Buch, Englisch, 307 Seiten, Format (B × H): 160 mm x 241 mm, Gewicht: 658 g
Buch, Englisch, 307 Seiten, Format (B × H): 160 mm x 241 mm, Gewicht: 658 g
Reihe: Advances in Information Security
ISBN: 978-0-387-34346-4
Verlag: Springer US
Intrusion detection systems (IDS) monitor computer systems, record audit data and analyze the collected data in order to detect misuse. The recorded audit data documents user behavior and contains personal data of system users. As a result, collecting and processing audit data for misuse detection conflicts with pertinent privacy law. Privacy-Respecting Intrusion Detection introduces the concept of technical purpose binding, which restricts the linkability of pseudonyms in audit data to the amount necessary for misuse detection. Also, it limits the recovery of personal data to pseudonyms involved in a detected misuse scenario. The book includes case studies demonstrating this theory, and solutions that are constructively validated by providing algorithms.
Zielgruppe
Professional/practitioner
Autoren/Hrsg.
Fachgebiete
- Mathematik | Informatik EDV | Informatik Technische Informatik Externe Speicher & Peripheriegeräte
- Mathematik | Informatik EDV | Informatik Technische Informatik Systemverwaltung & Management
- Mathematik | Informatik EDV | Informatik Daten / Datenbanken Zeichen- und Zahlendarstellungen
- Mathematik | Informatik EDV | Informatik Informatik Logik, formale Sprachen, Automaten
- Mathematik | Informatik EDV | Informatik Technische Informatik Netzwerk-Hardware
- Mathematik | Informatik EDV | Informatik Daten / Datenbanken Informationstheorie, Kodierungstheorie
- Mathematik | Informatik EDV | Informatik Computerkommunikation & -vernetzung
- Interdisziplinäres Wissenschaften Wissenschaften: Forschung und Information Informationstheorie, Kodierungstheorie
Weitere Infos & Material
and Background.- Authorizations.- An Architectural Model for Secure Authorizations.- Traditional Security Objectives.- Personal Data Protection Objectives.- The Challenge: Technical Enforcement of Multilateral Security.- Pseudonyms – A Technical Point of View.- An Architectural Model for Pseudonymous and Secure Authorizations.- Comparing Architectures.- Audit Data Pseudonymization.- Set-based Approach.- Requirements, Assumptions and Trust Model.- Modeling Conditions for Technical Purpose Binding of Controlled Pseudonym Disclosure.- Cryptographic Enforcement of Disclosure Conditions.- The Mismatch Problem.- Operational Pseudonymization and Pseudonym Disclosure.- Extensions.- Application to Unix Audit Data.- Unix Audit Data.- Syslog.- Instantiating the Set-based Approach for Syslog-style Audit Data.- Implementation: Pseudo/CoRe.- Evaluation.- APES: Anonymity and Privacy in Electronic Services.- Evaluating the Design Using Basic Building Blocks for Anonymity.- Evaluating the Performance of the Implementation.- Refinement of Misuse Scenario Models.- Motivating Model Refinements.- Models of Misuse Scenarios.- Pseudonymization Based on Serial Signature-Nets.- Pseudonym Linkability.- Pseudonym Disclosure.
