TIPS: Threat Sharing Information Platform for Enhanced Security
arxiv(2024)
摘要
There is an increasing need to share threat information for the prevention of
widespread cyber-attacks. While threat-related information sharing can be
conducted through traditional information exchange methods, such as email
communications etc., these methods are often weak in terms of their
trustworthiness and privacy. Additionally, the absence of a trust
infrastructure between different information-sharing domains also poses
significant challenges. These challenges include redactment of information, the
Right-to-be-forgotten, and access control to the information-sharing elements.
These access issues could be related to time bounds, the trusted deletion of
data, and the location of accesses. This paper presents an abstraction of a
trusted information-sharing process which integrates Attribute-Based Encryption
(ABE), Homomorphic Encryption (HE) and Zero Knowledge Proof (ZKP) integrated
into a permissioned ledger, specifically Hyperledger Fabric (HLF). It then
provides a protocol exchange between two threat-sharing agents that share
encrypted messages through a trusted channel. This trusted channel can only be
accessed by those trusted in the sharing and could be enabled for each
data-sharing element or set up for long-term sharing.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要