Funded Projects

CRISP - Center for Research in Security and Privacy

CRISP's research focus is on "Security at Large". Usually, cyber security research considered isolated characteristic and systems of manageable sizes, for instance security of individual encryption techniques, program modules, or Internet protocols. In reality, hoewever, security issues arise often in the dynamic interaction of malleable subsystems. One might think of a large IT company consisting of thousend of computers, users and applications or of Software-as-a-Service, which consist of millions lines of codes and it constantly changes. Individual subsystems can be secure, however their become unsecure and vulnerable through their composition. Hence, the main task of CRISP is the research of comprehensive security solutions of large Systems - from its individual componenents to their interactions. CRSIP is developing its research focus in both foundation and applied research. Thereby, CRSIP puts particular importance on existing, practical interdisciplinartiy of CASED and EC Spride. In CRISP it is planned to include experties from other research fields, namely mechanical engineering, law, economics, electrical engineering, philosophy, psychology and sociology, and to work with the representatives of the corresponding departments in different, interdisciplinary projects.

Within CRISP, we focus on how end users could delegate their privacy protection and the protection of their data and devices to a trusted third party (an individual or an institution) - either globally or for specific areas such as web browser settings, smartphone configuration, privacy settings in social networks. We also aim to investigate and identify, how such delegation can be made secure and verifiable.
Furthermore, we focus on how non-expert end users can communicate, in particular by using mobile devices, over the Internet in a usable, confidential fashion, while ensuring the authenticity of the communication and partners. Beside usability we also aim to explore and consider end user acceptance.

Funding body: Federal Ministry of Education and Research (BMBF)

Partners: Follow the link.

Funding period: 01.10.2015 – 31.03.2018

Contact: Oksana Kulyk, Birgit Henhapl

Doctoral College 2050: Privacy and Trust for Mobile Users

The Doctoral College "Privacy and Trust for Mobile Users" is a highly interdisciplinary collaboration between Computer Science and the fields of Law, Economics, Sociology, and usability research. Mobile information and communication technology has become virtually ubiquitous due to the proliferation of smartphones and tablet computers; large sections of the society use it to their advantage. In reference to the relationship users-network, public debates highlight the increasing transparency of users - in the sense of a surveillance society - while the network is deemed to become increasingly nontransparent, i.e. inscrutable. As an important technological vision, the project will conduct research in to novel mobile devices that enable maximum control for the user.

Our research: AlterEgo as Assistant for Trustworthiness Assessments: The AlterEgo should decide whether to trust a service, sensor or social network or not. Therefore, it needs to know the users’ preferences. Correspondingly, during the setup phase, users configure their AlterEgo.

The first goal in this project is to identify what should be configurable – obviously not each individual possible future situation but some sort of sets of general situations. The first challenge is to identify such sets that allow users to phrase generalized preferences which at the same time are concrete enough to be applied in various actual situations. This is particularly challenging due to legal conditions, complex interrelations between different situations and related risks depending on the actual configuration, and due to the different mental models of possible users.

The second goal in this project is to handle individual situations based on individual preferences (configured during the setup). Therefore, the trustworthiness of the individual situation needs to be deduced based on multi-dimensional trust measurements. These measurements need to be adjusted to make them applicable for this project. Finally it is necessary to handle situations which users want to define as exception.

Project site

Partner: Several groups at TU Darmstadt and Kassel University

Period: 01.10.2015 - 31.09.2019

Contact: Melanie Volkamer

KMU Aware - Awareness im Mittelstand

Small and medium sized enterprises (SME; in German: KMU) face new and emerging challenges in protecting themselves against digital attacks. This is exacerbated by the trend towards digital processing and paperless offices.  Possible consequences of successful attacks are reputational damage, financial loss or reduction in customer base. The project KMU AWARE, which is supported by the Federal Ministry for Economic Affairs and Energy, aims to assist German KMUs in their ability to identify and fend off possible dangers associated with the use of the Internet.
We are working together with our project partner usd in developing an awareness and educational platform that is closely aligned with the actual needs and requirements of SME. On one hand, existing promising approaches can be adapted and incorporated into the platform. On the other hand, new and innovative concepts and measures will be developed as required, prompted by so-called Teachable Moments. The new measures will be evaluated with regard to their efficacy before being rolled out to companies countrywide.

Project site.

Funding body: Federal Ministry for Economic Affairs and Energy

Partner: usd AG

Period: 1.4.2015 – 31.3.2018

Contact: Silke Rehfeld, Melanie Volkamer

IT-Seal - Social Engineering Analysis Labs

The project IT-Seal develops a scalable analysis that identifies and evaluates IT security problems that are caused by human behaviour. Based on this data, they provide companies with recommendations on how to decrease the threat of industrial espionage and sabotage.

IT-Seal is the first IT-Security startup of the TU Darmstadt which received the EXIST Business Start-up Grant funded with 125.000€ by the Federal Ministry of Economics and Energy (BMWi) and the European Social Fund. The initiation was a master thesis, written within the research group SECUSO in 2014.

The IT-Seal Analysis quantifies the security related behaviour of employees by simulating external attacks and analysing internal processes. In combination with employee interviews and questionnaires, IT-Seal derives an individual action plan. Thus, reasonable data can be generated and weaknesses can get identified, as a basis for investment decisions. The goal is to improve the security situation in a joint way, employees are included during the whole security process. The results are summarized and handed out in a web application and a detailed report, while the anonymity of the employees is guaranteed.

Funding body: Federal Ministry of Economics and Energy (BMWi) and cofinanced by the European Social Fund

Funding period: 01.04.2016 – 31.03.2017

Contact: Melanie Volkamer, M.Sc. M.Sc. David Kelm, M.Sc. Alex Wyllie, M.Sc. Yannic Ambach

MoPPa – Modeling the privacy paradox from a psychological and a technical point of view

The aim of this research project is to explore the paradox and the mental models in the context of individual privacy protection in depth. It is planned to create a model by the means of computer science and psychological theories and methods. The diverse reasons for different user groups as well as systemic dependencies for use (or ignoring) of protective measures and following recommendations are to be identified and correlated. Overall one of the main goals is to evaluate how people today make decision about the usage of a service / an application / a security or privacy enhancing technology. This model covers various applications, protection measures and recommendations. We will evaluate this model in several user studies and improve the model based on the results from these user studies. If both – reasons and dependencies - are known, measures to increase the awareness for data protection in general and to increase the motivation for an individual privacy protection can be identified.

Funding body: Federal Ministry of Education and Research (BMBF)

Partners: Prof. Vogt (TU-Darmstadt)

Funding period: 01.11.2015 – 31.10.2017

Contact: Paul Gerber

VALID - VerifiAble LIquid Democracy

Liquid democracy is a form of government, whereby each voter can either cast the vote herself, or delegate it to someone else (who e.g. is more of an expert in the area of the actual poll). Each voter can also act as a delegate. This approach provides a middle ground between direct and representative democracy. The objectives of this project are: First, literature in the area of liquid democracy will be studied and categorized. Then, technical requirements for a liquid democracy system are deduced. The results will be published either at a research conference or as a technical report. 

Funding body: Polyas

Partner: Polyas

Period: 1.3.2015 - 28.2.2017

Contact: Oksana Kulyk, Karola MarkyMelanie Volkamer

A A A | Drucken Print | Impressum Impressum | Sitemap Sitemap | Suche Search | Kontakt Contact | Website Analysis: More Information
zum Seitenanfangzum Seitenanfang