4 Publikationen

Im Rahmen von VERTRAG wurden bereits folgende wissenschaftliche Artikel veröffentlicht:


[1]    A. Fischer, M. Gröne, C. Stüble‚ “Wie schützt sich die Industrie vor Wirtschaftsspionage 4.0‘, DuD Datenschutz und Datensicherheit”, 2015.

[2]    S. Kurowski, R. Litwing, und G. Lückemeyer. “A view on ISO/IEC 27001 compliant identity lifecycles for IT service providers”, WorldCIS-2015, Dublin, Irland, 2015.

[3]    R. Litwing, “Mapping eines Informationssicherheits-Managementsystems auf Basis der ISO/IEC 27001 auf ITIL 2011”. Bachelorarbeit, Stuttgart, Deutschland, 2015. 

[4]    S. Kurowski, “Economic issues of federated identity management - An estimation of the costs of identity lifecycle management in inter-organisational information exchange using transaction cost theory”, Open Identity Summit 2015, Berlin, Deutschland, 2015.

[5]    Dennis Kupser, Christian Mainka, Jörg Schwenk, Juraj Somorovsky, “How to Break XML Encryption – Automatically”, In Proceedings of the 9th USENIX Workshop on Offensive Technologies (WOOT), 2015.

[6]    Marcus Niemietz, Juraj Somorovsky, Christian Mainka, Jörg Schwenk, “Not so Smart: On Smart TV Apps”, International Workshop on Secure Internet of Things (SIoT 2015), Vienna, Austria.

[7]    Christan Altmeier, Christian Mainka, Juraj Somorovsky, Jörg Schwenk,” AdIDoS - Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services“, International Workshop on Quantitative Aspects of Security Assurance (QASA), Vienna, Austria, 2015.

[8]    Christian Mainka, Vladislav Mladenov, Tim Guenther, Jörg Schwenk, “Automatic Recognition, Processing and Attacking of Single Sign-On Protocols with Burp Suite“, Open Identity Summit 2015.


[9]    Christian Mainka, Vladislav Mladenov und Jörg Schwenk, “Do not trust me: Using malicious IdPs for analyzing and attacking Single Sign-On “, IEEE 1st European Symposium on Security and Privacy (Euro S&P), 2016.

[10] Tilman Frosch, Christian Mainka, Christoph Bader, Florian Bergsma, Jörg Schwenk und Thorsten Holz, “How Secure is TextSecure?“, IEEE 1st European Symposium on Security and Privacy (Euro S&P), 2016.

[11] Christopher Späth, Christian Mainka, Vladislav Mladenov und Jörg Schwenk, “SoK: XML Parser Vulnerabilities”, 10th USENIX Workshop on Offensive Technologies (WOOT), 2016.

[12] Martin Grothe, Christian Mainka, Paul Rösler und Jörg Schwenk, “How to Break Microsoft Rights Management Services“, 10th USENIX Workshop on Offensive Technologies (WOOT), 2016.

[13] Martin Grothe, Paul Rösler, Johanna Jupke, Jan Kaiser, Christian Mainka und Jörg Schwenk, “Your Cloud in my Company: Modern Rights Management Services Revisited“, The 10th International Conference on Availability, Reliability and Security (ARES), 2016.

[14] Matthias Horst, Martin Grothe, Tibor Jager, Jörg Schwenk, “Breaking PPTP VPNS Via RADIUS Encryption“, 15th International Conference on Cryptology and Network Security (CANS), 2016.

[15] Kurowski, S. „Risk-centred role engineering in identity management audits – An approach for continuous improvement of the access control model and possible risk accumulations“, Open Identity Summit 2016, Rome, Italy, 2016.

[16] Kurowski, S. „An ex-ante estimation approach of noise in role based access control models in dynamic scenarios“. ICCIS 2016, Bangkok, Thailand, 2016.


[17] Dennis Felsch, Christian Mainka, Vladislav Mladenov, Jörg Schwenk “SECRET: On the Feasibility of a Secure, Efficient, and Collaborative Real-Time Web Editor”, ACM Asia Conference on Computer and Communications Security (ASIACCS 2017), 2017.

[18] Christian Mainka, Vladislav Mladenov, Tobias Wich, Jörg Schwenk, "SoK: Single Sign-On Security - An Evaluation of OpenID Connect", IEEE European Symposium on Security and Privacy (Euro S&P 2017), 2017.