Towards General scheme for Data Sharing Agreements empowering Privacy-Preserving Data Analysis of structured CTI

Author (ESR): 
Oleksii Osliak (Consiglio Nazionale Delle Ricerche)
Fabio Martinelli
Oleksii Osliak
Andrea Saracino

This paper proposes an extension to the standard STIX representation for Cyber Threat Information (CTI) which couples specific data attributes with privacy-preserving conditions expressed through Data Sharing Agreements (DSA). The proposed scheme allows, in fact, to define sharing and anonymization policies in the form of a human-readable DSA, bound to the specific CTI. The whole scheme is designed to be completely compatible with the STIX 2.0 standard for CTI representation. The proposed scheme will be implemented in this work by defining the complete scheme for representing an email, which is more expressive than the standard one defined for STIX, designed specifically for spam email analysis. Hence, an application to an email is presented, together with DSA definition and inclusion in a STIX record. Finally, a set of experiments will show the performance improvement related to data access, brought by the adoption of the proposed scheme.

2nd International Workshop on SECurity and Privacy Requirements Engineering SECPRE 2018 in conjunction with ESORICS 2018
Monday, September 3, 2018 to Friday, September 7, 2018