14 research outputs found
A Concept for a Trustworthy Integration of Smartphones in Business Environments
Smartphones are commonly used within business environments nowadays. They provide sophisticated communicational means which go far beyond simple telephone capabilities. Email access and particular apps on the device are examples of their versatile abilities. While these features allow them to be used in a very flexible way, e.g. in different infrastructures, they impose new threats to their surrounding infrastructure. For example, if used in an environment which allows the installation of custom apps, malicious software may be placed on the device. In order to mitigate these threats, a detailed awareness combined with the possibility to enforce certain constraints on such devices need to be established. In detail, it is necessary to include such devices into a decision making process which decides about the policy compliance of such devices. The policy used in this process defines the rules which apply to the particular infrastructure, e.g. if custom apps are allowed or if a specific software version may not be allowed. However, even when relying on this process, there is one limitation as it does not include a trust-based evaluation. This leads to the problem that a malicious smartphone might compromise the information used for the decision making process which should determine the policy compliance of this device. This renders the overall approach ineffective as the decision wether a device is policy compliant or not may be false. Given that, the thesis presented here provides means to evaluate the trustworthiness of such information to allow a trustworthy decision making about the policy compliance. It therefore introduces two things: (1) a generic trust model for such environments and (2) a domain-specific extension called Trustworthy Context-related Signature and Anomaly Detection system for Smartphones (TCADS). The trust model (1) allows to specify, to calculate and to evaluate trust for the information used by the decision making process. More in detail, the trust founding process of (1) is done by introducing so-called security properties which allow to rate the trustworthiness of certain aspects. The trust model does not limit these aspects to a particular type. That is, device-specific aspects like the number of installed apps or the current version of the operating system may be used as well as device independent aspects like communicational parameters. The security properties defined in (1) are then used to calculate an overall trust level, which provides an evaluable representation of trust for the information used by the decision making process. The domain-specific extension (2) uses the trust model and provides a deployable trust-aware decision making solution for smartphone environments. The resulting system, TCADS, allows not only to consider trust within the decisions about the policy compliance but also enables to base the decisions solely on the trust itself. Besides the theoretical specification of the trust model (1) and the domain-specific extension (2), a proof of concept implementation is given. This implementation leverages both, the abilities of the generic trust model (1) as well as the abilities of the TCADS system (2), thus providing a deployable set of programs. Using this proof of concept implementation, an assessment shows the benefits of the proposed concept and its practical relevance. A conclusion and an outlook to future work extending this approach is given at the end of this thesis.Smartphones sind in heutigen Unternehmensnetzen mittlerweile nicht mehr wegzudenken. Über einfache Telefonie-basierte Fähigkeiten hinaus bieten sie Eigenschaften wie zum Beispiel Email-Zugriff oder hohe Anpassbarkeit auf Basis von Apps. Obwohl diese Funktionalitäten eine vielseitige Nutzung solcher Smartphones erlauben, stellen sie gleichzeitig eine neuartige Bedrohung für die umgebende Infrastruktur dar. Erlaubt eine spezifische Umgebung beispielsweise die Installation von eigenen Apps auf dem Smartphone, so ist es über diesen Weg möglich, Schadprogramme auf dem Gerät zu platzieren. Um diesen Bedrohungen entgegenzuwirken, ist es zum einen nötig Smartphones in der jeweiligen Umgebung zu erkennen und zum anderen, Richtlinien auf den jeweiligen Geräten durchsetzen zu können. Die durchzusetzenden Richtlinien legen fest, welche Einschränkungen für die jeweilige Umgebung gelten, z.B. die Erlaubnis zur Installation von eigenen Apps oder die Benutzung einer bestimmten Softwareversion. Aber auch wenn eine entsprechende Lösung zur Einbeziehung von Smartphones in die Infrastruktur verwendet wird, bleibt ein Problem ungelöst: die Betrachtung der Vertrauenswürdigkeit von durch das Smartphone bereitgestellten Informationen. Diese Einschränkung führt zu dem Problem, dass ein entsprechend kompromittiertes Smartphone die Informationen, welche zur Entscheidungsfindung über die Richtlinienkonformität des Gerätes verwendet werden, in einer Art und Weise ändert, welche den gesamten Entscheidungsprozess ineffizient und somit wirkungslos macht. Die hier vorliegende Arbeit stellt daher einen neuen Ansatz vor um einen vertrauenswürdigen Entscheidungsprozess zur Regelkonformität des Gerätes zu ermöglichen. Im Detail werden dazu zwei Ansätze vorgestellt: (1) Ein generisches Modell für Vertrauensürdigkeit sowie eine (2) domänenspezifische Abbildung dieses Modells, welches als Trustworthy Context-related Signature and Anomaly Detection system for Smartphones (TCADS) bezeichnet wird. Das Modell für Vertrauenswürdigkeit (1) erlaubt die Definition, Berechnung und Auswertung von Vetrauenswürdigkeit für Informationen welche im Entscheidungsprozess verwendet werden. Im Detail basiert die Vertrauenswürdigkeitsbestimmung auf Grundfaktoren für Vertrauen, den sogenannten Sicherheitseigenschaften. Diese Eigenschaften bewerten die Vertrauenswürdigkeit anhand von bestimmten Aspekten die entweder gerätespezifisch und Geräteunabhängig sein können. Basierend auf dieser Bewertung wird dann eine Gesamtvertrauenswürdigkeit, der sogenannte Trust Level berechnet. Dieser Trust Level erlaubt die Berücksichtigung der Vertrauenswürdigkeit bei der Entscheidungsfindung. Teil (2) der Lösung stellt, basierend auf dem Modell der Vertrauenswürdigkeit, ein System zur vertrauensbasierten Entscheidungsfindung in Smartphone Umgebungen bereit. Mit diesem System, TCADS, ist es nicht nur möglich, Entscheidungen auf ihre Korrektheit bezüglich der Vertrauenswürdigkeit zu prüfen, sondern auch Entscheidungen komplett auf Basis der Vertrauenswürdigkeit zu fällen. Neben dem allgemeingültigen Modell (1) und dem daraus resultierenden domänenspezifischen System (2), stellt die Arbeit außerdem einen Tragfähigkeitsnachweis in Form einer Referenzimplementierung bereit. Diese Implementierung nutzt sowohl Fähigkeiten des Modells der Vertrauenswürdigkeit (1) als auch des TCADS Systems (2) und stellt ein nutzbares Set von Programmen bereit. Eine Evaluierung basierend auf diesem Tragfähigkeitsnachweis zeigt die Vorteile und die Praktikabilität der vorgestellten Ansätze. Abschließend findet sich eine Zusammenfassung der Arbeit sowie ein Ausblick auf weiterführende Fragestellungen
Supergranule aggregation for constant heat flux-driven turbulent convection
Turbulent convection processes in nature are often found to be organized in a
hierarchy of plume structures and flow patterns. The gradual aggregation of
convection cells or granules to a supergranule which eventually fills the whole
horizontal layer is reported and analysed in spectral element direct numerical
simulations of three-dimensional turbulent Rayleigh-B\'{e}nard convection at an
aspect ratio of . The formation proceeds over a time span of more than
convective time units for the largest accessible Rayleigh number and
occurs only when the turbulence is driven by a constant heat flux which is
imposed at the bottom and top planes enclosing the convection layer. The
resulting gradual inverse cascade process is observed for both temperature
variance and turbulent kinetic energy. An additional analysis of the leading
Lyapunov vector field for the full turbulent flow trajectory in its
high-dimensional phase space demonstrates that turbulent flow modes at a
certain scale continue to give rise locally to modes with longer wavelength in
the turbulent case. As a consequence successively larger convection patterns
grow until the horizontal extension of the layer is reached. This instability
mechanism, which is known to exist near the onset of constant heat flux-driven
convection, is shown here to persist into the fully developed turbulent flow
regime thus connecting weakly nonlinear pattern formation with the one in fully
developed turbulence. We discuss possible implications of our study for
observed, but not yet consistently numerically reproducible, solar
supergranulation which could lead to improved simulation models of surface
convection in the Sun.Comment: 15 pages, 11 figure
Thermal boundary condition studies in large aspect ratio Rayleigh-B\'enard convection
We study the influence of thermal boundary conditions on large aspect ratio
Rayleigh-B\'enard convection by a joint analysis of experimental and numerical
data sets for a Prandl number and Rayleigh numbers
. The spatio-temporal experimental data are obtained
by combined Particle Image Velocimetry and Particle Image Thermometry
measurements in a cuboid cell filled with water at an aspect ratio . In addition, numerical data are generated by Direct Numerical Simulations
(DNS) in domains with and subject to different
thermal boundary conditions. Our experimental data show an increased
characteristic horizontal extension scale of the flow structures,
, for increasing Ra, which is coupled with a raise of the Biot
number Bi in particular at the cooling plate. However, we find the experimental
flow structure size to range in any case between the ones observed for the
idealized thermal conditions captured by the simulations. On the one hand, they
are larger than in the numerical case with applied uniform temperatures at the
plates, but, on the other hand, smaller than in the case of an applied constant
heat flux, the latter of which leads to a structure that grows gradually up to
the horizontal domain size. We link this observation qualitatively to
theoretical predictions for the onset of convection. Furthermore, we study the
effect of the asymmetric boundary conditions on the heat transfer. Contrasting
experimental and numerical data reveals an increased probability of far-tail
events of reversed heat transfer. The decomposition of the local Nusselt number
traces this effect back to the sign of the temperature
deviation , revealing asymmetries of the heating and cooling
plate on the thermal variance of the generated thermal plumes
Lagrangian studies of coherent sets and heat transport in constant heat flux-driven turbulent Rayleigh-B\'enard convection
We explore the mechanisms of heat transfer in a turbulent constant heat
flux-driven Rayleigh-B\'enard convection flow, which exhibits a hierarchy of
flow structures from granules to supergranules. Our computational framework
makes use of time-dependent flow networks. These are based on trajectories of
Lagrangian tracer particles that are advected in the flow. We identify coherent
sets in the Lagrangian frame of reference as those sets of trajectories that
stay closely together for an extended time span under the action of the
turbulent flow. Depending on the choice of the measure of coherence, sets with
different characteristics are detected. First, the application of a recently
proposed evolutionary spectral clustering scheme allows us to extract granular
coherent features that are shown to contribute significantly less to the global
heat transfer than their spatial complements. Moreover, splits and mergers of
these (leaking) coherent sets leave spectral footprints. Secondly, trajectories
which exhibit a small node degree in the corresponding network represent
objectively highly coherent flow structures and can be related to supergranules
as the other stage of the present flow hierarchy. We demonstrate that the
supergranular flow structures play a key role in the vertical heat transport
and that they exhibit a greater spatial extension than the granular structures
obtained from spectral clustering.Comment: 21 pages, 15 figure
Lagrangian heat transport in turbulent three-dimensional convection
Spatial regions that do not mix effectively with their surroundings and thus
contribute less to the heat transport in fully turbulent three-dimensional
Rayleigh-B\'{e}nard flows are identified by Lagrangian trajectories that stay
together for a longer time. These trajectories probe Lagrangian coherent sets
(CS) which we investigate here in direct numerical simulations in convection
cells with square cross section of aspect ratio , Rayleigh number
, and Prandtl numbers and . The analysis is
based on Lagrangian tracer particles which are advected in the
time-dependent flow. Clusters of trajectories are identified by a graph
Laplacian with a diffusion kernel, which quantifies the connectivity of
trajectory segments, and a subsequent sparse eigenbasis approximation (SEBA)
for cluster detection. The combination of graph Laplacian and SEBA leads to a
significantly improved cluster identification that is compared with the
large-scale patterns in the Eulerian frame of reference. We show that the
detected CS contribute by a third less to the global turbulent heat transport
for all investigated compared to the trajectories in the spatial
complement. This is realized by monitoring Nusselt numbers along the tracer
trajectory ensembles, a dimensionless local measure of heat transfer.Comment: 8 pages, 5 figure