October 2022 - informatik-vortraege

[Reminder] Guest talk by Salil Kanhere next Monday
by Klaus Wehrle 24 Oct '22

24 Oct '22

Dear colleagues and students, as a reminder ... We invite you to join a guest talk by our visiting professor and Alexander- von-Humboldt-awardee Salil Kanhere of UNSW Sydney this afternoon. Best Regards klaus When? Monday, October 24, 15:30 Where? Room 9222, E3 building, Ahornstraße 55 The title of the talk will be: Practical and Extensible Decentralised Identity Management Abstract: Self-Sovereign Identity (SSI) is an emerging, user-centric, decentralized identity approach affording entities greater control over their identity and data flow during digital interactions. For digital credentials to be widely accepted, there is a need for an end-to-end system that provides secure verification of the participant identities and credentials to increase trust, and a data minimisation mechanism to reduce the risk of oversharing the credential data. In this talk, we first introduce CredChain, a blockchain-based SSI platform that allows secure creation, sharing and verification of credentials. Beyond the verification of identities and credentials, the self-sovereign identity architecture allows users to have full control over their credential data using a digital wallet, including the ability to selectively disclose part of credential data, as necessary. Current SSI solutions, assume the issuers to be “official” entities (e.g., government agencies) who must follow a stringent process to vet their credentials. However, there is no systematic support for directing the same level of trust agencies for individual users who may issue credentials (e.g., delegation of access, consent letter) in the context of business processes. A verifier who relies on user-issued credentials to complete a business process (e.g., a postal worker handing over parcel to someone other than the addressee) bears the risk of accepting these credentials without reliance on a trust agency. The second part of the talk presents CredTrust, a blockchain-based SSI framework that allows individual users to be “onboarded” to the platform as a verifiable issuer via the establishment of a "chain of trust". The talk will end with an overview of TradeChain, an architecture for decoupling identities and trade activities on blockchain enabled supply chains. TradeChain incorporates two separate ledgers: a public permissioned blockchain for maintaining identities and the permissioned blockchain for recording trade flows. Traders use Zero Knowledge Proofs (ZKPs) on their private credentials to prove multiple identities on the trade ledger. Traders can define dynamic access rules for verifying traceability information from the trade ledger using access tokens and Ciphertext Policy Attribute-Based Encryption (CP-ABE).

1 0

Guest talk by Salil Kanhere next Monday
by Roman Matzutt 20 Oct '22

20 Oct '22

Liebe Kolleg:innen, dear colleagues, We invite you to join a guest talk by our visiting professor Salil Kanhere of UNSW Sydney next Monday afternoon. When? Monday, October 24, 15:30 Where? Room 9222, E3 building, Ahornstraße 55 The title of the talk will be: Practical and Extensible Decentralised Identity Management Abstract: Self-Sovereign Identity (SSI) is an emerging, user-centric, decentralized identity approach affording entities greater control over their identity and data flow during digital interactions. For digital credentials to be widely accepted, there is a need for an end-to-end system that provides secure verification of the participant identities and credentials to increase trust, and a data minimisation mechanism to reduce the risk of oversharing the credential data. In this talk, we first introduce CredChain, a blockchain-based SSI platform that allows secure creation, sharing and verification of credentials. Beyond the verification of identities and credentials, the self-sovereign identity architecture allows users to have full control over their credential data using a digital wallet, including the ability to selectively disclose part of credential data, as necessary. Current SSI solutions, assume the issuers to be “official” entities (e.g., government agencies) who must follow a stringent process to vet their credentials. However, there is no systematic support for directing the same level of trust agencies for individual users who may issue credentials (e.g., delegation of access, consent letter) in the context of business processes. A verifier who relies on user-issued credentials to complete a business process (e.g., a postal worker handing over parcel to someone other than the addressee) bears the risk of accepting these credentials without reliance on a trust agency. The second part of the talk presents CredTrust, a blockchain-based SSI framework that allows individual users to be “onboarded” to the platform as a verifiable issuer via the establishment of a "chain of trust". The talk will end with an overview of TradeChain, an architecture for decoupling identities and trade activities on blockchain enabled supply chains. TradeChain incorporates two separate ledgers: a public permissioned blockchain for maintaining identities and the permissioned blockchain for recording trade flows. Traders use Zero Knowledge Proofs (ZKPs) on their private credentials to prove multiple identities on the trade ledger. Traders can define dynamic access rules for verifying traceability information from the trade ledger using access tokens and Ciphertext Policy Attribute-Based Encryption (CP-ABE). We are looking forward to seeing you on Monday! Best regards, Roman Matzutt -- Roman Matzutt, M.Sc., Ph.D. Student Chair of Communication and Distributed Systems RWTH Aachen University, Germany tel: +49 241 80 21412 web: https://www.roman-matzutt.de

1 0

Einladung: Informatik-Oberseminar Jörg Christian Kirchhof
by Kirchhof, Christian 13 Oct '22

13 Oct '22

+********************************************************************** * * * Einladung * * * * Informatik-Oberseminar * * * +********************************************************************** Zeit: Freitag, 11. November 2022, 10:00 Uhr Ort: Raum 9222 (2359|222), E3, Informatikzentrum, Ahornstr. 55 Referent: Jörg Christian Kirchhof, M.Sc. RWTH (Software Engineering) Thema: Model-driven Development, Deployment, and Analysis of Internet of Things Applications Kurzfassung (english version below): Das Internet der Dinge (IoT) beschreibt die Idee, mit Sensoren und Aktuatoren ausgestattete Gegenstände untereinander und mit dem Internet zu verbinden. Die Entwicklung von IoT-Anwendungen ist aus verschiedenen Gründen komplex. Dazu gehören die Heterogenität der IoT-Geräte, die Tatsache, dass es sich bei IoT-Anwendungen normalerweise um verteilte Anwendungen handelt, und die Fehleranfälligkeit der Hardware und der Netzwerkverbindung. Modellgetriebene Methoden versprechen, die komplexe Entwicklung von IoT-Anwendungen durch die Anhebung des Abstraktionsniveaus handhabbar zu machen. In verwandten Arbeiten wurde eine Vielzahl von Komponenten-und-Konnektor (C&C) Architekturbeschreibungssprachen (ADLs) zur Entwicklung von IoT-Anwendungen vorgestellt. Diese konzentrieren sich jedoch hauptsächlich auf die frühen Entwicklungsphasen und vernachlässigen weitgehend Zuverlässigkeitsaspekte. Dementsprechend konzentriert sich diese Arbeit auf die modellgetriebene Entwicklung von IoT-Anwendungen über ihren gesamten Lebenszyklus hinweg. Wir stellen MontiThings vor, ein Ökosystem zur modellgetriebenen Entwicklung von IoT-Anwendungen. Basierend auf bestehenden Ansätzen spezifiziert das MontiThings-Ökosystem eine IoT-fokussierte C&C ADL unter Verwendung der MontiCore Language Workbench. MontiThings zielt darauf ab, ein Ökosystem anzubieten, das den Lebenszyklus von IoT-Anwendungen abdeckt, angefangen bei den ersten Architekturkonzepten bis hin zur Bereitstellung der Anwendung und der Analyse der Anwendung während der Laufzeit. In allen Phasen dieses Prozesses bietet MontiThings dabei Zuverlässigkeitsmechanismen, die dabei helfen können, robuste Anwendungen zu spezifizieren. Beim Deployment von Anwendungen ist die anforderungsbasierte Deployment-Methode von MontiThings in der Lage, nicht nur eine Verteilung der Komponenten auf die IoT-Geräte zu berechnen, sondern aktiv Änderungen vorzuschlagen, sollten Anforderungen nicht erfüllbar sein. Fallen Geräte zur Laufzeit aus, kann MontiThings das Deployment automatisch an die geänderte Situation anpassen (sofern es im Rahmen der Anforderungen möglich ist) und den vorherigen Softwarestand der ausgefallenen Geräte wiederherstellen. Zum Verständnis unvorhergesehener Situationen zur Laufzeit stellt MontiThings Analysedienste zur Verfügung. Insgesamt demonstriert MontiThings eine durchgängig modellgetriebene Methode zur Entwicklung von IoT-Anwendungen. Es laden ein: die Dozentinnen und Dozenten der Informatik --- Abstract: The Internet of Things (IoT) describes the idea of connecting objects equipped with sensors and actuators to each other and to the Internet. IoT applications are complex to develop for a variety of reasons, including the heterogeneity of the IoT devices, diverse software stacks, the fact that IoT applications are usually distributed applications, and the fragility of the hardware and network connection. Model-driven methods promise to make the complex development of IoT applications manageable by raising the level of abstraction. Related work has proposed a variety of component and connector (C&C) architecture description languages (ADLs) for developing IoT applications. However, these mainly focus on the early development phases and largely neglect reliability aspects. Accordingly, this work focuses on the model-driven development of IoT applications throughout their lifecycle. We present MontiThings, an ecosystem for model-driven IoT applications. Based on existing approaches, the MontiThings ecosystem specifies an IoT-focused C&C ADL using the MontiCore language workbench. MontiThings aims at offering an ecosystem that covers the lifecycle of IoT applications starting from the first architecture concepts up to the eventual deployment of the application and its analysis during runtime. At all stages of this process, MontiThings offers reliability mechanisms that can help to specify resilient applications. When deploying applications, MontiThings’ requirements-based deployment method is able to not only calculate a distribution of components to IoT devices but can also actively propose changes should the requirements be unfulfillable. If devices fail at runtime, MontiThings can automatically adapt the deployment to the changed situation (if possible within the requirements) and restore the previous software state of failed devices. To understand unforeseen situations that may arise at runtime, MontiThings provides model-driven analysis services. Overall, MontiThings demonstrates an end-to-end model-driven approach for designing IoT applications.

1 0