Research
In this section you find mainly information about my research while I was working in academia. However, my professional work is often related to applied research, hence, you will also find some information on practical results - whenever I am able to publish about it.
My research field is computer security, in particular system security. System security covers all aspects of a particular system that are relevant for its security. A system can be a single computer and its underlying operating system, but a system can also be a distributed set of subsystems in a networked cloud environment. It always depends on the given scenario. A key aspect of system security is that it aims to give a holistic view of the system's security, ranging from the components it is built from and how they are built, up to the connections to other systems and how they relate to each other.
Operating Systems are the basic software of a computer, they control and manage the resources of the applications running on them. I did research on exploring technologies such as trusted computing and security kernels, and how they can be leveraged to make operating systems secure.
Trusted computing is a concept that provides security functions to establish and evaluate trust among computer systems. In this field I did most of my research. And it is still the main source of ideas, techniques and concepts I draw from when designing secure systems in practice.
With the emergence of smart mobile phones, in particular iPhone and Android devices, a dedicated field of research developed. In addition to operating system security, one has also to consider sensors, locality, usability, etc.
The security of electronic health record systems was another research area I was looking into. For some people. this area is just another application domain. However, it has some particular issues on its security and privacy.
Software Defined Networking (SDN) is a new paradigm of designing networks. During my work at Huawei, I did some applied research on the security of SDN. In particular, I looked into the security of SDN controllers.
Internet-of-Things (IoT) basically means connected devices. This area needs a special look at existing concepts and their application to devices with less energy, less computing power, less storage, and restricted user interfaces.