Thomas Neubauer

is key researcher at SBA Research and the Institute of Software Technology and Interactive Systems (ISF) at the TU Wien.

  • E-Mail
  • Phone: +43 (1) 505 36 88
  • Fax: +43 (1) 505 88 88

Research Interest

His research focuses on the support for management decision makers in formulating a reasonable risk versus cost trade-off when investing in IT security solutions and measuring the actual level of security (see www.it-sicherheitscheck.at). Another research focus is on the improvement of privacy enhancing technologies, such as pseudonymization, and its application to e-health and cloud security (see www.tavuu.com).

Bio

He received a Master in Business Informatics from the University of Vienna and a Master in Computer Science from the TU Wien. He received a Ph.D. with honors from the TU Wien. He has published numerous papers (70+) in refereed journals and international conferences and was granted a patent titled “Data Processing System for the Processing of Object Data”. In addition, he has more than 15 years of professional experience.

Top Publications:

  • Data Models for the Pseudonymization of DICOM Data (2011)
    • INPROCEEDINGS-true
    • Daniel Abouakil and Johannes Heurix and Thomas Neubauer
    • Proceedings of the 44nd Hawaii International Conference on System Sciences
    @INPROCEEDINGS{Abouakil_Data_Models_for_the_Pseudonymi_2011,
       author = {Daniel Abouakil and Johannes Heurix and Thomas Neubauer},
       authorhotlist = {true},
       title = {Data Models for the Pseudonymization of DICOM Data},
       booktitle = {Proceedings of the 44nd Hawaii International Conference on System Sciences},
       year = {2011},
       month = {1},
       pages = {157},
    }
  • Ontologiebasiertes IT Risikomanagement (2009)
    • INPROCEEDINGS--
    • Andreas Ekelhart and Stefan Fenz and Thomas Neubauer
    • D.A.CH Security 2009
    @INPROCEEDINGS{Ekelhart2009Ontologiebasiertes,
       author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer},
       title = {Ontologiebasiertes IT Risikomanagement},
       booktitle = {D.A.CH Security 2009},
       year = {2009},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2009 - Ekelhart - Ontologiebasiertes IT Risikomanagement.pdf},
       pages = {14--24},
       publisher = {Syssec},
    }
  • AURUM: A Framework for Supporting Information Security Risk Management (2009)
    • INPROCEEDINGS-true
    • Andreas Ekelhart and Stefan Fenz and Thomas Neubauer
    • Proceedings of the 42nd Hawaii International Conference on System Sciences, HICSS2009
    @INPROCEEDINGS{Ekelhart_AURUMFrameworkSupporting_2009,
       author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer},
       authorhotlist = {true},
       title = {AURUM: A Framework for Supporting Information Security Risk Management},
       booktitle = {Proceedings of the 42nd Hawaii International Conference on System Sciences,
       HICSS2009},
       year = {2009},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2009 - Ekelhart - AURUM A Framework for Information Security Risk Management.pdf},
       pages = {1--10},
       publisher = {IEEE Computer Society},
    }
  • Automated Risk and Utility Management (2009)
    • INPROCEEDINGS--
    • Andreas Ekelhart and Thomas Neubauer and Stefan Fenz
    • 2009 Sixth International Conference on Information Technology: New Generations
    @INPROCEEDINGS{Ekelhart_AutomatedRiskand_2009,
       author = {Andreas Ekelhart and Thomas Neubauer and Stefan Fenz},
       title = {Automated Risk and Utility Management},
       booktitle = {2009 Sixth International Conference on Information Technology: New Generations},
       year = {2009},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2009 - Ekelhart - Automated Risk and Utility Management.pdf},
       pages = {393-398},
       publisher = {IEEE Computer Society},
    }
  • Formal threat descriptions for enhancing governmental risk assessment (2007)
    • INPROCEEDINGS--
    • Andreas Ekelhart and Stefan Fenz and Thomas Neubauer and Edgar R. Weippl
    • Proceedings of the First International Conference on Theory and Practice of Electronic Governance
    @INPROCEEDINGS{Ekelhart_Formalthreatdescriptions_2007,
       author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer and {Edgar R.} Weippl},
       title = {Formal threat descriptions for enhancing governmental risk assessment},
       booktitle = {Proceedings of the First International Conference on Theory and Practice of Electronic Governance},
       year = {2007},
       month = {1},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2007 Ekelhart - Formal Threat Descriptions for Enhancing Governmental Risk Assessment.pdf},
       volume = {232},
       pages = {40--43},
       publisher = {ACM},
       acm = {933612},
    }
  • Ontologiebasiertes IT Risikomanagement (2009)
    • INPROCEEDINGS-true
    • Stefan Fenz and Andreas Ekelhart and Thomas Neubauer
    • D.A.CH Security 2009
    @INPROCEEDINGS{Ekelhart_OntologiebasiertesITRisikomanagement_2009,
       author = {Stefan Fenz and Andreas Ekelhart and Thomas Neubauer},
       authorhotlist = {true},
       title = {Ontologiebasiertes IT Risikomanagement},
       booktitle = {D.A.CH Security 2009},
       year = {2009},
       month = {1},
       abstract = {Informationssicherheitsrisikomanagement (Information Security Risk Management,
       ISRM) stellt einen effizienten Zugang zur Bewertung,
       Verringerung und Evaluierung von Informationssicherheitsrisiken dar. Bereits bestehende ISRM-Ans{\"a}tze sind weitgehend akzeptiert,
       setzen jedoch sehr detailliertes Informationssicherheitswissen und genaue Kenntnisse des tats{\"a}chlichen Unternehmensumfeldes voraus. Die inad{\"a}quate Umsetzung von ISRM gef{\"a}hrdet die planm{\"a}{\ss}ige Umsetzung der Unternehmensstrategie und kann zu einer Minderung des Unternehmenswertes f{\"u}hren. Der vorliegende Beitrag pr{\"a}sentiert das AURUM Tool,
       welches die Schwachstellen bestehender Ans{\"a}tze adressiert und Entscheidungstr{\"a}ger bei der Auswahl eines effizienten IT-Sicherheitsportfolios unter Ber{\"u}cksichtigung organisationsspezifischer,
       technischer und wirtschaftlicher Anforderungen unterst{\"u}tzt.},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2009 - Ekelhart - Ontologiebasiertes IT Risikomanagement.pdf},
       pages = {14-24},
       publisher = {Syssec},
    }
    Informationssicherheitsrisikomanagement (Information Security Risk Management, ISRM) stellt einen effizienten Zugang zur Bewertung, Verringerung und Evaluierung von Informationssicherheitsrisiken dar. Bereits bestehende ISRM-Ans{\"a}tze sind weitgehend akzeptiert, setzen jedoch sehr detailliertes Informationssicherheitswissen und genaue Kenntnisse des tats{\"a}chlichen Unternehmensumfeldes voraus. Die inad{\"a}quate Umsetzung von ISRM gef{\"a}hrdet die planm{\"a}{\ss}ige Umsetzung der Unternehmensstrategie und kann zu einer Minderung des Unternehmenswertes f{\"u}hren. Der vorliegende Beitrag pr{\"a}sentiert das AURUM Tool, welches die Schwachstellen bestehender Ans{\"a}tze adressiert und Entscheidungstr{\"a}ger bei der Auswahl eines effizienten IT-Sicherheitsportfolios unter Ber{\"u}cksichtigung organisationsspezifischer, technischer und wirtschaftlicher Anforderungen unterst{\"u}tzt.
  • Ontology-based Decision Support for Information Security Risk Management (2009)
    • INPROCEEDINGS--
    • Andreas Ekelhart and Stefan Fenz and Thomas Neubauer
    • International Conference on Systems, 2009. ICONS 2009.
    @INPROCEEDINGS{Ekelhart_OntologybasedDecisionSupport_2009,
       author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer},
       title = {Ontology-based Decision Support for Information Security Risk Management},
       booktitle = {International Conference on Systems,
       2009. ICONS 2009.},
       year = {2009},
       month = {3},
       abstract = {As eBusiness and eCommerce applications are increasingly exposed to a variety of information security threats,
       corporate decision makers are increasingly forced to pay attention to security issues. Risk management provides an effective approach for measuring the security but existing risk management approaches come with major shortcomings such as the demand for very detailed knowledge about the IT security domain and the actual company environment. This paper presents the implementation of the AURUM methodology into a software solution which addresses the identified shortcomings of existing information security risk management software solutions. Thereby,
       the presented approach supports decision makers in risk assessment,
       risk mitigation,
       and safeguard evaluation.},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2009 - Ekelhart - Ontology-based Decision Support for Information Security Risk Management.pdf},
       pages = {80-85},
       publisher = {IEEE Computer Society},
    }
    As eBusiness and eCommerce applications are increasingly exposed to a variety of information security threats, corporate decision makers are increasingly forced to pay attention to security issues. Risk management provides an effective approach for measuring the security but existing risk management approaches come with major shortcomings such as the demand for very detailed knowledge about the IT security domain and the actual company environment. This paper presents the implementation of the AURUM methodology into a software solution which addresses the identified shortcomings of existing information security risk management software solutions. Thereby, the presented approach supports decision makers in risk assessment, risk mitigation, and safeguard evaluation.
  • Information Security Risk Management: In which security solutions is it worth investing? (2011)
    • ARTICLE-true
    • Stefan Fenz and Andreas Ekelhart and Thomas Neubauer
    • Communications of the Association for Information Systems
    @ARTICLE{Fenz2011a,
       author = {Stefan Fenz and Andreas Ekelhart and Thomas Neubauer},
       authorhotlist = {true},
       title = {Information Security Risk Management: In which security solutions is it worth investing?},
       journal = {Communications of the Association for Information Systems},
       year = {2011},
       month = {5},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2011 - Fenz - Information Security Risk Management In Which Security Solutions Is It Worth Investing.pdf},
       volume = {28},
       pages = {329-356},
    }
  • Using Semantic Technologies for Energy-efficient Building Planning (2012)
    • INPROCEEDINGS--
    • Stefan Fenz and Thomas Neubauer and Amin Anjomshoaa and Ulrich Pont and Ardeshir Mahdavi and A Min Tjoa
    • 2012 IEEE Green Technologies Conference
    @INPROCEEDINGS{Fenz2012Using,
       author = {Stefan Fenz and Thomas Neubauer and Amin Anjomshoaa and Ulrich Pont and Ardeshir Mahdavi and {A Min} Tjoa},
       title = {Using Semantic Technologies for Energy-efficient Building Planning},
       booktitle = {2012 IEEE Green Technologies Conference},
       year = {2012},
       month = {4},
    }
  • FORISK: Formalizing Information Security Risk and Compliance Management (2013)
    • INPROCEEDINGS--
    • Stefan Fenz and Thomas Neubauer and Rafael Accorsi and Thomas Koslowski
    • International Conference on Dependable Systems and Networks (DSN 2013)
    @INPROCEEDINGS{Fenz2013FORISK,
       author = {Stefan Fenz and Thomas Neubauer and Rafael Accorsi and Thomas Koslowski},
       title = {FORISK: Formalizing Information Security Risk and Compliance Management},
       booktitle = {International Conference on Dependable Systems and Networks (DSN 2013)},
       year = {2013},
       month = {6},
    }
  • Cloud-Sicherheit. Leitfaden für Behörden und Klein- und Mittelbetriebe (2014)
    • INBOOK--
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa and Gerald Quirchmayr and Alexander Schatten and E. Neuhold and J. Goellner and C. Meurers and W. Hitz
    • -
    @INBOOK{Fenz2014CloudSicherheit,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa and Gerald Quirchmayr and Alexander Schatten and E. Neuhold and J. Goellner and C. Meurers and W. Hitz},
       title = {Cloud-Sicherheit. Leitfaden für Behörden und Klein- und Mittelbetriebe},
       booktitle = {Schriftenreihe der Landesverteidigungsakademie,
       Landesverteidigungsakademie},
       year = {2014},
       pdf = {http://www.bundesheer.at/pdf_pool/publikationen/08_cs.pdf},
    }
  • Current challenges in information security risk management (2014)
    • ARTICLE--
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer and Fabian Pechstein
    • Information Management and Computer Security
    @ARTICLE{Fenz2014Current,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer and Fabian Pechstein},
       title = {Current challenges in information security risk management},
       journal = {Information Management and Computer Security},
       year = {2014},
       volume = {22},
       pages = {410--430},
    }
  • De-identification of unstructured paper-based health records for privacy-preserving secondary use (2014)
    • ARTICLE--
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer and Antonio Rella
    • Journal of Medical Engineering and Technology
    @ARTICLE{Fenz2014Deidentification,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer and Antonio Rella},
       title = {De-identification of unstructured paper-based health records for privacy-preserving secondary use},
       journal = {Journal of Medical Engineering and Technology},
       year = {2014},
       volume = {38},
       pages = {260--268},
    }
  • SEMERGY.net: automatically identifying and optimizing energy-efficient building designs (2014)
    • ARTICLE--
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa and Neda Ghiassi and Ulrich Pont and Ardeshir Mahdavi
    • Computer Science - Research and Development
    @ARTICLE{Fenz2014SEMERGYnet,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa and Neda Ghiassi and Ulrich Pont and Ardeshir Mahdavi},
       title = {SEMERGY.net: automatically identifying and optimizing energy-efficient building designs},
       journal = {Computer Science - Research and Development},
       year = {2014},
       month = {11},
    }
  • How to increase the inventory efficiency in information security risk and compliance management (2015)
    • INPROCEEDINGS--
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer
    • European Conference on Information Systems (ECIS) 2015
    @INPROCEEDINGS{Fenz2015increase,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer},
       title = {How to increase the inventory efficiency in information security risk and compliance management},
       booktitle = {European Conference on Information Systems (ECIS) 2015},
       year = {2015},
       month = {5},
    }
  • Business Process-based Resource Importance Determination (2009)
    • INPROCEEDINGS-true
    • Stefan Fenz and Andreas Ekelhart and Thomas Neubauer
    • Proceedings of the 7th International Conference on Business Process Management (BPM 2009)
    @INPROCEEDINGS{Fenz_BusinessProcessbasedResource_2009,
       author = {Stefan Fenz and Andreas Ekelhart and Thomas Neubauer},
       authorhotlist = {true},
       title = {Business Process-based Resource Importance Determination},
       booktitle = {Proceedings of the 7th International Conference on Business Process Management (BPM 2009)},
       year = {2009},
       month = {1},
       abstract = {Information security risk management (ISRM) heavily depends on realistic impact values representing the resources importance in the overall organizational context. Although a variety of ISRM approaches have been proposed,
       well-founded methods that provide an answer to the following question are still missing: How can business processes be used to determine resources importance in the overall organizational context? We answer this question by measuring the actual importance level of resources based on business processes. Therefore,
       this paper presents our novel business process-based resource importance determination method which provides ISRM with an efficient and powerful tool for deriving realistic resource importance figures solely from existing business processes. The conducted evaluation has shown that the calculation results of the developed method comply to the results gained in traditional workshop-based assessments.},
       pages = {113-127},
       publisher = {Springer},
       note = {accepted for publication},
    }
    Information security risk management (ISRM) heavily depends on realistic impact values representing the resources importance in the overall organizational context. Although a variety of ISRM approaches have been proposed, well-founded methods that provide an answer to the following question are still missing: How can business processes be used to determine resources importance in the overall organizational context? We answer this question by measuring the actual importance level of resources based on business processes. Therefore, this paper presents our novel business process-based resource importance determination method which provides ISRM with an efficient and powerful tool for deriving realistic resource importance figures solely from existing business processes. The conducted evaluation has shown that the calculation results of the developed method comply to the results gained in traditional workshop-based assessments.
  • How to Determine Threat Probabilities Using Ontologies and Bayesian Networks (2009)
    • INPROCEEDINGS--
    • Stefan Fenz and Thomas Neubauer
    • CSIIRW 09: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research
    @INPROCEEDINGS{Fenz_HowtoDetermine_2009,
       author = {Stefan Fenz and Thomas Neubauer},
       title = {How to Determine Threat Probabilities Using Ontologies and Bayesian Networks},
       booktitle = {CSIIRW 09: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research},
       year = {2009},
       month = {1},
       abstract = {The subjective threat probability determination is one of the main reasons for an inadequate information security strategy endangering the organization in performing its mission. To address the problem this research project proposes an ontology- and Bayesian-based approach for determining asset-specific and comprehensible threat probabilities. The elaborated concepts enable risk managers to comprehensibly quantify the current security status of their organization.},
       publisher = {ACM},
    }
    The subjective threat probability determination is one of the main reasons for an inadequate information security strategy endangering the organization in performing its mission. To address the problem this research project proposes an ontology- and Bayesian-based approach for determining asset-specific and comprehensible threat probabilities. The elaborated concepts enable risk managers to comprehensibly quantify the current security status of their organization.
  • Improving the usability of energy simulation applications in processing common building performance inquiries (2012)
    • INPROCEEDINGS--
    • Neda Ghiassi and Ferial Shayeganfar and Ulrich Pont and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and A Min Tjoa
    • Simulace Budov a Techniky Prostredi
    @INPROCEEDINGS{Ghiassi2012Improving,
       author = {Neda Ghiassi and Ferial Shayeganfar and Ulrich Pont and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and {A Min} Tjoa},
       title = {Improving the usability of energy simulation applications in processing common building performance inquiries},
       booktitle = {Simulace Budov a Techniky Prostredi},
       year = {2012},
       month = {6},
    }
  • A comprehensive building model for performance-guided decision support (2013)
    • INPROCEEDINGS--
    • Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and A Min Tjoa
    • 2nd Central European Symposium on Building Physics (CESBP 2013)
    @INPROCEEDINGS{Ghiassi2013comprehensive,
       author = {Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and {A Min} Tjoa},
       title = {A comprehensive building model for performance-guided decision support},
       booktitle = {2nd Central European Symposium on Building Physics (CESBP 2013)},
       year = {2013},
       month = {9},
    }
  • Multi-objective optimization in the SEMERGY environment for sustainable building design and retrofit (2013)
    • INPROCEEDINGS--
    • Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and A Min Tjoa
    • 2nd Central European Symposium on Building Physics (CESBP 2013)
    @INPROCEEDINGS{Ghiassi2013Multiobjective,
       author = {Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and {A Min} Tjoa},
       title = {Multi-objective optimization in the SEMERGY environment for sustainable building design and retrofit},
       booktitle = {2nd Central European Symposium on Building Physics (CESBP 2013)},
       year = {2013},
       month = {9},
    }
  • Recognition and pseudonymisation of medical records for secondary use (2015)
    • ARTICLE--
    • Johannes Heurix and Stefan Fenz and Antonio Rella and Thomas Neubauer
    • Medical and Biological Engineering and Computing
    @ARTICLE{Heurix2015Recognition,
       author = {Johannes Heurix and Stefan Fenz and Antonio Rella and Thomas Neubauer},
       title = {Recognition and pseudonymisation of medical records for secondary use},
       journal = {Medical and Biological Engineering and Computing},
       year = {2015},
       month = {6},
       pdf = {http://link.springer.com/article/10.1007/s11517-015-1322-7},
    }
  • A taxonomy for privacy enhancing technologies (2015)
    • ARTICLE--
    • Johannes Heurix and Peter Zimmermann and Thomas Neubauer and Stefan Fenz
    • Computers and Security
    @ARTICLE{Heurix2015taxonomy,
       author = {Johannes Heurix and Peter Zimmermann and Thomas Neubauer and Stefan Fenz},
       title = {A taxonomy for privacy enhancing technologies},
       journal = {Computers and Security},
       year = {2015},
       month = {9},
       pdf = {http://www.sciencedirect.com/science/article/pii/S0167404815000668},
    }
  • A Hybrid Approach integrating Encryption and Pseudonymization for Protecting Electronic Health Records (2011)
    • INPROCEEDINGS-true
    • Johannes Heurix and Michael Karlinger and Michael Schrefl and Thomas Neubauer
    • Proceedings of the Eighth IASTED International Conference on Biomedical Engineering
    @INPROCEEDINGS{Heurix_A_Hybrid_Approach_integrating__2011,
       author = {Johannes Heurix and Michael Karlinger and Michael Schrefl and Thomas Neubauer},
       authorhotlist = {true},
       title = {A Hybrid Approach integrating Encryption and Pseudonymization for Protecting Electronic Health Records},
       booktitle = {Proceedings of the Eighth IASTED International Conference on Biomedical Engineering},
       year = {2011},
       month = {2},
    }
  • A Rule Based Transformation System for Converting Semi Structured Medical Documents (2013)
    • ARTICLE--
    • Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer
    • Health and Technology
    @ARTICLE{Heurix_A_Rule_Based_Transformation_Sy_2013,
       author = {Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer},
       title = {A Rule Based Transformation System for Converting Semi Structured Medical Documents},
       journal = {Health and Technology},
       year = {2013},
       month = {1},
       volume = {3},
       number = {1},
    }
  • Massenpseudonymisierung von pers{\"o}nlichen medizinischen Daten (2009)
    • INPROCEEDINGS--
    • Johannes Heurix and Thomas Neubauer
    • DACH Security
    @INPROCEEDINGS{Heurix_Massenpseudonymisierungvonpersoenlichen_2009,
       author = {Johannes Heurix and Thomas Neubauer},
       title = {Massenpseudonymisierung von pers{\"o}nlichen medizinischen Daten},
       booktitle = {DACH Security},
       year = {2009},
       month = {1},
    }
  • On the Security of Outsourced and Untrusted Databases (2010)
    • INPROCEEDINGS--
    • Johannes Heurix and Thomas Neubauer
    • IEEE ACIS International Conference on Computer and Information Science
    @INPROCEEDINGS{Heurix_On_the_Security_of_Outsourced__2010,
       author = {Johannes Heurix and Thomas Neubauer},
       title = {On the Security of Outsourced and Untrusted Databases},
       booktitle = {IEEE ACIS International Conference on Computer and Information Science},
       year = {2010},
       month = {9},
       abstract = {The outsourcing of databases to third parties has become a viable alternative to traditional in-house data management. Database management by third parties including the storage and maintenance allows companies to reduce their expenses and profit from the expertise of data storage specialists. However,
       the price is the transfer of confidential data to third parties. The data owners need to trust the third party that data is stored (i) confidentially,
       such that the service providers cannot profit from passing the data to unauthorized parties,
       and (ii) in a correct and untampered state. This work identifies security issues that data owners have to face when it comes to database outsourcing. We provide an overview of existing techniques for solving the confidentiality and integrity problem and point out the limitations of these approaches. Thereby,
       this work aims to support decision makers who are confronted with the outsourcing question.},
       pages = {125-132},
    }
    The outsourcing of databases to third parties has become a viable alternative to traditional in-house data management. Database management by third parties including the storage and maintenance allows companies to reduce their expenses and profit from the expertise of data storage specialists. However, the price is the transfer of confidential data to third parties. The data owners need to trust the third party that data is stored (i) confidentially, such that the service providers cannot profit from passing the data to unauthorized parties, and (ii) in a correct and untampered state. This work identifies security issues that data owners have to face when it comes to database outsourcing. We provide an overview of existing techniques for solving the confidentiality and integrity problem and point out the limitations of these approaches. Thereby, this work aims to support decision makers who are confronted with the outsourcing question.
  • Pseudonymization with Metadata Encryption for Privacy-Preserving Searchable Documents (2012)
    • INPROCEEDINGS--
    • Johannes Heurix and Michael Karlinger and Thomas Neubauer
    • Hawaii International Conference on System Sciences
    @INPROCEEDINGS{Heurix_Pseudonymization_with_Metadata_2012,
       author = {Johannes Heurix and Michael Karlinger and Thomas Neubauer},
       title = {Pseudonymization with Metadata Encryption for Privacy-Preserving Searchable Documents},
       booktitle = {Hawaii International Conference on System Sciences},
       year = {2012},
       month = {1},
       pages = {3011-3020},
       publisher = {IEEE Computer Society},
    }
  • Zentralisierte Pseudonymisierung von medizinischen Patientendaten (2009)
    • INPROCEEDINGS--
    • Johannes Heurix and Thomas Neubauer and Thomas Mueck
    • Tagungsband e-Health 2009
    @INPROCEEDINGS{Heurix_ZentralisiertePseudonymisierungvon_2009,
       author = {Johannes Heurix and Thomas Neubauer and Thomas Mueck},
       title = {Zentralisierte Pseudonymisierung von medizinischen Patientendaten},
       booktitle = {Tagungsband e-Health 2009},
       year = {2009},
       month = {1},
    }
  • A Roadmap to Risk-Aware Business Process Management (2009)
    • INPROCEEDINGS--
    • Simon Tjoa and Thomas Neubauer and Stefan Jakoubi
    • APSCC
    @INPROCEEDINGS{Jakoubi_RoadmaptoRiskAware_2009,
       author = {Simon Tjoa and Thomas Neubauer and Stefan Jakoubi},
       title = {A Roadmap to Risk-Aware Business Process Management},
       booktitle = {APSCC},
       year = {2009},
       month = {1},
    }
  • Model-driven Development Meets Security: An Evaluation of Current Approaches (2011)
    • INPROCEEDINGS-true
    • Kresimir Kasal and Johannes Heurix and Thomas Neubauer
    • Proceedings of the 44nd Hawaii International Conference on System Sciences
    @INPROCEEDINGS{Kasal_Model_driven_Development_Meets_2011,
       author = {Kresimir Kasal and Johannes Heurix and Thomas Neubauer},
       authorhotlist = {true},
       title = {Model-driven Development Meets Security: An Evaluation of Current Approaches},
       booktitle = {Proceedings of the 44nd Hawaii International Conference on System Sciences},
       year = {2011},
       month = {1},
       pages = {268},
    }
  • The Handbook of Computer Networks (2007)
    • INBOOK--
    • Edgar R. Weippl and Markus Klemen and Thomas Neubauer
    • Wiley
    @INBOOK{Klemen_BusinessRequirementsofBackupSystems_2007,
       author = {{Edgar R.} Weippl and Markus Klemen and Thomas Neubauer},
       title = {The Handbook of Computer Networks},
       year = {2007},
       month = {1},
       chapter = {Business Requirements of Backup Systems},
       publisher = {Wiley},
    }
  • The Role of ICT in a Low Carbon Society (2015)
    • ARTICLE--
    • M. Koenigsmayr and Thomas Neubauer
    • IEEE Technology and Society Magazine
    @ARTICLE{Koenigsmayr2015Role,
       author = {M. Koenigsmayr and Thomas Neubauer},
       title = {The Role of ICT in a Low Carbon Society},
       journal = {IEEE Technology and Society Magazine},
       year = {2015},
       month = {3},
       volume = {34},
       pages = {39--44},
    }
  • Exploring the utility of semantic web technology in building performance simulation (2012)
    • INPROCEEDINGS--
    • Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa
    • BauSIM 2012 - Gebäudesimulation auf den Größenskalen Bauteil, Raum, Gebäude, Stadtquartier
    @INPROCEEDINGS{Mahdavi2012Exploring,
       author = {Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa},
       title = {Exploring the utility of semantic web technology in building performance simulation},
       booktitle = {BauSIM 2012 - Gebäudesimulation auf den Größenskalen Bauteil,
       Raum,
       Gebäude,
       Stadtquartier},
       year = {2012},
       month = {5},
    }
  • An ontological model for construction concepts (2012)
    • ARTICLE--
    • Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa
    • eWork and eBusiness in Architecture, Engineering and Construction: Ecppm 2012
    @ARTICLE{Mahdavi2012ontological,
       author = {Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa},
       title = {An ontological model for construction concepts},
       journal = {eWork and eBusiness in Architecture,
       Engineering and Construction: Ecppm 2012},
       year = {2012},
       month = {7},
    }
  • SEMERGY: Semantic web technology support for comprehensive building design assessment (2012)
    • ARTICLE--
    • Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa
    • eWork and eBusiness in Architecture, Engineering and Construction
    @ARTICLE{Mahdavi2012SEMERGY,
       author = {Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa},
       title = {SEMERGY: Semantic web technology support for comprehensive building design assessment},
       journal = {eWork and eBusiness in Architecture,
       Engineering and Construction},
       year = {2012},
       month = {7},
       pages = {363--370},
    }
  • A methodology for the pseudonymization of medical data (2010)
    • ARTICLE-true
    • Johannes Heurix and Thomas Neubauer
    • International Journal of Medical Informatics
    @ARTICLE{Neubauer_A_methodology_for_the_pseudony_2010,
       author = {Johannes Heurix and Thomas Neubauer},
       authorhotlist = {true},
       title = {A methodology for the pseudonymization of medical data},
       journal = {International Journal of Medical Informatics},
       year = {2010},
       month = {10},
       volume = {80},
       pages = {190-204},
    }
  • A Roadmap for personal identity management (2010)
    • INPROCEEDINGS--
    • Johannes Heurix and Thomas Neubauer
    • Fifth International Conference on Systems
    @INPROCEEDINGS{Neubauer_A_Roadmap_for_personal_identit_2010,
       author = {Johannes Heurix and Thomas Neubauer},
       title = {A Roadmap for personal identity management},
       booktitle = {Fifth International Conference on Systems},
       year = {2010},
       month = {4},
       pages = {134-139},
    }
  • Business {P}rocess-based {V}aluation of {IT}-{S}ecurity (2005)
    • INPROCEEDINGS--
    • Markus Klemen and Stefan Biffl and Thomas Neubauer
    • International {ACM} {C}onference on {S}oftware {E}ngineering, {P}roceedings of the seventh international workshop on economics-driven software engineering research ({EDSER}'05)
    @INPROCEEDINGS{Neubauer_BusinessProcessbasedValuation_2005,
       author = {Markus Klemen and Stefan Biffl and Thomas Neubauer},
       title = {Business {P}rocess-based {V}aluation of {IT}-{S}ecurity},
       booktitle = {International {ACM} {C}onference on {S}oftware {E}ngineering,
       {P}roceedings of the seventh international workshop on economics-driven software engineering research ({EDSER}'05)},
       year = {2005},
       month = {1},
    }
  • Business Process Based Valuation and Selection of IT Investments, Development and Implementation of a Method for the Interactive Selection of IT Investments under Multiple Objectives (2007)
    • THESIS--
    • Thomas Neubauer
    • -
    @THESIS{Neubauer_BusinessProcessBased_2007,
       author = {Thomas Neubauer},
       title = {Business Process Based Valuation and Selection of IT Investments,
       Development and Implementation of a Method for the Interactive Selection of IT Investments under Multiple Objectives},
       booktitle = {Dissertation},
       year = {2007},
       month = {10},
    }
  • A Comparison of Security Safeguard Selection Methods (2009)
    • INPROCEEDINGS--
    • Thomas Neubauer
    • Proceedings of the 11th International Conference on Enterprise Information Systems
    @INPROCEEDINGS{Neubauer_ComparisonofSecurity_2009,
       author = {Thomas Neubauer},
       title = {A Comparison of Security Safeguard Selection Methods},
       booktitle = {Proceedings of the 11th International Conference on Enterprise Information Systems},
       year = {2009},
       month = {1},
       pages = {320-323},
    }
  • Defining Secure Business Processes with Respect to Multiple Objectives (2008)
    • INPROCEEDINGS--
    • Johannes Heurix and Thomas Neubauer
    • {P}roceedings of the {T}hird {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity {ARES}
    @INPROCEEDINGS{Neubauer_DefiningSecureBusiness_2008,
       author = {Johannes Heurix and Thomas Neubauer},
       title = {Defining Secure Business Processes with Respect to Multiple Objectives},
       booktitle = {{P}roceedings of the {T}hird {I}nternational {C}onference on {A}vailability,
       {R}eliability and {S}ecurity {ARES}},
       year = {2008},
       month = {1},
       publisher = {IEEE Computer Society},
    }
  • Digitale {P}{D}{F}-{S}ignaturen mit der {B}\"urgerkarte (2006)
    • INPROCEEDINGS--
    • Edgar R. Weippl and Thomas Neubauer and Arno Hollosi
    • Proceedings of D-A-CH Security 2006
    @INPROCEEDINGS{Neubauer_DigitalePDFSignaturenmit_2006,
       author = {{Edgar R.} Weippl and Thomas Neubauer and Arno Hollosi},
       title = {Digitale {P}{D}{F}-{S}ignaturen mit der {B}\"urgerkarte},
       booktitle = {Proceedings of D-A-CH Security 2006},
       year = {2006},
       month = {1},
    }
  • Digital Signatures with Familiar Appearance for e-Government Documents: Authentic PDF (2006)
    • INPROCEEDINGS--
    • Edgar R. Weippl and Stefan Biffl and Thomas Neubauer
    • Proceedings of the International Conference on Availability, Reliability and Security (ARES'06)
    @INPROCEEDINGS{Neubauer_DigitalSignatureswith_2006,
       author = {{Edgar R.} Weippl and Stefan Biffl and Thomas Neubauer},
       title = {Digital Signatures with Familiar Appearance for e-Government Documents: Authentic PDF},
       booktitle = {Proceedings of the International Conference on Availability,
       Reliability and Security (ARES'06)},
       year = {2006},
       month = {1},
       pages = {723-731},
    }
  • An Empirical Study about the Status of Business Process Management (2009)
    • ARTICLE--
    • Thomas Neubauer
    • Business Process Management Journal
    @ARTICLE{Neubauer_EmpiricalStudyabout_2009,
       author = {Thomas Neubauer},
       title = {An Empirical Study about the Status of Business Process Management},
       journal = {Business Process Management Journal},
       year = {2009},
       month = {1},
       volume = {15},
       number = {2},
       pages = {166-183},
    }
  • Entscheidungsunterstützung für die Auswahl von Softwarekomponenten bei mehrfachen Zielsetzungen (2007)
    • INPROCEEDINGS--
    • Thomas Neubauer and Christian Stummer
    • Tagungsband Wirtschaftsinformatik
    @INPROCEEDINGS{Neubauer_Entscheidungsunterstuetzungfuerdie_2007,
       author = {Thomas Neubauer and Christian Stummer},
       title = {Entscheidungsunterstützung für die Auswahl von Softwarekomponenten bei mehrfachen Zielsetzungen},
       booktitle = {Tagungsband Wirtschaftsinformatik},
       year = {2007},
       month = {1},
    }
  • Extending Business Process Management to Determine Efficient IT Investments (2007)
    • INPROCEEDINGS--
    • Thomas Neubauer and Christian Stummer
    • Proceedings of the 2007 ACM Symposium on Applied Computing
    @INPROCEEDINGS{Neubauer_ExtendingBusinessProcess_2007,
       author = {Thomas Neubauer and Christian Stummer},
       title = {Extending Business Process Management to Determine Efficient IT Investments},
       booktitle = {Proceedings of the 2007 ACM Symposium on Applied Computing},
       year = {2007},
       month = {1},
    }
  • Gesch\"aftsprozessmanagement -{E}ine empirische {S}tudie zum {S}tatus quo in \"Osterreich, der {S}chweiz und {D}eutschland (2005)
    • ARTICLE--
    • Stefan Biffl and Thomas Neubauer
    • O{CG} {J}ournal
    @ARTICLE{Neubauer_GeschaftsprozessmanagementEineempirische_2005,
       author = {Stefan Biffl and Thomas Neubauer},
       title = {Gesch\"aftsprozessmanagement -{E}ine empirische {S}tudie zum {S}tatus quo in \"Osterreich,
       der {S}chweiz und {D}eutschland},
       journal = {O{CG} {J}ournal},
       year = {2005},
       month = {1},
       volume = {5},
    }
  • Improving Patients Privacy with Pseudonymization (2008)
    • INPROCEEDINGS--
    • Thomas Neubauer and Bernhard Riedl
    • Proceedings of the International Congress of the European Federation for Medical Informatics
    @INPROCEEDINGS{Neubauer_ImprovingPatientsPrivacy_2008,
       author = {Thomas Neubauer and Bernhard Riedl},
       title = {Improving Patients Privacy with Pseudonymization},
       booktitle = {Proceedings of the International Congress of the European Federation for Medical Informatics},
       year = {2008},
       month = {1},
    }
  • Interactive Decision Support for multiobjective COTS Selection (2007)
    • INPROCEEDINGS-true
    • Thomas Neubauer and Christian Stummer
    • Proceedings of the 40th Hawaii International Conference on System Sciences, HICSS2007
    @INPROCEEDINGS{Neubauer_InteractiveDecisionSupport_2007,
       author = {Thomas Neubauer and Christian Stummer},
       authorhotlist = {true},
       title = {Interactive Decision Support for multiobjective COTS Selection},
       booktitle = {Proceedings of the 40th Hawaii International Conference on System Sciences,
       HICSS2007},
       year = {2007},
       month = {1},
    }
  • Interactive Selection of ISO 27001 Controls under Multiple Objectives (2008)
    • INPROCEEDINGS--
    • Thomas Neubauer and Andreas Ekelhart and Stefan Fenz
    • Proceedings of the Ifip Tc 11 23rd International Information Security Conference, IFIPSec 2008
    @INPROCEEDINGS{Neubauer_InteractiveSelectionof_2008,
       author = {Thomas Neubauer and Andreas Ekelhart and Stefan Fenz},
       title = {Interactive Selection of ISO 27001 Controls under Multiple Objectives},
       booktitle = {Proceedings of the Ifip Tc 11 23rd International Information Security Conference,
       IFIPSec 2008},
       year = {2008},
       month = {7},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2008 - Neubauer - Interactive Selection of ISO 27001 Controls under Multiple Objectives.pdf},
       volume = {278_2008},
       pages = {477--492},
       publisher = {Springer},
    }
  • Interactive selection of Web services under multiple objectives (2009)
    • ARTICLE--
    • Thomas Neubauer and Christian Stummer
    • Information Technology and Management
    @ARTICLE{Neubauer_Interactiveselectionof_2009,
       author = {Thomas Neubauer and Christian Stummer},
       title = {Interactive selection of Web services under multiple objectives},
       journal = {Information Technology and Management},
       year = {2009},
       month = {1},
       abstract = {Abstract\ \ The manual composition of efficient combinations of Web services becomes almost impossible as the number of services increases dramatically. When determining an appropriate set of services,
       managers must take into consideration given business processes,
       business strategy and multiple Quality of Service (QoS) objectives while ensuring the cost-efficient usage of limited resources. Because the agility with which new business requirements are adapted has a major influence on business success and poor investment decisions may thus entail corporate failure,
       decision makers are experiencing growing pressure to prove the value of IT investments---but they often lack appropriate multicriteria decision support tools. This paper introduces a new decision support approach that more properly addresses these challenges. We implemented this approach into a tool and evaluated the performance of two popular methods (i.e.,
       the Analytic Hierarchy Process and the Weighted Scoring Method) by means of a real-life case study in the social security sector. It turns out that the decision support system assists decision makers in identifying investments that more precisely target their company's business needs by allowing them to interactively determine and continually optimize service allocation according to the corporate business processes and multiple (strategic) objectives.},
    }
    Abstract\ \ The manual composition of efficient combinations of Web services becomes almost impossible as the number of services increases dramatically. When determining an appropriate set of services, managers must take into consideration given business processes, business strategy and multiple Quality of Service (QoS) objectives while ensuring the cost-efficient usage of limited resources. Because the agility with which new business requirements are adapted has a major influence on business success and poor investment decisions may thus entail corporate failure, decision makers are experiencing growing pressure to prove the value of IT investments---but they often lack appropriate multicriteria decision support tools. This paper introduces a new decision support approach that more properly addresses these challenges. We implemented this approach into a tool and evaluated the performance of two popular methods (i.e., the Analytic Hierarchy Process and the Weighted Scoring Method) by means of a real-life case study in the social security sector. It turns out that the decision support system assists decision makers in identifying investments that more precisely target their company's business needs by allowing them to interactively determine and continually optimize service allocation according to the corporate business processes and multiple (strategic) objectives.
  • Interaktive Portfolioauswahl im IT-Servicemanagement (2009)
    • ARTICLE--
    • Thomas Neubauer and Christian Stummer
    • HMD - Praxis der Wirtschaftsinformatik
    @ARTICLE{Neubauer_InteraktivePortfolioauswahlim_2009,
       author = {Thomas Neubauer and Christian Stummer},
       title = {Interaktive Portfolioauswahl im IT-Servicemanagement},
       journal = {HMD - Praxis der Wirtschaftsinformatik},
       year = {2009},
       month = {1},
       volume = {256},
       pages = {48-55},
    }
  • Multiobjective Decision Support for defining Secure Business Processes: A Case Study (2008)
    • ARTICLE--
    • Johannes Heurix and Thomas Neubauer
    • International Journal of Business Intelligence and Data Mining
    @ARTICLE{Neubauer_MultiobjectiveDecisionSupport_2008_full,
       author = {Johannes Heurix and Thomas Neubauer},
       title = {Multiobjective Decision Support for defining Secure Business Processes: A Case Study},
       journal = {International Journal of Business Intelligence and Data Mining},
       year = {2008},
       month = {1},
       volume = {3},
       number = {2},
       pages = {177-195},
       publisher = {OCG},
    }
  • Multiobjective Selection of Software Components: A Case Study (2008)
    • INPROCEEDINGS--
    • Thomas Neubauer and Christian Stummer and Jan Pichler
    • Proceedings of the IEEE Asia-Pacific Services Computing Conference
    @INPROCEEDINGS{Neubauer_MultiobjectiveSelectionof_2008,
       author = {Thomas Neubauer and Christian Stummer and Jan Pichler},
       title = {Multiobjective Selection of Software Components: A Case Study},
       booktitle = {Proceedings of the IEEE Asia-Pacific Services Computing Conference},
       year = {2008},
       month = {1},
    }
  • Objective Types for the Valuation of Secure Business Processes (2008)
    • INPROCEEDINGS--
    • Johannes Heurix and Thomas Neubauer
    • Proceedings of the 7th IEEE/ACIS International Conference on Computer and Information Science
    @INPROCEEDINGS{Neubauer_ObjectiveTypesValuation_2008,
       author = {Johannes Heurix and Thomas Neubauer},
       title = {Objective Types for the Valuation of Secure Business Processes},
       booktitle = {Proceedings of the 7th IEEE/ACIS International Conference on Computer and Information Science},
       year = {2008},
       month = {1},
       publisher = {IEEE Computer Society},
    }
  • PIPE: Ein System zur Pseudonymisierung von Gesundheitsdaten (2008)
    • INPROCEEDINGS--
    • Thomas Neubauer and Thomas Mueck
    • Proceedings of e-Health 2008
    @INPROCEEDINGS{Neubauer_PIPEEinSystem_2008,
       author = {Thomas Neubauer and Thomas Mueck},
       title = {PIPE: Ein System zur Pseudonymisierung von Gesundheitsdaten},
       booktitle = {Proceedings of e-Health 2008},
       year = {2008},
       month = {1},
    }
  • A Process Model for RFID based Business Process Analysis (2009)
    • INPROCEEDINGS--
    • Gernot Goluch and Simon Tjoa and Thomas Neubauer and Stefan Jakoubi and Martin Wisser
    • APSCC
    @INPROCEEDINGS{Neubauer_ProcessModelRFID_2009,
       author = {Gernot Goluch and Simon Tjoa and Thomas Neubauer and Stefan Jakoubi and Martin Wisser},
       title = {A Process Model for RFID based Business Process Analysis},
       booktitle = {APSCC},
       year = {2009},
       month = {1},
    }
  • Pseudonymisierung fuer die datenschutzkonforme Speicherung medizinischer Daten (2010)
    • ARTICLE--
    • Thomas Neubauer
    • Elektrotechnik und Informationstechnik
    @ARTICLE{Neubauer_Pseudonymisierungfuerdie_2010,
       author = {Thomas Neubauer},
       title = {Pseudonymisierung fuer die datenschutzkonforme Speicherung medizinischer Daten},
       journal = {Elektrotechnik und Informationstechnik},
       year = {2010},
       month = {1},
    }
  • Pseudonymisierung zur sicheren Umsetzung des elektronischen Gesundheitsakts (2007)
    • ARTICLE--
    • Thomas Neubauer and Bernhard Riedl and Thomas Mueck
    • OCG Journal
    @ARTICLE{Neubauer_Pseudonymisierungzursicheren_2007,
       author = {Thomas Neubauer and Bernhard Riedl and Thomas Mueck},
       title = {Pseudonymisierung zur sicheren Umsetzung des elektronischen Gesundheitsakts},
       journal = {OCG Journal},
       year = {2007},
       month = {1},
       volume = {4},
    }
  • Pseudonymisierung für die datenschutzkonforme Speicherung medizinischer Daten (2010)
    • ARTICLE--
    • Thomas Neubauer and Johannes Heurix and A Min Tjoa and Edgar R. Weippl
    • Elektrotechnik und Informationstechnik
    @ARTICLE{Neubauer_Pseudonymisierung_f_r_die_date_2010,
       author = {Thomas Neubauer and Johannes Heurix and {A Min} Tjoa and {Edgar R.} Weippl},
       title = {Pseudonymisierung für die datenschutzkonforme Speicherung medizinischer Daten},
       journal = {Elektrotechnik und Informationstechnik},
       year = {2010},
       month = {5},
       volume = {127},
       number = {5},
       pages = {135-142},
    }
  • A Research Agenda for Autonomous Business Process Management (2007)
    • INPROCEEDINGS--
    • Gernot Goluch and Thomas Neubauer and Bernhard Riedl
    • {P}roceedings of the {S}econd {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity {ARES}
    @INPROCEEDINGS{Neubauer_ResearchAgendaAutonomous_2007,
       author = {Gernot Goluch and Thomas Neubauer and Bernhard Riedl},
       title = {A Research Agenda for Autonomous Business Process Management},
       booktitle = {{P}roceedings of the {S}econd {I}nternational {C}onference on {A}vailability,
       {R}eliability and {S}ecurity {ARES}},
       year = {2007},
       month = {1},
       publisher = {IEEE Computer Society},
    }
  • Secure Business Process Management: A Roadmap (2006)
    • INPROCEEDINGS--
    • Markus Klemen and Stefan Biffl and Thomas Neubauer
    • Proceedings of the First International Conference on Availability, Reliability and Security (ARES)
    @INPROCEEDINGS{Neubauer_SecureBusinessProcess_2006,
       author = {Markus Klemen and Stefan Biffl and Thomas Neubauer},
       title = {Secure Business Process Management: A Roadmap},
       booktitle = {Proceedings of the First International Conference on Availability,
       Reliability and Security (ARES)},
       year = {2006},
       month = {1},
       pages = {457--464},
       publisher = {IEEE Computer Society},
    }
  • On the singularity of valuating IT security investments (2009)
    • INPROCEEDINGS--
    • Thomas Neubauer and Christian Hartl
    • IEEE/ACIS International Conference on Computer and Information Science
    @INPROCEEDINGS{Neubauer_singularityofvaluating_2009,
       author = {Thomas Neubauer and Christian Hartl},
       title = {On the singularity of valuating IT security investments},
       booktitle = {IEEE/ACIS International Conference on Computer and Information Science},
       year = {2009},
       month = {1},
       pages = {549 - 556},
    }
  • Technologies for the Pseudonymization of Medical Data: A Legal Evaluation (2009)
    • INPROCEEDINGS--
    • Thomas Neubauer
    • International Conference on Systems
    @INPROCEEDINGS{Neubauer_TechnologiesPseudonymizationof_2009,
       author = {Thomas Neubauer},
       title = {Technologies for the Pseudonymization of Medical Data: A Legal Evaluation},
       booktitle = {International Conference on Systems},
       year = {2009},
       month = {1},
       publisher = {IEEE Computer Society},
       note = {Best Paper Award},
    }
  • Value-{B}ased {D}ecision {S}upport in {S}oftware {E}ngineering (2004)
    • INPROCEEDINGS--
    • Thomas Neubauer
    • Proceedings of the Alpine {S}oftware {E}ngineering {W}orkshop 2004
    @INPROCEEDINGS{Neubauer_ValueBasedDecisionSupport_2004,
       author = {Thomas Neubauer},
       title = {Value-{B}ased {D}ecision {S}upport in {S}oftware {E}ngineering},
       booktitle = {Proceedings of the Alpine {S}oftware {E}ngineering {W}orkshop 2004},
       year = {2004},
       month = {1},
    }
  • Workshop-based Multiobjective {S}ecurity Safeguard Selection (2006)
    • INPROCEEDINGS--
    • Edgar R. Weippl and Thomas Neubauer and Christian Stummer
    • Proceedings of the irst International Conference on Availability, Reliability and Security (ARES)
    @INPROCEEDINGS{Neubauer_WorkshopbasedMultiobjectiveSecurity_2006,
       author = {{Edgar R.} Weippl and Thomas Neubauer and Christian Stummer},
       title = {Workshop-based Multiobjective {S}ecurity Safeguard Selection},
       booktitle = {Proceedings of the irst International Conference on Availability,
       Reliability and Security (ARES)},
       year = {2006},
       month = {1},
       pages = {366--373},
       publisher = {IEEE Computer Society},
    }
  • Workshop-based Risk Assessment for the Definition of Secure Business Processes (best paper award) (2010)
    • INPROCEEDINGS--
    • Thomas Neubauer and Markus Pehn
    • Second International Conference on Information, Process, and Knowledge Management
    @INPROCEEDINGS{Neubauer_Workshop_based_Risk_Assessment_2010,
       author = {Thomas Neubauer and Markus Pehn},
       title = {Workshop-based Risk Assessment for the Definition of Secure Business Processes (best paper award)},
       booktitle = {Second International Conference on Information,
       Process,
       and Knowledge Management},
       year = {2010},
       month = {2},
       pages = {74-79},
       note = {BIB says rated as B but no such event found in list},
    }
  • Workshop-based Security Safeguard Selection with AURUM (2011)
    • ARTICLE--
    • Thomas Neubauer and Markus Pehn
    • International Journal On Advances in Security
    @ARTICLE{Neubauer_Workshop_based_Security_Safegu_2011,
       author = {Thomas Neubauer and Markus Pehn},
       title = {Workshop-based Security Safeguard Selection with AURUM},
       journal = {International Journal On Advances in Security},
       year = {2011},
       month = {3},
       volume = {3},
       note = {According to BIB should be B rated but Journal not found},
    }
  • Recent advances in SEMERGY: A semantically enriched optimization environment for performance-guided building design and refurbishment (2013)
    • INPROCEEDINGS--
    • Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Mahnameh Taheri and Christian Sustr and Ardeshir Mahdavi and Johannes Heurix and Stefan Fenz and Amin Anjomshoaa and Thomas Neubauer and A Min Tjoa
    • Proceedings of the 2nd Central European Symposium on Building Physics
    @INPROCEEDINGS{Pont2013Recent,
       author = {Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Mahnameh Taheri and Christian Sustr and Ardeshir Mahdavi and Johannes Heurix and Stefan Fenz and Amin Anjomshoaa and Thomas Neubauer and {A Min} Tjoa},
       title = {Recent advances in SEMERGY: A semantically enriched optimization environment for performance-guided building design and refurbishment},
       booktitle = {Proceedings of the 2nd Central European Symposium on Building Physics},
       year = {2013},
       month = {9},
    }
  • Applying a Threshold Scheme to the Pseudonymization of Health Data (2007)
    • INPROCEEDINGS--
    • Thomas Neubauer and Bernhard Riedl and Veronika Grascher
    • Proceedings of the 13th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC'07)
    @INPROCEEDINGS{Riedl_ApplyingThresholdScheme_2007,
       author = {Thomas Neubauer and Bernhard Riedl and Veronika Grascher},
       title = {Applying a Threshold Scheme to the Pseudonymization of Health Data},
       booktitle = {Proceedings of the 13th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC'07)},
       year = {2007},
       month = {1},
    }
  • Data processing system for processing of object data (2007)
    • PATENT--
    • Thomas Neubauer and Bernhard Riedl and Oswald Boehm
    • -
    @PATENT{Riedl_Dataprocessingsystem_2007,
       author = {Thomas Neubauer and Bernhard Riedl and Oswald Boehm},
       title = {Data processing system for processing of object data},
       booktitle = {PCT-Provisional-Application},
       year = {2007},
       month = {1},
    }
  • Data processing system for processing of object data (2007)
    • PATENT--
    • Thomas Neubauer and Bernhard Riedl and Oswald Boehm
    • -
    @PATENT{Riedl_Dataprocessingsystem_2007a,
       author = {Thomas Neubauer and Bernhard Riedl and Oswald Boehm},
       title = {Data processing system for processing of object data},
       booktitle = {US-Provisional-Application},
       year = {2007},
       month = {1},
    }
  • Datenverarbeitungssystem zur {V}erarbeitung von {O}bjektdaten (2007)
    • PATENT--
    • Thomas Neubauer and Bernhard Riedl and Oswald Boehm
    • -
    @PATENT{Riedl_DatenverarbeitungssystemzurVerarbeitung_2007,
       author = {Thomas Neubauer and Bernhard Riedl and Oswald Boehm},
       title = {Datenverarbeitungssystem zur {V}erarbeitung von {O}bjektdaten},
       booktitle = {Austrian Patent,
       Nr. 503291,
       September},
       year = {2007},
       month = {1},
    }
  • Economic and Security Aspects of the Appliance of a Threshold Scheme in e-Health (2008)
    • INPROCEEDINGS--
    • Thomas Neubauer and Bernhard Riedl and Veronika Grascher and Mathias Kolb
    • {P}roceedings of the {T}hird {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity {ARES}
    @INPROCEEDINGS{Riedl_EconomicandSecurity_2008,
       author = {Thomas Neubauer and Bernhard Riedl and Veronika Grascher and Mathias Kolb},
       title = {Economic and Security Aspects of the Appliance of a Threshold Scheme in e-Health},
       booktitle = {{P}roceedings of the {T}hird {I}nternational {C}onference on {A}vailability,
       {R}eliability and {S}ecurity {ARES}},
       year = {2008},
       month = {1},
    }
  • Pseudonymization for improving the privacy in e-Health applications (2008)
    • INPROCEEDINGS-true
    • Stefan Fenz and Thomas Neubauer and Bernhard Riedl and Veronika Grascher
    • Proceedings of the 41st Hawaii International Conference on System Sciences, HICSS2008
    @INPROCEEDINGS{Riedl_Pseudonymizationimprovingprivacy_2008,
       author = {Stefan Fenz and Thomas Neubauer and Bernhard Riedl and Veronika Grascher},
       authorhotlist = {true},
       title = {Pseudonymization for improving the privacy in e-Health applications},
       booktitle = {Proceedings of the 41st Hawaii International Conference on System Sciences,
       HICSS2008},
       year = {2008},
       month = {1},
       pages = {255-264},
       publisher = {IEEE Computer Society},
       note = {978-0-7695-3075-8},
    }
  • A secure architecture for the pseudonymization of medical data (2007)
    • INPROCEEDINGS--
    • Gernot Goluch and Thomas Neubauer and Bernhard Riedl and Oswald Boehm and Gert Reinauer and Alexander Krumboeck
    • Proceedings of the Second International Conference on Availability, Reliability and Security (ARES)
    @INPROCEEDINGS{Riedl_securearchitecturepseudonymization_2007,
       author = {Gernot Goluch and Thomas Neubauer and Bernhard Riedl and Oswald Boehm and Gert Reinauer and Alexander Krumboeck},
       title = {A secure architecture for the pseudonymization of medical data},
       booktitle = {Proceedings of the Second International Conference on Availability,
       Reliability and Security (ARES)},
       year = {2007},
       month = {1},
       pages = {318-324},
    }
  • A Secure e-Health Architecture based on the Appliance of Pseudonymization (2008)
    • ARTICLE--
    • Thomas Neubauer and Bernhard Riedl and Veronika Grascher
    • Journal of Software
    @ARTICLE{Riedl_SecureeHealthArchitecture_2008,
       author = {Thomas Neubauer and Bernhard Riedl and Veronika Grascher},
       title = {A Secure e-Health Architecture based on the Appliance of Pseudonymization},
       journal = {Journal of Software},
       year = {2008},
       month = {1},
    }
  • An ontology-aided Optimization Approach to Eco-Efficient Building Design (2013)
    • INPROCEEDINGS--
    • Ferial Shayeganfar and Amin Anjomshoaa and Johannes Heurix and Christian Sustr and Neda Ghiassi and Ulrich Pont and Stefan Fenz and Thomas Neubauer and A Min Tjoa and Ardeshir Mahdavi
    • 13th International Conference of the International Building Performance Simulation Association
    @INPROCEEDINGS{Shayeganfar2013ontologyaided,
       author = {Ferial Shayeganfar and Amin Anjomshoaa and Johannes Heurix and Christian Sustr and Neda Ghiassi and Ulrich Pont and Stefan Fenz and Thomas Neubauer and {A Min} Tjoa and Ardeshir Mahdavi},
       title = {An ontology-aided Optimization Approach to Eco-Efficient Building Design},
       booktitle = {13th International Conference of the International Building Performance Simulation Association},
       year = {2013},
       month = {8},
    }
  • Automated Transformation of Semi-Structured Text Elements (2012)
    • INPROCEEDINGS--
    • Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer
    • AMCIS 2012 Proceedings
    @INPROCEEDINGS{_Automated_Transformation_of_Se_2012,
       author = {Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer},
       title = {Automated Transformation of Semi-Structured Text Elements},
       booktitle = {AMCIS 2012 Proceedings},
       year = {2012},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2012 - Heurix - Automated Transformation of Semi-Structured Text Elements.pdf},
       pages = {1-11},
    }
  • A rule-based transformation system for converting semi-structured medical documents (2013)
    • ARTICLE--
    • Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer
    • Health and Technology
    @ARTICLE{_A_rule_based_transformation_sy_2013,
       author = {Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer},
       title = {A rule-based transformation system for converting semi-structured medical documents},
       journal = {Health and Technology},
       year = {2013},
       month = {3},
       pages = {1-13},
       publisher = {Springer},
    }
  • PERiMETER pseudonymization and personal metadata encryption for privacy preserving searchable documents (2012)
    • ARTICLE--
    • Johannes Heurix and Michael Karlinger and Thomas Neubauer
    • Health Systems
    @ARTICLE{_PERiMETER_pseudonymization_and_2012,
       author = {Johannes Heurix and Michael Karlinger and Thomas Neubauer},
       title = {PERiMETER pseudonymization and personal metadata encryption for privacy preserving searchable documents},
       journal = {Health Systems},
       year = {2012},
       month = {6},
       volume = {1},
       number = {1},
       pages = {46-57},
    }
  • Privacy-Preserving Storage and Access of Medical Data through Pseudonymization and Encryption (2011)
    • INPROCEEDINGS--
    • Johannes Heurix and Thomas Neubauer
    • Trust, Privacy and Security in Digital Business - 8th International
    @INPROCEEDINGS{_Privacy_Preserving_Storage_and_2011,
       author = {Johannes Heurix and Thomas Neubauer},
       title = {Privacy-Preserving Storage and Access of Medical Data through Pseudonymization and Encryption},
       booktitle = {Trust,
       Privacy and Security in Digital Business - 8th International},
       year = {2011},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/Heurix_trustbus_2011.pdf},
       volume = {6863},
       pages = {186-197},
       publisher = {Springer},
    }
  • Recognition and Privacy Preservation of Paper-based Health Records (2012)
    • INPROCEEDINGS--
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer
    • Quality of Life through Quality of Information - Proceedings of MIE2012
    @INPROCEEDINGS{_Recognition_and_Privacy_Preser_2012,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer},
       title = {Recognition and Privacy Preservation of Paper-based Health Records},
       booktitle = {Quality of Life through Quality of Information - Proceedings of MIE2012},
       year = {2012},
       month = {8},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/2012 - Fenz - Recognition and Privacy Preservation of Paper-based Health Records.pdf},
       pages = {751-755},
       publisher = {European Federation for Medical Informatics and IOS Press},
    }
  • Recognition and Pseudonymization of Personal Data in Paper-based Health Records (2012)
    • INPROCEEDINGS--
    • Stefan Fenz and Johannes Heurix and Thomas Neubauer
    • 15th International Conference on Business Information Systems (BIS 2012)
    @INPROCEEDINGS{_Recognition_and_Pseudonymizati_2012,
       author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer},
       title = {Recognition and Pseudonymization of Personal Data in Paper-based Health Records},
       booktitle = {15th International Conference on Business Information Systems (BIS 2012)},
       year = {2012},
       month = {5},
       volume = {117},
       pages = {153-164},
       publisher = {Springer Berlin Heidelberg},
    }

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close