PRISM – PRIvacy-aware Secure Monitoring
Passive monitoring of communication networks is relevant for running these networks and the detection of cyber attacks. The PRISM project developed a two-tier privacy-compliant integrated monitoring architecture.
Traffic monitoring has always been recognised as a feature of paramount importance for all sorts of networks, from very small access networks to world-wide operator domains. On one side, traffic monitoring is a fundamental method to acquire essential information for the operation and management of real networks and for Service Level Agreement validation. On the other side, traffic monitoring is needed to guarantee the security of the network infrastructure and its users. In fact, continuous traffic monitoring often feeds Intrusion / Anomaly Detection Systems (IDS/ADS) which trigger alarms and set up countermeasures in reaction to events such as network intrusions, denial-of-service attacks, worm infections and similar incidents. Network monitoring could also become a threat to users’ privacy by keeping individual communications under surveillance.
To enhance the level of data protection in the community, the Commission has identified a set of actions aimed at promoting the widespread development of Privacy Enhancement Technologies (PET), also with the aim to foster consumers’ trust in on-line services. The PRISM project will demonstrate the operation of a traffic monitoring architecture whose technical design guarantees privacy preservation. Our challenge is to break, with specific reference to network monitoring, the commonly accepted dichotomy between privacy and utility that underlies most of the applications and services devised to operate on personal or user-related data. The goal of our project is to investigate how it is possible to preserve the customers’ privacy, by avoiding disclosure of raw captured data even inside the controller domain itself, while preserving the possibility of running monitoring applications, including the possibility to detect and react to attacks and trace back abuses (thus improving public security). The PRISM technology aims at being fully legally compliant with data privacy protection regulation on one side, and to the security legislation on the other side.
The PRISM project proposes to develop a two-tier privacy-compliant integrated monitoring architecture.
- A first (front-end) tier of data protection mechanisms will be directly enforced at the traffic probe device, thereby guaranteeing that the data delivered to the controller will be already privacy-protected.
- A second (back-end) tier will enforce access procedures to the collected data and will orchestrate the operation of reversing, when strictly needed, the data protection mechanisms set forth by the first tier. Furthermore, it will make available security features, such as the correct level of security on the management and storage platforms, as well as will support procedures devised to anonymise and export data traces to third party users and external monitoring applications.
Monitoring applications will be suitably adapted to operate on data protected traces and/or through the mediation of the back-end middleware, without losing in effectiveness and the ability to react and defend against mis-behaving users and attackers.