% % This file was created by the TYPO3 extension % publications % --- Timezone: CEST % Creation date: 2024-03-29 % Creation time: 14:43:08 % --- Number of references % 426 % @Article { Patil2024a, author = {Patil, Amit and Ghasemi, Abdorasoul and de Meer, Hermann}, title = {Analysis of Protection Blinding in Active Distribution Grids}, status = {1}, year = {2024}, journal = {IET Renewable Power Generation} } @Article { Lechl2023c, author = {Lechl, Michael and F{\"u}rmann, Tim and de Meer, Hermann and Weidlich, Anke}, title = {A review of models for energy system flexibility requirements and potentials using the new FLEXBLOX taxonomy}, year = {2023}, issn = {1364--0321}, DOI = {10.1016/j.rser.2023.113570}, journal = {Renewable and Sustainable Energy Reviews}, volume = {184}, pages = {19} } @Article { Lechl2023a, author = {Lechl, Michael and Schoppik, Luis and de Meer, Hermann}, title = {Aggregating Multi--Time--Scale Flexibility Potentials of Battery Storages based on Open Data -- A Potential Analysis}, year = {2023}, month = {Oct}, day = {04}, issn = {2520--8942}, DOI = {10.1186/s42162--023--00273--4}, booktitle = {Proc. 12th DACH+ EnInf Conf.}, journal = {Energy Informatics}, volume = {6}, publisher = {Springer}, pages = {17}, number = {1} } @Article { Ghasemi2023c, author = {Ghasemi, Abdorasoul and de Meer, Hermann and Kantz, Holger}, title = {An Interaction--Dependent Model for Probabilistic Cascading Failure}, status = {1}, year = {2023}, journal = {Complex Networks \& Their Applications XII -- Proceedings of The Twelfth International Conference on Complex Networks and their Applications: COMPLEX NETWORKS 2023 Volume 1} } @Article { Lechl2023b, author = {F{\"u}rmann, Tim and Lechl, Michael and de Meer, Hermann and Weidlich, Anke}, title = {From Computer Systems to Power Systems: Using Stochastic Network Calculus for Flexibility Analysis in Power Systems}, year = {2023}, month = {Oct}, day = {04}, issn = {2520--8942}, DOI = {10.1186/s42162--023--00286--z}, journal = {Energy Informatics}, volume = {6}, publisher = {Springer}, pages = {20}, number = {1} } @Article { Ghasemi2023b, author = {Ghasemi, Abdorasoul and de Meer, Hermann and Kantz, Holger}, title = {Interaction graph learning of line cascading failure in power networks and its statistical properties}, year = {2023}, month = {10}, day = {19}, issn = {2520--8942}, DOI = {10.1186/s42162--023--00285--0}, booktitle = {Proc. 12th DACH+ EnInf Conf.}, journal = {Energy Informatics}, volume = {6}, publisher = {Springer}, pages = {17}, number = {1} } @Article { Gagin2023b, author = {Gagin, Stepan and Bettermann, Michael and de Meer, Hermann}, title = {Multi--vector optimization scheme for distributed components in energy islands}, year = {2023}, month = {08}, day = {04}, DOI = {10.1007/s00502--023--01145--1}, journal = {e \& i Elektrotechnik und Informationstechnik} } @Inproceedings { Gagin2023c, author = {Gagin, Stepan and Carrasco--Revilla, Adrian and de Meer, Hermann and S{\'a}nchez Almod{\'o}var, Nuria}, title = {Replicable Machine Learning Workflow for Energy Forecasting}, year = {2023}, month = {12}, day = {01}, booktitle = {2nd Workshop on Machine Learning \& Netwoking (MaLeNe), co--located with the 5th International Conference on Networked Systems (NetSys 2023), Potsdam, Berlin, September 4, 2023: proceedings}, publisher = {Universit{\"a}t Augsburg}, tags = {RENergetic}, file_url = {https://nbn--resolving.org/urn:nbn:de:bvb:384--opus4--1096367} } @Article { Ghasemi2023a, author = {Ghasemi, Abdorasoul and de Meer, Hermann}, title = {Robustness of interdependent power grid and communication networks to cascading failures}, abstract = {We consider the cascading failure process in interdependent power--communication networks, where the power grid provides the required energy for the communication nodes, and the communication network facilitates the monitoring and controlling the power networks. The proposed system model considers the flow dynamics in both networks and the failure rollover to study the cascade process in the system and capture the possible beneficial and adverse effects of interdependency between the networks. We suggest weak and strong interdependencies models that determine how and to what extent the loss of controllability after failures impacts the power network and a congestion--aware load balancing scheme that exploits the system state to decrease the density of severe cascades. The results of the cascading failure processes on data from two power networks are provided and discussed in terms of the average unserved load in the power network and the number of failed nodes in the communication layer in different scenarios. We find that increasing the coupling is beneficial in most cases; however, considering the robustness of each network and the nature of the interdependencies between the two networks, over--coupling can decrease the system’s robustness against failure cascading in certain scenarios.}, year = {2023}, DOI = {10.1109/TNSE.2023.3236482}, journal = {IEEE Transactions on Network Science and Engineering}, pages = {1--12} } @Article { deMeer2023, author = {de Meer, Hermann and Volkova, Anna and Patil, Amit and Kilian, Alexander}, title = {Sustainable networked renewable energy systems: challenges and solutions}, year = {2023}, month = {5}, day = {23}, isbn = {978--3--936050--37--0}, journal = {In proceedings XXXVII. GfS--Symposion \grqqSicherheit und Nachhaltigkeit – Herausforderungen, Folgenabsch{\"a}tzung und Schutzstrategien”}, publisher = {VdS--Verlag}, pages = {111--123} } @Inproceedings { Gagin2023a, author = {Klingert, Sonja and Niederkofler, Michael and de Meer, Hermann and Bielig, Mona and Gagin, Stepan and Kacperski, Celina and Strobbe, Matthias}, title = {The Best of both Worlds: Social and Technical Challenges of Creating Energy Islands}, year = {2023}, isbn = {978--989--758--651--4}, issn = {2184--4968}, DOI = {10.5220/0011974600003491}, organization = {INSTICC}, booktitle = {Proceedings of the 12th International Conference on Smart Cities and Green ICT Systems -- SMARTGREENS}, publisher = {SciTePress}, pages = {129--136}, file_url = {https://www.scitepress.org/Papers/2023/119746/119746.pdf} } @Article { Patil2022, author = {Haack, Jonas and Narayan, Anand and Patil, Amit and Klaes, Marcel and Braun, Martin and Lehnhoff, Sebastian and de Meer, Hermann and Rehtanz, Christian}, title = {A Hybrid Model for Analysing Disturbance Propagation in Cyber--Physical Energy Systems}, abstract = {Future power systems are expected to depend more on ICT for essential grid services such as voltage and frequency control, increasing the interdependencies between both systems. Therefore, disturbances from one system could propagate and impact the other, degrading the state of the interconnected system. This paper proposes a formalised hybrid model for analysing the impact and propagation of disturbances in a cyber--physical energy system. The states representing the performance of ICT--enabled grid services are modelled using a finite--state automaton. The impact of power system operational decisions in response to disturbances using these grid services are modelled using an optimisation considering situational awareness. The output from both models is used as input to a hybrid automaton that determines the state of the overall cyber--physical energy system. The model is verified by a proof of concept using state estimation and congestion management as exemplary grid services.}, year = {2022}, DOI = {https://doi.org/10.1016/j.epsr.2022.108356}, organization = {Elsevier}, journal = {Electric Power Systems Research}, volume = {212}, pages = {108356} } @Inproceedings { Stocker2022b, author = {Stocker, Armin and de Meer, Hermann}, title = {A Tutorial on Resilience in Smart Grids}, abstract = {A key quality of any kind of system is its ability to deliver its respective service correctly. Often the unavailability of commercial systems may lead to lost revenue, which are minor compared to what may be at stake when critical infrastructures fail. A failure to deliver critical services, such as clean water or electricity may have dire consequences that endanger human lives and may even halt or break other infrastructures. The services provided by critical infrastructures need to be supplied continuously even when faced with re--configurations, outside disturbances and systemic changes. A system is called resilient if it fulfils this property. From the many critical infrastructures that exist, power systems may be the most important ones, because they are supplying the required electricity for other critical infrastructures. At the same time, a power system itself may be exposed to several disturbances from internal sources, e.g., fluctuations in the energy demand, and external sources, e.g., heavy storms. Especially, fast dynamic effects caused by these disturbances may lead to deviations of grid frequency, short--circuits, or, in severe cases, a total power system failure. As future scenarios will include more distributed renewable sources and less centralized generation from fossil fuels, ICT--based communication and coordination will play an increasing role. This paper examines the notion of resilience, how it has been traditionally ensured for the power system, and novel approaches to maintain the frequency, protect people and devices against short circuits and recover from a blackout. A special focus is on communication and the role that distributed renewable generation plays for these processes.}}, year = {2022}, DOI = {10.1109/RNDM55901.2022.9927711}, booktitle = {2022 12th International Workshop on Resilient Networks Design and Modeling (RNDM)}, address = {Compi{\`e}gne, France}, pages = {1--14}, file_url = {https://arxiv.org/abs/2308.15923} } @Inproceedings { Volkova2022, author = {Volkova, Anna and Patil, Amit and Javadi, Seyyed Ahman and de Meer, Hermann}, title = {Accountability Challenges of AI in Smart Grid Services}, year = {2022}, month = {June}, DOI = {10.1145/3538637.3539636}, booktitle = {Proceedings of the Thirteenth ACM International Conference on Future Energy Systems}, pages = {597--600} } @Article { Stocker2022, author = {Stocker, Armin and Alshawish, Ali and Bor, Martin and Vidler, John and Gouglidis, Antonios and Scott, Andrew and Marnerides, Angelos and de Meer, Hermann and Hutchison, David}, title = {An ICT architecture for enabling ancillary services in Distributed Renewable Energy Sources based on the SGAM framework}, abstract = {Smart Grids are electrical grids that require a decentralised way of controlling electric power conditioning and thereby control the production and distribution of energy. Yet, the integration of Distributed Renewable Energy Sources (DRESs) in the Smart Grid introduces new challenges with regards to electrical grid balancing and storing of electrical energy, as well as additional monetary costs. Furthermore, the future smart grid also has to take over the provision of Ancillary Services (ASs). In this paper, a distributed ICT infrastructure to solve such challenges, specifically related to ASs in future Smart Grids, is described. The proposed infrastructure is developed on the basis of the Smart Grid Architecture Model (SGAM) framework, which is defined by the European Commission in Smart Grid Mandate M/490. A testbed that provides a flexible, secure, and low--cost version of this architecture, illustrating the separation of systems and responsibilities, and supporting both emulated DRESs and real hardware has been developed. The resulting system supports the integration of a variety of DRESs with a secure two--way communication channel between the monitoring and controlling components. It assists in the analysis of various inter--operabilities and in the verification of eventual system designs. To validate the system design, the mapping of the proposed architecture to the testbed is presented. Further work will help improve the architecture in two directions; first, by investigating specific--purpose use cases, instantiated using this more generic framework; and second, by investigating the effects a realistic number and variety of connected devices within different grid configurations has on the testbed infrastructure. }}, year = {2022}, month = {05}, day = {12}, issn = {2520--8942}, DOI = {10.1186/s42162--022--00189--5}, journal = {Energy Informatics}, volume = {5}, publisher = {Springer Nature}, pages = {28}, number = {1}, web_url = {https://energyinformatics.springeropen.com/articles/10.1186/s42162--022--00189--5} } @Inproceedings { 365000243458_2022, author = {Samimi, Reza and Alyousef, Ammar and Baranzini, Daniele and de Meer, Hermann}, title = {Boosting Interpretability of Non--Readable Deep Learning Forecasts: The Case of Buildings' Energy Consumptions Prediction}, year = {2022}, isbn = {9781450393973}, DOI = {10.1145/3538637.3538754}, booktitle = {Proceedings of the Thirteenth ACM International Conference on Future Energy Systems}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, series = {e--Energy '22}, pages = {434–435} } @Article { DannerD2022b, author = {Danner, Dominik and de Meer, Hermann}, title = {Max--consensus protocol to determine the regulated node in distributed voltage regulation}, year = {2022}, issn = {2520--8942}, DOI = {10.1186/s42162--022--00211--w}, journal = {Energy Informatics}, volume = {5}, publisher = {Springer Nature}, pages = {15}, number = {1}, web_url = {https://energyinformatics.springeropen.com/articles/10.1186/s42162--022--00211--w} } @Article { Danner2022a, author = {Danner, Dominik and Huwa, Robin and de Meer, Hermann}, title = {Multi--objective Flexibility Disaggregation to Distributed Energy Management Systems}, year = {2022}, DOI = {10.1145/3555006.3555007}, journal = {SIGENERGY Energy Inform. Rev.}, volume = {2}, pages = {1--12}, number = {2}, web_url = {https://energy.acm.org/eir/multi--objective--flexibility--disaggregation--to--distributed--energy--management--systems/} } @Inproceedings { DannerD2021a, author = {Danner, Dominik and Seidemann, Jan and Lechl, Michael and de Meer, Hermann}, title = {Flexibility Disaggregation under Forecast Conditions}, abstract = {Stationary battery energy storage systems and electric vehicles become more and more popular at households with local photovoltaic generation. Besides improving self--consumption and autarchy, these batteries can provide flexibility to an external utility. Thereby, generation and demand uncertainty, as well as cost optimality, need to be considered when utilizing distributed flexibility. This paper discusses long short--term memory neural networks for photovoltaic generation forecast and persistence models for household load forecast with respect to their applicability in local energy management system optimization. Furthermore, a mixedinteger linear program is proposed to optimally utilize local flexible loads and storage systems. Its solution space yields the flexibility potential, which can be aggregated at flexibility pools. In order to disaggregate flexibility requests to a pool of distributed energy management systems, we propose a heuristic algorithm that can among others minimize the overall flexibility cost or maximize probability of flexibility delivery. The forecast models, the mixed integer linear program and the flexibility disaggregation are evaluated on realistic household photovoltaic and load profiles to demonstrate the full chain from local forecast to flexibility disaggregation under forecast conditions. Our experiments with flexibility disaggregation show that the probability to provide flexibility should not be neglected when it comes to distributed energy management optimization based on forecast models.}, year = {2021}, isbn = {978--1--4503--8333--2/21/06}, DOI = {10.1145/3447555.3464851}, booktitle = {Proceedings of the Twelfth ACM International Conference on Future Energy Systems}, publisher = {Association for Computing Machinery (ACM)}, address = {New York, NY, USA}, series = {e--Energy '21}, pages = {27--38}, keywords = {flexibility mixed integer linear programming battery storage systems energy management system forecasting electric vehicle}, tags = {EMSIG}, web_url = {https://doi.org/10.1145/3447555.3464851}, file_url = {https://www.uni--passau.de/fileadmin/dokumente/fakultaeten/fim/lehrstuhl/meer/publications/pdf/DannerD2021a.pdf} } @Inproceedings { 598859244486_2021, author = {Gagin, Stepan and Klingert, Sonja and Niederkofler, Michael and de Meer, Hermann}, title = {ICT Design for Community--empowered Sustainable Multi--Vector Energy Islands}, year = {2021}, booktitle = {ComForEn 2021 (not peer--reviewed)}, pages = {37}, web_url2 = {https://www.comforen.org/.cm4all/mediadb/Tagungsbaende/ComForEn{\textunderscore}2021{\textunderscore}Proceedings.pdf{\#}page=37} } @Article { 453253883849_2021, author = {Danner, Philipp and de Meer, Hermann}, title = {Location and solar system parameter extraction from power measurement time series}, abstract = {Photovoltaic (PV) systems are considered an important pillar in the energy transition because they are usually located near the consumers. In order to provide accurate PV system models, e.g. for microgrid simulation or hybrid--physical forecast models, it is of high importance to know the underlying PV system parameters, such as location, panel orientation and peak power. In most open PV generation databases, these parameters are missing or are inaccurate. In this paper, we present a framework based on particle swarm optimization and the PVWatts model to estimate PV system parameters using only power feed--in measurements and satellite--based ERA5 climate reanalysis data. Our sensitivity analysis points out the most relevant PV system parameters, which are panel and inverter peak power, panel orientation, system location and a small but not negligible influence of ambient temperature and albedo. The detailed evaluation on one exemplary PV system shows an acceptable accuracy in panel azimuth and tilt for the use in microgrid PV system simulation. The extracted location has less than 25 km of positioning error in the best case, which is more than satisfying with respect to the underlying data resolution of the ERA5 dataset. Similar results are observed for 10 systems in Europe and the USA.}, year = {2021}, month = {Sep}, issn = {2520--8942}, DOI = {10.1186/s42162--021--00176--2}, booktitle = {Proceedings of the 10th DACH+ Conference on Energy Informatics}, journal = {Energy Informatics}, volume = {4}, pages = {20}, file_url = {https://energyinformatics.springeropen.com/articles/10.1186/s42162--021--00176--2} } @Article { DannerD2021b, author = {Danner, Dominik and de Meer, Hermann}, title = {Quality of service and fairness for electric vehicle charging as a service}, abstract = {Due to the increasing battery capacity of electric vehicles, European standard electricity socket--outlets at households are not enough for a full charge cycle overnight. Hence, people tend to install (semi--) fast charging wall--boxes (up to 22 kW) which can cause critical peak loads and voltage issues whenever many electric vehicles charge simultaneously in the same area. This paper proposes a centralized charging capacity allocation mechanism based on queuing systems that takes care of grid limitations and charging requirements of electric vehicles, including legacy charging control protocol restrictions. The proposed allocation mechanism dynamically updates the weights of the charging services in discrete time steps, such that electric vehicles with shorter remaining charging time and higher energy requirement are preferred against others. Furthermore, a set of metrics that determine the service quality for charging as a service is introduced. Among others, these metrics cover the ratio of charged energy to the required energy, the charging power variation during the charging process, as well as whether the upcoming trip is feasible or not. The proposed algorithm outperforms simpler scheduling policies in terms of achieved mean quality of service metric and fairness index in a co--simulation of the IEEE European low voltage grid configured with charging service requirements extracted from a mobility survey.}, year = {2021}, month = {Oct}, day = {13}, issn = {2520--8942}, DOI = {10.1186/s42162--021--00175--3}, booktitle = {Proceedings of the 10th DACH+ Conference on Energy Informatics}, journal = {Energy Informatics}, volume = {4}, pages = {20}, file_url = {https://energyinformatics.springeropen.com/articles/10.1186/s42162--021--00175--3} } @Article { 342414278259_2021, author = {Volkova, Anna and Terzer, Jonas and de Meer, Hermann}, title = {Quantifying geospatial interdependencies of ICT and power system based on open data}, abstract = {In order to evaluate the effectiveness of innovative services and technologies spanning over the ICT--enabled power system, realistic models are required. Although nowadays there is a wide range of power system data models, these models do not include a lifelike representation of the ICT system architecture and do not consider the level of interconnectedness of the two systems. In this paper, we propose a methodology for quantification of the geospatial relations between ICT and power system based on openly available data. We describe a graph--theoretic approach, formulate a problem of assessing geospatial relations and discuss the methods required to process publicly available data, retrieve scenarios for different regions and quantify the level of interdependence between ICT and power system.}, year = {2021}, month = {Oct}, issn = {2520--8942}, DOI = {10.1186/s42162--021--00182--4}, booktitle = {Proceedings of the 10th DACH+ Conference on Energy Informatics}, journal = {Energy Informatics}, volume = {4}, pages = {12}, file_url = {https://doi.org/10.1186/s42162--021--00182--4} } @Inproceedings { Stark2021, author = {Stark, Sanja and Volkova, Anna and Lehnhoff, Sebastian and de Meer, Hermann}, title = {Why Your Power System Restoration Does Not Work and What the ICT System Can Do About It}, abstract = {While long--term wide--range blackouts have been studied extensively from a power systems perspective, the role of ICT in the recovery of smart energy systems has not been investigated to the same extent. This paper presents a flexible blackstart service to restore a smart distribution system alongside an impaired ICT system. We formulate the problem of power grid restoration as a distributed optimization problem, taking into account distributed energy resources and remote--controllable switches as optimization variables and employ a multi--agent system to deliver an optimal island configuration. We define an integrated architecture for the interdependent power and ICT system and test our methodology on a realistic distribution system scenario with varying impaired ICT. The results show that the efficiency of the restoration is highly sensitive to the placement of emergency power supply and the coverage of ICT nodes.}, year = {2021}, isbn = {978--1--4503--8333--2/21/06}, DOI = {10.1145/3447555.3465415}, booktitle = {Proceedings of the Twelfth ACM International Conference on Future Energy Systems}, publisher = {Association for Computing Machinery (ACM)}, address = {New York, NY, USA}, series = {e--Energy '21}, keywords = {distribution grid restoration distributed optimization multi--agent system communication network restoration}, tags = {DFG, German Research Foundation}, file_url = {https://www.uni--passau.de/fileadmin/dokumente/fakultaeten/fim/lehrstuhl/meer/publications/pdf/Stark2021.pdf} } @Article { Jindal2020A, author = {Jindal, Anish and Kronawitter, Jakob and Kuehn, Ramona and Bor, Martin and de Meer, Hermann and Gouglidis, Antonios and Hutchison, David and Marnerides, Angelos K and Scott, Andrew and Mauthe, Andreas}, title = {A flexible ICT architecture to support ancillary services in future electricity distribution networks: an accounting use case for DSOs}, abstract = {With the increased penetration of distributed renewable energy sources (DRES) in the grid, new pathways are required to keep the electricity distribution system stable. The provision of ancillary services (AS) by the DRES can contribute in this regard. However, it is necessary to communicate the need for AS from the third party providers such as distribution system operator (DSO) to the DRES in an efficient and scalable manner. To this end, a flexible information and communication technology (ICT) architecture is presented in this paper, and the requirements for the architecture are elaborated. We argue that this architecture is capable of supporting the present and future needs of electricity distribution networks. To illustrate its utility and effectiveness, an accounting use case for DSOs has been presented; it describes a remuneration scheme for the AS provision. A dashboard has been developed to enable communication via this architecture and to allow control of the grid. In addition, a distributed ledger technology for the realization of accounting has been analysed with respect to its scalability and performance capabilities}, year = {2020}, month = {July}, day = {31}, DOI = {https://doi.org/10.1186/s42162--020--00111--x}, journal = {Energy Informatics}, volume = {3}, publisher = {SpringerOpen}, pages = {10}, number = {1} } @Inproceedings { mandarawi2020a, author = {Mandarawi, Waseem and Chahed, Hamza and de Meer, Hermann}, title = {A Framework for Virtualizing Time--aware Shaper Using High Performance NFV}, abstract = {In this work, we discover the possible methods of using Network Function Virtualization (NFV) to reduce the complexity and cost of implementing and deploying Time--aware Shaper (TAS); one of the traffic shapers defined by the recent IEEE Time Sensitive Networks (TSN) standard for industrial Ethernet. Virtualizing network functions decouples them from proprietary hardware but under performance challenges. We research high performance NFV techniques and use Data Plane Development Kit (DPDK) to implement a virtual TAS with feasible performance for factory level industrial applications. Furthermore, we design a complete framework that provides preliminary schedule calculation, transmission selection, TAS controller, and time synchronization. The framework provides evaluation tools; traffic generation and performance measurement. We evaluate our virtual TAS using delay and frame loss metrics and a small Service Function Chain (SFC) under different loads of Best Effort Traffic (BET) and external disturbance, and different Time--critical Traffic (TCT) specifications.}, status = {1}, year = {2020}, month = {Sep.}, issn = {1946--0759}, DOI = {10.1109/ETFA46521.2020.9211960}, booktitle = {Proc. of IEEE 25th International Conference on EmergTechnologies and Factory Automation, ETFA 2020ing}, volume = {1}, publisher = {IEEE}, pages = {1621--1628}, keywords = {TSN TAS NFV VNF DPDK}, web_url = {https://ieeexplore.ieee.org/abstract/document/9211960/} } @Article { Sui2020a, author = {Sui, Zhiyuan and de Meer, Hermann}, title = {An Efficient Signcryption Protocol for Hop--by--Hop Data Aggregations in Smart Grids}, abstract = {Aggregation trees have been proposed for privacy preservation to reduce data collectors’ computational cost in smart grids. In aggregation tree models, smart meter usage data should be forwarded by all its ancestors, which delays usage data transmissions. We report the design of an identity--based signcryption protocol without oracles for aggregation trees. The designed protocol significantly reduces smart meter computational costs due to its homomorphic features. (1) Compressed signatures can be verified in batches. The computational cost of verification is independent of the number of usage reports. (2) A smart meter can generate a signature on the aggregated cipher without executing signing algorithms during transmissions. Extensive simulations demonstrate that, based on the proposed protocol, the communication efficiency of our privacy preservation scheme outperforms other aggregation tree--based schemes regarding transmission delay and computational cost.}, year = {2020}, month = {Jan.}, issn = {1558--0008}, DOI = {10.1109/JSAC.2019.2951965}, journal = {IEEE Journal on Selected Areas in Communications}, volume = {38}, publisher = {IEEE}, pages = {132--140}, number = {1}, keywords = {Smart meters Protocols Smart grids Ciphers Computational efficiency Privacy Data privacy Smart grids IT security privacy preservation aggregate signature}, web_url = {https://ieeexplore.ieee.org/document/8894150?source=authoralert} } @Inproceedings { Ansah2020a, author = {Frimpong, Ansah and Perez Olaya, Santiago Soler and Krummacker, Dennis and Fischer, Christoph and Winkel, Alexander and Guillaume, Rene and Wisniewski, Lukasz and Ehrlich, Marco and Mandarawi, Waseem and Trsek, Henning and de Meer, Hermann and Wollschlaeger, Martin and Schotten, Hans D and Jasperneite, J{\"u}rgen}, title = {Controller of Controllers Architecture for Management of Heterogeneous Industrial Networks}, abstract = {Increasing heterogeneity of industrial network systems is a fact and the chances that in the future one communication standard will be able to fulfill the requirements of all possible applications are Utopian. With the increasing number of communication systems, their management, configuration, and maintenance become a significant issue. Additionally, due to the increasing amount of network services and traffic, the management of available network resources and the possibility of delivering certain levels of communication quality of service, especially across different network domains becomes a big challenge. Therefore, in this paper a Controller of Controllers (CoC) concept for management of heterogeneous industrial networks is proposed. The concept is designed to support still widely spread legacy fieldbus systems, different Ethernet--based industrial solutions, and the potentially upcoming network technologies. The goal is achieved by leveraging on the state--of--the--art architectural concepts, such as software--defined networks, which allows for integration of abstract models in network management. The concept is described, implemented, and demonstrated by a working demonstrator for a heterogeneous system of fieldbus and Ethernet--based time--sensitive networks.}, year = {2020}, month = {April}, DOI = {10.1109/WFCS47810.2020.9114506}, booktitle = {Proc. of 16th IEEE International Conference on Factory Communication Systems (WFCS)}, publisher = {IEEE}, pages = {1--8}, number = {3}, keywords = {Heterogeneous industrial networks Software--Defined networking Architecture FieldBus CANopen Time--sensitive networks} } @Inproceedings { Patil2020A, author = {Patil, Amit and Haack, Jonas and de Meer, Hermann and Braun, Martin}, title = {Modeling interconnected ICT and power systems for a resilience anaylsis}, abstract = {Increasing interdependencies between power and ICT systems amplify the possibility of cascading failures. Resilience against such failures is an essential property of modern and sustainable power systems and networks. To assess the resilience and predict the behaviour of a system consisting of interdependent subsystems, the interconnection requires adequate modeling. This work presents an approach to model and determine the state of these so--called interconnectors in future cyber--physical energy systems with strongly coupled ICT and power systems for a resilience analysis. The approach can be used to capture the impact of various parameters on system performance upon suitable modification. An hierarchical modeling approach is developed with atomic models that demonstrate the interdependencies between a power and ICT system. The modeling approach using stochastic activity nets is applied to an exemplary redispatch process in a cyber--physical energy system. The performance of an interconnector when facing limited performance from the ICT subsystem and its subsequent impact on the power system is analysed using the models. The state of the interconnector, as well as the service level are mapped to a resilience state--space diagram. The representation of system state on the resilience state--space diagram allows interpretation of system performance and quantification of resilience metrics.}, status = {1}, year = {2020}, booktitle = {Proceedings of the 9th DACH+ Energy Informatics conference 2020}, journal = {Energy Informatics}, publisher = {Springer}, keywords = {inter--dependency joint system modeling cyber--physical energy system resilience ICT, power system}, tags = {DFG MULTI--RES} } @Article { Mandarawi2020b, author = {Mandarawi, Waseem and Rottmeier, Juergen and Rezaeighale, Milad and de Meer, Hermann}, title = {Policy--based Composition and Embedding of Extended Virtual Networks and SFCs for IIoT}, abstract = {The autonomic composition of Virtual Networks (VNs) and Service Function Chains (SFCs) based on application requirements is significant for complex environments. In this paper, we use graph transformation to compose an Extended Virtual Network (EVN) based on different requirements such as locations, low latency, redundancy, and security functions. The EVN can represent physical environment devices and virtual application and network functions. We build a generic Virtual Network Embedding (VNE) framework for transforming an Application Request (AR) to an EVN. Then, we define a set of transformations that reflect preliminary topological, performance, reliability, and security policies. These transformations update the entities and demands of the VN and add SFCs that include the required Virtual Network Functions (VNFs). Additionally, we propose a greedy proactive heuristic for path--independent embedding of the composed SFCs. This heuristic is appropriate for real complex environments such as industrial networks. Furthermore, we present an Industrail Internet of Thing (IIoT) use case inspired by Industry 4.0 concepts, in which EVNs for remote asset management are deployed over three levels; manufacturing halls and edge and cloud computing. We also implement the developed methods in Alevin and show exemplary mapping results from our use case. Finally, we evaluate the chain embedding heuristic using a random topology that is typical for such a use case, and show that it can improve the admission ratio and resource utilization with minimal overhead}, status = {1}, year = {2020}, month = {Sep}, issn = {1999--4893}, DOI = {10.3390/a13090240}, journal = {Algorithms, section: Combinatorial Optimization, Graph, and Network Algorithms, Special Issue "Virtual Network Embedding"}, volume = {13}, publisher = {MDPI AG}, number = {9}, number2 = {240}, web_url = {https://www.mdpi.com/1999--4893/13/9/240} } @Inproceedings { Patil2020b, author = {Klaes, Marcel and Narayan, Anand and Patil, Amit and Haack, Jonas and Lindner, Martin and Lehnhoff, Sebastian and Rehtanz, Christian and de Meer, Hermann and Braun, Martin}, title = {State description of cyber phyiscal energy system}, abstract = {The integration of ICT into power systems has increased the interdependencies between the two systems. The operation of power system depends on several ICT--enabled grid services which manifest the interdependencies. ENTSO--E system state classification is a tool that is widely used by operators to determine the current operational state of the power system. However, it does not adequately describe the impact of ICT disturbances on the operation of the power system. Despite their interconnections, the operational states of both systems have been described separately so far. This paper bridges the well--established ENTSO--E systems state classification with an ICT system state classification, forming a new model considering the state classification of the ICT--enabled grid services. The model is developed by first identifying the ICT--enabled services, remedial actions and the respective performance requirements that are required by the power system. Then the states of these services are specified based on the supporting ICT system. The resulting joint state description shows how performance degradation of ICT--enabled services (introduced by disturbances) can affect the operation of the interconnected power system. Two case studies of such ICT--enabled services, namely state estimation and on--load tap changer control, are investigated in terms of how their operational states affect the states of the power system. A third case study highlights the interdependencies that exist between the services. These case studies demonstrate the interdependencies that exist between power and ICT systems in modern cyber--physical energy systems, thus highlighting the usage of a unified system state description.}, status = {1}, year = {2020}, booktitle = {Proceedings of the 9th DACH+ Energy Informatics conference 2020}, journal = {Energy Informatics}, publisher = {Springer}, keywords = {interdependency operational state cyber--physical energy system ICT power system}, tags = {DFG MULTI--RES} } @Inproceedings { Ansah2020a, author = {Frimpong, Ansah and Rottmeier, Juergen and Zirkler, Andreas and de Meer, Hermann}, title = {Worst--case delay slicing for Time--sensitive Applications in Softwarized Industrial Networks}, abstract = {The pervasiveness of network softwarization has drawn keen interest from the industrial domain as network convergence becomes increasingly desirable amongst industrial operators. Coupled with the concept of network slicing, operators will be able to tailor resources to applications regardless of the contrast in application requirements. However, while the concept of slicing is prevalent in industrial network circles, the realization of the concept in practical deployment scenarios is rarely emphasized. This paper provides a step--by--step analysis for the creation of dynamic network slices to guarantee real--time deterministic requirements of periodic industrial applications. The objective of the paper is achieved by the design and integration of worst--case delay models in the virtual network embedding problem with a focus on the operation of time--sensitive forwarding mechanisms introduced in standard Ethernet bridges. The result shows that the approach is able to guarantee delay requirements irrespective of the arrival order of slices.}, status = {1}, year = {2020}, month = {Sep.}, booktitle = {Proc. of 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)} } @Inproceedings { Alshawish2019a, author = {Alshawish, Ali and Spielvogel, Korbinian and de Meer, Hermann}, title = {A Model--based Time--to--Compromise Estimator to Assess the Security Posture of Vulnerable Networks}, abstract = {Several operational and economic factors impact the patching decisions of critical infrastructures. The constraints imposed by such factors could prevent organizations from fully remedying all of the vulnerabilities that expose their (critical) assets to risk. Therefore, an involved decision maker (e.g. security officer) has to strategically decide on the allocation of possible remediation efforts towards minimizing the inherent security risk. This, however, involves the use of comparative judgments to prioritize risks and remediation actions. Throughout this work, the security risk is quantified using the security metric Time--To--Compromise (TTC). Our main contribution is to provide a generic TTC estimator to comparatively assess the security posture of computer networks taking into account interdependencies between the network components, different adversary skill levels, and characteristics of (known and zero--day) vulnerabilities. The presented estimator relies on a stochastic TTC model and Monte Carlo simulation (MCS) techniques to account for the input data variability and inherent prediction uncertainties.}, year = {2019}, month = {March}, DOI = {10.1109/NetSys.2019.8854511}, booktitle = {2019 International Conference on Networked Systems (NetSys)}, publisher = {IEEE}, pages = {1--3} } @Inproceedings { frimpong2019c, author = {Frimpong, Ansah and Perez Olaya, Santiago Soler and de Meer, Hermann and Wollschlaeger, Martin}, title = {Application Topology--Aware Virtual Network Mapping and Service Provisioning in Programmable Networks}, abstract = {In this paper, an application topology--aware virtual network mapping and service provisioning framework dubbed ``APTASP'' is introduced. The framework is presented as a candidate to deal with the expected increase in the complexity of network management originating from the evolution of IoT and Industrial Internet. Envisaged under the programmable network paradigm, it infers the communication relationships between interacting applications from packet headers. Using this information, it recognizes the communication patterns to build up communication relations. The communication relations are then mapped to template network topologies that enable optimized resource allocation while at the same time ensuring QoS adherence. The service provisioning aspect of the framework introduces as well service function constructs which represent virtualized network function chains required for dynamic and automated service setup.}, year = {2019}, month = {Sep}, booktitle = {IEEE 24th International Conference on Emerging Technologies and Factory Automation (ETFA)}, keywords = {Network Slicing virtualization abstraction} } @Article { Wenderoth2019a, author = {Wenderoth, Friederike and Drayer, Elisabeth and Schmoll, Robert and Niedermeier, Michael and Braun, Martin}, title = {Architectural and functional classification of smart grid solutions}, abstract = {Historically, the power distribution grid was a passive system with limited control capabilities. Due to its increasing digitalization, this paradigm has shifted: the passive architecture of the power system itself, which includes cables, lines, and transformers, is extended by a communication infrastructure to become an active distribution grid. This transformation to an active system results from control capabilities that combine the communication and the physical components of the grid. It aims at optimizing, securing, enhancing, or facilitating the power system operation. The combination of power system, communication, and control capabilities is also referred to as a "smart grid''. A multitude of different architectures exist to realize such integrated systems. They are often labeled with descriptive terms such as "distributed,'' "decentralized,'' "local,'' or "central". However, the actual meaning of these terms varies considerably within the research community. This paper illustrates the conflicting uses of prominent classification terms for the description of smart grid architectures. One source of this inconsistency is that the development of such interconnected systems is not only in the hands of classic power engineering but requires input from neighboring research disciplines such as control theory and automation, information and telecommunication technology, and electronics. This impedes a clear classification of smart grid solutions. Furthermore, this paper proposes a set of well--defined operation architectures specialized for use in power systems. Based on these architectures, this paper defines clear classifiers for the assessment of smart grid solutions. This allows the structural classification and comparison between different smart grid solutions and promotes a mutual understanding between the research disciplines. This paper presents revised parts of Chapters 4.2 and 5.2 of the dissertation of Drayer (Resilient Operation of Distribution Grids with Distributed--Hierarchical Architecture. Energy Management and Power System Operation, vol. 6, 2018).}, year = {2019}, month = {September}, day = {27}, issn = {2520--8942}, DOI = {10.1186/s42162--019--0083--1}, journal = {Energy Informatics}, volume = {2}, publisher = {Springer}, pages = {33}, web_url = {https://doi.org/10.1186/s42162--019--0083--1} } @Article { Sui2019a, author = {Sui, Zhiyuan and de Meer, Hermann}, title = {BAP: A Batch and Auditable Privacy Preservation Scheme for Demand--Response in Smart Grids}, abstract = {Advancing network technologies allows the setup of two--way communication links between energy providers and consumers. These developing technologies aim to enhance grid reliability and energy efficiency in smart grids. To achieve this goal, energy usage reports from consumers are required to be both trustworthy and confidential. In this paper, we construct a new data aggregation scheme in smart grids based on a homomorphic encryption algorithm. In the constructed scheme, obedient consumers who follow the instruction can prove its ajustment using a range proof protocol. Additionally, we propose a new identity--based signature algorithm in order to ensure authentication and integrity of the constructed scheme. By using this signature algorithm, usage reports are verified in real time. Extensive simulations demonstrate that our scheme outperforms other data aggregation schemes.}, year = {2019}, isbn = {1551--3203}, issn = {1941--0050}, DOI = {10.1109/TII.2019.2926325}, journal = {IEEE Transactions on Industrial Informatics}, publisher = {IEEE}, address = {445 Hoes Lane Piscataway, NJ 08854}, pages = {1--3}, keywords = {Smart grids;Demand response;IT security;Privacy preservation;Audit} } @Inproceedings { Volkova2019b, author = {Volkova, Anna}, title = {Blackout Recovery: Resilient NFV--enabled ICT Infrastructure for the Smart Grid}, abstract = {The increased interconnectedness of power and communication systems has resulted in substantial interdependence between both systems. This phenomenon is becoming especially critical when it comes to the Smart Grid and its resilience against major disturbances, such as cyberattacks or natural disasters. These disturbances may lead to severe power system outages. In this case, lack of sustained power supply has a detrimental effect on the communication infrastructure operation and constrains fast network restoration. At the same time, communication networks in the Smart Grid are represented by diverse technologies and standards, which require specific resilience measures. A technology--agnostic resilience design for such networks could increase maintainability and controllability of the whole \ac{ICT} system and facilitate faster restoration. This paper describes an approach for resilient communication infrastructures for the Smart Grid, which enables rapid network recovery in case of massive power system outages.}, year = {2019}, month = {Sep}, day = {25}, issn = {2520--8942}, DOI = {10.1186/s42162--019--0098--7}, booktitle = {Abstracts from the 8th DACH+ Conference on Energy Informatics}, journal = {Energy Informatics}, volume = {2}, publisher = {Springer}, series = {2}, keywords = {Resilience blackout Network Function Virtualization Network Restoration}, web_url = {https://doi.org/10.1186/s42162--019--0098--7}, annotation = {Abstracts from the 8th DACH+ Conference on Energy Informatics} } @Inproceedings { frimpong2019a, author = {Frimpong, Ansah and de Meer, Hermann}, title = {DBvLEA: A Demand--Based Approach to Virtual Link Mapping for Multi--Service Industrial Applications}, abstract = {Network virtualization is proposed in several research work as a means to overcome the ossification of the Internet. Its application relies on embedding algorithms to instantiate virtual networks on substrate infrastructures. Notably, those considered in the scope of traffic--engineering are developed to focus on efficient resource utilization with the aim of increasing the acceptance ratio of the algorithms. In this paper, a demand--based virtual link embedding approach for multi--service mapping in programmable industrial networks is proposed. The approach aims at increasing the overall acceptance ratio of virtual link embedding algorithms by increasing the acceptance of demand critical requests. The goal is achieved by minimizing the deviation between requested demands and the resources satisfying the demand. The approach, when analyzed against state--of--the--art shortest path approaches under the same simulation conditions, shows good results in terms of utilization of the network resources, acceptance of delay--critical traffic demands and overall acceptance ratio.}, year = {2019}, month = {Oct}, booktitle = {2019 15th International Conference on Network and Service Management (CNSM)}, keywords = {virtual link mapping algorithms} } @Inproceedings { Alyousef2019a, author = {Alyousef, Ammar and de Meer, Hermann}, title = {Design of a TCP--like Smart Charging Controller for Power Quality in Electrical Distribution Systems}, year = {2019}, isbn = {978--1--4503--6671--7}, DOI = {10.1145/3307772.3328293}, booktitle = {Proceedings of the Tenth ACM International Conference on Future Energy Systems}, publisher = {ACM}, address = {New York, NY, USA}, series = {e--Energy '19}, pages = {128----138}, keywords = {Assets Overloading, Charging Station, Distributed Smart Charging, Electric Vehicle, Power Quality, Traffic Light Model, Transmission Control Protocol, Voltage Control}, tags = {ELECTRIFIC}, file_url = {https://www.uni--passau.de/fileadmin/dokumente/fakultaeten/fim/lehrstuhl/meer/publications/pdf/Alyousef2019a.pdf} } @Article { Kirpes2019a, author = {Kirpes, Benedikt and Danner, Philipp and Basmadjian, Robert and de Meer, Hermann and Becker, Christian}, title = {E--Mobility Systems Architecture: A Framework for Managing Complexity and Interoperability}, abstract = {The future of e--mobility will consist of a large number of connected electric vehicles, smart charging stations and information systems at the intersection of electricity and mobility sector. When engineering and integrating the multitude of systems into even more complex systems--of--systems for e--mobility, interoperability and complexity handling are vital. Model--based system architectures support the engineering process of information systems with the concepts of abstraction, reduction and separation of concerns. In this paper, we contribute to the research body, by extracting requirements for managing complexity and interoperability of these systems. Further, a comparative analysis of the state--of--the--art in existing architecture models and frameworks for e--mobility is conducted. Based on the identified gaps in existing research, we propose the E--Mobility Systems Architecture (EMSA) Model, a three--dimensional systems architecture model for the e--mobility sector. Its structure originates from the well--established Smart Grid Architecture Model. We further allocate all relevant entities from the e--mobility sector to the EMSA dimensions, including a harmonized role model, functional reference architecture, component and systems allocation, as well as a mapping of data standards and communication protocols. The model then is validated qualitatively and quantitatively against the requirements with a case study approach. Our evaluation shows that the EMSA Model fulfills all requirements regarding the management of complexity and ensuring interoperability. From the case study, we further identify gaps in current data model standardization for e--mobility.}, year = {2019}, journal = {Energy Informatics}, volume = {2}, pages = {15}, number = {1}, keywords = {complex systems,e--mobility,electric vehicles,information,interoperability,model--based systems engineering,sgam,smart grid architecture model,systems,systems architecture}, tags = {ELECTRIFIC} } @Inproceedings { DannerP2019a, author = {Danner, Philipp and de Meer, Hermann}, title = {Estimation of the Regional Electricity Mix}, abstract = {In future electricity systems, exibility is seen to be the counterpart to the volatile renewable energy resources like photo--voltaic or wind plants. A exible usage of mobile (e.g. electric vehicles) and immobile loads (e.g. electric heating systems) could be utilised in order to maximise the usage of energy from renewable sources without neglecting the power limits of the grid. Beside the temporal differences, also the spatial difference of the energy mix is important. Consumption of local renewable energy as near as possible to the actual generation helps to reduce the amount of energy transmission and thus grid capacity needs and power losses. Spatial electricity mix calculations have only been performed on high level (country, control area or bidding zone) so far. In this work, we propose a method to estimate the electricity mix by modelling the energy demand and supply on municipal level. This is done by utilising statistic data sets and suitable profles (e.g. standard load profles) or (simple) generation models in order to incorporate temporal differences. Finally, the dynamic supplies and demands are assigned to high voltage to medium voltage substations using the geographically k--nearest substations and a suitable distance metric in order to create a computable power grid model.}, year = {2019}, booktitle = {Proceedings of 8th DACH+ Conference on Energy Informatics}, keywords = {Electricity mix estimation,Energy data analysis, Renewable energy} } @Inproceedings { DannerD2019b, author = {Danner, Dominik and Duschl, Wolfgang and de Meer, Hermann}, title = {Fair Charging Service Allocation for Electric Vehicles in the Power Distribution Grid}, year = {2019}, isbn = {978--1--4503--6671--7}, DOI = {10.1145/3307772.3330168}, booktitle = {Proceedings of the Tenth ACM International Conference on Future Energy Systems}, publisher = {ACM}, address = {New York, NY, USA}, series = {e--Energy '19}, pages = {406----408}, keywords = {dynamically weighted fair queuing, electric vehicle charging, fair charging service allocation, smart grid}, tags = {ELECTRIFIC}, file_url = {https://www.uni--passau.de/fileadmin/dokumente/fakultaeten/fim/lehrstuhl/meer/publications/pdf/DannerD2019b.pdf} } @Incollection { Kuehn2018a, author = {Kuehn, Ramona and Fischer, Andreas and de Meer, Hermann}, title = {Modeling Security Requirement for VNE Algorithms: A Practical Approach}, abstract = {Both individuals and organizations appreciate the deployment of elastic virtual computing resources on demand in public and private IaaS clouds. VNE algorithms provide the automated and efficient resource assignment necessary for this use case. With the increase of participating parties, the relevance of security--aware VM placement for production environments is increased, too. The problem is extended to networks when VNE algorithms consider security requirements of the interconnection between VM. This chapter presents a solution for realizing how security requirements of VN can be implemented in the VNE and how they can be mapped in the physical network. The chapter provides an implementation of this security--aware VNE model in ALEVIN ---- an open source simulation platform. This shows that the model is applicable with a realistic use case and allows to evaluate the embedding.}, year = {2019}, booktitle = {System Modeling: Methodologies and Tools}, publisher = {Springer Fachmedien}, series = {EAI/Springer Innovations in Communications and Computing}, pages = {165----179} } @Inproceedings { 617690190594_2019, author = {Frimpong, Ansah and Mujumder, Mainak and de Meer, Hermann and Jasperneite, J{\"u}rgen}, title = {Network Slicing: An Industry Perspective}, abstract = {The prevalence of the term "Network Slicing" in today's communication network research community signifies the concept worthy of focus. However, despite its ubiquitous usage, there are varied interpretations of the concept which often leads to disagreement and confusion. The root of this misunderstanding lies in what the term "Slicing" means to the user and the context of its application. Network slicing has been considered as a key concept in 5G which will enable various types of services like enhanced Mobile Broadband (eMBB), Ultra Low Latency Reliable Communication (URLLC) and massive Machine Type Communication (mMTC) for industries. Despite all the standardization efforts, less progress has happened in the field to demystify the concept due to the misinterpretation of the term by various parties. As a result, this paper aims to provide an industrial perspective on the concept of Slicing and its usage in industrial communication networks. It shall as well propose contextualized taxonomy of the areas of usage as a way of reducing the vagueness surrounding the concept. Thus, within this context, an objective rather than subjective comprehension can ensue in intellectual discussions.}, year = {2019}, month = {Sep.}, booktitle = {IEEE 24th International Conference on Emerging Technologies and Factory Automation (ETFA)}, keywords = {Network Slicing virtualization abstraction} } @Inproceedings { Alshawish2019c, author = {Alshawish, Ali and de Meer, Hermann}, title = {Prioritize When Patching Everything is Impossible!}, abstract = {Vulnerable critical networks are attractive targets for remote adversaries with different intentions. Towards enhancing resilience against extreme risks, such networks need to continuously assess their security posture and prioritize possible remediation actions based on security risk. The contribution of this work is to provide an integrated risk--based decision--support methodology for prioritizing risk remediation activities. Our methodology leverages the Time--To--Compromise security metric to quantitatively assess the compromise risk. Furthermore, it employs game--theory principles to model the strategic behaviour of the involved players (e.g., defender and attacker). The novelty of this approach lies in the way it integrates the risk attitude of the decision makers involved in the patch management operations across critical organizations into the prioritization process.}, year = {2019}, month = {Oct.}, booktitle = {2019 IEEE 44th Conference on Local Computer Networks (LCN) (LCN 2019)}, address = {Osnabrueck, Germany}, note = {in press} } @Article { Alshawish2019d, author = {Alshawish, Ali and Abid, Mohamed Amine and de Meer, Hermann}, title = {Quasi--Purification of Mixed Game Strategies: Sub--Optimality of Equilibria in Security Games}, abstract = {Security resources, such as security personnel and surveillance devices, are scarce and usually expensive. Suppose that a defender (e.g., a security officer) must choose among several possible resource--allocations, and relies on game--theory for an optimal choice. If the optimum exists only in randomized strategies, then the defender needs to ``purify'' the resource assignment, hoping to retain the best protection. We experimentally study the validity of this procedure here: we define a set of actions for the defender, against a fixed set of actions for the attacker and compute an optimized defense. Then, we convert this randomized defense strategy into a (consistent) security resource allocation that we add to the defender's action set. If this new defense action is optimal, it should outperform all previous defenses. We find that, unexpectedly, is not always the case! Our contribution is two counterexamples to the following intuition: first, if we optimize a defense using game theory, then adopting the result as (the best) action against the attacker should outperform all other possible defenses. In our (counter--)example setting, this intuition is empirically refuted. The second counterexample exhibits the attribution of this suboptimality to the game--theoretic model as being flawed: the phenomenon is observed in classical games, but not in a distribution--valued game based on the identical setting. This reveals that ``optimality'' of a defense is not the same as optimizing a security score, since the means by which security is quantified and optimized play a much deeper role than intuitively expected.}, year = {2019}, issn = {0167--4048}, DOI = {https://doi.org/10.1016/j.cose.2019.101575}, journal = {Computers and Security}, volume = {87}, publisher = {Elsevier}, number = {101575}, keywords = {Game theory Security resource allocation Quasi--purification Uncertainty Disappointment ratio}, web_url = {http://www.sciencedirect.com/science/article/pii/S0167404819300458}, note = {in press} } @Article { alshawish2019e, author = {Alshawish, Ali and de Meer, Hermann}, title = {Risk Mitigation in Electric Power Systems: Where to Start?}, abstract = {Power grids are becoming increasingly intelligent. In this regard, they benefit considerably from the information technology (IT) networks coupled with their underlying operational technology (OT) networks. While IT networks provide sufficient controllability and observability of power grid assets such as voltage and reactive power controllers, distributed energy resources, among others, they make those critical assets vulnerable to cyber threats and risks. In such systems, however, several technical and economic factors can significantly affect the patching and upgrading decisions of their components including, but not limited to, limited time and budget as well as legal constraints. Thus, resolving all vulnerabilities at once could seem like an insuperable hurdle. To figure out where to start, an involved decision maker (e.g. a security team) has to prudently prioritize the possible vulnerability remediation actions. The key objective of prioritization is to efficiently reduce the inherent security risk to which the system in question is exposed. Due to the critical role of power systems, their decision makers tend to enhance the system resilience against extreme events. Thus, they seek to avoid decision options associated with likely severe risks. Practically, this risk attitude guides the decision--making process in such critical organizations and hence the sought--after prioritization as well. Therefore, the contribution of this work is to provide an integrated risk--based decision--support methodology for prioritizing possible remediation activities. It leverages the Time--To--Compromise security metric to quantitatively assess the risk of compromise. The developed risk estimator considers several factors including: i) the inherent assessment uncertainty, ii) interdependencies between the network components, iii) different adversary skill levels, and iv) public vulnerability and exploit information. Additionally, our methodology employs game theory principles to support the strategic decision--making process by constructing a chain of security games. Technically, the remediation actions are prioritized through successively playing a set of dependent zero--sum games. The underlying game--theoretical model considers carefully the stochastic nature of risk assessments and the specific risk attitude of the decision makers involved in the patch management process across electric power organizations.}, year = {2019}, month = {Nov.}, day = {13}, issn = {2520--8942}, DOI = {10.1186/s42162--019--0099--6}, journal = {Energy Informatics}, volume = {2}, publisher = {Springer}, number = {34}, tags = {IKZO} } @Inproceedings { Alshawish2019b, author = {Alshawish, Ali and de Meer, Hermann}, title = {Risk--based Decision--Support for Vulnerability Remediation in Electric Power Networks}, abstract = {Power grids are becoming increasingly intelligent. however, the boundaries between their operational technology (OT) environments and the (vulnerable) IT networks tend to dissolve. In such systems, several technical and economic factors can significantly affect the upgrading decisions. These factors include, just to name a few, limited time and budget as well as legal constraints. To cope with these challenges, an involved decision maker has to prudently prioritize the possible vulnerability remediation actions. the key objective of prioritization decisions is to efficiently reduce the inherent security risk to which the system in question is exposed. Due to the critical role of power systems, their decision makers tend to enhance the system resilience against extreme events. That is, they seek to avoid decision options associated with extreme (adverse) consequences. Therefore, we propose an integrated risk--based decision--support methodology for prioritizing risk remediation activities. It leverages (i) the Time--To--Compromise (TTC) metric to quantitatively assess the security risk, and (ii) a game--theoretical model to support the decision--making process. The game model considers carefully the specific risk attitude of the decision makers involved in the patch management process across electric power organizations.}, year = {2019}, isbn = {978--1--4503--6671--7}, DOI = {10.1145/3307772.3330157}, booktitle = {10th ACM International Conference on Future Energy Systems}, publisher = {ACM}, address = {New York, NY, USA}, series = {e--Energy '19}, pages = {378----380}, keywords = {Risk--based patch prioritization, game--theoretical decisions}, tags = {IKZO}, file_url = {http://doi.acm.org/10.1145/3307772.3330157} } @Inproceedings { frimpong2019b, author = {Frimpong, Ansah and Abid, Mohamed Amine and de Meer, Hermann}, title = {Schedulability Analysis and {GCL} Computation for Time--Sensitive Networks}, abstract = {Industrial automation networks are composed of cyber--physical systems where frame delays and jitter influence significantly the quality of communication between control and field devices. Due to these constraints, such systems are often served by dedicated Fieldbus networks which are different from networks for enterprise--level connectivity. However, with the introduction of Time--sensitive Networking standards which are already integrated into IEEE 802.1Q--2018 standards in essential parts, the long expected single converged network for any--type communication in the field, control, and enterprise level is within reach. With it, comes the challenge of synthesizing schedules to obtain parameters for configuring the network bridges for time--triggered communication services. This paper provides a scheduling verification, and Gate Control event computation algorithm focused on asserting the viability of scheduling communication services for multiple independent periodic Talker applications on IEEE 802.1Q-- Time Sensitive Networks as well as the computation of Gate Control Lists for the bridges.}, year = {2019}, month = {July}, booktitle = {17th IEEE International Conference on Industrial Informatics (INDIN)}, keywords = {Schedulability Analysis Time--triggered Communication Time--Aware Shaper Time--Sensitive Networks} } @Article { DannerD2019a, author = {Danner, Dominik and de Meer, Hermann}, title = {State Estimation in the Power Distribution System}, abstract = {In the domain of power distribution network, software that can estimate the grid state using several measurement values as input has been rarely used in the low voltage grid. Such software tools are based on adaptive state estimation methods and their accuracy highly depends on the available input data. Especially, in the low voltage grid which is mostly not monitored at all, the increasing number of controllable high--power loads, such as electric vehicle charging stations or decentralized photovoltaics and battery storage systems, directs the focus to the actual grid state, in particular with regard to the power quality.}, year = {2019}, month = {jan}, issn = {0163--5999}, DOI = {10.1145/3308897.3308937}, journal = {SIGMETRICS Perform. Eval. Rev.}, volume = {46}, publisher = {ACM}, address = {New York, NY, USA}, pages = {86----88}, number = {3}, keywords = {graph theory, machine learning, smart grid, state estimation}, tags = {ELECTRIFIC}, file_url = {https://www.uni--passau.de/fileadmin/dokumente/fakultaeten/fim/lehrstuhl/meer/publications/pdf/DannerD2019a.pdf} } @Article { volkova2019a, author = {Volkova, Anna and Stark, Sanja and Lehnhoff, Sebastian and de Meer, Hermann and Bremer, Joerg}, title = {Towards a Blackout--Resilient Smart Grid Architecture}, abstract = {The growing prominence of renewable energy sources, which were not considered within existing power system restoration methods, is introducing both challenges and flexibilities for the Smart Grid restoration. This paper introduces a concept for an automatic, decentralized restoration approach for distribution level of the Smart Grid. The prime goal is the development of a restoration method that uses available renewables to restore the ICT system and to serve as many loads as possible. This enables further grid restoration on the one hand and reduces the effects of a long--term blackout for customers on the other. By setting up a network function virtualization--based communication infrastructure, the resilience of the ICT system in a blackout situation is enhanced. An agent--based restoration algorithm is then executed in order to restore the grid successively.}, year = {2019}, journal = {ETG--Fb. 158: Internationaler ETG--Kongress 2019. Das Gesamtsystem im Fokus der Energiewende 8. – 9. Mai 2019, Neckar Forum, Esslingen am Neckar}, publisher = {IEEE} } @Inproceedings { DannerD2019c, author = {Danner, Dominik and Alyousef, Ammar and Danner, Philipp and Duschl, Wolfgang and de Meer, Hermann}, title = {Towards Grid--Friendly Electric Vehicle Charging: Architectural Concept and Field Trials}, abstract = {Electric mobility leads to an increasing challenge for power grid operators, particularly due to its high peak power demand in low voltage grids in the scenario of home charging. Power grid enhancements are considered either as cost--intensive or as environmentally unfriendly and, hence, more intelligent ICT--based solutions are needed for economic and ecological reasons. Therefore, our intention is to develop a practical approach of grid--friendly smart electric vehicle charging methods. The approach entails two methods, namely: (i) Proactive electric vehicle charging control via prediction of available charging capacity and a corresponding intelligent scheduling of charging processes; (ii) Reactive, decentralized charging process control as a response to critical grid situations. proactive forecasting of available power capacity and energy from (distributed) renewable sources can lead to a better utilization of the power grid in place and extend the usage of renewable energy, which is required for a successful turnaround in energy policy. A reactive control of ongoing charging processes guarantees that the power grid infrastructure can run at its limits, while not overshooting power quality limits. This bipartite concept exploits the flexible potential of the power supply network and at the same time optimizes the ongoing charging processes to meet the requirements of the grid.}, year = {2019}, booktitle = {3rd e--mobility power System integration Symposium}, tags = {Electrific}, file_url = {http://www.net.fim.uni--passau.de/pdf/DannerD2019c.pdf} } @Article { Basmadjian2018c, author = {Basmadjian, Robert and de Meer, Hermann}, title = {A Heuristics--Based Policy to Reduce the Curtailment of Solar--Power Generation Empowered by Energy--Storage Systems}, abstract = {Renewable energy sources, on one hand, are environmentally friendly, but on the other, they suffer from volatility in power generation, which endangers power--grid stability. A viable solution to circumvent the intermittent behavior of renewables is the usage of energy--storage systems. In this paper, we study the energy management of a proof--of--concept system consisting of solar panels, energy--storage systems, a power grid, and household loads. Using neural networks, we identify the most relevant parameters impacting the power generation of solar panels, and then train the corresponding network to derive forecasts. We also go one step further, and propose a heuristics--based energy--management policy for the purpose of reducing curtailments. We show that our proposed policy outperforms the naive policy by 8%, which does not consider any power--generation forecasts.}, year = {2018}, issn = {2079--9292}, DOI = {10.3390/electronics7120349}, journal = {Electronics}, volume = {7}, number = {12}, file_url = {http://www.mdpi.com/2079--9292/7/12/349} } @Inproceedings { DannerP2018b, author = {Eider, Markus and Bodenschatz, Nicki and Berl, Andreas and Danner, Philipp and de Meer, Hermann}, title = {A Novel Approach on Battery Health Monitoring}, abstract = {In this paper, a novel approach for improving battery lifetime is proposed. To reach this goal, electric vehicle internal data is analysed, the battery health influence of driving and charging parameters is estimated and recommendations for battery health optimal charging are generated. The presented system collects data from the electric vehicle using the controller area network bus and stores it on a central server. The data is then transformed and analysed to determine the health influence of certain charging characteristics. Using this knowledge, recommendations can be generated and provided to the electric vehicle owner. This process of generating recommendations can be performed continuously. The proposed approach provides several benefits in electro mobility. First, the acquisition of electric vehicle data is performed in a non--intrusive way. Solely an on--board diagnostics interface is required to read out the vehicle internal data. Thereby any electric vehicle can be equipped with the system presented in this paper. Second, the recommendations guide the vehicle user in specific behaviour without affecting availability and range for the next trips.}, year = {2018}, booktitle = {Conference on Future Automotive Technology}, tags = {ELECTRIFIC} } @Inbook { Doll2018a, author = {Doll, Bernhard and Kuehn, Ramona and de Meer, Hermann}, title = {Beispielhafte Testszenarien: Access Management}, abstract = {Within the project NGCert, three exemplary use cases about access management, geolocation and availability were developed. In this chapter, we will present how the use case "access management" can be implemented at the side of a cloud service provider. In order to cover multiple parts of the scope of "access management", this chapter will deal with three different aspects. Examined will be the group and security policies of Windows based systems, detection of failed user login attempts and the evaluation of action--logs of virtual machines (VM--action--logs) in order to recognize unauthorized operational activities of the management. Because of their dynamic approach, these aspects are of relevance for the certification process.}, year = {2018}, isbn = {978--3--658--19579--3}, DOI = {10.1007/978--3--658--19579--3{\textunderscore}18}, booktitle = {Management sicherer Cloud--Services: Entwicklung und Evaluation dynamischer Zertifikate}, publisher = {Springer Fachmedien Wiesbaden}, address = {Wiesbaden}, editor = {Krcmar, Helmut and Eckert, Claudia and Rossnagel, Alexander and Sunyaev, Ali and Wiesche, Manuel}, pages = {233----238}, file_url = {https://doi.org/10.1007/978--3--658--19579--3{\textunderscore}18} } @Inbook { Doll2018b, author = {Doll, Bernhard and Kuehn, Ramona and de Meer, Hermann}, title = {Beispielhafte Testszenarien: Verfuegbarkeit und Kontrollfaehigkeit}, abstract = {Availability is one of the three IT--security goals and a quality feature of services in a data center. If the availability guarantee is violated, the cloud--service--provider faces a punishment and a loss of reputation. Therefore, it is important to detect whether a promised degree of availability is fulfilled. The process to solve this problem is described in the following. It is considered how availability is defined and how it can be interpreted. Furthermore, it is described how an appropriate interval for the verification is chosen, so that the measured result is as close as possible to the real value. In addition, it is considered how reliable results can be obtained from the cloud--service--provider.}, year = {2018}, isbn = {978--3--658--19579--3}, DOI = {10.1007/978--3--658--19579--3{\textunderscore}20}, booktitle = {Management sicherer Cloud--Services: Entwicklung und Evaluation dynamischer Zertifikate}, publisher = {Springer Fachmedien Wiesbaden}, address = {Wiesbaden}, editor = {Krcmar, Helmut and Eckert, Claudia and Rossnagel, Alexander and Sunyaev, Ali and Wiesche, Manuel}, pages = {249----260}, file_url = {https://doi.org/10.1007/978--3--658--19579--3{\textunderscore}20} } @Article { Adepetu2018a, author = {Adepetu, Adedamola and Alyousef, Ammar and Keshav, Srinivasan and de Meer, Hermann}, title = {Comparing Solar Photovoltaic and Battery Adoption in Ontario and Germany: An Agent--Based Approach}, abstract = {We use Agent Based Models (ABMs) to study and contrast the projected adoption of integrated photovoltaic and battery systems in both Ontario and Germany. Specifcally, we carry out surveys in both jurisdictions to elicit Agent Based Model (ABM) model parameters and to learn the decision function that determines whether an agent purchases a system or not. We use our fitted ABMs to assess the impact of different policy variants on Solar Photovoltaic (PV) system adoption in both jurisdictions. We find that different adoption behaviours exist in both jurisdictions, and that, in each jurisdiction, of the polices that we considered, different policy incentives bring about the most signiffcant increase in adoption. For example, reducing PV prices best increases adoption in Ontario but increasing the price of electricity would have the most signifcant impact in Germany. Thus, ABMs allow policy makers and PV/battery manufacturers to estimate the jurisdiction--specifc impact of a range of policy prescriptions.}, year = {2018}, month = {July}, issn = {2520--8942}, DOI = {10.1186/s42162--018--0012--8}, journal = {Energy Informatics}, volume = {1}, publisher = {Springer}, pages = {6}, number = {1}, tags = {ELECTRIFIC}, file_url = {https://doi.org/10.1186/s42162--018--0012--8} } @Inproceedings { Alyousef2018a, author = {Alyousef, Ammar and Danner, Dominik and Kupzog, Friederich and de Meer, Hermann}, title = {Design and Validation of a Smart Charging Algorithm for Power Quality Control in Electrical Distribution Systems}, abstract = {Electric mobility leads to an increasing challenge for power gird operators,particularly due to its irregular and unknown load profiles. In order to keep up with increasing power demand of charging processes, besides better predictions also the active control of charging processes will be necessary to minimize infrastructure costs. This work deals with a distributed smart charging approach which considers real--time grid conditions for supporting the power quality in electric distribution grids in terms of congestion and voltage management. Our approach adopts the traffic light model to indicate the current state of the low voltage grid, which allows smooth changing of the charging power to avoid drastic changes of the grid state. The algorithm is validated by a series of experiments on two setups: Pure software (co--)simulation and Power Hardware In the Loop (PHIL), where physical charging stations and electric cars are controlled in a laboratory setup.}, year = {2018}, isbn = {978--1--4503--5767--8/18/06}, DOI = {10.1145/3208903.3212031}, booktitle = {Proceedings of the ninth International Conference on Future Energy Systems}, publisher = {ACM}, address = {New York, NY, USA}, series = {e--Energy '18}, keywords = {Smart Charging, Power Quality, Electric Vehicle Charging, Charging Station, Voltage Control, Traffic Light Model}, tags = {ELECTRIFIC}, file_url = {https://www.uni--passau.de/fileadmin/dokumente/fakultaeten/fim/lehrstuhl/meer/publications/pdf/Alyousef2018a.pdf} } @Inproceedings { Rumyanstev2018a, author = {Rumyanstev, Alexander and Morozova, Taisia and Basmadjian, Robert}, title = {Discrete--Event Modeling of a High--Performance Computing Cluster with Service Rate Control}, abstract = {We present a stochastic recursion based discreteevent model of a high--performance computing cluster with service rate switching capabilities. The model is easily adopted to many common settings of modern supercomputers, such as specific scheduling disciplines and various control policies. We also provide some illustrative numerical experiments and discuss further generalizations of the model.}, year = {2018}, booktitle = {Proceedings of the 22th FRUCT Conference}, publisher = {ACM}, series = {FRUCT 2018}, keywords = {HPC, simulation} } @Article { Alyousef2018b, author = {Alyousef, Ammar and Danner, Dominik and Kupzog, Friederich and de Meer, Hermann}, title = {Enhancing Power Quality in Electrical Distribution Systems Using a Smart Charging Architecture}, abstract = {The electrification of the mobility sector comes with multiple challenges such as the lack of information on when, where, how long and how fast charging processes of electric vehicles will take place. In order to keep up with increasing power demand of charging processes, besides better predictions also the active control of charging processes will be necessary to minimize infrastructure costs. This work deals with a real--time mechanism for supporting the Power Quality (PQ) in electric distribution grids in terms of congestion and voltage management. In the paper, we propose a distributed smart charging approach that considers real--time conditions of the distribution grid provided by an event--driven architecture that collects data from different points in the grid. Our approach adopts the traffic light model, which allows smooth changing of the charging power to avoid drastic changes of the grid state. In order to be ready for real--world application, the algorithm is validated by a series of experiments on two setups: Pure software (co--)simulation and Power Hardware In the Loop (PHIL) where physical charging stations and electric cars are controlled in a laboratory setup.}, year = {2018}, month = {Oct}, day = {10}, issn = {2520--8942}, DOI = {10.1186/s42162--018--0027--1}, journal = {Energy Informatics}, volume = {1}, pages = {28}, number = {1}, tags = {ELECTRIFIC}, file_url = {https://doi.org/10.1186/s42162--018--0027--1} } @Inproceedings { DannerP2018a, author = {Danner, Philipp and Duschl, Wolfgang and Danner, Dominik and Alyousef, Ammar and de Meer, Hermann}, title = {Flexibility Reward Scheme for Grid--Friendly Electric Vehicle Charging in the Distribution Power Grid}, abstract = {Due to the increasing number of Electric Vehicles(EV) entering the transportation sector, we need to take a closer look to the distribution power grid, which needs to support the increasing number of charging processes. Grid enhancement to peak load of EV charging processes is very expensive, hence an intelligent solution is preferred. This paper introduces a new concept, called the Reward Scheme, which main objective is to advertise grid--friendly charging processes in order to avoid power quality issues in the distribution grid. To achieve this, we distinguish between guaranteed and flexible power at a charging spot. Using the guaranteed power as a reference, we calculate the grid--friendliness factor of different flexible charging rates, which in turn are proposed to the grid user, e.g. the Charging Service Providers(CSP). This paper describes a simulation--driven approach to obtain the grid--friendliness factor, as well as the required communication between the CSP and the Distribution System Operator(DSO).}, year = {2018}, DOI = {10.1145/3208903.3213893}, booktitle = {Proceedings of the 3th Workshop on Electric Vehicle Systems, Data, and Applications}, publisher = {ACM}, address = {New York, NY, USA}, series = {EV--Sys '18}, tags = {ELECTRIFIC}, file_url = {https://www.uni--passau.de/fileadmin/dokumente/fakultaeten/fim/lehrstuhl/meer/publications/pdf/DannerP2018a.pdf} } @Inbook { Alshawish2018a, author = {Alshawish, Ali and Abid, Mohamed Amine and de Meer, Hermann and Schauer, Stefan and K{\"o}nig, Sandra and Gouglidis, Antonios and Hutchison, David}, title = {G--DPS: A Game--Theoretical Decision--Making Framework for Physical Surveillance Games}, abstract = {Critical infrastructure protection becomes increasingly a major concern in governments and industries. Besides the increasing rates of cyber--crime, recent terrorist attacks bring critical infrastructure into a severer environment. Many critical infrastructures, in particular those operating large industry complexes, incorporate some kind of physical surveillance technologies to secure their premises. Surveillance systems, such as access control and malicious behavior detection, have been long used for perimeter security as a first line of defense. Traditional perimeter security solutions typically monitor the outer boundary structures and lines, thus ignoring threats from the inside. Moreover, the deterrent effect of surveillance systems like Closed Circuit Television (CCTV) becomes considerably less important due to the inflexibility induced by their fixed installations. Hence, an infrastructure's surveillance policy is more predictable and a potential adversary has a better opportunity to observe and bypass it subsequently. Therefore, it is important to maintain situational awareness within such environments so that potential intruders can still be detected. Regardless of whether personnel (e.g., security guards, etc.) or technical solutions (e.g., cameras, etc.) are applied, such surveillance systems have an imperfect detection rate, leaving an intruder with the potential to cause some damage to the infrastructure. Hence, the core problem is to find an optimal application of the surveillance technology at hand to minimize such a potential damage. This problem already has a natural reflection in game theory known as cops--and--robbers game but current models always assume a deterministic outcome of the gameplay. In this work, we present a decision--making framework, which assesses possible choices and alternatives towards finding an optimal surveillance configurations and hence minimizing addressed risks. The decision is made by means of a game--theoretic model for optimizing physical surveillance systems and minimizing the potential damage caused by an intruder with respect to the imperfect detection rates of surveillance technology. With our approach, we have the advantage of using categorical (or continuous) distributions instead of a single numerical value to capture the uncertainty in describing the potential damage of an intruder. This gives us the opportunity to model the imperfection of surveillance systems and to optimize over large collections of empirical or simulated data without losing valuable information during the process.}, year = {2018}, month = {5}, isbn = {978--3--319--75268--6}, DOI = {10.1007/978--3--319--75268--6{\textunderscore}6}, booktitle = {Game Theory for Security and Risk Management: From Theory to Practice}, publisher = {Springer International Publishing}, address = {Cham}, editor = {Stefan Rass and Stefan Schauer}, pages = {129--156}, web_url = {https://doi.org/10.1007/978--3--319--75268--6{\textunderscore}6} } @Inbook { Alshawish2018b, author = {Alshawish, Ali and Abid, Mohamed Amine and de Meer, Hermann}, title = {Game--Theoretic Optimization for Physical Surveillance of Critical Infrastructures: A Case Study}, abstract = {Surveillance technologies represent a standard practice for protection of critical infrastructures such as utility networks. Although surveillance systems may be in place and operating within a utility provider’s premises, they are prone to technical as well as organizational failures resulting in a fluctuating performance. Furthermore, several emergency and unforeseen events such as human errors can significantly impact the effectiveness of specific surveillance activities. Therefore, modelling surveillance needs to account for the characteristics and practicalities of surveillance systems, especially, potentially imperfect detection as well as fuzzy assessment of the performance. To cope with this challenge, we apply game theory principles to solve zero--sum games with probability distribution--valued payoffs as a means to integrate the intrinsic uncertainty of surveillance systems. This model is an essential component of a comprehensive decision--making framework for physical surveillance games, called \grqqG--DPS--framework”. The ultimate goal of this framework is to find the optimal configuration for physical surveillance system over multiple goals. As an evaluation scenario, we will use the actual setup given within a critical infrastructure. For reasons of simplicity, we will focus solely on the use of security guards, who are controlling the area. Taking the details of the physical infrastructure (buildings, roads, etc.) as well as personnel requirements (working hours, available number of guards, etc.) into account, we will make use of simulations to assess various real--life attack and defense. Due to a proper parametrization of the different surveillance strategies, we discuss a form of handling mixed strategies: if there is no purely optimal defense action, then the configuration of the defense measures may admit the definition of new defense strategies from a mix of currently available ones.}, year = {2018}, month = {5}, isbn = {978--3--319--75268--6}, DOI = {10.1007/978--3--319--75268--6{\textunderscore}15}, booktitle = {Game Theory for Security and Risk Management}, publisher = {Springer International Publishing}, address = {Cham}, series = {Static \\& Dynamic Game Theory: Foundations and Applications}, editor = {Stefan Rass and Stefan Schauer}, pages = {353--389}, web_url = {https://doi.org/10.1007/978--3--319--75268--6{\textunderscore}15} } @Inbook { HofmannJ2018a, author = {Hofmann, Johanna M. and Lins, Sebastian and Lang, Michael and Banse, Christian and Doll, Bernhard and Kuehn, Ramona and Laatzen, Britta and de Meer, Hermann and Neubauer, Christine and Ro{\"s}nagel, Alexander and Stephanow, Philipp and Sunyaev, Ali and Weiss, Andreas and Wiesche, Manuel and Krcmar, Helmut}, title = {Handlungsempfehlungen}, abstract = {In order to illustrate the organizational effort the introduction and performance of a dynamic certification scheme entails this chapter recommends general actions and implementation measures to all actors involved in the process. Due to the variety of possible system designs, the focus will lie on recommendations that can be generalized and, thus, address a great number of actors involved. The following differentiates between recommendations more of a general kind, measures of assessment, evaluation and documentation, and tasks concerning the implementation and execution of a dynamic certification service.}, year = {2018}, isbn = {978--3--658--19579--3}, DOI = {10.1007/978--3--658--19579--3{\textunderscore}30}, publisher = {Springer Fachmedien Wiesbaden}, address = {Wiesbaden}, editor = {Krcmar, Helmut and Eckert, Claudia and Rossnagel, Alexander and Sunyaev, Ali and Wiesche, Manuel}, pages = {379----390}, file_url = {https://doi.org/10.1007/978--3--658--19579--3{\textunderscore}30} } @Inproceedings { Basmadjian2018a, author = {Basmadjian, Robert and Ghiassi--Farrokhfal, Yashar and Vishwanath, Arun}, title = {Hidden Storage in Data Centers: Gaining Flexibility Through Cooling Systems}, year = {2018}, booktitle = {Proceedings of the 19th International GI/ITG Conference on Measurement, Modelling and Evaluation of Computing Systems}, publisher = {Springer}, series = {MMB 2018} } @Article { Basmadjian2016b, author = {Basmadjian, Robert and Botero, Juan F. and Giuliani, Giovanni and Hesselbach, Xavier and Klingert, Sonja and de Meer, Hermann}, title = {Making Data Centers Fit for Demand Response: Introducing GreenSDA and GreenSLA Contracts}, abstract = {The power grid has become a critical infrastructure, which modern society cannot do without. It has always been a challenge to keep power supply and demand in balance; the more so with the recent rise of intermittent renewable energy sources. Demand response (DR) schemes are one of the counter measures, traditionally employed with large industrial plants. This paper suggests to consider data centers (DCs) as candidates for DR as they are large energy consumers and as they are able to adapt their power profile sufficiently well. To unlock this potential, we suggest a system of contracts that regulate collaboration and economic incentives between the DC and its energy supplier (GreenSDA) as well as between the DC and its customers (GreenSLA). Several presented use cases serve to validate the suitability of DCs for DR schemes.}, year = {2018}, month = {July}, issn = {1949--3053}, DOI = {10.1109/TSG.2016.2632526}, journal = {IEEE Transactions on Smart Grid}, volume = {9}, pages = {3453--3464}, number = {4}, keywords = {Automation;Collaboration;Context;Contracts;Green products;Load management;Power demand;Demand response;energy management;green service level (supply demand) agreements;smart grid}, file_url = {http://www.net.fim.uni--passau.de/pdf/Basmadjian2016b.pdf} } @Inproceedings { Basmadjian2018b, author = {Basmadjian, Robert and de Meer, Hermann}, title = {Modelling and Analysing Conservative Governor of DVFS--enabled Processors}, abstract = {Dynamic voltage and frequency scaling (DVFS) is a mechanism adopted by major hardware vendors to reduce power demand during times of low processor utilization. However, reducing processor frequency to decrease power demand usually results in degraded services’ performance leading to service level agreement violations. Governors, which are a piece of software at kernel level, are devised to exploit the flexibility provided by DVFS technologies of the hardware. Utilization--based governors change frequency and voltage at discrete time instances based on workload’s utilization without taking into account performance constraints of services. In this paper, a model for the utilization--based Conservative governor is proposed.The model allows us to predict both service performance (mean response time) and processor power demand. An M/M/1 simulator is presented which is used to validate the accuracy of the proposed model. For model accuracy validation, a second methodology based on the frequency probabilities of the processor is proposed. Both approaches confirm the derived DTMC model. We also carry out a comparison between On--demand and Conservative governors and show that the latter performs better for Markovian workloads.}, year = {2018}, isbn = {978--1--4503--5767--8}, DOI = {10.1145/3208903.3213778}, booktitle = {Proceedings of the Ninth International Conference on Future Energy Systems}, publisher = {ACM}, address = {New York, NY, USA}, series = {e--Energy '18}, pages = {519----525}, keywords = {DVFS, Markov chains, On--demand and Conservative governors, Performance, Power demand}, file_url = {http://doi.acm.org/10.1145/3208903.3213778} } @Article { Volkova2018a, author = {Volkova, Anna and Niedermeier, Michael and Basmadjian, Robert and de Meer, Hermann}, title = {Security Challenges in Control Network Protocols: A Survey}, abstract = {With the ongoing adoption of remotely communicating and interacting control systems harbored by critical infrastructures, the potential attack surface of such systems also increases drastically. Therefore, not only the need for standardized and manufacturer--agnostic control system communication protocols has grown, but also the requirement to protect those control systems’ communication. There have already been numerous security analyses of different control system communication protocols; yet, these have not been combined with each other sufficiently, mainly due to three reasons: First, the life cycles of such protocols are usually much longer than those of other Internet and communication technologies, therefore legacy protocols are often not considered in current security analyses. Second, the usage of certain control system communication protocols is usually restricted to a particular infrastructure domain, which leads to an isolated view on them. Third, with the accelerating pace at which both control system communication protocols and threats against them develop, existing surveys are aging at an increased rate, making their re--investigation a necessity. In this paper, a comprehensive survey on the security of the most important control system communication protocols, namely Modbus, OPC UA, TASE.2, DNP3, IEC 60870--5--101, IEC 60870--5--104, and IEC 61850 is performed. To achieve comparability, a common test methodology based on attacks exploiting wellknown control system protocol vulnerabilities is created for all protocols. In addition, the effectiveness of the related security standard IEC 62351 is analyzed by a pre-- and post--IEC 62351 comparison.}, year = {2018}, issn = {1553--877X}, DOI = {10.1109/COMST.2018.2872114}, journal = {IEEE Communications Surveys Tutorials}, pages = {1--1}, keywords = {Protocols;Security;IEC Standards;SCADA systems;Tutorials;Control systems;Network protocols;Network security., Control systems, Network protocols, Network security} } @Inproceedings { frimpong2018a, author = {Ehrlich, Marco and Krummacker, Dennis and Fischer, Christoph and Guillaume, Rene and Perez Olaya, Santiago Soler and Frimpong, Ansah and de Meer, Hermann and Wollschlaeger, Martin and Schotten, Hans D and Jasperneite, J{\"u}rgen}, title = {Software--Defined Networking as an Enabler for Future Industrial Network Management}, abstract = {The overall Industry 4.0 (I4.0) developments combined with the disruptive process of IT--based digitalisation create a vast amount of new opportunities but also challenges for the industrial automation domain. The combination of hybrid (wired \& wireless) communication architectures, already widely installed legacy technologies, new approaches, such as Time--Sensitive Networking (TSN) or 5G, and the general heterogeneity of the industrial landscape results in a high configuration complexity. This creates the necessity for future--proof industrial communication network management systems. Therefore, this paper summarises the current state of the art in this area in order to identify the specific requirements towards future industrial network management systems. The most promising candidate is the Software--Defined Networking (SDN) concept. To evaluate SDN as a possible enabler, specified industrial requirements are compared with the current technological and conceptual capabilities of SDN. In addition, drawbacks resulting in future research questions are identified.}, keywords={computer network management;industrial control;production engineering computing;software defined networking;future--proof industrial communication network management systems;Software--Defined Networking concept;SDN;specified industrial requirements;conceptual capabilities;disruptive process;IT--based digitalisation;industrial automation domain;legacy technologies;industrial landscape results;high configuration complexity;technological capabilities;hybrid communication architectures;Industry 4.0 developments;Automation;Industrial communication;Wireless communication;Quality of service;Protocols}, year = {2018}, month = {Sep.}, issn = {1946--0759}, DOI = {10.1109/ETFA.2018.8502561}, booktitle = {2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA)} } @Article { Gouglidis2018a, author = {Gouglidis, Antonios and Green, Benjamin and Hutchison, David and Alshawish, Ali and de Meer, Hermann}, title = {Surveillance and Security: Protecting Electricity Utilities and other Critical Infrastructures}, abstract = {Critical infrastructures – such as electricity networks, power stations and Smart Grids – are increasingly monitored and controlled by computing and communication technologies. The need to address security and protection of electricity infrastructures with a high priority has broadly been recognized. This is driven by many factors, including the rapid evolution of threats and consistent technological advancements of malicious actors as well as potentially catastrophic consequences of disruptions of such systems. Surveillance and security technologies are traditionally used in these contexts as a protection mechanism that aintains situational awareness and provides appropriate alerts. Surveillance is a cumbersome process because of the need to monitor a diverse set of objects, but it is absolutely essential to detect promptly the occurrence of adverse events or conditions. The aims of this paper are twofold: First, we describe two surveillance architectures in which different technologies can be used jointly for boosting the safety and security of electricity utilities and other key resources and critical infrastructures. Second, we review the typical surveillance and security technologies and evaluate them in the context of critical infrastructures, which may help in making recommendations and improvements for the future. To accomplish these aims, we extracted and consolidated information from major survey papers. This led to identifying the surveillance and security technologies, their application areas, and challenges that they face. We also investigate the perceived performance of the identified technologies in critical infrastructures. The latter comes from interviewing experts who operate in critical infrastructures, and thus provide indications for protecting critical infrastructures, not least because of their increasing use of cyber--physical elements.}, year = {2018}, month = {September}, day = {19}, issn = {2520--8942}, DOI = {10.1186/s42162--018--0019--1}, journal = {Energy Informatics}, volume = {1}, publisher = {Springer}, pages = {15}, number = {15}, web_url = {https://doi.org/10.1186/s42162--018--0019--1}, file_url = {https://doi.org/10.1186/s42162--018--0019--1} } @Article { Sui2016a, author = {Sui, Zhiyuan and Niedermeier, Michael and de Meer, Hermann}, title = {TAI: A Threshold--based Anonymous Identification Scheme for Demand--Response in Smart Grids}, abstract = {Smart grids offer benefits compared to the current power grid by using technologies such as AMI and demand response schemes. However, the introduction of these technologies also leads to challenges in the areas of privacy and identification of disobedient users. Current solutions to these challenges heavily rely on a trusted third party, which may lead to scenarios where the privacy of obedient consumers cannot be preserved. To tackle these concerns, anonymity provides a promising approach to obviating privacy preservation in smart grids. In this paper, a Threshold--based Anonymous Identification Scheme (TAI) for overload audit and privacy preservation in smart grids is proposed, where the use of a trusted third party is no longer required. Privacy preservation depends on the power consumption of consumers in the presence of a demand--response request from the power provider that defines an acceptable consumption threshold at periods of power shortage. Consumers must follow the instruction and curtail their consumption to meet the threshold. By doing so, the consumers who adhere to the power providers’ instructions keep their anonymity, whilst the disobedient are be identified. According to our security and performance analysis, TAI significantly improves efficiency compared to previous anonymous identification schemes, while providing anonymity and identification.}, year = {2018}, month = {July}, issn = {1949--3053}, DOI = {10.1109/TSG.2016.2633071}, journal = {Smart Grid, IEEE Transactions on}, volume = {9}, publisher = {IEEE}, pages = {3496--3506}, number = {4}, keywords = {Load management;Power demand;Privacy;Public key;Smart grids;Smart meters;Conditional Anonymity;Demand--Response;Identification;Privacy Preservation;Smart Grid}, tags = {HYRIM, IKZ}, file_url = {http://www.net.fim.uni--passau.de/pdf/Sui2016a.pdf} } @Inproceedings { Patil2018a, author = {Patil, Amit and de Meer, Hermann}, title = {Usability of IT--Security in Smart Grids}, abstract = {Smart grid systems deliver electricity from suppliers that generate power to customers including private homes, corporations and public domain. The transmission takes place through electric grids and networks that span across geographical areas. Smart grids utilize information and communication technology to perform the required functions where SCADA(Supervisory Control And Data Acquisition) systems monitor, control and manage the processes in critical infrastructures. They include Virtual Power Plants(VPPs) that schedule energy sources appropriately to meet the energy demand. Dynamic Virtual Power Plants(DVPPs)have been proposed to decentralize VPPs to make energy scheduling more flexible. As with any critical infrastructure, attacks on Smart Grids could result in catastrophic situations. Security is required in place to defend the system against attacks. However, security mechanisms such as authentication systems may actually prevent the operator from gaining access to the system in time to control the grid. In such a case, security is actually a hindrance. The authentication mechanism must be more usable from the perspective of the operator, even under stressful situations. Therefore, the aim of this paper is to establish a method to approach usable security by design.}, year = {2018}, isbn = {978--1--4503--5765--8/18/06}, DOI = {10.1145/3208903.3212036}, booktitle = {Proceedings of the ninth International Conference on Future Energy Systems}, publisher = {ACM}, address = {New York, NY, USA}, series = {e--Energy '18}, tags = {MULTI--RES} } @Inproceedings { Alshawish2017b, author = {Alshawish, Ali and Abid, Mohamed Amine and de Meer, Hermann and Schauer, Stefan and K{\"o}nig, Sandra and Gouglidis, Antonios and Hutchison, David}, title = {A Game--theoretical Decision--making Framework for Physical Surveillance Games}, abstract = {Critical infrastructure protection becomes increasingly a major concern in governments and industries. Besides the increasing rates of cyber--crime, recent terrorist attacks have targeted critical infrastructures. Many critical infrastructures, in particular those operating large industrial complexes, incorporate some kind of physical surveillance technologies to secure their premises. Due to the fixed installation of traditional surveillance systems, such as Closed Circuit Television (CCTV), surveillance policies become more predictable and a potential adversary has a better opportunity to observe and bypass deployed surveillance devices. Therefore, it is important to maintain situational awareness within such environments so that potential intruders can still be detected. Regardless of whether personnel (e.g., security guards) or technical solutions (e.g., cameras) are applied, such surveillance systems have an imperfect detection rate, leaving an intruder with the potential to cause some damage to the infrastructure of interest. Hence, the core problem is to find an optimal configuration of the surveillance technology at hand to minimize the potential damage. Here, we present a decision--making framework which assesses possible choices and alternatives towards finding an optimal surveillance configuration and hence minimizing addressed risks. The decision is made by means of a game--theoretic model for optimizing physical surveillance systems and minimizing the potential damage caused by an intruder with respect to the imperfect detection rates of surveillance technology. This approach lets us conveniently capture the full uncertainty in the most general form by a categorical or continuous probability distribution over the potential damage that the adversary can cause. In this way, we avoid information losses by aggregating empirical data into crisp representatives (of damage and its uncertainty), and in using a proper stochastic order, we can optimize a surveillance system despite (and accounting for) its intrinsic imperfectness.}, year = {2017}, organization = {AIT Austrian Institute of Technology GmbH}, booktitle = {Workshop on Novel Approaches in Risk and Security Management for Critical Infrastructures}, pages = {58--65}, tags = {HyRiM}, web_url = {https://cip--workshop.events/wp--content/uploads/2017/10/CIP--Workshop--Proceedings.pdf} } @Article { Alyousef2016b, author = {Alyousef, Ammar and Adepetu, Adedamola and de Meer, Hermann}, title = {Analysis and Model--Based Predictions of Solar PV and Battery Adoption in Germany: An Agent--Based Approach}, abstract = {In order to tackle energy challenges faced in Germany, a Feed--in Tariff (FiT) program was created in 2004 to aid the adoption of solar photovotaic (PV) systems by paying owners of such systems a certain amount for each unit of electricity generated. Solar PV electricity generation is limited due to its intermittency but this can be managed using batteries. In this paper, we study the adoption of PV and battery (PV--battery) systems in Germany, and consider policies that might improve the adoption of these systems and we evaluate the resulting future scenarios for the electric grid. To do this, we create an Agent--Based Model (ABM) that is simulated to estimate the impacts of different policies; this model is informed by an online survey. Simulating adoption over a period of 10 years, the results show that increasing electricity prices could result in improved PV--battery adoption better than reducing PV--battery system prices could. In addition, given the high level of affinity of people towards PV systems in Germany, disconnection from the grid would be a viable option within the next 10 years.}, year = {2017}, month = {March}, day = {01}, issn = {1865--2042}, DOI = {10.1007/s00450--016--0304--9}, journal = {Computer Science -- Research and Development (CSRD)}, volume = {32}, pages = {211----223}, number = {1}, file_url = {https://doi.org/10.1007/s00450--016--0304--9} } @Article { Rakotondravony2017a, author = {Rakotondravony, No{\"e}lle and Taubmann, Benjamin and Mandarawi, Waseem and Weish{\"a}upl, Eva and Xu, Peng and Kolosnjaji, Bojan and Protsenko, Mykolai and de Meer, Hermann and P. Reiser, Hans}, title = {Classifying Malware Attacks in IaaS Cloud Environments}, abstract = {In the last few years, research has been motivated to provide a categorization and classification of security concerns accompanying growing adaptation of Infrastructure as a Service (IaaS) clouds. Studies have been motivated by the risks, threats and vulnerabilities imposed by the components within the environment and have provided general classifications of related attacks, as well as the respective detection and mitigation mechanisms. Virtual Machine Introspection (VMI) has been proven to be an effective tool for malware detection and analysis in virtualized environments. In this paper, we classify attacks in IaaS cloud that can be investigated using VMI--based mechanisms. This infers a special focus on attacks that directly involve Virtual Machines (VMs) deployed in an IaaS cloud. Our classification methodology takes into consideration attacks source, target, and direction. As each actor in a cloud environment can be both source and target of attacks, the classification provides any cloud actor the necessary knowledge of the different attacks by which it can threaten or be threatened, and consequently deploy adapted VMI--based monitoring architectures. To highlight the relevance of attacks, we provide a statistical analysis of the reported vulnerabilities exploited by the classified attacks and their financial impact on actual business processes.}, year = {2017}, month = {Dec}, issn = {2192--113X}, journal = {journal of Cloud Computing, Cloud Forensics and Security}, volume = {6}, pages = {26}, number = {1}, tags = {FORSEC}, file_url = {https://doi.org/10.1186/s13677--017--0098--8} } @Incollection { Basmadjian2017a, author = {Basmadjian, Robert and Niedermeier, Florian and de Meer, Hermann}, title = {Demand--side Flexibility and Supply--side Management: The Use Case of Data Centers and Energy Utilities}, abstract = {Lately the Power Grid has been subject to one of its major evolutions since its design and conception. The traditional structure of electricity being generated by a small number of huge and centralized power plants is being defied by the increasing penetration of renewable energy sources. The major drawback of such sources is their intermittent behavior rendering power generation planning even more cumbersome. This problem can be alleviated through the implementation of intelligent energy management systems (EMS) whose main objective is to exploit the demand--side flexibilities for the purpose of better supply--side management and planning. In this chapter, we study such energy management systems by considering the use case of data centers both from local as well as coordinated management perspectives. To this end, for each considered perspective we describe thoroughly the concept as well as give its corresponding architectural building blocks. Furthermore, we specify the mechanisms and strategies that can be used for the case of data centers in exploiting the demand--side flexibilities.}, year = {2017}, booktitle = {Engineering and Management of Data Centers}, publisher = {Springer International Publishing}, address = {Oxford}, editor = {Gomez, Jorge Marx and Mora, Manuel and Raisinghani, Mahesh S. and Nebel, Wolfgang and O'Connor, Rory} } @Inproceedings { Fink2017, author = {Fink, Simon D. and Golab, Lukasz and Keshav, Srinivasan and de Meer, Hermann}, title = {How Similar is the Usage of Electric Cars and Electric Bicycles?}, abstract = {Electric vehicles (EVs) are expensive. An intriguing idea that was recently proposed is to use a fleet of electrically--assisted bicycles (eBikes) to model the usage and charging patterns of a fleet of EVs at a much lower pricepoint. In this paper, we make a first attempt to explore this idea using usage data from an EV field trial and an eBike field trial taking place in the same city. Unfortunately, we find that for most features of interest, our eBike and EV datasets are statistically different. However, since both datasets were based on only 10--30 participants, further research into this question is required as more data become available.}, year = {2017}, isbn = {978--1--4503--5036--5}, DOI = {10.1145/3077839.3078464}, booktitle = {Proceedings of the Eighth International Conference on Future Energy Systems}, publisher = {ACM}, address = {New York, NY, USA}, series = {e--Energy '17}, pages = {334----340}, file_url = {http://doi.acm.org/10.1145/3077839.3078464} } @Inproceedings { Fischer2016b, author = {Fischer, Andreas and Kuehn, Ramona and Mandarawi, Waseem and de Meer, Hermann}, title = {Modeling Security Requirements for VNE algorithms}, abstract = {Public and private Infrastructure as a Service (IaaS) clouds are widely used by individuals and organizations to provision flexible virtual computing resources on demand. Virtual Network Embedding (VNE) algorithms are employed in this context to provide an automated resource assignment. With multiple involved parties security--aware Virtual Machine (VM) placement becomes highly relevant for production environments. Moreover, VNE algorithms should also consider the security requirements of the interconnections between VMs, thereby extending the problem to networks. This paper discusses security requirements of Virtual Networks (VNs) and shows how they can be modeled in VNE to map them to the provided security mechanisms in the physical network. The paper also presents an implementation of this security--aware VNE model in the public simulation platform ALEVIN, demonstrating the applicability with a realistic use case of such a model.}, year = {2017}, isbn = {978--1--63190--141--6}, DOI = {10.4108/eai.25--10--2016.2266673}, booktitle = {Valuetools 2016, 10th EAI International Conference on Performance Evaluation Methodologies and Tools}, publisher = {ICST (Institute for Computer Sciences, Social--Informatics and Telecommunications Engineering)}, address = {ICST, Brussels, Belgium, Belgium}, series = {VALUETOOLS\\&\{\#}39;16}, pages = {149----154}, keywords = {cloud computing, network virtualization, security, substrate network, virtual network, virtual network embedding}, tags = {FORSEC}, file_url = {http://www.uni--passau.de/fileadmin/files/lehrstuhl/meer/publications/pdf/Fischer2016b.pdf} } @Article { Rass2017a, author = {Rass, Stefan and Alshawish, Ali and Abid, Mohamed Amine and Schauer, Stefan and Zhu, Quanyan and de Meer, Hermann}, title = {Physical Intrusion Games--Optimizing Surveillance by Simulation and Game Theory}, abstract = {The protection of cyber--physical networks is a topic of increasing importance. The evolution of IT (cyber) systems that control and supervise the underlying physical system has grown over decades, whereas security has not become a concern until quite recently. Advanced persistent threats (APTs) have proven to be a difficult but significant challenge for practitioners. This work adopts a game--theoretic modeling of APTs and applies it to the (sub)problem of physical intrusion in an infrastructure. The gap between defining a good theoretical model and practically instantiating it is considered in particular. The model description serves to illustrate what is needed to put it into practice. The main contribution of this article is the demonstration of how simulation, physical understanding of an infrastructure, and theoretical methods can be combined towards a practical solution to the physical intrusion avoidance problem. Numerical results are given to show how the physical intrusion game is being set up, and how the results obtained from its analysis can be interpreted and used for an optimized defense.}, year = {2017}, issn = {2169--3536}, journal = {IEEE Access}, volume = {5}, publisher = {IEEE}, pages = {8394--8407}, keywords = {Computer security;Cyber--physical systems;Game theory;Games;Surveillance;Security;intrusion detection;risk analysis;surveillance}, tags = {HyRiM} } @Inproceedings { Alshawish2017a, author = {Alshawish, Ali and Abid, Mohamed Amine and Rass, Stefan and de Meer, Hermann}, title = {Playing a Multi--objective Spot--checking Game in Public Transportation Systems}, abstract = {Public transportation systems represent an essential sector of any nation's critical infrastructure. Hence, continuity of their services is deemed important and with a high priority to the nations. Concerns over risks like terrorism, criminal offenses, and business revenue loss impose the need for enhancing situation awareness in these systems. However, practices, such as conducting random patrols or regular spot--checks on passengers to prevent or deter potential violations, are strictly limited by the number of available resources (e.g. security staff or fare inspectors) and by the ability of potential opponents (e.g. criminals, or fare evaders) to predict or observe the inspectors' presence patterns. Casting the interactions between these competitive entities (inspectors/security officials and criminals/fare dodgers) into a game--theoretic model will enable involved system operators to 1) find optimal cost--effective (or multi--goal) human resource allocation or spot--check schedules, 2) capture and treat uncertainty due to imperfectness of information, 3) integrate measurements from heterogeneous natures (e.g. statistics, expert opinions, or simulation results). This work applies a game--theoretical model that uses random probability--distribution--valued payoffs to allow playing spot--checking games with diverging actions' outcomes as well as avoiding information loss due to combining several measurements into one representative (e.g. average).}, year = {2017}, booktitle = {4th Workshop on Security in highly connected IT systems (SHICS)}, tags = {HyRiM} } @Inproceedings { Eider2017a, author = {Eider, Markus and Sellner, Diana and Berl, Andreas and Basmadjian, Robert and de Meer, Hermann and Klingert, Sonja and Schulze, Thomas and Kutzner, Florian and Kacperski, Celina and Stolba, Michal}, title = {Seamless Electromobility}, abstract = {The existing electromobility (EM) is still in its fledgling stage and multiple challenges have to be overcome to make Electric Vehicles (EVs) as convenient as combustion engine vehicles. Users and Electric Vehicle Fleet Operators (EFOs) want their EVs to be charged and ready for use at all times. This straightforward goal, however, is counteracted from various sides:The range of the EV depends on the status and depletion of the EV battery which is influenced by EV use and charging characteristics. Also, most convenient charging from the user's point of view, might unfortunately lead to problems in the power grid. As in the case of a power peak in the evening when EV users return from work and simultaneously plug in their EVs for charging. Last but not least, the mass of EV batteries are an untapped potential to store electricity from intermittent renewable energy sources. In this paper, we propose a novel approach to tackle this multi--layered problem from different perspectives. Using on--board EV data and grid prediction models, we build up an information model as a foundation for a back end service containing EFO and Charging Station Provider (CSP) logic as well as a central Advanced Drivers Assistant System (ADAS). These components connect to both battery management and user interfaces suggesting various routing and driving behaviour alternatives customized and incentivized for the current user profile optimizing above mentioned goals.}, year = {2017}, isbn = {978--1--4503--5036--5}, DOI = {10.1145/3077839.3078461}, booktitle = {Proceedings of the Eighth International Conference on Future Energy Systems}, publisher = {ACM}, address = {New York, NY, USA}, series = {e--Energy '17}, pages = {316----321}, keywords = {ADAS, Battery Health, Electric Vehicles, Grid Prediction Models, Incentives, Range Modelling, Routing, Smart Charging, User Guidance}, tags = {Electrific}, file_url = {http://doi.acm.org/10.1145/3077839.3078461} } @Inbook { Mandrawi2016a, author = {Mandarawi, Waseem and Fischer, Andreas and Houyou, Amine Mohamed and Huth, Hans--Peter and de Meer, Hermann}, title = {Constraint--based Virtualization of Industrial Networks}, abstract = {In modern industrial solutions, Ethernet--based communication networks have been replacing bus technologies. Ethernet is no longer found only in intercontroller or manufacturing execution systems, but has penetrateed into the realtime sensitive automation process (i.e. close to the machines and sensors). Ethernet itself adds many advantages to industrial environments where digitalization also means more data--driven IT services interacting with the machines. However, in order to cater to the needs of both new and more automation--related communication, a better restructuring of the network and resources among multi--tenant systems needs to be carried out. Various Industrial Ethernet (IE) standards already allow some localized separation of application flows with the help of Quality of Service (QoS) mechanisms. These technologies also expect some planning or engineering of the system which takes place by estimating worst case scenarios of possible traffic generated by all assumed applications. This approach, however, lacks the flexibility to add new services or to extend the system participants on the fly without a major re--design and re--configuration of the whole network. Network Virtualization and segmentation is used to satisfy these requirements of more support for dynamic scenarios, while keeping and protecting time--critical production traffic. Network Virtualization allows Slicing of the real physical network connecting a set of applications and end--devices into logically separated portions or Slices. A set of resource demands and constraints is defined on a Slice or Virtual Network level. Slice links are then mapped over physical paths starting from end devices through forwarding devices that can guarantee these demands and constraints. In this chapter, the modeling of virtual Industrial Network constraints is addressed with a focus on communication delay. For evaluation purposes, the modeled network and mapping criteria are implemented in the Virtual Network Embedding (VNE) traffic engineering platform ALEVIN}, year = {2016}, isbn = {978--3--319--30599--8}, DOI = {10.1007/978--3--319--30599--8{\textunderscore}22}, booktitle = {Principles of Performance and Reliability Modeling and Evaluation: Essays in Honor of Kishor Trivedi on his 70th Birthday}, publisher = {Springer International Publishing}, address = {Cham}, editor = {Fiondella, Lance and Puliafito, Antonio}, pages = {567----586}, web_url = {https://doi.org/10.1007/978--3--319--30599--8{\textunderscore}22} } @Article { Niedermeier2016a, author = {Niedermeier, Michael and de Meer, Hermann}, title = {Constructing Dependable Smart Grid Networks using Network Functions Virtualization}, abstract = {Smart meters enable a fine--granular monitoring of power consumption and distributed power production in costumers' premises, which are used to predict the power requirements for the near future. The goals are to offer more security of supply as well as to minimize the power requirement estimation errors. However, to benefit from this information, the communication infrastructure that transmits the energy--related data needs to fulfill stringent requirements with respect to dependability, while remaining monetarily feasible. This paper discusses the usage of network function virtualization (NFV) technologies and constructs a virtual advanced metering infrastructure (AMI) network to transmit energy--related information in a dependable and cost--effective way. After the discussion of dependability requirements of AMI and the shortcomings of current approaches, the reliability and availability of a new architecture based on NFV is analyzed using analysis. Finally, a cost model is developed to compare the Virtual Network Function approach to current AMIs.}, year = {2016}, month = {July}, issn = {1064--7570}, journal = {journal of Network and Systems Management}, volume = {24}, publisher = {Plenum Press}, address = {New York, NY, USA}, pages = {449----469}, number = {3}, keywords = {Advanced metering infrastructure, Costs, Dependability, Network function virtualization, Virtualization}, tags = {FORSEC, HYRIM} } @Inproceedings { Alyousef2016a, author = {Alyousef, Ammar and Niedermeier, Florian and de Meer, Hermann}, title = {DC4Cities Power Planning: Sensitivity to Renewable Energy Forecasting Errors}, abstract = {Data centers are among the largest and fastest growing consumers of electricity in the world. Furthermore, the rapid growth of digital content, big data, e--commerce, and internet traffic will create the need for an even higher number of DCs. On other side, in spite of the variability of renewable resources, due to characteristic weather fluctuations, the significant progress has been made in the renewable energy generation industry in terms of reducing installation cost and increasing integration into the power grid represents a good motive to tune data center software execution load in such a way that power consumption matches renewable energy availability (about 5%--30% of total DC load can be shifted [20]). This is especially viable in the context of smart cities, where the existence of a demand side management scheme can be assumed. In the context of the European project \grqqDC4Cities”, a similar scheme has been developed which consists of two phases. In the first phase, a concrete guidelines on power use for participating consumers to be followed is calculated. In the second phase, the control systems should find using this guidelines the best desired power values in terms of renewable percentage and SLAs. In this paper, an algorithm to calculate the aforementioned concrete guidelines by a component named \grqqMax/Ideal Power Planner”, based on smart city goals and renewable power availability forecasts, is proposed. In addition, the robustness of complete control system, particularly the Max/Ideal Power Planner, is estimated by evaluating the impact of renewable forecast accuracy on the scheduling of jobs in the data center via the proposed control system. Two types of errors in renewable forecasting are discussed: constant error and random error.}, year = {2016}, isbn = {978--1--4503--4421--0}, DOI = {10.1145/2940679.2940686}, booktitle = {Proceedings of the 5th International Workshop on Energy Efficient Data Centres}, publisher = {ACM}, address = {New York, NY, USA}, series = {E2DC '16}, pages = {7:1----7:6}, keywords = {DC4Cities, data center, error propagation, power planning}, tags = {DC4C} } @Patent { Houyou2016a, author = {Houyou, Amine Mohamed and Fischer, Andreas and Mandarawi, Waseem and de Meer, Hermann and Huth, Hans--Peter}, title = {Device and method for allocating communication resources in a system employing network slicing}, type = {Patent}, year = {2016}, month = {09}, booktitle = {In Patent}, publisher = {Siemens AG}, number = {WO2016150511A1}, tags = {Patent}, web_url = {https://patents.google.com/patent/WO2016150511A1}, web_url2 = {https://patents.google.com/patent/WO2016150511A1}, annotation = {Patent} } @Inproceedings { Niedermeier2016b, author = {Niedermeier, Florian and Kazhamiaka, Fiodar and de Meer, Hermann}, title = {Energy Supply Aware Power Planning for Flexible Loads}, abstract = {Increasing the use of renewable energy is considered a viable way of reducing carbon intensive power generation. However, a power grid running on high amounts of renewable energy has to deal with the limited controllability and higher volatility of power sources like wind or solar. In this work, we propose to use demand side management to deal with varying amounts of renewable power feed--in via the use of power plans, i.e. instructions passed to large energy consumers that specify how they should try to spread out their energy use over a day. We argue that a separation of power planning and implementation of technical measures to schedule loads to follow the plan would alleviate some of the problems faced by an integrated planning--scheduling approach, as these processes are governed by different entities who may be unwilling to disclose all required information to each other. As a proof--of--concept, we propose and analyze a quadratic programming approach to maximizing the fraction of renewable energy being used while not overburdening the consumer with a power plan that is diffcult to follow.}, year = {2016}, isbn = {978--1--4503--4421--0}, booktitle = {Proceedings of the 5th International Workshop on Energy Efficient Data Centres}, publisher = {ACM}, address = {New York, NY, USA}, series = {E2DC '16}, pages = {2:1----2:6}, keywords = {flexibility, power planning, quadratic programming}, tags = {DC4C} } @Inproceedings { He2016a, author = {He, Xiaobing and Sui, Zhiyuan and de Meer, Hermann}, title = {Game--theoretic Risk Assessment in Communication Networks}, abstract = {Two--way communication networks enable near realtime interactions in modern smart power systems. Also, computer and communication security systems have become one of the main factors of security in power systems. The need for methods to appropriately assess currently existing cyber risks and forecast possible future risks to a reasonable extent has become more important than ever before. This work establishes a surveillance architecture to monitor message transactions among nodes in communication networks. A security belief model is built to interpret surveillance observations as Dirichlet--distributed security events with certain probabilities. By taking the interaction between possibly suspicious nodes and the security operator as a transmitting--monitoring game, a game--theoretic risk assessment framework is presented to compute and forecast risk of network security impairment.}, year = {2016}, DOI = {10.1109/EEEIC.2016.7555448}, booktitle = {Environment and Electrical Engineering (EEEIC), 2016 IEEE 16th International Conference on}, publisher = {IEEE}, pages = {1----6}, keywords = {surveillance; risk assessment; game theory; Dirichlet distribution; risk prediction} } @Article { Fischer2016a, author = {de Meer, Hermann and Fischer, Andreas}, title = {Generating Virtual Network Embedding Problems with Guaranteed Solutions}, abstract = {The efficiency of network virtualization depends on the appropriate assignment of resources. The underlying problem, called Virtual Network Embedding, has been much discussed in the literature, and many algorithms have been proposed, attempting to optimize the resource assignment in various respects. Evaluation of those algorithms requires a large number of randomly generated embedding scenarios. This paper presents a novel scenario generation approach and demonstrates how to produce scenarios with a guaranteed exact solution, thereby facilitating better evaluation of embedding algorithms.}, year = {2016}, month = {Sept}, issn = {1932--4537}, DOI = {10.1109/TNSM.2016.2596802}, journal = {IEEE Transactions on Network and Service Management}, volume = {13}, publisher = {IEEE}, pages = {504--517}, number = {3}, keywords = {computer networks;embedded systems;virtualisation;network virtualization;resource assignment;virtual network embedding problems;Algorithm design and analysis;Heuristic algorithms;Java;Measurement;Network topology;Substrates;Topology;Virtual network embedding;algorithm simulation;experimental algorithmics;network virtualization;problem generation}, tags = {FORSEC, DC4Cities}, file_url = {http://www.uni--passau.de/fileadmin/files/lehrstuhl/meer/publications/pdf/Fischer2016a.pdf} } @Inproceedings { Baier2016a, author = {Baier, Christel and Kl{\"u}ppelholz, Sascha and de Meer, Hermann and Niedermeier, Florian and Wunderlich, Sascha}, title = {Greener bits: formal analysis of demand response}, abstract = {Demand response is a promising approach to deal with the emerging power generation fluctuations introduced by the increasing amount of renewable energy sources fed into the grid. Consumers need to be able to adapt their energy consumption with respect to the given demand pattern and at the same time ensure that their adaptation (i.e., response) does not interfere with their various operational objectives. Finding, evaluating and verifying adaptation strategies which aim to be optimal w.r.t. multiple criteria is a challenging task and is currently mainly addressed by hand, heuristics or guided simulation. In this paper we carry out a case study of a demand response system with an energy adaptive data center on the consumer side for which we propose a formal model and perform a quantitative system analysis using probabilistic model checking. Our first contribution is a fine--grained formal model and the identification of significant properties and quantitative measures (e.g., expected energy consumption, average workload or total penalties for violating adaptation contracts) that are relevant for the data center as an adaptive consumer. The formal model can serve as a starting point for the application of different formal analysis methods. The second contribution is an evaluation of our approach using the prominent model checker PRISM. We report on the experimental results computing various functional properties and quantitative measures that yield important insights into the viability of given adaptation strategies and how to find close--to--optimal strategies.}, year = {2016}, isbn = {978--3--319--46520--3}, DOI = {10.1007/978--3--319--46520--3{\textunderscore}21}, organization = {Springer}, booktitle = {Automated Technology for Verification and Analysis: 14th International Symposium, ATVA 2016, Chiba, Japan, October 17--20, 2016, Proceedings}, pages = {323----339}, tags = {DC4Cities} } @Inproceedings { Basmadjian2016a, author = {Basmadjian, Robert and Niedermeier, Florian and de Meer, Hermann}, title = {Modelling Performance and Power Consumption of Utilisation--based DVFS Using M/M/1 Queues}, abstract = {Dynamic Voltage and Frequency Scaling has become a key technique to reduce power consumption at times of low processor utilisation. Reducing CPU frequency usually results in degraded services' performance leading to Service Level Agreement violations. Usually, CPU governors change frequency and voltage at discrete time instances based on utilisation without taking into account performance constraints of services. In this paper, a model for the widely--used utilisation--based ondemand governor is presented. In contrast to state--of--the--art DVFS models, our model explicitly considers the change of frequency and voltage at discrete time instances based on utilisation. The model allows us to estimate both service performance and processor power consumption. Furthermore, the model can be used to determine an optimal voltage and frequency switching strategy in order to achieve a further reductio of energy consumption while ensuring compliance with SLAs. The results obtained from experimental analysis conrm our proposed model.}, year = {2016}, isbn = {978--1--4503--4393--0}, DOI = {10.1145/2934328.2934342}, booktitle = {Proceedings of the Seventh International Conference on Future Energy Systems}, publisher = {ACM}, address = {New York, NY, USA}, series = {e--Energy '16}, pages = {14:1----14:11}, keywords = {DVFS, ondemand governor, performance, power consumption}, tags = {DC4C} } @Inproceedings { Marktscheffel2016, author = {Marktscheffel, T. and Gottschlich, W. and Popp, W. and Werli, P. and Fink, Simon D. and Bilzhause, A. and de Meer, Hermann}, title = {QR code based mutual authentication protocol for Internet of Things}, abstract = {In the Internet of Things (IoT), security is important and challenging; however, it is often neglected. This paper presents a smart home scenario, together with its requirements for a secure and user friendly mutual authentication protocol. Protocols developed for the internet are often not applicable to the Internet of Things due to hardware limitations and physical inaccessibility of devices. To tackle the challenge of a usable and secure device authentication in the area of the IoT, a QR code based mutual authentication protocol is proposed. The protocol supports two operation modes to handle different hardware configurations with respect to cameras and displays. Both operation modes are secure against attacks within the proposed attacker model. The protocol can also be used to exchange the public keys between two parties, in order to establish a secure channel without a trusted third party.}, year = {2016}, month = {June}, booktitle = {2016 IEEE 17th International Symposium on A World of Wireless, Mobile and Multimedia Networks (WoWMoM)}, pages = {1--6}, keywords = {Internet of Things;QR codes;cryptographic protocols;Internet of Things;QR code;mutual authentication protocol;public key exchange;secure device authentication;smart home scenario;Authentication;Cameras;Internet of things;Protocols;Smart homes;Smart phones;Authentication;Internet of Things;Key Exchange;QR code;Usable Security} } @Inbook { Sui2015b, author = {Sui, Zhiyuan and Niedermeier, Michael and de Meer, Hermann}, title = {RESA: A Robust and Efficient Secure Aggregation Scheme in Smart Grids}, abstract = {In this paper, we indicate the increasing interests in providing network security and privacy in Smart Grids, and propose a novel usage data aggregation scheme. The proposed scheme combines multiple cryptosystems to achieve anonymity and multidimensional data aggregation without a trusted third party. In our approach, smart meters transmit usage reports through hop--by--hop communication. If the communication is delayed or fails at one hop, it is possible to reroute the traffic through another hop. Therefore, the robustness of grid communication networks is improved. Additionally, an aggregation tree is constructed in order to optimize the aggregation time. Finally, smart meters utilize a highly efficient hash--based message authentication code to ensure data integrity and identity authentication. Although some existing approaches can achieve similar security features, our scheme has lower computational cost according to performance analysis and experiments.}, year = {2016}, isbn = {978--3--319--33331--1}, booktitle = {Critical Information Infrastructures Security: 10th International Conference, CRITIS 2015, Berlin, Germany, October 5--7, 2015, Revised Selected Papers}, publisher = {Springer}, address = {Cham}, pages = {171----182}, keywords = {Smart grids, Multidimensional aggregation, Privacy preservation, Robustness, Security Optimization}, tags = {HYRIM} } @Inproceedings { Gouglidis2016a, author = {Schauer, Stefan and K{\"o}nig, Sandra and Rass, Stefan and Gouglidis, Antonios and Alshawish, Ali and de Meer, Hermann}, title = {Risk Minimization in Physical Surveillance: Playing an Uncertain Cops--and--Robbers Game}, abstract = {Many security infrastructures incorporate some sort of surveillance technologies to operate as an early incident warning or even prevention system. The special case of surveillance by cameras and human security staff has a natural reflection in game--theory as the well--known "Cops--and--Robbers" game (a.k.a. graph searching). Traditionally, such models assume a deterministic outcome of the gameplay, e.g., the robber is caught when it shares its location with a cop. In real life, however, the detection rate is far from perfect (as models assume), and thus required to play the game with uncertain outcomes. This work applies a simple game--theoretic model for the optimization of physical surveillance systems in light of imperfect detection rates of incidents, minimizing the potential damage an intruder can cause. We explicitly address the uncertainty in assessing the potential damage caused by the intruder by making use of empirical data (i.e., diverging expert opinions, inaccuracies of detection mechanisms, etc.). This particularly aids standardized risk management processes, where decision--making is based on qualitative assessments (e.g., from "low damage" to "critical danger") and nominally quantified likelihoods (e.g., "low", "medium" and "high"). The unique feature of our approach is threefold: 1) it models the practical imperfections of surveillance systems accounting for the subjectivity of expert opinions, 2) it treats the uncertainty in the outcome as a full--fledged categorical distribution (rather than requiring numerical data to optimize characteristic measures), and 3) it optimizes the whole distribution of randomly suffered damages, thus avoiding in--formation loss due to data aggregation (required in many standard game--theoretic models using numbers for their specification). The resulting optimal security strate--gies provide risk managers with the information they need to make better decisions.}, year = {2016}, organization = {Springer}, booktitle = {Decision and Game Theory for Security: 7th International Conference, GameSec 2016, New York, NY, USA, November 2--4, 2016, Proceedings}, volume = {9996}, pages = {471}, tags = {HyRiM} } @Inproceedings { Taubmann2015a, author = {Taubmann, Benjamin and P. Reiser, Hans and Kittel, Thomas and Fischer, Andreas and Mandarawi, Waseem and de Meer, Hermann}, title = {CloudIDEA -- Cloud Intrusion Detection, Evidence preservation and Analysis}, abstract = {We want to enhance the security of IaaS clouds by designing an architecture for malware and intrusion detection, analysis and evidence collection.}, year = {2015}, booktitle = {Proc. of the 10th European Conf. on Computer Systems (EuroSys 2015)}, keywords = {Cloud security; Cloud malware; Intrusion detection; Virtual machine introspection, Virtual machine migration}, tags = {FORSEC}, web_url2 = {http://eurosys2015.labri.fr/program/posters/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Taubmann2015a.pdf}, note = {Poster with abstract} } @Inproceedings { Fischer2015a, author = {Fischer, Andreas and Kittel, Thomas and Kolosnjaji, Bojan and Lengyel, Tamas K. and Mandarawi, Waseem and de Meer, Hermann and Mueller, Tilo and Protsenko, Mykolai and P. Reiser, Hans and Taubmann, Benjamin and Weish{\"a}upl, Eva}, title = {CloudIDEA: A Malware Defense Architecture for Cloud Data Centers}, abstract = {Virtual machines (VMs) hosted on Infrastructure--as--a--Service (IaaS) clouds are an attractive target for attackers. Cloud providers and cloud customers who want to detect, analyze, and preserve evidence about malware attacks in IaaS clouds are faced with multiple problems: Cloud customers cannot use existing intrusion detection tools that require access to physical hardware or make use of virtual machine introspection (VMI). Cloud providers lack contextual knowledge about the system executing within the VM and do not know which intrusion detection heuristics fits for it.}, year = {2015}, isbn = {978--3--319--26148--5}, DOI = {10.1007/978--3--319--26148--5{\textunderscore}40}, booktitle = {On the Move to Meaningful Internet Systems: OTM 2015 Conferences: Confederated International Conferences: CoopIS, ODBASE, and C{\\&}TC 2015, Rhodes, Greece, October 26--30, 2015. Proceedings}, publisher = {Springer International Publishing}, address = {Cham}, pages = {594----611}, tags = {FORSEC} } @Article { Niedermeier2015c, author = {Niedermeier, Michael and He, Xiaobing and de Meer, Hermann and Buschmann, Carsten and Hartmann, Klaus and Langmann, Benjamin and Koch, Michael and Fischer, Stefan and Pfisterer, Dennis}, title = {Critical Infrastructure Surveillance Using Secure Wireless Sensor Networks}, abstract = {In this work, a secure wireless sensor network (WSN) for the surveillance, monitoring and protection of critical infrastructures was developed. To guarantee the security of the system, the main focus was the implementation of a unique security concept, which includes both security on the communication level, as well as mechanisms that ensure the functional safety during its operation. While there are many theoretical approaches in various subdomains of WSNs?like network structures, communication protocols and security concepts?the construction, implementation and real--life application of these devices is still rare. This work deals with these aforementioned aspects, including all phases from concept--generation to operation of a secure wireless sensor network. While the key focus of this paper lies on the security and safety features of the WSN, the detection, localization and classification capabilities resulting from the interaction of the nodes? different sensor types are also described.}, year = {2015}, issn = {2224--2708}, journal = {journal of Sensor and Actuator Networks}, volume = {4}, pages = {336----370}, number = {4}, keywords = {wireless sensor networks; security; functional safety; networking}, tags = {HYRIM, EFRE{\textunderscore}ITSEC, BSI{\textunderscore}MovDet}, file_url = {http://www.net.fim.uni--passau.de/pdf/Niedermeier2015c.pdf} } @Article { Beck2015a, author = {Beck, Michael T. and Fischer, Andreas and Botero, Juan F. and Linnhoff--Popien, Claudia and de Meer, Hermann}, title = {Distributed and scalable embedding of virtual networks}, abstract = {Network virtualization is widely regarded as a key technology for the Future Internet, enabling the deployment of new network protocols without changing dissimilar hardware devices. This leads to the problem of mapping virtual demands to physical resources, known as Virtual Network Embedding (VNE). Current VNE algorithms do not scale with respect to the substrate network size. Therefore, these algorithms are not applicable in large--scale scenarios where virtual networks have to be embedded in a timely manner. This paper discusses DPVNE, a Distributed and Generic VNE framework: It runs cost--oriented centralized embedding algorithms in a distributed way, spreading workload across the substrate network instead of concentrating it on one single node (as centralized algorithms do). Several state--of--the--art algorithms were evaluated running inside the DPVNE framework. Results show that DPVNE leads to runtime improvements in large--scale scenarios and embedding results are kept comparable.}, year = {2015}, month = {Oct}, DOI = {10.1016/j.jnca.2015.06.012}, journal = {journal of Network and Computer Applications}, volume = {56}, pages = {124----136}, keywords = {Virtual Network Embedding, Distributed algorithm, Framework} } @Inproceedings { Berl2015a, author = {Berl, Andreas and Klingert, Sonja and Hesselbach--Serra, Xavier}, title = {Energy--aware data centers: Architecture, infrastructure, and communication}, abstract = {The energy efficiency of data centers has been in the focus of research for several years. Technologies, such as the virtualization of services and infrastructures, are broadly available in data centers, today. Not only IT infrastructures (e.g., servers, storage, and network) have been considered for energy management, but also the HVAC (heating, ventilation, and air conditioning) environment. Such achievements have impact on the design of new energy--aware data center technologies and topologies. Although the technologies are maturing, there are still big challenges to be faced. Consistent definitions of metrics for energy efficiency of data centers need to be established as well as incentives that are specifically targeted at energy--aware data center management, for instance. In addition to an abundance of already well--researched areas, new topics arise, such as the phenomenon of Big Data, which until today has been hardly analyzed with respect to its impact on energy consumption in data centers. Also, energy--aware workload management remains in the focus of research. Virtualization facilitates the integration of different kinds of technologies for energy--efficient resource and service provisioning. This includes ad hoc strategies, e.g., to flexibly integrate newly discovered (or created) resources into the data center’s infrastructure.}, year = {2015}, issn = {1570--8705}, booktitle = {Ad Hoc Networks}, volume = {25}, pages = {495----496} } @Incollection { Basmadjian2015a, author = {Basmadjian, Robert and Bouvry, Pascal and Da Costa, Georges and Gyarmati, Laszlo and Kliazovich, Dzmitry and Lafond, S{\'e}bastien and Lef{\`e}vre, Laurent and de Meer, Hermann and Pierson, Jean--Marc and Pries, Rastin and Trinh, Tuan and Khan, Samee Ullah}, title = {Green Data Centers}, abstract = {The widely adoption of the novel Internet services of the last decade, e.g., web 2.0 services, cloud services, and cloud computing, modified the structure of the whole Internet ecosystem. Contrary to the earlier disperse structure, where each service had its own server to be operated on, the infrastructures of the current cloud services are highly centralized; numerous services are run by a single infrastructure. These facilities are commonly known as data centers.}, year = {2015}, month = {April}, isbn = {978--1--118--86463--0}, booktitle = {Large--scale Distributed Systems and Energy Efficiency: A Holistic View}, publisher = {Wiley}, chapter = {6}, series = {Wiley series on Parallel and Distributed Computing}, editor = {Jean--Marc Pierson}, pages = {159----188}, web_url2 = {https://www.researchgate.net/publication/273121459{\textunderscore}Green{\textunderscore}Data{\textunderscore}Centres} } @Incollection { Cervero2015a, author = {Cervero, Alfonso G. and Chincoli, Michele and Dittmann, Lars and Fischer, Andreas and Garcia, Alberto E. and Galan--Jimenez, Jaime and Lef{\`e}vre, Laurent and de Meer, Hermann and Monteil, Thierry and Monti, Paolo and Orgerie, Anne--Cecile and Pau, Louis--Francois and Phillips, Chris and Ricciardi, Sergio and Sharrock, Remi and Stolf, Patricia and Trinh, Tuan and Valcarenghi, Luca}, title = {Green Wired Networks}, abstract = {After highlighting the significant energy consumption of existing wired communication networks, this chapter considers various means of operating such networks more efficiently. The chapter examines the components that make up wired communications network and their differing characteristics between the access and core, as well as patterns of traffic behavior. Once this is done, the chapter focuses on static (network planning) and dynamic (traffic--engineering) schemes that can be used to reduce the energy consumption of networks. The chapter also pays attention to a number of challenges/open research questions that need to be resolved before the implementation of such schemes. These include issues with migration and resilience. Finally a summary reviews the key themes that have been covered.}, year = {2015}, month = {April}, isbn = {978--1--118--86463--0}, booktitle = {Large--scale Distributed Systems and Energy Efficiency: A Holistic View}, publisher = {Wiley}, series = {Wiley series on Parallel and Distributed Computing}, editor = {Jean--Marc Pierson}, pages = {39----77}, tags = {COST{\textunderscore}IC0804, All4Green} } @Inproceedings { Sui2015a, author = {Sui, Zhiyuan and Alyousef, Ammar and de Meer, Hermann}, title = {IAA: Incentive--Based Anonymous Authentication Scheme in Smart Grids}, abstract = {The traditional energy consumption calculation heavily relies on manual work, which is inefficient and error--prone. The Smart Grid, which integrates information and communication technologies into the electrical grid to gather information and manage energy production and consumption, may be a solution to this challenge. However, the resulting complex infrastructure and profusion of information may open up new attack vectors exploitable by malicious parties that could attack the grid itself or violate its consumers’ privacy. In this paper, we indicate the increasing interests in providing conditionally anonymous authentication in the Smart Grid systems. While the consumption report stays anonymous, the consumers who voluntarily curtail their energy consumption, can confirm their curtailments in the scheme. Moreover, compared with the existing conditionally anonymous authentication schemes, our scheme is more efficient in computational and communication overhead for Smart Grid systems.}, year = {2015}, isbn = {978--3--319--18608--5}, booktitle = {Proc. of the 2nd International Conference in Internet Science (2015)}, volume = {9089}, publisher = {Springer International Publishing}, pages = {133----144}, keywords = {Smart Grids, Anonymous authentication, Demand and response, Privacy preservation, Incentive}, file_url = {http://www.net.fim.uni--passau.de/pdf/Sui2015a.pdf}, note = {The original publication is available at www.springerlink.com (2015)} } @Inproceedings { Niedermeier2015a, author = {Niedermeier, Florian and Duschl, Wolfgang and Moeller, Torben and de Meer, Hermann}, title = {Increasing Data Centre Renewable Power Share via Intelligent Smart City Power Control}, abstract = {Urbanization has been an increasing trend that has lead to higher population densities in cities worldwide. Providing these large amounts of citizens with a high quality of living is one of the main goals of future smart cities. A high quality of living requires the smart city to offer several services, many of them supported by a sophisticated, power--intensive IT infrastructure. We present a cooperation scheme between smart city and data centres that allows for an effective use of power exibilities inherently available in data centres. By adapting the power demand of data centres to the availability of renewable energy, smart city goals like a low carbon emission of its IT infrastructure become achievable. To this end, a demand side management scheme under orchestration of a central control system is proposed. The concrete guidelines on power use for data centres are calculated by a component named "Ideal Power Planner", based on smart city goals and renewable power availability forecasts. The effectiveness of the developed approach has been validated in three testbeds.}, year = {2015}, booktitle = {Proceedings of the 2015 ACM Sixth International Conference on Future Energy Systems}, publisher = {ACM}, address = {New York, NY, USA}, series = {e--Energy '15}, pages = {241----246}, keywords = {Smart city; Data centre; Renewable energy}, tags = {DC4Cities}, file_url = {http://www.net.fim.uni--passau.de/pdf/Niedermeier2015a.pdf} } @Inproceedings { Klingert2015a, author = {Klingert, Sonja and Niedermeier, Florian and Dupont, Corentin and Giuliani, Giovanni and Schulze, Thomas and de Meer, Hermann}, title = {Introducing Flexibility into Data Centers for Smart Cities}, abstract = {In Europe, more and more cities are aiming to become part of the \grqqsmart cities” vision. Smart Cities are based on a plethora of sensor data which need to be processed in data centres. Therefore data centres play an important role in making cities smart. However, at the same time they are huge consumers of electrical energy and thus counteract smart cities’ goals of an IT based low carbon economy. The project DC4Cities takes up the challenge of turning data centres into flexible energy consumers that to a high degree run on renewable energy sources. It offers a technical solution for optimizing the share of renewables in data centre energy consumption and supports this by novel contracts and business models. This paper introduces power management options between data centres and a smart city which are backed by adaptation strategies within the data centre. It also presents a set of contracts that complement the technical solution and a trial evaluation of the approach.}, year = {2015}, DOI = {10.1007/978--3--319--27753--0{\textunderscore}7}, organization = {Springer}, booktitle = {Smart Cities, Green Technologies, and Intelligent Transport Systems: 4th International Conference, SMARTGREENS 2015, and 1st International Conference VEHITS 2015, Lisbon, Portugal, May 20--22, 2015, Revised Selected Papers}, pages = {128----145}, keywords = {Data centre;Energy--aware;Renewable energy source;Smart cities;Workload scheduling} } @Inproceedings { Frimpong2015a, author = {Trivisonno, Riccardo and Guerzoni, Riccardo and Vaishnavi, Ishan and Frimpong, Ansah}, title = {Network Resource Management and QoS in SDN--Enabled 5G Systems}, abstract = {Virtual Network Embedding (VNE) is considered a key technology to instantiate and operate Data and Control planes in next generation (5G) SDN--based Networks. Within this domain, Network Resource Management (NRM) is an essential feature to allow efficient resource utilisation, to enable network slicing and to guarantee fairness among the supported QoS classes. This paper presents and evaluates three alternative NRM policies: Full Sharing, Full Split and Russian Dolls. Policies define how different QoS classes share the available bandwidth on per link basis. The policies have been integrated in a MIP--based Virtual Link Mapping formulation (VLM+) supporting multi--constrained end to end QoS. Simulation results show different policies can suit different network operator's requirements. Also, results highlight Russian Dolls significantly outperforms other policies in terms of Embedding Rate and Link Utilisation, still preserving fairness among QoS Classes. VLM+ Convergence Time has also been evaluated, showing all policies are compatible with timing requirements for a real 5G system implementation.}, year = {2015}, month = {Dec.}, DOI = {10.1109/GLOCOM.2015.7417376}, booktitle = {2015 IEEE Global Communications Conference (GLOBECOM)} } @Incollection { Doll2015a, author = {Doll, Bernhard and Emmerich, Dirk and Herkenhoener, Ralph and Kuehn, Ramona and de Meer, Hermann}, title = {On Location--determined Cloud Management for Legally Compliant Outsourcing}, abstract = {When organisations are outsourcing their data processing to clouds, the cloud providers have to support them in achieving legal compliance. This is particular challenging in globally distributed clouds where the data centres are located in multiple countries with different legislation. Here, the cloud providers have to implement technical constraints based on the legal requirements which apply individually for each cloud customer. In this paper, the legal requirements of cloud customers and their corresponding technical constraints are modelled in a technically decidable and enforceable manner, using information flow control in virtual resource management, and a solution to implement the support of legal requirements in cloud environments is proposed. The solution proposed covers the translation of legal requirements of cloud customers into technical security policies which are applied in virtual resource management of clouds. For these purposes an information model, denoted as the Cloud Security Matrix, is defined using the methods of information flow control. In the model, cloud resources (virtual and hardware) are classified and the allowed information flows are defined. The information model is capable to express both location and security constraints including authenticity, integrity and availability. The technical feasibility of a location--based assignment of virtual resources is shown in a proof--of--concept implementation based on OpenStack}, year = {2015}, isbn = {978--3--658--10933--2}, DOI = {10.1007/978--3--658--10934--9{\textunderscore}6}, booktitle = {ISSE 2015}, publisher = {Springer Fachmedien Wiesbaden}, editor = {Reimer, Helmut and Pohlmann, Norbert and Schneider, Wolfgang}, pages = {61--73}, file_url = {http://dx.doi.org/10.1007/978--3--658--10934--9{\textunderscore}6} } @Article { Dupont2015a, author = {Dupont, Corentin and Hermenier, Fabien and Schulze, Thomas and Basmadjian, Robert and Somov, Andrey and Giuliani, Giovanni}, title = {Plug4Greens: A flexible energy--aware VM manager to fit data centre particularities}, abstract = {To maintain an energy footprint as low as possible, data centres manage their VMs according to conventional and established rules. Each data centre is however made unique due to its hardware and workload specificities. This prevents the ad hoc design of current VM managers from taking these particularities into account to provide additional energy savings. In this paper, we present Plug4Green, an energy--aware VM placement algorithm that can be easily specialized and extended to fit the specificities of the data centres. Plug4Green computes the placement of the VMs and state of the servers depending on a large number of constraints, extracted automatically from SLAs. The flexibility of Plug4Green is achieved by allowing the constraints to be formulated independently from each other but also from the power models. This flexibility is validated through the implementation of 23 SLA constraints and 2 objectives aiming at reducing either the power consumption or the greenhouse gas emissions. On a heterogeneous test bed, Plug4Green specialization to fit the hardware and the workload specificities allowed to reduce the energy consumption and the gas emission by up to 33% and 34%, respectively. Finally, simulations showed that Plug4Green is capable of computing an improved placement for 7500 VMs running on 1500 servers within a minute.}, year = {2015}, journal = {Ad Hoc Networks}, volume = {25}, pages = {505----519} } @Inproceedings { Mandarawi2015a, author = {Mandarawi, Waseem and Fischer, Andreas and de Meer, Hermann and Weish{\"a}upl, Eva}, title = {QoS--Aware Secure Live Migration of Virtual Machines}, abstract = {The live migration of Virtual Machines (VMs) is a key technology in server virtualization solutions used to deploy Infrastructure--as--a--Service (IaaS) clouds. This process, on one hand, increases the elasticity, fault tolerance, and maintainability in the virtual environment. On the other hand, it increases the security challenges in cloud environments, especially when the migration is performed between different data centers. Secure live migration mechanisms are required to keep the security requirements of both cloud customers and providers satisfied. These mechanisms are known to increase the migration downtime of the VMs, which plays a significant role in the compliance to Service Level Agreements (SLAs). This paper discusses the main threats caused by live migration and the main approaches for securing the migration. The requirements of a comprehensive Quality of Service (QoS)--aware secure live migration solution that keeps both security and QoS requirements satisfied are defined.}, year = {2015}, month = {jul}, booktitle = {2nd International Workshop on security in highly connected IT systems (SHCIS 15)}, keywords = {virtual machine, live migration, secure migration, quality of service, downtime, service level agreement}, tags = {FORSEC}, web_url = {https://epub.uni--regensburg.de/32375/} } @Inproceedings { Niedermeier2015b, author = {Klingert, Sonja and Niedermeier, Florian and Dupont, Corentin and Giuliani, Giovanni and Schulze, Thomas and de Meer, Hermann}, title = {Renewable Energy--Aware Data Centre Operations for Smart Cities -- The DC4Cities Approach}, abstract = {Data centres are important players in smart cities both as IT service providers and as energy consumers. Integrating intermittent renewable energy sources into the local power grid is one challenge in future smart cities aiming at an IT based low carbon economy. The project DC4Cities takes up this challenge by offering a both technical and business related solution for optimizing the share of local renewable power sources when operating data centres in smart cities. To this end, power management options between the data centre and the smart city together with internal adaptation strategies for data centres are introduced. Finally, an implementation of the suggested approach is presented and evaluated in a simulation.}, year = {2015}, month = {May}, booktitle = {Proc. of the 4th Int'l Conf. on Smart Grids and Green IT Systems (SMARTGREENS 2015)}, publisher = {SciTePress}, keywords = {Data center; Energy awareness; Renewable energy source; Smart cities; Workload scheduling}, tags = {DC4C} } @Article { Abid2015a, author = {Abid, Mohamed Amine and Belghith, Abdelfettah and Drira, Khalil}, title = {SARP: A dynamically readjustable period size proactive routing protocol for MANETs}, abstract = {The aim of a routing protocol is to compute routes between every couple of nodes. When the topology evolves over time, routing decisions should be constantly reconsidered to ensure continuous valid routing. Conventional proactive routing protocols periodically re--compute their routing--tables. However, due to their inherent nature based on shortest--paths, they select longer links (victims of rapid breakages as nodes move). Increasing the updates' frequency certainly allows a better tracking of the topology changes; however, it induces higher signaling overhead. An adequate trade--off between the period size and the control overhead should be found. In this paper, we propose a new mechanism that keeps sensing the mobility--level to properly--adjust the routing period size. It relies on a distributed algorithm collecting the network cartography to self--regulate the routing period size. Simulation results show that our proposal (SARP) correctly tracks topology changes and properly adjusts the current period size leading to better performances.}, year = {2015}, journal = {journal of Computer and System Sciences}, volume = {81}, publisher = {Elsevier}, pages = {496----515}, number = {3} } @Inproceedings { frimpong2015b, author = {Guerzoni, Riccardo and Vaishnavi, Ishan and Frimpong, Ansah and Trivisonno, Riccardo}, title = {Virtual link mapping for delay critical services in SDN--enabled 5G networks}, abstract = {This paper presents VLM+, a Virtual Link (VL) Embedding algorithm supporting Quality of Service (QoS). VLM+ has been developed evolving its Mixed Integer Programming (MIP) based Virtual Link Mapping algorithm precursor (VLM), whose analytical model has been enhanced including the ability to fulfill VL end--to--end QoS requirements and to prioritise VL requests according to their QoS class or revenue profile. Additionally, VLM+ supports three different physical resource sharing policies, this providing Physical Infrastructure Providers (PIPs) with high flexibility in the allocation of resources to embed QoS--constrained VLs. VLM+ has been designed and evaluated targeting next generation networks, conceived around SDN and NFV paradigms and expected to support, among others, delay critical services. VLM+ performance has been evaluated via simulation and compared to VLM, Shortest Path First (SPF) and Constrained SPF algorithms. Promising quantitative results demonstrate VLM+ ability to embed VLs fulfilling end--to--end QoS requirements, still achieving an efficient resource utilisation and at a moderate cost in terms of increased complexity and convergence time.}, year = {2015}, month = {April}, DOI = {10.1109/NETSOFT.2015.7116163}, booktitle = {Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft)}, pages = {1--9} } @Article { Do2014a, author = {Do, Tien V. and Wuechner, Patrick and B{\'e}rczes, Tam{\'a}s and Sztrik, J{\'a}nos and de Meer, Hermann}, title = {A New Finite--source Queueing Model for Mobile Cellular Networks Applying Spectrum Renting}, abstract = {This paper proposes a retrial queueing model with the finite number of sources to evaluate the performance of spectrum renting in mobile cellular networks. The model incorporates necessary ingredients such as the finite number of subscribers, their impatience and a queue for the outbound service. To consider the specific feature of spectrum renting and the current mobile cellular technology, a variable number of servers that are switched on and off in groups is introduced. We present a novel way to take into account the renting fee, which can be used to fine--tune the operation of the spectrum renting procedure. Numerical results show that it is still profitable to initiate a spectrum renting request at high loads, even if no discount is offered by the frequency bands’ owners.}, year = {2014}, DOI = {10.1142/S0217595914400041}, journal = {Asia Pacific journal of Operational Research (APJOR)}, volume = {31}, publisher = {World Scientific}, pages = {1440004:1--19}, number = {2}, keywords = {Mobile cellular networks; Retrial queues; Finite--source; Impatience; Spectrum renting; Discount factor}, tags = {MOSEL2, Socionical, EINS{\textunderscore}NoE}, web_url2 = {http://www.worldscientific.com/worldscinet/apjor}, file_url = {http://www.net.fim.uni--passau.de/pdf/Do2014a.pdf}, note = {(c) World Scientific Publishing Co. \\& Operational Research Society of Singapore} } @Inproceedings { Beck2014a, author = {Beck, Michael T. and Linnhoff--Popien, Claudia and Fischer, Andreas and Kokot, Fabian and de Meer, Hermann}, title = {A Simulation Framework for Virtual Network Embedding Algorithms}, abstract = {Network virtualization is seen as an enabling technology for the Future Internet. In this context, many Virtual Network Embedding algorithms have been introduced in literature so far. This paper discusses an open source framework for the evaluation of such algorithms. The paper describes features provided by the framework, how to use the framework for evaluating these algorithms, and how to extend the software with respect to novel algorithms and simulation scenarios. Lessons learned are presented, describing how the software evolved towards a mature and highly extensible simulation framework.}, year = {2014}, month = {Sep.}, DOI = {10.1109/NETWKS.2014.6959238}, booktitle = {Proc. of the 6th International Telecommunications Network Strategy and Planning Symposium (Networks 2014)}, publisher = {IEEE}, pages = {1----6}, keywords = {Virtual Network Embedding, Simulation Framework, Evaluation}, tags = {EINS{\textunderscore}NoE, FORSEC} } @Article { Basmadjian2014a, author = {Basmadjian, Robert and Mueller, Lukas and de Meer, Hermann}, title = {Data centres' power profile selecting policies for Demand Response: Insights of Green Supply Demand Agreement}, abstract = {abstract Demand Response mechanisms serve to preserve the stability of the power grid by shedding the electricity load of the consumers during power shortage situations in order to match power generation to demand. Data centres have been identified as excellent candidates to participate in such mechanisms. Recently a novel supply demand agreement have been proposed to foster power adaptation collaboration between energy provider and data centres. In this paper, we analyse the contractual terms of this agreement by proposing and studying different data centres' power profile selecting policies. To this end, we setup a discrete event simulation and analysed the power grid's state of a German energy provider. We believe that our analysis provides insight and knowledge for any energy utility in setting up the corresponding demand supply agreements.}, year = {2014}, month = {Nov.}, issn = {1570--8705}, DOI = {doi:10.1016/j.adhoc.2014.11.007}, journal = {Ad Hoc Networks}, volume = {25}, pages = {581----594}, keywords = {Demand response; Data centre power profiles; Selecting policy; Green supply demand agreement}, tags = {All4Green}, file_url = {http://www.net.fim.uni--passau.de/pdf/Basmadjian2014a.pdf} } @Incollection { Berl2014b, author = {de Meer, Hermann}, title = {Intelligentes Stromnetz der Zukunft}, abstract = {Das intelligente Stromnetz (Smart Grid) wird langfristig unser heutiges Stromnetz abloesen, um die Integration erneuerbarer Energiequellen voranzutreiben und eine erhoehte Versorgungssicherheit zu gewaerhleisten. Intelligente Steuerungssysteme muessen entwickelt werden, die den Energieverbrauch an das dynamisch wechselnde Angebot von erneuerbarer Energie anpassen.}, year = {2014}, month = {March}, booktitle = {Das Who is Who der Niederbayerischen Energiewirtschaft}, publisher = {Niederbayern--Forum e.V.}, pages = {90----91}, keywords = {Smart grid; Demand response; Data center; Energy efficiency}, tags = {All4Green, DC4Cities, EINS{\textunderscore}NoE} } @Inproceedings { DeMeer2014a, author = {de Meer, Hermann and Poehls, Henrich C. and Posegga, Joachim and Samelin, Kai}, title = {On the Relation Between Redactable and Sanitizable Signatures Schemes}, abstract = {Malleable signature schemes (MSS) enable a third party to alter signed data in a controlled way, maintaining a valid signature after an authorized change. Most well studied cryptographic constructions are (1) redactable signatures (RSS), and (2) sanitizable signatures (SSS). RSSs allow the removal of blocks from a signed document, while SSSs allow changing blocks to arbitrary strings. We rigorously prove that RSSs are less expressive than SSSs: no unforgeable RSS can be transformed into an SSS. For the opposite direction we give a black--box transformation of a single SSS, with tightened security, into an RSS.}, year = {2014}, DOI = {10.1007/978--3--319--04897--0{\textunderscore}8}, booktitle = {Proc. of the 6th Int'l Symposium on Engineering Secure Software and Systems (ESSoS 2014)}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {113----130}, keywords = {Accountability; Sanitizable signatures; Privacy}, tags = {EFRE{\textunderscore}ITSEC, EINS{\textunderscore}NoE, ISL{\textunderscore}Institute}, web_url2 = {https://distrinet.cs.kuleuven.be/events/essos/2014/}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2014a.pdf}, note = {The final publication is available at Springer via http://dx.doi.org/10.1007/978--3--319--04897--0{\textunderscore}8 (2014).} } @Article { DeMeer2014b, author = {de Meer, Hermann and Poehls, Henrich C. and Posegga, Joachim and Samelin, Kai}, title = {Redactable Signature Schemes for Trees With Signer--Controlled Non--Leaf--Redactions}, abstract = {Redactable signature schemes (RSS) permit to remove parts from signed documents, while the signature remains valid. Some RSSs for trees allow to redact non--leaves. Then, new edges have to be added to the tree to preserve it's structure. This alters the position of the nodes' children and may alter the semantic meaning encoded into the tree's structure. We propose an extended security model, where the signer explicitly controls among which nodes new edges can be added. We present a provably secure construction based on accumulators with the enhanced notions of indistinguishability and strong one--wayness.}, year = {2014}, month = {Sep.}, DOI = {10.1007/978--3--662--44791--8{\textunderscore}10}, journal = {Communications in Computer and Information Science (CCIS)}, volume = {455}, publisher = {Springer--Verlag}, pages = {155----171}, keywords = {Malleable signatures; Redactable signatures; Trees}, tags = {EFRE{\textunderscore}ITSEC, ISL{\textunderscore}Institute}, web_url2 = {http://www.springer.com/computer/communication+networks/book/978--3--662--44790--1}, note = {The original publication is available at www.springerlink.com (2014)} } @Book { Berl2014a, author = {Berl, Andreas and Klingert, Sonja and Hesselbach, Xavier}, title = {Special Issue on Energy--Aware Data Centres: Architecture, Infrastructure, and Communication}, abstract = {The energy efficiency of data centers has been in the focus of research for several years. Technologies, such as the virtualization of services and infrastructures, are broadly available in data centers, today. Not only IT infrastructures (e.g., servers, storage, and network) have been considered for energy management, but also the HVAC (heating, ventilation, and air conditioning) environment. Such achievements have impact on the design of new energy--aware data center technologies and topologies. Although the technologies are maturing, there are still big challenges to be faced. Consistent definitions of metrics for energy efficiency of data centers need to be established as well as incentives that are specifically targeted at energy--aware data center management, for instance. In addition to an abundance of already well--researched areas, new topics arise, such as the phenomenon of Big Data, which until today has been hardly analyzed with respect to its impact on energy consumption in data centers. Also, energy--aware workload management remains in the focus of research. Virtualization facilitates the integration of different kinds of technologies for energy--efficient resource and service provisioning. This includes ad hoc strategies, e.g., to flexibly integrate newly discovered (or created) resources into the data center’s infrastructure.}, year = {2014}, issn = {1570--8705}, DOI = {10.1016/j.adhoc.2014.11.017}, publisher = {Elsevier B.V.}, series = {Ad Hoc Networks}, editor = {Berl, Andreas and Klingert, Sonja and Hesselbach, Xavier}, keywords = {Energy efficiency; Smart grid; Data centres}, tags = {COST{\textunderscore}IC0804, All4Green}, note = {Edited special issue; to appear} } @Inproceedings { Benze2014a, author = {Benze, Joerg and Daniel, Kai and Eibl, Guenther and Engel, Dominik and Hofmann, Ulrich and Kiessling, Andreas and Koepsell, Stefan and Langer, Lucie and de Meer, Hermann and Neureiter, Christian and Pfeiffenberger, Thomas and Pietsch, Michael and Veichtlbauer, Armin}, title = {VDE--Positionspapier Energieinformationsnetze und --systeme (Smart Grid Security)}, abstract = {Das elektrische Energieversorgungssystem durchlaeuft gegenwaertig eine Transformation zu einem Energiesystem mit dem Vorrang an erneuerbaren, volatilen Energien sowie den Trends zu einer lastfernen und im hohen Masse zunehmenden dezentralen Erzeugung. Hierdurch ergeben sich Veraenderungen im Netz und in der Netztopologie, die u. a. dadurch gekennzeichnet sind, dass die Prozessdatenverarbeitung (PDV) und die Buerokommunikation (IT) schleichend mehr und mehr zusammenwachsen (auch als OT/IT--Integration bezeichnet). Desweiteren sind Prozesssteuerungssysteme dezentraler Anlagen zunehmend ueber das Internet erreich-- und konfigurierbar. Hierdurch ergeben sich neue Bedrohungsszenarien, die es bis dato nicht gab, auf die jedoch zukuenftig reagiert werden muss. Das Positionpapier beleuchtet zunaechst neue Sicherheitsziele und Sicherheitsanforderungen, die sich in Folge der Markt-- und Netzintegration und der zunehmenden OT/IT--Integration ergeben. Anschliessend werden Angreifermodelle und Schutzmassnahmen erlaeutert; ferner werden Test und Testverfahren vorgestellt, mittels denen man eine Sicherheitsevaluierung von Energieinformationsnetzen vornehmen kann. Aufbauend darauf werden die aktuell diskutierten Smart Grid Topologien betrachet und Design--Empfehlungen fuer Sicherheitssysteme, einerseits fuer bestehende historisch gewachsene Architekturen, andererseits fuer den Entwurf neuer Architekturen, vorgestellt; denn Sicherheitsaspekte muessen beim Entwurf neuer Systeme essentieller Bestandteil der Topologie sein. Abschliessend werden spezifische Handlungsempfehlungen fuer Politik, Standardisierung, Energieversorger, Hersteller und Wissenschaft/Forschung zum Aufbau sicherer IKT--Infrastrukturen fuer die Energieversorgungssysteme vorgestellt}, year = {2014}, month = {Nov}, booktitle = {VDE--Kongress Smart Cities}, publisher = {VDE}, tags = {FORSEC, EINS{\textunderscore}NoE, HYRIM, EFRE{\textunderscore}ITSEC} } @Inproceedings { Beck2013a, author = {Beck, Michael T. and Fischer, Andreas and de Meer, Hermann and Botero, Juan F. and Hesselbach, Xavier}, title = {A Distributed, Parallel, and Generic Virtual Network Embedding Framework}, abstract = {One of the main challenges of network virtualization is the mapping of virtual network demands to physical network resources, commonly known as the virtual network embedding (VNE) problem. This paper introduces DPVNE, a distributed, parallel and generic VNE framework. DPVNE can be used 1) to run various cost--reducing embedding algorithms 2) in a distributed way. Thereby, computational load for embedding multiple virtual networks is spread across the substrate network reducing workload of individual nodes and 3) enabling the embedding of multiple virtual networks in parallel. DPVNE, in contrast to existing distributed algorithms, 4) achieves lower message overhead and, despite of being distributed, 5) keeps embedding costs comparable to those of centralized approaches.}, year = {2013}, DOI = {10.1109/ICC.2013.6655087}, booktitle = {IEEE Int'l Conf. on Communications (ICC 2013)}, publisher = {IEEE}, keywords = {Virtual networks; Virtual network embedding; Distributed; Parallel; Framework}, tags = {All4Green, EINS{\textunderscore}NoE, ISL{\textunderscore}Institute}, web_url2 = {http://www.ieee--icc.org/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Beck2013a.pdf} } @Inproceedings { Basmadjian2013d, author = {Basmadjian, Robert and Lovasz, Gergoe and Beck, Michael and de Meer, Hermann and Hesselbach--Serra, Xavier and Botero, Juan F. and Klingert, Sonja and Ortega, Maria P. and Lopez, Juan C. and Stam, Andries and Krevelen, Rick and Di Girolamo, Marco}, title = {A Generic Architecture For Demand Response: The ALL4Green Approach}, abstract = {Demand Response is a mechanism used in power grids to manage customers’ power consumption during critical situations (e.g. power shortage). Data centres are good candidates to participate in Demand Response programs due to their high energy use. In this paper, we present a generic architecture to enable Demand Response between Energy Provider and Data Centres realised in All4Green. To this end, we show our three--level concept and then illustrate the building blocks of All4Green’s architectural design. Furthermore, we introduce the novel aspects of GreenSDA and GreenSLA for Energy Provider----Data centre sub--ecosystem as well as Data centre----IT Client sub--ecosystem respectively. In order to further reduce energy consumption and CO2 emission, the notion of data centre federation is introduced: savings can be expected if data centres start to collaborate by exchanging workload. Also, we specify the technological solutions necessary to implement our proposed architectural approach. Finally, we present preliminary proof--of--concept experiments, conducted both on traditional and cloud computing data centres, which show relatively encouraging results.}, year = {2013}, month = {Sep.}, booktitle = {Proc. of the Int'l Workshop on European Actions Towards Eco--Friendly Data Centers (EuroEcoDC 2013)}, publisher = {IEEE}, keywords = {Energy awareness; Demand response}, tags = {All4Green}, file_url = {http://www.net.fim.uni--passau.de/pdf/Basmadjian2013d.pdf} } @Inproceedings { Basmadjian2013a, author = {Basmadjian, Robert and Rainer, Sebastian and de Meer, Hermann}, title = {A Generic Methodology to Derive Empirical Power Consumption Prediction Models for Multi--core Processors}, abstract = {With the emergence of multi--core processors and their P--states, deriving power consumption models expressed in terms of easily extractable parameters becomes a necessity. In this paper, we introduce a generic methodology to devise power consumption estimation models for multi--core processors. The proposed approach takes into account three metrics: The number of active cores (i.e. executing instructions), frequency and utilization rate of the processor. Consequently, the derived models are expressed in terms of the above--mentioned parameters which can be extracted by any monitoring system. In order to assess the correctness as well as the accuracy of the proposed methodology, an experimental analysis is performed on Intel quad-- and hexa--core processors. The results confirm the exactitude of the proposed methodology.}, year = {2013}, month = {Oct.}, booktitle = {Proc. of the 3rd IEEE Int'l Conf. on Cloud and Green Computing (CGC 2013)}, publisher = {IEEE}, keywords = {Multi--core processors; Power consumption}, tags = {All4Green}, file_url = {http://www.net.fim.uni--passau.de/pdf/Basmadjian2013a.pdf} } @Article { Rincon2013a, author = {Rincon, David and Agusti--Torra, Anna and Botero, Juan F. and Raspall, Federico and Remondo, David and Hesselbach, Xavier and Beck, Michael T. and de Meer, Hermann and Niedermeier, Florian and Giuliani, Giovanni}, title = {A Novel Collaboration Paradigm for Reducing Energy Consumption and Carbon Dioxide Emissions in Data Centres}, abstract = {This work describes a novel approach for the reduction of energy consumption in data centres (DCs) that will yield benefits both in terms of running costs and its environmental impact. The method is based on the introduction of collaborative interactions and flexibility clauses in contracts between all the DC ecosystem entities. The included entities are all the actors along the energy production----consumption chain, from the energy provider to the Information Technology customer. The collaborative approach also integrates the interaction between federated DCs. In this paper, we find a detailed description of the architecture that enables interaction between the DC ecosystem parties, which is designed to be progressively deployed, allowing traditional and \grqgreened’ services to coexist, and without modification of the existing DC automation and framework systems.}, year = {2013}, journal = {The Computer journal}, volume = {56}, publisher = {British Computer Society, Oxford University Press}, pages = {1518----1536}, tags = {All4Green}, file_url = {http://comjnl.oxfordjournals.org/content/early/2013/05/29/comjnl.bxt053.full.pdf?keytype=ref\&ijkey=y9W9f4tf7os4zEq} } @Inproceedings { Fischer2013b, author = {Fischer, Andreas and Beck, Michael T. and de Meer, Hermann}, title = {An Approach to Energy--efficient Virtual Network Embeddings}, abstract = {Network Virtualization is recognized as a key technology for the Future Internet. Energy--efficiency is one of the main challenges in future networking environments. Most algorithms for mapping virtual resources to substrate resources however do not consider energy as a factor for the mapping. In order to evaluate the energy--efficiency of such a mapping, an energy model and appropriate energy--aware metrics are needed. This paper discusses how an algorithm can be modified to take energy--efficiency into account. The modified algorithm is then evaluated, showing that energy--efficiency can be increased with only a minor impact on embedding quality regarding other metrics.}, year = {2013}, isbn = {978--1--4673--5229--1}, booktitle = {Proc. of the 5th Int'l Workshop on Management of the Future Internet (ManFI 2013)}, publisher = {IFIP, IEEE}, keywords = {Network virtualization; Virtual network embedding; Energy efficiency}, tags = {All4Green, EINS{\textunderscore}NoE}, web_url2 = {http://www.manfi.org/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fischer2013b.pdf} } @Inproceedings { Wozniak2013a, author = {Wozniak, Sander and Rossberg, Michael and Grau, Sascha and Alshawish, Ali and Schaefer, Guenter}, title = {Beyond the ideal object: towards disclosure--resilient order--preserving encryption schemes}, abstract = {With the emergence of affordable cloud services, users are currently moving data to external services providers. Hence, they implicitly trust providers to not abuse or \grqqlose” sensi-- tive data. To protect this data in the context of cloud computing, the use of Order--Preserving Encryption (OPE) has been suggested to encrypt data while still allowing efficient queries. The reference approach builds on Order--Preserving Functions (OPFs) drawn uniformly at random: the so--called \grqqideal object”. However, recent results question the suitability of this construction, as its security properties turn out to be poor. In this article, we investigate possible alternatives. For this, we introduce two descriptive metrics rating one--wayness--related properties of OPF construction schemes, i.e., the ability of an adversary to estimate the plaintext when given a ciphertext and possible extra information. Furthermore, we propose three novel approaches to draw OPFs and apply the introduced metrics to study their security features in relation to the \grqqideal object”. The results visualize the extent of insecurity caused by using the \grqqideal object” and qualify the suitability of the alternative schemes under different threat scenarios.}, year = {2013}, isbn = {9781450324908}, DOI = {10.1145/2517488.2517496}, booktitle = {Proceedings of the 2013 ACM workshop on Cloud computing security workshop}, publisher = {ACM}, address = {New York, NY, USA}, pages = {89----100}, web_url = {https://doi.org/10.1145/2517488.2517496} } @Article { DeMeer2013c, author = {de Meer, Hermann and Herkenhoener, Ralph}, title = {Cloud--Daten unter Kontrolle}, abstract = {Wer Daten auf Servern und Storage--Systemen eines Cloud--Service--Providers speichert oder bearbeitet, muss sicherstellen, dass er dabei die rechtlichen Vorgaben erfuellt. Dies gilt insbesondere fuer den Schutz und die Sicherheit der Daten. Die Universitaet Passau hat eine Technik entwickelt, die das rechtskonforme Speichern von Informationen in Cloud--Rechenzentren ermoeglicht.}, year = {2013}, month = {Oct.}, journal = {LANline}, volume = {[NA]}, publisher = {ITP Verlag}, pages = {74----75}, keywords = {Cloud computing; Security management; Legal compliance}, tags = {EFRE{\textunderscore}ITSEC} } @Article { He2013a, author = {He, Xiaobing and Niedermeier, Michael and de Meer, Hermann}, title = {Dynamic key management in wireless sensor networks: A survey}, abstract = {Wireless sensor networks (WSNs) have a vast field of applications, including environment monitoring, battlefield surveillance and target tracking systems. As WSNs are usually deployed in remote or even hostile environments and sensor nodes are prone to node compromise attacks, the adoption of dynamic key management is extremely important. However, the resource--constrained nature of sensor nodes hinders the use of dynamic key management solutions designed for wired and ad hoc networks. Hence, many dynamic key management schemes have been proposed for WSNs recently. This paper investigates the special requirements of dynamic key management in sensor network environments, and introduces several basic evaluation metrics. In this work, the state of the art dynamic key management schemes are classified into different groups and summarized based on the evaluation metrics. Finally, several possible future research directions for dynamic key management are provided.}, year = {2013}, DOI = {10.1016/j.jnca.2012.12.010}, journal = {journal of Network and Computer Applications}, volume = {36}, pages = {611----622}, number = {2}, keywords = {Dynamic key management; Wireless sensor networks; Security; Rekeying; Key revocation}, tags = {EFRE{\textunderscore}ITSEC,EINS{\textunderscore}NoE,EuroNF,ISL{\textunderscore}Institute}, file_url = {http://www.net.fim.uni--passau.de/pdf/He2013a.pdf} } @Incollection { Holzer2013b, author = {Holzer, Richard and Fullerton, Matthew and Beltran Ruiz, Cristina and Celikkaya, Nihan and de Meer, Hermann}, title = {Effective Assessment of AmI Intervention in Traffic Through Quantitative Measures}, abstract = {This chapter considers the challenge of quantifying the benefit of Ambient Intelligence (AmI) within a complex system, specifically a motorway traffic system. By nature, the deployment of AmI is distributed and inconsistent. Hence, an evaluation strategy must consider the individual to ensure desired or undesired effects are not hidden by only measuring at the whole--system level. For the evaluation we use quantitative measures for self--organizing properties of socio--technical systems. Although the measures are defined analytically for micro--level models, the systems are usually too complex to evaluate the measures analytically. Therefore we use approximation methods based on simulations: Time series received from simulations are used for the approximation of the measures for self--organizing properties. The results of the evaluation can be used for the analysis of the scenario, for the optimization of system parameters and for the assessment of AmI intervention in the system. For the considered devices, the main goal is the increase of safety in traffic by allowing system designers and infrastructure--operators to implement or dynamically choose the most appropriate device and parameters.}, year = {2013}, isbn = {978--3642366130}, issn = {1860--0840}, booktitle = {Co--evolution of Intelligent Socio--technical Systems: Modelling and Applications in Large Scale Emergency and Transport Domains}, publisher = {Springer--Verlag}, series = {Understanding Complex Systems (UCS)}, editor = {Mitleton--Kelly, Eve}, keywords = {Ambient intelligence; Quantitative measures; Target orientation; Traffic simulation; Traffic safety; Vehicle communication; Accident warning}, tags = {Socionical, ISL{\textunderscore}Institute}, web_url2 = {http://amzn.com/3642366139} } @Inproceedings { Brzuska2013a, author = {Brzuska, Christina and Poehls, Henrich C. and Samelin, Kai}, title = {Efficient and Perfectly Unlinkable Sanitizable Signatures without Group Signatures}, abstract = {Sanitizable signatures allow for controlled modification of signed data. The essential security requirements are accountability, privacy and unlinkability. Unlinkability is a strong notion of privacy, namely, it makes it hard to link two sanitized messages that were derived from the same message--signature pair. In this work, we strengthen the standard unlinkability definition by Brzuska et al. at PKC\,'10, making it robust against malicious or buggy signers. While state--of--the art schemes deploy costly group signatures to achieve unlinkability, our construction uses standard digital signatures, which makes them compatible with existing infrastructure. We construct a sanitizable signature scheme that satisfies the strong notion of perfect unlinkability and, simultaneously, achieves the strongest notion of accountability, i.e., non--interactive public accountability. Our construction is not only legally compliant, but also highly efficient, as the measurements of our reference implementation show. Finally, we revisit the security model by Canard et al. and correct a small flaw in their security definition given at AFRICACRYPT '12.}, year = {2013}, month = {Sep.}, DOI = {10.1007/978--3--642--53997--8{\textunderscore}2}, booktitle = {Proc. of the 10th European Workshop on Public Key Infrastructures, Services and Applications (EuroPKI 2013)}, volume = {8341}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {12----30}, keywords = {Accountability; Sanitizable Signatures; Privacy; e--commerce}, tags = {EFRE{\textunderscore}ITSEC, EINS{\textunderscore}NoE, ISL{\textunderscore}Institute}, web_url2 = {https://www.nics.uma.es/EuroPKI2013/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Brzuska2013a.pdf}, note = {The final publication is available at link.springer.com (2014)} } @Inproceedings { Holzer2013a, author = {Holzer, Richard and de Meer, Hermann and Beltran Ruiz, Cristina}, title = {Emergence of global speed patterns in a traffic scenario}, abstract = {We investigate different analysis methods for traffic data. The measure for emergence can be used to identify global dependencies in data sets. The measure for target orientation can be used to identify dangerous situations in traffic. We apply these measures in a use case on a data set of the M30 highway in Madrid. The evaluation shows that the measures can be used to predict or to identify abnormal events like accidents in traffic by an evaluation of velocity data or density data measured by detectors at the road. Such events leads to a decrease of the measures of emergence and target orientation.}, year = {2013}, booktitle = {Proc. of the 7th Int'l Workshop on Self--Organizing Systems (IWSOS 2013)}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, keywords = {Self--Organziation; Mathematical modeling; Systems; Quantitative measures; Approximation}, tags = {EuroNF, EINS{\textunderscore}NoE, Socionical, ISL{\textunderscore}Institute}, file_url = {http://www.net.fim.uni--passau.de/pdf/Holzer2013a.pdf}, note = {The original publication is available at www.springerlink.com (to appear)} } @Incollection { Basmadjian2013c, author = {Basmadjian, Robert and Da Costa, Georges and Tsafack Chetsa, Ghislain L. and Lef{\`e}vre, Laurent and Oleksiak, Ariel and Pierson, Jean--Marc}, title = {Energy Aware Approaches For HPC Systems}, abstract = {Optimization of complex HPC systems are no more only a raw performance matter. Due to increase of ecological and cost awareness, energy performance is now a primary focus. From models to runtimes, a vast field of research offers insight on links between energy and raw performance.}, year = {2013}, month = {April}, isbn = {9781118712054 (Print); 9781118711897 (Online}, DOI = {10.1002/9781118711897.ch18}, booktitle = {High--Performance Computing on Complex Environments}, publisher = {John Wiley \\& Sons}, chapter = {18}, editor = {Jeannot, Emmanuel and Zilinskas, Julius}, pages = {341----363}, keywords = {Energy--awareness; Runtime; Power Model; Characterization}, tags = {All4Green, COST{\textunderscore}IC0804} } @Phdthesis { Wuechner2013a, author = {Wuechner, Patrick}, title = {Energy--Efficient and Timely Event Reporting Using Wireless Sensor Networks}, abstract = {This thesis investigates the suitability of state--of--the--art protocols for large--scale and long--term environmental event monitoring using wireless sensor networks based on the application scenario of early forest fire detection. By suitable combination of energy--efficient protocol mechanisms a novel communication protocol, referred to as cross--layer message--merging protocol (XLMMP), is developed. Qualitative and quantitative protocol analyses are carried out to confirm that XLMMP is particularly suitable for this application area. The quantitative analysis is mainly based on finite--source retrial queues with multiple unreliable servers. While this queueing model is widely applicable in various research areas even beyond communication networks, this thesis is the first to determine the distribution of the response time in this model. The model evaluation is mainly carried out using Markovian analysis and the method of phases. The obtained quantitative results show that XLMMP is a feasible basis to design scalable wireless sensor networks that (1) may comprise hundreds of thousands of tiny sensor nodes with reduced node complexity, (2) are suitable to monitor an area of tens of square kilometers, (3) achieve a lifetime of several years. The deduced quantifiable relationships between key network parameters------e.g., node size, node density, size of the monitored area, aspired lifetime, and the maximum end--to--end communication delay------enable application--specific optimization of the protocol.}, year = {2013}, month = {August}, keywords = {Wireless sensor network; Energy efficiency; Communication protocol; Mathematical modeling; Continuous--time Markov chain; Finite--source retrial queue}, tags = {DFG{\textunderscore}MathMod, EuroNF, EuroNF{\textunderscore}PADU, EINS{\textunderscore}NoE, MOSEL2, Socionical}, web_url2 = {http://www.opus--bayern.de/uni--passau/volltexte/2014/2715/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2013a.pdf} } @Inproceedings { Beck2013b, author = {Beck, Michael T. and de Meer, Hermann and Schuster, Stefan and Kreuzer, Martin}, title = {Estimating Photo--Voltaic Power Supply without Smart Metering Infrastructure}, abstract = {Due to the lack of appropriate grid communication infrastructure, many energy providers can only measure a very limited subset of their PV plants and therefore have only limited knowledge of the power flow inside their grid. Existing approaches to estimate the total amount of PV energy produced at present time (nowcasting) require external data such as sun radiation or temperature that are often not available on--line. Using approximate computational algebra, we construct polynomial models to derive grid--specific formulae estimating the PV power provisioning without the need of additional data. We evaluate our approach based on real data from a German energy provider and demonstrate the accuracy of the derived models. Besides nowcasting, two additional application scenarios, snapshot provisioning and simulation of power flow, are discussed.}, year = {2013}, month = {May}, isbn = {978--3--642--55148--2 (Print); 978--3--642--55149--9 (Online)}, issn = {0302--9743}, DOI = {10.1007/978--3--642--55149--9{\textunderscore}3}, booktitle = {Proc. of the 2nd Int'l Workshop (E2DC2013)}, volume = {8343}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {25----39}, file_url = {http://www.net.fim.uni--passau.de/pdf/Beck2013b.pdf}, note = {The original publication is available at www.springerlink.com (2013)} } @Inproceedings { Basmadjian2013b, author = {Basmadjian, Robert and Niedermeier, Florian and Lovasz, Gergoe and de Meer, Hermann and Klingert, Sonja}, title = {GreenSDAs Leveraging Power Adaption Collaboration between Energy Provider and Data Centres}, abstract = {Data centres, due to their significant energy use and highly automated IT infrastructure, are excellent candidates to participate in demand response programs. However, the major inconvenience of today’s electricity tariffs between energy provider and its customers is their lack of flexibility, which renders demand response programs difficult to realise. In this paper, we propose a new supply demand agreement in order to foster power adaption (i.e. increase/decrease) collaboration between energy provider and data centres. To this end, we introduce contractual terms and based on those we propose reward and penalty schemes. Furthermore, we provide a signalling scheme which defines the communication requirements necessary to enable power adaption collaboration. Finally, we present a scheduling policy which helps the energy provider to request data centres in a fair manner for power adaption.}, year = {2013}, month = {Oct.}, booktitle = {Proc. of the 3rd IFIP Conf. on Sustainable Internet and ICT for Sustainability (SustainIT 2013)}, publisher = {IFIP}, keywords = {GreenSLA; Demand response; Data centres}, tags = {All4Green}, file_url = {http://www.net.fim.uni--passau.de/pdf/Basmadjian2013b.pdf} } @Inproceedings { Khayat2013a, author = {Khayat, Arwa and Kassab, Mohamed and Berbineau, Marion and Abid, Mohamed Amine and Belghith, Abdelfettah}, title = {LTE based communication system for urban guided--transport: A QoS performance study}, abstract = {The control and management of new urban guided--transport systems such as tramways and subways are based on several IT services with heterogeneous data communication requirements. These applications are known as CBTC (Communication Based Train Control systems) and CCTV (Closed Circuit TeleVision). In order to support existing as well as emerging applications over a unique communication infrastructure, it is mandatory to be able to ensure efficient QoS management that meets the requirements of CBTC and CCTV services especially the critical ones. This paper presents an evaluation of QoS provisioning in LTE (Long Term Evolution) based communication system for urban guided--transport. The evaluation is made through simulations with the well known event driven simulator OPNET. We propose a mapping of the typical applications CBTC and CCTV to standardized 3GPP QCIs (QoS Class Identifiers) that serve as a basis for the LTE class--based QoS. After discussion of the obtained results, we provide recommendations to enhance the communication performances experienced by these applications.}, year = {2013}, DOI = {10.1007/978--3--642--37974--1{\textunderscore}16}, organization = {Springer}, booktitle = {International Workshop on Communication Technologies for Vehicles}, pages = {197----210} } @Inproceedings { Poehls2013a, author = {Poehls, Henrich C. and Peters, Stefan and Samelin, Kai and Posegga, Joachim and de Meer, Hermann}, title = {Malleable Signatures for Resource Constrained Platforms}, abstract = {Malleable signatures allow the signer to control alterations to a signed document. The signer limits alterations to certain parties and to certain parts defined during signature generation. Admissible alterations do not invalidate the signature and do not involve the signer. These properties make them a versatile tool for several application domains, like e--business and health care. We implemented one secure redactable and three secure sanitizable signature schemes on secure, but computationally bounded, smart card. This allows for a secure and practically usable key management and meets legal standards of EU legislation. To gain speed we securely divided the computing tasks between the powerful host and the card; and we devise a new accumulator to yield a useable redactable scheme. The performance analysis of the four schemes shows only a small performance hit by the use of an off--the--shelf card.}, year = {2013}, month = {May}, isbn = {978--3--642--38530--8}, issn = {0302--9743}, booktitle = {Proc. of the 7th Workshop in Information Security Theory and Practice on Security of Mobile and Cyber--physical Systems (WISTP 2013)}, volume = {7886}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {18----33}, keywords = {Malleable signatures; Redactable signatures; Sanitizable signatures; Smart cards}, tags = {EFRE{\textunderscore}ITSEC, EINS{\textunderscore}NoE, ISL{\textunderscore}Institute}, web_url2 = {http://www.wistp.org/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Poehls2013a.pdf}, note = {The original publication is available at www.springerlink.com (2013)} } @Inproceedings { Lehnhoff2013a, author = {Lehnhoff, Sebastian and Rohjans, Sebastian and Holzer, Richard and Niedermeier, Florian and de Meer, Hermann}, title = {Mapping of Self--organization Properties and Non--Functional Requirements in Smart Grids}, abstract = {Future electrical power networks will be composed of large collections of autonomous components. Sensors and actuators, aware of their environment, with the ability to communicate freely, will have to organize themselves in order to perform the actions and services that are required for a reliable and robust power supply. Monitoring and efficiently operating such a system is a challenging task for the underlying information and communication infrastructure as well as its ``intelligence'' to efficiently perform these tasks while guaranteeing the necessary power quality. Self--organization is an organizational concept that promises robust systems with the ability to adapt themselves to system perturbations and failures and thus may yield highly robust systems with the ability to scale freely to almost any size. In this position paper the authors describe the well--established process of use case based derivation of non--functional requirements in energy systems and propose a mapping strategy for aligning properties of self--organizing systems with the ICT-- and automation system requirements. It is the strong belief of the authors that such a mapping will be a key factor in creating acceptance of and establishing self--organization in the domain of electrical energy systems.}, year = {2013}, issn = {0302--9743}, booktitle = {Proc. of the 7th Int'l Workshop on Self--Organizing Systems (IWSOS 2013)}, volume = {8221}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {163----168}, keywords = {Smart Grid; Self--organization; Quality of Service; Quantitative Measures}, tags = {All4Green, EINS{\textunderscore}NoE, Socionical, ISL{\textunderscore}Institute}, web_url2 = {http://ifisc.uib--csic.es/iwsos2013/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Lehnhoff2013a.pdf}, note = {The original publication is available at www.springerlink.com} } @Inproceedings { Berl2013b, author = {Berl, Andreas and Lovasz, Gergoe and Tuellenburg, Ferdinand and de Meer, Hermann}, title = {Modelling Power Adaption Flexibility of Data Centres for Demand--Response Management}, abstract = {Demand--response management is an approach that includes the power demand side into the power management process to reshape power demand of consumers to the current availability of power. Data centres are major energy consumers that are highly interesting for demand--response management. However, in contrast to many other energy consumers, data centres have a highly dynamic flexibility in terms of power adaption, depending on the current situation, which makes their integration into demand--response management difficult. This paper suggests a model for the dynamic power adaption flexibility of data centres, to foster their integration into demand--response management.}, year = {2013}, month = {Sep.}, isbn = {978--3--642--40516--7}, DOI = {10.1007/978--3--642--40517--4{\textunderscore}6}, booktitle = {Proc. of the Energy Efficiency in Large Scale Distributed Systems (EE--LSDS 2013)}, volume = {8046}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {63----66}, keywords = {Smart Grid; Demand response; Flexibility model}, tags = {COST{\textunderscore}IC0804, All4Green}, web_url2 = {http://www.irit.fr/~Georges.Da--Costa/ee--lsds2013/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2013b.pdf}, note = {The original publication is available at www.springerlink.com (September 2013)} } @Inproceedings { Saleh2013a, author = {Saleh, Omran and Gropengiesser, Francis and Betz, Heiko and Mandarawi, Waseem and Sattler, Kai--Uwe}, title = {Monitoring and Autoscaling IaaS Clouds: A Case for Complex Event Processing on Data Streams}, abstract = {Cloud computing is the notion for delivering access to scalable on--demand computing resources and IT services. The resource management system in IaaS Clouds dynamically allocates the resources based on predefined customers' needs using Service Level Agreements (SLAs) between the Cloud provider and customers. One of the challenges of resource management is to continuously monitor resource utilization, manage, and adjust these resources in real--time fashion to meet the SLAs while not over provisioning resources. Though, there exist numerous Cloud monitoring solutions, they are often highly specialized and restrict the administrator in defining automation rules. Our work aims to develop a framework based on concepts from Complex Event Processing (CEP) and data stream processing where data from various primitive metrics streams are collected and treated as event streams (e.g., from CPU, memory, and disk sensors). By automatically detecting complex patterns and relationships among these primitive events, we can detect and understand more high--level situations from the information provided by sensor steams. In this paper, we describe our CEP--based resource monitoring framework and discuss a use case for implementing auto scaling facilities to the Proxmox platform.}, year = {2013}, month = {Dec}, booktitle = {Utility and Cloud Computing (UCC), 2013 IEEE/ACM 6th International Conference on}, keywords = {cloud computing;resource allocation;CEP--based resource monitoring framework;IT services;IaaS clouds;Proxmox platform;SLA;auto scaling facility;cloud computing;cloud monitoring solution;cloud provider;complex event processing;customer needs;data stream processing;data streams;on--demand computing resources;resource allocation;resource management system;resource utilization;sensor steams;service level agreements;Engines;Hardware;Measurement;Monitoring;Real--time systems;Resource management;Sensors} } @Inproceedings { Langmann2013a, author = {Langmann, Benjamin and Niedermeier, Michael and de Meer, Hermann and Buschmann, Carsten and Koch, Michael and Pfisterer, Dennis and Fischer, Stefan and Hartmann, Klaus}, title = {MOVEDETECT ------ Secure Detection, Localization and Classification in Wireless Sensor Networks}, abstract = {In this paper a secure wireless sensor network (WSN) developed within the MOVEDETECT project is presented. The goal of the project was to design, implement and demonstrate a secure WSN for the protection of critical infrastructure. In order to provide a reliable service, the system must detect any kind of tampering with the sensor nodes, prevent eavesdropping and manipulation of the communication as well as detect, track and classify intruders in the protected region. Therefore based on previous experiences, a real--world WSN was developed, which addresses practical issues like water proofing, energy consumption, sensor deployment and visualization of the WSN state, but also provides a unique security concept, a interesting combination of sensors and sophisticated sensor data processing and analysis. The system was evaluated by examining firstly the sensors and the sensor processing algorithms and then conducting realistic field test.}, year = {2013}, isbn = {978--3--642--40315--6}, booktitle = {Internet of Things, Smart Spaces, and Next Generation Networking -- Proc. of the 13th Int'l Conf. on Next Generation Wired/Wireless Advanced Networking (NEW2AN 2013)}, volume = {8121}, publisher = {Springer Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {284----297}, keywords = {Wireless sensor network; Detection; Security; Functional safety; Networking}, tags = {BSI{\textunderscore}MovDet}, web_url2 = {http://rd.springer.com/chapter/10.1007%2F978--3--642--40316--3{\textunderscore}25}, file_url = {http://www.net.fim.uni--passau.de/pdf/Langmann2013a.pdf}, note = {The final publication is available at link.springer.com (2013)} } @Inproceedings { DeMeer2013a, author = {de Meer, Hermann and Poehls, Henrich C. and Posegga, Joachim and Samelin, Kai}, title = {Scope of Security Properties of Sanitizable Signatures Revisited}, abstract = {Sanitizable signature schemes allow for altering signed data in a signer--controlled way by a semi--trusted third party. This is contrary to standard digital signature schemes, which do not permit any modifications by any party without invalidating the signature. Due to transparency, a strong privacy notion, outsiders cannot see if the signature for a message was created by the signer or by the semi--trusted party. Accountability allows the signer to prove to outsiders if a message was original or touched by the semi--trusted party. Currently, block--level accountability requires to drop transparency. We allow for accountability for sanitizable signatures with transparency on the block--level. Additionally, we generalize the concept of block--level properties to groups. This offers a even more fine--grained control and leads to more efficient schemes. We prove that group--level definitions imply both the block--level and message--level notions. We derive a provably secure construction, achieving our enhanced notions. A further modification of our construction achieves efficient group--level non--interactive public accountability. This construction only requires a constant amount of signature generations to achieve this property. Finally, we have implemented our constructions and the scheme introduced by Brzuska et al. at PKC '09 and provide a detailed performance analysis of our reference implementations.}, year = {2013}, DOI = {10.1109/ARES.2013.26}, booktitle = {Proc. of the 8th Int'l Conf. on Availability, Reliability and Security (ARES 2013)}, publisher = {IEEE}, pages = {188----197}, keywords = {Malleable signatures; Accountability; Sanitizable signatures; Privacy}, tags = {EFRE{\textunderscore}ITSEC, EINS{\textunderscore}NoE, ISL{\textunderscore}Institute}, web_url2 = {http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=\&arnumber=6657240}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2013a.pdf} } @Book { DeMeer2013b, author = {de Meer, Hermann and Diener, Michael and Herkenhoener, Ralph and Kucera, Markus and Niedermeier, Michael and Reisser, Andreas and Schryen, Guido and Vetter, Michael and Waas, Thomas and Yasasin, Emrah}, title = {Sicherheitsherausforderungen in hochverteilten Systemen}, abstract = {Schon seit Langem spielen verteilte IT--Systeme eine entscheidende Rolle in der Datenverarbeitung. Infolge der zunehmenden Vernetzung durch das Internet wurde es in den letzten Jahren moeglich, global erreichbare, hochverteilte Systeme zu erschaffen. Durch die rasante Entwicklung derartiger Systeme entstehen einerseits neue Anforderungen an die Performanz (z.B. Leistungsfaehigkeit und Bandbreite), waehrend andererseits die steigende Komplexitaet von hochverteilten Systemen deren Absicherung (z.B. Datensicherheit und Datenschutz) immer schwieriger gestaltet. Zwei hochaktuelle Beispiele fuer hochverteilte Systeme sind Smart Grid und Cloud Computing, die im Folgenden naeher betrachtet werden.}, year = {2013}, issn = {0930--5157}, DOI = {10.1515/pik--2013--masthead3}, volume = {36}, publisher = {K. G. Saur Verlag}, series = {Praxis der Informationsverarbeitung und Kommunikation (PIK)}, editor = {De Meer, Hermann and Diener, Michael and Herkenhoener, Ralph and Kucera, Markus and Niedermeier, Michael and Reisser, Andreas and Schryen, Guido and Vetter, Michael and Waas, Thomas and Yasasin, Emrah}, number = {3}, tags = {EFRE{\textunderscore}ITSEC,EINS{\textunderscore}NoE,ISL{\textunderscore}Institute}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2013b.pdf} } @Incollection { Berl2013a, author = {Berl, Andreas and Niedermeier, Michael and de Meer, Hermann}, title = {Smart Grid Considerations -- Energy Efficiency vs. Security}, abstract = {The Smart Grid is expected to increase the efficiency of the current power grid, to cope with volatile power production based on renewable resources, to reduce the need for fossil--based energy resources, and to guarantee the stability of power supply. To achieve these objectives, today's power grid is enhanced by information and communication technology to increase the information flow and to enable a sophisticated power production and power demand management. However, as the power grid is extended to a network of networks, it does not only become smarter, but also more vulnerable to security threats. This chapter discusses the current status and future developments of the Smart Grid and its challenges. Enhancements in terms of energy efficiency and new energy management approaches are covered as well as novel security challenges in different parts of the Smart Grid architecture. In short, this chapter analyzes some of the most striking risks and threats concerning the new Smart Grid infrastructure and discusses interdependencies between energy efficiency and security in the Smart Grid.}, year = {2013}, month = {Feb.}, issn = {0065--2458}, DOI = {10.1016/B978--0--12--407725--6.00004--6}, booktitle = {Green and Sustainable Computing: Part II}, volume = {88}, publisher = {Elsevier B.V.}, series = {Advances in Computers}, editor = {Hurson, Ali}, pages = {159----198}, keywords = {Smart grid; Privacy; Security; Households; SCADA}, tags = {EINS{\textunderscore}NoE, All4Green, EFRE{\textunderscore}ITSEC, COST{\textunderscore}IC0804, ISL{\textunderscore}Institute} } @Inproceedings { Abid2013a, author = {Abid, Mohamed Amine and Belghith, Abdelfettah and Drira, Khalil}, title = {SRP: Synchronous Adaptive Routing Protocol for MANETs}, year = {2013}, journal = {Procedia Computer Science, The 4th International Conference on Ambient Systems, Networks and Technologies (ANT'13), Halifax, Nova Scotia, Canada, June 25--28, 2013.}, volume = {19}, publisher = {Elsevier}, pages = {330----339} } @Inproceedings { Berl2013d, author = {Berl, Andreas and Klingert, Sonja and Beck, Michael T. and de Meer, Hermann}, title = {The Benefits of Integrating Data Centres into Demand--Response Management: A Local Case Study}, abstract = {Power supply needs to match power demand up to a certain extent at all times in order to provide power with sufficient quality and to maintain the power grid in a stable state. Matching power supply with power demand becomes challenging due to a steadily increasing power demand and due to an increasing production of power based on renewable energy sources. Demand--response management shapes power demand according to the current power availability in the power grid. This paper discusses the feasibility and benefits of integrating data centres into demand--response schemes. Newly designed energy tariffs (so--called "green supply--demand agreements") are presented that provide incentives for a possible cooperation between energy provider and data centre. Furthermore, this paper performs a local case study, where financial benefits of integrating data centres into demand--response management are evaluated in a real--world example.}, year = {2013}, month = {Nov.}, booktitle = {Proc. of the 2nd D--A--CH Energieinformatik Konferenz (Energieinformatik 2013)}, publisher = {IEEE}, keywords = {Smart grid; Data centres; Demand--response management; Case study}, tags = {All4Green}, note = {accepted; to appear} } @Article { Berl2013c, author = {Berl, Andreas and Niedermeier, Michael and de Meer, Hermann and Hutchison, David}, title = {Virtual Energy Information Network: A Resilience Perspective}, abstract = {Increasing demand in energy consumption, missed modernisations, and the increasing difficulties in predicting power production due to volatile renewable energy sources (e.g., based on wind or sun) impose major challenges to the power grid. Power supply and power demand are closely interconnected with the need to maintain the power grid in a stable state while a sufficient quality of power. This requires energy--relevant information to be exchanged through the so called Energy Information Network. Communication, however, is challenging within the Energy Information Network due to privacy, security, resiliency, and quality--of--service requirements. Particularly, the resilience of communication within the Energy Information Network needs to be considered to maintain the power grid in a stable and controlled state. This paper suggests a Virtualised Energy Information Network (VEIN), where the Energy Information Network is divided into multiple virtual networks that run over a common substrate network. Furthermore, this paper discusses benefits of this approach in terms of privacy, security, and resilience and points out open research questions.}, year = {2013}, month = {July}, issn = {0932--383X}, DOI = {10.1007/s00502--013--0142--4}, journal = {e\\&i Elektrotechnik und Informationstechnik}, volume = {130}, publisher = {Oesterr. Verband fuer Elektrotechnik (OVE), Springer}, pages = {121----126}, number = {4}, keywords = {Smart Grid; Network virtualisation; Resilience; Security; Privacy}, tags = {EFRE{\textunderscore}ITSEC, EINS{\textunderscore}NoE, ISL{\textunderscore}Institute}, web_url2 = {http://rd.springer.com/journal/502/130/4/page/1}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2013c.pdf}, note = {Special Issue on 'Smart Grid and Security'; The final publication is available at http://link.springer.com} } @Article { Fischer2013a, author = {Fischer, Andreas and Botero, Juan F. and Beck, Michael T. and de Meer, Hermann and Hesselbach, Xavier}, title = {Virtual Network Embedding: A Survey}, abstract = {Network virtualization is recognized as an enabling technology for the future Internet. It aims to overcome the resistance of the current Internet to architectural change. Application of this technology relies on algorithms that can instantiate virtualized networks on a substrate infrastructure, optimizing the layout for service--relevant metrics. This class of algorithms is commonly known as "Virtual Network Embedding (VNE)" algorithms. This paper presents a survey of current research in the VNE area. Based upon a novel classification scheme for VNE algorithms a taxonomy of current approaches to the VNE problem is provided and opportunities for further research are discussed.}, year = {2013}, issn = {1553--877X}, DOI = {10.1109/SURV.2013.013013.00155}, journal = {IEEE Communications Surveys and Tutorials}, volume = {15}, publisher = {IEEE}, pages = {1888----1906}, number = {4}, keywords = {Virtual networks; Network virtualization; Virtual network embedding; Embedding algorithms; Network mapping}, tags = {EuroNF{\textunderscore}VNREAL, EuroNF, EINS{\textunderscore}NoE, All4Green, ISL{\textunderscore}Institute}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fischer2013a.pdf} } @Article { Belghith2012a, author = {Belghith, Abdelfettah and Abid, Mohamed Amine and Ben Mnaouer, Adel}, title = {Adaptive probabilistic proactive routing for dense manets}, abstract = {Conventional proactive routing protocols, due to their inherent nature based on shortest paths, select longer links which are amenable to rapid breakages as nodes move around. In this paper, we propose a novel adaptive probabilistic approach to handle routing information in dense mobile ad hoc networks in a way to improve the proactive routing pertinence as a function of network dynamics. We first propose a new proactive routing framew ork based on probabilistic decisions and a generic model to compute the existence probabilities of nodes and links. Then, we present a distributed algorithm to collect the cartography of the network. This cartography is used to instantiate the existence probabilities. Conducted simulations show that our proposal yields substantially better routing validity. Nonetheless, it amounts to much longer routes. We proposed then a bounding technique to adapt and overcome this side effect and defined two probabilistic proactive routing variants. Conducted simulations show that our proposed bounded probabilistic proactive routing schemes outperform conventional routing protocols and yield up to 66 percent increase in throughput.}, year = {2012}, journal = {journal of Computer Networks and Communications}, volume = {2012}, publisher = {Hindawi Publishing Corporation} } @Article { Basmadjian2012b, author = {Basmadjian, Robert and de Meer, Hermann and Lent, Ricardo and Giuliani, Giovanni}, title = {Cloud Computing and Its Interest in Saving Energy: the Use Case of a Private Cloud}, abstract = {In this paper, we study the case of private cloud computing environments from the perspective of energy saving incentives. However, the proposed approach can also be applied to any computing style: cloud (both public and private), traditional and supercomputing. To this end, we provide a generic conceptual description for ICT resources of a data centre and identify their corresponding energy--related attributes. Furthermore, we give power consumption prediction models for servers, storage devices and network equipment. We show that by applying appropriate energy optimization policies guided through accurate power consumption prediction models, it is possible to save about 20 percent of energy consumption when typical single--site private cloud data centres are considered.}, year = {2012}, DOI = {10.1186/2192--113X--1--5}, journal = {journal of Cloud Computing: Advances, Systems and Applications}, volume = {1}, publisher = {Springer--Verlag}, pages = {1----25}, number = {5}, keywords = {Private cloud computing data centre; Modelling; IT resources; Power and energy consumption}, tags = {FIT4Green}, file_url = {http://www.net.fim.uni--passau.de/pdf/Basmadjian2012b.pdf} } @Inproceedings { Casares-Giner2012a, author = {Casares--Giner, Vicente and Wuechner, Patrick and Pacheco--Paramo, Diego and de Meer, Hermann}, title = {Combined Contention and TDMA--Based Communication in Wireless Sensor Networks}, abstract = {Wireless sensor networks usually consist of a large number of very small, energy--constrained sensor nodes. The nodes capture information from their immediate environment to send it to a destination node (sink) in a timely manner. This work proposes a combined contention and TDMA--based approach for load balancing and a discrete--time Markov model that allows to study the trade--off between energy consumption and transfer delay in clustered wireless sensor networks. Our investigations show that the length of the TDMA frame needs to be configured close to the minimum that is capable of transferring the offered load for optimizing energy efficiency and minimizing the delay.}, year = {2012}, DOI = {10.1109/NGI.2012.6252158}, booktitle = {Proc. of the 8th Euro--NF Conf. on Next Generation Internet (NGI2012)}, publisher = {IEEE}, keywords = {Wireless sensor networks; Clustering; Contention; TDMA; Energy; Delay; Queueing theory; Discrete--time Markov model}, tags = {EuroNF{\textunderscore}PADU, EuroNF, EINS{\textunderscore}NoE, Socionical}, web_url2 = {http://www.bth.se/ngi2012}, file_url = {http://www.net.fim.uni--passau.de/pdf/Casares--Giner2012a.pdf} } @Article { Matos2012a, author = {Matos, Ricardo and Sargento, Susana and Hummel, Karin A. and Hess, Andrea and Tutschku, Kurt and de Meer, Hermann}, title = {Context--based Wireless Mesh Networks: A Case for Network Virtualization}, abstract = {Wireless Mesh Networks (WMNs) have gained increasing attention as an attractive means to provide connectivity in complement to access as offered by regular Internet Service Providers (ISPs). Such a grass--root technique, however, often suffers from detrimental operating conditions and poor quality. Network virtualization, on the other hand, has been widely advocated as a possibility to overcome what has often been referred to as the ossification of the Internet. Combining the concept of network virtualization with WMN technology, therefore, appears to be promising and desirable. It is envisioned that well managed multiple Virtual Networks (VNs) may overcome shortcomings of WMNs on the one hand, and extend the reach of the Internet beyond its current confinement into the realm and control of the user on the other hand. In this paper, we argue for a context--based approach for an effective means to extend multi--VNs from the Internet domain into WMN environments. We describe both mobility and preferences as context models in order to create virtualized WMNs based on these types of context models. As a result, it is envisioned to achieve a comprehensive connectivity coverage, accompanied by high assurance in network quality. We further present a distributed solution to manage multi--VNs, and a mobility--aware context use case to demonstrate the usefulness of our approach.}, year = {2012}, issn = {1018--4864}, journal = {Telecommunication Systems}, volume = {51}, publisher = {Springer--Verlag}, pages = {259----272}, number = {4}, tags = {Coop{\textunderscore}Vienna, EuroNF{\textunderscore}EEWMI, EuroNF{\textunderscore}MOMO, EuroNF}, web_url2 = {http://www.net.fim.uni--passau.de/future2009/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Matos2012a.pdf}, note = {The original publication is available at www.springerlink.com (March 2011)} } @Inproceedings { Lovasz2012c, author = {Lovasz, Gergoe and Niedermeier, Florian and de Meer, Hermann and Guenther, Daniel and Mueller, Paul and Dambeck, Stefan}, title = {Demonstration of the Ener--G Resource Allocation System}, abstract = {A main goal of Ener--G is to reduce over--provisioning in G--Lab and other future Internet infrastructures by resource sharing and dynamic resource allocation. Sharing of resources allows for consolidating services on a subset of physical resources. Furthermore, if resource allocation is done dynamically, resources can be assigned to services based on their actual and not on their peak resource usage. Idle resources can be turned off to save energy and can be turned on again if the resource requirements increase. The Ener--G Resource Allocation System uses resource sharing and dynamic resource allocation to optimize overall infrastructure energy consumption while considering performance constraints of services at the same time.}, year = {2012}, booktitle = {Proc. of the 12th Wuerzburg Workshop on IP: ITG Workshop ,,Visions of Future Generation Networks'' (EuroView2012)}, publisher = {University of Wuerzburg}, keywords = {Energy efficiency; Resource mangement; Virtualization; Consolidation, Performance tradeoff}, tags = {COST{\textunderscore}IC0804, GLab{\textunderscore}EnerG}, web_url2 = {http://www.euroview2012.org/fileadmin/content/euroview2012/abstracts/03{\textunderscore}04{\textunderscore}abstract{\textunderscore}lovasz.pdf}, file_url = {http://www.net.fim.uni--passau.de/pdf/Lovasz2012c.pdf} } @Inproceedings { Beck2012a, author = {Beck, Michael T. and Fischer, Andreas and de Meer, Hermann}, title = {Distributed Virtual Network Embedding}, abstract = {Network virtualization applies virtualization concepts to network resources in order to provide an abstraction from specific hardware. The added flexibility manifests itself in the possibility to create arbitrarily structured virtual networks that do not necessarily have to reflect the topology or the properties of the underlying physical network. The problem of mapping virtual resources to physical resources in such an environment is commonly known as ,,Virtual Network Embedding'', and almost all existing embedding algorithms do this in a centralized manner. The exploitation of distributed approaches aims to improve performance and to increase the level of reliability: stability and scalability of the whole system should be ensured. In this work, we present our ideas how to build such a new approach.}, year = {2012}, booktitle = {Proc. of the 7th GI/ITG KuVS Workshop on Future Internet}, publisher = {University of Kaiserslautern}, keywords = {Virtual network embedding; Reliability; Virtualization; Virtual networks}, tags = {ResumeNet, EuroNF, ISL{\textunderscore}Institute}, web_url2 = {http://www.future--internet.org/2011/7{\textunderscore}Fachgespraech/files/Slides{\textunderscore}04.pdf}, file_url = {http://www.net.fim.uni--passau.de/pdf/Beck2012a.pdf} } @Article { Lovasz2012b, author = {Lovasz, Gergoe and Niedermeier, Florian and Berl, Andreas and de Meer, Hermann}, title = {Energia e futura Internet}, abstract = {Uma das preocupacoes com relacao ao futuro da Internet diz respeito ao elevado consumo de energia da infraestrutura, que inclui a alimentacao de servidores e equipamentos de rede, assim como o sistema de refrigeracao necessario para resfriar o hardware utilizado. Um consorcio de seis universidades da Alemanha vem estudando formas de amenizar esse cenario.}, year = {2012}, month = {June}, journal = {RTI -- Redes, Telecom e Instalacoes}, volume = {13}, publisher = {Aranda Editora Tecnica e Cultural}, pages = {70----75}, number = {145}, keywords = {Energy efficiency; Resource mangement; Virtualization; Consolidation}, tags = {COST{\textunderscore}IC0804, GLab{\textunderscore}EnerG}, file_url = {http://www.net.fim.uni--passau.de/pdf/Lovasz2012b.pdf} } @Inproceedings { Huusko2012a, author = {Huusko, Jyrki and de Meer, Hermann and Klingert, Sonja and Somov, Andrey}, title = {Energy Efficient Data Centers}, year = {2012}, month = {May}, isbn = {978--3--642--33644--7 (Print); 978--3--642--33645--4 (Online)}, issn = {0302--9743}, DOI = {10.1007/978--3--642--33645--4}, booktitle = {Proc. of the 1st Int'l Workshop on Energy Efficient Data Centres (E2DC12)}, volume = {7396}, publisher = {Springer Verlag}, series = {Lecture notes in Computer Science (LNCS)}, note = {The original publication is available at www.springerlink.com (2012)} } @Article { Botero2012a, author = {Botero, Juan F. and Hesselbach, Xavier and Duelli, Michael and Schlosser, Daniel and Fischer, Andreas and de Meer, Hermann}, title = {Energy Efficient Virtual Network Embedding}, abstract = {Waste of energy due to over--provisioning and overdimensioning of network infrastructures has recently stimulated the interest on energy consumption reduction by Internet Service Providers (ISPs). By means of resource consolidation, network virtualization based architectures will enable energy saving. In this letter, we extend the well--known virtual network embedding problem (VNE) to energy awareness and propose a mixed integer program (MIP) which provides optimal energy efficient embeddings. Simulation results show the energy gains of the proposed MIP over the existing cost--based VNE approach.}, year = {2012}, issn = {1089--7798}, DOI = {10.1109/LCOMM.2012.030912.120082}, journal = {IEEE Communications Letters}, volume = {16}, publisher = {IEEE}, pages = {756----759}, number = {5}, keywords = {Network virtualization; Virtual Network Embedding; Green networking; Mixed Integer Programming; Energy efficiency}, tags = {EuroNF, ResumeNet, All4Green, FIT4Green, GLab{\textunderscore}related, ISL{\textunderscore}Institute}, file_url = {http://www.net.fim.uni--passau.de/pdf/Botero2012a.pdf} } @Inproceedings { He2012a, author = {He, Xiaobing and Szalachowski, Pawel and Kotulski, Zbigniew and Fotiou, Nikos and Marias, Giannis F. and Polyzos, George C. and de Meer, Hermann}, title = {Energy--aware Key Management in Mobile Wireless Sensor Networks}, abstract = {Wireless sensor networks have received wide attention recently across the indoor and outdoor applications. On the other hand, more and more application scenarios require sensor nodes to be mobile, which imposes new technological challenges for security. Key management is the core for secure data communications among the resource--constrained sensor nodes. In this paper, based on the Group Diffie--Hellman key agreement protocols and the energy level of each node in the network, we propose Energy Aware Group Diffie--Hellman key management protocol for mobile wireless sensor networks. The simulation results show that the proposed key management protocol provide significant improvement in maximizing the lifetime of networks.}, year = {2012}, journal = {Annales UMCS, Informatica}, volume = {12}, pages = {83--96}, number = {4} } @Inproceedings { Basmadjian2012a, author = {Basmadjian, Robert and de Meer, Hermann}, title = {Evaluating and Modeling Power Consumption of Multi--Core Processors}, abstract = {Recently, energy--efficient computing has become a major interest, both in the mobile and IT sectors. With the advent of multi--core processors and their energy--saving mechanisms, there is a necessity to model their power consumption. The existing models for multi--core processors are based on the assumption that the power consumption of multiple cores performing parallel computations is equal to the sum of the power of each of those active cores. In this paper, we analyze this assumption and show that it leads to lack of accuracy when applied to modern processors such as quad--core. Based on our analysis, we present a methodology for estimating the power consumption of multi--core processors. Unlike existing models, we take into account resource sharing and power saving mechanisms. We show that our approach provides an accuracy within a maximum error of 5%}, year = {2012}, month = {May}, isbn = {978--1--4503--1055--0}, booktitle = {Proc. of the 3rd Int'l Conf. on Future Energy Systems (e--Energy 2012)}, publisher = {ACM}, keywords = {Component--based modeling; Multi--core processors; Power consumption}, tags = {FIT4Green}, file_url = {http://www.net.fim.uni--passau.de/pdf/Basmadjian2012a.pdf} } @Inproceedings { Poehls2012b, author = {Poehls, Henrich C. and Samelin, Kai and de Meer, Hermann and Posegga, Joachim}, title = {Flexible Redactable Signature Schemes for Trees -- Extended Security Model and Construction}, abstract = {At ISPEC '12, Samelin et al. show that the redactable signature scheme introduced at VLDB '08 by Kundu and Bertino does not always preserve the structural integrity of the tree signed. In particular, they show how redaction of non--leaves promotes descendants and allows a third party to add new edges to the signed tree. This alters the semantic meaning of the tree and is not acceptable in certain scenarios. We generalize the model, such that it offers the signer the flexibility to sign trees where every node is transparently redactable. This includes intermediates nodes, i.e, to allow redacting a hierarchy, but also the tree's root. We present a provably secure construction, where this possibility is given, while remaining under explicit control of the signer. Our security model is as strong as Brzuska et al.'s introduced at ACNS '10. We have implemented our secure construction and present a detailed performance analysis.}, year = {2012}, month = {July}, booktitle = {Proc. of Int'l Conf. on Security and Cryptography (SECRYPT 2012)}, publisher = {SciTePress}, keywords = {Malleable signatures; Accumulators; Hash--Functions; Redactable signatures}, tags = {EFRE{\textunderscore}ITSEC, ISL{\textunderscore}Institute}, file_url = {http://www.net.fim.uni--passau.de/pdf/Poehls2012b.pdf} } @Book { DeMeer2012b, author = {de Meer, Hermann and Hummel, Karin A. and Basmadjian, Robert}, title = {Future Internet Services and Architectures: Trends and Visions}, abstract = {This special issue on Future Internet Services and Architectures: Trends and Visions is a selection of seven papers presented at the Workshop Future Internet Architectures, (open) second Euro--NF Workshop and Future Internet Cluster Meeting, June 9, 2009, Santander, Spain; co--located with the EU ICT Mobile Summit 2009. In this special issue, novel work and ideas are presented including first qualitative and quantitative results.}, year = {2012}, issn = {1018--4864}, DOI = {10.1007/s11235--011--9430--7}, volume = {51}, publisher = {Springer--Verlag}, series = {Telecommunication Systems}, editor = {De Meer, Hermann and Hummel, Karin A. and Basmadjian, Robert}, pages = {219----220}, number = {4}, tags = {EuroNF}, web_url2 = {http://www.net.fim.uni--passau.de/future2009/}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2012b.pdf}, note = {The original publication is available at www.springerlink.com (March 2011)} } @Techreport { DeMeer2012a, author = {de Meer, Hermann and Liedel, Manuel and Poehls, Henrich C. and Posegga, Joachim and Samelin, Kai}, title = {Indistinguishability of One--Way Accumulators}, abstract = {One--Way Accumulators have been introduced by Benaloh and de Mare at Eurocrypt '93. They allow to hash a potentially very large set into a short digest, called the accumulator. The accumulator allows to verify the membership of a given element using corresponding witnesses. State--of--the--Art research focuses on the collision--resistance of the resulting schemes. However, there are many applications, where the accumulator must be hiding, i.e., if a third party does not have all members, it should not be able to decide how many additional members a given accumulator has. This behavior of indistinguishability is already used in many cryptographic applications, but has neither been formalized nor formally proven. In this paper, we close this gap by proving that the construction by Baric and Pfitzmann, presented at Eurocrypt '97, fulfills our new notion. In particular, their accumulator is perfectly indistinguishable. Moreover, we show that the accumulator presented at FSE '96 by Nyberg does not fulfill this requirement.}, year = {2012}, month = {Dec.}, institution = {Faculty of Computer Science and Mathematics (FIM), University of Passau}, number = {MIP--1210}, keywords = {One--Way Accumulators; Privacy; Hash--Functions}, tags = {EFRE{\textunderscore}ITSEC, EINS{\textunderscore}NoE, ISL{\textunderscore}Institute}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2012a.pdf} } @Techreport { Poehls2012a, author = {Poehls, Henrich C. and Samelin, Kai and Posegga, Joachim and de Meer, Hermann}, title = {Length--Hiding Redactable Signatures from One--Way Accumulators in O(n)}, abstract = {In this paper, we propose two provably secure and length--hiding redactable signature schemes. Both have a runtime complexity of O(n). This is lower than existing schemes, which have at best O(n log(n)). Our first scheme protects the integrity of the elements in unordered (multi--)sets, with a storage complexity of O(1). Our second construction protects the structural relation of ordering of elements in lists, with a storage complexity of O(n). We build on a family of quasi--commutative accumulators and a family of hash--functions based on non--abelian but associative operations.}, year = {2012}, month = {April}, institution = {Faculty of Computer Science and Mathematics (FIM), University of Passau}, number = {MIP--1201}, keywords = {Malleable signatures; Accumulators; Hash--Functions; Redactable signatures}, tags = {EFRE{\textunderscore}ITSEC, ISL{\textunderscore}Institute}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Poehls2012a.pdf} } @Article { Abid2012a, author = {Abid, Mohamed Amine and Belghith, Abdelfettah}, title = {Leveraging seminal protocol stacks to support MANETs}, abstract = {In this paper, we investigate the suitability of some protocol stacks (mainly the UDP/IP model) that were firstly proposed for wired networks, to the mobile ad hoc networks (MANETs). These latter, are known to be dynamic as the topology is constantly changing, which affects the validity of the established routes as time tics farther from the start of every routing period. In the UDP/IP model for instance, the IP layer forecasts an IP packet as soon as it receives a data unit coming from the upper layer independently of when this packet will effectively be sent by the lower layer (i.e., the underlying MAC). As such, if a newly created packet using a routing decision relative to its instant of creation, is delayed at the lower layer for some reason, it will be sent using an out of date routing decision and then will wander through established invalid routes leading to poor performances. We first investigate the inherent functioning of such a model (firstly proposed for static networks) and exhibit its drawbacks in a MANETs context. Then, we propose practical enhancements to accommodate a proper behavior suitable to dynamic networks and that firstly provides a priority treatment to control traffc and secondly makes the routing decisions (fills up the IP next hop field) only when the MAC is ready to handle the packet. We conducted an extensive set of simulations to compare both implementations using different load and mobility scenarios and performance metrics but the same routing protocol (OLSR). These simulations show that our proposal solves the malfunctioning of current implementations, yet it allows a better behavior of the OLSR protocol and thus more accurate network performances.}, year = {2012}, journal = {Procedia Computer Science}, volume = {10}, publisher = {Elsevier}, pages = {414----421} } @Inproceedings { Basmadjian2012c, author = {Basmadjian, Robert and Niedermeier, Florian and de Meer, Hermann}, title = {Modelling and Analysing the Power Consumption of Idle Servers}, abstract = {To the best of our knowledge, there have been no efforts in devising power consumption prediction models for an idle server, where this latter contributes approximately 66% of the maximum power drain. In this paper, we propose power consumption prediction models for idle servers by taking into account their constituent components such as processor, memory, hard disk, fan and power supply unit. To this end, we identify the relevant energy--related attributes of each component necessary for the idle power consumption predictions. Furthermore, based on the proposed models, we provide an in--depth analysis by considering several types of servers (e.g. rackable, blade, etc) having different hardware characteristics and energy--aware mechanisms.}, year = {2012}, month = {Oct.}, isbn = {978--1--4673--2031--3}, booktitle = {Proc. of the 2nd IFIP Conf. on Sustainable Internet and ICT for Sustainability (SustainIT 2012)}, publisher = {IFIP}, keywords = {Idle power consumption; Servers; Data centres}, tags = {FIT4Green, All4Green}, web_url2 = {http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6388007}, file_url = {http://www.net.fim.uni--passau.de/pdf/Basmadjian2012c.pdf}, note = {The original publication is available at IEEE Xplore; received best--paper award} } @Inproceedings { Brzuska2012a, author = {Brzuska, Christina and Poehls, Henrich C. and Samelin, Kai}, title = {Non--Interactive Public Accountability for Sanitizable Signatures}, abstract = {Sanitizable signatures enable a designated party to modify signed documents in a controlled way, while the derived signature still verifies. In this paper, we introduce the notion of non--interactive and public accountability. It allows a third party to determine whether a message--signature pair was issued by the signer or the sanitizer. The original notion of accountability does not satisfy European legal standards, while non--interactive public accountability does. A contradictory security goal is the indistinguishability of message--signature pairs from the signer and the sanitizer, a.k.a. transparency. As state--of--the--art schemes often satisfy transparency, they can only achieve a weaker notion of accountability. We show that non--interactive public accountability does not contradict privacy by proving that an existing scheme by Brzuska et al. (BIOSIG '09) satisfies both notions. We then extend the scheme to also satisfy blockwise public accountability. Overall, for e--business applications within the EU, opting for non--interactive public accountability can be preferable over transparency.}, year = {2012}, month = {Sep.}, DOI = {10.1007/978--3--642--40012--4{\textunderscore}12}, booktitle = {Proc. of the 9th European Workshop on Public Key Infrastructures, Services and Applications (EuroPKI 2012)}, volume = {7868}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {178----193}, keywords = {Accountability; Sanitizable Signatures; Privacy; e--commerce}, tags = {EFRE{\textunderscore}ITSEC, EINS{\textunderscore}NoE, ISL{\textunderscore}Institute}, web_url2 = {http://europki2012.dti.unimi.it}, file_url = {http://www.net.fim.uni--passau.de/pdf/Brzuska2012a.pdf}, note = {This is an extended and revised version of the original publication. The original publication is available at www.springerlink.com (August 2013)} } @Inproceedings { Fullerton2012a, author = {Fullerton, Matthew and Holzer, Richard and de Meer, Hermann and Beltran Ruiz, Cristina}, title = {Novel assessment of a peer--peer road accident survival system}, abstract = {Vehicle breakdowns and crashes on motorways can create a sudden drop in traffic speed and make driving conditions dangerous through the requirement of many braking and merging manoeuvres within a confined region. Modern vehicle communications technologies will soon allow drivers to be alerted much sooner to an accident, and voluntarily take action to ensure smoother and safer traffic flow without any assistance from the road infrastructure. Here we address the question of how to evaluate the system outcome in order to assess success of the system intervention. Such an assessment is necessary to specify how the agents (e.g. on--board vehicle units) of the system should be configured such that the overall system improves the situation over the no--system case. We apply quantitative measures in order to directly address this question.}, year = {2012}, booktitle = {Proc. of the 1st Int'l Workshop on Evaluation for Self--adaptive and Self--organizing Systems (Eval4SASO 2012)}, publisher = {IEEE}, keywords = {AmI; Quantitative Measures; Target Orientation; Emergence; Traffic Simulation; Traffic Safety; Vehicle Communication; Accident Warning}, tags = {EuroNF, EINS{\textunderscore}NoE, Socionical, ISL{\textunderscore}Institute}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fullerton2012a.pdf} } @Inproceedings { Samelin2012b, author = {Samelin, Kai and Poehls, Henrich C. and Bilzhause, Arne and Posegga, Joachim and de Meer, Hermann}, title = {On Structural Signatures for Tree Structured Data}, abstract = {In this paper, we present new attacks on the redactable signature scheme introduced by Kundu and Bertino at VLDB '08. This extends the work done by Brzuska et al. at ACNS '10 and Samelin et al. at ISPEC '12. The attacks address unforgeability, transparency and privacy. Based on the ideas of Kundu and Bertino, we introduce a new provably secure construction. The corresponding security model is more flexible than the one introduced by Brzuska et al. Moreover, we have implemented schemes introduced by Brzuska et al. and Kundu and Bertino. The evaluation shows that schemes with a quadratic complexity become unuseable very fast.}, year = {2012}, month = {June}, booktitle = {Proc. of the 10th Int'l Conf. on Applied Cryptography and Network Security (ACNS 2012)}, volume = {7341}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {171----187}, keywords = {Malleable signatures; Redactable signatures; XML}, tags = {EFRE{\textunderscore}ITSEC, ISL{\textunderscore}Institute}, web_url2 = {http://icsd.i2r.a--star.edu.sg/acns2012/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Samelin2012b.pdf}, note = {This is an extended and revised version of the original publication. The original publication is available at www.springerlink.com (2013)} } @Article { Botero2012b, author = {Botero, Juan F. and Hesselbach, Xavier and Fischer, Andreas and de Meer, Hermann}, title = {Optimal mapping of virtual networks with hidden hops}, abstract = {Network Virtualization has emerged as a solution for the Internet inability to address the required challenges caused by the lack of coordination among Internet service providers for the deployment of new services. The allocation of resources is one of the main problems in network virtualization, mainly in the mapping of virtual nodes and links to specific substrate nodes and paths, also known as the virtual network embedding problem. This paper proposes an algorithm based on optimization theory, to map the virtual links and nodes requiring a specific demand, looking for the maximization of the spare bandwidth and spare CPU in the substrate network, taking into account the bandwidth demanded by the hidden hops when a virtual link is mapped. The components of the virtual networks (nodes and links) that do not ask for an specific demand are then allocated following a fairness criteria.}, year = {2012}, issn = {1018--4864}, DOI = {10.1007/s11235--011--9437--0}, journal = {Telecommunication Systems}, volume = {51}, publisher = {Springer--Verlag}, pages = {273----282}, number = {4}, keywords = {Network virtualization; Virtual network embedding; Virtual network mapping; Optimization theory}, tags = {EuroNF, AutoI, ResumeNet,}, web_url2 = {http://www.net.fim.uni--passau.de/future2009/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Botero2012b.pdf}, note = {The original publication is available at www.springerlink.com (March 2011)} } @Article { Lovasz2013a, author = {Lovasz, Gergoe and Niedermeier, Florian and de Meer, Hermann}, title = {Performance Tradeoffs of Energy--Aware Virtual Machine Consolidation}, abstract = {Increasing power consumption of IT infrastructures and growing electricity prices have led to the development of several energy--saving techniques in the last couple of years. Virtualization and consolidation of services is one of the key technologies in data centers to reduce overprovisioning and therefore increase energy savings. This paper shows that the energy--optimal allocation of virtualized services in a heterogeneous server infrastructure is NP--hard and can be modeled as a variant of the multidimensional vector packing problem. Furthermore, it proposes a model to predict the performance degradation of a service when it is consolidated with other services. The model allows considering the tradeoff between power consumption and service performance during service allocation. Finally, the paper presents two heuristics that approximate the energy--optimal and performance--aware resource allocation problem and shows that the allocations determined by the proposed heuristics are more energy--efficient than the widely applied maximum--density consolidation.}, year = {2012}, journal = {Cluster Computing}, volume = {16}, publisher = {Springer--Verlag}, pages = {481----496}, number = {3}, keywords = {Energy efficiency; Resource mangement; Virtualization; Consolidation, Performance tradeoff}, tags = {COST{\textunderscore}IC0804, GLab{\textunderscore}EnerG}, file_url = {http://www.net.fim.uni--passau.de/pdf/Lovasz2013a.pdf}, note = {The original publication is available at www.springerlink.com (May 2012)} } @Incollection { Niedermeier2012a, author = {Niedermeier, Florian and Lovasz, Gergoe and de Meer, Hermann}, title = {Quantifying IT Energy Efficiency}, abstract = {Increasing power consumption of IT infrastructures, growing electricity prices, and ecological awareness are major reasons for a change towards green IT. At the same time, the demand for steadily increasing computational performance remains unbroken. However, optimizing IT equipment in regard to energy saving frequently becomes a trade--off between the energy optimization and the system performance. This chapter defines relevant terminology regarding IT energy efficiency and presents an overview of IT components causing energy consumption. Additionally, it provides a summary and categorization of existing energy saving techniques and energy efficiency metrics as well as an analysis of the impact of energy saving measures on performance. By comparing different energy efficiency metrics, we see that there is no uniform unit to quantify IT energy efficiency. We show that the application of energy saving methods has to be carefully chosen for individual services, as possible energy savings and impairment of performance differ significantly between different energy saving methods.}, year = {2012}, booktitle = {Green and Sustainable Computing: Part I}, volume = {87}, publisher = {Elsevier}, series = {Advances in Computers}, pages = {55----87}, keywords = {Energy efficiency; Performance; Energy efficiency metrics; Energy--performance trade--off; Energy saving techniques}, tags = {GLab{\textunderscore}EnerG} } @Article { Hoehne2012a, author = {Hoehne, Focke and Poehls, Henrich C. and Samelin, Kai}, title = {Rechtsfolgen editierbarer Signaturen}, abstract = {Editierbare Signaturen erlauben in begrenzten Bereichen nachtraegliche Modifikationen an einem signierten Dokument ohne Kenntnis des geheimen Signaturschluessels des Ausstellers. Der Beitrag beleuchtet die Rechtsfolgen editierbarer Signaturen und beschreibt ihren Einsatz am Beispiel von Lebensmittelwarenketten. Im Unterschied zu konventionellen Signaturen werden befugte Aenderungen rechtlich dem Aussteller zugerechnet. Anwendungsbeispiele sind Schwaerzungen zum Schutz von Geschaeftsgeheimnissen oder personenbezogenen Daten, sowie Inhaltsaenderungen zu Korrekturzwecken.}, year = {2012}, month = {Juli}, DOI = {10.1007/s11623--012--0165--8}, journal = {Datenschutz und Datensicherheit (DuD)}, volume = {36}, publisher = {Springer--Verlag}, pages = {485----491}, number = {6}, keywords = {Malleable signatures; Redactable signatures; Recht}, tags = {EFRE{\textunderscore}ITSEC, ISL{\textunderscore}Institute}, file_url = {http://www.net.fim.uni--passau.de/pdf/Hoehne2012a.pdf}, note = {The original publication is available at www.springerlink.com (2012)} } @Inproceedings { Samelin2012a, author = {Samelin, Kai and Poehls, Henrich C. and Bilzhause, A. and Posegga, Joachim and de Meer, Hermann}, title = {Redactable Signatures for Independent Removal of Structure and Content}, abstract = {In this paper, we present a provably secure redactable signature scheme allowing to independently redact structure and content. We identify the problems when structure is not separated from content, resulting in an attack on the scheme proposed at VLDB '08 by Kundu and Bertino. The attack allows for changing the semantic meaning of a given tree. We introduce a rigid security model, including consecutive redaction control, to formalize the required behaviour of our scheme. Moreover, we present first performance evaluations of our implementation to demonstrate the practical use of the presented scheme.}, year = {2012}, booktitle = {Proc. of the 8th Int'l Conf. on Information Security Practice and Experience (ISPEC 2012)}, volume = {7232}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, tags = {EFRE{\textunderscore}ITSEC, ISL{\textunderscore}Institute}, web_url2 = {http://hise.hznu.edu.cn/ispec/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Samelin2012a.pdf}, note = {This is an extended and revised version of the original publication. The original publication is available at www.springerlink.com (2013)} } @Techreport { Samelin2012c, author = {Samelin, Kai and Poehls, Henrich and Posegga, Joachim and de Meer, Hermann}, title = {Redactable vs. Sanitizable Signatures}, abstract = {Malleable signature schemes allow altering signed data in a controlled way while keeping the signature verifiable trusting the signer's key. Several constructions exists. They can be grouped in two different categories: (1) redactable signatures RSS and (2) sanitizable signatures (SSS). Redactable signatures allow for removing blocks of a signed document, while sanitizable signatures offer the possibility to change the admissible blocks to arbitrary strings. This paper shows that sanitizable signatures with a strenghted security definition can be transformed into redactable signatures with a weakened privacy definition. The transformation from an RSS into an SSS is not possible, even if we assume accountability for redactable signatures. In particular, no unforgeable redactable signature scheme can be transformed into a sanitizable signature scheme. This work provides the first rigorous proof that redactable and sanitizable signatures are two different concepts.}, year = {2012}, month = {Dec.}, institution = {Faculty of Computer Science and Mathematics (FIM), University of Passau}, number = {MIP--1208}, keywords = {Redactable signatures; Sanitizable signatures; Privacy; Malleable signatures}, tags = {EFRE{\textunderscore}ITSEC, EINS{\textunderscore}NoE, ISL{\textunderscore}Institute}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Samelin2012c.pdf} } @Article { Marias2012a, author = {Marias, Giannis F. and Barros, Joao and Fiedler, Markus and Fischer, Andreas and Hauff, Harald and Herkenhoener, Ralph and Grillo, Antonio and Lentini, Alessandro and Lima, Luisa and Lorentzen, Charlott and Mazurczyk, Wojciech and de Meer, Hermann and Oliveira, Paulo F. and Polyzos, George C. and Pujol, Enric and Szczypiorski, Krzysztof and Vilela, Joao P. and Vinhoza, Tiago T. V.}, title = {Security and Privacy issues for the Network of the Future}, abstract = {The vision towards the Network of the Future cannot be separated from the fact that today's networks, and networking services are subject to sophisticated and very effective attacks. When these attacks first appeared, spoofing and distributed denial--of--service attacks were treated as apocalypse for networking. Now, they are considered moderate damage, whereas more sophisticated and inconspicuous attacks, such as botnets activities, might have greater and far reaching impact. As the Internet is expanding to mobile phones and 'smart dust' and as its social coverage is liberalized towards the realization of ubiquitous computing (with communication), the concerns on security and privacy have become deeper and the problems more challenging than ever. Re--designing the Internet as the Network of the Future is self--motivating for researchers, and security and privacy cannot be provided again as separate, external, add--on, solutions. In this paper, we discuss the security and privacy challenges of the Network of the Future and try to delimit the solutions space on the basis of emerging techniques. We also review methods that help the quantification of security and privacy in an effort to provide a more systematic and quantitative treatment of the area in the future.}, year = {2012}, issn = {1939--0122}, journal = {Security and Communication Networks}, volume = {5}, pages = {987----1005}, number = {9}, keywords = {Security; Privacy; Networks}, tags = {EuroNF{\textunderscore}ASPECTS, ISL{\textunderscore}Institute} } @Article { Berl2012a, author = {Berl, Andreas and Lovasz, Gergoe and de Meer, Hermann and Zettler, Thomas}, title = {Survey on Energy Efficiency in Office and Residential Computing Environments}, abstract = {Energy efficiency of computing equipment in office and residential environments gets more and more important, with respect to the world--wide desire to reduce CO2 emissions and the increasing cost of energy. While hardware itself gets cheaper, the cost of energy begins to dominate the total cost of ownership of a product. This paper gives an overview on energy saving methods that are applied today, with a special focus on office and residential environments. Currently used methods are classified into three categories:(1) autonomous management of devices, (2) coordinated management of devices, and (3) coordinated management of services. Various implementations of these methods in office and residential environments are described and compared to each other. The comparison illustrates possible directions of future research in the area of energy efficiency.}, year = {2012}, month = {April}, issn = {1904--4720}, journal = {journal of Green Engineering}, volume = {2}, publisher = {River publishers}, pages = {255----272}, number = {3}, keywords = {Energy efficiency; Office environments; Residential environments}, tags = {COST{\textunderscore}IC0804, EuroNF, All4Green, GLab{\textunderscore}EnerG} } @Inproceedings { Klingert2012a, author = {Klingert, Sonja and Berl, Andreas and Beck, Michael T. and Serban, Radu and Di Girolamo, Marco and Giuliani, Giovanni and de Meer, Hermann and Salden, Alfons}, title = {Sustainable Energy Management in Data Centres through Collaboration}, abstract = {In the current decade of rapid expansion of ubiquitous data storage and cloud computing services, the demand for data centre services has seen an enormous increase which is resulting in a continuously rising pressure on the environment in terms of energy consumption and greenhouse gas (GHG) emissions. The recently started project, All4Green, explores potential ICT solutions for collaboration amongst data centers, energy providers, and end--users in order to enable energy providers to save CO2 emissions at the very source of energy conversion. This paper presents an overview of objectives and concepts of the research, discussing the so--called data centres' eco--system, the technical approach to collaboration and GreenSLAs as economic incentives.}, year = {2012}, month = {May}, DOI = {10.1007/978--3--642--33645--4{\textunderscore}2}, booktitle = {Proc. of the 1st Int'l Workshop on Energy Efficient Data Centres (E2DC12)}, volume = {7396}, publisher = {Springer Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {13----24}, keywords = {Energy demand/response management; Data centres; Energy efficiency}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green, GLab{\textunderscore}EnerG, All4Green}, web_url2 = {http://events.networks.imdea.org/content/e--energy--2012/e2dc--workshop}, file_url = {http://www.net.fim.uni--passau.de/pdf/Klingert2012a.pdf}, note = {The original publication is available at www.springerlink.com (2012)} } @Inproceedings { Zirm2012a, author = {Zirm, Maximiliane and Niedermeier, Michael}, title = {The future of homomorphic cryptography in Smart Grid applications}, abstract = {On the basis of the bachelor thesis 'performance comparison of cryptographic algorithms in Smart Grid applications' supervised by Dipl. Inf. Michael Niedermeier and Prof. Dr. Hermann de Meer, this paper covers the analysis of the privacy ensuring capabilities of homomorphic cryptography in the Smart Grid with regard to its energy efficiency. The Paillier algorithm serves as an example and is used in two different architectural scenarios which are introduced and than compared regarding their efficiency and practical applicability.}, year = {2012}, booktitle = {Proc. of the 3rd IEEE Germany Student Conference Passau 2012}, keywords = {Homomorphic cryptography; Smart meter; Privacy; Smart grid}, file_url = {http://www.net.fim.uni--passau.de/pdf/Zirm2012a.pdf} } @Inproceedings { Fotiou2012a, author = {Fotiou, Nikos and Marias, Giannis F. and Polyzos, George C. and Szalachowski, Pawel and Kotulski, Zbigniew and Niedermeier, Michael and He, Xiaobing and de Meer, Hermann}, title = {Towards Adaptable Security for Energy Efficiency in Wireless Sensor Networks}, abstract = {Modern sensors are portable, embeddable, they offer multiple connectivity options and enough processing power that allows the performance of advanced operations. Multiple sensors can be used together forming a wireless sensor network (WSN). Ubiquitous WSNs are expected to play a significant role in the future, assisting users in their everyday life. In this paper we present an intriguing application of WSNs: health monitoring of hospital patients. We focus on the security aspects of this application and identify security threats and requirements. Moreover, we argue that existing security solutions are energy hungry, therefore they are inappropriate for WSNs and we propose a new security design approach: adaptable security. Our design approach advocates that security mechanisms should be able to adapt their complexity by ranking the security requirements of each operation, achieving this way better energy efficiency.}, year = {2012}, booktitle = {Proc. of the 28th meeting of the Wireless World Research Forum (WWRF 2012)}, publisher = {Wireless World Research Forum}, keywords = {Energy efficiency; Security; Wireless sensor networks}, tags = {EuroNF, EuroNF{\textunderscore}EKeyNets, ISL{\textunderscore}Institute}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fotiou2012a.pdf} } @Techreport { Poehls2012c, author = {Poehls, Henrich C. and Samelin, Kai and Posegga, Joachim and de Meer, Hermann}, title = {Transparent Mergeable Redactable Signatures with Signer Commitment and Applications}, abstract = {State--of--the--art private redactable schemes RSS allow the signer to un--detectably add new elements to signed data after signature generation. We introduce a RSS with signer commitments: it prohibits adding new elements after signature generation. This protects against a malicious signer and allows to use RSS for applications like time--stamping. Moreover, we introduce another practically useful property: mergeability. It allows merging two redacted versions of the same signed document into a single document with one signature. We show that neither mergeability nor signer commitment negatively impact on existing properties. We present a provably secure redactable signature scheme that is committing, mergeable, unforgeable, private and transparent. The performance analysis of our implementation shows its practicality.}, year = {2012}, month = {Aug.}, institution = {Faculty of Computer Science and Mathematics (FIM), University of Passau}, number = {MIP--1206}, keywords = {Malleable signatures; Privacy; Redactable signatures}, tags = {EFRE{\textunderscore}ITSEC, EINS{\textunderscore}NoE, ISL{\textunderscore}Institute}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Poehls2012c.pdf} } @Inproceedings { Basmadjian2011b, author = {Basmadjian, Robert and Ali, Nasir and Niedermeier, Florian and de Meer, Hermann and Giuliani, Giovanni}, title = {A Methodology to Predict the Power Consumption of Servers in Data Centres}, abstract = {Until recently, there have been relatively few studies exploring the power consumption of ICT resources in data centres. In this paper, we propose a methodology to capture the behaviour of most relevant energy--related ICT resources in data centres and present a generic model for them. This is achieved by decomposing the design process into four modelling phases. Furthermore, unlike the state--of--the--art approaches, we provide detailed power consumption models at server and storage levels. We evaluate our model for different types of servers and show that it suffers from an error rate of 2% in the best case, and less than 10% in the worst case.}, year = {2011}, month = {May}, booktitle = {Proc. of the ACM SIGCOMM 2nd Int'l Conf. on Energy--Efficient Computing and Networking (e--Energy 2011)}, publisher = {ACM}, keywords = {Data center; Modeling; IT resources; Power consumption}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green, GLab{\textunderscore}related}, web_url2 = {http://edas.info/web/e--energy2011/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Basmadjian2011b.pdf}, note = {To appear} } @Article { Fischer2011a, author = {Fischer, Andreas and Botero, Juan F. and Duelli, Michael and Schlosser, Daniel and Hesselbach, Xavier and de Meer, Hermann}, title = {ALEVIN -- A Framework to Develop, Compare, and Analyze Virtual Network Embedding Algorithms}, abstract = {Network virtualization is recognized as an enabling technology for the Future Internet. Applying virtualization of network resources leads to the problem of mapping virtual resources to physical resources, known as ,,Virtual Network Embedding'' (VNE). Several algorithms attempting to solve this problem have been discussed in the literature, so far. However, comparison of VNE algorithms is hard, as each algorithm focuses on different criteria. To that end, we introduce a framework to compare different algorithms according to a set of metrics, which allow to evaluate the algorithms and compute their results on a given scenario for arbitrary parameters.}, year = {2011}, issn = {1863--2122}, booktitle = {Proc. of the Workshop on Challenges and Solutions for Network Virtualization (NV2011)}, journal = {Electronic Communications of the EASST}, volume = {37}, publisher = {EASST}, editor = {Margaria, Tiziana and Padberg, Julia and Taentzer, Gabriele and Hellbrueck, Horst and Luttenberger, Norbert and Turau, Volker}, pages = {1----12}, keywords = {Virtual network; Network virtualization; Network embedding; Embedding algorithms; Evaluation framework}, tags = {EuroNF{\textunderscore}VNREAL, ResumeNet, EuroNF}, web_url2 = {http://journal.ub.tu--berlin.de/eceasst/article/view/495/580}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fischer2011a.pdf} } @Inproceedings { Basmadjian2011a, author = {Basmadjian, Robert and de Meer, Hermann}, title = {An Arbitrary 2D Structured Replica Control Protocol}, abstract = {Traditional replication protocols that logically arrange the replicas into a specific structure have reasonable availability, lower communication cost as well as system load than those that do not require any logical organisation of replicas. We propose in this paper the A2DS protocol: a single protocol that, unlike the existing proposed protocols, can be adapted to any 2D structure. Its read operation is carried out on any replica of every level of the structure whereas write operations are performed on all replicas of a single level of the structure. We present several basic 2D structures and introduce the new idea of obtaining other 2D structures by the composition of several basic ones. Two structures are proposed that have near optimal performance in terms of the communi-- cation cost, availability and system load of their read and write operations. Also, we introduce a new protocol that provides better performance for its write operations than those of ROWA protocol while preserving similar read performance.}, year = {2011}, month = {March}, isbn = {978--3--939897--27--9}, issn = {2190--6807}, DOI = {10.4230/OASIcs.KiVS.2011.157}, booktitle = {Proc. of the 17th GI/ITG Conf. on Communication in Distributed Systems (KiVS 2011)}, volume = {17}, publisher = {Schloss Dagstuhl, Leibniz--Zentrum fuer Informatik GmbH}, series = {OpenAccess series in Informatics (OASIcs)}, editor = {Luttenberger, Norbert and Peters, Hagen}, pages = {157----168}, keywords = {Replication; Performance attributes; Reliability; Availability; Load}, tags = {EuroNF, FIT4Green}, web_url2 = {http://www.kivs11.de/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Basmadjian2011a.pdf} } @Article { Berl2011b, author = {Berl, Andreas and de Meer, Hermann}, title = {An Energy--Consumption Model for Energy--Efficient Office Environments}, abstract = {The increasing cost of energy and the worldwide desire to reduce CO2 emissions has raised concern about the energy efficiency of information and communication technology. Whilst research has focused on data centres recently, this paper identifies office environments as significant consumers of energy. Office envi-- ronments offer a great potential of energy savings, given that office hosts often remain turned on 24 hours per day while being underutilised or even idle. This paper describes a virtualized office environment that virtulizes office resources to achieve an energy--based resource management. The resource management stops idle hosts from consuming resources and consolidates utilised services on office hosts. Particularly, this paper develops an energy consumption model that is able to estimate the energy consumption of hosts and network within virtualized and ordinary office environments. The model is used to prove the energy efficiency of the suggested approach analytically and to evaluate it using a discrete--event simulation.}, year = {2011}, month = {Oct.}, issn = {0167--739X}, DOI = {10.1016/j.future.2011.04.010}, journal = {Future Generation Computer Systems}, volume = {27}, publisher = {Elsevier B.V.}, pages = {1047----1055}, number = {8}, keywords = {Energy consumption model; Energy efficiency; Office environment; Virtualization; Consolidation}, tags = {EuroNF, COST{\textunderscore}IC0804, FIT4Green, GLab{\textunderscore}related}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2011b.pdf} } @Article { Ali2011a, author = {Ali, Nasir and Baselt, Daniel and de Meer, Hermann}, title = {Analysis of Car--to--Car Beaconing with Network Coding}, abstract = {Lack of updated information due to a high beacon loss rate is a key challenge in car--to--car beaconing strategies. One potential solution for this issue is to re--broadcast lost beacons. However, the repeated dissemination of each lost beacon is infeasible due to the limited bandwidth of wireless channels. To overcome this limitation, network coding is a promising technique, through which a node combines (i.e. codes) multiple packets from different sources and re--broadcasts them through one transmission for the efficient bandwidth usage. In the past, network coding has been employed only for data packets. In this paper, this idea is used for periodic beacons in car--to--car communication to analyze, how much it is effective for the recovery of lost beacons. To this end, we propose two approaches: random selection and radius--based, and compare them to determine, which scheme recovers more beacons. We evaluate these approaches in both sparse and dense highway traffic scenarios with probabilistic radio propagation characteristics.}, year = {2011}, month = {March}, issn = {1863--2122}, booktitle = {Proc. of the Workshops der Wissenschaftlichen Konferenz Kommunikation in Verteilten Systemen (WowKiVS 2011)}, journal = {Electronic Communications of the EASST}, volume = {37}, publisher = {EASST}, pages = {1----13}, keywords = {Car--to--Car communication; Beaconing strategies; Network coding}, tags = {EuroNF, FIT4Green}, web_url2 = {http://journal.ub.tu--berlin.de/eceasst/article/view/533/554}, file_url = {http://www.net.fim.uni--passau.de/pdf/Ali2011a.pdf} } @Inproceedings { Polyzos2011a, author = {Polyzos, George C. and Marias, Giannis F. and Arkoulis, Stamatios and Frangoudis, Pantelis A. and Fiedler, Markus and Popescu, Alexandru and de Meer, Hermann and Herkenhoener, Ralph and Fischer, Andreas and Oberender, Jens O.}, title = {ASPECTS: Agile Spectrum Security}, abstract = {The ASPECTS project considered an underlying dynamic spectrum access radio network, spectrum sensing technology and techniques, and spectrum sharing policies and rules and addressed vulnerabilities in all spectrum sharing phases, i.e. spectrum monitoring, negotiation, dissemination of access rules and sharing implementation. In the following sections, we describe our research objectives and our approach towards attaining them, present the main outcome of ASPECTS and conclude with a discussion on the relevance of our project to the Euro--NF vision towards the Future Internet.}, year = {2011}, booktitle = {Proc. of the 7th Euro--NF Conf. on Next--Generation Internet (NGI 2011)}, publisher = {IEEE}, pages = {1----2}, keywords = {Spectrum access; Cognitive radio; Security}, tags = {EuroNF, EuroNF{\textunderscore}ASPECTS}, web_url2 = {http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=5977166}, file_url = {http://www.net.fim.uni--passau.de/pdf/Polyzos2011a.pdf} } @Article { Abid2011b, author = {Abid, Mohamed Amine and Belghith, Abdelfettah}, title = {Cartography and Stability to Enhance and Self Regulate Proactive Routing in MANETs}, abstract = {In this chapter, the authors propose a novel proactive routing protocol where routing advertisement frequency is self regulated locally at and by each node depending on its mobility level. The proposal relays on an asynchronous distributed cartography gathering algorithm and a link stability criterion. The cartography of the network is kept constantly valid in time and for all applied speeds. Each node senses its own dynamics and locally chooses an appropriate routing advertisement period size. As such stationary nodes generate little signaling traffic while fast moving nodes prefer small routing periods to mitigate the effect of their mobility.}, year = {2011}, DOI = {10.4018/978--1--4666--2038--4.ch081}, journal = {Next Generation Data Communication Technologies: Emerging Trends: Emerging Trends}, publisher = {IGI Global}, pages = {30} } @Phdthesis { Berl2011d, author = {Berl, Andreas}, title = {Energy Efficiency in Office Computing Environments}, abstract = {The increasing cost of energy and the worldwide desire to reduce CO2 emissions has raised concern about the energy efficiency of information and communication technology. Whilst research has focused on data centres recently, this thesis identifies office computing environments as significant consumers of energy. Office computing environments offer great potential for energy savings: On one hand, such environments consist of a large number of hosts. On the other hand, these hosts often remain turned on 24~hours per day while being underutilised or even idle. This thesis analyzes the energy consumption within office computing environments and suggests an energy--efficient virtualized office environment. The office environment is virtualized to achieve flexible virtualized office resources that enable an energy--based resource management. This resource management stops idle services and idle hosts from consuming resources within the office and consolidates utilised office services on office hosts. This increases the utilisation of some hosts while other hosts are turned off to save energy. The suggested architecture is based on a decentralized approach that can be applied to all kinds of office computing environments, even if no centralized data centre infrastructure is available. The thesis develops the architecture of the virtualized office environment together with an energy consumption model that is able to estimate the energy consumption of hosts and network within office environments. The model enables the energy--related comparison of ordinary and virtualized office environments, considering the energy--efficient management of services. Furthermore, this thesis evaluates energy efficiency and overhead of the suggested approach. First, it theoretically proves the energy efficiency of the virtualized office environment with respect to the energy consumption model. Second, it uses Markov processes to evaluate the impact of user behaviour on the suggested architecture. Finally, the thesis develops a discrete--event simulation that enables the simulation and evaluation of office computing environments with respect to varying virtualization approaches, resource management parameters, user behaviour, and office equipment. The evaluation shows that the virtualized office environment saves more than half of the energy consumption within office computing environments, depending on user behaviour and office equipment.}, year = {2011}, month = {March}, school = {University of Passau}, keywords = {Energy efficiency; Office environment; Virtualization; Consolidation}, tags = {EuroNF, COST{\textunderscore}IC0804, FIT4Green, GLab{\textunderscore}related, DFG{\textunderscore}MoPi2}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2011d.pdf}, note = {Awarded: "Wissenschaftspreis der Universitaet Passau 2012"} } @Inproceedings { Quan2011a, author = {Quan, Dang M. and Basmadjian, Robert and de Meer, Hermann and Lent, Ricardo and Mahmoodi, Toktam and Sannelli, Domenico and Mezza, Federico and Telesca, Luigi and Dupont, Corentin}, title = {Energy Efficient Resource Allocation Strategy for Cloud Data Centres}, abstract = {Cloud computing data centres are emerging as new candidates for replacing traditional data centres. Cloud data centres are growing rapidly in both number and capacity to meet the increasing demands for highly--responsive computing and massive storage. Making the data centre more energy efficient is a necessary task. In this paper, we focus on the organisation's internal Infrastructure as a Service (IaaS) data centre type. An internal IaaS cloud data centre has many distinguished features with heterogeneous hardware, single application, stable load distribution, lived load migration and highly automated administration. This paper will propose a way of saving energy for IaaS cloud data centre considering all stated constraints. The basic idea is rearranging the allocation in a way that saving energy. The simulation results show the efficiency of the method.}, year = {2011}, month = {Sep.}, isbn = {978--1--4471--2154--1}, booktitle = {Proc. of the 26th Int'l Symp. on Computer and Information Sciences (ISCIS 2011)}, publisher = {Springer--Verlag}, pages = {133----142}, keywords = {Energy efficient; Resource allocation algorithm; Cloud data centre}, tags = {FIT4Green}, web_url2 = {http://www.springerlink.com/content/978--1--4471--2154--1/{\#}section=965136\&page=3\&locus=28}, file_url = {http://www.net.fim.uni--passau.de/pdf/Quan2011a.pdf} } @Inproceedings { Niedermeier2011b, author = {Niedermeier, Michael and Ali, Nasir and de Meer, Hermann and Hlavacs, Helmut and Treutner, Thomas and Lef{\`e}vre, Laurent and Gelas, Jean--Patrick and Koutsopoulos, Iordanis}, title = {Energy monitoring and its impact on individual user privacy}, abstract = {This short position paper discusses the impact of energy monitoring on individual user privacy based on two practical scenarios.}, year = {2011}, booktitle = {Proc. of the 4th Future Internet Cluster Workshop (FICW 2011)}, keywords = {Energy monitoring; Privacy}, tags = {EuroNF{\textunderscore}SPEC}, file_url = {http://www.net.fim.uni--passau.de/pdf/Niedermeier2011b.pdf} } @Inproceedings { Lovasz2011b, author = {Lovasz, Gergoe and Berl, Andreas and de Meer, Hermann}, title = {Energy-- and Performance--Aware Resource Management in G--Lab and Future Internet Infrastructures}, abstract = {This abstract presents an energy-- and performance--aware resource management that aims at the dynamic allocation of services to physical resources that goes beyond currently applied non--energy--aware, utilization--based consolidation approaches. The suggested resource management computes a resource allocation that is based on service requirement models on one hand and on the power consumption models of the physical resources on the other hand. This way, the overall power consumption of G--Lab (and other Future Internet infrastructures).}, year = {2011}, booktitle = {Proc. of the 11th Wuerzburg Workshop on IP: Joint ITG, ITC, and Euro--NF Workshop on ,,Visions of Future Generation Networks'' (EuroView 2011)}, publisher = {University of Wuerzburg}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green, GLab{\textunderscore}EnerG}, web_url2 = {http://www.euroview2011.com/fileadmin/content/euroview2011/abstracts/abstract{\textunderscore}lovasz.pdf}, file_url = {http://www.net.fim.uni--passau.de/pdf/Lovasz2011b.pdf} } @Inproceedings { Mammela2011a, author = {Mammela, Olli and Majanen, Mikko and Basmadjian, Robert and de Meer, Hermann and Giesler, Andre and Homberg, Willi}, title = {Energy--aware job scheduler for high--performance computing.}, abstract = {In recent years energy--aware computing has become a major topic, not only in wireless and mobile devices but also in devices using wired technology. The ICT industry is consuming an increasing amount of energy and a large part of the consumption is generated by large--scale data centres. In High--Performance Computing (HPC) data centres, higher performance equals higher energy consumption. This has created incentives on exploring several alternatives to reduce the energy consumption of the system, such as energy--efficient hardware or the Dynamic Voltage and Frequency Scaling (DVFS) technique. This work presents an energy--aware scheduler that can be applied to a HPC data centre without any changes in hardware. The scheduler is evaluated with a simulation model and a real--world HPC testbed. Our experiments indicate that the scheduler is able to reduce the energy consumption by 6--16 % depending on the job workload. More importantly, there is no significant slowdown in the turnaround time or increase in the wait time of the job. The results hereby evidence that our approach can be beneficial for HPC data centre operators without a large penalty on service level agreements.}, year = {2011}, month = {Sep.}, issn = {1865--2034}, booktitle = {Proc. of the 2nd Int'l Conf. on Energy--Aware High Performance Computing (ENA--HPC 2011)}, journal = {Computer Science -- Research and Development (CSRD)}, publisher = {Springer--Verlag}, pages = {1----11}, keywords = {HPC; Energy--efficiency; Simulation; Testbed; Scheduling; Power Consumption}, tags = {FIT4Green}, web_url2 = {http://www.springerlink.com/content/lu2866g6g280p453/}, note = {The original publication is available at www.springerlink.com (2010)} } @Inproceedings { Niedermeier2011a, author = {Niedermeier, Florian and Lovasz, Gergoe and de Meer, Hermann and Dambeck, Stefan}, title = {Energy--Aware Service Consolidation: Monitoring and Analysis of Parameters}, abstract = {While Information and Communication Technology (ICT) has contributed to the reduction of energy consumption in many ways, the energy consumption of ICT itself is rapidly growing, especially in data center environments. This paper presents two important modules of an energy--aware resource management within a virtualized data center: a monitoring and an analyzer module. The monitoring module provides monitoring data from physical and virtual machines. This data is processed by the analyzer module to derive high--level information, which is used to identify situations that require a redistribution of virtual machines. The analyzer module then triggers the virtual to physical mapping process, handled by the optimizer module. The optimizer module calculates near energy--optimal virtual to physical resource mappings, based on service resource requirement profiles and hardware power consumption modeling. The geared operation of these modules enables a tightly consolidated data center operation which does not impair quality of service and leverages heterogeneity in data center environments.}, year = {2011}, month = {July}, isbn = {978--2--917490--18--1}, booktitle = {Proc. of the COST Action IC0804 on Energy Efficiency in Large Scale Distributed Systems -- 2nd year}, publisher = {IRIT}, pages = {41----46}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green, GLab{\textunderscore}EnerG}, file_url = {http://www.net.fim.uni--passau.de/pdf/Niedermeier2011a.pdf} } @Inproceedings { Lovasz2011a, author = {Lovasz, Gergoe and Berl, Andreas and de Meer, Hermann}, title = {Energy--Efficient and Performance--Conserving Resource Allocation in Data Centers}, abstract = {This paper presents an energy--aware resource management for data centers with a heterogeneous server infrastructure. The main focus of the paper is on energy--efficient and performance--conserving resource allocation. The suggested resource management uses virtualization and consolidation techniques in order to achieve an energy--efficient operation of the servers in the data center. The resource management itself consists of a monitoring/controlling module, an analyzer module, and an optimizer module. The optimizer module uses power consumption models of servers to compute energy--efficient resource allocations. Service requirement models ensure that the computed resource allocations consider service requirements on CPU, RAM, harddisk, and network. The problem of an energy--efficient and performance--conserving resource allocation is described as a variant of the variable sized multi--dimensional bin packing problem. The result is an energy--efficient and performance--conserving resource management that goes beyond currently applied performance--based consolidation solutions.}, year = {2011}, isbn = {978--2--917490--18--1}, booktitle = {Proc. of the COST Action IC0804 on Energy Efficiency in Large Scale Distributed Systems -- 2nd year}, publisher = {IRIT}, pages = {31----35}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green, GLab{\textunderscore}EnerG}, file_url = {http://www.net.fim.uni--passau.de/pdf/Lovasz2011a.pdf} } @Article { Al-Hazmi2011a, author = {Al--Hazmi, Yahya and de Meer, Hermann and Hummel, Karin A. and Meyer, Harald and Meo, Michela and Remondo, David}, title = {Energy--Efficient Wireless Mesh Infrastructures}, abstract = {The Internet comprises access segments with wired and wireless technologies. In the future, we can expect Wireless Mesh Infrastructures (WMIs) to proliferate in this context. Due to the relatively low energy efficiency of wireless transmission, as compared to wired transmission, energy consumption of WMIs can represent a significant part of the energy consumption of the Internet as a whole. We explore different approaches to reduce energy consumption in WMIs, taking into account the heterogeneity of the technologies and the interaction with wired networks. Finally, we present an example scenario where the application of these methods is discussed.}, year = {2011}, month = {March}, issn = {0890--8044}, DOI = {10.1109/MNET.2011.5730526}, journal = {IEEE Network Magazine}, volume = {25}, publisher = {IEEE}, pages = {32----38}, number = {2}, tags = {EuroNF, EuroNF{\textunderscore}MOMO, EuroNF{\textunderscore}EEWMI, Coop{\textunderscore}Vienna}, file_url = {http://www.net.fim.uni--passau.de/pdf/Al--Hazmi2011a.pdf} } @Misc { Herkenhoener2011b, author = {Herkenhoener, Ralph and de Meer, Hermann}, title = {Ergebnisbericht AP 2 ---- Darstellung der rechtlichen Rahmenbedingungen (E2.2)}, abstract = {Das vorliegende Dokument untersucht die sich im Rahmen des inSel--Projektes stellenden datenschutzrechtlichen Anforderungen und beschreibt die Ergebnisse der Taetigkeiten des Arbeitspaketes 2 (AP2). Im ersten Teil wird eine umfangreiche Uebersicht zur Europaeischen und deutschen Normenlandschaft zum Datenschutz gegeben und die fuer inSel einschlaegigen Datenschutznormen bestimmt. Im zweiten Teil werden die konkreten Anforderungen am Anwendungsfall des inSel--Projektes beteiligten Parteien identifiziert und konkret nach Rechtsgrundlage und notwendigem Schutzniveau benannt. Dieses Dokument dient als Beschreibung der rechtlichen Voraussetzungen, welche bei der Konzept-- und Prototypentwicklung in den Arbeitspaketen 3 und 4 (AP3, AP4) zu beruecksichtigen waren und gleichzeitig als Zielvorgabe fuer die rechtliche und technische Evaluation in Arbeitspaket 5 (AP5) dienen.}, year = {2011}, keywords = {Healthcare; Contract data processing; Data protection; Informational self--determination; Legal framework}, tags = {inSel}, file_url = {http://www.net.fim.uni--passau.de/pdf/Herkenhoener2011b.pdf} } @Inproceedings { Botero2011a, author = {Botero, Juan F. and Hesselbach, Xavier and Duelli, Michael and Schlosser, Daniel and Fischer, Andreas and de Meer, Hermann}, title = {Flexible VNE Algorithms Analysis using ALEVIN}, abstract = {Network virtualization is recognized as an enabling technology for the Future Internet that overcomes network ossification. However, it introduces a set of challenges. In any network virtualization environment, the problem of optimally mapping virtual demands to physical resources, known as virtual network embedding (VNE), is a crucial challenge. This paper analyses the behaviour of the main algorithms proposed to solve VNE by means of the ALEVIN framework. The VNE algorithms are evaluated with regard to appropriate metrics such as: cost, revenue, and virtual network acceptance ratio. We also analyse the impact of the recently introduced hidden hop demand concept in the performance of the VNE algorithms.}, year = {2011}, booktitle = {Proc. of the 11th Wuerzburg Workshop on IP: Joint ITG, ITC, and Euro--NF Workshop ,,Visions of Future Generation Networks'' (EuroView2011)}, publisher = {University of Wuerzburg}, keywords = {Virtual Network Embedding; Network Virtualization}, tags = {EuroNF, EuroNF{\textunderscore}VNREAL, ResumeNet}, file_url = {http://www.net.fim.uni--passau.de/pdf/Botero2011a.pdf} } @Article { Berl2011a, author = {Berl, Andreas and de Meer, Hermann}, title = {Integrating Mobile Cellular Devices into Popular Peer--to--Peer Systems}, abstract = {Today, peer--to--peer content--distribution networks are highly popular among users that have stationary computers with high--bandwidth Internet connections. Mobile devices (e.g. cell phones) that are connected to the Internet via cellular--radio networks, however, could not yet be launched into this field to a satisfactory extent. Although most mobile devices have the necessary hardware resources for joining peer--to--peer content--distribution networks, they are often not able to benefit from participation in an energy efficient way, due to limitations caused by mobility. In this work, mobile devices are identified as providers of advanced mobile features and services that are usually not available to computers in stationary networks. These mobile features and services can be exchanged for services in peer--to--peer networks, turning mobile devices into valuable trading partners. Partnership schemes are set up to define the way of a fair cooperation between mobile devices and other peers. A novel peer--to--peer architecture is suggested that applies partnership schemes to a well--established peer--to--peer content--distribution network and facilitates the integration of mobile devices.}, year = {2011}, month = {Sep.}, issn = {1018--4864}, DOI = {10.1007/s11235--010--9327--x}, journal = {Telecommunication Systems}, volume = {48}, publisher = {Springer--Verlag}, pages = {1----12}, keywords = {Mobile peer--to--peer; Energy efficiency; Heterogeneity; Cellular--radio networks; Mobile services; Content--distribution networks; Incentives}, tags = {COST{\textunderscore}IC0804, DFG{\textunderscore}MoPi2, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2011a.pdf}, note = {The original publication is available at www.springerlink.com (May 2010)} } @Inproceedings { Hauff2011a, author = {Hauff, Harald and Niedermeier, Michael and Muench, Martin and de Meer, Hermann}, title = {IT--Sicherheit ---- eine Kompetenzpartnerschaft fuer die Wirtschaft}, abstract = {Einst revolutionierte die Erfindung des Buchdrucks die Kommunikation. Heute tut es das Internet. Die Grenzen zwischen virtueller und realer Welt verschwimmen zusehends. Aber was ist, wenn unser Kuehlschrank ---- laengst digitalisiert -- anfaengt, fuer uns einzukaufen? Damit unser Vertrauen in die digitalen Helfer nicht auf der Strecke bleibt, benoetigen wir wirksame Schutzmechanismen, wir brauchen IT--Sicherheit. Experten aus Wirtschaft, Wissenschaft und Behoerden ergruenden in diesem Band die neuen Anforderungen an die IT--Sicherheit und wie wir uns ihnen stellen koennen.}, year = {2011}, isbn = {978--3888493423}, booktitle = {Sicherheit mit und ohne Netz -- Proc. of IT--Sicherheit am Donaustrand 2009}, publisher = {Karl Stutz Verlag}, editor = {De Meer, Hermann and Herkenhoener, Ralph}, pages = {17----21}, keywords = {IT--Security; Web 2.0; Law and technics; Practical relevance}, tags = {EFRE{\textunderscore}ITSEC} } @Inproceedings { Herkenhoener2011a, author = {Herkenhoener, Ralph and de Meer, Hermann}, title = {Location--Aware Cloud Computing for Data Protection Law Compliance}, abstract = {The processing of personal data is regulated by data protection law, and companies implement data protection mechanisms to satisfy the given legal obligations. Data protection law compliance verifies weather the implemented mechanisms are satisfying these legal obligations. To some extent, data protection law compliance can be considered as a location--based service. Data protection is user centric as it protects personal data of the user, but it does not necessarily relate to the user's current location. Instead, it relates to the location of the hardware processing the user's data. Location awareness states on information about the location of the hardware on which the user's data is processed. For law compliance, location awareness is an important key factor since applicable law depends on the physical location of the data processing hardware.}, year = {2011}, booktitle = {Proc. of the 8th GI/KuVS--Fachgespraech on Ortsbezogene Anwendungen und Dienste}, tags = {EFRE{\textunderscore}ITSEC, EuroNF}, web_url2 = {http://www.wireless--earth.de/fg{\textunderscore}lbs/meeting{\textunderscore}8/meeting{\textunderscore}8.html}, file_url = {http://www.net.fim.uni--passau.de/pdf/Herkenhoener2011a.pdf} } @Inproceedings { Holzer2011a, author = {Holzer, Richard and de Meer, Hermann}, title = {Methods for Approximations of Quantitative Measures in Self--Organizing Systems}, abstract = {For analyzing properties of complex systems, a mathematical model for these systems is useful. In micro--level modeling a multigraph can be used to describe the connections between objects. The behavior of the objects in the system can be described by (stochastic) automatons. In such a model, quantitative measures can be defined for the analysis of the systems or for the design of new systems. Due to the high complexity, it is usually impossible to calculate the exact values of the measures, so approximation methods are needed. In this paper we investigate some approximation methods to be able to calculate quantitative measures in a micro--level model of a complex system. To analyze the practical usability of the concepts, the methods are applied to a slot synchronization algorithm in wireless sensor networks.}, year = {2011}, isbn = {978--3--642--19166--4 (Print); 978--3--642--19167--1 (Online)}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/978--3--642--19167--1{\textunderscore}1}, booktitle = {Proc. of the 5th Int'l Workshop on Self--Organizing Systems (IWSOS 2011)}, volume = {6557}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, editor = {Bettstetter, Christian and Gershenson, Carlos}, pages = {1----15}, affiliation = {Faculty of Informatics and Mathematics, University of Passau, Innstrasse 43, 94032 Passau, Germany}, keywords = {Self--Organziation; Mathematical modeling; Systems; Quantitative measures; Approximation}, tags = {Socionical, ResumeNet, EuroNF}, web_url2 = {http://www.iwsos.org/2011}, file_url = {http://www.net.fim.uni--passau.de/pdf/Holzer2011a.pdf}, note = {The original publication is available at www.springerlink.com (2011)} } @Inproceedings { Holzer2011b, author = {Holzer, Richard and W{\"u}chner, Patrick and de Meer, Hermann}, title = {Modeling and Application of Self--Organizing Systems -- Tutorial Paper}, abstract = {This tutorial gives an overview about mathematical modeling methods for complex and self--organizing systems. Modeling can be used for the analysis and optimization of existing systems and for the design and engineering of new systems. In this tutorial we classify modeling methods into macro--level modeling and micro--level modeling. By using a micro--level model, the behaviors of all entities of the system and the interactions between these entities have to be specified. The state space of such a model is the Cartesian product of the state spaces of each entity. For a macro level, many micro--level states are aggregated into a single macro--level state. The macro level model describes only the behavior of the variables of interest. Another classification for modeling methods is the time space: The advance of time can either be modeled discrete or continuous. This tutorial contains short introductions to some modeling methods (e.g. Markov chains, cellular automata, recurrence equations, differential equations, ...) and a discussion about their possibilities for analysis, optimization, design and engineering of self--organizing systems. The applicability of the modeling methods are demonstrated in some use cases.}, year = {2011}, booktitle = {Proc. of the 5th Int'l IEEE Conf. on Self--Adaptive and Self--Organizing Systems (SASO 2011)}, series = {IEEE Computer Society Press}, tags = {EuroNF, ResumeNet, Socionical}, web_url2 = {https://www.fim.uni--passau.de/fileadmin/dokumente/fakultaeten/fim/lehrstuhl/meer/publications/pdf/Holzer2010a.pdf}, file_url = {http://www.net.fim.uni--passau.de/pdf/Holzer2011b.pdf}, note = {To appear at IEEE Xplore} } @Inproceedings { Abid2011c, author = {Abid, Mohamed Amine and Belghith, Abdelfettah}, title = {Modeling efficiency of mobile ad hoc networks in OMNeT++}, abstract = {In this paper, we investigate the pertinence and the relevance of the modeling of proactive routing in mobile ad hoc networks (MANETs) under the OMNeT++ simulator. In such dynamic networks, the constantly changing topology affects the validity of the established routes as time elapses farther from the start of the routing period. In OMNeT++, as is indeed the case of all the other network simulators, the IP model forecasts an IP packet as soon as it receives an upper layer data unit from the upper layer independently of when this packet will effectively be sent by the lower layer (i.e., the underlying MAC). As such, delayed packets will wander through established invalid routes which will amount to poor performances. We first investigate the inherent functioning of the OMNeT++ simulator and exhibit its modeling drawbacks. Then, we propose practical enhancements to accommodate a proper modeling of dynamic networks that provides a priority treatment to control traffic and fills up the IP next hop field only when the MAC is ready to handle the packet. We conducted an extensive set of simulations to compare both implementations using different load and mobility scenarios and performance metrics. These simulations show that our proposal resolves the malfunctioning of current implementations, yet it allows more accurate network performances.}, year = {2011}, organization = {IEEE}, booktitle = {Wireless and Mobile Networking Conference (WMNC), 2011 4th Joint IFIP}, pages = {1----5} } @Inproceedings { Ali2011b, author = {Ali, Muhammad and Niedermeier, Michael and de Meer, Hermann}, title = {Modeling virtualized infrastructures under security constraints}, abstract = {As virtualization is among the current key enabling technologies for both energy--efficient operation as well as reduction of hardware costs, many companies are trying to take advantage by virtualizing their hardware infrastructures. While these advantages make the usage of virtualized infrastructures very appealing, the impact on security is a problem that still needs to be researched. This position paper focuses on the problem of mapping virtual resources onto physical ones while restricting the mapping scheme under security constraints. While proposing a mapping scheme is not a new idea, the main novelty in our work is to take into account the security requirements of virtual resources into the resource mapping equations.}, year = {2011}, booktitle = {Proc. of the Euro--NF Int'l Workshop on Traffic and Congestion Control for the Future Internet (EuroNF--TCCFI 2011)}, pages = {5----6}, keywords = {IT--Security; Modeling; Virtualization}, tags = {EFRE{\textunderscore}ITSEC, EuroNF{\textunderscore}SPEC, EuroNF}, web_url2 = {http://www.inf.uth.gr/euronf--tccfi/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Ali2011b.pdf} } @Inproceedings { Wuechner2011a, author = {Wuechner, Patrick and Sztrik, J{\'a}nos and de Meer, Hermann}, title = {Modeling Wireless Sensor Networks Using Finite--Source Retrial Queues with Unreliable Orbit}, abstract = {Motivated by the need for performance models suitable for modeling and evaluation of wireless sensor networks, we introduce a retrial queueing system with a finite number of homogeneous sources, unreliable servers, orbital search, and unreliable orbit. All random variables involved in model construction are assumed to be independent and exponentially distributed. Providing a generalized stochastic Petri net model of the system, steady--state analysis of the underlying continuous--time Markov chain is performed and steady--state performance measures are computed by the help of the MOSEL--2 tool. The main novelty of this investigation is the introduction of an unreliable orbit and its application to wireless sensor networks. Numerical examples are derived to show the influence of sleep/awake time ratio, message dropping, and message blocking on the senor nodes' performance.}, year = {2011}, booktitle = {Proc. of the Workshop on Performance Evaluation of Computer and Communication Systems (PERFORM 2010)}, volume = {6821}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {73----86}, keywords = {Performance evaluation; Unreliable finite--source retrial queue; Wireless sensor network; Energy efficiency; Self--organization}, tags = {DFG{\textunderscore}MathMod, AutoI, ResumeNet, EuroNF, EuroNF{\textunderscore}PADU, MOSEL2}, web_url2 = {http://www.springerlink.com/content/4851lv1w8822kh42/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2011a.pdf}, note = {The original publication is available at www.springerlink.com} } @Incollection { Sargento2011a, author = {Sargento, Susana and Matos, Ricardo and Hummel, Karin A. and Hess, Andrea and Toumpis, Stavros and Tselekounis, Yiannis and Stamoulis, George D. and Al--Hazmi, Yahya and Ali, Muhammad and de Meer, Hermann}, title = {Multi--Access Communications in Wireless Mesh Networks by Virtualization}, abstract = {This chapter presents an architecture for context--aware Virtual Networks (VNs) that provides user--driven multi--access communication. The architecture is dedicated and appropriate for the flexibility provided by Wireless Mesh Networks. According to this architecture, VNs with different context characteristics such as Quality of Service (QoS), mobility, and security are built to support communications with different characteristics that best fit the users' needs. The architecture is modeled both through a probabilistic and an optimization approach to provide quantitative insights into its performance. The probabilistic model quantifies the overhead on the architecture in terms of networking delays induced due to the VN management (searching, creation, and management). The optimization model provides insights into the competition of the VNs for the limited bandwidth resources. Indicative results of the models show the feasibility of the architecture, the upper bounds in terms of number of supported VNs to achieve good quality communications, and the relative placement of the flows in different, competing VNs.}, year = {2011}, booktitle = {Wireless Multi--Access Environments and Quality of Service Provisioning: Solutions and Application}, publisher = {IGI Global}, pages = {97----138}, keywords = {Context; Mesh network; Multi--access; Multi--homing; Multi--path; Virtualization}, tags = {EuroNF, EuroNF{\textunderscore}MOMO, EuroNF{\textunderscore}CAMYM}, web_url2 = {http://www.igi--global.com/viewtitlesample.aspx?id=61838} } @Article { Herkenhoener2011c, author = {Herkenhoener, Ralph and Fischer, Harald and de Meer, Hermann}, title = {Outsourcing im Pflegedienst}, abstract = {Pflegekunden vertrauen den Pflegediensten sensible Gesundheitsdaten an. Doch dieses rechtlich geschuetzte Vertrauen ist durch wirtschaftliche Zwaenge gefaehrdet. Viele Pflegedienste binden IT--Dienstleister in Ihre Datenverarbeitung ein und machen diese somit zu Mitwissern. Dabei gibt es einen Weg zwischen rechtlichen und wirtschaftlichen Zwaengen.}, year = {2011}, month = {Dec.}, DOI = {10.1007/s11623--011--0204--x}, journal = {Datenschutz und Datensicherheit (DuD)}, volume = {35}, publisher = {Springer--Verlag}, pages = {870----874}, number = {12}, keywords = {Information privacy; Compliance; Outsourcing; Healthcare}, tags = {EFRE{\textunderscore}ITSEC}, file_url = {http://www.net.fim.uni--passau.de/pdf/Herkenhoener2011c.pdf}, note = {The original publication is available at www.springerlink.com (2011)} } @Inproceedings { Belhassen2011a, author = {Belhassen, Mohamed and Belghith, Abdelfettah and Abid, Mohamed Amine}, title = {Performance evaluation of a cartography enhanced OLSR for mobile multi--hop ad hoc networks}, abstract = {In this paper, we propose the integration of a cartography gathering scheme to enhance the capacity of the Optimized Link State Routing Protocol (OLSR) to properly track node movements in dynamic networks. We propose an improved version of OLSR called the Cartography Enhanced Optimized Link State Routing Protocol (CE--OLSR), a novel routing protocol designed for mobile multi--hop ad hoc networks. Our contribution is three fold. First, we propose an efficient network cartography collection scheme solely based on OLSR signaling traffic. We show that this cartography is much richer than the mere topology gathered by the seminal OLSR. Second, we designed an enhanced version of OLSR based on the collected cartography. We show that CE--OLSR insures a much better responsiveness and copes appropriately with the mobility of nodes. Third, we conduct an extensive set of simulations to compare the performance of our proposal against that of OLSR. Simulations results show that the proposed CE--OLSR outperforms greatly OLSR in terms of a much better route validity, a much higher throughput and a much lower average delay. For instance, at a speed of 20 m/s, CE--OLSR achieves a route validity beyond 93% while that provided by OLSR barely attains 30%. At high speeds, CE--OLSR delivers more than 3 times the throughput of OLSR with an average end to end delay 21 times smaller. As such, CE--OLSR stands out not only as an appropriate routing protocol for mobile multi--hop ad hoc networks, but also a viable protocol for the transport of time critical data.}, year = {2011}, organization = {IEEE}, booktitle = {Wireless Advanced (WiAd), 2011}, pages = {149----155} } @Article { Fischer2011c, author = {Fischer, Andreas and de Meer, Hermann}, title = {Position Paper: Secure Virtual Network Embedding}, abstract = {Network virtualization has been recognized as an important technique to overcome the perceived ossification of the current Internet. Several variations of network virtualization have already been discussed in the literature. These approaches use virtualization to partition and/or combine physical network resources into virtual network resources. An actual deployment of virtual networks then requires the network operator to perform a mapping of virtual resources onto physical resources. The question of how this mapping can be performed in an optimal way is commonly known as the Virtual Network Embedding (VNE) problem. Several algorithms to solve this problem have been proposed already. These algorithms, however, focus on optimizing the use of resources with regard to performance. Security constraints to the VNE problem have not been investigated in depth, so far.}, year = {2011}, month = {Oct.}, issn = {0930--5157 (Print); 1865--8342 (Online)}, DOI = {10.1515/piko.2011.040}, journal = {Praxis der Informationsverarbeitung und Kommunikation (PIK)}, volume = {34}, pages = {190----193}, number = {4}, keywords = {Network virtualization; Security; Virtual network embedding}, tags = {EuroNF{\textunderscore}VNREAL, ResumeNet, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fischer2011c.pdf} } @Article { Berl2011c, author = {Berl, Andreas and de Meer, Hermann}, title = {Reducao do consumo de energia de computadores de escritorios}, abstract = {Os ambientes de escritorio oferecem enorme potencial de economia de energia, uma vez que os equipamentos de computacao permanecem frequentemente energizados durante 24 horas por dia, mas subutilizados ou mesmo ociosos durante boa parte desse periodo. Este artigo investiga e discute esse potencial e propoe uma abordagem para a eficiencia energetica, baseada na virtualizacao de recursos e consolidacao de servicos.}, year = {2011}, month = {April}, journal = {Eletricidade Moderna}, volume = {2011}, publisher = {Aranda Editora Tecnica e Cultural}, pages = {66----77}, number = {4}, keywords = {Energy efficiency; Office environment; Virtualization; Consolidation}, tags = {EuroNF, COST{\textunderscore}IC0804, FIT4Green, GLab{\textunderscore}related}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2011c.pdf} } @Inproceedings { Poehls2011a, author = {Poehls, Henrich C. and Samelin, Kai and Posegga, Joachim}, title = {Sanitizable Signatures in XML Signature -- Performance, Mixing Properties, and Revisiting the Property of Transparency}, abstract = {We present the performance measures of our Java Cryptography Architecture (JCA) implementation that integrates sanitizable signature schemes into the XML Signature Specification. Our implementation shows mostly negligible performance impacts when using the Ateniese scheme with four different chameleon hashes and the Miyazaki scheme in XML Signatures. Thus, sanitizable signatures can be added to the XML Security Toolbox. Applying the new tools we show how to combine different hash algorithms over different document parts adding and removing certain properties of the sanitizable signature scheme; this mixing comes very natural in XML Signatures. Finally, we motivate that existing definitions for the property of Transparency are counterintuitive in these combinations. Our conclusion is that the document--level Transparency property is independent of the sub--document properties Weak and Strong Transparency.}, year = {2011}, booktitle = {ACNS}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, web_url2 = {http://www.springerlink.com/content/xx022571j07l2115/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Poehls2011a.pdf}, note = {The original publication is available at www.springerlink.com (2011)} } @Inproceedings { Poehls2011b, author = {Poehls, Henrich C. and Samelin, Kai and Posegga, Joachim}, title = {Sanitizable Signed Privacy Preferences for Social Networks}, abstract = {Privacy preferences are the handling rules and constraints under which a data subject allows a third party to process, store, and use his personal data. We have analysed Facebook and show how the Social Network System fails to collect, manage, and hand--over to third--parties user's consent. Todays technical solutions of collecting the consent on the Internet can be argued to fullfil the regulatory requirements of an informed consent to the service's Privacy Policy and Terms of Service. We found no change in Facebook's processes for collecting and managing user consent from 2009 to 2011. The technical solutions used today neither allow to manage, thus change this consent over time, nor allow to hand--over the consent to a third party. We sketch one technical solution, which lends a lot from public key infrastructures. A social network is already trusted by users to keep or federate their data. Hence, we describe the next step of Social Networks becoming an authority and sign the consent collected from its users to making the available data verifiable for third--parties. Better yet, if you do not trust the Social Network a user himself can run his own certificate authority or a group of users can provide one as a community service.}, year = {2011}, month = {Oct.}, booktitle = {Proc. of GI Workshop on Privacy and Identity Management for Communities -- Communities for Privacy and Identity Management (DICCDI 2011)}, publisher = {GI}, series = {Lecture notes in Informatics (LNI)}, web_url2 = {http://www.user.tu--berlin.de/komm/CD/paper/090212.pdf}, file_url = {http://www.net.fim.uni--passau.de/pdf/Poehls2011b.pdf} } @Article { Rubio-Loyola2011a, author = {Rubio--Loyola, Javier and Galis, Alex and Astorga, Antonio and Serrat, Joan and Lef{\`e}vre, Laurent and Fischer, Andreas and Paler, Alexandru and de Meer, Hermann}, title = {Scalable Service Deployment on Software Defined Networks}, abstract = {The network of the future will require a greater degree of service--awareness, and an optimal use of network resources. This paper presents the architectural design developed in the AutoI project for an open software--defined network infrastructure that enables the composition of fast and guaranteed services in an efficient manner and the execution of these services in an adaptive way taking into account better shared network resources provided by network virtualisation. Validation results are provided with special emphasis on service deployment scalability over virtualized network infrastructures.}, year = {2011}, issn = {0163--6804}, journal = {IEEE Communications Magazine}, volume = {49}, pages = {84----93}, number = {12}, keywords = {Autonomic Internet; Network virtualisation; Service enablers; Self--management}, tags = {AutoI, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Rubio--Loyola2011a.pdf} } @Misc { Royer2011a, author = {Royer, Denis and Alkassar, Ammar and Herkenhoener, Ralph and de Meer, Hermann and Haas, Sebastian and Mueller, Guenter and Hartl, Manuel and Fischer, Harald}, title = {Schlussbericht zum Projekt inSel: Informationelle Selbstbestimmung in Dienstenetzen fuer den Zeitraum 01.10.2008 ---- 30.11.2010}, abstract = {Im aktuellen Geschehen haeufen sich Faelle, bei denen persoenliche Daten von Millionen Kunden ohne Einwilligung weitergegeben werden und so unbemerkt von jedem Internetnutzer weltweit gelesen und genutzt werden koennen. Durch zentrale Datenanhaeufung, Dienste--orientierte Internetangebote und individualisierte Internetnutzung, gewinnt dieses Gefaehrdungspotential zunehmend an Relevanz fuer Kunden und Anbieter. Dies liegt u.a. daran, dass derartige Dienste die Privatsphaere und informationelle Selbstbestimmung und damit die zugrundeliegenden gesetzlichen Regelungen aushebeln. Aehnliche Phaenomene lassen sich auch bei der JobCard oder der elektronischen Gesundheitskarte beobachten, bei denen trotz aller Vereinbarungen die informationelle Selbstbestimmung nicht automatisiert eingefordert werden kann. Dies gilt in abgewandelter Form auch fuer Kunden-- und Bonuskarten. Um sich diesen Herausforderungen zu stellen, wird im Rahmen des Projektes inSel ein System zur technischen Durchsetzung von Datenschutzvereinbarungen entwickelt. Dieses System ermoeglicht einerseits dem Nutzer, nach dem Prinzip der informationellen Selbstbestimmung, Profilbildungen bei der Nutzung von individualisierten Dienstleistungen zu kontrollieren und andererseits dem Anbieter das in sie gesetzte Vertrauen rechtfertigen zu koennen. inSel besteht aus dem Separation of Concerns basierenden Sicherheitskonzept der Universitaet Freiburg, den Vorarbeiten zu Public--Key Infrastrukturen (PKI) der FlexSecure und dem TURAYA Sicherheitskern und der revisionssicheren Protokollierung von Transaktionen (AuditLog) der Sirrix AG zur Durchsetzung von Sicherheits--Policies. Die Anwendungskenntnisse aus dem Bereich der Pflegedienstplanung aus dem Bereich der ambulanten und stationaeren Pflege (einem Bereich des Gesundheitswesens und der Sozialwirtschaft) werden ma{\"s}geblich durch die Beteiligung der Firma Lohmann \& Birkner sichergestellt. Die Einhaltung der rechtlichen Anforderungen und Rahmenbedingungen durch inSel gewaehrleistet die Universitaet Passau.}, year = {2011}, keywords = {Service networks; Healthcare; Privacy protection; Informational self--determination; Separation of concern; Trusted computing}, tags = {inSel}, file_url = {http://www.net.fim.uni--passau.de/pdf/Royer2011a.pdf} } @Proceedings { DeMeer2011a, author = {Herkenhoener, Ralph and de Meer, Hermann}, title = {Sicherheit mit und ohne Netz -- Proc. of IT--Sicherheit am Donaustrand 2009}, abstract = {Einst revolutionierte die Erfindung des Buchdrucks die Kommunikation. Heute tut es das Internet. Die Grenzen zwischen virtueller und realer Welt verschwimmen zusehends. Aber was ist, wenn unser Kuehlschrank ---- laengst digitalisiert -- anfaengt, fuer uns einzukaufen? Damit unser Vertrauen in die digitalen Helfer nicht auf der Strecke bleibt, benoetigen wir wirksame Schutzmechanismen, wir brauchen IT--Sicherheit. Experten aus Wirtschaft, Wissenschaft und Behoerden ergruenden in diesem Band die neuen Anforderungen an die IT--Sicherheit und wie wir uns ihnen stellen koennen.}, year = {2011}, isbn = {978--3888493423}, publisher = {Karl Stutz Verlag}, editor = {De Meer, Hermann and Herkenhoener, Ralph}, keywords = {IT--Security; Web 2.0; Law and technics; Practical relevance}, tags = {EFRE{\textunderscore}ITSEC}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2011a.pdf} } @Article { Abid2011a, author = {Abid, Mohamed Amine and Belghith, Abdelfettah}, title = {Stability routing with constrained path length for improved routability in dynamic MANETs}, abstract = {Quality of service (QoS) routing is known to be an NP--hard problem in case of two or more additive constraints, and several exact algorithms and heuristics have been proposed to address this issue. In this paper, we consider a particular two--constrained quality of service routing problem maximizing path stability with a limited path length in the quest of improving routability in dynamic multi--hop mobile wireless ad hoc networks. First, we propose a novel exact algorithm to solve the optimal weight-- constrained path problem. We instantiate our algorithm to solve the most stable path not exceeding a certain number of hops, in polynomial time. This algorithm is then applied to the practical case of proactive routing in dynamic multi--hop wireless ad hoc networks. In these networks, an adequate compromise between route stability and its length in hops is essential for appropriately mitigating the impact of the network dynamics on the validity of established routes. Secondly, we set up a common framework for the comparison between three families of proactive routing: the shortest path--based routing, the most stable path--based routing and our proposed most stable constrained path routing. We show then through extensive simulations that routing based on our proposed algorithm selects appropriate stable paths yielding a very high routability with an average path length just above that of the shortest paths.}, year = {2011}, DOI = {10.1007/s00779--011--0366--4}, journal = {Personal and Ubiquitous Computing}, volume = {15}, publisher = {Springer}, pages = {799----810}, number = {8} } @Inproceedings { Haas2011a, author = {Haas, Sebastian and Herkenhoener, Ralph and Royer, Denis and Alkassar, Ammar and de Meer, Hermann and Mueller, Guenter}, title = {Supporting semi--automated compliance control by a system design based on the concept of separation of concerns}, abstract = {Manual compliance audits of information systems tend to be time consuming. This leads to the problem that actual systems are not audited properly and do not comply to data protection laws or cannot be proven to comply. As a result, personal data of the data subject are potentially threatened with loss and misuse. Automatic compliance control is able to reduce the effort of compliance checks. However, current approaches are facing several drawbacks, e.g. the effort of employing cryptographic hardware on every single subsystem. In this paper a system design is presented that is able to circumvent several drawbacks of existing solutions thereby supporting and going beyond existing mechanisms for automated compliance control.}, year = {2011}, booktitle = {Privacy and Identity Management for Life -- Proc. of the 6th IFIP WG 9.2, 9.6/11.7, 11.4, 11.6/PrimeLife Int'l Summer School}, volume = {352}, publisher = {Springer--Verlag}, series = {IFIP Advances in Information and Communication Technology}, pages = {120----129}, keywords = {Privacy; Data protection; Compliance control; Audit; Separation of concerns; Security gateway}, tags = {inSel}, web_url2 = {http://www.cs.kau.se/IFIP--summerschool/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Haas2011a.pdf}, note = {The original publication is available at www.springerlink.com; revised selected paper} } @Incollection { Galis2011a, author = {Galis, Alex and Clayman, Stuart and Lef{\`e}vre, Laurent and Fischer, Andreas and de Meer, Hermann and Rubio--Loyola, Javier and Serrat, Joan and Davy, Steven}, title = {Towards In--Network Clouds in Future Internet}, abstract = {One of the key aspect fundamentally missing from the current Internet infrastructure is an advanced service networking platform and facilities, which take advantage of flexible sharing of available connectivity, computation, and storage resources. This paper aims to explore the architectural co--existence of new and legacy services and networks, via virtualisation of connectivity and computation resources and self--management capabilities, by fully integrating networking with cloud computing in order to create In--Network Clouds. It also presents the designs and experiments with a number of In--Network Clouds platforms, which have the aim to create a flexible environment for autonomic deployment and management of virtual networks and services as experimented with and validated on large--scale testbeds.}, year = {2011}, DOI = {10.1007/978--3--642--20898--0{\textunderscore}2}, booktitle = {The Future Internet}, volume = {6656}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, editor = {Domingue, John and Galis, Alex and Gavras, Anastasius and Zahariadis, Theodore and Lambert, Dave and Cleary, Frances and Daras, Petros and Krco, Srdjan and Mueller, Henning and Li, Man--Sze and Schaffers, Hans and Lotz, Volkmar and Alvarez, Federico and Stiller, Burkhard and Karnouskos, Stamatis and Avessta, Susanna and Nilsson, Michael}, pages = {19----33}, keywords = {In--Network clouds; Virtualisation of resources; Self--Management; Service plane; Orchestration plane and knowledge plane}, tags = {AutoI, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Galis2011a.pdf}, note = {The original publication is available at www.springerlink.com (2011)} } @Inproceedings { Al-Hazmi2011b, author = {Al--Hazmi, Yahya and de Meer, Hermann}, title = {Virtualization of 802.11 Interfaces for Wireless Mesh Networks}, abstract = {Equipping wireless devices with multiple radio interfaces enables multi--channel communication that has attracted recent interest due to its significant benefits in terms of exploiting the available radios to increase the throughput and the creation of WLAN--based Mesh Networks. The usage of multiple network interface cards (NICs) demands higher cost, large physical space and more energy consumption. Instead of that, virtualization of NICs is a promising approach that gives a wireless device equipped with a single card the ability to connect to more than one network simultaneously. In this paper, we present two methods for NIC virtualization. With the increasing need for energy--efficient networking and for supporting a continuous delivery of real--time multimedia services (e.g. VoIP, video streaming) despite mobility in order to avoid packet loss and delay resulting from handovers, enhancements and mechanisms are needed. In this paper, we have conducted some simulations to show how virtualization of 802.11 NICs enables energy--efficient Wireless Mesh Networks and soft handover.}, year = {2011}, month = {Jan.}, isbn = {978--1--61284--189--2}, DOI = {10.1109/WONS.2011.5720199}, booktitle = {Proc. of the 8th Int'l Conf. on Wireless On--demand Network Systems and Services (WONS 2011)}, publisher = {IEEE}, pages = {44----52}, keywords = {WLAN; WMNs; Virtualization; PSM; Simultaneous connectivity; Energy efficiency; Soft handover}, tags = {EuroNF, EuroNF{\textunderscore}MOMO, EuroNF{\textunderscore}EEWMI}, file_url = {http://www.net.fim.uni--passau.de/pdf/Al--Hazmi2011b.pdf} } @Inproceedings { Duelli2011a, author = {Duelli, Michael and Schlosser, Daniel and Botero, Juan F. and Hesselbach, Xavier and Fischer, Andreas and de Meer, Hermann}, title = {VNREAL: Virtual Network Resource Embedding ALgorithms in the Framework ALEVIN}, abstract = {Network virtualization is recognized as an enabling technology for the Future Internet that overcomes network ossification. However, it introduces a set of challenges. In any network virtualization environment, the problem of optimally mapping virtual resources to physical resources, known as virtual network embedding (VNE), is a critical challenge. Several algorithms attempting to solve this problem have been proposed in literature, so far. However, comparison of existing and new VNE algorithms is hard, as each algorithm focuses on different criteria. To that end, the VNREAL project introduces ALEVIN, a framework to compare different algorithms according to a set of metrics, easily incorporate new VNE algorithms, and evaluate these algorithms on a given scenario for arbitrary parameters.}, year = {2011}, DOI = {10.1109/NGI.2011.5985874}, booktitle = {Proc. of the 7th Euro--NF Conf. on Next--Generation Internet (NGI 2011)}, publisher = {IEEE}, pages = {1----2}, keywords = {Virtual network embedding; Network virtualization}, tags = {EuroNF, EuroNF{\textunderscore}VNREAL, ResumeNet}, web_url2 = {https://ieeexplore.ieee.org/document/5985874}, file_url = {http://www.net.fim.uni--passau.de/pdf/Duelli2011a.pdf} } @Inproceedings { Fischer2011b, author = {Fischer, Andreas and Fessi, Ali and Carle, Georg and de Meer, Hermann}, title = {Wide--Area Virtual Machine Migration as Resilience Mechanism}, abstract = {The resilience of services in the Internet has become an important issue and is expected to become even more important in the future. Virtualization is one of the means which can be deployed for resilience purposes. In this paper we follow a systematic approach to the use of virtualization to increase the resilience of network services. First, we provide an analysis of the potential failures of services running within Virtual Machines (VM) and how VM migration or replication can be used to address these failures. Then, we address the problem of re--establishing connectivity between a service and its clients upon successful migration, by leveraging results from mobility research. A special focus is given to wide--area VM migration, since it is considered as the solution for some difficult failures, e.g., large--scale failures due to natural disasters.}, year = {2011}, month = {Oct.}, isbn = {978--1--4577--1624--9}, DOI = {10.1109/SRDSW.2011.16}, booktitle = {Proc. of the Int'l Workshop on Network Resilience: From Research to Practice (WNR2011)}, publisher = {IEEE}, howpublished = {2011 IEEE 30th Symposium on Reliable Distributed Systems Workshops}, pages = {72----77}, keywords = {Network virtualization; Virtual machine migration; Wide--area migration; Network Resilience}, tags = {ResumeNet, EuroNF}, web_url = {https://ieeexplore.ieee.org/document/6076817}, web_url2 = {http://www--nas.et.tudelft.nl/wnr/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fischer2011b.pdf} } @Inproceedings { Berl2010c, author = {Berl, Andreas and de Meer, Hermann}, title = {A Virtualized Energy--Efficient Office Environment}, abstract = {The energy efficiency of information and communication technology becomes more and more important due to the raise of energy costs and the world wide desire to reduce CO2 emissions. Data centers have been in the focus concerning their energy efficiency lately, however, also office hosts that are located outside of data centres consume huge amounts of energy (e.g., in public administration or companies). Such office environments promise a high potential in terms of energy savings ---- a significant number of hosts remains to be turned on 24 hours per day while being mostly underutilized. This paper investigates the energy consumption in office environments and discusses the potential of energy savings. An energy--efficient office management approach is suggested, based on resource virtualization, power management, and resource sharing. Additionally, the paper evaluates simulation results concerning energy consumption and service provision in the managed office environment. The evaluation indicates that about 75% of energy savings are achievable in office environments without a significant interruption of provided services.}, year = {2010}, isbn = {978--1--4503--0042--1}, DOI = {10.1145/1791314.1791317}, booktitle = {Proc. of the 1st ACM SIGCOMM Int'l Conf. On Energy--Efficient Computing and Networking (e--Energy 2010)}, publisher = {ACM}, pages = {11----20}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green, GLab{\textunderscore}related}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2010c.pdf} } @Inproceedings { Kloch2010a, author = {Kloch, Kamil and Kantelhardt, Jan W. and Paul, Lukowicz and Wuechner, Patrick and de Meer, Hermann}, title = {Ad--Hoc information spread between mobile devices: a case study in analytical modeling of controlled self--organization in IT systems}, abstract = {We present an example of the use of analytical models to predict global properties of large--scale information technology systems from the parameters of simple local interactions. The example is intended as a first step towards using complex systems modeling methods to control self--organization in organic systems. It is motivated by a concrete application scenario of information distribution in emergency situations, but is relevant to other domains such as malware spread or social interactions. Specifically, we show how the spread of information through ad--hoc interactions between mobile devices depends on simple local interaction rules and parameters such as user mobility and physical interaction range. We show how three qualitatively different regimes of information 'infection rate' can be analytically derived and validate our model in extensive simulations.}, year = {2010}, isbn = {978--3--642--11949--1}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/978--3--642--11950--7}, booktitle = {Proc. of 23rd Int'l Conf. on Architecture of Computing Systems (ARCS 2010)}, volume = {5974}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {101----112}, tags = {EuroNF, Socionical}, web_url = {https://link.springer.com/chapter/10.1007/978--3--642--11950--7{\textunderscore}10}, web_url2 = {http://www.sra.uni--hannover.de/arcs2010/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Kloch2010a.pdf}, note = {The original publication is available at www.springerlink.com (2010)} } @Inproceedings { Basmadjian2010a, author = {Basmadjian, Robert and de Meer, Hermann}, title = {An Approach to Reduce the Energy Cost of the Arbitrary Tree Replication Protocol}, abstract = {Until recently, there have been no efforts of devising energy--efficient replication protocols for large--scale distributed systems. In this paper, we introduce an approach that reduces the energy cost of a particular tree--structured replication protocol. We show that, by shutting down some replicas and by a simple logical structural transformation (rearrangement), our approach achieves comparable characteristics as the original protocol, yet with much reduced energy cost as well as overall energy consumption. The logical transformation does not necessitate the reconfiguration of the protocol whenever energy efficiency requirements change.}, year = {2010}, isbn = {978--1--4503--0042--1}, DOI = {10.1145/1791314.1791338}, booktitle = {Proc. of the ACM SIGCOMM 1st Int'l Conf. on Energy--Efficient Computing and Networking (e--Energy 2010)}, publisher = {ACM}, pages = {151----158}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green}, file_url = {http://www.net.fim.uni--passau.de/pdf/Basmadjian2010a.pdf} } @Inproceedings { Abid2010c, author = {Abid, Mohamed Amine and Belghith, Abdelfettah}, title = {Asynchronous locally self adjusted routing protocol for mobile multi hop ad hoc networks}, abstract = {In this paper, we propose a novel routing algorithm based on the network cartography which is collected using an asynchronous distributed cartography gathering algorithm. Each node senses its own dynamics and chooses locally an appropriate routing size. As such stationary nodes generate little signaling traffic, however fast moving nodes choose small routing periods to mitigate the effect of mobility. Moreover, every node integrates a self regulating process that dynamically regulates the already chosen routing period to track the timely evolution of the node dynamics. The performance of our proposed routing protocol are evaluated and compared to the known OLSR through extensive simulations. First, we show that the collected network cartography maintains over time a validity ratio above 97 percent even for high node speed. Second, while our proposed routing protocol provides around 97 percent routing validity, the OLSR can hardly deliver more than 60 percent. Third, the proposed protocol provides much more throughput than OLSR and much less end to end delay at moderate to high speeds and workloads.}, year = {2010}, organization = {IEEE}, booktitle = {Computer Systems and Applications (AICCSA), 2010 IEEE/ACS International Conference on}, pages = {1----8}, file_url = {https://ieeexplore.ieee.org/document/5586998} } @Inproceedings { Paler2010a, author = {Paler, Alexandru and Fischer, Andreas and de Meer, Hermann}, title = {Demonstrating Distributed Virtual Networks}, abstract = {The current internet is commonly perceived as being too inflexible. Network Virtualization has been recognized lately as a method to overcome these limitations. Previous implementations of Virtual Network (VN) deployment software either provided limited access to the network layer (like PlanetLab), or focused only on specific application scenarios (like VNUML or VLAN). A first step toward the expected flexibility, with a solution that is both universal and thorough, is the implementation of network virtualization using system virtualization approaches.}, year = {2010}, booktitle = {Proc. of the 1st European Conf. Towards a Service--Based Internet (ServiceWave 2010)}, volume = {6481}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {229----230}, keywords = {Future internet; Virtual networks; Virtual network deployment}, tags = {AutoI, EuroNF}, web_url2 = {https://link.springer.com/chapter/10.1007/978--3--642--17694--4{\textunderscore}36}, file_url = {http://www.net.fim.uni--passau.de/pdf/Paler2010a.pdf}, note = {The original publication is available at www.springerlink.com (2010)} } @Inproceedings { Lovasz2010b, author = {Lovasz, Gergoe and Niedermeier, Florian and Steichen, Michel and Reuther, Bernd and de Meer, Hermann and Mueller, Paul}, title = {Ener--G: A Generic Approach for Modeling Energy Consumption}, abstract = {For the last couple of years, due to ecological as well as economical reasons, energy efficiency of ICT has become a major issue. Leading manufacturers of IT equipment advertise with 'green' and energy--efficient products. Steadily increasing energy consumption in data centers [1], as well as high electricity costs prompt organizations, companies, and administration to decrease the energy consumption of their IT infrastructures. With technologies like virtualization [2]--[5] and live migration of virtual machines [6], tools are given that allow a dynamic and automatic resource allocation. Combined with load--based energy consumption models of infrastructurecomponents (e.g. servers, storage, routers, switches, etc.) and the monitoring of their energy--related properties, especially their load, such techniques can be used to increase the energy efficiency of IT infrastructures.}, year = {2010}, booktitle = {Proc. of the 10th Wuerzburg Workshop on IP: Joint ITG, ITC, and Euro--NF Workshop on ,,Visions of Future Generation Networks'' (EuroView 2010)}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green, GLab{\textunderscore}EnerG}, web_url2 = {http://www.euroview2010.com/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Lovasz2010b.pdf} } @Inproceedings { Lovasz2010a, author = {Lovasz, Gergoe and Niedermeier, Florian and de Meer, Hermann}, title = {Energy--Efficient Management of Physical and Virtual Resources -- A Holistic Approach}, abstract = {The spreading of information and communication technology has contributed much to the reduction of energy consumption in many areas of everyday life. Nevertheless the energy consumption of information and communication technology itself is rapidly growing and has to be dealt with. Currently used approaches focus mostly on the reduction of hardware energy consumption. This paper presents a vision of a holistic approach for reducing energy consumption in future communication infrastructures. Beside energy--efficient hardware as well as protocols that support the energy--efficient operation of communicating devices, the main focus of this paper is energy--efficient resource management. According to the Principle of Economic Efficiency, a limitation of resource provision is suggested by encapsulating applications in virtual machines with fixed resource requirements, together with the determination of an energy--minimal subset of resources on which applications are consolidated and which is able to fulfill the application requirements without over--provisioning.}, year = {2010}, month = {April}, isbn = {978--2--917490--10--5}, booktitle = {Proc. of the COST Action IC0804 on Energy Efficiency in Large Scale Distributed Systems -- 1st year}, publisher = {COST Office}, pages = {80----83}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green, GLab{\textunderscore}EnerG}, file_url = {http://www.net.fim.uni--passau.de/pdf/Lovasz2010a.pdf} } @Inproceedings { Berl2010e, author = {Berl, Andreas and de Meer, Hermann}, title = {Energy--Efficient Office Environments}, abstract = {The rising costs of energy and the world--wide desire to reduce CO2 emissions has led to an increased concern over the energy efficiency of information and communication technology. Whilst much of this concern has focused on data centres, also office hosts that are located outside of data centres (e.g., in public administration or companies) have been identified as significant consumers of energy. Office environments offer great potential for energy savings, given that computing equipment often remains powered for 24 hours per day, and for a large part of this period is underutilised or even idle. This paper investigates the energy consumption of hosts in office environments, discusses the potential of energy savings and proposes an energy--efficient office management approach based on resource virtualization, power management, and service consolidation. Different virtualization techniques are used to enable management and consolidation of office resources. Idle services are stopped from consuming resources on the one hand and (underutilized) services are consolidated on a smaller number of hosts on the other hand.}, year = {2010}, month = {July}, isbn = {978--2--917490--10--5}, booktitle = {Proc. of the COST Action IC0804 on Energy Efficiency in Large Scale Distributed Systems -- 1st year}, publisher = {IRIT}, editor = {Pierson, Jean--Marc and Hlavacs, Helmut}, pages = {101----105}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green, GLab{\textunderscore}related}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2010e.pdf} } @Inproceedings { Wuechner2010b, author = {Wuechner, Patrick and Sztrik, J{\'a}nos and de Meer, Hermann}, title = {Finite--Source Retrial Queues with Applications}, abstract = {We consider a single--server retrial queueing system with a finite number of homogeneous sources generating requests after a random time. The service of an arriving customer finding the server idle starts immediately; otherwise the request enters into an orbit from where the calls are repeated after a random time. Upon completion of a service, with a certain probability the server searches for an orbiting customer. We assume the search time to be negligible. While modeling generation, retrial, and service times by their first two moments, we are interested in steady--state performance measures. The novelty of the investigation is the discussion of the second moment's effect on the performance of finite--source retrial queues with orbital search. The MOSEL--2 tool is used to formulate and solve the problem resulting in various illustrative numerical examples showing the effect of the moments and the search probability on the mean response time of the requests.}, year = {2010}, month = {Jan.}, booktitle = {Proc. of the 8th Int'l Conf. on Applied Informatics}, volume = {2}, pages = {275----285}, keywords = {Retrial queueing systems; Finite number of sources; Orbital search; Performance tool; Performance measures; Hypoexponential distribution; Generalized exponential distribution}, tags = {EuroNF, Socionical, ResumeNet, DFG{\textunderscore}MathMod}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2010b.pdf} } @Inproceedings { Basmadjian2010b, author = {Basmadjian, Robert and Bunse, Christian and Georgiadou, Vasiliki and Giuliani, Giovanni and Klingert, Sonja and Lovasz, Gergoe and Majanen, Mikko}, title = {FIT4Green -- Energy aware ICT Optimization Policies}, abstract = {Protecting the environment by saving energy and thus reducing carbon dioxide emissions is one of today's hottest and most challenging topics and is of a rapidly growing importance in the computing domain. The motivation and reasons for optimizing energy consumption from ecological and business perspectives are clear. However, the technical realization still is way behind expectations. One reason might be that technical problems range from pure hardware issues (e.g., low--power devices, energy harvesting, etc.) to software to cooling issues. This paper discusses recent findings and first ideas regarding policies and strategies for energy optimization and the development of a generic plug--in for managing data centers, accompanied by the introduction of the concept of ,,Green Service Level Agreements (GSLA).''We discuss the general structure (generic architecture) of the plug--in and sketch some of the embedded policies. It is also to be noted that all results are part of the recently started FIT4Green project, funded by the European Union.}, year = {2010}, month = {April}, isbn = {978--2--917490--10--5}, booktitle = {Proc. of the COST Action IC0804 on Energy Efficiency in Large Scale Distributed Systems -- 1st year}, publisher = {COST Office}, editor = {Pierson, Jean--Marc and Hlavacs, Helmut}, keywords = {FIT4Green; Energy; Optimization; Policies; SLA; Data Centre}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green, GLab{\textunderscore}related}, file_url = {http://www.net.fim.uni--passau.de/pdf/Basmadjian2010b.pdf} } @Inproceedings { Galis2010a, author = {Galis, Alex and Clayman, Stuart and Fischer, Andreas and Paler, Alexandru and de Meer, Hermann and Al--Hazmi, Yahya and Cheniour, Abderhaman and Mornard, Olivier and Gelas, Jean and Lef{\`e}vre, Laurent and Loyola, Javier and Astorga, Antonio and Serrat, Joan and Davy, Steven}, title = {Future Internet Management Platforms for Network Virtualisation and Service Clouds}, abstract = {This paper presents a number of service--centric platforms and demonstrations that have been developed by the FP7 Autonomic Internet project with the aim to create a flexible environment for autonomic deployment and management of Virtual Networks (VN) and Services as validated on large--scale testbeds.}, year = {2010}, DOI = {10.1007/978--3--642--17694--4{\textunderscore}39}, booktitle = {Proc. of the 3rd European Conf. on Towards a Service--Based Internet (ServiceWave 2010)}, volume = {6481}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, editor = {Di Nitto, Elisabetta and Yahyapour, Ramin}, pages = {235----237}, keywords = {Service and Virtual Networks deployment and management}, tags = {AutoI, EuroNF}, web_url2 = {https://link.springer.com/chapter/10.1007/978--3--642--17694--4{\textunderscore}39}, note = {The original publication is available at www.springerlink.com (2010)} } @Inproceedings { Paterok2010a, author = {Paterok, Martin and W{\"u}chner, Patrick and de Meer, Hermann}, title = {In Memory of Dr. Gunter Bolch}, abstract = {The MMB Special Interest Group mourns for a highly valued member. Gunter Bolch died on May 29, 2008 in Erlangen, after a serious illness. He was very open minded, a beautifully moderate person, and a friend in its truest meaning. With MMB, he shared his academic passion of performance modelling, in general, and queueing networks, in particular.}, year = {2010}, month = {March}, isbn = {978--3--642--12103--6}, booktitle = {Proc. of the 15th Int'l GI/ITG Conf. on Measurement, Modelling and Evaluation of Computing Systems and Dependability and Fault Tolerance (MMB \\& DFT 2010)}, volume = {5987}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {3----7}, tags = {MOSEL2}, file_url = {http://www.net.fim.uni--passau.de/pdf/Paterok2010a.pdf}, note = {The original publication is available at www.springerlink.com (2010)} } @Incollection { Rubio-Loyola2010a, author = {Rubio--Loyola, Javier and Astorga, Antonio and Serrat, Joan and Lef{\`e}vre, Laurent and Cheniour, Abderhaman and Muldowney, David and Davy, Steven and Galis, Alex and Mamatas, Lefteris and Clayman, Stuart and Macedo, Daniel and Movahedi, Zeinab and Pujolle, Guy and Fischer, Andreas and de Meer, Hermann}, title = {Manageability of Future Internet Networks from a Practical Viewpoint}, abstract = {The Autonomic Internet project [1] approach relies on abstractions and distributed systems of a five plane solution for the provision of Future Internet Services (OSKMV): Orchestration, Service Enablers, Knowledge, Management and Virtualisation Planes. This paper presents a practical viewpoint of the manageability of virtual networks, exercising the components and systems that integrate this approach and that are being validated. This paper positions the distributed systems and networking services that integrate this solution, focusing on the provision of Future Internet services for self--configuration and self--performance management scenes.}, year = {2010}, month = {May}, DOI = {10.3233/978--1--60750--539--6--105}, booktitle = {Towards the Future Internet -- Emerging Trends from European Research}, publisher = {IOS Press}, pages = {105----114}, tags = {AutoI, EuroNF}, web_url2 = {https://ebooks.iospress.nl/publication/30724} } @Article { Arkoulis2010a, author = {Arkoulis, Stamatios and Marias, Giannis F. and Frangoudis, Pantelis A. and Oberender, Jens O. and Popescu, Alexandru and Fiedler, Markus and de Meer, Hermann and Polyzos, George C.}, title = {Misbehavior Scenarios in Cognitive Radio Networks}, abstract = {Recent advances in the fields of Cognitive Radio and the proliferation of open spectrum access promise that spectrum--agile wireless communication will be widespread in the near future, and will bring significant flexibility and potential utility improvements for end users. With spectrum efficiency being a key objective, most relevant research focuses on smart coexistence mechanisms. However, wireless nodes may behave selfishly and should be considered as rational autonomous entities. Selfishness, pure malice or even faulty equipment can lead to behavior that does not conform to sharing protocols and etiquette. Thus, there is a need to secure spectrum sharing mechanisms against attacks in the various phases of the sharing process. Identifying these attacks and possible countermeasures is the focus of this work.}, year = {2010}, issn = {1999--5903}, DOI = {10.3390/fi2030212}, journal = {Future Internet}, volume = {2}, pages = {212----237}, number = {3}, keywords = {Spectrum sharing; Dynamic spectrum access; Security; Wireless network access}, tags = {EuroNF, EuroNF{\textunderscore}GOVPIMIT}, file_url = {http://www.net.fim.uni--passau.de/pdf/Arkoulis2010a.pdf} } @Incollection { Berl2010a, author = {Wehrle, Klaus and Gnes, Mesut and Gross, James}, title = {Modeling Mobility}, abstract = {In wireless networks, communication can take place based on an infrastructure (e.g. WLAN access point or GPRS base station) or it can take place in ad--hoc mode, where mobile devices are connected directly to each other and care for the routing by themselves (mobile ad--hoc networks). When such wireless networks are investigated and simulations are performed, it is often necessary to consider the movement of entities within the simulated environment.}, year = {2010}, month = {June}, isbn = {978--3--642--12330--6}, booktitle = {Modeling and Tools for Network Simulation}, edition = {1st}, publisher = {Springer--Verlag}, editor = {Wehrle, Klaus and Guenes, Mesut and Gross, James}, pages = {327----339}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2010a.pdf}, note = {The original publication is available at www.springerlink.com (2010)} } @Article { Holzer2010a, author = {Holzer, Richard and W{\"u}chner, Patrick and de Meer, Hermann}, title = {Modeling of Self--Organizing Systems: An Overview}, abstract = {This paper gives a systematic overview on modeling formalisms suitable for modeling self--organizing systems. We distinguish between micro--level modeling and macro--level modeling. On the micro level, the behavior of each entity and the interaction between different object must be described by the model. Macro--level modeling abstracts from the individual entities and only looks at the behavior of the system variables of interest. The differentiations between discrete and continuous time and between discrete and continuous state space lead to different descriptions of the model.}, year = {2010}, issn = {1863--2122}, booktitle = {Workshop ueber Selbstorganisierende, adaptive, kontextsensitive verteilte Systeme ({SAKS} 2010)}, journal = {Electronic Communications of the EASST}, volume = {27}, publisher = {EASST}, editor = {David, Klaus and Zapf, Michael}, pages = {1----12}, keywords = {Self--organization; Modeling; Systems}, tags = {Socionical, ResumeNet, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Holzer2010a.pdf} } @Inproceedings { Lovasz2010c, author = {Lovasz, Gergoe and Niedermeier, Florian and Ali, Nasir and Basmadjian, Robert and de Meer, Hermann}, title = {Modeling Power Consumption of the G--Lab Platform to Enable an Energy--Efficient Provision of Services}, abstract = {This abstract focuses on the development of load--based power consumption models for a standard G--Lab server as an important step of the holistic approach towards energy--efficient future networks and an energy--efficient G--Lab infrastructure.}, year = {2010}, month = {Nov.}, booktitle = {Proc. of the 6th GI/ITG KuVS Workshop on Future Internet (KuVS 2010)}, keywords = {Energy efficiency; Modeling; G--Lab}, tags = {GLab{\textunderscore}EnerG, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Lovasz2010c.pdf} } @Article { Berl2010d, author = {Berl, Andreas and Race, Nicholas and Ishmael, Johnathan and de Meer, Hermann}, title = {Network Virtualization in Energy--Efficient Office Environments}, abstract = {The rising costs of energy and world--wide desire to reduce CO2 emissions has led to an increased concern over the energy efficiency of information and communication technology. Whilst much of this concern has focused on data centres, office environments (and the computing equipment that they contain) have also been identified as a significant consumer of energy. Office environments offer great potential for energy savings, given that computing equipment often remains powered for 24 h per day, and for a large part of this period is underutilised or idle. This paper proposes an energy--efficient office management approach based on resource virtualization, power management, and resource sharing. Evaluations indicate that about 75% energy savings are achievable in office environments without a significant interruption of provided services. A core element of this office management is a peer--to--peer network that interconnects office hosts, achieves addressing and mediation, and manages energy efficiency within the office environment. Several peer--to--peer approaches are suggested and discussed in this paper. Two of the approaches are evaluated, based on a discrete--event simulation.}, year = {2010}, month = {Nov.}, issn = {1389--1286}, DOI = {10.1016/j.comnet.2010.07.019}, journal = {Computer Networks (ComNet)}, volume = {54}, publisher = {Elsevier B.V.}, pages = {2856----2868}, number = {16}, keywords = {Energy efficiency; Office environment; Virtualization; Peer--to--peer; Power management; Resource sharing}, tags = {EuroNF, COST{\textunderscore}IC0804, FIT4Green, GLab{\textunderscore}related}, web_url2 = {https://www.sciencedirect.com/science/article/abs/pii/S1389128610002513?via%3Dihub}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2010d.pdf} } @Inproceedings { Ali2010a, author = {Ali, Muhammad and Bussard, Laurent and Pinsdorf, Ulrich}, title = {Obligation Language and Framework to Enable Privacy--Aware SOA}, abstract = {Privacy policies defines rights and obligations on data (e.g. personally identifiable information) collected by services. Tackling privacy policies in a service oriented architecture spanning multiple trust domains is difficult because it requires a common specification and distributed enforcement. This paper focuses on the specification and enforcement of obligations. We describe the requirements, the resulting language, and its implementation. Finally, we compare our results with obligation support in the state of the art. The key contribution of this work is to bridge the gap between specific mechanisms to enforce obligations and underspecified support for obligations in today’s access control and data handling policy languages.}, year = {2010}, isbn = {978--3--642--11206--5}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/978--3--642--11207--2{\textunderscore}3}, booktitle = {Proc. of the 4th Int'l Workshop on Data Privacy Management (DPM 2009) and the 2nd Int'l Workshop on Autonomous Spontaneous Security (SETOP 2009)}, volume = {5939}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, editor = {Garcia--Alfaro, Joaquin and Navarro--Arribas, Guillermo and Cuppens--Boulahia, Nora and Roudier, Yves}, pages = {18----32}, affiliation = {European Microsoft Innovation Center Ritterstr. 23 52072 Aachen Germany}, keywords = {Privacy; Obligations; Policy languages}, file_url = {http://www.net.fim.uni--passau.de/pdf/Ali2010a.pdf}, note = {The original publication is available at www.springerlink.com (2010)} } @Article { Abid2010a, author = {Abid, Mohamed Amine and Belghith, Abdelfettah}, title = {Period size self tuning to enhance routing in manets}, abstract = {In this paper, the authors propose a novel routing protocol driven by an asynchronous distributed cartography gathering algorithm. Each node senses its own dynamics and chooses locally an appropriate routing period size. As such stationary nodes generate little signaling traffic; fast moving nodes choose small routing periods to mitigate the effect of their mobility. Moreover, every node integrates a self regulating process that dynamically and constantly calibrates the chosen routing period to track changes in its dynamics. The performances of this proposed routing protocol are evaluated and compared to the known Optimized Link State Routing (OLSR) protocol through extensive simulations. The paper shows that the collected network cartography maintains a validity ratio near 100% even for high node speeds. The authors illustrate that the proposed routing protocol provides around 97% routing validity while the OLSR can hardly deliver more than 60% at moderate to high speeds and workloads. Finally, the protocol provides better throughput than OLSR, reaching a 50% increase at moderate to high speeds and workloads far less end--to--end delays.}, year = {2010}, DOI = {10.4018/jbdcn.2010100102}, journal = {International journal of Business Data Communications and Networking (IJBDCN)}, volume = {6}, publisher = {IGI Global}, pages = {21----37}, number = {4}, web_url = {https://www.igi--global.com/gateway/article/47312} } @Inproceedings { Rubio-Loyola2010b, author = {Rubio--Loyola, Javier and Astorga, Antonio and Serrat, Joan and Chai, Wei K. and Mamatas, Lefteris and Galis, Alex and Clayman, Stuart and Cheniour, Abderhaman and Lef{\`e}vre, Laurent and Mornard, Olivier and Fischer, Andreas and Paler, Alexandru and de Meer, Hermann}, title = {Platforms and Software Systems for an Autonomic Internet}, abstract = {The current Internet does not enable easy introduction and deployment of new network technologies and services. This paper aims to progress the Future Internet (FI) by introduction of a service composition and execution environment that re--use existing components of access and core networks. This paper presents essential service--centric platforms and software systems that have been developed with the aim to create a flexible environment for an Autonomic Internet.}, year = {2010}, month = {Dec.}, issn = {1930--529X}, booktitle = {Proc. of the IEEE Global Communications Conf. (IEEE GLOBECOM 2010)}, pages = {1----6}, keywords = {Future Internet; Autonomic internet; Component reuse; Network services; Network technology; Service composition; Service execution environment; Service--centric platform; Software systems; Internet; Software architecture; Software fault tolerance; Software reusability}, tags = {AutoI, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Rubio--Loyola2010b.pdf} } @Inproceedings { Polyzos2010a, author = {Polyzos, George C. and Marias, Giannis F. and Fotiou, Nikos and Fiedler, Markus and Herkenhoener, Ralph and de Meer, Hermann}, title = {Privacy and Governance Considerations for the Internet of Things}, abstract = {The Internet of Things (IoT) is an emerging form of internetworking in which various real--world ''objects'' are interconnected. While the (IoT) opens the ground for new, innovative technologies, it raises significant privacy and governance challenges. This presentation aims at stimulating the discussion around the privacy and governance concerns in the IoT.}, year = {2010}, booktitle = {Proc. of the 3rd Euro--NF IA.7.5 Workshop on Socio--Economic Aspects of Networks of the Future}, tags = {EuroNF{\textunderscore}GOVPIMIT, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Polyzos2010a.pdf} } @Proceedings { DeMeer2010a, author = {de Meer, Hermann and Singh, Suresh and Braun, Torsten}, title = {Proceedings of the e--Energy 2010 1st International Conference on Energy--Efficient Computing and Networking}, abstract = {e--Energy 2010 is the first international conference on energy--efficient computing and networking. The spreading of Information and Communication Technology (ICT) has contributed much to the reduction of energy consumption in many areas of everyday life. Nevertheless ICT has to move ahead and be more energy--efficient itself. The conference addresses the fields of servers and communication infrastructures, services in data centers, end--systems in home and office environments, sensor networks, and future networks such as the Future Internet.}, year = {2010}, month = {April}, isbn = {978--1--4503--0042--1}, publisher = {ACM}, address = {New York, NY, USA}, editor = {De Meer, Hermann and Singh, Suresh and Braun, Torsten}, tags = {GLab{\textunderscore}related, FIT4Green, COST{\textunderscore}IC0804, EuroNF}, web_url = {https://dl.acm.org/action/showFmPdf?doi=10.1145/1791314}, web_url2 = {https://www.fim.uni--passau.de/en/computer--networks/research/books--and--special--issues/proceedings--of--the--e--energy--2010/}, note = {General Co--Chairs: Katz, Randy and Hutchison, David} } @Article { Hauff2010a, author = {Hauff, Harald and Baerwald, Andreas and Mottok, Juergen}, title = {Sichere Werkzeuge f{\"u}r sichere Systeme! ---- Qualifizierung und Zertifizierung von Software--Entwicklungswerkzeugen fuer sicherheitsgerichtete Systeme}, abstract = {Werkzeugunterstuetzte Entwicklung spielt in der funktionalen Sicherheit und IT--Sicherheit eine entscheidende Rolle, wird doch bei hoeheren Sicherheitsintegritaetsstufen (SIL3) oder Evaluationsstufen (EAL3) die Anforderung hinsichtlich der Verwendung von Werkzeugen in den Phasen des Lebenszyklus in den einschlaegigen Normen eindeutig adressiert. Korrektheit, Integritaet und Verfuegbarkeit der Werkzeuge sind daher die ausserordentlichen Anforderungen an die Werkzeuge und eine Herausforderung fuer die Anwender.}, year = {2010}, month = {Jan.}, journal = {Hanser automotive}, volume = {2010}, publisher = {Carl Hanser Verlag}, pages = {34----39}, number = {01----02} } @Inproceedings { Abid2010b, author = {Belghith, Abdelfettah and Abid, Mohamed Amine}, title = {Stability routing with constrained path length}, abstract = {Quality of Service (QoS) routing is known to be an NP--hard problem in case of two or more additive constraints and several exact algorithms and heuristics have been proposed to address this issue. In this work, we consider a particular two--Constrained Quality of Service Routing Problem where one constraint is superlative and the other is comparative. We consider the superlative constraint to represent the path stability and the comparative constraint to represent the path length in hops. As such, we are proposing to solve the problem of finding the most stable path not exceeding C hops. We propose an exact polynomial algorithm based on the Extended Bellman--Ford algorithm (EBFA) to solve a two quality of service constraints problem. Besides, we extend our algorithm to compute all routes from a given source node towards all the remaining nodes in the network with almost no additional cost.}, year = {2010}, DOI = {10.1109/ICWUS.2010.5670432}, organization = {IEEE}, booktitle = {Communication in Wireless Environments and Ubiquitous Systems: New Challenges (ICWUS), 2010 International Conference on}, pages = {1----7}, web_url = {https://ieeexplore.ieee.org/document/5670432} } @Inproceedings { Herkenhoener2010a, author = {Herkenhoener, Ralph and de Meer, Hermann and Jensen, Meiko and Poehls, Henrich}, title = {Towards Automated Processing of the Right of Access in Inter--organizational Web Service Compositions}, abstract = {Enforcing the right of access to personal data usually is a long--running process between a data subject and an organization that processes personal data. As of today, this task is commonly realized using a manual process based on postal communication or personal attendance and ends up conflicting with trade secret protection. In this paper, we present an automated architecture to enable exercising the right of access in the domain of inter--organizational business processes based on Web Services technology. Deriving its requirements from the legal, economical, and technical obligations, we show the architecture's overall approach solving the conflict between trade secret and exercising the right of access.}, year = {2010}, month = {July}, DOI = {10.1109/SERVICES.2010.56}, booktitle = {Proc. of the IEEE 2010 Int'l Workshop on Web Service and Business Process Security (WSBPS 2010)}, pages = {645----652}, keywords = {Automated architecture; Automated processing; Economical obligation; Interorganizational web service composition; Interorganizational business processes; Legal obligation; Personal data access; Postal communication; Right of access; Technical obligation; Web services; authorisation; Business data processing; Digital rights management; Information retrieval; Law administration}, tags = {EFRE{\textunderscore}ITSEC, EuroNF, inSel}, web_url2 = {https://ieeexplore.ieee.org/document/5575518}, file_url = {http://www.net.fim.uni--passau.de/pdf/Herkenhoener2010a.pdf} } @Article { Berl2010b, author = {Berl, Andreas and Fischer, Andreas and de Meer, Hermann}, title = {Virtualisierung im Future Internet -- {V}irtualisierungmethoden und Anwendungen}, abstract = {Das Future Internet stellt sich der Herausforderung, die Verknoecherung und die Unzulaenglichkeiten des heutigen Internets zu ueberwinden. Es soll beispielsweise robust, zuverlaessig und fehlertolerant sein und dabei Dienste auf energieeffiziente Weise erbringen. Zusaetzlich muessen auch neue Anforderungen antizipiert werden, die zukuenftige Dienste und Netze stellen, um der Entwicklung von neuen Diensten und Protokollen nicht im Wege zu stehen. Erforderlich ist hierbei die Entwicklung einer aeusserst variablen und rekonfigurierbaren Netzwerkarchitektur, die eine moeglichst einfache und autonome Netzwerkverwaltung mit einschliesst. Die Virtualisierung von Host-- und Netzwerkressourcen stellt in diesem Zusammenhang eine der Schluesseltechnologien dar, mit der diese notwendige Flexibilitaet erreicht werden kann. Virtualisierung verbirgt die Komplexitaet von physikalischen Netzwerkinfrastrukturen und stellt homogene, flexible und dynamisch rekonfigurierbare virtuelle Ressourcen zur Verfuegung. Dieser Artikel gibt einen Ueberblick ueber verschiedene Host-- und Netzwerkvirtualisierungsmethoden. An mehreren Beispielen wird aufgezeigt, wie verschiedene Herausforderungen angegangen werden koennen, die sowohl im heutigen Internet als auch im Internet der Zukunft eine Rolle spielen.}, year = {2010}, month = {April}, issn = {0170--6012 (Print); 1432--122X (Online)}, DOI = {10.1007/s00287--010--0420--z}, journal = {Informatik--{S}pektrum}, volume = {33}, publisher = {Springer--Verlag}, pages = {186----194}, number = {2}, tags = {AutoI, COST{\textunderscore}IC0804, EuroNF, FIT4Green, GLab{\textunderscore}related, ResumeNet}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2010b.pdf}, note = {The original publication is available at www.springerlink.com (2010)} } @Article { Jensen2009a, author = {Jensen, Meiko and Gruschka, Nils and Herkenhoener, Ralph}, title = {A survey of attacks on web services}, abstract = {Being regarded as the new paradigm for Internet communication, Web Services have introduced a large number of new standards and technologies. Though founding on decades of networking experience, Web Services are not more resistant to security attacks than other open network systems. Quite the opposite is true: Web Services are exposed to attacks well--known from common Internet protocols and additionally to new kinds of attacks targeting Web Services in particular. Along with their severe impact, most of these attacks can be performed with minimum effort from the attacker's side. This article gives a survey of vulnerabilities in the context of Web Services. As a proof of the practical relevance of the threats, exemplary attacks on widespread Web Service implementations were performed. Further, general countermeasures for prevention and mitigation of such attacks are discussed.}, year = {2009}, month = {Nov.}, issn = {1865--2034 (Print); 1865--2042 (Online)}, DOI = {10.1007/s00450--009--0092--6}, journal = {Computer Science -- Research and Development (CSRD)}, volume = {24}, publisher = {Springer--Verlag}, pages = {185----197}, number = {4}, keywords = {Web services; Security; Attacks; Denial of service; Flooding attacks; XML; WS--Security}, file_url = {http://www.net.fim.uni--passau.de/pdf/Jensen2009a.pdf}, note = {The original publication is available at www.springerlink.com (May 2009)} } @Inproceedings { Elmenreich2009a, author = {Elmenreich, Wilfried and D'Souza, Raissa and Bettstetter, Christian and de Meer, Hermann}, title = {A Survey of Models and Design Methods for Self--organizing Networked Systems}, abstract = {Self--organization, whereby through purely local interactions, global order and structure emerge, is studied broadly across many fields of science, economics, and engineering. We review several existing methods and modeling techniques used to understand self--organization in a general manner. We then present implementation concepts and case studies for applying these principles for the design and deployment of robust self--organizing networked systems.}, year = {2009}, month = {Dec.}, DOI = {10.1007/978--3--642--10865--5{\textunderscore}4}, booktitle = {Proc. of the 4th IFIP Int'l Workshop on Self--Organizing Systems (IWSOS 2009)}, volume = {5918}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, editor = {Spyropoulos, Thrasyvoulos and Hummel, Karin}, pages = {37----49}, affiliation = {University of Klagenfurt and Lakeside Labs, Austria}, tags = {EuroNF, Socionical}, web_url2 = {http://dx.doi.org/10.1007/978--3--642--10865--5{\textunderscore}4}, file_url = {http://www.net.fim.uni--passau.de/pdf/Elmenreich2009a.pdf}, note = {The original publication is available at www.springerlink.com (2009)} } @Inproceedings { Rubio-Loyola2009a, author = {Rubio--Loyola, Javier and Serrat, Joan and Astorga, Antonio and Fischer, Andreas and Berl, Andreas and de Meer, Hermann and Koumoutsos, Giannis}, title = {A Viewpoint of the Network Management Paradigm for Future Internet Networks}, abstract = {This paper presents a viewpoint of the management for the Future Internet. For this description we consider the architectural model developed by the EU IST Autonomic Internet ---- AUTOI ---- consortium for the management design of the Future Internet as a service-- and self--aware network that guarantees built--in orchestrated reliability, robustness, mobility, context, access, security, service support and self--management of the communication resources and services. The paper positions the autonomic network management approach taken by the AUTOI solution in a Future Internet scenario and describes the main interactions involved of the different distributed management systems running within the network in the context of the aforementioned scenario. The paper also provides a selection of the technical difficulties encountered so far while developing such a management approach.}, year = {2009}, month = {June}, isbn = {978--1--4244--3923--2}, booktitle = {Proc. of the 1st IFIP/IEEE Int'l Workshop on Management of the Future Internet (ManFI 2009)}, publisher = {IEEE}, pages = {93----100}, keywords = {EU 1ST autonomic Internet; Internet networks; Built--in orchestrated reliability; Communication resources; Communication services; Distributed management systems; Network management paradigm; Self--aware network; Service network; Service support; Internet; Computer network management; Telecommunication network reliability}, tags = {AutoI, DFG{\textunderscore}MoPi2, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Rubio--Loyola2009a.pdf} } @Inproceedings { Ali2009a, author = {Ali, Nasir and Scheuerman, Bjoern and Mauve, Martin}, title = {A Witness System for Vehicular Ad Hoc Networks}, abstract = {Searching for witnesses in case of road accidents is a challenging task for the police and involved persons. In this paper, we propose a mechanism that helps to find witnesses. Our solution preserves the potential witnesses’ anonymity and gives them a free hand to decide whether to step forward as a witness or not. We analyze the performance of our application using a realistic model of a German city.}, year = {2009}, month = {Oct.}, isbn = {978--1--4244--4488--5}, DOI = {10.1109/LCN.2009.5355056}, booktitle = {Proc. of the 34th IEEE Conf. on Local Computer Networks (LCN 2009) -- Includes the 3rd IEEE LCN Workshop On User MObility and VEhicular Networks (ON--MOVE 2009)}, publisher = {IEEE}, pages = {673----674}, web_url2 = {http://www.ieee--lcn--onmove.org/onmove2009/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Ali2009a.pdf} } @Inproceedings { Berl2009b, author = {Berl, Andreas and de Meer, Hermann}, title = {An Energy--Efficient Distributed Office Environment}, abstract = {Energy efficiency in the field of information and communication technology becomes increasingly important due to the increase in energy costs and the desire to reduce CO2 emissions. Office environments of public administration and companies promise high potential in terms of energy saving. In such environments a high number of hosts are operating on a 24/7 basis. This paper suggests an Energy--Efficient Distributed Office Environment that reduces the number of always--on hosts and raises the energy efficiency within office environments. It describes the suggested architecture and its key technologies. In addition, it evaluates the benefits of the architecture analytically and illustrates experimental results to evaluate resulting overhead.}, year = {2009}, month = {Oct.}, isbn = {978--0--7695--3835--8}, DOI = {10.1109/EMERGING.2009.13}, booktitle = {Proc. of the 1st Int'l Conf. on Emerging Network Intelligence (EMERGING 2009) -- Includes the 5th European Conf. on Universal Multiservice Networks (ECUMN 2009)}, pages = {117----122}, tags = {AutoI, COST{\textunderscore}IC0804, DFG{\textunderscore}MoPi2, EuroNF, FIT4Green, GLab{\textunderscore}related} } @Inproceedings { Bohra2009a, author = {Bohra, Nafeesa and de Meer, Hermann and Memon, Aftab A.}, title = {Analysing the Orbital Movement and Trajectory of LEO (Low Earth Orbit) Satellite Relative to Earth Rotation}, abstract = {Next generation of wireless Internet scenarios include LEOs (Low Earth Orbit Satellites). Lower altitudes of LEO constellations could allow global coverage while offering: low end--to--end propagation delay, low power consumption, and effective frequency usage both for the users and the satellite network. LEOs rotate asynchronously to the earth rotation. Fast movement of LEOs makes it necessary to include efficient mobility management. In past few years mobility patterns have been proposed by considering the full earth coverage constellation whereby, the rotation of earth was often assumed too negligible to be taken into account. The prime objective of this study is to provide facts and figures that show LEOs traverse relative to the rotation of earth. In order to analyse the orbital movement and trajectory of LEOs relative to earth rotation mathematical analysis have been done and justification have been made through equations.}, year = {2009}, isbn = {978--3--642--04259--1 (Print); 978--3--642--04260--7 (Online)}, issn = {1867--8211 (Print); 1867--822X (Online)}, DOI = {10.1007/978--3--642--04260--7{\textunderscore}1}, booktitle = {Proc. of the 1st Int'l Conf. on Personal Satellite Services (PSATS 2009)}, volume = {15}, publisher = {Springer--Verlag}, series = {Lecture notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering (LNICST)}, pages = {1----11}, keywords = {Orbital movement; Trajectory; LEOs}, tags = {EuroNF}, note = {The original publication is available at www.springerlink.com (2009)} } @Inproceedings { Belghith2009c, author = {Belghith, Abdelfettah and Abid, Mohamed Amine}, title = {Autonomic self tunable proactive routing in mobile ad hoc networks}, abstract = {Proactive routing in MANETs induces high signaling overhead. Increasing the routing period size, while it reduces such an overhead, prevents to correctly track frequent changes in the topology and impacts the validity of routing as time goes farther from the start of the routing period. Routes' validity plays a central leveraging mission to enhance network performances as forwarding through incorrect routes not only results in traffic wondering inside the network without ever being able to be delivered to their ultimate destinations but also over consumes valuable network resources. In this paper, we propose an autonomic self tuning approach to dynamically gauge the size of the routing period in a way to properly calibrate between the amount of signaling overhead and the routing validity to yield better performances. First, we propose a distributed algorithm to collect the network cartography. We then study the validity of this cartography as a function of time and mobility. The validity of the cartography is then used to dynamically and locally self regulate the routing period size in a way to calibrate the signaling overhead and the routing pertinence. Simulation results show that our proposed scheme not only is capable of correctly tracking changes in network dynamics but also outperforms conventional proactive algorithms by doubling the network throughput at moderate to high workloads.}, year = {2009}, organization = {IEEE}, booktitle = {Wireless and Mobile Computing, Networking and Communications, 2009. WIMOB 2009. IEEE International Conference on}, pages = {276----281} } @Inproceedings { Belghith2009d, author = {Belghith, Abdelfettah and Abid, Mohamed Amine}, title = {Cartography based self regulating proactive routing protocols in MANETs}, abstract = {Routing in Mobile Ad hoc Networks (MANETs) is central to their proper functioning. Mobility in such networks makes the routing a real challenging task. Although a host of studies has been reported in the literature evaluating the performance of proposed routing algorithms, a deeper insight reveals some residual malfunctioning. On the other hand, routes validity plays a central leveraging mission to enhance network performances. Forwarding through incorrect routes not only results in traffic wondering inside the network without ever being able to be delivered to their ultimate destinations but also over consumes valuable network resources. As nodes' mobility gets higher, the routing period gets smaller to be able to correctly tracks changes in the topology. An adequate trade off should then be found between the size of the routing period which controls the amount of traffic overhead and the validity of routes which governs the performances of the network.}, year = {2009}, organization = {IEEE}, booktitle = {Information Infrastructure Symposium, 2009. GIIS'09. Global}, pages = {1----8} } @Phdthesis { Houyou2009a, author = {Houyou, Amine Mohamed}, title = {Context--Aware Mobility: A Distributed Approach to Context Management}, abstract = {The recent development of a whole plethora of new wireless technologies, such as IEEE 802.11, IEEE 802.15, IEEE 802.16, UMTS, and more recently LTE, etc, has triggered several efforts to integrate these technologies in a converged world of transparent and ubiquitous wireless connectivity. Most of these technologies have evolved around a certain use case and with some user behaviour being assumed; however, there still lacks a holistic solution to adapt access to user needs, in an automatic and transparent manner. One major problem that has to be addressed first, is mobility management between heterogeneous wireless networks. Current mobility management solutions mostly originate from cellular networking systems, which are operator specific, centralised, and focused on a single link technology. In order to deal with the wireless diversity of future wireless and mobile Internet, a new approach is needed. Adaptive wireless connectivity that is tailored around the user needs and capabilities is named context--aware mobility management. Context refers to the information describing the surroundings of the user as well as his/her behaviour, and additional semantic information that could optimise the adaption process. Context management normally entails discovering and tracking context, reasoning based on the discovered information, then adapting (or acting) upon the context--aware application or system. This context management chain is adapted throughout the thesis to the task of context--aware mobility management. The added complexity is necessary to adapt the ubiquitous access to the condition of both the user and the surrounding networks, while assuming that overlapping wireless networks could still be managed in separate management domains. Linking these management domains and aggregatingthis composite information in the form of a network context is one of the major contributions of this work. An overlay--based solution takes into account this scattered nature of the context management system, which is modelled as a decentralised dynamic location--based service. The proposed architecture is generalised to support ubiquitous location--based services, and a design methodology is proposed to ensure the localised impact of mobility--led context retrieval overhead.}, year = {2009}, school = {University of Passau} } @Inproceedings { Belghith2009a, author = {Belghith, Abdelfettah and Abid, Mohamed Amine}, title = {Dynamically self adjustable proactive routing protocols for mobile ad hoc networks}, abstract = {Routing in Mobile Ad hoc Networks (MANETs) is central to their proper functioning. Mobility in such networks makes the routing a real challenging task. Routes validity plays a central leveraging mission to enhance network performances. Forwarding through incorrect routes not only results in traffic wandering inside the network without ever being able to be delivered to their ultimate destinations but also over consumes valuable network resources. As mobility of nodes gets higher, the routing period should be set smaller to be able to correctly track frequent changes in the topology. An adequate trade off should then be found between the size of the routing period which controls the amount of traffic overhead and the validity of routes which governs the performances of the network.}, year = {2009}, organization = {IEEE}, booktitle = {Local Computer Networks, 2009. LCN 2009. IEEE 34th Conference on}, pages = {506----513} } @Article { Berl2009f, author = {Berl, Andreas and Gelenbe, Erol and Di Girolamo, Marco and Giuliani, Giovanni and de Meer, Hermann and Quan Dang, Minh and Pentikousis, Kostas}, title = {Energy--Efficient Cloud Computing}, abstract = {Energy efficiency is increasingly important for future information and communication technologies (ICT), because the increased usage of ICT, together with increasing energy costs and the need to reduce green house gas emissions call for energy--efficient technologies that decrease the overall energy consumption of computation, storage and communications. Cloud computing has recently received considerable attention, as a promising approach for delivering ICT services by improving the utilization of data centre resources. In principle, cloud computing can be an inherently energy--efficient technology for ICT provided that its potential for significant energy savings that have so far focused on hardware aspects, can be fully explored with respect to system operation and networking aspects. Thus this paper, in the context of cloud computing, reviews the usage of methods and technologies currently used for energy--efficient operation of computer hardware and network infrastructure. After surveying some of the current best practice and relevant literature in this area, this paper identifies some of the remaining key research challenges that arise when such energy--saving techniques are extended for use in cloud computing environments.}, year = {2009}, month = {Aug.}, issn = {0010--4620 (Print); 1460--2067 (Online)}, DOI = {10.1093/comjnl/bxp080}, journal = {The Computer journal}, volume = {53}, publisher = {Oxford University Press}, pages = {1045----1051}, number = {7}, keywords = {Energy--efficient computing and networking; Energy--aware data centres; Cloud computing}, tags = {COST{\textunderscore}IC0804, EuroNF, FIT4Green, GLab{\textunderscore}related}, web_url2 = {http://comjnl.oxfordjournals.org/content/53/7/1045} } @Inproceedings { Abid2009b, author = {Abid, Mohamed Amine and Belghith, Abdelfettah}, title = {Etude de la pertinence et reajustement de la mod{\'e}lisation des reseaux ad hoc mobiles dans OMNeT++}, year = {2009}, booktitle = {International Symposium on Education and Distance Learning (EAD 2009), Hammam Sousse, Tunisie, 30 Juillet -- 1er Aout, 2009}, pages = {1----8} } @Inproceedings { Koliver2009a, author = {Koliver, Cristian and Farines, Jean--Marie and Busse, Barbara and de Meer, Hermann}, title = {Evaluating Streaming Rate Controllers: A Support Tool}, abstract = {The Internet has been experiencing a large growth of the multimedia traffic of applications performing over an RTP stack implemented on top of UDP/IP. Since UDP does not offer a congestion control mechanism (unlikely TCP), studies on the rate control schemes have been increasingly done. Usually, new proposes are evaluated, by simulation, in terms of criteria such as fairness towards competing TCP connections and packet losses. However, results related to other performance aspects -- quality achieved, overhead introduced by the control, and actual throughput after stream adaptation -- are difficult to obtain by simulation. In order to provide actual results about these criteria, we developed a comprehensive rate controlled video delivery tool for testing RTP--based controllers. The tool allows to easily incorporate new control schemes. In this paper, we describe the tool and the results achieved by using a LDA+ based controller.}, year = {2009}, isbn = {978--3--540--92891--1}, DOI = {10.1007/978--3--540--92892--8{\textunderscore}17}, booktitle = {Proc. of the 15th Int'l Conf. on Multimedia Modeling (MMM 2009)}, volume = {5371}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {163----174}, keywords = {Rate control; MPEG; RTP; Evaluation}, tags = {EuroNF}, note = {The original publication is available at www.springerlink.com (2009)} } @Article { Wuechner2009a, author = {W{\"u}chner, Patrick and Sztrik, J{\'a}nos and de Meer, Hermann}, title = {Finite--source M/M/S retrial queue with search for balking and impatient customers from the orbit}, abstract = {The present paper deals with a generalization of the homogeneous multi--server finite--source retrial queue with search for customers in the orbit. The novelty of the investigation is the introduction of balking and impatience for requests who arrive at the service facility with a limited capacity and FIFO queue. Arriving customers may balk, i.e., they either join the queue or go to the orbit. Moreover, the requests are impatient and abandon the buffer after a random time and enter the orbit, too. In case of an empty buffer, each server searches for a customer in the orbit after finishing service. All random variables involved in the model construction are supposed to be exponentially distributed and independent of each other. The primary aim of this analysis is to show the effect of balking, impatience, and buffer size on the steady--state performance measures. Concentrating on the mean response time, several numerical examples are investigated by the help of the MOSEL--2 tool used for creating the model and calculating the stationary characteristics.}, year = {2009}, month = {June}, journal = {Computer Networks (ComNet)}, volume = {53}, publisher = {Elsevier B.V.}, pages = {1264----1273}, number = {8}, keywords = {Performance modeling; Finite--source retrial queues; Orbital search; Balking customers; Impatient customers; MOSEL--2}, tags = {AutoI, DFG{\textunderscore}MathMod, EuroNF, ResumeNet, MOSEL2}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2009a.pdf}, note = {Performance of Computer Networks: Special Issue in Memory of Dr. Gunter Bolch.} } @Inproceedings { Abid2009a, author = {Abid, Mohamed Amine and Belghith, Abdelfettah}, title = {Functional enhancements of proactive routing in mobile ad hoc networks}, abstract = {Routing in mobile ad hoc networks (MANETs) is central to their proper functioning. Network dynamics make the routing a real challenging task. Although a host of studies has been reported in the literature evaluating the performance of proposed routing algorithms, a deeper insight reveals some residual malfunctioning: wall effects, looping and inconsistency. In this paper, we first unleash the cover on some interesting residual functional problems in proactive routing algorithms. We investigate through simulations the extent of these functional deficiencies. We then propose some simple and effective solutions. The effectiveness of our proposals are showed through various simulation scenarios. In particular, we show that even when control traffic is given a higher priority over normal data traffic, the malfunctioning persists and is only and totally removed when the proposed solutions are integrated.}, year = {2009}, organization = {IEEE}, booktitle = {New Technologies, Mobility and Security (NTMS), 2009 3rd International Conference on}, pages = {1----6} } @Inproceedings { Cudre-Mauroux2009a, author = {Cudre--Mauroux, Philippe and Haghani, Parisa and Jost, Michael and Aberer, Karl and de Meer, Hermann}, title = {idMesh: Graph--Based Disambiguation of Linked Data}, abstract = {We tackle the problem of disambiguating entities on the Web. We propose a user--driven scheme where graphs of entities ---- represented by globally identifiable declarative artifacts ---- self--organize in a dynamic and probabilistic manner. Our solution has the following two desirable properties: i) it lets end--users freely define associations between arbitrary entities and ii) it probabilistically infers entity relationships based on uncertain links using constraintsatisfaction mechanisms. We outline the interface between our scheme and the current data Web, and show how higher--layer applications can take advantage of our approach to enhance search and update of information relating to online entities. We describe a decentralized infrastructure supporting efficient and scalable entity disambiguation and demonstrate the practicability of our approach in a deployment over several hundreds of machines.}, year = {2009}, isbn = {978--1--60558--487--4}, booktitle = {Proc. of the 18th Int'l Conf. on World Wide Web (WWW 2009)}, publisher = {ACM}, pages = {591----600}, keywords = {Entity disambiguation; Linked data; Emergent semantics; Peer data management}, tags = {EuroNF} } @Inproceedings { Berl2009d, author = {Berl, Andreas and de Meer, Hermann}, title = {Integration of Mobile Devices into Popular Peer--to--Peer Networks}, abstract = {Peer--to--peer content--distribution networks are nowadays highly popular among users that have stationary computers with high--bandwidth Internet connections. Mobile devices (e.g. cell phones) that are connected to the Internet via cellular--radio networks, however, could not yet be launched into this field to a satisfactory extent. Although most mobile devices have the necessary hardware resources for joining peer--to--peer content--distribution networks, they are often not able to benefit from participation, due to limitations caused by mobility. In this work, mobile devices are identified as providers of advanced mobile features and services that are usually not available to computers in stationary networks. These mobile features and services can be exchanged for services in peer--to--peer networks, turning mobile devices into valuable trading partners. Partnership schemes are set up to define the way of a fair cooperation between mobile devices and other peers. A novel peer--to--peer architecture is suggested that applies partnership schemes to a well--established peer--to--peer content--distribution network and facilitates the integration of mobile devices.}, year = {2009}, isbn = {978--1--4244--4244--7}, DOI = {10.1109/NGI.2009.5175763}, booktitle = {Proc. of the 5th Euro--NGI Conf. on Next Generation Internet Networks (NGI 2009)}, publisher = {IEEE}, pages = {1----9}, tags = {COST{\textunderscore}IC0804, DFG{\textunderscore}MoPi2, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2009d.pdf} } @Article { Wuechner2009b, author = {W{\"u}chner, Patrick and Sztrik, J{\'a}nos and de Meer, Hermann}, title = {Investigating the mean response time in finite--source retrial queues using the algorithm by Gaver, Jacobs, and Latouche}, abstract = {In this paper, we discuss the maximum of the mean response time that appears in finite--source retrial queues with orbital search when the arrival rate is varied. We show that explicit closed--form equations of the mean response time can be derived by exploiting the block--structure of the finite Markov chain underlying the model and using an efficient computational algorithm proposedby Gaver, Jacobs, and Latouche. However, we also show that already for the discussed relatively simple model, the resulting equation is rather complex which hampers further evaluation.}, year = {2009}, issn = {1787--5021 (Print); 1787--6117 (Online)}, journal = {Annales Mathematicae et Informaticae (AMI)}, volume = {36}, pages = {143----160}, keywords = {Performance evaluation; Finite--source retrial queues; Closed--form solutions; Orbital search; Block--structured Markov chain; MOSEL--2}, tags = {AutoI, DFG{\textunderscore}MathMod, EuroNF, ResumeNet, MOSEL2}, web_url2 = {http://ami.ektf.hu/index.php?vol=36}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2009b.pdf} } @Inproceedings { Galis2009b, author = {Galis, Alex and Abramowicz, Henrik and Brunner, Marcus and Raz, Danny and Chemouil, Prosper and Butler, Joe and Polychronopoulos, Costas and Clayman, Stuart and de Meer, Hermann and Coupaye, Thierry and Pras, Aiko and Sabnani, Krishan and Massonet, Philippe and Naqvi, Syed}, title = {Management and service--aware networking architectures (MANA) for future Internet}, abstract = {Future Internet (FI) research and development threads have recently been gaining momentum all over the world and as such the international race to create a new generation Internet is in full swing: GENI, Asia Future Internet, Future Internet Forum Korea, European Union Future Internet Assembly (FIA). This is a position paper identifying the research orientation with a time horizon of 10 years, together with the key challenges for the capabilities in the Management and Service--aware Networking Architectures (MANA) part of the Future Internet (FI) allowing for parallel and federated Internet(s).}, year = {2009}, month = {Aug.}, isbn = {978--1--4244--4337--6}, DOI = {10.1109/CHINACOM.2009.5339964}, booktitle = {Proc. of the 4th Int'l Conf. on Communications and Networking in China (ChinaCOM 2009)}, publisher = {IEEE}, pages = {1----13}, keywords = {Position paper, Future Internet, Service--aware , Networking, Management}, tags = {AutoI}, file_url = {http://www.net.fim.uni--passau.de/pdf/Galis2009b.pdf} } @Incollection { Galis2009a, author = {Galis, Alex and Denazis, Spyros and Bassi, Alessandro and Giacomin, Pierpaolo and Berl, Andreas and Fischer, Andreas and de Meer, Hermann and Strassner, John and Davy, Steven and Macedo, Daniel and Pujolle, Guy and Rubio--Loyola, Javier and Serrat, Joan and Lef{\`e}vre, Laurent and Cheniour, Abderhaman}, title = {Management Architecture and Systems for Future Internet Networks}, abstract = {This paper presents a new autonomic management architectural model consisting of a number of distributed management systems running within the network, which are described with the help of five abstractions and distributed systems: Virtualisation, Management, Knowledge, Service Enablers and Orchestration Planes. The envisaged solution is applicable to the management design of Future Internet as a service and self--aware network, which guarantees built--in orchestrated reliability, robustness, context, access, security, service support and self--management of the communication resources and services.}, year = {2009}, month = {May}, isbn = {978--1--60750--007--0 (Print); 978--1--60750--431--3 (Online)}, DOI = {10.3233/978--1--60750--007--0--112}, booktitle = {Towards the Future Internet -- A European Research Perspective}, publisher = {IOS Press}, editor = {Georgios, Tselentis and Domingue, John and Galis, Alex and Gavras, Anastasius and Hausheer, David and Krco, Srdjan and Lotz, Volkmar and Zahariadis, Theodore}, pages = {112----122}, keywords = {Service and self--aware network management; Autonomicity; Virtualisation; Management plane; Knowledge plane; Service enablers plane; Orchestration plane}, tags = {AutoI, DFG{\textunderscore}MoPi2, EuroNF} } @Incollection { Tutschku2009a, author = {Tutschku, Kurt and Berl, Andreas and Hossfeld, Tobias and de Meer, Hermann}, title = {Mobile P2P in Cellular Networks: Architecture and Performance}, abstract = {The performance of P2P content distribution in cellular networks depends highly on the cooperation and coordination of heterogeneous and often selfish mobile users. The major challenges are the identification of problems specifically arising in cellular mobile networks and the development of new cooperation strategies to overcome these problems. In this chapter, we review common cooperation strategies using multi--source downloads. We demonstrate the fundamental ,,last chunk'' problem of typical strategies as used by eDonkey or BitTorrent. This is caused by the selfishness of users; however, an ordered chunk delivery evades this problem. In the coherent, subsequent chapter ,,Cooperation Strategies for P2P Content Distribution in Cellular Mobile Networks: Considering Mobility and Heterogeneity'', the impact of mobility and vertical handover between heterogeneous wireless access technologies is investigated.}, year = {2009}, month = {May}, isbn = {978--1--60566--715--7}, booktitle = {Mobile Peer--to--Peer Computing for Next Generation Distributed Environments: Advancing Conceptual and Algorithmic Applications}, publisher = {IGI Global}, pages = {349----373}, tags = {DFG{\textunderscore}MoPi2, EuroNF} } @Techreport { Holzer2009b, author = {Holzer, Richard}, title = {Modeling and Control of Complex and Self Organizing Systems}, abstract = {At the University of Passau, a EuroNF PhD Course on Modeling and Control of Complex and Self--Organizing Systems was held from March 30th -- April 3rd, 2009. This technical report contains the essays of the participants.}, year = {2009}, institution = {Faculty of Computer Science and Mathematics (FIM), University of Passau}, number = {MIP--0916}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Holzer2009b.pdf}, note = {Essay Collection of Ph.D. Course} } @Inproceedings { Lovasz2009a, author = {Lovasz, Gergoe and Fischer, Andreas and de Meer, Hermann}, title = {Network Virtualization and Energy Efficiency}, abstract = {The energy consumption of IT and communication infrastructure is dramatically increasing. In the year 2000 the power consumption of servers, routers, and PCs in Germany was about 5 billion kWh per year [1]. For the year 2010 a power consumption of more than 55 billion kWh per year is expected for the IT and communication infrastructure in Germany [2]. In the face of global warming the reversal of this trend is a declared political goal. Future networks and their respective infrastructures have to be structured in a way that inherently supports an energy--efficient operation. To achieve energy efficiency in future network infrastructures, a fundamental paradigm ---- the economic principle [3] ---- has to be applied contrariwise. Currently, the maximization principle (fixed input, maximum output) is usually applied as goal of the resource management in conventional network infrastructures. Fixed resources (available hardware and energy) are exploited to maximize the benefit (e.g. in terms of QoS, security, or throughput). However, the complementary minimization principle (fixed output, minimum input) is needed as goal of the resource management to achieve an energy--efficient operation of available hardware. Using this approach, a fixed benefit (e.g. a determined QoS) is made available by using a minimal set of resources (hardware and energy).}, year = {2009}, month = {July}, booktitle = {Proc. of the 9th Wuerzburg Workshop on IP: Joint ITG and Euro--NF Workshop ,,Visions of Future Generation Networks'' (EuroView 2009)}, publisher = {University of Wuerzburg}, tags = {EuroNF, FIT4Green}, web_url2 = {http://www3.informatik.uni--wuerzburg.de/euroview/2009/data/slides/Session2--deMeer--slides--handout.pdf}, file_url = {http://www.net.fim.uni--passau.de/pdf/Lovasz2009a.pdf} } @Inproceedings { Berl2009a, author = {Berl, Andreas and Weidlich, Roman and Schrank, Michael and Hlavacs, Helmut and de Meer, Hermann}, title = {Network Virtualization in Future Home Environments}, abstract = {Home environments have a great potential of resource sharing and energy saving. More and more home computers are running on an always--on basis (e.g. media--centers or file--sharing clients). Such home environments have not been sufficiently analyzed regarding their energy--efficient operation, yet. This paper discusses network virtualization methods that are needed in future home environments to enable the energy--efficient cooperation of home networks. End--users share their available hardware resources (e.g. CPU, disk, or network resources) with other users in an energy--efficient and balanced way. To achieve such an envisioned future home environment, an architecture is suggested that combines different virtualization methods. In this paper, virtualization related requirements of the suggested architecture are discussed in detail. Network virtualization methods and concepts are compared to each other with respect to their usability in the architecture. In addition, initial virtualization approaches are simulated and evaluated with regard to benefits and complexity in the suggested architecture.}, year = {2009}, isbn = {978--3--642--04988--0}, DOI = {10.1007/978--3--642--04989--7{\textunderscore}14}, booktitle = {Proc. of the 20th Int'l Workshop on Distributed Systems: Operations and Management (DSOM09)}, volume = {5841}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {177----190}, keywords = {Home networks; Energy efficiency; Resource sharing; Virtualization; Peer--to--peer}, tags = {COST{\textunderscore}IC0804, EuroFGI{\textunderscore}VHE, EuroNF, FIT4Green}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2009a.pdf}, note = {The original publication is available at www.springerlink.com (2009)} } @Inproceedings { Berl2009c, author = {Berl, Andreas and de Meer, Hermann and Hossfeld, Tobias}, title = {P2P Solutions for Cellular Networks}, abstract = {The participation of stationary computers with high--bandwidth links in peer--to--peer content--distribution networks is highly popular. Mobile devices (e.g. cell phones), however, could not yet be launched into the field to a satisfactory extent. This paper discusses mobile peer--to--peer approaches that cover this issue and compares two promising approaches in detail. The first approach supports mobile devices by adding new infrastructure elements to the mobile network operator's domain. In the second approach, voluntary peers provide support for mobile devices. Both approaches are able to foster the integration of mobile devices into peer--to--peer networks with a large user community.}, year = {2009}, isbn = {978--0--7695--3831--0}, DOI = {10.1109/AP2PS.2009.17}, booktitle = {Proc. of the 1st Int'l Conf. on Advances in P2P Systems (AP2PS 2009)}, publisher = {IEEE}, pages = {54----59}, tags = {COST{\textunderscore}IC0804, DFG{\textunderscore}MoPi2, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2009c.pdf} } @Book { DeMeer2009a, author = {de Meer, Hermann and W{\"u}chner, Patrick}, title = {Performance Modeling of Computer Networks -- Special Issue in Memory of Dr. Gunter Bolch}, abstract = {I am grateful for this opportunity to pay tribute to my dear friend and life--long mentor Dr. Gunter Bolch as a co--editor of this special issue in his memory. We were not only sharing common academic interests and writing scholarly books together but we were also sharing passions for such diverse activities as travelling and foreign cultures, cross--country skiing, or Jazz music. Gunter was very open minded, a beautifully moderate person, and a friend in its truest meaning. This special issue, however, is devoted to his academic passion of Performance Modeling, in general, and Queueing Networks, in particular. He has not only co--authored scholarly written books that have widely been cited and have gained world--wide acknowledgement, but many colleagues have taken pride in cooperation and joint publications with him during his overly productive life. Likewise, many of his students were motivated by his academic and personal spirit and followed up contributing in similar research areas. This special issue provides a collection of original contributions by former students of his and colleagues who have cooperated with him. While the contributions were solicited by invitation based on the relationship at least one author had with Gunter, all papers were thoroughly reviewed by at least three international reviewers each and subsequently carefully revised by the authors. As a result, we have been able to collect ten quality--assured papers as a witness to Gunter’s productive academic life and in memory of his achievements.}, year = {2009}, issn = {1389--1286}, DOI = {10.1016/j.comnet.2009.03.001}, volume = {53}, publisher = {Elsevier B.V.}, series = {Computer Networks (ComNet)}, editor = {De Meer, Hermann and Wuechner, Patrick}, number = {8}, tags = {EuroNF, MOSEL2}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2009a.pdf} } @Inproceedings { Herkenhoener2009a, author = {Herkenhoener, Ralph and de Meer, Hermann}, title = {Process Modeling as a Basis for Auditing Information Privacy}, abstract = {Information privacy has become an important task for every data processing organization. To meet its demands, organizations apply privacy--enhancing technologies and identity management to their business processes. But the increasing number of privacy breaches shows that this task is complex and not well understood. In this position paper, a formal method for modeling an proving information privacy within a process model is envisioned. Such a model would allow an integration at process design, increase the understanding and effectiveness of the privacy protection mechanisms, and enable compliance checks and data protection auditing.}, year = {2009}, month = {March}, isbn = {978--3--88579--241--3}, booktitle = {Proc. of the 2nd Int'l Conf. on Business Process, Services Computing and Intelligent Service Management (BPSC 2009)}, volume = {147}, publisher = {GI}, series = {Lecture notes in Informatics (LNI)}, pages = {231----232}, tags = {EFRE{\textunderscore}ITSEC, inSel} } @Inproceedings { Holzer2009a, author = {Holzer, Richard and de Meer, Hermann}, title = {Quantitative Modeling of Self--Organizing Properties}, abstract = {For analyzing properties of complex systems, a mathematical model for these systems is useful. In this paper we give quantitative definitions of adaptivity, target orientation, homogeneity and resilience with respect to faulty nodes or attacks by intruders. The modeling of the system is done by using a multigraph to describe the connections between objects and stochastic automatons for the behavior of the objects. The quantitative definitions of the properties can help for the analysis of existing systems and for the design of new systems. To show the practical usability of the concepts, the definitions are applied to a slot synchronization algorithm in wireless sensor networks.}, year = {2009}, isbn = {978--3--642--10864--8}, DOI = {10.1007/978--3--642--10865--5}, booktitle = {Proc. of the 4th Int'l Workshop on Self--Organizing Systems (IWSOS 2009)}, volume = {5918}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {149----161}, keywords = {Self--Organziation; Mathematical modeling; Systems; Adaptivity; Target orientation; Homogeneity; Resilience}, tags = {EuroNF, ResumeNet, Socionical}, file_url = {http://www.net.fim.uni--passau.de/pdf/Holzer2009a.pdf}, note = {The original publication is available at www.springerlink.com (2009)} } @Book { Dobson2009a, author = {Dobson, Simon and Strassner, John and de Meer, Hermann}, title = {Special Issue on Autonomic and Self--Organising Systems}, abstract = {Autonomic systems have emerged in the last few years as a significant strand of research in computing and communications. From the original IBM conception of reducing total cost of ownership by providing increased automatic management of enterprise systems [1], autonomics research increasingly focuses on providing a range of services for self--configuration on installation, self--management over a component’s lifetime, self--healing in case of attacks, and so forth ---- the so--called self--properties.}, year = {2009}, issn = {1389--1286}, DOI = {10.1016/j.comnet.2009.01.004}, volume = {53}, publisher = {Elsevier B.V.}, series = {Computer Networks (ComNet)}, editor = {Dobson, Simon and Strassner, John and De Meer, Hermann}, number = {10}, tags = {EuroNF} } @Inproceedings { Belghith2009b, author = {Belghith, Abdelfettah and Mnaouer, Adel Ben and Abid, Mohamed Amine}, title = {Suitability analysis of probabilistic proactive routing for dynamic multi--hop ad hoc networks}, abstract = {We first propose a new proactive routing framework based on probabilistic decisions and a generic model to compute the existence probabilities of nodes and links. Then, we present a distributed algorithm to collect the cartography of the network. This cartography is used to instantiate the existence probabilities. Conducted simulations show that our proposal yields substantially better routing validity. Nonetheless, it amounts to much longer routes. We proposed then a bounding technique to overcome this side effect and defined two probabilistic proactive routing variants. Conducted simulations show that our proposed bounded probabilistic proactive routing schemes outperform conventional routing protocols and yield up to 66 percent increase in throughput.}, year = {2009}, organization = {IEEE}, booktitle = {Wireless and Mobile Computing, Networking and Communications, 2009. WIMOB 2009. IEEE International Conference on}, pages = {459----464} } @Inproceedings { Auer2009a, author = {Auer, Christopher and W{\"u}chner, Patrick and de Meer, Hermann}, title = {Target--Oriented Self--Structuring in Classifying Cellular Automata}, abstract = {Some cellular automata are able to solve classification problems on their initial configuration by building globally visible structures. However, no formal measures exist yet for describing or detecting this behavior in general. The lack of such formal methods often leads to quite observer--dependent discussions of emergent computation. In this paper, we propose the measures of target orientation and self--structuring that allow to formally evaluate a cellular automaton's ability to solve a classification problem by emergent computation. By the means of these measures, globally emerging patterns can be recognized and their contribution to the solution of the classification problem can be judged in an observer--independent way.}, year = {2009}, isbn = {978--1--905986--21--7}, issn = {1557--5969 (Print); 1557--5977 (Online)}, booktitle = {Proc. of the 15th Int'l Workshop on Cellular Automata and Discrete Complex Systems (Automata 2009)}, journal = {journal of Cellular Automata (JCA)}, volume = {6}, publisher = {Mackenzie}, editor = {de Oliveira, Pedro P. B. and Kari, Jarkko}, pages = {260----271}, number = {1}, keywords = {One--dimensional cellular automata; Classification problem; Emergent computation; Formal measures}, tags = {AutoI, EuroNF, ResumeNet, Socionical}, web_url2 = {http://www.mackenzie.br/automata2009.html}, file_url = {http://www.net.fim.uni--passau.de/pdf/Auer2009a.pdf} } @Inproceedings { Auer2009b, author = {Auer, Christopher and W{\"u}chner, Patrick and de Meer, Hermann}, title = {The Degree of Global--State Awareness in Self--Organizing Systems}, abstract = {Since the entities composing self--organizing systems have direct access only to information provided by their vicinity, it is a nontrivial task for them to determine properties of the global system state. However, this ability appears to be mandatory for certain self--organizing systems in order to achieve an intended functionality. Based on Shannon's information entropy, we introduce a formal measure that allows to determine the entities' degree of global--state awareness. Using this measure, self--organizing systems and suitable system settings can be identified that provide the necessary information to the entities for achieving the intended system functionality. Hence, the proposed degree supports the evaluation of functional properties during the design and management of self--organizing systems. We show this by applying the measure exemplarily to a self--organizing sensor network designed for intrusion detection. This allows us to find preferable system parameter settings.}, year = {2009}, isbn = {978--3--642--10864--8}, DOI = {10.1007/978--3--642--10865--5{\textunderscore}11}, booktitle = {Proc. of the 4th Int'l Workshop on Self--Organizing Systems (IWSOS 2009)}, volume = {5918}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {125----136}, tags = {AutoI, EuroNF, ResumeNet, Socionical}, file_url = {http://www.net.fim.uni--passau.de/pdf/Auer2009b.pdf}, note = {The original publication is available at www.springerlink.com (2009)} } @Inproceedings { Chowdhry2009a, author = {Chowdhry, Narinder P. and Baloch, Abdul K. and Memon, Aftab A. and Bohra, Nafeesa and Zeimet, Marco N.}, title = {The Strategies to Cope with Challenges towards Natural and Un--Natural Disasters in Pakistan}, abstract = {Natural or un--natural disasters are a big challenge for humanity and have remained a cause of severe casualties. Casualties can be minimized either through the use of pre--monitoring systems or using the intervention of managed and instantaneous rescue services. Although, it is difficult to get instant information about the disaster, but the challenges of the aftermath can be dealt by training the personnel in the field of medical sciences, satellite technologies and engineering for ready rescue. Many attempts have been made in this direction however; more research is required to make use of innovative technologies in order to meet the challenges of instant recovery. In this paper, a model has been presented to explain the strategies that how, such natural/un--natural disasters can be dealt with, in the preview of recent mishaps to encounter distress, trauma and aftermath of the disaster in Pakistan.}, year = {2009}, issn = {1998--5509}, booktitle = {Proc. of the Global Telemedicine and eHealth Updates: Knowledge Resources (Med--e--Tel 2009)}, volume = {2}, editor = {Jordanova, Malina and Lievens, Frank}, pages = {148----153}, keywords = {Biomedical engineering; Disaster management; E--health; Strategies and satellite communication}, tags = {EuroNF} } @Article { Berl2009e, author = {Berl, Andreas and Fischer, Andreas and de Meer, Hermann}, title = {Using System Virtualization to Create Virtualized Networks}, abstract = {The method of system virtualization is very popular for the use in data centers and desktop virtualization today. In this work, system virtualization is applied to core network elements (routers and links) in order to create a virtualized network. The selection of this virtualization method crucially determines the emerging network model. The network model consists of virtual networks, virtual routers, and virtual links that form overlays on top of the physical network. The properties, features, and limitations of this network model are analyzed and described in this paper. Additionally, a proof of concept implementation using currently available technology and infrastructure is presented. Finally the dynamic configurability of virtual resources in such a system virtualization based virtualized network is evaluated.}, year = {2009}, month = {March}, issn = {1863--2122}, booktitle = {Proc. of the Workshops der Wissenschaftlichen Konferenz Kommunikation in Verteilten Systemen (WowKiVS 2009)}, journal = {Electronic Communications of the EASST}, volume = {17}, publisher = {EASST}, pages = {1----12}, tags = {AutoI, DFG{\textunderscore}MoPi2, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2009e.pdf} } @Article { Coskun2009a, author = {Coskun, Hakan and Schieferdecker, Ina and Al--Hazmi, Yahya}, title = {Virtual WLAN: Going beyond Virtual Access Points}, abstract = {Wireless nodes equipped with multiple radio interfaces open up new fields of application. Ranging from multi--channel usage in a cell in order to increase the bandwidth to the creation of meshed multi--hop topologies. Using multiple wireless cards demands a large physical space, more energy consumption and as a consequence decreasing in the battery lifetime. Virtualization of the wireless network interface, which means to use a single wireless network interface to connect to more than one network simultaneously, seems to be a promising approach, since it allows us to realize the mentioned scenarios only with one radio interface. In this paper, we want to shed light on the state of the art and want to introduce new approaches to push this field beyond the current status.}, year = {2009}, issn = {1863--2122}, booktitle = {Proc. of the Workshops der Wissenschaftlichen Konferenz Kommunikation in Verteilten Systemen (WowKiVS 2009)}, journal = {Electronic Communications of the EASST}, volume = {17}, publisher = {EASST}, pages = {1----12}, file_url = {http://www.net.fim.uni--passau.de/pdf/Coskun2009a.pdf} } @Article { Berl2009g, author = {Berl, Andreas and de Meer, Hermann and Hlavacs, Helmut and Treutner, Thomas}, title = {Virtualization in Energy--Efficient Future Home Environments}, abstract = {Home environments promise high potential in terms of resource sharing and energy saving. More and more home computers are running on an always--on basis (e.g., media centers or file sharing clients). Such home environments have not been sufficiently analyzed regarding the possibility of aggregating home user resources in an energy--efficient way. This article describes a future home environment in which available hardware resources (e.g., CPU cycles, disk space, or network capacity) are shared energy efficiently and balanced among end users. Furthermore, the article provides an overview of different virtualization methods that are needed in future home environments to enable cooperation of home networks. Virtualization--related requirements are discussed in detail and virtualization methods and concepts are compared to each other with respect to their usability in the architecture.}, year = {2009}, issn = {0163--6804}, DOI = {10.1109/MCOM.2009.5350370}, journal = {IEEE Communications Magazine}, volume = {47}, publisher = {IEEE}, pages = {62----67}, number = {12}, tags = {COST{\textunderscore}IC0804, EuroFGI, EuroFGI{\textunderscore}VHE, EuroNF, FIT4Green}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2009g.pdf} } @Phdthesis { Oberender2009a, author = {Oberender, Jens O.}, title = {Widerstandsfaehige Anonymisierierungsnetze}, abstract = {Unverkettbare Nachrichten sind ein Grundbaustein anonymer Kommunikation. Anonymisierungsnetze schuetzen mittels Unverkettbarkeit, wer mit wem kommuniziert sowie die Identitaet der Beteiligten einer Kommunikationsbeziehung. Anonymisierungsnetze benoetigen Kooperation, da die Anonymitaet durch Ressourcen anderer Teilnehmer geschuetzt wird. Wenn die Kosten und der Nutzen eines Anonymisierungsnetzes transparent sind, ergeben sich Zielkonflikte zwischen rationalen Teilnehmern. Es wird daher untersucht, inwiefern daraus resultierendes egoistisches Verhalten die Widerstandsfaehigkeit dieser Netze beeintraechtigt. Stoerungen werden in einem spieltheoretischen Modell untersucht, um widerstandsfaehige Konfigurationen von Anonymisierungsnetzen zu ermitteln. Eine weitere Stoerquelle sind Ueberflutungsangriffe mittels unverkettbarer Nachrichten. Es soll sowohl die Verfuegbarkeit als auch die Anonymitaet geschuetzt werden. Dazu wird Unverkettbarkeit fuer Nachrichten aufrecht erhalten, ausser wenn die Senderate eines Nachrichtenstroms eine Richtlinie ueberschreitet. Innerhalb verkettbarer Nachrichten koennen Ueberflutungsangriffe erkannt werden. Darueber kann die Verfuegbarkeit des Netzdienstes geschuetzt werden.}, year = {2009}, month = {Jan.}, isbn = {978--3838104157}, keywords = {Anonymity; Resilience; Network privacy}, web_url2 = {http://www.amazon.de/gp/product/3838104153} } @Inproceedings { Auer2008a, author = {Auer, Christopher and W{\"u}chner, Patrick and de Meer, Hermann}, title = {A Method to Derive Local Interaction Strategies for Improving Cooperation in Self--Organizing Systems}, abstract = {To achieve a preferred global behavior of self--organizing systems, suitable local interaction strategies have to be found. In general, this is a non--trivial task. In this paper, a general method is proposed that allows to systematically derive local interaction strategies by specifying the preferred global behavior. In addition, the resulting strategies can be evaluated using Markovian analysis. Then, by applying the proposed method exemplarily to the iterated prisoner’s dilemma, we are able to systematically generate a cooperation--fostering strategy which can be shown to behave similar to the ,,tit for tat with forgiveness'' strategy that, under certain circumstances, outperforms the well--known ,,tit for tat'' strategy used, for instance, in BitTorrent peer--to--peer file--sharing networks.}, year = {2008}, month = {Dec.}, isbn = {978--3--540--92156--1}, DOI = {10.1007/978--3--540--92157--8{\textunderscore}15}, booktitle = {Proc. of the 3rd Int'l Workshop on Self--Organizing Systems (IWSOS 2008)}, volume = {5343}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {170----181}, tags = {AutoI, EuroNF, ResumeNet}, web_url2 = {http://iwsos.ani.univie.ac.at/program.htm}, file_url = {http://www.net.fim.uni--passau.de/pdf/Auer2008a.pdf}, note = {The original publication is available at www.springerlink.com (2008); received best--paper award} } @Phdthesis { Basmadjian2008a, author = {Basmadjian, Robert}, title = {An Arbitrary Tree--structured Replica Control Protocol}, abstract = {Traditional replication protocols that arrange logically the replicas into a tree structure have reasonable availability, low communication costs but induce high system load. In this thesis, the arbitrary protocol is proposed: a tree--based replica control protocol that can be configured based on the frequencies of read and write operations in order to provide lower system load than existing tree replication protocols, yet with comparable cost and availability. The proposed protocol enables the shifting from one configuration into another by just modifying the structure of the tree. There is no need to implement a new protocol whenever the frequencies of read and write operations change. At the heart of new protocol lies the novel idea of logical and physical levels in a tree. In short, read operations are carried out on any physical node of every physical level of the tree whereas the write operation is performed on all physical nodes of a single physical level of the tree. The optimal configurations, proving in particular a new lower bound, of independent interest, for the case of a binary tree are discussed.}, year = {2008}, school = {University of Toulouse}, file_url = {http://thesesups.ups--tlse.fr/460/1/Basmadjian{\textunderscore}Robert.pdf} } @Inproceedings { Garcia2008a, author = {Garcia, Alberto E. and Berl, Andreas and Hummel, Karin A. and Weidlich, Roman and Houyou, Amine Mohamed and Hackbarth, Klaus D. and de Meer, Hermann and Hlavacs, Helmut}, title = {An Economical Cost Model for fair resource sharing in Virtual Home Environments}, abstract = {Home networks recently gain importance due to their development from pure internal networks in form of an Ethernet LAN to converged networks integrating home, Internet, and access provider infrastructure. In emerging future home networking scenarios, service provisioning and network management is proposed by distributed architectures forming Virtual Home Environments (VHEs). This paper provides a service description and corresponding traffic and cost model for fair resource sharing in VHEs. The objective of the proposed cost model is to allow an evaluation of the contribution and consumption for each user participating in the VHE to find an economic balance in the distributed behavior. Hereby, the contribution counts positively and the consumption negatively. The economic balance controls the load balancing in the VHE and further limits the consumption of resources for users which over--pass a corresponding threshold of negative balance leading to an exclusion from the VHE, if the negative balance is not equilibrated over a mean-- or long--time horizon.}, year = {2008}, isbn = {1--4244--1784--8}, DOI = {10.1109/NGI.2008.27}, booktitle = {Proc. of the 4th Euro--NGI Int'l Conf. on Next Generation Internet Networks (NGI 2008)}, publisher = {IEEE}, pages = {153----160}, keywords = {Overlay networks; Peer--to--peer; Cost model; Home networks; Virtualization}, tags = {Coop{\textunderscore}Vienna, DFG{\textunderscore}MoPi2, EuroFGI, EuroFGI{\textunderscore}VHE, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Garcia2008a.pdf} } @Article { Hlavacs2008b, author = {Hlavacs, Helmut and Weidlich, Roman and Hummel, Karin A. and Houyou, Amine Mohamed and Berl, Andreas and de Meer, Hermann}, title = {Distributed Energy Efficiency in Future Home Environments}, abstract = {In this paper, a new architecture for sharing resources among home environments is proposed. Our approach goes far beyond traditional systems for distributed virtualization, like PlanetLab or grid computing, as it relies on complete decentralization in a peer--to--peer (P2P) like manner and, above all, aims at energy efficiency. Energy metrics are defined, which have to be optimized by the system. The system itself uses virtualization to transparently move tasks from one home to another to optimally utilize the existing computing power. We present an overview of our proposed architecture, consisting of a middleware interconnecting computers and routers in possibly millions of homes using P2P techniques. For demonstrating the potential energy saving of distributed applications, we present an analytical model for sharing downloads, which is verified by discrete event simulation. The model represents an optimistic case without P2P overhead and fairness. The model allows to assess the upper limit of the saving potential. An enhanced version of the simulation model also shows the effect of fairness. The fairer the system gets, the less efficient it is.}, year = {2008}, month = {Oct.}, DOI = {10.1007/s12243--008--0045--2}, journal = {Annals of Telecommunication}, volume = {63}, publisher = {Springer--Verlag}, pages = {473----485}, number = {9----10}, tags = {DFG{\textunderscore}MoPi2, EuroFGI, EuroFGI{\textunderscore}VHE, EuroNF}, note = {The original publication is available at www.springerlink.com (Aug. 2008)} } @Inproceedings { Arkoulis2008a, author = {Arkoulis, Stamatios and Fiedler, Markus and Frangoudis, Pantelis A. and Herkenhoener, Ralph and Marias, Giannis F. and de Meer, Hermann and Polyzos, George C.}, title = {Distributed Sensing for Spectrum Agility: Incentives and Security Considerations}, abstract = {In the last few years, we have witnessed a tremendous growth in the number of wireless devices operating in unlicensed spectrum. Wi--Fi equipment has become standard in laptops and handhelds, while Bluetooth prevails for short--range connectivity. The vision of the Internet of Things, where myriads of heterogeneous devices will interconnect over wireless sublayers, forming a huge network of networks is fast approaching its realization. In view of these advances, traditional Internet architectures at all layers will need to transform and adapt to accommodate for the increasing communication demands. Unlicensed wireless spectrum is scarce and we need agile sharing schemes to achieve its increased utilization. The cost for the lack of strict regulation is interference; for spectrum agility, thus, alternative interference mitigation strategies are necessary. A crucial step in this process is sensing the wireless environ-- ment to detect interference conditions. In this work, we focus on Dis-- tributed Spectrum Sensing (DSS), where spectrum usage information from multiple sources is fused to come to smart spectrum access decisions. In the heterogeneous open access environment that we envisage, multiple self--interested entities participate in the sensing and sharing processes. This poses security challenges, which we discuss in this paper.}, year = {2008}, booktitle = {Proc. of the 1st Euro--NF Workshop on Future Internet Architecture: New Trends in Service \\& Networking Architectures}, tags = {EFRE{\textunderscore}ITSEC, EuroNF, EuroNF{\textunderscore}ASPECTS} } @Inproceedings { Houyou2008b, author = {Houyou, Amine Mohamed and de Meer, Hermann}, title = {Efficient Overlay Mediation for Mobile Location--Based Services}, abstract = {Data communication in mobile and cellular environments is still in its infancy. Data traffi c generated by mobile users lacks the diversity of the fi xed Internet. On the one hand, the limited bandwidth available for mobile users is still a major hurdle for some Internet applications. On the other hand, a universal inexpensive mobility solution built to support the different wireless architectures while offering service ubiquity is still missing. Despite this, some applications such as location--based services (LBS) have found a natural application domain by mobile users. Data traffic, in such applications, is generated by users accessing information linked to their movement context. To improve access to these services while limiting the effects of mobility, communication should occur near the edge, hile staying localized. In this paper, a distributed approach is proposed for mediating location information between heterogeneous geographic information severs in a peer--to--peer manner. A design methodology is proposed to ensure the localized impact of mobility--lead communication overhead. Both numerical and imulative analyses are carried out.}, year = {2008}, month = {Nov.}, isbn = {978--3--540--87392--1 (Print); 978--3--540--87393--8 (Online)}, DOI = {10.1007/978--3--540--87393--8{\textunderscore}21}, booktitle = {Proc. of the 5th Int'l Symp. on LBS \& TeleCartography (LBS 2008)}, volume = {2}, publisher = {Springer--Verlag}, series = {Lecture notes in Geoinformation and Cartography (LNG\&C)}, pages = {353----371}, keywords = {LBS; Vertical handover; Overlay; Range queries; Clustering}, tags = {DFG{\textunderscore}MoPi2, EuroNF}, note = {The original publication is available at www.springerlink.com (2009)} } @Inproceedings { Hlavacs2008a, author = {Hlavacs, Helmut and Hummel, Karin A. and Weidlich, Roman and Houyou, Amine Mohamed and Berl, Andreas and de Meer, Hermann}, title = {Energy Efficiency in Future Home Environments: A Distributed Approach}, abstract = {In this paper, a new architecture for sharing resources amongst home environments is proposed. Our approach goes far beyond traditional systems for distributed virtualization like PlanetLab or Grid computing, since it relies on complete decentralization in a peer--to--peer like manner, and above all, aims at energy efficiency. Energy metrics are defined, which have to be optimized by the system. The system itself uses virtualization to transparently move tasks from one home to another in order to optimally utilize the existing computing power. An overview of our proposed architecture is presented as well as an analytical evaluation of the possible energy savings in a distributed example scenario where computers share downloads.}, year = {2008}, isbn = {978--0--387--77215--8}, DOI = {10.1007/978--0--387--77216--5{\textunderscore}6}, booktitle = {Proc. of the 1st IFIP WG 6.2 Home Networking Conf. (IHN 2007)}, volume = {256}, publisher = {Springer--Verlag}, series = {International Federation for Information Processing (IFIP)}, editor = {Al Agha, Khaldoun and Carcelle, Xavier and Pujolle, Guy}, pages = {69----84}, tags = {Coop{\textunderscore}Vienna, DFG{\textunderscore}MoPi2, EuroFGI, EuroFGI{\textunderscore}VHE}, file_url = {http://www.net.fim.uni--passau.de/pdf/Hlavacs2008a.pdf}, note = {The original publication is available at www.springerlink.com (2008)} } @Inproceedings { Wuechner2008c, author = {W{\"u}chner, Patrick and Sztrik, J{\'a}nos and de Meer, Hermann}, title = {Homogeneous Finite--Source Retrial Queues with Search of Customers from the Orbit}, abstract = {We consider a retrial queueing system with a finite number of homogeneous sources of calls and a single server. Each source generates a request after an exponentially distributed time. An arriving customer finding the server idle enters into service immediately; otherwise the customer enters into an orbit. The service times are supposed to be exponentially distributed random variables. An orbiting customer competes for service, the inter--retrial times are exponentially distributed. Upon completion of a service, with a certain probability the server searches for an orbiting customer. Assuming the search time to be negligible, the source, service, and retrial times to be independent random variables, we perform the steady--state analysis of the model computing various steady--state performance measures and illustrative numerical examples are presented. The novelty of the investigation is the introduction of orbital search by the server for customers in finite--source retrial queues. The MOSEL--2 tool is used to formulate and solve the problem.}, year = {2008}, isbn = {978--3--8007--3090--2}, booktitle = {Proc. of the 14th GI/ITG Conf. on Measurement, Modelling and Evaluation of Computer and Communication Systems (MMB 2008)}, publisher = {VDE Verlag}, pages = {109----124}, keywords = {Retrial queueing systems; Finite number of sources; Orbital search; Performance tool; Performance measures}, tags = {DFG{\textunderscore}MathMod, EuroNF, MOSEL2}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2008c.pdf} } @Inproceedings { Berl2008a, author = {Berl, Andreas and Fischer, Andreas and de Meer, Hermann and Galis, Alex and Rubio--Loyola, Javier}, title = {Management of Virtual Networks}, abstract = {The global Internet is growing beyond all originally expected bounds, both in terms of connectivity points and services. It becomes apparent that the current underlying network infrastructure is ossified, lacking the flexibility to support a large number of different services. Future Internet initiatives are approaching a transition from a service--agnostic to a service--aware network. To achieve this goal, in this work the virtualization of network resources is identified as a building block for service--aware networks. A virtualization plane is defined, which creates virtual network resources to get an abstraction from real network resources (local management). Based on the functionality provided by this plane, a self--organizing management (global management) of virtual network resources is enabled. This requires an interface definition, which relieves management applications from dealing directly with real network resources, e.g. routers and links; instead it provides virtualization service functions, grouped in comfortable management classes to enable easy handling of virtualized resources.}, year = {2008}, month = {Sep.}, isbn = {978--3--930736--12--6}, booktitle = {Middleware Technologies for Enabling Next--generation Network Services and Applications -- Proc. of the 5th Int'l Workshop on Next Generation Networking Middleware (NGNM 2008) and the 4th IEEE/IFIP Int'l Workshop on End--to--end Virtualization and Grid Management (EVGM 2008), Samos Island, Greece, 22nd--26th September 2008}, volume = {9}, publisher = {multicon multimedia consulting}, series = {multicon lecture notes series}, pages = {197----202}, keywords = {Virtualization; Autonomic Internet; Self--organizing management}, tags = {AutoI, DFG{\textunderscore}MoPi2, EuroFGI, EuroNF} } @Inproceedings { Wuechner2008b, author = {Wuechner, Patrick and Holzer, Richard and de Meer, Hermann}, title = {Mathematical Design Models for Self--Organizing Systems}, abstract = {Self--organization (SO) appears in many different fields: in computer science (e.g., sensor networks), biology (e.g., colony of ants), physics (e.g., elementary magnets), and many more. During the last years, engineering sciences have been attracted by the phenomenon of SO to overcome inevitable issues, for example, scalability issues that arise when engineering and managing large--scale systems consisting of numerous interacting entities. However, prior to engineering selforganizing systems (SOSs), a common terminology is needed to characterize and define SO and SO--related concepts.}, year = {2008}, month = {Dec.}, booktitle = {Supplementary online Proc. of the 3rd Int'l Workshop on Self--Organizing Systems (IWSOS 2008)}, tags = {AutoI, EuroNF, ResumeNet}, web_url2 = {http://www.iwsos.org/2008}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2008b.pdf}, note = {Poster with Abstract} } @Article { Hollick2008b, author = {Hollick, Matthias and de Meer, Hermann and Schmitt, Jens B. and W{\"u}chner, Patrick}, title = {Modeling of Self--Organizing Systems (Guest Editorial)}, abstract = {In the last decade, we witnessed the unparalleled success of communication networks such as the Internet or wireless mobile communication networks. The unprecedented scale of the aforementioned networks does not mark the end of the growth, but the emergence of wireless sensor networks and the ,,Internet of Things'' are going to further add to the complexity of today's communication networks. For providers and network operators to be able to plan, build, and maintain next generation networks, it is necessary to push the envelope of traditional means to control the network. From a user's perspective, the organic growth of autonomously operated (community) networks and of application--level overlay networks presents further challenges.}, year = {2008}, month = {Jan.}, issn = {0930--5157}, DOI = {10.1515/piko.2008.001}, journal = {Praxis der Informationsverarbeitung und Kommunikation (PIK)}, volume = {31}, pages = {2----3}, number = {1}, tags = {DFG{\textunderscore}MathMod, EuroNF, EuroFGI, EuroFGI{\textunderscore}MMSOS}, file_url = {http://www.net.fim.uni--passau.de/pdf/Hollick2008b.pdf}, note = {Editorial} } @Inproceedings { Holzer2008a, author = {Holzer, Richard and de Meer, Hermann and Bettstetter, Christian}, title = {On autonomy and emergence in self--organizing systems}, abstract = {For analyzing properties of complex systems, a mathematical model for these systems is useful. In this paper we describe how discrete complex systems can be modeled mathematically and we give a framework for the analysis of the system with respect to the properties autonomy and emergence, which are two of the most important properties of self--organizing systems. The modeling is done by using a multigraph to describe the connections between objects and stochastic automatons for the behavior of the objects.}, year = {2008}, month = {Dec.}, isbn = {978--3--540--92156--1}, DOI = {10.1007/978--3--540--92157--8{\textunderscore}14}, booktitle = {Proc. of the 3rd Int'l Workshop on Self--Organizing Systems (IWSOS 2008)}, volume = {5343}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {157----169}, keywords = {Self--Organziation; Autonomy; Emergence; Mathematical modeling; Systems}, tags = {EuroNF}, web_url2 = {http://www.iwsos.org/2008}, file_url = {http://www.net.fim.uni--passau.de/pdf/Holzer2008a.pdf}, note = {The original publication is available at www.springerlink.com (2008)} } @Inproceedings { Holzer2008b, author = {Holzer, Richard and de Meer, Hermann}, title = {On Modeling of Self--organizing Systems}, abstract = {A goal of computing and networking systems is to limit administrative requirements for users and operators. A technical systems should be able to configure itself as much as possible to increase the usability. This leads to the design of self--organizing systems. Self--organizing systems emerge as an increasingly important area of research, not only for computer networks but also in many other fields. For analyzing properties of complex systems, a mathematical model for these systems may be useful. Whether a model with discrete time or with continuous time fits better, depends on the properties of the system and which analysis should be done in the model. In this paper we give a comparison between discrete and continuous models and we give a formal definition for modeling continuous complex systems. Then this theory is applied to model slot--synchronization in wireless networks.}, year = {2008}, month = {Sep.}, booktitle = {Proc. of the 2th Int' Conf. on Autonomic Computing and Communication Systems (AUTONOMICS 2008)}, keywords = {Self--organization; Mathematical modeling; Systems}, tags = {EuroNF} } @Inproceedings { Oberender2008a, author = {Oberender, Jens O. and de Meer, Hermann}, title = {On the Design Dilemma in Dining Cryptographer Networks}, abstract = {In a Dining Cryptographers network, the anonymity level raises with the number of participating users. This paper studies strategic behavior based on game theory. Strategic user behavior can cause sudden changes to the number of system participants and, in consequence, degrade anonymity. This is caused by system parameters that influence strategic behavior. Additionally, conflicting goals of participants result in dilemma games. Properties of message coding, e.g. collision robustness and disrupter identification, change the game outcome by preventing dilemmas and, therefore, enhance anonymity. Properties of anonymity metrics are proposed that allow for strategic user behavior.}, year = {2008}, month = {Aug.}, isbn = {978--3--540--85734--1}, issn = {0302--9743 (Print); 1611--3349 (Online)}, booktitle = {Proc. of the 5th Int'l Conf. on Trust, Privacy, and Security in Digital Business (TrustBus)}, volume = {5185}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {163----172}, tags = {EuroFGI{\textunderscore}MMSOS, EuroNF}, web_url2 = {http://www.informatik.uni--trier.de/~ley/db/conf/trustbus/trustbus2008.html}, file_url = {http://www.net.fim.uni--passau.de/pdf/Oberender2008a.pdf}, note = {The original publication is available at www.springerlink.com (2008)} } @Inproceedings { Houyou2008c, author = {Houyou, Amine Mohamed and Stenzer, Alexander and de Meer, Hermann}, title = {Performance Evaluation of Overlay--based Range Queries for Mobile Systems}, abstract = {Current mobility management systems are operator centralized, and focused on single link technologies. In heterogeneous wireless mesh networks, vertical handovers could be a lengthy procedure. In order to support contextaware handovers between heterogeneous wireless cells, the mobile user needs to access information managed by administratively separate domains. Handover does not occur based on blind discovery mechanisms on the link layer but based on a pre--discovery of the wireless mesh topology using a context--aware search process. The mobile user has access to an overlay which forms a middleware that connects separate management domains, while allowing the user to retrieve uniform descriptions of underlying access technologies. Based on the topology information and access capabilities of the user, a context--aware handover is carried out. The overlay queries are sent to edge management servers to retrieve the cells’ status as near to real--time as possible. The query system uses the geographic context to both address the managed objects as well as structuring the overlay. An analytic study and simulation are used to quantify the communication overhead of such a range query. A design methodology is also extracted from both studies.}, year = {2008}, isbn = {978--3--540--89182--6}, DOI = {10.1007/978--3--540--89183--3{\textunderscore}16}, booktitle = {Proc. of the 4th Intl. Workshop of the EuroNGI/EuroFGI Network of Excellence on Wireless Systems and Mobility in Next Generation Internet}, volume = {5122}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {201----219}, tags = {DFG{\textunderscore}MoPi2, EuroFGI, EuroFGI{\textunderscore}MMSOS, EuroFGI{\textunderscore}VNETs, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Houyou2008c.pdf}, note = {The original publication is available at www.springerlink.com (2008)} } @Inproceedings { Herkenhoener2008a, author = {Herkenhoener, Ralph}, title = {Process Modeling for Privacy--conformant Biobanking ---- Case Studies on Modeling in UMLsec}, abstract = {The continuing progress in research on human genetics is highly increasing the demand on large surveys of voluntary donors' data and biospecimens. By this new dimension of acquiring and providing data and biospecimens, a new quality of biobanking arose. Using automated data and biospecimens handling along with modern communication channels -- such as the world wide web -- assigns new challenges to protection of the donor's privacy. Within current discussions on privacy and data protection an emerging result is the need of auditing privacy and data protection within biobanks. For this purpose, finding a proper way for describing biobanks in terms of a data protection audit is a vital issue. This paper presents how modeling in UMLsec can improve the description of biobanks with the objective of performing a data protection audit. It demonstrates the use of UMLsec for describing security characteristics regarding data protection issues on the basis of two case studies.}, year = {2008}, booktitle = {Proc. of the 6th Int'l Workshop on Security in Information Systems (WOSIS 2008)}, keywords = {UML; UMLsec; Privacy; Data protection; Process modeling; Audit; Biobank} } @Book { Wuechner2008d, author = {Wuechner, Patrick and Bolch, Gunter and de Meer, Hermann}, title = {Queueing Networks and Markov Chains -- 2nd Edition: Problems and Solutions}, abstract = {In 2006, the second edition of our textbook on \grqqQueueing Networks and Markov Chains {----} Modeling and Performance Evaluation with Computer Science Applications” was published. With completion of this solution manual, we are now pleased to offer additional support to lecturers who want to use the book for course work and assignments. In order to reserve the full benefit of the solution manual to lecturers, it may be worthwhile noting that access to the solution manual has been limited to lecturers only and access can only be gained through presentation of sufficient credentials to the publisher.}, year = {2008}, tags = {MOSEL2} } @Inproceedings { Cheng2008a, author = {Cheng, Lawrence and Galis, Alex and Mathieu, Bertrand and Jean, Kerry and Ocampo, Roel and Mamatas, Lefteris and Rubio--Loyola, Javier and Serrat, Joan and Berl, Andreas and de Meer, Hermann and Davy, Steven and Movahedi, Zeinab and Lef{\`e}vre, Laurent}, title = {Self--organising Management Overlays for Future Internet Services}, abstract = {Networks are becoming service--aware implying that all relevant business goals pertaining to a service are fulfilled, and also the network resources are used optimally. Future Internet Networks (FIN) have time varying topology (e.g. such networks are envisaged in Autonomic Internet [1], FIND program [2], GENI program [3], FIRE program [4], Ambient Networks [5], Ad--hoc networks [6]) and service availability and service context change as nodes join and leave the networks. In this paper we propose and evaluate a new self--organising service management system that manages such changes known as the Overlay Management Backbones (OMBs). The OMB is a self--organising solution to the problem space in which each OMB node is dynamically assigned a different service context task. The selection of OMB nodes is conducted automatically, without the need of relatively heavy--weighted dynamic negotiations. Our solution relies on the scalability and dynamicity advantages of Distributed Hash Tables (DHTs). This system is needed to select continuously, automatically, and dynamically a set of network nodes, to become responsible for collecting the availability information of service context in the changing network. This solution advances the state of the art avoiding dynamic negotiations between all network nodes reducing management complexity and cost for bandwidth--limited environments.}, year = {2008}, month = {Sep.}, isbn = {978--3--540--87354--9}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/978--3--540--87355--6{\textunderscore}7}, booktitle = {Proc. of the 3rd Int' Workshop on Modelling Autonomic Communications Environments (MACE2008)}, volume = {5276}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {74----89}, keywords = {Self--organised management; Autonomic internet; Distributed hash tables; Peer--to--peer}, tags = {AutoI, DFG{\textunderscore}MoPi2, EuroFGI, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Cheng2008a.pdf}, note = {The original publication is available at www.springerlink.com (2008)} } @Inproceedings { Elmenreich2008a, author = {Elmenreich, Wilfried and de Meer, Hermann}, title = {Self--Organizing Networked Systems for Technical Applications: A Discussion on Open Issues}, abstract = {The concept of self--organization has been examined oftentimes for several domains such as physics, chemistry, mathematics, etc. However, the current technical development opens a new field of selforganizing applications by creating systems of networked and massively distributed hardware with self--organized control. Having this view in mind, this papers reviews the questions: What is a self--organizing system?, What is it not?, Should there be a separate field of science for self--organizing systems?, and What are possible approaches to engineer a self--organizing control system?. The presented ideas have been elaborated at the Lakeside Research Days'08 (University of Klagenfurt, Austria), a workshop that featured guided discussions between invited experts working in the field of selforganizing systems.}, year = {2008}, month = {Dec.}, isbn = {978--3--540--92156--1}, DOI = {10.1007/978--3--540--92157--8{\textunderscore}1}, booktitle = {Proc. of the 3rd Int'l Workshop on Self--Organizing Systems (IWSOS 2008)}, volume = {5343}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {1----9}, tags = {EuroNF}, web_url2 = {http://www.iwsos.org/2008}, file_url = {http://www.net.fim.uni--passau.de/pdf/Elmenreich2008a.pdf}, note = {The original publication is available at www.springerlink.com (2008)} } @Inproceedings { Houyou2008a, author = {Houyou, Amine Mohamed and de Meer, Hermann}, title = {Supporting mobility in next generation Internet with a decentralized LBS}, abstract = {The recent emergence of a whole plethora of new wireless technologies, such as IEEE802.11, IEEE802.16, and UMTS, etc, also offers mobile users more diversity and possibilities for cheaper and opportunistic access to the Internet. In next generation Internet, media independence such as that proposed in IEEE 802.21, requires vertical handover between co--located heterogeneous wireless networks. Handover is, however, triggered through costly beaconing mechanisms which allow both end--device and networks to discover each other, and to detect movement. If the mobile device is made location--aware (e.g. GPS--equipped mobile phones with navigation systems), mobility could be supported by the location--awareness, and a vertical handover could be triggered without relying on frequent beacons on multiple wireless interfaces. As a result, less energy is required by the mobile node to discover wireless diversity. Instead, the mobile user discovers the network coverage via a decentralized LBS, which is designed in this work. The LBS manages location--based meta--data describing network topologies and their functionality. The description templates are managed on an overlay system connecting distributed location servers. The overlay network, which connects distributed LBS systems, is structured in way to limit the overhead introduced by the query. The structure of the network is mapped to the data structure. A design methodology is developed to ensure the localized query overhead, while taking mobility into account.}, year = {2008}, month = {Sep.}, issn = {1867--5433}, booktitle = {Proc. of the 5th GI/ITG KuVS Fachgespraech Ortsbezogene Anwendungen und Dienste}, volume = {42}, series = {Schriftenreihe der Georg--Simon--Ohm--Hochschule Nuernberg}, pages = {5----10}, tags = {AutoI, DFG{\textunderscore}MoPi2, EuroNF}, web_url2 = {http://www.wireless--earth.org/fg{\textunderscore}lbs/meeting{\textunderscore}5/FG{\textunderscore}Proceedings.pdf}, file_url = {http://www.net.fim.uni--passau.de/pdf/Houyou2008a.pdf} } @Article { Wuechner2008a, author = {Wuechner, Patrick and Sztrik, J{\'a}nos and de Meer, Hermann}, title = {The Impact of Retrials on the Performance of Self--Organizing Systems}, abstract = {This article describes the application of the theory of retrial queues in capturing certain aspects of self--organizing behavior that arises, for example, in Peer--to--Peer networks. It can be shown that retrials have a fair effect on the performance of such self--organizing systems, and thus, should be taken into account adequately during the design and evaluation of these systems. Moreover, it can be shown that there is a notable difference between finite--source and infinite--source retrial queueing models. The main goal of this paper is to show the practical applicability of retrial queues and some of their varieties.}, year = {2008}, month = {Jan.}, issn = {0930--5157}, journal = {Praxis der Informationsverarbeitung und Kommunikation (PIK)}, volume = {31}, publisher = {K. G. Saur Verlag}, pages = {29----33}, number = {1}, tags = {AutoI, DFG{\textunderscore}MathMod, EuroFGI, EuroFGI{\textunderscore}MMSOS, EuroNF, ResumeNet, MOSEL2}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2008a.pdf} } @Inproceedings { Davy2008a, author = {Davy, Steven and Fahy, Claire and Griffin, Leight and Boudjemil, Zohra and Berl, Andreas and Fischer, Andreas and de Meer, Hermann and Strassner, John}, title = {Towards a Policy--based Autonomic Virtual Network to support Differentiated Security Services}, abstract = {This paper presents an approach to provisioning network services in an autonomic network, using virtualised routers as an enabler. The approach provides business users a method of describing the requirements and behaviour of a set of network services using policies, while abstracting the users from complicated network configuration tasks. It then dimensions a virtual network dedicated to provisioning these services. Virtualization of the network resources enables a modularised approach in which fault tolerance, redundancy and security concerns are catered for, specific to the service requirements. Moreover, it enables concurrent handling of the (possibly conflicting) needs of several different services. The paper describes an initial prototype implementation and a use case designed to illustrate the benefits of the approach.}, year = {2008}, booktitle = {Proc. of the Int'l Conf. on Telecommunications and Multimedia (TEMU 2008)}, tags = {AutoI, DFG{\textunderscore}MoPi2, EuroFGI, EuroNF} } @Inproceedings { Fahy2008a, author = {Fahy, Claire and Davy, Steven and Boudjemil, Zohra and Meer, Sven and Rubio--Loyola, Javier and Serrat, Joan and Strassner, John and Berl, Andreas and de Meer, Hermann and Macedo, Daniel}, title = {Towards an Information Model That Supports Service--Aware, Self--managing Virtual Resources}, abstract = {The AUTOI project is creating a virtual communication resource overlay with autonomic characteristics to adapt the services and resources offered to meet changing user needs, business goals, and environmental conditions. Self--knowledge enables the network to reconfigure itself in the face of change to adapt its services according to business goals. The requirements of an information model, to support self--knowledge (concepts, characteristics and behaviour) are presented. This information model plus ontologies provide a common language to represent the self--management of the overlay. This position paper details the requirements in specifying such an information model and language, and describes how the model and language will be used within the project.}, year = {2008}, month = {Sep.}, isbn = {978--3--540--87354--9}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/978--3--540--87355--6{\textunderscore}9}, booktitle = {Proc. of the 3rd Int'l Workshop on Modelling Autonomic Communications Environments (MACE2008)}, volume = {5276}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {102----107}, keywords = {Information model; Service--aware; Virtual resource; Autonomic management}, tags = {AutoI, DFG{\textunderscore}MoPi2, ResumeNet, EuroFGI, EuroNF}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fahy2008a.pdf}, note = {The original publication is available at www.springerlink.com (2008)} } @Inproceedings { Feja2008a, author = {Feja, Sven and Herkenhoener, Ralph and Jensen, Meiko and Speck, Andreas and de Meer, Hermann and Schwenk, Joerg}, title = {Towards Modeling and Transformation of Security Requirements for Service--oriented Architectures}, abstract = {The design of secure network--based systems is a very important aspect of the software development processes. For process design and composition, the emerging model--driven software development approach discloses new challenges. Existing approaches often only focus on their specific view {----} i.e. business process modeling, security modeling, code generation{----}neglecting interoperability with and reusability of other approaches. This is a position paper, pointing out the need for combining process and security modeling of distributed services. Such an approach should cover code generation for service--oriented architectures, encapsulation of security modeling for processes, and security and privacy requirement specification.}, year = {2008}, booktitle = {Proc. of the 1st Euro--NF Workshop on Future Internet Architecture: New Trends in Service \\& Networking Architectures}, tags = {EFRE{\textunderscore}ITSEC, EuroNF, inSel} } @Inproceedings { Fischer2008b, author = {Fischer, Andreas and Berl, Andreas and de Meer, Hermann}, title = {Virtual Network Management with XEN}, abstract = {Due to the rise in hardware capabilities, virtualisation has been rediscovered as a valuable tool introducing an abstraction layer between software and the underlying hardware. One very flexible kind of virtualisation is called ,,system virtualisation'' -- it allows to virtualise whole operating systems, mediating access to the underlying hardware via a software layer called ,,hypervisor''. System virtualisation provides the option to run several operating systems in parallel on a single hardware instance.}, year = {2008}, month = {Oct.}, booktitle = {Proc. of the Herbsttreffen 2008 der GI/VTG Fachgruppe Betriebssysteme und KuVS}, tags = {AutoI, DFG{\textunderscore}MoPi2, EuroNF} } @Inproceedings { Fischer2008a, author = {Fischer, Andreas and Berl, Andreas and de Meer, Hermann}, title = {Virtualized Networks based on System Virtualization}, abstract = {The virtualization of networks is not a new idea in network research. Virtual Local Area Networks (VLANs) [2] and Virtual Private Networks (VPNs) like IPSec [10], are widely used to virtualize links. Also Overlays and Peer--to--Peer (P2P) networks [11] are a widely used approach to get an abstraction of the physical topology of networks. In projects like PlanetLab [7] or GENI [1] end--hosts which are located all over the world are virtualized. The approach of programmable networks [6] tries to achieve network virtualization by deploying programmable network elements into the core network. As an alternative, the method of system virtualization can be used to virtualize networks. Currently system virtualization is highly popular to virtualize servers in data centers to consolidate servers. But when this virtualization method is applied to a core network (consisting of routers and links) a new network model emerges from the combination of these technologies.}, year = {2008}, month = {Nov.}, booktitle = {Proc. of the 2nd GI/ITG KuVS Workshop on The Future Internet}, tags = {AutoI, DFG{\textunderscore}MoPi2, EuroNF}, web_url2 = {http://www.tm.uka.de/en/events/FutureInternet2008/pdf/Fischer{\textunderscore}slides.pdf}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fischer2008a.pdf} } @Article { Bohra2007a, author = {Bohra, Nafeesa and de Meer, Hermann}, title = {A Brief Introduction to VoIP and TVoIP}, abstract = {The Internet is evolving into a universal communication network and the next generation of Internet together with data will carry voice and video traffic over an IP infrastructure. The way the Internet is evolving in homes and in offices it has become an essential part of life as water and electricity. A revolution is occurring as organizations of all sizes begin to implement IP--based voice and video communication systems. VoIP, VoD (Video on Demand) and TVoIP are currently the most emerging applications that can be integrated over a single IP infrastructure. This paper gives a brief introduction about VoIP, VoD and TVoIP. What are the limitations and QoS requirements in order to integrate these services over an IP infrastructure?}, year = {2007}, issn = {1512--3979}, organization = {Georgian Technical University}, journal = {Transactions Automated Control Systems}, volume = {2}, publisher = {Publishing House Technical University}, address = {Tbilisi, Georgia}, pages = {116----124}, number = {1}, tags = {EuroFGI}, file_url = {http://www.net.fim.uni--passau.de/pdf/Bohra2007a.pdf} } @Inproceedings { HofmannA2007a, author = {Hofmann, Alexander and Dedinski, Ivan and Sick, Bernhard and de Meer, Hermann}, title = {A Novelty--Driven Approach to Intrusion Alert Correlation Based on Distributed Hash Tables}, abstract = {Distributed intrusion detection and prevention plays an increasingly important role in securing computer networks. In a distributed intrusion detection system, alerts or high--level meta--alerts are exchanged, aggregated, and correlated in a cooperative fashion to overcome the limitations of conventional intrusion detection systems. Substantial progress has been made, but current systems still suffer from various drawbacks: Most of them only distribute the data collection and not the analysis itself or they rely on a hierarchical or even centralized organization and/or communication architecture. Furthermore, the alerts or meta--alerts are usually aggregated at a pre--defined location and there is no reduction of the vast amount of alerts prior to distribution. Consequently, scalability is limited and any central component in the architecture introduces a ,,single point of failure''. We propose a completely distributed intrusion detection system based on distributed hash tables to efficiently exchange and aggregate alerts and meta--alerts in a cooperative, self--organizing, and load--balanced way. Independent intrusion detection agents publish their alerts based on a new novelty measure for alerts which prohibits the distribution of already known and hence worthless knowledge. The benefits of our approach are evaluated for a well--known probing attack.}, year = {2007}, month = {July}, isbn = {978--1--4244--1520--5}, issn = {1530--1346}, DOI = {10.1109/ISCC.2007.4381564}, booktitle = {Proc. of the 12th IEEE Symp. on Computers and Communications (ISCC 2007)}, publisher = {IEEE}, pages = {71----78}, tags = {EPSRC{\textunderscore}P2POpt, EuroFGI} } @Inproceedings { Dedinski2007b, author = {Dedinski, Ivan and Berl, Andreas and Hofmann, Alexander and Heglmeier, Sebastian and Sick, Bernhard and de Meer, Hermann}, title = {A Source Routing Solution to Non--Transitive Connectivity Problems in Distributed Hash Tables}, abstract = {Distributed hash tables are popular third generation P2P protocols which are well understood in theory. These protocols usually assume that every node in the overlay is able to exchange messages with any other overlay node. However, this assumption is not always true for real--world networks, including the PlanetLab or the entire Internet. In these networks, the non--transitive connectivity phenomenon is experienced, in which some overlay nodes are able to exchange messages with a certain node and others are not. This turned out to be a serious problem, particularly for structured P2P overlays. Non--transitive connectivity issues were mainly ignored by P2P research for a long time, but have been intensively discussed recently. This paper suggests a new measure for the degree of non--transitive connectivity and presents a comprehensive, source routing based solution, to overcome non--transitive connectivity problems in distributed hash tables.}, year = {2007}, month = {July}, isbn = {978--1--4244--1520--5}, issn = {1530--1346}, DOI = {10.1109/ISCC.2007.4381501}, booktitle = {Proc. of the 12th IEEE Symp. on Computers and Communications (ISCC 2007)}, publisher = {IEEE}, pages = {601----608}, tags = {DFG{\textunderscore}MoPi2, EPSRC{\textunderscore}P2POpt, EuroFGI}, file_url = {http://www.net.fim.uni--passau.de/pdf/Dedinski2007b.pdf} } @Inproceedings { Gruschka2007a, author = {Gruschka, Nils and Herkenhoener, Ralph and Luttenberger, Norbert}, title = {Access Control Enforcement for Web Services by Event--Based Security Token Processing}, abstract = {Access control and ensuring availability are important tasks for securing Web Services. Both requirements are not well studied on Web Services and especially not their interactions. However, considering this interaction is crucial. On one hand, access control is an established mechanism for protecting services from attacks targeting the service’s availability. On the other hand, enforcing access control on Web Services is a complex task and therefore access control implementations potentially offer new possibilities for attacks. In this paper a solution for Web Service access control enforcement is presented using an event--based processing model focusing on ensuring Web Service availability.}, year = {2007}, month = {Feb.}, booktitle = {Proc. of the 15th ITG/GI--Fachtagung Kommunikation in Verteilten Systemen (KIVS 2007)}, publisher = {VDE Verlag}, pages = {371----382}, file_url = {http://www.net.fim.uni--passau.de/pdf/Gruschka2007a.pdf} } @Techreport { Dedinski2007c, author = {Dedinski, Ivan and de Meer, Hermann}, title = {Advanced Application--Level Crawling Technique for Popular Filesharing Systems}, abstract = {P2P filesharing systems are causing the largest traffic ammount in todays Internet, which explains the interest of the research community. On the other hand, most of the filesharing trafic is caused by the exchange of illegal content. That makes research participation in such systems hard, since the systems try to protect themselves from observation. This paper presents an application level crawling technique for current filesharing systems that exploits the minimal openness of the filesharing system to perform a broadband content scan with minimum ressource usage. Such a technique can be used to continuously scan a filesharing system. The gathered information can be used by researchers for studying the dynamics of P2P systems or by companies trying to protect their copyrights. It also could be usefull to influence the behavior of such P2P systems, e.g., by an ISP traffic engineers. The technique was extensively evaluated through a series of measurements in the eDonkey filesharing network. The information gathered gives interesting insights about the behaviour of the users doing filesharing. Some behaviour patterns were found that influence the performance of the suggested technique in a very positive way, proving its feasability. These patterns indicate that a filesharing system should not only be regarded as a technical system, but has to be also viewed as a social network.}, year = {2007}, month = {May}, institution = {Faculty of Computer Science and Mathematics (FIM), University of Passau}, number = {MIP--0703}, tags = {EPSRC{\textunderscore}P2POpt, EuroFGI}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Dedinski2007c.pdf} } @Inproceedings { Dedinski2007a, author = {Dedinski, Ivan and Hofmann, Alexander and Sick, Bernhard}, title = {Cooperative Keep--Alives: An Efficient Outage Detection Algorithm for P2P Overlay Networks}, abstract = {One of the challenges of today's overlay networks, especially P2P, is still scalability. A key issue in almost all of the current overlay architectures is the link count per single node. If the link count is too high, the management overhead in terms of keep--alive messages increases. If the amount of links per node is too low, the resilience of the system against network splits decreases and the system can hardly route in an optimal way. Moreover, if keep--alive messages are not sent frequently enough, outdated information could be propagated, which again could cause net splits. This paper presents a new cooperative keep--alive algorithm that strongly reduces the costs for sending keep-- alive messages and, at the same time, preserves the effectiveness and reliability of standard keep--alive mechanisms in today's overlay networks. The algorithm allows to increase the number of links per node, and, thus, to improve the connectivity and routing efficiency in the network, while keeping the keep--alive overhead low. When used without increasing the link count, the algorithm reduces drastically the keep--alive traffic. The properties of the algorithm are evaluated analytically and simulatively and compared to existing keep--alive techniques.}, year = {2007}, month = {Sep.}, isbn = {0--7695--2986--0}, DOI = {10.1109/P2P.2007.26}, booktitle = {Proc. of the 7th Int'l IEEE Conf. on Peer--to--Peer Computing}, publisher = {IEEE}, pages = {140----150}, tags = {EPSRC{\textunderscore}P2POpt, EuroFGI} } @Inproceedings { Oberender2007a, author = {Oberender, Jens O. and Volkamer, Melanie and de Meer, Hermann}, title = {Denial--of--Service Flooding Detection in Anonymity Networks}, abstract = {Denial--of--Service (DoS) flooding attackers benefit from sender anonymity and exit node diversity. Anonymity networks provide this by hiding the communication relationship and therefore hinder attack detection. After the anonymity network purges IP headers, the attributes for clustering of traffic flows remain hidden. Message unlinkability provides network privacy. We design limited message linkability for clustering of traffic flows. Clusters of anonymous traffic are sufficient for flooding attack detection and also enable mitigation. The number of linkable messages is restricted to limit profile size and protect from privacy adversaries. In distributed scenarios, our incentive motivates use of a single entity. Message tags enable detection of flooding attacks. The set of linkable messages is limited, which cuts activity profile. Adversaries cannot influence message linkability of other parties. Senders dynamically govern their message linkability through the message arrival rate. During flooding to a single victim message linkability improves, enabling DoS detection for anonymity networks.}, year = {2007}, month = {Nov.}, booktitle = {Proc. of the IEEE Workshop on Monitoring, Attack Detection and Mitigation (MonAM 2007)}, tags = {EPSRC{\textunderscore}P2POpt, EuroFGI}, web_url2 = {http://www.fim.uni--passau.de/fileadmin/files/lehrstuhl/meer/dokus/pdf/conferences/oberender{\textunderscore}DenialOfServiceFloodingDetectionInAnonymityNetworks.ppt}, file_url = {http://www.net.fim.uni--passau.de/pdf/Oberender2007a.pdf} } @Article { Holzer2007a, author = {Holzer, Richard}, title = {Greechie diagrams of orthomodular partial algebras}, abstract = {Greechie diagrams are a well known graphical representation of orthomodular partial algebras, orthomodular posets and orthomodular lattices. Kalmbach and Dichtl gave some characterisations of Greechie diagrams of orthomodular posets and of orthomodular lattices under some assumptions, for example, that the family of blocks is pasted, or that the intersection of each pair of blocks contains less or equal than four elements. In this paper I present a generalisation of these characterisations for orthomodular partial algebras (or equivalently orthomodular posets). Here we consider arbitrary hypergraphs with finite lines. A Greechie diagram can be seen as a special hypergraph: Different points of the hypergraph have different interpretations in the corresponding partial algebra of type (2,1,0) and each line in the hypergraph has a maximal Boolean subalgebra as interpretation, in which the points are the atoms. A diagram is complete if each maximal Boolean subalgebra is induced by a line of the hypergraph. Every nontrivial orthomodular partial algebra with finite blocks is the interpretation of a Greechie diagram. The characterisation theorems in this paper provide conditions to check, whether a hypergraph is a complete diagram of an orthomodular partial algebra. This poperty can be checked without having to compute the interpretation. We just have to consider the lines in the hypergraph.}, year = {2007}, journal = {Algebra Universalis}, volume = {57}, pages = {419----453}, number = {4}, note = {Also available as Preprint 2165, TU--Darmstadt, FB Mathematik} } @Inproceedings { Wuechner2007b, author = {Wuechner, Patrick and de Meer, Hermann}, title = {Mathematical Modeling of Self--Organizing Systems}, abstract = {The evolution of the Internet reveals surprising turns and obstacles. Centralized approaches of introducing new services and architectures consistently failed to materialize at large scale. Quality of Service, group communication, and mobility support are only some examples for the difficulty with orchestrated approaches. The success story of the Internet, on the other hand, is strongly linked to decentralization. Robustness to failures or flexibility in introducing new applications such as the World Wide Web or Peer--to--Peer systems has been key momentum to technological advances and economics. Future networks are envisioned to be highly complex and difficult to manage due to heterogeneity of networks, spontaneous set--up of networks, and the envisioned number of interconnected devices, appliances, and artifacts. The concept of self--organization is widely spread in science among various disciplines. It has been applied successfully already in engineering and for describing the behavior of specific technical systems. Thus, self--organization is foreseen to play a major role in future communication systems.}, year = {2007}, month = {July}, booktitle = {Proc. of the 7th Wuerzburg Workshop on IP: Joint EuroFGI and ITG Workshop on ,,Visions of Future Generation Networks'' (EuroView 2007)}, publisher = {University of Wuerzburg}, address = {Wuerzburg, Germany}, tags = {EuroFGI, EuroFGI{\textunderscore}MMSOS}, web_url2 = {http://www3.informatik.uni--wuerzburg.de/ITG/2007/Presentations/Presentation--Wuechner.pdf}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2007b.pdf} } @Techreport { Tutschku2007a, author = {Tutschku, Kurt and Hossfeld, Tobias and Berl, Andreas and de Meer, Hermann and Oberender, Jens O.}, title = {Mobile P2P Applications in Infrastructure--based Mobile Networks}, abstract = {This article investigates how the P2P paradigm can be applied to wireless and mobile networks. In particular, it discusses the impact of device mobility on mobile P2P services and the selection of mobility management mechanisms for these systems.}, year = {2007}, month = {Jan.}, institution = {University of Wuerzburg, Institute of Computer Science}, tags = {DFG{\textunderscore}MoPi2, EPSRC{\textunderscore}P2POpt, EuroFGI} } @Techreport { Berl2007b, author = {Berl, Andreas and Dedinski, Ivan and Georgiew, Emanuel and de Meer, Hermann}, title = {Mobile P2P: Turning Heterogeneity to an Advantage}, abstract = {Peer--to--peer content--distribution networks have a large user community in the fixed Internet today and cause a noticeable part of Internet traffic. Enabling popular peer--to--peer applications on mobile devices in cellular networks is an interesting opportunity for both, customers and operators. However, when mobile devices join peer--to--peer networks, the networks become heterogeneous (e.g. differing link capacities, CPU power, etc.), leading to disadvantages for all peers in the network. Consequently, mobile devices need some kind of support to be integrated properly in content distribution networks. In this paper, the heterogeneity in peer--to--peer networks is not only considered as disadvantage but also as new opportunity. Mobile devices are identified as providers of advanced mobile features and services, being usually not available in the fixed Internet. Instead of considering mobile devices as bottlenecks, they are regarded as valuable partners in content distribution networks. Mobile features and services are made accessible to fixed peers, facilitating the integration of mobile devices into popular peer--to--peer networks.}, year = {2007}, month = {May}, institution = {Faculty of Computer Science and Mathematics (FIM), University of Passau}, number = {MIP--0705}, keywords = {Mobile peer--to--peer; Heterogeneity; Cellular networks; Content distribution; Incentives}, tags = {DFG{\textunderscore}MoPi2, EPSRC{\textunderscore}P2POpt, EuroFGI}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2007b.pdf} } @Techreport { Hlavacs2007a, author = {Hlavacs, Helmut and Hummel, Karin A. and Weidlich, Roman and Houyou, Amine Mohamed and de Meer, Hermann}, title = {Modelling Energy Efficiency in Distributed Home Environments}, abstract = {In this paper, we present a distributed approach for saving energy by sharing computing load in home networks. In our approach, possibly thousands of home computers may cooperate and send each other tasks which include services and applications running on a 24/7 basis. By concentrating as many tasks as possible on a small number of computers, idle computers may go asleep and thus consume almost no energy. We present the general architecture of our approach and analyse several 24/7 applications by modelling the potential energy consumption with and without application sharing, as well as the aspect of availability.}, year = {2007}, month = {Nov.}, institution = {Faculty of Computer Science and Mathematics (FIM), University of Passau}, number = {MIP--0713}, keywords = {Home networks; Energy efficiency; Distributed computing; Energy consumption; Modelling; Energy saving; Application sharing}, tags = {Coop{\textunderscore}Vienna, EuroFGI, EuroFGI{\textunderscore}VHE, FIT4Green, GLab{\textunderscore}related}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Hlavacs2007a.pdf} } @Inproceedings { Herkenhoener2007a, author = {Herkenhoener, Ralph}, title = {SAX--basierte Validierung von WS--Security--angereicherten SOAP--Nachrichten gegen eine Security Policy}, abstract = {Mit zunehmender Bedeutung des Paradigmas der Service--Oriented Architecture (SOA) finden auch vermehrt Web Services Anwendung. Diese XML--basierten Dienste werden mittels Internetprotokolle vornehmlich ueber unsichere Netze erbracht. In diesen Netzen koennen Nachrichten von nicht autorisierten Dritten abgehoert, zweckentfremdet oder manipuliert werden. Es besteht also Bedarf an Vertraulichkeit, Integritaet, authorisierung und Authentifizierung.}, year = {2007}, booktitle = {Proc. of the 2nd GI SIG SIDAR Graduate Workshop on Reactive Security} } @Inproceedings { Houyou2007a, author = {Houyou, Amine Mohamed and de Meer, Hermann}, title = {Self--Organizing Location--Aware Overlay Networks}, abstract = {Location--Aware P2P Architecture for 4--G Network organization; Fractal--based Hilbert addressing Function; Range Query Overhead for P2P Location Based Services (LBS)}, year = {2007}, month = {Sep.}, booktitle = {Proc. of the 2nd Int'l Workshop on Self--Organizing Systems: Demonstrations and Posters Session (IWSOS 2007)}, tags = {DFG{\textunderscore}MoPi2, EuroFGI, EuroFGI{\textunderscore}MMSOS, EuroFGI{\textunderscore}VNETs} } @Inproceedings { Jensen2007a, author = {Jensen, Meiko and Gruschka, Nils and Herkenhoener, Ralph and Luttenberger, Norbert}, title = {SOA and Web Services: New Technologies, New Standards -- New Attacks}, abstract = {Being regarded as the new paradigm for Internet communication, Web Services have introduced a large number of new standards and technologies. Though founding on decades of networking experience, Web Services are not more resistant to security attacks than other open network systems. Quite the opposite is true: Web Services are exposed to attacks well--known from common Internet protocols and additionally to new kinds of attacks targeting Web Services in particular. Along with their severe impact, most of these attacks can be performed with minimum effort from the attacker's side. In this paper we present a list of vulnerabilities in the context of Web Services. To proof the practical relevance of the threats, we performed exemplary attacks on widespread Web Service implementations. Further, general countermeasures for prevention and mitigation of such attacks are discussed.}, year = {2007}, booktitle = {Proc. of the 5th IEEE European Conf. on Web Services} } @Techreport { Berl2007a, author = {Berl, Andreas and Dedinski, Ivan and Houyou, Amine Mohamed and de Meer, Hermann}, title = {SOLD: Self--Organizing Lookups in DHTs for better Performance over Unstable P2P Overlay Links}, abstract = {The quality of service (QoS) of a distributed hash table (DHT) lookup is gaining importance with the growing number of services adopting the P2P paradigm. Examples of applications that could largely benefit from an improved timeliness and reliability of message exchange in DHTs are Domain Name System (DNS), or even newer types of distributed location--based services in a mobile environment. The bursty effects of Internet traffic on latency, congestion, and loss can change the short term state of the overlay links in the DHT. The quick changes to overlay link/node states cannot be taken into account while structuring long term P2P routes. This paper proposes self--organizing mechanisms to improve the QoS for DHT lookups, without changing the structure of the DHT network. Different kinds of lookup replication techniques are implemented on top of the DHT to restrict the influence of the heterogeneous capabilities of the overlay routes while offering self--adaptive and robust high performance lookups.}, year = {2007}, month = {March}, institution = {Faculty of Computer Science and Mathematics (FIM), University of Passau}, number = {MIP--0702}, tags = {DFG{\textunderscore}MoPi2, EPSRC{\textunderscore}P2POpt, EuroFGI}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2007a.pdf} } @Inproceedings { Wuechner2007a, author = {Wuechner, Patrick and Sztrik, J{\'a}nos and de Meer, Hermann}, title = {Structured Markov Chains Arising from Homogeneous Finite--Source Retrial Queues with Orbital Search}, abstract = {We consider retrial queueing systems with a finite number of homogeneous sources of calls, a single reliable server, and the search for orbiting customers by the server after job completion. During this investigation, the infinitesimal generator of the underlying (finite) continuous--time Markov chain takes a (level--dependent) QBD--like form. After solving for the steady state probabilities using the MOSEL--2 tool, the results show a surprising maximum of the mean response time. This maximum was already discovered by other researchers dealing with finite--source retrial queues. However, to our best knowledge, no thorough investigation was done yet why this maximum exists and in which way it depends on the system parameters. In the talk, after introducing the backgrounds of finite--source retrial queues with orbital search, a generalized stochastic Petri net is used to derive the underlying continuous--time Markov chain and its generator. Finally, using the seminar, we can hopefully bring forward discussions how to make more general statements on the parameter--dependent behavior of the response time's maximum.}, year = {2007}, month = {Nov.}, booktitle = {Proc. of the Dagstuhl Seminar on Numerical Methods for Structured Markov Chains}, volume = {07461}, publisher = {Schloss Dagstuhl, Leibniz--Zentrum fuer Informatik GmbH}, address = {Dagstuhl, Germany}, series = {Dagstuhl Seminar Proceedings}, tags = {DFG{\textunderscore}MathMod, EuroFGI, EuroFGI{\textunderscore}MMSOS, MOSEL2}, web_url2 = {http://www.dagstuhl.de/Materials/Files/07/07461/07461.WuechnerPatrick.ExtAbstract.pdf}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2007a.pdf} } @Article { Volkamer2007a, author = {Volkamer, Melanie and Hauff, Harald}, title = {Zum Nutzen hoher Zertifizierungsstufen nach den Common Criteria (I)}, abstract = {Computersysteme, bestehend aus Hard--und Software, werden heute sehr oft in kritischen Prozessen eingesetzt und sind darin den Produkten der klassischen Ingenieurwissenschaften vergleichbar. Anders als diese erweist sich jedoch gerade die Software oft als ,,work in progress'' , das sich vor allem durch die Notwendigkeit staendiger Upgrades auszeichnet. Unser zweiteiliger Beitrag untersucht, welche Effekte in diesem Zusammenhang der Einsatz formaler Entwicklungsmethoden haette.}, year = {2007}, issn = {1614--0702}, journal = {Datenschutz und Datensicherheit (DuD)}, volume = {31}, publisher = {Vieweg+Teubner Verlag}, pages = {692----695}, web_url2 = {http://www.viewegteubner.de/Zeitschrift/713/Datenschutz--und--Datensicherheit--DuD.html} } @Article { Volkamer2007b, author = {Volkamer, Melanie and Hauff, Harald}, title = {Zum Nutzen hoher Zertifizierungsstufen nach den Common Criteria (II)}, abstract = {Nachdem wir in Heft 9/2007 eine grundlegende Einfuehrung in die Common Criteria (CC) und den zugehoerigen Evaluierungsprozess gegeben haben, moechten wir diesmal die Vor-- und Nachteile einer solchen Zertifizierung erlaeutern.}, year = {2007}, issn = {1614--0702}, journal = {Datenschutz und Datensicherheit (DuD)}, volume = {31}, publisher = {Vieweg+Teubner Verlag}, pages = {766--768}, web_url2 = {http://www.viewegteubner.de/Zeitschrift/713/Datenschutz--und--Datensicherheit--DuD.html} } @Inproceedings { Wuechner2006b, author = {Wuechner, Patrick and de Meer, Hermann and Barner, Joerg and Bolch, Gunter}, title = {A brief Introduction to MOSEL--2}, abstract = {The versatile MOdeling, Specification and Evaluation Language is the core element of the MOSEL--2 tool. This description languages provides a high--level means for specifying models, performance measures, and the graphical presentation of results. The description languages is implemented in form of an evaluation environment that comprises translators to the modeling languages of several third--party performance evaluation tools that evaluate the specified model.}, year = {2006}, month = {March}, isbn = {978--3--8007--2945--6}, issn = {1512--3979}, organization = {GI/ITG/MMB, University of Erlangen}, booktitle = {Proc. of the 13th GI/ITG Conf. on Measurement, Modelling and Evaluation of Computer and Communication Systems (MMB 2006)}, journal = {Transactions Automated Control Systems}, volume = {1}, publisher = {VDE Verlag}, address = {Tbilisi, Georgia}, pages = {473----476}, tags = {EuroFGI, EuroNGI, MOSEL2}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2006b.pdf} } @Inproceedings { Wuechner2006a, author = {Wuechner, Patrick and de Meer, Hermann}, title = {Discrete--Event System Performance Modeling of Self--Organizing Systems}, abstract = {The contribution of this paper is twofold. On the one hand the authors give a brief survey on existing publications on the performance modeling of discrete--event systems and on the existing literature on the modeling of self--organizing systems. On the other hand an evaluation is started towards answering the question if modeling techniques designed for discrete--event systems are capable of describing self--organizing systems. We demonstrate that self--organizing systems share many properties of discreteevent systems. Thus, the well--known methods developed for the performance investigation of discrete--event system performance seem to be attractive for the performance evaluation of self--organizing systems.}, year = {2006}, month = {Sep.}, booktitle = {Proc. of the Technical Discussion on Performance Modeling of Self--Organizing Systems (PMSOS 2006)}, publisher = {University of Passau}, pages = {14----18}, tags = {EPSRC{\textunderscore}P2POpt, EuroFGI, EuroNGI}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2006a.pdf}, note = {Technical Report MIP--0609} } @Inproceedings { Gruschka2006b, author = {Gruschka, Nils and Luttenberger, Norbert and Herkenhoener, Ralph}, title = {Event--Based SOAP Message Validation for WS--SecurityPolicy--Enriched Web Services}, abstract = {To enable checking of SOAP messages for compliance to a given security policy, extensions to the classical ,,Schema--only'' validation of SOAP messages are required. These extensions check, if the WS--Security elements found in a SOAP message fulfill the Web Service security specification that is laid down in the WS--SecurityPolicy document. In this paper, we discuss to what extent the proposed extended validation of SOAP messages can be accomplished by an event--based validation system. We prefer this type of processing for use in network appliances like e.g.Web Service--level firewalls, because it is suited to resist DoS attacks that aim at memory exhaustion. We identify some of the constraints on the use of both WS--Security and WSSecurityPolicy that must be introduced to allow for event--based parsing, and finally present an initial prototype for extended validation together with some performance figures.}, year = {2006}, booktitle = {Proc. of the 2006 Int'l Conf. on Semantic Web \\& Web Services (SWWS 2006)}, keywords = {Web services; WS--SecurityPolicy; SOAP message validation; Event--based XML processing} } @Inproceedings { Knoche2006a, author = {Knoche, Hendrik and de Meer, Hermann and Kirsh, David}, title = {Extremely Economical: How Key Frames Affect Consonant Perception under Different Audio--Visual Skews}, abstract = {In audio--visual telecommunication, low video frame rates represent a popular method for saving on bandwidth requirements. When key frames displayed the extremes of lip movements we found that participants performed comparably to standard displays at 30 frames per second. Experiments were conducted to compare the effectiveness of a small number of algorithmically chosen key frames -- typically 7 to 8 frames per second (fps) -- to 30fps displays where audio and video were out of synch by as much as 233ms. Noised non--sense words like 'abagava' were presented to 20 participants who were asked to identify the middle consonant. The results indicate that key frame displays are as effective as 30fps when audio lags video by 87 to 167ms. Despite the low temporal resolution and varying exposure lengths, participants were able to integrate the given bi--modal information as well as the 30fps condition if the audio channel lagged the video by 87ms. The latter is recognized as being within the region of optimal audio--visual (AV) integration.}, year = {2006}, booktitle = {Proc. of the 16th World Congress on Ergonomics (IEA 2006)}, keywords = {Video Communication; Multimedia; Human Factors; Speech Perception; Synchronization} } @Article { DeMeer2006b, author = {de Meer, Hermann and Wuechner, Patrick and Schmitt, Jens B. and Hollick, Matthias}, title = {GI/ITG/MMB/KUVS Fachgespraech Performance Modeling Of Self--Organizing Systems ({PMSOS'06})}, abstract = {Self--organization is expected to play a key architectural role for the future Internet as well as for large--scale pervasive computing systems such as wireless sensor networks. In conjunction with the ,,International Workshop on Self--Organizing Systems (IWSOS 2006)'', we organized the first ,,GI/ITG/MMB/KuVS Fachgespraech on Performance Modeling of Self--Organizing Systems (PMSOS'06)''. The event was hosted by the chair of Computer Networks \& Communications of Universitaet Passau. To make the Fachgespraech as attractive as possible, we introduced and trialed a novel dialogueintensifying format for discussions. In the aftermaths of the workshop, we have been able to collect evidence that the participants considered the workshop to be very vital and stimulating.}, year = {2006}, month = {Dec.}, journal = {Praxis der Informationsverarbeitung und Kommunikation (PIK)}, volume = {29}, publisher = {K. G. Saur Verlag}, pages = {258----262}, number = {4}, tags = {EuroFGI, EuroNGI}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2006b.pdf} } @Article { Bohra2006a, author = {Bohra, Nafeesa and de Meer, Hermann}, title = {IP Multicast Routing Algorithms and Protocols for TVoIP}, abstract = {There has been a great interest in developing and delivering the live TV broadcast over an all--IP infrastructure in the same way as the TV is broadcasted today through satellite, cable or terrestrial network. This paper basically discusses the main aspects of IP multicasting that can be used for broadcasting live TV. Multicasting technology is an important feature that can be used by IP--networks and allows an efficient distribution of content from single source to multiple destinations and it is a practical solution in implementing the services like TVoIP/VoIP, VoD/MoD, and Internet access over an existing infrastructure using broadband technology like DSL (Digital Subscriber Line). The paper mainly concentrates upon the multicast protocols and algorithms used by these protocols in order to provide a platform to support one--to--many and many--to--many applications as, presently most of the IP infrastructure is based on unicast networks whereas IP--multicast networks are much more efficient.}, year = {2006}, issn = {1512--3979}, organization = {Georgian Technical University}, journal = {Transactions Automated Control Systems}, volume = {1}, publisher = {Publishing House Technical University}, address = {Tbilisi, Georgia}, pages = {199----209}, tags = {EuroNGI}, file_url = {http://www.net.fim.uni--passau.de/pdf/Bohra2006a.pdf} } @Article { Berl2006a, author = {Berl, Andreas and de Meer, Hermann}, title = {Mobility, Mobility Management Mechanisms, and a Mobile P2P Architecture}, abstract = {Mobility management mechanisms are used to provide mobility. Different kinds of mobility require different mobility management mechanisms. Common P2P applications are designed for fixed networks. Applying mobility to P2P applications is still a research issue. There are some approaches to improve P2P overlay networks in order to support the mobility of users.}, year = {2006}, issn = {1512--3979}, organization = {Georgian Technical University}, journal = {Transactions Automated Control Systems}, volume = {1}, publisher = {Publishing House Technical University}, address = {Tbilisi, Georgia}, pages = {179----186}, tags = {DFG{\textunderscore}MoPi2, EuroNGI}, file_url = {http://www.net.fim.uni--passau.de/pdf/Berl2006a.pdf} } @Techreport { Bolch2006b, author = {Bolch, Gunter and Roszik, Janos and Sztrik, J{\'a}nos and Wuechner, Patrick}, title = {Modeling Finite--Source Retrial Queueing Systems with Unreliable Heterogeneous Servers and Different Service Policies using MOSEL}, abstract = {This paper deals with the performance analysis of multiple server retrial queueing systems with a finite number of homogeneous sources of calls, where the heterogeneous servers are subject to random breakdowns and repairs. The requests are serviced according to Random Selection and Fastest Free Server disciplines. The novelty of this investigation is the introduction of different service rates and different service policies together with the unreliability of the servers, which has essential influence on the performance of the system, and thus it plays an important role in practical modeling of computer and communication systems. All random variables involved in the model construction are assumed to be exponentially distributed and independent of each other. The main steady--state performability measures are derived, and several numerical calculations are carried out by the help of the MOSEL tool (Modeling, Specification and Evaluation Language) under different service disciplines. The numerical results are graphically displayed to illustrate the effect of failure rates on the mean response time and on the overall system's utilization.}, year = {2006}, month = {Nov.}, isbn = {0--9553018--4--X (Print); 0--9553018--3--1 (CD)}, institution = {Faculty of Computer Science and Mathematics (FIM), University of Passau}, booktitle = {Proc. of the 14th Int'l Conf. on Analytical and Stochastic Modelling Techniques and Applications (ASMTA 2007)}, pages = {75----80}, number = {MIP--0611}, keywords = {Performance and Reliability Evaluation; Retrial Queuing System Model; Unreliable Heterogeneous Servers}, tags = {DFG{\textunderscore}MathMod, EPSRC{\textunderscore}P2POpt, EuroFGI, EuroNGI, MOSEL2}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Bolch2006b.pdf} } @Book { Bolch2006a, author = {Bolch, Gunter and Greiner, Stefan and de Meer, Hermann and Trivedi, Kishor S.}, title = {Queueing Networks and Markov Chains -- 2nd Edition}, abstract = {Information processing system designers need methods for the quantification of system design factors such as performance and reliability. Modern computer, communication, and production line systems process complex workloads with random service demands. Probabilistic and statistical methods are commonly employed for the purpose of performance and reliability evaluation. The purpose of this book is to explore major probabilistic modeling techniques for the performance analysis of information processing systems. Statistical methods are also of great importance but we refer the reader to other sources [Jain91,Triv82] for this topic. Although we concentrate on performance analysis, we occasionally consider reliability, availability, and combined performance and reliability analysis. Performance measures that are commonly of interest include throughput, resource utilization, loss probability, and delay (or response time).}, year = {2006}, month = {April}, isbn = {978--0--471--56525--3 (Print); 978--0--471--79157--7 (Online)}, DOI = {10.1002/0471791571}, edition = {2nd}, publisher = {John Wiley \\& Sons}, tags = {EuroNGI, MOSEL2} } @Misc { Oberender2006a, title = {Security Considerations for Next Generation Internet}, abstract = {Security will play a dominante role in future communications. While an increasing number of users have access to a huge variety of services, at the same time, they are exposed to global security risks in an increasingly hostile environment. Thus, there is an obvious risk of using the common network for increasingly critical processes (e--commerce, e--health, etc.), while at the same time the ever--increasing possibilities of accessing the Internet, e.g. though wireless or mobile networks pose new challenges of keeping the level of security high enough and to answer the trust that users put in ICT systems. Security breaches ---- whether they are real or just rumours ---- might keep people from using Internet and its services. In the short run, this implies reduced income for application, service and network providers; in the long run, Internet's basic reputation might be severely damaged. Protection against misuse or attacks is therefore a vital objective to establish, maintain and strengthen the trust of users and service providers of information technology. Thus, considerations for maintaining security are important for future network architectures.}, year = {2006}, month = {Nov.}, organization = {Network of Excellence Euro--NGI}, number = {6.3.7}, tags = {EuroNGI}, web_url2 = {http://eurongi.enst.fr/p{\textunderscore}en{\textunderscore}Publicat{\textunderscore}deliverabl{\textunderscore}DWPJRA{\textunderscore}346.html}, note = {Deliverable} } @Proceedings { DeMeer2006a, title = {Self--Organizing Systems -- First International Workshop, IWSOS 2006, and Third International Workshop on New Trends in Network Architectures and Services, EuroNGI 2006, Passau, Germany, September 18--20, 2006 Proceedings}, abstract = {We welcome you to the proceedings of the workshop on self--organizing systems, held at the University of Passau, located at the confluence of the Danube, Inn, and Ilz rivers, in the beautiful state of Bavaria, Germany! We hope you enjoyed your time in this ancient and historic city. Self--organizing systems emerge as an increasingly important area of research, particularly for computer networks. Auto--configuration and self--organization are key enablers for network optimization, self--management, self--diagnosis, selfrepair, and autonomic networking in support of the increasing complexity and demands on the global Internet, as well as for emerging technologies such as ad--hoc, sensor, and peer--to--peer overlay networks.}, year = {2006}, isbn = {978--3--540--37658--3}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/11822035}, volume = {4124}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, editor = {De Meer, Hermann and Sterbenz, James P. G.}, tags = {EuroNGI}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2006a.pdf}, note = {The original publication is available at www.springerlink.com (Sep. 2006)} } @Techreport { DeMeer2006c, author = {de Meer, Hermann and Wuechner, Patrick and Houyou, Amine Mohamed}, title = {Self--Organizing Systems: New Trends in Architectures and Performance Modeling}, abstract = {Self--organization plays a key architectural role for the future Internet. Self--organization will enhance flexibility and evolvability of organically growing, large--scale distributed systems, e.g., of large--scale pervasive computing systems such as wireless sensor networks. These statements could be proved by the technical program of the IWSOS 2006. Sixteen high--quality papers were selected by a thorough review process out of more than 70 submissions from 21 different countries. The technical program of the IWSOS 2006 was particularly covering application--oriented topics like: the dynamics of structured and unstructured overlays; self--organization in grids, peer--to--peer networks, wireless environments, and autonomic computing; and the application of self--organization for enhancing network management and routing. The program of the IWSOS 2006 has been supplemented, besides the social events and tutorials, by a poster session on the role of ,,Self--organization in European Next Generation Internet'' and also by a Technical Discussion on ,,Performance Modeling of Self--Organizing Systems''. The two parts of the technical report on hand is used to make the contributions to the poster session (Part I) and technical discussion (Part II) available to a broader community.}, year = {2006}, month = {Sep.}, institution = {Faculty of Computer Science and Mathematics (FIM), University of Passau}, number = {MIP--0609}, tags = {EuroFGI, EuroNGI}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2006c.pdf}, note = {Supplementary Proc. of IWSOS/PMSOS} } @Inproceedings { Ocampo2006a, author = {Ocampo, Roel and Galis, Alex and Todd, Chris and de Meer, Hermann}, title = {Towards Context--Based Flow Classification}, abstract = {An essential functionality for context--aware networks would be the ability to classify traffic into logical flows and to determine the characteristics of these flows, for various purposes such as QoS provisioning, traffic limiting and shaping, security filtering and access control, policy--based routing, adaptation, service triggering, and long--term network monitoring and management. In this paper we explore a multi--dimensional scheme of classifying flows based on both their intrinsic characteristics and on some relevant external factors, that is, we classify flows based on their context. We demonstrate the use of ontologies to formally model flow context for software design purposes and as a vocabulary for runtime context exchange and processing, and describe the implementation of a system that demonstrates context--based flow classification.}, year = {2006}, month = {July}, isbn = {0--7695--2653--5}, booktitle = {Proc. of the 2nd IEEE Intl. Conf. on Autonomic and Autonomous Systems (ICAS 2006)}, publisher = {IEEE}, pages = {44----44} } @Inproceedings { Gruschka2006a, author = {Gruschka, Nils and Herkenhoener, Ralph and Luttenberger, Norbert}, title = {WS--SecurityPolicy Decision and Enforcement for Web Service Firewalls}, abstract = {A known weakness of Web Services is their vulnerability to Denial of Service attacks exploiting XML processing characteristics. To protect Web Services from these attacks, extended validation of SOAP messages{----}considering WS--Security and WS--SecurityPolicy{----}is made. For SOAP security is message oriented, the processing of the security content itself is vulnerable to Denial of Service attacks. Hence, it is necessary to combine WS--Security processing and DoS protection. In this paper, we present our solution for WS--SecurityPolicybased policy decision within Web Service Firewalls. For this, we give a technical description and an algorithm addressing major parts of policy decision, as well as a proposal for enhancing message signature identification. Further, we argue for advancing protection of Web Services by improved policy enforcement. This paper contributes to understanding the complexity of protecting Web Services by security gateways.}, year = {2006}, booktitle = {Proc. of the IEEE/IST Workshop on Monitoring, Attack Detection and Mitigation (MonAM 2006)}, pages = {19----25}, web_url2 = {http://www.diadem--firewall.org/workshop06/} } @Inproceedings { Kouvatsos2005a, author = {Kouvatsos, Demetres and Assi, Salam A. and Mkwawa, Is--Haka and Casares--Giner, Vicente and de Meer, Hermann and Houyou, Amine Mohamed}, title = {An Information Theoretic Approach to Mobility Management: An Overview}, abstract = {This tutorial is concerned with location management schemes in wireless networks. It presents an overview of research issues studying the concept of mobility and location management schemes with particular emphasis on the role of an information theoretic approach in the field.}, year = {2005}, month = {July}, isbn = {0--9550624--2--X}, booktitle = {Proc. of the 3rd Int'l Working Conf. on Performance Modelling and Evaluation of Heterogeneous Networks (HET--NETs 2005)}, pages = {pp.T10/--25}, keywords = {Mobility management; Location update; Paging; User mobility; MT, MS; Location based service; Ziv--Lempel algorithms; Entropy; Location uncertainty; Graph theory; Clustering; Information theoretic concepts; Decomposition criteria}, tags = {EuroNGI, EuroNGI{\textunderscore}ACT--ABC} } @Incollection { DeMeer2005c, author = {de Meer, Hermann and Koppen, Christian}, title = {Characterization of Self--organization}, abstract = {Self--organization is used in many disciplines to refer to several, related phenomenons. Some of the more prominent phenomenons summarized under the umbrella of self--organization are autonomy, self--maintenance, optimization, adaptivity, rearrangement, reproduction or emergence. An exact match, however, has yet to be accomplished. Even in the context of this book on Peerto-- Peer systems, self--organization is used in various forms to relate to several interesting but distinct properties of Peer--to--Peer networking. Before Peer--to--Peer networks are analyzed in more detail in Chapter 16 for their degree of affinity to self--organization, we juxtapose selected but prominent definitions and criteria of self--organization from all disciplines in this chapter.}, year = {2005}, month = {Nov.}, isbn = {978--3--540--29192--3}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/11530657{\textunderscore}15}, booktitle = {Peer--to--Peer Systems and Applications}, volume = {3485}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, editor = {Steinmetz, Ralf and Wehrle, Klaus}, pages = {227----246}, tags = {EuroNGI}, note = {The original publication is available at www.springerlink.com (2005)} } @Inproceedings { Hossfeld2005a, author = {Hossfeld, Tobias and Maeder, Andreas and Tutschku, Kurt and Tran--Gia, Phuoc and Andersen, Frank--Uwe and de Meer, Hermann and Dedinski, Ivan}, title = {Comparison of Crawling Strategies for an Optimized Mobile P2P Architecture}, abstract = {Mobile networks differ from their wireline counterparts mainly by the high costs for air transmissions and by the mobility of the users. A new entity, denoted as the crawling peer, is suggested in order to optimize the resource mediation mechanism for a mobile P2P file sharing application. The crawling peer locates content on behalf of mobile peers. It is placed in the wireline part of the mobile network and thus, does not suffer from the above mentioned restrictions. The crawling peer is part of a comprehensive mobile P2P file sharing architecture [1] which is based on the popular eDonkey file sharing application. The performance of three querying strategies of the crawling peer is investigated with respect to banning at the index servers and the response time of requests, i.e. the time to find a file. The results show that the selection of an appropriate request strategy for the crawling peer maximizes the probability of locating a file while the probability to be banned by an eDonkey index server is minimized.}, year = {2005}, month = {Aug.}, booktitle = {Proc. of the 19th Int'l Teletraffic Congress (ITC--19)}, keywords = {P2P; Mobile network architecture; Resource mediation}, tags = {EuroNGI, MoPi1} } @Inproceedings { Knoche2005a, author = {Knoche, Hendrik and de Meer, Hermann and Kirsh, David}, title = {Compensating for low frame rates}, abstract = {Experiments were conducted to investigate the interdependency of frame rates (30, 15, 10 fps) and audio--visual skew (from +163 to --233 ms). Noised nonsense words like 'abagava' were presented to 20 participants who were asked to identify the middle consonant. At low frame rates (10 fps) consonant perception was impaired when audio ran ahead of video content (skew of +113 to --233ms). When audio lagged video, performance improved monotonically to a maximum at +167ms, where performance equaled 30fps in synch. The results suggest that frame rate and skew are not orthogonal parameters but must both be taken into consideration for AV--delivery. The findings do not support the current notion that 10 fps videos do not adequately capture visual content for speech perception. Participants were able to integrate the given bi--modal information as well as the 30 fps condition if the audio channel was subjected to an additional 167ms delay.}, year = {2005}, isbn = {1--59593--002--7}, DOI = {10.1145/1056808.1056964}, booktitle = {Proc of the Conf. on Human Factors in Computing Systems (CHI 2005)}, publisher = {ACM}, address = {New York, NY, USA}, pages = {1553----1556}, keywords = {Audio--visual integration; Frame rates; Skew; Speech perception} } @Inproceedings { Dedinski2005a, author = {Dedinski, Ivan and de Meer, Hermann and Han, Liangxiu and Mathy, Laurent and Pezaros, Dimitrios P. and Sventek, Joe S. and Xiaoying, Zhan}, title = {Cross--Layer Peer--to--Peer Traffic Identification and Optimisation Based on Active Networking}, abstract = {P2P applications appear to emerge as ultimate killer applications due to their ability to construct highly dynamic overlay topologies with rapidly--varying and unpredictable traffic dynamics, which can constitute a serious challenge even for significantly over--provisioned IP networks. As a result, ISPs are facing new, severe network management problems that are not guaranteed to be addressed by statically deployed network engineering mechanisms. As a first step to a more complete solution to these problems, this paper proposes a P2P measurement, identification and optimisation architecture, designed to cope with the dynamicity and unpredictability of existing, well--known and future, unknown P2P systems. The purpose of this architecture is to provide to the ISPs an effective and scalable approach to control and optimise the traffic produced by P2P applications in their networks. This can be achieved through a combination of different application and network--level programmable techniques, leading to a cross--layer identification and optimisation process. These techniques can be applied using Active Networking platforms, which are able to quickly and easily deploy architectural components on demand. This flexibility of the optimisation architecture is essential to address the rapid development of new P2P protocols and the variation of known protocols. }, year = {2005}, month = {Nov.}, isbn = {978--3--642--00971--6}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/978--3--642--00972--3{\textunderscore}2}, booktitle = {Proc. of the 7th Int'l Working Conf. on Active and Programmable Networks (IWAN 2005)}, volume = {4388}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {13----27}, tags = {EPSRC{\textunderscore}P2POpt, EuroNGI}, note = {The original publication is available at www.springerlink.com (2009)} } @Inproceedings { Holzer2005a, author = {Holzer, Richard and de Meer, Hermann and Lehner, Franz and Bremen, Georgina}, title = {Der Beitrag von Peer--to--Peer--Technologien fuer das Wissensmanagement}, abstract = {In Unternehmen wird Wissensmanagement zur Verbesserung von Wissenskommunikation und zur Steigerung von Innovationsprozessen eingesetzt. In dieser Arbeit wird ein Werkzeug vorgestellt, welches auf der Peer--to--Peer--Technologie basiert und den Wissensmanagement--Kreislauf unterstuetzt, indem es geeignete Funktionalitaeten zur Beseitigung einiger Defizite bei Wissensmanagement bereitstellt und die Innovationsprozesse und Kommunikation der Mitarbeiter foerdert.}, year = {2005}, month = {Oct.}, booktitle = {Proc. of the 7th Conf. zum Einsatz von Knowledge Management in Wirtschaft und Verwaltung (KnowTech 2005)}, publisher = {Bitkom}, pages = {425----432}, tags = {EuroNGI} } @Inproceedings { Oberender2005a, author = {Oberender, Jens O. and Andersen, Frank--Uwe and de Meer, Hermann and Dedinski, Ivan and Hossfeld, Tobias and Kappler, Cornelia and Maeder, Andreas and Tutschku, Kurt}, title = {Enabling Mobile P2P Networking}, abstract = {In this paper we present a P2P file--sharing architecture optimized for mobile networks. We discuss the applicability of current P2P techniques for resource access and mediation in the context of 2.5G/3G mobile networks. We investigate a mobile P2P architecture that is able to reconcile the decentralized operation of P2P file sharing with the interests of network operators, e. g. control and performance. The architecture is based on the popular eDonkey protocol and is enhanced by additional caching entities and a crawler.}, year = {2005}, month = {June}, isbn = {978--3--540--25329--7}, issn = {0302--9743 (Print); 1611--3349 (Online)}, booktitle = {Proc. of the 1st Int'l EURO--NGI Network of Excellence Workshop on Wireless Systems and Mobility in Next Generation, Revised Selected Papers}, volume = {3427}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {219----234}, tags = {EuroNGI, MoPi1}, file_url = {http://www.net.fim.uni--passau.de/pdf/Oberender2005a.pdf}, note = {The original publication is available at www.springerlink.com (2005)} } @Inproceedings { Ocampo2005a, author = {Ocampo, Roel and Galis, Alex and de Meer, Hermann and Todd, Chris}, title = {Implicit Flow QoS Signaling Using Semantic--Rich Context Tags}, abstract = {An important feature of future context--aware and adaptive networks would be the ability to provide QoS to user flows. Our approach enables end--hosts and other devices to expose and provide context information to the network to support underlying QoS mechanisms, including adaptation. We discuss the key elements of our approach and demonstrate its use in an experimental scenario.}, year = {2005}, month = {June}, isbn = {978--3--540--26294--7}, issn = {0302--9743 (Print); 1611--3349 (Online)}, booktitle = {Proc. of the 13th Int'l Workshop on Quality of Service (IWQoS 2005)}, volume = {3552}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {369----371}, tags = {EuroNGI}, note = {The original publication is available at www.springerlink.com (2005)} } @Inproceedings { Wuechner2005a, author = {Wuechner, Patrick and de Meer, Hermann and Barner, Joerg and Bolch, Gunter}, title = {MOSEL--2 -- A Compact But Versatile Model Description Language And Its Evaluation Environment}, abstract = {In this paper we present the current version of the MOdeling, Specification and Evaluation Language MOSEL--2 and show its applicability for performance and reliability modeling and evaluation of systems with Markovian and non--Markovian behavior. The tool MOSEL--2 consists of two major components: the description language and the evaluation environment. The description language is the core element of MOSEL--2 and provides a high--level means for specifying models, performance measures, and the graphical presentation of the results of these measures. MOSEL--2’s evaluation environment includes a set of model translators that allow automatic translation of MOSEL--2 models to the model descriptions of several third--party performance evaluation tools. MOSEL--2 uses these tools to evaluate the model by numerical analysis or simulation. The results returned are collected by MOSEL--2 and presented in a unified textual and graphical form. This novel concept exempts the users from learning a new model specification language and rewriting all models each time they have to change a probability distribution within their models. A new and unique concept has been added that allows the automatic approximation of non--Markovian distributions by Markovian constructs. The goal of our ongoing research is to enhance the modeling and evaluation power of MOSEL--2 steadily. This paper aims to give an introduction to the current version of the MOSEL--2 language and its evaluation environment demonstrating the most recent improvements.}, year = {2005}, month = {September}, booktitle = {Proc. of the Workshop MMBnet 2005}, publisher = {University of Hamburg}, keywords = {MOSEL--2; Model description language; Evaluation environment; Performance modeling}, tags = {EuroNGI, MOSEL2}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2005a.pdf} } @Inproceedings { Oberender2005b, author = {Oberender, Jens O. and de Meer, Hermann}, title = {P2P Replication Revisited: Mobile Infrastructures}, abstract = {Traffic engineering in P2P networks deals with organizing overlay networks. The challenge of unavailability has not been mastered yet. Considering the resource allocation can gain further improvements. While adapting P2P file sharing onto mobile infrastructures, we learned that replication is a solution to both issues: availability and traffic optimization.}, year = {2005}, isbn = {3--88579--390--3}, booktitle = {Proc. of the 14th Fachtagung Kommunikation in Verteilten Systemen 2005 (KIVS 2005)}, volume = {61}, publisher = {GI}, series = {Lecture notes in Informatics (LNI)}, pages = {211----214}, tags = {EuroNGI} } @Inproceedings { Houyou2005a, author = {Houyou, Amine Mohamed and de Meer, Hermann and Esterhazy, Moritz}, title = {P2P--based Mobility Management for Heterogeneous Wireless Networks and Mesh Networks}, abstract = {The recent emergence of a whole plethora of new wireless technologies, such as IEEE802.15, IEEE802.11, and UMTS, etc, has exposed the limitations of mobility solutions in the next generation Internet. Current mobility management systems are operator specific, centralized, and focused on single link technology. A rethink of how to exploit context awareness, lead by the emergence of sensor networks and pervasive computing, is explored. This paper suggests a roaming technique taking pervasiveness and self--awareness into consideration, by first, moving the intelligence to the mobile terminals. The mobile devices should look themselves for the most suitable wireless network. We also propose to organize the wireless mesh networks in a context--aware peer--to--peer network.}, year = {2005}, month = {July}, isbn = {978--3--540--34025--6}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/11750673}, booktitle = {Proc. of the 2nd Int'l Workshop of the EURO--NGI Network of Excellence on Wireless Systems and Network Architectures in Next Generation Internet}, volume = {3883}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {226----241}, keywords = {Mobility management; Heterogeneous wireless networks; Context--awareness; Peer--to--peer}, tags = {EuroNGI, EuroNGI{\textunderscore}ACT--ABC}, file_url = {http://www.net.fim.uni--passau.de/pdf/Houyou2005a.pdf}, note = {The original publication is available at www.springerlink.com (2006)} } @Techreport { Houyou2005b, author = {Houyou, Amine Mohamed and Holzer, Richard and de Meer, Hermann and Heindl, Michael}, title = {Performance of Transport Layer Protocols in LEO Pico--Satellite Constellations}, abstract = {Integrating TCP/IP on Low Earth Orbit (LEO) satellites can add a comparatively reliable space segment to the Internet on the ground. Such an extension to the Internet will offer connectivity on a global scale which can overcome catastrophe scenarios or simply the lack of ground infrastructure. This paper contains a survey about the usage of different transport protocols in IP based networks with satellites. The performance of such transport protocols is tested in a simulation environment based on data of the experimental picosatellite UWE--1, built at the University of Wuerzburg. The advantage of flexible satellite constellations and the use of intersatellite links will be reviewed in the context of transport layer performance. The simulations compare some transport protocols, studied in the literature, while varying the geometric parameters of the constellation.}, year = {2005}, month = {Dec.}, institution = {Faculty of Computer Science and Mathematics (FIM), University of Passau}, number = {MIP--0502}, keywords = {Satellite Links; LEO Constellations; TCP/IP}, tags = {EuroNGI}, web_url2 = {http://www.fim.uni--passau.de/en/research/technical--reports/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Houyou2005b.pdf} } @Proceedings { Bossardt2005a, author = {Bossardt, Matthias and Carle, Georg and Hutchison, David and de Meer, Hermann and Plattner, Bernhard}, title = {Proc. of the Dagstuhl Seminar on Service Management and Self--organization in IP--based Networks}, abstract = {Ad--hoc, peer--to--peer, pervasive, active and programmable networks are emerging research disciplines that pave the way to provision network users with innovative services. However, it turns out that the management of such services is complex, tedious and error--prone. Therefore, applying self--organizing techniques to automate service management and to reduce human intervention is expected to lead to better manageable and more robust network architectures. Hence, the goal of the Dagstuhl Seminar on Service Management and Self--organization in IP--based Networks has been to identify open questions and to discuss new ideas in this exciting research field. These seminar proceedings contain several extended abstracts written by seminar participants, which are briefly introduced in the following sections. Moreover, the slides of many seminar talks can be found at http://www.dagstuhl.de/04411/Materials.}, year = {2005}, issn = {1862--4405}, volume = {04411}, series = {Dagstuhl Seminar Proceedings}, editor = {Bossardt, Matthias and Carle, Georg and Hutchison, David and De Meer, Hermann and Plattner, Bernhard}, file_url = {http://www.net.fim.uni--passau.de/pdf/Bossardt2005a.pdf} } @Proceedings { DeMeer2005b, title = {Quality of Service -- {IWQoS} 2005 -- 13th Int'l Workshop, IWQoS 2005, Passau, Germany, June 2005. Proceedings}, abstract = {We welcome you to the proceedings of IWQoS 2005 held at the University of Passau, in the beautiful state of Bavaria, Germany. We hope that all attendees enjoyed their time in that ancient and historic city. Quality of Service (QoS) continues to be an important area of research. Traditionally very focused on the area of networking, it has grown to include mobile applications, wireless environments, 3G and 4G cellular networks, user experience, overlay networks, large--scale systems and other important areas of application. Six full--paper sessions that comprised selected papers of very high quality were devoted to the above mentioned, cutting--edge topics in this volume. We had a fascinating cross--disciplinary program and hope to have seeded connections between different disciplines and between industry and academia.}, year = {2005}, month = {June}, isbn = {978--3--540--26294--7}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/b137286}, volume = {3552}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, editor = {De Meer, Hermann and Bhatti, Nina}, tags = {EuroNGI}, web_url2 = {http://www.net.fmi.uni--passau.de/fmi/iwqos/}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2005b.pdf}, note = {The original publication is available at www.springerlink.com (June 2005)} } @Inproceedings { DeMeer2005a, author = {de Meer, Hermann and Koppen, Christian}, title = {Self--organization in Peer--to--Peer Systems}, abstract = {Peer--to--Peer systems have often been advertised to as being ,,self--organizing''. This has become a somewhat elusive property with meaning and significance being far from clear. Answers sought in this research therefore focused on questions like: How well is self--organization understood in terms of peer--to--peer systems? How much self--organization is there really? How can, if at all, mechanisms of self--organization be exploited for control and management of peer--to--peer systems?}, year = {2005}, month = {Feb.}, isbn = {978--3--540--29192--3}, issn = {0302--9743 (Print), 1611--3349 (Online)}, DOI = {10.1007/11530657{\textunderscore}16}, booktitle = {Proc. of the 14. Fachtagung Kommunikation in Verteilten Systemen (KIVS 2005), Keynote Talk Workshop 'Peer--to--Peer--Systeme und --Anwendungen'}, volume = {3485}, publisher = {Springer--Verlag}, address = {Technische Universitaet Kaiserslautern, Germany}, series = {Lecture notes in Computer Science (LNCS)}, editor = {Steinmetz, Ralf and Wehrle, Klaus}, pages = {247----266}, keywords = {Self--organization; Peer--to--peer}, tags = {EuroNGI}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2005e.pdf}, note = {The original publication is available at www.springerlink.com (2005)} } @Inproceedings { Bossardt2005b, author = {Bossardt, Matthias and Carle, Georg and Hutchison, David and de Meer, Hermann and Plattner, Bernhard}, title = {Service Management and Self--organization in IP--based Networks}, abstract = {''Service Management and Self--organization in IP--based Networks'' was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available.}, year = {2005}, issn = {1862--4405}, booktitle = {Proc. of the Dagstuhl Seminar on Service Management and Self--organization in IP--based Networks}, volume = {04411}, address = {Dagstuhl, Germany}, series = {Dagstuhl Seminar Proceedings}, keywords = {Service management; Network service; Self--organization; Network management; Programmable network; Active network; Peer--to--peer network; Ad--hoc network}, file_url = {http://www.net.fim.uni--passau.de/pdf/Bossardt2005b.pdf} } @Techreport { Hossfeld2005c, author = {Hossfeld, Tobias and Binzenhoefer, Andreas and Schlosser, Daniel and Eger, Kolja and Oberender, Jens O. and Dedinski, Ivan and Kunzmann, Gerald}, title = {Towards Efficient Simulation of Large Scale P2P Networks}, abstract = {The ongoing process of globalization leads to a huge demand for highly scalable applications that are able to deal with millions of participants distributed all over the world. Peer--to--peer (P2P) technology enables an arbitrary large number of users to participate in distributed services like content distribution or collaboration tools. In order to verify a new protocol's performance and scalability simulation is a commonly used tool. First, predicting the network and peer behavior in the real world is only feasible if the simulation, i.e. all applied models as well as the peer state, is as realistic as possible. Second, many properties of the system only become observable when the number of participants is sufficiently large. Therefore, verifying the scalability of a system requires simulating huge worldwide networks. Due to limited processing power, central memory and availabe time, both requirements can only be fullfilled if the applied models are very efficient. In this paper we take a closer look at the network layer. We compare the most commonly--used network models and present a very efficient model for applying real--world network transmission times in large scale simulations.}, year = {2005}, month = {Oct.}, institution = {University of Wuerzburg, Institute of Computer Science}, number = {TR 371}, tags = {EPSRC{\textunderscore}P2POpt, EuroNGI, MoPi1} } @Incollection { Burmeister2005a, author = {Burmeister, Peter and Holzer, Richard}, title = {Treating Incomplete Knowledge in Formal Concept Analysis}, abstract = {Some possible treatments of incomplete knowledge in conceptual data representation, data analysis and knowledge acquisition are presented. In particular, some ways of conceptual scalings as well as the role of the three--valued Kleene--logic are briefly investigated. This logic is also one background in attribute exploration, a conceptual tool for knowledge acquisition. For this method a strategy is given to obtain as much of (attribute) implicational knowledge about a given ,,universe'' as possible; and we show how to represent incomplete knowledge in order to be able to pin down the questions still to be answered in order to obtain complete knowledge in this situation. }, year = {2005}, DOI = {10.1007/11528784{\textunderscore}6}, booktitle = {Formal Concept Analysis -- Foundations and Applications}, volume = {3626}, publisher = {Springer--Verlag}, series = {Lecture notes in Artificial Intelligence (LNAI)}, editor = {Ganter, Bernhard and Stumme, Gerd and Wille, Rudolf}, pages = {114----126}, note = {The original publication is available at www.springerlink.com (2005)} } @Inproceedings { Andersen2004a, author = {Andersen, Frank--Uwe and de Meer, Hermann and Dedinski, Ivan and Kappler, Cornelia and Maeder, Andreas and Oberender, Jens O. and Tutschku, Kurt}, title = {An Architecture Concept for Mobile P2P File Sharing Services}, abstract = {File--sharing in mobile networks has differing demands to a P2P architecture. Resource access and mediation techniques must follow constraints given in 2.5G/3G networks. Enhancing the eDonkey protocol, we reconcile decentralized operation with traffic control.}, year = {2004}, month = {Nov.}, isbn = {3--88579--380--6}, DOI = {10.1.1.104.6183}, institution = {Institute of Computer Science, University of Wuerzburg}, booktitle = {Proc. of the 34th Jahrestagung der Gesellschaft fuer Informatik e.V. (GI), Informatik 2004 -- Informatik verbindet, Band 2, Workshop at Informatik 2004 -- Algorithms and Protocols for Efficient Peer--to--Peer Applications}, volume = {51}, publisher = {GI, Bonner Koellen Verlag}, series = {Lecture notes in Informatics (LNI)}, pages = {229----233}, number = {344}, tags = {EuroNGI, MoPi1}, file_url = {http://www.net.fim.uni--passau.de/pdf/Hossfeld2004a.pdf} } @Inproceedings { Forster2004a, author = {Forster, Florian and de Meer, Hermann}, title = {Discovery of Web Services with a P2P Network}, abstract = {In the concept of Web Services, Universal Description, Discovery and Integration is still the weakest part. As a central instance, it does not easily scale to a growing number of users and lacks acceptance by the industry. In Peer--to--Peer Networks, which are highly popular, discovery of resources is one of the strongest parts. A central registry is not required when integrating Web Services in a Peer--to--Peer network. Each Web Service is responsible for itself and the Peer--to--Peer Network provides the framework for discovery, publication and registration of Web Services. This paper shows, how both technologies fit together and gives details on both structure and design of the Peer--to--Peer network. This results in a more feasible solution than the central Universal Description, Discovery and Integration infrastructure and provides an easy way for registration, publishing and discovery of Web Services.}, year = {2004}, month = {June}, isbn = {978--3--540--22116--6}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/b97989}, booktitle = {Proc. of the 4th Int'l Conf. on Computational Science (ICCS 2004) Part III}, volume = {3038}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {90----97}, tags = {EuroNGI}, note = {The original publication is available at www.springerlink.com (2004)} } @Article { Holzer2004a, author = {Holzer, Richard}, title = {Knowledge acquisition under incomplete knowledge using methods from formal concept analysis -- Part I}, abstract = {Formal contexts with unknown entries can be represented by three--valued contexts K = (G, M, \&{\#}123; x, o, ? \&{\#}125;, I), where a questionmark indicates that it is not known whether the object $g \in G$ has the attribute $m \in M$. To describe logical formulas between columns of such incomplete contexts the Kripke--semantics are used for propositional formulas over the set $M$ of attributes. Attribute implications are considered as special propositional formulas. If a context is too large to be fully represented, an interactive computer algorithm may help the user to get maximal information (with respect to his knowledge) about the valid attribute implications of the unknown context. This computer algorithm is called ``attribute exploration''.}, year = {2004}, journal = {Fundamenta Informaticae}, volume = {63}, pages = {17----39}, number = {1}, keywords = {Formal concept analysis; Incomplete knowledge; Attribute exploration} } @Article { Holzer2004b, author = {Holzer, Richard}, title = {Knowledge acquisition under incomplete knowledge using methods from formal concept analysis -- Part II}, abstract = {Attribute exploration is an interactive computer algorithm which helps the expert to get informations about the attribute implications of a formal context. In the part I of this paper (see [H04]) an algorithm for attribute exploration with incomplete knowledge was presented. In this part we prove the main results of the algorithm: At the end of the attribute exploration the expert gets maximal information with respect to his knowledge about the unknown universe: He gets a list of implications which are certainly valid, a list of implications which are possibly valid, a list of counterexamples against the implications which are certainly not valid and a list of fictitious counterexamples against the implications which he answered by ,,unknown''. He only has to check the implications which he answered by ,,unknown'' and if he can decide for each of these implications whether it is valid or not, he gets complete knowledge about the implications of the context.}, year = {2004}, journal = {Fundamenta Informaticae}, volume = {63}, pages = {41----63}, number = {1} } @Inproceedings { Wuechner2004a, author = {Wuechner, Patrick and Al--Begain, Khalid and Barner, Joerg and Bolch, Gunter}, title = {Modelling a single GSM/GPRS cell with delay tolerant voice calls using MOSEL--2}, abstract = {In this paper we introduce the new version of the MOdelling, Specification and Evaluation Language ---- now called MOSEL--2 ---- and prove its applicability for performance modelling of mobile networks with non--Markovian models. Like its predecessor MOSEL [Al--Begain et al, 2001], MOSEL--2 was developed at the Institute for Operating Systems at the University of Erlangen--Nuernberg. In contrast to many specification languages of existing performance modelling and evaluation tools, which often tend to be too verbose, most MOSEL--2 specifications are compact but anyhow easy to understand. Moreover, MOSEL--2 provides means by which many interesting performance or reliability measures and the graphical presentation of them can be specified straightforwardly. It is especially easy to evaluate a model with different sets of system parameters. The benefit of MOSEL--2 ---- especially for the practitioner from the industry ---- lies in its modelling environment: A MOSEL--2 model is automatically translated into various tool--specific system descriptions and then analysed or simulated by the appropriate tools. This exempts the modeller from the time--consuming task of learning different modelling languages. The following tools and evaluation methods are currently supported by MOSEL--2: MOSES [Bolch et al, 1994] provides several iterative and direct methods (Jacobi, Gauss Seidel, LPU, Crout and Grassmann) for analysing Markovian models, SPNP [Hirel et al, 2000] provides several numerical methods for solving Markovian models and discrete event simulation for evaluating non--Markovian models like extended stochastic Petri nets (ESPNs) and TimeNET [Zimmermann et al, 1999] provides numerical methods for solving Markovian and a restricted class of models with non--exponentially distributed transitions and moreover is able to simulate extended deterministic stochastic Petri nets (eDSPNs). Nevertheless, currently more endeavours are made to include even more evaluation tools and pre--processor concepts to enhance the modelling and evaluation power of MOSEL--2. This Paper aims to give an introduction to the MOSEL--2 language and environment and describe how easily the air interface of a GSM/GPRS cell can be modelled.}, year = {2004}, month = {May}, isbn = {1--84233--099--3}, booktitle = {Proc. of the 7th UK Simulation Conf. (UKSIM 2004)}, pages = {88----94}, keywords = {MOSEL--2; System description language; GSM/GPRS; DeTVoC; non--Markovian distributions; IGL}, tags = {MOSEL2}, file_url = {http://www.net.fim.uni--passau.de/pdf/Wuechner2004a.pdf} } @Article { Holzer2004c, author = {Holzer, Richard}, title = {On subdirectly irreducible OMAs}, abstract = {In this paper some properties of epi--representations and Schmidt--congruence relations of orthomodular partial algebras are investigated and an infinite list of OMA--epi subdirectly irreducible orthomodular partial algebras will be constructed.}, year = {2004}, journal = {Studia Logica}, volume = {78}, pages = {261----277}, note = {also available as Preprint 2237, TU--Darmstadt, FB Mathematik} } @Incollection { DeMeer2004a, author = {de Meer, Hermann and Tutschku, Kurt}, title = {Peer--To--Peer Programmability}, abstract = {The evolution of the Internet can be classified broadly into three phases. The first phase was initiated in the early 1970s and lasted until the early 1990s. Remarkably, the Internet started as an overlay on the existing PSTN infrastructure. Peering routers enabled worldwide connectivity, creating a global network almost unrecognized by the public. The architecture was designed with the principles of efficiency and simplicity and was built on the well--known TCP/IP protocol stack and characterized by static IP addresses. In the second half of the 1990s, the World Wide Web (WWW) became the dominant application of the Internet. At its peak, up to 80% of the total traffic load was attributed to the WWW. The WWW was based on a centralized architecture, which is heavily biased toward a client/server model. A relatively small number of very powerful servers provide services to a large number of much less powerful clients in a strongly asymmetric way. Among the main challenges are provisioning of high performance, redundancy, and load balancing facilities in a centralized fashion.}, year = {2004}, month = {May}, isbn = {1--58053--745--6}, booktitle = {Programmable Networks for IP Service Deployment}, publisher = {Artech House Books}, address = {685 Canton Street, Norwood, MA 02062}, editor = {Galis, Alex and Denazis, Spyros and Brou, Celestin and Klein, Cornel}, pages = {87----107}, tags = {EuroNGI}, web_url2 = {http://www.artechhouse.com} } @Techreport { Hossfeld2004b, author = {Hossfeld, Tobias and Tutschku, Kurt and Andersen, Frank--Uwe and de Meer, Hermann and Oberender, Jens O.}, title = {Simulative Performance Evaluation of a Mobile Peer--to--Peer File--Sharing System}, abstract = {Peer--to--Peer (P2P) File--sharing has become the killer application in the wired Internet and might also be highly attractive for mobile networks. In particular since UMTS operators are searching for new applications which do both: a) exploit the potential of the UMTS technology and b) motivate the user to adopt the new technology. In this work we are investigating the performance of an eDonkey--based mobile P2P file--sharing system by means of time--dynamic simulation. Mobile networks differ from wireline networks by the limited capacity of the radio link and the mobility of the users. P2P networks, in contrast, are overlays which consider the transport network in an abstract way. In a mobile environment, the question arises, whether the abstraction can be maintained and what will be the performance impact if there is any. We will show in detail how the mobile access technology (GPRS or UMTS), the churn behavior of mobile users, the file size of mobile specific content, and special infrastructure entities, such as a cache peer, influences the performance of the suggested mobile P2P file--sharing service.}, year = {2004}, month = {Nov.}, isbn = {0--7803--8900--X}, issn = {1862--4405}, DOI = {10.1109/NGI.2005.1431678}, institution = {Institute of Computer Science, University of Wuerzburg}, booktitle = {Proc. of the Next Generation Internet Networks (NGI 2005)}, volume = {04411}, publisher = {IEEE}, address = {Dagstuhl, Germany}, series = {Dagstuhl Seminar Proceedings}, pages = {281----287}, number = {345}, keywords = {Peer--to--peer; UMTS; Performance evaluation; File--sharing}, tags = {EuroNGI, MoPi1}, file_url = {http://www.net.fim.uni--passau.de/pdf/Hossfeld2004b.pdf} } @Inproceedings { Ocampo2004a, author = {Ocampo, Roel and de Meer, Hermann}, title = {Smart Wireless Access Points for Pervasive Computing}, abstract = {Research in ubiquitous computing has traditionally focused on sensing and making use of user--related context. However, a pervasive computing environment is also a mobile computing environment, where QoS adaptation is often a major concern. We present an integrated framework applicable to both user-- and network--oriented adaptation, that uses a common base for sensing context. Smart wireless access points called M--WASPs provide a wireless network infrastructure, and perform sensing, adaptation and other cognitive functions in a distributed fashion, within a pervasive computing environment.}, year = {2004}, month = {Jan.}, isbn = {978--3--540--20790--0}, issn = {0302--9743 (Print); 1611--3349 (Online)}, booktitle = {Proc. of the 1st IFIP TC6 Working Conf. on Wireless On--Demand Network Systems (WONS 2004)}, volume = {2928}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {43----50}, note = {The original publication is available at www.springerlink.com (2004)} } @Book { Tutschku2004a, author = {Tutschku, Kurt and de Meer, Hermann and Andersen, Frank--Uwe and Kawashima, Konosuke}, title = {Special Issue on P2P Networking and P2P Services}, abstract = {Peer--to--peer (P2P) services evolved to the most popular applications in today’s Internet. In particular, P2P networks became very popular amid the relentless spread of Gnutella, Kazaa, eDonkey and BitTorrent file sharing applications. Remarkably, only very simple protocols and almost no support by the transport network was required to make these distributed services operable on a large scale in very little time.}, year = {2004}, month = {Nov.}, volume = {15}, publisher = {John Wiley \& Sons}, series = {European Transactions on Telecommunications (ETT)}, pages = {507--509}, number = {6}, tags = {EuroNGI} } @Inproceedings { VanDerStok2004a, author = {Stok, Peter and Boomgaardt, Jan J. and Burklin, Helmut and Cecchetti, Gabriele and Decotignie, Jean--Dominique and de Meer, Hermann and Fohler, Gerhard and Lukkien, Johan and Rubino, Gerardo}, title = {The FABRIC Project}, abstract = {The FABRIC project aims at the integration of middleware standards used in home networks to provide high quality streaming over a heterogeneous network without introducing new standards.}, year = {2004}, month = {May}, booktitle = {Proc. of the 1st European Workshop on Software Architecture (EWSA 2004)}, volume = {3047}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {272----278}, tags = {FABRIC}, web_url2 = {http://www.hitech--projects.com/euprojects/fabric/}, note = {The original publication is available at www.springerlink.com (2004)} } @Inproceedings { Tutschku2003a, author = {Tutschku, Kurt and de Meer, Hermann}, title = {A Measurement Study on Signaling of Gnutella Overlays}, abstract = {In this paper we present a measurement study on signaling in Gnutella overlay networks. Both signaling load and the scale of variability in the existence of p2p overlay connections are investigated. The purpose of the study is to idetify and understand characteristic scales of variability and stability of peer--to--peer overlay networks. The identified, typical scales should ultimately provide a basis for a dynamic managment of peer--to--peer services. Unmanaged peer--to--peer service have often enough incubated a prohibitively large signaling traffic load.}, year = {2003}, month = {Feb.}, isbn = {3--540--00365--7}, booktitle = {Proc. of the 13. Fachtagung Kommunikation in Verteilten Systemen (KiVS 2003)}, publisher = {Springer--Verlag}, series = {Informatik Aktuell}, pages = {295----306}, web_url2 = {http://www.springer.com/computer/database+management+%26+information+retrieval/book/978--3--540--00365--6} } @Inproceedings { Ocampo2003a, author = {Ocampo, Roel and de Meer, Hermann}, title = {A Method for Sensing and Representing Location in Context--Aware Applications}, abstract = {Location context plays a valuable role in ubiquitous computing, and is still a central area of interest for many researchers. We present an easy--to--deploy location sensing system using acoustic spread--spectrum techniques and hyperbolic multilateration, and a scheme for representing and processing location information using switching algebra.}, year = {2003}, month = {Sep.}, isbn = {0--0538863--2--6}, booktitle = {Proc. of the London Communications Symp. 2003 (LCS 2003)}, volume = {2003}, pages = {233----236} } @Article { DeMeer2003b, author = {de Meer, Hermann and Retzekas, Spyridon}, title = {Adaptation of Traffic Aggregates for Defective QoS Architectures}, abstract = {It is anticipated that congestion may still be an occasional matter of fact under the Differentiated Services Framework. Based upon this observation, we propose a Quality of Service architecture that uses segmented adaptation mechanisms on whole traffic aggregates, in order to allow for the co--operation between network operators in case of congestion. Service curves are introduced as a tool for defining Quality of Service levels internally in each Service Level Agreement. Edge routers are responsible for the smooth movement between the predefined service curves in case of congestion. Moreover, a domain administrative entity (Service Level Agreement Broker) is used in order to monitor the adaptation/recovery procedures and the processes associated with resource trading and billing. We examine the structure and operation of the Service Level Agreement Broker and some signalling issues related to the proposed architecture. Some simulations implemented on the Network Simulator 2 software show the existence of congestion effects under certain conditions in DiffServ domains, as well as the impact of aggregated congestion control architectures to congested domains.}, year = {2003}, month = {Dec.}, journal = {Int'l journal of Simulation, Systems, Science \\& Technology}, volume = {4}, pages = {39----58}, number = {5--6} } @Techreport { Holzer2003a, author = {Holzer, Richard}, title = {Describing fields by implications between strong equations}, abstract = {In this note it will be shown that the class of all fields can be described by implications between strong equations. The signature is extended by the logical Craig projection to get more expressive power for the strong equations.}, year = {2003}, institution = {TU--Darmstadt, FB Mathematik}, number = {2280}, file_url = {http://www.net.fim.uni--passau.de/pdf/Holzer2003a.pdf} } @Inproceedings { Koulouris2003a, author = {Koulouris, Theofrastos and Henjes, Robert and Tutschku, Kurt and de Meer, Hermann}, title = {Implementation of Adaptive Control for P2P Overlays}, abstract = {Peer--to--peer networking enjoys euphoric support and fierce resistance simultaneously, and for the same reasons. It presents a model where decentralization and lack of structure, hierarchy and control are promoted. Although significant research is carried out to tackle individual issues arising from that paradigm, there has been no obvious approach for evening out differences on a more general basis. In this paper we introduce a framework and provide implementation techniques for such an approach. The framework aims at integrating partial techniques that solve individual problems and has been designed for flexibility. The integrated approach we are proposing includes forming and maintaining of peer--to--peer overlays, controlling the underlying topology being formed, limiting the signaling traffic being generated and optimizing the payload traffic.}, year = {2003}, month = {Dec.}, isbn = {978--3--540--21250--8}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/b96396}, booktitle = {Proc. of the 5th IFIP TC6 Annual Int'l Working Conf. on Active Networks (IWAN 2003)}, volume = {2982}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {2714----2718}, web_url2 = {http://www.informatik.uni--trier.de/~ley/db/conf/iwan/iwan2003.html}, file_url = {http://www.net.fim.uni--passau.de/pdf/Koulouris2003a.pdf}, note = {The original publication is available at www.springerlink.com (2004)} } @Misc { Tutschku2003b, author = {Tutschku, Kurt and de Meer, Hermann}, title = {Network Efficient P2P--Services and their Management}, abstract = {Over the last three years, peer--to--peer (p2p) services [Oram01] [Barkai02] have evolved to one of the most import sources of Internet traffic. P2P file sharing protocols caused more than 25% of the traffic volume and more than 20% of the flows at some core routers in the US (as of November 21st 2002) [Sprint02]. P2P file sharing is challenging web traffic for the top spot of traffic sources in the Internet [Internet2]. Rarely before has a new class of network services evolved in such a short time as p2p services have done.}, year = {2003}, month = {Aug.} } @Inproceedings { Bhusate2003a, author = {Bhusate, Arvind and de Meer, Hermann}, title = {Web Services Over Infrastructure--less Networks}, abstract = {This paper discusses the possibility of the convergence between web services and infrastructure--less networks such as Ad--hoc and P2P. Convergence meaning the operation of web services over networks such as Ad--hoc and P2P. The paper highlights parts of the detailed analysis carried out and the conclusions formed from this in these areas. It also reviews the fundamental web services technology components, along with that of ad hoc and p2p networks.}, year = {2003}, month = {Sep.}, isbn = {0--0538863--2--6}, booktitle = {Proc. of the London Communications Symp. 2003 (LCS 2003)}, pages = {133----136} } @Inproceedings { Tutschku2002a, author = {Tutschku, Kurt and de Meer, Hermann}, title = {A Measurement--based Investigation on Signaling in Gnutella Overlay Networks -- Providing Insights to Third Generation Internet Applications}, abstract = {In this paper we present a measurement study on signaling in Gnutella overlay networks. Both signaling load and the scale of variability in the existence of p2p overlay connections are investigated. The purpose of the study is to identify and understand characteristic scales of variability and stability of peer--to--peer overlay networks. The identified, typical scales should ultimately provide a basis for a dynamic management of peer--to--peer services. Unmanaged peer--to--peer service have often enough incubated a prohibitively large signaling traffic load. Peer--to--peer services are viewed as the first instantiation of future Third Generation Internet services. We will outline how the findings on today’s peer--to--peer services might provide insight for traffic management in future Internet.}, year = {2002}, month = {Oct.}, booktitle = {Proc. of the 1st Workshop on Design and Performance Evaluation of 3G Internet Technologies collocated with MASCOTS}, keywords = {Peer--to--Peer services; Overlay systems; Gnutella; Measurement; Traffic management; Third Generation Internet} } @Inproceedings { DeMeer2002b, author = {de Meer, Hermann and Tutschku, Kurt}, title = {A Performance Management Architecture for Peer--to--Peer Services based on Application--Level Active Networking}, abstract = {We propose an application--level active network--based architecture using modular ,,active proxylets'' for managing p2p service. The approach combines application--level and network--level performance control.}, year = {2002}, month = {April}, isbn = {0--7803--7382--0}, DOI = {10.1109/NOMS.2002.1015645}, booktitle = {Proc. of the 8th IEEE IFIP Network Operations and Management Symp. (NOMS 2002)}, publisher = {IEEE}, pages = {927----929}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2002b.pdf}, note = {INSPEC Accession number: 7418908} } @Techreport { DeMeer2002c, author = {de Meer, Hermann and O'Hanlon, Piers and Feher, Gabor and Blefari--Melazzi, Nicola and Karagiannis, Georgios and Partain, David and Rexhepi, Vlora and Westberg, Lars}, title = {Analysis of Existing QoS Solutions}, abstract = {This memo provides a brief analysis of existing IP quality of service (QoS) solutions and the implied signalling issues. This analysis is intended to point out open issues in QoS signalling. Moreover, this analysis is done in order to understand whether the strict QoS requirements imposed by future fixed and mobile applications are satisfied by the existing IP QoS solutions. The existing IP QoS solutions can be categorized as follows: End--to--end per--flow resource reservation protocols; Integrated Services over Differentiated Services; Statically assigned trunk reservations based on; Differentiated Services; Dynamic trunk reservations with Aggregated RSVP;Traffic Engineering Tunnels and RSVP.}, year = {2002}, institution = {IETF Internet Draft}, number = {draft--demeer--nsis--analysis--01.txt} } @Inproceedings { Retzekas2002a, author = {Retzekas, Spyridon and de Meer, Hermann}, title = {Defective QoS Architectures and Inter--Domain Co--Operation,}, abstract = {Congestion may still be an occasional matter of fact under the Differentiated Services Framework. Based upon this observation, we propose a Quality of Service architecture that uses segmented adaptation mechanisms on whole traffic aggregates, in order to allow for the cooperation between network operators in case of congestion. Service curves are introduced as a tool for defining Quality of Service levels internally in each Service Level Agreement. Edge routers are responsible for the smooth movement between the predefined service curves in case of congestion. Moreover, a domain administrative entity (Service Level Agreement Broker) is needed in order to monitor the adaptation/recovery procedures and the processes associated with resource trading and billing. The structure and operation of the Service Level Agreement Broker and the signalling issues related to the ASA architecture are examined in this paper.}, year = {2002}, month = {Sep.}, booktitle = {Proc. of the IEE/IEEE London Communications Symp. (LCS 2002)} } @Article { DeMeer2002a, author = {de Meer, Hermann and Tutschku, Kurt and Tran--Gia, Phuoc}, title = {Dynamic Operation of Peer--to--Peer Overlay Networks}, abstract = {Virtual overlay networks, such as formed in peer--topeer services, can be seen as a new paradigm for providing multiservice networks. Virtual overlay networks may offer customized services to a specified community while providing a high degree of flexibility in usage of shared resources. This paper examines the requirements of operating dynamic overlays, in particular, for peer--to--peer services. The analysis has been based on extensive measurement studies performed on the global Gnutella network during operation.The obtained results indicate limitations in scalability of native p2p overlays, suggesting the need of a control scheme for efficiency reasons. As an enabling infrastructue to implement a distributed control scheme for p2p overlays a so--called Application--Layer Active Networking platform has been chosen. Based on Application--Layer Active Networking, Active Virtual Peers are introduced as the main concept for dynamic operation andmanagement of peer--to--peer overlay networks. Active Virtual Peers facilitate policy enforcement or performance management by means of self--organization, predominantly on the application layer with minimum interference on lower layers.}, year = {2002}, month = {Dec.}, issn = {0930--5157}, DOI = {10.1515/PIKO.2003.65}, booktitle = {Proc. of 4th Annual Int'l Working Conf. on Active Networks (IWAN 2002)}, journal = {Praxis der Informationsverarbeitung und Kommunikation (PIK)}, volume = {26}, pages = {65----73}, number = {2}, keywords = {Peer--to--Peer services; Overlay systems; Gnutella; Measurement; Traffic management}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer2002a.pdf} } @Inproceedings { Mascolo2001a, author = {Mascolo, Cecilia and Emmerich, Wolfgang and de Meer, Hermann}, title = {An XML based Programmable Network Platform}, abstract = {In this paper we describe an XML--based platform for dynamic active node policy updates. XML supports the definition of specific policy languages, their extension to satisfy new needs and the management of deployed policies on different active nodes. We show an example of the management of router packet forwarding policies where the XML policies that drive the packet routing are updated at run--time on the active nodes depending on the network status. The platform decouples policy management, which is handled through XML interpretation, from packet forwarding that, for performance reasons, has to be implemented in more efficient languages.}, year = {2001}, booktitle = {Proc. of the ICSE 2001 Workshop on Software Engineering and Mobility} } @Phdthesis { DeMeer2001c, author = {de Meer, Hermann}, title = {Dienstgueteunterstuetzung f{\"u}r Multimediakommunikation ueber das Internet}, year = {2001}, school = {University of Hamburg} } @Inproceedings { Essafi2001a, author = {Essafi, Lassaad and Bolch, Gunter and de Meer, Hermann}, title = {Dynamic Priority Scheduling for Proportional Delay Differentiated Services}, abstract = {Recent results on the proportional differentiation model show that waiting time priority scheduling can be applied to implement proportional delay differentiatied services reasonably well under limited conditions. While earlier research focused on heavy load conditions only, more recent results provide insights into waiting time priority scheduling under moderate load conditions also, but the applicability of the algorithm has been limited to a two--service--class solution for numerical reasons. In this paper, in contrast, a dynamic adjustment of a waiting time priority scheduler is suggested to meet the differentiation requirements for any finite number of traffic classes. Our newly introduced approach is based on genetic algorithms. The dynamically optimized scheduling parameters can be determined with high accuracy. We apply an interpolation function to yield a continuum of parameters rather than discrete values and propose a simple look--up table for a dynamic adjustment of the scheduling parameters. We also focus on feasibility and implementation issues related to the suggested algorithm. Suitability of other time--dependent priority functions for proportional delay differentiation is also investigated.}, year = {2001}, month = {Sep.}, booktitle = {Proc. of the 11th GI/ITG Conf. Measurement, Modeling and Evaluation of Computer and Communication Systems (MMB'01)} } @Phdthesis { Holzer2001a, author = {Holzer, Richard}, title = {Methoden der formalen Begriffsanalyse bei der Behandlung unvollstaendigen Wissens}, abstract = {Bei der Darstellung begrifflichen Wissens kommt es haeufig vor, dass nicht alle Informationen bekannt sind. In dieser Arbeit werden Methoden untersucht, unvollstaendiges Wissen darzustellen und zu verarbeiten. Fuer die Darstellung von unvollstaendigen Daten eignen sich Kontexte aus der formalen Begriffsanalyse.}, year = {2001}, school = {TU--Darmstadt}, publisher = {Shaker Verlag}, web_url2 = {http://tubiblio.ulb.tu--darmstadt.de/15851/}, note = {Dissertation, Shaker Verlag} } @Inproceedings { DeMeer2001a, author = {de Meer, Hermann and Emmerich, Wolfgang and Mascolo, Cecilia and Pezzi, Nicola and Rio, Miguel and Zanolin, Luca}, title = {Middleware and Management Support for Programmable QoS--Network Architectures}, abstract = {This paper focuses on management and middleware support for incremental updating of code and policies on various levels of granularity in time and space and on code deployment in vastly large distributed systems such as a networking infrastructure. In particular, we describe a middleware for programmable Differentiated Service (DiffServ) architectures. DiffServ architectures are envisaged by the standardization body of the IETF to be open to an evolutionary process and to facilitate adjustments to local conditions. The middleware we suggest for enabling openness and programmability of future DiffServ QoS architectures uses XML in the definition of specific policy languages, provides XML extensions to satisfy new needs and the management of deployed policies on different active nodes. Based on our middleware, router packet forwarding policies may be exibly defined and, in an extreme case, even dynamically updated at run--time on the active nodes as a function of the network/router status. Based on a two--level language approach, the middleware decouples policy management, which is handled through XML interpretation, from packet forwarding that is implemented in more efficient languages. The two--level language approach allows a compilation of highly efficient executable code from an intermediate XML virtual machine level representation.}, year = {2001}, booktitle = {Proc. 3rd Int'l Working Conf. on Active Networks (IWAN 2001)} } @Inproceedings { DeMeer2001b, author = {de Meer, Hermann and O'Hanlon, Piers}, title = {Segmented Adaptation of Traffic Aggregates}, abstract = {Congestion control in heterogeneous Quality--of--Service (QoS) architectures remains a major challenge. The solution proposed in this paper entails three constituents. Taking the current trend towards Differentiated Services (DiffServ) as a likely candidate for future Internet QoS--architectures, our approach is based on aggregated, domain--based, and class--of--service based congestion control. The overall framework for congestion control, as suggested here, reflects essential properties of underlying QoS--architectures and their instantiations in real implementations. As such an approach calls for highly flexible architectures, we suggest the use of Active Networking, and in particular Application Level Active Networking, as an enabling technology for a seamless and rapid integration of the proposed scheme into current architectures.}, year = {2001}, month = {June}, isbn = {978--3--540--42217--4}, issn = {0302--9743 (Print), 1611--3349 (Online)}, DOI = {10.1007/3--540--45512--4{\textunderscore}27}, booktitle = {Proc. of the 9th Int'l Workshop on Quality of Service (IWQoS 2001)}, volume = {2092}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {342----353}, note = {The original publication is available at www.springerlink.com (2001)} } @Inproceedings { Mascolo2001b, author = {Mascolo, Cecilia and Emmerich, Wolfgang and de Meer, Hermann}, title = {XMILE: An XML based Approach for Programmable Networks}, abstract = {In this paper we describe an XML--based platform for dynamic active node policy updates. XML supports the definition of specific policy languages, their extension to satisfy new needs and the management of deployed policies on different active nodes. We show an example of the management of router packet forwarding policies where the XML policies that drive the packet routing are updated at run--time on the active nodes depending on the network status. The platform decouples policy management, which is handled through XML interpretation, from packet forwarding that, for performance reasons, has to be implemented in more efficient languages.}, year = {2001}, month = {March}, booktitle = {Proc. of the Symp. on Software Mobility and Adaptive Behavior (AISB 2001)} } @Inproceedings { Bouch2000a, author = {Bouch, Anna and Sasse, M. Angela and de Meer, Hermann}, title = {Of Packets and People: A User--Centered Approach ot Quality of Service}, abstract = {Multimedia communication has gained increasing attention, both from the application side and the network provider side. While resource provisioning for QoS support in packet switched networks has led to the design and development of sophisticated QoS architectures, notably ATM, IntServ or DiffServ, research has not exactly been user or application--context centered. In the cause of the evolution of QoS architectures, the integrated service network approach has lost momentum, and with it, the notion of QoS guarantees. Differentiation of QoS classes within the DiffServ framework is based on the definition of various per--hop behaviors. What is currently missing is a technique for specification and mapping of application and user QoS preferences onto evolving service profiles. In addition, adaptation of applications (and users) is becoming increasingly important in the face of dominating weak QoS--assurance paradigms, both in wireline and wireless environments. As a prerequisite, this paper investigates cognitive and perceptive conditioning of users and applications in a situated setting. The contribution of this paper is twofold: first, essential empirical results on user QoS preferences and QoS graduations are presented, and second, methodological foundations are laid for investigating user--centered QoS.}, year = {2000}, month = {June}, isbn = {0--7803--6266--7}, DOI = {10.1109/IWQOS.2000.847955}, booktitle = {Proc. of the 8th IEEE Int'l Workshop on Quality of Service (IWQoS 2000)}, publisher = {IEEE}, pages = {189----197} } @Techreport { DeMeer2000b, author = {de Meer, Hermann}, title = {On Selfish and Cooperative Multimedia Applications}, year = {2000}, institution = {Dept. of Computer Science, University College London (UCL), U.K.}, number = {RN/00/65} } @Inproceedings { Burmeister2000a, author = {Burmeister, Peter and Holzer, Richard}, title = {On the treatment of incomplete knowledge in Formal Concept Analysis}, abstract = {Some possible treatments of incomplete knowledge in conceptual data representation, data analysis and knowledge acquisition are presented. In particular, some ways of conceptual scalings as well as the role of the three--valued Kleene--logic are briely investigated. This logic is also one background in attribute exploration, a conceptual tool for knowledge acquisition. For this method a strategy is given to obtain as much of (attribute) implicational knowledge about a given ,,universe'' as possible; and we show how to represent incomplete knowledge in order to be able to pin down the questions still to be answered in order to obtain complete knowledge in this situation.}, year = {2000}, month = {Aug.}, isbn = {978--3--540--67859--5}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/10722280{\textunderscore}27}, booktitle = {Conceptual Structures: Logical, Linguistic, and Computational Issues -- Proc. of the 8th Int'l Conf. on Conceptual Structures (ICCS 2000)}, volume = {1867}, publisher = {Springer--Verlag}, series = {Lecture notes in Artificial Intelligence (LNAI)}, editor = {Ganter, Bernhard and Mineau, Guy W.}, pages = {385----398}, note = {The original publication is available at www.springerlink.com (2000)} } @Article { DeMeer2000a, author = {de Meer, Hermann and La Corte, Aurelio and Puliafito, Antonio and Tomarchio, Orazio}, title = {Programmable Agents for Flexible QoS Management in IP Networks}, abstract = {Network programmability seems to be a promising solution to network management and quality of service (QoS) control. Software mobile--agents technology is boosting the evolution toward application--level control of network functionalities. Code may be deployed in the network dynamically and on demand for the benefit of applications or application classes. Agents support a dynamic distribution of control and management functions across networks, thus increasing flexibility and efficiency. We propose to use mobile--agent technology to overcome some of the problems inherent in current Internet technology. We focus our attention to QoS monitoring, being locally significant in network subdomains, and realize a QoS management strategy in response to variations of user, customer of application requirements, and of the network state. We describe our experience and the results obtained from our testbed, where software agents are instantiated, executed, migrated, and suspended in order to implement flexible QoS management in IP networks.}, year = {2000}, month = {Feb.}, issn = {0733--8716}, DOI = {10.1109/49.824809}, journal = {IEEE journal on Selected Areas in Communications (J--SAC)}, volume = {18}, publisher = {IEEE}, pages = {256----267}, number = {2}, keywords = {Adaptation; Customer policies; Quality--of--service (QoS); RSVP; Software agents; Underreservation} } @Techreport { Knoche2000a, author = {Knoche, Hendrik and de Meer, Hermann}, title = {QoS Parameters: A Comparative Study}, year = {2000}, institution = {Dept. of Computer Science, University College London (UCL), U.K.}, number = {TR RN/00/64} } @Article { Burmeister2000b, author = {Burmeister, Peter and Holzer, Richard and Maczynski, Maciej}, title = {Quasi--rings and congruences in the theory of orthomodular algebras}, abstract = {In this paper the theory of orthomodular algebras (OMAs) is further developed. The connection with quasi--rings and the structure of the ordered sets of their congruence relations are investigated. The paper is divided into five sections: on the structure of OMAs, the extensions of orthomodular addition, orthomodular algebras and orthomodular quasi--rings, OMA congruences, and OMA--Schmidt congruences. In conclusion, all OMA--Schmidt congruence relations for very small OMAs are computed and the line diagram of the OMA--Schmidt congruence lattice for the OMA with two free generators is constructed.}, year = {2000}, month = {Dec.}, issn = {0002--5240 (Print); 1420--8911 (Online)}, DOI = {10.1007/s000120050192}, journal = {Algebra Universalis}, volume = {44}, pages = {333----369}, number = {3--4} } @Inproceedings { Tyagi2000a, author = {Tyagi, Anurag and Muppala, Jogesh K. and de Meer, Hermann}, title = {VoIP support on Differentiated Services Using Expedited Forwarding}, abstract = {Differentiated services (Diffserv) is a new service model proposed by the Internet Engineering Task Force (IETF) to provide an end--to--end quality of service (QoS) support for multimedia applications. One key element of Diffserv is the definition of different per hop behaviors (PHB) like Expedited Forwarding (EF) and Assured Forwarding (AF). EF can be used to build a low loss and low delay service to support Internet telephony and video conferencing. In this paper we study the performance of Voice over Internet Protocol (VoIP) over Diffserv using EF. We compare the delay and jitter performance of the traffic generated by different standard voice codec algorithms used for compressing a voice signal.}, year = {2000}, month = {Feb.}, isbn = {0--7803--5979--8}, booktitle = {Proc. of the 19th IEEE Int'l Performance, Computing and Communications Conf. (IPCCC 2000)}, publisher = {IEEE}, pages = {574----580} } @Inproceedings { Tyagi1999a, author = {Tyagi, Anurag and Muppala, Jogesh K. and de Meer, Hermann}, title = {A Study of Expedited Forwarding in Differentiated Services and its Performance Characteristics Using CBQ Implementation}, year = {1999}, month = {Dec.}, booktitle = {Proc. of the 7th Int'l Conf. on Advanced Computing and Communications (ADCOM 1999)} } @Article { Campbell1999c, author = {Campbell, Andrew T. and de Meer, Hermann and Kounavis, Michael E. and Miki, Kazuho and Vicente, John and Villela, Daniel A.}, title = {A Survey of Programmable Networks}, abstract = {In this paper we present a programmable networking model that provides a common framework for understanding the state--of--the--art in programmable networks. A number of projects are reviewed and discussed against a set of programmable network characteristics. We believe that a number of important innovations are creating a paradigm shift in networking leading to higher levels of network programmability. These innovations include the separation between transmission hardware and control software, availability of open programmable network interfaces, accelerated virtualization of networking infrastructure, rapid creation and deployment of new network services and environments for resource partitioning and coexistence of multiple distinct network architectures. We present a simple qualitative comparison of the surveyed work and make a number of observations about the direction of the field.}, year = {1999}, month = {April}, issn = {0146--4833}, DOI = {10.1145/505733.505735}, journal = {Computer Communication Review (CCR)}, volume = {29}, publisher = {ACM}, pages = {7----23}, number = {2} } @Incollection { DeMeer1999a, author = {de Meer, Hermann and Duesterhoeft, Oliver--Rainer and Fischer, Stefan}, title = {COSTPN for Modeling and Control of Telecommunication Systems}, abstract = {Heutige technische und oekonomische Systeme bieten meist eine Vielzahl von Eingriffsmoeglichkeiten, um sie dynamisch beeinflussen zu koennen. Selbst einfache Modelle sind schwer analytisch auswertbar. Daher wird eine Erweiterung der Stochastischen Petrinetze (SPN) vorgestellt, welche Komponenten zur Beschreibung von dynamischen Rekonfigurationen zur Verfuegung stellt. Zu diesem Zweck wird eine neue Transition eingefuehrt, welche die Moeglichkeit bietet, zu einem kontrollierten Zeitpunkt von einem Zustand in einen anderen ueberzugehen. Diese Stochastischen Petrinetze werden COntrolled STochastic Petri Nets (COSTPNs) genannt. Ziel dieser COSTPNs ist es, in Abhaengigkeit einer Rewardfunktion eine optimale Strategie zu finden und die Leistungskenngroessen in Abhaengigkeit der angewandten Strategie fuer das untersuchte COSTPN zu ermitteln. Zur rechnergestuetzten Auswertung werden die COSTPNs in Extended Markov Reward Models (EMRMs) uebersetzt. Dieses Vorgehen wird anhand des Emergency Supply Model demonstriert.}, year = {1999}, month = {April}, isbn = {3--540--65870--X}, DOI = {10.1007/BFb0097779}, booktitle = {Application of Petri Nets to Communication Networks, Advances in Petri Nets}, volume = {1605}, publisher = {Springer--Verlag}, address = {London, UK}, series = {Lecture notes in Computer Science (LNCS)}, editor = {Billington, Jonathan and Diaz, Michel and Rozenberg, Grzegorz}, pages = {232----272}, keywords = {Stochastic Petri nets; Performability; Dynamic optimization; Extended Markov reward models; Markov decision theory}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer1999a.pdf}, note = {The original publication is available at www.springerlink.com (1999)} } @Techreport { Zaddach1999a, author = {Zaddach, Martin and de Meer, Hermann}, title = {COSTPN zur Modellierung und Kontrolle rekonfigurierbarer Systeme}, abstract = {Heutige technische und oekonomische Systeme bieten meist eine Vielzahl von Eingriffsmoeglichkeiten, um sie dynamisch beeinflussen zu koennen. Selbst einfache Modelle sind schwer analytisch auswertbar. Daher wird eine Erweiterung der Stochastischen Petrinetze (SPN) vorgestellt, welche Komponenten zur Beschreibung von dynamischen Rekonfigurationen zur Verfuegung stellt. Zu diesem Zweck wird eine neue Transition eingefuegt, welche die Moeglichkeit bietet, zu einem kontrollierten Zeitpunkt von einem Zustand in einen anderen ueberzugehen. Diese Stochastischen Petrinetze werden COntrolled STochastic Petri Nets (COSTPNs) genannt. Ziel dieser COSTPNs ist es, in Abhaengigkeit einer Rewardfunktion eine optimale Strategie zu finden und die Leistungskenngroessen in Abhaengigkeit der angewandten Strategie fuer das untersuchte COSTPN zu ermitteln. Zur rechnergestuetzten Auswertung werden die COSTPNs in Extended Markov Reward Models (EMRMs) uebersetzt. Dieses Vorgehen wird anhand des Emergency Supply Model demonstriert.}, year = {1999}, institution = {Computer Science Department, University of Hamburg}, keywords = {Stochastic Petri nets; Reconfigurable systems; Dynamic optimization; Optimal Strategy; Extended Markov decision models; Emergency supply model}, file_url = {http://www.net.fim.uni--passau.de/pdf/Zaddach1999a.pdf} } @Article { Campbell1999b, author = {Campbell, Andrew T. and Kounavis, Michael E. and Villela, Daniel A. and Vicente, John and de Meer, Hermann and Miki, Kazuho and Kalaichelvan, K. S.}, title = {Spawning Networks}, abstract = {The deployment of new network architectures, services, and protocols is often manual, ad hoc, and time--consuming. We introduce ,,spawning networks,'' a new class of programmable networks that automate the life cycle process for the creation, deployment, and management of network architectures. These networks are capable of spawning distinct ,,child'' virtual networks with their own transport, ,,parent's'' network resources and in isolation from other spawned networks. Spawned child networks represent programmable virtual networks and support the controlled access to communities at users with specific connectivity, security, and quality of service requirements. In this article we present a framework for the realization of spawning networks based on the notion of the Genesis Kernel, a virtual network operating system capable of creating distinct virtual network architectures on the fly. We discuss the motivation and principles that underpin spawning networks and focus on the design of the transport, programming and life cycle environments, which comprise the main architectural components of the Genesis Kernel.}, year = {1999}, month = {July}, issn = {0890--8044}, DOI = {10.1109/65.777438}, journal = {IEEE Network Magazine}, volume = {13}, publisher = {IEEE}, pages = {July}, number = {4} } @Inproceedings { Campbell1999a, author = {Campbell, Andrew T. and de Meer, Hermann and Kounavis, Michael E. and Miki, Kazuho and Vicente, John and Villela, Daniel A.}, title = {The Genesis Kernel: A Virtual Network Operating System for Spawning Network Architectures}, abstract = {The deployment of network architectures is often manual, ad hoc and time consuming. In this paper we introduce a new paradigm for automating the life cycle process for the creation, deployment and management of network architectures and envision programmable networks capable of spawning distinct ,,child'' virtual networks with their own transport, control and management systems. A child network operates on a subset of its ,,parent's'' network resources and in isolation from other virtual networks. Child networks support the controlled access to communities of users with specific connectivity, security and quality of service requirements. In this paper we introduce the Genesis Kernel, a virtual network operating system capable of profiling, spawning and managing virtual network architectures on--the--fly.}, year = {1999}, month = {March}, isbn = {0--7803--5261--0}, DOI = {10.1109/OPNARC.1999.758566}, booktitle = {Proc. of the 2nd IEEE Int'l Conf. on Open Architectures and Network Programming (OPENARCH 1999)}, pages = {115----127} } @Inproceedings { Knoche1999a, author = {Knoche, Hendrik and de Meer, Hermann and Kirsh, David}, title = {Utility Curves: Mean Opinion Scores Considered Biased}, abstract = {In the Coqos project task performance measures and a corresponding framework are suggested and pursued as a novel and more suitable means for determining utility curves. TPM are intended to avoid limits inherent in traditional measures like mean opinion scores. MOS rely merely on subjective ratings rather than on more objective performance in relation to a particular task or application of interest. Informational relevance and its impact on subjects can be measured more effectively by TPM. Inhibiting psychological and cognitive effects like consciousness or nonconsciousness of degradations or individual focusing and perspectives of subjects can be more appropriately evaluated and dealt with by means of TPM. The increasing importance of adaptation, in particular with the advance of MPEG4, as a means for QoS provisioning, both in wireless and wired environments, requires sensible techniques to effectively determine utility curves.}, year = {1999}, month = {June}, isbn = {0--7803--5671--3}, DOI = {10.1109/IWQOS.1999.766473}, booktitle = {Proc. of the 7th IEEE/IFIP Int'l Workshop on Quality of Service (IWQoS 1999),}, pages = {12----14} } @Article { Fischer1998a, author = {Fischer, Stefan and de Meer, Hermann}, title = {Cooperative QoS Management}, abstract = {Die Uebertragung und Darstellung kontinuierlicher Datenstroeme wie Audio und Video in verteilten Multimediasystemen verlangt ein effizientes Management der verwendeten Ressourcen, wenn eine zeitlich korrekte Darstellung der Datenstroeme beim Empfaenger erforderlich ist. Zu diesem Zweck wurde eine Reihe von QoS Managementsystemen entwickelt. In diesem Artikel wird zunaechst aufgezeigt, dass eine grundlegende Eigenschaft dieser Systeme, naemlich die Ende--zu--Ende--Verhandlung der QoS--Parameter, dazu fuehrt, dass sie eher ungeeignet fuer eine immer wichtiger werdende Klasse von multimedialen Anwendungen sind: den Massenanwendungen, bei denen eine grosse Zahl von Empfaengern gleichzeitig teilnimmt Als Loesungsmoeglichkeit wird das neue Cooperative QoS Management beschrieben, das auf der Verwendung von Agenten im Netz als Stellvertreter der Informationsanbieter basiert.}, year = {1998}, issn = {1865--8342 (Online); 0930--5157 (Print)}, DOI = {10.1515/piko.1998.21.4.195}, journal = {Praxis der Informationsverarbeitung und Kommunikation (PIK)}, volume = {4}, pages = {195----227} } @Inproceedings { Fischer1998b, author = {Fischer, Stefan and de Meer, Hermann}, title = {Decision Support for Cooperative QoS Management}, abstract = {Cooperative QoS management is a new quality of service management scheme which is based on QoS agents distributed within a system and cooperating with each other to provide the QoS negotiated with users, thereby ameliorating the overall system's resource usage and decreasing the communication costs. During their operations, agents have to take decisions in order to react on QoS violations, initiate QoS renegotiaition processes or react on renegotiation requests from other QoS agents. In this paper, we present two tools which support cooperating QoS agents in their decision processes: a model called Quality of Operation, based on a mathematical formula, and an approach based on a new variant of Stochastic Petri Nets, so--called Controlled Stochastic Petri Nets.}, year = {1998}, month = {May}, isbn = {0--7803--4482--0}, DOI = {10.1109/IWQOS.1998.675245}, booktitle = {Proc. of the 6th Int'l Workshop on Quality of Service (IWQoS 1998)}, publisher = {IEEE}, pages = {247----255}, keywords = {QoS; Intelligent agents; Resource management}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fischer1998b.pdf} } @Article { DeMeer1998b, author = {de Meer, Hermann and Puliafito, Antonio and Tomarchio, Orazio}, title = {Management of Quality of Service with Software Agents}, abstract = {As distributed multimedia applications become more widely diffused for QoS management are increasingly essential. In this paper we present an architecture for distributed QoS management based on software agents. We discuss the advantages of using agent technology in a problem inherently distributed and complex such as QoS management. Besides introducing several negotiation and coordination techniques among agents as fundamental properties for QoS management, it is argued in favor of decision making based on analytical and simulative modeling techniques. Furthermore, design and implementation issues are discussed in detail and our Java--based platform for an agent--based QoS management is introduced.}, year = {1998}, month = {May}, journal = {Cybernetics and Systems}, volume = {29}, pages = {499----523}, number = {5} } @Inproceedings { Fischer1998c, author = {Fischer, Stefan and de Meer, Hermann}, title = {QoS Management: A Model--Based Approach}, abstract = {Quality of Service (QoS) management is an important issue in today's high--speed distributed systems supporting multimedia applications. Most existing QoS management schemes usually just cope with technical issues of resource reservations and QoS guarantees, often completely neglecting revenue issues which are especially important for service providers in order to maximize their profit. The revenue to be expected does not only depend on the stream itself, but also very much on stochastic events such as network failures or QoS violations. A QoS management system taking revenue issues and the possibly stochastic behavior of the environment into account thus seems to be superior to the existing ones. In this paper, we show how controller programs for such enhanced QoS management systems can be developed based on a new kind of Petri Nets, so--called Controlled Stochastic Petri Nets. We show how to numerically analyze such models using a tool environment in order to obtain strategies for the QoS management system.}, year = {1998}, month = {June}, isbn = {0--8186--8566--2}, DOI = {10.1109/MASCOT.1998.693696}, booktitle = {Proc. of the 6th Int'l Symp. on Modeling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS 1998)}, publisher = {IEEE}, pages = {205----210}, keywords = {Controlled stochastic petri nets; Multimedia; QoS management; Performability; Optimization}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fischer1998c.pdf} } @Inproceedings { DeMeer1998c, author = {de Meer, Hermann and Puliafito, Antonio and Richter, Jan--Peter and Tomarchio, Orazio}, title = {QoS--Adaptation by Software Agents in the Presence of Defective Reservation Mechanisms in the Internet}, abstract = {Originally, the Internet delivered best--effort service quality with respect to end--to--end delay. Recently, extensions such as RSVP have been proposed to provide guaranteed real--time services as well. Unfortunately, network resources, such as routers, do not yet fully support RSVP reservation protocols so that guarantees cannot truly be given. In this paper, we suggest to follow the paradigm of open programmable networks for a more complete QoS provisioning. Reservation gaps or tunnels are dynamically closed by means of a software--agent approach that is flexibly deployed for an application oriented QoS support. Agents are dynamically located to such tunnels in order to monitor the tunnels, to provide feed--back information in case of QoS violations, and to decide on possible compensating measures to be taken.}, year = {1998}, month = {June}, isbn = {0--8186--8538--7}, DOI = {10.1109/ISCC.1998.702571}, booktitle = {Proc. of the 3rd IEEE Symp. Computers and Communications (ISCC 1998)}, publisher = {IEEE}, pages = {488----492}, keywords = {QoS management; RSVP; Internet; Intelligent and mobile agents; Open programmable networks}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer1998c.pdf} } @Book { Bolch1998a, author = {Bolch, Gunter and Greiner, Stefan and de Meer, Hermann and Trivedi, Kishor S.}, title = {Queueing Networks and Markov Chains: Modeling and Performance Evaluation With Computer Science Applications.}, abstract = {Information processing system designers need methods for the quantification of system design factors such as performance and reliability. Modern computer, communication, and production line systems process complex workloads with random service demands. Probabilistic and statistical methods are commonly employed for the purpose of performance and reliability evaluation. The purpose of this book is to explore major probabilistic modeling techniques for the performance analysis of information processing systems. Statistical methods are also of great importance but we refer the reader to other sources [Jain91,Triv82] for this topic. Although we concentrate on performance analysis, we occasionally consider reliability, availability, and combined performance and reliability analysis. Performance measures that are commonly of interest include throughput, resource utilization, loss probability, and delay (or response time).}, year = {1998}, isbn = {978--0--471--19366--1 (Print); 978--0--471--20058--1 (Online)}, publisher = {John Wiley \\& Sons}, tags = {MOSEL2} } @Inproceedings { Vicente1998a, author = {Vicente, John and Campbell, Andrew T. and de Meer, Hermann and Kounavis, Michael E. and Miki, Kazuho}, title = {The Genesis Project: Toward Programmable Virtual Networking}, year = {1998}, month = {Oct.}, booktitle = {Proc. of the Workshop on Open Signalling for ATM, Internet and Mobile Networks (OPENSIG 1998)} } @Inproceedings { Richter1998a, author = {Richter, Jan--Peter and de Meer, Hermann}, title = {Towards Formal Semantics for QoS Support}, abstract = {The introduction of the concept of QoS has led to an extension of the traditional concepts of service and service specification. However, the design of QoS support is usually done without a systematic approach, leading to concepts of QoS support ranging from basic QoS monitoring capabilities to hard real--time guarantees. In more advanced QoS support, intermediate layers should be designed in a way that enables the masking or controlled handling of sporadic QoS violations. To implement this degradation path support across multiple layers, a negotiation of preferred and supportable failure semantics is a requirement. To realize these advanced QoS support features, not only new QoS control mechanisms within the layers have to be developed but the semantics of QoS negotiation protocols between layers must be better understood and subsequently extended. A framework formally based on set theory and relations is presented that allows the specification of QoS hierarchies including a well--defined failure type model. The framework supports the development of QoS negotiation protocols and can be used as a formal base for a structured system analysis.}, year = {1998}, month = {March}, isbn = {0--7803--4383--2}, issn = {0743--166X}, booktitle = {Proc. of the 17th Annual Joint Conf. of the IEEE Computer and Communications Societies}, volume = {2}, publisher = {IEEE}, pages = {472----479} } @Article { DeMeer1998a, author = {de Meer, Hermann and Richter, Jan--Peter and Puliafito, Antonio and Tomarchio, Orazio}, title = {Tunnel agents for enhanced Internet QoS}, abstract = {This agent--based approach for improved Quality of Service provisioning follows the open programmable networks paradigm for complementing still--defective Internet reservation schemes. It provides more complete QoS provisioning in a flexible, highly scalable manner. The authors' Java--based agent platform might work especially well in heterogeneous environments, which distributed multimedia systems are most likely to face.}, year = {1998}, month = {Aug.}, DOI = {10.1109/4434.678787}, journal = {IEEE Concurrency}, volume = {6}, publisher = {IEEE}, pages = {30----39}, number = {2} } @Inproceedings { Fischer1998d, author = {Fischer, Stefan and de Meer, Hermann}, title = {Using Cooperation in QoS Selection to Reduce Service Cost}, abstract = {In some electronic commerce applications, not only the process of selling and buying is organized electronically, but also the transmission of the product, for example in video--on--demand or digital TV broad-- and multicasting. For such applications, transmission quality plays an important role since the customer will only be satisfied if he receives the product in the quality he paid for. Therefore, the transmission medium used should be able to offer a guaranteed service. Quality of Service managment systems are used to provide such guarantees. However, most existing systems are not suitable for electronic commerce applications since they (a) often do not scale, and (b) they are not concerned with the relation between cost and quality. In this paper, we present a new distributed QoS managment system that solves these problems. It is especially interesting for electronic commerce because it is able to lower the communication service cost, based on regional information available due to the distributed approach.}, year = {1998}, month = {June}, booktitle = {Proc. of the GI/IFIP Conf. on Trends in Electronic Commerce (TrEC 1998)}, keywords = {Quality of Service; Cost--related quality; Distributed QoS Managment; Agent Cooperation; Service Cost}, web_url2 = {http://vsis--www.informatik.uni--hamburg.de/ec98/}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fischer1998d.pdf} } @Inproceedings { Puliafito1997a, author = {Puliafito, Antonio and Tomarchio, Orazio and de Meer, Hermann}, title = {An agent--based framework for QoS management}, abstract = {As distributed multimedia applications become more widely diffused, systems for QoS management are increasingly essential. In this paper we will present an architecture for distributed QoS management based on software agents. A software agent is a software module often equipped with artificial intelligence mechanism which is capable, autonomously or in cooperation with other agents, of solving a certain problem or carrying out a certain task. We will show the advantage of an agent--based infrastructure in a problem inherently distributed and complex such as QoS management.}, year = {1997}, booktitle = {Proc. of the 1st IEEE Intern. World Conf. on System Simulation (WCSS 1997)}, keywords = {QoS management; Architecture; Software agents; Artificial intelligence; Agent--based infrastructure}, web_url2 = {http://sim.sagepub.com/content/68/1/5.full.pdf+html} } @Inproceedings { Richter1997a, author = {Richter, Jan--Peter and de Meer, Hermann}, title = {Control Policy Optimization of Heterogeneous Parallel Systems with Extended Markov Reward Models}, year = {1997}, month = {Sep.}, booktitle = {Proc. of the 1st IEEE Int'l World Conf. on Systems Simulation (WCSS 1997)} } @Inproceedings { DeMeer1997a, author = {de Meer, Hermann and Duesterhoeft, Oliver--Rainer}, title = {Controlled Stochastic Petri Nets}, abstract = {A new framework for the extension of stochastic Petri nets (SPNs) is introduced. SPNs are extended by elements providing means for a dynamic optimization of performability measures. A new type of transition is defined, offering a feature for specification of controlled switching, called reconfiguration, from one marking of a SPN to another marking. Optional reconfiguration transitions are evaluated in order to optimize a specified reward or cost function. The result of an analysis is provided in the output of a numerical computation, in the form of a graphical presentation of an optimal, marking dependent control strategy and the resulting performability measure when applying the optimal strategy. The extended SPNs are called COSTPNs (Controlled Stochastic Petri Nets). COSTPNs are mapped on EMRMs (Extended Markov Reward Models) for a numerical analysis. Computational analysis is possible with algorithms adopted from Markov decision theory, including transient and stationary optimization. The scope of the paper is to introduce the new control structure for SPNs and to present an algorithm for the mapping of COSTPNs on EMRMs.}, year = {1997}, month = {Oct.}, isbn = {0--8186--8177--2}, issn = {1060--9857}, DOI = {10.1109/RELDIS.1997.632792}, institution = {Computer Science Department, University of Hamburg}, booktitle = {Proc. of the 16th IEEE Symp. on Reliable Distributed Systems (SRDS 1997)}, publisher = {IEEE}, pages = {18----25}, number = {FBI--HH--B--193/96}, keywords = {Stochastic Petri nets; Performability; Dynamic optimization; Extended Markov reward models; Markov decision theory}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer1997a.pdf} } @Inproceedings { DeMeer1997b, author = {de Meer, Hermann and Fischer, Stefan}, title = {Controlled Stochastic Petri Nets for Multimedia QoS Management}, abstract = {Quality of Service (QoS) management is an important issue in today’s high--speed distributed systems supporting multimedia applications. Most existing QoS management schemes usually just cope with technical issues of resource reservations and QoS guarantees, often completely neglecting revenue issues which are especially important for service providers in order to maximize their profit. The revenue to be expected does not only depend on the stream itself, but also very much on stochastic events such as network failures or QoS violations. A QoS management system taking revenue issues and the possibly stochastic behavior of the environment into account thus seems to be superior to the existing ones. In this paper, we show how controller programs for such enhanced QoS management systems can be developed based on a new kind of Petri Nets, so--called Controlled Stochastic Petri Nets. We show how to numerically analyze such models using a tool environment in order to obtain strategies for the QoS management system.}, year = {1997}, month = {Sep.}, isbn = {3--8007--2298--4}, booktitle = {Proc. of the 9th GI/ITG Conf. on Measurement, Modeling, and Performance Evaluation of Computer and Communication Systems (MMB 1997)}, publisher = {VDE Verlag}, pages = {161----172}, keywords = {Controlled stochastic Petri nets; Multimedia; QoS management; Performability; Optimization}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer1997b.pdf} } @Inproceedings { Fischer1997a, author = {Fischer, Stefan and Hafid, Abdelhakim and Bochmann, Gregor and de Meer, Hermann}, title = {Cooperative QoS Management for Distributed Multimedia Applications}, abstract = {Quality of Service (QoS) management becomes more and more important, especially in networks where many applications are competing for a limited number of resources. As these applications become more complex (consider e.g. multiparty multimedia applications), the number of options for QoS management increases, leading to more complex decision processes. In this paper, we propose an approach for cooperative QoS management, where application--oriented QoS agents are distributed throughout the network and the end systems, communicating with each other. This distributed management system tries to guarantee the QoS level negotiated with the users, at the same time optimizing resource usage. The advantages of distributing the management process are (i) an easier and more precise localization of the cause of QoS problems, (ii) better knowledge of local situations, (iii) a lower complexity for a single QoS agent and (iv) an increase in possible actions. We describe management procedures for QoS negotiation, adaptation and renegotiation.}, year = {1997}, month = {June}, isbn = {0--8186--7819--4}, DOI = {10.1109/MMCS.1997.609609}, booktitle = {Proc. of the 4th IEEE Int'l Conf. on Multimedia Computing Systems (ICMCS'97)}, publisher = {IEEE}, pages = {303----310}, file_url = {http://www.net.fim.uni--passau.de/pdf/Fischer1997a.pdf} } @Inproceedings { DeMeer1997c, author = {de Meer, Hermann and Sevcikova, Hana}, title = {PENELOPE -- dependability evaluation and the optimization of performability}, abstract = {A new performance and performability modeling tool is introduced in this paper. PENELOPE is the first tool which incorporates evaluation and optimization algorithms. It is the result of a combination between the performability modeling concept and Markov decision theory. Different algorithms are adopted and included in the tool under the unifying paradigm of reconfigurability as the basis for adaptation and optimization. In addition to transient and steady--state performability measures, also transient and stationary control functions can be computed and graphically presented. Model specification and specification of transient or stationary control functions can be separately performed and deliberately combined with each other. Besides providing a new modeling paradigm, the tool supports model creation, experimentation, storage and presentation of results by means of an easily usable interface and an integrated model data base system.}, year = {1997}, month = {June}, isbn = {978--3--540--63101--9}, issn = {0302--9743 (Print); 1611--3349 (Online)}, DOI = {10.1007/BFb0022194}, booktitle = {Proc. of 9th Int'l Conf. on Computer Performance Evaluation (Tools 1997)}, volume = {1245}, publisher = {Springer--Verlag}, series = {Lecture notes in Computer Science (LNCS)}, pages = {19----31}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer1997c.pdf}, note = {The original publication is available at www.springerlink.com (1997)} } @Inproceedings { Knoche1997a, author = {Knoche, Hendrik and de Meer, Hermann}, title = {Quantitative QoS Mapping: A Unifying Approach}, abstract = {Distributed multimedia (MM) systems have to provide users with the ability to specify their performance requirements. Quality of service (QoS) parameters represent an adequate measure for the specification of time--dependent MM--data lika audio or video streams. In order to guarantee the fulfillment of application requirements, a mapping onto the involved network and operating system resources has to be performed. This paper shows how QoS translation can be performed in distributed MM--systems. Parameter translations between abstraction layers including a terminology and the interpendencies between the parameters are presented. Furthermore, mapping stimuli that imply a modification of QoS parameters are identified and their respective effects are described.}, year = {1997}, month = {May}, booktitle = {Proc. of the 5th IFIP Int'l Workshop on Quality of Service (IWQoS 1997)}, publisher = {Chapman \\& Hall}, pages = {347----358}, keywords = {QoS mapping; QoS translation; QoS parameters; QoS mapping stimuli} } @Inproceedings { Hauff1997a, author = {Hauff, Harald}, title = {Schaden--Praevention im internationalen Informations-- und Datenverkehr?}, abstract = {In den letzten 20 Jahren haben neue Kommunikations-- und Informationstechniken eine stuermische Entwicklung erfahren. Nicht nur Geschwindigkeiten und Technologien der Informatonsuebertragung und Informationsverarbeitung haben sich geaendert, sondern auch die bewegten und gespeicherten Datenmengen sowie deren wirtschaftliche, gesellschaftliche, politische und kulturelle Bedeutung.}, year = {1997}, booktitle = {Proc. of the 16th Int. Summer Symp. on Sicherheitstechnik in Europa -- Orientierung, Zustaende, Aufgaben, Ergebnisse (GfS--Sommer--Symposium 1995)}, publisher = {Gesellschaft fuer Sicherheitswissenschaft (GfS)}, pages = {111----124} } @Techreport { DeMeer1996a, author = {de Meer, Hermann and Sevcikova, Hana}, title = {XPenelope User Guide}, abstract = {XPENELOPE provides a user--friendly X window environment for PENELOPE. It supports the tasks of model creation, specification and control of series of experiments, an visualization of the results. PENELOPE provides numerical and simulative methods based on the theory of Markov decision processes that are applicable for the optimization of performability measures. The optimization paradigm is based on the concept reconfigurability. Transient as well as stationary control strategies and performance functions can be computed.}, year = {1996}, month = {Dec.}, institution = {University of Hamburg}, volume = {265}, address = {Hamburg, Germany}, keywords = {Informatik; Angewandte Informatik; PENELOPE; XWindow}, file_url = {http://www.net.fim.uni--passau.de/pdf/DeMeer1996a.pdf} } @Incollection { Hauff1995a, author = {Hauff, Harald}, title = {Patienten--Chipkarte und IT--Sicherheit}, abstract = {Medizinische Daten, Informationstechnik und IT--Sicherheit, ein unloesbarer Konflikt? Nicht erst seit dem Volkszaehlungsgesetz und der Einfuehrung der Krankenversichertenkarte (KVK) ist die Wahrnehmung von Risiken und Gefahren im Umgang mit personenbezogenen Daten und deren Be-- bzw. Verarbeitung in informationstechnischen Systemen in der Gesellschaft gestiegen.}, year = {1995}, isbn = {978--3922746263}, booktitle = {Patienten und ihre computergerechten Gesundheitsdaten}, publisher = {SecuMedia Verlag}, series = {Die Boppard--Veranstaltungen des BSI zur Technikfolgen--Abschaetzung}, editor = {Bundesamt fuer Sicherheit in der Informationstechnik (BSI)}, pages = {130----134} } @Article { DeMeer1994a, author = {de Meer, Hermann and Trivedi, Kishor S. and Dal Cin, Mario}, title = {Guarded Repair of Dependable Systems}, abstract = {Imperfect coverage and nonnegligible reconfiguration delay are known to have a deleterious effect on the dependability and the performance of a multiprocessor system. In particular, increasing the number of processor elements does not always increase dependability. An obvious reason for this is that the total failure rate increases, generally, linearly with the number of components in the system. It is also a well--known fact that the performance gain due to parallelism mostly turns out to be sublinear with the number of processors. It is therefore important to optimize the degree of parallelism in system design. A related issue is that by deferring repair, it is sometimes possible to improve system dependability. In this case decisions have to be made dynamically as to when to repair and when not to repair. Most of the current research deals with static optimization of the number of processors. No systematic approach for dynamic control of dependable systems has been proposed so far. Dynamic, i.e. transient, decision of whether or not to repair is the optimization problem considered in this paper. We propose extended Markov reward models (EMRM) to capture such questions. EMRM are a marriage between performability modeling techniques and Markov decision theory. A numerical solution procedure is developed to provide optimal solution trajectories for this problem. EMRM are a general framework for the dynamic optimization of reconfigurable, dependable systems. The optimization is applied on the basis of several performance and dependability measures. In particular, we explore availability, capacity--oriented availability, performance--oriented unavailability, and performability measures. Furthermore, off--line and on--line repair strategies are compared. We show that guarded repair can improve system performance and dependability significantly. The control strategies and reward functions differ a lot in each case. Each scenario turns out to be interest in its own right. A time--dependent optimality of dependable, parallel configurations can be determined from our results.}, year = {1994}, month = {June}, issn = {0304--3975}, DOI = {10.1016/0304--3975(94)90169--4}, journal = {Theoretical Computer Science}, volume = {128}, publisher = {Elsevier}, pages = {179----210}, number = {1--2}, tags = {EuroNGI} } @Incollection { Hauff1994a, author = {Hauff, Harald}, title = {Reduktion von Komplexitaet -- vier Fallbeispiele im Ueberblick}, abstract = {In vier Kurzportraits werden Themen behandelt, die zunaechst als einfach erkennbare Gemeinsamkeit den Begriff Simulation besitzen.}, year = {1994}, isbn = {978--3922746256}, booktitle = {COMPUTERSIMULATION -- (k)ein Spiegel der Wirklichkeit}, publisher = {SecuMedia Verlag}, series = {Die Boppard--Veranstaltungen des BSI zur Technikfolgen--Abschaetzung}, editor = {Bundesamt fuer Sicherheit in der Informationstechnik (BSI)}, pages = {79----85}, web_url2 = {http://bvbr.bib--bvb.de:8991/F?func=service\&doc{\textunderscore}library=BVB01\&doc{\textunderscore}number=017400154\&line{\textunderscore}number=0001\&func{\textunderscore}code=DB{\textunderscore}RECORDS\&service{\textunderscore}type=MEDIA} }