DIN SPEC 27099

In the context of IT security, DIN SPEC 27099 is a high-security network architecture created for the storage of data in need of high protection. DIN SPEC 27099 "Information technology - Security procedures - Highly secure network architecture for the storage of highly sensitive data" represents a security solution that offers audit-proof and previously unachievable data protection at comparable costs. Highly sensitive data such as employee data, passwords or business secrets can be kept protected from any unauthorized access.

development

DIN SPEC 27099 was developed by Dawico Deutschland GmbH at the German Institute for Standardization e. V. (DIN) initiated. The basic structure of the network architecture was developed by Jan Ziebarth, Kai Alfred H. Fabian and Sebastian Brückner in 2014–2015. DIN SPEC 27099: 2016-07 was drawn up by an expert committee in 2015 using the PAS procedure. These included Jan Ziebarth, Dennis-Oliver Tschech, Sebastian Brückner, Peter Gräf and Thomas Andersen. In July 2016, Beuth-Verlag published the DIN SPEC. The impetus for the development was the wish of industrial customers to be able to protect their data on the basis of a standardized solution. The DIN SPEC 27099 also makes it easier to obtain PCI certification.

Content

Schematic representation of a network architecture according to DIN SPEC 27099.

The basis of the highly secure network architecture according to DIN SPEC 27099 is its novel three-level server arrangement. A request from a customer network is first processed on server (A). The server forwards the request to another server (B). This server disconnects from A and only then connects to the third server (C). If the request is correct, C sends the desired data to server B. Server B, with its hardware architecture and the rudimentary operating system, is not compatible with servers A and C. If the data has arrived at B, this server disconnects the connection C so that there can never be a direct connection between servers A and C. If the connection to C is broken, B connects to server A and sends the requested information. This then outputs the data to the requesting customer network. Technically, there is no simultaneous connection between A and C.

literature

German Institute for Standardization V. (Ed.): "The Berlin startup scene initiates standardization of highly secure IT networks: DIN SPEC 27099", in: DIN Mitteilungen + elektronorm7, magazine for German, European and international standardization, July 2016 edition, pp. 1, 5 , 7 and 108 ff.
German Institute for Standardization V. (Ed.): “DIN SPEC 27099 - data security in companies. Practical example "( PDF document ).

Web links

Success with standards: DIN SPEC - The leap into the market. DIN , archived from the original on October 18, 2016 ; Retrieved October 4, 2016 .
PDF document DIN e. V. on DIN SPEC 27099 , accessed on October 24, 2016.
DIN e. V. on the publication of the DIN SPEC by Beuth Verlag , accessed on October 24, 2016.
Publication of DIN SPEC 27099 by Beuth Verlag , accessed on October 24, 2016.

Individual evidence

↑ DIN SPEC 27099 - 2016-07 - Beuth.de. Retrieved August 13, 2018 .
↑ https://dawico.de/din-spec-27099-sichere-verwahrung-hoch-schutzbeduerftiger-daten/

[1] DIN SPEC 27099 - 2016-07 - Beuth.de. Retrieved August 13, 2018 .

[2] ttps://dawico.de/din-spec-27099-sichere-verwahrung-hoch-schutzbeduerftiger-daten/