Publications

2024

Geisler, M., Pöhn, D., and Hommel, W., Hooked: A Real-World Study on QR Code Phishing. In: DFN-Konferenz 2024. [accepted]

Maul, D., Stiemert, L., and Pöhn, D., Evaluation of Basic Methods to Bypass Recent Antivirus Systems in Windows Environments. In: DFN-Konferenz 2024. [accepted]

2023

Pöhn, D. and Gruschka, N., Past and Present: A Case Study on Twitter’s Responses to GDPR Data Requests. In: Annual Privacy Forum 2023. [accepted]

Teuschel, M., Pöhn, D., Grabatin, M., Dietz, F., Hommel, W., and Alt, F., ‘Don’t Annoy Me With Privacy Decisions!’ — Designing Privacy-Preserving User Interfaces for SSI Wallets on Smartphones. In IEEE Access, vol. 11, pp. 131814-131835, 2023, doi: 10.1109/ACCESS.2023.3334908.

Pöhn, D., Gruschka, N., Ziegler, L., and Büttner, A., A Framework for Analyzing Authentication Risks in Account Networks. In: Elsevier Computers & Security (COSE), 103515, ISSN 0167-4048, 10.1016/j.cose.2023.103515, 2023.

Hafner, L., Wutz, F., Pöhn, D., and Hommel, W., TASEP: A Collaborative Social Engineering Tabletop Role-Playing Game to Prevent Successful Social Engineering Attacks. In Proceedings of the 18th International Conference on Availability, Reliability and Security (ARES ’23). Association for Computing Machinery, New York, NY, USA, Article 67, 1–10. https://doi.org/10.1145/3600160.3605005, 2023. Link

Makowski, J.-P. and Pöhn, D., Evaluation of Real-World Risk-Based Authentication at Online Services Revisited: Complexity Wins. In Proceedings of the 18th International Conference on Availability, Reliability and Security (ARES ’23). Association for Computing Machinery, New York, NY, USA, Article 73, 1–9. https://doi.org/10.1145/3600160.3605024, 2023. Link

Gamisch, L. and Pöhn, D., A Study of Different Awareness Campaigns in a Company. In Proceedings of the 18th International Conference on Availability, Reliability and Security (ARES ’23). Association for Computing Machinery, New York, NY, USA, Article 68, 1–8. https://doi.org/10.1145/3600160.3605006, 2023. Link

Pöhn, D., Mörsdorf, N., and Hommel, W., Needle in the Haystack: Analyzing the Right of Access According to GDPR Article 15 Five Years after the Implementation. In Proceedings of the 18th International Conference on Availability, Reliability and Security (ARES ’23). Association for Computing Machinery, New York, NY, USA, Article 91, 1–10. https://doi.org/10.1145/3600160.3605064, 2023. Link

Pöhn, D. and Hommel, W., Towards an Improved Taxonomy of Attacks Related to Digital Identities and Identity Management Systems. In: Security and Communication Networks, vol. 2023, p. 5573310, Jun. 2023. Link

Pöhn, D. and Hommel, W., New Directions and Challenges within Identity and Access Management. In: IEEE Communications Standards Magazine, vol. 7, no. 2, pp. 84-90, June 2023, doi: 10.1109/MCOMSTD.0006.2200077.

Pöhn, D., Grabatin, M., and Hommel, W.,  Modeling the Threats to Self-Sovereign Identities. In: Roßnagel, H., Schunck, C. H. & Günther, J. (Hrsg.), Open Identity Summit 2023. Gesellschaft für Informatik e.V.. DOI: 10.18420/OID2023_07 Link

Eipper, A. and Pöhn, D., How to Design a Blue Team Scenario for Beginners on the Example of Brute-Force Attacks on Authentications. In Proceedings of the 9th International Conference on Information Systems Security and Privacy – ICISSP, ISBN 978-989-758-624-8; ISSN 2184-4356, pages 477-484, 2023. DOI: 10.5220/0011667300003405

Dieterich, A.; Schopp, M.; Stiemert, L.; Steininger, C. and Pöhn, D., Evaluation of Persistence Methods Used by Malware on Microsoft Windows Systems. In Proceedings of the 9th International Conference on Information Systems Security and Privacy – ICISSP, ISBN 978-989-758-624-8; ISSN 2184-4356, pages 552-559, 2023. DOI: 10.5220/0011710200003405

Walkow, M. and Pöhn, D., Systematically Searching for Identity-Related Information in the Internet with OSINT Tools. In Proceedings of the 9th International Conference on Information Systems Security and Privacy – ICISSP, ISBN 978-989-758-624-8; ISSN 2184-4356, pages 402-409, 2023. DOI: 10.5220/0011644200003405

Dimaratos, A. and Pöhn, D., Evaluation Scheme to Analyze Keystroke Dynamics Methods. In Proceedings of the 9th International Conference on Information Systems Security and Privacy – ICISSP, ISBN 978-989-758-624-8; ISSN 2184-4356, pages 357-365, 2023. DOI: 10.5220/0011626100003405

Pöhn, D., Seeber, S., and Hommel, W., Combining SABSA and Vis4Sec to the Process Framework IdMSecMan to Continuously Improve Identity Management Security in Heterogeneous ICT Infrastructures. Applied Sciences. 2023; 13(4):2349. https://doi.org/10.3390/app13042349

2022

Pöhn, D. and Hommel, W., Reference Service Model Framework for Identity Management. In IEEE Access, vol 10, 1-26, 10.1109/ACCESS.2022.3219044, 2022.

Pöhn, D. and Hommel, W., TaxIdMA: Towards a Taxonomy for Attacks related to Identities. In Proceedings of the 17th International Conference on Availability, Reliability and Security (ARES . ACM, New York, NY, USA, Article 125, 1–13. https://doi.org/10.1145/3538969.3544430, 2022.

Pöhn. D., Gruschka, N., and Ziegler, L., Multi-Account Dashboard for Authentication Dependency Analysis. In Proceedings of the 17th International Conference on Availability, Reliability and Security (ARES). ACM, Article 39, 1–13. https://doi.org/10.1145/3538969.3538987, 2022.

Wilkening, F, Stiemert, L., Schopp, M., Pöhn, D., and Hommel, W., Investigating Leaked Sensitive Information in Version Control Systems with the Kraulhorizon Framework. In: Ude, Albrecht (eds.), Sicherheit in vernetzten Systemen: 29. DFN-Konferenz, Books on Demand, C1-C21, January, 2022.

2021

Pöhn D, Grabatin M, Hommel W. eID and Self-Sovereign Identity Usage: An Overview. Electronics. 2021; 10(22):2811. https://doi.org/10.3390/electronics10222811 Link

Pöhn, D., Seeber, S., Hanauer, T., Ziegler, J. A., and Schmitz, D., Towards Improving Identity and Access Management with the IdMSecMan Process Framework. In The 16th International Conference on Availability, Reliability and Security (ARES 2021). Association for Computing Machinery, New York, NY, USA, Article 89, 1–10. DOI:https://doi.org/10.1145/3465481.3470055, 2021 Link

Pöhn, D. and Hillmann, P., Reference Service Model for Federated Identity Management. In: Augusto A., Gill A., Nurcan S., Reinhartz-Berger I., Schmidt R., Zdravkovic J. (eds) Enterprise, Business-Process and Information Systems Modeling. BPMDS 2021, EMMSAD 2021. Lecture Notes in Business Information Processing, vol 421. Springer, Cham. https://doi.org/10.1007/978-3-030-79186-5_13, 2021  Link Link

Grabatin, M., Steinke, M., Pöhn, D. and Hommel, W., A Matrix for Systematic Selection of Authentication Mechanisms in Challenging Healthcare related Environments, In: Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems (SAT-CPS ’21), Association for Computing Machinery, New York, NY, USA, 88–97. https://doi.org/10.1145/3445969.3450424, April, 2021.

Pöhn, D. and Hommel, W., Universal Identity and Access Management Framework for Future Ecosystems. In: Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), vol. 12, no. 1, pp 64-84, http://dx.doi.org/10.22667/JOWUA.2021.03.31.064, March, 2021. Pdf

Pöhn, D. and Hommel, W., Proven and Modern Approaches to Identity Management. In: Daimi, K. and Peoples, C. (eds.), Advances in CyberSecurity Management, Springer International Publishing, 978-3-030-71380-5, https://doi.org/10.1007/978-3-030-71381-2, 2021.

Pham, S.; Schopp, M.; Stiemert, L.; Seeber, S.; Pöhn, D. and Hommel, W. (2021). Field Studies on the Impact of Cryptographic Signatures and Encryption on Phishing Emails.In Proceedings of the 7th International Conference on Information Systems Security and Privacy – Volume 1: ICISSP, ISBN 978-989-758-491-6, pages 384-390. DOI: 10.5220/0010206003840390, 2021.

2020

Knüpfer M. et al. (2020) Cyber Taxi: A Taxonomy of Interactive Cyber Training and Education Systems. In: Hatzivasilis G., Ioannidis S. (eds) Model-driven Simulation and Training Environments for Cybersecurity. MSTEC 2020. Lecture Notes in Computer Science, vol 12512. Springer, Cham. https://doi.org/10.1007/978-3-030-62433-0_1. Link

Pöhn, D. and Hommel, W., IMC: A Classification of Identity Management Approaches. In: Boureanu I. et al. (eds) Computer Security. ESORICS 2020. Lecture Notes in Computer Science, vol 12580. Springer, Cham. https://doi.org/10.1007/978-3-030-66504-3_1, 2020.

Pöhn, D. and Hommel, W., An Overview of Limitations and Approaches in Identity Management. In Proceedings of the 15th International Conference on Availability, Reliability and Security (ARES ’20). Association for Computing Machinery, New York, NY, USA, Article 90, 1–10, DOI:https://doi.org/10.1145/3407023.3407026, 2020. Info

2019

Dreo Rodosek, G., Knüpfer, M., Pöhn, D., Eiseler, V., Moving Target Defence : a new paradigm in cybersecurity. In Bundesministerium der Verteidigung (Ed.) Military Scientific Research Annual Report 2018. : Defence Research for the German Armed Forces, pp 72-73, 2019.

Dreo Rodosek, G., Knüpfer, M., Pöhn, D., Eiseler, V., Moving Target Defence – ein neues Paradigma in der Cybersicherheit. In Bundesministerium der Verteidigung (Ed.) Wehrwissenschaftliche Forschung Jahresbericht 2018. : Wehrwissenschaftliche Forschung für deutsche Streitkräfte, pp 72-73, 2019.

2018

Hanauer, T., Hommel, W., Metzger, S., Pöhn, D., A Process Framework for Stakeholder-specific Visualization of Security Metrics. In Proceedings of the 13th International Conference on Availability, Reliability and Security (ARES 2018). Association for Computing Machinery, New York, NY, USA, Article 28, 1-10. DOI:https://doi.org/10.1145/3230833.3232855

Seydel, D., Weiß, G., Pöhn, D., Wessel, S., Wenninger, F., Safety & Security Testing of Cooperative Automotive Systems. In: Embedded World Conference 2018, 978-3-645-50173-6, Haar b. München, 2018. Pdf

2017

Grabatin, M., Hommel, W., Metzger, S., Pöhn, D., Level of Assurance Management for Dynamic Identity Federations based on Vectors of Trust. In: PIK, Praxis der Informationsverarbeitung und Kommunikation, Vol. 39, Issue 3-4, 2016/2017.

2016

Pöhn, D., Architektur und Werkzeuge für dynamisches Identitätsmanagement in Föderationen. In: Dr. Hut Verlag. Dissertation an der LMU. Dezember 2016. Link

Pöhn, D., Hommel, W., Management Architecture for Dynamic Federated Identity Management. In Proceedings of the Second International Conference on Cryptography and Information Security (CRIS 2016), S. 211-226, 2016. Pdf

Hommel, W., Pöhn, D., Automated User Information Conversion to improve Identity Federation Scalability. In: Proceedings of the 22th congress of the European University Information Systems Organisation (EUNIS 2016). Thessaloniki, Griechenland, Juni 2016. Link

Grabatin, M., Hommel, W., Metzger, S., Pöhn, D., Improving the Scalability of Identity Federations through Level of Assurance Management Automation. In: GI Edition LNI – 9. DFN-Forum Kommunikationstechnologien. Rostock, Deutschland, Mai/Juni 2016. Link

Grabatin, M., Hommel, W., Metzger, S., Pöhn, D., Level of Assurance Management Automation for Dynamic Identity Federations based on Vectors of Trust. Praxis der Informationsverarbeitung und Kommunikation 39(3-4): 41 (2016).

Pöhn, D., Risk Management for Dynamic Metadata Exchange via a Trusted Third Party. In: ICISSP 2016 – Proceedings of the 2nd International Conference on Information Systems Security and Privacy, SciTePress. Rom, Italien, Februar 2016. Pdf

Pöhn, D., Architecture and Concepts for Federated Identity Management with Federations and Inter-federations. In DCISSP 2016 – Proceedings of Doctoral Consortium on Information Systems Security and Privacy, pp 3-9. Rom, Italien, Februar 2016.

Schmidt, F., Hanauer, T., Pöhn, D., Visualisierung zur Unterstützung sicherheitsbezogener Linux-Systemadministration. In: Sicherheit in vernetzten Systemen – 23. DFN-Konferenz am 09. und 10. Februar 2016. Hamburg, Deutschland, Februar 2016.

2015

Hommel, W., Metzger, S., Pöhn, D., GÉANT-TrustBroker: Simplifying Identity & Access Management for International Research Projects and Higher Education Communities. In: EUNIS Journal of Higher Education IT – EJHEIT. Hrsg. von Michele Mennielli. Bd. 2. EUNIS 2015 – 20th EUNIS Congress. Umea, Schweden, Mai 2015. Pdf

Hommel, W., Metzger, S., von Eye, F., Pöhn, D., Improving higher education network security by automating scan result evaluation with Dr. Portscan. In: EUNIS Journal of Higher Education IT – EJHEIT, 2015(2), 11-20, Umea, Schweden, Mai, 2015. Pdf

Pöhn, D., Topology of Dynamic Metadata Exchange via a Trusted Third Party. In: GI Edition 251 – Open Identity Summit 2015. Berlin, Deutschland, November 2015. Link

Grabatin, M., Hommel, W., Metzger, S., Pöhn, D., DAME: On-demand Internetscale SAML Metadata Exchange. In: International Journal On Advances in Systems and Measurements, Vol. 8, Eds. IARIA, 2015, ISSN 1942-261x. pp 156-167.

2014

Hommel, W., Metzger, S., Pöhn, D., Géant-TrustBroker: Dynamic, Scalable Management of SAML-Based Inter-federation Authentication and Authorization Infrastructures. In: ICT Systems Security and Privacy Protection, 428, 307-320, Springer, Berlin; Heidelberg, Deutschland, Juni, 2014.

Hommel, W., Metzger, S., Pöhn, D., Géant-TrustBroker: Simplifying Identity & Access Management for International Research Projects and Higher Education Communities. In: Proceedings of the 20th congress of the European University Information Systems Organisation (EUNIS 2014), Umea, Schweden, Juni, 2014. Pdf

Hommel W., Metzger S., von Eye F., Pöhn D., Improving higher education network security by automating scan result evaluation with Dr. Portscan. In: Proceedings of the 20th congress of the European University Information Systems Organisation (EUNIS 2014), Umea, Schweden, Juni, 2014. Pdf

Hommel, W., Metzger, S., Pöhn, D., Project GÉANT-TrustBroker – Dynamic Identity Management across Federation Borders. In: Networking with the World, The 30th Trans European Research and Education Networking Conference – Selected Papers, Dublin, Irland, Mai, 2014.