Martin Kolar

Topic: 
Trustworhy information exchange
Research work: 

The research topic is the design and development of an architecture and methodology for trusted threat intelligence sharing in the context of Security Analytics. The basic idea is to incorporate in our security analytics platform cyber-information coming from externals sources (public and private) in order to anticipate the defenses and be prepared for the attack. It is crucial to take into consideration the trust and reputation of the different sources before applying this information in order to prevent malicious nodes from feeding wrong or misleading info. The assessment of the information has to bear in mind two different types of source provisioning:

  • information is handled by a single provider. In this case it is necessary to assess the trust in the source node because the trust in the information it provides is dependant of it
  • information provided is a compilation of different sources. For this case it is necessary to assess the different data and, therefore, needs to be assessed individually for each data source provider

We also contemplate the provisioning of information, resulting from our analysis and activity, to external sources.

ESRs Publications

Description:

Entities, such as people, companies, institutions, authorities and web sites live and exist in a conjoined world. In order to live and enjoy social benefits, entities need to share knowledge, resources and to cooperate together. The cooperation brings with it many new challenges and problems, among which one is the problem of trust. This area is also important for the Computer Science. When unfamiliar entities wish to cooperate, they do not know what to expect nor whether they can trust each other. Trust negotiation solves this problem by sequential exchanging credentials between entities, which have decided to establish a trust relationship in order to reach a common goal. Entities specify their own policies that handle a disclosure of confidential information to maintain their security and privacy. Policies are defined by means of a policy language. This paper aims to identify the most suitable policy language for trust negotiation. To do so, policy languages are analysed against a set of criteria for trust negotiation that are first established.