Security and Data Protection for the Future Living- and Working-Environment
Security and Data Protection for the Future Living- and
Working-Environment
In this research field, KASTEL
researchers are investigating the broad spectrum of questions arising from the
integration of interconnected IT technologies in the environment and society.
Services and products for Smart Environments should be both innovative and
user-friendly, while at the same time meeting the user's desire for security
and privacy and thus conforming to the legal framework. At KASTEL, concepts for
a solution are explored which try to consider the different interests in this
area of conflict.
Provable Security
The far-reaching integration of IT
technology into the world of life and work enables a multitude of innovative
applications and services. So-called "Smart Environments" form the
basis for the automation of everyday processes and thus provide more comfort
and efficient use of resources. But the acquisition and storage of data is also
a critical issue here. The collected data can be used to infer activities,
interests and preferences of individuals or business secrets of organisations.
Secure procedures and communication protocols form the basis for the protection
of privacy.
Data Protection
and Privacy
Smart Environments capture and process
countless amounts of data in a variety of ways. The resulting virtual image of
the real world thus inevitably contains areas of privacy that are worthy of
protection. For the acceptance of such products and services, it is therefore
essential to take protection interests into account and to create transparency
for the user as well as the possibility of intervention. One of the proven
principles in data protection is data economy, which is based on the fact that
only those personal data which are absolutely necessary for the respective
application are to be collected and processed. However, it may also be
appropriate to initially collect more data in order to achieve a better
protection of privacy.
Participating
research groups are the Zentrum für angewandte Rechtswissenschaften
(ZAR), the Institut
für angewandte Informatik und formalale Beschreibungsverfahren (AIFB) and the Fraunhofer IOSB.
Secure Data
Processing
In order to guarantee the various
protection interests in Smart Environments, secure methods for capturing,
communicating, storing and visualizing data are required. This task poses a
particular challenge: Smart Environments are a highly complex distributed
system consisting of a large number of interconnected components of various
shapes and capacities. These differ greatly from each other, e. g. in terms of
user interface, but also in terms of available storage-, computing- and
energy-resources. Various KASTEL projects are investigating security and access
control issues. In doing so, they take into account in particular aspects of
user-friendliness and resource-limited hardware.
Participating research groups are the Center for Applied Law
(ZAR), the TeleMatics and the Fraunhofer
IOSB.
Legal Aspects
In addition to the questions of
feasibility and concrete implementation, Smart Environments also raise
questions regarding legal standards and state regulation. The subject of the
accompanying legal research in KASTEL is data protection law, among other
things with regard to the European data protection basic regulation, but also
work on questions of liability and evidence law. In doing so, concepts for the
further development of the legal framework are also developed, taking into
account technical possibilities and necessities.
The research group involved is the Center for Applied Law
(ZAR).
Security
and Data Protection for the Future Living- and Working-Environment
Security in modern, complex systems can
only be reliably guaranteed if the requirements for the system are consistent,
from design to quality assurance of the actual implementation. Actual attacks from
the past were very often caused by a lack of security strategies. However, they
often also made use of errors that only arose during implementation - there,
the originally envisaged security design was not consistently implemented.
That's why we at KASTEL are researching a
system theory for the continuous adaptation to strategic, evolving adversaries,
as well as tools and methods to make security implementable and verifiable.
Experts from the most diverse disciplines of computer science work closely together
with experts from the legal sciences to further develop well-known methods for
the documentation and analysis of systems and programs and to make them usable
for use in the security-critical environment.
A broad spectrum of questions will be
investigated, which arise from the profound integration of networked IT
technology in the environment and society. KASTEL is thus continuing the long
tradition of data protection in Germany and thus contributing to securing a
location advantage for the German economy.