Tauber, Markus

Thumbnail Image
Official Name
Tauber, Markus
Akademische Titel
Ehemaliger FH Mitarbeiter
Web Site
Scopus Author ID
37058207900
Status
exstaff

Research Outputs

2022 2022 2021 2021 2020 2020 2019 2019 2018 2018 2017 2017 2016 2016 0.0 0.0 0.2 0.2 0.4 0.4 0.6 0.6 0.8 0.8 1.0 1.0 1.2 1.2 1.4 1.4 1.6 1.6 1.8 1.8 2.0 2.0

Filters

21
42
Reset filters

Settings

Now showing 1 - 6 of 6
  • Thumbnail Image
    Publication
    Security standard compliance and continuous verification for Industrial Internet of Things
    (Sage, 2020)
    Bicaku, Ani 
    ;
    Tauber, Markus 
    ;
    Delsing, Jerker 
    Due to globalization and digitalization of industrial systems, standard compliance is gaining more attention. In order to stay competitive and remain in business, different sectors within industry are required to comply with multiple regulations. Compliance aims to fulfill regulations by including all measures imposed by laws and standards. Every device, application, or service implements several technologies at many levels, and standards support interoperability across them. They help to create global markets for industries and enable networked development in order to be successful and sustainable. This work highlights the importance of standard compliance and continuous verification in industrial Internet of Things and implements an automatic monitoring and standard compliance verification framework. In this work, we focus on security, safety, and organizational aspects of industrial Internet of Things. We identify a number of standards and best practice guidelines, which are used to extract security, safety, and organizational measurable indicator points. In addition, a metric model is provided that forms the basis for the necessary information needed for compliance verification, including requirements, standards, and metrics. Also, we present the prototype of the monitoring and standard compliance verification framework used to show the security compliance of an industrial Internet of Things use case.
      122  1498Scopus© Citations 11
  • No Thumbnail Available
  • Thumbnail Image
    Publication
    A Lightweight Authentication Mechanism for M2M Communications in Industrial IoT Environment
    (2019)
    Esfahani, A. 
    ;
    Mantas, G. 
    ;
    Matischek, R. 
    ;
    Saghezchi, F. 
    ;
    Bicaku, Ani 
    ;
    Maksuti, Silia 
    ;
    Tauber, Markus 
    ;
    Schmittner, Ch. 
    ;
    Bastos, J. 
    In the emerging industrial Internet of Things (IIoT) era, machine-to-machine (M2M) communication technology is considered as a key underlying technology for building IIoT environments, where devices (e.g., sensors, actuators, and gateways) are enabled to exchange information with each other in an autonomous way without human intervention. However, most of the existing M2M protocols that can be also used in the IIoT domain provide security mechanisms based on asymmetric cryptography resulting in high computational cost. As a consequence, the resource-constrained IoT devices are not able to support them appropriately and thus, many security issues arise for the IIoT environment. Therefore, lightweight security mechanisms are required for M2M communications in IIoT in order to reach its full potential. As a step toward this direction, in this paper, we propose a lightweight authentication mechanism, based only on hash and XOR operations, for M2M communications in IIoT environment. The proposed mechanism is characterized by low computational cost, communication, and storage overhead, while achieving mutual authentication, session key agreement, device's identity confidentiality, and resistance against the following attacks: replay attack, man-in-the-middle attack, impersonation attack, and modification attack.
      562  968Scopus© Citations 214
  • No Thumbnail Available
    Publication
    Towards Resilience Metrics for Future Cloud Applications
    (2016)
    Novak, Marko 
    ;
    Shirazi, Syed Noorulhassan 
    ;
    Hudic, Aleksandar 
    ;
    Hecht, Thomas 
    ;
    Tauber, Markus 
    ;
    Hutchison, David 
    ;
    Maksuti, Silia 
    ;
    Bicaku, Ani 
    An analysis of new technologies can yield insight into the way these technologies will be used. Inevitably, new technologies and their uses are likely to result in new security issues regarding threats, vulnerabilities and attack vectors. In this paper, we investigate and analyse technological and security trends and their potential to become future threats by systematically examining industry reports on existing technologies. Using a cloud computing use case we identify potential resilience metrics that can shed light on the security properties of the system.
      147  1Scopus© Citations 4
  • No Thumbnail Available
    Publication
    Automated and Secure Onboarding for System of Systems
    (IEEE, 2021-08-03)
    Maksuti, Silia 
    ;
    Bicaku, Ani 
    ;
    Zsilak, Mario 
    ;
    Ivkić, Igor 
    ;
    Péceli, Bálint 
    ;
    Singler, Gábor 
    ;
    Kovács, Kristóf 
    ;
    Tauber, Markus 
    ;
    Delsing, Jerker 
    The Internet of Things (IoT) is rapidly changing the number of connected devices and the way they interact with each other. This increases the need for an automated and secure onboarding procedure for IoT devices, systems and services. Device manufacturers are entering the market with internet connected devices, ranging from small sensors to production devices, which are subject of security threats specific to IoT. The onboarding procedure is required to introduce a new device in a System of Systems (SoS) without compromising the already onboarded devices and the underlying infrastructure. Onboarding is the process of providing access to the network and registering the components for the first time in an IoT/SoS framework, thus creating a chain of trust from the hardware device to its hosted software systems and their provided services. The large number and diversity of device hardware, software systems and running services raises the challenge to establish a generic onboarding procedure. In this paper, we present an automated and secure onboarding procedure for SoS. We have implemented the onboarding procedure in the Eclipse Arrowhead framework. However, it can be easily adapted for other IoT/SoS frameworks that are based on Service-oriented Architecture (SoA) principles. The automated onboarding procedure ensures a secure and trusted communication between the new IoT devices and the Eclipse Arrowhead framework. We show its application in a smart charging use case and perform a security assessment.
      154  1Scopus© Citations 7
  • No Thumbnail Available
    Publication
    Harmonized Monitoring for High Assurance Clouds
    (IEEE, 2016-04-18)
    Bicaku, Ani 
    ;
    Balaban, Silvia 
    ;
    Tauber, Markus 
    ;
    Hudic, Aleksandar 
    ;
    Mauthe, Andreas 
    ;
    Hutchison, David 
    Due to a lack of transparency in cloud based services well-defined security levels cannot be assured within current cloud infrastructures. Hence sectors with stringent security requirements hesitate to migrate their services to the cloud. This applies especially when considering services where high security requirements are combined with legal constraints. To tackle this challenge this paper presents an extension to our existing work on assurance methodologies in cloud based environments by investigating how current state of the art monitoring solutions can be used to support assurance throughout the entire infrastructure. A case study is used in which monitoring information representing a set of relevant security properties is being collected. As result, we propose that a combination of existing tools should be used to harmonize existing monitoring artifacts. We describe and evaluate an Evidence Gathering Mechanism (EGM) that provides this harmonization and show how this can support assurance. This can also underpin legal proceedings from an evidence law perspective.
      165  1Scopus© Citations 8