IBM Research GmbH (IBM)

Link to Web Site

www.zurich.ibm.com

Company Introduction

The IBM Zurich Research Laboratory is the European branch of IBM Research. This worldwide network of some 3500 employees in eight laboratories around the globe is the largest industrial IT research organization in the world. The Zurich Research Laboratory, which was established in 1956, currently employs some 330 persons, representing more than 30 nationalities. World-class research and outstanding scientific achievements-most notably two Nobel Prizes-are associated with the Zurich Lab. ZRL's spectrum of research activities ranges from basic science and fundamental research in physics and mathematics, the development of computer systems and software, to the design of novel business models and services.

In the area of security, current research is focused on security policies and cryptography, in particular identity management, intrusion detection, Web services, mobile and ubiquitous computing, and smartcards. The IBM Zurich Research Laboratory played a leading role in the development of IBM's Enterprise Privacy Architecture (EPA), and has several research projects related to federated security technologies, e.g., EPAL (a language and architecture for defining and enforcing enterprise privacy policies), and CDIM (a set of protocols for browser-based attribute exchange and federated identity management). The lab has participated in several European Union and other government funded projects. Much of this research had an important influence on IBM's products and services.

Key Personnel

Dr. Klaus Julisch has extensive experience in IT security, intrusion detection, and identity management, working both as researcher and as business development manager. He also is the author of numerous scientific papers and patents. Klaus holds a Ph.D. in Computer Science from the University of Dortmund, Germany (awarded "Best Dissertation, 2003"). He also holds a M.Sc. (Dipl.Inf.) in Computer Science from the University of Stuttgart, Germany (with Honors), and a M.Sc. (DEA) in Computer Science from the University of Bordeaux.

Dr. Andreas Wespi manages the Security & Assurance team of the IBM Zurich Research Laboratory. He holds a M.Sc. and a Ph.D. in Computer Science from the Universities of Berne and Basel, Switzerland, respectively. His main research interests are security in general and intrusion detection in particular. He is a steering committee member of the Symposium on Recent Advances in Intrusion Detection and has served on the program committees of some of the key security conferences. He is the author of various publications in the area of computer and network security and he also holds several patents in this area. In the mid 90s, Dr. Wespi was a member of IBM's Global Security Analysis Lab (GSAL). The GSAL has made substantial contributions to IBM's security products and service offerings. Among others, it has developed the technology behind IBM Tivoli Risk Manager, the first commercial security event management product..

Christopher Giblin is a software engineer at the IBM Zurich Research Laboratory with 20 years of experience implementing a variety of software systems in industry and research. Current focus is on mapping business-level policies to IT infrastructure in the areas of security and compliance. Immediate technical interests include middleware, model-driven software engineering, XACML, semantic web and aspects. Homepage: www.zurich.ibm.com/~cgi/ .

Dr. Marcel Graf received a Ph.D. in electrical engineering and information technology from the University of Stuttgart in 2002. He joined IBM's European Networking Center in Heidelberg in 1992 and IBM's Research Division in Zurich in 1996. Initially active in the networking field, working on Quality of Service issues and signalling protocols for Internet Telephony he moved to distributed systems, designing a coordination platform for ubiquitous computing based on real-time data synchronization. Lately he is interested in enterprise security models that combine the abstractions of model-driven approaches with the legacy support of bottom-up methodologies.

Dr. Günter Karjoth joined the IBM Zurich Research Laboratory, Switzerland, as a Research Staff Member in 1986. Since 1993, he has been a member of the network security and cryptography group. Areas of responsibility are enterprise privacy management and extranet access management. At IBM, he has worked on protocol engineering technologies and environments, middleware and mobile agent security, secure electronic commerce, and enterprise privacy. He also collaborated in international projects sponsored by the European Commission. His research interest is in distributed systems with an emphasis on formal verification, network security, and mobile code. Dr. Karjoth published more than 50 technical papers in refereed journals and proceedings, authored patents, and served in different capacities for various conferences and journals as well as on standardisation committees. He has lectured at different universities and is the technical co-lead of the Zurich Information Security Center (ZISC), a joint collaboration of the ETH Zurich with an industry consortium.

Samuel Burri joined the IBM Zurich Research Laboratory, Switzerland, as a Predoc in 2008. He holds a Master of Science in Compter Science from the Swiss Federal Institue of Technology (ETH Zurich). His research interests include formal methods, access control and compliance checking. Prior to joining IBM, Samuel Burri interned with Siemens' R&D division in Beijing, China and did an academic exchange at Delft University of Technology, The Netherlands. Furthermore, he is a UNITECH Fellow.

Involvement/Role in the Project

The IBM Zurich Lab will play a central role in defining the MASTER Architecture and in defining novel compliance controls. Further contributions will be made to the measurement and assessment of compliance.