There is an increasing need to share threat information for the prevention of widespread cyber-attacks. While threat-related information sharing can be conducted through traditional information exchange methods, such as email communications etc., these methods are often weak in terms of their trustworthiness and privacy. Additionally, the absence of a trust infrastructure between different information-sharing domains also poses significant challenges. These challenges include redactment of information, the Right-to-be-forgotten, and access control to the information-sharing elements. These access issues could be related to time bounds, the trusted deletion of data, and the location of accesses. This paper presents an abstraction of a trusted information-sharing process which integrates Attribute-Based Encryption (ABE), Homomorphic Encryption (HE) and Zero Knowledge Proof (ZKP) integrated into a permissioned ledger, specifically Hyperledger Fabric (HLF). It then provides a protocol exchange between two threat-sharing agents that share encrypted messages through a trusted channel. This trusted channel can only be accessed by those trusted in the sharing and could be enabled for each data-sharing element or set up for long-term sharing.

翻译：为防范大规模网络攻击，威胁情报共享的需求日益增长。尽管可以通过传统信息交换方式（如电子邮件通信等）进行威胁相关情报共享，但这些方法在可信度和隐私保护方面往往较为薄弱。此外，不同信息共享域之间缺乏信任基础设施也带来了重大挑战，包括信息脱敏、被遗忘权，以及信息共享要素的访问控制。这些访问问题可能涉及时间约束、可信数据删除及访问位置限制。本文提出了一种可信信息共享过程的抽象模型，该模型将属性基加密（ABE）、同态加密（HE）和零知识证明（ZKP）集成到许可型账本（具体为Hyperledger Fabric，HLF）中。随后设计了一种协议交换机制，使两个威胁共享代理能够通过可信信道交换加密消息。该可信信道仅可由共享中受信方访问，可针对每个数据共享要素启用，也可设置为长期共享。