SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies. Within a network of more than 70 companies, 15 Austrian and international universities and research institutions, and many additional international research partners we jointly work on research challenges ranging from organizational to technical security to strengthen Europe’s Cybersecurity capabilities.
ISIS @ TU Wien IAIK @ TU Graz DKE @ Uni Wien NM @ WU Wien FH St. Pölten AIT


IEEE International Conference on Systems

We are attending the IEEE International Conference on Systems and present our latest research results regarding pseudonymization. We received the best paper award for the paper “Technologies for the Pseudonymization of Medical Data: A Legal Evaluation”.

Secure 2.0 – FIT-IT Award

We took the second place with the project Secure 2.0 (FIT-IT) in this year’s FIT-IT awards.

Guest Lecture – Ludwig Fuchs

Ludwig Fuchs ( gave an excellent talk on combining role mining and role engineering.

Guest Lecture – Stefan Sackmann

Stefan Sackmann gave a talk on risk management. We will start a collaboration with his group. Stefan Fenz will manage the joint research efforts.

Secure 2.0

Today, the FIT-IT project Secure 2.0 – Securing the Information Sharing on Web 2.0 has been officially launched at Secure Business Austria.

12th International Conference on Business Information Systems

Our paper “Ontological mapping of information security best-practice guidelines” has been accepted at the 12th International Conference on Business Information Systems.

4th ETSI Security Workshop

We are attending the 4th ETSI Security Workshop and present our latest information security risk management research results.

Guest Lecture – Robert Willison

15th of January 2009 10:00 at Secure Business Austria: “Understanding the perpetration of employee computer crime in the organizational context”

16th of January 2009 15:00 at Secure Business Austria: “Motivations for employee computer crime in the organizational context”

IEEE HICSS-42 Conference

We are attending the HICSS-42 conference and present our latest information security risk management research results.

ACM Symposium on Information, Computer and Communications Security

Our paper “Formalizing Information Security Knowledge” has been accepted at the ACM Symposium on Information, Computer and Communications Security 2009 (Project Details).

IEEE Sixth International Conference on Information Technology: New Generations

Our paper “Automated Risk and Utility Management” has been accepted at the IEEE International Conference on Information Technology: New Generations 2009.

FIT-IT Pathfinder Review

The FIT-IT Pathfinder project review is scheduled for the 21st of January 2009.

PIPE 2.0

The PIPE project has been extended to the next level. See the PIPE project description for further details.

Secure Business Austria / Security Research am CIO Kongress des LSZ

At the LSZ CIO Congress 2008, SBA Managing Director Markus Klemen will organize the area “Security / Risk” and will moderate the workshop “Change in IT-Security – A lookout”. Managing Partner Andreas Tomek will represent Security Research at the event.

Submission Deadline Oct 15 – ARES Conference

SBA organizes the ARES Conference ( This year’s conference will be held in Japan. In 2010 the conference will move back to Europe, where Vienna is the planned venue.

ARES aims at a full and detailed discussion of the research issues of dependability as an integrative concept that covers amongst others availability, safety, confidentiality, integrity, maintainability and security in the different fields of applications.

ARES will emphasize the interplay between foundations and practical issues of dependability in emerging areas such as e-government, m-government, location-based applications, ubiquitous computing, autonomous computing, chances of grid computing etc.

STRAW – Security Technology Active Watch

In October 2008, Edgar Weippl joined the STRAW project as an external expert.

STRAW stands for ‘Security Technology Active Watch‘. STRAW is a support action under the Security Research theme that aims at providing a European Service of Technology Watch on Security Technologies.

The consortium:

  • Atos Origin SAE
  • AeroSpace and Defence Industries Association
  • Thales Services S.AS € Stiftelsen SINTEF
  • Fraunhofer FHG
  • Instituto Nacional de Técnica Aeroespacia
  • Elsag Datamat S.p.A
  • Asociación de Empresas de Electrónica, Tecnologías de la Información y Telecomunicaciones de España (AETIC)
  • Fondazione Rosselli
  • European Organisation for Security (EOS)

The concept of STRAW is to bring together the defence and security research industry by a neutral coordination to ensure the awareness of underpinning technologies that make possible the implementation of civil security applica tions.

The target of STRAW is to stimulate the cooperation of providers and users f or civil security applications.


8.10.08: At the “Impulse08” events of the Austrian Computer Society (OCG) in Vienna, Graz and Salzburg, GM Markus Klemen talks about the challenges to IT-Security due to company employees.

SBA@Bundesamt für Landesverteidigung

01./02.10.08: General Manager Markus Klemen presents new developments in the area of data theft at two events for executives, which were organized by the Abwehramt, the defense intelligence unit of the Austrian Ministry of Defense.

SBA@Medienmesse 08

At the Vienna media exhibition ( Edgar Weippl presents current projects of the research centre in cooperation with ZIT (Zentrum für Innovation und Technologie – Center for Innovation and Technology:

Computer Forensics work on securing and analyzing digital data in order to reconstruct cancelled information, track changes or manipulations and to prove chronological coherences. Every use of digital data leaves traces that are difficult to erase, which endangers the confidentiality of information or renders falsified information identifiable.

Academic Community Launch 2008

SBA supports microsoft’s student partners organizing this years academic community launch.
This event aims at informing students about the newest technologies regarding .NET.


SBA @ Die Zeit

General Manager of SBA Markus Klemen about secure ways to browse the internet.
Download »

SBA @ Economy

econoomy_28_sba_2.jpgGeneral Manager of SBA Markus Klemen provides details about the current situation of computer security and the OCG Securitycertificate. Download »

PIPE @ Economy

Dr. Thomas Mück, stvtr. Generaldirektor der Sozialversicherungsanstalt der gewerblichen Wirtschaft, im Interview über ELGA (elektronische Gesundheitsakte) und Dr. Edgar Weippl, wissenschaftlicher Leiter von SBA, über die neu entwickelte Pseudonymisierungsarchitektur PIPE: zum Artikel »

Prof. Lopez-Muñoz – PhD seminar – Malaga

dsc04027_thumb.jpgdsc04025_thumb.jpgThe joint PhD seminar of Prof. Lopez-Muñoz’ research Lab and Secure Business Austria was a great success. A new research cooperation in the area of “Security for Critical Information Infrastructure” and in improvements in malware detections may follow.


Christopher Krügel said that Trojans used by law enforcement need to be installed on the specific computer of the suspect. It is therefore necessary to rely on vulnerabilities of the system which may be difficult to find…