Willkommen, schön sind Sie da!
Logo Ex Libris

Privacy-Respecting Intrusion Detection

  • Kartonierter Einband
  • 328 Seiten
(0) Erste Bewertung abgeben
Bewertungen
(0)
(0)
(0)
(0)
(0)
Alle Bewertungen ansehen
This book introduces the concept of technical purpose binding, which restricts the linkability of pseudonyms in audit data to the ... Weiterlesen
CHF 193.00
Print on Demand - Auslieferung erfolgt in der Regel innert 4 bis 6 Wochen.
Bestellung & Lieferung in eine Filiale möglich

Beschreibung

This book introduces the concept of technical purpose binding, which restricts the linkability of pseudonyms in audit data to the amount necessary for misuse detection, and limits the recovery of personal data. Includes case studies and solutions, with algorithms.



Computer and network security is an issue that has been studied for many years. The Ware Report, which was published in 1970, pointed out the need for c- puter security and highlighted the di?culties in evaluating a system to determine if it provided the necessary security for particular applications. The Anderson Report, published in 1972, was the outcome of an Air Force Planning Study whose intent was to de?ne the research and development paths required to make secure computers a reality in the USAF. A major contribution of this report was the de?nition of the reference monitor concept, which led to security kernel architectures. In the mid to late 1970s a number of systems were designed and implemented using a security kernel architecture. These systems were mostly sponsored by the defense establishment and were not in wide use. Fast forwarding to more recent times, the advent of the world-wide web, inexp- sive workstations for the o?ce and home, and high-speed connections has made it possible for most people to be connected. This access has greatly bene?ted society allowing users to do their banking, shopping, and research on the Int- net. Most every business, government agency, and public institution has a public facing web page that can be accessed by anyone anywhere on the Internet. - fortunately, society's increased dependency on networked software systems has also given easy access to the attackers, and the number of attacks is steadily increasing.

Includes broad systematic introduction into the problem from legal framework to developing requirements and general models with technical solutions for multilateral security

Demonstrates how solutions can be designed and evaluated while rigorously adhering to derived requirements



Autorentext
Intrusion detection systems (IDS) monitor computer systems, record audit data and analyze the collected data in order to detect misuse. The recorded audit data documents user behavior and contains personal data of system users. As a result, collecting and processing audit data for misuse detection conflicts with pertinent privacy law. Privacy-Respecting Intrusion Detection introduces the concept of technical purpose binding, which restricts the linkability of pseudonyms in audit data to the amount necessary for misuse detection. Also, it limits the recovery of personal data to pseudonyms involved in a detected misuse scenario. The book includes case studies demonstrating this theory, and solutions that are constructively validated by providing algorithms.

Klappentext

With our society's growing dependency on information technology systems (IT), IT security is crucial. To properly respond to misuse or abusive activity in IT systems, one needs to establish the capability to detect and understand improper activity. Intrusion Detection Systems observe activity occurring in the IT system, record these observations in audit data, and analyze collected audit data to detect misuse. Collecting and processing audit data for misuse detection conflicts with expectations and rights of system users regarding their privacy. A viable solution is replacing personal data with pseudonyms in audit data.

Privacy-Respecting Intrusion Detection introduces technical purpose binding, restricting the linkability of pseudonyms in audit data, to the amount required for misuse detection. Also, it limits the recovery of original personal data to pseudonyms involved in a detected misuse scenario. This book includes case studies with constructively validated solutions by providing algorithms.

Privacy-Respecting Intrusion Detection is designed for a professional audience, composed of practitioners and researchers in industry. This book is also suitable as an advance-level text in the computer science field.

Foreword by Richard Kemmerer, University of California, Santa Barbara, USA

 



Inhalt
and Background.- Authorizations.- An Architectural Model for Secure Authorizations.- Traditional Security Objectives.- Personal Data Protection Objectives.- The Challenge: Technical Enforcement of Multilateral Security.- Pseudonyms A Technical Point of View.- An Architectural Model for Pseudonymous and Secure Authorizations.- Comparing Architectures.- Audit Data Pseudonymization.- Set-based Approach.- Requirements, Assumptions and Trust Model.- Modeling Conditions for Technical Purpose Binding of Controlled Pseudonym Disclosure.- Cryptographic Enforcement of Disclosure Conditions.- The Mismatch Problem.- Operational Pseudonymization and Pseudonym Disclosure.- Extensions.- Application to Unix Audit Data.- Unix Audit Data.- Syslog.- Instantiating the Set-based Approach for Syslog-style Audit Data.- Implementation: Pseudo/CoRe.- Evaluation.- APES: Anonymity and Privacy in Electronic Services.- Evaluating the Design Using Basic Building Blocks for Anonymity.- Evaluating the Performance of the Implementation.- Refinement of Misuse Scenario Models.- Motivating Model Refinements.- Models of Misuse Scenarios.- Pseudonymization Based on Serial Signature-Nets.- Pseudonym Linkability.- Pseudonym Disclosure.

Produktinformationen

Titel: Privacy-Respecting Intrusion Detection
Autor:
EAN: 9781441941756
ISBN: 1441941754
Format: Kartonierter Einband
Herausgeber: Springer US
Genre: Informatik
Anzahl Seiten: 328
Gewicht: 499g
Größe: H235mm x B155mm x T17mm
Jahr: 2010
Auflage: Softcover reprint of hardcover 1st ed. 2007

Weitere Produkte aus der Reihe "Advances in Information Security"