Last modified: Mon Mar 19 08:44:09 CET 2001
This page is under construction, and probably will be so forever. Here are
a few work-related projects of mine, with some pointers to more info. There
are some projects I can not list, at least not yet. There are also some
projects that belong more into the fun side, and eventually you will find
them on the corresponding pages.
The Past
MultimETH
A conferencing and joint editing system.
Hannes Lubich
was team leader of the MultimETH effort.
Watermarking
This is about inserting hidden marks or tags into digital images. You can
use this both for steganographic and copyright protection purposes. There
is a wad of source code here.
Don't look at it, read the paper
instead. Much more fun.
Xwedge
The Xwedge was part of the JVTOS project, and provided a way to share
X based applications between multiple users that were also able to join
the shared workspace at different times. The users were allowed to
interact with the applications simultaneously -- the Xwedge handled
event mutliplexing and synchronizing, color space transformations,
and many other generic application sharing and specific X related problems.
Thomas Gutekunst
was team leader of the Xwedge effort.
GenIO
This is a communication library that has been used in the Xwedge,
in Versakey, and other software projects of mine. Sometimes it feels
like a project in its own right, that's why I list it here. You can
get the source code if you
wish, however there is only little
documentation and no support or warranty whatsoever. The code has
been known to run on Linux and Solaris. Good luck!
Da CaPo / Da CaPo++
Da CaPo++ builds on Da CaPo, which provides communication protocols that are
put together on the fly, depending on application requirements. The
requirements are expressed as QoS attributes.
Thomas Plagemann was team
leader of the Da CaPo effort.
The project Da CaPo++ developed
an application framework, and extended Da CaPo with multicasting
and security capabilities. More information can be found on the
project pages. You may
also want to look for related publications on the home pages of the
various team members.
Burkhard Stiller
was leader of the Da CaPo++ project.
Web of Trust
Look at the paper for heuristical
trust computation. If you want to see a
prototypical implementation of both Maurer's and my trust computation of a
web of trust, then get the undocumented and unsupported source code
here.
RDFS
May it rest in peace. But maybe not forever...
Participants were: Calice, Stolberg, Brantschen, Wengi, Brunner.
ENskip
ENskip is a security module for the TCP/IP stack, and related user space
key manangement components. It is based on the SKIP key management protocol,
and was one of the contenders for the IPSEC standard that is now IKE
(Internet Key Exchange). It provides encryption and authentication of
packets on the IP layer between two or more machines. ENskip is compatible
to other SKIP implementations, e.g. Sun SKIP for Solaris. However, unlike
other SKIP implementations available on the Internet, ENskip contains strong
encryption algorithms. It works on many platforms, but is aged. For more
info, source code, etc., go to the
Project Pages. Participants
were Michael Hauber, Christian Schneider, Robert Muchsel, and Roland Schmid.
SINUS Firewall
The SINUS Firewall is a TCP/IP packet filter for the Linux operating
system. It is distributed under the GNU General Public Licence and
comes with complete source code, as the Linux operating system does.
The SINUS firewall is a free and easy way to protect your network from the
daily threats of the Internet. It does not guarantee perfect security,
however it comes with a wealth of features.
The current project pages with more documentation and source code
can be found here.
Please note that ip_tables for Linux is getting there too (slowly), so the
SINUS firewall may be getting less relevant.
This was a joint project of the
ETH Zurich and the University of Zurich, original participants (and the
driving force) were Robert Muchsel, and Roland Schmid.
VersaKey
VersaKey is a middleware for key distribution which is easy to use, scales
to large groups, supports dynamic joins and leaves, requires no trust in
third-party network components, and does not need manual keying. More info
can be found on the project
pages, some prototypical source code for Linux and Solaris is available
here. Participants were Dan Sun,
Marcel Waldvogel and Nathalie Weiler.
The Present
Public Utility Computing (Supernets)
With demand for telecommuting, IT outsourcing, and B2B rising sharply,
"remote access" often spells headaches for private networks. Firewalls,
Virtual Private Networks, web portals -- sentries and staples of the
networked environment -- have emerged as part of the problem. Surmounting
these barriers is a new approach being tested at Sun Microsystems
Laboratories. The Virtual Enterprise Network may help open the door to
public utility computing for private networks. For more information, check
out this feature
article, or this paper.
Public Utility Computing (Secure Storage)
Outsouring communications (as outlined above) is only the first step.
What you really want to to is to outsource the computing infrastruture --
and storage is the next component. To outsource storage, several problems
relating to privacy and security must be overcome...
The Future
Device Networks
No info yet.
Intrusion Detection and Response Tools (iDART)
No info yet.
The Shape of Keys - Long Term Key Storage
No info yet.