Related papers: Designing a Global Authentication Infrastructure
Blockchain technology facilitates the development of decentralized systems that ensure trust and transparency without the need for expensive centralized intermediaries. However, existing blockchain architectures particularly consortium…
Non-centralized recommendation-based decision making is a central feature of several social and technological processes, such as market dynamics, peer-to-peer file-sharing and the web of trust of digital certification. We investigate the…
Although encryption protocols such as TLS are widely de-ployed,side-channel metadata in encrypted traffic still reveals patterns that allow application and behavior inference.How-ever,existing fine-grained fingerprinting approaches face two…
Authentication in TLS is predominately carried out with X.509 digital certificates issued by certificate authorities (CA). The centralized nature of current public key infrastructures, however, comes along with severe risks, such as single…
Business analytics processes are often composed from orchestrated, collaborating services, which are consumed by users from multiple cloud systems (in different security realms), which need to be engaged dynamically at runtime. If…
Secure sensor calibration constitutes a foundational step that underpins operational safety in the Industrial Internet of Things. While much attention has been given to IoT security such as the use of TLS to secure sensed data, little…
In the rapidly evolving landscape of software engineering, the demand for robust and secure systems has become increasingly critical. This is especially true for self-adaptive systems due to their complexity and the dynamic environments in…
Owing to the increase in 'certified' phishing websites, there is a steady increase in the number of phishing cases and general susceptibility to phishing. Trust mechanisms (e.g., HTTPS Lock Indicators, SSL Certificates) that help…
We devised a mobile biometric-based authentication system only relying on local processing. Our Android open source solution explores the capability of current smartphones to acquire, process and match fingerprints using only its built-in…
With the popularity of smart terminals, such as the Internet of Things, crowdsensing is an emerging data aggregation paradigm, which plays a pivotal role in data-driven applications. There are some key issues in the development of…
Edge computing-based Next-Generation Wireless Networks (NGWN)-IoT offer enhanced bandwidth capacity for large-scale service provisioning but remain vulnerable to evolving cyber threats. Existing intrusion detection and prevention methods…
Malicious domains are part of the landscape of the internet but are becoming more prevalent and more dangerous to both companies and individuals. They can be hosted on variety of technologies and serve an array of content, ranging from…
We define a method how digital ecosystems (including data spaces) may autonomously define and "advertise" credentials they issue or they trust in the form of so-called ecosystem trust profiles. An ecosystem trust profile collects all…
With the increasing number of connected devices and complex networks involved, current domain-specific security techniques become inadequate for diverse large-scale Internet of Things (IoT) systems applications. While cross-domain…
Security and privacy of the Internet Domain Name System (DNS) have been longstanding concerns. Recently, there is a trend to protect DNS traffic using Transport Layer Security (TLS). However, at least two major issues remain: (1) how do…
Public Key Infrastructures (PKIs) with their trusted Certificate Authorities (CAs) provide the trust backbone for the Internet: CAs sign certificates which prove the identity of servers, applications, or users. To be trusted by operating…
Adversaries can exploit inter-domain routing vulnerabilities to intercept communication and compromise the security of critical Internet applications. Meanwhile the deployment of secure routing solutions such as Border Gateway Protocol…
Modern cloud computing platforms based on virtual machine monitors carry a variety of complex business that present many network security vulnerabilities. At present, the traditional architecture employs a number of security devices at…
The management of sensitive data, including identity management (IDM), is an important problem in cloud computing, fundamental for authentication and fine-grained service access control. Our goal is creating an efficient and robust IDM…
Trust is the core building block of secure systems, and it is enforced through methods to ensure that a specific system is properly configured and works as expected. In this context, a Root of Trust (RoT) establishes a trusted environment,…