International Workshop on Emerging Digital Identities

The Call for Paper for our International Workshops on Emerging Digital Identities (EDId), located at ARES 2024, is now public. Based on the topic, we search for contributions related to digital identities, including interoperability, protocols, security, and more. Topics of interest are, for example, the following: Interoperability and user experience related to digital identities Analysis […]

Authentication Analysis Framework (AAF)


Recently, our paper [1] on the Authentication Analysis Framework (AAF) was accepted and published by Elsevier COSE. But what is it all about? User accounts on the Internet usually support different primary and fallback authentication methods. Fallback methods take effect when the primary authentication methods are (temporarily) not available, for example, because the password has […]

Different Aspects of IT Security

ARES 2022

As I found out, I hadn’t written any posts in the last 12 months. This despite the fact that we had published some interesting papers and three (?) Incidents happened at LastPass. The latter obviously has to do with one of my research topics, identity management. Maybe I’ll write a blog post about it soon. […]

eID and SSI

The eIDAS regulation came to life in 2014. Now it looks like decentralized identities (self-sovereign identities) for eIDs will follow. The idea is interesting: the user is in control of their identities. So far, however, self-sovereign identities has been a research topic and have hardly been tested in real-world. This raises the question which lessons […]

Googeling Nerdhorn


By using the Internet and its services, such as social media, we leave behind data about ourselves. This data can potentially be used for attacks. For example, bloggers’ addresses and vacation times can be found and used for theft. Even pseudonyms can be correlated if things go wrong. It is, therefore, important to think in […]