Fenz, S. & Ekelhart, A. Formalizing information security knowledge ASIACCS ’09: Proceedings of the 2009 ACM symposium on Information, computer and communications security, ACM, 2009.
Ekelhart, A.; Fenz, S. & Neubauer, T. AURUM: A Framework for Supporting Information Security Risk Management Proceedings of the 42nd Hawaii International Conference on System Sciences, HICSS2009, IEEE Computer Society, 2009.
Neubauer, T.; Ekelhart, A. & Fenz, S. Interactive Selection of ISO 27001 Controls under Multiple Objectives Proceedings of the Ifip Tc 11 23rd International Information Security Conference, IFIPSec 2008, Springer, 2008, 278/2008, 477-492.
Goluch, G.; Ekelhart, A.; Fenz, S.; Jakoubi, S.; Tjoa, S. & Mück, T. Integration of an Ontological Information Security Concept in Risk Aware Business Process Management Proceedings of the 41st Hawaii International Conference on System Sciences, HICSS2008, IEEE Computer Society, 2008, 377-385.
Weippl, E. R.; Fenz, S. & Ekelhart, A. (2007), Security Ontologies: How to Improve Understanding of Complex Relationships, in ‘EDMEDIA 2007′.
Ekelhart, A.; Fenz, S.; Goluch, G. & Weippl, E. (2007), Ontological Mapping of Common Criteria’s Security Assurance Requirements, in ’22nd IFIP TC-11 International Information Security Conference (IFIPSEC’07)’.
Ekelhart, A.; Fenz, S.; Klemen, M. & Weippl, E. R. (2007), Security Ontologies: Improving Quantitative Risk Analysis, in ’40th Hawaii International Conference on System Sciences (HICSS’07)’, IEEE Computer Society, Los Alamitos, CA, USA, pp. 156-162.
Ekelhart, A.; Fenz, S.; Klemen, M. & Weippl, E. R. (2006), Security Ontology: Simulating Threats to Corporate Assets, in Aditya Bagchi & Vijayalakshmi Atluri, ed.,’Information Systems Security (ICISS’06)’, Springer, Kolkata, India, pp. 249-259.
Ekelhart, A.; Fenz, S.; Klemen, M. D.; Tjoa, A. M. & Weippl, E. R. (2006), Ontology-based Business Knowledge for Simulating Threats to Corporate Assets, in Ulrich Reimer & Dimitris Karagiannis, ed.,’Practical Aspects of Knowledge Management (PAKM’06)’, Springer, Vienna, Austria, pp. 37-48.
Fenz, S. (2006), ‘Security Ontologies: Improving Quantitative Risk Analysis’, Master’s thesis, Vienna University of Technology.
Fenz, S. & Weippl, E. R. (2006), Ontology based IT-Security planning, in ’12th Pacific Rim International Symposium on Dependable Computing (PRDC’06)’, IEEE Computer Society, Los Alamitos, CA, USA, pp. 389-390.