Refine
Departments, institutes and facilities
- Fachbereich Informatik (32)
- Institute of Visual Computing (IVC) (17)
- Fachbereich Ingenieurwissenschaften und Kommunikation (14)
- Institut für Technik, Ressourcenschonung und Energieeffizienz (TREE) (14)
- Fachbereich Wirtschaftswissenschaften (13)
- Institut für Cyber Security & Privacy (ICSP) (11)
- Institut für Verbraucherinformatik (IVI) (11)
- Fachbereich Angewandte Naturwissenschaften (8)
- Internationales Zentrum für Nachhaltige Entwicklung (IZNE) (8)
- Fachbereich Sozialpolitik und Soziale Sicherung (5)
Document Type
- Conference Object (93) (remove)
Year of publication
- 2018 (93) (remove)
Keywords
- ICT (3)
- Dementia (2)
- FPGA (2)
- Non-linear systems (2)
- User Experience (2)
- Virtual Reality (2)
- caregivers (2)
- participatory design (2)
- 3D User Interface (1)
- 3D user interface (1)
Sind kleinere und mittlere Unternehmen (KMU) bereits auf die Digitale Transformation vorbereitet?
(2018)
Eine von den Autoren durchgeführte Untersuchung konnte deutliche Indizien dafür ausmachen, dass viele kleinere und mittlere Unternehmen (KMU) aktuell noch keine ausreichende Reife zur Digitalen Transformation haben. Zur Lösung des Problems wird vorgeschlagen, ein agiles IT-Management-Konzept zu entwickeln, um den IT-Bereich dynamisch und ohne formalen Ballast des klassischen IT-Managements zu steuern.
The formulation of transport network problems is represented as a translation between two domain specific languages: from a network description language, used by network simulation community, to a problem description language, understood by generic non-linear solvers. A universal algorithm for this translation is developed, an estimation of its computational complexity given, and an efficient application of the algorithm demonstrated on a number of realistic examples. Typically, for a large gas transport network with about 10K elements the translation and solution of non-linear system together require less than 1 sec on the common hardware. The translation procedure incorporates several preprocessing filters, in particular, topological cleaning filters, which accelerate the solution procedure by factor 8.
This Business English course in entrepreneurship goes beyond communicative language instruction and offers a course designed to introduce students to innovative thinking, entrepreneurship and sustainable business practices. About 120 students in their first year are enrolled as part of the required foreign language module in Business Management (B.Sc.). Each week students learn new concepts and terminology in sustainable business practices while applying the material in a simulation task-based course using English as a lingua franca. It prepares students to work in an international context while offering online components for autonomous learning. This 12-14 week course is designed in a student-centered and blended learning format with a flipped classroom approach. Through a grant from the German Federal Ministry of Education and Research the “work&study project” will offer additional online materials by developing new educational apps to enhance autonomous language learning and making the app content available under the Creative Commons license. The research project focuses on offering new learning environments to enhance the opportunities for non-traditional students enrolled at Bonn-Rhein-Sieg University of Applied Sciences. This paper will focus on the development of the first apps and results of the first testing phase. It shows how game-based learning and elements of gamification were added for educational purposes to enhance teaching and learning processes that were already well established.
Die im Jahre 2013 begonnene Workshop-Reihe „Usability in der betrieblichen Praxis“ auf der Mensch und Computer wird mit diesem Workshop als Aktivität des Mittelstand 4.0-Kompetenzzentrums Usability des BMWi fortgesetzt. Unter dem Stichwort „Digitalisierung“ ergeben sich neue Herausforderungen der Umsetzung von Usability und positiver User Experience (UUX) in der betrieblichen Praxis kleiner und mittelständischer Unternehmen (UUX-Praxis). Diese werden in vier Schwerpunktthemen im Workshop behandelt: „UUX - Erfolgsfaktor für Innovation und Zukunft der Arbeit“, „UUX und digitale Nutzerforschung“, „UUX und Agilität“ sowie „UUX - Unterstützung mittelständischer Unternehmensnetzwerke“. Der Workshop richtet sich an Entwicklungs- und UUX-Praktiker aus Softwareentwicklungs-, Anwendungs- und UUX-Beratungsunternehmen sowie Wissenschaftler, die sich mit Umsetzung der UUX-Praxis in Unternehmen beschäftigen.
In the context of the Franco-German research project Re(h)strain, this work focuses on a global system analysis integrating both safety and security analysis of international and/or urban railway stations. The Re(h)strain project focuses on terrorist attacks on high speed train systems and investigates prevention and mitigation measures to reduce the overall vulnerability and strengthen the system resilience. One main criterion regarding public transport issues is the number of passengers. For example, the railway station of Paris “Gare du Nord” deals with a bigger number of passengers than the biggest airport in the world (SNCF open Data 2014), the Atlanta airport, but in terms of passengers, it is only around the 23rd rank railway station in the world. Due to the enormous mass of people, this leads to the system approach of breaking out the station into several classes of zones, e.g. entrance, main hall, quays, trains, etc. All classes are analysed considering state-of-the-art parameters, like targets attractiveness, feasibility of attack, possible damage, possible mitigation and defences. Then, safety incidence of security defence is discussed in order to refine security requirement with regard to the considered zone. Finally, global requirements of security defence correlated to the corresponding class of zones are proposed.
Variable Sterne sind Sterne, welche in bestimmten Messparametern variabel sind. In unserem Fall ist dies die Helligkeit der Sterne. Grundsätzlich gibt es hier zwei Arten der Variabilität, intrinsiche und extrinsische Prozesse. Unter intrinischen Prozessen versteht man Variabilität, deren Ursache im Stern selbst liegt.
Persons with disabilities have much lower employment rates than the population as a whole and are at a significantly higher risk of living in poverty (OECD, 2011, pp. 50-56 and WHO, 2011, pp. 237-239). However, many of the barriers people with disabilities face, with regards to labor market reintegration, are in fact avoidable. There has for quite some time been evidence that differences in employment and wages, between disabled and non-disabled workers, can only to a limited extent be explained by differences in human capital endowments and productivity (Kidd, Sloane, & Ferko, 2000). Instead, factors such as the absence of access to education and training, and the lack of financial assistance provided are actually significant drivers of labor market exclusion (OECD, 2009, p.15; WHO, 2011, p.239).
Die Diskussion um die Nachhaltigkeit von Dienstleistungen im öffentlichen Sektor steht in einem engen Zusammenhang mit der Frage, ob sich der Einsatz finanzieller Mittel für die Beteiligten lohnt. Daher besteht ein breites Interesse, herauszufinden, ob der Nutzen von Rehabilitationsarbeit auch finanziell messbar ist, und falls ja, wie hoch das ökonomische Potential der Investitionen ist. Um diese Frage zu beantworten, ist es notwendig Leistungen sowie die dadurch anfallenden Ausgaben statistisch zu erfassen und in einem ökonomischen Modell zu bewerten.
This paper introduces a random number generator (RNG) based on the avalanche noise of two diodes. A true random number generator (TRNG) generates true random numbers with the use of the electronic noise produced by two avalanche diodes. The amplified outputs of the diodes are sampled and digitized. The difference between the two concurrently sampled and digitized outputs is calculated and used to select a seed and to drive a pseudo-random number generator (PRNG). The PRNG is an xorshift generator that generates 1024 bits in each cycle. Every sequence of 1024 bits is moderately modified and output. The TRNG delivers the next seed and the next cycle begins. The statistical behavior of the generator is analyzed and presented.
The Life Cycle Assessment (LCA) approach is the most important tool in the evaluation of environmental (sustainability) impacts of products and processes. We used the method to conduct an impact analysis with regard to raw material inputs (pulp) for the German paper production industry. In our analysis, we compare the environmental effects of primary sulphate pulp, scrap paper pulp and grass-based pulp and estimate their impacts in the impact categories "greenhouse gas emissions", "eutrophication" as well as "energy and water consumption". Furthermore, we discuss the opportunities of the methodical approach and some general problems and limits of the application of a LCA. In conclusion, we found environmental advantages for the use of grass as an alternative resource in the German paper production industry, especially in the fields of transport and water consumption.
Surrogate-assistance approaches have long been used in computationally expensive domains to improve the data-efficiency of optimization algorithms. Neuroevolution, however, has so far resisted the application of these techniques because it requires the surrogate model to make fitness predictions based on variable topologies, instead of a vector of parameters. Our main insight is that we can sidestep this problem by using kernel-based surrogate models, which require only the definition of a distance measure between individuals. Our second insight is that the well-established Neuroevolution of Augmenting Topologies (NEAT) algorithm provides a computationally efficient distance measure between dissimilar networks in the form of "compatibility distance", initially designed to maintain topological diversity. Combining these two ideas, we introduce a surrogate-assisted neuroevolution algorithm that combines NEAT and a surrogate model built using a compatibility distance kernel. We demonstrate the data-efficiency of this new algorithm on the low dimensional cart-pole swing-up problem, as well as the higher dimensional half-cheetah running task. In both tasks the surrogate-assisted variant achieves the same or better results with several times fewer function evaluations as the original NEAT.
Kontemporäre Service-orientierte Systeme sind hochgradig vernetzt und haben zudem die Eigenschaft massiv-skalierbar zu sein. Diese Charakteristiken stellen im besonderen Maße Anforderungen an die Datensicherheit der Anwender solcher Systeme und damit primär an alle Stakeholder der Softwareentwicklung, die in der Verantwortung sind, passgenaue Sicherheitsmechanismen effektiv in die Softwareprodukte zu bringen. Die Effektivität von Sicherheitsarchitekturen in service-orientierten Systemen hängt maßgeblich von der richtigen Nutzung und Integration von Security-APIs durch eine heterogene Gruppe von Softwareentwicklern ab, bei der nicht per se ein fundiertes Hintergrundwissen über komplexe digitale Sicherheitsmechanismen vorausgesetzt werden kann. Die Diskrepanz zwischen komplexen und in der Anwendung fehleranfälligen APIs und einem fehlenden Verständnis für die zugrundeliegenden Sicherheitskonzepte auf Seiten der Nutzer begünstigt in der Praxis unsichere Softwaresysteme. Aus diesem Grund ist die Gebrauchstauglichkeit von Security-APIs besonders relevant, damit Programmierer den benötigten Funktionsumfang effektiv, effizient und zufriedenstellend verwenden können. Abgeleitet von dieser Problemstellung, konzentriert sich das Dissertationsvorhaben auf die gebrauchstaugliche Ausgestaltung von Security-APIs und den Herausforderungen die sich aus den Methoden zur Evaluation der Usability in typischen Umgebungen der Softwareentwicklung ergeben.
Cryptographic API misuse is responsible for a large number of software vulnerabilities. In many cases developers are overburdened by the complex set of programming choices and their security implications. Past studies have identified significant challenges when using cryptographic APIs that lack a certain set of usability features (e.g. easy-to-use documentation or meaningful warning and error messages) leading to an especially high likelihood of writing functionally correct but insecure code.
To support software developers in writing more secure code, this work investigates a novel approach aimed at these hard-to-use cryptographic APIs. In a controlled online experiment with 53 participants, we study the effectiveness of API-integrated security advice which informs about an API misuse and places secure programming hints as guidance close to the developer. This allows us to address insecure cryptographic choices including encryption algorithms, key sizes, modes of operation and hashing algorithms with helpful documentation in the guise of warnings. Whenever possible, the security advice proposes code changes to fix the responsible security issues. We find that our approach significantly improves code security. 73% of the participants who received the security advice fixed their insecure code.
We evaluate the opportunities and challenges of adopting API-integrated security advice and illustrate the potential to reduce the negative implications of cryptographic API misuse and help developers write more secure code.
Software development is a complex task. Merely focussing on functional requirements is not sufficient any more. Developers are responsible to take many non-functional requirements carefully into account. Security is amongst the most challenging, as getting it wrong will result in a large user-base being potentially at risk. A similar situation exists for administrators. Security defaults have been put into place here to encounter lacking security controls. As first attempts to establish security by default in software development are flourishing, the question on their usability for developers arises.
In this paper we study the effectiveness and efficiency of Content Security Policy (CSP) enforced as security default in a web framework. When deployed correctly, CSP is a valid protection mean in a defence-in-depth strategy against code injection attacks. In this paper we present a first qualitative laboratory study with 30 participants to discover how developers deal with CSP when deployed as security default. Our results emphasize that the deployment as security default has its benefits but requires careful consideration of a comprehensive information flow in order to improve and not weaken security. We provide first insights to inform research about aiding developers in the creation of secure web applications with usable security by default.