Publications

1. Steven Arzt, Andreas Poller, and Gisela Vallejo. 2021. Tracing Contacts With Mobile Phones to Curb the Pandemic:Topics and Stances in People’s Online Comments About the Official German Contact-Tracing App. In Extended Abstracts of the 2021 CHI Conference on Human Factors in Computing Systems (CHI EA '21). Association for Computing Machinery, New York, NY, USA, Article 322, 1–7. DOI: https://doi.org/10.1145/3411763.3451631 [DOWNLOAD] [POSTER] [PRESENTATION]

2. Hülya Evkan, Norman Lahr, Ruben Niederhagen, Richard Petri, Andreas Poller (Editor), Philipp Roskosch, and Michael Tröger. Security Evaluation of VeraCrypt. Technical Report. 2020. [EXTERNAL LINK]

3. Laura Kocksch and Andreas Poller. The practice turn in it security - an interdisciplinary approach. In Klaus David, Kurt Geihs, Martin Lange, and Gerd Stumme, editors, INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik – Informatik für Gesellschaft, pages 97–98, Bonn, 2019. Gesellschaft für Informatik e.V. [DOWNLOAD]

4. Laura Kocksch, Matthias Korn, Andreas Poller, and Susann Wagenknecht. Caring for it security: Accountabilities, moralities, and oscillations in it security practices. Proceedings of the ACM on Human-Computer Interaction, 2(CSCW):92, 2018. [DOWNLOAD]

5. Sven Türpe and Andreas Poller. Managing security work in scrum: Tensions and challenges. In Daniela Soares Cruzes and Martin Gilje Jaatun, editors, Proceedings of the International Workshop on Security in DevOps and Agile Secure Software Engineering (SecSE 2017), Oslo, Norway, 2017. CEUR Workshop Proceedings (CEUR-WS.org). [DOWNLOAD]

6. Sven Türpe, Jürgen Geuter, and Andreas Poller. Emission statt Transaktion, pages 227–248. Springer Fachmedien Wiesbaden, Wiesbaden, 2017. [DOWNLOAD]

7. Andreas Poller, Laura Kocksch, Sven Türpe, Felix Anand Epp, and Katharina Kinder-Kurlanda. Can security become a routine?: A study of organizational change in an agile software development group. In Proceedings of the 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing, CSCW ’17, pages 2489–2503, New York, NY, USA, 2017. ACM. [DOWNLOAD]

8. Laura Kocksch and Andreas Poller. Breaking new ground for researching secure software development with social theory. In CSCW ’17 “Theory transfers? Social theory & CSCW research” Workshop, February 2017. [DOWNLOAD]

9. Andreas Poller, Laura Kocksch, Katharina Kinder-Kurlanda, and Felix Anand Epp. First-time security audits as a turning point? challenges for security practices in an industry software development team. In Proceedings of the 2016 CHI Conference Extended Abstracts on Human Factors in Computing Systems, CHI EA ’16, pages 1288–1294, New York, NY, USA, 2016. ACM. [DOWNLOAD]

10. Sven Türpe, Laura Kocksch, and Andreas Poller. Penetration tests a turning point in security practices? organizational challenges and implications in a software development team. In 2nd Workshop on Security Information Workers, June 2016. [DOWNLOAD]

11. Mauro Baluda, Andreas Fuchs, Philipp Holzinger, Lotfi ben Othmane, Andreas Poller, Jürgen Repp, Johannes Späth, Jan Steffan, Stefan Triller, and Eric Bodden. Security analysis of TrueCrypt. Fraunhofer Institute for Secure Information Technology (SIT) for the German Federal Office for Information Security (BSI), November 2015. [DOWNLOAD]

12. Mauro Baluda, Andreas Fuchs, Philipp Holzinger, Lotfi ben Othmane, Andreas Poller, Jürgen Repp, Johannes Späth, Jan Steffan, Stefan Triller, and Eric Bodden. Sicherheitsanalyse TrueCrypt. Fraunhofer-Institut für Sichere Informationstechnologie (SIT) im Auftrag des Bundesamts für Sicherheit in der Informationstechnik (BSI), November 2015. [DOWNLOAD]

13. Andreas Kramm, Petra Ilyes, Andreas Poller, and Laura Kocksch. Studying the effects of sns users’ alternative privacy strategies with an activity tracking tool. In CSCW ’15 The Future of Networked Privacy: Challenges and Opportunities Workshop, March 2015. [DOWNLOAD]

14. Andreas Poller, Sven Türpe, and Katharina Kinder-Kurlanda. An asset to security modeling? analyzing stakeholder collaborations instead of threats to assets. In Proceedings of the 2014 New Security Paradigms Workshop, NSPW ’14, pages 69–82, New York, NY, USA, 2014. ACM. [DOWNLOAD]

15. Andreas Poller, Andreas Kramm, Petra Ilyes, and Laura Kocksch. Investigating osn users’ privacy strategies with in-situ observation. In CSCW’14 Companion. ACM, February 2014. [DOWNLOAD]

16. Sven Türpe, Annika Selzer, Andreas Poller, and Mark Bedner. Denkverbote für Star-Trek-Computer? Datenschutz und Datensicherheit - DuD, 38(1):31–35, Januar 2014. [DOWNLOAD]

17. Andreas Poller and Ulrich Waldmann. Soziale Netzwerke bewusst nutzen. Ein Dossier zu Datenschutz, Privatsphärenschutz und Unternehmenssicherheit. SIT Technical Reports SIT-TR-2013-02, Fraunhofer-Institut für Sichere Informationstechnologie SIT, August 2013. [DOWNLOAD]

18. Andreas Poller, Petra Ilyes, and Andreas Kramm. Designing privacy-aware online social networks - a reflective socio-technical approach. In CSCW ’13 Measuring Networked Social Privacy Workshop, February 2013. [DOWNLOAD]

19. Andreas Poller, Ulrich Waldmann, Sven Vowé, and Sven Türpe. Electronic identity cards for user authentication – promise and practice. Security Privacy, IEEE, 10(1):46–54, jan.-feb. 2012. [DOWNLOAD]

20. Andreas Poller, Martin Steinebach, and Huajian Liu. Robust image obfuscation for privacy protection in web 2.0 applications. In Nasir D. Memon, Adnan M. Alattar, and Edward J. Delp III, editors, Media Watermarking, Security, and Forensics 2012, volume 8303 of Proc. SPIE. SPIE, January 2012. [DOWNLOAD]

21. Sven Türpe, Andreas Poller, Jan Steffan, Jan-Peter Stotz, and Jan Trukenmüller. Attacking the bitlocker boot process. In Liqun Chen, Chris Mitchell, and Andrew Martin, editors, Trusted Computing, 2nd International Conference, Trust 2009, volume 5471 of LNCS, pages 183–196. Springer, Berlin / Heidelberg, 2009. Oxford, UK, April 6-8, 2009. [DOWNLOAD]

22. Andreas Poller. Privatsphärenschutz in Soziale-Netzwerke-Plattformen. Studie, Fraunhofer SIT, September 2008. [DOWNLOAD]

23. S. Türpe, A. Poller, J. Trukenmüller, J. Repp, and C. Bornmann. Supporting security testers in discovering injection flaws. In Testing: Academic Industrial Conference - Practice and Research Techniques, 2008 (TAIC PART ’08)., pages 64–68. IEEE, 2008. [DOWNLOAD]

24. Jan Steffan, Andreas Poller, Jan Trukenmüller, Jan-Peter Stotz, and Sven Türpe. Bitlocker Drive Encryption im mobilen und stationären Unternehmenseinsatz. Ein Leitfaden für Anwender; Fraunhofer-Institut SIT und BSI; 84 Seiten., March 2008. [DOWNLOAD]

Talks

• Arbeiten im Testlabor IT-Sicherheit, Video über die Arbeit am Fraunhofer SIT, [YOUTUBE]

• Managing Security Work in Scrum: Tensions and Challenges, Joined presentation with Sven Türpe at 2017 International Workshop on Secure Software Engineering in DevOps and Agile Development, Oslo, Norway, September 14, 2017

• Can Security Become a Routine? - A Study of Organizational Change in an Agile Software Development Group, Joined presentation with Laura Kocksch at 2017 ACM Conference on Computer Supported Cooperative Work and Social Computing, March 1, 2017, Portland, Oregon, USA

• Sichere Softwareentwicklung - Theorie vs. Herausforderungen in der Praxis, Vortrag beim Technologietag der DB Systel GmbH, Frankfurt am Main, 22. November 2016

• Can Security Become a Routine? - Observations in a Software Company, Joined presentation with Laura Kocksch at CAST-Workshop on Secure Software Development, Darmstadt, November 10, 2016

• Was kommt nach „Security by Design“? - Chancen der Partizipation im Software Engineering, Vortrag mit Sven Türpe beim Wissenschaftlichen Zentrum für Informationstechnik-Gestaltung (ITeG) der Universität Kassel, Workshop "Partizipatives Privacy by Design", Kassel, 7. Oktober 2016

• Sichere Software-Entwicklung - Herauforderungen heute und morgen, Vortrag beim Arbeitskreis Sicherheitsanwendungen bitkom, Frankfurt am Main, 11. Februar 2016

• „Secure Software Engineering“ in der Praxis, Vortrag beim T.I.S.P. Community Meeting, Berlin, 2. November 2015

• Threat Modeling, Joined lecture with Sven Türpe at Technische Universität Darmstadt, Darmstadt, 22. Oktober 2015

• "The question is whether a diagram helps at all!" - Benefits of Threat Modeling as Part of Software Development Processes, Joined presentation with Katharina Kinder-Kurlanda at CAST-Workshop on Secure Software Development, Darmstadt, May 15, 2014

• Aktuelle Entwicklungen im digitalen Zeitalter: Herausforderungen, Chancen, Risiken, Podiumsdiskussion: Die sächsische Polizei im digitalen Zeitalter, Veranstaltung des Sächsischen Staatsministerium des Inneren, Dresden, 26. November 2013

• Industriespionage 2.0? - Soziale Netzwerke und ihre Auswirkungen auf die Firmensicherheit, Vortrag auf der Jahrestagung der Vereinigung für die Sicherheit der Wirtschaft e.V., Mainz, 24. März 2009

• Your Virtual Ego: Fundaments and Threats - Sense and Nonsense of Data Protection in the Context of Social Networks, Institut für Rechtsinformatik - Gottfried Wilhelm Leibniz Universität Hannover (November 2008)

• Privacy Protection in Social-Networking-Platforms: Testing Myspace, Facebook & Co, presentation at Symposium "Privacy in the age of social network services", Council of Europe, Strasbourg, October 13, 2008

(Yet Incomplete)

Media

• Deutschlandfunk: Ein Assistent für mehr Privatsphäre (2013) [LINK]

• ZEIT Campus: Ausziehen 2.0 (2008) [LINK]

(Yet Incomplete)