Abstract

Regulations in many countries govern the use of personally identifiable information (PII) in IT systems. A key aspect of these regulations is to retain PII only as long as necessary and delete it immediately afterwards. Organizations should also consider retaining PII only for the minimum period as business requirements demand it for liability reasons. A difficult sit-uation arises for an organization if the possibility of a compromise of PII is detected after the PII has been deleted. Today, in such a situation, the scope of the potential compromise cannot easily be ascertained. Furthermore, the owner of the PII cannot easily be informed. We propose a novel algorithm to generate PII fingerprints which allows the determination of the scope of the affected PII in case a compromise is confirmed. The benefit is the ability to determine the exact scope of a potential compromise.

Share

COinS
 

Applying PII fingerprints in security incident analysis

Regulations in many countries govern the use of personally identifiable information (PII) in IT systems. A key aspect of these regulations is to retain PII only as long as necessary and delete it immediately afterwards. Organizations should also consider retaining PII only for the minimum period as business requirements demand it for liability reasons. A difficult sit-uation arises for an organization if the possibility of a compromise of PII is detected after the PII has been deleted. Today, in such a situation, the scope of the potential compromise cannot easily be ascertained. Furthermore, the owner of the PII cannot easily be informed. We propose a novel algorithm to generate PII fingerprints which allows the determination of the scope of the affected PII in case a compromise is confirmed. The benefit is the ability to determine the exact scope of a potential compromise.