Abstract: A method is provided for monitoring the integrity of a physical object, wherein the object receives a request of a server via a communication network. The request includes a digital character string, and in response to the received request, an electronic system of the object ascertains the digital fingerprint of the object and combines the ascertained digital fingerprint with a digital secret, which is known to the server and is stored in a memory device, and with the received character string (C) in order to form a response. The object transmits the response to the server via the communication network for analysis.

Abstract: A system and a method for accessing data in a secure manner are provided, in which the data comprises a number of data sets and each of the data sets is assigned to a user. The data sets are stored in a database in an encrypted manner, and are decryptable by means of a first decryption key assigned to the particular entity. The first decryption keys are stored in a volatile memory unit, and each of the first decryption keys are encrypted separately using a first and at least a second encryption key assigned to the particular entity, and the encrypted first decryption keys are stored in a permanent memory unit. After the volatile memory unit is erased, the encrypted first decryption keys are copied from the permanent memory unit into the volatile memory unit, and the encrypted first decryption keys are decrypted in the volatile memory unit.

Abstract: Provided are a system and a method for secure access to data, where the data comprises a number of data records each assigned to an entity, such as a user, and where the data records are stored in encrypted form in a database. A first decryption key assigned to a particular entity is used to decrypt the data records assigned to the particular entity. The first decryption keys are stored in a volatile memory, and the first decryption keys assigned to the particular entity are encrypted by an encryption key assigned to the particular entity, and the encrypted first decryption keys are stored in a permanent memory. After the volatile memory is cleared, the encrypted first decryption keys are copied from the permanent memory into the volatile memory, and in the volatile memory, the first decryption keys are decrypted by a second decryption key assigned to the particular entity.

Abstract: A system for reliable data processing is provided, wherein the system is implemented in a sealed infrastructure, wherein the sealed infrastructure comprises at least one processing area and a storage area, wherein the network area, the processing area, and the storage area are separated from each other physically, wherein the processing area is adapted to receive data from the storage area and/or from the network area in encrypted form, to decrypt to process the received data, and to transmit the processed data in encrypted form to the storage area and/or to the network area. Further, a method for reliable processing of data in a system according to the invention is provided.

Abstract: A method is provided for securely and efficiently accessing connection data of at least one telecommunication provider is provided, wherein the connection data is ascertained by the telecommunication provider and is encrypted by the telecommunication provider, the encrypted connection data is transmitted from the telecommunication provider to a secured environment, the connection data is decrypted in the secured environment and, for a first predetermined time period, is stored as decrypted connection data exclusively in a volatile memory of the secured environment, and the access to the connection data is exclusively granted as access to the decrypted connection data stored in the volatile memory of the secured environment via a predetermined interface of the secured environment.

Abstract: A method is provided for safeguarding values of attributes of a data record that can be stored in a first relational database against unauthorized access, wherein a value of a foreign key attribute of the data record refers to a key for the first relation or for a second relation, and wherein the value of the foreign key attribute is stored in a mapping relation, the values of attributes of the data record that are not foreign key attributes are stored in the first relation, and the mapping relation is stored in a volatile data memory.

Abstract: A method and system are provided for securing telecommunications traffic data. A method is provided for transmitting messages via a telecommunications network between a number of subscribers by means of a telecommunications service, wherein the telecommunications service receives at least one first message of individual first size from at least one first subscriber to the telecommunications service that is intended for at least one second subscriber of the telecommunications service. In reaction to receiving a message, the telecommunications service sends at least one second message to the at least one second subscriber, wherein the at least one second message obtains a second size. The first size cannot be conclusively deduced from the second size.

Abstract: A method is provided for securing telecommunications traffic data that are incurred with the telecommunications service provider of the telecommunications service when at least one telecommunications service is used by a number of subscribers is provided, wherein the telecommunications service is performed in a secure environment, the telecommunications service receives a message from at least one first subscriber of the telecommunications service, the message being intended for at least one second subscriber of the telecommunications service, and the telecommunications service, in response to the receipt of the message, sends a notification to the at least one second subscriber, wherein between the receipt of the message and the sending of the notification, a predetermined time delay is provided. Further, a system is provided for securing telecommunications traffic data is provided being adapted to execute the method according to the invention.

Abstract: A device for generating a virtual network user that can be used, for data protection purposes, as a pseudonym by which a physical person or legal entity can gain access to the Internet and engage services that can be implemented via the network. The network user is defined by a freely specifiable combination of real and/or arbitrarily specifiable attributes. The input of these attributes into the network access device (PC) of the user activates a transformation system which facilitates the generation of the data flows that implement the virtual network user and that can be saved with the temporal sequence of the data flow in a storage device of the transformation system. An access system allocated to an independent authority is provided, which upon activation can initiate the readout of such data from a memory allocated to the storage device of the transformation system.

Abstract: A device for generating a virtual network user that can be used, for data protection purposes, as a pseudonym by which a physical person or legal entity can gain access to the Internet and engage services that can be implemented via the network. The network user is defined by a freely specifiable combination of real and/or arbitrarily specifiable attributes. The input of these attributes into the network access device (PC) of the user activates a transformation system which facilitates the generation of the data flows that implement the virtual network user and that can be saved with the temporal sequence of the data flow in a storage device of the transformation system. An access system allocated to an independent authority is provided, which upon activation can initiate the readout of such data from a memory allocated to the storage device of the transformation system.

Abstract: A device for generating a virtual network user that can be used, for data protection purposes, as a pseudonym by which a physical person or legal entity can gain access to the Internet and engage services that can be implemented via the network. The network user is defined by a freely specifiable combination of real and/or arbitrarily specifiable attributes. The input of these attributes into the network access device (PC) of the user activates a transformation system which facilitates the generation of the data flows that implement the virtual network user and that can be saved with the temporal sequence of the data flow in a storage device of the transformation system. An access system allocated to an independent authority is provided, which upon activation can initiate the readout of such data from a memory allocated to the storage device of the transformation system.