Secure Information Technology Center – Austria

Traces on the Internet

Kategorie: IT-Security, Web Technologies

Almost all activities on the Internet leave traces, which, when combined accordingly, can help identify an induvial with sufficient certainty. One of the main reasons for this is that the technical foundation of the Internet dates back to a time when privacy and data protection were not relevant. However, most components involved are considered as critical infrastructure. Thus, they cannot simply be replaced. As a result, additional measures need to be taken, in order to keep one’s identity secret and to leave as little traces as possible. Especially on application level, a lot of traces are left.

Weiter lesen…

24

May

2017

Analysis of Browser-Extensions

Kategorie: IT-Security, Web Technologies

Browser extensions can extend the functionality of modern web browsers almost arbitrarily. However, they are often used for malicious activities, due to their ability to easily access sensitive data (i.e. Cookies). Likewise, benign but faulty extensions can be used for targeted attacks by exploiting errors in the implementation. Usually, the security mechanisms of modern browsers only provide limited protection against such attacks. Thus, the present study deals with dangers posed from benign browser extensions.

Weiter lesen…

24

April

2017

Automated Reasoning over Security Policies

Kategorie: Cloud Computing, eGovernment, IT-Security, Web Technologies

Applied approaches on authorization management often focus on a single system or environment, neglecting the need to address the security of data sharing processes that span various entities and organizations.
In the course of this work, we address the shortcomings of existing frameworks by separating authorization management from particular organizations, their business or resource models. We establish a framework that defines abstract means to manage the security of resources distributed across diverse services using a unified service and policy description models. Weiter lesen…

15

March

2017

Security Aspects of Web-APIs

Kategorie: Cloud Computing, eGovernment, IT-Security, Web Technologies

Web-APIs represent a significant building block of the modern Web. They enable efficient and technology neutral data and process integration between diverse entities and platforms. As an innovation driver, they facilitate the creation of new business models and products. The broad variety of APIs, as well as the need to efficiently manage their lifecycles, motivated the inception of specifications and tools to ease and accelerate their development and integration in programmatic environments. Weiter lesen…

Flexible Communication using cross platform and web technologies

Kategorie: Web Technologies

Web technologies as used in web applications and cross platform applications, offer all the capabilities required to built full-fledged applications.
One identified drawback is the direct communication between different instances of these applications. In this project, different approaches were analyzed to solve this issue and to provide a ready to use framework for various different kinds of applications.
One of the analyzed approaches was scrutinized and was finally realized and can be downloaded here.

Weiter lesen…