Hasso-Plattner-Institut für Digital Engineering GmbH
Refine
Year of publication
- 2018 (23) (remove)
Document Type
- Other (16)
- Article (6)
- Monograph/Edited Volume (1)
Language
- English (23)
Is part of the Bibliography
- yes (23)
Keywords
- E-Learning (3)
- Security Metrics (3)
- Security Risk Assessment (3)
- Cloud-Security (2)
- Energy (2)
- Lecture Video Archive (2)
- Secure Configuration (2)
- ACINQ (1)
- ASIC (1)
- Algorithms (1)
- Application Container Security (1)
- Approximation algorithms (1)
- Architectures (1)
- Australian securities exchange (1)
- Automated parsing (1)
- BCCC (1)
- BTC (1)
- BitShares (1)
- Bitcoin Core (1)
- Blockchain Auth (1)
- Blockchain-Konsortium R3 (1)
- Blockkette (1)
- Blockstack (1)
- Blockstack ID (1)
- Blumix-Plattform (1)
- Blöcke (1)
- Byzantine Agreement (1)
- Cloud Audit (1)
- Cloud Service Provider (1)
- Collaborative learning (1)
- Colored Coins (1)
- DAO (1)
- DPoS (1)
- Data breach (1)
- Data mining (1)
- Data mining Machine learning (1)
- Data partitioning (1)
- Data profiling (1)
- Delegated Proof-of-Stake (1)
- Denial of sleep (1)
- Disadvantaged communities (1)
- Distance Learning (1)
- Distributed Proof-of-Research (1)
- Distributed snapshot algorithm (1)
- E-Learning exam preparation (1)
- E-Lecture (1)
- E-Wallet (1)
- ECDSA (1)
- Electrical products (1)
- Embedded Programming (1)
- Emotion Mining (1)
- Eris (1)
- Ether (1)
- Ethereum (1)
- Federated Byzantine Agreement (1)
- Feedback control loop (1)
- Flash (1)
- FollowMyVote (1)
- Forecasting (1)
- Fork (1)
- Grid stability (1)
- Gridcoin (1)
- HLS (1)
- HTML5 (1)
- Hard Fork (1)
- Hashed Timelock Contracts (1)
- Home appliances (1)
- Identity leak (1)
- Identitätsmanagement (1)
- Internet der Dinge (1)
- Internet of Things (1)
- Internet of things (1)
- IoT (1)
- Japanese Blockchain Consortium (1)
- Japanisches Blockchain-Konsortium (1)
- Kette (1)
- Konsensalgorithmus (1)
- Konsensprotokoll (1)
- Lecture Recording (1)
- Lightning Network (1)
- Link layer security (1)
- Load modeling (1)
- Lock-Time-Parameter (1)
- Lossy networks (1)
- Low-processing capable devices (1)
- MAC security (1)
- MOOC (1)
- MOOC Remote Lab (1)
- Machine Learning (1)
- Micro-grid networks (1)
- Micropayment-Kanäle (1)
- Microservices Security (1)
- Microsoft Azur (1)
- Monitoring (1)
- Moving Target Defense (1)
- NASDAQ (1)
- NameID (1)
- Namecoin (1)
- Natural Language Processing (1)
- Neural Networks (1)
- Off-Chain-Transaktionen (1)
- Onename (1)
- OpenBazaar (1)
- Oracles (1)
- Orphan Block (1)
- P2P (1)
- Parallel processing (1)
- Peer assessment (1)
- Peer-to-Peer Netz (1)
- Peercoin (1)
- PoB (1)
- PoS (1)
- PoW (1)
- Power consumption characterization (1)
- Power demand (1)
- Privacy (1)
- Proof-of-Burn (1)
- Proof-of-Stake (1)
- Proof-of-Work (1)
- Psychological Emotions (1)
- Resource constrained smart micro-grids (1)
- Ripple (1)
- SCP (1)
- SHA (1)
- SPV (1)
- Schwierigkeitsgrad (1)
- Security (1)
- Security analytics (1)
- Sensor networks (1)
- Simplified Payment Verification (1)
- Skalierbarkeit der Blockchain (1)
- Slock.it (1)
- Smart Home Education (1)
- Smart micro-grids (1)
- Social Media Analysis (1)
- Soft Fork (1)
- Steemit (1)
- Stellar Consensus Protocol (1)
- Storj (1)
- Team based assignment (1)
- Teamwork (1)
- The Bitfury Group (1)
- The DAO (1)
- Threat Models (1)
- Transaktion (1)
- Two-Way-Peg (1)
- Unified logging system (1)
- Unspent Transaction Output (1)
- Verträge (1)
- Video annotations (1)
- Vulnerability analysis (1)
- Watson IoT (1)
- Wireless sensor networks (1)
- Zielvorgabe (1)
- Zookos Dreieck (1)
- Zookos triangle (1)
- altchain (1)
- alternative chain (1)
- atomic swap (1)
- behavior psychotherapy (1)
- bidirectional payment channels (1)
- bitcoins (1)
- blockchain (1)
- blockchain consortium (1)
- blockchain-übergreifend (1)
- blocks (1)
- blumix platform (1)
- chain (1)
- cloud (1)
- cloud monitoring (1)
- computer-mediated therapy (1)
- confirmation period (1)
- consensus algorithm (1)
- consensus protocol (1)
- contest period (1)
- contracts (1)
- cross-chain (1)
- data integration (1)
- decentralized autonomous organization (1)
- dezentrale autonome Organisation (1)
- difficulty (1)
- difficulty target (1)
- doppelter Hashwert (1)
- double hashing (1)
- emotion measurement (1)
- federated voting (1)
- hashrate (1)
- human-computer interaction (1)
- identity management (1)
- intelligente Verträge (1)
- inter-chain (1)
- ledger assets (1)
- medical documentation (1)
- merged mining (1)
- merkle root (1)
- micropayment (1)
- micropayment channels (1)
- miner (1)
- mining (1)
- mining hardware (1)
- minting (1)
- nonce (1)
- note-taking (1)
- off-chain transaction (1)
- peer-to-peer network (1)
- pegged sidechains (1)
- quorum slices (1)
- rootstock (1)
- scalability of blockchain (1)
- scarce tokens (1)
- security analytics (1)
- sidechain (1)
- smart contracts (1)
- transaction (1)
- user experience (1)
Institute
The relevance of identity data leaks on the Internet is more present than ever. Almost every week we read about leakage of databases with more than a million users in the news. Smaller but not less dangerous leaks happen even multiple times a day. The public availability of such leaked data is a major threat to the victims, but also creates the opportunity to learn not only about security of service providers but also the behavior of users when choosing passwords. Our goal is to analyze this data and generate knowledge that can be used to increase security awareness and security, respectively. This paper presents a novel approach to the processing and analysis of a vast majority of bigger and smaller leaks. We evolved from a semi-manual to a fully automated process that requires a minimum of human interaction. Our contribution is the concept and a prototype implementation of a leak processing workflow that includes the extraction of digital identities from structured and unstructured leak-files, the identification of hash routines and a quality control to ensure leak authenticity. By making use of parallel and distributed programming, we are able to make leaks almost immediately available for analysis and notification after they have been published. Based on the data collected, this paper reveals how easy it is for criminals to collect lots of passwords, which are plain text or only weakly hashed. We publish those results and hope to increase not only security awareness of Internet users but also security on a technical level on the service provider side.
Coordinated sampled listening (CSL) is a standardized medium access control protocol for IEEE 80215.4 networks. Unfortunately, CSL comes without any protection against so-called denial-of-sleep attacks. Such attacks deprive energy-constrained devices of entering low-power sleep modes, thereby draining their charge. Repercussions of denial-of-sleep attacks include long outages, violated quality-of-service guarantees, and reduced customer satisfaction. However, while CSL has no built-in denial-of-sleep defenses, there already exist denial-of-sleep defenses for a predecessor of CSL, namely ContikiMAC. In this paper, we make two main contributions. First, motivated by the fact that CSL has many advantages over ContikiMAC, we tailor the existing denial-of-sleep defenses for ContikiMAC to CSL. Second, we propose several security enhancements to these existing denial-of-sleep defenses. In effect, our denial-of-sleep defenses for CSL mitigate denial-of-sleep attacks significantly better, as well as protect against a larger range of denial-of-sleep attacks than the existing denial-of-sleep defenses for ContikiMAC. We show the soundness of our denial-of-sleep defenses for CSL both analytically, as well as empirically using a whole new implementation of CSL. (C) 2018 Elsevier B.V. All rights reserved.
Blockchain
(2018)
The term blockchain has recently become a buzzword, but only few know what exactly lies behind this approach. According to a survey, issued in the first quarter of 2017, the term is only known by 35 percent of German medium-sized enterprise representatives. However, the blockchain technology is very interesting for the mass media because of its rapid development and global capturing of different markets.
For example, many see blockchain technology either as an all-purpose weapon— which only a few have access to—or as a hacker technology for secret deals in the darknet. The innovation of blockchain technology is found in its successful combination of already existing approaches: such as decentralized networks, cryptography, and consensus models. This innovative concept makes it possible to exchange values in a decentralized system. At the same time, there is no requirement for trust between its nodes (e.g. users).
With this study the Hasso Plattner Institute would like to help readers form their own opinion about blockchain technology, and to distinguish between truly innovative properties and hype.
The authors of the present study analyze the positive and negative properties of the blockchain architecture and suggest possible solutions, which can contribute to the efficient use of the technology. We recommend that every company define a clear target for the intended application, which is achievable with a reasonable cost-benefit ration, before deciding on this technology. Both the possibilities and the limitations of blockchain technology need to be considered. The relevant steps that must be taken in this respect are summarized /summed up for the reader in this study.
Furthermore, this study elaborates on urgent problems such as the scalability of the blockchain, appropriate consensus algorithm and security, including various types of possible attacks and their countermeasures. New blockchains, for example, run the risk of reducing security, as changes to existing technology can lead to lacks in the security and failures.
After discussing the innovative properties and problems of the blockchain technology, its implementation is discussed. There are a lot of implementation opportunities for companies available who are interested in the blockchain realization. The numerous applications have either their own blockchain as a basis or use existing and widespread blockchain systems. Various consortia and projects offer "blockchain-as-a-serviceänd help other companies to develop, test and deploy their own applications.
This study gives a detailed overview of diverse relevant applications and projects in the field of blockchain technology. As this technology is still a relatively young and fast developing approach, it still lacks uniform standards to allow the cooperation of different systems and to which all developers can adhere. Currently, developers are orienting themselves to Bitcoin, Ethereum and Hyperledger systems, which serve as the basis for many other blockchain applications.
The goal is to give readers a clear and comprehensive overview of blockchain technology and its capabilities.