Abstract
The security of personal information often competes with the purpose for which the information was acquired and stored. While the intention is to use the data to fufil a certain aim, or to perform an order, security and safety control restrict access to the data in order to exclude access which is not considered to be necessary by all means. Generalized, universal rules often cannot be used to make decisions about the security of personal information. In many cases, individual users of a system are responsible for the security of the data and only they know what has to be done, and what has to be prevented. The approach which gives them the ability to decide on security features is called user-oriented security.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Uwe Blöcher and Axel Pfau: Auswahlstrategien für Sicherheitsmechanismen zur Erfüllung von Sicherheitsanforderungen. Datenschutz und Datensicherheit 5/95, p. 284–292. vieweg 1995.
Comité Consultatif International Télégraphique et Télephonique: X series Recommendations. X.500: Data Communication Networks, The Directory. Geneva 1992.
Comité Consultatif International Télégraphique et Télephonique: I/Q series Recommendations I.312/Q.1201. Principles of Intelligent Network Architecture. Genf 1992.
Meinolf Dierkes, Ute Hoffmann and Lutz Marz: Leitbild und Technik. Zur Ent-stehung und Steuerung technischer Innovationen. Edition Sigma, 1992.
ECMA TR/46: Security in Open Systems, A Security Framework. European Computer Manufacturers Association, Geneva 1988.
ECMA-138: Security in Open Systems, Data Elements and Service Definitions. European Computer Manufacturers Association, Geneva 1989.
ISO/IEC International Standard 7498: Information Processing Systems — Open Systems Interconnection — Basic Reference Model. International Organization for Standardization, 1984.
ISO/IEC International Standard 10166–1: Document Filing and Retrieval (DFR), Part 1: Abstract Service Definition and Procedures. ISO/IEC, 1991.
ISO/IEC International Standard 10166–2: Document Filing and Retrieval(DFR), Part 2: Protocol Specification. ISO/IEC, 1991.
Marjan Jurecic, Ulrich Kohl and Ernst Pelikan: SaferCom — ein Prototyp für Datenschutz in verteilten Klinikanwendungen. In: Datenschutz und Datensicherung 3/94, S. 146–152, vieweg 1994.
Marjan Jurecic: Datenschutz und Datensicherheit in offenen Rechnernetzen —eine technische Lösung ausgeführt für den Krankenhausbereich. Shaker 1996.108
Sape Mullender: Protection. In: Distributed Systems. p. 117–132. ACM Press,1989.
Günter Pernul and Lothar Kochne: Semantische Objektmodellierung anwen-dungsori entierter Informationssysteme vorn Standpunkt des Sicherheitsmanagements. In: Wolfgang König (Ed.): Wirtschaftsinformatik ‘85, p. 169–176. physica 1995.
Kai Rannenberg, Herbert Damker, Werner Langenheder, Günter Müller: Mehrseitige Sicherheit als integrale Eigenschaft von Kommunikationstechnik. In: H. Kubicek, G. Müller, K.-H. Neumann, E. Raubold, A. Roßnagel (Ed.): Jahrbuch Telekommunikation und Gesellschaft, p. 254–261, 1995. R.v. Decker’s Verlag, 1995.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1997 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Kohl, U. (1997). User-Oriented Control of Personal Information Security in Communication Systems. In: Anderson, R. (eds) Personal Medical Information. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-59023-8_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-59023-8_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-63244-3
Online ISBN: 978-3-642-59023-8
eBook Packages: Springer Book Archive