Enabling Cyber Security Data Sharing for Large-scale Enterprises Using Managed Security Services
Wang, Xiao-Si and Herwono, Ian and Di Cerbo, Francesco and Kearney, Paul and Shackleton, Mark (2018) Enabling Cyber Security Data Sharing for Large-scale Enterprises Using Managed Security Services. In: 4th IEEE Workshop on Security and Privacy in the Cloud, 30th May 2018, Beijing, China.
Preview |
Text
Enabling cyber security data sharing for large scale enterprises using managed security services.pdf - Accepted Version Download (765kB) |
Abstract
Large enterprises and organizations from both private and public sectors typically outsource a platform solution, as part of the Managed Security Services (MSSs), from 3rd party providers (MSSPs) to monitor and analyze their data containing cyber security information. Sharing such data among these large entities is believed to improve their effectiveness and efficiency at tackling cybercrimes, via improved analytics and insights. However, MSS platform customers currently are not able or not willing to share data among themselves because of multiple reasons, including privacy and confidentiality concerns, even when they are using the same MSS platform. Therefore any proposed mechanism or technique to address such a challenge need to ensure that sharing is achieved in a secure and controlled way. In this paper, we propose a new architecture and use case driven designs to enable confidential, flexible and collaborative data sharing among such organizations using the same MSS platform. MSS platform is a complex environment where different stakeholders, including authorized MSSP personnel and customers’ own users, have access to the same platform but with different types of rights and tasks. Hence we make every effort to improve the usability of the platform supporting sharing while keeping the existing rights and tasks intact. As an innovative and pioneering attempt to address the challenge of data sharing in the MSS platform, we hope to encourage further work to follow so that confidential and collaborative sharing eventually happens among MSS platform customers.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Dates: | Date Event 30 May 2018 Published 26 March 2018 Accepted |
| Uncontrolled Keywords: | Cyber security, privacy, policy, information, data sharing; data anonymization, data sanitization, data encryption; managed security service, managed security service provider |
| Subjects: | CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science CAH11 - computing > CAH11-01 - computing > CAH11-01-03 - information systems |
| Divisions: | Faculty of Computing, Engineering and the Built Environment > College of Computing |
| Depositing User: | Paul Kearney |
| Date Deposited: | 29 May 2018 13:35 |
| Last Modified: | 22 Mar 2023 12:01 |
| URI: | https://www.open-access.bcu.ac.uk/id/eprint/5960 |
Actions (login required)
 |
View Item |
Tools
Tools
