A Concept for a Trustworthy Integration of Smartphones in Business Environments

Smartphones are commonly used within business environments nowadays. They provide sophisticated communicational means which go far beyond simple telephone capabilities. Email access and particular apps on the device are examples of their versatile abilities. While these features allow them to be used in a very flexible way, e.g. in different infrastructures, they impose new threats to their surrounding infrastructure. For example, if used in an environment which allows the installation of custom apps, malicious software may be placed on the device. In order to mitigate these threats, a detailed awareness combined with the possibility to enforce certain constraints on such devices need to be established. In detail, it is necessary to include such devices into a decision making process which decides about the policy compliance of such devices. The policy used in this process defines the rules which apply to the particular infrastructure, e.g. if custom apps are allowed or if a specific software version may not be allowed. However, even when relying on this process, there is one limitation as it does not include a trust-based evaluation. This leads to the problem that a malicious smartphone might compromise the information used for the decision making process which should determine the policy compliance of this device. This renders the overall approach ineffective as the decision wether a device is policy compliant or not may be false. Given that, the thesis presented here provides means to evaluate the trustworthiness of such information to allow a trustworthy decision making about the policy compliance. It therefore introduces two things: (1) a generic trust model for such environments and (2) a domain-specific extension called Trustworthy Context-related Signature and Anomaly Detection system for Smartphones (TCADS). The trust model (1) allows to specify, to calculate and to evaluate trust for the information used by the decision making process. More in detail, the trust founding process of (1) is done by introducing so-called security properties which allow to rate the trustworthiness of certain aspects. The trust model does not limit these aspects to a particular type. That is, device-specific aspects like the number of installed apps or the current version of the operating system may be used as well as device independent aspects like communicational parameters. The security properties defined in (1) are then used to calculate an overall trust level, which provides an evaluable representation of trust for the information used by the decision making process. The domain-specific extension (2) uses the trust model and provides a deployable trust-aware decision making solution for smartphone environments. The resulting system, TCADS, allows not only to consider trust within the decisions about the policy compliance but also enables to base the decisions solely on the trust itself. Besides the theoretical specification of the trust model (1) and the domain-specific extension (2), a proof of concept implementation is given. This implementation leverages both, the abilities of the generic trust model (1) as well as the abilities of the TCADS system (2), thus providing a deployable set of programs. Using this proof of concept implementation, an assessment shows the benefits of the proposed concept and its practical relevance. A conclusion and an outlook to future work extending this approach is given at the end of this thesis.Smartphones sind in heutigen Unternehmensnetzen mittlerweile nicht mehr wegzudenken. Über einfache Telefonie-basierte Fähigkeiten hinaus bieten sie Eigenschaften wie zum Beispiel Email-Zugriff oder hohe Anpassbarkeit auf Basis von Apps. Obwohl diese Funktionalitäten eine vielseitige Nutzung solcher Smartphones erlauben, stellen sie gleichzeitig eine neuartige Bedrohung für die umgebende Infrastruktur dar. Erlaubt eine spezifische Umgebung beispielsweise die Installation von eigenen Apps auf dem Smartphone, so ist es über diesen Weg möglich, Schadprogramme auf dem Gerät zu platzieren. Um diesen Bedrohungen entgegenzuwirken, ist es zum einen nötig Smartphones in der jeweiligen Umgebung zu erkennen und zum anderen, Richtlinien auf den jeweiligen Geräten durchsetzen zu können. Die durchzusetzenden Richtlinien legen fest, welche Einschränkungen für die jeweilige Umgebung gelten, z.B. die Erlaubnis zur Installation von eigenen Apps oder die Benutzung einer bestimmten Softwareversion. Aber auch wenn eine entsprechende Lösung zur Einbeziehung von Smartphones in die Infrastruktur verwendet wird, bleibt ein Problem ungelöst: die Betrachtung der Vertrauenswürdigkeit von durch das Smartphone bereitgestellten Informationen. Diese Einschränkung führt zu dem Problem, dass ein entsprechend kompromittiertes Smartphone die Informationen, welche zur Entscheidungsfindung über die Richtlinienkonformität des Gerätes verwendet werden, in einer Art und Weise ändert, welche den gesamten Entscheidungsprozess ineffizient und somit wirkungslos macht. Die hier vorliegende Arbeit stellt daher einen neuen Ansatz vor um einen vertrauenswürdigen Entscheidungsprozess zur Regelkonformität des Gerätes zu ermöglichen. Im Detail werden dazu zwei Ansätze vorgestellt: (1) Ein generisches Modell für Vertrauensürdigkeit sowie eine (2) domänenspezifische Abbildung dieses Modells, welches als Trustworthy Context-related Signature and Anomaly Detection system for Smartphones (TCADS) bezeichnet wird. Das Modell für Vertrauenswürdigkeit (1) erlaubt die Definition, Berechnung und Auswertung von Vetrauenswürdigkeit für Informationen welche im Entscheidungsprozess verwendet werden. Im Detail basiert die Vertrauenswürdigkeitsbestimmung auf Grundfaktoren für Vertrauen, den sogenannten Sicherheitseigenschaften. Diese Eigenschaften bewerten die Vertrauenswürdigkeit anhand von bestimmten Aspekten die entweder gerätespezifisch und Geräteunabhängig sein können. Basierend auf dieser Bewertung wird dann eine Gesamtvertrauenswürdigkeit, der sogenannte Trust Level berechnet. Dieser Trust Level erlaubt die Berücksichtigung der Vertrauenswürdigkeit bei der Entscheidungsfindung. Teil (2) der Lösung stellt, basierend auf dem Modell der Vertrauenswürdigkeit, ein System zur vertrauensbasierten Entscheidungsfindung in Smartphone Umgebungen bereit. Mit diesem System, TCADS, ist es nicht nur möglich, Entscheidungen auf ihre Korrektheit bezüglich der Vertrauenswürdigkeit zu prüfen, sondern auch Entscheidungen komplett auf Basis der Vertrauenswürdigkeit zu fällen. Neben dem allgemeingültigen Modell (1) und dem daraus resultierenden domänenspezifischen System (2), stellt die Arbeit außerdem einen Tragfähigkeitsnachweis in Form einer Referenzimplementierung bereit. Diese Implementierung nutzt sowohl Fähigkeiten des Modells der Vertrauenswürdigkeit (1) als auch des TCADS Systems (2) und stellt ein nutzbares Set von Programmen bereit. Eine Evaluierung basierend auf diesem Tragfähigkeitsnachweis zeigt die Vorteile und die Praktikabilität der vorgestellten Ansätze. Abschließend findet sich eine Zusammenfassung der Arbeit sowie ein Ausblick auf weiterführende Fragestellungen

Supergranule aggregation for constant heat flux-driven turbulent convection

Turbulent convection processes in nature are often found to be organized in a hierarchy of plume structures and flow patterns. The gradual aggregation of convection cells or granules to a supergranule which eventually fills the whole horizontal layer is reported and analysed in spectral element direct numerical simulations of three-dimensional turbulent Rayleigh-B\'{e}nard convection at an aspect ratio of $60$. The formation proceeds over a time span of more than $10^4$ convective time units for the largest accessible Rayleigh number and occurs only when the turbulence is driven by a constant heat flux which is imposed at the bottom and top planes enclosing the convection layer. The resulting gradual inverse cascade process is observed for both temperature variance and turbulent kinetic energy. An additional analysis of the leading Lyapunov vector field for the full turbulent flow trajectory in its high-dimensional phase space demonstrates that turbulent flow modes at a certain scale continue to give rise locally to modes with longer wavelength in the turbulent case. As a consequence successively larger convection patterns grow until the horizontal extension of the layer is reached. This instability mechanism, which is known to exist near the onset of constant heat flux-driven convection, is shown here to persist into the fully developed turbulent flow regime thus connecting weakly nonlinear pattern formation with the one in fully developed turbulence. We discuss possible implications of our study for observed, but not yet consistently numerically reproducible, solar supergranulation which could lead to improved simulation models of surface convection in the Sun.Comment: 15 pages, 11 figure

Thermal boundary condition studies in large aspect ratio Rayleigh-B\'enard convection

We study the influence of thermal boundary conditions on large aspect ratio Rayleigh-B\'enard convection by a joint analysis of experimental and numerical data sets for a Prandl number $\mathrm{Pr = 7}$ and Rayleigh numbers $\mathrm{Ra = 10^5 - 10^6}$. The spatio-temporal experimental data are obtained by combined Particle Image Velocimetry and Particle Image Thermometry measurements in a cuboid cell filled with water at an aspect ratio $\Gamma= 25$. In addition, numerical data are generated by Direct Numerical Simulations (DNS) in domains with $\Gamma = 25$ and $\Gamma = 60$ subject to different thermal boundary conditions. Our experimental data show an increased characteristic horizontal extension scale of the flow structures, $\tilde{\lambda}$, for increasing Ra, which is coupled with a raise of the Biot number Bi in particular at the cooling plate. However, we find the experimental flow structure size to range in any case between the ones observed for the idealized thermal conditions captured by the simulations. On the one hand, they are larger than in the numerical case with applied uniform temperatures at the plates, but, on the other hand, smaller than in the case of an applied constant heat flux, the latter of which leads to a structure that grows gradually up to the horizontal domain size. We link this observation qualitatively to theoretical predictions for the onset of convection. Furthermore, we study the effect of the asymmetric boundary conditions on the heat transfer. Contrasting experimental and numerical data reveals an increased probability of far-tail events of reversed heat transfer. The decomposition of the local Nusselt number $\mathrm{Nu_{loc}}$ traces this effect back to the sign of the temperature deviation $\tilde{\Theta}$, revealing asymmetries of the heating and cooling plate on the thermal variance of the generated thermal plumes

Lagrangian studies of coherent sets and heat transport in constant heat flux-driven turbulent Rayleigh-B\'enard convection

We explore the mechanisms of heat transfer in a turbulent constant heat flux-driven Rayleigh-B\'enard convection flow, which exhibits a hierarchy of flow structures from granules to supergranules. Our computational framework makes use of time-dependent flow networks. These are based on trajectories of Lagrangian tracer particles that are advected in the flow. We identify coherent sets in the Lagrangian frame of reference as those sets of trajectories that stay closely together for an extended time span under the action of the turbulent flow. Depending on the choice of the measure of coherence, sets with different characteristics are detected. First, the application of a recently proposed evolutionary spectral clustering scheme allows us to extract granular coherent features that are shown to contribute significantly less to the global heat transfer than their spatial complements. Moreover, splits and mergers of these (leaking) coherent sets leave spectral footprints. Secondly, trajectories which exhibit a small node degree in the corresponding network represent objectively highly coherent flow structures and can be related to supergranules as the other stage of the present flow hierarchy. We demonstrate that the supergranular flow structures play a key role in the vertical heat transport and that they exhibit a greater spatial extension than the granular structures obtained from spectral clustering.Comment: 21 pages, 15 figure

Lagrangian heat transport in turbulent three-dimensional convection

Spatial regions that do not mix effectively with their surroundings and thus contribute less to the heat transport in fully turbulent three-dimensional Rayleigh-B\'{e}nard flows are identified by Lagrangian trajectories that stay together for a longer time. These trajectories probe Lagrangian coherent sets (CS) which we investigate here in direct numerical simulations in convection cells with square cross section of aspect ratio $\Gamma = 16$, Rayleigh number $Ra = 10^{5}$, and Prandtl numbers $Pr = 0.1, 0.7$ and $7$. The analysis is based on $N=524,288$ Lagrangian tracer particles which are advected in the time-dependent flow. Clusters of trajectories are identified by a graph Laplacian with a diffusion kernel, which quantifies the connectivity of trajectory segments, and a subsequent sparse eigenbasis approximation (SEBA) for cluster detection. The combination of graph Laplacian and SEBA leads to a significantly improved cluster identification that is compared with the large-scale patterns in the Eulerian frame of reference. We show that the detected CS contribute by a third less to the global turbulent heat transport for all investigated $Pr$ compared to the trajectories in the spatial complement. This is realized by monitoring Nusselt numbers along the tracer trajectory ensembles, a dimensionless local measure of heat transfer.Comment: 8 pages, 5 figure