TY - GEN
T1 - Limiting data exposure in monitoring multi-domain policy conformance
AU - Montanari, Mirko
AU - Huh, Jun Ho
AU - Bobba, Rakesh B.
AU - Campbell, Roy H.
N1 - Funding Information:
This material is based on work supported in part by a grant from The Boeing Company, and by a grant from Air Force Research Laboratory and the Air Force Office of Scientific Research under agreement number FA8750-11-2-0084. The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright notation thereon.
PY - 2013
Y1 - 2013
N2 - In hybrid- or multi-cloud systems, security information and event management systems often work with abstract level information provided by the service providers. Privacy and confidentiality requirements discourage sharing of the raw data. With access to only the partial information, detecting anomalies and policy violations becomes much more difficult in those environments. This paper proposes a mechanism for detecting undesirable events over the composition of multiple independent systems that have constraints in sharing information because of security and privacy concerns. Our approach complements other privacy-preserving event-sharing methods by focusing on discrete events such as system and network configuration changes. We use logic-based policies to define undesirable event sequences, and use multi-party computation to share event details that are needed for detecting violations. Further, through experimental evaluation, we show that our technique reduces the information shared between systems by more than half, and we show that the low performance of multi-party computation can be balanced out with concurrency-demonstrating an event rate acceptable for verification of configuration changes as well as other complex conditions.
AB - In hybrid- or multi-cloud systems, security information and event management systems often work with abstract level information provided by the service providers. Privacy and confidentiality requirements discourage sharing of the raw data. With access to only the partial information, detecting anomalies and policy violations becomes much more difficult in those environments. This paper proposes a mechanism for detecting undesirable events over the composition of multiple independent systems that have constraints in sharing information because of security and privacy concerns. Our approach complements other privacy-preserving event-sharing methods by focusing on discrete events such as system and network configuration changes. We use logic-based policies to define undesirable event sequences, and use multi-party computation to share event details that are needed for detecting violations. Further, through experimental evaluation, we show that our technique reduces the information shared between systems by more than half, and we show that the low performance of multi-party computation can be balanced out with concurrency-demonstrating an event rate acceptable for verification of configuration changes as well as other complex conditions.
UR - http://www.scopus.com/inward/record.url?scp=84884610224&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84884610224&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-38908-5_5
DO - 10.1007/978-3-642-38908-5_5
M3 - Conference contribution
AN - SCOPUS:84884610224
SN - 9783642389078
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 65
EP - 82
BT - Trust and Trustworthy Computing - 6th International Conference, TRUST 2013, Proceedings
T2 - 6th International Conference on Trust and Trustworthy Computing, TRUST 2013
Y2 - 17 June 2013 through 19 June 2013
ER -