@incollection{kieseberg_securing_2019, address = {Cham}, title = {Securing {Information} {Against} {Manipulation} in the {Production} {Systems} {Engineering} {Process}}, isbn = {978-3-030-25312-7}, url = {https://doi.org/10.1007/978-3-030-25312-7_12}, abstract = {Modern engineering projects often include extensive cooperation with partners as well as external experts, either due to specific knowledge required that cannot be acquired otherwise or even due to rules and regulations that have to be obeyed to enter a specific market. Still, Production Systems Engineering (PSE) processes contain significant intrinsic and explicit knowledge that is a key resource of a partner. Therefore, the partners in such a collaborative process need to protect their vital knowledge assets while still being forced to share much of the information, thus rendering proactive solutions for information protection infeasible. Information fingerprinting has been used as a reactive measure in many data-based information processes. While fingerprinting does not hinder unsolicited information exchange, fingerprinting techniques can be used to prove ownership of information and to determine the leaking partner. In addition, expert information is integrated into the overall process, requiring means to hold single participants responsible for errors and/or other issues. Still, in current environments, manipulation of information is largely possible. This becomes especially problematic in cases where the expert information is used as input in intelligent algorithms, thus rendering any chance of simple detection impossible, even for the expert originally entering the information. In this chapter, we adopt an approach for providing information integrity in the so-called doctor in the loop Holzinger (Brain Inform 3(2):119–131, 2016) systems in order to fit the PSE process and its special requirements and combine it with fingerprinting methods for protecting the ownership of vital information assets. Furthermore, we extend this approach to not only control data manipulation but also access to sensitive information. In order to further mitigate attacks targeting data exfiltration, we provide two new approaches for logging SELECT-queries in a way that cannot be manipulated even by attacks in the possession of administrator privileges.}, booktitle = {Security and {Quality} in {Cyber}-{Physical} {Systems} {Engineering}: {With} {Forewords} by {Robert} {M}. {Lee} and {Tom} {Gilb}}, publisher = {Springer International Publishing}, author = {Kieseberg, Peter and Weippl, Edgar}, editor = {Biffl, Stefan and Eckhart, Matthias and Lüder, Arndt and Weippl, Edgar}, year = {2019}, doi = {10.1007/978-3-030-25312-7_12}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec System \& Application Security, peer-reviewed}, pages = {335--356}, }