Investigating in Security Solutions - Can Qualified Electronic Signatures be Profitable for Mobile Operators?

Electronic signatures are an established method to ensure the integrity and accountability of electronic transactions. Realizing their potential, the European Parliament and the Council enacted the directive 1999/93/EC in 1999, providing legal requirements for a common introduction of electronic signatures in Europe. However, so far the signature market has failed miserably. Mobile electronic signatures are often seen as a potential and promising way to provide market acceptance for electronic signatures. This paper proposes an infrastructure for qualified mobile electronic signatures that does not require the mobile operator to act as a certificate service provider (CSP). The user can freely choose a CSP and add the signature functionality along with the required certificates later on demand. However, mobile operators will only invest in this infrastructure, if they expect a return on investment (ROI). Therefore, based on our proposed infrastructure and using distinct scenarios, we conducted an investment analysis for mobile operators forecasting the net present value and the internal rate of return of the investment. Our forecast shows that issuing signature capable smart cards can be quite profitable for a mobile operator

Designing Viable Security Solutions

Technological solutions that address issues like security, privacy and reliability have been developed by companies and inresearch projects. However, they often appear disconnected from markets, user needs and economic contexts. As a resultseveral security and privacy technologies have become market failures in recent years. Economic issues are often neglectedby technology developers. Instead security solutions continue to be designed with technological factors in mind, valuingincreases in security guarantees and even technical complexity over practical relevance. This paper argues that the widelylamented failure of many security solutions in the market is due to an overly technology- and complexity-driven designapproach. Building on a literature review, we derive a set of factors influencing the viability of security solutions in themarket, and thus the overall security level. We build on earlier approaches and findings from IT security and relateddisciplines, but integrate them in a larger paradigmatic framework targeting specifically the security domain

Mobiles ortsbezogenes Projektmanagement

Classic project management and its tools usually deal with the management of three variables, and their relationships with each other. These are the factors of time, resources (cost) and quality. If one of the variables is to be improved, it always has negative effects on the other two. However, these factors only partially describe the reality of project management. What current project management tools often only consider implicitly is the location of an activity. In this paper, the implications of using location data for project management are clarified and a system that offers mobile support in planning and implementing projects. ----- Klassisches Projektmanagement und seine Werkzeuge befassen sich meist mit der Verwaltung dreier Gr\"o{\ss}en und ihrer Zusammenh\"ange untereinander. Dabei handelt es sich um die Faktoren Zeit, Ressourcen (Kosten) und Qualit\"at. Falls eine der Gr\"o{\ss}en verbessert werden soll, hat dies immer negative Auswirkungen auf die anderen beiden Gr\"o{\ss}en. Diese Gr\"o{\ss}en beschreiben die Ph\"anomene des Projektmanagement jedoch nur unvollst\"andig. Was bei Projektmanagementwerkzeugen bis dato oft nur implizit durch den Projektleiter einbezogen wird ist ein Ortsbezug. In diesem Beitrag werden die Implikationen durch diesen Ortsbezug konkretisiert und ein System dargestellt, welches Projektleiter bei der Planung und Umsetzung von Projekten mobil wie auch station\"ar unterst\"utzt.Comment: 5 pages, in German; preprint, to appear in GI/ITG KuVS Fachgespr\"ach "Ortsbezogene Anwendungen und Dienste" 201

Mobile Brokerage Infastructures - Capabilities and Security Requirements

This paper investigates the potential of integrated mobile financial information and transaction services which can help private investors in making time-critical investment decisions and portfolio transactions in time. The analysis of intraday stock price reactions following company announcements provides evidence regarding the added value of such services if abnormal price movements can be observed. As efficient capital markets react very quickly to new information available, private investors require combined mobile notification and transaction services. So far, existing concepts can not fulfill these requirements which results from inappropriate implementation of the security mechanisms in order to realize secure and trustworthy processing. After identifying potential weaknesses of current solutions we introduce an adequate system infrastructure which can realize secure information and transaction processing in time by permitting a smart integration of notification and transaction services

Teaching case: Leading the change - ERP implementation at Keda

Recently, several disasters have affected the tourism industry. In order to mitigate the effects of disasters, increasing the level of preparedness is essential. However, despite the devastating effect disasters can have on tourism, few tourism organizations have properly developed disaster strategies as an integral part of their business plans. Emergency management systems that utilize mobile communication infrastructures can provide prompt information delivery to save human lives. Several supra-national initiatives and research projects are working on possibilities to facilitate mobile communication networks for emergency management systems. However, the success of such systems depends on users being familiar with the service, which is difficult to achieve, if the system is solely used for emergency management. Therefore, we propose a system design that allows the integration of mobile value-adding services. We also present exemplary services, which offer value to tourists and create business opportunities for the tourism industry. The central component of our proposed system design is a service platform, which communicates with mobile network operators and provides basic services for service providers from the tourism industry and the emergency manager via service interfaces

The Economic Impact of Privacy Violations and Security Breaches

Privacy and security incidents represent a serious threat for a company’s business success. While previous research in this area mainly investigated second-order effects (e.g., capital market reactions to privacy or security incidents), this study focuses on first-order effects, that is, the direct consumer reaction. In a laboratory experiment, the authors distinguish between the impact of privacy violations and security breaches on the subjects’ trust and behavior. They provide evidence for the so-called “privacy paradox” which describes that people’s intentions, with regard to privacy, differ from their actual behavior. While privacy is of prime importance for building trust, the actual behavior is affected less and customers value security higher when it comes to actual decision making. According to the results, consumers’ privacy related intention-behavior gap persists after the privacy breach occurred

Electron population dynamics in resonant non-linear x-ray absorption in nickel at a free-electron laser

Free-electron lasers provide bright, ultrashort, and monochromatic x-ray pulses, enabling novel spectroscopic measurements not only with femtosecond temporal resolution: The high fluence of their x-ray pulses can also easily enter the regime of the non-linear x-ray–matter interaction. Entering this regime necessitates a rigorous analysis and reliable prediction of the relevant non-linear processes for future experiment designs. Here, we show non-linear changes in the L3-edge absorption of metallic nickel thin films, measured with fluences up to 60 J/cm2. We present a simple but predictive rate model that quantitatively describes spectral changes based on the evolution of electronic populations within the pulse duration. Despite its simplicity, the model reaches good agreement with experimental results over more than three orders of magnitude in fluence, while providing a straightforward understanding of the interplay of physical processes driving the non-linear changes. Our findings provide important insights for the design and evaluation of future high-fluence free-electron laser experiments and contribute to the understanding of non-linear electron dynamics in x-ray absorption processes in solids at the femtosecond timescale

Photon shot-noise limited transient absorption soft X-ray spectroscopy at the European XFEL

Femtosecond transient soft X-ray Absorption Spectroscopy (XAS) is a very promising technique that can be employed at X-ray Free Electron Lasers (FELs) to investigate out-of-equilibrium dynamics for material and energy research. Here we present a dedicated setup for soft X-rays available at the Spectroscopy & Coherent Scattering (SCS) instrument at the European X-ray Free Electron Laser (EuXFEL). It consists of a beam-splitting off-axis zone plate (BOZ) used in transmission to create three copies of the incoming beam, which are used to measure the transmitted intensity through the excited and unexcited sample, as well as to monitor the incoming intensity. Since these three intensity signals are detected shot-by-shot and simultaneously, this setup allows normalized shot-by-shot analysis of the transmission. For photon detection, the DSSC imaging detector, which is capable of recording up to 800 images at 4.5 MHz frame rate during the FEL burst, is employed and allows approaching the photon shot-noise limit. We review the setup and its capabilities, as well as the online and offline analysis tools provided to users.Comment: 11 figure