nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Implementation of Information Security in the EU Information Systems

An Estonian Case Study

verfasst von : Maris Järvsoo, Alexander Norta, Valentyna Tsap, Ingrid Pappel, Dirk Draheim

Erschienen in: Challenges and Opportunities in the Digital Era

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

In this paper we present the findings of a case-study on IT system security in the area of EU internal security and justice. We have analyzed the implementation of information security for the EU information systems EURODAC, SIS II and VIS in case of Estonia. The analysis comes in a situation, where there are multiple regulations, directives, guidelines; but it lacks a unified standard for the implementation of the member states subsystems. The main finding is that a separate standard is not necessary; however, there is a need for setting minimum requirements, ensuring security of the information systems, that come with appropriate guidelines that help the member states to achieve the minimum requirements. The second finding is that there is a need for greater cooperation and an increased knowledge exchange of the methods used in the member states. Following defined guidelines and exchanging knowledge would help to strengthen the level of security for the entire system.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Is Ecosystem Health a Useful Metaphor? Towards a Research Agenda for Ecosystem Health Research

Nächstes Kapitel Bridging the Knowledge Divide in GCC Countries: The Role of Digital Technologies

tool-based, standard thematic analysis with NVIVO.

formerly known as Dublin Convention.

Alonso Blas, D.: Ensuring effective data protection in the field of police and judicialactivities: some considerations to achieve security, justice and freedom. ERA Forum 11(2), 233–250 (2010)CrossRef

Aus, J.: Supranational governance in an area of freedom, security and justice –eurodac and the politics of biometric control. Technical Report DEI Working Paper, no. 72, Sussex University Institute (2003)

Aus, J.: Eurodac – a solution looking for a problem? Eur. Integr. OnlinePapers 10(6), 1–26 (2006)

Boehm, F.: Information Sharing and Data Protection in the Area of Freedom, Security and Justice – Towards Harmonised Data Protection Principles for Information Exchange at EU-level. Springer (2012)

Brouwer, E.: Eurodac: Its limitations and temptations. Eur. J. Migr. Law 4(2), 231–247 (2002)

Bundesamt für Sicherheit in der Informationstechnik (BSI): IT Security Guidelines– IT-Grundschutz in brief. BSI, Bonn (2007)

Commission Staff Working Paper: First annual report to the Council and the European Parliament on the activities of the EURODAC Central Unit. Commission of the European Communities, Brussels (2004)

Conventions signed between Member States: CONVENTION determining theState responsible for examining applications for asylum lodged in one of the Member States of the European Communities. Offi. J. Eur. Union (L 254), 1–12 (1997)

Council of the European Union: SIRENE Manual. Off. J. Eur. Union (L 38), 1–24 (2003)

10.

European Commission: COMMISSION IMPLEMENTING DECISION (EU) 2015/219 of 29 January 2015 replacing the Annex to Implementing Decision 2013/115/EU on the Sirene Manual and other implementing measures for the second generation Schengen Information System (SIS II). Off. J. Eur. Union (L 44), 75–116 (2015)

11.

European Commission: COMMISSION DECISION (EU, Euratom) 2017/46 of 10 January 2017 on the security of communication and information systems in the European Commission. Off. J. Eur. Union (L 6), 40–51 (2017)

12.

European Council: COUNCIL REGULATION (EC) No 2725/2000 of 11 December2000 concerning the establishment of ‘Eurodac’ for the comparison of fingerprints for the effective application of the Dublin Convention. Off. J. Eur. Union (L 316), 1–10 (2000)

13.

European Data Protection Supervisor: DECLARATION. In: Spring Conference of European Data Protection Authorities, pp. 1–2. Krakow (2005)

14.

European Data Protection Supervisor: Eurodac Supervision Coordination Group Second Inspection Report. Secretariat of the Eurodac Supervision Coordination Group, Brussels (2009)

15.

European Parliament and Council: REGULATION (EC) No 1987/2006 of 20 December 2006 on the establishment, operation and use of the second generation Schengen Information System (SIS II). Off. J. Eur. Union (L 381), 4–23 (2006)

16.

European Parliament and Council: REGULATION (EC) No 767/2008 of 9 July2008 concerning the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas (VIS Regulation). Off. J. Eur. Union (L 218), 60–81 (2008)

17.

European Parliament and Council: REGULATION (EU) No 603/2013 of 26 June2013 on the establishment of ‘Eurodac’ for the comparison of fingerprints for the effective application of Regulation (EU) No 604/2013. Off. J. Eur. Union (L 180), 1–30 (2013)

18.

European Parliament and Council: DIRECTIVE (EU) 2016/1148 of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union. Off. J. Eur. Union (L 194), 1–30 (2016)

19.

European Parliament and Council: DIRECTIVE (EU) 2016/680 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA. Off. J. Eur. Union (L 119), 89–131 (2016)

20.

European Parliament and Council: REGULATION (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Off. J. Eur. Union (L 119), 1–88 (2016)

21.

European Parliament, Council of the European Union: REGULATION (EU) No1077/2011 of 25 October 2011 establishing a European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice. Off. J. Eur. Union (L 286), 1–17 (2011)

22.

Fragapane, S., Minaldi, G.: Migration policies and digital technologies in Europe: a comparison between italy and spain. J. Eur. Integr. 0(0), 1–17 (2018)

23.

Government of the Republic of Estonia: Infosüsteemide turvameetmete süsteem.Riigi Teataja (252) (2009)

24.

ISO/IEC 27001:2013: Information technology – Security techniques – Informationsecurity management systems – Requirements. In: International Standardization Organization (2013)

25.

ISO/IEC 27002:2013: Information technology – Security techniques – Code of practice for information security controls. In: International Standardization Organization (2013)

26.

Marquenie, T.: The police and criminal justice authorities directive – data protection standards and impact on the legal framework. Comput. Law Secur. Rev. 33(3), 324–340 (2017)CrossRef

27.

Robinson, N., Gaspers, J.: Information security and data protection legal and policy frameworks applicable to european union institutions and agencies. Technical report, RAND Corporation (2014)

28.

Rull, A., Täks, E., Norta, A.: Towards Software-Agent Enhanced Privacy Protection, pp. 73–94. Springer (2014)

29.

Trauner, F.: Asylum policy – the EU’s ‘crises’ and the looming policy regimefailure. J. Eur. Integr. 38(3), 311–325 (2016)CrossRef

Titel: Implementation of Information Security in the EU Information Systems
verfasst von: Maris Järvsoo
Alexander Norta
Valentyna Tsap
Ingrid Pappel
Dirk Draheim
Verlag: Springer International Publishing
Buch: Challenges and Opportunities in the Digital Era
Print ISBN: 978-3-030-02130-6

Electronic ISBN: 978-3-030-02131-3

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-030-02131-3_15

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner