Publications

2019

Angelo Liguori, Peter Schoo, Marcel Winandy:

Mind the Shift: Secure Migration of Containerized Processes in Edge Computing

5th IEEE International Conference on Edge Computing and Scalable Cloud (IEEE EdgeCom 2019), Paris, France, June 2019.

2018

2016

Ana Danping, Makan Pourzandi, Sandra-Scott Hayward, Haibin Song, Marcel Winandy, Dacheng Zhang:

Threat Analysis for the SDN Architecture

Open Network Foundation (ONF), TR-530, July 2016.


Marcel Winandy, Patty Kostkova, Ed de Quincey, Connie St Louis, Martin Szomszor:

Follow #ehealth2011: Measuring the Role and Effectiveness of Online and Social Media in Increasing the Outreach of a Scientific Conference

Journal of Medical Internet Research 2016; 18(7):e191, DOI: 10.2196/jmir.4480

 

Johannes Hoffmann, Teemu Rytilahti, Davide Maiorca, Marcel Winandy, Giorgio Giacinto, Thorsten Holz:

Evaluating Analysis Tools for Android Apps: Status Quo and Robustness Against Obfuscation

Technical Report TR-HGI-2016-003, Ruhr-University Bochum, August 2016.

 

Johannes Hoffmann, Teemu Rytilahti, Marcel Winandy, Thorsten Holz, Davide Maiorca and Giorgio Giacinto:

POSTER: Evaluating Analysis Tools for Android Apps: Status Quo and Robustness Against Obfuscation

6th ACM Conference on Data and Application Security Privacy (CODASPY 2016), New Orleans, USA, March 9-11, 2016.

2014

Luigi Catuogno, Hans Löhr, Marcel Winandy, Ahmad-Reza Sadeghi:

A Trusted Versioning File System for Passive Mobile Storage Devices

Journal of Network and Computer Applications, Vol. 38, February 2014, pp. 65-75, http://dx.doi.org/10.1016/j.jnca.2013.05.006

2013

Thomas Hupperich, Lennart Köster, Christoph Kowalski, Hiva Mahmoodi, Ahmad-Reza Sadeghi, Marcel Winandy:

Whitepaper - Sicherheitsaspekte der einrichtungsübergreifenden Elektronischen Patientenakte

Technical Report, Ruhr-University Bochum, December 2013. 

 

Agnes Gawlik, Marcel Winandy:

Mit Sicherheit Mobil: Die Nutzung mobiler Geräte stellt Herausforderungen an Datenschutz und -sicherheit im Klinikalltag

E-HEALTH-COM, Nr. 6, 2013, S. 38-39.

 

Atanas Filyanov, Aysegül Nas, Melanie Volkamer, Marcel Winandy:

On the Usability of Secure GUIs

Technical Report HGI-TR-2013-002, Ruhr-University Bochum, 2013.

 

Atanas Filyanov, Aysegül Nas, Melanie Volkamer, Marcel Winandy:

POSTER: On the Usability of Secure GUIs

9th Symposium on Usable Privacy and Security (SOUPS 2013), Newcastle, UK, July 24-26, 2013.

 

Lennart Köster, Fatih Korkmaz, Marcel Winandy:

Standardorientierte Speicherung von verschlüsselten Dokumenten in einem XDS-Repository

Proceedings of the eHealth2013, May 23-24, Vienna, Austria, OCG, 2013.

2012

Michael Gröne, Marcel Winandy:

Applying a Security Kernel Framework to Smart Meter Gateways

ISSE 2012 Securing Electronic Business Processes, Highlights of the Information Security Solutions Europe 2012 Conference, pp. 252-259, Springer Vieweg, 2012.

 

Agnes Gawlik, Lennart Köster, Hiva Mahmoodi, Marcel Winandy

Requirements for Integrating End-to-End Security into Large-Scale EHR Systems

Amsterdam Privacy Conference (APC 2012), Workshop on Engineering EHR Solutions (WEES), 2012, Available at SSRN: http://ssrn.com/abstract=2457987

 

Marcel Winandy:

Informationssicherheit in der Arztpraxis: Aktuelle Herausforderungen und Lösungsansätze

Datenschutz und Datensicherheit (DuD) 06/2012, pp. 419-424, Springer Gabler, 2012.

 

Thomas Hupperich, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy

Flexible Patient-Controlled Security for Electronic Health Records

IHI 2012: Proceedings of the 2nd ACM SIGHIT International Symposium on Health Informatics, ACM, 2012.

 

Marcel Winandy:

Security and Trust Architectures for Protecting Sensitive Data on Commodity Computing Platforms

PhD Thesis, Ruhr-University Bochum, Shaker-Verlag, 2012.

2011

Lucas Davi, Alexandra Dmitrienko, Christoph Kowalski, Marcel Winandy:

Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones

STC '11: Proceedings of the 6th ACM Workshop on Scalable Trusted Computing, pp. 49-58, ACM, 2011.

 

Atanas Filyanov, Jonathan M. McCune, Ahmad-Reza Sadeghi, Marcel Winandy:

Uni-directional Trusted Path: Transaction Confirmation on Just One Device

IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN 2011), pp. 1-12. IEEE Computer Society, 2011.

 

Alexandra Dmitrienko, Zecir Hadzic, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy:

Securing the Access to Electronic Health Records on Mobile Phones

Biomedical Engineering Systems and Technologies 2011 - Revised Selected Papers, Springer, 2011

 

Ammar Alkassar, Biljana Cubaleska, Hans Löhr, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy:

MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients

Med-e-Tel - Global Telemedicine and eHealth Updates: Knowledge Resources, Vol. 4, pp. 385-389, ISfTeH, Luxembourg, 2011.

 

Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy:

ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011), ACM, 2011.

 

Alexandra Dmitrienko, Zecir Hadzic, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy:

A Security Architecture for Accessing Health Records on Mobile Phones

Proceedings of the 4th International Conference on Health Informatics (HEALTHINF 2011), pp. 87-96, SciTePress, 2011.

2010

Marcel Winandy:

A Note on the Security in the Card Management System of the German E-Health Card

Electronic Healthcare, Third International Conference, eHealth 2010, LNICST 69, pp. 196-203, Springer, 2012.

 

Sven Bugiel, Alexandra Dmitrienko, Kari Kostiainen, Ahmad-Reza Sadeghi, Marcel Winandy:

TruWalletM: Secure Web Authentication on Mobile Platforms

Trusted Systems, Second International Conference, INTRUST 2010, LNCS 6802/2011, Springer, 2011.

 

Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy:

Securing the E-Health Cloud

Proceedings of the 1st ACM International Health Informatics Symposium (IHI 2010), pp. 220-229, ACM, 2010.

 

Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Marcel Winandy:

Privilege Escalation Attacks on Android

Information Security, 13th International Conference, ISC 2010, LNCS 6531/2011, pp. 346-360, Springer 2011.

 

Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, Marcel Winandy:

Return-Oriented Programming without Returns

Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS 2010), ACM, 2010.

 

Hans Löhr, Thomas Pöppelmann, Johannes Rave, Martin Steegmanns, Marcel Winandy:

Trusted Virtual Domains on OpenSolaris: Usable Secure Desktop Environments

Proceedings of the 5th Annual Workshop on Scalable Trusted Computing (STC 2010), ACM, 2010.

 

Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Marcel Winandy:

Return-Oriented Programming without Returns on ARM

Technical Report HGI-TR-2010-002, Ruhr-University Bochum, 2010.

 

Ahmad-Reza Sadeghi, Thomas Schneider, Marcel Winandy:

Token-Based Cloud Computing - Secure Outsourcing of Data and Arbitrary Computations with Lower Latency

3rd International Conference on Trust and Trustworthy Computing (TRUST 2010) - Workshop on Trust in the Cloud, Springer, 2010.

 

Luigi Catuogno, Hans Löhr, Mark Manulis, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy:

Trusted Virtual Domains: Color Your Network

Datenschutz und Datensicherheit (DuD) 5/2010, pp. 289-298.

 

Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy:

ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks

Technical Report HGI-TR-2010-001, Ruhr-University Bochum, 2010.

 

Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy:

Patterns for Secure Boot and Secure Storage in Computer Systems

4th International Workshop on Secure Systems Methodologies Using Patterns (SPattern 2010), Proceedings of ARES 2010: International Conference on Availability, Reliability, and Security, pp. 569-573, IEEE Computer Society, 2010.

2009

Luigi Catuogno, Alexandra Dmitrienko, Konrad Eriksson, Dirk Kuhlmann, Gianluca Ramunno, Ahmad-Reza Sadeghi, Steffen Schulz, Matthias Schunter, Marcel Winandy, Jing Zhan:

Trusted Virtual Domains - Design, Implementation and Lessons Learned

INTRUST2009 - The International Conference on Trusted Systems, Springer, 2010.

 

Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy:

Dynamic Integrity Measurement and Attestation: Towards Defense Against Return-Oriented Programming Attacks

Proceedings of the 2009 ACM Workshop on Scalable Trusted Computing (STC 2009), ACM, 2009.

 

Sebastian Gajek, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy:

TruWallet: Trustworthy and Migratable Wallet-based Web Authentication

Proceedings of the 2009 ACM Workshop on Scalable Trusted Computing (STC 2009), ACM, 2009.

 

Felix Gröbert, Ahmad-Reza Sadeghi, Marcel Winandy:

Software distribution as a malware infection vector

International Conference for Internet Technology and Secured Transactions (ICITST 2009), IEEE, 2009.

 

Luigi Catuogno, Hans Löhr, Mark Manulis, Ahmad-Reza Sadeghi, Marcel Winandy:

Transparent Mobile Storage Protection in Trusted Virtual Domains

Proceedings of the 23rd Large Installation System Administration Conference (LISA '09), USENIX, 2009.

 

Thomas Fischer, Ahmad-Reza Sadeghi, Marcel Winandy:

A Pattern for Secure Graphical User Interface Systems

20th International Workshop on Database and Expert Systems Application, (SPattern 2009: 3rd International Workshop on Secure Systems Methodologies Using Patterns), IEEE Computer Society, 2009.

 

Ahmad-Reza Sadeghi, Marcel Winandy:

Einsatz von Sicherheitskernen und Trusted Computing

D-A-CH Security 2009, syssec Verlag, 2009.

 

Hans Löhr, Ahmad-Reza Sadeghi, Christian Stüble, Marion Weber, Marcel Winandy:

Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels

Trusted Computing, Second International Conference, Trust 2009, LNCS, Vol. 5471, Springer, 2009.

 

Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy, Claire Vishik:

Trusted Privacy Domains - Challenges for Trusted Computing in Privacy-Protecting Information Sharing

Information Security Practice and Experience, 5th International Conference, ISPEC 2009, LNCS, Vol. 5451, Springer, 2009.

2008

Marcel Winandy:

Trusted Computing: Prüfender Chip

Kommune21, Titelthema Datenschutz im E-Government, 12/2008, S. 26-27, K21 media AG, 2008.

 

Yacine Gasmi, Rani Husseiki, Ahmad-Reza Sadeghi, Patrick Stewin, Christian Stüble, Martin Unger, Marcel Winandy:

Flexible and Secure Enterprise Rights Management based on Trusted Virtual Domains

Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing (STC 2008), ACM, 2008.

 

Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy:

Property-Based TPM Virtualization

Information Security: 11th International Conference (ISC 2008), LNCS, Vol. 5222, Springer, 2008.

 

Yacine Gasmi, Christian Hessmann, Martin Pittenauer, Marcel Winandy:

Sicherheitsprobleme elektronischer Wahlauszählungssysteme in der Praxis

INFORMATIK 2008, Beherrschbare Systeme - dank Informatik, Band 1, Beiträge der 38. Jahrestagung der Gesellschaft für Informatik e.V. (GI), LNI 133, GI, 2008.

 

Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy:

Property-Based TPM Virtualization

Technical Report HGI-TR-2008-001, Ruhr-University Bochum, 2008.

2007

Sebastian Gajek, Ahmad-Reza Sadeghi, Jörg Schwenk, Marcel Winandy:

Trusted User-Aware Web Authentication

3rd Workshop on Trustworthy Interfaces for Passwords and Personal Information (TIPPI), Stanford University, 2007.

 

Sebastian Gajek, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy:

Compartmented Security for Browsers - Or How to Thwart a Phisher with Trusted Computing

Proceedings of the Second International Conference on Availability, Reliability and Security (ARES 2007), IEEE Computer Society, 2007.

 

Sebastian Gajek, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy

Compartmented Security for Browsers

Technical Report HGI-TR-2007-001, Ruhr-University Bochum, 2007.

2006

Sebastian Gajek, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy:

Towards Multicolored Computing - Compartmented Security to Prevent Phishing Attacks

1st Benelux Workshop on Information and System Security (WISSec 2006), Antwerpen (Belgium), 2006.

 

Ahmad-Reza Sadeghi, Marcel Selhorst, Christian Stüble, Christian Wachsmann, Marcel Winandy:

TCG Inside? - A Note on TPM Specification Compliance

Proceedings of the First ACM Workshop on Scalable Trusted Computing (STC'06), ACM, 2006.

 

Ammar Alkassar, Michael Scheibel, Christian Stüble, Ahmad-Reza Sadeghi, Marcel Winandy:

Security Architecture for Device Encryption and VPN

Proceedings of Information Security Solutions Europe (ISSE 2006).

 

Ahmad-Reza Sadeghi, Michael Scheibel, Christian Stüble, Marcel Winandy:

Design and Implementation of a Secure Linux Device Encryption Architecture

LinuxTag 2006, Wiesbaden (Germany), 2006.

2005

Ahmad-Reza Sadeghi, Marcel Selhorst, Oskar Senft, Christian Stüble and Marcel Winandy:

New Aspects on Trusted Computing - New and Advanced Possibilities to Improve Security and Privacy

Datenschutz und Datensicherheit (DuD), 9/2005.

 

Adrian Spalka, Marcel Winandy, Armin B. Cremers:

Multilateral Security Considerations for Adaptive Mobile Applications

Proceedings of the 2nd International Conference on E-Business and Telecommunication Networks (ICETE 2005), INSTICC, 2005.

 

Holger Mügge, Tobias Rho, Marcel Winandy, Markus Won, Armin B. Cremers, Pascal Costanza, Roman Englert:

Towards Context-Sensitive Intelligence

Proceedings of the 2nd European Workshop on Software Architectures (EWSA 2005), LNCS, Vol. 3527, Springer, 2005.

2003

Adrian Spalka, Marcel Winandy:

A Protection Environment for Administrators of Windows 2000/XP Against Malicious Program Attacks

Proceedings of the 27th Annual International Computer Software and Applications Conference (COMPSAC 2003), IEEE Computer Society, 2003.

2002

Marcel Winandy, Armin B. Cremers, Adrian Spalka, Hanno Langweg:

Protecting Java Component Integrity Against Trojan Horse Programs

Proceedings of IFIP TC11/WG11.5 Fifth Working Conference on Integrity and Internal Control in Information Systems (IICIS 2002), Kluwer, 2003.

 

Marcel Winandy:

Robuste Integration kryptographischer Anwendungen in Java und Windows 2000

Diplomarbeit, Universität Bonn, 2002.