In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
Eighth International Network Conference (INC 2010)
Title: Survey on Legal Data Protection Norms Relevant to Automated Network Infrastructure Analysis
Author(s): Ingo Ritter, Martin Kappes, Peter Wedde, Rüdiger Gad, Andreas Renner
Keywords: technical data protection, automatic LAN infrastructure analysis
Abstract: In order to conduct an automated network infrastructure discovery yielding a
complete description of the network and its components as possible, it is
necessary to analyze data flows and services provided in the network. However,
if such an analysis is done without restrictions, it may also capture, process
and store personal data of network users. Therefore, such an analysis could be
illegal according to data protection norms as personal rights of users might be
In this paper, we identify the relevant German data protection norms in such
scenarios and subsequently analyze the applicability of these norms to the
layers of the network reference model. Furthermore, we study the relevance of
application layer protocol header fields for some protocols and evaluate
whether and in which cases the use of such fields is allowed with respect to
data protection norms. Our main emphasis is the trade-off between data
protection and legitimate IT security interests when conducting an automated
network infrastructure analysis.
Download count: 1803
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.