Secure Information Technology Center – Austria

Flexible Communication using cross platform and web technologies

Kategorie: Web Technologies

Web technologies as used in web applications and cross platform applications, offer all the capabilities required to built full-fledged applications.
One identified drawback is the direct communication between different instances of these applications. In this project, different approaches were analyzed to solve this issue and to provide a ready to use framework for various different kinds of applications.
One of the analyzed approaches was scrutinized and was finally realized and can be downloaded here.

Weiter lesen…

Static Analysis of iOS Applications

Kategorie: IT-Security

The behavioral analysis of mobile applications for Apple iOS is still a very challenging procedure, both in terms of time and resources required. In the end, it is usually not clear which measures an application provides to protect sensitive data. Similarly, it is difficult to determine whether apps violate established security principles, such as when cryptographic functions are used, and thus facilitate attacks on critical data.
Weiter lesen…

CA-less Authentication of Cloud Services

Kategorie: IT-Security

Recent advances in web technology, such as WebRTC, paved the road for providing short-lived services on end-user devices. Similar to legacy services (static and stationary), short-lived services need to be authenticated as well. This project evaluates and compares different authentication methods which might be suitable for use with for short-lived services without relying on traditional certification authority (CA) structures.

Weiter lesen…