Information and System Security

Information and system security is a central problem for our modern, increasingly networked society. We investigate the risks to which software systems are exposed and work to ensure that security aspects are integrated into the development process of new systems right from the start.

Latest Research News

Fingerprint Scanner

Danger to Sensitive Data

Security experts from paluno – The Ruhr Institute for Software Technology at the University of Duisburg-Essen revealed multiple vulnerabilities in…

Security for Personal Data in the Cloud

The demand for cloud services has never been greater. This brings the issue of data protection to the fore. In the RestAssured project, scientists…

DFG Funding for Research Project in the Field of Nano-Security

"RAINCOAT - Randomization in Secure Nano-Scale Microarchitectures" is a joint project of Lucas Davi and Tim Güneysu working together in the cluster of…

Selected Projects

-

RAIN­COAT: Ran­do­miza­t­i­on in Se­cu­re Na­no-Sca­le Micro­ar­chi­tec­tu­res

The aim of the project is to investigate the security-relevant implications of new technology building blocks, such as NRAM, and to develop countermeasures for possible attack vectors. At the same time, existing security gaps, induced e.g. by branch predictors, are to be closed.

-

Cyber Security in the Age of Large-Scale Adversaries

Das Exzellenzcluster nimmt Maßnahmen gegen mächtige Angreifer von großen Vereinigungen, staatlichen Oranisationen oder aus dem Bereich der organisierten Kriminalität in den Fokus. Dabei wird ein europaweit einzigartiger Ansatz verfolgt: Führende WissenschaftlerInnen aus den Fachrichtungen Informatik, Mathematik und Ingenieurwesen kooperieren mit Forschenden aus der Psychologie, um das Zusammenspiel von menschlichem Verhalten und IT-Sicherheit zu untersuchen.

-

SFB 1119 CROSSING

Der Sonderforschungsbereich CROSSING entwickelt Kryptographie-basierte Sicherheitslösungen, um die Sicherheit und Vertrauenswürdigkeit in neuen und zukünftigen IT-Systemen sicherzustellen.

-

Methods and tools for GDPR compliance through Privacy and Data Protection Engineering

Das Projektziel besteht darin, die Erstellung von Produkten, Systemen und Dienstleistungen zu fördern, welche die Privatsphäre und die personenbezogenen Daten der EU-Bürger schützen.

-

RestAssured: Secure Data Processing in the Cloud

The RestAssured project dvelops solutions for cloud systems that are able to react to changes in the environment or requirements by making appropriate adjustments at runtime.

-

iObserve2: Integrated Observation and Modeling Techniques to Support Adaptation and Evolution of Software Systems

The joint project iObserve belongs to the Priority Program 1593 (Design For Future - Managed Software Evolution). There are developed new monitoring and modeling techniques for cloud software.

-

Interdisciplinary Research Training Group "User-Centred Social Media"

Das Graduiertenkolleg UCSM bietet eine interdisziplinäre Forschungsumgebung mit den Hauptdisziplinen Informatik und Psychologie. Aus dieser interdisziplinären Perspektive adressiert es Forschungsherausforderungen im Zusammenhang mit Social Media, die als komplexe soziotechnische Systeme verstanden werden.

Working Groups and People

Secure Software Systems (SYSSEC)

Secure Software Systems (SYSSEC)
Professor Dr. Lucas Davi

Main research: software security, system security, trusted computing, mobile security, security for cyber-physical systems

Software Engineering (SWE)

Software Engineering (SWE)
Professor Dr. Maritta Heisel

Main research: methods of software development, requirements engineering, pattern-based software development, safety, security, privacy protection, data protection, risk management

Software Systems Engineering (SSE)

Software Systems Engineering (SSE)
Professor Dr. Klaus Pohl

Main research: adaptive systems, Big Data, cloud computing, cyber physical systems, service orientation, variability management, requirements engineering