Refine
Departments, institutes and facilities
- Institut für Cyber Security & Privacy (ICSP) (31) (remove)
Document Type
- Conference Object (18)
- Article (5)
- Contribution to a Periodical (3)
- Book (monograph, edited volume) (1)
- Part of a Book (1)
- Conference Proceedings (1)
- Doctoral Thesis (1)
- Lecture (1)
Year of publication
- 2017 (31) (remove)
Keywords
A deployment of the Vehicle-2-Vehicle communication technology according to ETSI is in preparation in Europe. Currently, a policy for a necessary Public Key Infrastructure to enrol cryptographic keys and certificates for vehicles and infrastructure component is in discussion to enable an interoperable Vehicle-2-Vehicle communication. Vehicle-2-Vehicle communication means that vehicles periodically send Cooperative Awareness Messages. These messages contain the current geographic position, driving direction, speed, acceleration, and the current time of a vehicle. To protect privacy (location privacy, “speed privacy”) of vehicles and drivers ETSI provides a specific pseudonym concept. We show that the Vehicle-2-Vehicle communication can be misused by an attacker to plot a trace of sequent Cooperative Awareness Messages and to link this trace to a specific vehicle. Such a trace is non-disputable due to the cryptographic signing of the messages. So, the periodically sending of Cooperative Awareness Messages causes privacy problems even if the pseudonym concept is applied.
Exploring Gridmap-based Interfaces for the Remote Control of UAVs under Bandwidth Limitations
(2017)
RPSL meets lightning: A model-based approach to design space exploration of robot perception systems
(2017)
As robots are becoming ubiquitous and more capable, the need for introducing solid robot software development methods is pressing to increase robots' task spectrum. This thesis is concerned with improving software engineering of robot perception systems. The presented research employs a model-based approach to provide the means to represent knowledge about robotics software. The thesis is divided into three parts, namely research on the specification, deployment and adaptation of robot perception systems.
RoCKIn@Work was focused on benchmarks in the domain of industrial robots. Both task and functionality benchmarks were derived from real world applications. All of them were part of a bigger user story painting the picture of a scaled down real world factory scenario. Elements used to build the testbed were chosen from common materials in modern manufacturing environments. Networked devices, machines controllable through a central software component, were also part of the testbed and introduced a dynamic component to the task benchmarks. Strict guidelines on data logging were imposed on participating teams to ensure gathered data could be automatically evaluated. This also had the positive effect that teams were made aware of the importance of data logging, not only during a competition but also during research as useful utility in their own laboratory. Tasks and functionality benchmarks are explained in detail, starting with their use case in industry, further detailing their execution and providing information on scoring and ranking mechanisms for the specific benchmark.
This paper presents the b-it-bots RoboCup@Work team and its current hardware and functional architecture for the KUKA youBot robot. We describe the underlying software framework and the developed capabilities required for operating in industrial environments including features such as reliable and precise navigation, flexible manipulation and robust object recognition.
This book constitutes the thoroughly refereed post-conference proceedings of the 15th International Conference on Smart Card Research and Advanced Applications, CARDIS 2016, held in Cannes, France, in November 2016. The 15 revised full papers presented in this book were carefully reviewed and selected from 29 submissions. The focus of the conference was on all aspects of the design, development, deployment, validation, and application of smart cards or smart personal devices.
Damit IT-gestützte Produkte und Systeme vor unbefugter oder missbräuchlicher Nutzung wirksam geschützt sind, müssen sie mit Sicherheitsfunktionen ausgestattet sein, die benutzerfreundlich sind. Hierfür sind seitens der Entwickler sowohl Security- als auch Usability-Kenntnisse erforderlich. Da insbesondere Entwickler in kleinen und mittleren Unternehmen (KMU) oft nicht über tiefer gehende Kenntnisse in beiden Bereichen verfügen, bedürfen sie einer Unterstützung, z. B. in Form geeigneter Methoden und Werkzeuge. In diesem Beitrag werden ein Lösungsweg und eine Werkzeugsammlung vorgestellt, die Entwicklern in KMU dabei helfen, auf systematische Weise digitale Produkte und Systeme mit dem Qualitätsmerkmal Usable Security herzustellen.
Usable security puts the users into the center of cyber security developments. Software developers are a very specific user group in this respect, since their points of contact with security are application programming interfaces (APIs). In contrast to APIs providing functionalities of other domains than security, security APIs are not approachable by habitual means. Learning by doing exploration exercises is not well supported. Reasons for this range from missing documentation, tutorials and examples to lacking tools and impenetrable APIs, that makes this complex matter accessible. In this paper we study what abstraction level of security APIs is more suitable to meet common developers’ needs and expectations. For this purpose, we firstly define the term security API. Following this definition, we introduce a classification of security APIs according to their abstraction level. We then adopted this classification in two studies. In one we gathered the current coverage of the distinct classes by the standard set of security functionality provided by popular software development kits. The other study has been an online questionnaire in which we asked 55 software developers about their experiences and opinion in respect of integrating security mechanisms into their coding projects. Our findings emphasize that the right abstraction level of a security API is one important aspect to consider in usable security API design that has not been addressed much so far.
Forschen, forschen und nochmal forschen: Genau das haben sich Hartmut Schmitt, Peter Nehren, Luigi Lo Iacono und Peter Leo Gorski in diesem shortcut zur Aufgabe gemacht. In fünf Kapiteln stellen sie die Ergebnisse des Forschungsprojekts "USecureD - Usable Security by Design" vor und unterstützen damit Softwareentwickler bei der systematischen Entwicklung von Produkten mit dem Qualititäsmerkmal "Usable Security". Forschen Sie selbst ein wenig mit und lernen Sie alles zu spannenden Anwendungsmöglichketen, Werkzeugen, Testplattformen und Entscheidungshilfen.