Learn More
During the past few years, a vast number of online file storage services have been introduced. While several of these services provide basic functionality such as upload-ing and retrieving files by a specific user, more advanced services offer features such as shared folders, real-time collaboration, minimization of data transfers or unlimited storage(More)
Governance, Risk and Compliance (GRC) is an emerging topic in the business and information technology world. However to this day the concept behind the acronym has neither been adequately researched, nor is there a common understanding among professionals. The research at hand provides a frame of reference for research of integrated GRC that was derived(More)
Web 2.0 is much more than adding a nice facade to old web applications rather it is a new way of thinking about software architecture of Rich Internet Applications (RIA). In comparison to traditional web applications, the application logic of modern Web 2.0 applications tends to push the interactive user interface tasks to the client side. The client(More)
Web 2.0 has changed the technological landscape of the Internet computing world today. The shift from traditional web which is also known as Web 1.0 is forced by the growing need for more efficient information sharing, collaboration, and business processes. The disclosure of personal/organizational information in Web 2.0 via social networks, digital(More)
— IT-security has become a much diversified field and small and medium sized enterprises (SMEs), in particular, do not have the financial ability to implement a holistic IT-security approach. We thus propose a security ontology, to provide a solid base for an applicable and holistic IT-security approach for SMEs, enabling low-cost risk management and threat(More)
This paper introduces an ontology-based framework to improve the preparation of ISO/IEC 27001 audits, and to strengthen the security state of the company respectively. Building on extensive previous work on security ontologies, we elaborate on how ISO/IEC 27001 artifacts can be integrated into this ontology. A basic introduction to security ontologies is(More)
— Companies spend considerable amounts of resources on minimizing security breaches but often neglect efficient security measures and/or are not aware whether their investments are effective. While security safeguards traditionally are evaluated through a single (aggregated) criterion such as the return on investment, this may not suffice any longer as(More)
— Whenever data is being processed, there are many places where parts of the data are temporarily stored; thus forensic analysis can reveal past activities, create a (partial) timeline and recover deleted data. While this fact is well known for computer forensics, multiple forensic tools exist to analyze data and the systematic analysis of database systems(More)
Recently, academia and law enforcement alike have shown a strong demand for data that is collected from online social networks. In this work, we present a novel method for harvesting such data from social networking websites. Our approach uses a hybrid system that is based on a custom add-on for social networks in combination with a web crawling component.(More)