Gerhard Weck scite author profile

Data protection and information security can be assured by using a multi-level-security (MLS) access control model. However, a workflow between persons with different security levels is complicated by the fact that the exchange of information is only allowed in one direction: from persons that are assigned to a specific security level to person that are assigned to the same security level or to a higher security level (write up). Literature show solution approaches by using a MLS model with increased granularity. This enables distributing parts of documents to subjects of lower security levels without causing a security compromise. However, it does not consider an important aspect of workflows: the deleting of information. Thus, this work uses electronic engineering enlarges the introduced MLS model with increased granularity by integrating a deleting feature. This enables an improved workflow between persons with different security levels.

show abstract

Vertrauliche Verarbeitung staatlich eingestufter Information – die Informationstechnologie im Geheimschutz

Gericke

Thorleuchter

Weck

et al. 2008

Informatik Spektrum

View full text Add to dashboard Cite

Bedingt durch die in den letzten Jahren aufkommende asymmetrische Bedrohung 1 ist von staatlichen Stellen eine vermehrte Aktivität zur Gefahrenabwehr im Bereich der öffentlichen Sicherheit notwendig. Diese ist von den staatlichen Einrichtungen nicht alleine zu erbringen. Ein wesentliches Element der Gefahrenabwehr ist die staatlich geförderte Sicherheitsforschung, die u.a. im nationalen Sicherheitsforschungsprogramm des BMBF und im 7. Forschungsrahmenprogramm der EU ab 2007 beheimatet ist. Diese Forschungsvorhaben werden häufig sicherheitssensible Informationen beinhalten und wahrscheinlich in Vielzahl nach dem Geheimschutzverfahren eingestuft. Eine wesentliche Voraussetzung für die Akquisition von Fördermitteln zur Durchführung solcher Forschungsvorhaben ist das Vorhandensein einer Geheimschutz-konformen informationstechnischen Infrastruktur. In diesem Bericht werden die allgemeinen Trends und Entwicklungen im Geheimschutz unter dem speziellen Aspekt der Informationstechnologie dargestellt und mögliche Probleme sowie deren Lösungsmöglichkeiten aufgezeigt.In the last years, the rising asymmetrical threat is causing governments to pay more attention to security, especially in technical areas. New and ever more complex tasks in areas concerned with defence against these new types of threat require additional research and development of new techniques. For this reason, national and European governments are increasingly funding security research. So the German national research program now contains a lot of security topics, and the European framework research program (FP7) also contains security research as a central point. These security research projects will start in 2007/2008 and may often contain classified (e.g. restricted or secret) information. In order to acquire funding in this area, researchers have to demonstrate the existence of an IT infrastructure satisfying special requirements as are outlined in security standards like ISO 27001 or the German "Grundschutzhandbuch" ("Baseline Security Manual"). The following paper presents current trends and developments for the protection of restricted information and outlines possible problems as well as their solutions. 1 [Mit] asymmetrische[r] Bedrohung [...] wird eine Konfliktform umschrieben, bei der sich Staaten oder Gesellschaften seitens staatlicher oder nichtstaatlicher Akteure, z.B. terroristische Netzwerke, Befreiungskämpfer, Computerhacker, einer Gefährdung durch zumeist nicht konventionelle Mittel ausgesetzt sehen. [8]

show abstract

Key Recovery — Möglichkeiten und Risiken

Weck

1999

View full text Add to dashboard Cite

Einführung

Weck

1984

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Gerhard Weck

Usability Based Modeling for Advanced IT-Security – An Electronic Engineering Approach

Granular Deleting in Multi Level Security Models – An Electronic Engineering Approach

Vertrauliche Verarbeitung staatlich eingestufter Information – die Informationstechnologie im Geheimschutz

Key Recovery — Möglichkeiten und Risiken

Einführung

Contact Info

Product

Resources

About