Jan Henrik Ziegeldorf

aedifion GmbH · -

In past years, cloud storage systems saw an enormous rise in usage. However, despite their popularity and importance as underlying infrastructure for more complex cloud services, today's cloud storage systems do not account for compliance with regulatory, organizational, or contractual data handling requirements by design. Since legislation increas...

In diesem Whitepaper wird ein Sicherheitskonzept für zukünftige, auf dem Internet der Dinge (IoT) basierende Gebäudeautomationssysteme vorgestellt. Die Risikoeinstufung und Risikobehandlung orientieren sich am BSI-Standard 200-3 für die Risikoanalyse auf der Basis des IT-Grundschutzes.Es werden zwei Architekturen vor-gestellt, die sich nach Meinung...

Building automation and control systems (BAS) have become a common part of non-residential buildings in the past decades. However, many automation systems rely on severely outdated technology that render it challenging, if not impossible, to implement recently developed, advanced building control approaches. By contrast, recent developments in clou...

Optimizing the operation of energy systems as typically found in buildings, plants, and districts has the potential to greatly reduce primary energy consumption and maintenance expenses. Due to the complexity and nontransparency of these systems, costs of implementing optimizations may well consume or exceed potential savings. Data-driven methods f...

Building automation and control systems (BAS) have become a common part of non-residential buildings in the past decades. However, many automation systems rely on severely outdated technology that render it challenging, if not impossible, to implement recently developed, advanced building control approaches. By contrast, recent developments in clo...

Blockchains primarily enable credible accounting of digital events, e.g., money transfers in cryptocurrencies. However, beyond this original purpose, blockchains also irrevocably record arbitrary data, ranging from short messages to pictures. This does not come without risk for users as each participant has to locally replicate the complete blockch...

Machine learning classification has enabled many innovative services, e.g., in medicine, biometrics, and finance. Current practices of sharing sensitive input data or classification models, however, causes privacy concerns among the users and business risk among the providers. In this work, we resolve the conflict between privacy and business inter...

In past years, cloud storage systems saw an enormous rise in usage. However, despite their popularity and importance as underlying infrastructure for more complex cloud services, today's cloud storage systems do not account for compliance with regulatory, organizational, or contractual data handling requirements by design. Since legislation increas...

Since the introduction of Bitcoin in 2008, blockchain systems have seen an enormous increase in adoption. By providing a persistent, distributed, and append-only ledger, blockchains enable numerous applications such as distributed consensus, robustness against equivocation, and smart contracts. However, recent studies show that blockchain systems s...

The increasing utilization of cloud services by mobile apps on smart-phones leads to serious privacy concerns. While users can quantify the cloud usage of their apps, they often cannot relate to involved privacy risks. In this paper, we apply comparison-based privacy, a behavioral nudge, to the cloud usage of mobile apps. This enables users to comp...

Developers of smartphone apps increasingly rely on cloud services for ready-made functionalities, e.g., to track app usage, to store data, or to integrate social networks. At the same time, mobile apps have access to various private information, ranging from users' contact lists to their precise locations. As a result, app deployment models and dat...

Personal user data is collected and processed at large scale by a handful of big providers of Internet services. This is detrimental to users, who often do not understand the privacy implications of this data collection, as well as to small parties interested in gaining insights from this data pool, e.g., research groups or small and middle-sized e...

Cyber-physical systems (CPSs) are expected to collect, process, and exchange data that regularly contain sensitive information. CPSs may, for example, involve a person in the privacy of her home or convey business secrets in production plants. Hence, confidentiality, integrity, and authenticity are of utmost importance for secure and privacy-preser...

Written by a team of experts at the forefront of the cyber-physical systems (CPS) revolution, this book provides an in-depth look at security and privacy, two of the most critical challenges facing both the CPS research and development community and ICT professionals. It explores, in depth, the key technical, social, and legal issues at stake, and...

Background Whole genome sequencing has become fast, accurate, and cheap, paving the way towards the large-scale collection and processing of human genome data. Unfortunately, this dawning genome era does not only promise tremendous advances in biomedical research but also causes unprecedented privacy risks for the many. Handling storage and process...

Despite their increasing proliferation and technical variety, existing cloud storage technologies by design lack support for enforcing compliance with regulatory, organizational, or contractual data handling requirements. However, with legislation responding to rising privacy concerns, this becomes a crucial technical capability for cloud storage s...

In many areas such as bioinformatics, pattern recognition, and signal processing, Hidden Markov Models (HMMs) have become an indispensable statistical tool. A fundamental building block for these applications is the Forward algorithm which computes the likelihood to observe a given sequence of emissions for a given HMM. The classical Forward algori...

Bitcoin has revolutionized digital currencies and its underlying blockchain has been successfully applied to other domains. To be verifiable by every participating peer, the blockchain maintains every transaction in a persistent, distributed, and tamper-proof log that every participant needs to replicate locally. While this constitutes the central...

Recent technology shifts such as cloud computing, the Internet of Things, and big data lead to a significant transfer of sensitive data out of trusted edge networks. To counter resulting privacy concerns, we must ensure that this sensitive data is not inadvertently forwarded to third-parties, used for unintended purposes, or handled and stored in v...

The decentralized digital currency Bitcoin presents an anonymous alternative to the centralized banking system and indeed enjoys widespread and increasing adoption. Recent works, however, show how users can be reidentified and their payments linked based on Bitcoin's most central element, the blockchain, a public ledger of all transactions. Thus, m...

Social networking sites (SNS) provide great benefits for internet users all over the world. People can stay in touch, inform themselves on what is happening, or share with others what they are doing. Despite the great popularity of SNS like Facebook, more and more criticism arises in Europe toward permanently changing privacy regulations and easing...

Secure Two-Party Computation (STC) allows two mutually untrusting parties to securely evaluate a function on their private inputs. While tremendous progress has been made towards reducing processing overheads, STC still incurs significant communication overhead that is in fact prohibitive when no high-speed network connection is available, e.g., wh...

Social media continues to lead imprudent users into over-sharing, exposing them to various privacy threats. Recent research thus focusses on nudging the user into the ‘right’ direction. In this paper, we propose Comparison-based Privacy (CbP), a design paradigm for privacy nudges that overcomes the limitations and challenges of existing approaches....

Secure Two-Party Computation (STC), despite being a powerful tool for privacy engineers, is rarely used practically due to two reasons: i) STCs incur significant overheads and ii) developing efficient STCs requires expert knowledge. Recent works propose a variety of frameworks that address these problems. However, the varying assumptions, scenarios...

Bitcoin is a digital currency that uses anonymous cryptographic identities to achieve financial privacy. However, Bitcoin's promise of anonymity is broken as recent work shows how Bitcoin's blockchain exposes users to reidentification and linking attacks. In consequence, different mixing services have emerged which promise to randomly mix a user's...

The Internet of Things paradigm envisions the pervasive interconnection and cooperation of smart things over the current and future Internet infrastructure. The Internet of Things is, thus, the evolution of the Internet to cover the real world, enabling many new services that will improve people's everyday lives, spawn new businesses, and make buil...

Upcoming WiFi-based localization systems for indoor environments face a conflict of privacy interests: Server-side localization violates location privacy of the users, while localization on the user's device forces the localization provider to disclose the details of the system, e.g., sophisticated classification models. We show how Secure Two-Part...

Recent standardization efforts focus on a number of lightweight IP security protocol variants for end-to-end security in the Internet of Things (IoT), most notably DTLS, HIP DEX, and minimal IKEv2. These protocol variants commonly consider public-key-based cryptographic primitives in their protocol design for peer authentication and key agreement....

The IP-based Internet of Things (IoT) refers to the pervasive interaction of smart devices and people enabling new applications by means of new IP protocols such as 6LoWPAN and CoAP. Security is a must, and for that we need a secure architecture in which all device interactions are protected, from joining an IoT network to the secure management of...

The vision of the Internet of Things considers smart objects in the physical world as first-class citizens of the digital world. Especially IP technology and RESTful web services on smart objects promise simple interactions with Internet services in the Web of Things, e.g., for building automation or in e-health scenarios. Peer authentication and s...

The IP-based Internet of Things refers to the pervasive interactions of smart objects and people enabling new applications by means of IP protocols. An application scenario is a Smart City in which the city infrastructure, cars, and people exchange information to enable new services. IP protocols, such as IPv6, TCP and HTTP will be further compleme...

On-path network elements, such as NATs and firewalls, are an accepted commonality in today's networks. They are essential when extending network functionality and providing additional security. However, these so called middleboxes are not explicitly considered in the original TCP/IP-based network architecture. As a result, the protocols of the TCP/...

Zusammenfassung Die Aufgabe des Data-Mining-Cups 2007 war die Entwicklung einer vollautomatischen Methode zur effektiven Steuerung des Einsatzes von Rabattcoupons. Vorverarbeitung und Parameter wurden durch eine Kreuzvalidierung optimiert. Experimente zeigen, dass ein einzelner Klassifikator in der Regel nicht genügt, die Aufgabenstellung mit ausr...