TY - GEN A1 - Chakraborty, Dhiman A1 - Hammer, Christian A1 - Bugiel, Sven T1 - Secure Multi-Execution in Android T2 - Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing N2 - Mobile operating systems, such as Google's Android, have become a fixed part of our daily lives and are entrusted with a plethora of private information. Congruously, their data protection mechanisms have been improved steadily over the last decade and, in particular, for Android, the research community has explored various enhancements and extensions to the access control model. However, the vast majority of those solutions has been concerned with controlling the access to data, but equally important is the question of how to control the flow of data once released. Ignoring control over the dissemination of data between applications or between components of the same app, opens the door for attacks, such as permission re-delegation or privacy-violating third-party libraries. Controlling information flows is a long-standing problem, and one of the most recent and practical-oriented approaches to information flow control is secure multi-execution. In this paper, we present Ariel, the design and implementation of an IFC architecture for Android based on the secure multi-execution of apps. Ariel demonstrably extends Android's system with support for executing multiple instances of apps, and it is equipped with a policy lattice derived from the protection levels of Android's permissions as well as an I/O scheduler to achieve control over data flows between application instances. We demonstrate how secure multi-execution with Ariel can help to mitigate two prominent attacks on Android, permission re-delegations and malicious advertisement libraries. KW - Android KW - Information flow control KW - secure multi-execution Y1 - 2019 SN - 978-1-4503-5933-7 U6 - https://doi.org/10.1145/3297280.3297469 SP - 1934 EP - 1943 PB - Association for Computing Machinery CY - New York ER - TY - GEN A1 - Welearegai, Gebrehiwet B. A1 - Schlueter, Max A1 - Hammer, Christian T1 - Static security evaluation of an industrial web application T2 - Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing N2 - JavaScript is the most popular programming language for web applications. Static analysis of JavaScript applications is highly challenging due to its dynamic language constructs and event-driven asynchronous executions, which also give rise to many security-related bugs. Several static analysis tools to detect such bugs exist, however, research has not yet reported much on the precision and scalability trade-off of these analyzers. As a further obstacle, JavaScript programs structured in Node. js modules need to be collected for analysis, but existing bundlers are either specific to their respective analysis tools or not particularly suitable for static analysis. KW - JavaScript KW - WALA KW - SAFE KW - comparison Y1 - 2019 SN - 978-1-4503-5933-7 U6 - https://doi.org/10.1145/3297280.3297471 SP - 1952 EP - 1961 PB - Association for Computing Machinery CY - New York ER - TY - GEN A1 - Friedrich, Tobias T1 - From graph theory to network science BT - the natural emergence of hyperbolicity (Tutorial) T2 - 36th International Symposium on Theoretical Aspects of Computer Science (STACS 2019) N2 - Network science is driven by the question which properties large real-world networks have and how we can exploit them algorithmically. In the past few years, hyperbolic graphs have emerged as a very promising model for scale-free networks. The connection between hyperbolic geometry and complex networks gives insights in both directions: (1) Hyperbolic geometry forms the basis of a natural and explanatory model for real-world networks. Hyperbolic random graphs are obtained by choosing random points in the hyperbolic plane and connecting pairs of points that are geometrically close. The resulting networks share many structural properties for example with online social networks like Facebook or Twitter. They are thus well suited for algorithmic analyses in a more realistic setting. (2) Starting with a real-world network, hyperbolic geometry is well-suited for metric embeddings. The vertices of a network can be mapped to points in this geometry, such that geometric distances are similar to graph distances. Such embeddings have a variety of algorithmic applications ranging from approximations based on efficient geometric algorithms to greedy routing solely using hyperbolic coordinates for navigation decisions. KW - Graph Theory KW - Graph Algorithms KW - Network Science KW - Hyperbolic Geometry Y1 - 2019 SN - 978-3-95977-100-9 U6 - https://doi.org/10.4230/LIPIcs.STACS.2019.5 VL - 126 PB - Schloss Dagstuhl-Leibniz-Zentrum für Informatik CY - Dragstuhl ER - TY - GEN A1 - Brand, Thomas A1 - Giese, Holger Burkhard T1 - Towards Generic Adaptive Monitoring T2 - 2018 IEEE 12th International Conference on Self-Adaptive and Self-Organizing Systems (SASO) N2 - Monitoring is a key prerequisite for self-adaptive software and many other forms of operating software. Monitoring relevant lower level phenomena like the occurrences of exceptions and diagnosis data requires to carefully examine which detailed information is really necessary and feasible to monitor. Adaptive monitoring permits observing a greater variety of details with less overhead, if most of the time the MAPE-K loop can operate using only a small subset of all those details. However, engineering such an adaptive monitoring is a major engineering effort on its own that further complicates the development of self-adaptive software. The proposed approach overcomes the outlined problems by providing generic adaptive monitoring via runtime models. It reduces the effort to introduce and apply adaptive monitoring by avoiding additional development effort for controlling the monitoring adaptation. Although the generic approach is independent from the monitoring purpose, it still allows for substantial savings regarding the monitoring resource consumption as demonstrated by an example. Y1 - 2019 SN - 978-1-5386-5172-8 U6 - https://doi.org/10.1109/SASO.2018.00027 SN - 1949-3673 SP - 156 EP - 161 PB - IEEE CY - New York ER - TY - JOUR A1 - Yousfi, Alaaeddine A1 - Batoulis, Kimon A1 - Weske, Mathias T1 - Achieving Business Process Improvement via Ubiquitous Decision-Aware Business Processes JF - ACM Transactions on Internet Technology N2 - Business process improvement is an endless challenge for many organizations. As long as there is a process, it must he improved. Nowadays, improvement initiatives are driven by professionals. This is no longer practical because people cannot perceive the enormous data of current business environments. Here, we introduce ubiquitous decision-aware business processes. They pervade the physical space, analyze the ever-changing environments, and make decisions accordingly. We explain how they can be built and used for improvement. Our approach can be a valuable improvement option to alleviate the workload of participants by helping focus on the crucial rather than the menial tasks. KW - Business process improvement KW - ubiquitous decision-aware business process KW - ubiquitous decisions KW - context KW - uBPMN KW - DMN Y1 - 2019 U6 - https://doi.org/10.1145/3298986 SN - 1533-5399 SN - 1557-6051 VL - 19 IS - 1 PB - Association for Computing Machinery CY - New York ER - TY - GEN A1 - Brinkmann, Maik A1 - Heine, Moreen T1 - Can Blockchain Leverage for New Public Governance? BT - a Conceptual Analysis on Process Level T2 - Proceedings of the 12th International Conference on Theory and Practice of Electronic Governance N2 - New Public Governance (NPG) as a paradigm for collaborative forms of public service delivery and Blockchain governance are trending topics for researchers and practitioners alike. Thus far, each topic has, on the whole, been discussed separately. This paper presents the preliminary results of ongoing research which aims to shed light on the more concrete benefits of Blockchain for the purpose of NPG. For the first time, a conceptual analysis is conducted on process level to spot benefits and limitations of Blockchain-based governance. Per process element, Blockchain key characteristics are mapped to functional aspects of NPG from a governance perspective. The preliminary results show that Blockchain offers valuable support for governments seeking methods to effectively coordinate co-producing networks. However, the extent of benefits of Blockchain varies across the process elements. It becomes evident that there is a need for off-chain processes. It is, therefore, argued in favour of intensifying research on off-chain governance processes to better understand the implications for and influences on on-chain governance. KW - Blockchain KW - New Public Governance KW - Blockchain Governance KW - Co-production KW - Conceptual Fit KW - Blockchain-enabled Governance Y1 - 2019 SN - 978-1-4503-6644-1 U6 - https://doi.org/10.1145/3326365.3326409 SP - 338 EP - 341 PB - Association for Computing Machinery CY - New York ER - TY - THES A1 - Batoulis, Kimon T1 - Sound integration of process and decision models T1 - Korrekte Integration von Prozess- und Entscheidungsmodellen N2 - Business process management is an established technique for business organizations to manage and support their processes. Those processes are typically represented by graphical models designed with modeling languages, such as the Business Process Model and Notation (BPMN). Since process models do not only serve the purpose of documentation but are also a basis for implementation and automation of the processes, they have to satisfy certain correctness requirements. In this regard, the notion of soundness of workflow nets was developed, that can be applied to BPMN process models in order to verify their correctness. Because the original soundness criteria are very restrictive regarding the behavior of the model, different variants of the soundness notion have been developed for situations in which certain violations are not even harmful. All of those notions do only consider the control-flow structure of a process model, however. This poses a problem, taking into account the fact that with the recent release and the ongoing development of the Decision Model and Notation (DMN) standard, an increasing number of process models are complemented by respective decision models. DMN is a dedicated modeling language for decision logic and separates the concerns of process and decision logic into two different models, process and decision models respectively. Hence, this thesis is concerned with the development of decisionaware soundness notions, i.e., notions of soundness that build upon the original soundness ideas for process models, but additionally take into account complementary decision models. Similar to the various notions of workflow net soundness, this thesis investigates different notions of decision soundness that can be applied depending on the desired degree of restrictiveness. Since decision tables are a standardized means of DMN to represent decision logic, this thesis also puts special focus on decision tables, discussing how they can be translated into an unambiguous format and how their possible output values can be efficiently determined. Moreover, a prototypical implementation is described that supports checking a basic version of decision soundness. The decision soundness notions were also empirically evaluated on models from participants of an online course on process and decision modeling as well as from a process management project of a large insurance company. The evaluation demonstrates that violations of decision soundness indeed occur and can be detected with our approach. N2 - Das Prozessmanagement ist eine etablierte Methode für Unternehmen zur Verwaltung und Unterstützung ihrer Geschäftsprozesse. Solche Prozesse werden typischerweise durch graphische Modelle dargestellt, welche mit Modellierungssprachen wie etwa der Business Process Model and Notation (BPMN) erstellt werden. Da Prozessmodelle nicht nur der Dokumentation der Prozesse dienen, sondern auch die Grundlage für deren Implementierung und Automatisierung sind, müssen sie bestimmte Korrektheitsanforderungen erfüllen. In dieser Hinsicht wurde der Begriff der Soundness einesWorkflow-Netzes entwickelt, welcher auch auf BPMN-Prozessmodelle angewendet werden kann, um deren Korrektheit zu prüfen. Da die ursprünglichen Soundness-Kriterien sehr restriktiv bezüglich des Verhaltens des Modells sind, wurden zudem Varianten des Soundness-Begriffs entwickelt. Diese können in Situationen verwendet werden, in denen bestimmte Verletzungen der Kriterien tolerabel sind. Diese Soundness-Begriffe berücksichtigen allerdings ausschließlich den Kontrollfluss der Prozessmodelle. Dies stellt ein Problem dar, weil viele Prozessmodelle heutzutage durch Entscheidungsmodelle ergänzt werden. In diesem Kontext ist die Decision Model and Notation (DMN) eine dedizierte Sprache zur Modellierung von Entscheidungen und unterstüzt die Trennung von Kontrollfluss- und Entscheidungslogik. Die vorliegende Dissertation befasst sich daher mit der Entwicklung von erweiterten Soundness-Begriffen, die sowohl Prozess- als auch Entscheidungsmodelle berücksichtigen. Ähnlich zu den bestehenden Soundness-Varianten, werden in dieser Arbeit Varianten des erweiterten Soundness-Begriffs untersucht, die je nach gewünschtem Restriktionsgrad angewendet werden können. Da Entscheidungstabellen eine in der DMN standadisierte Form sind, um Entscheidungslogik auszudrücken, fokussiert sich diese Arbeit inbesondere auf Entscheidungstabellen. So wird diskutiert wie DMN-Tabellen in ein eindeutiges Format übersetzt werden können und wie sich deren möglichen Rückgabewerte effizient bestimmen lassen. Ferner beschreibt die Arbeit eine prototypische Implementierung, die das Prüfen einer elementaren Variante des erweiterten Soundness-Begriffs erlaubt. Die Begriffe wurden außerdem empirisch evaluiert. Dazu dienten zum einen Modelle von Teilnehmern eines Online-Kurses zur Prozess- und Entscheidungsmodellierung. Zum anderen wurden Modelle eines Versicherungsunternehmens analysiert. Die Evaluierung zeigt, das Verstöße gegen den erweiterten Soundness-Begriff in der Tat auftreten und durch den hier beschriebenen Ansatz erkannt werden können. KW - decision-aware process models KW - soundness KW - decision soundness KW - formal verification KW - entscheidungsbewusste Prozessmodelle KW - Korrektheit KW - Entscheidungskorrektheit KW - formale Verifikation Y1 - 2019 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus4-437386 ER - TY - JOUR A1 - Dombrowski, Sebastian A1 - Ermakova, Tatiana A1 - Fabian, Benjamin T1 - Graph-based analysis of cloud connectivity at the internet protocol level JF - International Journal of Communication Networks and Distributed Systems (IJCNDS) N2 - Internet connectivity of cloud services is of exceptional importance for both their providers and consumers. This article demonstrates the outlines of a method for measuring cloud-service connectivity at the internet protocol level from a client's perspective. For this, we actively collect connectivity data via traceroute measurements from PlanetLab to several major cloud services. Furthermore, we construct graph models from the collected data, and analyse the connectivity of the services based on important graph-based measures. Then, random and targeted node removal attacks are simulated, and the corresponding vulnerability of cloud services is evaluated. Our results indicate that cloud service hosts are, on average, much better connected than average hosts. However, when interconnecting nodes are removed in a targeted manner, cloud connectivity is dramatically reduced. KW - cloud computing KW - connectivity KW - availability KW - reliability KW - internet topology KW - graph analysis KW - complex networks Y1 - 2019 U6 - https://doi.org/10.1504/IJCNDS.2019.100644 SN - 1754-3916 SN - 1754-3924 VL - 23 IS - 1 SP - 117 EP - 142 PB - Inderscience Enterprises Ltd CY - Geneva ER - TY - GEN A1 - Bin Tareaf, Raad A1 - Berger, Philipp A1 - Hennig, Patrick A1 - Meinel, Christoph T1 - Personality exploration system for online social networks BT - Facebook brands as a use case T2 - 2018 IEEE/WIC/ACM International Conference on Web Intelligence (WI) N2 - User-generated content on social media platforms is a rich source of latent information about individual variables. Crawling and analyzing this content provides a new approach for enterprises to personalize services and put forward product recommendations. In the past few years, brands made a gradual appearance on social media platforms for advertisement, customers support and public relation purposes and by now it became a necessity throughout all branches. This online identity can be represented as a brand personality that reflects how a brand is perceived by its customers. We exploited recent research in text analysis and personality detection to build an automatic brand personality prediction model on top of the (Five-Factor Model) and (Linguistic Inquiry and Word Count) features extracted from publicly available benchmarks. The proposed model reported significant accuracy in predicting specific personality traits form brands. For evaluating our prediction results on actual brands, we crawled the Facebook API for 100k posts from the most valuable brands' pages in the USA and we visualize exemplars of comparison results and present suggestions for future directions. KW - Big Five Model KW - Brand Personality KW - Personality Prediction KW - Machine Learning KW - Social Media Analysis Y1 - 2019 SN - 978-1-5386-7325-6 U6 - https://doi.org/10.1109/WI.2018.00-76 SP - 301 EP - 309 PB - IEEE CY - New York ER - TY - GEN A1 - Bender, Benedict A1 - Grum, Marcus A1 - Gronau, Norbert A1 - Alfa, Attahiru A1 - Maharaj, B. T. T1 - Design of a worldwide simulation system for distributed cyber-physical production networks T2 - 2019 IEEE International Conference on Engineering, Technology and Innovation (ICE/ITMC) N2 - Modern production infrastructures of globally operating companies usually consist of multiple distributed production sites. While the organization of individual sites consisting of Industry 4.0 components itself is demanding, new questions regarding the organization and allocation of resources emerge considering the total production network. In an attempt to face the challenge of efficient distribution and processing both within and across sites, we aim to provide a hybrid simulation approach as a first step towards optimization. Using hybrid simulation allows us to include real and simulated concepts and thereby benchmark different approaches with reasonable effort. A simulation concept is conceptualized and demonstrated qualitatively using a global multi-site example. KW - production networks KW - geographical distribution KW - task realization strategies KW - Industry 4.0 KW - simulation KW - evaluation Y1 - 2019 SN - 978-1-7281-3401-7 SN - 978-1-7281-3402-4 U6 - https://doi.org/10.1109/ICE.2019.8792609 SN - 2334-315X PB - IEEE CY - New York ER -