Individual Projects

In addition to our periodically scheduled project courses (see right column), you can also participate in a number of individual and group projects. Depending on your program and its exam regulation, these can be credited as a master project module. Please contact us for details. Note that some of the proposed project works are also offered as Bachelor's or Master's  thesis. Size and difficulty will be adapted to the kind of work that is finally done.

“Tracking updates in BFT-SMaRt for the SMRteez framework,” Project, F. J. Hauck (Supervisor), F. J. Hauck (Examiner), Inst. of Distr. Sys., Ulm Univ., 2022 – Open.
In the institute, there is an own framework for replicated state machines, a concept to implement fault-tolerant services. Our framework is called SMRteez and based on BFT-SMaRt, a mature and popular framework written in Java. SMRteez has a different internal structure compared to BFT-SMaRt. However, many classes are identical or have only slight changes. Goal of this project is to track which classes of SMRteez are actually very close to BFT-SMaRt. This could be annotated in a machine-readable format in the source. Further, a tool shall be developed that can automatically identify software updates in BFT-SMaRt as long as these affect derived classes in SMRteez. If there is room, the tooling can be extended to allow supervised updates of SMRteez classes based on updates in BFT-SMaRt.
“Intel SGX Application Development with Gramine,” Project or Bachelor's thesis, A. Heß (Supervisor), F. J. Hauck (Examiner), Inst. of Distr. Sys., Ulm Univ., 2022 – Open.
Intel SGX allows to launch tamper-proof enclaves in main memory, which can be used to isolate parts of an application's codebase that have to deal with sensitive data. There is a broad spectrum of possible applications ranging from fault-tolerant systems to privacy-preserving machine learning approaches. Intel's SGX SDK provides functionality to derive C wrapper functions based on a special-purpose Enclave-Definition Language. These wrapper functions can then be used for the interaction between trusted and untrusted parts of C/C++ applications. However, the design of this enclave interface requires special care during the development process. The Gramine project promises to circumvent this step by providing functionality to wrap unmodified linux applications in Intel SGX enclaves. The goal of this thesis/project is to break down the application development process with Gramine, in order to reveal possible limitations or pitfals. Further, a performance evaluation could be conducted to measure the overhead of Gramine in comparison to a native implementation.
“Differenzdarstellung von Ordnungen in in.Crease,” Projectarbeit, F. J. Hauck (Supervisor), F. J. Hauck (Examiner), Inst. of Distr. Sys., Ulm Univ., 2022 – Open.
in.Crease ist ein geplantes Informationssystem für Studierende. In Vorarbeiten wurde ein Modul für die Darstellung und das Editieren von Satzungen entworfen, z.B. von Prüfungsordnungen oder Zulassungssatzungen. Ein gewünschtes Feature ist es, Ordnungsänderungen, z.B. eine neue Prüfungsordnung, mit einem Diff zu deren Vorgängerversionen ansprechend darzustellen. In Vorarbeiten hat sich gezeigt, dass ein Datenmodell ohne die Berücksichtigung dieses Features die nachträgliche Integration erschwert oder unmöglich macht. Diese Arbeit soll dieses Feature implementieren und wenn nötig das Datenmodell genau daraufhin anpassen. Mögliche zusätzliche Features (eventuell auch in Anschlussprojekten) könnten ein ansprechendes Layout-Konzept, die Reintegration eines Editors sowie eine Versionsverwaltung sein.
“Comparison and Implementation of HTTPS-based Service Function Chaining Proof of Transit Solutions.,” Project, B. Leonard (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2022 – Open.
Service Function Chaining (SFC) is a technice to steer traffic through specific network services. To proof that the traffic was actually forwarded through the specified services, a Proof Of Transit (PoT) is used. In this project, different PoT approaches are compared and the most promising solution implemented in a HTTPS-based SFC environment.
“Zero Trust SFC enabled HTTP based Multi Factor Authentication,” Projectarbeit, L. Bradatsch (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2020 – Open.
Since Google introduced their BeyondCorp project, Zero Trust (ZT) is one of the most popular buzzwords in the area of network security. In a ZT network, Policy Enforcement Point (PEP) and Policy Decision Point (PDP) are responsible for central authentication and authorization (Auth*). Both mentioned components and conventional security functions such as firewalls work largely independently of each other when it comes to processing packets. This leads to inefficient scenarios in which all packets are processed by time- consuming security functions. By coupling the conventional security functions to the PEP/PDP, higher efficiency in security-relevant packet processing can be achieved. This can be achieved by leveraging the Service Function Chaining (SFC) approach. SFC allows the dynamic chaining of conventional network service functions such as HTTP header enricher or firewalls. For each network flow can be decided what service function should be applied to all the flow's packets. The PEP/PDP in a ZT network acts then as the orchestrator, decides about the functions that should be chained together. By doing this, it can be efficiently decided which function should be applied. The goal of the project is to implement one of the thus orchestrated security service functions namely a Multi Factor Authenticator (MFA) that is embedded in a already existing Zero Trust SFC prototype. The MFA must be HTTP based and written in Go. Requirements: Good knowledge of Go and security protocols).
“Applications for the LoRaPark Ulm,” Project, F. Kargl (Supervisor), F. Kargl (Examiner), Inst. of Distr. Sys., Ulm Univ., 2020 – Open.
Contact

Secretary's Office

Marion Köhler
E-Mail
Phone: +49 731 50-24140
available in the morning
Fax: +49 731 50-24142

Postal Address

Institute of Distributed Systems
Ulm University
Albert-Einstein-Allee 11
89081 Ulm

Visiting Address

James-Franck-Ring
Gebäude O27, Raum 349
89081 Ulm
manned in the morning Monday to Thursday

Directions