Hasso-Plattner-Institut für Digital Engineering GmbH
Refine
Document Type
- Other (23)
- Article (15)
- Monograph/Edited Volume (13)
- Conference Proceeding (2)
- Postprint (2)
- Report (1)
Keywords
- MOOC (9)
- digital education (7)
- e-learning (6)
- Cloud Computing (5)
- E-Learning (4)
- Forschungsprojekte (4)
- Future SOC Lab (4)
- In-Memory Technologie (4)
- Multicore Architekturen (4)
- artifical intelligence (4)
- cloud computing (4)
- machine learning (4)
- maschinelles Lernen (4)
- multicore architectures (4)
- online course creation (4)
- online course design (4)
- openHPI (4)
- research projects (4)
- Digitale Bildung (3)
- Kursdesign (3)
- Micro Degree (3)
- Online-Lehre (3)
- Onlinekurs (3)
- Onlinekurs-Produktion (3)
- Security Metrics (3)
- Security Risk Assessment (3)
- Teamwork (3)
- course design (3)
- digitale Bildung (3)
- in-memory technology (3)
- künstliche Intelligenz (3)
- micro degree (3)
- micro-credential (3)
- online teaching (3)
- Cloud-Security (2)
- Digitalisierung (2)
- Energy (2)
- European Union (2)
- Europäische Union (2)
- HPI Schul-Cloud (2)
- Lecture Video Archive (2)
- MAC security (2)
- MERLOT (2)
- MOOCs (2)
- Machine Learning (2)
- Massive Open Online Course (MOOC) (2)
- Secure Configuration (2)
- Security (2)
- Social Media Analysis (2)
- assignments (2)
- cloud (2)
- digital enlightenment (2)
- digital learning platform (2)
- digital sovereignty (2)
- digitale Aufklärung (2)
- digitale Lernplattform (2)
- digitale Souveränität (2)
- digitalization (2)
- flexibility (2)
- framework (2)
- learning path (2)
- lebenslanges Lernen (2)
- lifelong learning (2)
- modularization (2)
- self-paced learning (2)
- ACINQ (1)
- AI Lab (1)
- ASIC (1)
- Abschlussbericht (1)
- Algorithms (1)
- Application Container Security (1)
- Approximation algorithms (1)
- Architectures (1)
- Australian securities exchange (1)
- Automated parsing (1)
- BCCC (1)
- BTC (1)
- Bandwidth (1)
- Big Five Model (1)
- Big Five model (1)
- BitShares (1)
- Bitcoin Core (1)
- Blockchain Auth (1)
- Blockchain-Konsortium R3 (1)
- Blockkette (1)
- Blockstack (1)
- Blockstack ID (1)
- Blumix-Plattform (1)
- Blöcke (1)
- Brand Personality (1)
- Byzantine Agreement (1)
- Cloud (1)
- Cloud Audit (1)
- Cloud Service Provider (1)
- Collaborative learning (1)
- Colored Coins (1)
- DAO (1)
- DPoS (1)
- Data breach (1)
- Data mining (1)
- Data mining Machine learning (1)
- Data partitioning (1)
- Data profiling (1)
- Datenschutz-sicherer Einsatz in der Schule (1)
- Delegated Proof-of-Stake (1)
- Denial of sleep (1)
- Digital World (1)
- Disadvantaged communities (1)
- Distance Learning (1)
- Distributed Proof-of-Research (1)
- Distributed snapshot algorithm (1)
- E-Learning exam preparation (1)
- E-Lecture (1)
- E-Wallet (1)
- E-health (1)
- ECDSA (1)
- Educational Technology (1)
- Electrical products (1)
- Embedded Programming (1)
- Emotion Mining (1)
- Eris (1)
- Ether (1)
- Ethereum (1)
- Federated Byzantine Agreement (1)
- Feedback control loop (1)
- Flash (1)
- FollowMyVote (1)
- Forecasting (1)
- Fork (1)
- Forschungskolleg (1)
- German schools (1)
- Grid stability (1)
- Gridcoin (1)
- HLS (1)
- HTML5 (1)
- Hard Fork (1)
- Hashed Timelock Contracts (1)
- Hasso Plattner Institute (1)
- Hasso-Plattner-Institut (1)
- Home appliances (1)
- ICT (1)
- IEEE 802.15.4 (1)
- IT-Infrastruktur (1)
- IT-infrastructure (1)
- Identity leak (1)
- Identitätsmanagement (1)
- Imbalanced medical image semantic segmentation (1)
- In-Memory technology (1)
- Internet (1)
- Internet der Dinge (1)
- Internet of Things (1)
- Internet of things (1)
- IoT (1)
- Japanese Blockchain Consortium (1)
- Japanisches Blockchain-Konsortium (1)
- Java (1)
- K-12 (1)
- KI-Labor (1)
- Kette (1)
- Klausurtagung (1)
- Konsensalgorithmus (1)
- Konsensprotokoll (1)
- Künstliche Intelligenz (1)
- Lecture Recording (1)
- Lightning Network (1)
- Link layer security (1)
- Load modeling (1)
- Lock-Time-Parameter (1)
- Lossy networks (1)
- Low-processing capable devices (1)
- MOOC Remote Lab (1)
- Meltdown (1)
- Memory Dumping (1)
- Micro-grid networks (1)
- Micropayment-Kanäle (1)
- Microservices Security (1)
- Microsoft Azur (1)
- Mobile Learning (1)
- Mobiles (1)
- Monitoring (1)
- Moving Target Defense (1)
- NASDAQ (1)
- NameID (1)
- Namecoin (1)
- Natural Language Processing (1)
- Neural Networks (1)
- Off-Chain-Transaktionen (1)
- Offline-Enabled (1)
- Onename (1)
- OpenBazaar (1)
- Oracles (1)
- Orphan Block (1)
- P2P (1)
- Parallel processing (1)
- Peer Assessment (1)
- Peer assessment (1)
- Peer-to-Peer Netz (1)
- Peercoin (1)
- Personality Prediction (1)
- Ph.D. retreat (1)
- PoB (1)
- PoS (1)
- PoW (1)
- Power consumption characterization (1)
- Power demand (1)
- Privacy (1)
- Programming course (1)
- Project-based learning (1)
- Proof-of-Burn (1)
- Proof-of-Stake (1)
- Proof-of-Work (1)
- Psychological Emotions (1)
- Python (1)
- Recurrent generative (1)
- Resource constrained smart micro-grids (1)
- Ripple (1)
- SCP (1)
- SHA (1)
- SPV (1)
- School (1)
- Schule (1)
- Schwierigkeitsgrad (1)
- Secondary Education (1)
- Security analytics (1)
- Sensor networks (1)
- Service-oriented Systems Engineering (1)
- Simplified Payment Verification (1)
- Skalierbarkeit der Blockchain (1)
- Slock.it (1)
- Smart Home Education (1)
- Smart micro-grids (1)
- Soft Fork (1)
- Spectre (1)
- Steemit (1)
- Stellar Consensus Protocol (1)
- Storj (1)
- Team Assessment (1)
- Team based assignment (1)
- Team-based Learning (1)
- The Bitfury Group (1)
- The DAO (1)
- Threat Models (1)
- Transaktion (1)
- Two-Way-Peg (1)
- Ubiquitous (1)
- Unified logging system (1)
- Unspent Transaction Output (1)
- Unterricht mit digitalen Medien (1)
- Verträge (1)
- Video annotations (1)
- Virtual Machine (1)
- Vulnerability analysis (1)
- Watson IoT (1)
- Wireless sensor networks (1)
- Zielvorgabe (1)
- Zookos Dreieck (1)
- Zookos triangle (1)
- accuracy (1)
- adversarial network (1)
- altchain (1)
- alternative chain (1)
- atomic swap (1)
- bachelor project (1)
- behavior psychotherapy (1)
- bidirectional payment channels (1)
- bitcoins (1)
- blockchain (1)
- blockchain consortium (1)
- blockchain-übergreifend (1)
- blocks (1)
- blumix platform (1)
- brand personality (1)
- chain (1)
- cloud monitoring (1)
- cognitive patterns (1)
- collaborative work (1)
- collective intelligence (1)
- computer science (1)
- computer science education (1)
- computer-mediated therapy (1)
- confirmation period (1)
- consensus algorithm (1)
- consensus protocol (1)
- content gamification (1)
- contest period (1)
- contracts (1)
- creativity (1)
- cross-chain (1)
- data integration (1)
- decentralized autonomous organization (1)
- design thinking (1)
- developing countries (1)
- dezentrale autonome Organisation (1)
- difficulty (1)
- difficulty target (1)
- digital unterstützter Unterricht (1)
- digital world (1)
- digitale Infrastruktur für den Schulunterricht (1)
- doppelter Hashwert (1)
- double hashing (1)
- education (1)
- emotion measurement (1)
- experience (1)
- federated voting (1)
- final report (1)
- gameful learning (1)
- hashrate (1)
- healthcare (1)
- higher education (1)
- human-computer interaction (1)
- identity management (1)
- innovation (1)
- intelligente Verträge (1)
- inter-chain (1)
- key establishment (1)
- key management (1)
- key revocation (1)
- knowledge management (1)
- learner engagement (1)
- learning (1)
- learning styles (1)
- ledger assets (1)
- link layer security (1)
- machine (1)
- measurement (1)
- medical documentation (1)
- merged mining (1)
- merkle root (1)
- metacognition (1)
- microcredential (1)
- micropayment (1)
- micropayment channels (1)
- miner (1)
- mining (1)
- mining hardware (1)
- minting (1)
- narrative (1)
- nonce (1)
- note-taking (1)
- off-chain transaction (1)
- peer-to-peer network (1)
- pegged sidechains (1)
- personality prediction (1)
- programming (1)
- project based learning (1)
- quorum slices (1)
- rekeying (1)
- research school (1)
- rootstock (1)
- scalability of blockchain (1)
- scarce tokens (1)
- security analytics (1)
- self-government (1)
- service-oriented systems engineering (1)
- sidechain (1)
- smart contracts (1)
- social media analysis (1)
- storytelling (1)
- telework (1)
- thinking styles (1)
- transaction (1)
- user experience (1)
Institute
Live migration is an important feature in modern software-defined datacenters and cloud computing environments. Dynamic resource management, load balance, power saving and fault tolerance are all dependent on the live migration feature. Despite the importance of live migration, the cost of live migration cannot be ignored and may result in service availability degradation. Live migration cost includes the migration time, downtime, CPU overhead, network and power consumption. There are many research articles that discuss the problem of live migration cost with different scopes like analyzing the cost and relate it to the parameters that control it, proposing new migration algorithms that minimize the cost and also predicting the migration cost. For the best of our knowledge, most of the papers that discuss the migration cost problem focus on open source hypervisors. For the research articles focus on VMware environments, none of the published articles proposed migration time, network overhead and power consumption modeling for single and multiple VMs live migration. In this paper, we propose empirical models for the live migration time, network overhead and power consumption for single and multiple VMs migration. The proposed models are obtained using a VMware based testbed.
User-generated content on social media platforms is a rich source of latent information about individual variables. Crawling and analyzing this content provides a new approach for enterprises to personalize services and put forward product recommendations. In the past few years, brands made a gradual appearance on social media platforms for advertisement, customers support and public relation purposes and by now it became a necessity throughout all branches. This online identity can be represented as a brand personality that reflects how a brand is perceived by its customers. We exploited recent research in text analysis and personality detection to build an automatic brand personality prediction model on top of the (Five-Factor Model) and (Linguistic Inquiry and Word Count) features extracted from publicly available benchmarks. The proposed model reported significant accuracy in predicting specific personality traits form brands. For evaluating our prediction results on actual brands, we crawled the Facebook API for 100k posts from the most valuable brands' pages in the USA and we visualize exemplars of comparison results and present suggestions for future directions.
In rural/remote areas, resource constrained smart micro-grid (RCSMG) architectures can provide a cost-effective power supply alternative in cases when connectivity to the national power grid is impeded by factors such as load shedding. RCSMG architectures can be designed to handle communications over a distributed lossy network in order to minimise operation costs. However, due to the unreliable nature of lossy networks communication data can be distorted by noise additions that alter the veracity of the data. In this chapter, we consider cases in which an adversary who is internal to the RCSMG, deliberately distorts communicated data to gain an unfair advantage over the RCSMG’s users. The adversary’s goal is to mask malicious data manipulations as distortions due to additive noise due to communication channel unreliability. Distinguishing malicious data distortions from benign distortions is important in ensuring trustworthiness of the RCSMG. Perturbation data anonymisation algorithms can be used to alter transmitted data to ensure that adversarial manipulation of the data reveals no information that the adversary can take advantage of. However, because existing data perturbation anonymisation algorithms operate by using additive noise to anonymise data, using these algorithms in the RCSMG context is challenging. This is due to the fact that distinguishing benign noise additions from malicious noise additions is a difficult problem. In this chapter, we present a brief survey of cases of privacy violations due to inferences drawn from observed power consumption patterns in RCSMGs centred on inference, and propose a method of mitigating these risks. The lesson here is that while RCSMGs give users more control over power management and distribution, good anonymisation is essential to protecting personal information on RCSMGs.
Resource constrained smart micro-grid architectures describe a class of smart micro-grid architectures that handle communications operations over a lossy network and depend on a distributed collection of power generation and storage units. Disadvantaged communities with no or intermittent access to national power networks can benefit from such a micro-grid model by using low cost communication devices to coordinate the power generation, consumption, and storage. Furthermore, this solution is both cost-effective and environmentally-friendly. One model for such micro-grids, is for users to agree to coordinate a power sharing scheme in which individual generator owners sell excess unused power to users wanting access to power. Since the micro-grid relies on distributed renewable energy generation sources which are variable and only partly predictable, coordinating micro-grid operations with distributed algorithms is necessity for grid stability. Grid stability is crucial in retaining user trust in the dependability of the micro-grid, and user participation in the power sharing scheme, because user withdrawals can cause the grid to breakdown which is undesirable. In this chapter, we present a distributed architecture for fair power distribution and billing on microgrids. The architecture is designed to operate efficiently over a lossy communication network, which is an advantage for disadvantaged communities. We build on the architecture to discuss grid coordination notably how tasks such as metering, power resource allocation, forecasting, and scheduling can be handled. All four tasks are managed by a feedback control loop that monitors the performance and behaviour of the micro-grid, and based on historical data makes decisions to ensure the smooth operation of the grid. Finally, since lossy networks are undependable, differentiating system failures from adversarial manipulations is an important consideration for grid stability. We therefore provide a characterisation of potential adversarial models and discuss possible mitigation measures.
Studies indicate that reliable access to power is an important enabler for economic growth. To this end, modern energy management systems have seen a shift from reliance on time-consuming manual procedures , to highly automated management , with current energy provisioning systems being run as cyber-physical systems . Operating energy grids as a cyber-physical system offers the advantage of increased reliability and dependability , but also raises issues of security and privacy. In this chapter, we provide an overview of the contents of this book showing the interrelation between the topics of the chapters in terms of smart energy provisioning. We begin by discussing the concept of smart-grids in general, proceeding to narrow our focus to smart micro-grids in particular. Lossy networks also provide an interesting framework for enabling the implementation of smart micro-grids in remote/rural areas, where deploying standard smart grids is economically and structurally infeasible. To this end, we consider an architectural design for a smart micro-grid suited to low-processing capable devices. We model malicious behaviour, and propose mitigation measures based properties to distinguish normal from malicious behaviour .
Power Systems
(2018)
Studies indicate that reliable access to power is an important enabler for economic growth. To this end, modern energy management systems have seen a shift from reliance on time-consuming manual procedures, to highly automated management, with current energy provisioning systems being run as cyber-physical systems. Operating energy grids as a cyber-physical system offers the advantage of increased reliability and dependability, but also raises issues of security and privacy. In this chapter, we provide an overview of the contents of this book showing the interrelation between the topics of the chapters in terms of smart energy provisioning. We begin by discussing the concept of smart-grids in general, proceeding to narrow our focus to smart micro-grids in particular. Lossy networks also provide an interesting framework for enabling the implementation of smart micro-grids in remote/rural areas, where deploying standard smart grids is economically and structurally infeasible. To this end, we consider an architectural design for a smart micro-grid suited to low-processing capable devices. We model malicious behaviour, and propose mitigation measures based properties to distinguish normal from malicious behaviour.
The emergence of cloud computing allows users to easily host their Virtual Machines with no up-front investment and the guarantee of always available anytime anywhere. But with the Virtual Machine (VM) is hosted outside of user's premise, the user loses the physical control of the VM as it could be running on untrusted host machines in the cloud. Malicious host administrator could launch live memory dumping, Spectre, or Meltdown attacks in order to extract sensitive information from the VM's memory, e.g. passwords or cryptographic keys of applications running in the VM. In this paper, inspired by the moving target defense (MTD) scheme, we propose a novel approach to increase the security of application's sensitive data in the VM by continuously moving the sensitive data among several memory allocations (blocks) in Random Access Memory (RAM). A movement function is added into the application source code in order for the function to be running concurrently with the application's main function. Our approach could reduce the possibility of VM's sensitive data in the memory to be leaked into memory dump file by 2 5% and secure the sensitive data from Spectre and Meltdown attacks. Our approach's overhead depends on the number and the size of the sensitive data.
Microservice Architectures (MSA) structure applications as a collection of loosely coupled services that implement business capabilities. The key advantages of MSA include inherent support for continuous deployment of large complex applications, agility and enhanced productivity. However, studies indicate that most MSA are homogeneous, and introduce shared vulnerabilites, thus vulnerable to multi-step attacks, which are economics-of-scale incentives to attackers. In this paper, we address the issue of shared vulnerabilities in microservices with a novel solution based on the concept of Moving Target Defenses (MTD). Our mechanism works by performing risk analysis against microservices to detect and prioritize vulnerabilities. Thereafter, security risk-oriented software diversification is employed, guided by a defined diversification index. The diversification is performed at runtime, leveraging both model and template based automatic code generation techniques to automatically transform programming languages and container images of the microservices. Consequently, the microservices attack surfaces are altered thereby introducing uncertainty for attackers while reducing the attackability of the microservices. Our experiments demonstrate the efficiency of our solution, with an average success rate of over 70% attack surface randomization.
Unified logging system for monitoring multiple cloud storage providers in cloud storage broker
(2018)
With the increasing demand for personal and enterprise data storage service, Cloud Storage Broker (CSB) provides cloud storage service using multiple Cloud Service Providers (CSPs) with guaranteed Quality of Service (QoS), such as data availability and security. However monitoring cloud storage usage in multiple CSPs has become a challenge for CSB due to lack of standardized logging format for cloud services that causes each CSP to implement its own format. In this paper we propose a unified logging system that can be used by CSB to monitor cloud storage usage across multiple CSPs. We gather cloud storage log files from three different CSPs and normalise these into our proposed log format that can be used for further analysis process. We show that our work enables a coherent view suitable for data navigation, monitoring, and analytics.
CSBAuditor
(2018)
Cloud Storage Brokers (CSB) provide seamless and concurrent access to multiple Cloud Storage Services (CSS) while abstracting cloud complexities from end-users. However, this multi-cloud strategy faces several security challenges including enlarged attack surfaces, malicious insider threats, security complexities due to integration of disparate components and API interoperability issues. Novel security approaches are imperative to tackle these security issues. Therefore, this paper proposes CSBAuditor, a novel cloud security system that continuously audits CSB resources, to detect malicious activities and unauthorized changes e.g. bucket policy misconfigurations, and remediates these anomalies. The cloud state is maintained via a continuous snapshotting mechanism thereby ensuring fault tolerance. We adopt the principles of chaos engineering by integrating Broker Monkey, a component that continuously injects failure into our reference CSB system, Cloud RAID. Hence, CSBAuditor is continuously tested for efficiency i.e. its ability to detect the changes injected by Broker Monkey. CSBAuditor employs security metrics for risk analysis by computing severity scores for detected vulnerabilities using the Common Configuration Scoring System, thereby overcoming the limitation of insufficient security metrics in existing cloud auditing schemes. CSBAuditor has been tested using various strategies including chaos engineering failure injection strategies. Our experimental evaluation validates the efficiency of our approach against the aforementioned security issues with a detection and recovery rate of over 96 %.