Transaction-Based Pseudonyms in Audit Data for Privacy Respecting Intrusion Detection
نویسندگان
چکیده
Privacy and surveillance by intrusion detection are potentially conflicting organizational and legal requirements. In order to support a balanced solution, audit data is inspected for personal data and identifiers referring to real persons are substituted by transaction-based pseudonyms. These pseudonyms are constructed as shares for a suitably adapted version of Shamir’s cryptographic approach to secret sharing. Under sufficient suspicion, expressed as a threshold on shares, audit analyzers can perform reidentification.
منابع مشابه
A hybrid approach for database intrusion detection at transaction and inter-transaction levels
Nowadays, information plays an important role in organizations. Sensitive information is often stored in databases. Traditional mechanisms such as encryption, access control, and authentication cannot provide a high level of confidence. Therefore, the existence of Intrusion Detection Systems in databases is necessary. In this paper, we propose an intrusion detection system for detecting attacks...
متن کاملA Privacy Enhancement Mechanism for Location Based Service Architectures Using Transaction Pseudonyms
Third party service providers are starting to use advanced location services based on area or periodical notification in order to develop innovative applications. However, such functions can be easily misused for tracking users and building their activity profiles, if privacy enhancement mechanisms are not integrated into the service architecture. In this paper we present a protocol based on tr...
متن کاملRequirements of Information Reductions for Cooperating Intrusion Detection Agents
We consider cooperating intrusion detection agents that limit the cooperation information flow with a focus on privacy and confidentiality. Generalizing our previous work on privacy respecting intrusion detection for centralized systems we propose an extended functional model for information reductions that is used for cooperation between intrusion detection agents. The reductions have the foll...
متن کاملAudit-log integrity using redactable signatures with pseudonyms
In this paper we describe a new approach for the integrity of audit records. We show how to simultaneously establish the integrity of an entire audit data set and of any derived subsets, adapting techniques that have been used before for redactable signatures. In addition, our algorithms allow for the pseudonymization of data fields, cryptographically enforcing the consistency of chosen pseudon...
متن کاملImplementation of Association Rule Mining for Network Intrusion Detection
Many modern intrusion detection systems are based on data mining and database-centric architecture, where a number of data mining techniques have been found. Among the most popular techniques, association rule mining is one of the important topics in data mining research. This approach determines interesting relationships between large sets of data items. This technique was initially applied to...
متن کامل