Home | deutsch  | Legals | Sitemap | KIT
Contact

Prof. Sebastian AbeckProf. Sebastian Abeck

Head of Group

Informatikgebäude am Schloss (bldg. 20.20)
room 156

tel.: +49 (721) 608-46880
abeckRiv7∂kit edu

office hours:
tuesday from 9 to 10 after registration

Quicklinks

WASA I | WASA II
Team server

About the Research Group Cooperation & Management (C&M)

Research Group

After receiving his PhD and Habilitation from the Technical University Munich (TUM) Sebastian Abeck established the research group "Cooperation & Management" which belongs to the institute of telematics. The group consists of two internal scientific employees, Philip Hoyer and Roland Steinegger, four external scientists, Dr. Michael Gebhart, Pascal Giessler, Georgi Kehaiov und Peter Weierich, as well as a group of many working students and research assistants.

Advanced Web Applications as the Teaching and Research Field

Teaching and research of C&M deal with the systematical development and quality assessment of advanced web applications. Topics are the customizable support of mobile devices, the operability and warranty of accessibility, the application of service-oriented architecture concepts as well as quality assessment of software under consideration of security issues. The necessary methods and technologies (e.g. Responsive Design, architectural pattern, quality metrics, markup languages, web service technologies) are taught in courses (lectures, internships, seminars) titled "web applications and service-oriented architectures" [CM-WASA] .

Figure 1
Figure 1: Web Applications and Service-oriented Architectures


SmartCampus as an Example for an Advanced Web Application

The mobile and service oriented web application "SmartCampus" serves as a consistent sample in teaching and research. SmartCampus, which was developed for stationary and mobile end systems, provides intelligent and innovative services for a better orientation and support of cooperation on campus.

Figure 2
Figure 2: SmartCampus Application


The reservation of workspaces is one example of the services which support studying and collaboration on campus and was developed in the course of an international research project. In joint with the cooperation partner Fraunhofer Institute of Optronics, System Technologies and Image Exploitation (IOSB) concepts for the Internet of Things were analyzed and technically implemented in SmartCampus [IOSB-OpenIoT]. In cooperation with the study center for visually impaired (SZS) a SmartCampus service will be developed which provides relevant information about the access to buildings and lecture halls on campus especially for students with disabilities. In particular questions regarding accessible web are discussed in this project.

Service-oriented Architecture and Quality Assessment

SmartCampus and other service-oriented software systems can be used as examples to analyze if a software solution meets its functional and non-functional requirements. The non-functional requirements can be determined by standardized quality criteria [ISO-SQuRE] such as reliability, efficiency and usability. The question how to determine the quality of web applications by means of metrics and how to approach a quality, which meets its requirements, at its development stages is the main focus of the work at C&M.
quality aspect of operability, architecture for the presentation layer
In the course of software development a draft is created, which is supposed to meet certain, structural quality characteristics such as loose coupling or autonomy. A systematical procedure describing a quality-oriented draft of services was developed by the research group during a scientific work. An essential contribution of this work is the statement of metrics whereby relevant quality characteristics of drafts can be quantified. The scientific work describing the quality assessment of service-oriented architectures [Ge13] was carried on in the course of a project supported by the "EXIST-program". Thanks to this project the analyzing tool "QA82 Analyzer" was developed. By the use of this tool the quality analyzing metrics can be applied to specific, service-oriented software systems such as SmartCampus. For this purpose the tool supports the concept of the hybrid quality assessment in which automated, ascertainable knowledge is linked with manual knowledge. By carrying on the QA82 Analyzer as an Open-Source project it can be used in for research and teaching nowadays. In this context those concepts are transferred to the RESTful web services.
Software quality plays a pivotal role at the development of modern software systems, because it can have a significant impact on the future sustainability of a system. Especially the maintainability with regard to changing general conditions is an important characteristic of a software system. For this purpose, research activities are carried out to figure out how software systems can be analyzed with regard to maintainability and how analysis can be integrated to a development process. Therefore, existing tools for the quality analysis will be checked and expanded (if necessary) so that a profound evaluation of the system can be performed and immediate action can be initiated. In former activities a checklist for the quality analysis was developed (using the example of REST). With its help the web interface can be reviewed in terms of different quality characteristics [GG+15].

Identity and Access Management

Security is a quality aspect of web applications, which is analyzed by C&M intensively. Thereby the focus is on Identity and Access Management (IAM), which in particular deals with the authentication and authorization of users of a web application or web service.
At the design stage architectural patterns can be used to expand the application and service design on the aspects of Identity and Access Management [DS+12]. A precise analysis is conducted to figure out how the application of security patterns can be supported during the drafting process of the architecture. In doing so two aspects will be considered primarily. Firstly, the relationship between security patterns for the IAM of web applications among each other and an appropriate representation of these relationships. Secondly, relevant influences of security patterns on quality characteristics of the draft supporting the selection process for similar security-patterns. A specific characteristic is the surface of REST-based web applications [SS+14].
The IAM plays a central role at providing end customer portals where companies increasingly offer their services and products. In this field of customer-oriented IAM (Consumer IAM) user-friendliness is the most important, which is why the "classic" IAM-solutions (Enterprise IAM) are not applicable. In an extensive survey more than 100 end customer portals of different sectors were evaluated systematically [WW+15]. The work goal was to create a framework that supports the development of solutions of Consumer IAM. The work issuing Identity and Access Management performed by the research group is closely linked to an IT-security laboratory [AR+12], which is operated by C&M in cooperation with an industrial partner. The IT security laboratory is a key component of the teaching-research cycle established by C&M and enables a practice-oriented education for the students.

Publications

[CM-WASA] Cooperation & Management: Web-Anwendungen und Serviceorientierte Architekturen (WASA), Vorlesungs-Kurseinheiten, Karlsruher Institut für Technologie (KIT), 2014. http://cm.tm.kit.edu/download/1-1.einfuehrung_wasa.pdf
[IOSB-OpenIoT] Fraunhofer Institut für Optronik, Systemtechnik und Bildauswertung (IOSB): OpenIoT Project Consortium: KIT Campus Guide, YouTube Video, 2013. https://www.youtube.com/watch?v=VGHVwyadstQ
[ISO-SQuRE] International Standards Organization: Systems and software Quality Requirements and Evaluation (SQuRE), ISO/IEC 25010:2011(en), April 2014. https://www.iso.org/obp/ui/#iso:std:iso-iec:25010:ed-1:v1:en
[Ge13] Michael Gebhart: Measuring Design Quality of Service-Oriented Architectures Based on Web Services, Proceedings of the Eighth International Conference on Software Engineering Advances (ICSEA) 2013.
[GG+14] Michael Gebhart, Pascal Giessler, Pascal Burkhardt, Sebastian Abeck: Requirements Engineering for Agile Development of RESTful Participation Service, International Conference on Software Engineering Advances (ICSEA), 2014.
[GG+15] Michael Gebhart, Pascal Giessler, Sebastian Abeck: RESTful Webservices mit Qualität - T Teil 1: Mit Best Practices zu einem qualitätsorientierten Entwurf und Teil 2: Priorisierung von Best Practices mittels Qualitätsmerkmale, Objektspektrum, 2014, 2015.
[DS+12] Aleksander Dikanski, Roland Steinegger, Sebastian Abeck: Identification and Implementation of Authentication and Authorization Patterns in the Spring Security Framework, The Sixth International Conference on Emerging Security Information, Systems and Technologies, Rom, August 2012.
[SS+14] Roland Steinegger, Johannes Schäfer, Max Vogler, Sebastian Abeck: Attack Surface Reduction for Web Services based on Authorization Patterns, The Eighth International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2014), 2014.
[WW+15] Peter Weierich, David Weich, Sebastian Abeck: Identitäts- und Zugangsmanagement für Kundenportale – Eine Bestandsaufnahme, Digital Enterprise Computing, 2015.
[AR+12] Sebastian Abeck, Robert Reutter, Aleksander Dikanski, Philipp Schleier, Jürgen Biermann, Ingo Pansa: IT-Sicherheitslabor – Ein praxisorientierter Ansatz zur Zusammenarbeit von Hochschule und Industrie in der Lehre, Konferenz "Grundfragen Multimedialen Lehrens und Lernens" (GML2), Berlin, März 2012.