Abstract
Privacy and surveillance by intrusion detection are potentially conflicting organizational and legal requirements.In order to support a balanced solution, audit data is inspected for personal data and identifiers referring to real persons are substituted by transaction-based pseudonyms. These pseudonyms are constructed as shares for a suitably adapted version of Shamir’s cryptographic approach to secret sharing. Under sufficient suspicion, expressed as a threshold on shares, audit analyzers can perform reidentification.
The work described here is currently partially funded by Deutsche Forschungsge-meinschaft under contract number Bi 311/10-1.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kai Rannenberg, Andreas Pfitzmann, and Günther Müller. It security and multilateral security. In Kai Rannenberg, editors Multilateral Security in Communications. Information Security. Addison Wesley, first edition, 1999 Müller and Rannenberg [38], pages 21–29.
Joachim Biskup. Technical enforcement of informational assurances. In Sushil Jajodia, editor, Proceedings of the 12th international IFIP TC11 WG 11.3 Working Conference on Database Security, pages 17–40, Chalkidiki, Greece, July 1998. IFIP, Kluwer Academic Publishers.
Directive 95/46/EC of the European Parliament and of the Council of 24 october 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal L 281, October 1995. http://europa.eu.int/eur-lex/en/lif/dat/1995/en395L0046.html.
Erster Senat des Bundesverfassungsgerichts. Urteil vom 15. Dezember 1983 zum Volkszählungsgesetz-1 BvR 209/83 u.a. (in German). Datenschutz und Datensicherung, 84(4):258–281, April 1984. http://www.datenschutz-berlin.de/gesetze/sonstige/volksz.htm.
Federal data protection act. In Bundesgesetzblatt, page 2954 ff. December 1990. http://www.datenschutz-berlin.de/gesetze/bdsg/bdsgeng.htm.
Bundesministerium des Inneren. Entwurf zur Anderung des BDSG und anderer Gesetze (in German), July 1999. http://www.datenschutz-berlin.de/recht/de/bdsg/bdsgbegr.htm, http://www.datenschutz-berlin.de/recht/de/bdsg/bdsg0607.htm.
Bundesministerium für Bildung, Wissenschaft, Forschung und Technologie. Federal act establishing the general conditions for information and communication services — information and communication services act. Federal Law Gazette I, 52:1870, June 1997. http://www.iid.de/iukdg/gesetz/iukdgebt.pdf.
Federal Ministry of Posts and Telecommunications. Telecommunications carriers data protection ordinance. Federal Law Gazette I, page 982, July 1996. http://www.datenschutz-berlin.de/gesetze/medien/tdsve.htm.
Der Deutsche Bundestag. Telecommunications act, July 1996. http://www.datenschutz-berlin.de/gesetze/tkg/tkge.htm.
Entwurf einer Telekommunikations-Datenschutzverordnung (TDSV) (in German), 1999 December. http://www.hansen-oest.de/Dokumente/dsv-e-9912.pdf.
Directive 97/66/EC of the European Parliament and of the Council of 15 december 1997 concerning the processing of personal data and the protection of privacy in the telecommunications sector. Official Journal L 024, January 1998. http://europa.eu.int/eur-lex/en/lif/dat/1997/en397L0066.html.
Michael Sobirey, Simone Fischer-Hübner, and Kai Rannenberg. Pseudonymous audit for privacy enhanced intrusion detection. In L. Yngström and J. Carlsen, editors, Proceedings of the IFIP TC11 13th International Conference on Information Security (SEC’97), pages 151–163, Copenhagen, Denkmark, May 1997. IFIP, Chapman & Hall, London.
Birgit Pfitzmann, Michael Waidner, and Andreas Pfitzmann. atRechtssicherheit trotz Anonymiät in offenen digitalen Systemen (in German). Datenschutz und Datensicherheit, 14(5–6):243–253, 305–315, 1990.
Emilie Lundin and Erland Jonsson. Privacy vs intrusion detection analysis. In Proceedings of the Second International Workshop on the Recent Advances in Intrusion Detection (RAID’99) [39].
Emilie Lundin and Erland Jonsson. Some practical and fundamental problems with anomaly detection. In Proceedings of NORDSEC’99, Kista Science Park, Sweden, November 1999.
Simone Fischer-Hübner and Klaus Brunnstein. Opportunities and risks of intrusion detection expert systems. In Proceedings of the International IFIP-GI-Conference Opportunities and Risks of Artificial Intelligence Systems ORAIS’89, Hamburg, Germany, July 1989. IFIP.
Simone Fischer-Hübner. IDA (Intrusion Detection and Avoidance System): Ein einbruchsentdeckendes und einbruchsvermeidendes System (in German). Informatik. Shaker, first edition, 1993.
Michael Sobirey. Aktuelle Anforderungen an Intrusion Detection-Systeme und deren Berücksichtigung bei der Systemgestaltung von AID2 (in German). In Hans H. Brüggemann and Waltraud Gerhardt-Häckl, editors, Proceedings of Verläßliche IT-Systeme, DuD-Fachbeiträge, pages 351–370, Rostock, Germany, April 1995. GI, Vieweg.
M. Sobirey, B. Richter, and H. König. The intrusion detection system AID-Architecture and experiences in automated audit trail analysis. In P. Horster, editor, Proceedings of the IFIP TC6/TC11 International Conference on Communications and Multimedia Security, pages 278–290, Essen, Germany, September 1996. IFIP, Chapman & Hall, London.
Michael Sobirey. Datenschutzoruientiertes Intrusion Detection (in German). DuD-Fachbeiträge. Vieweg, first edition, 1999.
Michael Meier and Thomas Holz. Sicheres Schlüsselmanagement für verteilte Intrusion-Detection-Systeme (in German). In Patrick Horster, editor, System-sicherheit, DuD-Fachbeiträge, pages 275–286, Bremen, Germany, March 2000. GI-2.5.3, ITG-6.2, OCG/ACS, TeleTrusT, Vieweg.
Roland Büschkes and Dogan Kesdogan. Privacy enhanced intrusion detection. In Kai Rannenberg, editors. Multilateral Security in Communications. Information Security. Addison Wesley, first edition, 1999 Müller and Rannenberg [38], pages 187–204.
Terry Escamilla. Intrusion Detection: Network Security Beyond the Firewall. Wiley Computer Publishing. John Wiley & Sons, Inc., first edition, 1998.
Katherine E. Price. Host-based misuse detection and conventional operating systems’ audit data collection. Master’s thesis, Purdue university, December 1997.
National Computer Security Center. US DoD Standard: Department of Defense Trusted Computer System Evaluation Criteria. DOD 5200.28-STD, Supercedes CSC-STD-001-83, dtd 15 Aug 83, Library No. S225,711, December 1985. http://csrc.ncsl.nist.gov/secpubs/rainbow/std001.txt.
National Computer Security Center. Audit in trusted systems. NCSC-TG-001, Library No. S-228,470, July 1987. http://csrc.ncsl.nist.gov/secpubs/rainbow/tg001.txt.
Common Criteria Implementation Board, editor. Common Criteria for Information Technology Security Evaluation — Part 2: Security functional requirements, Version 2.1. Number CCIMB-99-032. National Institute of Standards and Technology, August 1999. http://csrc.ncsl.nist.gov/cc/ccv20/p2-v21.pdf.
Inc. Sun Microsystems. Solaris 2.6 System Administrator Collection, volume 1, chapter SunSHIELD Basic Security Module Guide. Sun Microsystems, Inc., 1997.
Rebecca Gurley Bace. Intrusion Detection. Macmillan Technical Publishing, first edition, 2000.
Hervé Debar, Marc Dacier, and Andreas Wespi. Towards a taxonomy of intrusiondetection systems. Technical Report 93076, IBM Research Division, Zurich Research Laboratory, 8803 Rüschlikon, Switzerland, June 1998.
Darren Reed. Ip filter. http://coombs.anu.edu.au/avalon/ip-filter.html, 1999.
Stephen E. Smaha. svr4++, A common audit trail interchange format for Unix. Technical report, Haystack Laboratories, Inc., Austin, Texas, October 1994. Version 2.2.
Matt Bishop. A standard audit trail format. In Proceedings of the 18th National Information Systems Security Conference, pages 136–145, Baltimore, Maryland, October 1995.
Stefan Axelsson, Ulf Lindquist, and Ulf Gustafson. An approach to unix security logging. In Proceedings of the 21st National Information Systems Security Conference, pages 62–75, Crystal City, Arlington, VA, October 1998.
Douglas Robert Stinson. Cryptography — Theory and Practice, chapter Secret Sharing Schemes, pages 326–331. Discrete mathematics and its applications. CRC Press, first edition, 1995.
Bruce Schneier and John Kelsey. Cryptographic support for secure logs on untrusted machines. In Proceedings of the First International Workshop on the Recent Advances in Intrusion Detection (RAID’98), Lovain-la-Neuve, Belgium, September 1998. IBM Emergency Response Team. http://www.zurich.ibm.com/~dac/ProgRAID98/Tableof content.html.
John Kelsey and Bruce Schneier. Minimizing bandwidth for remote access to cryptographically protected audit logs. In Proceedings of the Second International Workshop on the Recent Advances in Intrusion Detection (RAID’99) [39].
Günter Müller and Kai Rannenberg, editors. Multilateral Security in Communications. Information Security. Addison Wesley, first edition, 1999.
Purdue University, CERIAS. Proceedings of the Second International Workshop on the Recent Advances in Intrusion Detection (RAID’99), West Lafayette, Indiana, September 1999.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Biskup, J., Flegel, U. (2000). Transaction-Based Pseudonyms in Audit Data for Privacy Respecting Intrusion Detection. In: Debar, H., Mé, L., Wu, S.F. (eds) Recent Advances in Intrusion Detection. RAID 2000. Lecture Notes in Computer Science, vol 1907. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-39945-3_3
Download citation
DOI: https://doi.org/10.1007/3-540-39945-3_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41085-0
Online ISBN: 978-3-540-39945-2
eBook Packages: Springer Book Archive