A workflow checking approach for inherent privacy awareness in network monitoring

Authors:
Maria N. Koukovini;Eugenia I. Papagiannakopoulou;Georgios V. Lioudakis;Dimitra I. Kaklamani;Iakovos S. Venieris
Affiliations:
School of Electrical and Computer Engineering, National Technical University of Athens, Athens, Greece;School of Electrical and Computer Engineering, National Technical University of Athens, Athens, Greece;School of Electrical and Computer Engineering, National Technical University of Athens, Athens, Greece;School of Electrical and Computer Engineering, National Technical University of Athens, Athens, Greece;School of Electrical and Computer Engineering, National Technical University of Athens, Athens, Greece
Venue:
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Year:
2011

Citing 14
Cited 1

Prefix-preserving IP address anonymization: measurement-based security evaluation and a new cryptography-based scheme

Computer Networks: The International Journal of Computer and Telecommunications Networking
The devil and packet trace anonymization

ACM SIGCOMM Computer Communication Review
Service oriented architectures: approaches, technologies and research issues

The VLDB Journal — The International Journal on Very Large Data Bases
Legal issues surrounding monitoring during network research

Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Constraint based role based access control in the SECTET-framework: A model-driven approach

Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
Modeling contextual security policies

International Journal of Information Security
Managing access and flow control requirements in distributed workflows

AICCSA '08 Proceedings of the 2008 IEEE/ACS International Conference on Computer Systems and Applications
The role of network trace anonymization under attack

ACM SIGCOMM Computer Communication Review
Exploiting cryptography for privacy-enhanced access control: A result of the PRIME Project

Journal of Computer Security - EU-Funded ICT Research on Trust and Security
Privacy-aware role-based access control

ACM Transactions on Information and System Security (TISSEC)
SecureSOA Modelling Security Requirements for Service-Oriented Architectures

SCC '10 Proceedings of the 2010 IEEE International Conference on Services Computing
Privacy-Aware Access Control and Authorization in Passive Network Monitoring Infrastructures

CIT '10 Proceedings of the 2010 10th IEEE International Conference on Computer and Information Technology
Dynamic deployment of context-aware access control policies for constrained security devices

Journal of Systems and Software
A contextual privacy-aware access control model for network monitoring workflows: work in progress

FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security

A privacy-aware access control model for distributed network monitoring

Computers and Electrical Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Despite the usefulness of network monitoring for the operation, maintenance, control and protection of communication networks, as well as law enforcement, network monitoring activities are surrounded by serious privacy implications. The inherent "leakage-proneness" is harshened due to the increasing complexity of the monitoring procedures and infrastructures, that include multiple traffic observation points, distributed mitigation mechanisms and even inter-operator cooperation. In this paper, an innovative approach aiming at realising the "privacy by design" principle in the area of network monitoring is presented; it relies on service-orientation primitives and abstractions, in order to verify and, when needed, to adjust network monitoring workflows, so that they become inherently privacy-aware before being deployed for execution.