Trust and Risk-Based Access Control for Privacy Preserving Threat Detection Systems

Conference paper

DOI: 10.1007/978-3-319-48057-2_20

Part of the Lecture Notes in Computer Science book series (LNCS, volume 10018)
Cite this paper as:
Metoui N., Bezzi M., Armando A. (2016) Trust and Risk-Based Access Control for Privacy Preserving Threat Detection Systems. In: Dang T., Wagner R., Küng J., Thoai N., Takizawa M., Neuhold E. (eds) Future Data and Security Engineering. FDSE 2016. Lecture Notes in Computer Science, vol 10018. Springer, Cham

Abstract

Intrusion and threat detection systems analyze large amount of security-related data logs for detecting potentially harmful patterns. However, log data often contain sensitive and personal information, and their access and processing should be minimized. Anonymization can provide the technical mean to reduce the privacy risk, but it should carefully applied and balanced with utility requirements of the different phases of the process: a first exploration analysis needs less details than an investigation on a suspect set of logs. As a result, a complex access control framework has to be put in place to, simultaneously, address privacy and utility requirements. In this paper we propose a trust- and risk-aware access control framework for Threat Detection Systems, where each access request is evaluated by comparing the privacy-risk and the trustworthiness of the request. When the risk is too large compared to the trust level, the framework can apply adaptive adjustment strategies to decrease the risk (e.g., by selectively obfuscating the data) or to increase the trust level to perform a given task. We show how this model can provide meaningful results, and real-time performance, for an industrial threat detection solution.

Keywords

Trust Risk Privacy Utility Privacy-preserving threat detection 

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Nadia Metoui
    • 1
    • 2
  • Michele Bezzi
    • 3
  • Alessandro Armando
    • 1
    • 4
  1. 1.Security and Trust Unit, FBK-IrstTrentoItaly
  2. 2.DISI, University of TrentoTrentoItaly
  3. 3.SAP Labs France, Security ResearchSophia-AntipolisFrance
  4. 4.DIBRIS, University of GenovaGenoaItaly

Personalised recommendations