ATHENE researchers discover serious security vulnerabilities in Internet routing protection software
A research team from the National Research Center for Applied Cybersecurity ATHENE led by Prof. Dr. Haya Schulmann has uncovered 18 vulnerabilities in crucial software components of Resource Public Key Infrastructure (RPKI). The affected vendors have been provided with patches for their products.
read more
ATHENE publishes white paper on the CRA
Connected products are to become more secure across the EU - that is the aim of the Cyber Resilience Act (CRA), an EU regulation that is currently being voted on and is expected to come into force this year. In our latest whitepaper, our researchers address the latest version of the CRA draft and explain which companies and products are likely to be subject to which obligations.
read more
Accepted papers at the EACL 2024
ATHENE researcher Prof. Iryna Gurevych presented seven papers at the 8th Conference of the European Chapter of the Associations for Computational Linguistics, EACL for short. Two of them were directly related to her research work in the ATHENE research project "Fake News and Conspiracy Theories" from the research area Secure Digital Transformation in Health Care ( SeDiTraH). EACL is one of the leading European conferences in the field of computational linguistics covering a broad spectrum of research areas that are concerned with computational approaches to natural language.
read more
ATHENE position paper calls for data protection precautions
Cybersecurity researchers are often unable to comply with data protection regulations because they do not know before the start of a research activity whether and what personal data they will be processing. Our data protection experts have therefore formulated a proposed addition to the GDPR. Their concern: The legally binding introduction of data protection precautions that take unplanned data access into account.
read more
ATHENE researchers discover fundamental design flaws in DNSSEC
Led by Prof. Haya Schulmann of Goethe University Frankfurt, a team of ATHENE researchers has uncovered a critical flaw in the design of DNSSEC (DNS Security Extensions), which is a vulnerability in all Domain Name System (DNS) implementations. DNS is one of the fundamental building blocks of the Internet. Without a fix, the design flaw could have devastating consequences for virtually all DNS implementations using DNSSEC and public DNS providers such as Google and Cloudflare.
read moreAccepted papers on the CHI 2024
Three papers written by ATHENE researchers were accepted at the A*-ranked ACM CHI Conference on Human Factors in Computing Systems, CHI for short. The annual conference is the premier international conference of Human-Computer Interaction.
read more
ATHENE researchers find insecure keys in healthcare email system
Medical practices send important documents such as electronic certificates of incapacity for work or treatment and cost plans to health insurance companies via the telematics infrastructure mail system. The e-health team at Fraunhofer SIT has now discovered that the encryption for the mail system was set up incorrectly at several health insurance companies - a total of eight health insurance companies used the same keys and were therefore theoretically able to decrypt the mails of other health insurance companies. The researchers are presenting their findings at this year's Chaos Communication Congress (37c3) organized by the Chaos Computer Club (CCC).
read more
ATHENE researchers carry out security check of hospital IT
The Bundesamt für Sichere Informationstechnologie (BSI) has commissioned ATHENE researchers from Fraunhofer SIT to conduct a study on the security of hospital information systems and data exchange formats. In order to be able to examine the hospital information systems (KIS) already used in everyday clinical practice more closely, HIS manufacturers and clinics are being sought who would like to have their KIS evaluated by means of penetration tests at no cost. After the test, the results will be made available together with a test certificate. More information about the project can be found here: www.sit.fraunhofer.de/sikis.
read moreStudy published on the lack of legal certainty for big data and AI
How can big data and AI applications be used profitably without violating data protection and IT security? Our data protection experts addressed this question in the recently published legal study "Systematic Privacy in real-life Data Processing Systems". They examined current regulations from the legal areas of data protection, IT security law and copyright law in relation to big data and also looked at the draft EU regulation on artificial intelligence (KI-VO-E).
read more
Congratulations to Dr. rer. nat. Jasmin Haunschild
Jasmin Haunschild, an ATHENE scientist, completed the final part of her doctoral thesis at the Department of Computer Science at the TU Darmstadt. Her thesis titled "Enhancing Citizens' Role in Public Safety: Interaction, Perception and Design of Mobile Warning Apps" was written as part of the ATHENE research area Secure Urban infrastructures (SecUrban). Her thesis was supervised by Prof. Dr. Dr. Christian Reuter and co-supervised by Prof. Dr.-Ing. Frank Fiedrich. The thesis was reviewed and recommended for acceptance by the Department of Computer Science. The oral examination was chaired by Prof. Dr. Marco Zimmerling, with Prof. Dr. Jan Gugenheimer and Prof. Dr. Joachmin Vogt also involved as examiners.
read more