University of Bielefeld

Displaying 1-21 of 21 results

  • White Papers // Jan 2014

    Dual-Processor Parallelisation of Symbolic Probabilistic Model Checking

    In this paper, the authors describe the dual-processor parallelization of a symbolic (BDD-based) implementation of probabilistic model checking. They use multi-terminal BDDs, which allow a compact representation of large, structured Markov chains. They show that they also provide a convenient block decomposition of the Markov chain which they use to...

    Provided By University of Bielefeld

  • White Papers // Aug 2013

    A Modelling and Simulation Environment for Self-Aware and Self-Expressive Systems

    Self-awareness and self-expression are promising architectural concepts for embedded systems to be equipped with to match them with dedicated application scenarios and constraints in the avionic and space-flight industry. Typically, these systems operate in largely undefined environments and are not reachable after deployment for a long time or even never...

    Provided By University of Bielefeld

  • White Papers // Jun 2013

    Revolver: An Automated Approach to the Detection of Evasive Web-Based Malware

    In recent years, attacks targeting web browsers and their plugins have become a prevalent threat. Attackers deploy web pages that contain exploit code, typically written in HTML and JavaScript, and use them to compromise unsuspecting victims. Initially, static techniques, such as signature-based detection, were adequate to identify such attacks. The...

    Provided By University of Bielefeld

  • White Papers // Mar 2013

    Dynamic QoS Optimization Architecture for Cloud-Based DDDAS

    An emerging class of Dynamic Data Driven application systems heavily depends on cloud and Big Data. The author refers to this class of DDDAS as cloud-based DDDAS. Despite the growing interest in marrying DDDAS with the cloud, there is a general lack for architectural frameworks explicating the cloud requirements, which...

    Provided By University of Bielefeld

  • White Papers // Jan 2013

    Static Analysis for Regular Expression Denial-of-Service Attacks

    Regular expressions are a concise yet expressive language for expressing patterns. For instance, in networked software, they are used for input validation and intrusion detection. Yet some widely deployed regular expression matchers based on backtracking are themselves vulnerable to denial-of-service attacks, since their runtime can be exponential for certain input...

    Provided By University of Bielefeld

  • White Papers // Dec 2012

    A Fully Homomorphic Crypto-Processor Design Correctness of a Secret Computer

    A KPU is a replacement for a standard CPU that natively runs encrypted machine code on encrypted data in registers and memory - a 'Crypto-processor unit', in other words. Its computations are opaque to an observer with physical access to the processor but remain meaningful to the owner of the...

    Provided By University of Bielefeld

  • White Papers // Nov 2012

    Formal Analysis of Privacy in Direct Anonymous Attestation Schemes

    This paper introduces a definition of privacy for Direct Anonymous Attestation schemes. The definition is expressed as an equivalence property suited to automated reasoning using ProVerif and the practicality of the definition is demonstrated by analyzing the RSA-based Direct Anonymous Attestation protocol by Brickell, Camenisch & Chen. The analysis discovers...

    Provided By University of Bielefeld

  • White Papers // Jul 2012

    Efficient Padding Oracle Attacks on Cryptographic Hardware

    The authors show how to exploit the encrypted key import functions of a variety of different cryptographic devices to reveal the imported key. The attacks are padding oracle attacks, where error messages resulting from incorrectly padded plaintexts are used as a side channel. In the asymmetric encryption case, they modify...

    Provided By University of Bielefeld

  • White Papers // Jun 2012

    A Rule Based Approach for Business Rule Generation from Business Process Models

    In this paper, a rule based approach is presented to translate Business Process Model Notation (BPMN) based a business process models into Semantics of Business Vocabulary based Rules (SBVR) based business rules. Such translation can simplify the process of understanding the information represented in BPMN models for the business stakeholders...

    Provided By University of Bielefeld

  • White Papers // Jan 2012

    Privacy Supporting Cloud Computing: ConfiChair, a Case Study

    Cloud computing means entrusting data to information systems that are managed by external parties on remote servers, in the \"Cloud\", raising new privacy and confidentiality concerns. The authors propose a general technique for designing cloud services that allows the cloud to see only encrypted data, while still allowing it to...

    Provided By University of Bielefeld

  • White Papers // Sep 2011

    Improving Scheduling Techniques in Heterogeneous Systems With Dynamic, On-Line Optimisations

    Computational performance increasingly depends on parallelism, and many systems rely on heterogeneous resources such as GPUs and FPGAs to accelerate computationally intensive applications. However, implementations for such heterogeneous systems are often hand-crafted and optimized to one computation scenario, and it can be challenging to maintain high performance when application parameters...

    Provided By University of Bielefeld

  • White Papers // Jul 2011

    A Survey of Self-Awareness and Its Application in Computing Systems

    Novel computing systems are increasingly being composed of large numbers of heterogeneous components, each with potentially different goals or local perspectives, and connected in networks which change over time. Management of such systems quickly becomes infeasible for humans. As such, future computing systems should be able to achieve advanced levels...

    Provided By University of Bielefeld

  • White Papers // Jun 2011

    Escape from Monkey Island: Evading High-Interaction Honeyclients

    High-interaction honey-clients are the tools of choice to detect malicious web pages that launch drive-by download attacks. Unfortunately, the approach used by these tools, which, in most cases, is to identify the side-effects of a successful attack rather than the attack itself, leaves open the possibility for malicious pages to...

    Provided By University of Bielefeld

  • White Papers // Apr 2011

    Engineering Proprioception in SLA Management for Cloud Architectures

    With the wide adoption of the Cloud, there remains an open challenge to provide more dependable, transparent, and trustworthy provision of services. Service terms are typically defined in the Service Level Agreement (SLA) binding both service providers and users. For the service user, there is a need to ensure that...

    Provided By University of Bielefeld

  • White Papers // Mar 2011

    Evaluating Security Properties of Architectures in Unpredictable Environments: A Case for Cloud

    The continuous evolution and unpredictability underlying service-based systems leads to difficulties in making exact QoS claims about the dependability of architectures interfacing with them. Hence, there is a growing need for new methods to evaluate the dependability of architectures interfacing with such environments. This paper presents a method for evaluating...

    Provided By University of Bielefeld

  • White Papers // Feb 2011

    SBVR Business Rules Generation from Natural Language Specification

    In this paper, the authors present a novel approach of translating natural languages specification to SBVR business rules. The business rules constraint business structure or control behavior of a business process. In modern business modeling, one of the important phases is writing business rules. Typically, a business rule analyst has...

    Provided By University of Bielefeld

  • White Papers // Nov 2009

    Trusted Integrity Measurement and Reporting for Virtualized Platforms

    Verifiable trust is a desirable property for computing platforms. Current trusted computing systems developed by Trusted Computing Group (TCG) provide verifiable trust by taking immutable snapshots of the whole set of platform components. It is, however, difficult to use this technology directly in virtualized platforms because of complexity and dynamic...

    Provided By University of Bielefeld

  • White Papers // Jun 2009

    A Methodology for Domain-Specific Business Process Modelling and Implementation

    Design and implementation of a business process in an enterprise often requires three groups of experts: business analysts, solution architects and developers. They collaborate to transform a high-level business process to a final executable system based on e.g. BPEL. Since enterprises often utilize their own domain concepts and use technologies...

    Provided By University of Bielefeld

  • White Papers // Mar 2008

    Verification of Integrity and Secrecy Properties of a Biometric Authentication Protocol

    In this paper, the authors clarify and verify an established biometric authentication protocol. The selected protocol is intended to have three properties: effectiveness (integrity checks are carried out on all hardware before enabling transmission of biometric data), correctness (the user is satisfied that integrity checks have been executed correctly before...

    Provided By University of Bielefeld

  • White Papers // May 2007

    Direct Anonymous Attestation (DAA): Ensuring Privacy With Corrupt Administrators

    The Direct Anonymous Attestation (DAA) scheme provides a means for remotely authenticating a trusted platform whilst preserving the user's privacy. The protocol has been adopted by the Trusted Computing Group (TCG) in the latest version of its Trusted Platform Module (TPM) specification. In this paper, the authors show DAA places...

    Provided By University of Bielefeld

  • White Papers // Jan 2007

    Towards Flexible Business Process Modeling and Implementation: Combining Domain Specific Modeling Languages and Pattern-based Transformations

    Design and implementation of a business process is a challenging task, which requires a diverse set of skills. There are often three groups of experts involved; business analysts, solution architects and developers. They collaborate with each other to transform a high-level design created by a business analyst to the final...

    Provided By University of Bielefeld

  • White Papers // Nov 2012

    Formal Analysis of Privacy in Direct Anonymous Attestation Schemes

    This paper introduces a definition of privacy for Direct Anonymous Attestation schemes. The definition is expressed as an equivalence property suited to automated reasoning using ProVerif and the practicality of the definition is demonstrated by analyzing the RSA-based Direct Anonymous Attestation protocol by Brickell, Camenisch & Chen. The analysis discovers...

    Provided By University of Bielefeld

  • White Papers // Jul 2012

    Efficient Padding Oracle Attacks on Cryptographic Hardware

    The authors show how to exploit the encrypted key import functions of a variety of different cryptographic devices to reveal the imported key. The attacks are padding oracle attacks, where error messages resulting from incorrectly padded plaintexts are used as a side channel. In the asymmetric encryption case, they modify...

    Provided By University of Bielefeld

  • White Papers // Mar 2013

    Dynamic QoS Optimization Architecture for Cloud-Based DDDAS

    An emerging class of Dynamic Data Driven application systems heavily depends on cloud and Big Data. The author refers to this class of DDDAS as cloud-based DDDAS. Despite the growing interest in marrying DDDAS with the cloud, there is a general lack for architectural frameworks explicating the cloud requirements, which...

    Provided By University of Bielefeld

  • White Papers // Apr 2011

    Engineering Proprioception in SLA Management for Cloud Architectures

    With the wide adoption of the Cloud, there remains an open challenge to provide more dependable, transparent, and trustworthy provision of services. Service terms are typically defined in the Service Level Agreement (SLA) binding both service providers and users. For the service user, there is a need to ensure that...

    Provided By University of Bielefeld

  • White Papers // Jun 2011

    Escape from Monkey Island: Evading High-Interaction Honeyclients

    High-interaction honey-clients are the tools of choice to detect malicious web pages that launch drive-by download attacks. Unfortunately, the approach used by these tools, which, in most cases, is to identify the side-effects of a successful attack rather than the attack itself, leaves open the possibility for malicious pages to...

    Provided By University of Bielefeld

  • White Papers // Jun 2013

    Revolver: An Automated Approach to the Detection of Evasive Web-Based Malware

    In recent years, attacks targeting web browsers and their plugins have become a prevalent threat. Attackers deploy web pages that contain exploit code, typically written in HTML and JavaScript, and use them to compromise unsuspecting victims. Initially, static techniques, such as signature-based detection, were adequate to identify such attacks. The...

    Provided By University of Bielefeld

  • White Papers // Dec 2012

    A Fully Homomorphic Crypto-Processor Design Correctness of a Secret Computer

    A KPU is a replacement for a standard CPU that natively runs encrypted machine code on encrypted data in registers and memory - a 'Crypto-processor unit', in other words. Its computations are opaque to an observer with physical access to the processor but remain meaningful to the owner of the...

    Provided By University of Bielefeld

  • White Papers // Jan 2012

    Privacy Supporting Cloud Computing: ConfiChair, a Case Study

    Cloud computing means entrusting data to information systems that are managed by external parties on remote servers, in the \"Cloud\", raising new privacy and confidentiality concerns. The authors propose a general technique for designing cloud services that allows the cloud to see only encrypted data, while still allowing it to...

    Provided By University of Bielefeld

  • White Papers // Nov 2009

    Trusted Integrity Measurement and Reporting for Virtualized Platforms

    Verifiable trust is a desirable property for computing platforms. Current trusted computing systems developed by Trusted Computing Group (TCG) provide verifiable trust by taking immutable snapshots of the whole set of platform components. It is, however, difficult to use this technology directly in virtualized platforms because of complexity and dynamic...

    Provided By University of Bielefeld

  • White Papers // Jul 2011

    A Survey of Self-Awareness and Its Application in Computing Systems

    Novel computing systems are increasingly being composed of large numbers of heterogeneous components, each with potentially different goals or local perspectives, and connected in networks which change over time. Management of such systems quickly becomes infeasible for humans. As such, future computing systems should be able to achieve advanced levels...

    Provided By University of Bielefeld

  • White Papers // Sep 2011

    Improving Scheduling Techniques in Heterogeneous Systems With Dynamic, On-Line Optimisations

    Computational performance increasingly depends on parallelism, and many systems rely on heterogeneous resources such as GPUs and FPGAs to accelerate computationally intensive applications. However, implementations for such heterogeneous systems are often hand-crafted and optimized to one computation scenario, and it can be challenging to maintain high performance when application parameters...

    Provided By University of Bielefeld

  • White Papers // Mar 2011

    Evaluating Security Properties of Architectures in Unpredictable Environments: A Case for Cloud

    The continuous evolution and unpredictability underlying service-based systems leads to difficulties in making exact QoS claims about the dependability of architectures interfacing with them. Hence, there is a growing need for new methods to evaluate the dependability of architectures interfacing with such environments. This paper presents a method for evaluating...

    Provided By University of Bielefeld

  • White Papers // Aug 2013

    A Modelling and Simulation Environment for Self-Aware and Self-Expressive Systems

    Self-awareness and self-expression are promising architectural concepts for embedded systems to be equipped with to match them with dedicated application scenarios and constraints in the avionic and space-flight industry. Typically, these systems operate in largely undefined environments and are not reachable after deployment for a long time or even never...

    Provided By University of Bielefeld

  • White Papers // May 2007

    Direct Anonymous Attestation (DAA): Ensuring Privacy With Corrupt Administrators

    The Direct Anonymous Attestation (DAA) scheme provides a means for remotely authenticating a trusted platform whilst preserving the user's privacy. The protocol has been adopted by the Trusted Computing Group (TCG) in the latest version of its Trusted Platform Module (TPM) specification. In this paper, the authors show DAA places...

    Provided By University of Bielefeld

  • White Papers // Mar 2008

    Verification of Integrity and Secrecy Properties of a Biometric Authentication Protocol

    In this paper, the authors clarify and verify an established biometric authentication protocol. The selected protocol is intended to have three properties: effectiveness (integrity checks are carried out on all hardware before enabling transmission of biometric data), correctness (the user is satisfied that integrity checks have been executed correctly before...

    Provided By University of Bielefeld

  • White Papers // Jan 2014

    Dual-Processor Parallelisation of Symbolic Probabilistic Model Checking

    In this paper, the authors describe the dual-processor parallelization of a symbolic (BDD-based) implementation of probabilistic model checking. They use multi-terminal BDDs, which allow a compact representation of large, structured Markov chains. They show that they also provide a convenient block decomposition of the Markov chain which they use to...

    Provided By University of Bielefeld

  • White Papers // Jan 2013

    Static Analysis for Regular Expression Denial-of-Service Attacks

    Regular expressions are a concise yet expressive language for expressing patterns. For instance, in networked software, they are used for input validation and intrusion detection. Yet some widely deployed regular expression matchers based on backtracking are themselves vulnerable to denial-of-service attacks, since their runtime can be exponential for certain input...

    Provided By University of Bielefeld

  • White Papers // Jun 2009

    A Methodology for Domain-Specific Business Process Modelling and Implementation

    Design and implementation of a business process in an enterprise often requires three groups of experts: business analysts, solution architects and developers. They collaborate to transform a high-level business process to a final executable system based on e.g. BPEL. Since enterprises often utilize their own domain concepts and use technologies...

    Provided By University of Bielefeld

  • White Papers // Feb 2011

    SBVR Business Rules Generation from Natural Language Specification

    In this paper, the authors present a novel approach of translating natural languages specification to SBVR business rules. The business rules constraint business structure or control behavior of a business process. In modern business modeling, one of the important phases is writing business rules. Typically, a business rule analyst has...

    Provided By University of Bielefeld

  • White Papers // Jun 2012

    A Rule Based Approach for Business Rule Generation from Business Process Models

    In this paper, a rule based approach is presented to translate Business Process Model Notation (BPMN) based a business process models into Semantics of Business Vocabulary based Rules (SBVR) based business rules. Such translation can simplify the process of understanding the information represented in BPMN models for the business stakeholders...

    Provided By University of Bielefeld

  • White Papers // Jan 2007

    Towards Flexible Business Process Modeling and Implementation: Combining Domain Specific Modeling Languages and Pattern-based Transformations

    Design and implementation of a business process is a challenging task, which requires a diverse set of skills. There are often three groups of experts involved; business analysts, solution architects and developers. They collaborate with each other to transform a high-level design created by a business analyst to the final...

    Provided By University of Bielefeld