Nettsider med emneord «security»

Image may contain: text, font.
Publisert 26. aug. 2019 07:13

The paper "Language-based mechanisms for Security-by-Design'' by Shukun Tokas, Olaf Owe, and Toktam Ramenzanifarkhani got the award for the "Best Paper" of the IFIP IFIP Summer School on Privacy and Identity Management.

 

Publisert 30. juli 2019 16:31

This project involves working together with the Nokia Bell Labs in Finland on verifying the security properties of applications that they build using TPM (Trusted Platform Module) or Intel SGX (Software Guard Extenssions).

Publisert 5. feb. 2019 13:12
Publisert 19. aug. 2018 13:07

This projects involves a cases study and analysis of human users of a security ceremony; i.e., security protocol or procedure where the human is part of the protocol. The current on-line banking is an example, or the recent electronic voting procedure used in Norway. This topic is at the border of security and psychology. Your work will start from a recent paper [28] originating from the group of Ann Blandford.

See project link. Ask for discussions with one of the supervisors, for more information or variations of the project. See also general concerns.

Publisert 19. aug. 2018 13:06

Interested in security and access control? Then you want to look at the XACML standard for describing access control policies.

One good start in this topic is through the Drools engine (which is part of a large family of RedHat JBoss components). Already an XACML engine exists as a JBoss component called PicketBox, but this handles only XACML 2.0. Can you extend it to the current 3.0 version?

You may be spending time in the Tellu company, which has Drools at the core of their products and are interested in access control.

See project link. Ask for discussions with one of the supervisors, for more information or variations of the project. See also general concerns.

Publisert 14. aug. 2018 10:08

Static code analysis is usually performed as part of a Code Review (also known as white-box testing) and refers to the running of static code analysis tools that attempt to highlight possible vulnerabilities within 'static' (i.e. non-running) source code by using techniques such as Taint Analysis and Data Flow Analysis.

Publisert 14. aug. 2018 10:05

Most users are aware that email and most other forms of message exchange on the Internet is insecure, and after the disclosure of NSA documents by whistleblower Edward Snowden in 2012, it became clear that mass surveillance on the Internet was not only a theoretical possibility, but that an ongoing activity.

Publisert 13. juni 2018 13:05
Publisert 16. feb. 2018 14:40

Evaluation of added energy requirements for network security protocols (e.g. TLS).

Publisert 12. feb. 2018 16:23
Publisert 13. nov. 2017 12:10

Compiler security is an important field. This thesis wants to do groundwork to reproduce a known technique known as{Diverse Double-Compiling (DDC) in an new environment. Potentially with a secondary focus on writing a compiler for a mainstream language.

 

Publisert 18. okt. 2017 15:18
Publisert 8. okt. 2017 12:02

The task is to design and implement a radmomization concept for Rust compilation

Publisert 20. sep. 2017 18:43

This projects involves a cases study and analysis of human users of a modern information system, like IoT. This topic is at the border of computer science, psychology, cognitive sciences, and AI.

Ask for discussions with one of the supervisors, for more information or variations of the project. See also general concerns.

Publisert 23. aug. 2017 10:22

This project involves working with the protocol suite called Off-the-record OTR or the recent Signal protocol and applications like WhatsApp. The student will first learn about the specification of this protocol and about tools and techniques for analyzing security/communication protocols like Murphi from the Stanford security lab, the AVISPA, or the FDR3 from Oxford. The goal is to model the OTR protocol and analyze security/privacy properties of it. A starting point will be the papers [28, 30].

See project link. Ask for discussions with one of the supervisors, for more information or variations of the project. See also general concerns.

Publisert 23. aug. 2017 10:01

This project involves looking into Bitcoin or Etherium and the protocols and security technology behind it. You should expect to work with newly introduced technologies like Bitcoin consensus and distributed peer-to-peer network algorithms, or Block-chain style of distributed write-only database, or proof-of-work algorithms.

Depending on the motivation and abilities of the student, this project include work on developing a new Crypto-currency for Science, which is a project initiated by Stefan Krauss.

See project link. Ask for discussions with one of the supervisors, for more information or variations of the project. See also general concerns.

Publisert 8. mai 2017 13:36
Publisert 23. feb. 2017 17:23

SCOTT: Secure COnnected Trustable Things will provide comprehensive cost-efficient solutions of wireless, end-to-end secure, trustworthy connectivity and interoperability to bridge the last mile to market implementation. SCOTT will not deal with just 'things that are connected', but 'trustable things that are connected', i.e. things interconnected by dependable wireless technology and valuing the end-users' privacy rules.

SCOTT bundles the European key players from several industrial domains including building and home / smart infrastructure, automotive, aeronautics, rail, and health to make full potential of cross-domain synergies and to strengthen Europe's position in the emerging technology field of secure IoT.

Publisert 1. feb. 2017 09:12

The future electricity network is based on components, which are state-of-the-art from some years back in time. As an example, the SCADA system consists of network interfaces, browser sessions..., which all can be hacked using standard vulnerabilities.

Publisert 1. feb. 2017 09:12

Previous work has established a Multi-Metrics (MM) Method for the analysis of measurable security and privacy. This MM approach is used in a.o. UNIK4750, and described more in IoTSec:T1.2. Some challenges of the method are related to the choice of metrics describing security functionality and their impact of the system. A further potential weakness is the dependency of system components, called "interconnection".

Publisert 1. feb. 2017 09:12

Embedded Systems (ES) becomes increasingly popular in modern times. This popularity increases the importance of the security for these systems. The reliable evaluation of the ES`s security is considered as a crucial requirement for the enhancement of its security.