Privacy principles for sharing cyber security data

Authors

Gina Fisk, Los Alamos National Laboratory
Calvin Ardi, Los Alamos National LaboratoryFollow
Neale Pickett, Los Alamos National Laboratory
John Heidemann, Information Sciences Institute
Mike Fisk, Los Alamos National Laboratory
Christos Papadopoulos, Colorado State University

Abstract

Sharing cyber security data across organizational boundaries brings both privacy risks in the exposure of personal information and data, and organizational risk in disclosing internal information. These risks occur as information leaks in network traffic or logs, and also in queries made across organizations. They are also complicated by the trade-offs in privacy preservation and utility present in anonymization to manage disclosure. In this paper, we define three principles that guide sharing security information across organizations: Least Disclosure, Qualitative Evaluation, and Forward Progress. We then discuss engineering approaches that apply these principles to a distributed security system. Application of these principles can reduce the risk of data exposure and help manage trust requirements for data sharing, helping to meet our goal of balancing privacy, organizational risk, and the ability to better respond to security with shared information.

Publication Title

Proceedings - 2015 IEEE Security and Privacy Workshops, SPW 2015

Recommended Citation

Fisk, G., Ardi, C., Pickett, N., Heidemann, J., Fisk, M., & Papadopoulos, C. (2015). Privacy principles for sharing cyber security data. Proceedings - 2015 IEEE Security and Privacy Workshops, SPW 2015, 193-197. https://doi.org/10.1109/SPW.2015.23