Publications
List of Publications
Business Informatics Group, TU Wien
A Linked Data Based Messaging Architecture for the Web of Needs
Florian KleedorferChristina Maria BuschChristian HuemerChristian PichlerKeywords: Linked Data, Electronic Marketplaces, Semantic web
Astract: Electronic marketplaces are built to resemble real marketplaces structurally. Consequently, they are centralized systems, walled gardens with an intrinsic tendency to lock merchants and clients in. We argue that this structure is not necessary on the Web and that all online marketplaces could merge into one global medium for exchange. In this paper, we propose an architecture for such a medium based on semantic Web standards, encompassing the functionalities of publishing an intention to buy or sell, finding transaction partners, and conducting transactions. We focus on the basic protocol layer and explain how messaging and linked data are combined in a novel way to realize a highly dynamic communication system.
Kleedorfer, F., Busch, C. M., Huemer, C., & Pichler, C. (2016). A Linked Data Based Messaging Architecture for the Web of Needs. Enterprise Modelling and Information Systems Architectures : International Journal of Conceptual Modeling, 11(3). https://doi.org/10.18417/emisa.11.3
Improving the comprehension of domain-specific languages by utilizing visualizations
Alexander AltenhuberTanja MayerhoferPhilip LangerGerti KappelKeywords: Domain-Specific Languages, Software Visualization, Software Comprehension, Model Engineering
Astract: Domain-specific languages (DSLs) are popular for many reasons such as increasing productivity for developers and improving communication with domain experts. DSLs can be divided into textual and graphical DSLs. Textual DSLs let users create models by using a textual concrete syntax (TCS). Graphical DSLs render the model by means of a graphical concrete syntax (GCS), which is based on graphical shapes and also facilitates graphical editing. Using a TCS may lead to higher productivity due to editor functionalities like search and replace, syntax highlighting, and code completion. Textual models, however, may be hard to understand for novice developers and domain experts in particular. Graphical representations of models, such as GCSs, aim at improving the comprehension of models and the communication with domain experts. A GCS, however, mostly visualizes structural aspects of the model by defining a mapping between semantic elements and graphical elements. Furthermore, graphical editing capabilities may impose restrictions on the design of a GCS. Therefore, a GCS might not be the best option when solely aiming at improving the comprehension. This thesis analyzes a way of combining both representations by using a textual DSL for editing purposes and read-only graphical representations which entirely aim at improving the comprehension of the DSL. This allows developers to fully concentrate on building graphical representations which highlight specific aspects of models and help users to better understand or interpret them. These graphical representations are referred to as visualizations in this thesis. A visualization is a graphical representation that cannot be edited and highlights a particular aspect. This thesis mainly aims at investigating if visualizations can increase users¿ comprehension of models. Furthermore, it intends to evaluate the feasibility of using JavaFX as a base technology for creating visualizations. The results of this work are evaluated based on two use cases. The first use case aims at exploring and illustrating the technical capabilities of using JavaFX as a technology for creating visualizations. The second use case intends to evaluate the practical relevance of visualizations in the domain of automotive testing by creating visualizations for an existing DSL. The answers to our research questions are based on the results of in-depth interviews, which have been conducted with engineers professionally using the DSL.
Altenhuber, A. (2016). Improving the comprehension of domain-specific languages by utilizing visualizations [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2016.38323
18th IEEE Conference on Business Informatics
Elena KornyshovaGeert PoelsChristian HuemerIsabelle WattiauFlorian MatthesJorge Sanz
Kornyshova, E., Poels, G., Huemer, C., Wattiau, I., Matthes, F., & Sanz, J. (Eds.). (2016). 18th IEEE Conference on Business Informatics. IEEE Computer Society. https://doi.org/10.1109/CBI39511.2016
Kornyshova, E., Poels, G., & Huemer, C. (Eds.). (2016). 18th IEEE Conference on Business Informatics. IEEE Computer Society. https://doi.org/10.1109/cbi.2016.1
Rahmenwerk zur modellbasierten horizontalen und vertikalen Integration von Standards für Industrie 4.0
Alexandra MazakManuel WimmerChristian HuemerGerti KappelWolfgang KastnerBirgit Vogel-HeuserKeywords:
Astract: In Anlehnung an die Umsetzungsempfehlung des deutschen Arbeitskreises zu Industrie 4.0 widmen wir uns in diesem Kapitel dem offenen Handlungsfeld der Standardisierung und Referenzarchitektur im Kontext einer modellbasierten horizontalen und vertikalen Integration. Wir zeigen, dass die Zusammenführung international etablierter Standards genutzt werden kann, um eine flexible Informationsarchitektur zu schaffen. Zu diesem Zweck präsentieren wir ein offenes, dreidimensionales Rahmenwerk von Standards für Industrie 4.0. Die erste Dimension berücksichtigt die Unterscheidung zwischen den unterschiedlichen Ebenen in einem Unternehmen, in Anlehnung an die klassische Automatisierungspyramide. Die zweite Dimension unterscheidet zwischen den internen und den externen Aspekten der horizontalen und vertikalen Integration. Die dritte Dimension differenziert zwischen der wirtschaftlichen Tätigkeit der teilneh-
menden Unternehmen im Wertschöpfungsnetzwerk und den technischen Aspekten des nahtlosen Daten- und Informationsaustausches.
Mazak, A., Wimmer, M., Huemer, C., Kappel, G., & Kastner, W. (2016). Rahmenwerk zur modellbasierten horizontalen und vertikalen Integration von Standards für Industrie 4.0. In B. Vogel-Heuser (Ed.), Handbuch Industrie 4.0 (pp. 1–22). Springer-Verlag Berlin Heidelberg. https://doi.org/10.1007/978-3-662-45537-1_94-1
From Architecture Modeling to Application Provisioning for the Cloud by Combining UML and TOSCA
Alexander BergmayrUwe BreitenbücherOliver KoppManuel WimmerGerti KappelFrank Leymann
Bergmayr, A., Breitenbücher, U., Kopp, O., Wimmer, M., Kappel, G., & Leymann, F. (2016). From Architecture Modeling to Application Provisioning for the Cloud by Combining UML and TOSCA. In Proceedings of the 6th International Conference on Cloud Computing and Services Science. 6th International Conference on Cloud Computing and Services Science (CLOSER), Rome, Italy, EU. https://doi.org/10.5220/0005806900970108
Verifiability and Traceability in a Linked Data Based Messaging System
Florian KleedorferYana PanchenkoChristina Maria BuschChristian HuemerKeywords:
Astract: When linked data applications communicate, they commonly use messaging technologies in which the message exchange itself is not represented as linked data, since it takes place on a different architectural level. When a message cannot be verified and traced on the linked data level, trust in data is moved from message originators to service providers. However, there are use cases in which the actual message exchange and its verifiability are of importance. In such situations, the separation between application data and communication data is not desirable. To address this, we propose messaging based on linked data, where communicating entities and their messages are represented as interconnected Web resources, and we show how conversations can be made verifiable using digital signatures.
Kleedorfer, F., Panchenko, Y., Busch, C. M., & Huemer, C. (2016). Verifiability and Traceability in a Linked Data Based Messaging System. In Proceedings of the 12th International Conference on Semantic Systems. 12th International Conference on Semantic Systems (SEMANTICS 2016), Leipzig, EU. ACM. https://doi.org/10.1145/2993318.2993342
Keywords:
Astract: Cloud computing became the dominant computing model in the IT industry today. With this rapid adoption new questions arise in the area of software testing. Many of the existing functional testing methods can be transferred to cloud-based environments. Though, non-functional testing became a many-faceted problem due to the distributed and dynamic nature of cloud systems. With Google App Engine as an example for an established and widespread implementation of the Platform as a Service model, this thesis examines two in cloud-based software important non-functional requirements: scalability and elasticity. For this goal three questions have been elaborated: Is JMeter a load generator tool suitable for cloud-based applications? How does Google App Engine handle high traffic scenarios? What are the consequences of the limitations enforced by the Google Cloud Datastore, e.g. the entity group write limit? Thereby a special focus is on the migration from existing Java-based applications into the Cloud.
Naderer-Puiu, P. (2016). Non-functional testing in cloud environments [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2016.25320
A MOOC prototype on object-oriented modeling : development, usage and evaluation
Anita SiemayrGerti KappelKeywords: Massive Open Online Course, MOOC, Object-Oriented Modeling, OOM, Presentation Technique, Motivation
Astract: Massive Open Online Courses (MOOCs) are a new way of teaching and learning. Thousands of people participate in free online courses over several weeks. These courses do not have any registration restrictions such as a specific educational level. The content of the individual courses is provided via videos, texts, quizzes, assignments and projects. This Master Thesis investigates which presentation techniques are accepted by the students as far as teaching a Modeling Language is concerned. Furthermore, the motivational reasons for students to participate in a MOOC on Modeling Languages is evaluated. For the purpose of this Master Thesis, a MOOC on the UML Class Diagram, which is a part of Object-Oriented Modeling, has been developed and run. Subsequently, the MOOC was evaluated based on two questionnaires and logfiles of the course itself. Finally, the results have been interpreted in order to answer the research questions. The video style showing slides and the instructor is the most accepted presentation technique for teaching Modeling Languages. Animated handwriting shows less in-video dropouts but is not very popular with students. Projects and Quizzes are the most helpful activities for MOOC users. Most of the students take a MOOC because they are passionate about learning an interesting new topic. Gaining bonus points for the in-class lecture at the TU Wien is also a motivation driver for doing a MOOC.
Siemayr, A. (2016). A MOOC prototype on object-oriented modeling : development, usage and evaluation [Diploma Thesis, Technische Universität Wien]. reposiTUm. https://doi.org/10.34726/hss.2016.37428
Attacking confidential data stored in hardware-based secure elements on android-based NFC mobile phones
Alexander NawratilFlorian FankhauserThomas GrechenigKeywords: Smartphones, Security, Near Field Communication, Secure Elements, Secure Element Evaluation Kit, Relay Attacks, Privilege Escalation, Mobile Payment
Astract: Mobile phones have been part of our daily use for many years, evolving from devices providing basic voice communication to modern smartphones, which offer a feature-rich, highly customizable platform as well as comprehensive connectivity such as in the case of Near Field Communication. This technology opens the way to new applications like digital wallets, electronic tickets and access control systems. Actual applications of these use cases may involve storage and handling of confidential data such as cryptographic material, authorization codes or payment-related balances, which are to be protected from disclosure or unauthorized modification by all means. Secure Elements (SEs) provide an isolated, secure environment to operate on this kind of sensitive information inside untrusted devices. This thesis discusses hardware and software-based features in modern smartphones regarding secure storage and processing of sensitive information on SEs. A primary focus of this work are security design flaws found in Secure Element Evaluation Kit (SEEK), an application framework providing limited access to secure elements in smartphones running the Android operating system. These flaws may give an attacker unrestricted access to any SE managed by SEEK. An exploit for one of the flaws in SEEK, running on an unmodified Android-based smartphone, is presented, giving a potential attacker full control of SEEK and its access control mechanism. The same vulnerable device is then used to perform a mobile payment transaction in a relay attack setup over Bluetooth and mobile networks to demonstrate the risks of these new technologies.
Nawratil, A. (2016). Attacking confidential data stored in hardware-based secure elements on android-based NFC mobile phones [Diploma Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/79072