Zusammenfassung: Replizierte Systeme basieren oft auf Einigungsalgorithmen. Im Falle von beliebigen (byzantinischen Fehlern) werden N = 3f+1 Replikate benötigt bei f zu tolerierenden Fehlern. Mit Hilfe von vertrauenswürdigen Komponenten kann dies auf N = 2f+1 reduziert werden. Ein so genannter USIG ist so eine Komponente. Sie signiert eine Nachricht und zählt dabei eine von außen unveränderliche Sequenznummer hoch. Aufgabe der Arbeit ist es, ein Konzept und eine Implementierung mit Hilfe von Intel SGX zu entwickeln, die aus einer Java-Anwendung heraus genutzt werden kann. Herausforderungen ist neben der Implementierung die geeignete Initialisierung der Komponente.

Zusammenfassung: PriCloud ist ein Projekt mit dem Ziel einen Privatsphäre erhaltenden Cloudspeicher zu erhalten. Hierfür wird im Insitut an einem Prototypen in Python gearbeitet. Dieser bietet jedoch nur Konsolenzugriff auf die Subsysteme des Prototypen. Ziel des Projektes ist es ein fundiertes und geeignetes User Interface zu entwerfen und dieses praktisch zu erstellen.

Zusammenfassung: BFT-SMaRt ist eine Java Library für die einfache Entwicklung von Anwendungen, die durch State Machine Replication ausfallsicher und sogar robust gegenüber beliebigen (byzantinischen) Fehlern laufen können. Ziel unserer Forschung ist die Beschleunigung von State Machine Replication, wozu wir in den letzten Monaten BFT-SMaRt um Multithreading-Komponenten erweitert haben. Ein Problem hierbei ist, dass das für die Fehlertoleranz zwingend notwendige Snapshotting erheblich erschwert wird und zur Zeit für unsere Optimierungen ausgeschaltet bleiben muss. Dieses Projekt soll auf der Basis vorangegangener Projekte Wege ergründen, wie Snapshotting in Verbindung mit Multithreading in BFT-SMaRt reaktiviert werden kann, sowie Implementierungen und Messungen der gefundenen Ansätze bereitstellen.

Zusammenfassung: In der Arbeit soll eine Zugriffskontrolle für administrative Zugänge in einem heterogenen verteilten System entwickelt werden. Diese Systeme werden für die Demonstration von Einsatzszenarien genutzt. Der Zugang muss daher mit Administratorrechten erfolgen, was sich bei vielen der beteiligten Systemen nicht durch unterschiedliche Benutzer abbilden lässt. Um das Problem der Zugangsbeschränkung und des Nachweises von getätigten Aktionen zu behandeln, sollen diese Zugänge von einer zentralen Stelle aus vergeben und wieder zurückgezogen werden. Die Arbeit erstellt eine Anforderungsanalyse, ein Konzept sowie eine Umsetzung für die wichtigsten Einzelsysteme.

Zusammenfassung: Die Implementierung von Einigungsalgorithmen wie zum Beispiel Paxos oder dessen Erweiterung Vertical Paxos stellen den Programmierer wiederholt vor ähnliche Designentscheidungen. Eine generische API könnte eine Basis für die Wiederverwendung vieler Teilkomponenten schaffen und so den Aufwand für die Implementierung neuer Algorithmen reduzieren. Ziel der Arbeit ist der Entwurf einer solchen API.

Schlüsselwörter: scalability, concurrent programming, web architectures, web servers

Zusammenfassung: Web architectures are an important asset for various large-scale web applications, such as social networks or e-commerce sites. Being able to handle huge numbers of users concurrently is essential, thus scalability is one of the most important features of these architectures. Multi-core processors, highly distributed backend architectures and new web technologies force us to reconsider approaches for concurrent programming in order to implement web applications and fulfil scalability demands. While focusing on different stages of scalable web architectures, we provide a survey of competing concurrency approaches and point to their adequate usages.

Zusammenfassung: State-machine replication (SMR) enables transparent and delayless masking of node faults. It can tolerate crash faults and malicious misbehavior, but usually comes with high resource costs, not only by requiring multiple active replicas, but also by providing the replicas with enough resources for the expected peak load. This paper presents a vertical resource-scaling solution for SMR systems in virtualized environments, which can dynamically adapt the number of available cores to current load. In similar approaches, benefits of CPU core scaling are usually small due to the inherent sequential execution of SMR systems in order to achieve determinism. In our approach, we utilize sophisticated deterministic multithreading to avoid this bottleneck and experimentally demonstrate that core scaling then allows SMR systems to effectively tailor resources to service load, dramatically reducing service provider costs.

Zusammenfassung: Privacy aspects of blockchains have gained attention as the log of transactions can be view by any interested party. Privacy mechanisms applied to the ledger can be undermined by attackers on the network level, resulting in deanonymization of the transaction senders. We discuss current approaches to this problem, e.g. Dandelion, sketch our own approach to provide even stronger privacy mechanisms and discuss the challenges and open questions for further research in this area.

Zusammenfassung: The increased use of mobile devices has led to an improvement in the public health care through participatory interventions. For example, patients were empowered to contribute in treatment processes with the help of mobile crowdsourcing and crowdsensing technologies. However, when using the latter technologies, one prominent challenge constitutes a continuous user engagement. Incentive management techniques can help to tackle this challenge by motivating users through rewards and recognition in exchange of task completion. For this purpose, we aim at developing a conceptual framework that can be integrated with existing mHealth mobile crowdsourcing and crowdsensing platforms. The development of this framework is based on insights we obtained from the TrackYourTinnitus (TYT) mobile crowdsensing platform. TYT, in turn, pursues the goal to reveal insights to the moment-to-moment variability of patients suffering from tinnitus. The work at hands presents evaluated data of TYT and illustrates how the results drive the idea of a conceptual framework for an incentive management in this context. Our results indicate that a proper incentive management should play an important role in the context of any mHealth platform that incorporates the idea of the crowd.

Zusammenfassung: Surveys indicate that users are often afraid to entrust data to cloud storage providers, because these do not offer sufficient privacy. On the other hand, peer-2-peer–based privacy-preserving storage systems like Freenet suffer from a lack of contribution and storage capacity, since there is basically no incentive to contribute own storage capacity to other participants in the network. We address these contradicting requirements by a design which combines a distributed storage with a privacy-preserving blockchain-based payment system to create incentives for participation while maintaining user privacy. By following a Privacy-by-Design strategy integrating privacy throughout the whole system life cycle, we show that it is possible to achieve levels of privacy comparable to state-of-the-art distributed storage technologies, despite integrating a payment mechanism. Our results show that it is possible to combine storage contracts and payments in a privacy-preserving way. Further, our system design may serve as an inspiration for future similar architectures.

Zusammenfassung: The actor model is an established programming model for distributed applications. Combining event sourcing with the actor model allows the reconstruction of previous states of an actor. When this event sourcing approach for actors is enhanced with additional causality information, novel types of actor-based, retroactive computations are possible. A globally consistent state of all actors can be reconstructed retrospectively. Even retroactive changes of actor behavior, state, or messaging are possible, with partial recomputations and projections of changes in the past. We believe that this approach may provide beneficial features to actor-based systems, including retroactive bugfixing of applications, decoupled asynchronous global state reconstruction for recovery, simulations, and exploration of distributed applications and algorithms.

Zusammenfassung: The globalisation of our society leads to an increasing need for spontaneous communication. However, the development of such applications is a tedious and error-prone process. This results from the fact that in general only basic functionality is available in terms of protocol implementations and encoders/decoders. This leads to inflexible proprietary software systems implementing unavailable functionality on their own. In this work we introduce Instant-X, a novel component-based middleware platform for multimedia applications. Unlike related work, Instant-X provides a generic programming model with an API for essential tasks of multimedia applications with respect to signalling and data transmission. This API abstracts from concrete component implementations and thus allows replacing specific protocol implementations without changing the application code. Furthermore, Instant-X supports dynamic deployment, i.e., unavailable components can be automatically loaded at runtime. To show the feasibility of our approach we evaluated our Instant-X prototype regarding code complexity and performance.

Zusammenfassung: We present Virtual Nodes, a framework to provide fault-tolerance for grid applications by replicating them over multiple nodes. For the performance of replicated systems it is crucial that the application characteristics and load pattern are taken into account when the replication protocol is selected. For that reason Virtual Nodes offer a wide variety of configuration parameters that allow to fine-tune framework properties to optimise the overall system performance.