Keynotes

The Android Platform Security Model

René Mayrhofer  

Johannes Kepler University Linz (JKU), Austria

Abstract

This talk is about the Android platform with over 3 Billion active devices - not even counting devices that are based on AOSP (the Android Open Source Project code) but are not officially Android. Providing security guarantees in such a massive and diverse ecosystem with multiple stakeholders is a major challenge. This keynote will present the main aspects of the security model, system architecture, and mitigations and safeguards developed over more than 10 years. Some of the early design decisions shaped the platform from the start and still form the foundation for its current security posture, while many additional safeguards were added over time. More recently, an academic consortium has started building a public transparency database for collecting measurements about the security status of devices, both from special device farms under laboratory settings and from in-the-field devices through crowd sourcing. Using such data to check for compliance with the Android platform security model and potentially ranking devices based on their security attributes is another interesting challenge. In this keynote, we will also present the current state of this database and ides for next steps.

Bio

René Mayrhofer is currently heading the Institute of Networks and Security at Johannes Kepler University Linz (JKU), Austria. Between 2017 and 2019, he was the Director of Android Platform Security at Google in Mountain View (US) and helped make recent advances in usable, mobile security research available to the Billions of Android users. Since his return to Linz, he continues to be involved with Android security as a domain expert to foster exchange and collaboration between Android teams at Google and academic research groups and is now leading a new Christian Doppler Laboratory on "Private Digital Authentication in the Physical World" to proactively answer upcoming questions on privacy in cloud-based digital identity systems.
Previously, he held a full professorship for Mobile Computing at Upper Austria University of Applied Sciences, Campus Hagenberg, a guest professorship for Mobile Computing at University of Vienna, and a Marie Curie Fellowship at Lancaster University, UK. His research interests include computer security, mobile devices, network communication, and machine learning, which he currently brings together in his research on securing mobile devices and digital identity. Within the scope of u'smile, the Josef Ressel Center for User-friendly Secure Mobile Environments, his research group looked into full-stack security of mobile devices from hardware through firmware up to user interaction aspect. One particular outcome was a prototype for a privacy conscious Austrian mobile Driving License (AmDL) on Android smartphones supported by tamper-resistant hardware. Research results and concepts from this prototype are being contributed to the upcoming ISO 18013-5 standard for international mobile driving licenses and have directly influenced the new Identity Credentials framework in Android 11. René has contributed to over 100 peer-reviewed publications and is a reviewer for numerous journals and conferences. He received Dipl.-Ing. (MSc) and Dr. techn. sub ausipiciis praesidentis rei publicae (PhD) degrees from Johannes Kepler University Linz, Austria and his venia docendi for Applied Computer Science from University of Vienna, Austria.

The Domestication of ChatGPT by University Students

Maureen Tanner  

University of Cape Town, South Africa

Abstract

Recent technological advancements have brought about significant disruptions in various aspects of society, including the field of education. Among these advancements, Artificial Intelligence (AI) has made remarkable strides, leading to the development of OpenAi’s ChatGPT. With its extraordinary capabilities, ChatGPT has gained widespread attention on social media platforms and news outlets worldwide. This generative AI tool has also found its way into educational settings, where students have embraced and domesticated its usage. However, the incorporation of ChatGPT in education remains a subject of controversy. While some view it as a potential facilitator of teaching and learning, others express concerns that it might lead to students becoming overly reliant on AI tools, hampering their analytical skills and overall engagement. Nevertheless, the undeniable potential of ChatGPT to enhance students' learning experiences and improve educational outcomes cannot be overlooked. As university students adopt to this technological advancement, exploring the implications of ChatGPT's domestication within the educational environment becomes imperative. In light of this, this talk offers insights into how technological innovations, such as ChatGPT, are domesticated by university students, with a specific focus on the commodification phase, the appropriation phase, and the conversion phase. Insights are provided on how students engage with and integrate ChatGPT into their educational activities, highlighting the opportunities, challenges, and outcomes associated with its domestication.

Bio

Professor Maureen Tanner is the Head of Department for Information Systems at the University of Cape Town, South Africa. Prof Tanner’s research agenda explores Software Development (SD) from various perspectives. Similar to a “value-chain”, the perspectives help to understand the software development discipline better and are linked with each other. The various perspectives focus on software engineering issues, team collaboration and management, Software Development context, end-user perspectives, the impact of software solutions on people and society, as well as how to disseminate Software Development-related knowledge. Her research contributions are highly relevant to both practitioners and academia. Through in-depth case studies, she has acquired knowledge of the latest software development techniques that practitioners employ and strive to inculcate this knowledge to postgraduate students. These essential components of her Software Development research “value-chain”, contribute to the ultimate aim of delivering quality software that makes a valuable impact on people, business and society.