science |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-104491692023-08-25 Analysing potential data security losses in organisations based on subsequent users logins Aziz, Benjamin PLoS One Research Article Multi-user computer environments pose potential threats to users data in organisations, in that unauthorised subsequent users who log on to the same computer could leak, alter or delete data belonging to users who previously logged in to the same computer. Such a threat is inspired by Locard’s exchange principle, which states (in its digital form) that every interaction with a system must ultimately leave some trace, and as a result, such trace could carry with it sensitive information that subsequent interactions may obtain without authorisation. Therefore, we attempt in this paper to define a subsequent users analysis that calculates this potential loss in data security based on data visibility and sensitivity values. We outline how such analysis can be used in the real world to enhance decision making process when logging in to a shared computer. We adopt a data-driven approach in defining our analysis and we demonstrate the validity of the analysis over a large open Cybersecurity dataset, which associates users with computers. Public Library of Science 2023-08-24 /pmc/articles/PMC10449169/ /pubmed/37616258 http://dx.doi.org/10.1371/journal.pone.0286856 Text en © 2023 Benjamin Aziz https://creativecommons.org/licenses/by/4.0/This is an open access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/) , which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. |
| spellingShingle | Research Article Aziz, Benjamin Analysing potential data security losses in organisations based on subsequent users logins |
| title | Analysing potential data security losses in organisations based on subsequent users logins |
| title_full | Analysing potential data security losses in organisations based on subsequent users logins |
| title_fullStr | Analysing potential data security losses in organisations based on subsequent users logins |
| title_full_unstemmed | Analysing potential data security losses in organisations based on subsequent users logins |
| title_short | Analysing potential data security losses in organisations based on subsequent users logins |
| title_sort | analysing potential data security losses in organisations based on subsequent users logins |
| topic | Research Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10449169/ https://www.ncbi.nlm.nih.gov/pubmed/37616258 http://dx.doi.org/10.1371/journal.pone.0286856 |
| work_keys_str_mv | AT azizbenjamin analysingpotentialdatasecuritylossesinorganisationsbasedonsubsequentuserslogins |