Visible to the public Improvement of Privacy Preserved Rule-Based Risk Analysis via Secure Multi-Party Computation

TitleImprovement of Privacy Preserved Rule-Based Risk Analysis via Secure Multi-Party Computation
Publication TypeConference Paper
Year of Publication2017
AuthorsSakumoto, S., Kanaoka, A.
Conference Name2017 12th Asia Joint Conference on Information Security (AsiaJCIS)
Date Publishedaug
KeywordsAttack Tree Analysis, confidential information abuse, confidential information leakage, cryptography, data privacy, Engines, expert systems, human factors, Ports (Computers), privacy, privacy preserved rule-based risk analysis, privacy protection, Protocols, Prototypes, pubcrawl, Random access memory, risk analysis, Scalability, secret sharing, secure multiparty computation, secure risk analysis method, Servers
AbstractCurrently, when companies conduct risk analysis of own networks and systems, it is common to outsource risk analysis to third-party experts. At that time, the company passes the information used for risk analysis including confidential information such as network configuration to third-party expert. It raises the risk of leakage and abuse of confidential information. Therefore, a method of risk analysis by using secure computation without passing confidential information of company has been proposed. Although Liu's method have firstly achieved secure risk analysis method using multiparty computation and attack tree analysis, it has several problems to be practical. In this paper, improvement of secure risk analysis method is proposed. It can dynamically reduce compilation time, enhance scale of target network and system without increasing execution time. Experimental work is carried out by prototype implementation. As a result, we achieved improved performance in compile time and enhance scale of target with equivalent performance on execution time.
Citation Keysakumoto_improvement_2017