Submission 14 Dec 2019 3:36:03am EST · 539694a9d43d670ae854f54ee499783e80d242c4ab75898bad9b0186e59a68cc539694a9
Graphical security models (GSMs) have been widely adopted for assessing the security of systems and networks. To use a conventional GSM on a cloud server, however, users’ sensitive data (e.g., network topology, host, vulnerabilities) can inherently be revealed to the cloud server. This situation would not be acceptable in private systems such as government or corporation networks. In this paper, we propose a novel framework named privacy preserving GSM (PP–GSM) using a fully homomorphic encryption (HE) scheme so that the user’s network model is stored and processed in an encrypted form to minimize disclosure of sensitive information about the user’s system. For PP–GSM, we develop several security assessment metrics (e.g., the probability of attacking a system) that can be calculated with an encrypted network model. To show the feasibility of PP– GSM, we performed experiments with various graph models and evaluated its efficiency and security.
Dongwon Lee (Sungkyunkwan University) <email@example.com>
Yongwoo Oh (Sungkyunkwan University) <firstname.lastname@example.org>
Jin B. Hong (University of Western Australia) <email@example.com>
Hyoungshick Kim (Sungkyunkwan University) <firstname.lastname@example.org>
Dongseong Kim (University of Queensland) <email@example.com>