Transaction-Based Pseudonyms in Audit Data for Privacy Respecting Intrusion Detection
作者: Joachim Biskup , Ulrich Flegel
关键词: Internet privacy 、 Computer security 、 Public-key cryptography 、 Pseudonymity 、 Database transaction 、 Secret sharing 、 Intrusion detection system 、 Anonymity 、 Computer science 、 Cryptography 、 Audit
摘要: Privacy and surveillance by intrusion detection are potentially conflicting organizational legal requirements. In order to support a balanced solution, audit data is inspected for personal identifiers referring real persons substituted transaction-based pseudonyms.Th ese pseudonyms constructed as shares suitably adapted version of Shamir's cryptographic approach secret sharing. Under sufficient suspicion, expressed threshold on shares, analyzers can perform reidentification.
springer.com
acm.org 
core.ac.uk 
sci-hub.st 参考文章(22)
Emilie Lundin, Erland Jonsson, Privacy vs. Intrusion Detection Analysis. recent advances in intrusion detection. ,(1999)
Terry Escamilla, Intrusion detection: network security beyond the firewall John Wiley & Sons, Inc.. ,(1998)
Michael Meier, Thomas Holz, Sicheres Schlüsselmanagement für verteilte Intrusion-Detection-Systeme Systemsicherheit. pp. 275- 286 ,(2000) , 10.1007/978-3-322-84957-1_22
Joachim Biskup, Technical Enforcement of Informational Assurances Proceedings of the IFIP TC11 WG 11.3 Twelfth International Working Conference on Database Security XII: Status and Prospects. pp. 17- 40 ,(1998) , 10.1007/978-0-387-35564-1_2
Michael Sobirey, Aktuelle Anforderungen an Intrusion Detection-Systeme und deren Berücksichtigung bei der Systemgestaltung von AID 2 VIS. pp. 351- 370 ,(1995) , 10.1007/978-3-322-91094-3_22
M. Bishop, A standard audit trail format National information systems security conference, Baltimore, MD (United States), 10-13 Oct 1995. ,(1995)
Michael Sobirey, Birk Richter, Hartmut König, The intrusion detection system AID—architecture, and experiences in automated audit analysis international conference on communications. pp. 278- 290 ,(1997) , 10.1007/978-0-387-35083-7_25
Bruce Schneier, John Kelsey, Minimizing Bandwidth for Remote Access to Cryptographically Protected Audit Logs. recent advances in intrusion detection. ,(1999)
Michael Sobirey, Simone Fischer-Hübner, Kai Rannenberg, Pseudonymous audit for privacy enhanced intrusion detection information security. pp. 151- 163 ,(1997) , 10.1007/978-0-387-35259-6_13
Hervé Debar, Marc Dacier, Andreas Wespi, Towards a taxonomy of intrusion-detection systems Computer Networks. ,vol. 31, pp. 805- 822 ,(1999) , 10.1016/S1389-1286(98)00017-6