• Publications
  • Influence
On Technical Security Issues in Cloud Computing
This paper focuses on technical security issues arising from the usage of Cloud services and especially by the underlying technologies used to build these cross-domain Internet-connected collaborations. Expand
Security and Privacy-Enhancing Multicloud Architectures
A survey on the achievable security merits by making use of multiple distinct clouds simultaneously according to their security and privacy capabilities and prospects is provided. Expand
" Understanding Cryptography "
Yet another introductory book on cryptography!? This is what most people from the community might think, when they first glimpse at the present book by Christof Paar and Jan Pelzl. And that is whatExpand
All your clouds are belong to us: security analysis of cloud management interfaces
This research results are alarming: in regards to the Amazon EC2 and S3 services, the control interfaces could be compromised via the novel signature wrapping and advanced XSS techniques and the Eucalyptus control interfaces were vulnerable to classical signature wrapping attacks, and had nearly no protection against XSS. Expand
Vulnerable Cloud: SOAP Message Security Validation Revisited
The verification steps required to effectively validate an incoming SOAP request are discussed and a practical guideline for achieving a robust and effective SOAP message security validation mechanism is provided. Expand
Developers Deserve Security Warnings, Too: On the Effect of Integrated Security Advice on Cryptographic API Misuse
This work investigates the effectiveness of API-integrated security advice which informs about an API misuse and places secure programming hints as guidance close to the developer, and finds that this approach significantly improves code security. Expand
Towards the Usability Evaluation of Security APIs
A first contribution of this paper is a model that provides a consolidated view on the current research coverage of API Usability, and a proposal of eleven specific usability characteristics relevant for Security APIs. Expand
Security Prospects through Cloud Computing by Adopting Multiple Clouds
This paper initiates this discussion by contributing a concept which achieves security merits by making use of multiple distinct clouds at the same time. Expand
REST-ful CoAP Message Authentication
This paper approaches an important part of this requirement by introducing a REST-ful CoAP message authentication scheme, and aims to establish a message-oriented security layer for CoAP. Expand
Strategies for health data exchange for secondary, cross-institutional clinical research
An overview of technical, practical, legal, and ethical aspects of secondary data use are given and their implementation in the multi-institutional @neurIST research project is discussed. Expand