Jens Oberender

Jens Oberender
SRC Security Research & Consulting GmbH · IT Security Evaluation Faciility

Dr., CISM, PMP

About

21
Publications
4,223
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
163
Citations
Introduction
Assessing 5G IT security IT security in VoIP protocols
Additional affiliations
October 2003 - December 2009
Universität Passau
Position
  • Research Associate

Publications

Publications (21)
Presentation
Full-text available
Internet of Things (IoT) devices are often closely coupled with human life. Things in IoT systems often collect sensitive data e.g. in health care devices or smart homes. IoT devices and protocols face multiple challenges over their lifetime phases. The security level of these early products is often rather basic. The usage of IoT may introduce nov...
Preprint
Internet of Things (IoT) devices are often closely coupled with human life. Things in IoT systems often collect sensitive data e.g. in health care devices or smart homes. IoT devices and protocols face multiple challenges over their lifetime phases. The security level of these early products is often rather basic. The usage of IoT may introduce nov...
Data
[slides] Secure delivery is the process of transferring certified products to the user. Manipulation during this phase might be undetectable, e.g. implanting Advanced Persistent Threats. Even security domains that Common Criteria approaches rely on may be exploited. The paper assesses the security claims for secure delivery and deferrals to post-de...
Article
Das embedded UICC (eUICC) stellt einen zukünftigen Sicher- heitsanker in Mobilfunkgeräten dar. Ein im UICC eingebrachtes Geheimnis dient der Authentifizierung gegenüber einer dritten Partei. Im Gegensatz zu den identifizierenden Eigenschaften einer Physical Uncloneable Function wird das Geheimnis (Credential) in das eUICC erst nach der Produkti...
Conference Paper
Full-text available
Embedded UICC (eUICC) zielen auf den Einsatz in Machine-2-Machine Lösungen ab, bei denen die Auswahl des Mobilfunkbetreibers erst nach der Produktion erfolgt, aber zu diesem Zeitpunkt kein Zugang zum Produkt mehr möglich ist. Der Vortrag stellt den aktuellen Stand der Verwaltungsfunktionen und Rollen vor, die für die Verwaltung eines eUICC spezifiz...
Conference Paper
Full-text available
Secure delivery is the process of transferring certified products to the user. Manipulation during this phase might be undetectable, e.g. implanting Advanced Persistent Threats. Even security domains that Common Criteria approaches rely on may be exploited. The paper assesses the security claims for secure delivery and deferrals to post-delivery ph...
Conference Paper
Full-text available
The ASPECTS project considered an underlying dynamic spectrum access radio network, spectrum sensing technology and techniques, and spectrum sharing policies and rules and addressed vulnerabilities in all spectrum sharing phases, i.e. spectrum monitoring, negotiation, dissemination of access rules and sharing implementation. In the following sectio...
Article
Full-text available
Recent advances in the fields of Cognitive Radio and the proliferation of open spectrum access promise that spectrum-agile wireless communication will be widespread in the near future, and will bring significant flexibility and potential utility improvements for end users. With spectrum efficiency being a key objective, most relevant research focus...
Article
Full-text available
Unverkettbare Nachrichten sind ein Grundbaustein anonymer Kommunikation. Anonymisierungsnetze schützen mittels Unverkettbarkeit, wer mit wem kommuniziert sowie die Identität der Beteiligten einer Kommunikationsbeziehung. Anonymisierungsnetze benötigen Kooperation, da die Anonymität durch Ressourcen anderer Teilnehmer geschützt wird. Wenn die Kosten...
Conference Paper
Full-text available
In a Dining Cryptographers network, the anonymity level raises with the number of participating users. This paper studies strategic behavior based on game theory. Strategic user behavior can cause sudden changes to the number of system participants and, in consequence, degrade anonymity. This is caused by system parameters that influence strategic...
Conference Paper
Full-text available
Denial-of-Service (DoS) flooding attackers benefit from sender anonymity and exit node diversity. Anonymity networks provide this by hiding the communication relationship and therefore hinder attack detection. After the anonymity network purges IP headers, the attributes for clustering of traffic flows remain hidden. Message unlinkability provides...
Conference Paper
Full-text available
Peer-to-peer (P2P) file-sharing has become the killer application in the wired Internet and might also be highly attractive for mobile networks. In particular since UMTS operators are searching for new applications which do both: a) exploit the potential of the UMTS technology and b) motivate the user to adopt the new technology. In this work we ar...
Conference Paper
Full-text available
In this paper we present a P2P file-sharing architecture optimized for mobile networks. We discuss the applicability of current P2P techniques for resource access and mediation in the context of 2.5G/3G mobile networks. We investigate a mobile P2P architecture that is able to reconcile the decentralized operation of P2P file sharing with the intere...
Conference Paper
Full-text available
Traffic engineering in P2P networks deals with organizing overlay net- works. The challenge of unavailability has not been mastered yet. Considering the resource allocation can gain further improvements. While adapting P2P file sharing onto mobile infrastructures, we learned that replication is a solution to both issues: availability and traffic op...
Article
Full-text available
Peer-to-Peer (P2P) file-sharing has become the killer application in the wired Internet and might also be highly attractive for mobile networks. In particular since UMTS operators are searching for new applications which do both: a) exploit the potential of the UMTS technology and b) motivate the user to adopt the new technology. In this work we ar...
Article
Full-text available
File-sharing in mobile networks has differing demands to a P2P archi- tecture. Resource access and mediation techniques must follow constraints given in 2.5G/3G networks. Enhancing the eDonkey protocol, we reconcile decentralized op- eration with traffic control.
Conference Paper
Full-text available
P2P file sharing is an interesting application in a mobile data network such as GSM/GPRS and UMTS. In particular in mobile environments, operation of P2P systems encounters several problems, such as a relatively narrow and expensive air interface, highly varying online-state (presence) of subscribers, hierarchical network structure, and limited dev...

Projects

Projects (4)
Archived project
Understanding Anonymity, Privacy and Collaboration in Collaborative Communicatiion Networks
Project
IT-Security Assessment