Authors:
Michael Meinig
1
;
Peter Tröger
2
and
Christoph Meinel
1
Affiliations:
1
Hasso-Plattner-Institute (HPI), University of Potsdam, 14482 Potsdam and Germany
;
2
Beuth University of Applied Science, 13353 Berlin and Germany
Keyword(s):
Anonymity, Log Analysis, Security Awareness, Threat Awareness, Threat Modelling.
Related
Ontology
Subjects/Areas/Topics:
Information and Systems Security
;
Information Assurance
;
Information Hiding
Abstract:
Modern information infrastructures and organizations increasingly face the problem of data breaches and cyber-attacks. A traditional method for dealing with this problem are classification zones, such as ‘top secret’, ‘confidential’, and ‘unclassified’, which regulate the access of persons, hardware, and software to data records. In this paper, we present an approach that finds classification zone violations through automated message flow analysis. Our approach considers the problem of anonymization for the source event logs, which makes the resulting data flow model sharable with experts and the public. We discuss practical implications from applying the approach to a large governmental organization data set and discuss how the anonymity of our concept can be formally validated.