Global ETD Search

11	Secure Virtualization of Latency-Constrained Systems Lackorzynski, Adam 16 April 2015 (has links) (PDF) Virtualization is a mature technology in server and desktop environments where multiple systems are consolidate onto a single physical hardware platform, increasing the utilization of todays multi-core systems as well as saving resources such as energy, space and costs compared to multiple single systems. Looking at embedded environments reveals that many systems use multiple separate computing systems inside, including requirements for real-time and isolation properties. For example, modern high-comfort cars use up to a hundred embedded computing systems. Consolidating such diverse configurations promises to save resources such as energy and weight. In my work I propose a secure software architecture that allows consolidating multiple embedded software systems with timing constraints. The base of the architecture builds a microkernel-based operating system that supports a variety of different virtualization approaches through a generic interface, supporting hardware-assisted virtualization and paravirtualization as well as multiple architectures. Studying guest systems with latency constraints with regards to virtualization showed that standard techniques such as high-frequency time-slicing are not a viable approach. Generally, guest systems are a combination of best-effort and real-time work and thus form a mixed-criticality system. Further analysis showed that such systems need to export relevant internal scheduling information to the hypervisor to support multiple guests with latency constraints. I propose a mechanism to export those relevant events that is secure, flexible, has good performance and is easy to use. The thesis concludes with an evaluation covering the virtualization approach on the ARM and x86 architectures and two guest operating systems, Linux and FreeRTOS, as well as evaluating the export mechanism. Virtualisierung Betriebssysteme Echtzeit Sicherheit Virtualization Operating Systems Real-time Security ddc:004 rvk:ST 234 rvk:ST 260 rvk:ST 277
12	Reducing Size and Complexity of the Security-Critical Code Base of File Systems Weinhold, Carsten 09 July 2014 (has links) (PDF) Desktop and mobile computing devices increasingly store critical data, both personal and professional in nature. Yet, the enormous code bases of their monolithic operating systems (hundreds of thousands to millions of lines of code) are likely to contain exploitable weaknesses that jeopardize the security of this data in the file system. Using a highly componentized system architecture based on a microkernel (or a very small hypervisor) can significantly improve security. The individual operating system components have smaller code bases running in isolated address spaces so as to provide better fault containment. Their isolation also allows for smaller trusted computing bases (TCBs) of applications that comprise only a subset of all components. In my thesis, I built VPFS, a virtual private file system that is designed for such a componentized system architecture. It aims at reducing the amount of code and complexity that a file system implementation adds to the TCB of an application. The basic idea behind VPFS is similar to that of a VPN, which securely reuses an untrusted network: The core component of VPFS implements all functionality and cryptographic algorithms that an application needs to rely upon for confidentiality and integrity of file system contents. These security-critical cores reuse a much more complex and therefore untrusted file system stack for non-critical functionality and access to the storage device. Additional trusted components ensure recoverability. Sicherheit Dateisysteme Trusted Computing Base Systemarchitektur Security file systems trusted computing base system architecture ddc:004 rvk:ST 260 rvk:ST 277
13	Drosophila Eye Model to Study Genetic Modifiers of Alzheimer's Disease Deshpande, Prajakta Dhumraketu 07 August 2023 (has links) No description available. Biology Genetics Neurosciences
14	Untersuchungen zur Risikominimierungstechnik Stealth Computing für verteilte datenverarbeitende Software-Anwendungen mit nutzerkontrollierbar zusicherbaren Eigenschaften / Investigations of the risk minimisation technique Stealth Computing for distributed data-processing software applications with user-controllable guaranteed properties Spillner, Josef 05 July 2016 (has links) (PDF) Die Sicherheit und Zuverlässigkeit von Anwendungen, welche schutzwürdige Daten verarbeiten, lässt sich durch die geschützte Verlagerung in die Cloud mit einer Kombination aus zielgrößenabhängiger Datenkodierung, kontinuierlicher mehrfacher Dienstauswahl, dienstabhängiger optimierter Datenverteilung und kodierungsabhängiger Algorithmen deutlich erhöhen und anwenderseitig kontrollieren. Die Kombination der Verfahren zu einer anwendungsintegrierten Stealth-Schutzschicht ist eine notwendige Grundlage für die Konstruktion sicherer Anwendungen mit zusicherbaren Sicherheitseigenschaften im Rahmen eines darauf angepassten Softwareentwicklungsprozesses. / The security and reliability of applications processing sensitive data can be significantly increased and controlled by the user by a combination of techniques. These encompass a targeted data coding, continuous multiple service selection, service-specific optimal data distribution and coding-specific algorithms. The combination of the techniques towards an application-integrated stealth protection layer is a necessary precondition for the construction of safe applications with guaranteeable safety properties in the context of a custom software development process. Cloud Computing sichere Cloud-Anwendungen zuverlässige Cloud-Datenverarbeitung cloud computing secure cloud applications reliable cloud data processing ddc:004 rvk:ST 277 Internet Verteiltes System Softwarearchitektur
15	Artículo 277 del CPP y estándares en derechos humanos. Una mirada desde el derecho internacional Aguiló Bascuñán, Pedro Antonio, Lezama Orellana, Álvaro José January 2014 (has links) Memoria (licenciado en ciencias jurídicas y sociales) Procedimiento penal Chile Derecho procesal penal Chile Debido proceso Chile
16	Onions in the queue Tschorsch, Florian 07 July 2016 (has links) Performanz ist ein zentraler Bestandteil des Designs von Anonymisierungsdiensten. Ihre zunehmende Popularität führt jedoch zu einer hohen Netzwerklast, die unzulängliche Entwurfsentscheidungen imminent macht. Die Anforderungen und die vielschichtige Architektur von Anonymisierungsdiensten machen die Thematik zu einem anspruchsvollen und zugleich inspirierenden Forschungsgegenstand. Die vorliegende Arbeit diskutiert das Design von sogenannten Niedriglatenz-Anonymisierungsdiensten im Allgemeinen und dem Tor-Netzwerk als relevantesten Vertreter im Speziellen. Es werden Lösungen für eine Reihe von Forschungsfragen entwickelt, die allesamt das Ziel verfolgen, diese Overlay-Netzwerke zu verbessern und sicherer zu gestalten. Es entsteht ein fundamentales Verständnis zu Netzwerkaspekten in Anonymisierungs-Overlays, das die Netzwerklast, als vorherrschende Ursache für die schwache Performanz, thematisiert. / Performance is a pivot point in the design of anonymity overlays. Due to their growing popularity, they are faced with increasing load, which makes design problems imminent. The special requirements and complex architecture of anonymity overlays renders the topic a challenging but likewise inspiring object of research. In this work, we discuss the design of low-latency anonymous communication systems in general and the Tor network as the de-facto standard in particular. We develop solutions to a number of research questions, all collectively following the aim of enhancing and securing such networks. By doing this we create a fundamental technical understanding of networking aspects in anonymity overlays and tackle the most prevalent performance issue experienced today: network congestion. Anonyme Internet Kommunikation Tor Overlay-Netzwerke Überlastkontrolle Netzwerksicherheit Anonymous Internet Communication Tor Overlay Networks Congestion Control Networksecurity 004 Informatik 28 Informatik, Datenverarbeitung ST 277 ST 200 ddc:004
17	Secure Network Coding: Dependency of Efficiency on Network Topology Pfennig, Stefan, Franz, Elke 25 November 2013 (has links) (PDF) Network Coding is a new possibility to transmit data through a network. By combining different packets instead of simply forwarding, network coding offers the opportunity to reach the Min-Cut/Max-Flow capacity in multicast data transmissions. However, the basic schemes are vulnerable to so-called pollution attacks, where an attacker can jam large parts of the transmission by infiltrating only one bogus message. In the literature we found several approaches which aim at handling this kind of attack with different amounts of overhead. Though, the cost for a specific secure network coding scheme highly depends on the underlying network. The goal of this paper is on the one hand to describe which network parameters influence the efficiency of a certain scheme and on the other hand to provide concrete suggestions for selecting the most efficient secure network coding scheme considering a given network. We will illustrate that there does not exist “the best” secure network scheme concerning efficiency, but all selected schemes are more or less suited under certain network topologies. Netzwerkkodierung Sicherheit Übertragung Sonderforschungsbereich 912 Hochadaptive Energieeffiziente Systeme Network coding security transmission Collaborative Research Centre 912 ddc:004 rvk:SK 170 rvk:ST 277
18	Dudle: Mehrseitig sichere Web 2.0-Terminabstimmung / Dudle: Multilateral Secure Web 2.0-Event Scheduling Kellermann, Benjamin 21 December 2011 (has links) (PDF) Es existiert eine Vielzahl an Web 2.0-Applikationen, welche es einer Gruppe von Personen ermöglichen, einen gemeinsamen Termin zu finden (z. B. doodle.com, moreganize.ch, whenisgood.net, agreeadate.com, meetomatic.com, etc.) Der Ablauf ist simpel: Ein Initiator legt eine Terminumfrage an und schickt den Link zu der Umfrage zu den potentiellen Teilnehmern. Nachdem jeder Teilnehmer der Anwendung seine Verfügbarkeiten mitgeteilt hat, kann anhand dieser Informationen ein Termin gefunden werden, der am besten passt. Maßnahmen um die Vertraulichkeit und Integrität der Daten zu schützen finden in allen bestehenden Applikationen zu wenig Beachtung. In dieser Dissertation wurde eine Web 2.0-Applikation entwickelt, welche es zulässt Terminabstimmungen zwischen mehreren Teilnehmern durchzuführen und dabei möglichst wenige Vertrauensannahmen über alle Beteiligten zu treffen. / Applications which help users to schedule events are becoming more and more important. A drawback of most existing applications is, that the preferences of all participants are revealed to the others. We propose a schemes, which are able to schedule events in a privacy-enhanced way. In addition, Dudle, a Web 2.0 application is presented which implements these schemes. E-Voting Web 2.0 Terminplanung electronic voting anonymity privacy-enhanced application design Web 2.0 ddc:004 rvk:ST 205 rvk:ST 277 Elektronische Wahl World Wide Web 2.0 Terminplanung
19	Run-time Variability with Roles Taing, Nguonly 11 April 2018 (has links) (PDF) Adaptability is an intrinsic property of software systems that require adaptation to cope with dynamically changing environments. Achieving adaptability is challenging. Variability is a key solution as it enables a software system to change its behavior which corresponds to a specific need. The abstraction of variability is to manage variants, which are dynamic parts to be composed to the base system. Run-time variability realizes these variant compositions dynamically at run time to enable adaptation. Adaptation, relying on variants specified at build time, is called anticipated adaptation, which allows the system behavior to change with respect to a set of predefined execution environments. This implies the inability to solve practical problems in which the execution environment is not completely fixed and often unknown until run time. Enabling unanticipated adaptation, which allows variants to be dynamically added at run time, alleviates this inability, but it holds several implications yielding system instability such as inconsistency and run-time failures. Adaptation should be performed only when a system reaches a consistent state to avoid inconsistency. Inconsistency is an effect of adaptation happening when the system changes the state and behavior while a series of methods is still invoking. A software bug is another source of system instability. It often appears in a variant composition and is brought to the system during adaptation. The problem is even more critical for unanticipated adaptation as the system has no prior knowledge of the new variants. This dissertation aims to achieve anticipated and unanticipated adaptation. In achieving adaptation, the issues of inconsistency and software failures, which may happen as a consequence of run-time adaptation, are evidently addressed as well. Roles encapsulate dynamic behavior used to adapt players representing the base system, which is the rationale to select roles as the software system's variants. Based on the role concept, this dissertation presents three mechanisms to comprehensively address adaptation. First, a dynamic instance binding mechanism is proposed to loosely bind players and roles. Dynamic binding of roles enables anticipated and unanticipated adaptation. Second, an object-level tranquility mechanism is proposed to avoid inconsistency by allowing a player object to adapt only when its consistent state is reached. Last, a rollback recovery mechanism is proposed as a proactive mechanism to embrace and handle failures resulting from a defective composition of variants. A checkpoint of a system configuration is created before adaptation. If a specialized bug sensor detects a failure, the system rolls back to the most recent checkpoint. These mechanisms are integrated into a role-based runtime, called LyRT. LyRT was validated with three case studies to demonstrate the practical feasibility. This validation showed that LyRT is more advanced than the existing variability approaches with respect to adaptation due to its consistency control and failure handling. Besides, several benchmarks were set up to quantify the overhead of LyRT concerning the execution time of adaptation. The results revealed that the overhead introduced to achieve anticipated and unanticipated adaptation to be small enough for practical use in adaptive software systems. Thus, LyRT is suitable for adaptive software systems that frequently require the adaptation of large sets of objects. Roles Runtime Adaptation Anticipated Adaption Unanticipated Adaptation Consistency Rollback and Recovery Failure Handling LyRT ddc:004 rvk:ST 230 rvk:ST 234 rvk:ST 237 rvk:ST 277
20	Graph-based Analysis of Dynamic Systems Schiller, Benjamin 23 November 2017 (has links) (PDF) The analysis of dynamic systems provides insights into their time-dependent characteristics. This enables us to monitor, evaluate, and improve systems from various areas. They are often represented as graphs that model the system's components and their relations. The analysis of the resulting dynamic graphs yields great insights into the system's underlying structure, its characteristics, as well as properties of single components. The interpretation of these results can help us understand how a system works and how parameters influence its performance. This knowledge supports the design of new systems and the improvement of existing ones. The main issue in this scenario is the performance of analyzing the dynamic graph to obtain relevant properties. While various approaches have been developed to analyze dynamic graphs, it is not always clear which one performs best for the analysis of a specific graph. The runtime also depends on many other factors, including the size and topology of the graph, the frequency of changes, and the data structures used to represent the graph in memory. While the benefits and drawbacks of many data structures are well-known, their runtime is hard to predict when used for the representation of dynamic graphs. Hence, tools are required to benchmark and compare different algorithms for the computation of graph properties and data structures for the representation of dynamic graphs in memory. Based on deeper insights into their performance, new algorithms can be developed and efficient data structures can be selected. In this thesis, we present four contributions to tackle these problems: A benchmarking framework for dynamic graph analysis, novel algorithms for the efficient analysis of dynamic graphs, an approach for the parallelization of dynamic graph analysis, and a novel paradigm to select and adapt graph data structures. In addition, we present three use cases from the areas of social, computer, and biological networks to illustrate the great insights provided by their graph-based analysis. We present a new benchmarking framework for the analysis of dynamic graphs, the Dynamic Network Analyzer (DNA). It provides tools to benchmark and compare different algorithms for the analysis of dynamic graphs as well as the data structures used to represent them in memory. DNA supports the development of new algorithms and the automatic verification of their results. Its visualization component provides different ways to represent dynamic graphs and the results of their analysis. We introduce three new stream-based algorithms for the analysis of dynamic graphs. We evaluate their performance on synthetic as well as real-world dynamic graphs and compare their runtimes to snapshot-based algorithms. Our results show great performance gains for all three algorithms. The new stream-based algorithm StreaM_k, which counts the frequencies of k-vertex motifs, achieves speedups up to 19,043 x for synthetic and 2882 x for real-world datasets. We present a novel approach for the distributed processing of dynamic graphs, called parallel Dynamic Graph Analysis (pDNA). To analyze a dynamic graph, the work is distributed by a partitioner that creates subgraphs and assigns them to workers. They compute the properties of their respective subgraph using standard algorithms. Their results are used by the collator component to merge them to the properties of the original graph. We evaluate the performance of pDNA for the computation of five graph properties on two real-world dynamic graphs with up to 32 workers. Our approach achieves great speedups, especially for the analysis of complex graph measures. We introduce two novel approaches for the selection of efficient graph data structures. The compile-time approach estimates the workload of an analysis after an initial profiling phase and recommends efficient data structures based on benchmarking results. It achieves speedups of up to 5.4 x over baseline data structure configurations for the analysis of real-word dynamic graphs. The run-time approach monitors the workload during analysis and exchanges the graph representation if it finds a configuration that promises to be more efficient for the current workload. Compared to baseline configurations, it achieves speedups up to 7.3 x for the analysis of a synthetic workload. Our contributions provide novel approaches for the efficient analysis of dynamic graphs and tools to further investigate the trade-offs between different factors that influence the performance. Graphen Dynamische Graphen Analyse Netzwerke Algorithmen Frameworks Graphs Dynamic Graphs Analysis Networks Algorithms Frameworks ddc:004 rvk:ST 230 rvk:ST 237 rvk:ST 277 Graph Analyse System Algorithmus

Search results