The adoption of Homomorphic Encryption (HE) and Secure Function Evaluation (SFE) applications in the real world remains limited, even nearly 50 years after the introduction of HE. This is particularly unfortunate given the strong privacy and …
Data flow diagrams are commonly used in system design to represent data processing and exchange. They are valuable in security analysis due to their applicability in assessing information security-related properties like confidentiality. However, …
The Palladio approach enables software architects to create architectural models of their systems for early cost, performance, and maintainability analysis. Using a data flow-based confidentiality analysis, it is also possible to detect …
Identifying confidentiality violations is challenging as modern software-intensive systems exchange and store large amounts of data, and system deployment and context vary. Although modelbased analyses can identify such violations already at design …
Achieving and maintaining certain quality attributes of software-intensive systems is challenging, especially when these systems undergo change. In particular, information security is more difficult to maintain and degrades more rapidly than other …
In our modern world, the ever-expanding exchange of data and the increased complexity of interconnected software systems make software security challenging. Ideally, security concerns are already addressed early, as discussed with security by design. …
Anonymization plays a key role in protecting sensible information of individuals in real world datasets. Self-driving cars for example need high resolution facial features to track people and their viewing direction to predict future behaviour and …
Digitalization is one of the biggest drivers of advancements in the modern automotive domain. The resulting increase in communication is leading to a more intensive exchange of data and the opening up of for merly closed systems. This raises …
The transformation of mobility is on the cusp of a significant shift,driven by data-centric technologies in both individual and public transport. However, this data often contains sensitive private data, which can be used, for instance, for tracking …
Analyzing attacks and potential attack paths can help to identify and avoid potential security incidents. Manually estimating an attack path to a targeted software element can be complex since a software system consists of multiple vulnerable …