Adham Albakri

Privacy-and-Secrecy-preserving, secure processing of big-data/EU policy complilance
Research work: 

Our research will include studying privacy preservation mechanisms in big data and presenting the challenges for existing mechanisms. Besides, the research endeavors to improve existing data protection methods and develop new scalable data protection techniques for big-data focusing particularly on big-data hosting, analysis, and processing in the cloud. The project will develop novel privacy and secrecy preserving techniques for the analysis of big data in the cloud and novel protection techniques ensuring the confidentiality and integrity of big-data. Moreover, the research will develop novel techniques for secure transformation and processing of big data in the cloud without compromising privacy or confidentiality and securely perform privacy-preserving analysis of significant open data without compromising the secrecy of the analysis.
Particular emphasis will be placed on ensuring compliance with European cyber-security directive and with regulatory requirements and recommendations for privacy data protection as well as ensuring alignment with the European Cloud strategy.

ESRs Publications


Sharing Cyber Threat Intelligence (CTI) is a key strategy for improving cyber defense, but there are risks of breaching regulations and laws regarding privacy. With regulations such as the General Data Protection Regulation (GDPR) that are designed to protect citizens’ data privacy, the managers of CTI datasets need clear guidance on how and when it is legal to share such information. This paper defines the impact that GDPR legal aspects may have on the sharing of CTI. In addition, we define adequate protection levels for sharing CTI to ensure compliance with the GDPR. We also present a model for evaluating the legal requirements for supporting decision making when sharing CTI, which also includes advice on the required protection level. Finally, we evaluate our model using use cases of sharing CTI datasets between entities.


Incident information sharing is being encouraged and mandated as a way of improving overall cyber intelligence and defense, but its take up is slow. Organisations may well be justified in perceiving risks in sharing and disclosing cyber incident information, but they tend to express such worries in broad and vague terms. This paper presents a specific and granular analysis of the risks in cyber incident information sharing, looking in detail at what information may be contained in incident reports and which specific risks are associated with its disclosure. We use the STIX incident model as indicative of the types of information that might be reported. For each data field included, we identify and evaluate the threats associated with its disclosure, including the extent to which it identifies organisations and individuals. The main outcome of this analysis is a detailed understanding of which information in cyber incident reports requires protection, against specific threats with assessed severity. A secondary outcome of the analysis is a set of guidelines for disciplined use of the STIX incident model in order to reduce information security risk.