As I found out, I hadn’t written any posts in the last 12 months. This despite the fact that we had published some interesting papers and three (?) Incidents happened at LastPass. The latter obviously has to do with one of my research topics, identity management. Maybe I’ll write a blog post about it soon. […]
eID and SSI
The eIDAS regulation came to life in 2014. Now it looks like decentralized identities (self-sovereign identities) for eIDs will follow. The idea is interesting: the user is in control of their identities. So far, however, self-sovereign identities has been a research topic and have hardly been tested in real-world. This raises the question which lessons […]
Reference Model for Federated Identity Managmeent
At the end of the month, I’ll be presenting our reference model for federated identity management at EMMSAD 2021. As soon as the paper is online at arxiv.org, I will link it here. But why is it working? There are more and more identities, whether for one person or for an organization. In my password […]
Cyber Taxi
Our Cyber Taxi paper, which was presented at the ESORICS 2020 workshop MSTEC, is also available on arXiv. The lack of guided exercises and practical opportunities to learn about cybersecurity in a practical way makes it difficult for security experts to improve their proficiency. Capture the Flag events and Cyber Ranges are ideal for cybersecurity training. […]
State of the Art Paper on Identity Management
Before you can improve something, you need an overview. Prof. Dr. Wolfgang Hommel and I in our paper “An Overview of Limitations and Approaches in Identity Management“, which was published at ACM ARES this year. You can also find brief information on Identity Management Sota Publication. We examined centralized, federated and user-centered identity management and […]