Safe utilization controls for more transparency in financial markets;Sichere nutzungskontrolle für mehr transparenz in finanzmärkten

Informatik-Spektrum

Volumn 33, Issue 1, 2010, Pages 3-13

  Müller, Günter ^a   Accorsi, Rafael ^a   Höhn, Sebastian ^a   Sackmann, Stefan ^a  

^a UNIVERSITY OF FREIBURG   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

DECENTRALIZED DECISION MAKING; EARLY WARNING SYSTEMS; FINANCIAL MARKET; INFORMATION FLOW CONTROL; IT INFRASTRUCTURES; MACHINE-TO-MACHINE COMMUNICATIONS; SECURITY PROPERTIES; USAGE CONTROL;

ACCESS CONTROL; FINANCE; REGULATORY COMPLIANCE; TRANSPARENCY;

COMMERCE;

EID: 77951442815     PISSN: 01706012     EISSN: 1432122X     Source Type: Journal    
DOI: 10.1007/s00287-009-0405-y     Document Type: Article

References (47)

1. W Van Der Aalst B Van Dongena J Herbst L Marustera G Schimm A Weijters 2003 Workflow mining: A survey of issues and approaches Data Knowl Eng 47 2 237 267 10.1016/S0169-023X(03)00066-1
2. W Van Der Aalst A De Medeiros 2005 Process mining and security: Detecting anomalous process executions and checking process conformance Electron Notes Theor Comput Sci 121 3 21 10.1016/j.entcs.2004.10.013 (Pubitemid 40219700)
3. Accorsi R. Automated Privacy Audits to Complement the Notion of Control for Identity Management. Proceedings of the IFIP Conference on Policies and Research in Identity Management, vol 261, Springer-Verlag, Boston In: Proceedings of the IFIP Conference on Policies and Research in Identity Management, vol 261, Springer-Verlag, Boston 39-48.
4. Accorsi R (2008) Automated Counterexample-Driven Audits of Authentic System Records. Dissertation, Universität Freiburg, Freiburg im Breisgau
5. Accorsi R (2009) Safekeeping Digital Evidence with Secure Logging Protocols. Proceedings of the 5th Conference on IT Security Incident Management & IT Forensics, IEEE, IEEE Computer Press, Los Alamitos, pp 94-110
6. R Accorsi Y Sato S Kai 2008 Compliance-Monitor zur Frühwarnung vor Risiken Wirtschaftsinformatik 50 5 375 382 10.1007/s11576-008-0079-0
7. Ashley P, Hada S, Karjoth G, Powers C, Schunter M (2003) Enterprise Privacy Authorization Language (EPAL 1.2). Submission to W3C
8. A Avizienis J Laprie B Randell C Landwehr 2004 Basic concepts and taxonomy of dependable and secure computing IEEE Trans Depend Sec Comput 1 1 11 33 10.1109/TDSC.2004.2 (Pubitemid 40134576)
9. P Bartmann HU Buhl M Hertel 2009 Ursachen und Auswirkungen der Subprime-Krise Informatik-Spektrum 32 2 127 145 10.1007/s00287-009-0328-7
10. E Brynjolfsson L Hitt 1998 Beyond the productivity paradox CACM 41 8 49 55
11. Cranor LF, Dobbs B, Egelman S, Hogben G, Hunphrey J, Langheinrich M, Marchiori M, Presler-Marschal M, Reagle J, Schunter M, Stampley D, Wenning R (2006) The Platform for Privacy Preferences 1.1 (P3P1.1). W3C specification. http://www.w3.org/TR/P3P11/ (Abruf am 27. August 2009)
12. W Diffie 2008 Information security: 50 years behind, 50 years ahead CACM 51 1 55 57
13. Gama P, Ferreira P (2005) Obligation Policies: An Enforcement Platform. Proceedings of the Workshop on Policies for Distributed Systems and Networks, IEEE, pp 203-212
14. Haas S, Wohlgemuth S, Echizen I, Sonehara N, Müller G (2009) On Privacy in Medical Services with Electronic Health Records. IMIA WG4 (SiHIS) Workshop 2009 - Trustworthiness of Health Information (unveröffentlicht)
15. Hilty M, Basin D, Pretschner A (2005) On Obligations. In: Vimercati S, Syverson P, Gollmann D (eds) Lect Notes Comput Sci 3679:98-117
16. Hitzler P, Krötzsch M, Rudolph S, Sure Y (2008) Semantic Web. Grundlagen. Springer, Berlin
17. Höhn S (2009) Model-based reasoning on the achievement of business goals. In: Shin S, Ossowski S (eds) Proceedings of ACM SAC, pp 1589-1593
18. Höhn S, Jürjens J (2008) Rubacon: Automated support for model-based compliance engineering. ICSE '08: Proceedings of the 13th International Conference on Software Engineering, pp 875-878
19. Jajodia S, Kudo M, Subrahmanian V (2001) Provisional Authorizations, E-Commerce Security and Privacy. Kluwer Academic Publishers, Boston, pp 133-159
20. Kähmer M (2009) ExPDT - Vergleichbarkeit von Richtlinien für Selbstregulierung und Selbstdatenschutz. Dissertation, Albert-Ludwigs- Universtität Freiburg, Wiesbaden
21. Kittel K, Höhn S, Sackmann S (2009) Geschäftsprozess-Werkstatt. Institut für Informatik und Gesellschaft, Telematik, Technischer Bericht, Universität Freiburg
22. M Leucker C Schallhart 2008 A brief account of runtime verification J Log Algebraic Program 78 5 293 303 10.1016/j.jlap.2008.08.004
23. J Ligatti L Bauer D Walker 2005 Edit automata: Enforcement mechanisms for run-time security policies Int J Inf Secur 4 1-2 2 16 10.1007/s10207-004-0046-8 (Pubitemid 40347198)
24. V Lotz E Pigout P Fischer F Massacci A Pretschner 2008 Towards systematic achievement of compliance in service-oriented architectures: The MASTER approach Wirtschaftsinformatik 50 5 383 391 10.1007/s11576-008-0086-1
25. Luckham D (2002) The Power of Events. Addison-Wesley, Amsterdam
26. Gabriel R, Gluchowski P, Pastwa A (2009) Datawarehouse und Data Mining. Herdecke, Witten
27. Müller G (2006) Abschlussbericht des DFG-Schwerpunktprogramms, Sicherheit in der Kommunikationstechnik". http://www.telematik.uni- freiburg.de/spps/abschlussbericht.php (Abruf am 28. August 2009)
28. G Müller 2008 Information Security: 50 years behind, 50 years beyond Wirtschaftsinformatik 50 4 322 323 10.1365/s11576-008-0066-5
29. Müller G, Accorsi R, Höhn S, Kähmer M, Strasser M (2007) Sicherheit im Ubiquitous Computing: Schutz durch Gebote? In: Mattern F (Hrsg) Die Informatisierung des Alltags. Leben in smarten Umgebungen. Springer, Berlin
30. Müller G, Eymann T, Kreutzer M (2002) Telematik- und Kommunikationssysteme in der vernetzten Wirtschaft. Lehrbücher Wirtschaftsinformatik. Oldenbourg, München
31. Müller G, Rannenberg K (1999) Multilateral Security. Empowering Users, Enabling Applications. The Ladenburger Kolleg "Security in Communication Technology". In: Müller G, Rannenberg K (eds) Multilateral Security in Communications. Technology, Infrastructure, Economy, Bonn, pp 563-570
32. Namiri K, Stojanovic N (2007) Using Control Patterns in Business Processes Compliance. In: Weske M, Hacid M, Godart C (eds) Lect Notes Comput Sci 4832:178-190
33. A Nutz M Strau 2002 eXtensible Business Reporting Language (XBRL) - Konzept und praktischer Einsatz Wirtschaftsinformatik 44 5 447 457
34. R Pinsker L Shaomin 2008 Costs and benefits of XBRL adoption: early evidence CACM 51 3 47 50
35. A Pretschner M Hilty D Basin 2006 Distributed usage control CACM 49 9 39 44
36. A Pretschner M Hilty F Schütz C Schaefer T Walter 2008 Usage Control Enforcement: Present and Future IEEE Secur Priv 6 4 44 53 10.1109/MSP.2008.101
37. Ribeiro C, Zúquete A, Ferreira P (2001) Enforcing Obligation with Security Monitors. In: Qing S, Okamoto T, Zhou J (eds) Lect Notes Comput Sci 2229:172-176
38. Roth D (2009) Road Map for Financial Recovery: Radical Transparency Now! Wired Magazine 17.03. http://www.wired.com/techbiz/it/magazine/17-03/wp-reboot (Abruf am 11. August 2009)
39. Sackmann S (2008) Assessing the effects of IT changes on IT risk - A business process-oriented view. In: Bichler M, Hess T, Krcmar H, Lecher U, Matthes F, Picot A, Speitkamp B, Wolf P (eds) Multikonferenz Wirtschaftsinformatik 2008, Berlin, pp 1137-1148
40. S Sackmann M Kähmer 2008 ExPDT: Ein Policy-basierter Ansatz zur Automatisierung von Compliance Wirtschaftsinformatik 50 5 366 374 10.1007/s11576-008-0078-1
41. Sackmann S, Strüker J (2005) Electronic Commerce Enquête 2005 - 10 Jahre Electronic Commerce: Eine stille Revolution in deutschen Unternehmen. IIG Telematik, Universität Freiburg, Leinfelden
42. R Sandhu P Samarati 1994 Access Control: Principles and Practice IEEE Commun Mag 32 9 40 48 10.1109/35.312842
43. F Schneider 2000 Enforceable Security Policies ACM Transact Inform Syst Secur 3 1 30 50 10.1145/353323.353382
44. Vaubel R (2009) Zur Finanzmarktkrise: Die Verantwortung des Staates. Konferenz Finanzmarktkrise - Grundsatzfragen und Politische Verantwortung, Humboldt-Universität Berlin. http://www.vwl.uni-mannheim.de/vaubel/pdf- Dateien/ZurFinanzmarktkriseDieVerantwortungDesStaates111208.pdf (Abruf am 28. Juli 2009)
45. Wohlgemuth S (2008) Privatsphäre durch die Delegation von Rechten. Vieweg und Teubner, Wiesbaden
46. Wonnemann C, Accorsi R, Müller G (2009) On information flow forensics in business application scenarios. Proceedings of the 33rd IEEE COMPSAC, IEEE, pp 324-328
47. Yao A (1986) How to generate and exchange secrets. Proceedings of the twenty-seventh annual IEEE-Symposium on Foundations of Computer Science, IEEE, pp 162-167