In today's rapidly changing world, security is of great concern. Companies change, undergo mergers and make acquisitions, and their information infrastructure becomes virtual. People are becoming increasingly mobile, employees work remotely from anywhere in the world, and devices are increasingly interconnected.
Security technology must respond to these changes. It is no longer sufficient to guard against a single entrance to a trusted domain; rather, many and diverse connections from the untrusted outside world to the trusted domain must be protected.
Our research concentrates on many aspects of information security:
Secure ID solutions
Secure identity cards and identification systems help businesses and agencies restrict access to physical locations and secure networks. They also provide an identity verification process for receiving government services or conducting online transactions.
Data storage security
The most valuable asset in today's information society is data, which must be stored, backed-up, and archived. Many modern storage systems secure the data using cryptography, which poses new challenges for managing encryption keys. Furthermore, novel techniques guarantee the cryptographic integrity of stored data.
Today's users have to manage many different online identities. We envision user-controlled identity management systems that respect user privacy and protect personally identifiable information.
- Password-based security
It is often claimed that passwords are broken and we should stop using them altogether. We are convinced that this is not true. In our view, passwords are just used incorrectly. If the right cryptographic techniques are applied, passwords are a secure and usable means of authentication.
Cloud computing security
Cloud computing aims at flexible scalable infrastructures using virtualized resources. Although virtualization improves efficiency and flexibility, it also introduces new threats. We mitigate these threats by means of new security technologies for protecting virtual environments. Moreover, we design novel mechanisms that provide protection levels only available in virtualized systems.