Documentations, papers or other kinds of works written by me (mostly during my studies) will be filed under this category.

Master Thesis: Modality-independent Exchange of Information Across Devices Using the Pick-and-Drop Concept

I have submitted my master’s thesis to the university of Ulm and received my master’s degree. The task of my master thesis was to develop and evaluate a multimodal user interaction concept for an existing prototypical system that allows a drag-and-drop-like interaction across device borders.

To make things more interesting, this is no ordinary drag-and-drop action where the dragged information must retain its original representation. The dragged information can be dropped and represented by different media types, depending on the context. An example would be to drag the text “apple” and drop it into a droppable area for images. The dragged information would then adapt by switching to an image of an apple and displaying the visual information. One of the main achievements of my master’s thesis was to devise such an interaction concept and discuss the implications and problems inherent to such interaction possibilities.

Another point was the ability to spontaneously switch input modalities and devices on demand. For example, when working with a computer using mouse and keyboard to input information the user should be able to leave the computer, pick up a tablet and continue working in the next room inputting the text utilising the touch pad or voice input of the tablet.

Alas, I cannot share the source code this time, as my prototype is heavily dependent on the existing prototypical system and interweaved with its code, which is the property of the university of Ulm and part of a larger research project. But, as the focus was the interaction concept and its theoretical elaboration, the most interesting parts of this work can be found in the documentation.



It was written to the best of my knowledge, though I can’t guarantee it’s perfectly free of errors. Furthermore, the disclaimer of this blog applies.

Meilensteine des Software-Engineering: Prinzipien der Modularisierung

Another post in german, since I had to write this paper in german (requirement by my professor).

Ich hab’ dieses Semester ein sehr interessantes Seminar an der Universität Ulm besucht über Meilensteine in der Geschichte des Software-Engineering, welche Themen behandelten wie diese Disziplin entstand und welche definierenden, richtungsweisenden Beiträge über die Zeit entstanden. Mein Thema war die Modularisierung von Software und nach welchen Prinzipien und Kriterien hierbei vorgegangen werden kann.

Modularisierung ist eine essentielle Methode in der Softwareentwicklung um komplexe Probleme beherrschbar zu machen, die Flexibilität von Software zu erhöhen und ihre Wartbarkeit zu erleichtern. Welche Prinzipien & Kritieren können angewandt werden um zu einer optimalen Modularisierung zu gelangen? Gibt es überhaupt eine optimale Modularisierung oder müssen gewisse Vor- und Nachteile gegeneinander abgewogen werden um die gesteckten Ziele eines Softwaresystems zu erreichen?

Was der große Vorteil der Modularisierung von Softwaresystemen ist und welche Kosten eine Modularisierung mit sich bringen kann soll in der vorliegenden Arbeit beleuchtet werden. David Parnas veröentlichte 1972 einen Artikel mit dem Titel ‘On the Criteria To Be Used in Decomposing Systems into Modules’ [1] und führte ein wichtiges Prinzip ein: Das information hiding.

Die Auswirkungen von Parnas’ Artikel auf den heutigen Stand, auf andere Prinzipien, Ratschläge und Design Patterns, zu denen sich in Parnas’ Artikel bereits Ansätze erkennen lassen, sollen in der vorliegenden Arbeit ausgeführt werden.


Paper on API Evaluation

I wrote a paper on the very intriguing topic of API Evaluation, which is often overlooked or simply unknown to many software developers. The paper aims to give an overview over the topic and currently available and researched techniques to evaluate APIs. Here’s the abstract:

Application Programming Interfaces (APIs) are the “glue” between software components. Almost all developers work with APIs on a regular basis in one form or another, making APIs one of the cornerstones of modern software development. Still, evaluating and ensuring API qualities is an often overlooked topic. In the past years, a lot of research has been going on with the goal to come up with better evaluation techniques and metrics to assess the qualities of APIs.

This paper analyses the current state of research. It starts with an introduction to the problem and gives an overview of five recent proposals for API evaluation techniques. Every technique is introduced, described both in terms of necessary preparations and the actual execution and concluded by a summary that highlights benefits and drawbacks of the technique. Closing, a conclusion provides an overview of the state of API evaluation techniques based on the five techniques reviewed in this paper.

I also gave a presentation on the topic. Alas, the slides are only availabe in german.



The beautiful photos on the first and last slides were taken by Hansheinz Müller Philipps Sohn, a talented hobby photographer and good friend of mine. They were, of course, used with his permission.

Bachelor Kolloquium

This time, for once, a post in german.

Geschafft! Am 26.10.2010 gab ich nun letztendlich mein Kolloquium (Präsentation meiner Bachelorarbeit) im Rahmen der Vorlesung Aktuelle Themen der IT-Sicherheit. Mein Vortrag war sehr gut besucht mit ungefähr 80 Studenten aus dem 1., 3. und 6. Semester Informatik, sowie von ein paar Studenten des Elektronik-Masters wie ich am Tag darauf beim Kendo Training erfahren hab (Stichwort: Die Welt ist klein).

Die Präsentation hab ich an meiner Hochschule, der HTW Aalen, auf deutsch gehalten und dem unmittelbaren Feedback mancher Teilnehmer, die auf mich zukamen nach der Präsentation, zu schließen kam Sie auch ganz gut an. 🙂


Im Folgenden die Präsentation, jeweils im PPTX und PDF Format:

Bachelor Thesis: An Android App for One-Time Password Generation & Management

The full title of my bachelor thesis is “Development of an Android App for One-Time Password Generation & Management“, which was shortened for the title. I developed an Android app that allows the user to carry and manage any number of OTP lists, specifically OTP lists created by the OTPW Package written by Markus Kuhn. The thesis consist of the app itself as well as a theoretical document covering One-Time Passwords in general, Random Number Generation, the Android platform, app development for Android and, last but not least, the actual app development itself.

The app utilizes the GNU Crypto library. Alas, the Android Development Tools (ADT in short) could not convert the JAR library file provided by the GNU Crypto website into an Android-compatible JAR file, so I had to include the source of the GNU Crypto project itself. To limit the impact on the size of the app, I only included what was needed by my app (the hashing facility) and left out the rest of the GNU Crypto project.

Though primarily written to manage and generate lists of the OTPW package right now, the app architecture was designed with extensibility in mind. It should not be too hard to add support for another OTP-System. The basic components are well encapsulated and the generation facility was written in a way that allows new classes to be added to handle other OTP systems. Only the generation GUI needs to be extended to accommodate for other possible OTP-Systems.

Future development

For the time being I won’t continue working on this app. Also, I did not distribute it in the Android Market as you need a credit card to do so and – though some might not believe it – I don’t have one. If you are interested in continuing the development of this app, feel free to contact me so we can talk about it. I’m sure we will be able to come to an agreement.



It was written to the best of my knowledge, though I can’t guarantee it’s perfectly free of errors. Furthermore, the disclaimer of this blog applies.

Project work on genetic algorithms, the TSP and parallelism

Over the course of the last semester I did a project work with the title ‘Approximation of the Traveling Salesman Problem utilising a genetic algorithm in a parallel system‘. As this is a very complex title by itself, I will explain what this work was about in a few sentences. For further details please take a look at the documentation.

The main goal of this project was to develop an algorithm to approximate an optimal tour for the traveling salesman problem, which is in short as follows: A salesman wants to visit X cities under the following conditions:

  • every city must be visited exactly once
  • the tour has to be a round trip

This is a NP-complete problem, meaning there is no efficient algorithm known to solve it in a worthwhile timeframe. Since nobody wants to wait for several years to get an optimal tour, there are some approximation algorithms which are rather good. As multi-core processors are becoming more and more common, programming applications that utilize multiple cores has become an important trait.

This is where genetic algorithms come into play: Offering intrinstic parallelism they’re well suited for parallelization. Also, they are very general in nature: All that’s necessary is to encode the problem in a way the genetic alorithm can handle it. The algorithm does not need any problem-specific information, although it could be used to enhance the results.

The TSPLib was used for sample data, which is pretty nice as there are best known solutions to it.

Build Environment

The program was developed in Linux using eclipse CDT 5.0.1 and CMake 2.6, so this is the recommended environment to build and run it. It also utilizes OpenMP and TR1 for shared pointers, so make sure your compiler supports it. For further details, see How to build.

Building under Windows

By default the build environment is set to linux to compile. If you want to compile it under windows, you have to set the appropriate define in the config.h file:

//#define LINUX
#define WIN_32

Also note that this is a console application, so make sure you’ve set your IDE to the correct system.



It was written to the best of my knowledge, though I can’t guarantee it’s perfectly free of errors. Furthermore, the disclaimer of this blog applies.

Security mechanisms in Linux

In my 4th Semester, I have written an introduction on Linux security mechanisms on application level. This introduction covers topics like Access Control techniques, hardening the linux kernel, the LSM Framework, SELinux and AppArmor, as well as Ruleset Based Access Control.

I want to emphasize that this work is only an introduction on the topic and therefore does not contain manuals or step-by-step tutorials on how to set those features up, rather explaining how they work as well as elaborating their advantages and disadvantages.



This document was completely written in german. There is no english version available. It was written to the best of my knowledge, though I can’t guarantee it’s perfectly free of errors.

Go to Top