[{"publication":"18th European Conference on Information Systems (ECIS 2010)","type":"conference","status":"public","file":[{"access_level":"open_access","file_name":"Take it or leave it - ECIS - Proof.pdf","file_id":"6191","file_size":247621,"creator":"hsiemes","date_created":"2018-12-11T15:22:41Z","date_updated":"2018-12-13T15:20:13Z","relation":"main_file","content_type":"application/pdf"}],"abstract":[{"text":"In a world, where more and more businesses seem to trade in an online market, the supply of online services to supply the ever-growing demand could quickly reach its capacity limits. Online service providers may find themselves maxed out at peak operation levels during high-traffic timeslots but too little demand during low-traffic timeslots, although the latter is becoming less frequent. At this point not only deciding which user is allocated what level of service becomes essential, but also the magnitude of the service provided, can be controlled by pricing. Pricing is an important factor when efficient and acceptable allocation of resources between individuals must be reached. Without prices, transferring or sharing goods would be impossible. In sharing information, pricing a product however is not as simple as relatively pricing an apple or a pear. Often the costs, and hence the prices are simply unknown. Backed by this scenario, the online services market could be combined with the market design mechanism of diamonds. For this we propose an ultimatum pricing strategy which effectively allows for valuations to be accounted for, but no longer a necessity when pricing in grid, cloud or other online computing environments.","lang":"eng"}],"department":[{"_id":"277"}],"user_id":"61579","_id":"5690","extern":"1","file_date_updated":"2018-12-13T15:20:13Z","language":[{"iso":"eng"}],"keyword":["Posted Price","Ultimatum Game","Energy Efficiency","Mechanism Design"],"ddc":["000"],"has_accepted_license":"1","citation":{"chicago":"Bodenstein, Christian, Guido Schryen, and Dirk Neumann. “From ‘Take-It-or-Leave-It’ Offers to ‘Take-It-or-Be-Left-out’ Ultimatum - A Trade Mechanism for Online Services.” In <i>18th European Conference on Information Systems (ECIS 2010)</i>, 2010.","ieee":"C. Bodenstein, G. Schryen, and D. Neumann, “From ‘Take-it-or-leave-it’ offers to ‘Take-it-or-be-left-out’ Ultimatum - A trade mechanism for Online Services,” in <i>18th European Conference on Information Systems (ECIS 2010)</i>, 2010.","ama":"Bodenstein C, Schryen G, Neumann D. From “Take-it-or-leave-it” offers to “Take-it-or-be-left-out” Ultimatum - A trade mechanism for Online Services. In: <i>18th European Conference on Information Systems (ECIS 2010)</i>. ; 2010.","apa":"Bodenstein, C., Schryen, G., &#38; Neumann, D. (2010). From “Take-it-or-leave-it” offers to “Take-it-or-be-left-out” Ultimatum - A trade mechanism for Online Services. In <i>18th European Conference on Information Systems (ECIS 2010)</i>.","bibtex":"@inproceedings{Bodenstein_Schryen_Neumann_2010, title={From “Take-it-or-leave-it” offers to “Take-it-or-be-left-out” Ultimatum - A trade mechanism for Online Services}, booktitle={18th European Conference on Information Systems (ECIS 2010)}, author={Bodenstein, Christian and Schryen, Guido and Neumann, Dirk}, year={2010} }","short":"C. Bodenstein, G. Schryen, D. Neumann, in: 18th European Conference on Information Systems (ECIS 2010), 2010.","mla":"Bodenstein, Christian, et al. “From ‘Take-It-or-Leave-It’ Offers to ‘Take-It-or-Be-Left-out’ Ultimatum - A Trade Mechanism for Online Services.” <i>18th European Conference on Information Systems (ECIS 2010)</i>, 2010."},"year":"2010","author":[{"first_name":"Christian","last_name":"Bodenstein","full_name":"Bodenstein, Christian"},{"first_name":"Guido","last_name":"Schryen","full_name":"Schryen, Guido","id":"72850"},{"full_name":"Neumann, Dirk","last_name":"Neumann","first_name":"Dirk"}],"date_created":"2018-11-14T15:48:39Z","date_updated":"2022-01-06T07:02:34Z","oa":"1","title":"From \"Take-it-or-leave-it\" offers to \"Take-it-or-be-left-out\" Ultimatum - A trade mechanism for Online Services"},{"keyword":["distributed trust concepts","measuring etrust","Internet voting"],"ddc":["000"],"language":[{"iso":"eng"}],"extern":"1","file_date_updated":"2018-12-13T15:16:50Z","_id":"5598","department":[{"_id":"277"}],"user_id":"61579","abstract":[{"text":"Emerging digital environments and infrastructures, such as distributed services and computing services, have generated new options of communication, information sharing, and resource utilization in past years. Different distributed trust concepts are applied to increase trust in such systems. However, these concepts yield to rather complex architectures which make it difficult to determine which component or system needs to be trusted. This paper presents a novel trust measurement method for distributed systems which enables the t identification of weak points in the overall system architecture. The measurement method includes the specification of a formal trust language and its representation by means of propositional logic formulas. The applicability of the proposed concepts is demonstrated by conducting a case study on the Internet voting system that was used in the 2007 parliamentary elections in Estonia.","lang":"eng"}],"status":"public","file":[{"relation":"main_file","content_type":"application/pdf","file_id":"6185","file_name":"06_Schryen.pdf","access_level":"open_access","file_size":243413,"date_created":"2018-12-11T15:14:05Z","creator":"hsiemes","date_updated":"2018-12-13T15:16:50Z"}],"publication":"Proceedings of the 23rd Bled eConference","type":"conference","title":"Measuring eTrust in distributed systems - General Concept and Application to Internet Voting","date_updated":"2022-01-06T07:02:06Z","oa":"1","date_created":"2018-11-14T11:49:50Z","author":[{"full_name":"Volkamer, Melanie","last_name":"Volkamer","first_name":"Melanie"},{"first_name":"Guido","last_name":"Schryen","id":"72850","full_name":"Schryen, Guido"}],"year":"2010","citation":{"apa":"Volkamer, M., &#38; Schryen, G. (2010). Measuring eTrust in distributed systems - General Concept and Application to Internet Voting. In <i>Proceedings of the 23rd Bled eConference</i>.","short":"M. Volkamer, G. Schryen, in: Proceedings of the 23rd Bled EConference, 2010.","bibtex":"@inproceedings{Volkamer_Schryen_2010, title={Measuring eTrust in distributed systems - General Concept and Application to Internet Voting}, booktitle={Proceedings of the 23rd Bled eConference}, author={Volkamer, Melanie and Schryen, Guido}, year={2010} }","mla":"Volkamer, Melanie, and Guido Schryen. “Measuring ETrust in Distributed Systems - General Concept and Application to Internet Voting.” <i>Proceedings of the 23rd Bled EConference</i>, 2010.","ama":"Volkamer M, Schryen G. Measuring eTrust in distributed systems - General Concept and Application to Internet Voting. In: <i>Proceedings of the 23rd Bled EConference</i>. ; 2010.","ieee":"M. Volkamer and G. Schryen, “Measuring eTrust in distributed systems - General Concept and Application to Internet Voting,” in <i>Proceedings of the 23rd Bled eConference</i>, 2010.","chicago":"Volkamer, Melanie, and Guido Schryen. “Measuring ETrust in Distributed Systems - General Concept and Application to Internet Voting.” In <i>Proceedings of the 23rd Bled EConference</i>, 2010."},"has_accepted_license":"1"},{"ddc":["000"],"file_date_updated":"2018-12-13T15:20:23Z","language":[{"iso":"eng"}],"extern":"1","_id":"5631","department":[{"_id":"277"}],"user_id":"61579","abstract":[{"text":"While many theoretical arguments against or in favor of open source and closed source software development have been presented, the empirical basis for the assessment of arguments and the development of models is still weak. Addressing this research gap, this paper presents the first comprehensive empirical investigation of published vulnerabilities and patches of 17 widely deployed open source and closed source software packages, including operating systems, database systems, web browsers, email clients, and office systems. The empirical analysis uses comprehensive vulnerability data contained in the NIST National Vulnerability Database and a newly compiled data set of vulnerability patches. The results suggest that it is not the particular software development style that determines the severity of vulnerabilities and vendors? patching behavior, but rather the specific application type and the policy of the particular development community, respectively.","lang":"eng"}],"status":"public","file":[{"date_updated":"2018-12-13T15:20:23Z","creator":"hsiemes","date_created":"2018-12-11T15:23:33Z","file_size":299380,"file_name":"vendors behavior - UPDATED IEEE version.pdf","file_id":"6192","access_level":"open_access","content_type":"application/pdf","relation":"main_file"}],"publication":"43rd Annual Hawaii International Conference on System Sciences","type":"conference","title":"Increasing software security through open source or closed source development? Empirics suggest that we have asked the wrong question","date_updated":"2022-01-06T07:02:14Z","oa":"1","author":[{"first_name":"Guido","full_name":"Schryen, Guido","id":"72850","last_name":"Schryen"},{"full_name":"Eliot, Rich","last_name":"Eliot","first_name":"Rich"}],"date_created":"2018-11-14T14:23:45Z","year":"2010","citation":{"apa":"Schryen, G., &#38; Eliot, R. (2010). Increasing software security through open source or closed source development? Empirics suggest that we have asked the wrong question. In <i>43rd Annual Hawaii International Conference on System Sciences</i>.","bibtex":"@inproceedings{Schryen_Eliot_2010, title={Increasing software security through open source or closed source development? Empirics suggest that we have asked the wrong question}, booktitle={43rd Annual Hawaii International Conference on System Sciences}, author={Schryen, Guido and Eliot, Rich}, year={2010} }","short":"G. Schryen, R. Eliot, in: 43rd Annual Hawaii International Conference on System Sciences, 2010.","mla":"Schryen, Guido, and Rich Eliot. “Increasing Software Security through Open Source or Closed Source Development? Empirics Suggest That We Have Asked the Wrong Question.” <i>43rd Annual Hawaii International Conference on System Sciences</i>, 2010.","chicago":"Schryen, Guido, and Rich Eliot. “Increasing Software Security through Open Source or Closed Source Development? Empirics Suggest That We Have Asked the Wrong Question.” In <i>43rd Annual Hawaii International Conference on System Sciences</i>, 2010.","ieee":"G. Schryen and R. Eliot, “Increasing software security through open source or closed source development? Empirics suggest that we have asked the wrong question,” in <i>43rd Annual Hawaii International Conference on System Sciences</i>, 2010.","ama":"Schryen G, Eliot R. Increasing software security through open source or closed source development? Empirics suggest that we have asked the wrong question. In: <i>43rd Annual Hawaii International Conference on System Sciences</i>. ; 2010."},"has_accepted_license":"1"},{"status":"public","file":[{"content_type":"application/pdf","relation":"main_file","creator":"hsiemes","date_created":"2018-12-11T15:24:22Z","date_updated":"2018-12-13T15:20:37Z","file_name":"IS business value - ECIS - Final Version.pdf","access_level":"open_access","file_id":"6193","file_size":174368}],"abstract":[{"text":"Enduring doubts about the value of IS investments reveal that IS researchers have not fully managed to identify and to explain the economic benefits of IS. Three research tasks are essential requisites on the path towards addressing this criticism: the synthesis of knowledge, the identification of lack of knowledge, and the proposition of paths for closing knowledge gaps. This paper considers each of these tasks by a) synthesizing key research findings based on a comprehensive literature review, b) identifying and unfolding key limitations of current research, and c) applying a decision-theoretic perspective, which opens new horizons to IS business value research and shows paths for overcoming the limitations. The adoption of this perspective results in a decision-theoretic foundation of IS business value research and includes the proposition of a consistent terminology and a research model that frames further research.","lang":"eng"}],"publication":"Proceedings of the 18th European Conference on Information Systems (ECIS 2010)","type":"conference","language":[{"iso":"eng"}],"file_date_updated":"2018-12-13T15:20:37Z","extern":"1","keyword":["Decision theory","IT value","IS assessment","IS evaluation"],"ddc":["000"],"department":[{"_id":"277"}],"user_id":"61579","_id":"5632","citation":{"ama":"Schryen G, Bodenstein C. A decision-theoretic foundation of IS business value research. In: <i>Proceedings of the 18th European Conference on Information Systems (ECIS 2010)</i>. ; 2010.","ieee":"G. Schryen and C. Bodenstein, “A decision-theoretic foundation of IS business value research,” in <i>Proceedings of the 18th European Conference on Information Systems (ECIS 2010)</i>, 2010.","chicago":"Schryen, Guido, and Christian Bodenstein. “A Decision-Theoretic Foundation of IS Business Value Research.” In <i>Proceedings of the 18th European Conference on Information Systems (ECIS 2010)</i>, 2010.","short":"G. Schryen, C. Bodenstein, in: Proceedings of the 18th European Conference on Information Systems (ECIS 2010), 2010.","bibtex":"@inproceedings{Schryen_Bodenstein_2010, title={A decision-theoretic foundation of IS business value research}, booktitle={Proceedings of the 18th European Conference on Information Systems (ECIS 2010)}, author={Schryen, Guido and Bodenstein, Christian}, year={2010} }","mla":"Schryen, Guido, and Christian Bodenstein. “A Decision-Theoretic Foundation of IS Business Value Research.” <i>Proceedings of the 18th European Conference on Information Systems (ECIS 2010)</i>, 2010.","apa":"Schryen, G., &#38; Bodenstein, C. (2010). A decision-theoretic foundation of IS business value research. In <i>Proceedings of the 18th European Conference on Information Systems (ECIS 2010)</i>."},"year":"2010","has_accepted_license":"1","title":"A decision-theoretic foundation of IS business value research","author":[{"first_name":"Guido","id":"72850","full_name":"Schryen, Guido","last_name":"Schryen"},{"full_name":"Bodenstein, Christian","last_name":"Bodenstein","first_name":"Christian"}],"date_created":"2018-11-14T14:24:25Z","date_updated":"2022-01-06T07:02:14Z","oa":"1"},{"file":[{"relation":"main_file","content_type":"application/pdf","file_size":372660,"access_level":"open_access","file_id":"6190","file_name":"security_fuzzy_LNI Version.pdf","date_updated":"2018-12-13T15:20:03Z","creator":"hsiemes","date_created":"2018-12-11T15:22:12Z"}],"abstract":[{"lang":"eng","text":"This paper presents a fuzzy set based decision support model for taking uncertainty into account when making security investment decisions for distributed systems. The proposed model is complementary to robabilistic approaches and useful in situations where probabilistic information is either unavailable or not appropriate to reliably predict future conditions. We ?rst present the speci?cation of a formal security language that allows to specify under which conditions a distributed system is protected against security violations. We show that each term of the security language can be transformed into an equivalent propositional logic term. Then we use propositional logic terms to de?ne a fuzzy set based decision model. This optimization model incorporates uncertainty with regard to the impact of investments on the achieved security levels of components of the distributed system. The model also accounts for budget and security constraints, in order to be applicable in practice."}],"publication":"Sicherheit 2010 : Sicherheit, Schutz und Zuverl{\\\"a}ssigkeit ; Konferenzband der 5. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft f{\\\"u}r Informatik e.V. (GI), 5. - 7. Oktober 2010 in Berlin","language":[{"iso":"eng"}],"ddc":["000"],"year":"2010","title":"A Fuzzy Model for IT Security Investments","date_created":"2018-11-14T14:35:59Z","publisher":"Gesellschaft für Informatik","status":"public","editor":[{"full_name":"C. Freiling, Felix","last_name":"C. Freiling","first_name":"Felix"}],"type":"conference","extern":"1","file_date_updated":"2018-12-13T15:20:03Z","department":[{"_id":"277"}],"series_title":"GI-Edition: lecture notes in informatics. Proceedings","user_id":"61579","_id":"5642","intvolume":"       170","page":"289-304","citation":{"ieee":"G. Schryen, “A Fuzzy Model for IT Security Investments,” in <i>Sicherheit 2010 : Sicherheit, Schutz und Zuverl{\\\"a}ssigkeit ; Konferenzband der 5. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft f{\\\"u}r Informatik e.V. (GI), 5. - 7. Oktober 2010 in Berlin</i>, 2010, vol. 170, pp. 289–304.","chicago":"Schryen, Guido. “A Fuzzy Model for IT Security Investments.” In <i>Sicherheit 2010 : Sicherheit, Schutz Und Zuverl{\\\"a}ssigkeit ; Konferenzband Der 5. Jahrestagung Des Fachbereichs Sicherheit Der Gesellschaft F{\\\"u}r Informatik e.V. (GI), 5. - 7. Oktober 2010 in Berlin</i>, edited by Felix C. Freiling, 170:289–304. GI-Edition: Lecture Notes in Informatics. Proceedings. Bonn: Gesellschaft für Informatik, 2010.","ama":"Schryen G. A Fuzzy Model for IT Security Investments. In: C. Freiling F, ed. <i>Sicherheit 2010 : Sicherheit, Schutz Und Zuverl{\\\"a}ssigkeit ; Konferenzband Der 5. Jahrestagung Des Fachbereichs Sicherheit Der Gesellschaft F{\\\"u}r Informatik e.V. (GI), 5. - 7. Oktober 2010 in Berlin</i>. Vol 170. GI-Edition: lecture notes in informatics. Proceedings. Bonn: Gesellschaft für Informatik; 2010:289-304.","apa":"Schryen, G. (2010). A Fuzzy Model for IT Security Investments. In F. C. Freiling (Ed.), <i>Sicherheit 2010 : Sicherheit, Schutz und Zuverl{\\\"a}ssigkeit ; Konferenzband der 5. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft f{\\\"u}r Informatik e.V. (GI), 5. - 7. Oktober 2010 in Berlin</i> (Vol. 170, pp. 289–304). Bonn: Gesellschaft für Informatik.","mla":"Schryen, Guido. “A Fuzzy Model for IT Security Investments.” <i>Sicherheit 2010 : Sicherheit, Schutz Und Zuverl{\\\"a}ssigkeit ; Konferenzband Der 5. Jahrestagung Des Fachbereichs Sicherheit Der Gesellschaft F{\\\"u}r Informatik e.V. (GI), 5. - 7. Oktober 2010 in Berlin</i>, edited by Felix C. Freiling, vol. 170, Gesellschaft für Informatik, 2010, pp. 289–304.","bibtex":"@inproceedings{Schryen_2010, place={Bonn}, series={GI-Edition: lecture notes in informatics. Proceedings}, title={A Fuzzy Model for IT Security Investments}, volume={170}, booktitle={Sicherheit 2010 : Sicherheit, Schutz und Zuverl{\\\"a}ssigkeit ; Konferenzband der 5. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft f{\\\"u}r Informatik e.V. (GI), 5. - 7. Oktober 2010 in Berlin}, publisher={Gesellschaft für Informatik}, author={Schryen, Guido}, editor={C. Freiling, FelixEditor}, year={2010}, pages={289–304}, collection={GI-Edition: lecture notes in informatics. Proceedings} }","short":"G. Schryen, in: F. C. Freiling (Ed.), Sicherheit 2010 : Sicherheit, Schutz Und Zuverl{\\\"a}ssigkeit ; Konferenzband Der 5. Jahrestagung Des Fachbereichs Sicherheit Der Gesellschaft F{\\\"u}r Informatik e.V. (GI), 5. - 7. Oktober 2010 in Berlin, Gesellschaft für Informatik, Bonn, 2010, pp. 289–304."},"place":"Bonn","has_accepted_license":"1","volume":170,"author":[{"last_name":"Schryen","full_name":"Schryen, Guido","id":"72850","first_name":"Guido"}],"date_updated":"2022-01-06T07:02:18Z","oa":"1"},{"oa":"1","date_updated":"2022-01-06T07:02:18Z","date_created":"2018-11-14T14:36:26Z","author":[{"last_name":"Schryen","full_name":"Schryen, Guido","id":"72850","first_name":"Guido"}],"title":"An Analysis of Literature Reviews on IS Business Value: How Deficiencies in Methodology and Theory Use Resulted in Limited Effectiveness","has_accepted_license":"1","year":"2010","citation":{"apa":"Schryen, G. (2010). An Analysis of Literature Reviews on IS Business Value: How Deficiencies in Methodology and Theory Use Resulted in Limited Effectiveness. In <i>Proceedings of the First Scandinavian Conference on Information Systems (SCIS)</i>.","mla":"Schryen, Guido. “An Analysis of Literature Reviews on IS Business Value: How Deficiencies in Methodology and Theory Use Resulted in Limited Effectiveness.” <i>Proceedings of the First Scandinavian Conference on Information Systems (SCIS)</i>, 2010.","short":"G. Schryen, in: Proceedings of the First Scandinavian Conference on Information Systems (SCIS), 2010.","bibtex":"@inproceedings{Schryen_2010, title={An Analysis of Literature Reviews on IS Business Value: How Deficiencies in Methodology and Theory Use Resulted in Limited Effectiveness}, booktitle={Proceedings of the First Scandinavian Conference on Information Systems (SCIS)}, author={Schryen, Guido}, year={2010} }","chicago":"Schryen, Guido. “An Analysis of Literature Reviews on IS Business Value: How Deficiencies in Methodology and Theory Use Resulted in Limited Effectiveness.” In <i>Proceedings of the First Scandinavian Conference on Information Systems (SCIS)</i>, 2010.","ieee":"G. Schryen, “An Analysis of Literature Reviews on IS Business Value: How Deficiencies in Methodology and Theory Use Resulted in Limited Effectiveness,” in <i>Proceedings of the First Scandinavian Conference on Information Systems (SCIS)</i>, 2010.","ama":"Schryen G. An Analysis of Literature Reviews on IS Business Value: How Deficiencies in Methodology and Theory Use Resulted in Limited Effectiveness. In: <i>Proceedings of the First Scandinavian Conference on Information Systems (SCIS)</i>. ; 2010."},"_id":"5643","user_id":"61579","department":[{"_id":"277"}],"ddc":["000"],"keyword":["Literature review","Business value","Information systems","Methodology","Theory"],"language":[{"iso":"eng"}],"extern":"1","file_date_updated":"2018-12-13T15:17:00Z","type":"conference","publication":"Proceedings of the First Scandinavian Conference on Information Systems (SCIS)","abstract":[{"lang":"eng","text":"Enduring doubts about the value of IS investments reveal that IS researchers have not fully managed to identify and to explain the economic benefits of IS. This paper assumes that literature reviews, which represent a powerful instrument for the identification and synthesis of knowledge, have not tapped their full potential to address this issue due to deficiencies in methodology. The analysis of 18 literature reviews published in pertinent academic outlets during the past 20 years shows such deficiencies. Two of the most critical weaknesses identified are (1) the lack of theory use in most reviews and (2) a weak linkage of reviews, resulting in little progress in theory and framework development. The systematic identification of these weaknesses and the extraction of promising methodological examples from past literature are the main contributions of this work, which supports the composition of more effective literature reviews in future research."}],"file":[{"file_name":"2010_Book_ScandinavianInformationSystems - Schryen.pdf","file_id":"6186","access_level":"open_access","file_size":302340,"creator":"hsiemes","date_created":"2018-12-11T15:14:51Z","date_updated":"2018-12-13T15:17:00Z","relation":"main_file","content_type":"application/pdf"}],"status":"public"},{"date_updated":"2022-01-06T07:02:19Z","oa":"1","author":[{"full_name":"Schryen, Guido","id":"72850","last_name":"Schryen","first_name":"Guido"}],"volume":52,"citation":{"mla":"Schryen, Guido. “Preserving Knowledge on IS Business Value: What Literature Reviews Have Done.” <i>Business \\&#38; Information Systems Engineering (BISE)</i>, vol. 52, no. 4, Springer, 2010, pp. 225–37.","short":"G. Schryen, Business \\&#38; Information Systems Engineering (BISE) 52 (2010) 225–237.","bibtex":"@article{Schryen_2010, title={Preserving knowledge on IS business value: what literature reviews have done}, volume={52}, number={4}, journal={Business \\&#38; Information Systems Engineering (BISE)}, publisher={Springer}, author={Schryen, Guido}, year={2010}, pages={225–237} }","apa":"Schryen, G. (2010). Preserving knowledge on IS business value: what literature reviews have done. <i>Business \\&#38; Information Systems Engineering (BISE)</i>, <i>52</i>(4), 225–237.","ama":"Schryen G. Preserving knowledge on IS business value: what literature reviews have done. <i>Business \\&#38; Information Systems Engineering (BISE)</i>. 2010;52(4):225-237.","ieee":"G. Schryen, “Preserving knowledge on IS business value: what literature reviews have done,” <i>Business \\&#38; Information Systems Engineering (BISE)</i>, vol. 52, no. 4, pp. 225–237, 2010.","chicago":"Schryen, Guido. “Preserving Knowledge on IS Business Value: What Literature Reviews Have Done.” <i>Business \\&#38; Information Systems Engineering (BISE)</i> 52, no. 4 (2010): 225–37."},"intvolume":"        52","page":"225-237","has_accepted_license":"1","file_date_updated":"2018-12-13T15:17:12Z","extern":"1","_id":"5644","user_id":"61579","department":[{"_id":"277"}],"status":"public","type":"journal_article","title":"Preserving knowledge on IS business value: what literature reviews have done","publisher":"Springer","date_created":"2018-11-14T14:38:02Z","year":"2010","issue":"4","ddc":["000"],"keyword":["Business value","Information systems","Literature review","Meta review"],"language":[{"iso":"eng"}],"abstract":[{"text":"The economic relevance of information systems has been studied for many years and has attracted an abundance of research papers. However, the ?productivity paradoxon? of the 90s, Carr?s widely recognized paper ?IT doesn?t matter?, and several studies that do not find a positive correlation between IS investments and economic performance reveal long-lasting difficulties for IS researchers to explain ?IS business value?. Business executives and researchers also continue to question the value of IS investments. This raises the question of whether literature reviews have tapped their potential to address the concerns by covering key research areas of IS business value and preserving their key findings. In order to address this question, this paper identifies and describes 12 key research areas, and synthesizes what literature reviews published in pertinent academic outlets have done to preserve knowledge. The analysis of 22 literature reviews shows that some crucial areas have not been (sufficiently) covered. They provide fertile areas for future literature reviews. As this work is based on the results of more than 200 research papers, it is capable of drawing a comprehensive picture of the current state-of-the-art in IS business value research.","lang":"eng"}],"file":[{"content_type":"application/pdf","relation":"main_file","creator":"hsiemes","date_created":"2018-12-11T15:19:37Z","date_updated":"2018-12-13T15:17:12Z","access_level":"open_access","file_name":"BISE-PreservingknowledgeonISbusinessvalue-Manuscript-1.pdf","file_id":"6187","file_size":525443}],"publication":"Business \\& Information Systems Engineering (BISE)"},{"type":"journal_article","status":"public","_id":"5645","department":[{"_id":"277"}],"user_id":"61579","extern":"1","file_date_updated":"2018-12-13T15:19:50Z","has_accepted_license":"1","page":"225-237","intvolume":"        52","citation":{"ama":"Schryen G. Ökonomischer Wert von Informationssystemen - Beitrag von Literatur-Reviews zum Wissenserhalt ( = Preserving Knowledge on IS Business Value. What Literature Reviews Have Done). <i>Wirtschaftsinformatik</i>. 2010;52(4):225-237.","chicago":"Schryen, Guido. “Ökonomischer Wert von Informationssystemen - Beitrag von Literatur-Reviews Zum Wissenserhalt ( = Preserving Knowledge on IS Business Value. What Literature Reviews Have Done).” <i>Wirtschaftsinformatik</i> 52, no. 4 (2010): 225–37.","ieee":"G. Schryen, “Ökonomischer Wert von Informationssystemen - Beitrag von Literatur-Reviews zum Wissenserhalt ( = Preserving Knowledge on IS Business Value. What Literature Reviews Have Done),” <i>Wirtschaftsinformatik</i>, vol. 52, no. 4, pp. 225–237, 2010.","apa":"Schryen, G. (2010). Ökonomischer Wert von Informationssystemen - Beitrag von Literatur-Reviews zum Wissenserhalt ( = Preserving Knowledge on IS Business Value. What Literature Reviews Have Done). <i>Wirtschaftsinformatik</i>, <i>52</i>(4), 225–237.","mla":"Schryen, Guido. “Ökonomischer Wert von Informationssystemen - Beitrag von Literatur-Reviews Zum Wissenserhalt ( = Preserving Knowledge on IS Business Value. What Literature Reviews Have Done).” <i>Wirtschaftsinformatik</i>, vol. 52, no. 4, Gabler; Springer, 2010, pp. 225–37.","bibtex":"@article{Schryen_2010, title={Ökonomischer Wert von Informationssystemen - Beitrag von Literatur-Reviews zum Wissenserhalt ( = Preserving Knowledge on IS Business Value. What Literature Reviews Have Done)}, volume={52}, number={4}, journal={Wirtschaftsinformatik}, publisher={Gabler; Springer}, author={Schryen, Guido}, year={2010}, pages={225–237} }","short":"G. Schryen, Wirtschaftsinformatik 52 (2010) 225–237."},"date_updated":"2022-01-06T07:02:19Z","oa":"1","volume":52,"author":[{"last_name":"Schryen","full_name":"Schryen, Guido","id":"72850","first_name":"Guido"}],"publication":"Wirtschaftsinformatik","abstract":[{"text":"The economic relevance of information systems has been studied for many years and has attracted an abundance of research papers. However, the ?productivity paradoxon? of the 1990s, Carr?s widely recognized paper ?IT doesn?t matter?, and several studies that do not find a positive correlation between IS investments and economic performance reveal long-lasting difficulties for IS researchers to explain ?IS business value?. Business executives and researchers also continue to question the value of IS investments. This raises the question of whether literature reviews have tapped their potential to address the concerns by covering key research areas of IS business value and preserving their key findings. In order to address this question, this paper identifies and describes 12 key research areas, and synthesizes what literature reviews published in pertinent academic outlets have done to preserve knowledge. The analysis of 22 literature reviews shows that some crucial areas have not been (sufficiently) covered. They provide fertile areas for future literature reviews. As this work is based on the results of more than 200 research papers, it is capable of drawing a comprehensive picture of the current state-of-the-art in IS business value research.","lang":"eng"}],"file":[{"access_level":"open_access","file_id":"6189","file_name":"Schryen2010_Article_ÖkonomischerWertVonInformation.pdf","file_size":850718,"creator":"hsiemes","date_created":"2018-12-11T15:21:36Z","date_updated":"2018-12-13T15:19:50Z","relation":"main_file","content_type":"application/pdf"}],"ddc":["000"],"language":[{"iso":"eng"}],"issue":"4","year":"2010","publisher":"Gabler; Springer","date_created":"2018-11-14T14:38:45Z","title":"Ökonomischer Wert von Informationssystemen - Beitrag von Literatur-Reviews zum Wissenserhalt ( = Preserving Knowledge on IS Business Value. What Literature Reviews Have Done)"},{"department":[{"_id":"277"}],"user_id":"61579","_id":"5597","extern":"1","file_date_updated":"2018-12-18T13:15:26Z","language":[{"iso":"eng"}],"ddc":["000"],"publication":"Workshop Elektronische Wahlen, elektronische Teilhabe, Societyware, 39th GI-Jahrestagung","type":"conference","status":"public","file":[{"relation":"main_file","content_type":"application/pdf","file_name":"Elektronische Wahlen - GI 2009.pdf","access_level":"open_access","file_id":"6313","file_size":60870,"creator":"hsiemes","date_created":"2018-12-18T13:15:26Z","date_updated":"2018-12-18T13:15:26Z"}],"abstract":[{"lang":"eng","text":"Der Beitrag diskutiert die kontroversen Ans{\\\"a}tze ? Verifizierung versus Evaluation/Zertifizierung ? zur Sicherung elektronischer Wahlen mit Wahlger{\\\"a}ten. Dabei spielt das Urteils des Bundesverfassungsgerichts [BVG099] eine zentrale Rolle. Hierin wird entschieden, dass die Zertifizierung des Wahlger{\\\"a}tes nicht ausreicht und es werden Verifizierungsfunktionen gefordert, die den W{\\\"a}hlern die M{\\\"o}glichkeit geben sich von der Integrit{\\\"a}t des Wahlergebnisses zu {\\\"u}berzeugen. Der Beitrag zeigt auf, dass auch mit der Implementierung entsprechender Verifizierungsfunktionen nicht auf Zertifizierung verzichtet werden kann, da an ein Wahlger{\\\"a}t auch andere Anforderungen wie etwa hinsichtlich des Wahlgeheimnisses gestellt werden. Es wird au{\\ss}erdem die Frage diskutiert, warum der Zertifizierung hinsichtlich dieser zus{\\\"a}tzlichen Anforderungen vertraut werden kann, w{\\\"a}hrend dies nicht der Fall bei der Integrit{\\\"a}tsanforderung ist."}],"author":[{"first_name":"Melanie","full_name":"Volkamer, Melanie","last_name":"Volkamer"},{"full_name":"Schryen, Guido","id":"72850","last_name":"Schryen","first_name":"Guido"},{"full_name":"Langer, Lucie","last_name":"Langer","first_name":"Lucie"},{"full_name":"Schmidt, Axel","last_name":"Schmidt","first_name":"Axel"},{"full_name":"Buchmann, Johannes","last_name":"Buchmann","first_name":"Johannes"}],"date_created":"2018-11-14T11:49:04Z","date_updated":"2022-01-06T07:02:05Z","oa":"1","title":"Elektronische Wahlen: Verifizierung vs. Zertifizierung","has_accepted_license":"1","citation":{"ieee":"M. Volkamer, G. Schryen, L. Langer, A. Schmidt, and J. Buchmann, “Elektronische Wahlen: Verifizierung vs. Zertifizierung,” in <i>Workshop Elektronische Wahlen, elektronische Teilhabe, Societyware, 39th GI-Jahrestagung</i>, 2009.","chicago":"Volkamer, Melanie, Guido Schryen, Lucie Langer, Axel Schmidt, and Johannes Buchmann. “Elektronische Wahlen: Verifizierung vs. Zertifizierung.” In <i>Workshop Elektronische Wahlen, Elektronische Teilhabe, Societyware, 39th GI-Jahrestagung</i>, 2009.","ama":"Volkamer M, Schryen G, Langer L, Schmidt A, Buchmann J. Elektronische Wahlen: Verifizierung vs. Zertifizierung. In: <i>Workshop Elektronische Wahlen, Elektronische Teilhabe, Societyware, 39th GI-Jahrestagung</i>. ; 2009.","apa":"Volkamer, M., Schryen, G., Langer, L., Schmidt, A., &#38; Buchmann, J. (2009). Elektronische Wahlen: Verifizierung vs. Zertifizierung. In <i>Workshop Elektronische Wahlen, elektronische Teilhabe, Societyware, 39th GI-Jahrestagung</i>.","bibtex":"@inproceedings{Volkamer_Schryen_Langer_Schmidt_Buchmann_2009, title={Elektronische Wahlen: Verifizierung vs. Zertifizierung}, booktitle={Workshop Elektronische Wahlen, elektronische Teilhabe, Societyware, 39th GI-Jahrestagung}, author={Volkamer, Melanie and Schryen, Guido and Langer, Lucie and Schmidt, Axel and Buchmann, Johannes}, year={2009} }","mla":"Volkamer, Melanie, et al. “Elektronische Wahlen: Verifizierung vs. Zertifizierung.” <i>Workshop Elektronische Wahlen, Elektronische Teilhabe, Societyware, 39th GI-Jahrestagung</i>, 2009.","short":"M. Volkamer, G. Schryen, L. Langer, A. Schmidt, J. Buchmann, in: Workshop Elektronische Wahlen, Elektronische Teilhabe, Societyware, 39th GI-Jahrestagung, 2009."},"year":"2009"},{"user_id":"61579","department":[{"_id":"277"}],"_id":"5621","file_date_updated":"2018-12-18T13:16:07Z","extern":"1","type":"journal_article","status":"public","author":[{"full_name":"Schryen, Guido","id":"72850","last_name":"Schryen","first_name":"Guido"},{"first_name":"Eliot","last_name":"Rich","full_name":"Rich, Eliot"}],"volume":4,"date_updated":"2022-01-06T07:02:12Z","oa":"1","has_accepted_license":"1","citation":{"apa":"Schryen, G., &#38; Rich, E. (2009). Security in Large-Scale Internet Elections: A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland. <i>IEEE Transactions on Information Forensics \\&#38; Security</i>, <i>4</i>(4 Part), 729–744.","short":"G. Schryen, E. Rich, IEEE Transactions on Information Forensics \\&#38; Security 4 (2009) 729–744.","bibtex":"@article{Schryen_Rich_2009, title={Security in Large-Scale Internet Elections: A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland}, volume={4}, number={4 Part}, journal={IEEE Transactions on Information Forensics \\&#38; Security}, publisher={IEEE}, author={Schryen, Guido and Rich, Eliot}, year={2009}, pages={729–744} }","mla":"Schryen, Guido, and Eliot Rich. “Security in Large-Scale Internet Elections: A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland.” <i>IEEE Transactions on Information Forensics \\&#38; Security</i>, vol. 4, no. 4 Part, IEEE, 2009, pp. 729–44.","chicago":"Schryen, Guido, and Eliot Rich. “Security in Large-Scale Internet Elections: A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland.” <i>IEEE Transactions on Information Forensics \\&#38; Security</i> 4, no. 4 Part (2009): 729–44.","ieee":"G. Schryen and E. Rich, “Security in Large-Scale Internet Elections: A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland,” <i>IEEE Transactions on Information Forensics \\&#38; Security</i>, vol. 4, no. 4 Part, pp. 729–744, 2009.","ama":"Schryen G, Rich E. Security in Large-Scale Internet Elections: A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland. <i>IEEE Transactions on Information Forensics \\&#38; Security</i>. 2009;4(4 Part):729-744."},"page":"729-744","intvolume":"         4","language":[{"iso":"eng"}],"ddc":["000"],"keyword":["e-voting","Internet voting","Internet election","security","verifiability","RIES","Estonia","Neuch{\\^a}tel"],"publication":"IEEE Transactions on Information Forensics \\& Security","file":[{"date_updated":"2018-12-18T13:16:07Z","creator":"hsiemes","date_created":"2018-12-18T13:16:07Z","file_size":1544790,"access_level":"open_access","file_name":"JOURNAL VERSION.pdf","file_id":"6316","content_type":"application/pdf","relation":"main_file"}],"abstract":[{"lang":"eng","text":"Remote voting through the Internet provides convenience and access to the electorate. At the same time, the security concerns facing any distributed application are magnified when the task is so crucial to democratic society. In addition, some of the electoral process loses transparency when it is encapsulated in information technology. In this paper, we examine the public record of three recent elections that used Internet voting. Our specific goal is to identify any potential flaws that security experts would recognize, but may have not been identified in the rush to implement technology. To do this, we present a multiple exploratory case study, looking at elections conducted between 2006 and 2007 in Estonia, Netherlands, and Switzerland. These elections were selected as particularly interesting and accessible, and each presents its own technical and security challenges. The electoral environment, technical design and process for each election are described, including reconstruction of details which are implied but not specified within the source material. We found that all three elections warrant significant concern about voter security, verifiability, and transparency. Usability, our fourth area of focus, seems to have been well-addressed in these elections. While our analysis is based on public documents and previously published reports, and therefore lacking access to any confidential materials held by electoral officials, this comparative analysis provides interesting insight and consistent questions across all these cases. Effective review of Internet voting requires an aggressive stance towards identifying potential security and operational flaws, and we encourage the use of third party reviews with critical technology skills during design, programming, and voting to reduce the changes of failure or fraud that would undermine public confidence."}],"date_created":"2018-11-14T14:06:44Z","publisher":"IEEE","title":"Security in Large-Scale Internet Elections: A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland","issue":"4 Part","year":"2009"},{"abstract":[{"lang":"eng","text":"The increasing availability and deployment of open source software in personal and commercial environments makes open source software highly appealing for hackers, and others who are interested in exploiting software vulnerabilities. This deployment has resulted in a debate ?full of religion? on the security of open source software compared to that of closed source software. However, beyond such arguments, only little quantitative analysis on this research issue has taken place. We discuss the state-of-the-art of the security debate and identify shortcomings. Based on these, we propose new metrics, which allows to answer the question to what extent the review process of open source and closed source development has helped to fix vulnerabilities. We illustrate the application of some of these metrics in a case study on OpenOffice (open source software) vs. Microsoft Office (closed source software)."}],"status":"public","file":[{"relation":"main_file","content_type":"application/pdf","file_size":456497,"file_name":"ACM VERSION.pdf","access_level":"open_access","file_id":"6310","date_updated":"2018-12-18T13:14:09Z","creator":"hsiemes","date_created":"2018-12-18T13:14:09Z"}],"publication":"24th Annual ACM Symposium on Applied Computing","type":"conference","keyword":["Open source software","Closed source software","Security","Metrics"],"ddc":["000"],"language":[{"iso":"eng"}],"file_date_updated":"2018-12-18T13:14:09Z","extern":"1","_id":"5625","department":[{"_id":"277"}],"user_id":"61579","year":"2009","citation":{"ieee":"G. Schryen and R. Kadura, “Open Source vs. Closed Source Software: Towards Measuring Security,” in <i>24th Annual ACM Symposium on Applied Computing</i>, 2009.","chicago":"Schryen, Guido, and Rouven Kadura. “Open Source vs. Closed Source Software: Towards Measuring Security.” In <i>24th Annual ACM Symposium on Applied Computing</i>, 2009.","ama":"Schryen G, Kadura R. Open Source vs. Closed Source Software: Towards Measuring Security. In: <i>24th Annual ACM Symposium on Applied Computing</i>. ; 2009.","bibtex":"@inproceedings{Schryen_Kadura_2009, title={Open Source vs. Closed Source Software: Towards Measuring Security}, booktitle={24th Annual ACM Symposium on Applied Computing}, author={Schryen, Guido and Kadura, Rouven}, year={2009} }","mla":"Schryen, Guido, and Rouven Kadura. “Open Source vs. Closed Source Software: Towards Measuring Security.” <i>24th Annual ACM Symposium on Applied Computing</i>, 2009.","short":"G. Schryen, R. Kadura, in: 24th Annual ACM Symposium on Applied Computing, 2009.","apa":"Schryen, G., &#38; Kadura, R. (2009). Open Source vs. Closed Source Software: Towards Measuring Security. In <i>24th Annual ACM Symposium on Applied Computing</i>."},"has_accepted_license":"1","title":"Open Source vs. Closed Source Software: Towards Measuring Security","oa":"1","date_updated":"2022-01-06T07:02:13Z","date_created":"2018-11-14T14:12:27Z","author":[{"first_name":"Guido","id":"72850","full_name":"Schryen, Guido","last_name":"Schryen"},{"last_name":"Kadura","full_name":"Kadura, Rouven","first_name":"Rouven"}]},{"file_date_updated":"2018-12-18T13:14:48Z","language":[{"iso":"eng"}],"extern":"1","ddc":["000"],"user_id":"61579","department":[{"_id":"277"}],"_id":"5646","file":[{"file_size":594302,"file_name":"Conference Version.pdf","file_id":"6311","access_level":"open_access","date_updated":"2018-12-18T13:14:48Z","date_created":"2018-12-18T13:14:48Z","creator":"hsiemes","relation":"main_file","content_type":"application/pdf"}],"status":"public","abstract":[{"text":"While many theoretical arguments against or in favor of open source and closed source software development have been presented, the empirical basis for the assessment of arguments is still weak. Addressing this research gap, this paper presents a comprehensive empirical investigation of the patching behavior of software vendors/communities of widely deployed open source and closed source software packages, including operating systems, database systems, web browsers, email clients, and office systems. As the value of any empirical study relies on the quality of data available, this paper also discusses in detail data issues, explains to what extent the empirical analysis can be based on vulnerability data contained in the NIST National Vulnerability Database, and shows how data on vulnerability patches was collected by the author to support this study. The results of the analysis suggest that it is not the particular software development style that determines patching behavior, but rather the policy of the particular software vendor.","lang":"eng"}],"type":"conference","publication":"5th International Conference on IT Security Incident Management \\& IT Forensics","title":"A comprehensive and comparative analysis of the patching behavior of open source and closed source software vendors","date_created":"2018-11-14T14:40:04Z","author":[{"first_name":"Guido","last_name":"Schryen","full_name":"Schryen, Guido","id":"72850"}],"oa":"1","date_updated":"2022-01-06T07:02:19Z","citation":{"ama":"Schryen G. A comprehensive and comparative analysis of the patching behavior of open source and closed source software vendors. In: <i>5th International Conference on IT Security Incident Management \\&#38; IT Forensics</i>. ; 2009.","chicago":"Schryen, Guido. “A Comprehensive and Comparative Analysis of the Patching Behavior of Open Source and Closed Source Software Vendors.” In <i>5th International Conference on IT Security Incident Management \\&#38; IT Forensics</i>, 2009.","ieee":"G. Schryen, “A comprehensive and comparative analysis of the patching behavior of open source and closed source software vendors,” in <i>5th International Conference on IT Security Incident Management \\&#38; IT Forensics</i>, 2009.","bibtex":"@inproceedings{Schryen_2009, title={A comprehensive and comparative analysis of the patching behavior of open source and closed source software vendors}, booktitle={5th International Conference on IT Security Incident Management \\&#38; IT Forensics}, author={Schryen, Guido}, year={2009} }","short":"G. Schryen, in: 5th International Conference on IT Security Incident Management \\&#38; IT Forensics, 2009.","mla":"Schryen, Guido. “A Comprehensive and Comparative Analysis of the Patching Behavior of Open Source and Closed Source Software Vendors.” <i>5th International Conference on IT Security Incident Management \\&#38; IT Forensics</i>, 2009.","apa":"Schryen, G. (2009). A comprehensive and comparative analysis of the patching behavior of open source and closed source software vendors. In <i>5th International Conference on IT Security Incident Management \\&#38; IT Forensics</i>."},"year":"2009","has_accepted_license":"1"},{"author":[{"first_name":"Guido","full_name":"Schryen, Guido","id":"72850","last_name":"Schryen"}],"date_created":"2018-11-14T14:41:24Z","date_updated":"2022-01-06T07:02:19Z","oa":"1","title":"Security of open source and closed source software: An empirical comparison of published vulnerabilities","has_accepted_license":"1","citation":{"apa":"Schryen, G. (2009). Security of open source and closed source software: An empirical comparison of published vulnerabilities. In <i>15th Americas Conference on Information Systems</i>.","bibtex":"@inproceedings{Schryen_2009, title={Security of open source and closed source software: An empirical comparison of published vulnerabilities}, booktitle={15th Americas Conference on Information Systems}, author={Schryen, Guido}, year={2009} }","short":"G. Schryen, in: 15th Americas Conference on Information Systems, 2009.","mla":"Schryen, Guido. “Security of Open Source and Closed Source Software: An Empirical Comparison of Published Vulnerabilities.” <i>15th Americas Conference on Information Systems</i>, 2009.","ama":"Schryen G. Security of open source and closed source software: An empirical comparison of published vulnerabilities. In: <i>15th Americas Conference on Information Systems</i>. ; 2009.","chicago":"Schryen, Guido. “Security of Open Source and Closed Source Software: An Empirical Comparison of Published Vulnerabilities.” In <i>15th Americas Conference on Information Systems</i>, 2009.","ieee":"G. Schryen, “Security of open source and closed source software: An empirical comparison of published vulnerabilities,” in <i>15th Americas Conference on Information Systems</i>, 2009."},"year":"2009","user_id":"61579","department":[{"_id":"277"}],"_id":"5647","language":[{"iso":"eng"}],"file_date_updated":"2018-12-18T13:16:39Z","extern":"1","ddc":["000"],"keyword":["Vulnerabilities","security","open source software","closed source software","empirical comparison"],"type":"conference","publication":"15th Americas Conference on Information Systems","file":[{"relation":"main_file","content_type":"application/pdf","file_size":483690,"file_id":"6317","access_level":"open_access","file_name":"Security of Open Source and Closed Source Software An Empirical - AMCIS Version.pdf","date_updated":"2018-12-18T13:16:39Z","date_created":"2018-12-18T13:16:39Z","creator":"hsiemes"}],"status":"public","abstract":[{"text":"Reviewing literature on open source and closed source security reveals that the discussion is often determined by biased attitudes toward one of these development styles. The discussion specifically lacks appropriate metrics, methodology and hard data. This paper contributes to solving this problem by analyzing and comparing published vulnerabilities of eight open source software and nine closed source software packages, all of which are widely deployed. Thereby, it provides an extensive empirical analysis of vulnerabilities in terms of mean time between vulnerability disclosures, the development of disclosure over time, and the severity of vulnerabilities, and allows for validating models provided in the literature. The investigation reveals that (a) the mean time between vulnerability disclosures was lower for open source software in half of the cases, while the other cases show no differences, (b) in contrast to literature assumption, 14 out of 17 software packages showed a significant linear or piecewise linear correlation between time and the number of published vulnerabilities, and (c) regarding the severity of vulnerabilities, no significant differences were found between open source and closed source.","lang":"eng"}]},{"ddc":["000"],"extern":"1","language":[{"iso":"eng"}],"file_date_updated":"2018-12-18T13:17:40Z","_id":"5648","department":[{"_id":"277"}],"user_id":"61579","status":"public","file":[{"content_type":"application/pdf","relation":"main_file","date_updated":"2018-12-18T13:17:40Z","creator":"hsiemes","date_created":"2018-12-18T13:17:40Z","file_size":41784,"file_id":"6319","file_name":"Linux Technical Review 2008 - Spam.pdf","access_level":"open_access"}],"publication":"Linux Technical Review","type":"journal_article","title":"Effektivität und Effizienz von Anti-Spam-Maßnahmen","date_updated":"2022-01-06T07:02:20Z","publisher":"Linux New Media AG","oa":"1","date_created":"2018-11-14T14:41:58Z","author":[{"id":"72850","full_name":"Schryen, Guido","last_name":"Schryen","first_name":"Guido"}],"year":"2008","citation":{"ama":"Schryen G. Effektivität und Effizienz von Anti-Spam-Maßnahmen. <i>Linux Technical Review</i>. 2008;(7).","ieee":"G. Schryen, “Effektivität und Effizienz von Anti-Spam-Maßnahmen,” <i>Linux Technical Review</i>, no. 7, 2008.","chicago":"Schryen, Guido. “Effektivität Und Effizienz von Anti-Spam-Maßnahmen.” <i>Linux Technical Review</i>, no. 7 (2008).","short":"G. Schryen, Linux Technical Review (2008).","bibtex":"@article{Schryen_2008, title={Effektivität und Effizienz von Anti-Spam-Maßnahmen}, number={7}, journal={Linux Technical Review}, publisher={Linux New Media AG}, author={Schryen, Guido}, year={2008} }","mla":"Schryen, Guido. “Effektivität Und Effizienz von Anti-Spam-Maßnahmen.” <i>Linux Technical Review</i>, no. 7, Linux New Media AG, 2008.","apa":"Schryen, G. (2008). Effektivität und Effizienz von Anti-Spam-Maßnahmen. <i>Linux Technical Review</i>, (7)."},"has_accepted_license":"1","issue":"7"},{"date_created":"2018-11-14T14:43:23Z","author":[{"first_name":"Guido","full_name":"Schryen, Guido","id":"72850","last_name":"Schryen"}],"date_updated":"2022-01-06T07:02:20Z","oa":"1","title":"Practical Security of Large-scale Elections: An Exploratory Case Study of Internet Voting in Estonia","has_accepted_license":"1","citation":{"apa":"Schryen, G. (2008). Practical Security of Large-scale Elections: An Exploratory Case Study of Internet Voting in Estonia. In <i>7th Workshop on e-Business (WEB 2008, AIS Special Interest Group on E-Business)</i>.","mla":"Schryen, Guido. “Practical Security of Large-Scale Elections: An Exploratory Case Study of Internet Voting in Estonia.” <i>7th Workshop on E-Business (WEB 2008, AIS Special Interest Group on E-Business)</i>, 2008.","short":"G. Schryen, in: 7th Workshop on E-Business (WEB 2008, AIS Special Interest Group on E-Business), 2008.","bibtex":"@inproceedings{Schryen_2008, title={Practical Security of Large-scale Elections: An Exploratory Case Study of Internet Voting in Estonia}, booktitle={7th Workshop on e-Business (WEB 2008, AIS Special Interest Group on E-Business)}, author={Schryen, Guido}, year={2008} }","ama":"Schryen G. Practical Security of Large-scale Elections: An Exploratory Case Study of Internet Voting in Estonia. In: <i>7th Workshop on E-Business (WEB 2008, AIS Special Interest Group on E-Business)</i>. ; 2008.","chicago":"Schryen, Guido. “Practical Security of Large-Scale Elections: An Exploratory Case Study of Internet Voting in Estonia.” In <i>7th Workshop on E-Business (WEB 2008, AIS Special Interest Group on E-Business)</i>, 2008.","ieee":"G. Schryen, “Practical Security of Large-scale Elections: An Exploratory Case Study of Internet Voting in Estonia,” in <i>7th Workshop on e-Business (WEB 2008, AIS Special Interest Group on E-Business)</i>, 2008."},"year":"2008","department":[{"_id":"277"}],"user_id":"61579","_id":"5649","file_date_updated":"2018-12-18T13:18:21Z","language":[{"iso":"eng"}],"extern":"1","keyword":["Internet voting","large-scale election","Estonian parliamen- tary election","security","security management"],"ddc":["000"],"publication":"7th Workshop on e-Business (WEB 2008, AIS Special Interest Group on E-Business)","type":"conference","status":"public","file":[{"content_type":"application/pdf","relation":"main_file","creator":"hsiemes","date_created":"2018-12-18T13:18:21Z","date_updated":"2018-12-18T13:18:21Z","access_level":"open_access","file_id":"6320","file_name":"Schryen - Practical Security of Large-scale Elections - LNBIP - web version.pdf","file_size":273231}],"abstract":[{"lang":"eng","text":"The Estonian parliamentary election in 2007 is regarded as a success story of large-scale Internet elections. I use this election in a single case study on practical security to show that low quality of security and its management does not necessarily prevent large-scale Internet elections from being conducted. I also provide research propositions with regard to future challenges for large-scale Internet elections."}]},{"citation":{"mla":"Schryen, Guido. <i>Preventing E-Mail Spam: The Conceptualization and the Analysis of an Infrastructure Framework</i>. 2007.","bibtex":"@book{Schryen_2007, title={Preventing E-mail Spam: The Conceptualization and the Analysis of an Infrastructure Framework}, author={Schryen, Guido}, year={2007} }","short":"G. Schryen, Preventing E-Mail Spam: The Conceptualization and the Analysis of an Infrastructure Framework, 2007.","apa":"Schryen, G. (2007). <i>Preventing E-mail Spam: The Conceptualization and the Analysis of an Infrastructure Framework</i>.","ama":"Schryen G. <i>Preventing E-Mail Spam: The Conceptualization and the Analysis of an Infrastructure Framework</i>.; 2007.","chicago":"Schryen, Guido. <i>Preventing E-Mail Spam: The Conceptualization and the Analysis of an Infrastructure Framework</i>, 2007.","ieee":"G. Schryen, <i>Preventing E-mail Spam: The Conceptualization and the Analysis of an Infrastructure Framework</i>. 2007."},"year":"2007","has_accepted_license":"1","title":"Preventing E-mail Spam: The Conceptualization and the Analysis of an Infrastructure Framework","author":[{"last_name":"Schryen","full_name":"Schryen, Guido","id":"72850","first_name":"Guido"}],"date_created":"2018-12-18T12:50:22Z","oa":"1","date_updated":"2022-01-06T07:03:00Z","file":[{"file_id":"6322","file_name":"anti_spam_framework.pdf","access_level":"open_access","file_size":456755,"creator":"hsiemes","date_created":"2018-12-18T13:23:40Z","date_updated":"2018-12-18T13:23:40Z","relation":"main_file","content_type":"application/pdf"}],"status":"public","abstract":[{"lang":"eng","text":"Spamming remains a form of Internet abuse, which burdens the Internet infrastructure, is generally regarded as an annoyance, and is said to cause a huge economic harm. Many technological, organizational, and legislative anti-spam measures have already been proposed and implemented, but have not led to any substantial decrease in the number of spam e-mails. We propose a scalable and flexible infrastructure framework that integrates several anti-spam measures and that features both a technological and an organizational facet. The key element of our infrastructure is a new organizational unit that reliably and transparently limits the number of e-mails that can be sent per day and per account. We also analyze the proposed framework in terms of its theoretical effectiveness, the required resources, and its limitations."}],"type":"report","file_date_updated":"2018-12-18T13:23:40Z","language":[{"iso":"eng"}],"ddc":["000"],"keyword":["Email","Infrastructure","Internet","Spam"],"user_id":"61579","department":[{"_id":"277"}],"_id":"6287"},{"editor":[{"full_name":"Satesh, D.","last_name":"Satesh","first_name":"D."},{"full_name":"Prabhakar, R.","last_name":"Prabhakar","first_name":"R."}],"status":"public","type":"book_chapter","publication":"Proceedings of IPSI International Conference on Advances in the Internet, Processing, Systems, and Interdisciplinary Research","extern":"1","language":[{"iso":"eng"}],"_id":"5650","user_id":"61579","department":[{"_id":"277"}],"place":"Hyderabad, India","year":"2007","citation":{"ieee":"G. Schryen, “A Scalable and Flexible Infrastructure Framework For Addressing Spam,” in <i>Proceedings of IPSI International Conference on Advances in the Internet, Processing, Systems, and Interdisciplinary Research</i>, D. Satesh and R. Prabhakar, Eds. Hyderabad, India: ICFAI University Press, 2007, pp. 55–64.","chicago":"Schryen, Guido. “A Scalable and Flexible Infrastructure Framework For Addressing Spam.” In <i>Proceedings of IPSI International Conference on Advances in the Internet, Processing, Systems, and Interdisciplinary Research</i>, edited by D. Satesh and R. Prabhakar, 55–64. Hyderabad, India: ICFAI University Press, 2007.","ama":"Schryen G. A Scalable and Flexible Infrastructure Framework For Addressing Spam. In: Satesh D, Prabhakar R, eds. <i>Proceedings of IPSI International Conference on Advances in the Internet, Processing, Systems, and Interdisciplinary Research</i>. Hyderabad, India: ICFAI University Press; 2007:55-64.","apa":"Schryen, G. (2007). A Scalable and Flexible Infrastructure Framework For Addressing Spam. In D. Satesh &#38; R. Prabhakar (Eds.), <i>Proceedings of IPSI International Conference on Advances in the Internet, Processing, Systems, and Interdisciplinary Research</i> (pp. 55–64). Hyderabad, India: ICFAI University Press.","short":"G. Schryen, in: D. Satesh, R. Prabhakar (Eds.), Proceedings of IPSI International Conference on Advances in the Internet, Processing, Systems, and Interdisciplinary Research, ICFAI University Press, Hyderabad, India, 2007, pp. 55–64.","mla":"Schryen, Guido. “A Scalable and Flexible Infrastructure Framework For Addressing Spam.” <i>Proceedings of IPSI International Conference on Advances in the Internet, Processing, Systems, and Interdisciplinary Research</i>, edited by D. Satesh and R. Prabhakar, ICFAI University Press, 2007, pp. 55–64.","bibtex":"@inbook{Schryen_2007, place={Hyderabad, India}, title={A Scalable and Flexible Infrastructure Framework For Addressing Spam}, booktitle={Proceedings of IPSI International Conference on Advances in the Internet, Processing, Systems, and Interdisciplinary Research}, publisher={ICFAI University Press}, author={Schryen, Guido}, editor={Satesh, D. and Prabhakar, R.Editors}, year={2007}, pages={55–64} }"},"page":"55-64","title":"A Scalable and Flexible Infrastructure Framework For Addressing Spam","publisher":"ICFAI University Press","date_updated":"2022-01-06T07:02:20Z","date_created":"2018-11-14T14:44:01Z","author":[{"first_name":"Guido","last_name":"Schryen","full_name":"Schryen, Guido","id":"72850"}]},{"extern":"1","language":[{"iso":"eng"}],"department":[{"_id":"277"}],"user_id":"61579","_id":"5651","status":"public","type":"book","title":"Anti-Spam Measures: Analysis and Design","date_created":"2018-11-14T14:45:12Z","author":[{"full_name":"Schryen, Guido","id":"72850","last_name":"Schryen","first_name":"Guido"}],"date_updated":"2022-01-06T07:02:20Z","publisher":"Springer","citation":{"bibtex":"@book{Schryen_2007, place={Berlin, Heidelberg, New York}, title={Anti-Spam Measures: Analysis and Design}, publisher={Springer}, author={Schryen, Guido}, year={2007} }","mla":"Schryen, Guido. <i>Anti-Spam Measures: Analysis and Design</i>. Springer, 2007.","short":"G. Schryen, Anti-Spam Measures: Analysis and Design, Springer, Berlin, Heidelberg, New York, 2007.","apa":"Schryen, G. (2007). <i>Anti-Spam Measures: Analysis and Design</i>. Berlin, Heidelberg, New York: Springer.","ieee":"G. Schryen, <i>Anti-Spam Measures: Analysis and Design</i>. Berlin, Heidelberg, New York: Springer, 2007.","chicago":"Schryen, Guido. <i>Anti-Spam Measures: Analysis and Design</i>. Berlin, Heidelberg, New York: Springer, 2007.","ama":"Schryen G. <i>Anti-Spam Measures: Analysis and Design</i>. Berlin, Heidelberg, New York: Springer; 2007."},"year":"2007","place":"Berlin, Heidelberg, New York"},{"type":"journal_article","status":"public","_id":"5652","department":[{"_id":"277"}],"user_id":"61579","extern":"1","file_date_updated":"2018-12-18T13:25:48Z","has_accepted_license":"1","page":"17-32","intvolume":"        16","citation":{"ama":"Schryen G. Anti-spam legislation: An analysis of laws and their effectiveness. <i>Information and Communications Technology Law</i>. 2007;16(1):17-32.","chicago":"Schryen, Guido. “Anti-Spam Legislation: An Analysis of Laws and Their Effectiveness.” <i>Information and Communications Technology Law</i> 16, no. 1 (2007): 17–32.","ieee":"G. Schryen, “Anti-spam legislation: An analysis of laws and their effectiveness,” <i>Information and Communications Technology Law</i>, vol. 16, no. 1, pp. 17–32, 2007.","apa":"Schryen, G. (2007). Anti-spam legislation: An analysis of laws and their effectiveness. <i>Information and Communications Technology Law</i>, <i>16</i>(1), 17–32.","short":"G. Schryen, Information and Communications Technology Law 16 (2007) 17–32.","mla":"Schryen, Guido. “Anti-Spam Legislation: An Analysis of Laws and Their Effectiveness.” <i>Information and Communications Technology Law</i>, vol. 16, no. 1, Taylor \\&#38; Francis, 2007, pp. 17–32.","bibtex":"@article{Schryen_2007, title={Anti-spam legislation: An analysis of laws and their effectiveness}, volume={16}, number={1}, journal={Information and Communications Technology Law}, publisher={Taylor \\&#38; Francis}, author={Schryen, Guido}, year={2007}, pages={17–32} }"},"date_updated":"2022-01-06T07:02:21Z","oa":"1","volume":16,"author":[{"id":"72850","full_name":"Schryen, Guido","last_name":"Schryen","first_name":"Guido"}],"publication":"Information and Communications Technology Law","abstract":[{"text":"More than half of world-wide e-mail traffic ? an estimated total of several billion e-mails per day ? consists of spam. This is becoming a considerable disturbance to telecommunications. Spam is also closely related to other kinds of cyber crime as it possibly contains malicious software or is pursuing some kind of fraudulent aim, such as phishing. Besides technical and organizational measures, many countries have introduced anti-spam legislation. However, today's world-wide legislative coverage of spam is heterogeneous, and its effectiveness is controversially discussed. This article describes important parameters by which anti-spam legislation can vary and gives an overview and analysis of world-wide anti-spam legislation, including the European Directive 2002/58/EC, the U.S. CANSPAM Act of 2003, and international cooperation, such as the London Action Plan. The article then proceeds to discuss the effectiveness of current laws, and it identifies problems resulting from the fact that an international phenomenon is being addressed by national legislation. Finally, the article presents suggestions for overcoming some of these problems.","lang":"eng"}],"file":[{"file_size":175248,"access_level":"open_access","file_name":"JOUNAL_VERSION.pdf","file_id":"6325","date_updated":"2018-12-18T13:25:48Z","creator":"hsiemes","date_created":"2018-12-18T13:25:48Z","relation":"main_file","content_type":"application/pdf"}],"ddc":["000"],"language":[{"iso":"eng"}],"issue":"1","year":"2007","publisher":"Taylor \\& Francis","date_created":"2018-11-14T14:45:57Z","title":"Anti-spam legislation: An analysis of laws and their effectiveness"},{"page":"41-57","citation":{"ama":"Schryen G. Approaches Addressing Spam. In: Satesh D, Prabhakar R, eds. <i>Spam: An Introduction</i>. Hyderabad, India: ICFAI University Press; 2007:41-57.","chicago":"Schryen, Guido. “Approaches Addressing Spam.” In <i>Spam: An Introduction</i>, edited by D. Satesh and R. Prabhakar, 41–57. Hyderabad, India: ICFAI University Press, 2007.","ieee":"G. Schryen, “Approaches Addressing Spam,” in <i>Spam: An Introduction</i>, D. Satesh and R. Prabhakar, Eds. Hyderabad, India: ICFAI University Press, 2007, pp. 41–57.","apa":"Schryen, G. (2007). Approaches Addressing Spam. In D. Satesh &#38; R. Prabhakar (Eds.), <i>Spam: An Introduction</i> (pp. 41–57). Hyderabad, India: ICFAI University Press.","bibtex":"@inbook{Schryen_2007, place={Hyderabad, India}, title={Approaches Addressing Spam}, booktitle={Spam: An Introduction}, publisher={ICFAI University Press}, author={Schryen, Guido}, editor={Satesh, D. and Prabhakar, R.Editors}, year={2007}, pages={41–57} }","short":"G. Schryen, in: D. Satesh, R. Prabhakar (Eds.), Spam: An Introduction, ICFAI University Press, Hyderabad, India, 2007, pp. 41–57.","mla":"Schryen, Guido. “Approaches Addressing Spam.” <i>Spam: An Introduction</i>, edited by D. Satesh and R. Prabhakar, ICFAI University Press, 2007, pp. 41–57."},"year":"2007","place":"Hyderabad, India","date_created":"2018-11-14T14:46:28Z","author":[{"last_name":"Schryen","id":"72850","full_name":"Schryen, Guido","first_name":"Guido"}],"date_updated":"2022-01-06T07:02:21Z","publisher":"ICFAI University Press","title":"Approaches Addressing Spam","publication":"Spam: An Introduction","type":"book_chapter","status":"public","editor":[{"first_name":"D.","last_name":"Satesh","full_name":"Satesh, D."},{"full_name":"Prabhakar, R.","last_name":"Prabhakar","first_name":"R."}],"department":[{"_id":"277"}],"user_id":"61579","_id":"5653","language":[{"iso":"eng"}],"extern":"1"}]