URL:

Zusammenfassung:

Dependability Metrics
 
Within computer science, the term dependability has been introduced as a general term to cover all critical quality aspects of computing systems. Following the terminology of Laprie, a system is dependable if trust can justifiably be placed in the service it delivers. In the early days of computer science, researchers thought that program correctness was the key to dependability, meaning that a program always terminates and satisfies its postcondition if it is started in a state where its precondition holds. Today we know that many other factors influence the well-functioning of a computer system, such as hardware reliability and usability. Consequently, the area of system dependability has established itself as a central research area in computer science.

Justifying reliance in computer systems is based on some form of evidence about such systems. This in turn implies the existence of scientific techniques to derive such evidence from given systems or predict such evidence of systems. In a general sense, these techniques imply a form of measurement. The dependability metrics project is about measuring such aspects of dependable systems.

Click here for further information.

Honeynet

In order to measure security threats in communication networks and for the purpose of collecting information on security incidents, we installed a so called network of Honeypots (Honeynet). Honeypots are electronic bait, i.e. network resources (computers, routers, switches, etc.) deployed to be probed, attacked and compromised. Honeypots run special software which permanently collects data about the system and greatly aids in post-incident computer and network forensics. Several honeypots can be assembled into networks of honeypots called honeynets. Because of the wealth of data collected through them, honeynets are considered a useful tool to learn more about attack patterns and attacker behavior in real networks.

At the laboratory we host the German Honeynet Project and are involved in building the German Internet Early Warning System funded by the German Federal Office for Information Security (BSI).

 
Security in Sensor Networks

Sensor networks provide unique opportunities of interaction between computer systems and the environment. Their deployment can be described at high level as follows: The sensor nodes measure environmental characteristics which are then processed in order to detect events. Upon event detection, some actions are triggered. This very general description applies to extremely security-critical military applications as well as to such benign ones (in terms of security needs) as habitat monitoring.

In our research we focus on security issues in sensor networks. We are investigating how security differs in sensor networks from traditional security in Desktop systems by attacking real sensor networks and learning more about their weaknesses. This helps devise more realistic attacker models. Furthermore we are interested in developing security protocols for sensor networks which have probabilistic security guarantees. In particular, we have developed an authentication protocol for queries in sensor networks of which the security can be fine-tuned depending on the resources available.

 
Security of Mobile Devices

Every user of a mobile device such as a mobile phone or PDA has his own individual security interests which result in individual configuration and communication settings of the personal device. But especially mobile devices are well-known drawbacks in unser inferfaces (small screen, no mouse, slow, etc.). Another problem is that there are many existing security solutions for mobile devices (anti virus products, personal firewalls etc.) which are only poorly integrated into the device. This project aims at raising the security of mobile devices by for example allowing a local and uniform view onto the security configuration of the device. At the same time we follow the approach of testing security configurations of current mobile devices to understand more the weaknesses which are particular to this kind of electronic artefact.