Critical Information Infrastructures/en
= Critical Information Infrastructures=
Critical information infrastructures are sociotechnical systems comprising essential software components and information systems with pivotal impact on individuals, organizations, governments, economies, and society. We work on research challenges concerned with the design, development, and evaluation of reliable, secure, and purposeful software and information systems. Our research features a strong domain focus, in particular, on internet and health care industries as well as on the industry-specific application of secure and trustworthy AI models. The principal goal of our research is theorizing on and designing the applications and methods required for creation and innovation of sociotechnical systems with auspicious value propositions. In our studies, we rigorously employ a variety of interdisciplinary methods and build on theories from information systems and related disciplines. Our work accounts for the multifaceted use contexts of information and communication technologies with research on human behavior affecting critical information infrastructures and vice versa. This enables us to rigorously generate strong theoretical insights while simultaneously producing research outputs of relevance to practical audiences.
Our main research contexts are reliable, secure, and purposeful software and information systems within the scope of critical infrastructures, innovative health IT applications, cloud computing services, blockchain technologies, trustworthy AI, continuous, DLT-based auditing of AI systems, and auditing/certification of IT in general.
|Critical Information Infrastructures||Ws 19/20|
|Praktikum: Entwicklung soziotechnischer Informationssysteme||Ws 19/20|
|Digital Health||Ws 19/20|
- Jan Bartsch
- Mikael Beyene
- Mandy Goram
- Malte Greulich
- Anton Grube
- Shanshan Hu
- Niclas Kannengießer
- Jens Lansing
- Florian Leiser
- Sebastian Lins
- Felix Morsbach
- Konstantin Pandl
- Sascha Rank
- Maximilian Renner
- Manuel Schmidt-Kraepelin
- Michael Sosna
- Heiner Teigeler
- Scott Thiebes
- Philipp Toussaint
- Tessa Buttenberg
- Maren Cordts
- Lisa Drawe
- Yannick Erb
- Niklas Hasebrook
- Tobias Hilt
- Ella Lutzweiler
- Rano Permana
- Pranjal Ranka
- Maximilian Rauh
- Cedric Smith
- Yanxiu Wuwang
- Frederic von Normann
Our research is funded by
|European Cloud Service Data Protection Certification|
The objective of the research project “European Cloud Service Data Protection Certification” (AUDITOR) is the conception, exemplary implementation and testing of an enduring EU-wide data protection certification for cloud services. As project leader, we engage in every project activity to achieve this goal.
|COOLedger – A COnfiguration toOL for Distributed Ledgers|
The goal of the research project is to support the selection and configuration of a suitable distributed ledger through a model that identifies the dependencies between DLT characteristics and presents them in an understandable way. The model will be embedded in a process and implemented as software, which facilitates finding the suitable configuration of distributed ledgers for specific applications.
|Distributed Ledger Technology for Life Sciences|
The aim of the research project “Distributed Ledger Technology for Life Sciences” (DLT4Life) is to develop a secure and privacy preserving DLT-based infrastructure for data exchange in the life sciences. The research project is part of the Helmholtz Information & Data Science School for Health (HIDSS4Health) and is carried out in cooperation with the German Cancer Research Center (DKFZ) in Heidelberg.
|ePill - electronic Patient Information Leaflets|
ePill (Electronic Patient Information LeafLets) is a web application that offers patient-friendly aggregation and refinement of information in patient information leaflets. ePill avoids drawbacks of patient information leaflets regarding readability, comprehensibility, and content. Besides improving the presentation of information in patient information leaflets, ePill can contribute to the solution of the prevalent problem of medication compliance by alleviating the process of gaining knowledge about the pharmaceuticals one is taking.
|GI Special Interest Group Digital Health|
The interdisciplinary special interest group Digital Health will examine current issues relating to the use of IT in healthcare and medicine from a variety of perspectives. The special interest group is to serve as a communication platform for stakeholders in the field of digital health. The goal is to offer researchers, practitioners and policymakers a central point of contact for the exchange and consolidation of research work and practical issues.
|Project Next Generation Certification (NGCert)|
The project “Next Generation Certification” (NGCert) focuses on research and development of dynamic certifications for cloud services, which enable auditors to continuously and (semi) automatically audit and monitor crucial parameters of cloud services. In this context, we develop metrics, methods, and design guidelines for continuous monitoring and (semi) automatic certification of cloud services.
|Security & Compliance Automation|
The project 'Security & Compliance Automation' deals with the automation of compliance assessment processes in the context of cloud services. The research group cii is working together with SAP SE to deal with the challenging and ever-increasing amount of requirements that cloud services have to fulfil.
Our research project „Trusted Blockchain“ aims to develop an innovative certification for distributed ledger technologies to reduce market uncertainty and support the development of trusted and secure technologies.
|Unblackboxing IT Certifications|
The project goal of “Unblackboxing IT Certifications” is to explore IT certifications' impact on customer and e-vendor perceptions. Within the research context of electronic markets, we investigate the research question of how web assurance seals are perceived by both customers and e-vendors. The project results contribute to gaining a deep and fundamental understanding of IT certifications' effectiveness.