Stefan Köpsell

Verified

Stefan verified their affiliation via an institutional email.

Learn more

Verified

Stefan verified their affiliation via an institutional email.

Learn more

• Dr.-Ing.
• Researcher at Technische Universität Dresden

Integrated sensing and communication (ISAC) enables radio systems to simultaneously sense and communicate with their environment. This paper, developed within the Hexa-X-II project funded by the European Union, presents a comprehensive cross-layer vision for ISAC in 6G networks, integrating insights from physical-layer design, hardware architecture...

Federated Learning (FL) allows clients to engage in learning without revealing their raw data. However, traditional FL focuses on developing a single global model for all clients, limiting their ability to have personalized models tailored to their specific needs. Personalized FL (PFL) enables clients to obtain their customized models, either with...

We introduce a comprehensive approach to enhance the security, privacy, and sensing capabilities of integrated sensing and communications (ISAC) systems by leveraging random frequency agility (RFA) and random pulse repetition interval (PRI) agility (RPA) techniques. The combination of these techniques, which we refer to collectively as random frequ...

Confidential computing in the public cloud intends to safeguard workload privacy while outsourcing infrastructure management to a cloud provider. This is achieved by executing customer workloads within so called Trusted Execution Environments (TEEs), such as Confidential Virtual Machines (CVMs), which protect them from unauthorized access by cloud...

Remote attestation (RA) is the foundation for trusted execution environments in the cloud and trusted device driver onboarding in operating systems. However, RA misses a rigorous mechanized definition of its security properties in one of the strongest models, i.e., the semantic model. Such a mechanization requires the concept of State-Separating Pr...

Eines der zentralen Spannungsfelder von IT-Sicherheit und insbesondere technischem Daten­schutz sind Störungen und deren Handhabung. Dies lässt sich vereinfachend auch wie folgt formulieren: „Das Ziel von IT-Sicherheit und Datenschutz ist das Vermeiden von Überraschungen“. Gäbe es keine Störungen, gäbe es diese Felder nicht. Vor diesem Hintergrund...

Trustworthiness and trust are basic factors in common societies that allow us to interact and enjoy being in crowds without fear. As robotic devices start percolating into our daily lives they must behave as fully trustworthy objects, such that humans accept them just as we trust interacting with other people in our daily lives. How can we learn fr...

Digital employee cards used for door access control offer benefits, but concerns about traceability, profiling and performance monitoring have led to opposition from workers' councils and employees. However, the emerging identity management approach, Self-Sovereign Identity (SSI), can address these concerns by giving control over disclosed identity...

We propose LCMsec, a brokerless, decentralised Publish/Subscribe protocol. It aims to provide low-latency and high-throughput message-passing for IoT and automotive applications while providing much-needed security functionalities to combat emerging cyber-attacks in that domain. LCMsec is an extension for the Lightweight Communications and Marshall...

In this paper, we develop a new methodology to provide high assurance about privacy in Cooperative Intelligent Transport Systems (C-ITS). Our focus lies on vehicle-to-everything (V2X) communications enabled by Cooperative Awareness Basic Service. Our research motivation is developed based on the analysis of unlinkability provision methods indicatin...

Future industrial networks will consist of a complex mixture of new and legacy components, while new use cases and applications envisioned by Industry 4.0 will demand increased flexibility and dynamics from these networks. Industrial security gateways will become an important building block to tackle new security requirements demanded by these chan...

Trends like Industry 4.0 will pose new challenges for future industrial networks. Greater interconnectedness, higher data volumes as well as new requirements for speeds as well as security will make new approaches necessary. Performanceoptimized networking techniques will be demanded to implement new use cases, like network separation and isolation...

A growing interest in interdisciplinary research can be observed throughout the past decades. Previous work has provided general principles for facilitating collaborative work in academia, but direct interdisciplinary experiences are quite rare in the literature. In this article, we provide our insights on executing interdisciplinary research in a...

Sixth generation systems are expected to face new security challenges, while opening up new frontiers toward context awareness in the wireless edge. The workhorse behind this projected technological leap will be a whole new set of sensing capabilities predicted for 6G devices, in addition to edge and device embedded intelligence. The combination of...

Imagine interconnected objects with embedded artificial intelligence (AI), empowered to sense the environment, see it, hear it, touch it, interact with it, and move. As future networks of intelligent objects come to life, tremendous new challenges arise for security, but also new opportunities, allowing to address current, as well as future, pressi...

Sixth generation systems are expected to face new security challenges, while opening up new frontiers towards context awareness in the wireless edge. The workhorse behind this projected technological leap will be a whole new set of sensing capabilities predicted for 6G devices, in addition to the ability to achieve high precision localization. The...

In this chapter, we present essential building blocks for developing applications in the domain of the Tactile Internet. Our building blocks belong to the fields of (i) safe, secure, and scalable computing infrastructures; (ii) world capturing and modeling; and (iii) context adaptive software and self-explanation. They cover topics, such as resourc...

Industry 4.0 will revolutionize industrial automation. Yet, future smart factories will not be created from scratch. They will rather evolve from ex- isting legacy installations. Consequently, also industrial networks will evolve and the result will be a mixture of new and legacy components. This will make new security mechanisms necessary, that ar...

The establishment of IoT devices in all areas of public and private life raises, besides many new possibilities, also a number of new privacy issues. In particular, the establishment of almost invisible audiovisual sensors, like in smart speakers or smart cars, affects not only the user who purchases these IoT devices, but all those who are within...

Abstract The motivation for this study about Physical Layer Security comes from bridging the gap between the vast theory and a feasible implementation. We propose a Physical-Layer-Security Box as a system-level Box is a system-level solution, named PLS-Box, to solve the key exchange between two wireless communicating parties. The PLS-Box performs a...

Abstract Cloud computing considerably reduces the costs of deploying applications through on-demand, automated and fine-granular allocation of resources. Even in private settings, cloud computing platforms enable agile and self-service management, which means that physical resources are shared more efficiently. Cloud computing considerably reduces...

Intelligent transport systems (ITS) rely on V2X communication for allowing coordination and cooperation of traffic participants and increasing traffic efficiency and safety. Communication between traffic participants needs to be secured, especially with respect to authenticity and integrity. Further, a high level of privacy-preservation needs to be...

Using V2X communication in platoons promises benefits regarding energy efficiency and fleet management. It is also a safety critical process with the potential to cause dangers to life and limb which needs to be secured against attackers. We propose two protocols for secure platoon communication and provide a comparative analysis of those protocols...

Mobile devices such as smartphones and tablets have become increasingly popular tools for Internet-based communication such as web browsing and text messaging. At the same time however, mobile devices fail to provide important privacy guarantees for their users. In particular, mobile devices per default neither conceal which services they are conta...

We present the SecureCloud EU Horizon 2020 project, whose goal is to enable new big data applications that use sensitive data in the cloud without compromising data security and privacy. For this, SecureCloud designs and develops a layered architecture that allows for (i) the secure creation and deployment of secure micro-services; (ii) the secure...

The AN.ON-Next project aims to integrate privacy-enhancing technologies into the internet's infrastructure and establish them in the consumer mass market. The technologies in focus include a basis protection at internet service provider level, an improved overlay network-based protection and a concept for privacy protection in the emerging 5G mobil...

We present the SecureCloud EU Horizon 2020 project, whose goal is to enable new big data applications that use sensitive data in the cloud without compromising data security and privacy. For this, SecureCloud designs and develops a layered architecture that allows for (i) the secure creation and deployment of secure micro-services; (ii) the secure...

We present the SecureCloud EU Horizon 2020 project, whose goal is to enable new big data applications that use sensitive data in the cloud without compromising data security and privacy. For this, SecureCloud designs and develops a layered architecture that allows for (i) the secure creation and deployment of secure micro-services; (ii) the secure...

Privacy is a major concern on the current Internet, but transport mechanisms like IPv4 and more specifically IPv6 do not offer the necessary protection to users. However, the IPv6 address size allows designing privacy mechanisms impossible in IPv4. Nevertheless existing solutions like Privacy Extensions [20] are not optimal, still only one address...

Privacy protection tools can be characterised by the number of parties that have to cooperate so that the tools work and achieve the desired effect [Pfi01]: Some privacy protection tools can be used stand-alone, without the need for the cooperation of other parties. Others require that the communication partners use the same tools. Some tools only...

Much research and development has been done during the past couple of years to assist users in managing their partial identities in the digital world by several types of identity management [BMH05]. A comprehensive privacy-enhancing identity management system would include the following components [CK01]: an Identity Manager (IdM) on the user’s si...

The recently introduced legislation on data retention to aid prosecuting cyber-related crime in Europe also affects the achievable security of systems for anonymous communication on the Internet. We have analyzed the newly arising risks associated with the process of accessing and storage of the retained data and propose a secure logging system, wh...

A typical consent dialog was shown in 2 x 2 x 3 experimental variations to 80,000 users of an online privacy tool. We find that polite requests and button texts pointing to a voluntary decision decrease the probability of consent---in contrast to findings in social psychology. Our data suggests that subtle positive effects of polite requests indeed...

Eine Vorratsdatenspeicherung von Kommunikationsdaten schafft eine bedeutende Sicherheitslücke und beeinträchtigt schon allein dadurch die Grundrechte der Betroffenen. Dieser Sicherheitslücke muss im Rahmen des Möglichen durch gesetzliche Vorgaben wirksamer Sicherungsmaßahmen entgegengewirkt werden. Der Beitrag stellt wesentliche technische Fakten v...

The recently introduced legislation on data retention to aid prosecuting cyber-related crime in Europe also affects the achievable security of systems for anonymous communication on the Internet. We argue that data retention requires a review of existing security evaluations against a new class of realistic adversary models. In particular, we prese...

The recently introduced legislation on data retention to aid prosecuting cyber-related crime in Europe also affects the achievable security of systems for anonymous communication on the Internet. We argue that data retention requires a review of existing security evaluations against a new class of realistic adversary models. In particular, we prese...

Zusammenfassung Im Rahmen eines EU TEMPUS Projektes wurde ein Ausbildungskonzept fr Datenschutz und IT-Sicherheit in der Russischen Frderation entwickelt. Die Ergebnisse des Projekts sind ein Beitrag zur internationalen Vereinheitlichung dieser Ausbildung.

Many people have a fallacious feeling of being anonymous when surfing the Internet. But, ordinary Internet communication on the network layer is by default not anonymous because of the usage of identifying characteristics like Internet Protocol (IP) or Media Access-Control (MAC) addresses. So, if no additional measures are taken, an adversary can e...

One of the heavily discussed design questions for low latency anonymity systems is: “How much additional anonymity will the system provide by adding a certain amount of delay?” But current research on this topic ignores an important aspect of this question – the influence of the delay on the number of users and by this means on the anonymity provid...

Anonymity services in the EU may be forced by the new EU data retention directive to collect connection data and deanonymise some of their users in case of serious crimes. For this purpose, we propose a new privacy-friendly solution for incorporating revocation in an anonymous communication system. In contrast to other known methods, our scheme doe...

Die Erfahrungen mit dem Betrieb eines Dienstes zum anonymen und unbeobachtbaren Websurfen zeigen, daß ein solcher Dienst auch in geringem Umfang zum Begehen von Straftaten mißbraucht wird. Das vorliegende Papier beschäftigt sich mit der Frage, wie eine datenschutzgerechte Deanonymisierung in solchen konkreten Einzelfällen durchgeführt werden kann,...

We are developing a blocking resistant, practical and usable system for anonymous web surfing. This means, the system tries to provide as much reachability and availability as possible, even to users in countries where the free flow of information is legally, organizationally and physically restricted. The proposed solution is an add-on to existing...

The development of a general-purpose request-reply anonymous communication channel by utilizing HTTP-based anonymizing tools is discussed. Such channels let clients and servers exchange messages in such a way that servers don't know the true identity of clients. The web server does not learn the true IP address of the web-browsing client. Such anon...

Editors’ note. Following the panel discussion on Mix Cascades versus P2P at PET 2004, we invited the original panel proposers to write a summary of the discussion for the proceedings. This is their contribution. After almost two decades of research on anonymous network communication the development has forked into two main directions, namely Mix ca...

While there have been made several proposals to define and measure anonymity (e.g., with information theory, formal languages and logics) unlinkability has not been modelled generally and formally. In contrast to anonymity unlinkability is not restricted to persons. In fact the unlinkability of arbitrary items can be measured. In this paper we try...

Vorgestellt wird ein Bezahlsystem fur einen Mixkaskaden-basierten An- onymisierungsdienst. Es ermoglicht eine Datenvolumen-abhangige Bezahlung. Das Bezahlsystem wurde unter dem Gesichtspunkt der praktikablen Anwendbarkeit ent- worfen, d. h. es werden existierende Zahlungsmethoden genutzt und die Qualitat des Anonymisierungsdienstes wird nicht beein...

Datenschutz im Internet kann nicht beim Schutz von Kommunikationsinhal- ten enden. Auch die ¨ außeren Umst¨ ande einer Kommunikation, also wer wann mit wem kommuniziert, k¨ onnen sch¨ utzenswerte personenbezogene Daten sein. Dieser Beitrag soll einen kurzen ¨ Uberblick dar¨ uber geben, welche Systeme zum Schutz dieser Da- ten speziell beim Zugriff...

Based on the private message service described in [4] we show efficiency improvements of that private message service in the computational setting. Regarding an attacker which may control all but one of the queried servers we describe a private message service with a total communication complexity of blinded read between client and private message...

We present the architecture, design issues and functions of a MIX-based system for anonymous and unobservable real-time Internet access. This system prevents traffic analysis as well as flooding attacks. The core technologies include an adaptive, anonymous, time/volumesliced channel mechanism and a ticket-based authentication mechanism. The system...

Dieses Papier beschreibt Verfahren, mit denen sich Angriffe der Klasse der Flooding- bzw. „n-1“-Angriffe auf Anonymisierungsdienste erkennen lassen und deren Erfolg verhindert werden kann.

The recently introduced legislation on data retention to aid prosecuting cyber-re-lated crime in Europe also affects the achievable security of systems for anonymous communication on the Internet. We have analysed the newly arising risks associ-ated with the process of accessing and storage of the retained data and propose a se -cure logging system...

Die Dissertation erläutert, wie ein Anonymisierungsdienst zu gestalten ist, so daß er für den durchschnittlichen Internetnutzer benutzbar ist. Ein Schwerpunkt dabei war die Berücksichtigung einer möglichst holistischen Sichtweise auf das Gesamtsystem "Anonymisierungsdienst". Es geht daher um die ingenieurmäßige Berücksichtigung der vielschichtigen...