@inproceedings {INPROC-2013-50, author = {Tobias Binz and Uwe Breitenb{\"u}cher and Oliver Kopp and Frank Leymann}, title = {{Automated Discovery and Maintenance of Enterprise Topology Graphs}}, booktitle = {Proceedings of the 6th IEEE International Conference on Service Oriented Computing \& Applications (SOCA 2013)}, publisher = {IEEE Computer Society Conference Publishing Services}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, pages = {126--134}, type = {Conference Paper}, month = {December}, year = {2013}, doi = {10.1109/SOCA.2013.29}, keywords = {Discovery; Maintenance; Enterprise Topology Graph; Enterprise IT; Crawling}, language = {English}, cr-category = {K.6 Management of Computing and Information Systems, D.2.12 Software Engineering Interoperability}, contact = {a href=``http://www.iaas.uni-stuttgart.de/institut/mitarbeiter/binz''Tobias Binz/ a}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems; University of Stuttgart, Institute of Architecture of Application Systems}, abstract = {Enterprise Topology Graphs (ETGs) represent a snapshot of the complete enterprise IT, including all its applications, processes, services, components, and their dependencies. In the past, ETGs have been applied in analysis, optimization, and adaptation of enterprise IT. But how to discover and maintain a complete, accurate, fresh, and fine-grained Enterprise Topology Graph? Existing approaches either do not provide enough technical details or do not cover the complete scope of Enterprise Topology Graphs. Although existing tools are able to discover valuable information, there is no means for seamless integration. This paper proposes a plugin-based approach and extensible framework for automated discovery and maintenance of Enterprise Topology Graphs. The approach is able to integrate various kinds of tools and techniques into a unified model. We implemented the proposed approach in a prototype and applied it to different scenarios. Due to the vital role of discovery plugins in our approach, we support plugin development with a systematic testing method and discuss the lessons we learned. The results presented in this paper enable new ways of enterprise IT optimization, analysis, and adaptation. Furthermore, they unlock the full potential of past research, which previously required manual modeling of ETGs.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-50&engl=1} } @inproceedings {INPROC-2013-49, author = {Uwe Breitenb{\"u}cher and Tobias Binz and Oliver Kopp and Frank Leymann and Johannes Wettinger}, title = {{Integrated Cloud Application Provisioning: Interconnecting Service-Centric and Script-Centric Management Technologies}}, booktitle = {Proceedings of the 21st International Conference on Cooperative Information Systems (CoopIS 2013)}, address = {Stuttgart}, publisher = {Springer Berlin Heidelberg}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, series = {Lecture Notes in Computer Science}, volume = {8185}, pages = {130--148}, type = {Conference Paper}, month = {September}, year = {2013}, isbn = {978-3-642-41029-1}, doi = {10.1007/978-3-642-41030-7_9}, keywords = {Cloud Application Provisioning; Integration; Management Scripts; Management Services}, language = {English}, cr-category = {K.6 Management of Computing and Information Systems}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems; University of Stuttgart, Institute of Architecture of Application Systems}, abstract = {Modern Cloud applications employ a plethora of components and XaaS offerings that need to be configured during provisioning. Due to increased heterogeneity, complexity is growing and existing approaches reach their limits if multiple different provisioning and configuration technologies are involved. They are not able to integrate them in an automated, flexible, and customizable way. Especially combining proprietary management services with script-centric configuration management technologies is currently a major challenge. To enable automated provisioning of such applications, we introduce Generic Lifecycle Management Planlets that provide a means to combine custom provisioning logic with common provisioning tasks. We implemented planlets for provisioning and customization of components and XaaS offerings based on both SOAP and RESTful Web services as well as configuration management technologies such as Chef to show the feasibility of the approach. By using our approach, multiple technologies can be combined seamlessly.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-49&engl=1} } @inproceedings {INPROC-2013-48, author = {Uwe Breitenb{\"u}cher and Tobias Binz and Oliver Kopp and Frank Leymann and Matthias Wieland}, title = {{Policy-Aware Provisioning of Cloud Applications}}, booktitle = {SECURWARE 2013, The Seventh International Conference on Emerging Security Information, Systems and Technologies}, publisher = {Xpert Publishing Services}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, pages = {86--95}, type = {Conference Paper}, month = {August}, year = {2013}, isbn = {978-1-61208-298-1}, keywords = {Cloud Applications; Provisioning; Security; Policies}, language = {English}, cr-category = {K.6 Management of Computing and Information Systems}, ee = {http://www.thinkmind.org/index.php?view=article&articleid=securware_2013_4_40_30149}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems; University of Stuttgart, Institute of Architecture of Application Systems}, abstract = {The automated provisioning of complex composite Cloud applications is a major issue and of vital importance in Cloud computing. It is key to enable Cloud properties such as pay-as-you-go pricing, on-demand self-service, and elasticity. The functional aspects of provisioning such as instantiating virtual machines or installing software components are covered by several technologies on different technical levels: some are targeted to a pretty high level such as Amazon’s Cloud Formation, some deal with deep technical issues based on scripts such as Chef or Puppet. However, the currently available solutions are tightly coupled to individual technologies without being able to consider non-functional security requirements in a non-proprietary and interoperable way. In this paper, we present a concept and framework extension enabling the integration of heterogeneous provisioning technologies under compliance with non-functional aspects defined by policies.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-48&engl=1} } @inproceedings {INPROC-2013-46, author = {Oliver Kopp and Tobias Binz and Uwe Breitenb{\"u}cher and Frank Leymann}, title = {{Winery - A Modeling Tool for TOSCA-based Cloud Applications}}, booktitle = {Proceedings of 11th International Conference on Service-Oriented Computing (ICSOC'13)}, publisher = {Springer Berlin Heidelberg}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, series = {LNCS}, volume = {8274}, pages = {700--704}, type = {Demonstration}, month = {December}, year = {2013}, doi = {10.1007/978-3-642-45005-1_64}, keywords = {Cloud Applications; Modeling; TOSCA; Management; Portability}, language = {English}, cr-category = {K.1 The Computer Industry, K.6.4 System Management, D.2.12 Software Engineering Interoperability}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems; University of Stuttgart, Institute of Architecture of Application Systems}, abstract = {TOSCA is a new OASIS standard to describe composite applications and their management. The structure of an application is described by a topology, whereas management plans describe the application's management functionalities, e.g., provisioning or migration. Winery is a tool offering an HTML5-based environment for graph-based modeling of application topologies and defining reusable component and relationship types. Thereby, it uses TOSCA as internal storage, import, and export format. This demonstration shows how Winery supports modeling of TOSCA-based applications. We use the school management software Moodle as running example throughout the paper.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-46&engl=1} } @inproceedings {INPROC-2013-45, author = {Tobias Binz and Uwe Breitenb{\"u}cher and Florian Haupt and Oliver Kopp and Frank Leymann and Alexander Nowak and Sebastian Wagner}, title = {{OpenTOSCA - A Runtime for TOSCA-based Cloud Applications}}, booktitle = {Proceedings of 11th International Conference on Service-Oriented Computing (ICSOC'13)}, publisher = {Springer Berlin Heidelberg}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, series = {LNCS}, volume = {8274}, pages = {692--695}, type = {Demonstration}, month = {December}, year = {2013}, doi = {10.1007/978-3-642-45005-1_62}, keywords = {TOSCA; Cloud Applications; Automation; Management; Portability}, language = {English}, cr-category = {K.1 The Computer Industry, K.6.4 System Management, D.2.12 Software Engineering Interoperability}, contact = {a href=``http://www.iaas.uni-stuttgart.de/institut/mitarbeiter/binz''Tobias Binz/ a}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems; University of Stuttgart, Institute of Architecture of Application Systems}, abstract = {TOSCA is a new standard facilitating platform independent description of Cloud applications. OpenTOSCA is a runtime for TOSCA-based Cloud applications. The runtime enables fully automated plan-based deployment and management of applications defined in the OASIS TOSCA packaging format CSAR. This paper outlines the core concepts of TOSCA and provides a system overview on OpenTOSCA by describing its modular and extensible architecture, as well as presenting our prototypical implementation. We demonstrate the use of OpenTOSCA by deploying and instantiating the school management and learning application Moodle.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-45&engl=1} } @inproceedings {INPROC-2013-44, author = {Tim Waizenegger and Matthias Wieland and Tobias Binz and Uwe Breitenb{\"u}cher and Frank Leymann}, title = {{Towards a Policy-Framework for the Deployment and Management of Cloud Services}}, booktitle = {SECURWARE 2013, The Seventh International Conference on Emerging Security Information, Systems and Technologies}, editor = {Hans-Joachim Hof and Carla Westphall}, address = {Barcelona, Spain}, publisher = {IARIA}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, pages = {14--18}, type = {Conference Paper}, month = {August}, year = {2013}, isbn = {978-1-61208-298-1}, keywords = {Cloud Computing; Security; Policy-Framework; TOSCA; Cloud Service; Cloud Management}, language = {English}, cr-category = {D.2.7 Software Engineering Distribution, Maintenance, and Enhancement, D.2.9 Software Engineering Management, D.2.13 Software Engineering Reusable Software}, contact = {tim.waizenegger@informatik.uni-stuttgart.de}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems; University of Stuttgart, Institute of Architecture of Application Systems}, abstract = {As the adoption of Cloud Computing is growing, the automated deployment of cloud-based systems is becoming more and more important. New standards, such as TOSCA (OASIS), allow the modeling of interoperable Cloud services. It is now possible to build reusable and portable cloud services that can be (semi-) automatically deployed by different cloud-deployment-engines at various Cloud environments. However, there is still an acceptance problem among potential users, especially in the enterprise segment, that stems from security issues like data security. To improve security in automatic Cloud management engines, this paper proposes a framework for processing non-functional requirements of Cloud services.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-44&engl=1} } @inproceedings {INPROC-2013-43, author = {Tim Waizenegger and Matthias Wieland and Tobias Binz and Uwe Breitenb{\"u}cher and Florian Haupt and Oliver Kopp and Frank Leymann and Bernhard Mitschang and Alexander Nowak and Sebastian Wagner}, title = {{Policy4TOSCA: A Policy-Aware Cloud Service Provisioning Approach to Enable Secure Cloud Computing}}, booktitle = {On the Move to Meaningful Internet Systems: OTM 2013 Conferences}, editor = {Robert Meersman and Herve Panetto and Tharam Dillon and Johann Eder and Zohra Bellahsene and Norbert Ritter and Pieter De Leenheer and Dou Deijing}, address = {Heidelberg}, publisher = {Springer Berlin Heidelberg}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, series = {Lecture Notes in Computer Science (LNCS)}, volume = {8185}, pages = {360--376}, type = {Conference Paper}, month = {September}, year = {2013}, isbn = {978-3-642-41029-1}, doi = {10.1007/978-3-642-41030-7_26}, keywords = {Cloud Computing, TOSCA, Cloud Service, Cloud Management, Policy-Framework, Security, Green-IT, Sustainable Cloud Service}, language = {English}, cr-category = {D.2.7 Software Engineering Distribution, Maintenance, and Enhancement, D.2.9 Software Engineering Management, D.2.13 Software Engineering Reusable Software}, contact = {tim.waizenegger@informatik.uni-stuttgart.de}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems; University of Stuttgart, Institute of Architecture of Application Systems}, abstract = {With the growing adoption of Cloud Computing, automated deployment and provisioning systems for Cloud applications are becoming more prevalent. They help to reduce the onboarding costs for new customers as well as the financial impact of managing Cloud Services by automating these previously manual tasks. With the widespread use of such systems, the adoption of a common standard for describing Cloud applications will provide a crucial advantage by enabling reusable and portable applications. TOSCA, a newly published standard by OASIS with broad industry participation provides this opportunity. Besides the technical requirements of running and managing applications in the cloud, non-functional requirements, like cost, security, and environmental issues, are of special importance when moving towards the automated provisioning and management of Cloud applications. In this paper we demonstrate how non-functional requirements are defined in TOSCA using policies. We propose a mechanism for automatic processing of these formal policy definitions in a TOSCA runtime environment that we have developed based on the proposed architecture of the TOSCA primer. In order to evaluate our approach, we present prototypical implementations of security policies for encrypting databases and for limiting the geographical location of the Cloud servers. We demonstrate how our runtime environment is ensuring these policies and show how they affect the deployment of the application.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-43&engl=1} } @inproceedings {INPROC-2013-38, author = {Stefan Silcher and Jan K{\"o}nigsberger and Peter Reimann and Bernhard Mitschang}, title = {{Cooperative service registries for the service-based Product Lifecycle Management architecture}}, booktitle = {Proceedings of the 17th IEEE International Conference on Computer Supported Cooperative Work in Design (CSCWD '13)}, publisher = {IEEE Xplore}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, pages = {439--446}, type = {Conference Paper}, month = {June}, year = {2013}, isbn = {978-1-4673-6083-8}, doi = {10.1109/CSCWD.2013.6581003}, keywords = {Collaborative Product Lifecycle Management; Cooperative Service Registries; Enterprise Service Bus; Service-oriented Architecture}, language = {English}, cr-category = {D.2.11 Software Engineering Software Architectures, D.2.13 Software Engineering Reusable Software, H.3.4 Information Storage and Retrieval Systems and Software, J.1 Administration Data Processing}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {Product Lifecycle Management (PLM) comprises many different tasks across multiple domains, such as product development and production. Thus, multidisciplinary engineering teams have to collaborate to successfully design and produce products. Nowadays, engineers are supported with many software solutions, which are tailored to the work of each engineer. The problem is the missing or bad integration between these IT solutions, which leads to noncontinuous processes and an insufficient cooperation. The Service-oriented Architecture (SOA) supports the needed flexible integration of applications based on services and moreover an automation and integration of processes via workflows. In previous work, we proposed a service-oriented PLM architecture that provides these benefits and supports continuous processes. Thereby, services of different domains and phases of the product life cycle need to collaborate in a distributed fashion. In this paper, we systematically identify, define and rate representative models for the management of corresponding distributed service registries, which enable an efficient collaboration of services. Based on a prototypical implementation of the best-rated model in a layout redesign scenario, we assess our approach for its suitability in PLM. The selected service registry model provides transparent access to all services of different domains and shows the ease of integrating new applications into the product life cycle. It thereby enables an improved cooperation of engineers across various domains to define cross-domain processes.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-38&engl=1} } @inproceedings {INPROC-2013-34, author = {Stefan Silcher and Barbara Seeberg and Erich Zahn and Bernhard Mitschang}, title = {{A Holistic Management Model for Manufacturing Companies and Related IT Support}}, booktitle = {Procedia CIRP}, publisher = {CIRP}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, pages = {175--180}, type = {Conference Paper}, month = {July}, year = {2013}, issn = {2212-8271}, doi = {http://dx.doi.org/10.1016/j.procir.2013.05.030}, keywords = {Product Lifecycle Management, Supply Chain Management, Factory Lifecycle Management, Holistic Management Model, IT Integration, Service-oriented Architecture, Enterprise Service Bus}, language = {English}, cr-category = {C.1.3 Processor Architectures, Other Architecture Styles, J.1 Administration Data Processing}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {Abstract Life cycle and management concepts are a necessity to compete in current turbulent markets. Small- and medium-sized enterprises (SME) struggle when realizing such concepts and accordant $\backslash${IT$\backslash$} support. In this paper we review different concepts and their similarities and differences are discussed. We focus on Product Lifecycle Management (PLM), Supply Chain Management and Factory Lifecycle Management to integrate them into a holistic management model. Subsequently, we extend a service-based $\backslash${PLM$\backslash$} architecture to support the holistic management model to continuously support processes. The usage of standardized technologies allows companies, and especially SMEs, to implement this architecture with low costs and effort.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-34&engl=1} } @inproceedings {INPROC-2013-32, author = {Carlos L{\"u}bbe and Bernhard Mitschang}, title = {{Holistic Load-Balancing in a Distributed Spatial Cache}}, booktitle = {Proceedings of the 2013 IEEE 14th International Conference on Mobile Data Management}, publisher = {IEEE Computer Society}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, pages = {267--270}, type = {Conference Paper}, month = {June}, year = {2013}, doi = {10.1109/MDM.2013.38}, keywords = {Caching; Geographic Information Systems; Peer-to-peer}, language = {English}, cr-category = {H.2 Database Management}, ee = {ftp://ftp.informatik.uni-stuttgart.de/pub/library/ncstrl.ustuttgart_fi/INPROC-2013-32/INPROC-2013-32.pdf}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {A steadily growing number of people using location based services (LBS) inflict massive query loads on the data tier of an LBS. As such queries usually possess considerable overlap, multiple cache nodes collaborating in a distributed spatial cache can provide scalable access to frequently used data. To preserve high throughput throughout the complete execution process, it is necessary to balance the accumulating load among the participating cache nodes. In this work, we identify three key-indicators to improve resource utilization during the load-balancing process: data skew, anticipated data access patterns and dynamic load peaks. For this reason, we introduce a comprehensive mathematical model to express the key-indicators as probability distribution functions. We fuse the different key-indicators into a single holistic distribution model. In the course of this, we devise a methodology from our holistic distribution model towards a distributed spatial cache offering improved load-balancing}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-32&engl=1} } @inproceedings {INPROC-2013-24, author = {Christoph Stach}, title = {{Wie funktioniert Datenschutz auf Mobilplattformen?}}, booktitle = {Informatik 2013: Informatik angepasst an Mensch, Organisation und Umwelt, Tagungsband der 43. Jahrestagung der Gesellschaft f{\"u}r Informatik e.V. (GI), 16.09. - 20.09.2013, Universit{\"a}t Koblenz-Landau}, editor = {Gesellschaft f{\"u}r Informatik e.V. (GI)}, publisher = {Springer-Verlag}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, series = {Lecture Notes in Informatics}, pages = {1--15}, type = {Workshop Paper}, month = {September}, year = {2013}, keywords = {Datenschutz; Mobilplattform; Berechtigungssystem; Privacy Management Platform}, language = {German}, cr-category = {K.4.1 Computers and Society Public Policy Issues, D.4.6 Operating Systems Security and Protection}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {Die wachsende Verbreitung von mobilen Ger{\"a}ten, bei denen einerseits sehr viele Kontextdaten und andererseits zahlreich pers{\"o}nliche Informationen anfallen, macht diese zu einem hervorragenden Ziel f{\"u}r Angriffe auf die Privatsph{\"a}re. Versch{\"a}rft wird diese Situation dadurch, dass jede Mobilplattform eine eigene Strategie zum Schutz dieser Daten verfolgt, allerdings ohne dabei den Nutzer in geeignetem Ma{\ss}e mit einzubeziehen. Aus diesem Grund gibt es eine Vielzahl an Erweiterungen f{\"u}r diese Berechtigungssysteme. F{\"u}r den Nutzer bleibt dabei weiterhin die Frage, f{\"u}r welche Plattform und f{\"u}r welches Berechtigungssysteme er sich entscheiden soll. In diesem Papier besch{\"a}ftigen wir uns daher mit den Eigenschaften aktueller Mobilplattformen und einiger aktueller Berechtigungssysteme. Wir stellen mit der Privacy Management Platform (PMP) unser eigenes Berechtigungssystem vor, das sich stark an den Bed{\"u}rfnissen der Nutzer orientiert. Neben dem Modell f{\"u}r die Berechtigungsrichtlinien hat allerdings auch die Art, wie diese Modell in die Mobilplattform eingebunden wird, entscheidenden Einfluss auf die Eigenschaften des Systems. Durch die Gegen{\"u}berstellung dieser Eigenschaften, wird dem Nutzer die Wahl einer Plattform und eines Berechtigungssystems, das seinen Bed{\"u}rfnissen gen{\"u}gt, erleichtert.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-24&engl=1} } @inproceedings {INPROC-2013-15, author = {Christoph Gr{\"o}ger and Mark Hillmann and Friedemann Hahn and Bernhard Mitschang and Engelbert Westk{\"a}mper}, title = {{The Operational Process Dashboard for Manufacturing}}, booktitle = {Proceedings of the 46th CIRP Conference on Manufacturing Systems (CMS2013), 29-31 May, 2013, Sesimbra, Portugal}, publisher = {Elsevier}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, type = {Conference Paper}, month = {May}, year = {2013}, language = {English}, cr-category = {J.1 Administration Data Processing}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {Agility is a critical success factor for manufacturers in today’s volatile global environment and requires employees monitoring their performance and reacting quickly to turbulences. Thus, comprehensive information provisioning on all hierarchy levels is necessary. Yet, existing IT systems, e. g., Manufacturing Execution Systems, scarcely address information needs of workers on the shop floor level. This causes uncoordinated waiting times, inflexibility and costly communication. To address these issues, we present the Operational Process Dashboard for Manufacturing (OPDM), a mobile dashboard for shop floor workers. We identify process-oriented information needs, develop technical dashboard services and define IT requirements for an implementation.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-15&engl=1} } @inproceedings {INPROC-2013-14, author = {Christoph Gr{\"o}ger and Stefan Silcher and Engelbert Westk{\"a}mper and Bernhard Mitschang}, title = {{Leveraging Apps in Manufacturing. A Framework for App Technology in the Enterprise}}, booktitle = {Proceedings of the 46th CIRP Conference on Manufacturing Systems (CMS2013), 29-31 May, 2013, Sesimbra, Portugal}, publisher = {Elsevier}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, type = {Conference Paper}, month = {May}, year = {2013}, language = {English}, cr-category = {J.1 Administration Data Processing}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {Apps on mobile devices like smartphones have become the core of the digital life of consumers. Apps are used, e. g., for shopping or communicating in social networks. Recently, apps are gaining more and more attention in enterprises as enabler for agile process optimization. In this article, we discuss the potentials and challenges of exploiting this technology with a focus on the manufacturing industry. We come up with a framework for apps in manufacturing companies and identify major areas that need further investigations to fully leverage apps. Moreover, we present existing and novel apps across the product life cycle.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-14&engl=1} } @inproceedings {INPROC-2013-13, author = {Christoph Stach}, title = {{How to Assure Privacy on Android Phones and Devices?}}, booktitle = {Proceedings of the 14th International Conference on Mobile Data Management}, publisher = {IEEE Computer Society Conference Publishing Services}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, pages = {1--3}, type = {Demonstration}, month = {June}, year = {2013}, keywords = {privacy management; Android; demonstrator}, language = {English}, cr-category = {K.4.1 Computers and Society Public Policy Issues, D.4.6 Operating Systems Security and Protection}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {There is an increasing popularity of mobile devices-especially Android devices-particularly because of the huge amount of available third-party applications. Albeit, the number of diagnosed hacker attacks against mobile user increased in unison, as these devices became the prime target of the latest malware, thanks to inexperienced users and a negligent way of dealing with private data. To make matters worse, the Android permission system is much too coarse-grained and too hard to grasp for an average user. However, even if a user is able to comprehend the meaning and impact of a certain permission, in the end, s/he must grant all requested permission anyhow, if s/he wants to install the application. Therefore, we introduce PMP a privacy management platform for Android, which enables a user to grant an application fine-grained access rights to critical data. Furthermore, those rights can depend on some contextual constraints (e.g. Internet usage is restricted to certain locations) and the policy rules can be modified at run-time. Depending upon the granted rights an application provides a different scope of service. Moreover, the user is-due to a catchy GUI-always informed what impact the granting or respectively the revocation of a permission has on the application's service quality.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-13&engl=1} } @inproceedings {INPROC-2013-12, author = {Tim Waizenegger and Schiller Oliver and Mega Cataldo}, title = {{Datensicherheit in mandantenf{\"a}higen Cloud Umgebungen}}, booktitle = {Tagungsband: Proceedings der 15. Fachtagung des GI-Fachbereichs „Datenbanken und Informationssysteme“ (DBIS)}, editor = {Gesellschaft f{\"u}r Informatik (GI)}, address = {Magdeburg}, publisher = {Gesellschaft f{\"u}r Informatik (GI)}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, series = {Series of the Gesellschaft f{\"u}r Informatik (GI)}, pages = {477--489}, type = {Conference Paper}, month = {March}, year = {2013}, isbn = {978-3-88579-608-4}, keywords = {Cloud; Cloud Computing; Security; Mandantenf{\"a}hig; Schl{\"u}sselverwaltung; Key Management}, language = {German}, cr-category = {D.4.6 Operating Systems Security and Protection, E.3 Data Encryption}, contact = {tim.waizenegger@ipvs.uni-stuttgart.de}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {Cloud Computing wird aktuell haupts{\"a}chlich f{\"u}r wissenschaftliches Rechnen und endkundenorientierte Dienste verwendet, da die Kostenersparnis hier ein besonders wichtiger Faktor ist. Die Betreiber von Cloud Plattformen sind jedoch immer st{\"a}rker daran interessiert Cloud Dienste auch im Enterprise Segment anzubieten, um hier gleicherma{\ss}en von Kostenvorteilen zu profitieren. Die Kundenresonanz aus diesem Segment l{\"a}sst jedoch zu w{\"u}nschen {\"u}brig. Die Gr{\"u}nde daf{\"u}r sind Bedenken bez{\"u}glich Datensicherheit und -vertraulichkeit in mandantenf{\"a}higen Systemen. Um diesem Problem zu begegnen, haben wir die Herausforderungen bei der Absicherung von mandantenf{\"a}higen Cloud Diensten untersucht, und den Umgang mit vertraulichem Schl{\"u}sselmaterial und Anmeldedaten als Schwachstelle identifiziert. Dieser Beitrag zeigt eine konzeptionelle L{\"o}sung zur zentralen Ablage und Zugriffsverwaltung sensibler Daten, sowie deren prototypische Implementierung innerhalb der IBM Cloud L{\"o}sung SmartCloud Content Management.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-12&engl=1} } @inproceedings {INPROC-2013-11, author = {Christoph Stach and Bernhard Mitschang}, title = {{Privacy Management for Mobile Platforms - A Review of Concepts and Approaches}}, booktitle = {Proceedings of the 14th International Conference on Mobile Data Management}, publisher = {IEEE Computer Society Conference Publishing Services}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, pages = {1--9}, type = {Conference Paper}, month = {June}, year = {2013}, keywords = {privacy; profound overview; permission model}, language = {English}, cr-category = {K.4.1 Computers and Society Public Policy Issues, D.4.6 Operating Systems Security and Protection}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {The still rising popularity of modern mobile phones results in an increased demand for manifold applications for these devices. As Android OS supports the development and usage of third-party software greatly, there are more and more developers for this platform. However, many of those applications handle private data grossly negligent which immediately leads to serious privacy concerns. To make matters worse, the current Android permission rules are much too coarse and incomprehensible from the average user's perspective. But even if s/he understands the meaning of the permissions, s/he must either accept all of them or waive the application. Therefore we review concepts and approaches towards effective privacy management for mobile platforms. All this is discussed based on the prevailing key players in the mobile market, namely Apple, RIM, Microsoft and Google. As this work has been initiated by Google we mainly concentrated on Android-based concepts towards customizable privacy management approaches. As a result of our review and taking into account current initiatives and trends in the market, we come up with a novel approach, an implementation architecture and a prototype.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-11&engl=1} } @inproceedings {INPROC-2013-02, author = {Peter Reimann and Holger Schwarz}, title = {{Datenmanagementpatterns in Simulationsworkflows}}, booktitle = {Proceedings der 15. GI-Fachtagung Datenbanksysteme f{\"u}r Business, Technologie und Web (BTW 2013)}, editor = {Gesellschaft f{\"u}r Informatik (GI)}, address = {Magdeburg}, publisher = {Lecture Notes in Informatics (LNI)}, institution = {University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Germany}, series = {Gesellschaft f{\"u}r Informatik (GI)}, pages = {279--293}, type = {Conference Paper}, month = {March}, year = {2013}, keywords = {Datenbereitstellung; Datenmanagementpatterns; Workflow; SIMPL; Simulationsworkflow; BPEL; WS-BPEL}, language = {German}, cr-category = {H.2.5 Heterogeneous Databases, H.2.8 Database Applications, H.4.1 Office Automation}, contact = {Peter Reimann Peter.Reimann@ipvs.uni-stuttgart.de}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {Simulationsworkflows m{\"u}ssen oftmals gro{\ss}e Datenmengen verarbeiten, die in einer Vielzahl propriet{\"a}rer Formate vorliegen. Damit diese Daten von den im Workflow eingebundenen Programmen und Diensten verarbeitet werden k{\"o}nnen, m{\"u}ssen sie in passende Formate transformiert werden. Dies erh{\"o}ht die Komplexit{\"a}t der Workflowmodellierung, welche i.d.R. durch die Wissenschaftler selbst erfolgt. Dadurch k{\"o}nnen sich diese weniger auf den Kern der eigentlichen Simulation konzentrieren. Zur Behebung dieses Defizits schlagen wir einen Ansatz vor, mit dem die Aktivit{\"a}ten zur Datenbereitstellung in Simulationsabl{\"a}ufen abstrakt modelliert werden k{\"o}nnen. Wissenschaftler sollen keine Implementierungsdetails, sondern lediglich die Kernaspekte der Datenbereitstellung in Form von Patterns beschreiben. Die Spezifikation der Patterns soll dabei m{\"o}glichst in der Sprache der mathematischen Simulationsmodelle erfolgen, mit denen Wissenschaftler vertraut sind. Eine Erweiterung des Workflowsystems bildet die Patterns automatisch auf ausf{\"u}hrbare Workflowfragmente ab, welche die Datenbereitstellung umsetzen. Dies alles reduziert die Komplexit{\"a}t der Modellierung von Simulationsworkflows und erh{\"o}ht die Produktivit{\"a}t der Wissenschaftler.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-02&engl=1} } @article {ART-2013-09, author = {Sylvia Radesch{\"u}tz and Holger Schwarz and Florian Niedermann}, title = {{Business impact analysis — a framework for a comprehensive analysis and optimization of business processes}}, journal = {Computer Science – Research and Development}, publisher = {Springer}, pages = {1--18}, type = {Article in Journal}, month = {September}, year = {2013}, language = {English}, cr-category = {H.2 Database Management}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {The ability to continuously adapt its business processes is a crucial ability for any company in order to survive in todays dynamic world. In order to accomplish this task, a company needs to profoundly analyze all its business data. This generates the need for data integration and analysis techniques that allow for a comprehensive analysis. A particular challenge when conducting this analysis is the integration of process data generated by workflow engines and operational data that is produced by business applications and stored in data warehouses. Typically, these two types of data are not matched as their acquisition and analysis follows different principles, i.e., a process-oriented view versus a view focusing on business objects. To address this challenge, we introduce a framework that allows to improve business processes considering an integrated view on process data and operational data.We present and evaluate various architectural options for the data warehouse that provides this integrated view based on a specialized federation layer. This integrated view is also reflected in a set of operators that we introduce.We show how these operators ease the definition of analysis queries and how they allow to extract hidden optimization patterns by using data mining techniques.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2013-09&engl=1} } @inbook {INBOOK-2013-02, author = {Sylvia Radesch{\"u}tz and Holger Schwarz and Marko Vrhovnik and Bernhard Mitschang}, title = {{A Combination Framework for Exploiting the Symbiotic Aspects of Process and Operational Data in Business Process Optimization}}, series = {Information Reuse and Integration in Academia and Industry}, publisher = {Springer}, pages = {29--49}, type = {Article in Book}, month = {September}, year = {2013}, language = {German}, cr-category = {H.2 Database Management}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {A profound analysis of all relevant business data in a company is necessary for optimizing business processes effectively. Current analyses typically run either on business process execution data or on operational business data. Correlations among the separate data sets have to be found manually under big effort. However, to achieve a more informative analysis and to fully optimize a company's business, an efficient consolidation of all major data sources is indispensable. Recent matching algorithms are insufficient for this task since they are restricted either to schema or to process matching. We present a new matching framework to (semi-)automatically combine process data models and operational data models for performing such a profound business analysis. We describe the algorithms and basic matching rules underlying this approach as well as an experimental study that shows the achieved high recall and precision.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INBOOK-2013-02&engl=1} } @inbook {INBOOK-2013-01, author = {Stefan Silcher and Max Dinkelmann and Jorge Minguez and Bernhard Mitschang}, title = {{Advanced Product Lifecycle Management by Introducing Domain-Specific Service Buses}}, series = {Enterprise Information Systems}, publisher = {Springer Berlin Heidelberg}, series = {Lecture Notes in Business Information Processing}, volume = {141}, pages = {92--107}, type = {Article in Book}, month = {October}, year = {2013}, doi = {10.1007/978-3-642-40654-6_6}, isbn = {978-3-642-40653-9 (Print), 978-3-642-40654-6 (Online)}, keywords = {Product lifecycle management; Service-oriented architecture; Enterprise service bus; Modular IT integration}, language = {English}, cr-category = {D.2.11 Software Engineering Software Architectures, D.2.13 Software Engineering Reusable Software}, department = {University of Stuttgart, Institute of Parallel and Distributed Systems, Applications of Parallel and Distributed Systems}, abstract = {Manufacturing companies are operating today in a turbulent market. Permanently changing preconditions forces the companies to continuously adapt their business and production processes to get the optimal productivity. Therefore, a vast number of IT systems are introduced to support tasks along the product life cycle. These systems are typically isolated and their communication, cooperation and in special cases also integration results in more and more overhead and gets quickly unmanageable. Further problems arise, when building continuous processes within the Product Lifecycle Management (PLM). The service-based PLM architecture faces these challenges and presents a homogeneous integration approach based on Enterprise Service Bus (ESB) technology. The characteristics and findings of our approach are presented and the inclusion of security features is discussed. A proof-of-concept for the production planning and the corresponding Production Planning Service Bus are presented. Finally, the advantages of the service-based approach compared to traditional integration solutions are pointed out.}, url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INBOOK-2013-01&engl=1} }