Refine
Has Fulltext
- no (16) (remove)
Year of publication
- 2016 (16) (remove)
Document Type
- Doctoral Thesis (10)
- Part of a Book (4)
- Article (1)
- Conference Proceeding (1)
Is part of the Bibliography
- yes (16) (remove)
Keywords
- App (1)
- Barcode (1)
- Chipkarten (1)
- Massenklausuren (1)
- NFC (1)
- OBI (1)
- Open Badge Infrastructure (1)
- Open Badges (1)
- Peer-Review (1)
- Professionalisierung (1)
Institute
- Institut für Informatik und Computational Science (16) (remove)
Software-as-a-Service (SaaS) offers several advantages to both service providers and users. Service providers can benefit from the reduction of Total Cost of Ownership (TCO), better scalability, and better resource utilization. On the other hand, users can use the service anywhere and anytime, and minimize upfront investment by following the pay-as-you-go model. Despite the benefits of SaaS, users still have concerns about the security and privacy of their data. Due to the nature of SaaS and the Cloud in general, the data and the computation are beyond the users' control, and hence data security becomes a vital factor in this new paradigm. Furthermore, in multi-tenant SaaS applications, the tenants become more concerned about the confidentiality of their data since several tenants are co-located onto a shared infrastructure.
To address those concerns, we start protecting the data from the provisioning process by controlling how tenants are being placed in the infrastructure. We present a resource allocation algorithm designed to minimize the risk of co-resident tenants called SecPlace. It enables the SaaS provider to control the resource (i.e., database instance) allocation process while taking into account the security of tenants as a requirement.
Due to the design principles of the multi-tenancy model, tenants follow some degree of sharing on both application and infrastructure levels. Thus, strong security-isolation should be present. Therefore, we develop SignedQuery, a technique that prevents one tenant from accessing others' data. We use the Signing Concept to create a signature that is used to sign the tenant's request, then the server can verifies the signature and recognizes the requesting tenant, and hence ensures that the data to be accessed is belonging to the legitimate tenant.
Finally, Data confidentiality remains a critical concern due to the fact that data in the Cloud is out of users' premises, and hence beyond their control. Cryptography is increasingly proposed as a potential approach to address such a challenge. Therefore, we present SecureDB, a system designed to run SQL-based applications over an encrypted database. SecureDB captures the schema design and analyzes it to understand the internal structure of the data (i.e., relationships between the tables and their attributes). Moreover, we determine the appropriate partialhomomorphic encryption scheme for each attribute where computation is possible even when the data is encrypted.
To evaluate our work, we conduct extensive experiments with di↵erent settings. The main use case in our work is a popular open source HRM application, called OrangeHRM. The results show that our multi-layered approach is practical, provides enhanced security and isolation among tenants, and have a moderate complexity in terms of processing encrypted data.
The introduction of columnar in-memory databases, along with hardware evolution, has made the execution of transactional and analytical enterprise application workloads on a single system both feasible and viable. Yet, we argue that executing analytical aggregate queries directly on the transactional data can decrease the overall system performance. Despite the aggregation capabilities of columnar in-memory databases, the direct access to records of a materialized aggregate is always more efficient than aggregating on the fly. The traditional approach to materialized aggregates, however, introduces significant overhead in terms of materialized view selection, maintenance, and exploitation. When this overhead is handled by the application, it increases the application complexity, and can slow down the transactional throughput of inserts, updates, and deletes.
In this thesis, we motivate, propose, and evaluate the aggregate cache, a materialized aggregate engine in the main-delta architecture of a columnar in-memory database that provides efficient means to handle costly aggregate queries of enterprise applications. For our design, we leverage the specifics of the main-delta architecture that separates a table into a main and delta partition. The central concept is to only cache the partial aggregate query result as defined on the main partition of a table, because the main partition is relatively stable as records are only inserted into the delta partition. We contribute by proposing incremental aggregate maintenance and query compensation techniques for mixed workloads of enterprise applications. In addition, we introduce aggregate profit metrics that increase the likelihood of persisting the most profitable aggregates in the aggregate cache.
Query compensation and maintenance of materialized aggregates based on joins of multiple tables is expensive due to the partitioned tables in the main-delta architecture. Our analysis of enterprise applications has revealed several data schema and workload patterns. This includes the observation that transactional data is persisted in header and item tables, whereas in many cases, the insertion of related header and item records is executed in a single database transaction. We contribute by proposing an approach to transport these application object semantics to the database system and optimize the query processing using the aggregate cache by applying partition pruning and predicate pushdown techniques.
For the experimental evaluation, we propose the FICO benchmark that is based on data from a productive ERP system with extracted mixed workloads. Our evaluation reveals that the aggregate cache can accelerate the execution of aggregate queries up to a factor of 60 whereas the speedup highly depends on the number of aggregated records in the main and delta partitions. In mixed workloads, the proposed aggregate maintenance and query compensation techniques perform up to an order of magnitude better than traditional materialized aggregate maintenance approaches. The introduced aggregate profit metrics outperform existing costbased metrics by up to 20%. Lastly, the join pruning and predicate pushdown techniques can accelerate query execution in the aggregate cache in the presence of multiple partitioned tables by up to an order of magnitude.
Solving problems combining task and motion planning requires searching across a symbolic search space and a geometric search space. Because of the semantic gap between symbolic and geometric representations, symbolic sequences of actions are not guaranteed to be geometrically feasible. This compels us to search in the combined search space, in which frequent backtracks between symbolic and geometric levels make the search inefficient.We address this problem by guiding symbolic search with rich information extracted from the geometric level through culprit detection mechanisms.
E-Learning-Anwendungen bieten Chancen für die gesetzlich vorgeschriebene Inklusion von Lernenden mit Beeinträchtigungen. Die gleichberechtigte Teilhabe von blinden Lernenden an Veranstaltungen in virtuellen Klassenzimmern ist jedoch durch den synchronen, multimedialen Charakter und den hohen Informationsumfang dieser Lösungen kaum möglich.
Die vorliegende Arbeit untersucht die Zugänglichkeit virtueller Klassenzimmer für blinde Nutzende, um eine möglichst gleichberechtigte Teilhabe an synchronen, kollaborativen Lernszenarien zu ermöglichen. Im Rahmen einer Produktanalyse werden dazu virtuelle Klassenzimmer auf ihre Zugänglichkeit und bestehende Barrieren untersucht und Richtlinien für die zugängliche Gestaltung von virtuellen Klassenzimmern definiert. Anschließend wird ein alternatives Benutzungskonzept zur Darstellung und Bedienung virtueller Klassenzimmer auf einem zweidimensionalen taktilen Braille-Display entwickelt, um eine möglichst gleichberechtigte Teilhabe blinder Lernender an synchronen Lehrveranstaltungen zu ermöglichen. Nach einer ersten Evaluation mit blinden Probanden erfolgt die prototypische Umsetzung des Benutzungskonzepts für ein Open-Source-Klassenzimmer. Die abschließende Evaluation der prototypischen Umsetzung zeigt die Verbesserung der Zugänglichkeit von virtuellen Klassenzimmern für blinde Lernende unter Verwendung eines taktilen Flächendisplays und bestätigt die Wirksamkeit der im Rahmen dieser Arbeit entwickelten Konzepte.
Mobile Applikationen eignen sich als strukturelle Unterstützungsangebote für Studierende während des Studieneinstiegs. Durch die App Reflect.UP werden Studienorganisation, Studieninhalte und -ziele von Studierenden reflektiert. Der bewusste Umgang mit dem studentischen Kompetenzerwerb als wissenschaftliche eflexionskompetenz ist immanenter Bestandteil der akademischen Professionalisierung und steht in diesem Beitrag im Vordergrund. Gezeigt wird, wie aus Studienordnungen und Modulbeschreibungen systematisch Fragen zur studentischen Reflexion herausgearbeitet werden und dadurch ein Kompetenzraster entsteht. Die durch den praktischen Einsatz von Reflect.UP gewonnenen Daten werden ausgewertet und dahingehend diskutiert, welche Rückschlüsse sich hieraus auf die Problemlagen und Lernprozesse der Studierenden sowie für die Studiengangsorganisation(en) ziehen lassen. Darüber hinaus werden die Stärken und Schwächen einer mobilen Applikation als sozial- und informationswissenschaftliches Amalgam zur strukturellen Unterstützung der Studieneingangsphase reflektiert.
Nach wie vor stellen Klausuren mit hunderten Studierenden, sogenannte Massenklausuren, insbesondere Lehrende vor organisatorische Herausforderungen, die es jedes Semester aufs Neue zu bewältigen gilt. Dieser Beitrag zeigt technische Möglichkeiten zur Unterstützung und Durchführung von Massenklausuren auf. Hierzu werden zunächst verschiedene Verfahren der Klausurvorbereitung und -organisation aus unterschiedlichen Fachdisziplinen erfasst und analysiert.
Im Anschluss wird ein verallgemeinerbarer Prozess konzipiert, der sämtliche Schritte von der Planung, Erstellung, Durchführung, Kontrolle bis hin zur Archivierung berücksichtigt. Zur Unterstützung der einzelnen Prozessschritte werden technische Systeme vorgestellt, die mit den Bedürfnissen der Prüfungsverantwortlichen abgestimmt sind. Die entstandenen Systeme werden vorgestellt und die durchgeführten Zielgruppentests reflektiert.
The term Personal Learning Environment (PLE) is associated with the desire to put the learner in control of his own learning process, so that he is able to set and accomplish the desired learning goals at the right time with the learning environment chosen by him. Gradually, such a learning environment includes several digital content, services and tools. It is thus summarized as the Virtual Learning Environment (VLE). Even though the construction of an individual PLE is a complex task, several approaches to support this process already exist. They mostly occur under the umbrella term PLE or with little accentuations like iPLE, which especially live within the context of institutions. This paper sums up the variety of attempts and technical approaches to establish a PLE and suggests a categorization for them.