Operating System Security

Operating systems are the basic underlying software on a computer that provides services and manages the resources of the system for user applications. Commonly used operating systems on PCs have fundamental architectural security problems which results in a major problem for privacy and security of private, organizational or even governmental data.

 

Research in secure operating systems exists for decades. But still, those principles are not transferred and integrated in standard operating systems for most devices, such as PCs or mobile phones. One reason for this lack of integration is because secure operating systems require a lot of work (strict design rules, formal specifications and proofs, etc.), which is very costly for standard systems. Hence, vendors do not want to have those costs and reject to incorporate well-known security concepts.

 

In one major line of work (during my PhD studies), I have analyzed how well-known security principles (such as the principle of a security kernel) can be integrated easily and efficiently (meaning with low cost) into operating systems for PCs and other main stream computing devices. Another line of my work was about exploring new technologies that can be integrated into operating system to provide new security functions.  You can also read more about this in my section on Trusted Computing.


Research Works

Download
A Trusted Versioning File System for Passive Mobile Storage Devices
Luigi Catuogno, Hans Löhr, Marcel Winandy, Ahmad-Reza Sadeghi.
Journal of Network and Computer Applications, Vol. 38, February 2014.
CLWS2014-tvfs.pdf
Adobe Acrobat Document 807.0 KB
Download
POSTER: On the Usability of Secure GUIs
Atanas Filyanov, Aysegül Nas, Melanie Volkamer, Marcel Winandy
9th Symposium on Usable Privacy and Security (SOUPS 2013), Newcastle, UK, 2013.
FiNaVoWi2013-Poster-Usability_SecureGUIs
Adobe Acrobat Document 1.7 MB
Download
On the Usability of Secure GUIs
Atanas Filyanov, Aysegül Nas, Melanie Volkamer, Marcel Winandy.
Technical Report HGI-TR-2013-002, Ruhr-University Bochum, 2013.
FiNaVoWi2013-Usability_SecureGUIs.pdf
Adobe Acrobat Document 637.1 KB
Download
Return-Oriented Programming without Returns
Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, Marcel Winandy.
Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS 2010), ACM, 2010.
CDDSSW2010-ROP-without-Returns.pdf
Adobe Acrobat Document 489.7 KB
Download
Return-Oriented Programming without Returns on ARM
Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Marcel Winandy.
Technical Report HGI-TR-2010-002, Ruhr-University Bochum, 2010.
DDSW2010-TR-ROP-on-ARM.pdf
Adobe Acrobat Document 426.6 KB
Download
ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks
Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy.
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011), ACM, 2011.
DaSaWi2011-ROPdefender.pdf
Adobe Acrobat Document 378.3 KB
Download
ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks
Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy.
Technical Report HGI-TR-2010-001, Ruhr-University Bochum, 2010.
DaSaWi2011-TR-ROPdefender.pdf
Adobe Acrobat Document 624.6 KB
Download
Patterns for Secure Boot and Secure Storage in Computer Systems
Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy
4th International Workshop on Secure Systems Methodologies Using Patterns (SPattern 2010), Proceedings of ARES 2010: International Conference on Availability, Reliability, and Security., pp. 569-573, IEEE Computer Society, 2010.
LoSaWi2010-SecureBoot_Pattern.pdf
Adobe Acrobat Document 121.2 KB
Download
A Pattern for Secure Graphical User Interface Systems
Thomas Fischer, Ahmad-Reza Sadeghi, Marcel Winandy
20th International Workshop on Database and Expert Systems Application, (SPattern 2009: 3rd International Workshop on Secure Systems Methodologies Using Patterns), IEEE Computer Society, 2009.
FiSaWi2009-SecureGUI_Pattern.pdf
Adobe Acrobat Document 124.3 KB
Download
Robuste Integration kryptographischer Anwendungen in Java und Windows 2000 🇩🇪
Marcel Winandy.
Diplomarbeit, Universität Bonn, 2002.
Winandy2002-dipl.pdf
Adobe Acrobat Document 567.0 KB