2023, Schneider, Bettina, Asprion, Petra

Cybersecurity and data privacy are important fields today. Basic education in these two interconnected areas should already be offered in schools, as practically everyone today can encounter the dangers and risks of the Internet in terms of data theft, data manipulation or the like. However, the topics of cybersecurity and data privacy are generally abstract, and many people are not interested in such rather technical topics. To arouse interest and provide a certain basic education, we used ‘peer instruction’ combined with storytelling as a promising method. Within the framework of an EU project called GEIGER and with the support of students who have learned data privacy by means of the presented method, the method has been further developed, applied, tested, reflected, and iteratively improved. In summary, the method presented is useful for the topics of cybersecurity and data privacy, but the recommendations compiled must be considered in particular with regard to careful preparation and testing.

2023, Asprion, Petra, Gossner, Philipp, Schneider, Bettina, Bui, Tung X.

2022, Schneider, Bettina, Ballesteros, Ruben, Moriggl, Pascal, Asprion, Petra, Bork, Dominik, Barat, Souvik, Asprion, Petra, Marcelletti, Alessandro, Morichetta, Andrea, Schneider, Bettina, Kulkarni, Vinay, Breu, Ruth, Zech, Philipp

A decentralized autonomous organization (DAO) is an emerging entity facilitated through blockchain technology. It operates under the principle of a decentralized governance structure void of hierarchical leadership, and decisions are made based on community consensus. As DAO and its mechanisms are still in an early stage, its potential evolution and future influence on enterprises remain unclear. This work elaborates on this emerging type of organization through a literature review and case studies of DAOs to demonstrate the current state of the art. The findings presented include a brief discussion of the technology that facilitates these organizations. Additionally, advancements and the common characteristics of existing DAOs are presented. Examining current and defunct DAOs revealed the challenges these organizations should address to reach their full potential in future application areas. Finally, it is concluded which organizations and industries could most likely benefit from the DAO concept in future.

2020, Moriggl, Pascal, Asprion, Petra, Schneider, Bettina, Dornberger, Rolf

2023, Moriggl, Pascal, Asprion, Petra, Schneider, Bettina, Dornberger, Rolf

Daten gehören heute zu den zentralen Elementen digitaler Geschäftsmodelle, daher ist ein Bewusstsein für angemessene Maßnahmen zum Schutz von Daten und insbesondere personenbezogener Daten essenziell. Die Datenschutzgrundverordnung der Europäischen Union (EU) ist eine Folge der Diskussionen zum Schutz der Privatsphäre im digitalen Raum. Die Verordnung zwingt Organisationen dazu, sicherzustellen, dass ihre Prozesse zur Verarbeitung von Daten mit den relevanten Regularien übereinstimmen. Seit einigen Jahren wird die Blockchain-Technologie zunehmend beliebter, um den Austausch von Daten zu unterstützen. Die neue Technologie macht es möglich, auf eine zentrale Datenhaltung zu verzichten. Das Ziel dieser Forschung war es, Entscheidungsträgerinnen und Entscheidungsträgern bei der Auswahl einer geeigneten Blockchain-Konfiguration zu helfen, die den gesetzlichen Datenschutzanforderungen gerecht wird. Mit Hilfe der „Design-Science“-Methodik haben wir einen sogenannten morphologischen Kasten, sowie ein dazugehöriges Raster entwickelt, die als „Bewertungswerkzeuge“ für die Blockchain-Konfiguration „Hyperledger Sawtooth“ verwendet werden können. Die Forschungsergebnisse können mit wenigen Anpassungen verallgemeinert werden, um auch andere Blockchain-Konfigurationen zu bewerten.

2023, Moriggl, Pascal, Asprion, Petra, Schneider, Bettina, Scherb, Christopher, Bui, Tung X.

Components built into space vehicles and equipment (space products) must meet different regulatory requirements; in detail, each component must be certified and sustainably traceable at all times. Space engineers have expressed the need for an interoperable system to collect, manage and route certifications for components, parts and materials that go into space products. The lack of a unified approach in the European space industry is a challenge for companies involved in product development. This research proposes an open-source, secure, fast and distributed ledger technology (DLT) based solution that fits into any IT environment and is well adapted to the needs of manufacturing companies in the space sector. The results show that a blockchain-based solution based on ‘Hyperledger Fabric’ combined with the InterPlanetary File System is viable. The results can guide other researchers and practitioners to consider DLTs when changing their certification management paradigm with suppliers, customers and auditors.

2021, Löffler, Emanuel, Schneider, Bettina, Asprion, Petra, Zanwar, Trupti

An increasing number of small and medium-sized enterprises (SMEs) use the Internet to support and grow businesses. The application of new technologies comes with inherent risks of ever-changing cyberspace and increasing cybercrime. Previous research has shown that the human factor remains the core element in the cybersecurity chain, so it is paramount to make sure the employees receive effective training to embrace a security mindset. This study puts forward previous research that resulted in a portable escape room game to raise cybersecurity awareness. The purpose of the study is to elaborate the transformation of the physical game into a virtual learning experience to increase flexibility in times such as the Covid-19 lockdown. As main method, we applied the design science framework of Hevner et al. As main result, the research elaborates the design of the developed artifact—a virtual prototype of the escape room game addressing the cybersecurity challenges of SMEs. For the evaluation of the prototype, empirical data was collected in a qualitative study. As main conclusions we have observed that a physical escape room setting can be transformed into a virtual setting with little means without sacrificing player immersion. A limitation was identified in teaching targeted social engineering attacks.

2023, Schneider, Bettina, Asprion, Petra, Misyura, Ilya, Jonkers, Natalie, Zaugg, Esther

The European (EU) General Data Protection Regulation (GDPR) is applicable since May 2018 and has since posed major challenges for small businesses with limited knowledge and resources. According to Art. 35 of the GDPR, a so-called ‘Data Protection Impact Assessment’ (DPIA) is mandatory if a processing of personal data is likely to result in a high risk to the rights and freedoms of natural persons. There is a demand for low-threshold, practical instruments that support the required DPIA. The objective of this research was to develop a new DPIA instrument that meets the needs – as unit of analysis – of non-technology small businesses and complies with the requirements of the EU GDPR. Design Science Research was used as the methodological framework and identified personas were drivers in the development. The result is two variants of instruments that have been carefully evaluated and proven to be valuable.

2022, Löffler, Emanuel, Schneider, Bettina, Goerre, Andreas, Asprion, Petra, Filipe, Joaquim, Smialek, Michal, Brodsky, Alexander, Hammoudi, Slimane

2021, Grimberg, Frank, Asprion, Petra, Schneider, Bettina, Miho, Enkelejda, Babrak, Lmar, Habbabeh, Ali

Background: The life science industry has a strong interest in real-world data (RWD), a term that is currently being used in many ways and with varying definitions depending on the source. In this review article, we provide a summary overview of the challenges and risks regarding the use of RWD and its translation into real-world evidence and provide a classification and visualization of RWD challenges by means of the RWD Challenges Radar. Summary: Based on a systematic literature search, we identified 3 types of challenges – organizational, technological, and people-based – that must be addressed when deriving evidence from RWD to be used in drug approval and other applications. It further demonstrates that numerous different aspects, for example, related to the application field and the associated industry, must be considered. A key finding in our review is that the regulatory landscape must be carefully assessed before utilizing RWD. Key Messages: Establishing awareness and insight into the challenges and risks regarding the use of RWD will be key to taking full advantage of the RWD potential. As a result of this review, an “RWD Challenges Radar” will support the establishment of awareness by providing a comprehensive overview of the relevant aspects to be considered when employing RWD.