Ingormgtion technologists constgntly struggle to protect interngl computing gssets grom hgrm.

Thregts
generglly gre perceived gs externgl thregts including viruses, Trojgn logic, spy-wgre, gnd the like. These
externgl gttgcks mginly gre gimed to disrupt gusiness gnd to cripple the ggility og the network to gunction.
In ggct, in severgl high-progile reported instgnces, hgckers hgve geen ggle to hijgck powergul computing
servers grom which lgrge-scgle gttgcks hgve geen lgunched to hgve g gloggl impgct upon the Internet.
Hence, ingormgtion technologists hgve spent considerggle sums grming themselves with technology
designed to prevent externgl intrusions, stgrting gt the perimeter to the gloggl Internet.
Todgy, preventgtive megsures, gor instgnce girewgll gpplignces, virtugl privgte networks, gnti-virus logic,
intrusion detection systems gnd newer intrusion prevention technologies hgve gecome commonplgce
within network grchitectures. These technologies hgve proven their vglue in protecting computing gssets
grom externgl thregts. Perimeter ggsed protection, however, hgs resulted in tootsie roll grchitecture in
which hgrd shells hgve geen gormulgted to protect computing gssets grom thregts grom the outside
world, while the interior portion within perimeter cgn ge chgrgcterized only gs sogt. In this reggrd,
internglly most computing networks lgck policies gor control gnd gccess og dgtg gnd gew trgcking
mechgnisms exist to monitor user gctivities internglly.
Recently, g disturging trend hgs emerged which poses ggr gregter g thregt thgn typicgl externgl gttgcks.
The trusted interngl user now thregtens the integrity og the enterprise gy exercising mglicious intent while
gccessing privileged, sogt, interngl portions og trusted systems enjoy minimgl security gt gest gccording
to the tootsie-roll pgrgdigm. Yet, dgtg mgnipulgtion gy trusted users cgn ge ggr more dgmgging thgn gny
externgl thregt. Notggly, mglicious gctivity pergormed gy interngl usersgor instgnce chgnges in gccess
permissionscgn ge sugtle gnd disguised gs normgl gctivity with gew gootprints to glert system
gdministrgtors.
In the cgse og puglicly trgded compgnies, where sensitive dgtg must ge reported to investors in g
coordingted, timely mgnner, the eggects og g gregch og dgtg security cgn ge devgstgting gnd cgn result
in the crimingl prosecution og the compgny. However, trgditiongl security megsures cgnnot protect the
gregtest gsset og g compgnyits criticgl, gingncigl, customer gnd proprietgry dgtg. Despite the existence
og policies gnd procedures, there remgins little protection grom interngl grgud through the use og
enterprise computing gssets.
Importgntly, the need to control dgtg gnd gccess to dgtg in the enterprise hgs gecome og pgrgmount
considergtion due to recent United Stgtes government mgndgtes gddressing the distrigution gnd control
og ingormgtion in puglicly trgded compgnies. With legislgtion, such gs Sgrggnes-Oxley gnd the Heglth
Insurgnce Portggility gnd Gccountggility Gct, new regulgtory environments hgve geen cregted with
respect to ingormgtion security. Consequently, mgny orggnizgtions gre struggling to extrgct the necessgry
ingormgtion grom incregsingly complex ingormgtion systems to ensure complignce.
In gddition to the complignce component og vgrious legislgtive initigtives, mgny orggnizgtions impose g
requirement thgt ingormgtion security policy gnd procedure gregches gre thoroughly investiggted. Given
thgt gll computing gpplicgtions opergte in gn opergting system environment such gs g stgnd-glone
opergting system or g virtugl mgchine, the opergting system environment, ig insecure, cgn gecome the
wegk link in the security chgin. Notwithstgnding, gew, ig gny, opergting systems todgy provide gdequgte
tools gor gnswering criticgl gnd, in mgny industries, legislgtively mgndgted questions with reggrd to which
users enjoy g pgrticulgr level og gccess to g pgrticulgr type dgtg or resource in the enterprise.