- Data and Application Security Group

Paper published at Soups 2018

The paper “Developers Deserve Security Warnings, Too: On the Effect of Integrated Security Advice on Cryptographic API Misuse” by Peter Leo Gorski, Luigi Lo Iacono, Dominik Wermke, Christian Stransky, Sebastian Möller, Yasemin Acar, Sascha Fahl has been published at the 14th Symposium on Usable Privacy and Security (SOUPS). The conference took place from 12th - 14th August in Baltimore, MD, USA.

British technology news website The Register gave press coverage of the paper in the article “Here’s a fab idea: Get crypto libs to warn devs when they screw up”.

Paper accepted at Web Studies 2018

The paper “Systematic Analysis of Web Browser Caches” by Hoai Viet Nguyen, Luigi Lo Iacono and Hannes Federrath will be published at the 2nd edition of the international conference on Web Studies (WS.2). The conference will take place from 3rd - 5th October in Paris, France.

Paper published at ECCWS

The paper “Classification of Android App Permissions” by Nils Gruschka, Luigi Lo Iacono and Jan Tolsdorf has been published at the 17th European Conference on Cyber Warfare and Security (ECCWS). The conference took place from June 28th to June 29th in Oslo, Norway.

Project URIA started

The research Project Usability of Risk-based Implicit Authentication (URIA) has started as a part of the Graduate School “North Rhine-Westphalian Experts on Research in Digitalization” (NERD NRW). The Mo­bi­le Se­cu­ri­ty Group of the Ruhr-University Bochum is also involved in the project and it is funded by Ministry of Culture and Science of the German State of North Rhine-Westphalia.

Paper accepted at EuroUSEC 2018

The paper "Consolidating Principles and Patterns for Human-centred Usable Security Research and Development" by Luigi Lo Iacono, Matthew Smith, Emanuel von Zezschwitz, Peter Leo Gorski and Peter Nehren will be published at the European Workshop on Usable Security (EuroUSEC 2018).

Paper accepted at the ESEC/FSE 2017

The paper "Guidelines for Adopting Frontend Architectures and Patterns in Microservices-based Systems" by Holger Harms, Collin Rogowski and Luigi Lo Iacono has been accepted for publication at the 11th European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 2017). The conference will be held from 4th - 8th September in Paderborn, Germany.

Two papers accepted at the TrustBus 2017

The paper "On the Security Expressiveness of REST-Based API Definition Languages" by Hoai Viet Nguyen, Jan Tolsdorf and Luigi Lo Iacono as well as the paper "Mobile Personal Identity Provider Based on OpenID Connect" by Luigi Lo Iacono, Nils Gruschka and Peter Nehren have been accepted for publication at the International Conference on Trust and Privacy in Digital Business (TrustBus 2017). The conference will be held from 28th - 31st August in Lyon, France.

Article published in DuD

The article "Anwendung der Blockchain außerhalb von Geldwährungen" by Stephan Wiefling, Luigi Lo Iacono and Frederik Sandbrink has been published in the Journal DuD - Datenschutz und Datensicherheit.

Talk at CAST-Workshop "Blockchain - Sicherheit und Anwendungen"

Stephan Wiefling will give a talk on "Anwendung der Blockchain außerhalb von Geldwährung" at the CAST-Workshop "Hot topic 'Blockchain - Sicherheit und Anwendungen'" (https://www.cast-forum.de/workshops/infos/242). The workshop will be held on October 26th at Fraunhofer SIT in Darmstadt and the entire program can be found at this location (https://www.cast-forum.de/workshops/programm/242).

Talk on "OpenStack Cloud im Eigenbau" at the Semicolon

Stephan Wiefling will give a talk on "OpenStack Cloud im Eigenbau" at the Semicolon (GFU Cyrus AG) in Cologne. The talk can be attended free of charge on September 26th with an enrollment at this URL:\ http://www.gfu.net/seminare-schulungen-kurse/semicolon_sk73/openstack_cloud_im_eigenbau_s1950.html.