Abstract
Traffic inspection is a fundamental building block of many security solutions today. For example, to prevent the leakage or exfiltration of confidential insider information, as well as to block malicious traffic from entering the network, most enterprises today operate intrusion detection and prevention systems that inspect traffic. However, the state-of-theart inspection systems do not reflect well the interests of the different involved autonomous roles. For example, employees in an enterprise, or a company outsourcing its network management to a specialized third party, may require that their traffic remains confidential, even from the system administrator. Moreover, the rules used by the intrusion detection system, or more generally the configuration of an online or offline anomaly detection engine, may be provided by a third party, e.g., a security research firm, and can hence constitute a critical business asset which should be kept confidential. Today, it is often believed that accounting for these additional requirements is impossible, as they contradict efficiency and effectiveness. We in this paper explore a novel approach, called Privacy Preserving Inspection (PRI), which provides a solution to this problem, by preserving privacy of traffic inspection and confidentiality of inspection rules and configurations, and e.g., also supports the flexible installation of additional Data Leak Prevention (DLP) rules specific to the company.
Original language | English |
---|---|
Title of host publication | Proceedings - 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016 |
Number of pages | 8 |
Publisher | IEEE |
Publication date | 1 Aug 2016 |
Pages | 296-303 |
Article number | 7527782 |
ISBN (Electronic) | 9781509008247 |
DOIs | |
Publication status | Published - 1 Aug 2016 |
Event | 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016 - San Jose, United States Duration: 23 May 2016 → 25 May 2016 |
Conference
Conference | 2016 IEEE Symposium on Security and Privacy Workshops, SPW 2016 |
---|---|
Country/Territory | United States |
City | San Jose |
Period | 23/05/2016 → 25/05/2016 |
Keywords
- Insider Threats
- Intrusion Detection
- Privacy
- SGX
- Traffic Inspection
- Trusted Hardware