TY - BOOK A1 - Meinel, Christoph A1 - Renz, Jan A1 - Grella, Catrina A1 - Karn, Nils A1 - Hagedorn, Christiane T1 - Die Cloud für Schulen in Deutschland BT - Konzept und Pilotierung der Schul-Cloud N2 - Die digitale Entwicklung durchdringt unser Bildungssystem, doch Schulen sind auf die Veränderungen kaum vorbereitet: Überforderte Lehrer/innen, infrastrukturell schwach ausgestattete Unterrichtsräume und unzureichend gewartete Computernetzwerke sind keine Seltenheit. Veraltete Hard- und Software erschweren digitale Bildung in Schulen eher, als dass sie diese ermöglichen: Ein zukunftssicherer Ansatz ist es, die Rechner weitgehend aus den Schulen zu entfernen und Bildungsinhalte in eine Cloud zu überführen. Zeitgemäßer Unterricht benötigt moderne Technologie und eine zukunftsorientierte Infrastruktur. Eine Schul-Cloud (https://hpi.de/schul-cloud) kann dabei helfen, die digitale Transformation in Schulen zu meistern und den fächerübergreifenden Unterricht mit digitalen Inhalten zu bereichern. Den Schüler/innen und Lehrkräften kann sie viele Möglichkeiten eröffnen: einen einfachen Zugang zu neuesten, professionell gewarteten Anwendungen, die Vernetzung verschiedener Lernorte, Erleichterung von Unterrichtsvorbereitung und Differenzierung. Die Schul-Cloud bietet Flexibilität, fördert die schul- und fächerübergreifende Anwendbarkeit und schafft eine wichtige Voraussetzung für die gesellschaftliche Teilhabe und Mitgestaltung der digitalen Welt. Neben den technischen Komponenten werden im vorliegenden Bericht ausgewählte Dienste der Schul-Cloud exemplarisch beschrieben und weiterführende Schritte aufgezeigt. Das in Zusammenarbeit mit zahlreichen Expertinnen und Experten am Hasso-Plattner-Institut (HPI) entwickelte und durch das Bundesministerium für Bildung und Forschung (BMBF) geförderte Konzept einer Schul-Cloud stellt eine wichtige Grundlage für die Einführung Cloud-basierter Strukturen und -Dienste im Bildungsbereich dar. Gemeinsam mit dem nationalen Excellence-Schulnetzwerk MINT-EC als Kooperationspartner startet ab sofort die Pilotphase. Aufgrund des modularen, skalierbaren Ansatzes der Schul-Cloud kommt dem infrastrukturellen Prototypen langfristig das Potential zu, auch über die begrenzte Anzahl an Pilotschulen hinaus bundesweit effizient eingesetzt zu werden. N2 - Digitalization is transforming our education system. At the same time, schools are inadequately prepared to meet the changes taking place. Overwhelmed teachers, poorly equipped infrastructures in the classroom, and insufficient computer networks reflect the current situation. Instead of facilitating digital education, outdated hard- and software only hinder innovative teaching and learning. A “future-proof” approach involves the transfer of educational content in schools from the computer to the cloud. Modern education requires state-of-the-art technology and a future-oriented infrastructure. The School Cloud (https://hpi.de/schul-cloud) can help to achieve digital transformation in schools and to enhance interdisciplinary lessons with digital content. Such a cloud opens up new possibilities for pupils and teachers: easy access to the latest, professionally maintained applications; interconnectivity of different learning venues; optimal lesson preparation; and differentiation. School Cloud offers flexibility, promotes cross-curricular and interdisciplinary application, and fulfills an important prerequisite for social participation in creating the digital world. In addition to the technical components, this report describes selected School Cloud services by way of example and outlines further steps. Developed in cooperation with the experts at Hasso Plattner Institute (HPI) and funded by the Federal Ministry of Education and Research (BMBF), School Cloud provides an important foundation for the introduction of cloud-based infrastructures and educational services. The pilot phase—in conjunction with the excellence school network MINT–EC—has already begun. By reason of its modular, scalable approach, School Cloud’s infrastructural prototype has the long-term potential of efficient deployment—extending far beyond the limited number of pilot schools and across the nation. T3 - Technische Berichte des Hasso-Plattner-Instituts für Digital Engineering an der Universität Potsdam - 116 KW - digitale Bildung KW - Schule KW - IT-Infrastruktur KW - Cloud KW - digital education KW - school KW - IT-infrastructure KW - cloud Y1 - 2017 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus4-103858 SN - 978-3-86956-397-8 SN - 1613-5652 SN - 2191-1665 PB - Universitätsverlag Potsdam CY - Potsdam ER - TY - GEN A1 - Chujfi, Salim A1 - Meinel, Christoph T1 - Patterns to explore cognitive preferences and potential collective intelligence empathy for processing knowledge in virtual settings N2 - Organizations continue building virtual working teams (Teleworkers) to become more dynamic as part of their strategic innovation, with great benefits to individuals, business and society. However, during such transformations it is important to note that effective knowledge communication is particularly difficult in distributed environments as well as in non-interactive settings, because the interlocutors cannot use gestures or mimicry and have to adapt their expressions without receiving any feedback, which may affect the creation of tacit knowledge. Collective Intelligence appears to be an encouraging alternative for creating knowledge. However, in this scenario it faces an important goal to be achieved, as the degree of ability of two or more individuals increases with the need to overcome barriers through the aggregation of separately processed information, whereby all actors follow similar conditions to participate in the collective. Geographically distributed organizations have the great challenge of managing people’s knowledge, not only to keep operations running, but also to promote innovation within the organization in the creation of new knowledge. The management of knowledge from Collective Intelligence represents a big difference from traditional methods of information allocation, since managing Collective Intelligence poses new requirements. For instance, semantic analysis has to merge information, coming both from the content itself and the social/individual context, and in addition, the social dynamics that emerge online have to be taken into account. This study analyses how knowledge-based organizations working with decentralized staff may need to consider the cognitive styles and social behaviors of individuals participating in their programs to effectively manage knowledge in virtual settings. It also proposes assessment taxonomies to analyze online comportments at the levels of the individual and community, in order to successfully identify characteristics to help evaluate higher effectiveness of communication. We aim at modeling measurement patterns to identify effective ways of interaction of individuals, taking into consideration their cognitive and social behaviors. T3 - Zweitveröffentlichungen der Universität Potsdam : Mathematisch-Naturwissenschaftliche Reihe - 409 KW - computer science KW - telework KW - knowledge management KW - thinking styles KW - learning styles KW - self-government KW - collective intelligence KW - collaborative work KW - cognitive patterns Y1 - 2017 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus4-401789 ER - TY - BOOK A1 - Tietz, Christian A1 - Pelchen, Chris A1 - Meinel, Christoph A1 - Schnjakin, Maxim T1 - Management Digitaler Identitäten BT - aktueller Status und zukünftige Trends N2 - Um den zunehmenden Diebstahl digitaler Identitäten zu bekämpfen, gibt es bereits mehr als ein Dutzend Technologien. Sie sind, vor allem bei der Authentifizierung per Passwort, mit spezifischen Nachteilen behaftet, haben andererseits aber auch jeweils besondere Vorteile. Wie solche Kommunikationsstandards und -Protokolle wirkungsvoll miteinander kombiniert werden können, um dadurch mehr Sicherheit zu erreichen, haben die Autoren dieser Studie analysiert. Sie sprechen sich für neuartige Identitätsmanagement-Systeme aus, die sich flexibel auf verschiedene Rollen eines einzelnen Nutzers einstellen können und bequemer zu nutzen sind als bisherige Verfahren. Als ersten Schritt auf dem Weg hin zu einer solchen Identitätsmanagement-Plattform beschreiben sie die Möglichkeiten einer Analyse, die sich auf das individuelle Verhalten eines Nutzers oder einer Sache stützt. Ausgewertet werden dabei Sensordaten mobiler Geräte, welche die Nutzer häufig bei sich tragen und umfassend einsetzen, also z.B. internetfähige Mobiltelefone, Fitness-Tracker und Smart Watches. Die Wissenschaftler beschreiben, wie solche Kleincomputer allein z.B. anhand der Analyse von Bewegungsmustern, Positionsund Netzverbindungsdaten kontinuierlich ein „Vertrauens-Niveau“ errechnen können. Mit diesem ermittelten „Trust Level“ kann jedes Gerät ständig die Wahrscheinlichkeit angeben, mit der sein aktueller Benutzer auch der tatsächliche Besitzer ist, dessen typische Verhaltensmuster es genauestens „kennt“. Wenn der aktuelle Wert des Vertrauens-Niveaus (nicht aber die biometrischen Einzeldaten) an eine externe Instanz wie einen Identitätsprovider übermittelt wird, kann dieser das Trust Level allen Diensten bereitstellen, welche der Anwender nutzt und darüber informieren will. Jeder Dienst ist in der Lage, selbst festzulegen, von welchem Vertrauens-Niveau an er einen Nutzer als authentifiziert ansieht. Erfährt er von einem unter das Limit gesunkenen Trust Level, kann der Identitätsprovider seine Nutzung und die anderer Services verweigern. Die besonderen Vorteile dieses Identitätsmanagement-Ansatzes liegen darin, dass er keine spezifische und teure Hardware benötigt, um spezifische Daten auszuwerten, sondern lediglich Smartphones und so genannte Wearables. Selbst Dinge wie Maschinen, die Daten über ihr eigenes Verhalten per Sensor-Chip ins Internet funken, können einbezogen werden. Die Daten werden kontinuierlich im Hintergrund erhoben, ohne dass sich jemand darum kümmern muss. Sie sind nur für die Berechnung eines Wahrscheinlichkeits-Messwerts von Belang und verlassen niemals das Gerät. Meldet sich ein Internetnutzer bei einem Dienst an, muss er sich nicht zunächst an ein vorher festgelegtes Geheimnis – z.B. ein Passwort – erinnern, sondern braucht nur die Weitergabe seines aktuellen Vertrauens-Wertes mit einem „OK“ freizugeben. Ändert sich das Nutzungsverhalten – etwa durch andere Bewegungen oder andere Orte des Einloggens ins Internet als die üblichen – wird dies schnell erkannt. Unbefugten kann dann sofort der Zugang zum Smartphone oder zu Internetdiensten gesperrt werden. Künftig kann die Auswertung von Verhaltens-Faktoren noch erweitert werden, indem z.B. Routinen an Werktagen, an Wochenenden oder im Urlaub erfasst werden. Der Vergleich mit den live erhobenen Daten zeigt dann an, ob das Verhalten in das übliche Muster passt, der Benutzer also mit höchster Wahrscheinlichkeit auch der ausgewiesene Besitzer des Geräts ist. Über die Techniken des Managements digitaler Identitäten und die damit verbundenen Herausforderungen gibt diese Studie einen umfassenden Überblick. Sie beschreibt zunächst, welche Arten von Angriffen es gibt, durch die digitale Identitäten gestohlen werden können. Sodann werden die unterschiedlichen Verfahren von Identitätsnachweisen vorgestellt. Schließlich liefert die Studie noch eine zusammenfassende Übersicht über die 15 wichtigsten Protokolle und technischen Standards für die Kommunikation zwischen den drei beteiligten Akteuren: Service Provider/Dienstanbieter, Identitätsprovider und Nutzer. Abschließend wird aktuelle Forschung des Hasso-Plattner-Instituts zum Identitätsmanagement vorgestellt. N2 - To prevent the increasing number of identity thefts, more than a douzend technologies are already existing. They have, especially then authentication with passwords, specific disadvantages or advantages, respectively. The authors of this survey analyzed how to combine these communication standards and protocols to provide more security. They recommend new kinds of identity management systems that are flexible for different user roles and are more convenient to use as the existing systems. As a first step to build such an identity management platform the authors describe how to analyze and use the individual behavior of users or objects. As a result sensor data of mobile devices are analyzed. Such devices are internetready mobiles, fitness tracker and smart watches. Therefore devices that users often carry with them. The researchers describe how these little computers can continously analyze movement patterns, data of location and connected networks and compute a trust level from the data. With this trust level, a device can indicate the probability that the current user is the actual owner, because it knows the behavioral patterns of the owner. If the current trust level value (not single biometric data) is send to an external entity like an identity provider, this provider can provide the trust level to all services used by the user. Each service is able to decide which trust level value is necessary for user authentication. If the trust level drops under a this specific threshold the identity provider can deny the access to itself and all other services. The particular advantages of this identity management approach is that no special and expensive hardware is needed but instead smartphone and wearables to evaluate the specific data. Even objects like machines that send data of their own behavior to the internet can be used. The data is continously collected in the background so users do not need to care about it. The data is only used for computing the trust level and never leaves the device. If a user logs into an internet service he does not need to remember a secret anymore, e.g. a password, instead he just needs to give an OK to pass on the trust level. If the user behavior is changing, for example by different movement patterns or unknown or new locations when trying to log into a web services, it can be immediately detected and the access to the smartphone or internet services an be locked for the unauthorized person. In future the evaluation can be extended for example with detecting routines on working days, on weekands or on vacations. The comparisons of learned routines with live data will show if the behavior fits into the usual patterns. This survey gives a comprehensive overview of techniques in digital identity management and the related challenges. First, it describes different kinds of attack methods which attacker uses to steal digital identities. Then possible authentication methods are presented. Eventually a summary of the 15 most important protocols and technical standards for communication between the three involved players: service provider, identity provider and user. Finally, it introduces the current research of the Hasso-Plattner Institute. T3 - Technische Berichte des Hasso-Plattner-Instituts für Digital Engineering an der Universität Potsdam - 114 KW - Studie KW - Identitätsmanagement KW - Biometrie KW - Authentifizierung KW - Identität KW - Angriffe KW - Mehr-Faktor-Authentifizierung KW - Single-Sign-On KW - HPI Forschung KW - identity management KW - biometrics KW - authentication KW - identity KW - multi factor authentication KW - HPI research KW - wearables KW - smartphone KW - OpenID Connect KW - OAuth KW - FIDO Y1 - 2017 U6 - http://nbn-resolving.de/urn/resolver.pl?urn:nbn:de:kobv:517-opus4-103164 SN - 978-3-86956-395-4 SN - 1613-5652 SN - 2191-1665 IS - 114 PB - Universitätsverlag Potsdam CY - Potsdam ER - TY - JOUR A1 - Sapegin, Andrey A1 - Jaeger, David A1 - Cheng, Feng A1 - Meinel, Christoph T1 - Towards a system for complex analysis of security events in large-scale networks JF - Computers & security : the international journal devoted to the study of the technical and managerial aspects of computer security N2 - After almost two decades of development, modern Security Information and Event Management (SIEM) systems still face issues with normalisation of heterogeneous data sources, high number of false positive alerts and long analysis times, especially in large-scale networks with high volumes of security events. In this paper, we present our own prototype of SIEM system, which is capable of dealing with these issues. For efficient data processing, our system employs in-memory data storage (SAP HANA) and our own technologies from the previous work, such as the Object Log Format (OLF) and high-speed event normalisation. We analyse normalised data using a combination of three different approaches for security analysis: misuse detection, query-based analytics, and anomaly detection. Compared to the previous work, we have significantly improved our unsupervised anomaly detection algorithms. Most importantly, we have developed a novel hybrid outlier detection algorithm that returns ranked clusters of anomalies. It lets an operator of a SIEM system to concentrate on the several top-ranked anomalies, instead of digging through an unsorted bundle of suspicious events. We propose to use anomaly detection in a combination with signatures and queries, applied on the same data, rather than as a full replacement for misuse detection. In this case, the majority of attacks will be captured with misuse detection, whereas anomaly detection will highlight previously unknown behaviour or attacks. We also propose that only the most suspicious event clusters need to be checked by an operator, whereas other anomalies, including false positive alerts, do not need to be explicitly checked if they have a lower ranking. We have proved our concepts and algorithms on a dataset of 160 million events from a network segment of a big multinational company and suggest that our approach and methods are highly relevant for modern SIEM systems. KW - Intrusion detection KW - SAP HANA KW - In-memory KW - Security KW - Machine learning KW - Anomaly detection KW - Outlier detection Y1 - 2017 U6 - https://doi.org/10.1016/j.cose.2017.02.001 SN - 0167-4048 SN - 1872-6208 VL - 67 SP - 16 EP - 34 PB - Elsevier Science CY - Oxford ER - TY - JOUR A1 - Chujfi-La-Roche, Salim A1 - Meinel, Christoph T1 - Matching cognitively sympathetic individual styles to develop collective intelligence in digital communities JF - AI & society : the journal of human-centred systems and machine intelligence N2 - Creation, collection and retention of knowledge in digital communities is an activity that currently requires being explicitly targeted as a secure method of keeping intellectual capital growing in the digital era. In particular, we consider it relevant to analyze and evaluate the empathetic cognitive personalities and behaviors that individuals now have with the change from face-to-face communication (F2F) to computer-mediated communication (CMC) online. This document proposes a cyber-humanistic approach to enhance the traditional SECI knowledge management model. A cognitive perception is added to its cyclical process following design thinking interaction, exemplary for improvement of the method in which knowledge is continuously created, converted and shared. In building a cognitive-centered model, we specifically focus on the effective identification and response to cognitive stimulation of individuals, as they are the intellectual generators and multiplicators of knowledge in the online environment. Our target is to identify how geographically distributed-digital-organizations should align the individual's cognitive abilities to promote iteration and improve interaction as a reliable stimulant of collective intelligence. The new model focuses on analyzing the four different stages of knowledge processing, where individuals with sympathetic cognitive personalities can significantly boost knowledge creation in a virtual social system. For organizations, this means that multidisciplinary individuals can maximize their extensive potential, by externalizing their knowledge in the correct stage of the knowledge creation process, and by collaborating with their appropriate sympathetically cognitive remote peers. KW - argumentation research KW - cyber humanistic KW - cognition KW - collaboration KW - knowledge building KW - knowledge management KW - teamwork KW - virtual groups Y1 - 2017 U6 - https://doi.org/10.1007/s00146-017-0780-x SN - 0951-5666 SN - 1435-5655 VL - 35 IS - 1 SP - 5 EP - 15 PB - Springer CY - New York ER - TY - GEN A1 - Malchow, Martin A1 - Renz, Jan A1 - Bauer, Matthias A1 - Meinel, Christoph T1 - Embedded smart home BT - remote lab grading in a MOOC with over 6000 participants T2 - 11th Annual IEEE International Systems Conference (SysCon) N2 - The popularity of MOOCs has increased considerably in the last years. A typical MOOC course consists of video content, self tests after a video and homework, which is normally in multiple choice format. After solving this homeworks for every week of a MOOC, the final exam certificate can be issued when the student has reached a sufficient score. There are also some attempts to include practical tasks, such as programming, in MOOCs for grading. Nevertheless, until now there is no known possibility to teach embedded system programming in a MOOC course where the programming can be done in a remote lab and where grading of the tasks is additionally possible. This embedded programming includes communication over GPIO pins to control LEDs and measure sensor values. We started a MOOC course called "Embedded Smart Home" as a pilot to prove the concept to teach real hardware programming in a MOOC environment under real life MOOC conditions with over 6000 students. Furthermore, also students with real hardware have the possibility to program on their own real hardware and grade their results in the MOOC course. Finally, we evaluate our approach and analyze the student acceptance of this approach to offer a course on embedded programming. We also analyze the hardware usage and working time of students solving tasks to find out if real hardware programming is an advantage and motivating achievement to support students learning success. Y1 - 2017 SN - 978-1-5090-4623-2 U6 - https://doi.org/10.1109/SYSCON.2017.7934728 SN - 1944-7620 SP - 195 EP - 200 PB - IEEE CY - New York ER - TY - GEN A1 - Alibabaie, Najmeh A1 - Ghasemzadeh, Mohammad A1 - Meinel, Christoph T1 - A variant of genetic algorithm for non-homogeneous population T2 - International Conference Applied Mathematics, Computational Science and Systems Engineering 2016 N2 - Selection of initial points, the number of clusters and finding proper clusters centers are still the main challenge in clustering processes. In this paper, we suggest genetic algorithm based method which searches several solution spaces simultaneously. The solution spaces are population groups consisting of elements with similar structure. Elements in a group have the same size, while elements in different groups are of different sizes. The proposed algorithm processes the population in groups of chromosomes with one gene, two genes to k genes. These genes hold corresponding information about the cluster centers. In the proposed method, the crossover and mutation operators can accept parents with different sizes; this can lead to versatility in population and information transfer among sub-populations. We implemented the proposed method and evaluated its performance against some random datasets and the Ruspini dataset as well. The experimental results show that the proposed method could effectively determine the appropriate number of clusters and recognize their centers. Overall this research implies that using heterogeneous population in the genetic algorithm can lead to better results. Y1 - 2017 U6 - https://doi.org/10.1051/itmconf/20170902001 SN - 2271-2097 VL - 9 PB - EDP Sciences CY - Les Ulis ER - TY - GEN A1 - Gawron, Marian A1 - Cheng, Feng A1 - Meinel, Christoph T1 - PVD: Passive Vulnerability Detection T2 - 8th International Conference on Information and Communication Systems (ICICS) N2 - The identification of vulnerabilities relies on detailed information about the target infrastructure. The gathering of the necessary information is a crucial step that requires an intensive scanning or mature expertise and knowledge about the system even though the information was already available in a different context. In this paper we propose a new method to detect vulnerabilities that reuses the existing information and eliminates the necessity of a comprehensive scan of the target system. Since our approach is able to identify vulnerabilities without the additional effort of a scan, we are able to increase the overall performance of the detection. Because of the reuse and the removal of the active testing procedures, our approach could be classified as a passive vulnerability detection. We will explain the approach and illustrate the additional possibility to increase the security awareness of users. Therefore, we applied the approach on an experimental setup and extracted security relevant information from web logs. Y1 - 2017 SN - 978-1-5090-4243-2 U6 - https://doi.org/10.1109/IACS.2017.7921992 SN - 2471-125X SP - 322 EP - 327 PB - IEEE CY - New York ER - TY - GEN A1 - Torkura, Kennedy A. A1 - Sukmana, Muhammad Ihsan Haikal A1 - Cheng, Feng A1 - Meinel, Christoph T1 - Leveraging cloud native design patterns for security-as-a-service applications T2 - IEEE International Conference on Smart Cloud (SmartCloud) N2 - This paper discusses a new approach for designing and deploying Security-as-a-Service (SecaaS) applications using cloud native design patterns. Current SecaaS approaches do not efficiently handle the increasing threats to computer systems and applications. For example, requests for security assessments drastically increase after a high-risk security vulnerability is disclosed. In such scenarios, SecaaS applications are unable to dynamically scale to serve requests. A root cause of this challenge is employment of architectures not specifically fitted to cloud environments. Cloud native design patterns resolve this challenge by enabling certain properties e.g. massive scalability and resiliency via the combination of microservice patterns and cloud-focused design patterns. However adopting these patterns is a complex process, during which several security issues are introduced. In this work, we investigate these security issues, we redesign and deploy a monolithic SecaaS application using cloud native design patterns while considering appropriate, layered security counter-measures i.e. at the application and cloud networking layer. Our prototype implementation out-performs traditional, monolithic applications with an average Scanner Time of 6 minutes, without compromising security. Our approach can be employed for designing secure, scalable and performant SecaaS applications that effectively handle unexpected increase in security assessment requests. KW - Cloud-Security KW - Security-as-a-Service KW - Vulnerability Assessment KW - Cloud Native Applications Y1 - 2017 SN - 978-1-5386-3684-8 U6 - https://doi.org/10.1109/SmartCloud.2017.21 SP - 90 EP - 97 PB - Institute of Electrical and Electronics Engineers CY - New York ER - TY - GEN A1 - Renz, Jan A1 - Shams, Ahmed A1 - Meinel, Christoph T1 - Offline-Enabled Web-based E-Learning for Improved User Experience in Africa T2 - 2017 IEEE Africon N2 - Web-based E-Learning uses Internet technologies and digital media to deliver education content to learners. Many universities in recent years apply their capacity in producing Massive Open Online Courses (MOOCs). They have been offering MOOCs with an expectation of rendering a comprehensive online apprenticeship. Typically, an online content delivery process requires an Internet connection. However, access to the broadband has never been a readily available resource in many regions. In Africa, poor and no networks are yet predominantly experienced by Internet users, frequently causing offline each moment a digital device disconnect from a network. As a result, a learning process is always disrupted, delayed and terminated in such regions. This paper raises the concern of E-Learning in poor and low bandwidths, in fact, it highlights the needs for an Offline-Enabled mode. The paper also explores technical approaches beamed to enhance the user experience inWeb-based E-Learning, particular in Africa. KW - Educational Technology KW - E-Learning KW - Internet KW - Bandwidth KW - Mobile Learning KW - Mobiles KW - MOOC KW - Offline-Enabled KW - Ubiquitous Y1 - 2017 SN - 978-1-5386-2775-4 U6 - https://doi.org/10.1109/AFRCON.2017.8095574 SN - 2153-0025 SP - 736 EP - 742 PB - IEEE CY - New York ER - TY - JOUR A1 - Omotosho, Adebayo A1 - Emuoyibofarhe, Justice A1 - Meinel, Christoph T1 - Securing e-prescription from medical identity theft using steganography and antiphishing techniques JF - Journal of applied security research N2 - Drug prescription is among the health care process that usually makes references to the patients’ medical and insurance information among other personal data, because this information is very vital and delicate, it should be adequately protected from identity thieves. This article aims at securing Electronic Prescription (EP) in order to minimize patient’s data theft and foster patients’ trust of EP system. This paper presents a steganography and antiphishing technique for preventing medical identity theft in EP. The proposed EP system design focused on the security features in the prescriber and dispensers’ modules of EP by ensuring the prescriber sends the prescription of the patient in a safe manner and to the right dispenser without the interference of fake third parties. Hexadecimal steganography image system is used to cover and secure the sent prescription details. Malicious electronic dispensing system is prevented through an authentication technique where a dispenser uses a captcha together with a one-time password, and the web server encrypted token for prescriber’s device authentication. The steganography system is evaluated using Peak Signal to Noise Ratio (PSNR). The system implementation results showed that steganography and antiphishing techniques are capable of providing a secure EP systems. KW - Electronic prescription KW - one-time password KW - steganography KW - phishing KW - medical identity theft Y1 - 2017 U6 - https://doi.org/10.1080/19361610.2017.1315788 SN - 1936-1610 SN - 1936-1629 VL - 12 SP - 447 EP - 461 PB - Routledge, Taylor & Francis Group CY - Philadelphia ER - TY - GEN A1 - Staubitz, Thomas A1 - Wilkins, Christian A1 - Hagedorn, Christiane A1 - Meinel, Christoph T1 - The Gamification of a MOOC Platform T2 - Proceedings of 2017 IEEE Global Engineering Education Conference (EDUCON) N2 - Massive Open Online Courses (MOOCs) have left their mark on the face of education during the recent years. At the Hasso Plattner Institute (HPI) in Potsdam, Germany, we are actively developing a MOOC platform, which provides our research with a plethora of e-learning topics, such as learning analytics, automated assessment, peer assessment, team-work, online proctoring, and gamification. We run several instances of this platform. On openHPI, we provide our own courses from within the HPI context. Further instances are openSAP, openWHO, and mooc.HOUSE, which is the smallest of these platforms, targeting customers with a less extensive course portfolio. In 2013, we started to work on the gamification of our platform. By now, we have implemented about two thirds of the features that we initially have evaluated as useful for our purposes. About a year ago we activated the implemented gamification features on mooc.HOUSE. Before activating the features on openHPI as well, we examined, and re-evaluated our initial considerations based on the data we collected so far and the changes in other contexts of our platforms. KW - MOOC KW - Gamification KW - e-learning KW - Massive Open Online Courses Y1 - 2017 SN - 978-1-5090-5467-1 U6 - https://doi.org/10.1109/EDUCON.2017.7942952 SN - 2165-9567 SP - 883 EP - 892 PB - IEEE CY - New York ER -