The introduction of the General Data Protection Regulation (GDPR) in Europe raises a whole series of issues and implications on the handling of corporate data. We consider the case of security-relevant data analyses in companies, such as those carried out by Security Information and Event Management (SIEM) systems. It is often argued that the processing of personal data is necessary to achieve service quality. However, at present existing systems arguably are in conflict with the GDPR since they often process personal data without taking data protection principles into account. In this work, we first examine the GDPR regarding the resulting requirements for SIEM systems. On this basis, we propose a SIEM architecture that meets the privacy requirements of the GDPR and show the effects of pseudonymization on the detectability of incidents.

欧洲引入的《通用数据保护条例》（GDPR）引发了一系列问题，并影响了公司数据的处理。我们考虑公司中与安全相关的数据分析的情况，例如由安全信息和事件管理（SIEM）系统执行的数据分析。经常有人争辩说，处理个人数据对于实现服务质量是必要的。但是，目前的现有系统可以说与GDPR冲突，因为它们经常在不考虑数据保护原则的情况下处理个人数据。在这项工作中，我们首先检查有关SIEM系统的最终要求的GDPR。在此基础上，我们提出了一种符合GDPR隐私要求的SIEM体系结构，并显示了假名对事件可检测性的影响。