Privacy Principles for Sharing Cyber Security Data

被引:20
|
作者
Fisk, Gina [1 ]
Ardi, Calvin [1 ,2 ]
Pickett, Neale [1 ]
Heidemann, John [2 ]
Fisk, Mike [1 ]
Papadopoulos, Christos [3 ]
机构
[1] Los Alamos Natl Lab, Los Alamos, NM 87545 USA
[2] USC Informat Sci Inst, Marina Del Rey, CA 90292 USA
[3] Colorado State Univ, Ft Collins, CO 80523 USA
来源
2015 IEEE SECURITY AND PRIVACY WORKSHOPS (SPW) | 2015年
关键词
D O I
10.1109/SPW.2015.23
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
Sharing cyber security data across organizational boundaries brings both privacy risks in the exposure of personal information and data, and organizational risk in disclosing internal information. These risks occur as information leaks in network traffic or logs, and also in queries made across organizations. They are also complicated by the trade-offs in privacy preservation and utility present in anonymization to manage disclosure. In this paper, we define three principles that guide sharing security information across organizations: Least Disclosure, Qualitative Evaluation, and Forward Progress. We then discuss engineering approaches that apply these principles to a distributed security system. Application of these principles can reduce the risk of data exposure and help manage trust requirements for data sharing, helping to meet our goal of balancing privacy, organizational risk, and the ability to better respond to security with shared information.
引用
收藏
页码:193 / 197
页数:5
相关论文
共 50 条
  • [31] Data sharing threatens privacy
    Declan Butler
    Nature, 2007, 449 : 644 - 644
  • [32] Sharing data - protecting privacy
    不详
    R&D MAGAZINE, 2006, 48 (06): : 14 - 14
  • [33] Data sharing threatens privacy
    Butler, Declan
    NATURE, 2007, 449 (7163) : 644 - 645
  • [34] Genetic Data Sharing and Privacy
    Marco D. Sorani
    John K. Yue
    Sourabh Sharma
    Geoffrey T. Manley
    Adam R. Ferguson
    Shelly R. Cooper
    Kristen Dams-O’Connor
    Wayne A. Gordon
    Hester F. Lingsma
    Andrew I. R. Maas
    David K. Menon
    Diane J. Morabito
    Pratik Mukherjee
    David O. Okonkwo
    Ava M. Puccio
    Alex B. Valadka
    Esther L. Yuh
    Neuroinformatics, 2015, 13 : 1 - 6
  • [35] Genetic Data Sharing and Privacy
    Sorani, Marco D.
    Yue, John K.
    Sharma, Sourabh
    Manley, Geoffrey T.
    Ferguson, Adam R.
    Cooper, Shelly R.
    Dams-O'Connor, Kristen
    Gordon, Wayne A.
    Lingsma, Hester F.
    Maas, Andrew I. R.
    Menon, David K.
    Morabito, Diane J.
    Mukherjee, Pratik
    Okonkwo, David O.
    Puccio, Ava M.
    Valadka, Alex B.
    Yuh, Esther L.
    NEUROINFORMATICS, 2015, 13 (01) : 1 - 6
  • [36] Cyber Security, Technology, and Privacy Regulation in the Digital Age
    Ashrafi, Noushin
    Kuilboer, Jean-Pierre
    Schuetz, Christopher
    AMCIS 2016 PROCEEDINGS, 2016,
  • [37] The Privacy Implications of Cyber Security Systems: A Technological Survey
    Toch, Eran
    Bettini, Claudio
    Shmueli, Erez
    Radaelli, Laura
    Lanzi, Andrea
    Riboni, Daniele
    Lepri, Bruno
    ACM COMPUTING SURVEYS, 2018, 51 (02)
  • [38] Privacy and Security Gaps in mitigating Cyber crime: The Review
    Saad, Amna
    Amran, Ahmad Roshidi
    Afif, Ijlal Ibrahim
    Zolkeple, Ahmad Hariri
    Said, Aidy Izzuddin Ahmad
    Hamzah, Muhammad Fiqri
    Salim, Wan Nor Salwani Wan
    2016 2ND INTERNATIONAL SYMPOSIUM ON AGENT, MULTI-AGENT SYSTEMS AND ROBOTICS (ISAMSR), 2016, : 92 - 99
  • [39] A Practical Framework and Guidelines to Enhance Cyber Security and Privacy
    Choras, Michal
    Kozik, Rafal
    Renk, Rafal
    Holubowicz, Witold
    INTERNATIONAL JOINT CONFERENCE: CISIS'15 AND ICEUTE'15, 2015, 369 : 485 - 495
  • [40] Cyber Security and Privacy Experiments: A Design and Reporting Toolkit
    Coopamootoo, Kovila P. L.
    Gross, Thomas
    PRIVACY AND IDENTITY MANAGEMENT: THE SMART REVOLUTION, 2018, 526 : 243 - 262
12345