Stefan Fenz

is key researcher at SBA Research and the TU Wien.

  • E-Mail
  • Phone: +43 (1) 505 36 88
  • Fax: +43 (1) 505 88 88

Research Interest

His primary research is on information security, with a secondary interest in risk/compliance management and semantic technologies.

Bio

Stefan received a master’s degree in Software Engineering & Internet Computing from the TU Wien, a master’s degree in Political Science from University of Vienna, a master’s degree in Business Informatics from the TU Wien, and a Ph.D. in Computer Science from the TU Wien. In 2008 and 2009, Stefan worked as an information security lecturer at Konkuk University and University of Applied Sciences Technikum Vienna. In 2010, Stefan worked as a visiting scholar at Stanford Center for Biomedical Informatics Research at Stanford University. From 2012 to 2015, Stefan was an appointed member of the European Network and Information Security Agency’s (ENISA) Permanent Stakeholder Group. He is a member of the IFIP WG 11.1 – Information Security Management, the IEEE Systems, Man, and Cybernetics Society and ISC².

Top Publications:

  • Security aspects in Semantic Web Services Filtering (2007)
    • INPROCEEDINGS--
    • Witold Abramowicz and Andreas Ekelhart and Stefan Fenz and Monika Kaczmarek and A Min Tjoa and Edgar R. Weippl and Dominik Zyskowski
    • Proceedings of the 9th International Conference on Information Integration and Web-based Applications and Services (iiWAS2007)
    @INPROCEEDINGS{Abramowicz_Securityaspectsin_2007,
       author = {Witold Abramowicz and Andreas Ekelhart and Stefan Fenz and Monika Kaczmarek and {A Min} Tjoa and {Edgar R.} Weippl and Dominik Zyskowski},
       title = {Security aspects in Semantic Web Services Filtering},
       booktitle = {Proceedings of the 9th International Conference on Information Integration and Web-based Applications and Services (iiWAS2007)},
       year = {2007},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2007 - Abramowicz - Security Aspects in Semantic Web Services Filtering.pdf},
       volume = {229},
       pages = {21--31},
       publisher = {Austrian Computer Society},
    }
  • A Structured Comparison of Security Standard (2014)
    • INPROCEEDINGS-true
    • Kristian Beckers and Isabelle Cote and Stefan Fenz and Denis Hatebur and Maritta Heisel
    • Advances in Engineering Secure Future Internet Services and Systems
    @INPROCEEDINGS{Beckers2014Structured,
       author = {Kristian Beckers and Isabelle Cote and Stefan Fenz and Denis Hatebur and Maritta Heisel},
       authorhotlist = {true},
       title = {A Structured Comparison of Security Standard},
       booktitle = {Advances in Engineering Secure Future Internet Services and Systems},
       year = {2014},
       month = {0},
    }
  • How to assess confidentiality requirements of corporate assets? (2014)
    • INPROCEEDINGS-true
    • Gabriela Varona Cervantes and Stefan Fenz
    • 29th IFIP TC 11 International Conference (IFIP SEC 2014)
    @INPROCEEDINGS{Cervantes2014assess,
       author = {{Gabriela Varona} Cervantes and Stefan Fenz},
       authorhotlist = {true},
       title = {How to assess confidentiality requirements of corporate assets?},
       booktitle = {29th IFIP TC 11 International Conference (IFIP SEC 2014)},
       year = {2014},
       month = {6},
    }
  • Ontologiebasiertes IT Risikomanagement (2009)
    • INPROCEEDINGS--
    • Andreas Ekelhart and Stefan Fenz and Thomas Neubauer
    • D.A.CH Security 2009
    @INPROCEEDINGS{Ekelhart2009Ontologiebasiertes,
       author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer},
       title = {Ontologiebasiertes IT Risikomanagement},
       booktitle = {D.A.CH Security 2009},
       year = {2009},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2009 - Ekelhart - Ontologiebasiertes IT Risikomanagement.pdf},
       pages = {14--24},
       publisher = {Syssec},
    }
  • Architectural approach for handling semi-structured data in a user-centered working environment (2007)
    • ARTICLE--
    • Andreas Ekelhart and Stefan Fenz and Gernot Goluch and Markus Klemen and Edgar R. Weippl
    • International Journal of Web Information Systems
    @ARTICLE{Ekelhart_Architecturalapproachhandling_2007,
       author = {Andreas Ekelhart and Stefan Fenz and Gernot Goluch and Markus Klemen and {Edgar R.} Weippl},
       title = {Architectural approach for handling semi-structured data in a user-centered working environment},
       journal = {International Journal of Web Information Systems},
       year = {2007},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2007 - Ekelhart - Architectural Approach for Handling Semi-Structured Data in a User-Centered Working Environment.pdf},
       volume = {3},
       pages = {198--211},
    }
  • AURUM: A Framework for Supporting Information Security Risk Management (2009)
    • INPROCEEDINGS-true
    • Andreas Ekelhart and Stefan Fenz and Thomas Neubauer
    • Proceedings of the 42nd Hawaii International Conference on System Sciences, HICSS2009
    @INPROCEEDINGS{Ekelhart_AURUMFrameworkSupporting_2009,
       author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer},
       authorhotlist = {true},
       title = {AURUM: A Framework for Supporting Information Security Risk Management},
       booktitle = {Proceedings of the 42nd Hawaii International Conference on System Sciences,
       HICSS2009},
       year = {2009},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2009 - Ekelhart - AURUM A Framework for Information Security Risk Management.pdf},
       pages = {1--10},
       publisher = {IEEE Computer Society},
    }
  • Automated Risk and Utility Management (2009)
    • INPROCEEDINGS--
    • Andreas Ekelhart and Thomas Neubauer and Stefan Fenz
    • 2009 Sixth International Conference on Information Technology: New Generations
    @INPROCEEDINGS{Ekelhart_AutomatedRiskand_2009,
       author = {Andreas Ekelhart and Thomas Neubauer and Stefan Fenz},
       title = {Automated Risk and Utility Management},
       booktitle = {2009 Sixth International Conference on Information Technology: New Generations},
       year = {2009},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2009 - Ekelhart - Automated Risk and Utility Management.pdf},
       pages = {393-398},
       publisher = {IEEE Computer Society},
    }
  • Formal threat descriptions for enhancing governmental risk assessment (2007)
    • INPROCEEDINGS--
    • Andreas Ekelhart and Stefan Fenz and Thomas Neubauer and Edgar R. Weippl
    • Proceedings of the First International Conference on Theory and Practice of Electronic Governance
    @INPROCEEDINGS{Ekelhart_Formalthreatdescriptions_2007,
       author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer and {Edgar R.} Weippl},
       title = {Formal threat descriptions for enhancing governmental risk assessment},
       booktitle = {Proceedings of the First International Conference on Theory and Practice of Electronic Governance},
       year = {2007},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2007 Ekelhart - Formal Threat Descriptions for Enhancing Governmental Risk Assessment.pdf},
       volume = {232},
       pages = {40--43},
       publisher = {ACM},
       acm = {933612},
    }
  • Ontological Mapping of Common Criterias Security Assurance Requirements (2007)
    • INPROCEEDINGS--
    • Stefan Fenz and Edgar R. Weippl and Andreas Ekelhart and Gernot Goluch
    • New Approaches for Security, Privacy and Trust in Complex Environments, Proceedings of the IFIP TC 11 22nd International Information Security Conference, IFIPSEC2007, May 14-16
    @INPROCEEDINGS{Ekelhart_OntologicalMappingof_2007,
       author = {Stefan Fenz and {Edgar R.} Weippl and Andreas Ekelhart and Gernot Goluch},
       title = {Ontological Mapping of Common Criterias Security Assurance Requirements},
       booktitle = {New Approaches for Security,
       Privacy and Trust in Complex Environments,
       Proceedings of the IFIP TC 11 22nd International Information Security Conference,
       IFIPSEC2007,
       May 14-16},
       year = {2007},
       month = {5},
       abstract = {The Common Criteria (CC) for Information Technology Security Evaluation provides comprehensive guidelines for the evaluation and certification of IT security regarding data security and data privacy. Due to the very complex and time-consuming certification process a lot of companies abstain from a CC certification. We created the CC Ontology tool,
       which is based on an ontological representation of the CC catalog,
       to support the evaluator at the certification process. Tasks such as the planning of an evaluation process,
       the review of relevant documents or the creating of reports are supported by the CC Ontology tool. With the development of this tool we reduce the time and costs needed to complete a certification.},
       volume = {232_2007},
       pages = {85-95},
       publisher = {International Federation for Information Processing ,
      },
       note = {978-0-387-72366-2},
    }
    The Common Criteria (CC) for Information Technology Security Evaluation provides comprehensive guidelines for the evaluation and certification of IT security regarding data security and data privacy. Due to the very complex and time-consuming certification process a lot of companies abstain from a CC certification. We created the CC Ontology tool, which is based on an ontological representation of the CC catalog, to support the evaluator at the certification process. Tasks such as the planning of an evaluation process, the review of relevant documents or the creating of reports are supported by the CC Ontology tool. With the development of this tool we reduce the time and costs needed to complete a certification.
  • Ontologiebasiertes IT Risikomanagement (2009)
    • INPROCEEDINGS--
    • Stefan Fenz and Andreas Ekelhart and Thomas Neubauer
    • D.A.CH Security 2009
    @INPROCEEDINGS{Ekelhart_OntologiebasiertesITRisikomanagement_2009,
       author = {Stefan Fenz and Andreas Ekelhart and Thomas Neubauer},
       title = {Ontologiebasiertes IT Risikomanagement},
       booktitle = {D.A.CH Security 2009},
       year = {2009},
       month = {1},
       abstract = {Informationssicherheitsrisikomanagement (Information Security Risk Management,
       ISRM) stellt einen effizienten Zugang zur Bewertung,
       Verringerung und Evaluierung von Informationssicherheitsrisiken dar. Bereits bestehende ISRM-Ans{\"a}tze sind weitgehend akzeptiert,
       setzen jedoch sehr detailliertes Informationssicherheitswissen und genaue Kenntnisse des tats{\"a}chlichen Unternehmensumfeldes voraus. Die inad{\"a}quate Umsetzung von ISRM gef{\"a}hrdet die planm{\"a}{\ss}ige Umsetzung der Unternehmensstrategie und kann zu einer Minderung des Unternehmenswertes f{\"u}hren. Der vorliegende Beitrag pr{\"a}sentiert das AURUM Tool,
       welches die Schwachstellen bestehender Ans{\"a}tze adressiert und Entscheidungstr{\"a}ger bei der Auswahl eines effizienten IT-Sicherheitsportfolios unter Ber{\"u}cksichtigung organisationsspezifischer,
       technischer und wirtschaftlicher Anforderungen unterst{\"u}tzt.},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2009 - Ekelhart - Ontologiebasiertes IT Risikomanagement.pdf},
       pages = {14-24},
       publisher = {Syssec},
    }
    Informationssicherheitsrisikomanagement (Information Security Risk Management, ISRM) stellt einen effizienten Zugang zur Bewertung, Verringerung und Evaluierung von Informationssicherheitsrisiken dar. Bereits bestehende ISRM-Ans{\"a}tze sind weitgehend akzeptiert, setzen jedoch sehr detailliertes Informationssicherheitswissen und genaue Kenntnisse des tats{\"a}chlichen Unternehmensumfeldes voraus. Die inad{\"a}quate Umsetzung von ISRM gef{\"a}hrdet die planm{\"a}{\ss}ige Umsetzung der Unternehmensstrategie und kann zu einer Minderung des Unternehmenswertes f{\"u}hren. Der vorliegende Beitrag pr{\"a}sentiert das AURUM Tool, welches die Schwachstellen bestehender Ans{\"a}tze adressiert und Entscheidungstr{\"a}ger bei der Auswahl eines effizienten IT-Sicherheitsportfolios unter Ber{\"u}cksichtigung organisationsspezifischer, technischer und wirtschaftlicher Anforderungen unterst{\"u}tzt.
  • Ontology-based Business Knowledge for Simulating Threats to Corporate Assets (2006)
    • INPROCEEDINGS--
    • Andreas Ekelhart and Stefan Fenz and Markus Klemen and A Min Tjoa and Edgar R. Weippl
    • Practical Aspects of Knowledge Management, 6th International Conference, PAKM 2006
    @INPROCEEDINGS{Ekelhart_OntologybasedBusinessKnowledge_2006,
       author = {Andreas Ekelhart and Stefan Fenz and Markus Klemen and {A Min} Tjoa and {Edgar R.} Weippl},
       title = {Ontology-based Business Knowledge for Simulating Threats to Corporate Assets},
       booktitle = {Practical Aspects of Knowledge Management,
       6th International Conference,
       PAKM 2006},
       year = {2006},
       month = {12},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2006 - Ekelhart - Ontology-based Business Knowledge for Simulating Threats to Corporate Assets.pdf},
       volume = {4333_2006},
       pages = {37--48},
       publisher = {Springer Berlin Heidelberg},
    }
  • Ontology-based Decision Support for Information Security Risk Management (2009)
    • INPROCEEDINGS--
    • Andreas Ekelhart and Stefan Fenz and Thomas Neubauer
    • International Conference on Systems, 2009. ICONS 2009.
    @INPROCEEDINGS{Ekelhart_OntologybasedDecisionSupport_2009,
       author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer},
       title = {Ontology-based Decision Support for Information Security Risk Management},
       booktitle = {International Conference on Systems,
       2009. ICONS 2009.},
       year = {2009},
       month = {3},
       abstract = {As eBusiness and eCommerce applications are increasingly exposed to a variety of information security threats,
       corporate decision makers are increasingly forced to pay attention to security issues. Risk management provides an effective approach for measuring the security but existing risk management approaches come with major shortcomings such as the demand for very detailed knowledge about the IT security domain and the actual company environment. This paper presents the implementation of the AURUM methodology into a software solution which addresses the identified shortcomings of existing information security risk management software solutions. Thereby,
       the presented approach supports decision makers in risk assessment,
       risk mitigation,
       and safeguard evaluation.},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2009 - Ekelhart - Ontology-based Decision Support for Information Security Risk Management.pdf},
       pages = {80-85},
       publisher = {IEEE Computer Society},
    }
    As eBusiness and eCommerce applications are increasingly exposed to a variety of information security threats, corporate decision makers are increasingly forced to pay attention to security issues. Risk management provides an effective approach for measuring the security but existing risk management approaches come with major shortcomings such as the demand for very detailed knowledge about the IT security domain and the actual company environment. This paper presents the implementation of the AURUM methodology into a software solution which addresses the identified shortcomings of existing information security risk management software solutions. Thereby, the presented approach supports decision makers in risk assessment, risk mitigation, and safeguard evaluation.
  • Security Issues for the Use of Semantic Web in e-Commerce (2007)
    • INPROCEEDINGS--
    • Andreas Ekelhart and Stefan Fenz and A Min Tjoa and Edgar R. Weippl
    • Business Information Systems, 10th International Conference on Business Information Systems, BIS 2007
    @INPROCEEDINGS{Ekelhart_SecurityIssuesUse_2007,
       author = {Andreas Ekelhart and Stefan Fenz and {A Min} Tjoa and {Edgar R.} Weippl},
       title = {Security Issues for the Use of Semantic Web in e-Commerce},
       booktitle = {Business Information Systems,
       10th International Conference on Business Information Systems,
       BIS 2007},
       year = {2007},
       month = {4},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2007 - Ekelhart - Security Issues for the Use of Semantic Web in e-Commerce.pdf},
       pages = {1--13},
       publisher = {Springer Berlin Heidelberg},
    }
  • Security Ontologies: Improving Quantitative Risk Analysis (2007)
    • INPROCEEDINGS-true
    • Andreas Ekelhart and Stefan Fenz and Markus Klemen and Edgar R. Weippl
    • Proceedings of the 40th Hawaii International Conference on System Sciences, HICSS2007
    @INPROCEEDINGS{Ekelhart_SecurityOntologiesImproving_2007,
       author = {Andreas Ekelhart and Stefan Fenz and Markus Klemen and {Edgar R.} Weippl},
       authorhotlist = {true},
       title = {Security Ontologies: Improving Quantitative Risk Analysis},
       booktitle = {Proceedings of the 40th Hawaii International Conference on System Sciences,
       HICSS2007},
       year = {2007},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2007 - Ekelhart - Security Ontologies Improving Quantitative Risk Analysis.pdf},
       pages = {156--162},
       publisher = {IEEE Computer Society},
    }
  • Security Ontology: Simulating Threats to Corporate Assets (2006)
    • INPROCEEDINGS--
    • Andreas Ekelhart and Stefan Fenz and Markus Klemen and Edgar R. Weippl
    • Second International Conference on Information Systems Security (ICISS 2006)
    @INPROCEEDINGS{Ekelhart_SecurityOntologySimulating_2006,
       author = {Andreas Ekelhart and Stefan Fenz and Markus Klemen and {Edgar R.} Weippl},
       title = {Security Ontology: Simulating Threats to Corporate Assets},
       booktitle = {Second International Conference on Information Systems Security (ICISS 2006)},
       year = {2006},
       month = {12},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2006 - Ekelhart - Security Ontology Simulating Threats to Corporate Assets.pdf},
       volume = {4332_2006},
       pages = {249--259},
       publisher = {Springer Berlin Heidelberg},
    }
  • XML Security - A comparative literature review (2008)
    • ARTICLE-true
    • Stefan Fenz and Edgar R. Weippl and Andreas Ekelhart and Gernot Goluch and Markus Steinkellner
    • Journal of Systems and Software
    @ARTICLE{Ekelhart_XMLSecurity_2008,
       author = {Stefan Fenz and {Edgar R.} Weippl and Andreas Ekelhart and Gernot Goluch and Markus Steinkellner},
       authorhotlist = {true},
       title = {XML Security - A comparative literature review},
       journal = {Journal of Systems and Software},
       year = {2008},
       month = {1},
       volume = {81},
       pages = {1715-1724},
       note = {ISSN: 0164-1212},
    }
  • Challenges of Web-based Information Security Knowledge Sharing (2012)
    • INPROCEEDINGS--
    • Daniel Feledi and Stefan Fenz
    • Seventh International Conference on Availability, Reliability and Security (ARES)
    @INPROCEEDINGS{Feledi2012,
       author = {Daniel Feledi and Stefan Fenz},
       title = {Challenges of Web-based Information Security Knowledge Sharing},
       booktitle = {Seventh International Conference on Availability,
       Reliability and Security (ARES)},
       year = {2012},
       month = {8},
    }
  • Towards web-based information security knowledge sharing (2013)
    • ARTICLE--
    • Daniel Feledi and Stefan Fenz and Lukas Lechner
    • Information Security Technical Report
    @ARTICLE{Feledi_Towards_web_based_information__2013,
       author = {Daniel Feledi and Stefan Fenz and Lukas Lechner},
       title = {Towards web-based information security knowledge sharing},
       journal = {Information Security Technical Report},
       year = {2013},
       month = {5},
       volume = {17},
       number = {4},
       pages = {199-209},
    }
  • Ontology-based Generation of {IT}-Security Metrics (2010)
    • INPROCEEDINGS--
    • Stefan Fenz
    • Proceedings of the 2010 ACM Symposium on Applied Computing
    @INPROCEEDINGS{Fenz2010,
       author = {Stefan Fenz},
       title = {Ontology-based Generation of {IT}-Security Metrics},
       booktitle = {Proceedings of the 2010 ACM Symposium on Applied Computing},
       year = {2010},
       month = {1},
       pages = {1833-1839},
       publisher = {ACM},
    }
  • From the Resource to the Business Process Risk Level (2010)
    • INPROCEEDINGS-true
    • Stefan Fenz
    • Proceedings of the South African Information Security Multi-Conference (SAISMC'2010)
    @INPROCEEDINGS{fenz2010resource,
       author = {Stefan Fenz},
       authorhotlist = {true},
       title = {From the Resource to the Business Process Risk Level},
       booktitle = {Proceedings of the South African Information Security Multi-Conference (SAISMC'2010)},
       year = {2010},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/fenz2010resource.pdf},
       pages = {100--109},
    }
  • Information Security Risk Management: In which security solutions is it worth investing? (2011)
    • ARTICLE-true
    • Stefan Fenz and Andreas Ekelhart and Thomas Neubauer
    • Communications of the Association for Information Systems
    @ARTICLE{Fenz2011a,
       author = {Stefan Fenz and Andreas Ekelhart and Thomas Neubauer},
       authorhotlist = {true},
       title = {Information Security Risk Management: In which security solutions is it worth investing?},
       journal = {Communications of the Association for Information Systems},
       year = {2011},
       month = {5},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2011 - Fenz - Information Security Risk Management In Which Security Solutions Is It Worth Investing.pdf},
       volume = {28},
       pages = {329-356},
    }
  • A Community Knowledge Base for IT Security (2011)
    • ARTICLE--
    • Stefan Fenz and Simon Parkin and Aad van Moorsel
    • IT Professional
    @ARTICLE{Fenz2011b,
       author = {Stefan Fenz and Simon Parkin and Aad van Moorsel},
       title = {A Community Knowledge Base for IT Security},
       journal = {IT Professional},
       year = {2011},
       month = {5},
       abstract = {Does every organization need to reinvent the wheel when it comes to IT security? Not if the IT community can develop a formal knowledge base for sharing and applying IT security management knowledge.},
       volume = {13},
       number = {3},
       pages = {24-30},
    }
    Does every organization need to reinvent the wheel when it comes to IT security? Not if the IT community can develop a formal knowledge base for sharing and applying IT security management knowledge.
  • Electronic Business Interoperability: Concepts (2011)
    • INBOOK--
    • Stefan Fenz
    • IGI Global
    @INBOOK{Fenz2011c,
       author = {Stefan Fenz},
       title = {Electronic Business Interoperability: Concepts},
       booktitle = {Electronic Business Interoperability: Concepts,
       Opportunities and Challenges },
       year = {2011},
       month = {3},
       abstract = {For almost all private individuals and especially organizations information technology (IT) including hardware},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2011 - Fenz - E-Business and Information Security Risk Management.pdf},
       chapter = {E-Business and Information Security Risk Management: Challenges and Potential Solutions},
       pages = {596-614},
       publisher = {IGI Global},
       note = {ISBN: 978-1-60960-485-1},
    }
    For almost all private individuals and especially organizations information technology (IT) including hardware
  • Using Semantic Technologies for Energy-efficient Building Planning (2012)
    • INPROCEEDINGS--
    • Stefan Fenz and Thomas Neubauer and Amin Anjomshoaa and Ulrich Pont and Ardeshir Mahdavi and A Min Tjoa
    • 2012 IEEE Green Technologies Conference
    @INPROCEEDINGS{Fenz2012Using,
       author = {Stefan Fenz and Thomas Neubauer and Amin Anjomshoaa and Ulrich Pont and Ardeshir Mahdavi and {A Min} Tjoa},
       title = {Using Semantic Technologies for Energy-efficient Building Planning},
       booktitle = {2012 IEEE Green Technologies Conference},
       year = {2012},
       month = {4},
    }
  • FORISK: Formalizing Information Security Risk and Compliance Management (2013)
    • INPROCEEDINGS--
    • Stefan Fenz and Thomas Neubauer and Rafael Accorsi and Thomas Koslowski
    • International Conference on Dependable Systems and Networks (DSN 2013)
    @INPROCEEDINGS{Fenz2013FORISK,
       author = {Stefan Fenz and Thomas Neubauer and Rafael Accorsi and Thomas Koslowski},
       title = {FORISK: Formalizing Information Security Risk and Compliance Management},
       booktitle = {International Conference on Dependable Systems and Networks (DSN 2013)},
       year = {2013},
       month = {6},
    }
  • Cloud-Sicherheit. Leitfaden für Behörden und Klein- und Mittelbetriebe (2014)
    • INBOOK--
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa and Gerald Quirchmayr and Alexander Schatten and E. Neuhold and J. Goellner and C. Meurers and W. Hitz
    • -
    @INBOOK{Fenz2014CloudSicherheit,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa and Gerald Quirchmayr and Alexander Schatten and E. Neuhold and J. Goellner and C. Meurers and W. Hitz},
       title = {Cloud-Sicherheit. Leitfaden für Behörden und Klein- und Mittelbetriebe},
       booktitle = {Schriftenreihe der Landesverteidigungsakademie,
       Landesverteidigungsakademie},
       year = {2014},
       month = {0},
       pdf = {http://www.bundesheer.at/pdf_pool/publikationen/08_cs.pdf},
    }
  • Current challenges in information security risk management (2014)
    • ARTICLE-true
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer and Fabian Pechstein
    • Information Management and Computer Security
    @ARTICLE{Fenz2014Current,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer and Fabian Pechstein},
       authorhotlist = {true},
       title = {Current challenges in information security risk management},
       journal = {Information Management and Computer Security},
       year = {2014},
       month = {0},
       volume = {22},
       pages = {410--430},
    }
  • De-identification of unstructured paper-based health records for privacy-preserving secondary use (2014)
    • ARTICLE-true
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer and Antonio Rella
    • Journal of Medical Engineering and Technology
    @ARTICLE{Fenz2014Deidentification,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer and Antonio Rella},
       authorhotlist = {true},
       title = {De-identification of unstructured paper-based health records for privacy-preserving secondary use},
       journal = {Journal of Medical Engineering and Technology},
       year = {2014},
       month = {0},
       volume = {38},
       pages = {260--268},
    }
  • SEMERGY.net: automatically identifying and optimizing energy-efficient building designs (2014)
    • ARTICLE--
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa and Neda Ghiassi and Ulrich Pont and Ardeshir Mahdavi
    • Computer Science - Research and Development
    @ARTICLE{Fenz2014SEMERGYnet,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa and Neda Ghiassi and Ulrich Pont and Ardeshir Mahdavi},
       title = {SEMERGY.net: automatically identifying and optimizing energy-efficient building designs},
       journal = {Computer Science - Research and Development},
       year = {2014},
       month = {11},
    }
  • How to increase the inventory efficiency in information security risk and compliance management (2015)
    • INPROCEEDINGS-true
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer
    • European Conference on Information Systems (ECIS) 2015
    @INPROCEEDINGS{Fenz2015increase,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer},
       authorhotlist = {true},
       title = {How to increase the inventory efficiency in information security risk and compliance management},
       booktitle = {European Conference on Information Systems (ECIS) 2015},
       year = {2015},
       month = {5},
    }
  • Mapping Information Security Standard ISO 27002 to an Ontological Structure (2016)
    • ARTICLE-true
    • Stefan Fenz and S. Plieschnegger and Heidelinde Hobel
    • Information and Computer Security
    @ARTICLE{Fenz2016Mapping,
       author = {Stefan Fenz and S. Plieschnegger and Heidelinde Hobel},
       authorhotlist = {true},
       title = {Mapping Information Security Standard ISO 27002 to an Ontological Structure},
       journal = {Information and Computer Security},
       year = {2016},
       month = {0},
       pdf = {http://www.emeraldinsight.com/doi/abs/10.1108/ICS-07-2015-0030?journalCode=ics},
    }
  • An Ontology- and Bayesian-based Approach for Determining Threat Probabilities (2011)
    • INPROCEEDINGS--
    • Stefan Fenz
    • ASIA CCS '11: 6th ACM Symposium on Information, Computer and Communications Security
    @INPROCEEDINGS{Fenz_An_Ontology_and_Bayesian_based_2011,
       author = {Stefan Fenz},
       title = {An Ontology- and Bayesian-based Approach for Determining Threat Probabilities},
       booktitle = {ASIA CCS '11: 6th ACM Symposium on Information,
       Computer and Communications Security},
       year = {2011},
       month = {3},
       publisher = {ACM},
    }
  • An ontology-based approach for constructing Bayesian networks (2012)
    • ARTICLE-true
    • Stefan Fenz
    • Data and Knowledge Engineering
    @ARTICLE{Fenz_An_ontology_based_approach_for_2012,
       author = {Stefan Fenz},
       authorhotlist = {true},
       title = {An ontology-based approach for constructing Bayesian networks},
       journal = {Data and Knowledge Engineering},
       year = {2012},
       month = {3},
       abstract = {Bayesian networks are commonly used for determining the probability of events that are influenced by various variables. Bayesian probabilities encode degrees of belief about certain events},
       volume = {73},
       pages = {73-88},
    }
    Bayesian networks are commonly used for determining the probability of events that are influenced by various variables. Bayesian probabilities encode degrees of belief about certain events
  • Business Process-based Resource Importance Determination (2009)
    • INPROCEEDINGS-true
    • Stefan Fenz and Andreas Ekelhart and Thomas Neubauer
    • Proceedings of the 7th International Conference on Business Process Management (BPM 2009)
    @INPROCEEDINGS{Fenz_BusinessProcessbasedResource_2009,
       author = {Stefan Fenz and Andreas Ekelhart and Thomas Neubauer},
       authorhotlist = {true},
       title = {Business Process-based Resource Importance Determination},
       booktitle = {Proceedings of the 7th International Conference on Business Process Management (BPM 2009)},
       year = {2009},
       month = {1},
       abstract = {Information security risk management (ISRM) heavily depends on realistic impact values representing the resources importance in the overall organizational context. Although a variety of ISRM approaches have been proposed,
       well-founded methods that provide an answer to the following question are still missing: How can business processes be used to determine resources importance in the overall organizational context? We answer this question by measuring the actual importance level of resources based on business processes. Therefore,
       this paper presents our novel business process-based resource importance determination method which provides ISRM with an efficient and powerful tool for deriving realistic resource importance figures solely from existing business processes. The conducted evaluation has shown that the calculation results of the developed method comply to the results gained in traditional workshop-based assessments.},
       pages = {113-127},
       publisher = {Springer},
       note = {accepted for publication},
    }
    Information security risk management (ISRM) heavily depends on realistic impact values representing the resources importance in the overall organizational context. Although a variety of ISRM approaches have been proposed, well-founded methods that provide an answer to the following question are still missing: How can business processes be used to determine resources importance in the overall organizational context? We answer this question by measuring the actual importance level of resources based on business processes. Therefore, this paper presents our novel business process-based resource importance determination method which provides ISRM with an efficient and powerful tool for deriving realistic resource importance figures solely from existing business processes. The conducted evaluation has shown that the calculation results of the developed method comply to the results gained in traditional workshop-based assessments.
  • Do we have to reinvent the security wheel at every organization? (2011)
    • ARTICLE--
    • Stefan Fenz and Simon Parkin and Aad van Moorsel
    • IT Professional
    @ARTICLE{Fenz_Do_we_have_to_reinvent_the_sec_2011,
       author = {Stefan Fenz and Simon Parkin and Aad van Moorsel},
       title = {Do we have to reinvent the security wheel at every organization?},
       journal = {IT Professional},
       year = {2011},
       month = {0},
       note = {not published yet},
    }
  • E-Business and Information Security Risk Management: Challenges and Potential Solutions (2011)
    • INBOOK--
    • Stefan Fenz
    • IGI Global
    @INBOOK{Fenz_Electronic_Business_Interopera_2011,
       author = {Stefan Fenz},
       title = {E-Business and Information Security Risk Management: Challenges and Potential Solutions},
       booktitle = {Electronic Business Interoperability: Concepts,
       Opportunities and Challenges},
       year = {2011},
       month = {1},
       chapter = {E-Business and Information Security Risk Management: Challenges and Potential Solutions},
       publisher = {IGI Global},
    }
  • Formalizing Information Security Knowledge (2009)
    • INPROCEEDINGS-true
    • Stefan Fenz and Andreas Ekelhart
    • Proceedings of the 4th ACM Symposium on Information, Computer, and Communications Security
    @INPROCEEDINGS{Fenz_FormalizingInformationSecurity_2009,
       author = {Stefan Fenz and Andreas Ekelhart},
       authorhotlist = {true},
       title = {Formalizing Information Security Knowledge},
       booktitle = {Proceedings of the 4th ACM Symposium on Information,
       Computer,
       and Communications Security},
       year = {2009},
       month = {1},
       abstract = {Unified and formal knowledge models of the information security domain are fundamental requirements for supporting and enhancing existing risk management approaches. This paper describes a security ontology which provides an ontological structure for information security domain knowledge. Besides existing best-practice guidelines such as the German IT Grundschutz Manual also concrete knowledge of the considered organization is incorporated. An evaluation conducted by an information security expert team has shown that this knowledge model can be used to support a broad range of information security risk management approaches.},
       pages = {183-194},
       publisher = {ACM},
       note = {978-1-60558-394-5},
    }
    Unified and formal knowledge models of the information security domain are fundamental requirements for supporting and enhancing existing risk management approaches. This paper describes a security ontology which provides an ontological structure for information security domain knowledge. Besides existing best-practice guidelines such as the German IT Grundschutz Manual also concrete knowledge of the considered organization is incorporated. An evaluation conducted by an information security expert team has shown that this knowledge model can be used to support a broad range of information security risk management approaches.
  • Fortification of IT security by automatic security advisory processing (2008)
    • INPROCEEDINGS--
    • Stefan Fenz and Edgar R. Weippl and Andreas Ekelhart
    • Proceedings of the 22nd International Conference on Advanced Information Networking and Applications, AINA2008
    @INPROCEEDINGS{Fenz_FortificationofIT_2008,
       author = {Stefan Fenz and {Edgar R.} Weippl and Andreas Ekelhart},
       title = {Fortification of IT security by automatic security advisory processing},
       booktitle = {Proceedings of the 22nd International Conference on Advanced Information Networking and Applications,
       AINA2008},
       year = {2008},
       month = {3},
       abstract = {The past years have seen the rapid increase of security related incidents in the field of information technology. IT infrastructures in the commercial as well as in the governmental sector are becoming evermore heterogeneous which increases the complexity of handling and maintaining an adequate security level. Especially organizations which are hosting and processing highly sensitive data are obligated to establish a holistic company-wide security approach. We propose a novel security concept to reduce this complexity by automatic assessment of security advisories. A central entity collects vulnerability information from various sources,
       converts it into a standardized and machine-readable format and distributes it to its subscribers. The subscribers are then able to automatically map the vulnerability information to the ontological stored infrastructure data to visualize newly-discovered software vulnerabilities. The automatic analysis of vulnerabilities decreases response times and permits precise response to new threats and vulnerabilities,
       thus decreasing the administration complexity and increasing the IT security level.},
       pages = {575-582},
       publisher = {IEEE Computer Society},
    }
    The past years have seen the rapid increase of security related incidents in the field of information technology. IT infrastructures in the commercial as well as in the governmental sector are becoming evermore heterogeneous which increases the complexity of handling and maintaining an adequate security level. Especially organizations which are hosting and processing highly sensitive data are obligated to establish a holistic company-wide security approach. We propose a novel security concept to reduce this complexity by automatic assessment of security advisories. A central entity collects vulnerability information from various sources, converts it into a standardized and machine-readable format and distributes it to its subscribers. The subscribers are then able to automatically map the vulnerability information to the ontological stored infrastructure data to visualize newly-discovered software vulnerabilities. The automatic analysis of vulnerabilities decreases response times and permits precise response to new threats and vulnerabilities, thus decreasing the administration complexity and increasing the IT security level.
  • How to Determine Threat Probabilities Using Ontologies and Bayesian Networks (2009)
    • INPROCEEDINGS--
    • Stefan Fenz and Thomas Neubauer
    • CSIIRW 09: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research
    @INPROCEEDINGS{Fenz_HowtoDetermine_2009,
       author = {Stefan Fenz and Thomas Neubauer},
       title = {How to Determine Threat Probabilities Using Ontologies and Bayesian Networks},
       booktitle = {CSIIRW 09: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research},
       year = {2009},
       month = {1},
       abstract = {The subjective threat probability determination is one of the main reasons for an inadequate information security strategy endangering the organization in performing its mission. To address the problem this research project proposes an ontology- and Bayesian-based approach for determining asset-specific and comprehensible threat probabilities. The elaborated concepts enable risk managers to comprehensibly quantify the current security status of their organization.},
       publisher = {ACM},
    }
    The subjective threat probability determination is one of the main reasons for an inadequate information security strategy endangering the organization in performing its mission. To address the problem this research project proposes an ontology- and Bayesian-based approach for determining asset-specific and comprehensible threat probabilities. The elaborated concepts enable risk managers to comprehensibly quantify the current security status of their organization.
  • Information Security Fortification by Ontological Mapping of the ISO IEC 27001 Standard (2007)
    • INPROCEEDINGS--
    • Stefan Fenz and Edgar R. Weippl and Andreas Ekelhart and Gernot Goluch and Bernhard Riedl
    • Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing, PRDC2007
    @INPROCEEDINGS{Fenz_InformationSecurityFortification_2007,
       author = {Stefan Fenz and {Edgar R.} Weippl and Andreas Ekelhart and Gernot Goluch and Bernhard Riedl},
       title = {Information Security Fortification by Ontological Mapping of the ISO IEC 27001 Standard},
       booktitle = {Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing,
       PRDC2007},
       year = {2007},
       month = {12},
       pages = {381-388},
       publisher = {IEEE Computer Society},
       note = {0-7695-3054-0},
    }
  • Ontological Mapping of Information Security Best-Practice Guidelines (2009)
    • INPROCEEDINGS--
    • Stefan Fenz and Thomas Pruckner and Arman Manutscheri
    • Business Information Systems, 12th International Conference on Business Information Systems, BIS 2009
    @INPROCEEDINGS{Fenz_OntologicalMappingof_2009,
       author = {Stefan Fenz and Thomas Pruckner and Arman Manutscheri},
       title = {Ontological Mapping of Information Security Best-Practice Guidelines},
       booktitle = {Business Information Systems,
       12th International Conference on Business Information Systems,
       BIS 2009},
       year = {2009},
       month = {4},
       publisher = {Springer Berlin Heidelberg},
    }
  • Ontology- and Bayesian-based information security risk management (2008)
    • THESIS--
    • Stefan Fenz
    • -
    @THESIS{Fenz_OntologyandBayesianbased_2008,
       author = {Stefan Fenz},
       title = {Ontology- and Bayesian-based information security risk management},
       booktitle = {Diss},
       year = {2008},
       month = {10},
    }
  • Ontology- and Bayesian-based Threat Probability Determination (2008)
    • INPROCEEDINGS--
    • A Min Tjoa and Stefan Fenz
    • Proceedings of the Junior Scientist Conference 2008
    @INPROCEEDINGS{Fenz_OntologyandBayesianbased_2008a,
       author = {{A Min} Tjoa and Stefan Fenz},
       title = {Ontology- and Bayesian-based Threat Probability Determination},
       booktitle = {Proceedings of the Junior Scientist Conference 2008},
       year = {2008},
       month = {11},
       abstract = {Information security risk management is crucial for ensuring long-term business success and thus numerous approaches to implementing an adequate information security risk management strategy have been proposed. The subjective threat probability determination is one of the main reasons for an inadequate information security strategy endangering the organization in performing its mission. To address the problem this research project proposes an ontology- and Bayesian-based approach for determining asset-specific and comprehensible threat probabilities. The elaborated concepts enable risk managers to comprehensibly quantify the current security status of their organization.},
       pages = {69-70},
       publisher = {Vienna University of Technology},
    }
    Information security risk management is crucial for ensuring long-term business success and thus numerous approaches to implementing an adequate information security risk management strategy have been proposed. The subjective threat probability determination is one of the main reasons for an inadequate information security strategy endangering the organization in performing its mission. To address the problem this research project proposes an ontology- and Bayesian-based approach for determining asset-specific and comprehensible threat probabilities. The elaborated concepts enable risk managers to comprehensibly quantify the current security status of their organization.
  • Ontology-based Generation of {Bayesian} Networks (2009)
    • INPROCEEDINGS--
    • A Min Tjoa and Stefan Fenz and Marcus Hudec
    • International Conference on Complex, Intelligent and Software Intensive Systems, 2009. CISIS '09.
    @INPROCEEDINGS{Fenz_OntologybasedGenerationof_2009,
       author = {{A Min} Tjoa and Stefan Fenz and Marcus Hudec},
       title = {Ontology-based Generation of {Bayesian} Networks},
       booktitle = {International Conference on Complex,
       Intelligent and Software Intensive Systems,
       2009. CISIS '09.},
       year = {2009},
       month = {1},
       abstract = {Bayesian networks are indispensable for determining the probability of events which are influenced by various components. Bayesian probabilities encode degrees of belief about certain events and a dynamic knowledge body is used to strengthen,
       update,
       or weaken these assumptions. The creation of Bayesian networks requires at least three challenging tasks: (i) the determination of relevant influence factors,
       (ii) the determination of relationships between the identified influence factors,
       and (iii) the calculation of the conditional probability tables for each node in the Bayesian network. Based on existing domain ontologies,
       we propose a method for the ontology-based generation of Bayesian networks. The ontology is used to provide the necessary knowledge about relevant influence factors,
       their relationships,
       their weights,
       and the scale which represents potential states of the identified influence factors. The developed method enables,
       based on existing ontologies,
       the semi-automatic generation and alternation of Bayesian networks.},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2009 - Fenz - Ontology-based Generation of Bayesian Networks.pdf},
       pages = {712-717},
       publisher = {IEEE Computer Society},
    }
    Bayesian networks are indispensable for determining the probability of events which are influenced by various components. Bayesian probabilities encode degrees of belief about certain events and a dynamic knowledge body is used to strengthen, update, or weaken these assumptions. The creation of Bayesian networks requires at least three challenging tasks: (i) the determination of relevant influence factors, (ii) the determination of relationships between the identified influence factors, and (iii) the calculation of the conditional probability tables for each node in the Bayesian network. Based on existing domain ontologies, we propose a method for the ontology-based generation of Bayesian networks. The ontology is used to provide the necessary knowledge about relevant influence factors, their relationships, their weights, and the scale which represents potential states of the identified influence factors. The developed method enables, based on existing ontologies, the semi-automatic generation and alternation of Bayesian networks.
  • Ontology-based IT-Security Planning (2006)
    • INPROCEEDINGS--
    • Stefan Fenz and Edgar R. Weippl
    • Proceedings of the 12th Pacific Rim International Symposium on Dependable Computing, PRDC2006
    @INPROCEEDINGS{Fenz_OntologybasedITSecurityPlanning_2006,
       author = {Stefan Fenz and {Edgar R.} Weippl},
       title = {Ontology-based IT-Security Planning},
       booktitle = {Proceedings of the 12th Pacific Rim International Symposium on Dependable Computing,
       PRDC2006},
       year = {2006},
       month = {12},
       abstract = {IT-security has become a much diversified field and small and medium sized enterprises (SMEs),
       in particular,
       do not have the financial ability to implement a holistic IT-security approach. We thus propose a security ontology,
       to provide a solid base for an applicable and holistic IT-security approach for SMEs,
       enabling low-cost risk management and threat analysis.},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2006 - Fenz - Ontology-based IT Security Planning.pdf},
       pages = {389-390},
       publisher = {IEEE Computer Society},
       note = {9353421},
    }
    IT-security has become a much diversified field and small and medium sized enterprises (SMEs), in particular, do not have the financial ability to implement a holistic IT-security approach. We thus propose a security ontology, to provide a solid base for an applicable and holistic IT-security approach for SMEs, enabling low-cost risk management and threat analysis.
  • Semantic Potential of existing Security Advisory Standards (2008)
    • INPROCEEDINGS--
    • Stefan Fenz and Andreas Ekelhart and Edgar R. Weippl
    • Proceedings of the FIRST2008 Conference
    @INPROCEEDINGS{Fenz_SemanticPotentialof_2008,
       author = {Stefan Fenz and Andreas Ekelhart and {Edgar R.} Weippl},
       title = {Semantic Potential of existing Security Advisory Standards},
       booktitle = {Proceedings of the FIRST2008 Conference},
       year = {2008},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2008 - Fenz - Semantic Potential of Existing Security Advisory Standards.pdf},
    }
  • Verification, Validation, and Evaluation in Information Security Risk Management (2010)
    • ARTICLE-true
    • Stefan Fenz and Andreas Ekelhart
    • IEEE Security and Privacy
    @ARTICLE{Fenz_Verification_Validation_and_Ev_2010,
       author = {Stefan Fenz and Andreas Ekelhart},
       authorhotlist = {true},
       title = {Verification,
       Validation,
       and Evaluation in Information Security Risk Management},
       journal = {IEEE Security and Privacy},
       year = {2010},
       month = {11},
       volume = {8},
       pages = {18-25},
       publisher = {IEEE Computer Society},
    }
  • Improving the usability of energy simulation applications in processing common building performance inquiries (2012)
    • INPROCEEDINGS--
    • Neda Ghiassi and Ferial Shayeganfar and Ulrich Pont and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and A Min Tjoa
    • Simulace Budov a Techniky Prostredi
    @INPROCEEDINGS{Ghiassi2012Improving,
       author = {Neda Ghiassi and Ferial Shayeganfar and Ulrich Pont and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and {A Min} Tjoa},
       title = {Improving the usability of energy simulation applications in processing common building performance inquiries},
       booktitle = {Simulace Budov a Techniky Prostredi},
       year = {2012},
       month = {6},
    }
  • A comprehensive building model for performance-guided decision support (2013)
    • INPROCEEDINGS--
    • Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and A Min Tjoa
    • 2nd Central European Symposium on Building Physics (CESBP 2013)
    @INPROCEEDINGS{Ghiassi2013comprehensive,
       author = {Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and {A Min} Tjoa},
       title = {A comprehensive building model for performance-guided decision support},
       booktitle = {2nd Central European Symposium on Building Physics (CESBP 2013)},
       year = {2013},
       month = {9},
    }
  • Multi-objective optimization in the SEMERGY environment for sustainable building design and retrofit (2013)
    • INPROCEEDINGS--
    • Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and A Min Tjoa
    • 2nd Central European Symposium on Building Physics (CESBP 2013)
    @INPROCEEDINGS{Ghiassi2013Multiobjective,
       author = {Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and {A Min} Tjoa},
       title = {Multi-objective optimization in the SEMERGY environment for sustainable building design and retrofit},
       booktitle = {2nd Central European Symposium on Building Physics (CESBP 2013)},
       year = {2013},
       month = {9},
    }
  • CASSIS - Computer-based Academy for Security and Safety in Information Systems (2007)
    • INPROCEEDINGS--
    • Gernot Goluch and Andreas Ekelhart and Stefan Fenz and Stefan Jakoubi and Bernhard Riedl and Simon Tjoa
    • Proceedings of the 2nd Conference on Availability, Reliability and Security, ARES2007
    @INPROCEEDINGS{Goluch_CASSISComputerbased_2007,
       author = {Gernot Goluch and Andreas Ekelhart and Stefan Fenz and Stefan Jakoubi and Bernhard Riedl and Simon Tjoa},
       title = {CASSIS - Computer-based Academy for Security and Safety in Information Systems},
       booktitle = {Proceedings of the 2nd Conference on Availability,
       Reliability and Security,
       ARES2007},
       year = {2007},
       month = {4},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2007 - Goluch - CASSIS.pdf},
       pages = {730--740},
       publisher = {IEEE Computer Society},
    }
  • Integration of an Ontological Information Security Concept in Risk Aware Business Process Management (2008)
    • INPROCEEDINGS-true
    • Stefan Fenz and Andreas Ekelhart and Gernot Goluch and Simon Tjoa and Stefan Jakoubi and Thomas Mueck
    • Proceedings of the 41st Hawaii International Conference on System Sciences, HICSS2008
    @INPROCEEDINGS{Goluch_IntegrationofOntological_2008,
       author = {Stefan Fenz and Andreas Ekelhart and Gernot Goluch and Simon Tjoa and Stefan Jakoubi and Thomas Mueck},
       authorhotlist = {true},
       title = {Integration of an Ontological Information Security Concept in Risk Aware Business Process Management},
       booktitle = {Proceedings of the 41st Hawaii International Conference on System Sciences,
       HICSS2008},
       year = {2008},
       month = {1},
       pages = {377-385},
       publisher = {IEEE Computer Society},
       note = {978-0-7695-3075-8},
    }
  • Evaluation criteria for cloud computing based on the upcoming European data protection regulation (2014)
    • INPROCEEDINGS--
    • Manfred Halper and Stefan Fenz and J. Goellner and Gerald Quirchmayr
    • 2014 Civilisation at the Crossroads Response and Responsibility of the Systems Sciences
    @INPROCEEDINGS{Halper2014Evaluation,
       author = {Manfred Halper and Stefan Fenz and J. Goellner and Gerald Quirchmayr},
       title = {Evaluation criteria for cloud computing based on the upcoming European data protection regulation},
       booktitle = {2014 Civilisation at the Crossroads Response and Responsibility of the Systems Sciences},
       year = {2014},
       month = {4},
    }
  • Recognition and pseudonymisation of medical records for secondary use (2015)
    • ARTICLE-true
    • Johannes Heurix and Stefan Fenz and Antonio Rella and Thomas Neubauer
    • Medical and Biological Engineering and Computing
    @ARTICLE{Heurix2015Recognition,
       author = {Johannes Heurix and Stefan Fenz and Antonio Rella and Thomas Neubauer},
       authorhotlist = {true},
       title = {Recognition and pseudonymisation of medical records for secondary use},
       journal = {Medical and Biological Engineering and Computing},
       year = {2015},
       month = {6},
       pdf = {http://link.springer.com/article/10.1007/s11517-015-1322-7},
    }
  • A taxonomy for privacy enhancing technologies (2015)
    • ARTICLE-true
    • Johannes Heurix and Peter Zimmermann and Thomas Neubauer and Stefan Fenz
    • Computers and Security
    @ARTICLE{Heurix2015taxonomy,
       author = {Johannes Heurix and Peter Zimmermann and Thomas Neubauer and Stefan Fenz},
       authorhotlist = {true},
       title = {A taxonomy for privacy enhancing technologies},
       journal = {Computers and Security},
       year = {2015},
       month = {9},
       pdf = {http://www.sciencedirect.com/science/article/pii/S0167404815000668},
    }
  • A Rule Based Transformation System for Converting Semi Structured Medical Documents (2013)
    • ARTICLE--
    • Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer
    • Health and Technology
    @ARTICLE{Heurix_A_Rule_Based_Transformation_Sy_2013,
       author = {Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer},
       title = {A Rule Based Transformation System for Converting Semi Structured Medical Documents},
       journal = {Health and Technology},
       year = {2013},
       month = {1},
       volume = {3},
       number = {1},
    }
  • Visualisation of User-Generated Event Information: Towards Geospatial Situation Awareness Using Hierarchical Granularity Levels (2015)
    • INPROCEEDINGS--
    • Heidelinde Hobel and Lisa Madlberger and Andreas Thoeni and Stefan Fenz
    • Workshop on Social Media and Linked Data for Emergency Response at ESWC2014 (SMILE)
    @INPROCEEDINGS{Hobel2015Visualisation,
       author = {Heidelinde Hobel and Lisa Madlberger and Andreas Thoeni and Stefan Fenz},
       title = { Visualisation of User-Generated Event Information: Towards Geospatial Situation Awareness Using Hierarchical Granularity Levels},
       booktitle = {Workshop on Social Media and Linked Data for Emergency Response at ESWC2014 (SMILE)},
       year = {2015},
       month = {2},
       pdf = {http://linkedscience.org/wp-content/uploads/2014/05/smile2014_submission_2.pdf},
    }
  • Cloud Security and Privacy in the Light of the 2012 EU Data Protection Regulation (2012)
    • INPROCEEDINGS--
    • Andreas Kronabeter and Stefan Fenz
    • 2012 CloudComp Conference
    @INPROCEEDINGS{Kronabeter2012Cloud,
       author = {Andreas Kronabeter and Stefan Fenz},
       title = {Cloud Security and Privacy in the Light of the 2012 EU Data Protection Regulation},
       booktitle = {2012 CloudComp Conference},
       year = {2012},
       month = {9},
    }
  • Exploring the utility of semantic web technology in building performance simulation (2012)
    • INPROCEEDINGS--
    • Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa
    • BauSIM 2012 - Gebäudesimulation auf den Größenskalen Bauteil, Raum, Gebäude, Stadtquartier
    @INPROCEEDINGS{Mahdavi2012Exploring,
       author = {Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa},
       title = {Exploring the utility of semantic web technology in building performance simulation},
       booktitle = {BauSIM 2012 - Gebäudesimulation auf den Größenskalen Bauteil,
       Raum,
       Gebäude,
       Stadtquartier},
       year = {2012},
       month = {5},
    }
  • An ontological model for construction concepts (2012)
    • ARTICLE--
    • Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa
    • eWork and eBusiness in Architecture, Engineering and Construction: Ecppm 2012
    @ARTICLE{Mahdavi2012ontological,
       author = {Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa},
       title = {An ontological model for construction concepts},
       journal = {eWork and eBusiness in Architecture,
       Engineering and Construction: Ecppm 2012},
       year = {2012},
       month = {7},
    }
  • SEMERGY: Semantic web technology support for comprehensive building design assessment (2012)
    • ARTICLE--
    • Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa
    • eWork and eBusiness in Architecture, Engineering and Construction
    @ARTICLE{Mahdavi2012SEMERGY,
       author = {Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa},
       title = {SEMERGY: Semantic web technology support for comprehensive building design assessment},
       journal = {eWork and eBusiness in Architecture,
       Engineering and Construction},
       year = {2012},
       month = {7},
       pages = {363--370},
    }
  • Interactive Selection of ISO 27001 Controls under Multiple Objectives (2008)
    • INPROCEEDINGS--
    • Thomas Neubauer and Andreas Ekelhart and Stefan Fenz
    • Proceedings of the Ifip Tc 11 23rd International Information Security Conference, IFIPSec 2008
    @INPROCEEDINGS{Neubauer_InteractiveSelectionof_2008,
       author = {Thomas Neubauer and Andreas Ekelhart and Stefan Fenz},
       title = {Interactive Selection of ISO 27001 Controls under Multiple Objectives},
       booktitle = {Proceedings of the Ifip Tc 11 23rd International Information Security Conference,
       IFIPSec 2008},
       year = {2008},
       month = {7},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2008 - Neubauer - Interactive Selection of ISO 27001 Controls under Multiple Objectives.pdf},
       volume = {278_2008},
       pages = {477--492},
       publisher = {Springer},
    }
  • A modular methodology for the development of urban energy planning support software (2013)
    • INPROCEEDINGS--
    • Najd Ouhajjou and Peter Palensky and M. Stifter and J. Page and Stefan Fenz and A Min Tjoa
    • 39th Annual Conference of the IEEE Industrial Electronics Society (IECON 2013)
    @INPROCEEDINGS{Ouhajjou2013modular,
       author = {Najd Ouhajjou and Peter Palensky and M. Stifter and J. Page and Stefan Fenz and {A Min} Tjoa},
       title = {A modular methodology for the development of urban energy planning support software},
       booktitle = { 39th Annual Conference of the IEEE Industrial Electronics Society (IECON 2013)},
       year = {2013},
       month = {9},
    }
  • Multi-Actor Urban Energy Planning Support: Building refurbishment and building-integrated Solar PV (2014)
    • INPROCEEDINGS--
    • Najd Ouhajjou and Wolfgang Loibl and Stefan Fenz and A Min Tjoa
    • 28th EnviroInfo Conference
    @INPROCEEDINGS{Ouhajjou2014MultiActor,
       author = {Najd Ouhajjou and Wolfgang Loibl and Stefan Fenz and {A Min} Tjoa},
       title = {Multi-Actor Urban Energy Planning Support: Building refurbishment and building-integrated Solar PV},
       booktitle = {28th EnviroInfo Conference},
       year = {2014},
       month = {9},
    }
  • Robustness Against Data Availability Problems in Urban Energy Planning Support Software (2014)
    • INPROCEEDINGS--
    • Najd Ouhajjou and Wolfgang Loibl and Peter Palensky and Amin Anjomshoaa and Stefan Fenz and A Min Tjoa
    • IEEE Eighth International Conference on Research Challenges in Information Science
    @INPROCEEDINGS{Ouhajjou2014Robustness,
       author = {Najd Ouhajjou and Wolfgang Loibl and Peter Palensky and Amin Anjomshoaa and Stefan Fenz and {A Min} Tjoa},
       title = {Robustness Against Data Availability Problems in Urban Energy Planning Support Software},
       booktitle = {IEEE Eighth International Conference on Research Challenges in Information Science},
       year = {2014},
       month = {5},
    }
  • Multi-Actor Urban Energy Planning Support: Building refurbishment and Building-integrated Solar PV (2015)
    • INBOOK--
    • Najd Ouhajjou and Wolfgang Loibl and Stefan Fenz and A Min Tjoa
    • -
    @INBOOK{Ouhajjou2015MultiActor,
       author = {Najd Ouhajjou and Wolfgang Loibl and Stefan Fenz and {A Min} Tjoa},
       title = {Multi-Actor Urban Energy Planning Support: Building refurbishment and Building-integrated Solar PV},
       booktitle = {Multi-Actor Urban Energy Planning Support: Building refurbishment and Building-integrated Solar PV},
       year = {2015},
       month = {5},
    }
  • Stakeholder-oriented energy planning support in cities (2015)
    • INPROCEEDINGS--
    • Najd Ouhajjou and Wolfgang Loibl and Stefan Fenz and A Min Tjoa
    • 6th International Building Physics Conference, IBPC 2015
    @INPROCEEDINGS{Ouhajjou2015Stakeholderoriented,
       author = {Najd Ouhajjou and Wolfgang Loibl and Stefan Fenz and {A Min} Tjoa},
       title = {Stakeholder-oriented energy planning support in cities},
       booktitle = {6th International Building Physics Conference,
       IBPC 2015},
       year = {2015},
       month = {6},
    }
  • Recent advances in SEMERGY: A semantically enriched optimization environment for performance-guided building design and refurbishment (2013)
    • INPROCEEDINGS--
    • Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Mahnameh Taheri and Christian Sustr and Ardeshir Mahdavi and Johannes Heurix and Stefan Fenz and Amin Anjomshoaa and Thomas Neubauer and A Min Tjoa
    • Proceedings of the 2nd Central European Symposium on Building Physics
    @INPROCEEDINGS{Pont2013Recent,
       author = {Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Mahnameh Taheri and Christian Sustr and Ardeshir Mahdavi and Johannes Heurix and Stefan Fenz and Amin Anjomshoaa and Thomas Neubauer and {A Min} Tjoa},
       title = {Recent advances in SEMERGY: A semantically enriched optimization environment for performance-guided building design and refurbishment},
       booktitle = {Proceedings of the 2nd Central European Symposium on Building Physics},
       year = {2013},
       month = {9},
    }
  • SEMERGY: Application of Semantic Web Technologies in Performance-Guided Building Design Optimization (2015)
    • ARTICLE--
    • Ulrich Pont and Neda Ghiassi and Stefan Fenz and Johannes Heurix and Ardeshir Mahdavi
    • Journal of Information Technology in Construction
    @ARTICLE{Pont2015SEMERGY,
       author = {Ulrich Pont and Neda Ghiassi and Stefan Fenz and Johannes Heurix and Ardeshir Mahdavi},
       title = {SEMERGY: Application of Semantic Web Technologies in Performance-Guided Building Design Optimization},
       journal = {Journal of Information Technology in Construction},
       year = {2015},
       month = {0},
       volume = {20},
       pages = {107--120},
    }
  • Pseudonymization for improving the privacy in e-Health applications (2008)
    • INPROCEEDINGS-true
    • Stefan Fenz and Thomas Neubauer and Bernhard Riedl and Veronika Grascher
    • Proceedings of the 41st Hawaii International Conference on System Sciences, HICSS2008
    @INPROCEEDINGS{Riedl_Pseudonymizationimprovingprivacy_2008,
       author = {Stefan Fenz and Thomas Neubauer and Bernhard Riedl and Veronika Grascher},
       authorhotlist = {true},
       title = {Pseudonymization for improving the privacy in e-Health applications},
       booktitle = {Proceedings of the 41st Hawaii International Conference on System Sciences,
       HICSS2008},
       year = {2008},
       month = {1},
       pages = {255-264},
       publisher = {IEEE Computer Society},
       note = {978-0-7695-3075-8},
    }
  • An ontology-aided Optimization Approach to Eco-Efficient Building Design (2013)
    • INPROCEEDINGS--
    • Ferial Shayeganfar and Amin Anjomshoaa and Johannes Heurix and Christian Sustr and Neda Ghiassi and Ulrich Pont and Stefan Fenz and Thomas Neubauer and A Min Tjoa and Ardeshir Mahdavi
    • 13th International Conference of the International Building Performance Simulation Association
    @INPROCEEDINGS{Shayeganfar2013ontologyaided,
       author = {Ferial Shayeganfar and Amin Anjomshoaa and Johannes Heurix and Christian Sustr and Neda Ghiassi and Ulrich Pont and Stefan Fenz and Thomas Neubauer and {A Min} Tjoa and Ardeshir Mahdavi},
       title = {An ontology-aided Optimization Approach to Eco-Efficient Building Design},
       booktitle = {13th International Conference of the International Building Performance Simulation Association},
       year = {2013},
       month = {8},
    }
  • Internet of Things Applications in Bulk Shipping Logistics: Problems and Potential Solutions (2012)
    • INPROCEEDINGS--
    • Xin Song and Lei Huang and Stefan Fenz
    • Internet of Things - Proceedings of the International Workshop, IOT 2012
    @INPROCEEDINGS{Song2012Internet,
       author = {Xin Song and Lei Huang and Stefan Fenz},
       title = {Internet of Things Applications in Bulk Shipping Logistics: Problems and Potential Solutions},
       booktitle = {Internet of Things - Proceedings of the International Workshop,
       IOT 2012},
       year = {2012},
       month = {8},
    }
  • Security Ontologies: How to Improve Understanding of Complex Relationships (2007)
    • INPROCEEDINGS--
    • Edgar R. Weippl and Stefan Fenz and Andreas Ekelhart
    • Proceedings of the World Conference on Educational Multimedia, Hypermedia and Telecommunications 2007
    @INPROCEEDINGS{Weippl_SecurityOntologiesHow_2007,
       author = {{Edgar R.} Weippl and Stefan Fenz and Andreas Ekelhart},
       title = {Security Ontologies: How to Improve Understanding of Complex Relationships},
       booktitle = {Proceedings of the World Conference on Educational Multimedia,
       Hypermedia and Telecommunications 2007},
       year = {2007},
       month = {6},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2007 - Weippl - Security Ontologies How to Improve Understanding of Complex Relationships.pdf},
       pages = {404--407},
       publisher = {AACE},
    }
  • The Semantic Desktop: A Semantic Personal Information Management System based on RDF and Topic Maps (2005)
    • INPROCEEDINGS--
    • A Min Tjoa and Stefan Fenz and Edgar R. Weippl and Markus Klemen and Andreas Ekelhart
    • Proceedings of the ODBIS Workshop, 31st International Conference on Very Large Data Bases (VLDB) 2005
    @INPROCEEDINGS{Weippl_SemanticDesktopSemantic_2005,
       author = {{A Min} Tjoa and Stefan Fenz and {Edgar R.} Weippl and Markus Klemen and Andreas Ekelhart},
       title = {The Semantic Desktop: A Semantic Personal Information Management System based on RDF and Topic Maps},
       booktitle = {Proceedings of the ODBIS Workshop,
       31st International Conference on Very Large Data Bases (VLDB) 2005},
       year = {2005},
       month = {10},
       number = {4623},
       pages = {135-151},
    }
  • Semantic Storage: A Report on Performance and Flexibility (2005)
    • INPROCEEDINGS--
    • Edgar R. Weippl and Markus Klemen and Manfred Linnert and Stefan Fenz and Gernot Goluch and A Min Tjoa
    • Database and Expert Systems Applications, 16th International Conference, DEXA 2005
    @INPROCEEDINGS{Weippl_SemanticStorageReport_2005,
       author = {{Edgar R.} Weippl and Markus Klemen and Manfred Linnert and Stefan Fenz and Gernot Goluch and {A Min} Tjoa},
       title = {Semantic Storage: A Report on Performance and Flexibility},
       booktitle = {Database and Expert Systems Applications,
       16th International Conference,
       DEXA 2005},
       year = {2005},
       month = {8},
       abstract = {Desktop search tools are becoming more popular. They have to deal with increasing amounts of locally stored data. Another approach is to analyze the semantic relationship between collected data in order to preprocess the data semantically. The goal is to allow searches based on relationships between various objects instead of focusing on the name of objects. We introduce a database architecture based on an existing software prototype,
       which is capable of meeting the various demands for a semantic information manager. We describe the use of an association table which stores the relationships between events. It enables adding or removing data items easily without the need for schema modifications. Existing optimization techniques of RDBMS can still be used.},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2005-Weippl.pdf},
       volume = {3588_2005},
       pages = {586-595},
       publisher = {Springer Berlin Heidelberg},
    }
    Desktop search tools are becoming more popular. They have to deal with increasing amounts of locally stored data. Another approach is to analyze the semantic relationship between collected data in order to preprocess the data semantically. The goal is to allow searches based on relationships between various objects instead of focusing on the name of objects. We introduce a database architecture based on an existing software prototype, which is capable of meeting the various demands for a semantic information manager. We describe the use of an association table which stores the relationships between events. It enables adding or removing data items easily without the need for schema modifications. Existing optimization techniques of RDBMS can still be used.
  • SEMERGY: Performance-Guided Building Design and Refurbishment within a Semantically Augmented Optimization Environment (2013)
    • INPROCEEDINGS--
    • Dawid Wolosiuk and Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and A Min Tjoa
    • enviBUILD 2013 - Buildings and Environment
    @INPROCEEDINGS{Wolosiuk2013SEMERGY,
       author = {Dawid Wolosiuk and Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and {A Min} Tjoa},
       title = {SEMERGY: Performance-Guided Building Design and Refurbishment within a Semantically Augmented Optimization Environment},
       booktitle = {enviBUILD 2013 - Buildings and Environment},
       year = {2013},
       month = {10},
    }
  • SEMERGY: Performance-Guided Building Design and Refurbishment within a Semantically Augmented Optimization Environment (2014)
    • ARTICLEtrue-
    • Dawid Wolosiuk and Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and A Min Tjoa
    • Advanced Materials Research
    @ARTICLE{Wolosiuk2014SEMERGY,
       author = {Dawid Wolosiuk and Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and {A Min} Tjoa},
       sbahotlist = {true},
       title = {SEMERGY: Performance-Guided Building Design and Refurbishment within a Semantically Augmented Optimization Environment},
       journal = {Advanced Materials Research},
       year = {2014},
       month = {0},
       volume = {899},
       pages = {589--595},
    }
  • Automated Transformation of Semi-Structured Text Elements (2012)
    • INPROCEEDINGS--
    • Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer
    • AMCIS 2012 Proceedings
    @INPROCEEDINGS{_Automated_Transformation_of_Se_2012,
       author = {Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer},
       title = {Automated Transformation of Semi-Structured Text Elements},
       booktitle = {AMCIS 2012 Proceedings},
       year = {2012},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2012 - Heurix - Automated Transformation of Semi-Structured Text Elements.pdf},
       pages = {1-11},
    }
  • Automation possibilities in information security management (2011)
    • INPROCEEDINGS--
    • Raydel Montesino and Stefan Fenz
    • Proceedings of the European Conference in Intelligence Security Informatics 2011
    @INPROCEEDINGS{_Automation_possibilities_in_in_2011,
       author = {Raydel Montesino and Stefan Fenz},
       title = {Automation possibilities in information security management},
       booktitle = {Proceedings of the European Conference in Intelligence Security Informatics 2011},
       year = {2011},
       month = {9},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/PID1947709.pdf},
    }
  • A rule-based transformation system for converting semi-structured medical documents (2013)
    • ARTICLE--
    • Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer
    • Health and Technology
    @ARTICLE{_A_rule_based_transformation_sy_2013,
       author = {Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer},
       title = {A rule-based transformation system for converting semi-structured medical documents},
       journal = {Health and Technology},
       year = {2013},
       month = {3},
       pages = {1-13},
       publisher = {Springer},
    }
  • Enhancing Ontology-based Antipattern Detection using Bayesian Networks (2012)
    • ARTICLE--
    • Dimitrios Settas and Antonio Cerone and Stefan Fenz
    • Expert Systems with Applications
    @ARTICLE{_Enhancing_Ontology_based_Antip_2012,
       author = {Dimitrios Settas and Antonio Cerone and Stefan Fenz},
       title = {Enhancing Ontology-based Antipattern Detection using Bayesian Networks},
       journal = {Expert Systems with Applications},
       year = {2012},
       month = {8},
       volume = {39},
       number = {10},
       pages = {9041-9053},
    }
  • Increasing Knowledge Capturing Efficiency by Enterprise Portals (2011)
    • ARTICLE--
    • Stefan Fenz
    • VINE Journal
    @ARTICLE{_Increasing_Knowledge_Capturing_2011,
       author = {Stefan Fenz},
       title = {Increasing Knowledge Capturing Efficiency by Enterprise Portals},
       journal = {VINE Journal },
       year = {2011},
       month = {10},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/sigproc-KCAPsample.pdf},
    }
  • Information security automation: how far can we go (2011)
    • INPROCEEDINGS--
    • Raydel Montesino and Stefan Fenz
    • Sixth International Conference on Availability, Reliability and Security
    @INPROCEEDINGS{_Information_security_automatio_2011,
       author = {Raydel Montesino and Stefan Fenz},
       title = {Information security automation: how far can we go},
       booktitle = {Sixth International Conference on Availability,
       Reliability and Security},
       year = {2011},
       month = {8},
       abstract = {Information security management is a very complex task which involves the implementation and monitoring of more than 130 security controls. To achieve greater efficiency in this process it is necessary to automate as many controls as possible. This paper provides an analysis of how many controls can be automated},
       pages = {280-285},
       publisher = {IEEE Computer Society},
    }
    Information security management is a very complex task which involves the implementation and monitoring of more than 130 security controls. To achieve greater efficiency in this process it is necessary to automate as many controls as possible. This paper provides an analysis of how many controls can be automated
  • Recognition and Privacy Preservation of Paper-based Health Records (2012)
    • INPROCEEDINGS--
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer
    • Quality of Life through Quality of Information - Proceedings of MIE2012
    @INPROCEEDINGS{_Recognition_and_Privacy_Preser_2012,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer},
       title = {Recognition and Privacy Preservation of Paper-based Health Records},
       booktitle = {Quality of Life through Quality of Information - Proceedings of MIE2012},
       year = {2012},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2012 - Fenz - Recognition and Privacy Preservation of Paper-based Health Records.pdf},
       pages = {751-755},
       publisher = {European Federation for Medical Informatics and IOS Press},
    }
  • Recognition and Pseudonymization of Personal Data in Paper-based Health Records (2012)
    • INPROCEEDINGS--
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer
    • 15th International Conference on Business Information Systems (BIS 2012)
    @INPROCEEDINGS{_Recognition_and_Pseudonymizati_2012,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer},
       title = {Recognition and Pseudonymization of Personal Data in Paper-based Health Records},
       booktitle = {15th International Conference on Business Information Systems (BIS 2012)},
       year = {2012},
       month = {5},
       volume = {117},
       pages = {153-164},
       publisher = {Springer Berlin Heidelberg},
    }
  • SIEM-based framework for security controls automation (2012)
    • ARTICLE--
    • Raydel Montesino and Stefan Fenz and Walter Baluja
    • Information Management & Computer Security
    @ARTICLE{_SIEM_based_framework_for_secur_2012,
       author = {Raydel Montesino and Stefan Fenz and Walter Baluja},
       title = {SIEM-based framework for security controls automation},
       journal = {Information Management & Computer Security},
       year = {2012},
       month = {3},
    }
  • Towards Automatic Generation of Ontology-based Antipattern Bayesian Network Models (2011)
    • INPROCEEDINGS--
    • Dimitrios Settas and Antonio Cerone and Stefan Fenz
    • Proceedings of the 9th International Conference on Software Engineering Research Management and Applications
    @INPROCEEDINGS{_Towards_Automatic_Generation_o_2011,
       author = {Dimitrios Settas and Antonio Cerone and Stefan Fenz},
       title = {Towards Automatic Generation of Ontology-based Antipattern Bayesian Network Models},
       booktitle = {Proceedings of the 9th International Conference on Software Engineering Research Management and Applications },
       year = {2011},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/urkesettas.pdf},
    }

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close