The Concept of Detection Internal Threats of the Company's Business Process Using API -Requests

EasyChair Preprint 7050

Abstract

The article examines the conceptual ways and methods of using API requests for detection internal threats outgoing from participants in business processes of organizations and firms in CRM system of the company. We study the ag-gregate model of external and internal threats, and its important part, such as internal threats from personnel and the degree of risk of their occurrence. A threat model has been developed to protect against an internal attacker (re-source - "employee" as part of a business process in a CRM system-a Mi-crosoft project). Using a conditional example, the probabilities of risks of in-formation leakage about the business process for an internal threat (a problem employee) are determined. The concept of a system analysis of the probability of internal threats (risks of leaks) of business information is formulated using the source code of the program using API requests based on the developed model of possible types of risks for searching for a problematic employee of a company (corporation).

Keyphrases: API requests, Internal threat, Privacy risk assessment and assurance, Risks of internal leakage, Typology of cybersecurity internal threats, business process

@booklet{EasyChair:7050,
  author    = {Igor Mandritsa and Fabrizio d'Amore and Anna Fensel and Vyacheslav Petrenko and Alexander Zhuk and Olga Mandritsa},
  title     = {The Concept of Detection Internal Threats of the Company's Business Process Using API -Requests},
  howpublished = {EasyChair Preprint 7050},
  year      = {EasyChair, 2021}}