towards minimising timestamp usage in application software
play

Towards Minimising Timestamp Usage in Application Software A Case - PowerPoint PPT Presentation

Sep 10, 2022 •323 likes •731 views

Christian Burkert , Hannes Federrath Towards Minimising Timestamp Usage in Application Software A Case Study of the Mattermost Application 26.09.2019 Project: Employee Privacy in Development and Operations 26.09.2019 | Christian Burkert,

  1. Christian Burkert , Hannes Federrath Towards Minimising Timestamp Usage in Application Software A Case Study of the Mattermost Application 26.09.2019

  2. Project: Employee Privacy in Development and Operations 26.09.2019 | Christian Burkert, Hannes Federrath 2

  3. Project: Employee Privacy in Development and Operations 26.09.2019 | Christian Burkert, Hannes Federrath 2

  4. Project: Employee Privacy in Development and Operations 26.09.2019 | Christian Burkert, Hannes Federrath 2

  5. Project: Employee Privacy in Development and Operations 26.09.2019 | Christian Burkert, Hannes Federrath 2

  6. Project: Employee Privacy in Development and Operations 26.09.2019 | Christian Burkert, Hannes Federrath 2

  7. Project: Employee Privacy in Development and Operations 26.09.2019 | Christian Burkert, Hannes Federrath 2

  8. Monitoring of Employees Source: Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD) 26.09.2019 | Christian Burkert, Hannes Federrath 3

  9. Monitoring of Employees Monitoring Performance Down on Mondays? Progress Stuck on a task? Habits Working after midnight? Source: Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD) 26.09.2019 | Christian Burkert, Hannes Federrath 3

  10. Monitoring of Employees Monitoring Performance Down on Mondays? Progress Stuck on a task? Habits Working after midnight? Employment Power imbalance Collective measures vs. individual consent Source: Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD) 26.09.2019 | Christian Burkert, Hannes Federrath 3

  11. People Analytics: Microsoft Workplace Analytics 26.09.2019 | Christian Burkert, Hannes Federrath 4

  12. People Analytics: IBM Personal Social Dashboard 26.09.2019 | Christian Burkert, Hannes Federrath 5

  13. Timestamp Metadata 26.09.2019 | Christian Burkert, Hannes Federrath 6

  14. Timestamp Metadata: Research Questions RQ1 Where do timestamps occur in the data model? 26.09.2019 | Christian Burkert, Hannes Federrath 7

  15. Timestamp Metadata: Research Questions RQ1 Where do timestamps occur in the data model? RQ2 Which of them are personally identifiable? 26.09.2019 | Christian Burkert, Hannes Federrath 7

  16. Timestamp Metadata: Research Questions RQ1 Where do timestamps occur in the data model? RQ2 Which of them are personally identifiable? RQ3 For what purpose are they collected/processed? 26.09.2019 | Christian Burkert, Hannes Federrath 7

  17. Timestamp Metadata: Research Questions RQ1 Where do timestamps occur in the data model? RQ2 Which of them are personally identifiable? RQ3 For what purpose are they collected/processed? RQ4 Are there more proportionate/data minimal alternatives? 26.09.2019 | Christian Burkert, Hannes Federrath 7

  18. Case Study: Mattermost Source: mattermost.com 26.09.2019 | Christian Burkert, Hannes Federrath 8

  19. Purpose Analysis: Methodology RQ1 Where do timestamps occur in the data model? 1. Find all uses of int64 keyword in model code 2. Filter out non-timestamp related occurrences Target of evaluation: Mattermost Server v4.8, Mattermost Web Client v5.5.1 26.09.2019 | Christian Burkert, Hannes Federrath 9

  20. Purpose Analysis: Methodology RQ1 Where do timestamps occur in the data model? 1. Find all uses of int64 keyword in model code 2. Filter out non-timestamp related occurrences RQ2 Which of them are personally identifiable? 3. Keep only timestamps with a connection to User Target of evaluation: Mattermost Server v4.8, Mattermost Web Client v5.5.1 26.09.2019 | Christian Burkert, Hannes Federrath 9

  21. Purpose Analysis: Methodology RQ1 Where do timestamps occur in the data model? 1. Find all uses of int64 keyword in model code 2. Filter out non-timestamp related occurrences RQ2 Which of them are personally identifiable? 3. Keep only timestamps with a connection to User RQ3 For what purpose are they collected/processed? 4. Locate all uses of these timestamps with gorename 5. Inspect source code of all uses and categorise them 6. Discard all non-programmatic uses (i.e., which have no effect on MM’s behaviour) 7. Identify user facing timestamps by in the web client Target of evaluation: Mattermost Server v4.8, Mattermost Web Client v5.5.1 26.09.2019 | Christian Burkert, Hannes Federrath 9

  22. Timestamps in Mattermost’s Data Model (Excerpt) ChannelMember � � Status � ChannelMemberHistory + � � Session + � � Channel + � � User + � � � Post + � � Legend: + Creation Reaction + � Update � Deletion � Last Viewed � Last Activity � Expiration 26.09.2019 | Christian Burkert, Hannes Federrath 10

  23. PII vs. Non-PII Timestamps PII 47 73 Total 26 No-PII 26.09.2019 | Christian Burkert, Hannes Federrath 11

  24. Timestamp Types Update 14 Create 15 47 PII 10 8 Delete Misc 26.09.2019 | Christian Burkert, Hannes Federrath 12

  25. Visibility for Users Not Visible 42 47 PII 5 Visible 26.09.2019 | Christian Burkert, Hannes Federrath 13

  26. Programmatic Usage Used 23 47 PII 24 Unused 26.09.2019 | Christian Burkert, Hannes Federrath 14

  27. Distribution of Types between Used and Unused 6 create 9 used (23) 8 update 6 4 delete 6 unused (24) 5 misc 3 26.09.2019 | Christian Burkert, Hannes Federrath 15

  28. Categories of Programmatic Usage Type of Use Description EditLimit Enforce edit limit for posts Etag Calculate Etag for HTTP header Expiry Enforce the expiry of an object Filter Filter a sequence of objects by time MinElapse Ensure that a minimum amount of time has elapsed PostNovelty Highlight new posts Sort Sort a sequence of objects by time State Track the state of an object Timeout Enforce a timeout 26.09.2019 | Christian Burkert, Hannes Federrath 16

  29. Categories of Programmatic Usage Etag 8 State 11 31 Usages 4 Expiry 2 4 2 Novelty Misc Timeout 26.09.2019 | Christian Burkert, Hannes Federrath 17

  30. RQ4: More proportionate/data minimal alternatives r e r b e m b m u n N u o N n e n i o t a c n o i n i t r o t p e e c i s y m u u r i q v d c u e e e n n R R S E E EditLimit � Etag � Expiry � Filter � MinElapse � Novelty � Sort � State � Timeout � User Information � � 26.09.2019 | Christian Burkert, Hannes Federrath 18

  31. Purpose: Sort, Novelty and Etag Property Monotonic ordering 26.09.2019 | Christian Burkert, Hannes Federrath 19

  32. Purpose: Sort, Novelty and Etag Property Monotonic ordering Alternative Sequence or revision numbers 26.09.2019 | Christian Burkert, Hannes Federrath 19

  33. Purpose: Sort, Novelty and Etag Property Monotonic ordering Alternative Sequence or revision numbers Example Novelty detection: 1. Add sequence number to post 2. Record last seen seq. number per channel and user 3. On revisits: highlight posts with higher seq. number 26.09.2019 | Christian Burkert, Hannes Federrath 19

  34. Mattermost Case Study: Summary Goal Analysis of timestamp usage and purposes 26.09.2019 | Christian Burkert, Hannes Federrath 20

  35. Mattermost Case Study: Summary Goal Analysis of timestamp usage and purposes Findings majority of PII timestamps is not used only a small proportion is visible to users programmatic usages have potential for data minimisation 26.09.2019 | Christian Burkert, Hannes Federrath 20

  36. Mattermost Case Study: Summary Goal Analysis of timestamp usage and purposes Findings majority of PII timestamps is not used only a small proportion is visible to users programmatic usages have potential for data minimisation Limitation Case study is not representative 26.09.2019 | Christian Burkert, Hannes Federrath 20

  37. Mattermost Case Study: Summary Goal Analysis of timestamp usage and purposes Findings majority of PII timestamps is not used only a small proportion is visible to users programmatic usages have potential for data minimisation Limitation Case study is not representative Future Expansion to other software Improvement of the usage analysis (automation, reproducibility) Investigation of possible causes (anti patterns) 26.09.2019 | Christian Burkert, Hannes Federrath 20

  38. Contact Christian Burkert Tel. +49 40 42883-2406 Mail burkert@informatik.uni-hamburg.de I’d be happy to hear from you! OpenPGP Fingerprint: 9B97 CC4B 5FF4 7BA3 EF7B 1966 A5FB 6E0B 41AC CDFB 26.09.2019 | Christian Burkert, Hannes Federrath 21

  39. Timestamp Type and their Programmatic Usage Type Usage Category Create EditLimit, Expiry, PostNovelty, Sort, State Update Etag, Filter, State Delete StateDeleted LastActivityAt MinElapse, Timeout LastViewedAt PostNovelty ExpiresAt Expiry 26.09.2019 | Christian Burkert, Hannes Federrath 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A Method to Estimate the Timestamp Accuracy of Measurement Hardware and Software Tools Patrik

A Method to Estimate the Timestamp Accuracy of Measurement Hardware and Software Tools Patrik

A Method to Estimate the Timestamp Accuracy of Measurement Hardware and Software Tools Patrik Arlos Blekinge Institute of Technology Inter-arrival time Mean: 1230 s Min: 1110 s Max: 1623 s Std.dev: 44.8 s Mean: 1230 s Min: 1230

420 views • 14 slides
1 CS430DL - Chapter 17 TIMESTAMP-BASED PROTOCOLS (CONT.) Suppose that transaction T i issues

1 CS430DL - Chapter 17 TIMESTAMP-BASED PROTOCOLS (CONT.) Suppose that transaction T i issues

CS430DL - Chapter 17 TIMESTAMP AND VALIDATION PROTOCOLS 1 CS430DL - Chapter 17 TIMESTAMP-BASED PROTOCOLS Each transaction is issued a timestamp when it enters the system. If an old transaction T i has time-stamp TS( T i ), a new transaction

393 views • 7 slides
Unstructured Application Usage Traces + + + Longqi Yang* , Chen Fang, Hailin Jin, Matt Hoffman,

Unstructured Application Usage Traces + + + Longqi Yang* , Chen Fang, Hailin Jin, Matt Hoffman,

Personalizing Software and Web Services by Leveraging Unstructured Application Usage Traces + + + Longqi Yang* , Chen Fang, Hailin Jin, Matt Hoffman, Deborah Estrin* *Computer Science, Cornell Tech + Adobe Research Cornell University

298 views • 25 slides
Orbis UUID Generation, using Consistent Hashing in Erlang UUID [42-bit Timestamp, 12-bit Shard,

Orbis UUID Generation, using Consistent Hashing in Erlang UUID [42-bit Timestamp, 12-bit Shard,

Orbis UUID Generation, using Consistent Hashing in Erlang UUID [42-bit Timestamp, 12-bit Shard, 10-bit Sequence] Timestamp Use Unix Epoch, in milliseconds, with an offset. Subtract offset at generation time, add on decoding time.

295 views • 6 slides
CHAPTER 12: APPLICATION AND COMPONENT INTEGRATION 11:35 2 Application integration What if

CHAPTER 12: APPLICATION AND COMPONENT INTEGRATION 11:35 2 Application integration What if

1 Architecture and Modelling of Information Systems (D0I71A) Prof. dr. Monique Snoeck CHAPTER 12: APPLICATION AND COMPONENT INTEGRATION 11:35 2 Application integration What if you already have software ? Software manages its own

346 views • 17 slides
Introduction to Software Engineering Week 1 Software Engineering Software Engineering

Introduction to Software Engineering Week 1 Software Engineering Software Engineering

Introduction to Software Engineering Week 1 Software Engineering Software Engineering Software engineering is "(1) the application of Software engineering is (1) the application of a systematic, disciplined, quantifiable approach to the

610 views • 26 slides
trip planner usage data a machine learning application Acknowledgement: Jop van Roosmalen Dr.

trip planner usage data a machine learning application Acknowledgement: Jop van Roosmalen Dr.

Forecasting bus ridership with trip planner usage data a machine learning application Acknowledgement: Jop van Roosmalen Dr. Chintan Amrit (UTwente) Dr. Engin Topan (UTwente) Dr. Niels van Oort ( Smart Public Transport Lab) 1 9292 Trip

432 views • 21 slides
WT02 - Software Citation: Principles, Usage, Benefits, and Challenges Daniel S. Katz and Martin

WT02 - Software Citation: Principles, Usage, Benefits, and Challenges Daniel S. Katz and Martin

WT02 - Software Citation: Principles, Usage, Benefits, and Challenges Daniel S. Katz and Martin Fenner Goals: After the course, attendees should be able to: Understand the software citation principles Lots of explanation and

335 views • 14 slides
SEEDS: THE SOFTWARE ENGINEER'S ENERGY- OPTIMIZATION DECISION SUPPORT FRAMEWORK James Clause

SEEDS: THE SOFTWARE ENGINEER'S ENERGY- OPTIMIZATION DECISION SUPPORT FRAMEWORK James Clause

The road to: SEEDS: THE SOFTWARE ENGINEER'S ENERGY- OPTIMIZATION DECISION SUPPORT FRAMEWORK James Clause University of Delaware Energy usage is an increasingly important concern REDUCING ENERGY USAGE Software Engineer Source Code

855 views • 72 slides
The Timestamp of Timed Automata Amnon Rosenmann Graz University of Technology

The Timestamp of Timed Automata Amnon Rosenmann Graz University of Technology

The Timestamp of Timed Automata Amnon Rosenmann Graz University of Technology rosenmann@math.tugraz.at Amnon Rosenmann (TU Graz) The Timestamp of Timed Automata 1 / 30 Introduction Timed automata (TA) are finite automata extended with clocks

1.02k views • 30 slides
Application software configuration using Heat Steve Baker Senior Software Engineer, Red Hat

Application software configuration using Heat Steve Baker Senior Software Engineer, Red Hat

Application software configuration using Heat Steve Baker Senior Software Engineer, Red Hat sbaker@redhat.com irc stevebaker #heat Application software configuration using Heat Configuration vs Orchestration New heat software config

720 views • 43 slides
A Research Framework for Empirical Software Engineering Collaboration and Its Application in a

A Research Framework for Empirical Software Engineering Collaboration and Its Application in a

Software Engineering Center Information-technology Promotion Agency, Japan A Research Framework for Empirical Software Engineering Collaboration and Its Application in a Software Development Project Yoshiki Mitani*, Nahomi Kikuchi**, Tomoko

360 views • 6 slides
Timestamp /16 at LBL, sampled 1-in-1K 2nd /16, sampled 1-in-1K Number of relays 8000 6000

Timestamp /16 at LBL, sampled 1-in-1K 2nd /16, sampled 1-in-1K Number of relays 8000 6000

Timestamp /16 at LBL, sampled 1-in-1K 2nd /16, sampled 1-in-1K Number of relays 8000 6000 Relays 4000 Bridges 2000 0 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 The Tor Project https://metrics.torproject.org/ Directly

369 views • 24 slides
SOFTWARE 2.0 Software Engineer - Microsoft SPRING 2019 CSD 439 Big Data Application

SOFTWARE 2.0 Software Engineer - Microsoft SPRING 2019 CSD 439 Big Data Application

David Parker SOFTWARE 2.0 Software Engineer - Microsoft SPRING 2019 CSD 439 Big Data Application Development Basically learn how solve cool problems at scale ABOUT THE SPEAKER SKYNET Source: [19] AMAZON GO Source: [21]

1.21k views • 48 slides
Output: Software Output System Layers Application 1 Application 2 Application 3 ... Swing

Output: Software Output System Layers Application 1 Application 2 Application 3 ... Swing

Output: Software Output System Layers Application 1 Application 2 Application 3 ... Swing SWT UIKit Window System Operating System Hardware (e.g., graphics card) 2 The Window System 3 Window System Basics l Developed to support

905 views • 53 slides
through Application Discovery with ExplorViz SSP 18 9th Symposium on Software Performance

through Application Discovery with ExplorViz SSP 18 9th Symposium on Software Performance

Simplifying Software System Monitoring through Application Discovery with ExplorViz SSP 18 9th Symposium on Software Performance 2018 Alexander Krause, Christian Zirkelbach, Wilhelm Hasselbring Talk by Sren Henning Kiel University

416 views • 26 slides
Accelerating Multiprocessor Simulation with a Memory Timestamp Record Kenneth Barr Heidi Pan

Accelerating Multiprocessor Simulation with a Memory Timestamp Record Kenneth Barr Heidi Pan

Accelerating Multiprocessor Simulation with a Memory Timestamp Record Kenneth Barr Heidi Pan Michael Zhang Krste Asanovic Massachusetts Institute of Technology March 21, 2005 Intelligent sampling gives best speed-accuracy tradeoff for

691 views • 39 slides
Scaling Up HBase Duen Horng (Polo) Chau Associate Professor, College of Computing

Scaling Up HBase Duen Horng (Polo) Chau Associate Professor, College of Computing

poloclub.github.io/#cse6242 CSE6242/CX4242: Data & Visual Analytics Scaling Up HBase Duen Horng (Polo) Chau Associate Professor, College of Computing Associate Director, MS Analytics Georgia Tech Mahdi Roozbahani

800 views • 27 slides
RFC 3161 bis Time-stamp Protocol draft-ietf-pkix-rfc3161-01.txt Denis Pinkas. Bull SAS. Lead

RFC 3161 bis Time-stamp Protocol draft-ietf-pkix-rfc3161-01.txt Denis Pinkas. Bull SAS. Lead

RFC 3161 bis Time-stamp Protocol draft-ietf-pkix-rfc3161-01.txt Denis Pinkas. Bull SAS. Lead editor of RFC 3161 San Francisco - March 23, 2009 Status A draft has been issued in February 2009. Major differences from RFC 3161 [RFC3161] are

735 views • 6 slides
How to use Dates & Times with pandas Manipulating Time Series Data in Python Date & Time

How to use Dates & Times with pandas Manipulating Time Series Data in Python Date & Time

MANIPULATING TIME SERIES DATA IN PYTHON How to use Dates & Times with pandas Manipulating Time Series Data in Python Date & Time Series Functionality At the root: data types for date & time information Objects for points in

279 views • 25 slides
Graph Traversal Graph Traversal with DFS/BFS One of the most fundamental graph problems is to

Graph Traversal Graph Traversal with DFS/BFS One of the most fundamental graph problems is to

Graph Traversal Graph Traversal with DFS/BFS One of the most fundamental graph problems is to traverse every Tyler Moore edge and vertex in a graph. CSE 3353, SMU, Dallas, TX For correctness, we must do the traversal in a systematic way so

736 views • 5 slides
Timestamps in Security Protocols One method of handling this kind of problem is timestamps

Timestamps in Security Protocols One method of handling this kind of problem is timestamps

Timestamps in Security Protocols One method of handling this kind of problem is timestamps Proper use of timestamps can limit the time during which an exposed key is dangerous But timestamps have their own problems Lecture 6 Page 1

359 views • 9 slides
On Optimal Hash Tree Traversal for Interval Time-Stamping Helger Lipmaa Helsinki University of

On Optimal Hash Tree Traversal for Interval Time-Stamping Helger Lipmaa Helsinki University of

On Optimal Hash Tree Traversal for Interval Time-Stamping Helger Lipmaa Helsinki University of Technology { helger } @tcs.hut.fi http://www.tcs.hut.fi/helger ISC02, 02.10.2002 On Optimal Hash Tree Traversal for Interval Time-Stamping

945 views • 45 slides
We Weaver: A Hig High h Performance, Tr Transa sacti tional Gr Graph Dat Datab abas ase

We Weaver: A Hig High h Performance, Tr Transa sacti tional Gr Graph Dat Datab abas ase

We Weaver: A Hig High h Performance, Tr Transa sacti tional Gr Graph Dat Datab abas ase e Bas ased ed on on Refi Refinab able e Times estam amps By Dubey et al. Presented by: Ishank Jain Department of Computer Science

401 views • 24 slides

More recommend