{"id":"https://openalex.org/W2289100367","doi":"https://doi.org/10.1109/worldcis.2015.7359408","title":"The SNAP principle for mitigating privileged account breaches: How secondary non-admin privileged accounts can reduce breach impact","display_name":"The SNAP principle for mitigating privileged account breaches: How secondary non-admin privileged accounts can reduce breach impact","publication_year":2015,"publication_date":"2015-10-01","ids":{"openalex":"https://openalex.org/W2289100367","doi":"https://doi.org/10.1109/worldcis.2015.7359408","mag":"2289100367"},"language":"en","primary_location":{"id":"doi:10.1109/worldcis.2015.7359408","is_oa":false,"landing_page_url":"https://doi.org/10.1109/worldcis.2015.7359408","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 World Congress on Internet Security (WorldCIS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5057365264","display_name":"Samuel Moses","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Samuel Moses","raw_affiliation_strings":["BYU Cyber Security Research Lab, Provo, Utah, USA"],"affiliations":[{"raw_affiliation_string":"BYU Cyber Security Research Lab, Provo, Utah, USA","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5063259306","display_name":"Dale C. Rowe","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Dale C. Rowe","raw_affiliation_strings":["BYU Cyber Security Research Lab, Provo, Utah, USA"],"affiliations":[{"raw_affiliation_string":"BYU Cyber Security Research Lab, Provo, Utah, USA","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5057365264"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.19857838,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"32","last_page":"38"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/variety","display_name":"Variety (cybernetics)","score":0.8656517267227173},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6167428493499756},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5932310223579407},{"id":"https://openalex.org/keywords/data-breach","display_name":"Data breach","score":0.44053179025650024},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.43765661120414734},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.36911851167678833},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.3192247748374939},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.06388497352600098}],"concepts":[{"id":"https://openalex.org/C136197465","wikidata":"https://www.wikidata.org/wiki/Q1729295","display_name":"Variety (cybernetics)","level":2,"score":0.8656517267227173},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6167428493499756},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5932310223579407},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.44053179025650024},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.43765661120414734},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.36911851167678833},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.3192247748374939},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.06388497352600098}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/worldcis.2015.7359408","is_oa":false,"landing_page_url":"https://doi.org/10.1109/worldcis.2015.7359408","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2015 World Congress on Internet Security (WorldCIS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7400000095367432,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":4,"referenced_works":["https://openalex.org/W110335734","https://openalex.org/W2172697272","https://openalex.org/W2237830349","https://openalex.org/W6604505610"],"related_works":["https://openalex.org/W2737196623","https://openalex.org/W2032233321","https://openalex.org/W3121970507","https://openalex.org/W2110028391","https://openalex.org/W4252558677","https://openalex.org/W2766152053","https://openalex.org/W4243387025","https://openalex.org/W4386499968","https://openalex.org/W4296687003","https://openalex.org/W2608958079"],"abstract_inverted_index":{"In":[0],"this":[1,27,32,65,81],"paper,":[2],"we":[3],"discuss":[4,30],"how":[5,31],"using":[6],"Secondary":[7],"Non-Admin":[8],"Privileged":[9],"(SNAP)":[10],"accounts":[11],"can":[12,33],"mitigate":[13],"a":[14,35],"variety":[15,36],"of":[16,37,50,64,80],"attacks":[17],"targeting":[18],"privileged":[19],"accounts.":[20],"We":[21,39,67],"present":[22,57],"our":[23],"methodology":[24],"for":[25],"implementing":[26],"approach":[28],"and":[29,56,72],"prevent":[34],"attack-types.":[38],"note":[40],"that":[41,46,60,75],"other":[42],"studies":[43],"have":[44],"shown":[45],"over":[47],"92":[48],"%":[49],"critical":[51],"vulnerabilities":[52],"require":[53],"administrative":[54],"access":[55],"multiple":[58],"case-studies":[59],"demonstrate":[61],"the":[62,78],"effectiveness":[63,79],"solution.":[66],"also":[68],"propose":[69],"procedural,":[70],"technical":[71],"educational":[73],"processes":[74],"will":[76],"increase":[77],"approach.":[82]},"counts_by_year":[{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}