Publications

• Conference paper
• Journal article
• Books and chapters
• Other publicatons

Conference Paper

2025

D. Pöhn, “”Then I clicked something” – Helping Users to Report Security Incidents with Digital Identity Wallets,” in Open Identity Summit 2025. Bonn: Gesellschaft für Informatik e.V.. PISSN: 2944-7682. pp. 55-69. Regular Research Papers. Neubiberg, Germany. 22.-23. May 2025

A. Sharif, Z. E. Ansaroudi, G. Sciarretta, D. Pöhn, M. Mollaeefar, W. Hommel, and S. Ranise, “Protecting Digital Identity Wallet: A Threat Model in the Age of eIDAS 2.0,” in Risks and Security of Internet and Systems. CRiSIS 2024. Lecture Notes in Computer Science, vol 15456. Springer, Cham, 2025.

D. Pöhn and N. Gruschka, “Qualitative In-Depth Analysis of GDPR Data Subject Access Requests and Responses from Major Online Services,” in Proceedings of the 11th International Conference on Information Systems Security and Privacy – Volume 1: ICISSP. SciTePress, 149-156, 2025.

D. Pöhn and H. Lüken, “Got Ya!: Sensors for Identity Management Specific Security Situational Awareness,” in Proceedings of the 11th International Conference on Information Systems Security and Privacy – Volume 1: ICISSP. SciTePress, 141-148, 2025.

2024

D. Pöhn and N. Gruschka, “Past and Present: A Case Study of Twitter’s Responses to GDPR Data Requests,” in Privacy Technologies and Policy. APF 2023 , Lecture Notes in Computer Science, vol 13888, Springer, Cham, 2024.

M. Geisler, D. Pöhn, and W. Hommel, “Hooked: A Real-World Study on QR Code Phishing,” in 31. DFN-Konferenz Sicherheit in vernetzten Systemen, 2024, B1-B18.

D. Maul, L. Stiemert, and D. Pöhn, “Evaluation of Basic Methods to Bypass Recent Antivirus Systems in Windows Environments,” in 31. DFN-Konferenz Sicherheit in vernetzten Systemen, 2024, C1-C21.

2023

L. Hafner, F. Wutz, D. Pöhn, and W. Hommel, “TASEP: A Collaborative Social Engineering Tabletop Role-Playing Game to Prevent Successful Social Engineering Attacks,” in Proceedings of the 18th International Conference on Availability, Reliability and Security (ARES), New York: ACM, 2023, Article 67, 1-10.

J.-P. Makowski and D. Pöhn, “Evaluation of Real-World Risk-Based Authentication at Online Services Revisited: Complexity Wins,” in Proceedings of the 18th International Conference on Availability, Reliability and Security (ARES), New York: ACM, 2023, Article 73, 1-9.

L. Gamisch and D. Pöhn, “A Study of Different Awareness Campaigns in a Company,” in Proceedings of the 18th International Conference on Availability, Reliability and Security (ARES), New York: ACM, 2023, Article 68, 1-8.

D. Pöhn, N. Mörsdorf, W. and Hommel, “Needle in the Haystack: Analyzing the Right of Access According to GDPR Article 15 Five Years after the Implementation,”‘ in Proceedings of the 18th International Conference on Availability, Reliability and Security (ARES), New York: ACM, 2023, Article 91, 1-10.

D. Pöhn, M. Grabatin, and W. Hommel, “Modeling the Threats to Self-Sovereign Identities,” in Open Identity Summit, Bonn: Gesellschaft für Informatik e.V., 2023.

A. Eipper and D. Pöhn, “How to Design a Blue Team Scenario for Beginners on the Example of Brute-Force Attacks on Authentications,” in Proceedings of the 9th International Conference on Information Systems Security and Privacy (ICISSP), Setúbal: SciTePress, 2023, 477-484.

A. Dieterich, M. Schopp, L. Stiemert, C. Steininger, and D. Pöhn, “Evaluation of Persistence Methods Used by Malware on Microsoft Windows Systems,” in Proceedings of the 9th International Conference on Information Systems Security and Privacy (ICISSP), Setúbal: SciTePress, 2023, 552-559.

M. Walkow and D. Pöhn, “Systematically Searching for Identity-Related Information in the Internet with OSINT Tools,” in Proceedings of the 9th International Conference on Information Systems Security and Privacy (ICISSP), Setúbal: SciTePress, 2023, 402-409.

A. Dimaratos, and D. Pöhn, “Evaluation Scheme to Analyze Keystroke Dynamics Methods,” in Proceedings of the 9th International Conference on Information Systems Security and Privacy (ICISSP), Setúbal: SciTePress, 2023, 357-365.

2022

D. Pöhn and W. Hommel, “TaxIdMA: Towards a Taxonomy for Attacks related to Identities,” in Proceedings of the 17th International Conference on Availability, Reliability and Security (ARES), New York: ACM, 2022, Article 125, 1-13.

D. Pöhn, N. Gruschka, and L. Ziegler, “Multi-Account Dashboard for Authentication Dependency Analysis,” in Proceedings of the 17th International Conference on Availability, Reliability and Security (ARES), New York: ACM, 2022, Article 39, 1-13.

F. Wilkening, L. Stiemert, M. Schopp, D. Pöhn, and W. Hommel, “Investigating Leaked Sensitive Information in Version Control Systems with the Kraulhorizon Framework,” in Sicherheit in vernetzten Systemen: 29. DFN-Konferenz, Norderstedt: Books on Demand, 2022, C1-C21.

2021

D. Pöhn, S. Seeber, T. Hanauer, J. A. Ziegler, and D. Schmitz, “Towards Improving Identity and Access Management with the IdMSecMan Process Framework,” in The 16th International Conference on Availability, Reliability and Security (ARES), New York: ACM, 2021, Article 89, 1-10.

D. Pöhn and P. Hillmann, “Reference Service Model for Federated Identity Management,” in Enterprise, Business-Process and Information Systems Modeling (BPMDS, EMMSAD), Lecture Notes in Business Information Processing, Cham: Springer, vol 421, 2021.  

M. Grabatin, M. Steinke, D. Pöhn, and W. Hommel, “A Matrix for Systematic Selection of Authentication Mechanisms in Challenging Healthcare related Environments,” in Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems (SAT-CPS), New York: ACM, 2021, 88-97.

S. Pham, M. Schopp, L. Stiemert, S. Seeber, D. Pöhn, and W. Hommel, “Field Studies on the Impact of Cryptographic Signatures and Encryption on Phishing Emails,” in Proceedings of the 7th International Conference on Information Systems Security and Privacy (ICISSP), Setúbal: SciTePress, 2021, 384-390.

2020

M. Knüpfer, T. Bierwirth, L. Stiemert, M. Schopp, S. Seeber, D. Pöhn, and P. Hillmann, “Cyber Taxi: A Taxonomy of Interactive Cyber Training and Education Systems,” in Model-driven Simulation and Training Environments for Cybersecurity (MSTEC), Lecture Notes in Computer Science, vol 12512, Cham: Springer, 2020.  

D. Pöhn and W. Hommel, “IMC: A Classification of Identity Management Approaches,” in Computer Security (ESORICS), Lecture Notes in Computer Science, vol 12580. Cham: Springer, 2020.

D. Pöhn and W. Hommel, “An Overview of Limitations and Approaches in Identity Management,” in Proceedings of the 15th International Conference on Availability, Reliability and Security (ARES 2020), New York: ACM, 2020, Article 90, 1-10.

2018

T. Hanauer, W. Hommel, S. Metzger, and D. Pöhn, “A Process Framework for Stakeholder-specific Visualization of Security Metrics,” in Proceedings of the 13th International Conference on Availability, Reliability and Security (ARES), New York: ACM, 2018, Article 28, 1-10.

D. Seydel, G. Weiß, D. Pöhn, S. Wessel, and F. Wenninger, “Safety & Security Testing of Cooperative Automotive Systems,” in Embedded World Conference, Haar b. München, 2018.

2016

W. Hommel and D. Pöhn, “Automated User Information Conversion to improve Identity Federation Scalability,” in Proceedings of the 22th Congress of the European University Information Systems Organisation (EUNIS), 2016.

M. Grabatin, W. Hommel, S. Metzger, and D. Pöhn, “Improving the Scalability of Identity Federations through Level of Assurance Management Automation,” in GI Edition LNI — 9. DFN-Forum Kommunikationstechnologien, 2016. — X-Win Award

D. Pöhn, “Risk Management for Dynamic Metadata Exchange via a Trusted Third Party,” in Proceedings of the 2nd International Conference on Information Systems Security and Privacy (ICISSP), Setúbal: SciTePress, 2016.

D. Pöhn, “Architecture and Concepts for Federated Identity Management with Federations and Inter-Federations,” in Proceedings of Doctoral Consortium on Information Systems Security and Privacy (DCISSP), Setúbal: SciTePress, 2016, 3-9.

F. Schmidt, T. Hanauer, and D. Pöhn, “Visualisierung zur Unterstützung sicherheitsbezogener Linux-Systemadministration,” in Sicherheit in vernetzten Systemen — 23. DFN-Konferenz, 2016.

2015

D. Pöhn, “Topology of Dynamic Metadata Exchange via a Trusted Third Party,” in GI Edition 251 – Open Identity Summit. Bonn: GI, 2015.

2014

W. Hommel, S. Metzger, and D. Pöhn, “Géant-TrustBroker: Dynamic, Scalable Management of SAML-Based Inter-federation Authentication and Authorization Infrastructures,” in ICT Systems Security and Privacy Protection, Berlin, Heidelberg: Springer, 2014, 428, 307-320.

W. Hommel, S. Metzger, and D. Pöhn, “Géant-TrustBroker: Simplifying Identity & Access Management for International Research Projects and Higher Education Communities,” in Proceedings of the 20th Congress of the European University Information Systems Organisation (EUNIS), 2014.

W. Hommel, S. Metzger, F. von Eye, and D. Pöhn, “Improving higher education network security by automating scan result evaluation with Dr. Portscan,” in Proceedings of the 20th Congress of the European University Information Systems Organisation (EUNIS), 2014.

W. Hommel, S. Metzger, and D. Pöhn, “Project GÉANT-TrustBroker – Dynamic Identity Management across Federation Borders,” in Networking with the World, The 30th Trans European Research and Education Networking Conference — Selected Papers, 2014.

Journal Articles

2025

L. Ziegler, M. Grabatin, D. Pöhn, and W. Hommel, “Designing a security incident response process for self-sovereign identities,” EURASIP J. on Info. Security 2025, Mar 2025.

2024

D. Pöhn, M. Grabatin, and W. Hommel, “Analyzing the Threats to Blockchain-Based Self-Sovereign Identities by Conducting a Literature Survey”, Applied Sciences, 14(1):139, Jan 2024.

2023

D. Pöhn, N. Gruschka, L. Ziegler, and A. Büttner, “A Framework for Analyzing Authentication Risks in Account Networks,” Elsevier Computers & Security (COSE), 103515, Dec 2023.

D. Pöhn and W. Hommel, “Towards an Improved Taxonomy of Attacks Related to Digital Identities and Identity Management Systems,” Security and Communication Networks, vol. 2023, p. 5573310, June 2023.

D. Pöhn and W. Hommel, “New Directions and Challenges within Identity and Access Management,” IEEE Communications Standards Magazine, vol. 7, no. 2, pp. 84-90, June 2023.

D. Pöhn, S. Seeber, and W. Hommel, “Combining SABSA and Vis4Sec to the Process Framework IdMSecMan to Continuously Improve Identity Management Security in Heterogeneous ICT Infrastructures,” Applied Sciences, 13(4):2349, Feb 2023.

2022

D. Pöhn and W. Hommel, “Reference Service Model Framework for Identity Management,” IEEE Access, vol 10, 1-26, Nov 2022.

2021

D. Pöhn, M. Grabatin, and W. Hommel, “eID and Self-Sovereign Identity Usage: An Overview,” Electronics. 10(22):2811, Nov 2021.

D. Pöhn and W. Hommel, “Universal Identity and Access Management Framework for Future Ecosystems,” Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), vol. 12, no. 1, pp 64-84, March 2021.

2015

W. Hommel, S. Metzger, and D. Pöhn, “GÉANT-TrustBroker: Simplifying Identity & Access Management for International Research Projects and Higher Education Communities,” EUNIS Journal of Higher Education IT (EJHEIT), vol 2. 2015.

W. Hommel, S. Metzger, F. von Eye, and D. Pöhn, “Improving higher education network security by automating scan result evaluation with Dr. Portscan,” EUNIS Journal of Higher Education IT (EJHEIT), vol 2, 2015.

M. Grabatin, W. Hommel, S. Metzger, and D. Pöhn, “DAME: On-demand Internetscale SAML Metadata Exchange,” International Journal On Advances in Systems and Measurements, Vol. 8, 156-167, 2015.

Books and Chapters

D. Pöhn and W. Hommel, “Digital Skills and Technology to Empower Women”. In: Sustainable Development Goals, Saravanan Krishnan, A. Jose Anand, and Raghvendra Kumar, CRC Press, 2024.

D. Pöhn and W. Hommel, “Proven and Modern Approaches to Identity Management”. In: Advances in CyberSecurity Management, Daimi, K. and Peoples, C., Ed. Cham: Springer International Publishing, 2021.

D. Pöhn, Architektur und Werkzeuge für dynamisches Identitätsmanagement in Föderationen. München: Dr. Hut Verlag, 2016.

Further Publications

N. Leschke, D. Pöhn, and F. Pallas, “A dataset of Data Subject Access Request Packages”. Zenodo, Juli 04, 2024. doi: 10.5281/zenodo.11634938.

W. Hommel, D. Pöhn, and M. Grabatin, “Die Identitäten der Zukunft – Der selbstbestimmte Umgang mit digitalen Identitäten,” moysies & partners GmbH (edt.): Der Schlüssel zur digitalen Verwaltung – Konten für Bürger:innen und Unternehmen. S. 56-61, 2022.

W. Hommel, D. Pöhn, and M. Grabatin, “Eine digitale Identität für alles – So funktioniert die Technik hinter dem Verbund der Nutzerkonten,” moysies & partners GmbH (edt.): Der Schlüssel zur digitalen Verwaltung – Konten für Bürger:innen und Unternehmen. S. 16-28, 2022.

Blog post about the CODE CTF 2019 The 5th Element at FI CODE, https://www.unibw.de/code/aktuelles-u/ctf2019, 2019.

Blog post about CODE CTF 2019 The 5th Element at CONCORDIA, https://www.concordia-h2020.eu/blog-post/code-ctf-2019-the-5th-element/, 2019.

D. Pöhn, S. Wessel, F. Fischer, O. Braunsdorf, F. Wenninger, D. Seydel, G. Weiß, und K. Roscher, “A Rapid Innovation Framework for Connected Mobility Applications,” Fraunhofer Whitepaper, 2018.

M. Grabatin, W. Hommel, S. Metzger, and D. Pöhn, “Föderationsübergreifend vergleichbare Datenqualität,” DFN Mitteilungen Ausgabe 90, November 2016.

Blot post about Level of Assurance at REFEDS, https://refeds.org/a/1273, 2016.

M. Grabatin, W. Hommel, S. Metzger, and D. Pöhn, “Level of Assurance Management Automation for Dynamic Identity Federations based on Vectors of Trust,” Praxis der Informationsverarbeitung und Kommunikation, 39:41, 3-4, 2016.

W. Hommel, S. Metzger, and D. Pöhn, “GÉANT-TrustBroker: Dynamic Virtual Federations – Closing the Gap between NREN Federations and eduGAIN,” GÉANT Connect Magazine Issue 18, 2015.