Olaf Winkel, Franz Büllingen
Sicherheit in der Telekommunikation - Soziale, institutionelle und organisatorische Voraussetzungen der Implementation von Sicherheit in telematischen Netzwerken
Nr. 153 / November 1995
The question of security in information and communications systems has increasingly developed into a key catagory for the acceptance and diffusion of telecommuncations-based services. The public interest in privacy, integrity of data and information as well as access security proportionally increases to the extent, in which interpersonal interactions, administration processes and business transactions are transferred via electronic media. The increased use of communications services involve technical as well as social risks. Due to the growing complexity and integration of communications systems, risks of technical faults arise, which will more and more affect central areas of economy and society. At the same time, the possibilities of manipulation, tapping or the destruction of information and communications relationships by unauthorized persons will increase.
The development of strategies, trying to find solutions to these problems, is impeded by the existence of diverging demands on the design of security mechanisms and infrastructures made from different sides. This does not only disturb the effective use of possibilities offered by modern safety technology, but also hinders the creation and stabilisation of trust in the security of telecommunications-based services. Particularly the development of trust as a central category of social integration, interpersonal com-munications and business transactions will decisively influence the success and diffusi-on of telematic innovations in the future.
In this report, the structural crisis potential, which has developed by the migration of telematic services (and will still increase in the future), is analysed, including the question of how the reliability and trustworthiness of information and communications relationships can be increased by specific technical and socio-political measures. Both taking place with recourse to the socio-scientific theory of risks, whose analytical categories are applied on security problems.
The study shows that the central starting-points for the improvement of the situation are rather to be found in the socio-political than in the technical field. In view of the rapid technical progress and the various coevolutive effects, there is no absolute safety. Only the creation of appropriate institutional, organisational and functional capacities of pro-blem treatment as a basis of an efficient security infrastructure will offer a practical way towards solution. In the framework of an innovative ‘security culture’, security has to be established again and again in the different application fields under permanently changing conditions and has to be implemented in a way being accepted by all sides.
On this basis, different possibilities have been discussed to increase the inadequate security awareness of providers, network operators and users, to improve the allocation of security technology and to counteract acceptance and diffusion obstacles. Suitable are measures for the promotion of discourses and participation processes, aiming at an improved societal risk management, as well as measures with a wider range of intervention. E.g. institutions like computer emergency teams working in an international association according to the model of CERT or independent trust centres, managing key duplicates of decryption. They contribute to bring the users’ justified but diverging claims to privacy into line with the authorities’ legitimate claims to tapping possibilities on the other side.
Only German language version available.