Search For:

Displaying 1-30 out of 30 total
Software Engineering for Automotive Systems: A Roadmap
Found in: Future of Software Engineering
By Alexander Pretschner, Manfred Broy, Ingolf H. Kruger, Thomas Stauner
Issue Date:May 2007
pp. 55-71
The first pieces of software were introduced into cars in 1976. By 2010, premium class vehicles are expected to contain one gigabyte of on-board software. We present research challenges in the domain of automotive software engineering.
 
SPaCiTE -- Web Application Testing Engine
Found in: Software Testing, Verification, and Validation, 2008 International Conference on
By Matthias Büchler,Johan Oudinet,Alexander Pretschner
Issue Date:April 2012
pp. 858-859
Web applications and web services enjoy an ever-increasing popularity. Such applications have to face a variety of sophisticated and subtle attacks. The difficulty of identifying respective vulnerabilities steadily increases with the complexity of applicat...
 
A Trustworthy Usage Control Enforcement Framework
Found in: Availability, Reliability and Security, International Conference on
By Ricardo Neisse,Alexander Pretschner,Valentina Di Giacomo
Issue Date:August 2011
pp. 230-235
Usage control policies specify restrictions on the handling of data after access has been granted. We present the design and implementation of a framework for enforcing usage control requirements and demonstrate its genericity by instantiating it to two di...
 
A Hypervisor-Based Bus System for Usage Control
Found in: Availability, Reliability and Security, International Conference on
By Cornelius Moucha,Enrico Lovat,Alexander Pretschner
Issue Date:August 2011
pp. 254-259
Data usage control is concerned with requirements on data after access has been granted. In order to enforce usage control requirements, it is necessary to track the different representations that the data may take (among others, file, window content, netw...
 
Implementing Trust in Cloud Infrastructures
Found in: Cluster Computing and the Grid, IEEE International Symposium on
By Ricardo Neisse, Dominik Holling, Alexander Pretschner
Issue Date:May 2011
pp. 524-533
Today's cloud computing infrastructures usually require customers who transfer data into the cloud to trust the providers of the cloud infrastructure. Not every customer is willing to grant this trust without justification. It should be possible to detect ...
 
State-Based Usage Control Enforcement with Data Flow Tracking using System Call Interposition
Found in: Network and System Security, International Conference on
By Matúš Harvan, Alexander Pretschner
Issue Date:October 2009
pp. 373-380
Usage control generalizes access control to what happens to data in the future. We contribute to the enforcement of usage control requirements at the level of system calls by also taking into account data flow: Restrictions on the dissemination of data, fo...
 
On the Effectiveness of Test Extraction without Overhead
Found in: Software Testing, Verification, and Validation, 2008 International Conference on
By Andreas Leitner, Alexander Pretschner, Stefan Mori, Bertrand Meyer, Manuel Oriol
Issue Date:April 2009
pp. 416-425
Developers write and execute ad-hoc tests as they implement software. While these tests reflect important insights of the developers (e.g., which parts of the software need testing and what inputs should be used), they are usually not persistent and are ea...
 
Formal Analyses of Usage Control Policies
Found in: Availability, Reliability and Security, International Conference on
By Alexander Pretschner, Judith Rüesch, Christian Schaefer, Thomas Walter
Issue Date:March 2009
pp. 98-105
Usage control is a generalization of access control that also addresses how data is handled after it is released. Usage control requirements are specified in policies. We present tool support for the following analysis problems. Is a policy consistent, i.e...
 
Finding Faults: Manual Testing vs. Random+ Testing vs. User Reports
Found in: Software Reliability Engineering, International Symposium on
By Ilinca Ciupa, Bertrand Meyer, Manuel Oriol, Alexander Pretschner
Issue Date:November 2008
pp. 157-166
The usual way to compare testing strategies, whether theoretically or empirically, is to compare the number of faults they detect. To ascertain definitely that a testing strategy is better than another, this is a rather coarse criterion: shouldn't the natu...
 
Usage Control Enforcement: Present and Future
Found in: IEEE Security and Privacy
By Alexander Pretschner, Manuel Hilty, Florian Schütz, Christian Schaefer, Thomas Walter
Issue Date:July 2008
pp. 44-53
Both personal data and intellectual property must be protected for various reasons. The authors explore the state of the art in usage control, which is about controlling the use of such data after it has been given away, and identify room for improvement.
 
On the Predictability of Random Tests for Object-Oriented Software
Found in: Software Testing, Verification, and Validation, 2008 International Conference on
By Ilinca Ciupa, Alexander Pretschner, Andreas Leitner, Manuel Oriol, Bertrand Meyer
Issue Date:April 2008
pp. 72-81
Intuition suggests that random testing of object-oriented programs should exhibit a significant difference in the number of faults detected by two different runs of equal duration. As a consequence, random testing would be rather unpredictable. We evaluate...
 
Model-Based Tests for Access Control Policies
Found in: Software Testing, Verification, and Validation, 2008 International Conference on
By Alexander Pretschner, Tejeddine Mouelhi, Yves Le Traon
Issue Date:April 2008
pp. 338-347
We present a model-based approach to testing access control requirements. By using combinatorial testing, we first automatically generate test cases from and without access control policies—i.e., the model—and assess the effectiveness of the test suites by...
 
Test-Driven Assessment of Access Control in Legacy Applications
Found in: Software Testing, Verification, and Validation, 2008 International Conference on
By Yves Le Traon, Tejeddine Mouelhi, Alexander Pretschner, Benoit Baudry
Issue Date:April 2008
pp. 238-247
If access control policy decision points are not neatly separated from the business logic of a system, the evolution of a security policy likely leads to the necessity of changing the system’s code base. This is often the case with legacy systems. We prese...
 
Negotiation of Usage Control Policies - Simply the Best?
Found in: Availability, Reliability and Security, International Conference on
By Alexander Pretschner, Thomas Walter
Issue Date:March 2008
pp. 1135-1136
The term “negotiation” suggests that multi-step bidirectional communication takes place. In this position paper, we play the devil’s advocate and argue that (automated) policy negotiation essentially is one of the following, at least in the area of usage c...
 
DUKE--Distributed Usage Control Enforcement
Found in: Policies for Distributed Systems and Networks, IEEE International Workshop on
By Manuel Hilty, Alexander Pretschner, Christian Schaefer, Thomas Walter
Issue Date:June 2007
pp. 275
Usage control is concerned with what happens to data once the data have been released to a data consumer who is, in principle, able to use the data in any imaginable way. Considerations relating to privacy, intellectual property, and public security, howev...
   
Usage Control Requirements in Mobile and Ubiquitous Computing Applications
Found in: Systems and Networks Communication, International Conference on
By Manuel Hilty, Alexander Pretschner, Christian Schaefer, Thomas Walter
Issue Date:November 2006
pp. 27
Usage control is concerned with control over data after its release to third parties, and includes requirements such as
 
3rd international workshop on software engineering for automotive systems - SEAS 2006
Found in: Software Engineering, International Conference on
By Thomas Stauner, Christian Salzmann, Alexander Pretschner, Martin Rappl
Issue Date:May 2006
pp. 1034-1034
This workshop summary presents an overview of the one-day International Workshop on Software Engineering for Automotive Systems (SEAS 2006), held in conjunction with the 28th International Conference on Software Engineering (ICSE'06). Details about SEAS 20...
   
Coverage Metrics for Continuous Function Charts
Found in: Software Reliability Engineering, International Symposium on
By Vadim Alyokhin, Benedikte Elbel, Martin Rothfelder, Alexander Pretschner
Issue Date:November 2004
pp. 257-268
Continuous Function Charts are a diagrammatical language for the specification of mixed discretecontinuous embedded systems, similar to the languages of Matlab/Simulink, and often used in the domain of transportation systems. Both control and data flows ar...
 
ICSE Workshop: Software Engineering for Automotive Systems
Found in: Software Engineering, International Conference on
By Christian Salzmann, Thomas Stauner, Alexander Pretschner
Issue Date:May 2004
pp. 779
No summary available.
   
Model Based Testing in Evolutionary Software Development
Found in: Rapid System Prototyping, IEEE International Workshop on
By Alexander Pretschner, Heiko Lötzbeyer, Jan Philipps
Issue Date:June 2001
pp. 0155
Abstract: The spiraling nature of evolutionary software development processes produces executable parts of the system at the end of each loop. We argue that these parts should consist not only of programming language code, but of executable graphical syste...
 
Ontology Based Personalized Search
Found in: Tools with Artificial Intelligence, IEEE International Conference on
By Alexander Pretschner, Susan Gauch
Issue Date:November 1999
pp. 391
With the exponentially growing amount of information available on the Internet, the task of retrieving documents of interest has become increasingly difficult. Search engines usually return more than 1,500 results per query, yet out of the top twenty resul...
 
Enforcing privacy through usage-controlled video surveillance
Found in: 2013 10th IEEE International Conference on Advanced Video and Signal Based Surveillance (AVSS)
By Pascal Birnstill,Alexander Pretschner
Issue Date:August 2013
pp. 318-323
Increasing capabilities of intelligent video surveillance systems require the enforcement of privacy-related requirements. Data usage control technologies offer appropriate solutions in this problem domain. We first present specific requirements for a priv...
   
Data-centric multi-layer usage control enforcement: a social network example
Found in: Proceedings of the 16th ACM symposium on Access control models and technologies (SACMAT '11)
By Alexander Pretschner, Enrico Lovat
Issue Date:June 2011
pp. 151-152
Usage control is concerned with how data is used after access to it has been granted. Data may exist in multiple representations which potentially reside at different layers of abstraction, including operating system, window manager, application level, DBM...
     
GoCoMM: a governance and compliance maturity model
Found in: Proceedings of the first ACM workshop on Information security governance (WISG '09)
By Alexander Pretschner, Fabio Massacci, Gabriela Gheorghe, Stephan Neuhaus
Issue Date:November 2009
pp. 33-38
Advanced methodologies for compliance such as CobiT identify a number of maturity levels that must be reached: first the existence of an infrastructure for the enforcement of security controls; second, the ability to continuously monitor and audit quantifi...
     
Distributed usage control
Found in: Communications of the ACM
By Alexander Pretschner, David Basin, Manuel Hilty
Issue Date:September 2006
pp. 39-44
Using a server-side architecture to connect specialized enforcement mechanisms with usage control requirements and policies.
     
3rd International Workshop on Software Engineering for Automotive Systems - SEAS 2006
Found in: Proceedings of the 2006 international workshop on Software engineering for automotive systems (SEAS '06)
By Alexander Pretschner, Christian Salzmann, Martin Rappl, Thomas Stauner
Issue Date:May 2006
pp. 1-1
This workshop summary presents an overview of the one-day International Workshop on Software Engineering for Automotive Systems (SEAS 2006), held in conjunction with the 28 th International Conference on Software Engineering (ICSE'06). Details about SEAS 2...
     
3rd international workshop on software engineering for automotive systems - SEAS 2006
Found in: Proceeding of the 28th international conference on Software engineering (ICSE '06)
By Alexander Pretschner, Christian Salzmann, Martin Rappl, Thomas Stauner
Issue Date:May 2006
pp. 1034-1034
This workshop summary presents an overview of the one-day International Workshop on Software Engineering for Automotive Systems (SEAS 2006), held in conjunction with the 28th International Conference on Software Engineering (ICSE'06). Details about SEAS 20...
     
Model-based testing
Found in: Proceedings of the 27th international conference on Software engineering (ICSE '05)
By Alexander Pretschner
Issue Date:May 2005
pp. 722-723
Model-based testing has become increasingly popular in recent years. Major reasons include (1) the need for quality assurance for increasingly complex systems, (2) the emerging model-centric development paradigm (e.g., UML and MDA) with its seemingly direc...
     
2nd international workshop on software engineering for automotive systems
Found in: Proceedings of the 27th international conference on Software engineering (ICSE '05)
By Alexander Pretschner, Christian Salzmann, Thomas Stauner
Issue Date:May 2005
pp. 695-695
The goal of the 5th Workshop on Open Source Software Engineering is to bring together researchers and practitioners for the purpose of building a roadmap of the ways in which various computing application spaces have been impacted by open source software a...
     
Ontology-based web site mapping for information exploration
Found in: Proceedings of the eighth international conference on Information and knowledge management (CIKM '99)
By Alexander Pretschner, Lutz Gerhard, Nicholas Kral, Susan Gauch, Xiaolan Zhu
Issue Date:November 1999
pp. 188-194
Centralized search process requires that the whole collection reside at a single site. This imposes a burden on both the system storage of the site and the network traffic near the site. It thus comes to require the search process to be distributed. Recent...
     
 1