Warning: pg_query(): Query failed: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 in /dati/webiit-old/includes/database.pgsql.inc on line 138 Warning: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 query: SELECT data, created, headers, expire, serialized FROM cache_page WHERE cid = 'https://www-old.iit.cnr.it/node/58290' in /dati/webiit-old/includes/database.pgsql.inc on line 159 Warning: pg_query(): Query failed: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 in /dati/webiit-old/includes/database.pgsql.inc on line 138 Warning: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 query: SELECT data, created, headers, expire, serialized FROM cache_page WHERE cid = 'https://www-old.iit.cnr.it/node/58290' in /dati/webiit-old/includes/database.pgsql.inc on line 159 Towards General scheme for Data Sharing Agreements empowering Privacy-Preserving Data Analysis of structured CTI | IIT - CNR - Istituto di Informatica e Telematica
IIT Home Page CNR Home Page

Towards General scheme for Data Sharing Agreements empowering Privacy-Preserving Data Analysis of structured CTI

This paper proposes an extension to the standard STIX representation for Cyber Threat Information (CTI) which couples specific data attributes with privacy-preserving conditions expressed through Data Sharing Agreements (DSA). The proposed scheme allows, in fact, to define sharing and anonymization policies in the form of a human-readable DSA, bound to the specific CTI. The whole scheme is designed to be completely compatible with the STIX 2.0 standard for CTI representation. The proposed scheme will be implemented in this work by defining the complete scheme for representing an email, which is more expressive than the standard one defined for STIX, designed specifically for spam email analysis. Hence, an application to an email is presented, together with DSA definition and inclusion in a STIX record. Finally, a set of experiments will show the performance improvement related to data access, brought by the adoption of the proposed scheme.

European Symposium on Research in Computer Security, Barcelona, 2018

Autori IIT:

Tipo: Contributo in atti di convegno
Area di disciplina: Computer Science & Engineering

File: Towards general scheme for Data Sharing Agreements empowering Privacy-Preserving Data Analysis of structured CTI.pdf

Attività: Sicurezza nel Cloud Computing