ACTRA - A Case Study for Threat Information Sharing

Jon C. Haass; Gail-Joon Ahn; Frank Grimmelmann

doi:10.1145/2808128.2808135

ACTRA - A Case Study for Threat Information Sharing

Jon C. Haass, Gail-Joon Ahn, Frank Grimmelmann

Cyber Intelligence and Security

Research output: Contribution to journal › Article › peer-review

Abstract

This paper provides a case study for information sharing within a public/private not-for-profit partnership organization called ACTRA – Arizona Cyber Threat Response Alliance, Inc.. This initiative is comprised of public and private entities with government agencies as invited guests aligned around the goal of improved response to cyber security events. Technical, political, legal and organizational issues arise when multiple parties attempt to exchange information in a formal setting. Benefits and specific solutions developed are discussed. The study concludes with several areas for future improvement and investigation as well as recommendations for newly forming sharing groups.

Original language	American English
Journal	CCS'15 The 22nd ACM Conference on Computer and Communications Security
DOIs	https://doi.org/10.1145/2808128.2808135
State	Published - Jan 1 2015

Keywords

TAXII
STIX
Cyber Threat Intelligence Sharing
ISAO
ISAC
Security
Privacy
information
Data Sharing

Disciplines

Defense and Security Studies
Other Political Science
Policy Design, Analysis, and Evaluation
Ethics and Political Philosophy
Digital Communications and Networking
Other Computer Engineering
Other Engineering
Risk Analysis
Intellectual Property Law

Access to Document

10.1145/2808128.2808135License: CC BY

ACTRA - A Case Study for Threat Information SharingFinal published version, 418 KBLicense: CC BY
Haass - WISCS 2015 ACTRA final.pdfFinal published version, 282 KBLicense: Unspecified

Cite this

@article{5d06041f34144dc680fa7205384796e0,

title = "ACTRA - A Case Study for Threat Information Sharing",

abstract = " This paper provides a case study for information sharing within a public/private not-for-profit partnership organization called ACTRA – Arizona Cyber Threat Response Alliance, Inc.. This initiative is comprised of public and private entities with government agencies as invited guests aligned around the goal of improved response to cyber security events. Technical, political, legal and organizational issues arise when multiple parties attempt to exchange information in a formal setting. Benefits and specific solutions developed are discussed. The study concludes with several areas for future improvement and investigation as well as recommendations for newly forming sharing groups.",

keywords = "TAXII, STIX, Cyber Threat Intelligence Sharing, ISAO, ISAC, Security, Privacy, information, Data Sharing",

author = "Haass, {Jon C.} and Gail-Joon Ahn and Frank Grimmelmann",

year = "2015",

month = jan,

day = "1",

doi = "10.1145/2808128.2808135",

language = "American English",

journal = "CCS'15 The 22nd ACM Conference on Computer and Communications Security",

}

TY - JOUR

T1 - ACTRA - A Case Study for Threat Information Sharing

AU - Haass, Jon C.

AU - Ahn, Gail-Joon

AU - Grimmelmann, Frank

PY - 2015/1/1

Y1 - 2015/1/1

N2 - This paper provides a case study for information sharing within a public/private not-for-profit partnership organization called ACTRA – Arizona Cyber Threat Response Alliance, Inc.. This initiative is comprised of public and private entities with government agencies as invited guests aligned around the goal of improved response to cyber security events. Technical, political, legal and organizational issues arise when multiple parties attempt to exchange information in a formal setting. Benefits and specific solutions developed are discussed. The study concludes with several areas for future improvement and investigation as well as recommendations for newly forming sharing groups.

AB - This paper provides a case study for information sharing within a public/private not-for-profit partnership organization called ACTRA – Arizona Cyber Threat Response Alliance, Inc.. This initiative is comprised of public and private entities with government agencies as invited guests aligned around the goal of improved response to cyber security events. Technical, political, legal and organizational issues arise when multiple parties attempt to exchange information in a formal setting. Benefits and specific solutions developed are discussed. The study concludes with several areas for future improvement and investigation as well as recommendations for newly forming sharing groups.

KW - TAXII

KW - STIX

KW - Cyber Threat Intelligence Sharing

KW - ISAO

KW - ISAC

KW - Security

KW - Privacy

KW - information

KW - Data Sharing

UR - https://commons.erau.edu/publication/294

U2 - 10.1145/2808128.2808135

DO - 10.1145/2808128.2808135

M3 - Article

JO - CCS'15 The 22nd ACM Conference on Computer and Communications Security

JF - CCS'15 The 22nd ACM Conference on Computer and Communications Security

ER -

ACTRA - A Case Study for Threat Information Sharing

Abstract

Keywords

Disciplines

Access to Document

Other files and links

Cite this