@inproceedings {INPROC-2024-06,
author = {Christoph Stach and Yunxuan Li and Laura Schuiki and Bernhard Mitschang},
title = {{LALOA Virtual Data Lake Zone for Composing Tailor-Made Data Products on Demand}},
booktitle = {Proceedings of the 35th International Conference on Database and Expert Systems Applications (DEXA 2024)},
editor = {Christine Strauss and Toshiyuki Amagasa and Giuseppe Manco and Gabriele Kotsis and A Min Tjoa and Ismail Khalil},
address = {Cham},
publisher = {Springer},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
series = {Lecture Notes in Computer Science},
volume = {14911},
pages = {288--305},
type = {Konferenz-Beitrag},
month = {August},
year = {2024},
isbn = {978-3-031-68311-4},
issn = {0302-9743},
doi = {10.1007/978-3-031-68312-1_22},
keywords = {Data Product; Virtual Data Lake Zone; Data Stream Adaptation},
language = {Englisch},
cr-category = {H.2.7 Database Administration,
E.2 Data Storage Representations,
H.3.3 Information Search and Retrieval,
H.2.8 Database Applications},
contact = {Senden Sie eine E-Mail an \<christoph.stach@ipvs.uni-stuttgart.de\>.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The emerging paradigm of data products, which has become increasingly popular
recently due to the rise of data meshes and data marketplaces, also poses
unprecedented challenges for data management. Current data architectures,
namely data warehouses and data lakes, are not able to meet these challenges
adequately. In particular, these architectures are not designed for a
just-in-time provision of highly customized data products tailored perfectly to
the needs of customers. In this paper, we therefore present a virtual data lake
zone for composing tailor-made data products on demand, called LALO. LALO uses
data streaming technologies to enable just-in-time composing of data products
without allocating storage space in the data architecture permanently. In order
to enable customers to tailor data products to their needs, LALO uses a novel
mechanism that enables live adaptation of data streams. Evaluation results show
that the overhead for such an adaptation is negligible. Therefore, LALO
represents an efficient solution for the appropriate handling of data products,
both in terms of storage space and runtime.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2024-06&engl=0}
}
@inproceedings {INPROC-2024-03,
author = {Andrea Fieschi and Pascal Hirmer and Sachin Agrawal and Christoph Stach and Bernhard Mitschang},
title = {{HySAAD - A Hybrid Selection Approach for Anonymization by Design in the Automotive Domain}},
booktitle = {Proceedings of the 25th IEEE International Conference on Mobile Data Management (MDM 2024)},
editor = {Chiara Renso and Mahmoud Sakr and Walid G Aref and Ashley Song and Cheng Long},
address = {Los Alamitos, Washington, Tokyo},
publisher = {IEEE Computer Society Conference Publishing Services},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {203--210},
type = {Konferenz-Beitrag},
month = {Juni},
year = {2024},
isbn = {979-8-3503-7455-1},
issn = {2375-0324},
doi = {10.1109/MDM61037.2024.00044},
keywords = {anonymization; connected vehicles; privacy protection; metrics},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues},
contact = {Senden Sie eine E-Mail an \<andrea.fieschi@ipvs.uni-stuttgart.de\>.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The increasing connectivity and data exchange between vehicles and the cloud
have led to growing privacy concerns. To keep on gaining product insights
through data collection while guaranteeing privacy protection, an
anonymization-by-design approach should be used. A rising number of
anonymization methods, not limited to the automotive domain, can be found in
the literature and practice. The developers need support to select the suitable
anonymization technique. To this end, we make the following two contributions:
1) We apply our knowledge from the automotive domain to outline the usage of
qualitative metrics for anonymization techniques assessment; 2) We introduce
HySAAD, a hybrid selection approach for anonymization by design that leverages
this groundwork by recommending appropriate anonymization techniques for each
mobile data analytics use case based on both, qualitative (i.e., {\ss}oft``) metrics
and quantitative (i.e., ''hard``) metrics. Using a real-world use case from the
automotive, we demonstrate the applicability and effectiveness of HySAAD.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2024-03&engl=0}
}
@inproceedings {INPROC-2024-02,
author = {Yunxuan Li and Christoph Stach and Bernhard Mitschang},
title = {{PaDS: An adaptive and privacy-enabling Data Pipeline for Smart Cars}},
booktitle = {Proceedings of the 25th IEEE International Conference on Mobile Data Management (MDM 2024)},
editor = {Chiara Renso and Mahmoud Sakr and Walid G Aref and Kyoung-Sook Kim and Manos Papagelis and Dimitris Sacharidis},
address = {Los Alamitos, Washington, Tokyo},
publisher = {IEEE Computer Society Conference Publishing Services},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {41--50},
type = {Konferenz-Beitrag},
month = {Juni},
year = {2024},
isbn = {979-8-3503-7455-1},
issn = {2375-0324},
doi = {10.1109/MDM61037.2024.00026},
keywords = {smart car; privacy-enabling data pipeline; datastream runtime adaptation; mobile data privacy management},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues},
contact = {Senden Sie eine E-Mail an \<yunxuan.li@ipvs.uni-stuttgart.de\>.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The extensive use of onboard sensors in smart cars enables the collection,
processing, and dissemination of large amounts of mobile data containing
information about the vehicle, its driver, and even bystanders. Despite the
undoubted benefits of such smart cars, this leads to significant privacy
concerns. Due to their inherent mobility, the situation of smart cars changes
frequently, and with it, the appropriate measures to counteract the exposure of
private data. However, data management in such vehicles lacks sufficient
support for this privacy dynamism. We therefore introduce PaDS, a framework for
Privacy adaptive Data Stream. The focus of this paper is to enable adaptive
data processing within the vehicle data stream. With PaDS, Privacy-Enhancing
Technologies can be deployed dynamically in the data pipeline of a smart car
according to the current situation without user intervention. With a comparison
of state-of-the-art approaches, we demonstrate that our solution is very
efficient as it does not require a complete restart of the data pipeline.
Moreover, compared to a static approach, PaDS causes only minimal overhead
despite its dynamic adaptation of the data pipeline to react to changing
privacy requirements. This renders PaDS an effective privacy solution for smart
cars.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2024-02&engl=0}
}
@inproceedings {INPROC-2024-01,
author = {Dennis Przytarski and Christoph Stach and Bernhard Mitschang},
title = {{Assessing Data Layouts to Bring Storage Engine Functionality to Blockchain Technology}},
booktitle = {Proceedings of the 57th Hawaii International Conference on System Sciences (HICSS '24)},
editor = {Tung X. Bui},
publisher = {ScholarSpace},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {5091--5100},
type = {Konferenz-Beitrag},
month = {Januar},
year = {2024},
isbn = {978-0-9981331-7-1},
keywords = {blockchain; storage engine; queries},
language = {Englisch},
cr-category = {H.3.1 Content Analysis and Indexing,
H.3.2 Information Storage,
H.3.3 Information Search and Retrieval},
ee = {https://hdl.handle.net/10125/106995},
contact = {Senden Sie eine E-Mail an \<Christoph.Stach@ipvs.uni-stuttgart.de\>.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Nowdays, modern applications often use blockchains as a secure data store.
However, querying blockchain data is more challenging than querying
conventional databases due to blockchains being primarily designed for the
logging of asset transfers, such as cryptocurrencies, rather than storing and
reading generic data. To improve the experience of querying blockchain data and
make it comparable to querying conventional databases, new design approaches of
the storage engine for blockchain technology are required. An important aspect
is the data layout of a block, as it plays a crucial role in facilitating
reading of blockchain data. In this paper, we identify a suitable data layout
that provides the required query capabilities while preserving the key
properties of blockchain technology. Our goal is to overcome the limitations of
current data access models in blockchains, such as the reliance on auxiliary
data storages and error-prone smart contracts. To this end, we compare four
promising data layouts with data models derived from document, row, column, and
triple stores in terms of schema flexibility, read pattern generality, and
relational algebra suitability. We then assess the most suitable data layout
for blockchain technology.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2024-01&engl=0}
}
@inproceedings {INPROC-2023-07,
author = {Andrea Fieschi and Yunxuan Li and Pascal Hirmer and Christoph Stach and Bernhard Mitschang},
title = {{Privacy in Connected Vehicles: Perspectives of Drivers and Car Manufacturers}},
booktitle = {Service-Oriented Computing: 17th Symposium and Summer School, SummerSOC 2023, Heraklion, Crete, Greece, June 25 July 1, 2023, Revised Selected Papers},
editor = {Marco Aiello and Johanna Barzen and Schahram Dustdar and Frank Leymann},
address = {Cham},
publisher = {Springer Nature Switzerland},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
series = {Communications in Computer and Information Science},
volume = {1847},
pages = {59--68},
type = {Konferenz-Beitrag},
month = {Oktober},
year = {2023},
isbn = {978-3-031-45727-2},
doi = {10.1007/978-3-031-45728-9_4},
keywords = {Connected Vehicles; Privacy; Anonymization},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues},
contact = {Senden Sie eine E-Mail an Andrea Fieschi (Andrea.Fieschi@ipvs.uni-stuttgart.de) oder Yunxuan Li (Yunxuan.Li@ipvs.uni-stuttgart.de).},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The digital revolution has led to significant technological advancements in the
automotive industry, enabling vehicles to process and share information with
other vehicles and the cloud. However, as data sharing becomes more prevalent,
privacy protection has become an essential issue. In this paper, we explore
various privacy challenges regarding different perspectives of drivers and car
manufacturers. We also propose general approaches to overcome these challenges
with respect to their individual needs. Finally, we highlight the importance of
collaboration between drivers and car manufacturers to establish trust and
achieve better privacy protection.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2023-07&engl=0}
}
@inproceedings {INPROC-2023-01,
author = {Yunxuan Li and Pascal Hirmer and Christoph Stach},
title = {{CV-Priv: Towards a Context Model for Privacy Policy Creation for Connected Vehicles}},
booktitle = {Proceedings of the 21st International Conference on Pervasive Computing and Communications Workshops},
publisher = {IEEE},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--6},
type = {Konferenz-Beitrag},
month = {M{\"a}rz},
year = {2023},
keywords = {Context Modeling; Ontology; Privacy Policy; Privacy-Preserving; Connected Vehicle},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
K.6.5 Security and Protection},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Connected vehicles are becoming progressively capable of collecting,
processing, and sharing data, which leads to a growing concern about privacy in
the automotive domain. However, research has shown that although users are
highly concerned about their privacy, they usually find it difficult to
configure privacy settings. This is because the privacy context, which
represents the privacy circumstance a driver faces during the privacy policy
creation, is highly complex. To create custom privacy policies, drivers must
consider the privacy context information, such as what service is requesting
data from which vehicle sensor, or what privacy countermeasures are available
for vehicles and satisfy certain privacy properties. This easily leads to
information and choice overhead. Therefore, we propose the novel ontology-based
privacy context model, CV-Priv, for the modeling of such privacy context
information for creating custom privacy policies in the automotive domain. In
this paper, we analyze the design requirements for a privacy context model
based on challenges drivers might face during the privacy policy creation
phase. We also demonstrate how CV-Priv can be utilized by context-aware systems
to help drivers transform their fuzzy privacy requirements into sound privacy
policies.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2023-01&engl=0}
}
@inproceedings {INPROC-2022-08,
author = {Rebecca Eichler and Christoph Gr{\"o}ger and Eva Hoos and Christoph Stach and Holger Schwarz and Bernhard Mitschang},
title = {{Establishing the Enterprise Data Marketplace: Characteristics, Architecture, and Challenges}},
booktitle = {Proceedings of the Workshop on Data Science for Data Marketplaces in Conjunction with the 48th International Conference on Very Large Data Bases},
editor = {Xiaohui Yu and Jian Pei},
publisher = {-},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--12},
type = {Workshop-Beitrag},
month = {September},
year = {2022},
language = {Englisch},
cr-category = {E.m Data Miscellaneous,
H.3.7 Digital Libraries,
H.4.m Information Systems Applications Miscellaneous},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Companies today have increasing amounts of data at their disposal, most of
which is not used, leaving the data value unexploited. In order to leverage the
data value, the data must be democratized, i.e., made available to the company
employees. In this context, the use of enterprise data marketplaces, platforms
for trading data within a company, are proposed. However, specifics of
enterprise data marketplaces and how these can be implemented have not been
investigated in literature so far. To shed light on these topics, we illustrate
the characteristics of an enterprise data marketplace and highlight according
marketplace requirements. We provide an enterprise data marketplace
architecture, discuss how it integrates into a company's system landscape and
present an enterprise data marketplace prototype. Finally, we examine
organizational and technical challenges which arise when operating a
marketplace in the enterprise context. In this paper, we thereby present the
enterprise data marketplace as a distinct marketplace type and provide the
basis for establishing it within a company.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2022-08&engl=0}
}
@inproceedings {INPROC-2022-07,
author = {Yunxuan Li and Pascal Hirmer and Christoph Stach and Bernhard Mitschang},
title = {{Ensuring Situation-Aware Privacy for Connected Vehicles}},
booktitle = {Proceedings of the 12th International Conference on the Internet of Things (IoT); Delft, Netherlands, November 7 - 10, 2022},
editor = {Evangelos Niforatos and Gerd Kortuem and Nirvana Meratnia and Josh Siegel and Florian Michahelles},
address = {New York, NY, USA},
publisher = {ACM},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {135--138},
type = {Konferenz-Beitrag},
month = {November},
year = {2022},
isbn = {978-1-4503-9665-3},
doi = {10.1145/3567445.3569163},
keywords = {Connected Vehicle; Situation-Awareness; Privacy-Preserving},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
K.6.5 Security and Protection},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {As technology advances in new sensors and software, modern vehicles become
increasingly intelligent. To date, connected vehicles can collect, process, and
share data with other entities in connected vehicle environments. However, in
terms of data collection and exchange, privacy becomes a central issue. It is
challenging to preserve privacy in connected vehicle environments when the
privacy demands of drivers could change from situation to situation even for
the same service. In this paper, we analyze the requirements for a
privacy-preserving system in connected vehicle environments with a focus on
situation-awareness and safety aspects. Based on the analysis, we propose a
novel situation-aware privacy-preserving framework for connected vehicles. Our
framework supports individual privacy protections for specific end-point
services and situation-aware privacy protections for different circumstances.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2022-07&engl=0}
}
@inproceedings {INPROC-2022-01,
author = {Christoph Stach and Cl{\'e}mentine Gritti and Dennis Przytarski and Bernhard Mitschang},
title = {{Can Blockchains and Data Privacy Laws be Reconciled? A Fundamental Study of How Privacy-Aware Blockchains are Feasible}},
booktitle = {Proceedings of the 37th ACM/SIGAPP Symposium On Applied Computing},
editor = {Jiman Hong and Miroslav Bures and Ronald Petrlic and Christoph Sorge},
address = {Brno},
publisher = {ACM},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--10},
type = {Konferenz-Beitrag},
month = {April},
year = {2022},
isbn = {978-1-4503-8713-2},
doi = {10.1145/3477314.3506986},
keywords = {blockchains; immutable; tamper-proof; GDPR; privacy assessment},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
K.6.5 Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Due to the advancing digitalization, the importance of data is constantly
increasing. Application domains such as smart cars, smart cities, or smart
healthcare rely on the permanent availability of large amounts of data to all
parties involved. As a result, the value of data increases, making it a
lucrative target for cyber-attacks. Particularly when human lives depend on the
data, additional protection measures are therefore important for data
management and provision. Blockchains, i.e., decentralized, immutable, and
tamper-proof data stores, are becoming increasingly popular for this purpose.
Yet, from a data protection perspective, the immutable and tamper-proof
properties of blockchains pose a privacy concern. In this paper, we therefore
investigate whether blockchains are in compliance with the General Data
Protection Regulation (GDPR) if personal data are involved. To this end, we
elaborate which articles of the GDPR are relevant in this regard and present
technical solutions for those legal requirements with which blockchains are in
conflict. We further identify open research questions that need to be addressed
in order to achieve a privacy-by-design blockchain system.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2022-01&engl=0}
}
@inproceedings {INPROC-2021-11,
author = {Christoph Stach and Julia Br{\"a}cker and Rebecca Eichler and Corinna Giebler and Bernhard Mitschang},
title = {{Demand-Driven Data Provisioning in Data Lakes: BARENTS - A Tailorable Data Preparation Zone}},
booktitle = {Proceedings of the 23rd International Conference on Information Integration and Web-based Applications \& Services (iiWAS2021); Linz, Austria, November 29-December 1, 2021},
editor = {Maria Indrawan-Santiago and Eric Pardede and Ivan Luiz Salvadori and Matthias Steinbauer and Ismail Khalil and Gabriele Kotsis},
address = {New York, NY, United States},
publisher = {Association for Computing Machinery (ACM)},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--12},
type = {Konferenz-Beitrag},
month = {November},
year = {2021},
isbn = {978-1-4503-9556-4/21/11},
doi = {10.1145/3487664.3487784},
keywords = {data pre-processing; data transformation; knowledge modeling; ontology; data management; Data Lakes; zone model; food analysis},
language = {Englisch},
cr-category = {H.2.7 Database Administration,
E.2 Data Storage Representations,
H.3.3 Information Search and Retrieval,
H.2.8 Database Applications},
contact = {Senden Sie eine E-Mail an christoph.stach@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Data has never been as significant as it is today. It can be acquired virtually
at will on any subject. Yet, this poses new challenges towards data management,
especially in terms of storage (data is not consumed during processing, i.e.,
the data volume keeps growing), flexibility (new applications emerge), and
operability (analysts are no IT experts). The goal has to be a demand-driven
data provisioning, i.e., the right data must be available in the right form at
the right time. Therefore, we introduce a tailorable data preparation zone for
Data Lakes called BARENTS. It enables users to model in an ontology how to
derive information from data and assign the information to use cases. The data
is automatically processed based on this model and the refined data is made
available to the appropriate use cases. Here, we focus on a resource-efficient
data management strategy. BARENTS can be embedded seamlessly into established
Big Data infrastructures, e.g., Data Lakes.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2021-11&engl=0}
}
@inproceedings {INPROC-2020-48,
author = {Dennis Przytarski and Christoph Stach and Cl{\'e}mentine Gritti and Bernhard Mitschang},
title = {{A Blueprint for a Trustworthy Health Data Platform Encompassing IoT and Blockchain Technologies}},
booktitle = {Proceedings of the ISCA 29th International Conference on Software Engineering and Data Engineering (Las Vegas, October 2020)},
publisher = {ISCA in Cooperation with IEEE Computer Society},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Germany},
pages = {1--10},
type = {Konferenz-Beitrag},
month = {Oktober},
year = {2020},
language = {Englisch},
cr-category = {H.2.7 Database Administration,
K.6.5 Security and Protection},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte H{\"o}chstleistungsrechner, Anwendersoftware},
abstract = {eHealth provides great relief for patients and physicians. This means, patients
autonomously monitor their condition via IoT medical devices and make these
data available to physicians for analyses. This requires a data platform that
takes care of data acquisition, management, and provisioning. As health data
are highly sensitive, there are major concerns regarding data security with
respect to confidentiality, integrity, and authenticity. To this end, we
present a blueprint for constructing a trustworthy health data platform called
SEAL. It provides a lightweight attribute-based authentication mechanism for
IoT devices to validate all involved data sources, there is a fine-grained data
provisioning system to enable data provision according to actual requirements,
and a verification procedure ensures that data cannot be manipulated.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2020-48&engl=0}
}
@inproceedings {INPROC-2020-37,
author = {Mathias Mormul and Pascal Hirmer and Christoph Stach and Bernhard Mitschang},
title = {{DEAR: Distributed Evaluation of Alerting Rules}},
booktitle = {IEEE 13th International Conference on Cloud Computing (CLOUD)},
publisher = {IEEE},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--1},
type = {Konferenz-Beitrag},
month = {Dezember},
year = {2020},
keywords = {cloud monitoring; agent-based; alerting},
language = {Englisch},
cr-category = {H.0 Information Systems General},
contact = {mathias.mormul@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Cloud computing passed the hype cycle long ago and firmly established itself as
a future technology since then. However, to utilize the cloud as
cost-efficiently as possible, a continuous monitoring is key to prevent an
over- or undercommissioning of resources. In large-scaled scenarios, several
challenges for cloud monitoring, such as high network traffic volume, low
accuracy of monitoring data, and high time-toinsight, require new approaches in
IT Operations while considering administrative complexity. To handle these
challenges, we present DEAR, the Distributed Evaluation of Alerting Rules. DEAR
is a plugin for monitoring systems which automatically distributes alerting
rules to the monitored resources to solve the trade-off between high accuracy
and low network traffic volume without administrative overhead. We evaluate our
approach against requirements of today{\^a}s IT monitoring and compare it to
conventional agent-based monitoring approaches.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2020-37&engl=0}
}
@inproceedings {INPROC-2020-11,
author = {Mathias Mormul and Pascal Hirmer and Christoph Stach and Bernhard Mitschang},
title = {{Avoiding Vendor-Lockin in Cloud Monitoring using Generic Agent Templates}},
booktitle = {Proceedings of the 23rd International Conference on Business Information Systems (BIS), 2020},
publisher = {Springer},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--1},
type = {Konferenz-Beitrag},
month = {Juni},
year = {2020},
keywords = {Vendor Lock-in; Cloud monitoring; Monitoring agents; Genericity},
language = {Deutsch},
cr-category = {H.4.0 Information Systems Applications General},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Cloud computing passed the hype cycle long ago and firmly established itself as
a future technology since then. However, to utilize the cloud optimally, and
therefore, as cost-efficiently as possible, a continuous monitoring is key to
prevent an over- or under-commissioning of resources. However, selecting a
suitable monitoring solution is a challenging task. Monitoring agents that
collect monitoring data are spread across the monitored IT environment.
Therefore, the possibility of vendor lock-ins leads to a lack of flexibility
when the cloud environment or the business needs change. To handle these
challenges, we introduce $\backslash$textit{generic agent templates} that are applicable
to many monitoring systems and support a replacement of monitoring systems.
Solution-specific technical details of monitoring agents are abstracted from
and system administrators only need to model generic agents, which can be
transformed into solution-specific monitoring agents. The transformation logic
required for this process is provided by domain experts to not further burden
system administrators. Furthermore, we introduce an agent lifecycle to support
the system administrator with the management and deployment of generic agents.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2020-11&engl=0}
}
@inproceedings {INPROC-2020-08,
author = {Mathias Mormul and Christoph Stach},
title = {{A Context Model for Holistic Monitoring and Management of Complex IT Environments}},
booktitle = {Proceedings of the 2020 IEEE International Conference on Pervasive Computing and Communications Workshops (CoMoRea)},
publisher = {IEEE Computer Society},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--1},
type = {Workshop-Beitrag},
month = {M{\"a}rz},
year = {2020},
keywords = {Context Model; IT Operations; AIOps; Monitoring},
language = {Englisch},
cr-category = {C.0 Computer Systems Organization, General},
contact = {Senden Sie eine E-Mail an mathias.mormul@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The increased usage of IoT, containerization, and multiple clouds not only
changed the way IT works but also the way IT Operations, i. e., the monitoring
and management of IT assets, works. Monitoring a complex IT environment leads
to massive amounts of heterogeneous context data, usually spread across
multiple data silos, which needs to be analyzed and acted upon autonomously.
However, for a holistic overview of the IT environment, context data needs to
be consolidated which leads to several problems. For scalable and automated
processes, it is essential to know what context is required for a given
monitored resource, where the context data are originating from, and how to
access them across the data silos. Therefore, we introduce the Monitoring
Resource Model for the holistic management of context data. We show what
context is essential for the management of monitored resources and how it can
be used for context reasoning. Furthermore, we propose a multi-layered
framework for IT Operations with which we present the benefits of the
Monitoring Resource Model.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2020-08&engl=0}
}
@inproceedings {INPROC-2020-07,
author = {Christoph Stach and Cl{\'e}mentine Gritti and Dennis Przytarski and Bernhard Mitschang},
title = {{Trustworthy, Secure, and Privacy-aware Food Monitoring Enabled by Blockchains and the IoT}},
booktitle = {Proceedings of the 18th Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), 23-27 March, 2020, Austin, Texas, USA},
publisher = {IEEE},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--4},
type = {Konferenz-Beitrag},
month = {M{\"a}rz},
year = {2020},
keywords = {Attribute-based Credentials; Blockchain; Data Authentication; IoT; Privacy; Service Utility; Transparency; Trust},
language = {Englisch},
cr-category = {K.6.5 Security and Protection,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {A large number of food scandals (e.g., falsely declared meat or non-compliance
with hygiene regulations) are causing considerable concern to consumers.
Although Internet of Things (IoT) technologies are used in the food industry to
monitor production (e.g., for tracing the origin of meat or monitoring cold
chains), the gathered data are not used to provide full transparency to the
consumer. To achieve this, however, three aspects must be considered: a) The
origin of the data must be verifiable, i.e., it must be ensured that the data
originate from calibrated sensors. b) The data must be stored tamper-resistant,
immutable, and open to all consumers. c) Despite this openness, the privacy of
affected data subjects (e.g., the carriers) must still be protected. To this
end, we introduce the SHEEPDOG architecture that {\ss}hepherds`` products from
production to purchase to enable a trustworthy, secure, and privacy-aware food
monitoring. In SHEEPDOG, attribute-based credentials ensure trustworthy data
acquisition, blockchain technologies provide secure data storage, and
fine-grained access control enables privacy-aware data provision.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2020-07&engl=0}
}
@inproceedings {INPROC-2020-04,
author = {Christoph Stach and Cl{\'e}mentine Gritti and Bernhard Mitschang},
title = {{Bringing Privacy Control back to Citizens: DISPEL - A Distributed Privacy Management Platform for the Internet of Things}},
booktitle = {Proceedings of the 35th ACM/SIGAPP Symposium On Applied Computing (PDP).},
address = {Brno, Czech Republic},
publisher = {ACM Press},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--8},
type = {Konferenz-Beitrag},
month = {M{\"a}rz},
year = {2020},
keywords = {privacy; IoT; authorization concept; attribute-based access control},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The Internet of Things (IoT) is becoming increasingly popular. It enables a
variety of novel applications. Such applications require a lot of data about
their users. To this end, sensors continuously monitor various aspects of daily
life. Despite the indisputable benefits of IoT applications, this is a severe
privacy threat. Due to the GDPR coming into force, there is a need for action
on the part of IoT vendors. In this paper, we therefore introduce a Privacy by
Design approach for IoT applications called DISPEL. It provides a configuration
method enabling users to specify globally, which application may access what
data for which purpose. Privacy protection is then applied at the earliest
stage possible, i.e., directly on the IoT devices generating the data. Data
transmission is protected against unauthorized access and manipulation.
Evaluation results show that DISPEL fulfills the requirements towards an IoT
privacy system.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2020-04&engl=0}
}
@inproceedings {INPROC-2020-03,
author = {Christoph Stach and Corinna Giebler and Manuela Wagner and Christian Weber and Bernhard Mitschang},
title = {{AMNESIA: A Technical Solution towards GDPR-compliant Machine Learning}},
booktitle = {Proceedings of the 6th International Conference on Information Systems Security and Privacy (ICISSP 2020)},
editor = {Steven Furnell and Paolo Mori and Edgar Weippl and Olivier Camp},
address = {Valletta, Malta},
publisher = {SciTePress},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--12},
type = {Konferenz-Beitrag},
month = {Februar},
year = {2020},
keywords = {Machine Learning; Data Protection; Privacy Zones; Access Control; Model Management; Provenance; GDPR},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
I.5.1 Pattern Recognition Models},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Machine Learning (ML) applications are becoming increasingly valuable due to
the rise of IoT technologies. That is, sensors continuously gather data from
different domains and make them available to ML for learning its models. This
provides profound insights into the data and enables predictions about future
trends. While ML has many advantages, it also represents an immense privacy
risk. Data protection regulations such as the GDPR address such privacy
concerns, but practical solutions for the technical enforcement of these laws
are also required. Therefore, we introduce AMNESIA, a privacy-aware machine
learning model provisioning platform. AMNESIA is a holistic approach covering
all stages from data acquisition to model provisioning. This enables to control
which application may use which data for ML as well as to make models ``forget''
certain knowledge.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2020-03&engl=0}
}
@inproceedings {INPROC-2019-19,
author = {Christoph Stach},
title = {{VAULT: A Privacy Approach towards High-Utility Time Series Data}},
booktitle = {Proceedings of the Thirteenth International Conference on Emerging Security Information, Systems and Technologies: SECURWARE 2019},
publisher = {IARIA},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--6},
type = {Konferenz-Beitrag},
month = {Oktober},
year = {2019},
keywords = {Privacy; Time Series; Projection; Selection; Aggregation; Interpolation; Smoothing; Information Emphasization; Noise},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {While the Internet of Things (IoT) is a key driver for Smart Services that
greatly facilitate our everyday life, it also poses a serious threat to
privacy. Smart Services collect and analyze a vast amount of (partly private)
data and thus gain valuable insights concerning their users. To prevent this,
users have to balance service quality (i.e., reveal a lot of private data) and
privacy (i.e., waive many features). Current IoT privacy approaches do not
reflect this discrepancy properly and are often too restrictive as a
consequence. For this reason, we introduce VAULT, a new approach for the
protection of private data. VAULT is tailored to time series data as used by
the IoT. It achieves a good tradeoff between service quality and privacy. For
this purpose, VAULT applies five different privacy techniques. Our
implementation of VAULT adopts a Privacy by Design approach.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-19&engl=0}
}
@inproceedings {INPROC-2019-12,
author = {Christoph Stach},
title = {{Konzepte zum Schutz privater Muster in Zeitreihendaten: IoT-Anwendungen im Spannungsfeld zwischen Servicequalit{\"a}t und Datenschutz}},
booktitle = {Informatik 2019: 50 Jahre Gesellschaft f{\"u}r Informatik Informatik f{\"u}r Gesellschaft, Tagungsband der 49. Jahrestagung der Gesellschaft f{\"u}r Informatik e.V. (GI), 23.09. - 26.09.2019, Kassel},
publisher = {GI Gesellschaft f{\"u}r Informatik e.V. (GI)},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
series = {Lecture Notes in Informatics (LNI)},
pages = {1--14},
type = {Konferenz-Beitrag},
month = {September},
year = {2019},
keywords = {Datenschutz; Zeitreihendaten; IoT; DSGVO; ePrivacy-Verordnung; TICK-Stack},
language = {Deutsch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
G.1.10 Numerical Analysis Applications},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Obwohl das Internet der Dinge (IoT) die Voraussetzung f{\"u}r smarte Anwendungen
schafft, die signifikante Vorteile gegen{\"u}ber traditionellen Anwendungen
bieten, stellt die zunehmende Verbreitung von IoT-f{\"a}higen Ger{\"a}ten auch eine
immense Gef{\"a}hrdung der Privatheit dar. IoT-Anwendungen sammeln eine Vielzahl
an Daten und senden diese zur Verarbeitung an ein leistungsstarkes Back-End.
Hierbei werden umfangreiche Erkenntnisse {\"u}ber den Nutzer gewonnen. Erst dieses
Wissen erm{\"o}glicht die Servicevielfalt die IoT-Anwendungen bieten. Der Nutzer
muss daher einen Kompromiss aus Servicequalit{\"a}t und Datenschutz treffen.
Heutige Datenschutzans{\"a}tze ber{\"u}cksichtigen dies unzureichend und sind dadurch
h{\"a}ufig zu restriktiv. Aus diesem Grund stellen wir neue Konzepte zum Schutz
privater Daten f{\"u}r das IoT vor. Diese ber{\"u}cksichtigen die speziellen
Eigenschaften der im IoT zum Einsatz kommenden Zeitreihendaten. So kann die
Privatheit des Nutzers gew{\"a}hrleistet werden, ohne die Servicequalit{\"a}t
unn{\"o}tig einzuschr{\"a}nken. Basierend auf den TICK-Stack beschreiben wir
Implementierungsans{\"a}tze f{\"u}r unsere Konzepte, die einem
Privacy-by-Design-Ansatz folgen.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-12&engl=0}
}
@inproceedings {INPROC-2019-09,
author = {Christoph Stach and Bernhard Mitschang},
title = {{ECHOES: A Fail-safe, Conflict Handling, and Scalable Data Management Mechanism for the Internet of Things}},
booktitle = {Proceedings of the 23rd European Conference on Advances in Databases and Information Systems: ADBIS '19; Bled, Slovenia, September 8-11, 2019},
editor = {Tatjana Welzer and Johann Eder and Vili Podgorelec and Aida Kamisalic Latific},
publisher = {Springer},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
series = {Lecture Notes in Computer Science (LNCS)},
pages = {1--16},
type = {Konferenz-Beitrag},
month = {September},
year = {2019},
keywords = {Internet of Things; Data Exchange; Synchronization Protocol},
language = {Englisch},
cr-category = {H.2.7 Database Administration,
H.2.4 Database Management Systems},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The Internet of Things (IoT) and Smart Services are becoming increasingly
popular. Such services adapt to a user's needs by using sensors to detect the
current situation. Yet, an IoT service has to capture its required data by
itself, even if another service has already captured it before. There is no
data exchange mechanism adapted to the IoT which enables sharing of sensor data
among services and across devices.
Therefore, we introduce a data management mechanism for the IoT. Due to its
applied state-based synchronization protocol called ECHOES. It is fail-safe in
case of connection failures, it detects and handles data conflicts, it is
geared towards devices with limited resources, and it is highly scalable. We
embed ECHOES into a data provisioning infrastructure, namely the Privacy
Management Platform and the Secure Data Container. Evaluation results verify
the practicability of our approach.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-09&engl=0}
}
@inproceedings {INPROC-2019-06,
author = {Christoph Stach and Frank Steimle and Clementine Gritti and Bernhard Mitschang},
title = {{PSSST! The Privacy System for Smart Service Platforms: An Enabler for Confidable Smart Environments}},
booktitle = {Proceedings of the 4th International Conference on Internet of Things, Big Data and Security (IoTBDS '19)},
publisher = {SciTePress},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--12},
type = {Konferenz-Beitrag},
month = {Mai},
year = {2019},
keywords = {Privacy; Access Control; Internet of Things; Smart Service Platform; Sensors; Actuators; Stream Processing},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The Internet of Things and its applications are becoming increasingly popular.
Especially Smart Service Platforms like Alexa are in high demand. Such a
platform retrieves data from sensors, processes them in a back-end, and
controls actuators in accordance with the results. Thereby, all aspects of our
everyday life can be managed. In this paper, we reveal the downsides of this
technology by identifying its privacy threats based on a real-world
application. Our studies show that current privacy systems do not tackle these
issues adequately. Therefore, we introduce PSSST!, a user-friendly and
comprehensive privacy system for Smart Service Platforms limiting the amount of
disclosed private information while maximizing the quality of service at the
same time.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-06&engl=0}
}
@inproceedings {INPROC-2019-03,
author = {Christoph Stach and Corinna Giebler and Simone Schmidt},
title = {{Zuverl{\"a}ssige Versp{\"a}tungsvorhersagen mithilfe von TAROT}},
booktitle = {Tagungsband der 18. GI-Fachtagung Datenbanksysteme f{\"u}r Business, Technologie und Web},
publisher = {GI Gesellschaft f{\"u}r Informatik e.V. (GI)},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
series = {Lecture Notes in Informatics (LNI)},
pages = {1--4},
type = {Demonstration},
month = {M{\"a}rz},
year = {2019},
keywords = {Versp{\"a}tungsvorhersage; {\"O}PNV; deskriptive Analyse; pr{\"a}diktive Analyse; Concept Drift},
language = {Deutsch},
cr-category = {H.2.8 Database Applications,
H.2.4 Database Management Systems},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Bei der Einhaltung von Schadstoffwerten nehmen {\"o}ffentliche Verkehrsmittel eine
immer entscheidendere Rolle ein. Daher wird vermehrt darauf geachtet, deren
Attraktivit{\"a}t zu erh{\"o}hen. Ein wichtiger Punkt hierbei ist die
Vorhersagegenauigkeit von Versp{\"a}tungen zu verbessern, damit Fahrg{\"a}ste
entsprechend planen k{\"o}nnen. Die aktuell angewandten Ans{\"a}tze sind h{\"a}ufig
ungenau, da sie die zur Verf{\"u}gung stehenden Daten nicht ausreichend nutzen. In
diesem Beitrag stellen wir daher mit TAROT ein System vor, das mittels
pr{\"a}diktiver Analysen die Vorhersagegenauigkeit von Versp{\"a}tungen verbessert,
indem es in den Modellen Versp{\"a}tungsfortpflanzungen ber{\"u}cksichtigt. Dar{\"u}ber
hinaus ist es in der Lage, im Fall einer St{\"o}rung augenblicklich auf ein
besseres Vorhersagemodell umzusteigen und auf sowohl schleichende als auch
abrupte Ver{\"a}nderungen automatisch zu reagieren. Die Vorteile dieser
Eigenschaften lassen sich in unserem TAROT-Demonstrator anhand von vier
repr{\"a}sentativen Anwendungsszenarien zeigen. Auch wenn sich die gezeigten
Szenarien alle auf die Versp{\"a}tungsvorhersage von S-Bahnen beziehen, lassen
sich die Konzepte von TAROT auch auf viele andere Anwendungsbereiche (z.B. zur
Bestimmung von Produktionszeiten in der Industrie 4.0) anwenden.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-03&engl=0}
}
@inproceedings {INPROC-2019-02,
author = {Christoph Stach and Frank Steimle},
title = {{Recommender-based Privacy Requirements Elicitation - EPICUREAN: An Approach to Simplify Privacy Settings in IoT Applications with Respect to the GDPR}},
booktitle = {Proceedings of the 34th ACM/SIGAPP Symposium On Applied Computing (PDP)},
publisher = {ACM Press},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--8},
type = {Konferenz-Beitrag},
month = {April},
year = {2019},
keywords = {privacy requirements elicitation; recommender system; knowledge modeling; clustering; association rules; privacy system; IoT; eHealth},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
J.4 Social and Behavioral Sciences,
H.3.3 Information Search and Retrieval},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Due to the Internet of Things (IoT), a giant leap towards a quantified self is
made, i.e., more and more aspects of our lives are being captured, processed,
and analyzed. This has many positive implications, e.g., Smart Health services
help to relieve patients as well as physicians and reduce treatment costs.
However, the price for such services is the disclosure of a lot of private
data. For this reason, Smart Health services were particularly considered by
the European General Data Protection Regulation (GDPR): a data subject's
explicit consent is required when such a service processes his or her data.
However, the elicitation of privacy requirements is a shortcoming in most IoT
privacy systems. Either the user is overwhelmed by too many options or s/he is
not sufficiently involved in the decision process. For this reason, we
introduce EPICUREAN, a recommender-based privacy requirements elicitation
approach. EPICUREAN uses modeling and data mining techniques to determine and
recommend appropriate privacy settings to the user. The user is thus
considerably supported but remains in full control over his or her private
data.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2019-02&engl=0}
}
@inproceedings {INPROC-2018-19,
author = {Christoph Stach and Frank Steimle and Bernhard Mitschang},
title = {{THOR - Ein Datenschutzkonzept f{\"u}r die Industrie 4.0: Datenschutzsysteme f{\"u}r die Smart Factory zur Realisierung der DSGVO}},
booktitle = {Informatik 2018: Zukunft der Arbeit - Zukunft der Informatik, Tagungsband der 48. Jahrestagung der Gesellschaft f{\"u}r Informatik e.V. (GI), 26.09. - 27.09.2018, Berlin.},
publisher = {Gesellschaft f{\"u}r Informatik e.V. (GI)},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
series = {Lecture Notes in Informatics (LNI)},
pages = {1--12},
type = {Workshop-Beitrag},
month = {September},
year = {2018},
keywords = {Datenschutz; Internet der Dinge; Sensoren; Industrie 4.0; Datenstr{\"o}me; Smart Devices},
language = {Deutsch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Der Aufschwung des Internets der Dinge (IoT) sorgt f{\"u}r eine voranschreitende
Digitalisierung. Sensoren in Alltagsgegenst{\"a}nden erfassen unterschiedliche
Aspekte des t{\"a}glichen Lebens. Durch eine Vernetzung dieser Ger{\"a}te, lassen
sich die Daten miteinander kombinieren und daraus neues Wissen generieren. In
der Industrie 4.0 werden beispielsweise die am Produktionsprozess beteiligten
cyber-physischen Systeme dazu genutzt, um mit den von ihnen erfassten Daten
Produktionsprozesse zu optimieren. Da auch der Mensch ein relevanter
Bestandteil des Produktionsprozesses ist, werden z.B. mittels Smart Watches
auch {\"u}ber diesen viele Daten erfasst. Nicht erst mit der Einf{\"u}hrung der neuen
Datenschutzgrundverordnung (DSGVO) sind hierbei allerdings
Datenschutzanforderungen zu beachten: Es m{\"u}ssen nicht nur die privaten Daten
der Nutzer gesch{\"u}tzt werden, sondern es muss auch sichergestellt werden, dass
die Datenverarbeitung und -analyse dadurch so wenig wie m{\"o}glich behindert
werden. Wir stellen hierf{\"u}r ein neuartiges Datenschutzkonzept f{\"u}r die
Industrie 4.0 (THOR) vor, mit dem Kompromisse zwischen erforderlichem
Datenschutz und gew{\"u}nschter Datenqualit{\"a}t gefunden werden k{\"o}nnen, der der
DSGVO gen{\"u}gt.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2018-19&engl=0}
}
@inproceedings {INPROC-2018-15,
author = {Christoph Stach and Sascha Alpers and Stefanie Betz and Frank D{\"u}rr and Andreas Fritsch and Kai Mindermann and Saravana Murthy Palanisamy and Gunther Schiefer and Manuela Wagner and Bernhard Mitschang and Andreas Oberweis and Stefan Wagner},
title = {{The AVARE PATRON: A Holistic Privacy Approach for the Internet of Things}},
booktitle = {Proceedings of the 15th International Conference on Security and Cryptography (SECRYPT '18)},
publisher = {INSTICC Press},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--8},
type = {Konferenz-Beitrag},
month = {Juli},
year = {2018},
keywords = {Privacy; IoT Apps; Smart Things; Stream Processing; Privacy Preferences Elicitation \& Veri\&\#64257; cation},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware;
Universit{\"a}t Stuttgart, Institut f{\"u}r Softwaretechnologie, Software Engineering;
Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Verteilte Systeme},
abstract = {Applications for the Internet of Things are becoming increasingly popular. Due
to the large amount of available context data, such applications can be used
effectively in many domains. By interlinking these data and analyzing them, it
is possible to gather a lot of knowledge about a user. Therefore, these
applications pose a threat to privacy. In this paper, we illustrate this threat
by looking at a real-world application scenario. Current state of the art
focuses on privacy mechanisms either for Smart Things or for big data
processing systems. However, our studies show that for a comprehensive privacy
protection a holistic view on these applications is required. Therefore, we
describe how to combine two promising privacy approaches from both categories,
namely AVARE and PATRON. Evaluation results confirm the thereby achieved
synergy effects.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2018-15&engl=0}
}
@inproceedings {INPROC-2018-14,
author = {Corinna Giebler and Christoph Stach and Holger Schwarz and Bernhard Mitschang},
title = {{BRAID - A Hybrid Processing Architecture for Big Data}},
booktitle = {Proceedings of the 7th International Conference on Data Science, Technology and Applications (DATA 2018)},
publisher = {INSTICC Press},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--8},
type = {Konferenz-Beitrag},
month = {Juli},
year = {2018},
keywords = {Big Data; IoT; Batch Processing; Stream Processing; Lambda Architecture; Kappa Architecture},
language = {Englisch},
cr-category = {D.2.11 Software Engineering Software Architectures,
H.2.4 Database Management Systems,
H.2.8 Database Applications},
contact = {Senden Sie eine e-Mail an Corinna.Giebler@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The Internet of Things is applied in many domains and collects vast amounts of
data. This data provides access to a lot of knowledge when analyzed
comprehensively. However, advanced analysis techniques such as predictive or
prescriptive analytics require access to both, history data, i.e., long-term
persisted data, and real-time data as well as a joint view on both types of
data. State-of-the-art hybrid processing architectures for big data - namely,
the Lambda and the Kappa Architecture - support the processing of history data
and real-time data. However, they lack of a tight coupling of the two
processing modes. That is, the user has to do a lot of work manually in order
to enable a comprehensive analysis of the data. For instance, the user has to
combine the results of both processing modes or apply knowledge from one
processing mode to the other. Therefore, we introduce a novel hybrid processing
architecture for big data, called BRAID. BRAID intertwines the processing of
history data and real-time data by adding communication channels between the
batch engine and the stream engine. This enables to carry out comprehensive
analyses automatically at a reasonable overhead.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2018-14&engl=0}
}
@inproceedings {INPROC-2018-05,
author = {Christoph Stach and Bernhard Mitschang},
title = {{CURATOR - A Secure Shared Object Store: Design, Implementation, and Evaluation of a Manageable, Secure, and Performant Data Exchange Mechanism for Smart Devices}},
booktitle = {Proceedings of the 33rd ACM/SIGAPP Symposium On Applied Computing (DTTA)},
publisher = {ACM Press},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--8},
type = {Konferenz-Beitrag},
month = {April},
year = {2018},
keywords = {data exchange; smart devices; shared object store; security},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Nowadays, smart devices have become incredible popular - literally everybody
has one. Due to an enormous quantity of versatile apps, these devices
positively affect almost every aspect of their users' lives. E.g., there are
apps collecting and monitoring health data from a certain domain such as
diabetes-related or respiration-related data. However, they cannot display
their whole potential since they have only access to their own data and cannot
combine it with data from other apps, e.g., in order to create a comprehensive
electronic health record. On that account, we introduce a seCURe shAred objecT
stORe called CURATOR. In CURATOR apps cannot only manage their own data in an
easy and performant way, but they can also share it with other apps. Since some
of the data is confidential, CURATOR has several security features, including
authentication, fine-grained access control, and encryption. In this paper, we
discuss CURATOR's design and implementation and evaluate its performance.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2018-05&engl=0}
}
@inproceedings {INPROC-2018-04,
author = {Christoph Stach and Frank D{\"u}rr and Kai Mindermann and Saravana Murthy Palanisamy and Stefan Wagner},
title = {{How a Pattern-based Privacy System Contributes to Improve Context Recognition}},
booktitle = {Proceedings of the 2018 IEEE International Conference on Pervasive Computing and Communications Workshops (CoMoRea)},
publisher = {IEEE Computer Society},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--6},
type = {Workshop-Beitrag},
month = {M{\"a}rz},
year = {2018},
keywords = {privacy; access control; pattern concealing; stream processing; complex event processing; databases},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware;
Universit{\"a}t Stuttgart, Institut f{\"u}r Softwaretechnologie, Software Engineering;
Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Verteilte Systeme},
abstract = {As Smart Devices have access to a lot of user-preferential data, they come in
handy in any situation. Although such data - as well as the knowledge which can
be derived from it - is highly beneficial as apps are able to adapt their
services appropriate to the respective context, it also poses a privacy threat.
Thus, a lot of research work is done regarding privacy. Yet, all approaches
obfuscate certain attributes which has a negative impact on context recognition
and thus service quality. Therefore, we introduce a novel access control
mechanism called PATRON. The basic idea is to control access to information
patterns. For instance, a person suffering from diabetes might not want to
reveal his or her unhealthy eating habit, which can be derived from the pattern
``rising blood sugar level'' -$>$ ``adding bread units''. Such a pattern which must
not be discoverable by some parties (e.g., insurance companies) is called
private pattern whereas a pattern which improves an app's service quality is
labeled as public pattern. PATRON employs different techniques to conceal
private patterns and, in case of available alternatives, selects the one with
the least negative impact on service quality, such that the recognition of
public patterns is supported as good as possible.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2018-04&engl=0}
}
@inproceedings {INPROC-2018-03,
author = {Christoph Stach and Frank Steimle and Bernhard Mitschang},
title = {{The Privacy Management Platform: An Enabler for Device Interoperability and Information Security in mHealth Applications}},
booktitle = {Proceedings of the 11th International Conference on Health Informatics (HEALTHINF 2018)},
publisher = {SciTePress},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--12},
type = {Konferenz-Beitrag},
month = {Januar},
year = {2018},
keywords = {mHealth; Device Interoperability; Information Security; COPD; Privacy Management Platform},
language = {Englisch},
cr-category = {H.5.0 Information Interfaces and Presentation General,
K.6.5 Security and Protection,
K.8 Personal Computing},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Chronic diseases are on the rise. Afflicted patients require persistent therapy
and periodic screenings. This causes high treatment costs and overburdened
physicians. Innovative approaches that enable patients to perform treatment
methods on their own are badly needed. Telemedical approaches with the aid of
modern Smartphones connected to medical devices (the so-called mHealth) can be
the answer. However, mHealth apps face two key challenges, namely device
interoperability and information security. In this paper, we describe how the
Privacy Management Platform (PMP) and its extendable Resources can contribute
to these challenges. Therefore, we analyze a real-world mHealth app and derive
generic functional units, each realizing a certain task recurring frequently
within mHealth apps, e.g., metering, data storage, or data transmission. For
each functional unit we provide a PMP Resource, enabling both, device
interoperability and information security. Finally, we revise the analyzed
mHealth app using the Resources in order to evaluate our approach.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2018-03&engl=0}
}
@inproceedings {INPROC-2018-02,
author = {Christoph Stach},
title = {{Big Brother is Smart Watching You: Privacy Concerns about Health and Fitness Applications}},
booktitle = {Proceedings of the 4th International Conference on Information Systems Security and Privacy (ICISSP 2018)},
publisher = {SciTePress},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--11},
type = {Konferenz-Beitrag},
month = {Januar},
year = {2018},
keywords = {Smartbands; Health and Fitness Applications; Privacy Concerns; Privacy Management Platform},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection,
K.8 Personal Computing},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Health and fitness applications for mobile devices are becoming more and more
popular. Due to novel wearable metering devices, the so-called Smartbands,
these applications are able to capture both health data (e.g., the heart rate)
as well as personal information (e.g., location data) and create a quantified
self for their users. However, many of these applications violate the user's
privacy and misuse the collected data. It becomes apparent that this threat is
inherent in the privacy systems implemented in mobile platforms. Therefore, we
apply the Privacy Policy Model (PPM) a fine-grained and modular expandable
permission model to deals with this problem. We implement our adapted model in
a prototype based on the Privacy Management Platform (PMP). Subsequently, we
evaluate our model with the help the prototype and demonstrate its
applicability for any application using Smartbands for its data acquisition.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2018-02&engl=0}
}
@inproceedings {INPROC-2018-01,
author = {Christoph Stach and Bernhard Mitschang},
title = {{ACCESSORS: A Data-Centric Permission Model for the Internet of Things}},
booktitle = {Proceedings of the 4th International Conference on Information Systems Security and Privacy (ICISSP 2018).},
publisher = {SciTePress},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--11},
type = {Konferenz-Beitrag},
month = {Januar},
year = {2018},
keywords = {Permission Model; Data-Centric; Derivation Transparent; Fine-Grained; Context-Sensitive; IoT},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The Internet of Things (IoT) is gaining more and more relevance. Due to
innovative IoT devices equipped with novel sensors, new application domains
come up continuously. These domains include Smart Homes, Smart Health, and
Smart Cars among others. As the devices not only collect a lot of data about
the user, but also share this information with each other, privacy is a key
issue for IoT applications. However, traditional privacy systems cannot be
applied to the IoT directly due to different requirements towards the
underlying permission models. Therefore, we analyze existing permission models
regarding their applicability in the IoT domain. Based on this analysis, we
come up with a novel permission model, implement it in a privacy system, and
assess its utility.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2018-01&engl=0}
}
@inproceedings {INPROC-2017-32,
author = {Christoph Stach and Frank D{\"u}rr and Kai Mindermann and Saravana Murthy Palanisamy and Muhammad Adnan Tariq and Bernhard Mitschang and Stefan Wagner},
title = {{PATRON - Datenschutz in Datenstromverarbeitungssystemen}},
booktitle = {Informatik 2017: Digitale Kulturen, Tagungsband der 47. Jahrestagung der Gesellschaft f{\"u}r Informatik e.V. (GI), 25.09. - 29.09.2017, Technische Universit{\"a}t Chemnitz},
publisher = {Gesellschaft f{\"u}r Informatik e.V. (GI)},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
series = {LNI},
pages = {1--12},
type = {Workshop-Beitrag},
month = {September},
year = {2017},
keywords = {Datenschutz; Zugriffskontrolle; Datenstr{\"o}me; Internet der Dinge; Privatheit; Sensoren},
language = {Deutsch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware;
Universit{\"a}t Stuttgart, Institut f{\"u}r Softwaretechnologie, Software Engineering;
Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Verteilte Systeme},
abstract = {Angetrieben durch die stetig voranschreitende Digitalisierung gewinnt das
Internet der Dinge (engl. IoT) immer mehr an Bedeutung. Im IoT werden
technische Ger{\"a}te mit unterschiedlichen Sensoren ausgestattet und miteinander
vernetzt. Dadurch werden neuartige Anwendungen beispielsweise im Bereich
E-Health erm{\"o}glicht, in denen Sensordaten miteinander kombiniert und so in
h{\"o}herwertige Informationen umgewandelt werden. Die von diesen Anwendungen
abgeleiteten Informationen verraten viel {\"u}ber den Nutzer und m{\"u}ssen daher
besonders gesch{\"u}tzt werden. H{\"a}ufig hat der Nutzer allerdings keine Kontrolle
{\"u}ber die Verarbeitung seiner Daten, ganz davon zu schweigen, dass er das Ausma{\ss}
und die Art der daraus ableitbaren Informationen nicht ermessen kann.
In diesem Artikel stellen wir daher einen neuartigen Kontrollmechanismus vor,
der private Informationen im IoT sch{\"u}tzt. Anstelle von abstrakten
Datenschutzregeln f{\"u}r einzelne Sensoren definiert der Nutzer Muster, die es zu
sch{\"u}tzen gilt. Ein Muster kann beispielsweise eine Kombination aus Messwerten
sein, die auf eine bestimmte Krankheit schlie{\ss}en lassen. Der Nutzer definiert
die zu verheimlichenden Informationen nat{\"u}rlichsprachlich, und ein
Dom{\"a}nenexperte setzt diese in formale Regeln um. Sind diese Regeln zu
restriktiv, so kann die Anwendung ihre angedachte Funktionalit{\"a}t nicht
erbringen. Daher muss bez{\"u}glich der Servicequalit{\"a}t ein Kompromiss zwischen
gew{\"u}nschter Privatheit und ben{\"o}tigter Funktionalit{\"a}t gefunden werden.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2017-32&engl=0}
}
@inproceedings {INPROC-2017-26,
author = {Corinna Giebler and Christoph Stach},
title = {{Datenschutzmechanismen f{\"u}r Gesundheitsspiele am Beispiel von Secure Candy Castle}},
booktitle = {Tagungsband der 15. GI-Fachtagung Datenbanksysteme f{\"u}r Business, Technologie und Web},
editor = {Bernhard Mitschang and Daniela Nicklas and Frank Leymann and Harald Sch{\"o}ning and Melanie Herschel and Jens Teubner and Theo H{\"a}rder and Oliver Kopp and Matthias Wieland},
publisher = {GI},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
series = {Lecture Notes in Informatics (LNI)},
volume = {265},
pages = {311--320},
type = {Konferenz-Beitrag},
month = {M{\"a}rz},
year = {2017},
isbn = {978-3-88579-659-6},
keywords = {mHealth-Apps; Datensicherheit; Datenschutz; Datenintegration; Interoperabilit{\"a}t},
language = {Deutsch},
cr-category = {J.3 Life and Medical Sciences,
K.4.1 Computers and Society Public Policy Issues},
ee = {http://btw2017.informatik.uni-stuttgart.de/?pageId=Proceedings&language=de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Smartphones sind mittlerweile ein fester Bestandteil des modernen Lebens. Sie
erzeugen, speichern und verarbeiten eine Vielzahl an privaten Daten. Auch im
Gesundheitssektor werden sie zunehmend eingesetzt; die dabei entstehenden Daten
sind besonders sch{\"u}tzenswert. In dieser Arbeit werden daher Konzepte
eingef{\"u}hrt, die Nutzern die Kontrolle {\"u}ber ihre Gesundheitsdaten geben. Zu
diesem Zweck wird Secure Candy Castle, ein Spiel f{\"u}r Kinder mit einer
Diabeteserkrankung, das mit einem Berechtigungsmanagementsystem verbunden ist,
vorgestellt. Der Nutzer kann den Funktionsumfang des Spiels einschr{\"a}nken,
wodurch die App weniger Berechtigungen erh{\"a}lt. Zus{\"a}tzlich werden f{\"u}r SCC
Komponenten entwickelt, die die Interoperabilit{\"a}t von Smartphones mit
medizinischen Messger{\"a}ten verbessert. Die Evaluation zeigt, dass mit SCC alle
aktuellen Probleme von Gesundheits-Apps adressiert werden. Die Konzepte sind
generisch und lassen sich auf beliebige andere Gesundheits-Apps anwenden.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2017-26&engl=0}
}
@inproceedings {INPROC-2016-10,
author = {Christoph Stach},
title = {{Secure Candy Castle - A Prototype for Privacy-Aware mHealth Apps}},
booktitle = {Proceedings of the 17th International Conference on Mobile Data Management},
address = {Porto},
publisher = {IEEE Computer Society Conference Publishing Services},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {361--364},
type = {Demonstration},
month = {Juni},
year = {2016},
keywords = {mHealth; privacy; diagnostic game; diabetes},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection,
K.8 Personal Computing,
J.3 Life and Medical Sciences},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Due to rising medical costs, the healthcare landscape is on the move. Novel
treatment methods are badly required. Especially for the treatment of chronic
diseases the usage of smart devices in combination with medical devices for
telemedical screenings is a promising approach. If the patients are not in
control of the collection and processing of their health data, privacy concerns
limit their willingness to use such a method. In this paper, we present a
prototype for an Android-based privacy-aware health game for children suffering
from diabetes called Secure Candy Castle. In the game, the player keeps an
electronic diabetes diary in a playful manner. In doing this, s/he is supported
by various sensors. His or her data is analyzed and in case of a critical
health condition, the game notifies authorized persons. With our approach, the
user stays in control over his or her data, i.e., s/he defines which data
should be shared with the game, how accurate this data should be, and even how
the data is processed by the game. For this purpose, we apply the Privacy
Management Platform, a fine-grained and extendable permission system.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2016-10&engl=0}
}
@inproceedings {INPROC-2016-09,
author = {Christoph Stach and Bernhard Mitschang},
title = {{The Secure Data Container: An Approach to Harmonize Data Sharing with Information Security}},
booktitle = {Proceedings of the 17th International Conference on Mobile Data Management},
address = {Porto},
publisher = {IEEE Computer Society Conference Publishing Services},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {292--297},
type = {Konferenz-Beitrag},
month = {Juni},
year = {2016},
keywords = {smart devices; information security; data sharing},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Smart devices became Marc Weiser's Computer of the 21st Century. Due to their
versatility a lot of private data enriched by context data are stored on them.
Even the health industry utilizes smart devices as portable health monitors and
enablers for telediagnosis. So they represent a severe risk for information
security. Yet the platform providers' countermeasures to these threats are by
no means sufficient. In this paper we describe how information security can be
improved. Therefore, we postulate requirements towards a secure handling of
data. Based on this requirements specification, we introduce a secure data
container as an extension for the Privacy Management Platform. Since a complete
isolation of an app is usually not practicable, our approach also provides
secure data sharing features. Finally, we evaluate our approach from a
technical point of view as well as a security point of view and show its
applicability in an eHealth scenario.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2016-09&engl=0}
}
@inproceedings {INPROC-2015-11,
author = {Christoph Stach},
title = {{How to Deal with Third Party Apps in a Privacy System - The PMP Gatekeeper}},
booktitle = {Proceedings of the 16th International Conference on Mobile Data Management},
address = {Pittsburgh},
publisher = {IEEE Computer Society Conference Publishing Services},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--6},
type = {Konferenz-Beitrag},
month = {Juni},
year = {2015},
keywords = {Android; Privacy Systems; Legacy Apps},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Nowadays, mobile devices collect a lot of private information. Therefore every
vendor of a mobile platform has to provide a sufficient mechanism to secure
this data. Android pursues a strategy to pass full control (and thus full
responsibility) over any private data to the user. However, the Android
Permission System is not sufficient for that purpose. Various third party
approaches try to enhance the Android privacy policy model. Nevertheless, these
approaches have to solve the problem of how to deal with Legacy Apps, i.e.,
apps that do not collaborate with an enhanced privacy policy model.
In this paper, we analyze various alternative privacy systems and discuss
different approaches of how to deal with Legacy Apps. Based on our findings, we
introduce the so-called PMP Gatekeeper, a best of breed approach dealing with
Legacy Apps for the Privacy Management Platform (PMP). The PMP Gatekeeper
classifies apps and deals with each class appropriately. So the user can adjust
privacy settings for every kind of app. With our prototype we show, that the
PMP in combination with the PMP Gatekeeper becomes a holistic privacy system.
Although our prototype is for Android, our realization approach can be applied
to other application platforms in order to offer a satisfying privacy system.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2015-11&engl=0}
}
@inproceedings {INPROC-2014-58,
author = {Christoph Stach and Bernhard Mitschang},
title = {{Design and Implementation of the Privacy Management Platform}},
booktitle = {Proceedings of the 15th International Conference on Mobile Data Management},
address = {Brisbane},
publisher = {IEEE Computer Society Conference Publishing Services},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--4},
type = {Konferenz-Beitrag},
month = {Juli},
year = {2014},
keywords = {Android; policy model; implementation strategies},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Nowadays, mobile platform vendors have to concern themselves increasingly about
how to protect their users' privacy. As Google is less restrictive than their
competitors regarding their terms of use for app developers, it is hardly
surprising that malware spreads even in Google Play. To make matters worse, in
Android every user is responsible for his or her private data and s/he is
frequently overwhelmed with this burden because of the fragile Android
permission mechanism. Thus, the calls for a customizable, fine-grained,
context-based, crash-proof, and intuitive privacy management system are growing
louder. To cope with these requests, we introduce the Privacy Management
Platform (PMP) and we discuss three alternative implementation strategies for
such a system.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2014-58&engl=0}
}
@inproceedings {INPROC-2014-09,
author = {Christoph Gr{\"o}ger and Christoph Stach},
title = {{The Mobile Manufacturing Dashboard}},
booktitle = {Proceedings of the 2014 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), 24-28 March, 2014, Budapest, Hungary},
publisher = {IEEE},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
type = {Demonstration},
month = {M{\"a}rz},
year = {2014},
language = {Englisch},
cr-category = {J.1 Administration Data Processing},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Real-time monitoring and analysis of manufacturing processes are critical
success factors in the smart factory. While there is a variety of data
analytics tools for process optimization, almost each of these applications is
designed for desktop PCs and focuses on selected process aspects, only. I. e.,
there is a gap between the site the analysis outcomes occur (the management
level) and the site where an immediate reaction to these results is required
(the factory shop floor). Even worse, there is no mobile, holistic and
analytics-based information provisioning tool for workers and production
supervisors on the shop floor but rudimentary systems designed for limited
application areas, only. Therefore, we introduce our Mobile Manufacturing
Dashboard (MMD), a situation-aware manufacturing dashboard for mobile devices.
The MMD provides advanced analytics and addresses the full range of
process-oriented information needs of both shop floor workers and production
supervisors. In this paper, we give a brief overview of the MMDs major
architecture and implementation aspects and describe two representative
real-world scenarios for the MMD. These characteristic scenarios target shop
floor workers and production supervisors and illustrate situation-aware
information provisioning in the smart factory.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2014-09&engl=0}
}
@inproceedings {INPROC-2013-24,
author = {Christoph Stach},
title = {{Wie funktioniert Datenschutz auf Mobilplattformen?}},
booktitle = {Informatik 2013: Informatik angepasst an Mensch, Organisation und Umwelt, Tagungsband der 43. Jahrestagung der Gesellschaft f{\"u}r Informatik e.V. (GI), 16.09. - 20.09.2013, Universit{\"a}t Koblenz-Landau},
editor = {Gesellschaft f{\"u}r Informatik e.V. (GI)},
publisher = {Springer-Verlag},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
series = {Lecture Notes in Informatics},
pages = {1--15},
type = {Workshop-Beitrag},
month = {September},
year = {2013},
keywords = {Datenschutz; Mobilplattform; Berechtigungssystem; Privacy Management Platform},
language = {Deutsch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Die wachsende Verbreitung von mobilen Ger{\"a}ten, bei denen einerseits sehr viele
Kontextdaten und andererseits zahlreich pers{\"o}nliche Informationen anfallen,
macht diese zu einem hervorragenden Ziel f{\"u}r Angriffe auf die Privatsph{\"a}re.
Versch{\"a}rft wird diese Situation dadurch, dass jede Mobilplattform eine eigene
Strategie zum Schutz dieser Daten verfolgt, allerdings ohne dabei den Nutzer in
geeignetem Ma{\ss}e mit einzubeziehen. Aus diesem Grund gibt es eine Vielzahl an
Erweiterungen f{\"u}r diese Berechtigungssysteme. F{\"u}r den Nutzer bleibt dabei
weiterhin die Frage, f{\"u}r welche Plattform und f{\"u}r welches Berechtigungssysteme
er sich entscheiden soll.
In diesem Papier besch{\"a}ftigen wir uns daher mit den Eigenschaften aktueller
Mobilplattformen und einiger aktueller Berechtigungssysteme. Wir stellen mit
der Privacy Management Platform (PMP) unser eigenes Berechtigungssystem vor,
das sich stark an den Bed{\"u}rfnissen der Nutzer orientiert. Neben dem Modell f{\"u}r
die Berechtigungsrichtlinien hat allerdings auch die Art, wie diese Modell in
die Mobilplattform eingebunden wird, entscheidenden Einfluss auf die
Eigenschaften des Systems. Durch die Gegen{\"u}berstellung dieser Eigenschaften,
wird dem Nutzer die Wahl einer Plattform und eines Berechtigungssystems, das
seinen Bed{\"u}rfnissen gen{\"u}gt, erleichtert.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-24&engl=0}
}
@inproceedings {INPROC-2013-13,
author = {Christoph Stach},
title = {{How to Assure Privacy on Android Phones and Devices?}},
booktitle = {Proceedings of the 14th International Conference on Mobile Data Management},
publisher = {IEEE Computer Society Conference Publishing Services},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--3},
type = {Demonstration},
month = {Juni},
year = {2013},
keywords = {privacy management; Android; demonstrator},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {There is an increasing popularity of mobile devices-especially Android
devices-particularly because of the huge amount of available third-party
applications. Albeit, the number of diagnosed hacker attacks against mobile
user increased in unison, as these devices became the prime target of the
latest malware, thanks to inexperienced users and a negligent way of dealing
with private data. To make matters worse, the Android permission system is much
too coarse-grained and too hard to grasp for an average user. However, even if
a user is able to comprehend the meaning and impact of a certain permission, in
the end, s/he must grant all requested permission anyhow, if s/he wants to
install the application.
Therefore, we introduce PMP a privacy management platform for Android, which
enables a user to grant an application fine-grained access rights to critical
data. Furthermore, those rights can depend on some contextual constraints (e.g.
Internet usage is restricted to certain locations) and the policy rules can be
modified at run-time. Depending upon the granted rights an application provides
a different scope of service. Moreover, the user is-due to a catchy GUI-always
informed what impact the granting or respectively the revocation of a
permission has on the application's service quality.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-13&engl=0}
}
@inproceedings {INPROC-2013-11,
author = {Christoph Stach and Bernhard Mitschang},
title = {{Privacy Management for Mobile Platforms - A Review of Concepts and Approaches}},
booktitle = {Proceedings of the 14th International Conference on Mobile Data Management},
publisher = {IEEE Computer Society Conference Publishing Services},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--9},
type = {Konferenz-Beitrag},
month = {Juni},
year = {2013},
keywords = {privacy; profound overview; permission model},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The still rising popularity of modern mobile phones results in an increased
demand for manifold applications for these devices. As Android OS supports the
development and usage of third-party software greatly, there are more and more
developers for this platform. However, many of those applications handle
private data grossly negligent which immediately leads to serious privacy
concerns. To make matters worse, the current Android permission rules are much
too coarse and incomprehensible from the average user's perspective. But even
if s/he understands the meaning of the permissions, s/he must either accept all
of them or waive the application.
Therefore we review concepts and approaches towards effective privacy
management for mobile platforms. All this is discussed based on the prevailing
key players in the mobile market, namely Apple, RIM, Microsoft and Google. As
this work has been initiated by Google we mainly concentrated on Android-based
concepts towards customizable privacy management approaches. As a result of our
review and taking into account current initiatives and trends in the market, we
come up with a novel approach, an implementation architecture and a prototype.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2013-11&engl=0}
}
@inproceedings {INPROC-2012-36,
author = {Nazario Cipriani and Christoph Stach and Oliver D{\"o}rler and Bernhard Mitschang},
title = {{NexusDSS - A System for Security Compliant Processing of Data Streams}},
booktitle = {Proceedings of the First International Conference on Data Technologies and Applications (DATA 2012)},
publisher = {SciTePress Digital Library},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--11},
type = {Konferenz-Beitrag},
month = {Juli},
year = {2012},
language = {Englisch},
cr-category = {C.2.0 Computer-Communication Networks, General,
K.6.5 Security and Protection,
D.4.6 Operating Systems Security and Protection},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Technological advances in microelectronic and communication technology are
increasingly leading to a highly connected environment equipped with sensors
producing a continuous flow of context data. The steadily growing number of
sensory context data available enables new application scenarios and drives new
processing techniques. The growing pervasion of everyday life with social media
and the possibility of interconnecting them with moving objects{\^a} traces,
leads to a growing importance of access control for this kind of data since it
concerns privacy issues. The challenge in twofold: First mechanisms to control
data access and data usage must be established and second efficient and
flexible processing of sensible data must be supported. In this paper we
present a flexible and extensible security framework which provides mechanisms
to enforce requirements for context data access and beyond that support safe
processing of sensible context data according to predefined processing rules.
In addition and in contrast to previous concepts, our security framework
especially supports fine-grained control to contextual data.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2012-36&engl=0}
}
@inproceedings {INPROC-2012-11,
author = {Christoph Stach and Luiz Fernando Schlindwein},
title = {{Candy Castle - A Prototype for Pervasive Health Games}},
booktitle = {Proceedings of the 2012 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops); Lugano, Switzerland, March 19-23, 2012},
publisher = {IEEE},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--4},
type = {Demonstration},
month = {M{\"a}rz},
year = {2012},
keywords = {pervasive application; health game; health education; data analysis},
language = {Englisch},
cr-category = {K.4 Computers and Society},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Serious games have primarily the function to educate and train, and secondly to
entertain. We present a serious game used for the treatment of diabetes and for
teaching a diabetes-aware lifestyle. The game encourages the player to walk
around in his / her surrounding and check the blood sugar level in as many
different places as possible. Undoubtedly, the special feature of Candy Castle
is our feedback loop which can be used for on-the-fly data analysis and
automatic adaptation of the application. Thus, the patients as well as their
doctors can be automatically alerted if their blood values deteriorate.
In this demo paper, we explain both the design of the game as well as some
interesting implementation aspects of our prototype. Even though we concern
just on the topic of mobile games, all introduced techniques can be transferred
to a general setting and used in any other mobile application.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2012-11&engl=0}
}
@inproceedings {INPROC-2011-17,
author = {Christoph Stach and Andreas Brodt},
title = {{ vHike A Dynamic Ride-sharing Service for Smartphones}},
booktitle = {Proceedings of the 12th international conference on Mobile data management},
address = {Lule{\aa}, Sweden},
publisher = {ACM},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
pages = {1--4},
type = {Konferenz-Beitrag},
month = {Juni},
year = {2011},
keywords = {ride-sharing; trust; security; location-based.},
language = {Englisch},
cr-category = {K.4 Computers and Society},
contact = {Senden Sie eine E-Mail an christoph.stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {In times of lacking natural resources and increasing environmental pollution at
the same time, modern resource efficient kinds of personal transportation have
to be considered. Ride-sharing is maybe one of the most economical ways to
avouch permanent mobility without losing too much comfort. However, especially
dynamic ride-sharing is laden with many resistances including a lack of
security and a heavy scheduling and coordinating burden. Hence this paper
introduces an implementation of a system for dynamic ride-sharing called vHike
which should eliminate these barriers. With our demonstrator every interested
participant may test whether or not such a system can be viable and effective.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2011-17&engl=0}
}
@inproceedings {INPROC-2011-06,
author = {Christoph Stach},
title = {{Saving time, money and the environment - vHike a dynamic ride-sharing service for mobile devices}},
booktitle = {Work in Progress workshop at PerCom 2011 (WIP of PerCom 2011)},
address = {Seattle, USA},
publisher = {IEEE},
institution = {Universit{\"a}t Stuttgart : Sonderforschungsbereich SFB 627 (Nexus: Umgebungsmodelle f{\"u}r mobile kontextbezogene Systeme), Germany},
pages = {1--4},
type = {Konferenz-Beitrag},
month = {M{\"a}rz},
year = {2011},
keywords = {ride-sharing; trust; security; location-based},
language = {Englisch},
cr-category = {K.4 Computers and Society},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {In times of increasing traffic-related problems, such as air-pollution or
traffic jams, ride-sharing is one of the most environmentally friendly and
pleasantest ways to travel. The many benefits are offset by a multitude of
prejudices and fears, including security concerns and a heavy scheduling and
coordinating burden. For this reason this paper introduces vHike an easy-to-use
management system for dynamic ridesharing running on modern Smartphones. By the
use of techniques well-known from Web 2.0 social networks the threats and
social discomfort emanated by ride-sharing is mitigated. With vHike we want to
show that a proper designed social dynamic ride-sharing system can be feasible
and viable.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2011-06&engl=0}
}
@inproceedings {INPROC-2010-82,
author = {Christoph Stach},
title = {{Gamework - A customizable framework for pervasive games (Doctoral Colloquium)}},
booktitle = {ICPS '10: Proceedings of the 7th international conference on Pervasive services; Berlin, Germany, July 13 - 15, 2010},
editor = {Christian Becker and Shonali Krishnaswamy and Gergely Zaruba and Dipanjan Chakraborty and Mika Luimula and Jadwiga Indulska and Mohamed Medhat Gaber and Seng Wai Loke and Waluyo Agustinus Borgy},
publisher = {ACM Press},
institution = {Universit{\"a}t Stuttgart, Fakult{\"a}t Informatik, Elektrotechnik und Informationstechnik, Germany},
series = {ACM International Conference Proceeding Series},
pages = {168--173},
type = {Konferenz-Beitrag},
month = {Juli},
year = {2010},
isbn = {978-1-4503-0249-4},
keywords = {Mobile services, pervasive multi-player games; customizable framework},
language = {Englisch},
cr-category = {D.2.13 Software Engineering Reusable Software,
H.2.8 Database Applications,
K.8 Personal Computing},
contact = {Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Location-based applications and services gain in importance as the spread of
mobile devices equipped with GPS sensors and internet capabilities increases.
Moreover, there is a trend towards customizable applications in order to let
the user determine e.g. the content and the look and feel. Nevertheless, there
exist only a few applications combining these features.
In this paper, we propose Gamework, a framework for customizable mobile
location-based games as a specialization for customizable mobile context-aware
applications and services. According to their programming skills players are
able to adapt a game with Gamework. This can be done by changing the context,
adding user-generated content, modifying the game-flow or implementing new
games from scratch by reusing existing modules of the framework or adding new
ones. Therefore our framework features a reuse-oriented development methodology
as well as a feedback loop analyzing all accruing user-generated content. The
results of this analysis are used to automatically optimize the game with
respect to frequent user-feedback. Finally, we will transfer the results back
to the more general area of mobile and context-aware applications and services.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2010-82&engl=0}
}
@inproceedings {INPROC-2010-20,
author = {Christoph Stach},
title = {{Gamework - A customizable framework for pervasive games}},
booktitle = {IADIS International Conference Game and Entertainment Technologies (GET '10)},
publisher = {IADIS Press},
institution = {Universit{\"a}t Stuttgart : Sonderforschungsbereich SFB 627 (Nexus: Umgebungsmodelle f{\"u}r mobile kontextbezogene Systeme), Germany},
pages = {1--8},
type = {Konferenz-Beitrag},
month = {Juli},
year = {2010},
keywords = {Pervasive, mobile, customizable, games, framework, smartphones},
language = {Englisch},
cr-category = {D.3.3 Programming Language Constructs and Features,
D.2.13 Software Engineering Reusable Software,
K.8 Personal Computing},
contact = {Christoph Stach christoph.stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The number of pervasive games is growing in which players have to interact with
their environment in order to control their avatar. While in the past they
required immense hardware equipment, nowadays, smartphones have all required
functionality built-in already. In addition, there is an upcoming trend towards
software, supported with new content and knowledge by an active community. By
combining these two trends, a new genre of computer games arises, targeting not
only established gamers but also new audiences.
We build four customization classes differing in required player's programming
knowledge, support by the games and scale of adaption potential. With Gamework
we present a framework for pervasive games on modern smartphones simplifying
user-driven game customization for the identified customization methods in this
paper. We also present two games implemented with this framework. Concluding,
we show the potential of these games as well as the potential of our framework.
We also report on early experiences in exploiting the customization approach of
our framework.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2010-20&engl=0}
}
@inproceedings {INPROC-2009-60,
author = {Andreas Brodt and Christoph Stach},
title = {{Mobile ortsbasierte Browserspiele}},
booktitle = {Tagungsband der 39. GI-Jahrestagung, 28.9. - 2.10.2009, Universit{\"a}t zu L{\"u}beck},
editor = {Gesellschaft f{\"u}r Informatik e.V.},
publisher = {Gesellschaft f{\"u}r Informatik e.V. (GI)},
institution = {Universit{\"a}t Stuttgart : Sonderforschungsbereich SFB 627 (Nexus: Umgebungsmodelle f{\"u}r mobile kontextbezogene Systeme), Germany},
series = {Lecture Notes in Informatics},
type = {Workshop-Beitrag},
month = {September},
year = {2009},
keywords = {Pervasive Games; GPS; location-based games; browser games},
language = {Deutsch},
cr-category = {H.5.1 Multimedia Information Systems,
H.5.2 Information Interfaces and Presentation User Interfaces,
K.8 Personal Computing},
ee = {ftp://ftp.informatik.uni-stuttgart.de/pub/library/ncstrl.ustuttgart_fi/INPROC-2009-60/INPROC-2009-60.pdf},
contact = {Andreas Brodt andreas.brodt@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Die Verbreitung von mobilen Ger{\"a}ten und Positionssensoren wie GPS erm{\"o}glicht
mobile ortsbasierte Spiele, in denen sich die Spieler physisch in ihrer Umwelt
bewegen m{\"u}ssen, um Einfluss auf das Spielgeschehen zu nehmen. Klassische
Computerspiele werden zunehmend als Browserspiel realisiert, d.h. der
Web-Browser des Spielers wird f{\"u}r die Benutzerschnittstelle verwendet. Indem
der Web-Browser um eine Kontextschnittstelle erweitert wird, kann einem
Browserspiel Zugriff auf die aktuelle Position des Spielers gew{\"a}hrt werden.
Dadurch wird es m{\"o}glich, mobile ortsbasierte Spiele im Web-Browser zu spielen.
In diesem Papier besch{\"a}ftigen wir uns mit dem Eigenschaften mobiler
ortsbasierter Browserspiele. Wir stellen zwei Beispiele vor, anhand derer wir
untersuchen, welche Einfl{\"u}sse mobile ortsbasierte Spiele auf das Spielkonzept
haben und welche technischen Konsequenzen sich daraus ergeben. Abschlie{\ss}end
pr{\"a}sentieren wir ein Framework zur Entwicklung mobiler ortsbasierter Spiele.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INPROC-2009-60&engl=0}
}
@article {ART-2023-07,
author = {Rebecca Eichler and Christoph Gr{\"o}ger and Eva Hoos and Christoph Stach and Holger Schwarz and Bernhard Mitschang},
title = {{Introducing the enterprise data marketplace: a platform for democratizing company data}},
journal = {Journal of Big Data},
publisher = {Springer Nature},
volume = {10},
pages = {1--38},
type = {Artikel in Zeitschrift},
month = {November},
year = {2023},
issn = {2196-1115},
doi = {10.1186/s40537-023-00843-z},
keywords = {Data Catalog; Data Democratization; Data Market; Data Sharing; Enterprise Data Marketplace; Metadata Management},
language = {Englisch},
cr-category = {E.m Data Miscellaneous,
H.3.7 Digital Libraries,
H.4.m Information Systems Applications Miscellaneous},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {In this big data era, multitudes of data are generated and collected which
contain the potential to gain new insights, e.g., for enhancing business
models. To leverage this potential through, e.g., data science and analytics
projects, the data must be made available. In this context, data marketplaces
are used as platforms to facilitate the exchange and thus, the provisioning of
data and data-related services. Data marketplaces are mainly studied for the
exchange of data between organizations, i.e., as external data marketplaces.
Yet, the data collected within a company also has the potential to provide
valuable insights for this same company, for instance to optimize business
processes. Studies indicate, however, that a significant amount of data within
companies remains unused. In this sense, it is proposed to employ an Enterprise
Data Marketplace, a platform to democratize data within a company among its
employees. Specifics of the Enterprise Data Marketplace, how it can be
implemented or how it makes data available throughout a variety of systems like
data lakes has not been investigated in literature so far. Therefore, we
present the characteristics and requirements of this kind of marketplace. We
also distinguish it from other tools like data catalogs, provide a platform
architecture and highlight how it integrates with the company{\^a}s system
landscape. The presented concepts are demonstrated through an Enterprise Data
Marketplace prototype and an experiment reveals that this marketplace
significantly improves the data consumer workflows in terms of efficiency and
complexity. This paper is based on several interdisciplinary works combining
comprehensive research with practical experience from an industrial
perspective. We therefore present the Enterprise Data Marketplace as a distinct
marketplace type and provide the basis for establishing it within a company.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2023-07&engl=0}
}
@article {ART-2023-06,
author = {Christoph Stach and Cl{\'e}mentine Gritti},
title = {{Editorial to the Special Issue on Security and Privacy in Blockchains and the IoT Volume II}},
journal = {Future Internet},
address = {Basel, Schweiz},
publisher = {MDPI},
volume = {15},
number = {8},
pages = {1--7},
type = {Artikel in Zeitschrift},
month = {August},
year = {2023},
issn = {1999-5903},
doi = {10.3390/fi15080272},
language = {Englisch},
cr-category = {D.4.6 Operating Systems Security and Protection,
K.4.1 Computers and Society Public Policy Issues,
K.6.5 Security and Protection},
ee = {https://www.mdpi.com/1999-5903/15/8/272/htm},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {In this age of data-driven transformation, where the fusion of blockchain
technologies and the Internet of Things (IoT) is shaping the fabric of our
digital society, the need for security and privacy has never been more
important. This Special Issue delves into the intricate confluence of these two
disruptive forces and provides a comprehensive overview of security and privacy
aspects in this regard. Focusing on protection goals such as confidentiality,
integrity, availability, and privacy, this compilation encapsulates the essence
of these multi-layered challenges. Ranging from complex data-driven
applications and smart services to novel approaches that enhance security and
privacy in the context of blockchain technologies and the IoT, the research
articles and literature reviews presented here offer a sophisticated mesh of
insights. Innovative solutions are highlighted from a variety of perspectives,
and challenges such as secure data transmission, confidential communication,
and tamper-proof data storage are explored.
In this way, this Special Issue is a beacon for practitioners, researchers, and
technology enthusiasts. Developers seeking to harness the potential of
blockchain technology and IoT find rich insights while users get a
comprehensive overview of the latest research and trends. The symphony of
interdisciplinary knowledge presented here creates a harmonious blend of theory
and practice, highlighting the intricate interdependencies between
technological advances and the need for security and privacy.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2023-06&engl=0}
}
@article {ART-2023-05,
author = {Christoph Stach and Rebecca Eichler and Simone Schmidt},
title = {{A Recommender Approach to Enable Effective and Efficient Self-Service Analytics in Data Lakes}},
journal = {Datenbank-Spektrum},
publisher = {Springer Nature},
volume = {23},
number = {2},
pages = {123--132},
type = {Artikel in Zeitschrift},
month = {Juni},
year = {2023},
issn = {1618-2162},
doi = {10.1007/s13222-023-00443-4},
keywords = {Data Lake; Data Preparation; Data Pre-Processing; Data Refinement; Recommender; Self-Service Analytics},
language = {Englisch},
cr-category = {H.2.7 Database Administration,
E.2 Data Storage Representations,
H.3.3 Information Search and Retrieval,
H.2.8 Database Applications},
contact = {Senden Sie eine E-Mail an christoph.stach@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {As a result of the paradigm shift away from rather rigid data warehouses to
general-purpose data lakes, fully flexible self-service analytics is made
possible. However, this also increases the complexity for domain experts who
perform these analyses, since comprehensive data preparation tasks have to be
implemented for each data access. For this reason, we developed BARENTS, a
toolset that enables domain experts to specify data preparation tasks as
ontology rules, which are then applied to the data involved. Although our
evaluation of BARENTS showed that it is a valuable contribution to self-service
analytics, a major drawback is that domain experts do not receive any semantic
support when specifying the rules. In this paper, we therefore address how a
recommender approach can provide additional support to domain experts by
identifying supplementary datasets that might be relevant for their analyses or
additional data processing steps to improve data refinement. This recommender
operates on the set of data preparation rules specified in BARENTS-i.e., the
accumulated knowledge of all domain experts is factored into the data
preparation for each new analysis. Evaluation results indicate that such a
recommender approach further contributes to the practicality of BARENTS and
thus represents a step towards effective and efficient self-service analytics
in data lakes.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2023-05&engl=0}
}
@article {ART-2023-01,
author = {Christoph Stach},
title = {{Data Is the New Oil--Sort of: A View on Why This Comparison Is Misleading and Its Implications for Modern Data Administration}},
journal = {Future Internet},
publisher = {MDPI},
volume = {15},
number = {2},
pages = {1--49},
type = {Artikel in Zeitschrift},
month = {Februar},
year = {2023},
issn = {1999-5903},
doi = {10.3390/fi15020071},
keywords = {data characteristics; data administration; data refinement; reliability; security; privacy},
language = {Englisch},
cr-category = {E.0 Data General,
H.3 Information Storage and Retrieval,
K.6.5 Security and Protection,
K.4.1 Computers and Society Public Policy Issues},
ee = {https://www.mdpi.com/1999-5903/15/2/71/htm},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Currently, data are often referred to as the oil of the 21st century. This
comparison is not only used to express that the resource data are just as
important for the fourth industrial revolution as oil was for the technological
revolution in the late 19th century. There are also further similarities
between these two valuable resources in terms of their handling. Both must
first be discovered and extracted from their sources. Then, the raw materials
must be cleaned, preprocessed, and stored before they can finally be delivered
to consumers. Despite these undeniable similarities, however, there are
significant differences between oil and data in all of these processing steps,
making data a resource that is considerably more challenging to handle. For
instance, data sources, as well as the data themselves, are heterogeneous,
which means there is no one-size-fits-all data acquisition solution.
Furthermore, data can be distorted by the source or by third parties without
being noticed, which affects both quality and usability. Unlike oil, there is
also no uniform refinement process for data, as data preparation should be
tailored to the subsequent consumers and their intended use cases. With regard
to storage, it has to be taken into account that data are not consumed when
they are processed or delivered to consumers, which means that the data volume
that has to be managed is constantly growing. Finally, data may be subject to
special constraints in terms of distribution, which may entail individual
delivery plans depending on the customer and their intended purposes. Overall,
it can be concluded that innovative approaches are needed for handling the
resource data that address these inherent challenges. In this paper, we
therefore study and discuss the relevant characteristics of data making them
such a challenging resource to handle. In order to enable appropriate data
provisioning, we introduce a holistic research concept from data source to data
sink that respects the processing requirements of data producers as well as the
quality requirements of data consumers and, moreover, ensures a trustworthy
data administration.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2023-01&engl=0}
}
@article {ART-2022-09,
author = {Christoph Stach},
title = {{Editorial to the Special Issue on Security and Privacy in Blockchains and the IoT}},
journal = {Future Internet},
publisher = {MDPI},
volume = {14},
number = {11},
pages = {1--4},
type = {Artikel in Zeitschrift},
month = {November},
year = {2022},
issn = {1999-5903},
doi = {10.3390/fi14110317},
language = {Englisch},
cr-category = {D.4.6 Operating Systems Security and Protection,
K.4.1 Computers and Society Public Policy Issues,
K.6.5 Security and Protection},
ee = {https://www.mdpi.com/1999-5903/14/11/317/htm},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {In this day and age, data have become an immensely valuable resource. They are
the key driver that puts the smart into smart services. This is fundamentally
fueled by two technological achievements, namely the Internet of Things (IoT),
which enables continuous and comprehensive collection of all kinds of data, and
blockchain technologies, which provide secure data management and exchange. In
addition to those information security measures, however, data privacy
solutions are also required to protect the involved sensitive data. In this
Special Issue, eight research papers address security and privacy challenges
when dealing with blockchain technologies and the IoT. Concerning the IoT,
solutions are presented on how IoT group communication can be secured and how
trust within IoT applications can be increased. In the context of blockchain
technologies, approaches are introduced on how the capabilities of query
processing can be enhanced and how a proof-of-work consensus protocol can be
efficiently applied in IoT environments. Furthermore, it is discussed how
blockchain technologies can be used in IoT environments to control access to
confidential IoT data as well as to enable privacy-aware data sharing. Finally,
two reviews give an overview of the state of the art in in-app activity
recognition based on convolutional neural networks and the prospects for
blockchain technology applications in ambient assisted living.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2022-09&engl=0}
}
@article {ART-2022-08,
author = {Christoph Stach and Cl{\'e}mentine Gritti and Dennis Przytarski and Bernhard Mitschang},
title = {{Assessment and Treatment of Privacy Issues in Blockchain Systems}},
journal = {ACM SIGAPP Applied Computing Review},
publisher = {ACM},
volume = {22},
number = {3},
pages = {5--24},
type = {Artikel in Zeitschrift},
month = {September},
year = {2022},
issn = {1559-6915},
keywords = {blockchain; decentralized; immutable; tamper-proof; GDPR; privacy assessment; data purging; data authentication; permission control; privacy filters; privacy control environment},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
K.6.5 Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The ability to capture and quantify any aspect of daily life via sensors,
enabled by the Internet of Things (IoT), data have become one of the most
important resources of the 21st century. However, the high value of data also
renders data an appealing target for criminals. Two key protection goals when
dealing with data are therefore to maintain their permanent availability and to
ensure their integrity. Blockchain technology provides a means of data
protection that addresses both of these objectives. On that account,
blockchains are becoming increasingly popular for the management of critical
data. As blockchains are operated in a decentralized manner, they are not only
protected against failures, but it is also ensured that neither party has sole
control over the managed data. Furthermore, blockchains are immutable and
tamper-proof data stores, whereby data integrity is guaranteed. While these
properties are preferable from a data security perspective, they also pose a
threat to privacy and confidentiality, as data cannot be concealed, rectified,
or deleted once they are added to the blockchain.
In this paper, we therefore investigate which features of the blockchain pose
an inherent privacy threat when dealing with personal or confidential data. To
this end, we consider to what extent blockchains are in compliance with
applicable data protection laws, namely the European General Data Protection
Regulation (GDPR). Based on our identified key issues, we assess which concepts
and technical measures can be leveraged to address these issues in order to
create a privacy-by-design blockchain system.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2022-08&engl=0}
}
@article {ART-2022-07,
author = {Christoph Stach and Cl{\'e}mentine Gritti and Julia Br{\"a}cker and Michael Behringer and Bernhard Mitschang},
title = {{Protecting Sensitive Data in the Information Age: State of the Art and Future Prospects}},
journal = {Future Internet},
publisher = {MDPI},
volume = {14},
number = {11},
pages = {1--42},
type = {Artikel in Zeitschrift},
month = {Oktober},
year = {2022},
issn = {1999-5903},
doi = {10.3390/fi14110302},
keywords = {smart service; privacy techniques; location-based services; health services; voice-controlled digital assistants; image analysis; food analysis; recommender systems; DNA sequence classification},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
K.6.5 Security and Protection},
ee = {https://www.mdpi.com/1999-5903/14/11/302/htm},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The present information age is characterized by an ever-increasing
digitalization. Smart devices quantify our entire lives. These collected data
provide the foundation for data-driven services called smart services. They are
able to adapt to a given context and thus tailor their functionalities to the
user's needs. It is therefore not surprising that their main resource, namely
data, is nowadays a valuable commodity that can also be traded. However, this
trend does not only have positive sides, as the gathered data reveal a lot of
information about various data subjects. To prevent uncontrolled insights into
private or confidential matters, data protection laws restrict the processing
of sensitive data. One key factor in this regard is user-friendly privacy
mechanisms. In this paper, we therefore assess current state-of-the-art privacy
mechanisms. To this end, we initially identify forms of data processing applied
by smart services. We then discuss privacy mechanisms suited for these use
cases. Our findings reveal that current state-of-the-art privacy mechanisms
provide good protection in principle, but there is no compelling
one-size-fits-all privacy approach. This leads to further questions regarding
the practicality of these mechanisms, which we present in the form of seven
thought-provoking propositions.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2022-07&engl=0}
}
@article {ART-2022-06,
author = {Christoph Stach and Michael Behringer and Julia Br{\"a}cker and Cl{\'e}mentine Gritti and Bernhard Mitschang},
title = {{SMARTEN A Sample-Based Approach towards Privacy-Friendly Data Refinement}},
journal = {Journal of Cybersecurity and Privacy},
publisher = {MDPI},
volume = {2},
number = {3},
pages = {606--628},
type = {Artikel in Zeitschrift},
month = {August},
year = {2022},
issn = {2624-800X},
doi = {10.3390/jcp2030031},
keywords = {privacy; data refinement; data cleansing; data transformation; human-in-the-loop},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
K.6.5 Security and Protection},
ee = {https://www.mdpi.com/2624-800X/2/3/31/htm},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Two factors are crucial for the effective operation of modern-day smart
services: Initially, IoT-enabled technologies have to capture and combine huge
amounts of data on data subjects. Then, all these data have to be processed
exhaustively by means of techniques from the area of big data analytics. With
regard to the latter, thorough data refinement in terms of data cleansing and
data transformation is the decisive cornerstone. Studies show that data
refinement reaches its full potential only by involving domain experts in the
process. However, this means that these experts need full insight into the data
in order to be able to identify and resolve any issues therein, e.g., by
correcting or removing inaccurate, incorrect, or irrelevant data records. In
particular for sensitive data (e.g., private data or confidential data), this
poses a problem, since these data are thereby disclosed to third parties such
as domain experts. To this end, we introduce SMARTEN, a sample-based approach
towards privacy-friendly data refinement to smarten up big data analytics and
smart services. SMARTEN applies a revised data refinement process that fully
involves domain experts in data pre-processing but does not expose any
sensitive data to them or any other third-party. To achieve this, domain
experts obtain a representative sample of the entire data set that meets all
privacy policies and confidentiality guidelines. Based on this sample, domain
experts define data cleaning and transformation steps. Subsequently, these
steps are converted into executable data refinement rules and applied to the
entire data set. Domain experts can request further samples and define further
rules until the data quality required for the intended use case is reached.
Evaluation results confirm that our approach is effective in terms of both data
quality and data privacy.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2022-06&engl=0}
}
@article {ART-2022-01,
author = {Christoph Stach and Julia Br{\"a}cker and Rebecca Eichler and Corinna Giebler and Bernhard Mitschang},
title = {{Simplified Specification of Data Requirements for Demand-Actuated Big Data Refinement}},
journal = {Journal of Data Intelligence},
publisher = {Rinton Press},
volume = {3},
number = {3},
pages = {366--400},
type = {Artikel in Zeitschrift},
month = {August},
year = {2022},
issn = {2577-610X},
keywords = {data pre-processing; data transformation; knowledge modeling; ontology; data management; Data Lakes; zone model; food analysis},
language = {Englisch},
cr-category = {H.2.7 Database Administration,
E.2 Data Storage Representations,
H.3.3 Information Search and Retrieval,
H.2.8 Database Applications},
contact = {Senden Sie eine E-Mail an christoph.stach@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Data have become one of the most valuable resources in modern society. Due to
increasing digitalization and the growing prevalence of the Internet of Things,
it is possible to capture data on any aspect of today's life. Similar to
physical resources, data have to be refined before they can become a profitable
asset. However, such data preparation entails completely novel challenges: For
instance, data are not consumed when being processed, whereby the volume of
available data that needs to be managed increases steadily. Furthermore, the
data preparation has to be tailored to the intended use case in order to
achieve an optimal outcome. This, however, requires the knowledge of domain
experts. Since such experts are typically not IT experts, they need tools that
enable them to specify the data requirements of their use cases in a
user-friendly manner. The goal of this data preparation is to provide any
emerging use case with demand-actuated data.
With this in mind, we designed a tailorable data preparation zone for Data
Lakes called BARENTS. It provides a simplified method for domain experts to
specify how data must be pre-processed for their use cases, and these data
preparation steps are then applied automatically. The data requirements are
specified by means of an ontology-based method which is comprehensible to
non-IT experts. Data preparation and provisioning are realized
resource-efficient by implementing BARENTS as a dedicated zone for Data Lakes.
This way, BARENTS is seamlessly embeddable into established Big Data
infrastructures.
This article is an extended and revised version of the conference paper
``Demand-Driven Data Provisioning in Data Lakes: BARENTS - A Tailorable Data
Preparation Zone'' by Stach et al. In comparison to our original conference
paper, we take a more detailed look at related work in the paper at hand. The
emphasis of this extended and revised version, however, is on strategies to
improve the performance of BARENTS and enhance its functionality. To this end,
we discuss in-depth implementation details of our prototype and introduce a
novel recommender system in BARENTS that assists users in specifying data
preparation steps.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2022-01&engl=0}
}
@article {ART-2021-04,
author = {Dennis Przytarski and Christoph Stach and Cl{\'e}mentine Gritti and Bernhard Mitschang},
title = {{Query Processing in Blockchain Systems: Current State and Future Challenges}},
journal = {Future Internet},
editor = {Dino Giuli and Andrew Hudson-Smith and Luis Javier Garcia Villalba},
publisher = {MDPI},
volume = {14},
number = {1},
pages = {1--31},
type = {Artikel in Zeitschrift},
month = {Dezember},
year = {2021},
issn = {1999-5903},
doi = {10.3390/fi14010001},
keywords = {blockchain systems; query processing; data models; data structures; block structures},
language = {Englisch},
cr-category = {H.3.0 Information Storage and Retrieval General,
H.3.3 Information Search and Retrieval},
contact = {Senden Sie eine E-Mail an Dennis.Przytarski@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {When, in 2008, Satoshi Nakamoto envisioned the first distributed database
management system that relied on cryptographically secured chain of blocks to
store data in an immutable and tamper-resistant manner, his primary use case
was the introduction of a digital currency. Owing to this use case, the
blockchain system was geared towards efficient storage of data, whereas the
processing of complex queries, such as provenance analyses of data history, is
out of focus. The increasing use of Internet of Things technologies and the
resulting digitization in many domains, however, have led to a plethora of
novel use cases for a secure digital ledger. For instance, in the healthcare
sector, blockchain systems are used for the secure storage and sharing of
electronic health records, while the food industry applies such systems to
enable a reliable food-chain traceability, e.g., to prove compliance with cold
chains. In these application domains, however, querying the current state is
not sufficient - comprehensive history queries are required instead. Due to
these altered usage modes involving more complex query types, it is
questionable whether today's blockchain systems are prepared for this type of
usage and whether such queries can be processed efficiently by them. In our
paper, we therefore investigate novel use cases for blockchain systems and
elicit their requirements towards a data store in terms of query capabilities.
We reflect the state of the art in terms of query support in blockchain systems
and assess whether it is capable of meeting the requirements of such more
sophisticated use cases. As a result, we identify future research challenges
with regard to query processing in blockchain systems.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2021-04&engl=0}
}
@article {ART-2020-19,
author = {Christoph Stach and Julia Br{\"a}cker and Rebecca Eichler and Corinna Giebler and Cl{\'e}mentine Gritti},
title = {{How to Provide High-Utility Time Series Data in a Privacy-Aware Manner: A VAULT to Manage Time Series Data}},
journal = {International Journal On Advances in Security},
editor = {Hans-Joachim Hof Hof and Birgit Gersbeck-Schierholz},
publisher = {IARIA},
volume = {13},
number = {3\&4},
pages = {1--21},
type = {Artikel in Zeitschrift},
month = {Dezember},
year = {2020},
issn = {1942-2636},
keywords = {Time Series Data; Privacy Filters; Aggregation; Interpolation; Smoothing; Information Emphasis; Noise; Data Quality; Authentication; Permission Model; Data Management},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Smart Services enrich many aspects of our daily lives, such as in the Ambient
Assisted Living (AAL) domain, where the well-being of patients is automatically
monitored, and patients have more autonomy as a result. A key enabler for such
services is the Internet of Things (IoT). Using IoT-enabled devices, large
amounts of (partly private) data are continuously captured, which can be then
gathered and analyzed by Smart Services. Although these services bring many
conveniences, they therefore also pose a serious threat to privacy. In order to
provide the highest quality of service, they need access to as many data as
possible and even reveal more private information due to in-depth data
analyses. To ensure privacy, however, data minimization is required. Users are
thus forced to balance between service quality and privacy. Current IoT privacy
approaches do not re{\"\i}ect this discrepancy properly. Furthermore, as users are
often not experienced in the proper handling of privacy mechanisms, this leads
to an overly restrictive behavior. Instead of charging users with privacy
control, we introduce VAULT, a novel approach towards a privacy-aware
management of sensitive data. Since in the IoT time series data have a special
position, VAULT is particularly tailored to this kind of data. It attempts to
achieve the best possible tradeoff between service quality and privacy for each
user. To this end, VAULT manages the data and enables a demand-based and
privacy-aware provision of the data, by applying appropriate privacy {\"\i}lters
which ful{\"\i}ll not only the quality requirements of the Smart Services but also
the privacy requirements of users. In doing so, VAULT pursues a Privacy by
Design approach.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2020-19&engl=0}
}
@article {ART-2019-21,
author = {Christoph Stach},
title = {{Datenschutzkonzepte f{\"u}r Zeitreihendaten: Bewertung von qualit{\"a}tsbewahrenden Transformationsoperatoren zum Schutz privater Datenmuster in IoT-Anwendungen}},
journal = {Datenschutz und Datensicherheit - DuD},
address = {Wiesbaden},
publisher = {Springer Fachmedien},
volume = {43},
number = {12},
pages = {753--759},
type = {Artikel in Zeitschrift},
month = {Dezember},
year = {2019},
issn = {1614-0702},
doi = {10.1007/s11623-019-1201-8},
keywords = {Datenschutz; Zeitreihendaten; IoT; DSGVO},
language = {Deutsch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
G.1.10 Numerical Analysis Applications},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Obwohl das Internet der Dinge (IoT) die Voraussetzung f{\"u}r smarte Anwendungen
schaft, die signifkante Vorteile gegen{\"u}ber traditionellen Anwendungen bieten,
stellt die zunehmende Verbreitung von IoT-f{\"a}higen Ger{\"a}ten auch eine immense
Gef{\"a}hrdung der Privatheit dar. IoT-Anwendungen sammeln eine Vielzahl an Daten
und senden diese zur Verarbeitung an ein Back-End. Hierbei werden umfangreiche
Erkenntnisse {\"u}ber den Nutzer gewonnen. Erst dieses Wissen erm{\"o}glicht die
Servicevielfalt, die IoT-Anwendungen bieten. Der Nutzer muss daher einen
Kompromiss aus Servicequalit{\"a}t und Datenschutz trefen. Heutige
Datenschutzans{\"a}tze ber{\"u}cksichtigen dies unzureichend und sind dadurch h{\"a}ufg
zu restriktiv. Daher stellen wir neue Konzepte zum Schutz privater Daten f{\"u}r
das IoT vor. Diese ber{\"u}cksichtigen die speziellen Eigenschaften von
IoT-Zeitreihendaten. So kann die Privatheit des Nutzers gew{\"a}hrleistet werden,
ohne die Servicequalit{\"a}t unn{\"o}tig einzuschr{\"a}nken.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2019-21&engl=0}
}
@article {ART-2016-06,
author = {Christoph Gr{\"o}ger and Christoph Stach and Bernhard Mitschang and Engelbert Westk{\"a}mper},
title = {{A mobile dashboard for analytics-based information provisioning on the shop floor}},
journal = {International Journal of Computer Integrated Manufacturing},
publisher = {Taylor \& Francis Inc.},
pages = {1--20},
type = {Artikel in Zeitschrift},
month = {Mai},
year = {2016},
doi = {10.1080/0951192X.2016.1187292},
keywords = {dashboard; cockpit; process optimisation; data analytics; business intelligence; data mining},
language = {Englisch},
cr-category = {H.4.0 Information Systems Applications General,
J.2 Physical Sciences and Engineering},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Today's turbulent global environment requires agility and flexibility of
manufacturing companies to stay competitive. Thus, employees have to monitor
their performance continuously and react quickly to turbulences which demands
real-time information provisioning across all hierarchy levels. However,
existing manufacturing IT systems, for example, manufacturing execution systems
(MES), do hardly address information needs of individual employees on the shop
floor. Besides, they do not exploit advanced analytics to generate novel
insights for process optimisation. To address these issues, the operational
process dashboard for manufacturing (OPDM) is presented, a mobile
data-mining-based dashboard for workers and supervisors on the shop floor. It
enables proactive optimisation by providing analytical information anywhere and
anytime in the factory. In this paper, first, user groups and conceptual
dashboard services are defined. Then, IT design issues of a mobile shop floor
application on top of the advanced manufacturing analytics platform are
investigated in order to realise the OPDM. This comprises the evaluation of
different types of mobile devices, the development of an appropriate context
model and the investigation of security issues. Finally, an evaluation in an
automotive industry case is presented using a prototype in order to demonstrate
the benefits of the OPDM for data-driven process improvement and agility in
manufacturing.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2016-06&engl=0}
}
@article {ART-2015-05,
author = {Christoph Stach and Bernhard Mitschang},
title = {{Der Secure Data Container (SDC)}},
journal = {Datenbank-Spektrum},
address = {Berlin, Heidelberg},
publisher = {Springer Verlag},
volume = {15},
number = {2},
pages = {109--118},
type = {Artikel in Zeitschrift},
month = {Juli},
year = {2015},
issn = {1618-2162},
doi = {10.1007/s13222-015-0189-y},
keywords = {Datenschutz; Schutzziele; PMP-Erweiterung; Datencontainer; Evaluation},
language = {Deutsch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Mobile Endger{\"a}te wurden zu Marc Weisers Computer des 21. Jahrhunderts, da sie
als dauerhaft verf{\"u}gbare Informationsquelle Einzug in unseren Alltag gehalten
haben. Auf ihnen treffen private Daten (z.B. Fotos) auf Kontextdaten (z.B.
Standortdaten); verkn{\"u}pft stellen diese ein immenses Sicherheitsrisiko dar. Wie
eine Vielzahl an Datendiebst{\"a}hlen belegt, reichen die existierenden
Datensicherheitssysteme f{\"u}r Mobilplattformen bei weitem nicht aus. Daher bedarf
es einer Identifikation m{\"o}glicher Angriffsvektoren sowie einer Analyse der
speziellen Schutzziele eines solchen Systems. Darauf basierend wird die Privacy
Management Platform, ein Berechtigungssystem, mithilfe des neu eingef{\"u}hrten
Secure Data Containers zu einem ganzheitlichen Datensicherheitssystem
erweitert. Dabei zeigt sich, dass diese Kombination alle Schutzziele erf{\"u}llt
und dennoch hochperformant ist. Obwohl die vorgestellten Prototypen auf Android
basieren, ist das Konzept auch auf andere App-Plattformen anwendbar.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2015-05&engl=0}
}
@article {ART-2012-24,
author = {Christoph Stach},
title = {{Gamework A Framework Approach for Customizable Pervasive Applications}},
journal = {International Journal of Computer Information Systems and Industrial Management Applications},
publisher = {MIR Labs},
volume = {4},
pages = {66--75},
type = {Artikel in Zeitschrift},
month = {Juli},
year = {2012},
issn = {2150-7988},
keywords = {Mobile Services; Pervasive Multi-player Games; Customizable Framework; Data Analysis and Improvement.},
language = {Englisch},
cr-category = {D.3.3 Programming Language Constructs and Features,
D.2.13 Software Engineering Reusable Software,
K.8 Personal Computing},
contact = {Senden Sie eine E-Mail an christoph.stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The number of pervasive games is growing. In a pervasive game players have to
interact with their environment in order to control their avatar. While in the
past such a game required immense hardware equipment, nowadays, Smartphones
have all required functionality built-in already. In addition, there is an
upcoming trend towards software, supported with new content and knowledge by an
active community. By combining these two trends, a new genre for computer games
arises, targeting not only established gamers but also a new audience. In this
paper we present a framework for pervasive games that support various
customization techniques. Therefore, we divided the techniques into four
classes depending on the players technical knowledge and scale of adaption
potential. Further, we present two customizable pervasive games we have
implemented using the framework. Concluding, we show the potential of these
games as well as the potential of our framework. We also report on early
experiences in exploiting the customization approach of our framework.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=ART-2012-24&engl=0}
}
@inbook {INBOOK-2019-03,
author = {Christoph Stach and Frank Steimle and Bernhard Mitschang},
title = {{How to Realize Device Interoperability and Information Security in mHealth Applications}},
series = {Biomedical Engineering Systems and Technologies},
address = {Cham},
publisher = {Springer Nature},
series = {Communications in Computer and Information Science},
volume = {1024},
pages = {213--237},
type = {Beitrag in Buch},
month = {August},
year = {2019},
isbn = {978-3-030-29195-2},
doi = {10.1007/978-3-030-29196-9_12},
keywords = {mHealth; Device interoperability; Information security; COPD},
language = {Englisch},
cr-category = {H.5.0 Information Interfaces and Presentation General,
K.6.5 Security and Protection,
K.8 Personal Computing},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {More and more people suffer from chronic diseases such as the chronic
obstructive pulmonary disease (COPD). This leads to very high treatment costs
every year, as such patients require a periodic screening of their condition.
However, many of these checks can be performed at home by the patients
themselves. This enables physicians to focus on actual emergencies. Modern
smart devices such as Smartphones contribute to the success of these
telemedical approaches. So-called mHealth apps combine the usability and
versatility of Smartphones with the high accuracy and reliability of medical
devices for home use. However, patients often face the problem of how to
connect medical devices to their Smartphones (the device interoperability
problem). Moreover, many patients reject mHealth apps due to the lack of
control over their sensitive health data (the information security problem).
In our work, we discuss the usage of the Privacy Management Platform (PMP) to
solve these problems. So, we describe the structure of mHealth apps and present
a real-world COPD application. From this application we derive relevant
functions of an mHealth app, in which device interoperability or information
security is an issue. We extend the PMP in order to provide support for these
recurring functions. Finally, we evaluate the utility of these PMP extensions
based on the real-world mHealth app.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INBOOK-2019-03&engl=0}
}
@inbook {INBOOK-2019-02,
author = {Christoph Stach and Bernhard Mitschang},
title = {{Elicitation of Privacy Requirements for the Internet of Things Using ACCESSORS}},
series = {Information Systems Security and Privacy},
address = {Cham},
publisher = {Springer Nature},
series = {Communications in Computer and Information Science},
volume = {977},
pages = {40--65},
type = {Beitrag in Buch},
month = {Juli},
year = {2019},
isbn = {978-3-030-25108-6},
doi = {10.1007/978-3-030-25109-3_3},
keywords = {Permission model; Data-centric; Derivation transparent; Fine-grained; Context-sensitive; Internet of Things; PMP; PATRON},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Novel smart devices are equipped with various sensors to capture context data.
The Internet of Things (IoT) connects these devices with each other in order to
bring together data from various domains. Due to the IoT, new application areas
come up continuously. For instance, the quality of life and living can be
significantly improved by installing connected and remote-controlled devices in
Smart Homes. Or the treatment of chronic diseases can be made more convenient
for both, patients and physicians, by using Smart Health technologies.
For this, however, a large amount of data has to be collected, shared, and
combined. This gathered data provides detailed insights into the user of the
devices. Therefore, privacy is a key issue for such IoT applications. As
current privacy systems for mobile devices focus on a single device only, they
cannot be applied to a distributed and highly interconnected environment as the
IoT. Therefore, we determine the special requirements towards a permission
models for the IoT. Based on this requirements specification, we introduce
ACCESSORS, a data-centric permission model for the IoT and describe how to
apply such a model to two promising privacy systems for the IoT, namely the
Privacy Management Platform (PMP) and PATRON.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INBOOK-2019-02&engl=0}
}
@inbook {INBOOK-2019-01,
author = {Christoph Stach},
title = {{Fine-Grained Privacy Control for Fitness and Health Applications Using the Privacy Management Platform}},
series = {Information Systems Security and Privacy},
address = {Cham},
publisher = {Springer Nature},
series = {Communications in Computer and Information Science},
volume = {977},
pages = {1--25},
type = {Beitrag in Buch},
month = {Juli},
year = {2019},
isbn = {978-3-030-25108-6},
doi = {10.1007/978-3-030-25109-3_1},
keywords = {Smartbands; Health and Fitness Applications; Privacy Concerns; Bluetooth; Internet; Privacy Policy Model; Privacy Management Platform},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
D.4.6 Operating Systems Security and Protection,
K.8 Personal Computing},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {Due to the Internet of Things, novel types of sensors are integrated into
everyday objects. A domain that benefits most is the fitness and health domain.
With the advent of the so-called Smartbands - i.e., bracelets or watches with
built-in sensors such as heart rate sensors, location sensors, or even glucose
meters - novel fitness and health application are made possible. That way a
quantified self can be created. Despite all the advantages that such
applications entail, new privacy concerns arise.
These applications collect and process sensitive health data. Users are
concerned by reports about privacy violations. These violations are enabled by
inherent security vulnerabilities and deficiencies in the privacy systems of
mobile platforms. As none of the existing privacy approaches is designed for
the novel challenges arising from Smartband applications, we discuss, how the
Privacy Policy Model (PPM), a fine-grained and modular expandable permission
model, can be applied to this application area. This model is implemented in
the Privacy Management Platform (PMP). Thus the outcomes of this work can be
leveraged directly. Evaluation results underline the benefits of our work for
Smartband applications.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INBOOK-2019-01&engl=0}
}
@inbook {INBOOK-2017-03,
author = {Christoph Stach and Frank Steimle and Ana Cristina Franco da Silva},
title = {{TIROL: The Extensible Interconnectivity Layer for mHealth Applications}},
series = {Information and Software Technologies: 23nd International Conference, ICIST 2017, Druskininkai, Lithuania, October 12-14, 2017, Proceedings},
address = {Cham},
publisher = {Springer International Publishing},
series = {Communications in Computer and Information Science},
pages = {1--12},
type = {Beitrag in Buch},
month = {Oktober},
year = {2017},
keywords = {mHealth; medical devices; harmonization; interconnectivity layer},
language = {Englisch},
cr-category = {K.4.1 Computers and Society Public Policy Issues,
J.3 Life and Medical Sciences},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware},
abstract = {The prevalence of various chronic conditions is on the rise. Periodic
screenings and a persistent therapy are necessary in order to aid the patients.
Increasing medical costs and overburdened physicians are the consequences. A
telemedical self-management of the illness is considered as the answer to this
problem. For this purpose mHealth applications, i.e., the synergy of common
smartphones and medical metering devices, are vitally needed. However, poor
device interoperability due to heterogeneous connectivity methods hamper the
usage of such applications. For this very reason, we introduce the concept for
an exTensible InteRcOnnectivity Layer (TIROL) to deal with the
interconnectivity issues of mHealth applications. Furthermore, we present a
prototypical implementation for TIROL to demonstrate the benefits of our
approach.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=INBOOK-2017-03&engl=0}
}
@book {BOOK-2023-02,
editor = {Christoph Stach and Cl{\'e}mentine Gritti},
title = {{Security and Privacy in Blockchains and the IoT II}},
address = {Basel, Beijing, Wuhan, Barcelona, Belgrade, Novi Sad, Cluj, Manchester},
publisher = {MDPI},
series = {Future Internet},
pages = {480},
type = {Buch},
month = {September},
year = {2023},
isbn = {978-3-0365-8772-1},
doi = {10.3390/books978-3-0365-8773-8},
keywords = {authentication; blockchain; demand-driven data provision; digital signatures; distributed ledger technology; encryption; Internet of Things; privacy-aware data processing; secure data management; smart things},
language = {Englisch},
cr-category = {K.6.5 Security and Protection,
K.4.1 Computers and Society Public Policy Issues},
ee = {https://www.mdpi.com/books/book/7885},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware;
Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme},
abstract = {In this age of data-driven transformation, where the fusion of blockchain
technologies and the Internet of Things (IoT) is shaping the fabric of our
digital society, the need for security and privacy has never been more
important. This Special Issue delves into the intricate confluence of these two
disruptive forces and provides a comprehensive overview of security and privacy
aspects in this regard. Focusing on protection goals such as confidentiality,
integrity, availability, and privacy, this compilation encapsulates the essence
of these multi-layered challenges. Ranging from complex data-driven
applications and smart services to novel approaches that enhance security and
privacy in the context of blockchain technologies and the IoT, the research
articles and literature reviews presented here offer a sophisticated mesh of
insights. Innovative solutions are highlighted from a variety of perspectives,
and challenges such as secure data transmission, confidential communication,
and tamper-proof data storage are explored.
In this way, this Special Issue is a beacon for practitioners, researchers, and
technology enthusiasts. Developers seeking to harness the potential of
blockchain technology and IoT find rich insights while users get a
comprehensive overview of the latest research and trends. The symphony of
interdisciplinary knowledge presented here creates a harmonious blend of theory
and practice, highlighting the intricate interdependencies between
technological advances and the need for security and privacy.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=BOOK-2023-02&engl=0}
}
@book {BOOK-2023-01,
editor = {Christoph Stach},
title = {{Security and Privacy in Blockchains and the IoT}},
address = {Basel, Beijing, Wuhan, Barcelona, Belgrade, Manchester, Tokyo, Cluj, Tianjin},
publisher = {MDPI},
series = {Future Internet},
pages = {166},
type = {Buch},
month = {Januar},
year = {2023},
isbn = {978-3-0365-6251-3},
doi = {10.3390/books978-3-0365-6252-0},
keywords = {Blockchain; IoT; Confidentiality; Integrity; Authenticity; Access Control; Security; Privacy; Efficient Blockchain Technologies; Trustworthy Smart Services; Privacy-Aware Machine Learning; Data Protection Laws},
language = {Englisch},
cr-category = {K.6.5 Security and Protection,
K.4.1 Computers and Society Public Policy Issues},
ee = {https://www.mdpi.com/books/book/6686},
contact = {Senden Sie eine E-Mail an Christoph.Stach@ipvs.uni-stuttgart.de.},
department = {Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme, Anwendersoftware;
Universit{\"a}t Stuttgart, Institut f{\"u}r Parallele und Verteilte Systeme},
abstract = {In this day and age, data have become an immensely valuable resource. They are
the key driver that puts the smart into smart services. This is fundamentally
fueled by two technological achievements, namely the Internet of Things (IoT),
which enables continuous and comprehensive collection of all kinds of data, and
blockchain technologies, which provide secure data management and exchange. In
addition to those information security measures, however, data privacy
solutions are also required to protect the involved sensitive data. In this
book, eight research papers address security and privacy challenges when
dealing with blockchain technologies and the IoT. Concerning the IoT, solutions
are presented on how IoT group communication can be secured and how trust
within IoT applications can be increased. In the context of blockchain
technologies, approaches are introduced on how query processing capabilities
can be enhanced and how a proof-of-work consensus protocol can be efficiently
applied in IoT environments. Furthermore, it is discussed how blockchain
technologies can be used in IoT environments to control access to confidential
IoT data as well as to enable privacy-aware data sharing. Finally, two reviews
give an overview of the state of the art in in-app activity recognition based
on convolutional neural networks and the prospects for blockchain technology
applications in ambient assisted living.},
url = {http://www2.informatik.uni-stuttgart.de/cgi-bin/NCSTRL/NCSTRL_view.pl?id=BOOK-2023-01&engl=0}
}