Insider Attack Model Against HSM-Based Architecture

Autor: Marc Dib, Samuel Pierre
Jazyk: angličtina
Rok vydání: 2023
Předmět:
Zdroj: IEEE Access, Vol 11, Pp 86848-86858 (2023)
Druh dokumentu: article
ISSN: 2169-3536
DOI: 10.1109/ACCESS.2023.3304994
Popis: Data security is an increasingly important issue in 2023. Whether about user privacy, data availability, or integrity, consumer information is getting targeted by cyber-pirates for various motives. Many strategies and tools have been developed to keep outsider attackers from accessing server-side data, but there needs to be more solutions that target insider attacks. In this paper, we propose a combinatory attack model to identify the risks of insider attacks against HSM-based security architectures. Our proposed model is based on the study of attack vectors in the security architecture and the conduction of all possible attacks on those vectors. It shows that these typical architectures are vulnerable to private key theft and replacement and data theft, alteration, swapping, nullification, and deletion. Results show that we successfully conducted each attack on an HSM-based security architecture relatively easily. They prove the essential need for a security architecture considering insider threats.
Databáze: Directory of Open Access Journals