Denis Feth

Fraunhofer Institute for Experimental Software Engineering IESE | IESE · Security Engineering

Products and services are increasingly being offered in so-called “digital ecosystems”, where the processing of sensitive data plays a major role. In such ecosystems, the aim should always be to offer “data providers” (e.g., companies or consumers of goods and services) transparency and control over the processing of their data. This concept is cal...

As the digital transformation of the economy relies on the processing of personal data, employee data protection is an important prerequisite. When implementing data protection, there is typically a discussion of technical and organizational measures. However, since virtually all data protection measures can be regarded as socio-technical, the cons...

Users should always play a central role in the development of (software) solutions. The human-centered design (HCD) process in the ISO 9241-210 standard proposes a procedure for systematically involving users. However, due to its abstraction level, the HCD process provides little guidance for how it should be implemented in practice. In this chapte...

Consent is an important authorization basis for the processing of personal data. According to the General Data Protection Regulation (GDPR), consents must be as specific and unambiguous as possible. In practice, however, this leads to users being overwhelmed by the large number of consent requests, which can ultimately be detrimental to freedom of...

Zusammenfassung Digitale Ökosysteme entstehen in allen Branchen und Domänen, leben von einer starken Vernetzung und ermöglichen neue, datenzentrierte Geschäftsmodelle. Die Umsetzung von Datensouveränität – also die größtmögliche Kontrolle, Einfluss- und Einsichtnahme auf die Nutzung der Daten durch den Datengebenden – ist essenziell, um eine vertra...

Many approaches, methods, and tools aim to support companies in the implementation of the European General Data Protection Regulation (GDPR). However, their focus is primarily on protecting the privacy of external data subjects (e.g., customers), whereas the privacy of employees tends to be disregarded. In order to provide employees with more trans...

Zusammenfassung Beruflich genutzte, Cloud-basierte Office-Pakete verarbeiten zahlreiche personenbezogene Daten von Beschäftigten. Die dort integrierten Datenschutzwerkzeuge können Beschäftigte verwenden, um sich zu informieren und die Verarbeitung zu beeinflussen. Mithilfe von heuristischen Walkthroughs wurde die Benutzerfreundlichkeit der Werkzeug...

Zusammenfassung Beschäftigte haben unterschiedliche Auffassungen davon, wie ihre Daten verarbeitet werden und welchen Einfluss sie selbst darauf haben. Ihre Sicht auf die Datenverarbeitung, ihre Einflussmöglichkeiten auf diese und ihre Bedürfnisse hinsichtlich des Schutzes ihrer Privatsphäre am Arbeitsplatz werden in diesem Beitrag vorgestellt. Der...

Privacy dashboards provide means for increasing transparency and self-determination for end-users of different systems and domains. However, there is no generic privacy dashboard that fits all needs. Rather, privacy dashboards are domain-dependent and must consider a variety of requirements of the respective domain. Elicitation and balancing of the...

Privacy policies are the state of the practice technique for data transparency. Oftentimes, however, they are presented in a non-prominent way, are lengthy, and are not written in the users’ language. As a result, their acceptance is rather low, even though users are generally interested in privacy. Thus, we need enhanced transparency approaches. I...

Zusammenfassung Die wachsende Digitalisierung in der Arbeitswelt und die damit einhergehende Implementation von immer mehr und neuen Informationssystemen führt dazu, dass die Verarbeitung personenbezogener Daten von Beschäftigten zunimmt. Diese Entwicklung stellt das Arbeitgeber-Arbeitnehmer-Verhältnis vor neue Herausforderungen im Hinblick auf den...

Security mechanisms are nowadays part of almost every software. At the same time, they are typically sociotechnical and require involvement of end users to be effective. The usability of security measures is thus an essential factor. Despite this importance, this aspect often does not receive the necessary attention, for example due to short resour...

Security and privacy are considered important by most users. However, formulating their own abstract data protection requirements is already a challenge for them. The mapping of these requirements to concrete setting options in an application is even more challenging-partially because the user interfaces for data protection settings are not tailore...

As work becomes increasingly digital, companies store and process more personally identifiable information of their employees. This is typically beneficial for both employees and employers, who take advantage of simplified digital work processes and tools. The problem is that there is typically no opt-out option for employees, and employers can mis...

Most usability evaluation methods (UEM) and heuristics, such as Nielsen's heuristics, are tailored to usability professionals. However, these experts are rare and expensive. Thus, we empirically evaluated whether the web usability inspection technique based on design perspectives (WDP) can achieve equally valuable results while being less dependent...

Datenschutzerklärungen sind häufig schwer zu finden und zu verstehen. Daher lesen viele Nutzer sie nur teilweise oder gar nicht. Kontextuelle Datenschutzerklärungen verfolgen einen alternativen Ansatz. Hier werden Datenschutzinformationen für den Nutzungskontext maßgeschneidert und nur die jeweils relevanten Informationen angezeigt. In dieser Arbei...

Privacy is a vital aspect of IT systems and services, and it is demanded from users and by law. Thus, most data-processing services provide interfaces for users to support transparency (e.g., privacy notices) and self-determination(e.g., privacy settings). In this paper, we present evidence that users do not make use of these privacy interfaces—alt...

Security policies determine which security requirements have to be met in a domain and how they are implemented organizationally and/or technically. However, their specification at run-time poses a challenge for policy authors(e.g., IT administrators or end users), especially if they are inexperienced in this task.Thus, specification interfaces hav...

Privacy policies are the state of the practice technique to achieve data transparency. However, they have a variety of issues in practice: They are presented in a non-prominent way, are typically quite lengthy, and not written in the users' language. Additionally, they are quite abstract, as privacy policies are generic documents that do not relate...

Security, privacy and usability are vital quality attributes of IT systems and services. Users and legal authorities demand that systems are secure and preserve privacy. At the same time, security and privacy mechanisms should not complicate workflows and must be transparent for the user. In order to master this challenge, a close involvement of th...

The technical or organizational enforcement of security policies is a necessity for modern enterprises such as DATEV eG. However, security policy specification is challenging,especially for users inexperienced in security. The provision of project- and domain-specific security policy templates can sup-port users in the specification of security pol...

In modern enterprises, incorrect or inconsistent security policies can lead to massive damage, e.g., through unintended data leakage. As policy authors have different skills and background knowledge, usable policy editors have to be tailored to the author's individual needs and to the corresponding application domain. However, the development of in...

The exploitation of context-awareness, especially in mobile devices bears a huge potential. For example, mobile workers benefit from systems that adapt security settings or user interfaces to the current situation. However, the correct detection of contexts strongly relies on raw data from various context information sources that might be neither t...

Security and usability are highly important and interdependent quality attributes of modern IT systems. However, it is often hard to fully meet both in practice. Security measures are complex by nature and often complicate work flows. Vice versa, insecure systems are typically not usable in practice. To tackle this, we aim at finding the best balan...

The exploitation of context-awareness, especially in mobile devices bears a huge potential. For example, mobile workers benefit from systems that adapt security settings to the current situation. However, context-aware computing strongly relies on raw data from various sources that might be neither trustworthy nor authoritative. In this work, we pr...

Context-awareness in mobile information systems bears a huge potential. However, context-awareness is still in its infancy and its full potential is not yet exploited. One reason is the poorly supported creation and learning of suitable context descriptions. Another problem is the questionable predictive power of context descriptions that makes it...

Mobile devices are used in a variety of different situations, for example at work, at home, or while traveling. However, specific security requirements of the current context are usually not considered. Even if security mechanisms apply for a certain situation, their activation usually remains a manual task. Our work investigates the use of context...

The popularity of smart mobile devices, initiatives such as “bring your own device”, and the increasing overlap of private and business areas are changing the IT landscape and its security requirements. This poses challenges in terms of data security, the adherence to privacy laws, and the protection of business assets. To tackle the problem, we de...

Android allows users to cancel the installation of apps whenever requested permissions to resources seem inappropriate from their point of view. Since permissions can neither be granted individually nor changed after installation, this results in rather coarse, and often too liberal, access rules. We propose a more fine-grained security system beyo...

As usability improvement is still considered as an optional task by many engineers, this work is describing the necessity and the application of usability engineering in the medical domain according to the new usability standard DIN EN 60601-1-6 and the follow-up standard DIN EN 62366. Therefore terms as well as the different user actions and use e...