Logo des Repositoriums

Auflistung nach Autor:in "Stolz, Volker"

1 - 3 von 3
  • Konferenzbeitrag
    7. Arbeitstagung Programmiersprachen (ATPS 2014)
    (Software Engineering 2014, 2014) Stolz, Volker; Trancón Widemann, Baltasar
  • Zeitschriftenartikel
    An Approach to Flexible Multilevel Modelling
    (Enterprise Modelling and Information Systems Architectures (EMISAJ) – International Journal of Conceptual Modeling: Vol. 13, Nr. 10, 2018) Macías, Fernando; Rutle, Adrian; Stolz, Volker; Rodriguez-Echeverria, Roberto; Wolter, Uwe
    Multilevel modelling approaches tackle issues related to lack of flexibility and mixed levels of abstraction by providing features like deep modelling and linguistic extension. However, the lack of a clear consensus on fundamental concepts of the paradigm has in turn led to lack of common focus in current multilevel modelling tools and their adoption. In this paper, we propose a formal framework, together with its corresponding tools, to tackle these challenges. The approach facilitates definition of flexible multilevel modelling hierarchies by allowing addition and deletion of intermediate abstraction levels in the hierarchies. Moreover, it facilitates separation of concerns by allowing integration of different multilevel modelling hierarchies as different aspects of the system to be modelled. In addition, our approach facilitates reusability of concepts and their behaviour by allowing definition of flexible transformation rules which are applicable to different hierarchies with a variable number of levels. As a proof of concept, a prototype tool and a domain-specific language for the definition of these rules is provided.
  • Konferenzbeitrag
    How useful are existing monitoring languages for securing android apps?
    (Software Engineering 2013 - Workshopband, 2013) Arzt, Steven; Falzon, Kevin; Follner, Andreas; Rasthofer, Siegfried; Bodden, Eric; Stolz, Volker
    The Android operating system is currently dominating the mobile device market in terms of penetration and growth rate. An important contributor to its success are a wealth of cheap and easy-to-install mobile applications, known as apps. Today, installing untrusted apps is the norm, though this comes with risks: malware is ubiquitous and can easily leak confidential and sensitive data. In this work, we investigate the extent to which we can specify complex information flow properties using existing specification languages for runtime monitoring, with the goal to encapsulate potentially harmful apps and prevent private data from leaking. By modelling a set of representative, Android-specific security policies with Tracematches, JavaMOP, Dataflow Pointcuts and PQL, we are able to identify policylanguage features that are crucial for effectively defining runtime-enforceable Android security properties. Our evaluation demonstrates that while certain property languages suit our purposes better than others, they all lack essential features that would, if present, allow users to provide effective security guarantees about apps. We discuss those shortcomings and propose several possible mechanisms to overcome them.