Karsten Sohr

According to our database1, Karsten Sohr authored at least 49 papers between 1999 and 2020.

Collaborative distances:
  • Dijkstra number2 of four.
  • Erdős number3 of four.



In proceedings 
PhD thesis 


Online presence:

On csauthors.net:


Modeling and Validating Role-Based Authorization Policies for a Port Communication System with UML and OCL.
J. Object Technol., 2020

Praktische Erfahrungen und Ansätze für âSecurity by Design' auf Basis der STRIDE-Methodik.
Datenschutz und Datensicherheit, 2020

Static Extraction of Enforced Authorization Policies SeeAuthz.
Proceedings of the 20th IEEE International Working Conference on Source Code Analysis and Manipulation, 2020

Modeling Low-Level Network Configurations for Analysis, Simulation and Testing.
Proceedings of the Modellierung 2020, 19.-21. Februar 2020, Wien, Österreich., 2020

Good vs. Evil: Investigating the Effect of Game Premise in a Smart Home Security Educational Game.
Proceedings of the CHI PLAY '20: The Annual Symposium on Computer-Human Interaction in Play, Virtual Event, Canada, November 2-4, 2020, 2020

The Architectural Security Tool Suite - ARCHSEC.
Proceedings of the 19th International Working Conference on Source Code Analysis and Manipulation, 2019

Towards Effective Verification of Multi-Model Access Control Properties.
Proceedings of the 24th ACM Symposium on Access Control Models and Technologies, 2019

Make my Phone Secure!: Using Gamification for Mobile Security Settings.
Proceedings of Mensch und Computer 2019, Hamburg, Germany, September 8-11, 2019, 2019

What Could Go Wrong?: Raising Mobile Privacy and Security Awareness Through a Decision-Making Game.
Proceedings of the Extended Abstracts of the Annual Symposium on Computer-Human Interaction in Play Companion Extended Abstracts, 2019

HappyPermi: Presenting Critical Data Flows in Mobile Application to Raise User Security Awareness.
Proceedings of the Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems, 2019

Integrating UML/OCL Derived Properties into Validation and Verification Processes.
Proceedings of the 16th International Workshop on OCL and Textual Modelling co-located with 19th International Conference on Model Driven Engineering Languages and Systems (MODELS 2016), 2016

Automatically Extracting Threats from Extended Data Flow Diagrams.
Proceedings of the Engineering Secure Software and Systems - 8th International Symposium, 2016

Understanding the implemented access control policy of Android system services with slicing and extended static checking.
Int. J. Inf. Sec., 2015

Achieving Security Assurance with Assertion-based Application Construction.
EAI Endorsed Trans. Collab. Comput., 2015

Monitoring Database Access Constraints with an RBAC Metamodel: A Feasibility Study.
Proceedings of the Engineering Secure Software and Systems - 7th International Symposium, 2015

Zertifizierte Datensicherheit für Android-Anwendungen auf Basis statischer Programmanalysen.
Proceedings of the Sicherheit 2014: Sicherheit, 2014

Employing UML and OCL for designing and analysing role-based access control.
Math. Struct. Comput. Sci., 2013

UML/OCL based Design and Analysis of Role-Based Access Control Policies.
Proceedings of the Joint Proceedings of the First International Workshop On the Globalization of Modeling Languages (GEMOC 2013) and the First International Workshop: Towards the Model Driven Organization (AMINO 2013) Co-located with the 16th International Conference on Model Driven Engineering Languages and Systems (MODELS 2013), Miami, USA, September 29, 2013

Extracting and Analyzing the Implemented Security Architecture of Business Applications.
Proceedings of the 17th European Conference on Software Maintenance and Reengineering, 2013

Verifying Access Control Properties with Design by Contract: Framework and Lessons Learned.
Proceedings of the 37th Annual IEEE Computer Software and Applications Conference, 2013

The Transitivity-of-Trust Problem in Android Application Interaction.
Proceedings of the 2013 International Conference on Availability, Reliability and Security, 2013

Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL.
Inf. Softw. Technol., 2012

The Transitivity of Trust Problem in the Interaction of Android Applications
CoRR, 2012

An Approach to Detecting Inter-Session Data Flow Induced by Object Pooling.
Proceedings of the Information Security and Privacy Research, 2012

IO: An Interconnected Asset Ontology in Support of Risk Management Processes.
Proceedings of the Seventh International Conference on Availability, 2012

Unternehmensübergreifender Austausch von sicherheitsrelevantem Wissen.
Datenschutz und Datensicherheit, 2011

An Android Security Case Study with Bauhaus.
Proceedings of the 18th Working Conference on Reverse Engineering, 2011

Comprehensive Two-Level Analysis of Static and Dynamic RBAC Constraints with UML and OCL.
Proceedings of the Fifth International Conference on Secure Software Integration and Reliability Improvement, 2011

Software security aspects of Java-based mobile phones.
Proceedings of the 2011 ACM Symposium on Applied Computing (SAC), TaiChung, Taiwan, March 21, 2011

An Architecture-Centric Approach to Detecting Security Patterns in Software.
Proceedings of the Engineering Secure Software and Systems - Third International Symposium, 2011

Grundzüge eines Sicherheitskonzeptes für Arztpraxen mit Hilfe von Attack Trees und unter Berücksichtigung der Gesundheitstelematik.
Proceedings of the perspeGKtive 2010, 2010

Typed Linear Chain Conditional Random Fields and Their Application to Intrusion Detection.
Proceedings of the Intelligent Data Engineering and Automated Learning, 2010

Towards formal specification and verification of a role-based authorization engine using JML.
Proceedings of the ICSE Workshop on Software Engineering for Secure Systems, 2010

Secure Mobile Business Information Processing.
Proceedings of the IEEE/IFIP 8th International Conference on Embedded and Ubiquitous Computing, 2010

Idea: Towards Architecture-Centric Security Analysis of Software.
Proceedings of the Engineering Secure Software and Systems, Second International Symposium, 2010

Analyzing and Managing Role-Based Access Control Policies.
IEEE Trans. Knowl. Data Eng., 2008

Implementing Advanced RBAC Administration Functionality with USE.
Electron. Commun. Eur. Assoc. Softw. Sci. Technol., 2008

Supporting Agile Development of Authorization Rules for SME Applications.
Proceedings of the Collaborative Computing: Networking, 2008

Enforcing Role-Based Access Control Policies in Web Services with UML and OCL.
Proceedings of the Twenty-Fourth Annual Computer Security Applications Conference, 2008

Angepasste Benutzerschnittstellen für das Wearable Computing im Projekt SiWear.
Proceedings of the Mensch & Computer 2007 Workshopband, 2007

A model-checking approach to analysing organisational controls in a loan origination process.
Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, 2006

Articulating and enforcing authorisation policies with UML and OCL.
ACM SIGSOFT Softw. Eng. Notes, 2005

Formal specification of role-based security policies for clinical information systems.
Proceedings of the 2005 ACM Symposium on Applied Computing (SAC), 2005

Specification and Validation of Authorisation Constraints Using UML and OCL.
Proceedings of the Computer Security, 2005

A First Step Towards Formal Verification of Security Policy Properties for RBAC.
Proceedings of the 4th International Conference on Quality Software (QSIC 2004), 2004

A temporal-logic extension of role-based access control covering dynamic separation of duties.
Proceedings of the 10th International Symposium on Temporal Representation and Reasoning / 4th International Conference on Temporal Logic (TIME-ICTL 2003), 2003

Die Sicherheitsaspekte von mobilem Code.
PhD thesis, 2001

Pini - A Jini-Like Plug&Play Technology for the KVM/CLDC.
Proceedings of the Innovative Internet Computing Systems, 2001

Nicht verifizierter Code: Eine neue Sicherheitslücke in Java.
Proceedings of the JIT '99, 1999