Research Interests

I am a senior researcher working at the Deutsche Telekom Chair of Mobile Business & Multilateral Security at Goethe University Frankfurt. Currently I am also a temporary professor at the institute of business informatics at the University of Regensburg. My research focus is in the area of security and privacy with a particular interest in a holistic view on the examined systems. Thus, I consider economic aspects, human behaviour and try to enable users to regard security considerations and understand privacy implications.
Currently, I'm involved in the projects Secure Information Networks for Small- and Medium-sized Energy Providers (SIDATE), Anonymity Online Next Generation (AN.ON-NG) and Self Data Protecion in Online-Commerce (SIOC). The aim of the SIDATE project is to support small and medium-sizes energy providers in assessing and improving their information security level. The AN.ON-NG project aims at integrating privacy-enhancing technologies into the internet infrastructure. The aim of the project Self Privacy in Online Commerce (SIOC) is the design of an anonymous approach to online shopping. AN.ON-NG and SIOC both build on data protection by design. Among their crucial success factors are to regard the stakeholders' interests, their business models and to improve the usability and performance for the users.
Further research interests include the application of serious gaming in the domains of social engineering and privacy perception, modelling security and applied cryptography.
  • Modelling Security
    • Formalization of attacker models and security goals
    • Security metrics
  • Holistic Security & Security Management
    • Consideration of business processes
    • Economics of security
    • Human aspects of security
    • Consideration of user behaviour
    • Enabling non-experts to regard security considerations
    • Security Standards (e.g. ISO 27000, Common Criteria)
    • Relation between real and perceived security
    • Social Engineering
  • Applied Cryptography
    • Visual Cryptography
    • Privacy Enhancing Technologies (PET)
  • Serious Gaming in the domains
    • Social Engineering
    • Privacy perception
  • Risk Analysis
  • Privacy
  • Identity Management

Selected Publications

  1. Harborth, D. and Pape, S.: Investigating Privacy Concerns Related to Mobile Augmented Reality Apps - A Vignette Based Online Experiment. In Computers in Human Behavior, 122, 2021.
    DOI Link Abstract HP21chbBibtexprivacycs4e
  2. Löbner, S.; Tesfay, W. B.; Nakamura, T. and Pape, S.: Explainable Machine Learning for Default Privacy Setting Prediction. In IEEE Access, 9: 63700-63717, 2021.
    DOI Link Abstract LTNP21accessBibtexprivacycs4e
  3. Schmitz, C.; Schmid, M.; Harborth, D. and Pape, S.: Maturity Level Assessments of Information Security Controls: An Empirical Analysis of Practitioners' Assessment Capabilities. In Computers & Security, 108, 2021.
    DOI Link Abstract SSHP21coseBibtexsecuritycs4e
  4. Harborth, D.; Pape, S. and Rannenberg, K.: Explaining the Technology Use Behavior of Privacy-Enhancing Technologies: The Case of Tor and JonDonym. In Proceedings on Privacy Enhancing Technologies (PoPETs), 2020 (2): 111-128, 2020.
    PDF DOI Link Dataset Dataset Dataset Dataset Abstract HPR20petsBibtexinformation systemsprivacyanoncs4e
  5. Pape, S.: Requirements Engineering and Tool-Support for Security and Privacy.
    Link Abstract Pape20habilBibtexiotprivacysecurityserious gamesocial engineering
  6. Schmitz, C. and Pape, S.: LiSRA: Lightweight Security Risk Assessment for Decision Support in Information Security. In Computers & Security, 90, 2020.
    PDF DOI Link Abstract SP20coseBibtexsecuritysidate
  7. Harborth, D. and Pape, S.: How Nostalgic Feelings Impact Pokémon Go Players - Integrating Childhood Brand Nostalgia into the Technology Acceptance Theory. In Behaviour & Information Technology, 39 (12): 1276-1296, 2019.
    PDF DOI Link Abstract HP19bitBibtexinformation systemsanon
  8. Pape, S. and Rannenberg, K.: Applying Privacy Patterns to the Internet of Things' (IoT) Architecture. In Mobile Networks and Applications (MONET) -- The Journal of SPECIAL ISSUES on Mobility of Systems, Users, Data and Computing, 24 (3): 925-933, 2019.
    PDF DOI Slides Link Abstract PR19monetBibtexiotprivacysoftware engineering
  9. Harborth, D. and Pape, S.: Exploring the Hype: Investigating Technology Acceptance Factors of Pokémon Go. In 2017 IEEE International Symposium on Mixed and Augmented Reality, ISMAR 2017, Nantes, France, October 9-13, 2017, pages 155-168, 2017, Acceptance rate: (17)/99 = 17.2 %.
    PDF DOI Link Abstract HP17ismarBibtexinformation systems
  10. Schaab, P.; Beckers, K. and Pape, S.: Social engineering defence mechanisms and counteracting training strategies. In Information and Computer Security, 25 (2): 206-222, 2017.
    PDF DOI Link Abstract SBP17icsBibtexsecuritysocial engineering
  11. Beckers, K. and Pape, S.: A Serious Game for Eliciting Social Engineering Security Requirements. In Proceedings of the 24th IEEE International Conference on Requirements Engineering, IEEE Computer Society, RE '16 , 2016, Acceptance Rate: 22/79 = 27.8%.
    PDF DOI Link Abstract BP16reBibtexsecurityserious gamesocial engineeringhatchsidate
  12. Pape, S.; Flake, J.; Beckmann, A. and Jürjens, J.: STAGE -- A Software Tool for Automatic Grading of Testing Exercises -- Case Study Paper. In Proceedings of the 38th International Conference on Software Engineering, ICSE 2016, Austin, TX, USA, May 14-22, 2016 - Companion Volume, pages 491-500, 2016, Acceptance rate: (22+4)/64 = (34.4 + 6.3) %.
    PDF DOI Slides Link Abstract PFBJ16icseBibtexsoftware engineering
  13. Pape, S.: Sample or Random Security - A Security Model for Segment-Based Visual Cryptography. In Financial Cryptography and Data Security - 18th International Conference, FC 2014, Christ Church, Barbados, March 3-7, 2014, Revised Selected Papers, pages 291-303, 2014, Acceptance rate: 31 / 138 = 22.5%.
    PDF DOI Slides Link Abstract Pape14fcBibtexcrypto
  14. Pape, S.: Authentication in Insecure Environments -- Using Visual Cryptography and Non-Transferable Credentials in Practise. Springer Vieweg, Research , 2014.
    DOI Link Abstract pape14authenticationBibtexcryptoprivacysecurity
  15. Bleikertz, S.; Mastelic, T.; Pape, S.; Pieters, W. and Dimkov, T.: Defining the Cloud Battlefield -- Supporting Security Assessments by Cloud Customers. In Proceedings of IEEE International Conference on Cloud Engineering (IC2E), pages 78-87, 2013, Acceptance rate: 22 / 107 = 20.6%.
    PDF DOI Link Abstract BMPPD13ic2eBibtexsecuritysecureclouds
More information about my work:


Business Networks

View Sebastian Pape's profile on Xing   View Sebastian Pape's profile on LinkedIn

Academic Networks

View Sebastian Pape's Profile on Research Gate   View Sebastian Pape's ORCID