Cristin-resultat-ID: 1152268
Sist endret: 15. september 2014, 07:12
NVI-rapporteringsår: 2014
Vitenskapelig artikkel

A roadmap towards improving managed security services from a privacy perspective

  • Nils Ulltveit-Moe


Ethics and Information Technology
ISSN 1388-1957
e-ISSN 1572-8439
NVI-nivå 1

Om resultatet

Vitenskapelig artikkel
Publiseringsår: 2014
Publisert online: 2014
Trykket: 2014
Volum: 16
Hefte: 3
Sider: 227 - 240


Scopus-ID: 2-s2.0-84905293536
Scopus-ID: 2-s2.0-84906946536





Personvern og informasjonssikkerhet • Etikk • Datasikkerhet

Beskrivelse Beskrivelse


A roadmap towards improving managed security services from a privacy perspective


This paper proposes a roadmap for how privacy leakages from outsourced managed security services using intrusion detection systems can be controlled. The paper first analyses the risk of leaking private or confidential information from signature-based intrusion detection systems. It then discusses how the situation can be improved by developing adequate privacy enforcement methods and privacy leakage metrics in order to control and reduce the leakage of private and confidential information over time. Such metrics should allow for quantifying how much information that is leaking, where these information leakages are, as well as showing what these leakages mean. This includes adding enforcement mechanisms ensuring that operation on sensitive information is transparent and auditable. The data controller or external quality assurance organisations can then verify or certify that the security operation operates in a privacy friendly manner. The roadmap furthermore outlines how privacy-enhanced intrusion detection systems should be implemented by initially providing privacy-enhanced alarm handling and then gradually extending support for privacy enhancing operation to other areas like digital forensics, exchange of threat information and big data analytics based attack detection.


Nils Ulltveit-Moe

  • Tilknyttet:
    ved Institutt for informasjons- og kommunikasjonsteknologi ved Universitetet i Agder
1 - 1 av 1