Time filter

Source Type

Gaubatz P.,University of Vienna | Hummer W.,Vienna University of Technology | Zdun U.,University of Vienna | Strembeck M.,Institute for Information Systems
Proceedings of the ACM Symposium on Applied Computing | Year: 2014

Real-time collaborative Web applications allow a multitude of users to concurrently work on a shared document. Especially in business contexts it is often necessary to be able to precisely define and restrict who is allowed to edit which data field of such a shared document. Existing solutions for enforcing such access control restrictions typically rely on a central service, the policy decision point. However, for use cases with unreliable or limited connectivity, such as mobile devices, a permanent connection to this centralized policy decision point can not be guaranteed. To address this problem, we present a novel approach that includes methods for client-side enforcement of access control constraints for offline users, and merging of offline changes, that enables users to edit such access constrained shared documents offline. We propose a generic conflict detection and resolution approach that attempts to resolve merge conflicts that are inherent to access constrained documents automatically while prioritizing online users and maximizing the number of filled out data fields in a document. In addition, we discuss and evaluate our approach via a prototype implementation. Copyright 2014 ACM.


Gaubatz P.,University of Vienna | Hummer W.,Vienna University of Technology | Zdun U.,University of Vienna | Strembeck M.,Institute for Information Systems
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2013

Real-time collaborative Web applications allow multiple users to concurrently work on a shared document. In addition to popular use cases, such as collaborative text editing, they can also be used for form-based business applications that often require forms to be filled out by different stakeholders. In this context, different users typically need to fill in different parts of a form. Role-based access control and entailment constraints provide means for defining such restrictions. Major challenges in the context of integrating collaborative Web applications with access control restrictions are how to support changes of the configuration of access constrained UI elements at runtime, realizing acceptable performance and update behaviour, and an easy integration with existing Web applications. In this paper, we address these challenges through a novel approach supporting constrained and customized UI views that support runtime changes and integrate well with existing Web applications. Using a prototypical implementation, we show that the approach provides acceptable update behaviour and requires only a small performance overhead for the access control tasks with linear scalability. © 2013 Springer-Verlag Berlin Heidelberg.


Schefer-Wenzl B.S.,University of Vienna | Schefer-Wenzl B.S.,Institute for Information Systems | Bukvova H.,Institute for Information Systems | Strembeck M.,Institute for Information Systems
Lecture Notes in Business Information Processing | Year: 2014

Access control models provide important means for the systematic specification and management of the permissions in a business information system. While there are may well-known access control models (e.g., RBAC), standard access control models are often not suited for handling exceptional situations. The demand to increase the flexibility of access management has been approached mainly via the development of delegation models and break-glass models. This paper presents the results of a literature review of 329 delegation and break-glass approaches. We give an overview on the existing body of scientific literature in these two areas and compare 35 selected approaches in detail. We reveal different ways of providing delegation and break-glass concepts in general as well as in the context of business process management. Moreover, we identify different sub-topics that have not yet been addressed in detail and thus provide opportunities for future research. © Springer International Publishing Switzerland 2014.


Lawall A.,Institute for Information Systems | Reichelt D.,Institute for Information Systems | Schaller T.,Institute for Information Systems
ACM International Conference Proceeding Series | Year: 2015

In the age of cloud computing, companies still have the problem to manage access rights for resources. This is especially true, if companies are combined to virtual organizations and want to share resources that are located at cloud providers. For a consistent authorization model, an up to date knowledge about partner organizations is indispensable. This contribution proposes an approach to request the automatic deployment of resources from a cloud provider. The access rights to the resources are managed and administered by the proprietary company, even if partner organizations are involved. They are not published to the cloud provider, but remain in the owning company. This establishes a separation of resources (i.a. systems) and authorization, which alleviates security risks. Attackers of resources can not access them because the authorization model is not implemented on the same location as the resources. This makes the intrusion much more complex. Copyright 2015 ACM.


Schwind M.,Institute for Information Systems | Stenger A.,Institute for Information Systems | Aponte S.,Institute for Information Systems
Proceedings of the Annual Hawaii International Conference on System Sciences | Year: 2011

Electronic transportation marketplaces (ETMs) are inter-organizational information systems that provide an economic platform for the exchange of logistics services between shippers, carriers, and freight forwarders. Despite the fact that some of these marketplaces have already been in operation for over twenty years they have not achieved any significant influence in the logistics services domain until now. In a survey of logistics platforms that are active in Germany we identify the tendencies in development, success factors, and shortcomings of the current ETMs. The survey also shows that there is a significant lack of elaborated IS in the ETM domain. Current ETMs do not serve as integrated trading places, but rather as simple blackboards for the exchange of information. As a result, the missing functionalities and the lack of service quality make the current ETMs unattractive and keep liquidity in the transportation services markets low. A suitable way to deal with this problem is to offer extended functionalities, such as integrated tour planning, tracking-and-tracing, route pricing, etc. in order to make the ETMs more appealing for the users. © 2011 IEEE.


Lofi C.,Institute for Information Systems | Guntzer U.,University of Tübingen | Balke W.-T.,Institute for Information Systems
Advances in Database Technology - EDBT 2010 - 13th International Conference on Extending Database Technology, Proceedings | Year: 2010

When selecting alternatives from large amounts of data, trade-offs play a vital role in everyday decision making. In databases this is primarily reflected by the top-k retrieval paradigm. But recently it has been convincingly argued that it is almost impossible for users to provide meaningful scoring functions for top-k retrieval, subsequently leading to the adoption of the skyline paradigm. Here users just specify the relevant attributes in a query and all suboptimal alternatives are filtered following the Pareto semantics. Up to now the intuitive concept of compensation, however, cannot be used in skyline queries, which also contributes to the often unmanageably large result set sizes. In this paper we discuss an innovative and efficient method for computing skylines allowing the use of qualitative trade-offs. Such trade-offs compare examples from the database on a focused subset of attributes. Thus, users can provide information on how much they are willing to sacrifice to gain an improvement in some other attribute(s). Our contribution is the design of the first skyline algorithm allowing for qualitative compensation across attributes. Moreover, we also provide an novel trade-off representation structure to speed up retrieval. Indeed our experiments show efficient performance allowing for focused skyline sets in practical applications. Moreover, we show that the necessary amount of object comparisons can be sped up by an order of magnitude using our indexing techniques. Copyright 2010 ACM.


Versaci F.,Institute for Information Systems
Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS | Year: 2013

We present a new, deadlock-free, routing scheme for toroidal interconnection networks, called OutFlank Routing (OFR). OFR is an adaptive strategy which exploits non-minimal links, both in the source and in the destination nodes. When minimal links are congested, OFR deroutes packets to carefully chosen intermediate destinations, in order to obtain travel paths which are only an additive constant longer than the shortest ones. Since routing performance is very sensitive to changes in the traffic model or in the router parameters, an accurate discrete-event simulator of the toroidal network has been developed to empirically validate OFR, by comparing it against other relevant routing strategies, over a range of typical real-world traffic patterns. On the 16x16x16 (4096 nodes) simulated network OFR exhibits improvements of the maximum sustained throughput between 14% and 114%, with respect to Adaptive Bubble Routing. © 2013 IEEE.


Quirchmayr T.,Institute for Information Systems | Strembeck M.,Institute for Information Systems
Proceedings of WOSIS 2013: 10th International Workshop on Security in Information Systems - In Conjunction with the 15th International Conference on Enterprise Information Systems, ICEIS 2013 | Year: 2013

Entailment constraints, such as mutual exclusion or binding constraints, are an important means to specify and enforce business processes. However, the inherent concurrency of a distributed system may lead to omission. Such failures impact the enforcement of entailment constraints in a process-driven SOA. In particular, the impact of these failures as well as the corresponding countermeasures depend on the architecture of the respective process engine. In this paper, we discuss the impact of omission failures on the enforcement of entailment constraints in process-driven SOAs. In this context, we especially consider if the respective process engine acts as an orchestration engine or as a choreography engine. Copyright © 2013 SCITEPRESS.


Quirchmayr T.,Institute for Information Systems | Strembeck M.,Institute for Information Systems
Computer Journal | Year: 2014

A distributed business process is executed in a distributed computing environment. In this context, the service-oriented architecture (SOA) paradigm provides a mature and well-understood framework for the integration of software services. Entailment constraints, such as mutual exclusion or binding constraints, are an important means to specify and enforce business processes in a SOA. Process engines control the process flow and are responsible for the coordination of the services that participate in a distributed business process. Since the enforcement of entailment constraints requires knowledge of the subjects and roles who executed particular task instances, we need to communicate the execution history of the respective tasks and processes between the services and the process engines. However, the inherent concurrency of a distributed system may lead to omission failures. Such failures may impair the enforcement of entailment constraints in a process-driven SOA. In particular, the impact of these failures as well as the corresponding countermeasures depend on the architecture of the respective process engine. In this paper, we discuss communication schemes for (distributed) process execution histories in a SOA. In particular, we provide generic procedures for different communication schemes and examine the efficiency of these schemes as well as their characteristics if omission failures occur. In this context, we especially consider if the respective process engine acts as an orchestration engine or as a choreography engine. © 2014 The British Computer Society 2014. All rights reserved.

Loading Institute for Information Systems collaborators
Loading Institute for Information Systems collaborators