All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Protection of personal data in security alert sharing platforms

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F17%3A00094474" target="_blank" >RIV/00216224:14610/17:00094474 - isvavai.cz</a>

  • Result on the web

    <a href="https://dl.acm.org/citation.cfm?doid=3098954.3105822" target="_blank" >https://dl.acm.org/citation.cfm?doid=3098954.3105822</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1145/3098954.3105822" target="_blank" >10.1145/3098954.3105822</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Protection of personal data in security alert sharing platforms

  • Original language description

    In order to ensure confidentiality, integrity and availability (so called CIA triad) of data within network infrastructure, it is necessary to be able to detect and handle cyber security incidents. For this purpose, it is vital for Computer Security Incident Response Teams (CSIRT) to have enough data on relevant security events and threats. That is why CSIRTs share security alerts and incidents data using various sharing platforms. Even though they do so primarily to protect data and privacy of users, their use also lead to additional processing of personal data, which may cause new privacy risks. European data protection law, especially with the adoption of the new General data protection regulation, sets out very strict rules on processing of personal data which on one hand leads to greater protection of individual's rights, but on the other creates great obstacles for those who need to share any personal data. This paper analyses the General Data Protection Regulation (GDPR), relevant case-law and analyses by the Article 29 Working Party to propose optimal methods and level of personal data processing necessary for effective use of security alert sharing platforms, which would be legally compliant and lead to appropriate balance between risks.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

    <a href="/en/project/VI20162019029" target="_blank" >VI20162019029: Sharing and analysis of security events in Czech Republic</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2017

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Proceedings of the 12th International Conference on Availability, Reliability and Security

  • ISBN

    9781450352574

  • ISSN

  • e-ISSN

  • Number of pages

    8

  • Pages from-to

    „65:1“-„65:8“

  • Publisher name

    ACM

  • Place of publication

    Reggio Calabria

  • Event location

    Reggio Calabria

  • Event date

    Aug 29, 2017

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    000426964900065

Similar results(10)

Lessons Learned from Automated Sharing of Intrusion Detection Alerts: The Case of the SABU PlatformIP addresses in Cyber SecurityDigitization and new challenges to legislation