TY - CHAP A1 - Fan, Yang A1 - Masuhara, Hidehiko A1 - Aotani, Tomoyuki A1 - Nielson, Flemming A1 - Nielson, Hanne Riis T1 - AspectKE*: Security aspects with program analysis for distributed systems N2 - Enforcing security policies to distributed systems is difficult, in particular, when a system contains untrusted components. We designed AspectKE*, a distributed AOP language based on a tuple space, to tackle this issue. In AspectKE*, aspects can enforce access control policies that depend on future behavior of running processes. One of the key language features is the predicates and functions that extract results of static program analysis, which are useful for defining security aspects that have to know about future behavior of a program. AspectKE* also provides a novel variable binding mechanism for pointcuts, so that pointcuts can uniformly specify join points based on both static and dynamic information about the program. Our implementation strategy performs fundamental static analysis at load-time, so as to retain runtime overheads minimal. We implemented a compiler for AspectKE*, and demonstrate usefulness of AspectKE* through a security aspect for a distributed chat system. KW - aspect oriented programming KW - program analysis KW - security policies KW - distributed systems KW - tuple spaces Y1 - 2010 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus-41369 ER - TY - CHAP A1 - Hannousse, Abdelhakim A1 - Ardourel, Gilles A1 - Douence, Rémi T1 - Views for aspectualizing component models N2 - Component based software development (CBSD) and aspectoriented software development (AOSD) are two complementary approaches. However, existing proposals for integrating aspects into component models are direct transposition of object-oriented AOSD techniques to components. In this article, we propose a new approach based on views. Our proposal introduces crosscutting components quite naturally and can be integrated into different component models. KW - aspectualization KW - VIL KW - views KW - crosscutting wrappers Y1 - 2010 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus-41359 ER - TY - BOOK A1 - Bauckmann, Jana A1 - Leser, Ulf A1 - Naumann, Felix T1 - Efficient and exact computation of inclusion dependencies for data integration N2 - Data obtained from foreign data sources often come with only superficial structural information, such as relation names and attribute names. Other types of metadata that are important for effective integration and meaningful querying of such data sets are missing. In particular, relationships among attributes, such as foreign keys, are crucial metadata for understanding the structure of an unknown database. The discovery of such relationships is difficult, because in principle for each pair of attributes in the database each pair of data values must be compared. A precondition for a foreign key is an inclusion dependency (IND) between the key and the foreign key attributes. We present with Spider an algorithm that efficiently finds all INDs in a given relational database. It leverages the sorting facilities of DBMS but performs the actual comparisons outside of the database to save computation. Spider analyzes very large databases up to an order of magnitude faster than previous approaches. We also evaluate in detail the effectiveness of several heuristics to reduce the number of necessary comparisons. Furthermore, we generalize Spider to find composite INDs covering multiple attributes, and partial INDs, which are true INDs for all but a certain number of values. This last type is particularly relevant when integrating dirty data as is often the case in the life sciences domain - our driving motivation. T3 - Technische Berichte des Hasso-Plattner-Instituts für Digital Engineering an der Universität Potsdam - 34 KW - Metadatenentdeckung KW - Metadatenqualität KW - Schemaentdeckung KW - Datenanalyse KW - Datenintegration KW - metadata discovery KW - metadata quality KW - schema discovery KW - data profiling KW - data integration Y1 - 2010 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus-41396 SN - 978-3-86956-048-9 PB - Universitätsverlag Potsdam CY - Potsdam ER - TY - THES A1 - Awad, Ahmed Mahmoud Hany Aly T1 - A compliance management framework for business process models T1 - Ein Compliance-Management-Framework für Geschäftsprozessmodelle N2 - Companies develop process models to explicitly describe their business operations. In the same time, business operations, business processes, must adhere to various types of compliance requirements. Regulations, e.g., Sarbanes Oxley Act of 2002, internal policies, best practices are just a few sources of compliance requirements. In some cases, non-adherence to compliance requirements makes the organization subject to legal punishment. In other cases, non-adherence to compliance leads to loss of competitive advantage and thus loss of market share. Unlike the classical domain-independent behavioral correctness of business processes, compliance requirements are domain-specific. Moreover, compliance requirements change over time. New requirements might appear due to change in laws and adoption of new policies. Compliance requirements are offered or enforced by different entities that have different objectives behind these requirements. Finally, compliance requirements might affect different aspects of business processes, e.g., control flow and data flow. As a result, it is infeasible to hard-code compliance checks in tools. Rather, a repeatable process of modeling compliance rules and checking them against business processes automatically is needed. This thesis provides a formal approach to support process design-time compliance checking. Using visual patterns, it is possible to model compliance requirements concerning control flow, data flow and conditional flow rules. Each pattern is mapped into a temporal logic formula. The thesis addresses the problem of consistency checking among various compliance requirements, as they might stem from divergent sources. Also, the thesis contributes to automatically check compliance requirements against process models using model checking. We show that extra domain knowledge, other than expressed in compliance rules, is needed to reach correct decisions. In case of violations, we are able to provide a useful feedback to the user. The feedback is in the form of parts of the process model whose execution causes the violation. In some cases, our approach is capable of providing automated remedy of the violation. N2 - Firmen entwickeln Prozessmodelle um ihre Geschäftstätigkeit explizit zu beschreiben. Geschäftsprozesse müssen verschiedene Arten von Compliance-Anforderungen einhalten. Solche Compliance-Anforderungen entstammen einer Vielzahl von Quellen, z.B. Verordnung wie dem Sarbanes Oxley Act von 2002, interne Richtlinien und Best Practices. Die Nichteinhaltung von Compliance-Anforderungen kann zu gesetzlichen Strafen oder dem Verlust von Wettbewerbsvorteilen und somit dem Verlust von Marktanteilen führen. Im Gegensatz zum klassischen, domänen-unabhängigen Begriff der Korrektheit von Geschäftsprozessen, sind Compliance-Anforderungen domain-spezifisch und ändern sich im Laufe der Zeit. Neue Anforderungen resultieren aus neuen Gesetzen und der Einführung neuer Unternehmensrichtlinien. Aufgrund der Vielzahl der Quellen für Compliance-Anforderungen, können sie unterschiedliche Ziele verfolgen und somit widersprüchliche Aussagen treffen. Schließlich betreffen Compliance-Anforderungen verschiedene Aspekte von Geschäftsprozessen, wie Kontrollfluss- und Datenabhängigkeiten. Auf Grund dessen können Compliance-Prüfungen nicht direkt Hard-coded werden. Vielmehr ist ein Prozess der wiederholten Modellierung von Compliance-Regeln und ihrer anschließenden automatischen Prüfung gegen die Geschäftsprozesse nötig. Diese Dissertation stellt einen formalen Ansatz zur Überprüfung der Einhaltung von Compliance-Regeln während der Spezifikation von Geschäftsprozessen vor. Mit visuellen Mustern ist es möglich, Compliance-Regeln hinsichtlich Kontrollfluss- und Datenabhängigkeiten sowie bedingte Regeln zu spezifizieren. Jedes Muster wird in eine Formel der temporalen Logik abgebildet. Die Dissertation behandelt das Problem der Konsistenzprüfung zwischen verschiedenen Compliance-Anforderungen, wie sie sich aus unterschiedlichen Quellen ergeben können. Ebenfalls zeigt diese Dissertation, wie Compliance-Regeln gegen die Geschäftsprozesse automatisch mittels Model Checking geprüft werden. Es wird aufgezeigt, dass zusätzliche Domänen-Kenntnisse notwendig sind, um richtige Entscheidungen zu treffen. Der vorgestelle Ansatz ermöglicht nützliches Feedback für Modellierer im Fall eines Compliance-Verstoßes. Das Feedback wird in Form von Teilen des Prozessmodells gegeben, deren Ausführung die Verletzung verursacht. In einigen Fällen ist der vorgestellte Ansatz in der Lage, den Compliance-Verstoß automatisch zu beheben. KW - Geschäftsprozessmodelle KW - Compliance KW - Temporallogik KW - Verletzung Erklärung KW - Verletzung Auflösung KW - Business Process Models KW - Compliance KW - Temporal Logic KW - Violation Explanation KW - Violation Resolution Y1 - 2010 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus-49222 ER - TY - BOOK ED - Haupt, Michael ED - Hirschfeld, Robert T1 - Selected Papers of the International Workshop on Smalltalk Technologies (IWST’10) : Barcelona, Spain, September 14, 2010 N2 - The goal of the IWST workshop series is to create and foster a forum around advancements of or experience in Smalltalk. The workshop welcomes contributions to all aspects, theoretical as well as practical, of Smalltalk-related topics. N2 - Zweck der IWST-Workshop-Reihe ist die Formung und Pflege eines Forums fŸr die Diskussion von Fortschritten und Arbeitsergebnissen mit der Programmierumgebung Smalltalk. Der Workshop beinhaltet BeitrŠge zu allen Aspekten von auf Smalltalk bezogenen Arbeiten sowohl theoretischer als auch praktischer Natur. T3 - Technische Berichte des Hasso-Plattner-Instituts für Digital Engineering an der Universität Potsdam - 40 KW - Smalltalk KW - Programmierung KW - Web-Anwendungen KW - Fehlersuche KW - Laufzeitanalyse KW - smalltalk KW - programming KW - web-applications KW - debugging KW - profiling Y1 - 2010 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus-48553 SN - 978-3-86956-106-6 PB - Universitätsverlag Potsdam CY - Potsdam ER - TY - BOOK A1 - Giese, Holger A1 - Hildebrandt, Stephan A1 - Lambers, Leen T1 - Toward bridging the gap between formal semantics and implementation of triple graph grammars N2 - The correctness of model transformations is a crucial element for the model-driven engineering of high quality software. A prerequisite to verify model transformations at the level of the model transformation specification is that an unambiguous formal semantics exists and that the employed implementation of the model transformation language adheres to this semantics. However, for existing relational model transformation approaches it is usually not really clear under which constraints particular implementations are really conform to the formal semantics. In this paper, we will bridge this gap for the formal semantics of triple graph grammars (TGG) and an existing efficient implementation. Whereas the formal semantics assumes backtracking and ignores non-determinism, practical implementations do not support backtracking, require rule sets that ensure determinism, and include further optimizations. Therefore, we capture how the considered TGG implementation realizes the transformation by means of operational rules, define required criteria and show conformance to the formal semantics if these criteria are fulfilled. We further outline how static analysis can be employed to guarantee these criteria. T3 - Technische Berichte des Hasso-Plattner-Instituts für Digital Engineering an der Universität Potsdam - 37 Y1 - 2010 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus-45219 SN - 978-3-86956-078-6 PB - Universitätsverlag Potsdam CY - Potsdam ER - TY - CHAP A1 - Surajbali, Bholanathsingh A1 - Grace, Paul A1 - Coulson, Geoff T1 - Preserving dynamic reconfiguration consistency in aspect oriented middleware N2 - Aspect-oriented middleware is a promising technology for the realisation of dynamic reconfiguration in heterogeneous distributed systems. However, like other dynamic reconfiguration approaches, AO-middleware-based reconfiguration requires that the consistency of the system is maintained across reconfigurations. AO-middleware-based reconfiguration is an ongoing research topic and several consistency approaches have been proposed. However, most of these approaches tend to be targeted at specific contexts, whereas for distributed systems it is crucial to cover a wide range of operating conditions. In this paper we propose an approach that offers distributed, dynamic reconfiguration in a consistent manner, and features a flexible framework-based consistency management approach to cover a wide range of operating conditions. We evaluate our approach by investigating the configurability and transparency of our approach and also quantify the performance overheads of the associated consistency mechanisms. KW - middleware KW - reflection KW - aspects KW - dynamic reconfiguration KW - consistency Y1 - 2010 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus-41379 ER - TY - BOOK A1 - Alnemr, Rehab A1 - Polyvyanyy, Artem A1 - AbuJarour, Mohammed A1 - Appeltauer, Malte A1 - Hildebrandt, Dieter A1 - Thomas, Ivonne A1 - Overdick, Hagen A1 - Schöbel, Michael A1 - Uflacker, Matthias A1 - Kluth, Stephan A1 - Menzel, Michael A1 - Schmidt, Alexander A1 - Hagedorn, Benjamin A1 - Pascalau, Emilian A1 - Perscheid, Michael A1 - Vogel, Thomas A1 - Hentschel, Uwe A1 - Feinbube, Frank A1 - Kowark, Thomas A1 - Trümper, Jonas A1 - Vogel, Tobias A1 - Becker, Basil ED - Meinel, Christoph ED - Plattner, Hasso ED - Döllner, Jürgen Roland Friedrich ED - Weske, Mathias ED - Polze, Andreas ED - Hirschfeld, Robert ED - Naumann, Felix ED - Giese, Holger T1 - Proceedings of the 4th Ph.D. Retreat of the HPI Research School on Service-oriented Systems Engineering T3 - Technische Berichte des Hasso-Plattner-Instituts für Digital Engineering an der Universität Potsdam - 31 KW - Hasso-Plattner-Institut KW - Forschungskolleg KW - Klausurtagung KW - Service-oriented Systems Engineering KW - Hasso Plattner Institute KW - Research School KW - Ph.D. Retreat KW - Service-oriented Systems Engineering Y1 - 2010 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus-40838 SN - 978-3-86956-036-6 PB - Universitätsverlag Potsdam CY - Potsdam ER - TY - BOOK ED - Meinel, Christoph ED - Sack, Harald T1 - Dritter Deutscher IPv6 Gipfel 2010 N2 - Am 24. und 25. Juni 2010 fand am Hasso-Plattner-Institut für Softwaresystemtechnik GmbH in Potsdam der 3. Deutsche IPv6 Gipfel 2010 statt, dessen Dokumentation der vorliegende technische Report dient. Als nationaler Arm des weltweiten IPv6-Forums fördert der Deutsche IPv6-Rat den Übergangsprozess zur neuen Internetgeneration und brachte in diesem Rahmen nationale und internationale Experten aus Wirtschaft, Wissenschaft und öffentlicher Verwaltung zusammen, um Awareness für das Zukunftsthema IPv6 zu schaffen und um ein Resumé über die bislang erzielten Fortschritte zu ziehen. Die Grenzen des alten Internetprotokolls IPv4 sind in den vergangenen zwei Jahren deutlicher denn je zutage getreten. Waren im vergangenen Jahr anlässlich des 2. IPv6 Gipfels noch 11% aller zu vergebenden IPv4 Adressen verfügbar, ist diese Zahl mittlerweile auf nur noch 6% geschrumpft. Ehrengast war in diesem Jahr der „europäische Vater“ des Internets, Prof. Peter T. Kirstein vom University College London, dessen Hauptvortrag von weiteren Beiträgen hochrangiger Vertretern aus Politik, Wissenschaft und Wirtschaft ergänzt wurde. N2 - This technical report is summarizing the talks and presentations of the 3rd German IPv6 Summit 2010 at the Hasso Plattner Institute for Software System Engineering in Potsdam on June 24./25 2010. The goal of this summit is to present current developments concerning the implementation of the new IPv6 technology from political and economic perspectives, as well as from a technological point of view. The limits of the old Internet Protocol IPv6 have become obvious lately. While, last year at the 2nd German IPv6 Summit 2009, 11% of the available IPv4 internet addresses had been still available, this stock has shrunk to almost only 6%. This year's guest of honor was Peter T. Kirstein, the 'European Father of the Internet', who established the very first ARPANET node outside the USA in the early 1970s. Besides him, the conference was complemented by talks and presentations of high-ranking representatives from industry, government, and research. T3 - Technische Berichte des Hasso-Plattner-Instituts für Digital Engineering an der Universität Potsdam - 39 KW - Internet KW - IPv6 KW - IPv4 KW - Internet Protocol KW - Service Provider KW - Infrastruktur KW - Computernetzwerke KW - Netzpolitik KW - Konferenz KW - Internet KW - IPv6 KW - IPv4 KW - Internet Protocol KW - Service Provider KW - Infrastructure KW - Computer Networks KW - Network Politics KW - conference Y1 - 2010 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus-46134 SN - 978-3-86956-092-2 PB - Universitätsverlag Potsdam CY - Potsdam ER -