Distributed computer networks and so-called computer network infrastructures, respectively, describe a multitude of computer systems which can communicate with each other via data connections. Confidential content is exchanged to some extent and non-authorized persons shall not have any access possibility to it. In particular in computer network infrastructures that include server-client-topologies, confidential data, e.g. customer data or user data, is exchanged between client and server, wherein third party access to the data has to be suppressed.
Conventional security strategies to increase data protection include provisions (processes to be respected) or regulations (rules or prohibitions) for third parties such as administrators, whereby only restricted or controlled access to confidential data shall be permitted.
On the other hand, technical measures are provided to or in the computer systems to prevent physical and/or logical access to computer systems and restrict access only to authorized persons.
However, such approaches to improving data protection promote data security, but come with the disadvantage that they usually do not constitute obligatory measures to prevent access to confidential data.
Furthermore, for the data exchange or communication among one another, common computer network infrastructures work with access possibilities, for example, via network, or possibilities of addressability of services within the computer systems, which make them vulnerable to external attacks. This is because, for services to be addressable, a running program is required on one or multiple network ports of a computer system. This running program constitutes a potential security gap for external attacks via network.
There is a risk that under certain circumstances an attacker (hacker), who gains access to a computer system, may possibly extend the attack across further computer systems in the computer network infrastructure and is able to continue it on other computer systems. On the other hand, communication structures are required in a computer network infrastructure for communication and processing of information between individual computer systems.
It could therefore be helpful to improve protection against attacks to computer systems in a computer network infrastructure by technical provisions, keep the impact or spread of attacks to distributed computer systems within the computer network infrastructure to a minimum and nevertheless provide a communication structure that ensures a satisfactory and safe forwarding of data within the computer network infrastructure, in particular an event control of individual computer systems.