The main objective of the security and privacy group is the development of a platform which enables secure and privacy-respecting data processing for IoT applications. Therefore, we will develop building blocks which can be easily combined to build an integrated solution. Thereby we will take an holistic view which – besides pure technical aspects – covers economic, legal and organizational means.
The main strategy to achieve our goal is the decomposition of the overall system into security-critical and non-security-critical components. Thereby the foundation of our work are the results achieved by the Composability HW/SW research whilst our group will contribute to enhance the state-of-the-art regarding this Key Principle. We will develop new methods and protocols for key exchange considering the very heterogenous domain of IoT. Here we will integrate the results of Physical Layer Security into an overall security concept. Additionally, our group will work on new methods for secure updates allowing to keep especially the security-critical components up to date over the whole lifetime of IoT devices.
We will develop new concepts to better balance the tradeoff regarding privacy vs. utility supporting privacy-respecting data processing without losing functionality. We will pay special attention to new privacy-related protection goals like transparency and intervenability.