@inproceedings{26541, author = {{Keil, Reinhard and Schild, Christian}}, pages = {{265--274}}, publisher = {{De Gruyter Oldenbourg}}, title = {{{Hypothesengeleitete Gestaltung von Benutzungsoberfl{\"a}chen}}}, year = {{2014}}, } @inproceedings{26542, author = {{Keil, Reinhard}}, editor = {{Keller, Stefan Andreas and Schneider, René and Volk, Benno}}, pages = {{162–179}}, publisher = {{De Gruyter Saur}}, title = {{{Knowledge integration processes and distributed knowledge organization}}}, year = {{2014}}, } @inproceedings{329, abstract = {{Network emulations are widely used for testing novel network protocols and routing algorithms in realistic scenarios. Up to now, there is no emulation tool that is able to emulate large software-defined data center networks that consist of several thousand nodes. Mininet is the most common tool to emulate Software-Defined Networks of several hundred nodes. We extend Mininet to span an emulated network over several physical machines, making it possible to emulate networks of several thousand nodes on just a handful of physical machines. This enables us to emulate, e.g., large data center networks. To test this approach, we additionally introduce a traffic generator for data center traffic. Since there are no data center traffic traces publicly available we use the results of two recent traffic studies to create synthetic traffic. We show the design and discuss some challenges we had in building our traffic generator. As a showcase for our work we emulated a data center consisting of 3200 hosts on a cluster of only 12 physical machines. We show the resulting workloads and the trade-offs involved.}}, author = {{Wette, Philip and Dräxler, Martin and Schwabe, Arne and Wallaschek, Felix and Zahraee, Mohammad Hassan and Karl, Holger}}, booktitle = {{Proceedings of the 2014 IFIP Networking Conference (Networking 2014)}}, pages = {{1--9}}, title = {{{MaxiNet: Distributed Emulation of Software-Defined Networks}}}, doi = {{10.1109/IFIPNetworking.2014.6857078}}, year = {{2014}}, } @inproceedings{336, abstract = {{Today, service compositions often need to be assembled or changed on-the-fly, which leaves only little time for quality assurance. Moreover, quality assurance is complicated by service providers only giving information on their services in terms of domain specific concepts with only limited semantic meaning. In this paper, we propose a method to construct service compositions based on pre-verifiedtemplates. Templates, given as workflow descriptions, are typed over a (domain-independent) template ontology defining concepts and predicates. Templates are proven correct using an abstract semantics, leaving the specific meaning of ontology concepts open, however, only up to given ontology rules. Construction of service compositions amounts to instantiation of templates with domain-specific services.Correctness of an instantiation can then simply be checked by verifying that the domain ontology(a) adheres to the rules of the template ontology, and (b) fulfills the constraints of the employed template.}}, author = {{Walther, Sven and Wehrheim, Heike}}, booktitle = {{Proceedings of the 11th International Symposium on Formal Aspects of Component Software (FACS)}}, editor = {{Lanese, Ivan and Madelaine, Eric}}, pages = {{31--48}}, title = {{{Verified Service Compositions by Template-Based Construction}}}, doi = {{10.1007/978-3-319-15317-9_3}}, year = {{2014}}, } @inproceedings{339, abstract = {{Preemptive Routing and Wavelength Assignment (RWA) algorithms preempt established lightpaths in case notenough resources are available to set up a new lightpath in aWavelength Division Multiplexing (WDM) network. The selectionof lightpaths to be preempted relies on internal decisions of theRWA algorithm. Thus, if dedicated properties of the networktopology are required by the applications running on the network,these requirements have to be known to the RWA algorithm.We present a family of preemptive RWA algorithms for WDMnetworks. These algorithms have two distinguishing features: a)they can handle dynamic traffic by on-the-fly reconfiguration,and b) users can give feedback for reconfiguration decisions andthus influence the preemption decision of the RWA algorithm,leading to networks which adapt directly to application needs.This is different from traffic engineering where the network is(slowly) adapted to observed traffic patterns.Our algorithms handle various WDM network configurationsincluding networks consisting of heterogeneous WDM hardware.To this end, we are using the layered graph approach togetherwith a newly developed graph model that is used to determineconflicting lightpaths.}}, author = {{Wette, Philip and Karl, Holger}}, booktitle = {{Proceedings of the IEEE International Conference on Communications 2014}}, pages = {{3270--3276}}, title = {{{Using Application Layer Knowledge in Routing and Wavelength Assignment Algorithms}}}, doi = {{10.1109/ICC.2014.6883825}}, year = {{2014}}, } @misc{340, author = {{Korth, Philipp}}, publisher = {{Universität Paderborn}}, title = {{{Untersuchung transitiver Eigenschaften der Technik "Programs from Proofs"}}}, year = {{2014}}, } @phdthesis{343, author = {{Künsemöller, Jörn}}, publisher = {{Universität Paderborn}}, title = {{{Tragedy of the Common Cloud - Game Theory on the Infrastructure-as-a-Service Market}}}, year = {{2014}}, } @inproceedings{344, author = {{Becker, Matthias and Becker, Steffen and Besova, Galina and Walther, Sven and Wehrheim, Heike}}, booktitle = {{Proceedings of the 40th Euromicro Conference on Software Engineering and Advanced Applications (Work in Progress Session)}}, title = {{{Towards Systematic Configuration for Architecture Validation}}}, year = {{2014}}, } @inproceedings{346, abstract = {{One future goal of service-oriented computing is to realize global markets of composed services. On such markets, service providers offer services that can be flexibly combined with each other. However, most often, market participants are not able to individually estimate the quality of traded services in advance. As a consequence, even potentially profitable transactions between customers and providers might not take place. In the worst case, this can induce a market failure. To overcome this problem, we propose the incorporation of reputation information as an indicator for expected service quality. We address On-The-Fly Computing as a representative environment of markets of composed services. In this environment, customers provide feedback on transactions. We present a conceptual design of a reputation system which collects and processes user feedback, and provides it to participants in the market. Our contribution includes the identification of requirements for such a reputation system from a technical and an economic perspective. Based on these requirements, we propose a flexible solution that facilitates the incorporation of reputation information into markets of composed services while simultaneously preserving privacy of customers who provide feedback. The requirements we formulate in this paper have just been partially met in literature. An integrated approach, however, has not been addressed yet.}}, author = {{Brangewitz, Sonja and Jungmann, Alexander and Petrlic, Ronald and Platenius, Marie Christin}}, booktitle = {{Proceedings of the 6th International Conferences on Advanced Service Computing (SERVICE COMPUTATION)}}, pages = {{49--57}}, title = {{{Towards a Flexible and Privacy-Preserving Reputation System for Markets of Composed Services}}}, year = {{2014}}, } @inproceedings{347, abstract = {{Dynamic thread duplication is a known redundancy technique for multi-cores. The approach duplicates a thread under observation for some time period and compares the signatures of the two threads to detect errors. Hybrid multi-cores, typically implemented on platform FPGAs, enable the unique option of running the thread under observation and its copy in different modalities, i.e., software and hardware. We denote our dynamic redundancy technique on hybrid multi-cores as thread shadowing. In this paper we present the concept of thread shadowing and an implementation on a multi-threaded hybrid multi-core architecture. We report on experiments with a block-processing application and demonstrate the overheads, detection latencies and coverage for a range of thread shadowing modes. The results show that trans-modal thread shadowing, although bearing long detection latencies, offers attractive coverage at a low overhead.}}, author = {{Meisner, Sebastian and Platzner, Marco}}, booktitle = {{Proceedings of the 10th International Symposium on Applied Reconfigurable Computing (ARC)}}, editor = {{Goehringer, Diana and Santambrogio, MarcoDomenico and Cardoso, JoãoM.P. and Bertels, Koen}}, pages = {{283--290}}, publisher = {{Springer}}, title = {{{Thread Shadowing: Using Dynamic Redundancy on Hybrid Multi-cores for Error Detection}}}, doi = {{10.1007/978-3-319-05960-0_30}}, year = {{2014}}, } @inproceedings{353, abstract = {{There are many technologies for the automation of processesthat deal with services; examples are service discovery and composition.Automation of these processes requires that the services are described semantically. However, semantically described services are currently not oronly rarely available, which limits the applicability of discovery and composition approaches. The systematic support for creating new semanticservices usable by automated technologies is an open problem.We tackle this problem with a template based approach: Domain independent templates are instantiated with domain specific services andboolean expressions. The obtained services have semantic descriptionswhose correctness directly follows from the correctness of the template.Besides the theory, we present experimental results for a service repository in which 85% of the services were generated automatically.}}, author = {{Mohr, Felix and Walther, Sven}}, booktitle = {{Proceedings of the 14th International Conference on Software Reuse (ICSR)}}, pages = {{188--203}}, title = {{{Template-based Generation of Semantic Services}}}, doi = {{10.1007/978-3-319-14130-5_14}}, year = {{2014}}, } @inproceedings{354, abstract = {{In distributed cloud computing, application deployment across multiple sites can improve quality of service. Recent research developed algorithms to find optimal locations for virtual machines. However, those algorithms assume to have either single-tier applications or a fixed number of virtual machines – a strong simplification of reality. This paper investigates the placement and scaling of complex application architectures. An application is dynamically scaled to fit both the current demand situation and the currently available infrastructure resources. We compare two approaches: The first one is based on virtual network embedding. The second approach is a novel method called Template Embedding. It is based on a hierarchical 1-allocation hub flow problem and combines applica- tion scaling and embedding in one step. Extensive experiments on 43200 network configurations showed that Template Embedding outperforms virtual network embedding in all cases in three metrics: success rate, solution quality, and runtime. This positive result shows that template embedding is a promising approach for distributed cloud resource allocation.}}, author = {{Keller, Matthias and Robbert, Christoph and Karl, Holger}}, booktitle = {{Proceedings of 7th International Conference on Utility and Cloud Computing (UCC)}}, pages = {{387----395}}, title = {{{Template Embedding: Using Application Architecture to Allocate Resources in Distributed Clouds}}}, doi = {{10.1109/UCC.2014.49}}, year = {{2014}}, } @inproceedings{355, abstract = {{In the last decade pairings have become an important, and often indispensable, ingredient in the construction of identity-based and attribute-based cryptosystems, as well as group signatures and credential systems. Consequently, the applicability of timing, power, or fault attacks to implementations of pairings is an important research topic. We will review some of the known results in this area.}}, author = {{Blömer, Johannes and Günther, Peter and Liske, Gennadij}}, booktitle = {{Proceedings of Fault Tolerance and Diagnosis in Cryptography(FDTC)}}, pages = {{1----7}}, title = {{{Tampering attacks in pairing-based cryptography}}}, doi = {{10.1109/FDTC.2014.10}}, year = {{2014}}, } @inproceedings{360, abstract = {{Network appliances perform different functions on network flows and constitute an important part of an operator’s network. Normally, a set of chained network functions process network flows. Following the trend of virtualization of networks, virtualization of the network functions has also become a topic of interest. We define a model for formalizing the chaining of network functions using a context-free language. We process deployment requests and construct virtual network function graphs that can be mapped to the network. We describe the mapping as a Mixed Integer Quadratically Constrained Program (MIQCP) for finding the placement of the network functions and chaining them together considering the limited network resources and requirements of the functions. We have performed a Pareto set analysis to investigate the possible trade-offs between different optimization objectives. }}, author = {{Dräxler, Sevil and Keller, Matthias and Karl, Holger}}, booktitle = {{Proceedings of the 3rd International Conference on Cloud Networking (CloudNet)}}, pages = {{7--13}}, title = {{{Specifying and Placing Chains of Virtual Network Functions}}}, doi = {{10.1109/CloudNet.2014.6968961}}, year = {{2014}}, } @misc{361, author = {{Roeske, Daniel}}, publisher = {{Universität Paderborn}}, title = {{{Simulating load-dependent operation of picocells}}}, year = {{2014}}, } @inproceedings{364, abstract = {{Today, software components are traded on markets in form of services. These services can also be service compositions consisting of several services. If a software architect wants to provide such a service composition in the market for trade, she needs to perform several tasks: she needs to model the composition, to discover existing services to be part of that composition, and to analyze the composition's functional correctness as well as its quality, e.g., performance. Up to now, the architect needed to find and use different tools for these tasks. Typically, these tools are not interoperable with each other. We provide the tool SeSAME that supports a software architect in all of these tasks. SeSAME is an integrated Eclipse-based tool-suite providing a comprehensive service specification language to model service compositions and existing services. Furthermore, it includes modules for service matching, functional analysis, and non-functional analysis. SeSAME is the first tool that integrates all these tasks into one tool-suite and, thereby, provides holistic support for trading software services. Thus, it contributes to a software provider's market success.}}, author = {{Arifulina, Svetlana and Becker, Matthias and Platenius, Marie Christin and Walther, Sven}}, booktitle = {{Proceedings of the 29th IEEE/ACM International Conference on Automated Software Engineering (ASE 2014)}}, pages = {{839--842}}, title = {{{SeSAME: Modeling and Analyzing High-Quality Service Compositions}}}, doi = {{10.1145/2642937.2648621}}, year = {{2014}}, } @inproceedings{366, abstract = {{On-The-Fly (OTF) Computing constitutes an approach towards highly dynamic and individualized software markets. Based on service-oriented computing, OTF Computing is about realizing global markets of services that can be flexibly combined. We report on our current research activities, the security and privacy implications thereof, and our approaches to tackle the challenges. Furthermore, we discuss how the security and privacy challenges are addressed in research projects similar to OTF Computing.}}, author = {{Petrlic, Ronald and Jungmann, Alexander and Platenius, Marie Christin and Schäfer, Wilhelm and Sorge, Christoph}}, booktitle = {{Tagungsband der 4. Konferenz Software-Technologien und -Prozesse (STeP 2014)}}, pages = {{131--142}}, title = {{{Security and Privacy Challenges in On-The-Fly Computing}}}, year = {{2014}}, } @inproceedings{367, abstract = {{Online social networks are attracting billions of nowadays, both on a global scale as well as in social enterprise networks. Using distributed hash tables and peer-to-peer technology allows online social networks to be operated securely and efficiently only by using the resources of the user devices, thus alleviating censorship or data misuse by a single network operator. In this paper, we address the challenges that arise in implementing reliably and conveniently to use distributed data structures, such as lists or sets, in such a distributed hash-tablebased online social network. We present a secure, distributed list data structure that manages the list entries in several buckets in the distributed hash table. The list entries are authenticated, integrity is maintained and access control for single users and also groups is integrated. The approach for secure distributed lists is also applied for prefix trees and sets, and implemented and evaluated in a peer-to-peer framework for social networks. Evaluation shows that the distributed data structure is convenient and efficient to use and that the requirements on security hold.}}, author = {{Janiuk, Jens and Mäcker, Alexander and Graffi, Kalman}}, booktitle = {{Proceedings of the International Conference on Collaboration Technologies and Systems (CTS)}}, pages = {{396--405}}, title = {{{Secure Distributed Data Structures for Peer-to-Peer-based Social Networks}}}, doi = {{10.1109/CTS.2014.6867595}}, year = {{2014}}, } @inproceedings{368, abstract = {{We consider the problem of scheduling a number of jobs on $m$ identical processors sharing a continuously divisible resource. Each job j comes with a resource requirement r_j \in {0,1}. The job can be processed at full speed if granted its full resource requirement. If receiving only an x-portion of r_j, it is processed at an x-fraction of the full speed. Our goal is to find a resource assignment that minimizes the makespan (i.e., the latest completion time). Variants of such problems, relating the resource assignment of jobs to their \emph{processing speeds}, have been studied under the term discrete-continuous scheduling. Known results are either very pessimistic or heuristic in nature.In this paper, we suggest and analyze a slightly simplified model. It focuses on the assignment of shared continuous resources to the processors. The job assignment to processors and the ordering of the jobs have already been fixed. It is shown that, even for unit size jobs, finding an optimal solution is NP-hard if the number of processors is part of the input. Positive results for unit size jobs include an efficient optimal algorithm for 2 processors. Moreover, we prove that balanced schedules yield a 2-1/m-approximation for a fixed number of processors. Such schedules are computed by our GreedyBalance algorithm, for which the bound is tight.}}, author = {{Brinkmann, Andre and Kling, Peter and Meyer auf der Heide, Friedhelm and Nagel, Lars and Riechers, Sören and Suess, Tim }}, booktitle = {{Proceedings of the 26th ACM Symposium on Parallelism in Algorithms and Architectures (SPAA)}}, pages = {{128--137}}, title = {{{Scheduling Shared Continuous Resources on Many-Cores}}}, doi = {{10.1145/2612669.2612698}}, year = {{2014}}, } @misc{369, abstract = {{RSA Full Domain Hash ist im Zufallsorakelmodell ein EUF-CMA sicheres Signaturverfahren (existentially unforgeable under chosen-message attacks). Der Sicherheitsbeweis wird unter anderem in der Vorlesung Einf{\"u}hrung in die Kryptographie vorgestellt. Auch bei einer genaueren Analyse verliert man bei der Reduktion einen Faktor \nicefrac{1}{q_{s}}(wobei q_{s}die Anzahl der Anfragen an das Signaturorakel darstellt), was f{\"u}r die Praxis in relativ großen Systemparametern (RSA-Modul) resultiert [1].Seit der Ver{\"o}ffentlichung von [2] wurde geglaubt, dass der Faktor \nicefrac{1}{q_{s}}optimal ist. Erst zehn Jahre sp{\"a}ter offenbarten die Autoren von [3] einen Fehler in [2] und zeigten eine bessere Reduktion allerdings unter einer etwas st{\"a}rkeren Sicherheitsannahme.Die Ergebnisse aus [3] lassen sich auf PSS-Verfahren (Probabilistic Signature Scheme), das z.B. in PKCS #1 benutzt wird, {\"u}bertragen und sind somit von großer Bedeutung f{\"u}r die Praxis. Weiterhin sind die in den Beweisen verwendete Techniken n{\"u}tzlich auch bei anderen kryptographischen Verfahren.In Rahmen dieser Arbeit sollen die entsprechenden Sicherheitsbeweise aufgearbeitet und dessen Auswirkungen f{\"u}r die Praxis analysiert werden.[1] J.S. Coron, “On the Exact Security of Full Domain Hash”, CRYPTO 2000. LNCS 1880, pp. 229-235, 2000.[2] J.S. Coron, “Optimal security proofs for PPS and other signature schemes”, EUROCRYPT 2002. LNCS 2332, pp 272-287, 2002.[3] S.A. Kakvi and E. Kiltz, “Optimal Security Proofs for Full Domain Hash, Revisited”, in EUROCRYPT 2012. LNCS 7237, pp 537-553, 2012.}}, author = {{Rath, Timo}}, publisher = {{Universität Paderborn}}, title = {{{RSA-Full Domain Hash Revisited}}}, year = {{2014}}, }