Monitoring Corporate Password Sharing Using Social Network Analysis

Download
  1. (PDF, 876 KB)
AuthorSearch for:
TypeArticle
ConferenceThe International Sunbelt Social Network Conference, January 22-27, 2008.
AbstractCorporations are facing increasing demands to monitor their compliance with policies and regulations. This research demonstrated one type of analysis tool for monitoring corporate security and privacy practices. Using the Enron email corpus as an example of corporate communications, the research explored methods to identify instances of password sharing, a practice that should be a security concern to any organization. Social network analysis was able to identify key creators and sharers of passwords, and an analysis of the passwords themselves showed that quality was clearly a problem. The network analysis was also able to reveal interesting communication patterns, such as sharing passwords with external accounts owned by the same person, which might have been used as indicators of a problem in corporate systems or practices. The research also uncovered cases of possible policy violations, such as the sharing of internal and external accounts.
Publication date
LanguageEnglish
AffiliationNRC Institute for Information Technology; National Research Council Canada
Peer reviewedNo
NRC number49907
NPARC number5763377
Export citationExport as RIS
Report a correctionReport a correction
Record identifier0e3a5999-1fc1-4b7b-8239-afac38774567
Record created2009-03-29
Record modified2016-05-09
Bookmark and share
  • Share this page with Facebook (Opens in a new window)
  • Share this page with Twitter (Opens in a new window)
  • Share this page with Google+ (Opens in a new window)
  • Share this page with Delicious (Opens in a new window)