Not only smartphones and tablets have become ubiquitous but also everyday household appliances and infrastructure have been computerized – or became ‘smart’. The endless possibilities of app stores have brought diversity and ingenuity to the way we interact with our world. However, the simplicity of developing and distributing apps together with their omnipresence has made it easy for attackers to gain access to our personal address books and photos under the pretext of being a helpful app. We conduct research as to how to protect user’s data and privacy on mobile devices, we analyse attacks and data breaches and we construct more secure operating systems.
Privacy Enhancing Technologies
With the advent of Online Social Networks and other Online Services, users, often unknowingly, publicly disseminate tremendous amounts of personal information through their online interactions. All of this information is then readily available to data collectors which use it for personal gain or for malicious actions against the user. Protection of personal data is therefore of paramount importance in a day and age where data disseminated in the Internet is completely visible and available to anyone who wants to collect it. In our group we develop foundational methods for quantifying privacy and anonymity in the Internet. Our methods allow for the analysis of existing Privacy-Enhancing Technologies, but also for the development of novel, privacy-enhancing solutions. In particular, our goal is the development of a privacy adviser that guards information disseminated by end-users in the Internet.
The common practice of exploitable software which becomes patched creates a cat-and-mouse game that cannot be tolerated in the presence of critical infrastructure or personal data. In order to mitigate this cat-and-mouse game, we need new technologies that revolutionize the way systems are build and maintained. Our research area tackles this problem by giving foundations for the system design that incorporate security-by-design and methods for the analysis of existing systems. For example, we developed methods for analyzing properties of protocol implementations and connected these methods to construct a tool that can turn protocols specified in a declarative language into a provably secure implementation of that protocol.
The obvious advantages of cloud computing, such as a flexible pay-as-you-go model and virtual unlimited scaling, are accompanied by loss of control as data and processes have been outsourced to a third party. Today, a serious cloud computing concern is the protection of clients’ data and computations against various attacks. Especially after the revelations about intelligence services, customers fear more than ever than their sensitive data might be subject to spying with the help of the cloud provider. Our research helps to strengthen the trust in outsourced data and computations by applying state-of-the-art data protection, by analysing and assessing the cloud infrastructure and by providing operating system hardening to be protected against cloud attacks.