What are open and closed data sets
1. Basic problems of data protection and data security
1.6 Open systems and reliability
Information technology today: Open and distributed systems
- Hardware (PCs - also as servers, workstations)
- Operating systems (UNIX, MS-Windows, MacOS)
- Networks (local and global networks)
Goals of openness:
- Manufacturer independence,
- Interchangeability of components,
- Compliance with standards,
- Lack of security,
- no protection through ignorance - the systems are generally known down to the last bit -,
- easy accessibility,
- unprotected data storage and transmission.
Open and closed systems
[no exact definition]
- At every level it is effectively and reliably prevented that unauthorized persons can manipulate the system.
- Everything is forbidden and also impossible that is not expressly allowed.
- The principle of minimum rights (`need to know ') prevails.
- Tampering is not effectively prevented.
- Everything is allowed that is not expressly forbidden,
- ... and even a lot more is possible - there are no significant obstacles in the way of criminal energy.
Programs and data distributed over several computers.
- Client-server architectures,
- Network file systems (NFS, MS Shares), SAN = Storage Area Networks, Internet file system, outsourcing of data storage or backups to Internet service providers,
- distributed databases,
- electronic patient files in the hospital information system or doctor network,
- World Wide Web,
- Mobile agents,
- Microsoft's ".NET".
- Data transmission over the network.
- Authenticity of the communication partner.
- Insufficient technical protection of the "property":
- Where is the data physically located?
- The further the information is distributed, the more difficult it becomes to protect it.
- Complicated trust relationships (weakest link principle).
... and even more problems:
With the distribution of information processing across multiple systems, security responsibility is also distributed and becomes more difficult to keep track of.
The attempt to improve the performance of the overall system through closer coupling of the subsystems inevitably leads to an increase in complexity and thus to lower reliability.
Error handling in a distributed system is very complex.
Distributed systems are very susceptible to DoS = "Denial-of-Service" attacks (attacks on availability).
Leslie Lamport: A distributed system is one in which the failure of a computer you didn't even know existed can render your own computer unusable.
Distributed systems are very susceptible to the spread of malware (»worms«, »viruses«, »Trojan horses«).
Security requirements in open and distributed systems
- Encrypted data storage.
- Encrypted communication (data transmission).
- Verifiable access control:
- system-wide defined access matrix,
- decentralized role assignment.
- Commitment and Integrity of
- Information generation and storage,
- Server performance requirements,
- Communication relationships.
- Tap-proof and forgery-proof authentication of communication partners (people and machines).
- Control of internal and external network connections.
- Minimizing the assumptions of trust.
- Security architecture (e.g. based on CORBA):
- Distributed objects and services that
- communicate with objects that offer security services
- based on cryptographic protocols
- A server object receives a request for a data record from a client object.
- The client object identifies itself with the help of a cryptographic »credential«.
- The server object checks whether the »credential« has been issued by a trustworthy entity (TTP = Trusted Third Party Service) and whether the client is authentic.
- The server object queries an authorization service as to whether the client has the necessary rights based on the access matrix and role assignment (e.g. doctor on duty)
- ... fetches the requested data from its encrypted data storage if necessary
- ... and issues it via an encrypted communication link.
Today, data and information processing as well as communication are predominantly found in open systems instead of. These systems are initially without further action completely unsure.
The processing and storage of data in such open systems cannot be reconciled with data protection regulations and the concept of reliability.
The essential basis for solving these problems lies in cryptology.
Threats to PC security
Dangers in NT systems
Dangers in Unix systems
Network security threats
Security in standard software
Lecture on data protection and data security, Johannes Gutenberg University Mainz
Author: Klaus Pommerening, March 31, 1999; last change: November 16, 2001.
- How to make a fresh coffee
- IITs can hack websites
- What has philosophy done for us lately
- What are silicones in cosmetics
- Why did India lose the Indian War
- How do dog training whistles work
- Can we quantify people's worldview?
- Did Louis Armstrong really smoke weed?
- What should a Bichon Frize dog eat
- Can pesticides cause brain damage
- Are logicians considered to be mathematicians 1
- Who are the most googled celebrities
- Is love good or bad 4
- What happens when innovation and ethics collide
- Is HPCL a government company
- Why is pain funny to some people
- What color can a pixel be
- Are all characters from Marvel Comics mutants
- How do VPNs work
- Why are engineers so highly regarded?
- Can force lightning to turn people into dust
- What is an MVP Lean Startup
- What defines a process as scientific
- What is your favorite color 67
- How much do theater technicians earn in general
- Has stoicism overlapped with Buddhism?
- What kind of polymer is PHBV
- How do flowers affect our mood?
- How do loyalty programs work
- What is the AS language in robotics
- How ineffective are ads
- Why is Chris Hemsworth considered a heartbreaker
- How is Arijit Singh doing as a person
- Can North Korean missiles reach Australia?