Refine
H-BRS Bibliography
- yes (4917) (remove)
Departments, institutes and facilities
- Fachbereich Wirtschaftswissenschaften (1243)
- Fachbereich Informatik (1148)
- Fachbereich Angewandte Naturwissenschaften (766)
- Fachbereich Ingenieurwissenschaften und Kommunikation (636)
- Institut für Technik, Ressourcenschonung und Energieeffizienz (TREE) (480)
- Präsidium (403)
- Fachbereich Sozialpolitik und Soziale Sicherung (402)
- Institute of Visual Computing (IVC) (313)
- Institut für funktionale Gen-Analytik (IFGA) (241)
- Internationales Zentrum für Nachhaltige Entwicklung (IZNE) (195)
Document Type
- Article (1603)
- Conference Object (1119)
- Part of a Book (690)
- Part of Periodical (410)
- Book (monograph, edited volume) (370)
- Report (145)
- Preprint (88)
- Working Paper (87)
- Contribution to a Periodical (83)
- Doctoral Thesis (70)
Year of publication
Keywords
- Lehrbuch (85)
- Deutschland (27)
- Nachhaltigkeit (27)
- Controlling (23)
- Unternehmen (23)
- Digitalisierung (17)
- Management (17)
- Betriebswirtschaftslehre (16)
- Machine Learning (16)
- Corporate Social Responsibility (15)
In den letzten 20 Jahren haben sich im betrieblichen Umfeld rasante Veränderungen ergeben. Neben der fachlichen Eignung gewinnen soziale Fähigkeiten und die methodische Kompetenz an Bedeutung. Für die Personalentwicklungsarbeit der Unternehmen und Hochschule bedeutet dies, nicht nur Fachwissen zu schulen, sondern die anderen Kompetenzbereiche einzubeziehen und gezielt zu fördern. Dabei haben sich Praxisprojekte bewährt, bei denen die Studierenden in die Lösung aktueller unternehmerischer Aufgabenstellungen vor Ort einbezogen werden. Der Beitrag gibt die Erfahrung wieder, die die FH Rhein-Sieg in Zusammenarbeit mit der Versicherungsgruppe der Deutschen Bank beim Einsatz von Projekten als Instrument der Personalentwicklung gemacht hat.
Schritt für Schritt hin zu einer erfolgreichen Präsentation: Dieses Buch zeigt klar auf, was wann zu tun ist, um vor Publikum überzeugend zu reden. Schaubilder, Merklisten und zahlreiche Beispiele helfen dabei, die Kunst der Präsentation von der Pike auf zu erlernen. Auf dem Weg zu dem eigenen Präsentationsstil wird gezeigt, wie persönliche Schwächen vermieden und Stärken ausgebaut werden können. Der ideale Begleiter für Studium, Lehre und Beruf.
While the recent discussion on Art. 25 GDPR often considers the approach of data protection by design as an innovative idea, the notion of making data protection law more effective through requiring the data controller to implement the legal norms into the processing design is almost as old as the data protection debate. However, there is another, more recent shift in establishing the data protection by design approach through law, which is not yet understood to its fullest extent in the debate. Art. 25 GDPR requires the controller to not only implement the legal norms into the processing design but to do so in an effective manner. By explicitly declaring the effectiveness of the protection measures to be the legally required result, the legislator inevitably raises the question of which methods can be used to test and assure such efficacy. In our opinion, extending the legal compatibility assessment to the real effects of the required measures opens this approach to interdisciplinary methodologies. In this paper, we first summarise the current state of research on the methodology established in Art. 25 sect. 1 GDPR, and pinpoint some of the challenges of incorporating interdisciplinary research methodologies. On this premise, we present an empirical research methodology and first findings which offer one approach to answering the question on how to specify processing purposes effectively. Lastly, we discuss the implications of these findings for the legal interpretation of Art. 25 GDPR and related provisions, especially with respect to a more effective implementation of transparency and consent, and provide an outlook on possible next research steps.
Software developers build complex systems using plenty of third-party libraries. Documentation is key to understand and use the functionality provided via the libraries’ APIs. Therefore, functionality is the main focus of contemporary API documentation, while cross-cutting concerns such as security are almost never considered at all, especially when the API itself does not provide security features. Documentations of JavaScript libraries for use in web applications, e.g., do not specify how to add or adapt a Content Security Policy (CSP) to mitigate content injection attacks like Cross-Site Scripting (XSS). This is unfortunate, as security-relevant API documentation might have an influence on secure coding practices and prevailing major vulnerabilities such as XSS. For the first time, we study the effects of integrating security-relevant information in non-security API documentation. For this purpose, we took CSP as an exemplary study object and extended the official Google Maps JavaScript API documentation with security-relevant CSP information in three distinct manners. Then, we evaluated the usage of these variations in a between-group eye-tracking lab study involving N=49 participants. Our observations suggest: (1) Developers are focused on elements with code examples. They mostly skim the documentation while searching for a quick solution to their programming task. This finding gives further evidence to results of related studies. (2) The location where CSP-related code examples are placed in non-security API documentation significantly impacts the time it takes to find this security-relevant information. In particular, the study results showed that the proximity to functional-related code examples in documentation is a decisive factor. (3) Examples significantly help to produce secure CSP solutions. (4) Developers have additional information needs that our approach cannot meet.
Overall, our study contributes to a first understanding of the impact of security-relevant information in non-security API documentation on CSP implementation. Although further research is required, our findings emphasize that API producers should take responsibility for adequately documenting security aspects and thus supporting the sensibility and training of developers to implement secure systems. This responsibility also holds in seemingly non-security relevant contexts.
At the end of 2019, about 4.1 billion people on earth were using the internet. Because people entrust their most intimate and private data to their devices, the European legislation has declared the protection of natural persons in relation to the processing of personal data as a fundamental right. In 2018 23 million people worldwide, having the responsibility of implementing data security and privacy, were developing software. However, the implementation of data and application security is a challenge, as evidenced by over 41 thousand documented security incidents in 2019. Probably the most basic, powerful, and frequently used tools software developers work with are Application Programming Interfaces (APIs). Security APIs are essential tools to bring data and application security into software products. However, research results have revealed that usability problems of security APIs lead to insecure API use during development. Basic security requirements such as securely stored passwords, encrypted files or secure network connections can become an error-prone challenge and in consequence lead to unreliable or missing security and privacy. Because software developers hold a key position in the development processes of software, not properly operating security tools pose a risk to all people using software. However, little is known about the requirements of developers to address the problem and improve the usability of security APIs. This thesis is one of the first to examine the usability of security APIs. To this end, the author examines to what extent information flows can support software developers in using security APIs to implement secure software by conducting empirical studies with software developers. This thesis has contributed fundamental results that can be used in future work to identify and improve important information flows in software development. The studies have clearly shown that developer-tailored information flows with adapted security-relevant content have a positive influence on the correct implementation of security. However, the results have also led to the conclusion that API producers need to pay special attention to the channels through which they direct information flows to API users and how the information is designed to be useful for them. In many cases, it is not enough to provide security-relevant information via the documentation only. Here, proactive methods like the API security advice proposed by this thesis achieve significantly better results in terms of findability and actionable support. To further increase the effectiveness of the API security advice, this thesis developed a cryptographic API warning design for the terminal by adopting a participatory design approach with experienced software developers. However, it also became clear that a single information flow can only support up to a certain extent. As observed from two studies conducted in complex API environments in web development, multiple complementary information flows have to meet the extensive information needs of developers to be able to develop secure software. Some evaluated new approaches provided promising insights towards more API consumer-focused documentation designs as a complement to API warnings.
Professor Dr. Dietmar Fink, Inhaber des Lehrstuhls für Unternehmensberatung an der Hochschule Bonn-Rhein-Sieg und Geschäftsführender Direktor der Wissenschaftlichen Gesellschaft für Management und Beratung (WGMB) in Bonn, über den Mehrwert von Consulting-Rankings und den Sinn von Beraterprojekten bei Versicherern
Nanomedicine strategies were first adapted and successfully translated to clinical application for diseases, such as cancer and diabetes. These strategies would no doubt benefit unmet diseases needs as in the case of leishmaniasis. The latter causes skin sores in the cutaneous form and affects internal organs in the visceral form. Treatment of cutaneous leishmaniasis (CL) aims at accelerating wound healing, reducing scarring and cosmetic morbidity, preventing parasite transmission and relapse. Unfortunately, available treatments show only suboptimal effectiveness and none of them were designed specifically for this disease condition. Tissue regeneration using nano-based devices coupled with drug delivery are currently being used in clinic to address diabetic wounds. Thus, in this review, we analyse the current treatment options and attempt to critically analyse the use of nanomedicine-based strategies to address CL wounds in view of achieving scarless wound healing, targeting secondary bacterial infection and lowering drug toxicity.