A short overview of my current research topics

I am currently working in three different fields.

Secure Systems

The first one I have been working on for a couple of years is Secure Systems . The focus is on "damage reduction" technologies and the theoretical base comes from the concept of authority reduction by using (object) capabilities. This is closely related to dependency injection and allows a very granular control over authority (here understood as the ability to do something. This is inlike having a permission to do something and uses a concept of causality by reachability.

Usabiity plays an important role in this concept as well even though it is mostly misunderstood in the concept of security. There is no way that usability can turn an unsafe system into a safe one: users simply cannot understand the warning dialogs presented to them. Usabiitity and security relies on the concpet of explicit authority transfer supported by a GUI, aka the Powerbox concept where capabilities are injected into modules which have never more power than they need.

In one sentence: code is harmless. It is the resources (capabilities) handed over to code which can cause dammage but by restricting those damage can be limited.

Take a look at the Slides on Security and Quality to understand the last piece of my concept: it is the realization that many so called security problems are really safety and quality problems: a misbehaving program can do the same damage as an attacker. Real security problems are actually business and legal problems and their transfer into source code. Malware problems are quality and safety problems used by the industry to blame attackers instead of fixing their systems which are plagued by ambient authority.

Ultra-large-scale Sites

Here I try to come up with components needed to build large-scale sites. Based on much information from HighScalability.com I started to investigate the approaches, both practical and theoretical. I am also currently assembling a draft on how to build such large scale sites which can be found on my page on Ultra large scale Systems

In this term I am trying to assemble a measuring and scaling environment where students are able to conduct load-tests, profiling and other things. Of theoretical interest is the behavior of distributed algorithms under real world failure condidtions and how this can be controlled by architecture (eventually consistency, stochastic parts of algorithms etc.)

Virtual World for Nanotechnology

In this research project sponsored by the MFK of Baden-Württemberg we are trying to design a virtual world portal for the control of experiments (both remote and virtual) in Nanotechnology. The Universities of Freiburg and Stuttgart are participating, together with their scientific data centers, FIZ Karlsruhe and HDM Stuttgart. You can find more on my page on Virtual Worlds

The core idea behind our approach towards virtual worlds for nano is to take experience from Massively Multiplayer Online Games (MMOGs) to build an environment that is both aesthetically pleasing and extremely usably. MMOG developers know that content, user behavior and server infrastructure need to be in synchronization to allow an immersive and productive playing experience. Gamers also know the core patterns of the virtual world language: how to use doors, make the user understand the current mode of a door, allow the user to open the door easily and when to explicitly stay away from the concept of "virtual reality" because doing it like the real world wold be cumbersome.

Obstacles in games are pleasant, in a productive virtual world they can be annoying if the do not transfer special meaning (like danger).

Another core feature of MMOG development is feature management and content mapping. Feature management works in several dimensions: Deployment, daily changes in population behavior and long term population development with respect to virtual places. Content mapping means mapping partitions of logical content ("the world"), activities (specially group activities) to the server infrastructure via sharding or single-shard architectures.

And finally security plays a major role in this research project: how to separate devices, groups and their data and at the same time allowing interchange and collaboration. The security needs of scientists working in Nanotechnology certainly are different to the requirements for e.g. financial institutions. Authorization needs to work federated and across organizations.

A list of thesis or project ideas from my research


Send me mail if you are interested in a certain topic.