Schlosssysmbol

Use of net services

Over the last weeks, a public discussion has started on the topic Tapping of internet communication and access to user data and emails via secret services. Many users got insecured what effects these processes have on their own handling of internet technologies.

The ITMC would like to refer to the following information:

Network and ITMC server infrastructure

  • The server systems operated by the ITMC are protected against third party access.
  • The ITMC provides no unauthorized third parties access to user data.
  • All user data are located locally in Rostock on systems operated by the ITMC itself and NOT outside Rostock’s university network infrastructure.
  • The access to ITMC services (application server, HIS, HOME, Ilias, Mailbox, SharePoint, StudIP etc.) from the internet is ALWAYS done with forced encryption and, thus, is tap-proof.

Data exchange via the internet

Data protection recommendations for using internet providers

The ITMC recommends all users to check the handling of data stored in the internet and use provider as reliable as possible

Criticial and/or data protection relevant data must NOT be stored at suppliers like Apple, Dropbox, Facebook, Google, Microsoft etc.

The ITMC automatically provides a HOME directory to all users with user ID, see here:

We currently offer a SharePoint for web-based data exchange, see here:

Soon, Gigamove can be also used for filesharing and a sync&share solution similar to DropBox is in progress via the DFN association and is expected to be available in the fourth quarter. The ITMC will inform about these opportunities as soon as they are available.

Long-term safety of asymmetric (Public-Key) encryption method

Unfortunately, NO known asymmetric encryption method offers protection without time limitation so far.
 
This also applies for the Perfect Forward Secrecy Procedure as the public keys for a recorded encrypted communication necessarily tob e exchanged in plain text could theoretically be used to break the encryption used for all sessions of the relevant communication, related future IT resources provided. See here:
http://tonyarcieri.com/imperfect-forward-secrecy-the-coming-cryptocalypse

Additional remarks

In case of questions or remarks on this document, please, get in contact by email with joerg.maletzky(at)uni-rostock.de.