University of Passau
Department of Informatics and Mathematics
   University of Passau  >  FIM  >  IT-SEC  >  Projects >  Former Projects > COMPOSE      SiteMapSitemap  Seitenende

COMPOSE: Collaborative Open Market to Place Objects at your Service

COMPOSE project aims to seamlessly integrate the real and the virtual worlds through the creation of an open and scalable Marketplace infrastructure. It will expose services usable by human and virtual users. The combination, integration and management of these services will be done in a standardized and secure way. The general structure of the open Marketplace envisioned for COMPOSE is depicted in the following picture:

Main Compose Objectives

  • Enabling new services by integrating real and virtual worlds through empowering the Internet of Things
  • Provisioning of an open and scalable marketplace infrastructure for smart objects, services and innovative applications.
  • Bridging the Internet of Things to the Internet of Services and ultimately the Internet of Contents.
  • Promote a new business ecosystem for Small and Medium Enterprises and innovators to introduce new Internet of Things enabled services and applications.

Role of Uni Passau in COMPOSE

Our chair is currently contributing to the design and development of the security framework for COMPOSE. The security mechanisms our group is going to integrate are:

  • Identification and authentication for applications, users, and objects inside the Marketplace.
  • Data provenance for the information generated from different entities in COMPOSE.
  • Trust and reputation mechanism for the service objects, users, and developers.
  • Novel static, dynamic and hybrid algorithms to analyse inter- and intra-service information flow to guarantee security policies set by the users, developers, and data providers.
  • Secure service composition and re-configuration
  • Deploy static analysis in the COMPOSE SDK to support developers to design secure services for the Marketplace.

The COMPOSE consortium comprises twelve partners, including leading ICT companies, recognised academic and research excellence centres, a standardization body, as well as pioneering Small and Medium Enterprises in Internet of Things-based innovative services.

People involved

Research assistants


  • D. Schreckling, J. D. P. Rodriguez and J. Posegga. Data centric Security for IoT. In Proc. of 2nd EAI International Conference on IoT as a Service, Springer, October, 2015.  To appear soon bibtex ...
  • Parra R. J. D. and Posegga, J. Why Servers Should Fear their Clients: Abusing Websockets in Browsers for DoS. In Proc. of 11th EAI International Conference on Security and Privacy in Communication Networks (SECURECOMM), 2015. pdf...  bibtex ...
  • Parra R. J. D., Schreckling, D. and Posegga, J. Identity Management in Platforms Offering IoT as a Service. In Internet of Things. User-Centric IoT, pages 281-288, Springer International Publishing, 2015. doi...  paper...  bibtex ...
  • B. Mandler, F. Antonelli, R. Kleinfeld, C. Pedrinaci, D. Carrera, A. Gugliotta, D. Schreckling, I. Carreras, D. Raggett, M. Pous, C. V. Villares and V. Trifa. COMPOSE - A journey from the Internet of Things to the Internet of Services. In Workshop: Cloud Computing Project and Initiatives - CCPI'13, March 26th, 2013, 2013. bibtex ...
  • D. Schreckling, S. Huber, F. Höhne and J. Posegga. URANOS: User-Guided Rewriting for Plugin-Enabled ANdroid ApplicatiOn Security. In Proc. of the 7th Workshop in Information Security Theory and Practice (WISTP 2013), Springer-Verlag, 2013.  (to appear) bibtex ...

Student Term Papers

  • S. Bauer. Data Provenance in the Internet of Things. Seminar Real Life Security, WS2013, September, 2013. pdf...  bibtex ...
  • T. Eder and D. Nachtmann. Trust and Reputation in the Internet of Things. Seminar Real Life Security, WS2013, September, 2013. pdf...  bibtex ...

Bachelor and Master Theses

  • Fuchs, P. DoS Detection in NodeRED. Master thesis of IT-Security Group, University of Passau, November, 2015. pdf...  bibtex ...
  • D. Hausknecht. Variability-aware data-flow Analysis for Smartphone Applications. Master thesis of Software Product-Lines Group and IT-Security Group, University of Passau, September, 2013. pdf...  bibtex ...
  • R. Wimmer. Proof-Carrying Android Applications to Validate Data-Centric User Policies. Master thesis of IT-Security Group, University of Passau, July, 2013.  (to be published) bibtex ...
  Impressum Last modified: 25/11/2015 - 19:00:34 by dp  Seitenanfang