Refine
Year of publication
Document Type
- Monograph/Edited Volume (5)
- Article (3)
- Doctoral Thesis (2)
- Postprint (2)
- Other (1)
Is part of the Bibliography
- yes (13) (remove)
Keywords
- security (13) (remove)
Institute
- Institut für Informatik und Computational Science (4)
- Hasso-Plattner-Institut für Digital Engineering gGmbH (3)
- Hasso-Plattner-Institut für Digital Engineering GmbH (2)
- Fachgruppe Soziologie (1)
- MenschenRechtsZentrum (1)
- Wirtschafts- und Sozialwissenschaftliche Fakultät (1)
- Wirtschaftswissenschaften (1)
Seit 1999 gibt es die Potsdamer UNO-Konferenzen des Forschungskreises Vereinte Nationen. Inzwischen ist es eine gute Tradition geworden, daß sich UN-Forscher, Politiker und Diplomaten im Sommer zur Potsdamer UNO-Konferenz treffen.
Die Konferenzen des Forschungskreises Vereinte Nationen stehen im Zeichen des interdisziplinären Dialogs in der UN-Forschung zwischen Völkerrechts- und Politikwissenschaft und dienen zugleich der Standortbestimmung der deutschen UN-Forschung im internationalen Kontext.
Die vierte Konferenz des Forschungskreises, die am 28. und 29. Juni 2002 wiederum in den Räumen der Juristischen Fakultät der Universität Potsdam stattfand, widmete sich der Zusammenarbeit der Vereinten Nationen mit der Europäischen Union und mit der NATO sowie den Problemen, die sich den Vereinten Nationen bei der Bekämpfung des Terrorismus in völkerrechtlicher Hinsicht und beim Schutz der Menschenrechte stellen.
Die in dieser Broschüre veröffentlichten Referate der vierten Konferenz machen zusammen mit den Diskussionen, die zusammenfassend dargestellt werden, deutlich, daß die Vereinten Nationen bei der Erfüllung ihrer durch die Charta gestellten Aufgaben auf die Zusammenarbeit mit regionalen politischen und militärischen Organisationen angewiesen sind. Bei der Auseinandersetzung mit politischen Konflikten, internationalen Krisen und aktuellen Herausforderungen wie dem internationalen Terrorismus sind ihnen dabei durch die machtpolitischen Realitäten deutliche Grenzen gesetzt und können sie oft weniger Akteur als vielmehr Schiedsrichter und Wahrer der Menschenrechte sein.
IT systems for healthcare are a complex and exciting field. One the one hand, there is a vast number of improvements and work alleviations that computers can bring to everyday healthcare. Some ways of treatment, diagnoses and organisational tasks were even made possible by computer usage in the first place. On the other hand, there are many factors that encumber computer usage and make development of IT systems for healthcare a challenging, sometimes even frustrating task. These factors are not solely technology-related, but just as well social or economical conditions. This report describes some of the idiosyncrasies of IT systems in the healthcare domain, with a special focus on legal regulations, standards and security.
Cloud security mechanisms
(2014)
Cloud computing has brought great benefits in cost and flexibility for provisioning services. The greatest challenge of cloud computing remains however the question of security. The current standard tools in access control mechanisms and cryptography can only partly solve the security challenges of cloud infrastructures. In the recent years of research in security and cryptography, novel mechanisms, protocols and algorithms have emerged that offer new ways to create secure services atop cloud infrastructures. This report provides introductions to a selection of security mechanisms that were part of the "Cloud Security Mechanisms" seminar in summer term 2013 at HPI.
Die Dissertation befasst sich mit der Organisation von humanitären Lufttransporten bei internationalen Katastrophen. Diese Flüge finden immer dann statt, wenn die eigene Hilfeleistungsfähigkeit der von Katastrophen betroffenen Regionen überfordert ist und Hilfe aus dem Ausland angefordert wird. Bei jedem der darauffolgenden Hilfseinsätze stehen Hilfsorganisationen und weitere mit der Katastrophenhilfe beteiligte Akteure erneut vor der Herausforderung, in kürzester Zeit eine logistische Kette aufzubauen, damit die Güter zum richtigen Zeitpunkt in der richtigen Menge am richtigen Ort eintreffen.
Humanitäre Lufttransporte werden in der Regel als Charterflüge organisiert und finden auf langen Strecken zu Zielen statt, die nicht selten abseits der hochfrequentierten Warenströme liegen. Am Markt ist das Angebot für derartige Transportdienstleistungen nicht gesichert verfügbar und unter Umständen müssen Hilfsorganisationen warten bis Kapazitäten mit geeigneten Flugzeugen zur Verfügung stehen. Auch qualitativ sind die Anforderungen von Hilfsorganisationen an die Hilfsgütertransporte höher als im regulären Linientransport.
Im Rahmen der Dissertation wird ein alternatives Organisationsmodell für die Beschaffung und den Betrieb sowie die Finanzierung von humanitären Lufttransporten aufgebaut. Dabei wird die gesicherte Verfügbarkeit von besonders flexibel einsetzbaren Flugzeugen in Betracht gezogen, mit deren Hilfe die Qualität und insbesondere die Planbarkeit der Hilfeleistung verbessert werden könnte.
Ein idealtypisches Modell wird hier durch die Kopplung der Kollektivgütertheorie, die der Finanzwissenschaft zuzuordnen ist, mit der Vertragstheorie als Bestandteil der Neuen Institutionenökonomik erarbeitet.
Empirische Beiträge zur Vertragstheorie bemängeln, dass es bei der Beschaffung von transaktionsspezifischen Investitionsgütern, wie etwa Flugzeugen mit besonderen Eigenschaften, aufgrund von Risiken und Umweltunsicherheiten zu ineffizienten Lösungen zwischen Vertragspartnern kommt. Die vorliegende Dissertation zeigt eine Möglichkeit auf, wie durch Aufbau einer gemeinsamen Informationsbasis ex-ante, also vor Vertragsschluss, Risiken und Umweltunsicherheiten reduziert werden können. Dies geschieht durch eine temporale Erweiterung eines empirischen Modells zur Bestimmung der Organisationsform bei transaktionsspezifischen Investitionsgütern aus der Regulierungsökonomik.
Die Arbeitet leistet darüber hinaus einen Beitrag zur Steigerung der Effizienz in der humanitären Logistik durch die fallspezifische Betrachtung von horizontalen Kooperationen und Professionalisierung der Hilfeleistung im Bereich der humanitären Luftfahrt.
Every year, the Hasso Plattner Institute (HPI) invites guests from industry and academia to a collaborative scientific workshop on the topic Operating the Cloud. Our goal is to provide a forum for the exchange of knowledge and experience between industry and academia. Co-located with the event is the HPI’s Future SOC Lab day, which offers an additional attractive and conducive environment for scientific and industry related discussions. Operating the Cloud aims to be a platform for productive interactions of innovative ideas, visions, and upcoming technologies in the field of cloud operation and administration.
In these proceedings, the results of the fifth HPI cloud symposium Operating the Cloud 2017 are published. We thank the authors for exciting presentations and insights into their current work and research. Moreover, we look forward to more interesting submissions for the upcoming symposium in 2018.
The rapid development and integration of Information Technologies over the last decades influenced all areas of our life, including the business world. Yet not only the modern enterprises become digitalised, but also security and criminal threats move into the digital sphere. To withstand these threats, modern companies must be aware of all activities within their computer networks.
The keystone for such continuous security monitoring is a Security Information and Event Management (SIEM) system that collects and processes all security-related log messages from the entire enterprise network. However, digital transformations and technologies, such as network virtualisation and widespread usage of mobile communications, lead to a constantly increasing number of monitored devices and systems. As a result, the amount of data that has to be processed by a SIEM system is increasing rapidly. Besides that, in-depth security analysis of the captured data requires the application of rather sophisticated outlier detection algorithms that have a high computational complexity. Existing outlier detection methods often suffer from performance issues and are not directly applicable for high-speed and high-volume analysis of heterogeneous security-related events, which becomes a major challenge for modern SIEM systems nowadays.
This thesis provides a number of solutions for the mentioned challenges. First, it proposes a new SIEM system architecture for high-speed processing of security events, implementing parallel, in-memory and in-database processing principles. The proposed architecture also utilises the most efficient log format for high-speed data normalisation. Next, the thesis offers several novel high-speed outlier detection methods, including generic Hybrid Outlier Detection that can efficiently be used for Big Data analysis. Finally, the special User Behaviour Outlier Detection is proposed for better threat detection and analysis of particular user behaviour cases.
The proposed architecture and methods were evaluated in terms of both performance and accuracy, as well as compared with classical architecture and existing algorithms. These evaluations were performed on multiple data sets, including simulated data, well-known public intrusion detection data set, and real data from the large multinational enterprise. The evaluation results have proved the high performance and efficacy of the developed methods.
All concepts proposed in this thesis were integrated into the prototype of the SIEM system, capable of high-speed analysis of Big Security Data, which makes this integrated SIEM platform highly relevant for modern enterprise security applications.
This paper proposes an education approach for master and bachelor students to enhance their skills in the area of reliability, safety and security of the electronic components in automated driving. The approach is based on the active synergetic work of research institutes, academia and industry in the frame of joint lab. As an example, the jointly organized summer school with the respective focus is organized and elaborated.
Almost half of the political life has been experienced under the
state of emergency and state of siege policies in the Turkish
Republic. In spite of such a striking number and continuity in the
deployment of legal emergency powers, there are just a few legal
and political studies examining the reasons for such permanency
in governing practices. To fill this gap, this paper aims to discuss
one of the most important sources of the ‘permanent’ political
crisis in the country: the historical evolution of legal emergency
power. In order to highlight how these policies have intensified
the highly fragile citizenship regime by weakening the separation
of power, repressing the use of political rights and increasing the
discretionary power of both the executive and judiciary authori-
ties, the paper sheds light on the emergence and production of
a specific form of legality based on the idea of emergency and the
principle of executive prerogative. In that context, it aims to
provide a genealogical explanation of the evolution of the excep-
tional form of the nation-state, which is based on the way political
society, representation, and legitimacy have been instituted and
accompanying failure of the ruling classes in building hegemony
in the country.
MUP
(2020)
Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.
MUP
(2020)
Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.