Wolfgang Hommel
YOU?
Author Swipe
View article: A Protocol for Ultra-Low-Latency and Secure State Exchange Based on Non-Deterministic Ethernet by the Example of MVDC Grids
A Protocol for Ultra-Low-Latency and Secure State Exchange Based on Non-Deterministic Ethernet by the Example of MVDC Grids Open
Modern networked industrial applications often require low-latency communication. Some applications evolve over time, however, are tied to yet existing infrastructures, like power grids spanning across large areas. For instance, medium vol…
View article: Designing a security incident response process for self-sovereign identities
Designing a security incident response process for self-sovereign identities Open
While self-sovereign identities (SSI) have been gaining more traction, the topic of SSI security has yet to be addressed. Especially regarding response procedures to security incidents, no prior work is available. However, incident respons…
View article: Analyzing the Threats to Blockchain-Based Self-Sovereign Identities by Conducting a Literature Survey
Analyzing the Threats to Blockchain-Based Self-Sovereign Identities by Conducting a Literature Survey Open
Self-sovereign identity (SSI) is a digital identity management model managed in a decentralized manner. It allows identity owners to manage and store their digital identities in a software wallet, for example, on a smartphone, without rely…
View article: Needle in the Haystack: Analyzing the Right of Access According to GDPR Article 15 Five Years after the Implementation
Needle in the Haystack: Analyzing the Right of Access According to GDPR Article 15 Five Years after the Implementation Open
The General Data Protection Regulation (GDPR) was implemented in 2018 to\nstrengthen and harmonize the data protection of individuals within the European\nUnion. One key aspect is Article 15, which gives individuals the right to\naccess th…
View article: TASEP: A Collaborative Social Engineering Tabletop Role-Playing Game to Prevent Successful Social Engineering Attacks
TASEP: A Collaborative Social Engineering Tabletop Role-Playing Game to Prevent Successful Social Engineering Attacks Open
Data breaches resulting from targeted attacks against organizations, e.g., by\nadvanced persistent threat groups, often involve social engineering (SE) as the\ninitial attack vector before malicious software is used, e.g., for persistence,…
View article: Towards an Improved Taxonomy of Attacks Related to Digital Identities and Identity Management Systems
Towards an Improved Taxonomy of Attacks Related to Digital Identities and Identity Management Systems Open
Digital transformation with the adoption of cloud technologies, outsourcing, and working-from-home possibilities permits flexibility for organizations and persons. At the same time, it makes it more difficult to secure the IT infrastructur…
View article: Combining SABSA and Vis4Sec to the Process Framework IdMSecMan to Continuously Improve Identity Management Security in Heterogeneous ICT Infrastructures
Combining SABSA and Vis4Sec to the Process Framework IdMSecMan to Continuously Improve Identity Management Security in Heterogeneous ICT Infrastructures Open
Identity management ensures that users have appropriate access to resources, such as ICT services and data. Thereby, identity management does not only identify, authenticate, and authorize individuals, but also the hardware devices and sof…
View article: ’Don’t Annoy Me With Privacy Decisions!’ — Designing Privacy-Preserving User Interfaces for SSI Wallets on Smartphones
’Don’t Annoy Me With Privacy Decisions!’ — Designing Privacy-Preserving User Interfaces for SSI Wallets on Smartphones Open
Persistent digital identities allow individuals to prove who they are across the Internet. For decades, individuals have relied on large identity providers (for example, Google and Facebook). In recent years, the advent of so-called self-s…
View article: TaxIdMA: Towards a Taxonomy for Attacks related to Identities
TaxIdMA: Towards a Taxonomy for Attacks related to Identities Open
Identity management refers to the technology and policies for the\nidentification, authentication, and authorization of users in computer\nnetworks. Identity management is therefore fundamental to today's IT ecosystem.\nAt the same time, i…
View article: Reference Service Model Framework for Identity Management
Reference Service Model Framework for Identity Management Open
Each person on the Internet typically has several digital accounts, which are associated with different identity information. During the last years, various identity and access management (I&AM) approaches were established to help manage a…
View article: eID and Self-Sovereign Identity Usage: An Overview
eID and Self-Sovereign Identity Usage: An Overview Open
The COVID-19 pandemic helped countries to increase the use of their mobile eID solutions. These are based on traditional identity management systems, which suffer from weaknesses, such as the reliance on a central entity to provide the ide…
View article: An overview of limitations and approaches in identity management
An overview of limitations and approaches in identity management Open
Identity and access management (I&AM) is the umbrella term for managing users\nand their permissions. It is required for users to access different services.\nThese services can either be provided from their home organization, like a\ncompa…
View article: Management Architecture for Dynamic Federated Identity Management
Management Architecture for Dynamic Federated Identity Management Open
We present the concept and design of Dynamic Automated Metadata Exchange (DAME) in Security Assertion Markup Language (SAML) based user authentication and authorization infrastructures.This approach solves the real-world limitations in sca…