Phishing refers to attempts to impersonate a trustworthy communication partner via fake websites, e-mails or other messages in order to obtain personal data, for example. As a result, for example account theft or identity theft can be committed or malware can be installed. Phishing is one of the social engineering attacks that exploit the victims’ […]
As everywhere in IT security, it is also important in identity management that a measure is both secure and usable. Users can get creative if something is too time-consuming, annoying or otherwise impractical for them. Is there too many steps to authenticate on the notebook? Then the screen is not locked. Does the screen need […]
Our Cyber Taxi paper, which was presented at the ESORICS 2020 workshop MSTEC, is also available on arXiv. The lack of guided exercises and practical opportunities to learn about cybersecurity in a practical way makes it difficult for security experts to improve their proficiency. Capture the Flag events and Cyber Ranges are ideal for cybersecurity training. […]
Recently our CTF 2020 finally took place, which was initially postponed by COVID-19 and now carried out online. Each of the over 30 registered teams received a care package with food, drinks, information, goodies and – of course – a hardware challenge. The board itself was a treat, but the exchange with the participants wasn’t […]
In this example, the nerdhorn is both parent and partner and therefore has other functions, authorizations and tasks to do. As in normal life, digital identities have different roles. Associated with these roles are permissions. Users can have several user roles. A typical concept that implements this is RBAC, Role Based Access Control. Often the […]