Secure Benchmarking using Electronic Voting

Vivek Agrawal, Einar Arthur Snekkenes

Abstract

It is a common practice in the industry to organize benchmark processes to establish information security performance evaluation standards. A benchmarking system collects information security-related data from the organization to establish a standard. The information shared by the organization often contains sensitive data (details of the vulnerability, Cyber attacks). The present benchmarking systems do not provide a secure way of exchanging sensitive information between the submitter and the benchmark authority. Furthermore, there is a lack of any mechanism for the submitters to verify that the final benchmark result contains the response submitted by them. Hence, people are reluctant to take active participation in sharing their sensitive information in the benchmarking process. We propose a novel approach to solve the security limitations of present benchmarking systems by applying the concepts of electronic voting to benchmark. Our solution provides secrecy to submitters’ identity and to the benchmark responses. Our approach also ensures that all the submitted responses have been correctly counted and considered in the final benchmark result.

Download


Paper Citation


in Harvard Style

Agrawal V. and Arthur Snekkenes E. (2018). Secure Benchmarking using Electronic Voting.In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 1: SECRYPT, ISBN 978-989-758-319-3, pages 25-40. DOI: 10.5220/0006827800250040


in Bibtex Style

@conference{secrypt18,
author={Vivek Agrawal and Einar Arthur Snekkenes},
title={Secure Benchmarking using Electronic Voting},
booktitle={Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 1: SECRYPT,},
year={2018},
pages={25-40},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006827800250040},
isbn={978-989-758-319-3},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 1: SECRYPT,
TI - Secure Benchmarking using Electronic Voting
SN - 978-989-758-319-3
AU - Agrawal V.
AU - Arthur Snekkenes E.
PY - 2018
SP - 25
EP - 40
DO - 10.5220/0006827800250040