This file was created by the TYPO3 extension
bib
--- Timezone: CEST
Creation date: 2024-09-18
Creation time: 14-26-33
--- Number of references
6
inproceedings
2023_lohmoeller_transparency
Poster: Bridging Trust Gaps: Data Usage Transparency in Federated Data Ecosystems
2023
11
27
data usage control; data ecosystems; transparency logs
https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-lohmoeller-transparency.pdf
ACM
Proceedings of the 2023 ACM SIGSAC Conference on
Computer and Communications Security (CCS ’23), November 26-30, 2023, Copenhagen, Denmark
Copenhagen, Denmark
November 26-30, 2023
979-8-4007-0050-7/23/11
10.1145/3576915.3624371
1
JohannesLohmöller
EduardVlad
MarkusDahlmanns
KlausWehrle
article
2023_pennekamp_purchase_inquiries
Offering Two-Way Privacy for Evolved Purchase Inquiries
ACM Transactions on Internet Technology
2023
11
17
23
4
Dynamic and flexible business relationships are expected to become more important in the future to accommodate specialized change requests or small-batch production. Today, buyers and sellers must disclose sensitive information on products upfront before the actual manufacturing. However, without a trust relation, this situation is precarious for the involved companies as they fear for their competitiveness. Related work overlooks this issue so far: Existing approaches only protect the information of a single party only, hindering dynamic and on-demand business relationships. To account for the corresponding research gap of inadequately privacy-protected information and to deal with companies without an established trust relation, we pursue the direction of innovative privacy-preserving purchase inquiries that seamlessly integrate into today's established supplier management and procurement processes. Utilizing well-established building blocks from private computing, such as private set intersection and homomorphic encryption, we propose two designs with slightly different privacy and performance implications to securely realize purchase inquiries over the Internet. In particular, we allow buyers to consider more potential sellers without sharing sensitive information and relieve sellers of the burden of repeatedly preparing elaborate yet discarded offers. We demonstrate our approaches' scalability using two real-world use cases from the domain of production technology. Overall, we present deployable designs that offer two-way privacy for purchase inquiries and, in turn, fill a gap that currently hinders establishing dynamic and flexible business relationships. In the future, we expect significantly increasing research activity in this overlooked area to address the needs of an evolving production landscape.
bootstrapping procurement; secure industrial collaboration; private set intersection; homomorphic encryption; Internet of Production
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-pennekamp-purchase-inquiries.pdf
ACM
1533-5399
10.1145/3599968
1
JanPennekamp
MarkusDahlmanns
FrederikFuhrmann
TimoHeutmann
AlexanderKreppein
DennisGrunert
ChristophLange
Robert H.Schmitt
KlausWehrle
inproceedings
2023-dahlmanns-docker
Secrets Revealed in Container Images: An Internet-wide Study on Occurrence and Impact
2023
7
10
797-811
Containerization allows bundling applications and their dependencies into a single image. The containerization framework Docker eases the use of this concept and enables sharing images publicly, gaining high momentum. However, it can lead to users creating and sharing images that include private keys or API secrets—either by mistake or out of negligence. This leakage impairs the creator's security and that of everyone using the image. Yet, the extent of this practice and how to counteract it remains unclear.
In this paper, we analyze 337,171 images from Docker Hub and 8,076 other private registries unveiling that 8.5% of images indeed include secrets. Specifically, we find 52,107 private keys and 3,158 leaked API secrets, both opening a large attack surface, i.e., putting authentication and confidentiality of privacy-sensitive data at stake and even allow active attacks. We further document that those leaked keys are used in the wild: While we discovered 1,060 certificates relying on compromised keys being issued by public certificate authorities, based on further active Internet measurements, we find 275,269 TLS and SSH hosts using leaked private keys for authentication. To counteract this issue, we discuss how our methodology can be used to prevent secret leakage and reuse.
network security; security configuration; secret leakage; container
ven2us, internet-of-production,
https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-dahlmanns-asiaccs.pdf
ACM
Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security (ASIACCS '23), July 10-14, 2023, Melbourne, VIC, Australia
Melbourne, VIC, Australia
ASIA CCS '23
July 10-14, 2023
979-8-4007-0098-9/23/07
10.1145/3579856.3590329
1
MarkusDahlmanns
ConstantinSander
RobinDecker
KlausWehrle
article
Jakobs_2023_3
Preserving the Royalty-Free Standards Ecosystem
European Intellectual Property Review
2023
7
45
7
371-375
It has long been recognized in Europe and elsewhere that standards-development organizations (SDOs) may adopt policies that require their participants to license patents essential to the SDO’s standards (standards-essential patents or SEPs) to manufacturers of standardized products (“implementers”) on a royalty-free (RF) basis. This requirement contrasts with SDO policies that permit SEP holders to charge implementers monetary patent royalties, sometimes on terms that are specified as “fair, reasonable and nondiscriminatory” (FRAND). As demonstrated by two decades of intensive litigation around the world, FRAND royalties have given rise to intractable disputes regarding the manner in which such royalties should be calculated and adjudicated. In contrast, standards distributed on an RF basis are comparatively free from litigation and the attendant transaction costs. Accordingly, numerous SDOs around the world have adopted RF licensing policies and many widely adopted standards, including Bluetooth, USB, IPv6, HTTP, HTML and XML, are distributed on an RF basis. This note briefly discusses the commercial considerations surrounding RF standards, the relationship between RF standards and open source software (OSS) and the SDO policy mechanisms – including “universal reciprocity” -- that enable RF licensing to succeed in the marketplace.
0142-0461
10.2139/ssrn.4235647
1
JorgeContreras
RudiBekkers
BradBiddle
EnricoBonadio
Michael A.Carrier
BernardChao
CharlesDuan
RichardGilbert
JoachimHenkel
ErikHovenkamp
MartinHusovec
KaiJakobs
Dong-hyuKim
Mark A.Lemley
Brian J.Love
LukeMcDonagh
Fiona M.Scott Morton
JasonSchultz
TimothySimcoe
Jennifer M.Urban
Joy YXiang
incollection
2023_pennekamp_crd-a.i
Evolving the Digital Industrial Infrastructure for Production: Steps Taken and the Road Ahead
2023
2
8
35-60
The Internet of Production (IoP) leverages concepts such as digital shadows, data lakes, and a World Wide Lab (WWL) to advance today’s production. Consequently, it requires a technical infrastructure that can support the agile deployment of these concepts and corresponding high-level applications, which, e.g., demand the processing of massive data in motion and at rest. As such, key research aspects are the support for low-latency control loops, concepts on scalable data stream processing, deployable information security, and semantically rich and efficient long-term storage. In particular, such an infrastructure cannot continue to be limited to machines and sensors, but additionally needs to encompass networked environments: production cells, edge computing, and location-independent cloud infrastructures. Finally, in light of the envisioned WWL, i.e., the interconnection of production sites, the technical infrastructure must be advanced to support secure and privacy-preserving industrial collaboration. To evolve today’s production sites and lay the infrastructural foundation for the IoP, we identify five broad streams of research: (1) adapting data and stream processing to heterogeneous data from distributed sources, (2) ensuring data interoperability between systems and production sites, (3) exchanging and sharing data with different stakeholders, (4) network security approaches addressing the risks of increasing interconnectivity, and (5) security architectures to enable secure and privacy-preserving industrial collaboration. With our research, we evolve the underlying infrastructure from isolated, sparsely networked production sites toward an architecture that supports high-level applications and sophisticated digital shadows while facilitating the transition toward a WWL.
Cyber-physical production systems; Data streams; Industrial data processing; Industrial network security; Industrial data security; Secure industrial collaboration
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2023/2023-pennekamp-iop-a.i.pdf
Springer
Interdisciplinary Excellence Accelerator Series
Internet of Production: Fundamentals, Applications and Proceedings
978-3-031-44496-8
10.1007/978-3-031-44497-5_2
1
JanPennekamp
AnastasiiaBelova
ThomasBergs
MatthiasBodenbenner
AndreasBührig-Polaczek
MarkusDahlmanns
IkeKunze
MoritzKröger
SandraGeisler
MartinHenze
DanielLütticke
BenjaminMontavon
PhilippNiemietz
LuciaOrtjohann
MaximilianRudack
Robert H.Schmitt
UweVroomen
KlausWehrle
MichaelZeng
inproceedings
2023-lorz-cired
Interconnected grid protection systems - reference grid for testing an adaptive protection scheme
2023
3286-3290
ven2us
27th International Conference on Electricity Distribution (CIRED 2023), Rome, Italy, June 12-15, 2023
Rome, Italy
International Conference & Exhibition on Electricity Distribution (CIRED)
June 12-15, 2023
10.1049/icp.2023.0864
1
TobiasLorz
JohannJaeger
AntigonaSelimaj
ImmanuelHacker
AndreasUlbig
Jan-PeterHeckel
ChristianBecker
MarkusDahlmanns
Ina BereniceFink
KlausWehrle
GerritErichsen
MichaelSchindler
RainerLuxenburger
GuosongLin