Trust in Mobile and Embedded Systems
In daily life people access various services over the Internet such as online shopping, online banking, e-government, healthcare information systems, as well as social networks. While there is a strong emphasis on securing the communication between participating systems, both in commercial products (firewalls, virtual private networks, etc.) and in academic research (encryption algorithms, cryptographic protocols, etc.), the security and trustworthiness of the participating systems is often neglected. Most of commercial and private infrastructures are built on commodity operating systems and off-the-shelf hardware, but they do not provide high-assurance security functionality as in especially designed, but very expensive security systems that are used, for example, in military environments.
In this research field we try to answer the following questions:
- How do we define trustworthiness in an open, distributed IT environment?
- How can we determine, measure and verify the trustworthiness of systems?
- How should hardware and software systems be modified support such functionality?
We aim to explore how to build trusted platforms and how to realize trustworthy IT infrastructures that can enhance the security and privacy of our IT environments. We analyze, design, and develop advanced security architectures for single systems and distributed applications. Our security architectures aim at providing mechanisms to protect personal user information across IT systems. To realize these security architectures, we investigate several concepts and mechanism ranging from trusted hardware components, such as Trusted Platform Module (TPM) or secure co-processors, to operating system security aspects.
Our research topics in this area include:
- Secure Operating Systems
- Security Kernels
- Trusted Computing
- Trustworthy Virtualization
- Integrity Attestation and Runtime Monitoring
We have developed security architectures and implemented several prototypes within national and international research and development projects, such as EMSCB, OpenTC and TClouds. One example is the Turaya operating system, which is a microkernel-based security kernel that utilizes trusted computing functionalities and virtualization support to enable the usage and incorporation of legacy software components.
- Current Projects