24.05.
2018
von 16:15–17:15 Uhr

DLS in Cyberecurity: Grand Research Challenges for Cyber­security of Critical Information and Infrastructures

Abstract:
Computing and communications infrastructures have become commodities which societies largely depend on, transacting huge quantities of data and exhibiting pervasive interconnections, sometimes in critical conditions. However, the actual magnitude that security and dependability risks may assume, is often misperceived. The information society has been assuming risk behaviours, without the adequate protection. Many stakeholders, not only end-users but vendors, service providers, public administrations and - what may be surprising - even governments, seem to ignore those risks, in different ways.

Details anzeigen
19.04.
2018
von 16:15 Uhr

DLS in Cyber­security: From Provable Security to Secure Cryptographic Implementations

Abstract
Building secure cryptographic implementations is notoriously hard. In this talk, I will outline a general methodology that delivers formal guarantees on assembly-level implementations through a combination of ideas from deductive program verification, program analysis, and verified compilation.

Details anzeigen
16.11.
2017
von 16:15–17:15 Uhr

DLS in Cyber­security: Secure Deduplication - Models and Optimization

Abstract
Deduplication is a widely used mechanism in cloud storage systems which can greatly increase efficiency. The basic idea is to remove duplicate stored files, replacing copies with a pointer to a single version. Empirical evidence shows that deduplication can be extremely effective in reducing both storage requirements and bandwidth used for uploading. However, deduplication also introduces severe challenges to security. There is an inherent conflict between the use of deduplication and the desire of users to encrypt their files prior to uploading. Even if this problem can be solved, client-side deduplication opens up a side channel which can reveal information to an adversary, as shown in 2010 by Harnik et al.

Details anzeigen
19.10.
2017
von 16:15–17:15 Uhr

DLS in Cyber­security: Security as a Science - Are we making progress?

Abstract
Recent years have seen increasing calls to make security research more “scientific”. Who can argue with science being desirable? But what exactly do people mean when they suggest this, and what are they really seeking? There is little clarity on what a “Science of Security” would look like. We consider this question, in the context of historical science and more recent security research, offer observations and insights, and suggest where things might be improved.

Details anzeigen
21.09.
2017
von 16:15–17:15 Uhr

DLS in Cyber­security: Sanctum - Towards an Open-Source, Formally-Verified Secure Processor

Abstract
Architectural isolation can be used to secure computation on a remote secure processor with a private key where the privileged software is potentially malicious as recently deployed by Intel's Software Guard Extensions (SGX). This talk will first describe the Sanctum secure processor architecture, which offers the same promise as SGX, namely strong provable isolation of software modules running concurrently and sharing resources, but protects against an important class of additional software attacks that infer private information by exploiting resource sharing....

Details anzeigen
20.07.
2017
von 16:15–17:15 Uhr

DLS in Cyber­security: New Threat Models for Cryptography

Abstract
Traditionally cryptography is used to protect communications and stored data. The cost of strong cryptography has been decreasing and today cryptography is used in tens of billions of devices. However, it has become apparent that ever more sophisticated attacks are launched to undermine or bypass cryptography: these attacks include compromising end systems, exploiting vulnerabilities in key management procedures, and inserting backdoors in cryptographic standards. We conclude by analyzing how these new threat models affect future research in cryptology and information security.

Details anzeigen
09.03.
2017
von 16:15–17:15 Uhr

DLS in Cyber­security: Building Robust Distributed Systems and Network Protocols

Abstract
Most distributed systems and network protocols are designed to meet fault-tolerance, performance, and security goals. The high-level steps involved in the life cycle of a protocol development include protocol specification, design, implementation, and deployment....

Details anzeigen
26.01.
2017
von 16:15–17:15 Uhr

Algorithm Engineering for Graph Traversal and Graph Generation in External-Memory

Abstract
Large graphs arise naturally in many real world applications. The actual performance of simple RAM model algo- rithms for traversing these graphs (stored in external memory) deviates significantly from their linear or near-linear predicted performance because of the large number of I/Os they incur....

Details anzeigen
24.11.
2016
von 16:15–17:15 Uhr

DLS in Cyber­security: Reflections on Code-Reuse Attacks and Defenses

Abstract:
Code reuse attacks have become prevalent techniques to exploit memory corruption vulnerabilities in software programs. The focus of most attacks is on modifying code pointer and a variety of corresponding defenses has been proposed, of which some have already been successfully bypassed. With data-oriented attacks, new opportunities for attackers have emerged and the arms race continues. ...

Details anzeigen
12.05.
2016
von 16:15–17:15 Uhr

Quantum-Secure Authentication of Physical Optical Keys

Authentication is a crucial factor in security.  Authentication can be based on “what you have” or on “what you know”, i.e. traditional physical or digital keys. Both can be easily copied. The modern version of the traditional physical key is the Physical Unclonable Function (PUF): an object that cannot feasibly be copied because of the inherent randomness in its manufacture.

Details anzeigen
vorherige SeiteSeite 2 von 5nächste Seite