Cristin-resultat-ID: 1152268
Sist endret: 15. september 2014 07:12
NVI-rapporteringsår: 2014
Resultat
Vitenskapelig artikkel
2014

A roadmap towards improving managed security services from a privacy perspective

Bidragsytere:
  • Nils Ulltveit-Moe

Tidsskrift

Ethics and Information Technology
ISSN 1388-1957
e-ISSN 1572-8439
NVI-nivå 1

Om resultatet

Vitenskapelig artikkel
Publiseringsår: 2014
Publisert online: 2014
Trykket: 2014
Volum: 16
Hefte: 3
Sider: 227 - 240

Importkilder

Scopus-ID: 2-s2.0-84905293536

Klassifisering

Vitenskapsdisipliner

Datateknologi

Emneord

Personvern og informasjonssikkerhet • Etikk • Datasikkerhet

Beskrivelse Beskrivelse

Tittel

A roadmap towards improving managed security services from a privacy perspective

Sammendrag

This paper proposes a roadmap for how privacy leakages from outsourced managed security services using intrusion detection systems can be controlled. The paper first analyses the risk of leaking private or confidential information from signature-based intrusion detection systems. It then discusses how the situation can be improved by developing adequate privacy enforcement methods and privacy leakage metrics in order to control and reduce the leakage of private and confidential information over time. Such metrics should allow for quantifying how much information that is leaking, where these information leakages are, as well as showing what these leakages mean. This includes adding enforcement mechanisms ensuring that operation on sensitive information is transparent and auditable. The data controller or external quality assurance organisations can then verify or certify that the security operation operates in a privacy friendly manner. The roadmap furthermore outlines how privacy-enhanced intrusion detection systems should be implemented by initially providing privacy-enhanced alarm handling and then gradually extending support for privacy enhancing operation to other areas like digital forensics, exchange of threat information and big data analytics based attack detection.

Bidragsytere

Nils Ulltveit-Moe

  • Tilknyttet:
    Forfatter
    ved Institutt for informasjons- og kommunikasjonsteknologi ved Universitetet i Agder
1 - 1 av 1