Cover image for Privacy-respecting intrusion detection
Title:
Privacy-respecting intrusion detection
Personal Author:
Series:
Advances in information security ; 35
Publication Information:
New York, NY : Springer-Verlag, 2007
Physical Description:
xvii, 307 p. : ill. ; 24 cm.
ISBN:
9780387343464

Available:*

Library
Item Barcode
Call Number
Material Type
Item Category 1
Status
Searching...
30000010184063 QA76.9.A25 F53 2007 Open Access Book Book
Searching...

On Order

Summary

Summary

Effective response to misuse or abusive activity in IT systems requires the capability to detect and understand improper activity. Intrusion Detection Systems observe IT activity, record these observations in audit data, and analyze the collected audit data to detect misuse. Privacy-Respecting Intrusion Detection introduces the concept of technical purpose binding, which restricts the linkability of pseudonyms in audit data to the amount necessary for misuse detection. Also, it limits the recovery of personal data to pseudonyms involved in a detected misuse scenario. The book includes case studies demonstrating this theory, and solutions that are constructively validated by providing algorithms.


Table of Contents

Part I Introduction and Background
1 Introductionp. 3
2 Authorizationsp. 9
3 An Architectural Model for Secure Authorizationsp. 13
4 Traditional Security Objectivesp. 27
5 Personal Data Protection Objectivesp. 31
6 Technical Enforcement of Multilateral Securityp. 43
7 Pseudonyms - A Technical Point of Viewp. 47
8 An Architectural Model for Pseudonymous Authorizationsp. 55
9 Comparing Architecturesp. 65
10 Audit Data Pseudonymizationp. 77
Part II Set-based Approach
11 Requirements, Assumptions and Trust Modelp. 91
12 Modeling Conditions for Technical Purpose Bindingp. 97
13 Cryptographic Enforcement of Disclosure Conditionsp. 103
14 The Mismatch Problemp. 109
15 Operational Pseudonymization and Pseudonym Disclosurep. 115
16 Extensionsp. 123
Part III Application to Unix Audit Data
17 Unix Audit Datap. 137
18 Syslogp. 141
19 Instantiating the Set-based Approach for Syslog Audit Datap. 147
20 Implementation: Pseudo/CoRep. 159
Part IV Evaluation
21 APES: Anonymity and Privacy in Electronic Servicesp. 171
22 Evaluating the Design Using Basic Building Blocksp. 177
23 Evaluating the Performance of the Implementationp. 187
Part V Refinement of Misuse Scenario Models
24 Motivating Model Refinementsp. 199
25 Models of Misuse Scenariosp. 203
26 Pseudonymization Based on Serial Signature-Netsp. 229
27 Pseudonym Linkabilityp. 233
28 Pseudonym Disclosurep. 247
Summaryp. 283
A Threshold Schemes for Cryptographic Secret Sharingp. 285
Referencesp. 287
Indexp. 303