Privacy-Respecting Intrusion Detection

1. Front Matter

   Pages I-XVIII

   PDF

2. Introduction and Background

   1. Front Matter

      Pages 2-2

      PDF

   2. Introduction

      Pages 3-8

   3. Authorizations

      Pages 9-12

   4. An Architectural Model for Secure Authorizations

      Pages 13-25

   5. Traditional Security Objectives

      Pages 27-30

   6. Personal Data Protection Objectives

      Pages 31-42

   7. The Challenge: Technical Enforcement of Multilateral Security

      Pages 43-46

   8. Pseudonyms – A Technical Point of View

      Pages 47-54

   9. An Architectural Model for Pseudonymous and Secure Authorizations

      Pages 55-63

   10. Comparing Architectures

       Pages 65-75

   11. Audit Data Pseudonymization

       Pages 77-87

3. Set-based Approach

   1. Front Matter

      Pages 90-90

      PDF

   2. Requirements, Assumptions and Trust Model

      Pages 91-95

   3. Modeling Conditions for Technical Purpose Binding of Controlled Pseudonym Disclosure

      Pages 97-102

   4. Cryptographic Enforcement of Disclosure Conditions

      Pages 103-107

   5. The Mismatch Problem

      Pages 109-113

   6. Operational Pseudonymization and Pseudonym Disclosure

      Pages 115-121

   7. Extensions

      Pages 123-134

4. Application to Unix Audit Data

   1. Front Matter

      Pages 136-136

      PDF

Computer and network security is an issue that has been studied for many years. The Ware Report, which was published in 1970, pointed out the need for c- puter security and highlighted the di?culties in evaluating a system to determine if it provided the necessary security for particular applications. The Anderson Report, published in 1972, was the outcome of an Air Force Planning Study whose intent was to de?ne the research and development paths required to make secure computers a reality in the USAF. A major contribution of this report was the de?nition of the reference monitor concept, which led to security kernel architectures. In the mid to late 1970s a number of systems were designed and implemented using a security kernel architecture. These systems were mostly sponsored by the defense establishment and were not in wide use. Fast forwarding to more recent times, the advent of the world-wide web, inexp- sive workstations for the o?ce and home, and high-speed connections has made it possible for most people to be connected. This access has greatly bene?ted society allowing users to do their banking, shopping, and research on the Int- net. Most every business, government agency, and public institution has a public facing web page that can be accessed by anyone anywhere on the Internet. - fortunately, society’s increased dependency on networked software systems has also given easy access to the attackers, and the number of attacks is steadily increasing.

• Datenschutz
• IT security
• Information
• Protection
• Signatur
• UNIX
• algorithms
• architecture
• computer security
• informational self-determination
• intrusion detection
• monitoring
• network security
• security
• surveillance

• University of Dortmund, 44221, Germany

  Ulrich Flegel

Policies and ethics