SVS - Security in Distributed Systems

The Research Unit "Security in Distributed Systems" was founded in early 2004, when Joachim Posegga moved from SAP Corporate Research to the University of Hamburg.

Our research is focussed on application-oriented security, i.e., we are taking a view which considers security as a property of applications and not as a value per se. The main application areas we consider are enterprise (e-business) applications, mobile and wireless applications, as well as the upcoming world of ubiquitous/pervasive computing.

All these areas have in common that security is a key property, in particular for commercial applications. The challenge for security research is to understand these areas and their implications, and then to provide suitable means to help develop and operate secure applications under their given constraints. This can, and likely will, require a paradigm shift in security from protecting infrastructures to protecting applications:

• In the past IT was focused on a client/server architectures and security meant protecting network infrastructures. Security was communication-oriented and completely separated from applications. We are currently observing that mobile applications and pervasive networks are taken into account (GPRS, WLAN, etc). The predominant security paradigm consists of extending the previously deployed perimeter security paradigm by technical means like VPNs, or encrypted tunnels.

• The next wave in computing will take advantage of distributing functionality to pervasive devices, based on loosely coupled components (Web Services). For security, this means a radical shift: Neither network architectures, nor computing infrastructures can cope with the dynamics of such scenarios any more, and the strategic message for security is to become application-centric: applications themselves need to provide their own security, since they become the focal point in this new world.