Skip to main content

An Architecture for Privacy-preserving Sharing of CTI with 3rd party Analysis Services

Giubilo, Fabio and Sajjad, Ali and Shackleton, Mark and Chadwick, David W. and Fan, Wenjun and de Lemos, Rogério (2018) An Architecture for Privacy-preserving Sharing of CTI with 3rd party Analysis Services. In: 2017 12th International Conference for Internet Technology and Secured Transactions (ICITST). IEEE. ISBN 978-1-5386-0598-1. E-ISBN 978-1-908320-93-3. (doi:10.23919/ICITST.2017.8356404) (KAR id:65817)

Abstract

Increasing numbers of Small and Medium Enterprises (SME) are outsourcing or hosting their services on different Cloud Service Providers (CSP). They are also using different security services from these CSPs such as firewalls, intrusion detection/prevention systems and anti-malware. Although for the SMEs the main purpose of using these security services is to protect their cyber assets, either physical or virtual, from security threats and compromises, a very useful and valuable by-product of these security services is the wealth of Cyber Threat Information (CTI) that is collected over time. However, a common problem faced by SMEs is that they lack the resources and expertise for monitoring, analysing and reacting to any security notifications, alerts or events generated by the security services they have subscribed to. An obvious solution to this problem is that the SMEs outsource this problem to a cloud based service as well, by sharing their CTI with this service and allowing it to analyse the information and generate actionable reports or patches. The more CTI obtained from different SMEs, the better the analysis result. In this paper, we try to address some of the privacy and confidentiality issues that arise as a result of different SMEs sharing their CTI with such a third party analysis service for the aggregate analysis scenario we just described. We present the design and architecture of our solution that aims to allow SMEs to perform policy-based sharing of CTI, while also offering them flexible privacy and confidentiality controls.

Item Type: Book section
DOI/Identification number: 10.23919/ICITST.2017.8356404
Uncontrolled keywords: data privacy and confidentiality, cyber threat information, analysis services, infrastructure architecture, policy based sharing
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming, > QA76.9.C58 Computational grids
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Rogerio de Lemos
Date Deposited: 30 Jan 2018 14:41 UTC
Last Modified: 08 Dec 2022 16:24 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/65817 (The current URI for this page, for reference purposes)

University of Kent Author Information

Chadwick, David W..

Creator's ORCID: https://orcid.org/0000-0003-3145-055X
CReDIT Contributor Roles:

Fan, Wenjun.

Creator's ORCID:
CReDIT Contributor Roles:

de Lemos, Rogério.

Creator's ORCID: https://orcid.org/0000-0002-0281-6308
CReDIT Contributor Roles:
  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.