Home | deutsch  | Legals | Data Protection | Sitemap | KIT

Publications

Seven Theses on IT Security

 

Seven Theses

Open Positions

You haven't found a suitable position? Even if it is not always advertised, we are happy to hear from new doctoral students / postdocs who are interested in reinforcing our team. Simply send us your unsolicited application. We look forward to hearing from you!

BMBF Logo

Security and Data Protection for the Future Living- and Working-Environment

Smart

Security and Data Protection for the Future Living- and Working-Environment

In this research field, KASTEL researchers are investigating the broad spectrum of questions arising from the integration of interconnected IT technologies in the environment and society. Services and products for Smart Environments should be both innovative and user-friendly, while at the same time meeting the user's desire for security and privacy and thus conforming to the legal framework. At KASTEL, concepts for a solution are explored which try to consider the different interests in this area of conflict.

Provable Security

The far-reaching integration of IT technology into the world of life and work enables a multitude of innovative applications and services. So-called "Smart Environments" form the basis for the automation of everyday processes and thus provide more comfort and efficient use of resources. But the acquisition and storage of data is also a critical issue here. The collected data can be used to infer activities, interests and preferences of individuals or business secrets of organisations. Secure procedures and communication protocols form the basis for the protection of privacy.

Data Protection and Privacy

Smart Environments capture and process countless amounts of data in a variety of ways. The resulting virtual image of the real world thus inevitably contains areas of privacy that are worthy of protection. For the acceptance of such products and services, it is therefore essential to take protection interests into account and to create transparency for the user as well as the possibility of intervention. One of the proven principles in data protection is data economy, which is based on the fact that only those personal data which are absolutely necessary for the respective application are to be collected and processed. However, it may also be appropriate to initially collect more data in order to achieve a better protection of privacy.

Participating research groups are the Zentrum für angewandte Rechtswissenschaften (ZAR), the Institut für angewandte Informatik und formalale Beschreibungsverfahren (AIFB) and the Fraunhofer IOSB.

Secure Data Processing

In order to guarantee the various protection interests in Smart Environments, secure methods for capturing, communicating, storing and visualizing data are required. This task poses a particular challenge: Smart Environments are a highly complex distributed system consisting of a large number of interconnected components of various shapes and capacities. These differ greatly from each other, e. g. in terms of user interface, but also in terms of available storage-, computing- and energy-resources. Various KASTEL projects are investigating security and access control issues. In doing so, they take into account in particular aspects of user-friendliness and resource-limited hardware.

Participating research groups are the Center for Applied Law (ZAR), the TeleMatics and the Fraunhofer IOSB.

Legal Aspects

In addition to the questions of feasibility and concrete implementation, Smart Environments also raise questions regarding legal standards and state regulation. The subject of the accompanying legal research in KASTEL is data protection law, among other things with regard to the European data protection basic regulation, but also work on questions of liability and evidence law. In doing so, concepts for the further development of the legal framework are also developed, taking into account technical possibilities and necessities.

The research group involved is the Center for Applied Law (ZAR).

Security and Data Protection for the Future Living- and Working-Environment

Security in modern, complex systems can only be reliably guaranteed if the requirements for the system are consistent, from design to quality assurance of the actual implementation. Actual attacks from the past were very often caused by a lack of security strategies. However, they often also made use of errors that only arose during implementation - there, the originally envisaged security design was not consistently implemented.

That's why we at KASTEL are researching a system theory for the continuous adaptation to strategic, evolving adversaries, as well as tools and methods to make security implementable and verifiable. Experts from the most diverse disciplines of computer science work closely together with experts from the legal sciences to further develop well-known methods for the documentation and analysis of systems and programs and to make them usable for use in the security-critical environment.

A broad spectrum of questions will be investigated, which arise from the profound integration of networked IT technology in the environment and society. KASTEL is thus continuing the long tradition of data protection in Germany and thus contributing to securing a location advantage for the German economy.

Participating research groups are the Center for Applied Law (ZAR), the TeleMatics, the Institut für angewandte Informatik und formalale Beschreibungsverfahren (AIFB) and the Fraunhofer IOSB