In today's Internet, which is an example for a network with many network elements, many cross-domain threats exist. One important cause is the emergence of large-scale coordinated attach infrastructures, such as Botnets, which infect hosts across multiple administrative domains and make attacks by botnets difficult to detect. Detection of attacks could be significantly eased and made faster, by harvesting and correlating network security information from multiple domains' observation points. For instance, noting that a same IP (Internet Protocol) address exhibits anomalous access patterns consistently coming from several domains may foster confidence in concluding that something is wrong with such an address. However, sharing information across heterogeneous administrative domains comes along with severe concerns, such as the network users' privacy, the operators' secrecy needs, and regulation.
A privacy friendly solution can be given if the following problem is solved:                The domain operators monitor their network domain locally, marking certain nodes, e.g. represented by their IP address, as potentially being malicious.        The domain operators cannot share the list of potentially malicious nodes with other operators, e.g. due to privacy requirements, regulation, business interests.        If a node is marked as being potentially malicious by all operators, alternatively by a number of operators or above a threshold, then there is enough evidence that the respective node is malicious and the fact that this IP address is considered malicious by all operators should be learnt by all operators.        
Current state-of-the-art provides two solutions:                A first solution addressing the problem above is described in G. Bianchi, H. Rajabi, M. Sgorlon; Enabling Conditional Cross-domain Data Sharing via a Cryptographic Approach; IEEE workshop on collaborative security technologies, 12-13 Dec. 2011, Bangalore, India. However that solution does not offer perfect privacy: it allows linking of information even if the node does not appear at all nodes.        The problem described above can be solved by state-of-the-art cryptographic techniques because it is a variant of “private set intersection” protocols, see Lea Kissner, Dawn Xiaodong Song: Privacy-Preserving Set Operations. CRYPTO 2005: 241-257. However, all state-of-the-art protocols need communication rounds between the domain operators.        