The increased use of electronic data and communication channels entails constantly growing demands on the protection of data against unwanted data access, but also simultaneously on the ability to access data with the greatest of ease, convenience and the least complexity possible. Particularly on account of the increasing reciprocal networking and the frequently large number of different users who are able to gain physical access to particular data, effective electronic or software-based control and protective mechanisms have become indispensable.
The effective protection of data which can be accessed in diverse ways against unauthorised access plays a significant role. A large number of encryption mechanisms using symmetrical or asymmetrical data keys are known, of which the encryption programs such as PGP, which operate on the basis of asymmetrical key systems, are probably among the securest and most convenient to handle and are therefore used most widely. Both symmetrical and asymmetrical key systems are based on the use of at least one individual data key, which must be accessible only to the authorised user for the purpose of encrypting and decrypting his data. Access to this individual key needs to be protected from unauthorised users as effectively as possible.
The protection of electronic data from unauthorised access plays a particularly significant role for person-related data such as address lists or customer data, for data in the financial sector and particularly for data in the health sector. In the health sector, where the most stringent demands are placed on data integrity, data protection provisions demand that any user of data be clearly identified and authenticated. Authentication refers to a user's authentication being awarded on the basis of his identification, wherein only authenticated users can obtain access to the data in question. In the health sector, the authentication function is also called “access control”.
In addition to authentication, in security-critical data applications, e.g. in telemedicine or in home care systems, any communication over fundamentally nonsecure communication channels and any storage of security-critical data require encryption. When using encrypted data, it may be necessary for a plurality of different users to be able to access the data. This may be the case, by way of example, when customer data are being managed by the employees of a bank, in the case of personal data in personnel departments, in the case of joint use of data in development teams or in the case of data in the health sector which should be accessible to a plurality of treating physicians or to a particular group of medical specialist personnel. In this case, there is the problem that data which have been encrypted by a particular user using his individual data key cannot be decrypted by other users using other individual data keys.
To make the encrypted data available nevertheless to particular user groups for the purpose of joint use, it is often customary to communicate the data key required for this purpose to all users. Distributing the key to the user group causes considerable problems for data integrity, since the key needs to be communicated to a large number of people who are involved, and since the fact that it is difficult to memorise data keys which are effective for security purposes means that it is not unusual for these data keys to be kept in an inappropriate manner, e.g. on notepaper in desk drawers. The central management of the keys also makes it necessary to keep key logs, “code logs”, whose ability to be spied out represents a further security problem factor.