Index

Sigrid Schefer

 
Dr. Sigrid Schefer-Wenzl
 

sigrid.schefer-wenzl atwu.ac.at
 
Lecturer
Vienna University of Economics and Business


Sigrid is a researcher and lecturer at the Competence Center for IT-Security at the University of Applied Sciences Campus Vienna and the Vienna University of Economics and Business (WU Vienna). She received a Doctoral, a Master and a Bachelor degree in Information Systems as well as a Master degree in Business Administration from the WU Vienna. Most of her current research focuses on the fields of security and business process modeling.

Research Interests

  • Business process and workflow management
  • Business process modeling
  • Security
  • Access Control

Awards & Honors

  • Stephan Koren Award 2014 for Dissertation, WU Vienna
  • Teaching Award 2014, FH Campus Wien
  • Top Journal Publication Award 2014, WU Vienna
  • Dissertation Excellence Grant 2013, WU Vienna
  • Innovative Teaching Award 2012 for the course "Introduction into Programming", WU Vienna
  • Best Paper Award, International Conference on Business Information Systems 2012
  • Scholarship for the career programme for young female scientists 
  • Member of WU Center of Excellence Honors Program
  • 8 Academic Excellence Grants from WU Vienna between 2004 and 2012
  • Erasmus scholarship for Study Exchange Program, Uppsala University (Sweden) 

Publications

(up to November 2014)

  • S. Schefer-Wenzl, M. Strembeck: Model-driven Specification and Enforcement of RBAC Break-Glass Policies for Process-Aware Information Systems, In: Information and Software Technology (IST), Vol. 56, No. 10, October 2014. (doi, pdf)
  • D. Hopfmüller, S. Schefer-Wenzl, M. Strembeck: Kaskadierender Widerruf von Delegationen in prozessbasierten Informationssystemen, In: Proc. of 44. Jahrestagung der Gesellschaft für Informatik (GI), INFORMATIK 2014, Lecture Notes in Informatics (LNI), Vol. 232, Stuttgart, Germany, September 2014. (pdf, extended version)
  • S. Schefer-Wenzl, M. Strembeck: Modeling Support for Role-Based Delegation in Process-Aware Information Systems, In: Business & Information Systems Engineering (BISE), Vol. 6, No. 4, August 2014. (doi)
  • S. Schefer-Wenzl, M. Strembeck: Modellierungsunterstützung für die rollenbasierte Delegation in prozessgestützten Informationssystemen, In: WIRTSCHAFTSINFORMATIK, Vol. 56, No. 4, August 2014. (doi)
  • S. Schefer-Wenzl, K. Feiertag: A Domain-Specific Language for XML-Security Standards, In: Proc. of the International Workshop on DSL Architecting & DSL-based Architectures (DADA), Vienna, Austria, August 2014.
  • S. Schefer-Wenzl, H. Bukvova, M. Strembeck: A Review of Delegation and Break-Glass Models for Flexible Access Control Management,  In: Proc. of the 6th Workshop on Applications of Knowledge-Based Technologies in Business (AKTB), Lecture Notes in Business Information Processing (LNBIP), Vol. 183, Springer, Larnaca, Cyprus, May 2014. (pdf)
  • S. Schefer-Wenzl: Role-based Delegation and Revocation in xoRBAC - Implementation Experiences, In: Proc. of the 13th IASTED International Conference on Software Engineering (SE), Innsbruck, Austria, February 2014. 
  • S. Schefer-Wenzl, M. Strembeck: Modeling Context-Aware RBAC Models for Mobile Business Processes, In: International Journal of Wireless and Mobile Computing (IJWMC), Vol. 6, No. 5, pp. 448-462, 2013. (pdf)
  • M. Leitner, S. Schefer-Wenzl, S. Rinderle-Ma, M. Strembeck: An Experimental Study on the Design and Modeling of Security Concepts in Business Processes, In: Proc. of the 6th IFIP WG 9.1 Working Conference on The Practice of Enterprise Modeling (POEM), Lecture Notes in Business Information Processing (LNBIP), Vol. 165, Springer, Riga, Latvia, November 2013. (pdf)
  • S. Schefer-Wenzl, S. Sobernig, M. Strembeck: Evaluating a UML-Based Modeling Framework for Process-Related Security Properties: A Qualitative Multi-Method Study, Proc. of the 21st European Conference on Information Systems (ECIS), Utrecht, The Netherlands, June 2013. (pdf)
  • S. Schefer-Wenzl: Model-Driven Specification of Access Control Constraints for Process-Aware Information Systems, Doctoral thesis, WU Vienna, Austria, March 2013.
  • S. Schefer-Wenzl, M. Strembeck: Generic Support for RBAC Break-Glass Policies in Process-Aware Information Systems, In: Proc. of the 28th ACM Symposium on Applied Computing (SAC), Coimbra, Portugal, March 2013. (pdf)
  • S. Schefer-Wenzl, M. Strembeck: A UML Extension for Modeling Break-Glass Policies, In: Proc. of the 5th International Workshop on Enterprise Modelling and Information Systems Architectures (EMISA), Lecture Notes in Informatics (LNI), Vol. 206, Vienna, Austria, September 2012. (pdf)
  • M. Leitner, A. Baumgrass, S. Schefer-Wenzl, S. Rinderle-Ma, M. Strembeck: A Case Study on the Suitability of Process Mining to Produce Current-State RBAC Models, In: BPM 2012 Workshops, Proc. of the Workshop on Security in Business Processes (SBP), Lecture Notes in Business Information Processing (LNBIP), Vol. 132, Springer, Tallinn, Estonia, September 2012. (pdf)
  • A. Baumgrass, S. Schefer-Wenzl, M. Strembeck: Deriving Process-Related RBAC Models from Process Execution Histories, In: Proc. of the 4th IEEE International Workshop on Security Aspects in Processes and Services Engineering (SAPSE),  Izmir, Turkey, July 2012. (pdf, extended version)
  • B. Hoisl, S. Sobernig, S. Schefer-Wenzl, M. Strembeck, A. Baumgrass: Design Decisions for UML and MOF based Domain-specific Language Models: Some Lessons Learned, In: Proc. of the 2nd Workshop on Process-based approaches for Model-Driven Engineering (PMDE), Kgs. Lyngby, Denmark, July 2012. (pdf)
  • S. Schefer-Wenzl, M. Strembeck: Modeling Context-Aware RBAC Models for Business Processes in Ubiquitous Computing Environments, In: Proc. of the 3rd International Conference on Mobile, Ubiquitous, and Intelligent Computing (MUSIC), IEEE, Vancouver, Canada, June 2012. (pdf)
  • S. Sobernig, B. Hoisl, S. Schefer-Wenzl, M. Strembeck, and A. Baumgrass: A Catalog of Reusable Design Decisions for Developing UML- and MOF-based Domain-Specific Modeling Languages, Technical Report, Vienna University of Economics and Business, June 2012. (pdf)
  • S. Schefer-Wenzl, M. Strembeck, A. Baumgrass: An Approach for Consistent Delegation in Process-Aware Information Systems, In: Proc. of the 15th International Conference on Business Information Systems (BIS), Lecture Notes in Business Information Processing (LNBIP), Vol. 117, Springer, Vilnius, Lithuania, May 2012. (pdf) (Best Paper Award)
  • S. Schefer, M. Strembeck, J. Mendling, A. Baumgrass: Detecting and Resolving Conflicts of Mutual-Exclusion and Binding Constraints in a Business Process Context, In: OTM Conferences (1) 2011, Proc. of the 19th International Conference on Cooperative Information Systems (CoopIS), Lecture Notes in Computer Science (LNCS), Vol. 7044, Springer, Crete, Greece, October 2011. (pdf, extended version)
  • S. Schefer, M. Strembeck, J. Mendling: Checking Satisfiability Aspects of Binding Constraints in a Business Process Context, In: BPM 2011 Workshops (2), Proc. of the BPM Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Business Information Processing (LNBIP), Vol. 100, Springer, Clermont-Ferrand, France, August 2011. (pdf)
  • S. Schefer: Consistency Checks for Duties in Extended UML2 Activity Models, In: Proc. of the Sixth International Conference on Availability, Reliability and Security (ARES), International Workshop on Security Aspects in Process-Aware Information Systems, IEEE, Vienna, Austria, August 2011. (pdf)
  • S. Schefer, M. Strembeck: Modeling Support for Delegating Roles, Tasks, and Duties in a Process-Related RBAC Context, In: CAiSE Workshops 2011, Proc. of the International Workshop on Information Systems Security Engineering (WISSE), Lecture Notes in Business Information Processing (LNBIP), Vol. 83, Springer Verlag, London, Great Britain, June 2011. (pdf)
  • S. Schefer, M. Strembeck: Modeling Process-Related Duties with Extended UML Activity and Interaction Diagrams, In: Electronic Communications of the EASST: Kommunikation in verteilten Systemen, Vol. 37, March 2011. (online, pdf, extended version)

Talks

  •  A Domain-Specific Language for XML-Security Standards, International Workshop on DSL Architecting & DSL-based Architectures (DADA), Vienna, Austria, August 2014.
  • A Review of Delegation and Break-Glass Models for Flexible Access Control Management, 6th Workshop on Applications of Knowledge-Based Technologies in Business (AKTB), Larnaca, Cyprus, May 2014.
  • Role-based Delegation and Revocation in xoRBAC - Implementation Experiences, 13th IASTED International Conference on Software Engineering (SE), Innsbruck, Austria, February 2014.
  • Generic Support for RBAC Break-Glass Policies in Process-Aware Information Systems, 28th Symposium on Applied Computing (SAC), Coimbra, Portugal, March 2013.
  • A UML Extension for Modeling Break-Glass Policies, 5th International Workshop on Enterprise Modelling and Information Systems Architectures (EMISA), Vienna, Austria, September 2012.
  • Modeling Context-Aware RBAC Models for Business Processes in Ubiquitous Computing Environments, 3rd International Conference on Mobile, Ubiquitous, and Intelligent Computing (MUSIC), Vancouver, Canada, June 2012.
  • An Approach for Consistent Delegation in Process-Aware Information Systems, 15th International Conference on Business Information Systems (BIS), Vilnius, Lithuania, May 2012.
  • Detecting and Resolving Conflicts of Mutual-Exclusion and Binding Constraints in a Business Process ContextInternational Conference on Cooperative Information Systems (CoopIS), Crete, Greece, October 2011.
  • Checking Satisfiability Aspects of Binding Constraints in a Business Process ContextBPM Workshop on Workflow Security Audit and Certification (WfSAC 2011), Clermont-Ferrand, France, August 2011.
  • Consistency Checks for Duties in Extended UML2 Activity ModelsInternational Workshop on Security Aspects in Process-Aware Information Systems (SAPAIS 2011), Vienna, Austria, August 2011.
  • Modeling Support for Delegating Roles, Tasks, and Duties in a Process-Related RBAC Context, International Workshop on Information Systems Security Engineering (WISSE 2011), London, Great Britain, June 2011.
  • Modeling Process-Related Duties with Extended UML Activity and Interaction Diagrams, International Workshop on Flexible Workflows in Distributed Systems (WiVS 2011), Kiel, Germany, March 2011.

Reviewing Activities

  • 1st Workshop on Resource Management in Service-Oriented Computing (RMSOC 2014)
  • International Workshop on DSL Architecting & DSL-based Architectures (DADA'14)
  • GI Sicherheit 2014
  • 1. Workshop zur Ereignismodellierung und -verarbeitung im Geschäftsprozessmanagement im Rahmen der Modellierung 2014 (EmoV 2014)
  • 9th International Workshop on Security and Trust Management (STM 2013)
  • 11th International Conference on Business Process Management (BPM 2013)
  • 8th International Conference on Availability, Reliability and Security (ARES 2013)
  • 21st European Conference on Information Systems (ECIS 2013)
  • 11. Internationale Tagung Wirtschaftsinformatik (WI 2013)
  • 10th International Conference on Business Process Management (BPM 2012)
  • 9th International Conference on Business Process Management (BPM 2011)