Pura-scis protocol: A novel solution for cloud-based information sharing protection for sectoral organizations

Fandi Aditya Putra, Kalamullah Ramli, Nur Hayati, Teddy Surya Gunawan

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)

Abstract

Over recent years, the incidence of data breaches and cyberattacks has increased significantly. This has highlighted the need for sectoral organizations to share information about such events so that lessons can be learned to mitigate the prevalence and severity of cyber incidents against other organizations. Sectoral organizations embody a governance relationship between cross-sector public and private entities, called public-private partnerships (PPPs). However, organizations are hesitant to share such information due to a lack of trust and business-critical confidentially issues. This problem occurs because of the absence of any protocols that guarantee privacy protection and protect sensitive information. To address this issue, this paper proposes a novel protocol, Putra-Ramli Secure Cyber-incident Information Sharing (PURA-SCIS), to secure cyber incident information sharing. PURA-SCIS has been designed to offer exceptional data and privacy protection and run on the cloud services of sectoral organizations. The relationship between organizations in PURA-SCIS is symmetrical, where the entities must collectively maintain the security of classified cyber incident information. Furthermore, the organizations must be legitimate entities in the PURA-SCIS protocol. The Scyther tool was used for protocol verification in PURA-SCIS. The experimental results showed that the proposed PURA-SCIS protocol provided good security properties, including public verifiability for all entities, blockless verification, data privacy preservation, identity privacy preservation and traceability, and private information sharing. PURA-SCIS also provided a high degree of confidentiality to protect the security and integrity of cyber-incident-related information exchanged among sectoral organizations via cloud services.

Original languageEnglish
Article number2347
JournalSymmetry
Volume13
Issue number12
DOIs
Publication statusPublished - Dec 2021

Keywords

  • Classified information
  • Cyber incident information sharing
  • Data protection
  • Privacy preservation
  • Sectoral organizations
  • Secure protocol

Fingerprint

Dive into the research topics of 'Pura-scis protocol: A novel solution for cloud-based information sharing protection for sectoral organizations'. Together they form a unique fingerprint.

Cite this