Authorised users (insiders) are behind the majority of security incidents with high financial impacts. Because authorisation is the process of controlling users? access to resources, improving authorisation techniques may mitigate the insider threat. Current approaches to authorisation suffer...