Dimitri Van Landuyt

KU Leuven | ku leuven · Department of Computer Science

Data de-identification refers to the process of removing or hiding the direct and indirect (quasi-)identifiers from data elements through transformation, generalization, or removal. Through active research over twenty years, diverse de-identification approaches, algorithms and tools have emerged. Existing survey studies focus predominantly on the a...

Many contemporary applications have to deal with unexpected spikes or unforeseen peaks in demand for specific data objects – so-called hotspot objects. For example in social networks, specific media items can go viral quickly and unexpectedly and therefore, properly provisioning for such behavior is not trivial.

Security threat modeling involves the systematic elicitation of plausible threat scenarios, and leads to the identification and articulation of the security requirements in the early stages of software development. Although they are an important source of architectural knowledge, assumptions made in this context are in practice left implicit or at...

Software-as-a-Service (SaaS) providers commonly support customization of their services to allow them to attract larger tenant bases. The nature of these customizations in practice ranges from anticipated configuration options to sophisticated code extensions. From a SaaS provider viewpoint, the latter category is particularly challenging as it inv...

Cloud storage allows organizations to store data at remote sites of service providers. Although cloud storage services offer numerous benefits, they also involve new risks and challenges with respect to data security and privacy aspects. To preserve confidentiality, data must be encrypted before outsourcing to the cloud. Although this approach prot...

Contemporary data processing activities rarely involve a single entity but, rather, rely on complex inter-organizational collaborations between (joint) controllers, processors, sub-processors, recipients, and third parties. However, current approaches in support of Data Protection Impact Assessment (DPIA) traditionally address data protection risks...

The Fourth Industrial Revolution imposes a number of unprecedented societal challenges and these are increasingly being addressed through regulation. This, in turn, lays the burden to adopt and implement the different concepts and principles (such as privacy-by-design) with practitioners. However, these concepts and principles are formulated by leg...

Database schema design requires careful consideration of the application’s data model, workload, and target database technology to optimize for performance and data size. Traditional normalization schemes used in relational databases minimize data redundancy, whereas NoSQL document-oriented databases favor redundancy and optimize for horizontal sca...

Elicitative threat modeling approaches such as Microsoft STRIDE and LINDDUN for respectively security and privacy use Data Flow Diagrams (DFDs) to model the system under analysis. Distinguishing between external entities, processes, data stores and data flows, these system models are particularly suited for modeling centralized, traditional multi-t...

(1) Background: Container orchestration frameworks provide support for management of complex distributed applications. Different frameworks have emerged only recently, and they have been in constant evolution as new features are being introduced. This reality makes it difficult for practitioners and researchers to maintain a clear view of the techn...

A federated cloud storage setup which integrates and utilizes storage resources from multiple cloud storage providers has become an increasingly popular and attractive paradigm for the persistence tier in cloud-based applications (e.g., SaaS applications, IoT applications, etc). However, federated cloud storage setups are prone to run-time dynamic...

Software-as-a-Service (SaaS) providers commonly support customization of their services to allow them to attract larger tenant bases. The nature of these customizations in practice ranges from anticipated configuration options to sophisticated code extensions. From a SaaS provider viewpoint, the latter category is particularly challenging as it inv...

Multi-tenant Software-as-a-Service (SaaS) applications share a single runtime instance among multiple customer organizations (tenants). To account for differences in tenant requirements, they have to support run-time customization. The latter turns these types of applications into a dynamic software product lines involving a wide range of software...

De-identification is the process of removing the associations between data and identifying elements of individual data subjects. Its main purpose is to allow use of data while preserving the privacy of individual data subjects. It is thus an enabler for compliance with legal regulations such as the EU’s General Data Protection Regulation. While man...

Context: Software applications frequently interact with database systems to persist and retrieve objects. Object mapping frameworks address (i) the bi-directional conversion of data between object and target database and (ii) provide a programmatic interface for querying and storing data. The rise of NoSQL databases poses challenges beyond object-r...

Since the General Data Protection Regulation (GDPR) entered into force, every actor involved in the processing of personal data must comply with Data Protection by Design (DPbD). Doing so requires assessing the risks to data subjects' rights and freedoms and implementing appropriate countermeasures. While legal experts traditionally apply Data Prot...

Many applications by design depend on costly trusted third-party auditors. One such example is the industrial application case of federated multi-disciplinary optimization (MDO), in which different organizations contribute to a complex engineering design effort. Although blockchain and distributed ledger technology (DLT) has strong potential in red...

Data Protection by Design (DPbD) is a truly inter-disciplinary effort that involves many stakeholders such as legal experts, requirements engineers, software architects, developers, and system operators. Building software-intensive systems that respect the fundamental rights to privacy and data protection is the result of intensive dialogue and car...

Container orchestration systems, such as Docker Swarm, Kubernetes and Mesos, provide automated support for deployment and management of distributed applications as sets of containers. While these systems were initially designed for running load-balanced stateless services, they have also been used for running database clusters because of improved r...

This poster summarizes our IEEE Cloud 2018 workshop paper and presents additional results

Multi-tenant Software-as-a-Service (SaaS) applications share a single runtime instance among multiple customer organizations (tenants). To account for differences in tenant requirements, they have to support run-time customization. Run-time customization involves a wide range of software artifacts such as user interfaces, databases, web-services an...

NoSQL data stores are often combined to address different requirements within the same application. The implication of this trend is particularly important and relevant in the context of multi-tenant SaaS applications where tenants commonly have different storage- and privacy-related requirements and thus they desire to customize the storage setup...

Implementing security by design in practice often involves the application of threat modeling to elicit security threats and to aid designers in focusing efforts on the most stringent problems first. Existing threat modeling methodologies are capable of generating lots of threats, yet they lack even basic support to triage these threats, except for...

The economy-of-scale benefits of multi-tenancy are most compelling at the application level, as this deployment model allows optimally sharing a single application instance and its runtime resources between multiple customer organizations. However, this requires, among other things, controlling and isolating access of tenants to IO resources (e.g....

Privacy and security are crosscutting in the design of any software system or service, and thus a broad focus on the end-to-end system architecture is required. For this reason, systematic approaches to elicitate security and privacy threats and risks are gaining importance. Such approaches however are highly analytic, require substantial effort an...

Threat modeling refers to a number of systematic approaches for eliciting security and privacy threats. Data Flow Diagrams (DFDs) are the main input for threat modeling techniques such as Microsoft STRIDE or LINDDUN. They represent system-level abstractions that lack any architectural knowledge on existing security solutions. However, this is not h...

Business processes modeling and management solutions provide powerful abstraction mechanisms for the control flow of complex, task-driven applications, and as such allow for better alignment with business-related concerns. Despite the existence and wide adoption of standardized business process management languages such as WS-BPEL and BPMN 2.0, wor...

Although a considerable amount of research exists on auto-scaling of database clusters, the design of an effective auto-scaling strategy requires fine-grained tailoring towards the application scenario. This paper presents an easy-to-use and extensible workbench exemplar, named K8-Scalar (Kube-Scalar), which allows researchers to implement and eval...

In recent years, the hegemony of traditional relational database management systems (RDBMSs) has declined in favour of non-relational databases (NoSQL). These database technologies are better adapted to meet the requirements of large-scale (web) infrastructures handling Big Data by providing elastic and horizontal scalability. Each NoSQL technology...

Multi-tenant Software as a Service (SaaS) is the cloud computing delivery model that maximizes resource sharing up to the level of a single application instance, servicing many customer organizations (tenants) at once. Due to this scale of delivery, a SaaS offering, once successful, becomes difficult to upgrade and evolve without affecting service...

A multi-cloud storage architecture combines different storage technologies and resources from multiple clouds. As it allows application providers to manage the risks associated to technology or vendor lock-in, provider reliability, data security, privacy, it is an increasingly popular tactic for designing the storage tier of cloud-based application...

The proliferation of Big Data systems and namely NoSQL databases has resulted in a tremendous heterogeneity in its offerings. It has become increasingly difficult to compare and select the most optimal NoSQL storage technology. Current benchmark efforts, such as the Yahoo! Cloud Serving Benchmark (YCSB), evaluate simple read and write operations on...

Application-level data management middleware solutions are becoming increasingly compelling to deal with the complexity of a multi-cloud or federated cloud storage and multitenant storage architecture. However, these systems typically support traditional data mapping strategies that are created under the assumption of a fixed and rigorous database...

SaaS providers continuously aim to optimize the cost-efficiency, scalability and trustworthiness of their offerings. Traditionally, these concerns have been addressed by application-level middleware platforms that implement a multi-tenant architecture. However, the recent uprise and industry adoption of container technology such as Docker and Kuber...

Single-instance multi-tenant SaaS applications allow tenant administrators to (extensively) customize the application according to the requirements of their organizations. In the specific case of workflow-driven applications, the SaaS provider may offer a set of pre-defined workflow activities and leave their composition to the tenant administrator...

Regression testing is a form of software quality assurance (QA) that involves comparing the behavior of a newer version of a software artifact to its earlier correct behavior, and signaling the QA engineer when deviations are detected. Given the large potential in automated generation and execution of regression test cases for business process mode...

Regression testing is a form of software quality assurance (QA) that involves comparing the behavior of a newer version of a software artifact to its earlier correct behavior, and signaling the QA engineer when deviations are detected. Given the large potential in automated generation and execution of regression test cases for business process mode...

With the increasingly pervasive role of software in society, security is becoming an important quality concern, emphasizing security by design, but it requires intensive specialization. Security in families of systems is even harder, as diverse variants of security solutions must be considered, with even different security goals per product. Furthe...

Software product line engineering is a compelling methodology that accomplishes systematic reuse in families of systems by relying on two key principles: (i) the decomposition of complex systems into composable and reusable building blocks (often logical units called features), and (ii) on-demand construction of products and product variants by com...

When successful, multi-tenant SaaS applications service many customer organizations (tenants) at once, and SaaS providers face the challenge of complying to the different SLAs of each of these tenants. As a consequence, evolving a SaaS application is in practice done at run time to limit service disruptions, and preferably on a gradual, tenant-pert...

In cloud computing, multi-tenancy is concomitant with scalability in the sense that sharing a single deployment instance between many customer organizations (tenants) maximizes the utilization of the available resources. However, this also introduces the need to customize the application to the (slightly) different requirements of different tenants...

The last few years have seen a drastic increase in the amount and the heterogeneity of NoSQL data stores. Consequently, exploration and comparison of these data stores have become difficult. Once chosen, it is hard to migrate to different data stores. Recently, a number of data access middleware platforms for NoSQL have emerged that provide access...

Multi-tenant Software-as-a-Service (SaaS) applications are increasingly built on combinations of cloud storage technologies and providers in a so-called multi-cloud setup. One advantage is that such a setup helps satisfying the different —sometimes even contrasting— storage requirements of different customer organizations (tenants). In such a multi...

Multi-tenant Software as a Service (SaaS) is the cloud computing delivery model that maximizes resource sharing up to the level of a single application instance servicing many customer organizations (tenants) at once. Due to this scale of delivery, a SaaS offering, once successful, becomes difficult to upgrade and evolve without affecting service c...

In recent years, cloud computing has become an increasingly important software delivery paradigm, mainly for reasons of increased scalability. The scalability benefits are accomplished by the capability of autonomously and elastically scaling up or down so that customer preferences (SLAs) can be accommodated. For this, performance monitoring is a p...

Software-as-a-Service (SaaS) providers increasingly rely on multi-cloud setups to leverage the combined benefits of different enabling technologies and third-party providers. Especially, in the context of NoSQL storage systems, which are characterized by heterogeneity and quick technological evolution, adopting the multi-cloud paradigm is a promisi...

Software product line engineering (SPLE) and variability enforcement techniques have been applied to run-time adaptive systems for quite some years, also in the context of multi-tenant Software-as-a-Service (SaaS) applications. The focus has been mainly on (1) the pre-deployment phases of the development life cycle and (2) fine-grained (tenant-leve...

Applying application-level multi-tenancy in Software-as-a-Service (SaaS) offerings yields a number of compelling benefits: sharing a single instance of the application between large numbers of customer organizations increases cost efficiency and allows the SaaS provider to attain true economies-of-scale benefits. There is however a main downside to...

Architectural assumptions are fundamentally different from architectural decisions because they can not be traced directly to requirements, nor to domain, technical or environmental constraints; they represent conditions under which the designed solution is expected to be valid. Early architectural assumptions are similar in nature, with the key di...

Offering Software-as-a-Service (SaaS) applications on top of a Platform-as-a-Service (PaaS) platform is a promising strategy as the SaaS provider does not need to acquire and maintain private cloud infrastructure, and it enables him/her to enjoy the benefits of cloud scalability and flexiblity as well. However, as this entails losing some control o...

The increasing elderly population and the shift from acute to chronic illness makes it difficult to care for people in hospitals and rest homes. Moreover, elderly people, if given a choice, want to stay at home as long as possible. In this article, the methodologies to develop a cloud-based semantic system, offering valuable information and knowled...

Software product line engineering (SPLE) techniques revolve around a central variability model, which in many cases is a feature model that documents the logical capabilities of the system as features and the variability relationships between them. In more traditional SPLE, this feature model is a result of domain analysis and requirement elicitati...

This paper discusses the merits and challenges of adopting software product line engineering (SPLE) as the main development process for an automotive Hall Effect sensor. This versatile component is integrated into a number of automotive applications with varying safety requirements (e.g., windshield wipers and brake pedals). This paper provides a d...

Application-level multi-tenancy is an architectural approach for Software-as-a-Service (SaaS) applications which enables high operational cost efficiency by sharing one application instance among multiple customer organizations (the so-called tenants). However, the focus on increased resource sharing typically results in a one-size-fits-all approac...