State-machine replication is a well-known concept to achieve fault-tolerant services, by utilizing multiple replicas that process the same set of requests. A failing replica can thus be tolerated with low failover times. There are a large number of different approaches that have been proposed in recent literature. However, corresponding implementations are only publicly available for a subset of these approaches. The goal of this project is to investigate some of these implementations, by evaluating their feature set, required setup procedure, and overall usability. The latter is especially important, as some implementations may be rather old and no longer compliant to current library and system interfaces. The available frameworks have been implemented in a variety of different programming languages and published with different flavours of documentation.

Secure multiparty computation and trusted computing are two very different approaches to perform computations on confidential data. MPC relies on provably secure but costly cryptography whereas trusted computing relies on somewhat trustworthy hardware. This difference also affects to the underlying attacker models. Simply put MPC requires non-colluding parties and trusted computer requires uncompromised hardware that was correctly manufactured. The goal of this topic is to explore a combination of both approaches to mitigate each others weaknesses for a specific use case where the computing parties are disjunct from data subjects.

in.Crease ist ein geplantes Informationssystem für Studierende. In Vorarbeiten wurde ein Modul für die Darstellung und das Editieren von Satzungen entworfen, z.B. von Prüfungsordnungen oder Zulassungssatzungen. Ein gewünschtes Feature ist es, Ordnungsänderungen, z.B. eine neue Prüfungsordnung, mit einem Diff zu deren Vorgängerversionen ansprechend darzustellen. In Vorarbeiten hat sich gezeigt, dass ein Datenmodell ohne die Berücksichtigung dieses Features die nachträgliche Integration erschwert oder unmöglich macht. Diese Arbeit soll dieses Feature implementieren und wenn nötig das Datenmodell genau daraufhin anpassen. Mögliche zusätzliche Features (eventuell auch in Anschlussprojekten) könnten ein ansprechendes Layout-Konzept, die Reintegration eines Editors sowie eine Versionsverwaltung sein.

Intel SGX allows to launch tamper-proof enclaves in main memory, which can be used to isolate parts of an application's codebase that have to deal with sensitive data. There is a broad spectrum of possible applications ranging from fault-tolerant systems to privacy-preserving machine learning approaches. Intel's SGX SDK provides functionality to derive C wrapper functions based on a special-purpose Enclave-Definition Language. These wrapper functions can then be used for the interaction between trusted and untrusted parts of C/C++ applications. However, the design of this enclave interface requires special care during the development process. The Gramine project promises to circumvent this step by providing functionality to wrap unmodified linux applications in Intel SGX enclaves. The goal of this thesis/project is to break down the application development process with Gramine, in order to reveal possible limitations or pitfals. Further, a performance evaluation could be conducted to measure the overhead of Gramine in comparison to a native implementation.

In the institute, there is an own framework for replicated state machines, a concept to implement fault-tolerant services. Our framework is called SMRteez and based on BFT-SMaRt, a mature and popular framework written in Java. SMRteez has a different internal structure compared to BFT-SMaRt. However, many classes are identical or have only slight changes. Goal of this project is to track which classes of SMRteez are actually very close to BFT-SMaRt. This could be annotated in a machine-readable format in the source. Further, a tool shall be developed that can automatically identify software updates in BFT-SMaRt as long as these affect derived classes in SMRteez. If there is room, the tooling can be extended to allow supervised updates of SMRteez classes based on updates in BFT-SMaRt.

Since Google introduced their BeyondCorp project, Zero Trust (ZT) is one of the most popular buzzwords in the area of network security. In a ZT network, Policy Enforcement Point (PEP) and Policy Decision Point (PDP) are responsible for central authentication and authorization (Auth*). Both mentioned components and conventional security functions such as firewalls work largely independently of each other when it comes to processing packets. This leads to inefficient scenarios in which all packets are processed by time- consuming security functions. By coupling the conventional security functions to the PEP/PDP, higher efficiency in security-relevant packet processing can be achieved. This can be achieved by leveraging the Service Function Chaining (SFC) approach. SFC allows the dynamic chaining of conventional network service functions such as HTTP header enricher or firewalls. For each network flow can be decided what service function should be applied to all the flow's packets. The PEP/PDP in a ZT network acts then as the orchestrator, decides about the functions that should be chained together. By doing this, it can be efficiently decided which function should be applied. The goal of the project is to implement one of the thus orchestrated security service functions namely a Multi Factor Authenticator (MFA) that is embedded in a already existing Zero Trust SFC prototype. The MFA must be HTTP based and written in Go. Requirements: Good knowledge of Go and security protocols).