Stefan Jakoubi

@INPROCEEDINGS{Goluch_CASSISComputerbased_2007,
   author = {Gernot Goluch and Andreas Ekelhart and Stefan Fenz and Stefan Jakoubi and Bernhard Riedl and Simon Tjoa},
   title = {CASSIS - Computer-based Academy for Security and Safety in Information Systems},
   booktitle = {Proceedings of the 2nd Conference on Availability,
   Reliability and Security,
   ARES2007},
   year = {2007},
   month = {4},
   pdf = {2007 - Goluch - CASSIS.pdf},
   pages = {730--740},
   publisher = {IEEE Computer Society},
}

@INPROCEEDINGS{Goluch_IntegrationofOntological_2008,
   author = {Stefan Fenz and Andreas Ekelhart and Gernot Goluch and Simon Tjoa and Stefan Jakoubi and Thomas Mueck},
   authorhotlist = {true},
   title = {Integration of an Ontological Information Security Concept in Risk Aware Business Process Management},
   booktitle = {Proceedings of the 41st Hawaii International Conference on System Sciences,
   HICSS2008},
   year = {2008},
   month = {1},
   pages = {377-385},
   publisher = {IEEE Computer Society},
   note = {978-0-7695-3075-8},
}

@INPROCEEDINGS{Jakoubi_CISTA_2010,
   author = {Stefan Jakoubi and Simon Tjoa and Sigrun Goluch and Gerhard Kitzler},
   title = {Risk-Aware Business Process Management: Establishing the Link Between Business and Security},
   booktitle = {Complex Intelligent Systems and Their Applications},
   year = {2010},
   month = {1},
   pdf = {Jakoubi_CISTA_2010.pdf},
   volume = {41},
   pages = {109-135},
   publisher = {Springer New York},
}

@INPROCEEDINGS{Jakoubi_DerivingResourceRequirements_2008,
   author = {Gerald Quirchmayr and Gernot Goluch and Simon Tjoa and Stefan Jakoubi},
   authorhotlist = {true},
   title = {Deriving Resource Requirements Applying Risk-Aware Business Process Modeling and Simulation},
   booktitle = {Proceedings of the 16th European Conference on Information Systems (ECIS)},
   year = {2008},
   month = {1},
   abstract = {Today,
   companies face the challenge to effectively and efficiently perform their business processes as well as to guarantee their continuous operation. To meet the economic requirements,
   companies often consult business process management experts. The robustness and continuity of operations is separately considered in other domains such as business continuity management and risk management. The shortcoming of this separation is that in most cases a common reasoning and information basis is missing. With the risk-aware process modeling and simulation methodology named ROPE we fill this gap and combine the strengths of the aforementioned domains. In this paper,
   we present new ROPE simulation capabilities focusing on the determination of resource requirements considering the impact of occurring threats on business processes. Furthermore,
   we introduce an example scenario to clarify how a company can benefit from applying these extensions.},
}

@ARTICLE{Jakoubi_EnablingRiskAwareModeling_2007,
   author = {Gerald Quirchmayr and Simon Tjoa and Stefan Jakoubi},
   title = {Enabling the Risk-Aware Modeling and Simulation of Business Processes},
   journal = {JISSec - Journal of Information System Security},
   year = {2007},
   month = {1},
   abstract = {Risk management is essential regarding the maintenance of a company's business processes. The ability of companies to prevent risks as well as to respond quickly and appropriately to emerging threats is increasingly becoming a crucial success factor. In order to cope with these challenges,
   companies constitute business process and risk management approaches. Traditional business process management focuses on the economical optimization of processes. Apart from that,
   risk management provides the design of robust business processes to strengthen the resilience of daily business. Both domains aim at improving business performance,
   but they approach this goal from a different view on the understanding of improvement. Due to the fact that optimizing recommendations of business process management and risk management may be contradictory,
   we propose one unified method which integrates both points of views to enable risk-aware business process management and optimization. In this paper,
   we introduce the ROPE (Risk-Oriented Process Evaluation) methodology which combines capabilities of business process management,
   risk management and business continuity management to support the holistic evaluation of business processes not only regarding their economic efficiency but also their robustness and security. The basis for this combination is the refinement of business process activities into four atomic elements (Conditions,
   Actions,
   Resources and Environments) and a process-oriented way of modeling threats,
   preventive and reactive counter measures as well as recovery measures. In this paper we demonstrate how risk-aware business process management and simulation can be enabled through the application of the ROPE methodology.},
}

@INPROCEEDINGS{Jakoubi_ReferenceModelRiskAware_2009,
   author = {Stefan Jakoubi and Simon Tjoa},
   authorhotlist = {true},
   title = {A Reference Model for Risk-Aware Business Process Management},
   booktitle = {International Conference on Risks and Security of Internet and Systems},
   year = {2009},
   month = {1},
   pdf = {Jakoubi_ReferenceModelRiskAware_2009 (2).pdf},
   publisher = {IEEE},
}

@INBOOK{Jakoubi_Risk_Aware_Business_Process_Ma_2010,
   author = {Stefan Jakoubi and Simon Tjoa and Sigrun Goluch and Gerhard Kitzler},
   title = {Risk-Aware Business Process Management :Establishing the Link Between Business and Security},
   booktitle = {Complex Intelligent Systems and Their Applications},
   year = {2010},
   month = {8},
   volume = {41},
   pages = {109-135},
   publisher = {Springer New York},
   note = {Book},
}

@INPROCEEDINGS{Jakoubi_RoadmaptoRiskAware_2009,
   author = {Simon Tjoa and Thomas Neubauer and Stefan Jakoubi},
   authorhotlist = {true},
   title = {A Roadmap to Risk-Aware Business Process Management},
   booktitle = {APSCC},
   year = {2009},
   month = {1},
}

@INPROCEEDINGS{Jakoubi_ROPEMethodologyEnabling_2007,
   author = {Gerald Quirchmayr and Simon Tjoa and Stefan Jakoubi},
   authorhotlist = {true},
   title = {ROPE: A Methodology for Enabling the Risk-Aware Modeling and Simulation of Business Processes},
   booktitle = {Proceedings of the 15th European Conference on Information Systems (ECIS 2007)},
   year = {2007},
   month = {1},
   abstract = {Risk management is essential regarding the maintenance of a companys business processes. The ability of companies to prevent risks as well as to respond quickly and appropriately to emerging threats is increasingly becoming a crucial success factor. In order to cope with these challenges,
   companies constitute business process and risk management approaches. Traditional business process management focuses on the economical optimization of processes. Apart from that,
   risk management designs robust business processes to strengthen the resilience of daily business. Both domains try to improve business,
   but both approach this goal from a different view on the understanding of improvement. Due to the fact that optimizing recommendations of business process management and risk management may be contradictory,
   we propose one unified method that unites both points of views to enable risk-aware business process management and optimization. In this paper,
   we introduce the ROPE (Risk-Oriented Process Evaluation) methodology which combines capabilities of business process management,
   risk management and business continuity management to support the holistic evaluation of business processes not only regarding their economic efficiency but also their robustness and security. The basis for this combination are the refinement of business process activities into four atomic elements (Conditions,
   Actions,
   Resources and Environments) and a process-oriented way of modeling threats as well as security,
   counter and recovery measures. In this paper we demonstrate how to enable risk-aware business process management and simulation through the application of the ROPE methodology.},
}

@INPROCEEDINGS{Jakoubi_SurveyofScientific_2009,
   author = {Stefan Jakoubi and Simon Tjoa and Gernot Goluch and Gerald Quirchmayr},
   authorhotlist = {true},
   title = {A Survey of Scientific Approaches Considering the Integration of Security and Risk Aspects into Business Process Management},
   booktitle = {International Workshop on Database and Expert Systems Applications},
   year = {2009},
   month = {1},
   pdf = {Jakoubi_SurveyofScientific_2009.pdf},
   pages = {127--132},
   publisher = {IEEE Computer Society},
}

@INPROCEEDINGS{Neubauer_ProcessModelRFID_2009,
   author = {Gernot Goluch and Simon Tjoa and Thomas Neubauer and Stefan Jakoubi and Martin Wisser},
   authorhotlist = {true},
   title = {A Process Model for RFID based Business Process Analysis},
   booktitle = {APSCC},
   year = {2009},
   month = {1},
}

@ARTICLE{Tjoa2010a,
   author = {Simon Tjoa and Stefan Jakoubi and Gernot Goluch and Gerhard Kitzler and Sigrun Goluch and Gerald Quirchmayr},
   title = {A Formal Approach Enabling Risk-aware Business Process Modeling and Simulation},
   journal = {IEEE Transactions on Services Computing},
   year = {2010},
   month = {4},
   pdf = {Tjoa_TSC2010.pdf},
}

@BOOK{Tjoa_ARESConferenceProceedings_2008,
   author = {{Edgar R.} Weippl and Simon Tjoa and Stefan Jakoubi},
   title = {ARES Conference Proceedings},
   year = {2008},
   month = {1},
   publisher = {IEEE},
}

@INPROCEEDINGS{Tjoa_A_Formal_Approach_Towards_Risk_2010,
   author = {Stefan Jakoubi and Simon Tjoa and Sigrun Goluch and Gerhard Kitzler},
   title = {A Formal Approach Towards Risk-Aware Service Level Analysis and Planning},
   booktitle = {2010 International Conference on Availability,
   Reliability and Security},
   year = {2010},
   month = {2},
   pages = {180-187},
}

@INPROCEEDINGS{Tjoa_EnhancingBusinessImpact_2008,
   author = {Gerald Quirchmayr and Simon Tjoa and Stefan Jakoubi},
   title = {Enhancing {B}usiness {I}mpact {A}nalysis and {R}isk {A}ssessment applying a {R}isk-{A}ware {B}usiness {P}rocess {M}odeling and {S}imulation {M}ethodology},
   booktitle = {Proceedings of the 3rd {I}nternational {C}onference on {A}vailability,
   {R}eliability and {S}ecurity},
   year = {2008},
   month = {1},
   abstract = {Driven by the steadily growing number of natural disasters,
   the threat of terrorist and other criminal attacks as well as changed legislation and regulations,
   companies are increasingly forced to prepare against threats that endanger the survivability of crucial business activities. As a consequence,
   management has to pay more attention to business continuity issues including serious management commitment and more appropriate funding. Business impact analysis and risk assessment concepts enable adequate business continuity planning as they deliver essential information about the impact of resources' disruption on business. In this paper we present how these concepts can be enhanced through the application of the ROPE (Risk-Oriented Process Evaluation) methodology enabling risk-aware business process management and simulation. Moreover,
   we present essential extensions of the ROPE simulation capabilities leading to a more efficient and effective business continuity planning.},
}

@INPROCEEDINGS{Tjoa_ExtensionofMethodology_2008,
   author = {Gerald Quirchmayr and Gernot Goluch and Simon Tjoa and Stefan Jakoubi},
   title = {Extension of a Methodology for Risk-Aware Business Process Modeling and Simulation Enabling Process-Oriented Incident Handling Support},
   booktitle = {The 22st International Conference on Advanced Information Networking and Applications},
   year = {2008},
   month = {1},
   abstract = {Increasingly,
   companies face the challenges to perform their business processes effectively as well as efficiently and to simultaneously assure the continuity of these processes. As the majority of companies rely on IT,
   it is essential to establish effective incident handling. In this paper,
   we introduce new extensions of the risk-aware business process management framework ROPE (Risk- Oriented Process Evaluation) in order to support the improvement of the management and execution of business processes. We further discuss the advantages of those extensions and how they can support the implementation of standards and best-practices such as the NIST SP800-61 (Computer Security Incident Handling Guide).},
   publisher = {IEEE Society},
}

@INPROCEEDINGS{Tjoa_Planning_Dynamic_Activity_and__2010,
   author = {Simon Tjoa and Stefan Jakoubi and Sigrun Goluch and Gerhard Kitzler},
   title = {Planning Dynamic Activity and Resource Allocations Using a Risk-Aware Business Process Management Approach},
   booktitle = {2010 International Conference on Availability,
   Reliability and Security},
   year = {2010},
   month = {2},
   pdf = {Tjoa_ARES2010_dynamic.pdf},
   pages = {268-274},
}