Gunther Schiefer

Comparison of Different Approaches for Mobile Advertising

Mobile terminals, such as cellular phones and PDAs, have an enormous advertising potential: they are extremely popular and most people carry such devices with them all day, enabling personalized advertising. However, there is a serious danger that the Spam wave, known from e-mail communication, will spillover to mobile devices. In addition, it is important to take protection of private data seriously, because mobile terminals are also used for personal communication. In this article, we discuss the special features and challenges of mobile advertising and introduce the MoMa-system for mobile advertising. MoMa supports personalized advertising using context information while guaranteeing data protection. We also name criteria for the comparison of mobile advertising systems and apply them to compare MoMa to other approaches

PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud Services

The valuable transformation of organizations that adopt cloud computing is indisputably accompanied by a number of security threats that should be considered. In this paper, we outline significant ...

ADVERTISING VIA MOBILE TERMINALS - Delivering context sensitive and personalized advertising while guaranteeing privacy

Mobile terminals like cellular phones and PDAs are a promising target platform for mobile advertising: The devices are widely spread, are able to present interactive multimedia content and offer as almost permanently carried along personal communication devices a high degree of reachability. But particular because of the latter feature it is important to pay great attention to privacy aspects and avoidance of spam-messages when designing an application for mobile advertising. Furthermore the limited user interface of mobile devices is a special challenge. The following article describes the solution approach for mobile advertising developed within the project MoMa, which was funded by the Federal Ministry of Economics and Labour of Germany (BMWA). MoMa enables highly personalized and context sensitive mobile advertising while guaranteeing data protection. To achieve this we have to distinguish public and private context information.

A SME-friendly framework for the provision of mobile services

The development and operation of value-added data services for mobile terminals still requires a lot of time, manpower, highly specialized know-how about telecommunication networks and financial resources, so for small and medium-sized enterprises (SME) it is difficult or even impossible to set up such services for their own use or for their customers. Since SME play an important economic and thus social role, often contribute to innovation and many of them have highly specialized know-how this is an untenable situation. The aim of the intended research-project MODIFRAME is therefore to develop and evaluate a technical framework which provides the complete infrastructure needed by SME to develop and operate mobile services.

A System for Mobile and Wireless Advertising

Mobile terminals are an interesting medium for advertising because of the high penetration rates and their character as personal communication devices. Since advertising in general has the reputation of being something annoying there has to be some kind of incentive mechanism to obtain permission from the consumers for advertising on their mobile terminals. The MoMa-system for mobile and wireless advertising described in the following article focuses on personalized information as such an incentive mechanism. For the provision of personalized information a system requires personal data like profile information and the current location of an user. But there are privacy concerns when providing such information for a mobile advertising application, of course. Thus we designed MoMa in a way to realize both of this conflicting requirement: personalized information and guaranteeing data protection.

A Distributed Key Management Approach

Cloud computing provides reliable and highlyscalable access to resources over the internet. But outsourcing sensitive data to an probably untrusted cloud provider (third party) requires cryptographic methods like encryption. This paper presents a novel approach to a distributed cloud key management scheme. In a setting with a public cloud application, data is encrypted by a separate trusted adapter before storing somewhere else. The encryption key is not persistently stored at the adapter. Several entities share parts of the key that is computed and temporarily stored at the adapter if needed. This work describes how the key management is working during bootstrapping and runtime as well as how key recovery can be performed.

Security in a Distributed Key Management Approach

Cloud computing offers many advantages as flexibility or resource efficiency and can significantly reduce costs. However, when sensitive data is outsourced to a cloud provider, classified records can leak. To protect data owners and application providers from a privacy breach data must be encrypted before it is uploaded. In this work, we present a distributed key management scheme that handles user-specific keys in a single-tenant scenario. The underlying database is encrypted and the secret key is split into parts and only reconstructed temporarily in memory. Our scheme distributes shares of the key to the different entities. We address bootstrapping, key recovery, the adversary model and the resulting security guarantees.

Data Protection in the Cloud - The MimoSecco Approach

Cloud Computing is a technology with vast impact on IT systems. Costs can be significantly reduced through on demand purchase of CPU time, memory and storage, offering high flexibility. The main reason to avoid cloud technology still is security. This leads to a lack of trust in cloud services. Most cloud providers secure their systems only against external adversaries by using firewalls and secure connections. Internal adversaries, however, remain a big threat in this scenario. Especially when using mobile devices as clients, usable security with a low performance impact remains a challenge. In this paper, we present concepts for using software as a service with mobile devices while guaranteeing a high level of data protection. MimoSecco uses an innovative encryption scheme and hard to clone secure hardware to guarantee data protection. Top secret data is encrypted directly, processible confidential data is encrypted and fragmented by the database proxy and transferred to different servers. Context based access control makes the misuse of mobile devices for unauthorized data access difficult. These set of measures raises the privacy level of cloud computing significantly.

MVNO — Aussichten des deutschen Mobilfunkmarktes

Dieser Beitrag zeigt anhand der Analyse ausgewahlter europaischer Mobilfiinkmarkte auf, welche Entwicklung der derzeit noch sehr stabile deutsche Mobilfunkmarkt nehmen konnte. Dazu soll zwischen den oft willkurlich verwendeten Begriffen Mobilfunkanbieter, Netzbetreiber, MVNO1 und MSP2 differenziert werden. Wie die Beobachtungen anderer Markte zeigen, ist das deutsche Preisniveau derzeit noch zu hoch. Der Markteintritt von weiteren MVNO durfte einen deutlichen Preisverfall auslosen. Weiter wird erortert, wie mit Hilfe der netzabhangigen MVNO dieser Preisverfall ausgelost werden kann und was dies fur die deutschen Mobilfunkanbieter insgesamt und die Nutzung mobiler Datendienste bedeuten konnte.

Citizen Empowerment by a Technical Approach for Privacy Enforcement

It is a fundamental right of every natural person to control which personal information is collected, stored and processed by whom, for what purposes and how long. In fact, many (cloud based) services can only be used if the user allows them broad data collection and analysis. Often, users can only decide to either give their data or not to participate in communities. The refusal to provide personal data results in significant drawbacks for social interaction. That is why we believe that there is a need for tools to control ones own data in an easy and effective way as protection against economic interest of global companies and their cloud computing systems (as data collector from apps, mobiles and services). Especially, as nowadays everybody is permanently online using different services and devices, users are often lacking the means to effectively control the access to their private data. Therefore, we present an approach to manage and distribute privacy settings: PRIVACY-AVARE is intended to enable users to centrally determine their data protection preferences and to apply them on different devices. Thus, users gain control over their data when using cloud based services. In this paper, we present the main idea of PRIVACY-AVARE.