On Pseudonymization of Audit Data for Intrusion Detection

11 years 11 months ago
On Pseudonymization of Audit Data for Intrusion Detection
In multilaterally secure intrusion detection systems (IDS) anonymity and accountability are potentially conflicting requirements. Since IDS rely on audit data to detect violations of security policy, we can balance above requirements by pseudonymization of audit data, as a form of reversible anonymization. We discuss previous work in this area and underlying trust models. Instead of relying on mechanisms external to the system, or under the control of potential adversaries, in our proposal we technically bind reidentification to a threshold, representing the legal purpose of accountability in the presence of policy violations. Also, we contrast our notion of threshold-based identity recovery with previous approaches and point out open problems.
Joachim Biskup, Ulrich Flegel
Added 02 Aug 2010
Updated 02 Aug 2010
Type Conference
Year 2000
Where DIAU
Authors Joachim Biskup, Ulrich Flegel
Comments (0)