Mark Strembeck

E-Mail
Phone: +43 (1) 31336 4983
Fax: +43 (1) 31336 74

Bio

Mark received two diploma degrees in Information Systems (Dipl.-Wirt.Inform.) from the University of Essen (Germany) in 1998 and 1999 respectively, and a doctoral degree in Information Systems (Dr.rer.soc.oec.) from the Vienna University of Economics and Business (Austria) in 2003. In 2008, Mark received his Habilitation degree (venia docendi). He participated in national and international research projects and worked as a software developer in several German software companies. From February 2000 to February 2001 he was a researcher at the Department of Mathematics and Computer Science at the University of Essen. In April 2001 he joined the New Media Lab at the Institute for Information Systems of the Vienna University of Economics and Business. Currently, Mark is an Associate Professor (tenured) at the New Media Lab and the Vice Institute Head of the Institute for Information Systems.

For more information please see http://wwwi.wu-wien.ac.at/home/mark/index.htm.

Publications

Mark Strembeck and Jan Mendling, "Generic Algorithms for Consistency Checking of Mutual-Exclusion and Binding Constraints in a Business Process Context," in 18th International Conference on Cooperative Information Systems (CoopIS), 2010. BibTeX

@INPROCEEDINGS{Strembeck_Generic_Algorithms_for_Consist_2010, Author = {Mark Strembeck and Jan Mendling}, sbahotlist = {true}, title = {Generic Algorithms for Consistency Checking of Mutual-Exclusion and Binding Constraints in a Business Process Context}, booktitle = {18th International Conference on Cooperative Information Systems (CoopIS)}, year = {2010}, month = {10}, volume = {6426}, publisher = {Springer Verlag}, }
Steffen Kunz and Sergei Evdokimov and Benjamin Fabian and Bernd Stieger and Mark Strembeck, "Role-Based Access Control for Information Federations in the Industrial Service Sector," in 18th European Conference on Information Systems (ECIS), 2010. BibTeX

@INPROCEEDINGS{Kunz_Role_Based_Access_Control_for__2010, Author = {Steffen Kunz and Sergei Evdokimov and Benjamin Fabian and Bernd Stieger and Mark Strembeck}, sbahotlist = {true}, title = {Role-Based Access Control for Information Federations in the Industrial Service Sector}, booktitle = {18th European Conference on Information Systems (ECIS)}, year = {2010}, month = {6}, abstract = {Information federations promise an enhanced collaboration between individual stakeholders in the life cycle of commercial products, including software and hardware products from arbitrary business sectors. However, information sharing across corporate borders must be controlled by tailored mechanisms for enforcing individual business confidentiality and integrity requirements. One influential current security paradigm to achieve this goal is the application of Role-Based Access Control (RBAC). Based on ongoing work in the Aletheia project on service-oriented information federation, we present a case study on applying RBAC for information sharing among multiple stakeholders in the industrial service sector. We place a special emphasis on the methodical, tool-supported elicitation and definition of RBAC policies in this environment. In addition, we use the eXtensible Access Control Markup Language (XACML) to transfer RBAC policies between the different nodes in information federations. Further, we present a corresponding security architecture in which those XACML policies are applied for authorization decision and enforcement. The case study was conducted in cooperation with ABB, a large company providing}, }

View all publications

Sigrid Schefer and Mark Strembeck and Jan Mendling, "Checking Satisfiability Aspects of Binding Constraints in a Business Process Context," in Proc. of the Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Computer Science (LNCS), 2011. BibTeX

@INPROCEEDINGS{_Checking_Satisfiability_Aspect_2011, Author = {Sigrid Schefer and Mark Strembeck and Jan Mendling}, title = {Checking Satisfiability Aspects of Binding Constraints in a Business Process Context}, booktitle = {Proc. of the Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Computer Science (LNCS)}, year = {2011}, month = {8}, volume = {XX}, publisher = {Springer}, }
Waldemar Hummer and Patrick Gaubatz and Mark Strembeck and Uwe Zdun and Schahram Dustdar, ": An Integrated Approach for Identity and Access Management in a SOA Context," in Proc. of the 16th ACM Symposium on Access Control Models and Technologies (SACMAT), 2011. BibTeX | PDF

@INPROCEEDINGS{_An_Integrated_Approach_for_Ide_2011, Author = {Waldemar Hummer and Patrick Gaubatz and Mark Strembeck and Uwe Zdun and Schahram Dustdar}, title = {: An Integrated Approach for Identity and Access Management in a SOA Context}, booktitle = {Proc. of the 16th ACM Symposium on Access Control Models and Technologies (SACMAT)}, year = {2011}, month = {6}, pdf = {sacmat11-iam.pdf}, }
Sigrid Schefer and Mark Strembeck, "Modeling Process-Related Duties with Extended UML Activity and Interaction Diagrams," in International Workshop on Flexible Workflows in Distributed Systems (WowKiVS), 2011. BibTeX | PDF

@INPROCEEDINGS{Schefer_Modeling_Process_Related_Dutie_2011, Author = {Sigrid Schefer and Mark Strembeck}, title = {Modeling Process-Related Duties with Extended UML Activity and Interaction Diagrams}, booktitle = {International Workshop on Flexible Workflows in Distributed Systems (WowKiVS)}, year = {2011}, month = {3}, abstract = {Business processes are an important source for the engineering of customized software systems. In this context, the definition, monitoring, and enforcement of the duties associated with different tasks in a business process is one important factor to ensure compliance of an IT system with certain laws and regulations. In this paper, we present a UML2 extension for an integrated modeling of business processes and process-related duties. In particular, our extension allows for the modeling of duties and associated tasks in business process models.}, pdf = {wowkivs11-extended.pdf}, volume = {37}, }
Mark Strembeck and Jan Mendling, "Modeling Process-related RBAC Models with Extended UML Activity Models," Information and Software Technology, vol. 37, 2011. BibTeX | PDF

@ARTICLE{Strembeck_Modeling_Process_related_RBAC__2011, Author = {Mark Strembeck and Jan Mendling}, title = {Modeling Process-related RBAC Models with Extended UML Activity Models}, journal = {Information and Software Technology}, year = {2011}, month = {5}, abstract = {Business processes are an important source for the engineering of customized software systems and are constantly gaining attention in the area of software engineering as well as in the area of information and system security. While the need to integrate processes and role-based access control (RBAC) models has been repeatedly identified in research and practice, standard process modeling languages do not provide corresponding language elements.}, pdf = {ist-v53n5-may11.pdf}, volume = {37}, }
Mark Strembeck, "Testing Policy-based Systems with Scenarios," in 10th Conference on Software Engineering (SE 2011), 2011. BibTeX | PDF

@INPROCEEDINGS{Strembeck_Testing_Policy_based_Systems_w_2011, Author = {Mark Strembeck}, title = {Testing Policy-based Systems with Scenarios}, booktitle = {10th Conference on Software Engineering (SE 2011)}, year = {2011}, month = {2}, pdf = {se2011-extended.pdf}, }
Anne Baumgrass and Thomas Baier and Jan Mendling and Mark Strembeck, "Conformance Checking of RBAC Policies in Process-Aware Information," in Proc. of the Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Computer Science (LNCS), 2011. BibTeX

@INPROCEEDINGS{_Conformance_Checking_of_RBAC_P_2011, Author = {Anne Baumgrass and Thomas Baier and Jan Mendling and Mark Strembeck}, title = {Conformance Checking of RBAC Policies in Process-Aware Information }, booktitle = {Proc. of the Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Computer Science (LNCS)}, year = {2011}, month = {8}, volume = {XX}, publisher = {Springer}, }
Sigrid Schefer and Mark Strembeck, "Modeling Support for Delegating Roles, Tasks, and Duties in a Process-Related RBAC Context," in Proc. of the International Workshop on Information Systems Security Engineering (WISSE), 2011. BibTeX | PDF

@INPROCEEDINGS{_Modeling_Support_for_Delegatin_2011, Author = {Sigrid Schefer and Mark Strembeck}, title = {Modeling Support for Delegating Roles, Tasks, and Duties in a Process-Related RBAC Context}, booktitle = {Proc. of the International Workshop on Information Systems Security Engineering (WISSE)}, year = {2011}, month = {6}, pdf = {wisse11.pdf}, }
Bernhard Hoisl and Mark Strembeck, "Modeling Support for Confidentiality and Integrity of Object Flows in Activity Models," in Proc. of the 14th International Conference on Business Information Systems (BIS), Lecture Notes in Business Information Processing (LNBIP), 2011. BibTeX | PDF

@INPROCEEDINGS{_Modeling_Support_for_Confident_2011, Author = {Bernhard Hoisl and Mark Strembeck}, title = {Modeling Support for Confidentiality and Integrity of Object Flows in Activity Models}, booktitle = {Proc. of the 14th International Conference on Business Information Systems (BIS), Lecture Notes in Business Information Processing (LNBIP)}, year = {2011}, month = {6}, pdf = {bis11-extended.pdf}, volume = {87}, publisher = {Springer}, }
Anne Baumgrass and Mark Strembeck and Stefanie Rinderle Ma, "Deriving Role Engineering Artifacts from Business Processes and Scenario Models," in Proc. of the 16th ACM Symposium on Access Control Models and Technologies (SACMAT), 2011. BibTeX | PDF

@INPROCEEDINGS{_Deriving_Role_Engineering_Arti_2011, Author = {Anne Baumgrass and Mark Strembeck and Stefanie Rinderle Ma}, title = {Deriving Role Engineering Artifacts from Business Processes and Scenario Models}, booktitle = {Proc. of the 16th ACM Symposium on Access Control Models and Technologies (SACMAT)}, year = {2011}, month = {6}, pdf = {sacmat11-re-extended.pdf}, }
Mark Strembeck, "Scenario-Driven Role Engineering," IEEE Security and Privacy, vol. 8, iss. 1, 2010. BibTeX

@ARTICLE{Strembeck_Scenario_Driven_Role_Engineeri_2010, Author = {Mark Strembeck}, title = {Scenario-Driven Role Engineering}, journal = {IEEE Security and Privacy}, year = {2010}, month = {2}, volume = {8}, number = {1}, }
Steffen Kunz and Sergei Evdokimov and Benjamin Fabian and Bernd Stieger and Mark Strembeck, "Role-Based Access Control for Information Federations in the Industrial Service Sector," in 18th European Conference on Information Systems (ECIS), 2010. BibTeX

@INPROCEEDINGS{Kunz_Role_Based_Access_Control_for__2010, Author = {Steffen Kunz and Sergei Evdokimov and Benjamin Fabian and Bernd Stieger and Mark Strembeck}, sbahotlist = {true}, title = {Role-Based Access Control for Information Federations in the Industrial Service Sector}, booktitle = {18th European Conference on Information Systems (ECIS)}, year = {2010}, month = {6}, abstract = {Information federations promise an enhanced collaboration between individual stakeholders in the life cycle of commercial products, including software and hardware products from arbitrary business sectors. However, information sharing across corporate borders must be controlled by tailored mechanisms for enforcing individual business confidentiality and integrity requirements. One influential current security paradigm to achieve this goal is the application of Role-Based Access Control (RBAC). Based on ongoing work in the Aletheia project on service-oriented information federation, we present a case study on applying RBAC for information sharing among multiple stakeholders in the industrial service sector. We place a special emphasis on the methodical, tool-supported elicitation and definition of RBAC policies in this environment. In addition, we use the eXtensible Access Control Markup Language (XACML) to transfer RBAC policies between the different nodes in information federations. Further, we present a corresponding security architecture in which those XACML policies are applied for authorization decision and enforcement. The case study was conducted in cooperation with ABB, a large company providing}, }
Kathrin Figl and Jan Mendling and Mark Strembeck and Jan Recker, "On the Cognitive Effectiveness of Routing Symbols in Process Modeling Languages," in 13th International Conference on Business Information Systems (BIS), 2010. BibTeX

@INPROCEEDINGS{Figl_On_the_Cognitive_Effectiveness_2010, Author = {Kathrin Figl and Jan Mendling and Mark Strembeck and Jan Recker}, title = {On the Cognitive Effectiveness of Routing Symbols in Process Modeling Languages}, booktitle = {13th International Conference on Business Information Systems (BIS)}, year = {2010}, month = {5}, }
Mark Strembeck and Jan Mendling, "Generic Algorithms for Consistency Checking of Mutual-Exclusion and Binding Constraints in a Business Process Context," in 18th International Conference on Cooperative Information Systems (CoopIS), 2010. BibTeX

@INPROCEEDINGS{Strembeck_Generic_Algorithms_for_Consist_2010, Author = {Mark Strembeck and Jan Mendling}, sbahotlist = {true}, title = {Generic Algorithms for Consistency Checking of Mutual-Exclusion and Binding Constraints in a Business Process Context}, booktitle = {18th International Conference on Cooperative Information Systems (CoopIS)}, year = {2010}, month = {10}, volume = {6426}, publisher = {Springer Verlag}, }
Mark Strembeck and Jan Mendling and Kathrin Figl, "Towards a Usability Assessment of Process Modeling Languages," in 8. GI-Workshop EPK: Geschäftsprozessmanagement mit Ereignisgesteuerten Prozessketten, 2009. BibTeX

@INPROCEEDINGS{Figl_Towards_a_Usability_Assessment_2009, Author = {Mark Strembeck and Jan Mendling and Kathrin Figl}, title = {Towards a Usability Assessment of Process Modeling Languages}, booktitle = {8. GI-Workshop EPK: Geschäftsprozessmanagement mit Ereignisgesteuerten Prozessketten}, year = {2009}, month = {10}, }
Mark Strembeck and Uwe Zdun, "Reusable Architectural Decisions for DSL Design: Foundational Decisions in DSL Development," in 14th European Conference on Pattern Languages of Programs (EuroPLoP), 2009. BibTeX

@INPROCEEDINGS{Zdun_Reusable_Architectural_Decisio_2009, Author = {Mark Strembeck and Uwe Zdun}, title = {Reusable Architectural Decisions for DSL Design: Foundational Decisions in DSL Development}, booktitle = {14th European Conference on Pattern Languages of Programs (EuroPLoP)}, year = {2009}, month = {7}, }
Mark Strembeck and Uwe Zdun, "An Approach for the Systematic Development of Domain-Specific Languages," Software: Practice and Experience (SP&E), vol. 39, iss. 15, 2009. BibTeX

@ARTICLE{Strembeck_An_Approach_for_the_Systematic_2009, Author = {Mark Strembeck and Uwe Zdun}, title = {An Approach for the Systematic Development of Domain-Specific Languages}, journal = {Software: Practice and Experience (SP&E)}, year = {2009}, month = {10}, volume = {39}, number = {15}, }
Mark Strembeck and Jan Mendling, "Influence Factors of Understanding Business Process Models," in 11th International Conference on Business Information Systems (BIS), 2008. BibTeX

@INPROCEEDINGS{Mendling_Influence_Factors_of_Understan_2008, Author = {Mark Strembeck and Jan Mendling}, title = {Influence Factors of Understanding Business Process Models}, booktitle = {11th International Conference on Business Information Systems (BIS)}, year = {2008}, month = {5}, }
Mark Strembeck and Bernd Simon and Kasra Seirafi and Gustaf Neumann and Asmund Realfsen, "Evaluate – An Innovative Service for Learning Performance Monitoring in Businesses," in Workshop on E-Learning for Business Needs, 2008. BibTeX

@INPROCEEDINGS{Simon_Evaluate_An_Innovative_Service_2008, Author = {Mark Strembeck and Bernd Simon and Kasra Seirafi and Gustaf Neumann and Asmund Realfsen}, title = {Evaluate - An Innovative Service for Learning Performance Monitoring in Businesses}, booktitle = {Workshop on E-Learning for Business Needs}, year = {2008}, month = {5}, }
Mark Strembeck and Jan Mendling and Karsten Ploesser, "Specifying Separation of Duty Constraints in BPEL4People Processes," in 11th International Conference on Business Information Systems (BIS), 2008. BibTeX

@INPROCEEDINGS{Mendling_Specifying_Separation_of_Duty__2008, Author = {Mark Strembeck and Jan Mendling and Karsten Ploesser}, title = {Specifying Separation of Duty Constraints in BPEL4People Processes}, booktitle = {11th International Conference on Business Information Systems (BIS)}, year = {2008}, month = {5}, }
Mark Strembeck and Uwe Zdun, "Modeling Interdependent Concern Behavior Using Extended Activity Models," Journal of Object Technology (JOT), vol. 7, iss. 6, 2008. BibTeX

@ARTICLE{Zdun_Modeling_Interdependent_Concer_2008, Author = {Mark Strembeck and Uwe Zdun}, title = {Modeling Interdependent Concern Behavior Using Extended Activity Models}, journal = {Journal of Object Technology (JOT)}, year = {2008}, month = {7}, volume = {7}, number = {6}, }
Mark Strembeck and Gustaf Neumann and Gerald Stermsek, "A User Profile Derivation Approach based on Log-File Analysis," in International Conference on Information and Knowledge Engineering (IKE), 2007. BibTeX

@INPROCEEDINGS{Stermsek_A_User_Profile_Derivation_Appr_2007, Author = {Mark Strembeck and Gustaf Neumann and Gerald Stermsek}, title = {A User Profile Derivation Approach based on Log-File Analysis}, booktitle = {International Conference on Information and Knowledge Engineering (IKE)}, year = {2007}, month = {6}, }
Mark Strembeck and Uwe Zdun and Gustaf Neumann, "Object-based and class-based composition of transitive mixins," Information and Software Technology, vol. 49, iss. 8, 2007. BibTeX

@ARTICLE{Zdun_Object_based_and_class_based_c_2007, Author = {Mark Strembeck and Uwe Zdun and Gustaf Neumann}, title = {Object-based and class-based composition of transitive mixins}, journal = {Information and Software Technology}, year = {2007}, month = {8}, volume = {49}, number = {8}, }
Mark Strembeck and Otto Plhal, "VIDIHIP – A Web Service based Integration Platform for Power Plant Control Systems," in IEEE International Conference on Service-Oriented Computing and Applications (SOCA), 2007. BibTeX

@INPROCEEDINGS{Strembeck_VIDIHIP_A_Web_Service_based_In_2007, Author = {Mark Strembeck and Otto Plhal}, title = {VIDIHIP - A Web Service based Integration Platform for Power Plant Control Systems}, booktitle = {IEEE International Conference on Service-Oriented Computing and Applications (SOCA)}, year = {2007}, month = {6}, abstract = {European energy supply companies typically run a conglomerate of different, geographically distributed power plants. Unfortunately, the corresponding power plant control systems are based on proprietary technology and an integration of these control systems is a very complex task. We thus conducted a project to build an integration platform for power plant control systems that is based on open standards and technologies. In this paper, we describe the Vienna District Heating Integration Platform (VIDIHIP). VIDIHIP is based on Web Service technology and allows for the integration of arbitrary (heterogenous) power plant control systems. It provides a consistent interface to access different decentralized control systems and each standard Web browser can be used as a control front-end for VIDIHIP.}, }
Mark Strembeck and Gustaf Neumann and Gerald Stermsek, "User Profile Refinement Using Explicit User Interest Modeling," in 37. Jahrestagung der Gesellschaft für Informatik (GI), 2007. BibTeX

@INPROCEEDINGS{Stermsek_User_Profile_Refinement_Using__2007, Author = {Mark Strembeck and Gustaf Neumann and Gerald Stermsek}, title = {User Profile Refinement Using Explicit User Interest Modeling}, booktitle = {37. Jahrestagung der Gesellschaft für Informatik (GI)}, year = {2007}, month = {9}, abstract = {In this paper, we present an approach to refine user profiles that were derived from Web server logs in an automated procedure. In most application scenarios, such automatically derived profiles can only deliver a preliminary result and require human interaction for further refinement. We describe the individual steps to enhance and refine derived user profiles which can be used for personalization purposes (e.g. information filtering). In particular, the user can choose to refine the profile manually or use supporting techniques, such as ontologies, that assist him in the refinement process. In addition to information included in automatically derived profiles, the user thus explicitly provides information to refine his profile.}, }
Mark Strembeck and Uwe Zdun, "Modeling Composition in Dynamic Programming Environments with Model Transformations," in 5th International Symposium on Software Composition (SC),, 2006. BibTeX

@INPROCEEDINGS{Zdun_Modeling_Composition_in_Dynami_2006, Author = {Mark Strembeck and Uwe Zdun}, title = {Modeling Composition in Dynamic Programming Environments with Model Transformations}, booktitle = {5th International Symposium on Software Composition (SC), }, year = {2006}, month = {3}, }