Contact

 

Dr. rer. nat. Wolfgang Böhmer
Research Scientist / Lecturer
Security Engineering Group

Computer Science Department
Technische Universität Darmstadt

CASED building, Mornewegstrasse 30, D-64293 Darmstadt, 4th floor, room 4.3.31

Phone: +49-6151-16-25628
Fax: +49-6151-16-25627

Email: wboehmer(-at-)cdc.informatik.tu-darmstadt.de

oops, hier sollte ein Bild erscheinen

                                                                      

Research Interests

My research interest focus on both IT security and information security. Besides, the concept of IT security is extended into the concept of information security which encompasses substantially more aspects than those of IT security. An other questions is, how to evaluate effectiveness and economic efficiency of an information security management systems (ISMS) according to ISO 27001:2005, (BCMS) according to BS 25999-2:2007 or an ITSMS according to ISO 20000 (ITIL). Another main focus is the area of business and risk modeling for both state risks and behavior risks. Furthermore the driving question is, how do we could model critical bussines processes with the theory of control systems in conjunction with an ISMS.  It seems to me that the Process Algebra (PA) and modal logic with the micro common representation language mCRL2, developed by the TU-Eindhoven, is a good approach.

Beside my activities as a more externally scientific colleague and teaching representative of the chair, I operate also as an accredited auditor (licence: BSI-GSL-0058-2003 and BSI-IGL-0012-2006) of the Federal Office for security in the information technology (BSI) in Bonn (Germany) since 2003 and as a qualified Lead auditor of the DQS GmbH  for the ISO/IEC 27001, ISO/IEC22301 asn ISO/IEC9001.  Furthermore I hold the certificates from ISC2 (CISSP) and from ISACA (CISA, CRISC).

 


 

Professional Activities

Program Committee member of:

ARES 2009 - Fukuoka, Japan, International Conference on Availability, Reliability and Security

SECUWARE 2009, Athens/Glyfada, Greece, The Third International Conference on Emerging Security Information, Systems and Technologies, 

SECUWARE 2010, Venice/Mestre, Italy, The Fourth International Conference on Emerging Security Information, Systems and Technologies,

MKWI 2010, Göttingen, MultiKonferenz für Wirtschaftsinformatik

ISSE/SICHERHEIT 2010, Berlin, SICHERHEIT – Schutz und Zuverlässigkeit

SECUWARE 2011, French Riviera, Nice/Saint Laurent du Var, France, The Fifth International Conference on Emerging Security Information, Systems and Technologies

Computation Tools 2011, September 25-30, 2011 - Rome, Italy, Second International Conference on Computational Logics, Algebras, Programming, Tools, and Benchmarking

perspeGKtive 2011, Darmstadt,  Innovative und sichere Informationstechnologie für das Gesundheitswesen von morgen

SECUWARE 2012, August 19 - 24, 2012 - Rome, Italy, The Sixth International Conference on Emerging Security Information, Systems and Technologies

MKWI 2012, Braunschweig, MultiKonferenz für Wirtschaftsinformatik

SECUWARE 2013, August 25 - 31, 2013 - Barcelona, Spain, The Seventh International Conference on Emerging Security Information, Systems and Technologies

SECUWARE 2014, November 16 - 20, 2014 - Lisbon, Portugal

AsiaARES 2014, Asian Conference on Availability, Reliability and Security,  April 14th - 17th 2014, Bali, Indonesia

SECUWARE 2015, August 23 - 28. 2015, Venice, Italy

SECUWARE 2016, July 24 - 28, Nice, France

Program member and Chairs

Program member and general chair of the annual CAST Workshop "Enterprise security" (since 2005)

Session chair SECUWARE 2009 (Athen/Greece),

TSP 2010 (Bradford/UK),

SECUWARE 2010 (Venice/Italy)

Member of the Jury GI "Promotionspreis IT-Sicherheit" 2010, 2011, 2012, 2013, 2014,2015

Member of organizations

Member of Gesellschaft für Informatik (GI), Fachgruppe Informationssicherheit (SecMgmt),

Member of ISACA

Member of (ISC)2

Member of IFIP, WG11.1

Member of ISO/IEC JTC 1/SC27 - IT Security Techniques (Chapter Germany)

Member of KITS (working group) DIN Berlin

Author and Reviewer of  Journal of Advances in Management Sciences & Information Systems

 


 

Teaching

Winter term 2015/16

  • Lecture 20.088.1 (2SWS) IT/Inf.-Sicherheitsmanagement Systeme

Summer term 2015:

  • Lecture 20.088.1 (2SWS) IT/Inf.-Sicherheitsmanagement Systeme

Winter term 2014/15

  • Lecture 20-00-0096-vl (2SWS) Virtual Private Networks, Drahtgebunden und drahtlos

Summer term 2014:

  • Lecture 20.088.1 (2SWS) IT/Inf.-Sicherheitsmanagement Systeme

Winter term 2013/14

  • Lecture 20-00-0096-vl (2SWS) Virtual Private Networks, Drahtgebunden und drahtlos

Summer term 2013:

  • Lecture 20.088.1 (2SWS) IT/Inf.-Sicherheitsmanagement Systeme

Winter term 2012/13:

  • Lecture 20-00-0096-vl (2SWS) Virtual Private Networks, Drahtgebunden und drahtlos

Summer term 2012:

  • Lecture 20.088.1 (2SWS) IT/Inf.-Sicherheitsmanagement Systeme

Winter term 2011/12:

  • Lecture 20-00-0096-vl (2SWS) Virtual Private Networks, Drahtgebunden und drahtlos

Summer term 2011:                  

  • Lecture 20.088.1 (2SWS) IT/Inf.-Sicherheitsmanagement Systeme

Winter term 2010/11:

  • Lecture 20-00-0096-vl (2SWS) Virtual Private Networks, Drahtgebunden und drahtlos

Summer term 2010:                  

  • Lecture 20.088.1 (2SWS) IT-Sicherheitsmanagement Systeme

Winter term 2009/10:

  • Lecture 20.088.1 (2SWS) IT-Sicherheitsmanagement Systeme

Summer term 2009:

  • Lecture 20.881. (2SWS) IT-Sicherheitsmanagement Systeme

Winter term 2008/09:

  • Lecture 20.088.1 (2SWS) IT-Sicherheitsmanagement Systeme

Summer term 2008:

  • Lecture 20.088.1 (2SWS) IT-Sicherheitsmanagement Systeme

Winter term 2007/08:

  • Lecture 20.088.1 (2SWS) IT-Sicherheitsmanagement Systeme

Summer term 2007:

  • Lecture 20.284.1 (2SWS) IT-Sicherheitsmanagement Systeme

Winter term 2006/07:

  • Lecture 20.209.1 (2SWS) IT-Sicherheitsmanagement Systeme

Summer term 2006:

  • Lecture 20.284.1 (2SWS) IT-Sicherheitsmanagement Systeme

Winter term 2005/06:

  • Lecture 20.209.1 (2SWS) IT-Sicherheitsmanagement Systeme

Winter term 2005/06:

  • Lecture 20.209.1 (2SWS) Virtual Private Networks, Drahtgebunden und drahtlos

Summer term 2005:

  • Lecture 20.284.1 (2SWS) IT-Sicherheitsmanagement Systeme

Winter term 2004/05:

  • Lecture 20.183.1 (2SWS) Virtual Private Networks, Drahtgebunden und drahtlos

Summer term 2004:

  • Lecture 20.183.1 (2SWS) Virtual Private Networks, Drahtgebunden und drahtlos

Winter term 2003/04:

  • Lecture 20.205.1 (2SWS) Virtual Private Networks, Drahtgebunden und drahtlos

Summer term 2003:

  • Lecture 20.183.1 (2SWS) Virtual Private Networks, Drahtgebunden und drahtlos

Winter term 2002/03:

  • Lecture 20.205.1 (2SWS) Virtual Private Networks, Drahtgebunden und drahtlos

Summer term 2002:

  • Lecture 20.183.1 (2SWS) Virtual Private Networks, Drahtgebunden und drahtlos

 


 

Publications

  1. Böhmer, W. und Milde, T.: Besonderheiten bei der Anwendung der IT-Grundschutz Methodik bei einem Telekommunikationsdienstleister, Datenschutz und Datensicherheit - DuD, Februrary 2017, Volume 41, Issue 2, pp 104-1120, Springer Fachmedien Wiesbaden 2017.
  2. Böhmer, W. et. al.: Managementsysteme für Informationssicherheit (ISMS) mit DIN ISO/IEC 27001 betreiben und verbessern, Fachbuch, Beuth-Verlag, 1. Auflage, 2017-03.
  3. Böhmer, W. und Milde, T.: Besonderheiten bei der Anwendung der IT-Grundschutz Methodik bei einem Telekommunikationsdienstleister, Tagungsband, D-A-CH Security 2016, Alpen-Adria-Universität Klagenfurt, 26. und 27. September (accepted paper).
  4. Boehmer, W.: Do we need Security Management Systems for Data Privacy, invited book chapter in  Handbook of Research on Emerging Developments in Data Privacy, Ed. Manish Gupta, IGI Global, Release Date: December, 2014, ISBN13: 9781466673816| or  ISBN10: 1466673818
  5. Boehmer, W.: Towards to analyze sophisticated Attacks, with conditional probability, genetic algorithm and a crime function, Lecture Notes in Computer Science (LNCS), Volume 8708, Proccedings of ARES 2014 Conference, University of Fribourg, Switzerland, September 8th – 12th, 2014.
  6. Böhmer, W.: Bestimmung des technischen VaR mittels der bedingten Wahrscheinlichkeit, Angriffsbäumen und einer Risikofunktion, Tagungsband der GI-Sicherheit 2014, Fachtagung vom 19.-21. März 2014 an der Technischen Universität Wien.
  7. Boehmer, W.: How to estimate a technical VaR using conditional probability, attack trees and a crime function for a VoIP Scenario, proceedings of the 8th ARES Conference on Availability, Reliability and Security (ARES 2013), University of Regensburg, Germany September 2nd - 6th, 2013.
  8. Boehmer, W.: Behavior Risk: the indefinite aspect at the Stuxnet Attack?  proceedings of the Seventh International Conference on Emerging Security Information, Systems and Technologies, SECUWARE 2013, August 25 - 31, 2013 - Barcelona, Spain.
  9. Boehmer, W.: Gekoppelte Management Systeme in der Informationssicherheit, Tagungsband, D-A-CH Security 2012, Konstanz 25. und 26. September 2012.
  10. Boehmer, W.: Dynamic systems approach to analyzing event risks and behavioral risks with Game Theory, PASSAT 2011, The Third IEEE International Conference on Privacy, Security, Risk, and Trust, 09.10 - 11.10.2011, p. 1231 - 1238, IEEE Computer Society, MIT, Boston, USA. 
  11. Boehmer, W.: Über die Anwendung von Sicherheitsmanagement Systemen, Policies und Spieltheorie zur Unternehmensabsicherung. Tagungsband, Lecture Notes in Informatics (LNI) 41. Jahrestagung der Gesellschaft für Informatik, 4.10 - 07.10. 2011, TU Berlin, Bonner Köllen Verlag (2011) ISBN 978-3-88579-286-4, Germany.
  12. Boehmer, W.: Toward a target and coupling function of three different Information Security Management Systems, invited article from the journal: Concurrency and Computation: Practice and Experience, 2011, 00:1-7, John Wiley & Sons, Ltd. 
  13. Boehmer, W.: Information Security Management Systems Cybernetics, invited book chapter in Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions. Manish Gupta, John Walp and Raj Sharman (ed) 2011.
  14. Boehmer, W. and Brandt, Ch. and Groote, J.F.: Analysing the dynamic behaviour of a Business Process and the related Business Continuity Process with mcrl2; The First International Conference on Computational Logics, Algebras, Programming, Tools, and Benchmarking, COMPUTATION TOOLS 2010, November 21-26, 2010 - Lisbon, Portugal; IEEE Computer Society.
  15. Boehmer, W.: Analysis of Strongly and Weakly Coupled Management Systems in Information Security; Fourth International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2010), July 18 - 25, 2010 - Venice/Mestre, Italy, IEEE Computer Society.
  16. Boehmer, W.: Toward a target function of an Information Security Management System; The Third IEEE International Symposium on Trust, Security and Privacy for Emerging Applications (TSP-2010), Bradford, UK, 29 June-1 July, 2010, IEEE Computer Society
  17. Boehmer, W.: Analyzing Human Behaviour using Case-Based Reasoning with the help of Forensic Questions; 24th. IEEE International Conference on Advanced Information Networking and Applications, (AINA 2010), Perth, Australia, 20- 23. April, 2010; IEEE Computer Society.
  18. Böhmer, W.: Managementsysteme sind Balance-Systeme – Diskussion relevanter Kennzahlen eines ISMS gemäß ISO/IEC 27001:2005, Multikonferenz für Wirtschaftsinformatik (MKWI 2010), Göttingen 23. - 25.02.2010.
  19. Boehmer, W.: Performance, survivability and cost aspects of Business Continuity Processes According to BS25999, International Journal On Advances in Security, issn 1942‐2636, vol. 2, no. 4, year 2009, http://www.iariajournals.org/security/.
  20. Boehmer, W.: Anwendung der forensischen Fragestellung in der Compliance Analyse; Bank-Verlag Medien GmbH in Köln, Risk, Compliance & Audit (RCA), 5/2009. 
  21. Boehmer, W. and Brandt, Ch. and Groote, J.F.: Evaluation of a Business Continuity Process using Process Algebra and Modal Logic; Computer Science Report CSR-09-12, Eindhoven University of Technology, 2009. (The report should appear automatically on http://w3.win.tue.nl/nl/onderzoek/onderzoek_informatica/ under computer science reports.)
  22. Boehmer, W. and Brandt, Ch. and Groote, Jan Friso.: Evaluation of a Business Continuity Plan using Process Algebra and Modal Logic, 2009, proceedings IEEE Toronto International Conference – Science and Technology for Humanity (IEEE-TIC-STH), SIASP 2, pp. 147 -152, September 26-27, 2009, IEEE Computer Society.
  23. Boehmer, W.: Überlebenswahrscheinlichkeit eines Unternehmens bei Anwendung eines BCMS gemäß BS 25999, Wie wahrscheinlich übersteht ein Unternehmen eine Katastrophe?; Bank-Verlag Medien GmbH in Köln; Risk, Compliance & Audit (RCA), 2/2009, Seite 23-30.
  24. Boehmer, W.: Survivability and Business Continuity Management System According to BS 25999; Third International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2009), Athens/Glyfada, Greece, June 2009, IEEE Computer Society; "Best paper award".
  25. Boehmer, W.: Cost-benefit trade-off analysis of an ISMS based on ISO 27001, ARES Conference, The International Dependability Conference, March, 16th - 19th 2009, Fukuoka Institute of Technology (FIT), Fukuoka, Japan, IEEE Computer Society.
  26. Böhmer, W.: Risiko, Voodoo und das Gesetz der großen Zahlen, Security Corner in der Computer Zeitung, Konradin-Verlag, online-Ausgabe, KW42, 2008; www.computer-zeitung.de; erschienen am 13.10.2008.
  27. Boehmer, W.: Appraisal of the effectiveness and efficiency of an Information Security Management System based on ISO 27001; The Second International Conference on Emerging Security Information, Systems and Technologies; (SECUWARE 2008), Cap Esterel, France;August 25-31, 2008, pp1-8, IEEE Computer Society.
  28. Boehmer, W.: Compliance Profiling: Dem Täter auf der Spur; Security Corner in der Computer Zeitung, Konradin-Verlag, online-Ausgabe, KW14, 2008; www.computer-zeitung.de; erschienen am 14.03.2008.
  29. Boehmer, W.: Wie sich die Wirksamkeit der Informationssicherheit messen lässt: Wege aus der Sackgasse des Return on Security Investment (ROSI); microsite.computer-zeitung.de/article.html &pid=ee54f3c7-0de1-40f5-bb23-2cfdf022aee5&page=1&pos=2&ms=/security-corner/index.html &tpid=ee54f3c7-0de1-40f5-bb23-2cfdf022aee5 Security Corner in der Computer Zeitung, Konradin-Verlag, online-Ausgabe, KW3, 2008; www.computer-zeitung.de; Erschienen 29.01.2008.
  30. Brandt, Ch.; Boehmer,W.; Engel, T.; Roeltgen, C.: Diskussionsvorschlag einer Lösungsskizze zur Behandlung von operationellen IT-Sicherheitsrisiken nach Basel II auf Grundlage von Anforderungen der Credit Suisse; Multikonferenz für Wirtschaftsinformatik (MKWI 2008), München 2008, srvmatthes6.in.tum.de, Stand 03.01.2008.
  31. Boehmer,W.: Bei Sicherheitsaudits drohen Fallstricke, Security Corner in der Computer Zeitung, Konradin-Verlag, online-Ausgabe, KW41, 2007; www.computer-zeitung.de; Erschienen 08.10.2007 oder online unter  http://www.brainguide.de/Bei-Sicherheitsaudits-drohen-Fallstricke#authors.
  32. Böhmer, W.: Informationssicherheitsmanagementsysteme im Kontext einer IT-Governance, in Rechts- und Haftungsrisiken im Unternehmensmanagement, Wiley-VCH Verlag München, (eds.) Romeike/Hirschmann , S.86-125, ISBN 3-86556-166-0, Juni 2006.
  33. Boehmer, W. and Petzel, E.: Evaluation of the Quality of an Information Security Management System (ISMS), IPSI-2006 Marbella Conference, February 10-13, 2006. Book of Abstract, ISBN: 86-7466-117-3.
  34. Böhmer, W.: VPN - Virtuelle private Netzwerke,  Kommunikationssicherheit in VPN- und IP-Netzen über GPRS und WLAN 2. überarbeitete und erweiterte Auflage, 2005, ISBN 3-446-22930-2.
  35. BöHMER, W.: Auf der sicheren Seite - Informationssicherheitsmanagement und IT-Governance, RISKNEWS - Fachmagazin für Risikomanagement, Volume 2, Issue 05, pages 28-36, October 2005, Wiley-VCH Verlag, München.
  36. Böhmer, W.: VPN - Virtuelle private Netzwerke,  Die reale Welt der virtuellen Netze, Carl-Hanser Verlag in München 1. Auflage, 2002, ISBN 3-446-21532-8.
  37. Böhmer, W. und Knöpfle, K., AES und die Zukunft der Privatsphäre im Internet, Tagungsband 7. Deutscher IT-Sicherheitskongreß des BSI 2001, SecuMedia Verlag, Ingelheim, ISBN 3-922746-36-5.

 

Books


Wolfgang Boehmer:
VPN: Virtual Private Networks
Kommunikationssicherheit in VPN- und IP-Netzen über GPRS und WLAN
2. überarbeitete und erweiterte Auflage,
Hanser Verlag München, Juni 2005
432 Seiten, Gebunden
ISBN 3-446-22930-2
39,90 EUR

 

 


zum Seitenanfangzum Seitenanfang

A A A | Drucken Print | Impressum Impressum | Kontakt Contact | Last edited: 2 months ago