Publications


Alexander Palm, Zoltán Ádám Mann, Andreas Metzger: Modeling data protection vulnerabilities of cloud systems using risk patterns. Proceedings of the 10th System Analysis and Modeling Conference (SAM), pp. 1-19, 2018


Julian Bellendorf, Zoltán Ádám Mann: Cloud topology and orchestration using TOSCA: A systematic literature review. Proceedings of the 7th European Conference on Service-Oriented and Cloud Computing (ESOCC), pp. 207-215, 2018


Zoltán Ádám Mann, Andreas Metzger: Auto-adjusting self-adaptive software systems. Proceedings of the 15th IEEE International Conference on Autonomic Computing (ICAC), pp. 181-186, 2018


Nazila Gol Mohammadi, Zoltán Ádám Mann, Andreas Metzger, Maritta Heisel, James Greig: Towards an end-to-end architecture for run-time data protection in the cloud. Proceedings of the 44th Euromicro Conference on Software Engineering and Advanced Applications (SEAA), pp. 514-518, 2018


Gol Mohammadi N., Leicht J., Ulfat-Bunyadi N., Heisel M. (2019) Privacy Policy Specification Framework for Addressing End-Users’ Privacy Requirements. In: Gritzalis S., Weippl E., Katsikas S., Anderst-Kotsis G., Tjoa A., Khalil I. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2019. Lecture Notes in Computer Science, vol 11711. Springer, Cham. The paper presents the RestAssured approach for addressing users’ privacy preferences using privacy policies.


Ludger Goeke, Nazila Gol Mohammadi, Maritta Heisel: Context Analysis of Cloud Computing Systems Using a Pattern-Based Approach. In: Future Internet 2018, 10, 72. The paper presents the approach of  RestAssured for the context definition prior to risk assessment.


Stefan Schoenen, Zoltán Ádám Mann, Andreas Metzger: Using risk patterns to identify violations of data protection policies in cloud systems. In: 13th International Workshop on Engineering Service-Oriented Applications and Cloud Services (WESOACS 2017)   We present a model-based approach for identifying violations of data protection policies at run-time. Key elements of our approach are (1) a run-time model to represent the actual cloud system and its stakeholders at runtime, and (2) risk patterns that commonly appear in the context of data protection issues. Our approach aims to find instances of these risk patterns in the run-time model.


Zoltán Ádám Mann: Resource optimization across the cloud stack. In: IEEE Transactions on Parallel and Distributed Systems, volume 29, issue 1, pages 169-182, 2018   This paper addresses the joint optimization problem of mapping application components to virtual machines and mapping virtual machines to physical machines, taking into account sizing aspects, colocation constraints stemming from data protection issues, license costs, and hardware affinity relations.


Zoltán Ádám Mann, Andreas Metzger: The special case of data protection and self-adaptationIn: IEEE/ACM 13th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS 2018)     We consider the interplay between data protection and self-adaptation and argue that (i) self-adaptation may facilitate the efficient protection of sensitive data; (ii) data protection has peculiar properties that make its treatment different from other quality attributes; and (iii) data protection should be considered in combination with other quality attributes like performance and costs.


Zoltán Ádám Mann: Cloud simulators in the implementation and evaluation of virtual machine placement algorithms. In: Software: Practice and Experience     This paper investigates the impact of the choice of cloud simulator on the implementation of cloud resource optimization algorithms and on the evaluation results. In particular, we report our experiences with porting an algorithm and its evaluation framework from one simulator (CloudSim) to another (DISSECT-CF).


Zoltán Ádám Mann, Andreas Metzger, Stefan Schoenen: Towards a run-time model for data protection in the cloud. In: I. Schaefer, D. Karagiannis, A. Vogelsang, D. Méndez, C. Seidl (Eds.): Modellierung 2018. Gesellschaft für Informatik e.V., pp. 71-86, 2018   To foster a model-based approach to detecting and mitigating data protection violations in cloud systems, this paper proposes a meta-model of cloud systems. The meta-model includes technical components from infrastructure, middleware, and applications, but also further concepts describing data and stakeholders. This makes it possible to reason about all the socio-technical aspects relevant for protecting sensitive data.


Sevil Dräxler, Holger Karl, Zoltán Ádám Mann: Joint Optimization of Scaling and Placement of Virtual Network Services. In: IEEE/ACM 17th International Symposium on Cluster, Cloud and Grid Computing, CCGrid 2017, Madrid, Spain, 2017, IEEE Computer Society, 2017.   This publication describes a new method and new algorithms for adaptively scaling and placing virtualized network functions (e.g., firewall, deep packet inspection, anti-virus, parental control) and their data flows in the cloud.


Zoltán Ádám Mann, Andreas Metzger: Optimized Cloud Deployment of Multi-tenant Software Considering Data Protection Concerns. In: IEEE/ACM 17th International Symposium on Cluster, Cloud and Grid Computing, CCGrid 2017, Madrid, Spain, 2017, IEEE Computer Society, 2017.   This publication addresses the question of how secure hardware enclaves as part of cloud servers may increase the optimization possibilities of cloud providers. New algorithms are proposed to take advantage of such capabilities with the aim of ensuring data protection and minimizing costs simultaneously. Experimental results suggest that even a small percentage of secure hardware enclaves may lead to significant cost savings.


Zoltán Ádám Mann: Two are better than one: An algorithm portfolio approach to cloud resource management. In: Proceedings of the 6th European Conference on Service-Oriented and Cloud Computing (ESOCC 2017), Springer LNCS vol. 10465, pp. 93-108, 2017.   This paper suggests an algorithm portfolio approach in which multiple algorithms for dynamic optimization of resource allocation in virtualized data centers coexist. Based on continual monitoring and analysis of the state of the data center, the optimization algorithm that is most suitable is chosen on the fly. Thereby, the balance between optimization quality and reaction time can be tuned adaptively. Empirical results show that this approach leads to improved overall results.


Mann, Zoltan (UDE), Salant, Eliot (IBM), Surridge, Mike (IT Innovation), Ayed, Dhouha (Thales), Boyle, John (OCC), Heisel, Maritta (UDE), Metzger, Andreas (UDE), Mundt, Paul (Adaptant): Secure Data Processing in the Cloud. ESOCC EU Workshop, 27 September 2017, Olso.


Other Papers


Alexander Palm, Zoltán Ádám Mann, and Andreas Metzger: Modelling Data Protection Vulnerabilities of Cloud Systems using Risk Patterns (Technical Report)

Julian Bellendorf and Zoltán Ádám Mann: Cloud topology and orchestration using TOSCA: A systematic literature review. Technical Report, 2018


Public Deliverables


D2.1 – Project Management and Quality Assurance Handbook

D3.1 – Initial High Level Architecture

D3.2 – First High-Level Architecture & Methodology

D4.1 – Conceptual Foundation of the RestAssured Secured Enclave

D5.1 – Concept for End-User Privacy Policy Violation Detection

D6.1 – Methodology for Decentralized Data lifecycle Management

D7.1 – RestAssured Security and Privacy Engineering Methodology

D8.1 – First Validation Plan

D9.1 – Data Management Plan

D9.2 – Impact Plan

D9.3 – First Impact and Innovation Management Summary Report