Martin Johns: "Towards server-driven Web security"
Mittwoch, 17. April 2013 16.15 Uhr
INF 348, Seminarraum 013
In the last decade, we were able to witness a dynamic and chaotic evolution of the Web from a distribution model for hypertext into a full fledged platform for distributed applications. In particular, the recent past has brought a shift to non-trivial application logic on the client-side. However, with more and more security critical actions happening directly in the Web browser, the application's capabilities to monitor and enforce security properties start to weaken. In this talk, we re-examine the role of the Web server in respect to security and explore its current challenges and limitation, when it comes to providing robust security guarantees.
Dr. Martin Johns is a Senior Researcher in the Security and Trust group within SAP Research, where he leads the Web application security team. Currently, he is coordinator and scientific lead of the EU FP7 Project WebSand. Before joining SAP, Martin studied Mathematics and Computer Science at the Universities of Hamburg, Santa Cruz (CA), and Passau. During the 1990ties and the early years of the new millennium he earned his living as a software engineer in German companies (including Infoseek Germany, and TC Trustcenter). He holds a Diploma in Computer Science from University of Hamburg and a Doctorate from the University of Passau.