Asprion, Petra
Lade...
E-Mail-Adresse
Geburtsdatum
Projekt
Organisationseinheiten
Berufsbeschreibung
Nachname
Asprion
Vorname
Petra
Name
Asprion, Petra
39 Ergebnisse
Suchergebnisse
Gerade angezeigt 1 - 10 von 39
Publikation CyMed: A framework for testing connected medical devices(Springer, 2024) Scherb, Christopher; Hadayah, Adrian; Heitz, Luc; Grieder, Hermann; Asprion, Petra; Hinkelmann, Knut; Smuts, HanlieConnected Medical Devices (CMDs) significantly benefit patients but are also vulnerable to malfunctions that can harm. Despite strict safety regulations for market entry, there’s a notable shortage of specific cybersecurity frameworks for CMDs. Existing regulations on cybersecurity practices are often broad and lack detailed implementation steps. This paper introduces the CyMed framework, designed for vendors and end-users, offering explicit strategies to enhance the cybersecurity of CMDs. The effectiveness of CyMed is assessed through practical testing and expert interviews.04B - Beitrag KonferenzschriftPublikation EDO4SIEM – a procedure model for the implementation of security information and event management systems in organisations(International Association for Development of the Information Society (IADIS), 2024) Rosenberg, Maximilian; Schneider, Bettina; Scherb, Christopher; Asprion, Petra01A - Beitrag in wissenschaftlicher ZeitschriftPublikation Cybersecurity governance – An adapted practical framework for small enterprises(2023) Asprion, Petra; Gossner, Philipp; Schneider, Bettina; Bui, Tung X.04B - Beitrag KonferenzschriftPublikation Blockchain und Datenschutz – Hyperledger Sawtooth im Fokus(Springer, 2023) Moriggl, Pascal; Asprion, Petra; Schneider, Bettina; Dornberger, RolfDaten gehören heute zu den zentralen Elementen digitaler Geschäftsmodelle, daher ist ein Bewusstsein für angemessene Maßnahmen zum Schutz von Daten und insbesondere personenbezogener Daten essenziell. Die Datenschutzgrundverordnung der Europäischen Union (EU) ist eine Folge der Diskussionen zum Schutz der Privatsphäre im digitalen Raum. Die Verordnung zwingt Organisationen dazu, sicherzustellen, dass ihre Prozesse zur Verarbeitung von Daten mit den relevanten Regularien übereinstimmen. Seit einigen Jahren wird die Blockchain-Technologie zunehmend beliebter, um den Austausch von Daten zu unterstützen. Die neue Technologie macht es möglich, auf eine zentrale Datenhaltung zu verzichten. Das Ziel dieser Forschung war es, Entscheidungsträgerinnen und Entscheidungsträgern bei der Auswahl einer geeigneten Blockchain-Konfiguration zu helfen, die den gesetzlichen Datenschutzanforderungen gerecht wird. Mit Hilfe der „Design-Science“-Methodik haben wir einen sogenannten morphologischen Kasten, sowie ein dazugehöriges Raster entwickelt, die als „Bewertungswerkzeuge“ für die Blockchain-Konfiguration „Hyperledger Sawtooth“ verwendet werden können. Die Forschungsergebnisse können mit wenigen Anpassungen verallgemeinert werden, um auch andere Blockchain-Konfigurationen zu bewerten.04A - Beitrag SammelbandPublikation Peer instruction as teaching method in cybersecurity and data privacy(International School for Social and Business Studies, 2023) Schneider, Bettina; Asprion, PetraCybersecurity and data privacy are important fields today. Basic education in these two interconnected areas should already be offered in schools, as practically everyone today can encounter the dangers and risks of the Internet in terms of data theft, data manipulation or the like. However, the topics of cybersecurity and data privacy are generally abstract, and many people are not interested in such rather technical topics. To arouse interest and provide a certain basic education, we used ‘peer instruction’ combined with storytelling as a promising method. Within the framework of an EU project called GEIGER and with the support of students who have learned data privacy by means of the presented method, the method has been further developed, applied, tested, reflected, and iteratively improved. In summary, the method presented is useful for the topics of cybersecurity and data privacy, but the recommendations compiled must be considered in particular with regard to careful preparation and testing.01A - Beitrag in wissenschaftlicher ZeitschriftPublikation Touching space: distributed ledger technology for tracking and tracing certificates(2023) Moriggl, Pascal; Asprion, Petra; Schneider, Bettina; Scherb, Christopher; Bui, Tung X.Components built into space vehicles and equipment (space products) must meet different regulatory requirements; in detail, each component must be certified and sustainably traceable at all times. Space engineers have expressed the need for an interoperable system to collect, manage and route certifications for components, parts and materials that go into space products. The lack of a unified approach in the European space industry is a challenge for companies involved in product development. This research proposes an open-source, secure, fast and distributed ledger technology (DLT) based solution that fits into any IT environment and is well adapted to the needs of manufacturing companies in the space sector. The results show that a blockchain-based solution based on ‘Hyperledger Fabric’ combined with the InterPlanetary File System is viable. The results can guide other researchers and practitioners to consider DLTs when changing their certification management paradigm with suppliers, customers and auditors.04B - Beitrag KonferenzschriftPublikation Agile management in cybersecurity(2023) Asprion, Petra; Giovanoli, Claudio; Scherb, Christopher; Bhat, Sourabha; Gerber, Aurona; Hinkelmann, KnutCybersecurity management has emerged as a topic of growing importance on a global scale. Applying traditional management practices to cybersecurity is often too cumbersome and can lead to significant delays. Today's enterprises must be able to adapt to ever-evolving digital threats and act with corresponding agility and flexibility. Agile methods are well suited for projects without a defined scope, duration, tasks, and resources and has been identified as suitable for meeting the management challenges of cybersecurity teams. Based on an in-depth literature review, this study assumed that adopting an agile approach to cybersecurity helps organizations manage cybersecurity effectively. A first prototypical model was developed and evaluated which combines agile methods with cybersecurity functions - based on a recognized reference model.04B - Beitrag KonferenzschriftPublikation Persona-oriented data protection impact assessment for small businesses(2023) Schneider, Bettina; Asprion, Petra; Misyura, Ilya; Jonkers, Natalie; Zaugg, EstherThe European (EU) General Data Protection Regulation (GDPR) is applicable since May 2018 and has since posed major challenges for small businesses with limited knowledge and resources. According to Art. 35 of the GDPR, a so-called ‘Data Protection Impact Assessment’ (DPIA) is mandatory if a processing of personal data is likely to result in a high risk to the rights and freedoms of natural persons. There is a demand for low-threshold, practical instruments that support the required DPIA. The objective of this research was to develop a new DPIA instrument that meets the needs – as unit of analysis – of non-technology small businesses and complies with the requirements of the EU GDPR. Design Science Research was used as the methodological framework and identified personas were drivers in the development. The result is two variants of instruments that have been carefully evaluated and proven to be valuable.04B - Beitrag KonferenzschriftPublikation Building digital trust to protect whistleblowers - A blockchain-based reporting channel(2023) Asprion, Petra; Grieder, Hermann; Grimberg, FrankOrganizations today need internal reporting channels to report illegal/unethical misconduct. For this purpose, organizations set up one or more - often digital - internal reporting channels. Persons/Employees who want to report misconduct, so-called whistleblowers, expose themselves to reprisals and therefore need trustworthy reporting channels which ensure ´Digital Trust´. Blockchain, a technology that overcomes the need for trust due to its properties of immutability and integrity of data, could be promising as underlying technology for a digital reporting channel which is recognized as trustworthy. In our research, we explored multiple perspectives relevant to a trustworthy digital reporting system. Applying design science research, we evaluated the current state of the art of (digital) reporting channels and developed a prototypical blockchain-based reporting solution called “Integrity@Inside”. The prototype is being iteratively demonstrated and pre-evaluated.04B - Beitrag KonferenzschriftPublikation RWD-Cockpit. Application for quality assessment of real-world data(JMIR Publications, 18.10.2022) Degen, Markus; Babrak, Lmar; Smakaj, Erand; Agac, Teyfik; Asprion, Petra; Grimberg, Frank; Van der Werf, Daan; Van Ginkel, Erwin Willem; Tosoni, Deniz David; Clay, Ieuan; Brodbeck, Dominique; Natali, Eriberto; Schkommodau, Erik; Miho, EnkelejdaDigital technologies are transforming the health care system. A large part of information is generated as real-world data (RWD). Data from electronic health records and digital biomarkers have the potential to reveal associations between the benefits and adverse events of medicines, establish new patient-stratification principles, expose unknown disease correlations, and inform on preventive measures. The impact for health care payers and providers, the biopharmaceutical industry, and governments is massive in terms of health outcomes, quality of care, and cost. However, a framework to assess the preliminary quality of RWD is missing, thus hindering the conduct of population-based observational studies to support regulatory decision-making and real-world evidence.01A - Beitrag in wissenschaftlicher Zeitschrift