Fatih Karatas

Towards Transparent Anonymity for User-controlled Servers Supporting Collaborative Scenarios

The increasing tendency of using user-controlled servers for supporting different scenarios from leisure and professional life raises new security challenges. Especially when those servers are used to support collaborative scenarios (e.g., communication and sharing with others), the requirement for anonymity at the network level should be supported in an efficient way. In this paper we present a specific communication scenario that could lead to link ability even though anonymous networks are used. The requirements gathering is based on realistic requirements from the EU FP7 di.me project requiring to empower lay end-users to collaborate with their contacts. Thereby anonymity at the network level also needs to be considered in order to disguise the physical location of the users and also of their server(s). We present an approach satisfying these anonymity requirements by means of a Tor based software component in order to overcome such privacy problems. First results are presented and the portability of the suggested solution for similar settings as well as future work directions are discussed.

Towards secure and at-runtime tailorable customer-driven public cloud deployment

Cloud computing as a facility for outsourcing IT related tasks is a growing trend. Customer-driven application deployment in public clouds has to be secure and flexible by means of easing security configuration as well as by avoiding the vendor lock-in problem. In this paper we present an approach intending to meet these needs by (1) easing security configuration(s), (2) automating the consideration of security best practices and adding/enabling anonymity components at-runtime, and (3) by using Open Virtualization Format (OVF) in order to overcome the vendor lock-in problem. The requirements gathering is based on the needs of three projects from different business domains, the EU FP7 digital.me project, the multidisciplinary iFishWatcher/iAngle combined project and the joint german-french research and development project ReSCUe IT. All projects require empowering lay as well as experienced customers to (re-)deploy their own applications and migrate them easily by considering security thereby. Supporting tailorability of the deployed environment by adding anonymity components at-runtime without downtimes is a specific requirement in these projects. We present first results and discuss experiences and future work directions.

Privacy and Security in Multi-modal User Interface Modeling for Social Media

This paper addresses privacy and security issues regarding the modeling of multi-modal user interfaces for social media applications. The proposed approach describes how privacy and security concerns are modeled from the user interface perspective, and how this model is related to a four layer conceptual framework for developing multi-modal and multi platform user interfaces. The approach also explains how to adapt these models to the development of social media applications. Finally, we use this proposal to model the Social TV case of study as an example of a social media application to show its feasibility.

An Approach for Compliance-Aware Service Selection with Genetic Algorithms

Genetic algorithms are popular for service selection as they deliver good results in short time. However, current approaches do not consider compliance rules for single tasks in a process model. To address this issue, we present an approach for compliance-aware service selection with genetic algorithms. Our approach employs the notion of compliance distance to detect and recover violations and can be integrated into existing genetic algorithms by means of a repair operation. As a proof-of-concept, we present a genetic algorithm incorporating our approach and compare it with related state-of-the-art genetic algorithms lacking this kind of check and recovery mechanism for compliance.

A flexible approach for considering interdependent security objectives in service composition

Current Quality of Service (QoS) models for service compositions are considering security either as a single QoS attribute (measured in abstract units of security) or as a number of independent attributes such as uptime probability. In the face of numerous interdependent protection goals, either general or domain-dependent, this approach is insufficient to capture most real-world scenarios adequately. To cope with this limitation, we introduce in this paper our approach of modeling protection goals as interdependent utility functions over QoS attributes. Furthermore, we present a prototypical tool which supports domain experts in defining QoS- and domain models of any complexity as well as decision makers in finding near-optimal service compositions based on these models.

Towards visual configuration support for interdependent security goals

This work investigates visual support for easing the configuration of interdependent security goals. The interdependent nature of security goals did not receive sufficient attention in related work yet. A formal approach to adequately model interdependent security goals are multi-criteria optimization problems which can be solved either exactly or heuristically. This however depends on the question if the user is able to articulate his/her preferences regarding security goals. Furthermore, heuristic approaches confront users with possibly unlimited alternative configurations where each solution is equally well. In order to support users in the process of articulating preferences and selecting a suiting alternative, we provide visual facilities at the level of the user interface. The need for handling such issues emerged from the analysis of the EU funded di.me project which explicitly requires that such configurations are carried out by lay users. We present an approach tackling these issues by means of visual concepts triggering a service selection in the background which respects the interdependence of security goals. We concretely discuss the application of our approach by addressing a scenario concerned with deployment decisions in the di.me project.

Considering Interdependent Protection Goals in Domain-Specific Contexts: The di.me Case Study

In domain-specific contexts such as ecosystems of equal applications, usually individual requirements in terms of quality attributes and interdependent protection goals arise which need to be taken into account for e.g., deployment decisions. Current Quality-of-Service (QoS) models however are mostly static and handle security either as single attribute or decompose it into several independent attributes. In this paper we present our approach, which addresses this gap by defining protection goals as interdependent utility functions over QoS attributes. We show an application of this approach on the EU FP7 project di.me, namely the di.me ecosystem of private user deployed and managed servers.

Evaluating Usability and Privacy in Collaboration Settings with DUIs: Problem Analysis and Case Studies

The construction of mature products considering needs of end-users leads to several challenges. Especially if various experts are involved in the evaluation of prototypes being built towards a final product, an efficient support becomes crucial. In this contribution we address how such a process could be efficiently performed by means of DUI technology. We address this primarily for our case studies concerned with evaluating privacy and its usability in collaborative settings. The main idea thereby focuses on the involvement of end-users and respective usability and security experts in co-located or distributed settings. We analyze two case studies (i.e. end-user driven cloud deployment and SocialTV) and discuss our findings. The chosen case studies reflect the advantage of two-sided DUI’s for collaboration support, namely, how to collaboratively evaluate usability of security and privacy measures in prototypes, which in their turn could have a collaborative nature.

Model-driven privacy and security in multi-modal social media UIs

Model-driven approaches in software development are widely seen as a useful concept to a) support the formulation of non-functional requirements (NFRs) in a way domain experts are capable of, b) allow integration of multiple perspectives (from multiple domains) on the modeled system, and c) allow a stepwise refinement when actually realizing these models by a sequence of model transformations from high-, non-IT expert level down to a rather technical level. In this paper, the NFRs privacy and security are focused in the modeling of multi-modal user interfaces for social media applications. It is described how privacy and security concerns are modeled from the user interface perspective, and how this model is related to a four layer conceptual framework for developing multi-modal and multi-platform user interfaces. The approach also explains how to adapt these models to the development of social media applications. Finally, we use this proposal to model the SocialTV case study as an example of a social media application to show its feasibility.