13 research outputs found
Dynamic Access Control in Industry 4.0 Systems
Industry 4.0 enacts ad-hoc cooperation between machines, humans, and organizations in supply and production chains. The cooperation goes beyond rigid hierarchical process structures and increases the levels of efficiency, customization, and individualisation of end-products.
Efficient processing and cooperation requires exploiting various sensor and process data and sharing them across various entities including computer systems, machines, mobile devices, humans, and organisations.
Access control is a common security mechanism to control data sharing between involved parties.
However, access control to virtual resources is not sufficient in presence of Industry 4.0 because physical access has a considerable effect on the protection of information and systems.
In addition, access control mechanisms have to become capable of handling dynamically changing situations arising from ad-hoc horizontal cooperation or changes in the environment of Industry 4.0 systems.
Established access control mechanisms do not consider dynamic changes and the combination with physical access control yet.
Approaches trying to address these shortcomings exist but often do not consider how to get information such as the sensitivity of exchanged information.
This chapter proposes a novel approach to control physical and virtual access tied to the dynamics of custom product engineering, hence, establishing confidentiality in ad-hoc horizontal processes.
The approach combines static design-time analyses to discover data properties with a dynamic runtime access control approach that evaluates policies protecting virtual and physical assets.
The runtime part uses data properties derived from the static design-time analysis, as well as the environment or system status to decide about access
Automated Cloud-to-Cloud Migration of Distributed Software Systems for Privacy Compliance
Mit der ständig wachsenden Zahl von verteilten Cloudanwendungen und immer mehr Datenschutzverordnungen wächst das Interesse an legalen Cloudanwendungen. Jedoch ist vielen Betreibern der Legalitätsstatus ihrer Anwendung nicht bekannt. In 2018 wird die neue EU Datenschutzverordnung in Kraft treten. Diese Verordnung beinhaltet empfindliche Strafen für Datenschutzverletzungen. Einer der wichtigsten Faktoren für die Einhaltung der Datenschutzverordnung ist die Verarbeitung von Stammdaten von EU-Bürgern innerhalb der EU. Wir haben für diese Regelung eine Privacy Analyse entwickelt, formalisiert, implementiert und evaluiert. Außerdem haben wir mit iObserve Privacy ein System nach dem MAPE-Prinzip entwickelt, das automatisch Datenschutzverletzungen erkennt und ein alternatives, datenschutzkonformes Systemhosting errechnet. Zudem migriert iObserve Privacy die Cloudanwendung entsprechend dem alternativen Hosting automatisch. Hierdurch können wir eine rechtskonforme Verteilung der Cloudanwendung gewährleisten, ohne das System in seiner Tiefe zu analysieren oder zu verstehen. Jedoch benötigen wir die Closed World Assumption. Wir benutzen PerOpteryx für die Generierung von rechtskonformen, alternativen Hostings. Basierend auf diesem Hosting errechnen wir eine Sequenz von Adaptionsschritten zur Wiedererlangung der Rechtskonformität. Wenn Fehler auftreten, nutzen wir das Operator-in-the-loop Prinzip von iObserve. Als Datengrundlage nutzen wir das Palladio Component Model. In dieser Arbeit beschreiben wir detailliert die Konzepte, weisen auf Implementierungsdetails hin und evaluieren iObserve nach Präzision und Skalierbarkeit
CONDA-PM -- A Systematic Review and Framework for Concept Drift Analysis in Process Mining
Business processes evolve over time to adapt to changing business
environments. This requires continuous monitoring of business processes to gain
insights into whether they conform to the intended design or deviate from it.
The situation when a business process changes while being analysed is denoted
as Concept Drift. Its analysis is concerned with studying how a business
process changes, in terms of detecting and localising changes and studying the
effects of the latter. Concept drift analysis is crucial to enable early
detection and management of changes, that is, whether to promote a change to
become part of an improved process, or to reject the change and make decisions
to mitigate its effects. Despite its importance, there exists no comprehensive
framework for analysing concept drift types, affected process perspectives, and
granularity levels of a business process. This article proposes the CONcept
Drift Analysis in Process Mining (CONDA-PM) framework describing phases and
requirements of a concept drift analysis approach. CONDA-PM was derived from a
Systematic Literature Review (SLR) of current approaches analysing concept
drift. We apply the CONDA-PM framework on current approaches to concept drift
analysis and evaluate their maturity. Applying CONDA-PM framework highlights
areas where research is needed to complement existing efforts.Comment: 45 pages, 11 tables, 13 figure
Evaluating the impact of physical activity apps and wearables: interdisciplinary review
Background: Although many smartphone apps and wearables have been designed to improve physical activity, their rapidly evolving nature and complexity present challenges for evaluating their impact. Traditional methodologies, such as randomized controlled trials (RCTs), can be slow. To keep pace with rapid technological development, evaluations of mobile health technologies must be efficient. Rapid alternative research designs have been proposed, and efficient in-app data collection methods, including in-device sensors and device-generated logs, are available. Along with effectiveness, it is important to measure engagement (ie, users’ interaction and usage behavior) and acceptability (ie, users’ subjective perceptions and experiences) to help explain how and why apps and wearables work.
Objectives: This study aimed to (1) explore the extent to which evaluations of physical activity apps and wearables: employ rapid research designs; assess engagement, acceptability, as well as effectiveness; use efficient data collection methods; and (2) describe which dimensions of engagement and acceptability are assessed.
Method: An interdisciplinary scoping review using 8 databases from health and computing sciences. Included studies measured physical activity, and evaluated physical activity apps or wearables that provided sensor-based feedback. Results were analyzed using descriptive numerical summaries, chi-square testing, and qualitative thematic analysis.
Results: A total of 1829 abstracts were screened, and 858 articles read in full. Of 111 included studies, 61 (55.0%) were published between 2015 and 2017. Most (55.0%, 61/111) were RCTs, and only 2 studies (1.8%) used rapid research designs: 1 single-case design and 1 multiphase optimization strategy. Other research designs included 23 (22.5%) repeated measures designs, 11 (9.9%) nonrandomized group designs, 10 (9.0%) case studies, and 4 (3.6%) observational studies. Less than one-third of the studies (32.0%, 35/111) investigated effectiveness, engagement, and acceptability together. To measure physical activity, most studies (90.1%, 101/111) employed sensors (either in-device [67.6%, 75/111] or external [23.4%, 26/111]). RCTs were more likely to employ external sensors (accelerometers: P=.005). Studies that assessed engagement (52.3%, 58/111) mostly used device-generated logs (91%, 53/58) to measure the frequency, depth, and length of engagement. Studies that assessed acceptability (57.7%, 64/111) most often used questionnaires (64%, 42/64) and/or qualitative methods (53%, 34/64) to explore appreciation, perceived effectiveness and usefulness, satisfaction, intention to continue use, and social acceptability. Some studies (14.4%, 16/111) assessed dimensions more closely related to usability (ie, burden of sensor wear and use, interface complexity, and perceived technical performance).
Conclusions: The rapid increase of research into the impact of physical activity apps and wearables means that evaluation guidelines are urgently needed to promote efficiency through the use of rapid research designs, in-device sensors and user-logs to assess effectiveness, engagement, and acceptability. Screening articles was time-consuming because reporting across health and computing sciences lacked standardization. Reporting guidelines are therefore needed to facilitate the synthesis of evidence across disciplines
Domain Objects and Microservices for Systems Development: a roadmap
This paper discusses a roadmap to investigate Domain Objects being an
adequate formalism to capture the peculiarity of microservice architecture, and
to support Software development since the early stages. It provides a survey of
both Microservices and Domain Objects, and it discusses plans and reflections
on how to investigate whether a modeling approach suited to adaptable
service-based components can also be applied with success to the microservice
scenario