all-lischka.bib

@comment{{This file has been generated by bib2bib 1.94}}
@comment{{Command line: /usr/bin/bib2bib -ob all-lischka.bib -s author -c 'author : "lischka"|editor:"lischka"' bib/ls3-all.bib bib/proceedings.bib bib/shorts.bib bib/nle.bib}}
@comment{{command:  bibtex2html -d -r -revkeys -noabstract all-lischka.bib}}
@inproceedings{Barisch-2010,
  author = {M. Barisch and E. Torroglosa Garcia and M. Lischka and R. Marques and R. Marx and A. Matos and A. Perez Mendez and D. Scheuermann},
  title = {Security and Privacy Enablers for Future Identity Management Systems},
  year = {2010},
  month = {July},
  booktitle = {Future Network \& MobileSummit 2010 Conference},
  editor = {Paul Cunningham and Miriam Cunningham},
  abstract = {In recent years, Identity Management (IdM) has gained a lot of attention in industry, standardisation and academia. In particular, a couple of research projects, like Daidalos or Prime, have invested considerable effort to bring IdM forward, to take advantage of features like improved usability and security. Nevertheless, there are important issues that have not been addressed so far. The SWIFT project leverages IdM as a key technology of the Future Internet, tackling problems like the integration of the network and application layer from an IdM perspective as well as the use of electronic identity cards. Moreover, aspects like the integration of several user devices, backward compatibility and a new access control infrastructure are required by future IdM solutions. We consider all these aspects by extending existing IdM solutions with six new security and privacy enablers that are part of the overall SWIFT framework. These enablers have been partially implemented towards a new IdM architecture. First evaluation results of the implementation are promising to pave the way towards future IdM solutions.},
  pdf = {Papers/Barisch-2010.pdf}
}
@inproceedings{BauknechtLischka-2009,
  author = {Johannes Haeussler and Daniel Kraft and Marcus Kuhnen and Mario Lischka and {Jochen Bauknecht}},
  booktitle = {IEEE International Symposium on Policies for Distributed Systems and Networks},
  title = {Policy-based Real-time Decision-Making for Personalized Service Delivery},
  year = {2009},
  address = {London, UK},
  doi = {10.1109/POLICY.2009.13},
  month = {July, 20--22},
  pages = {53--59},
  publisher = {IEEE},
  abstract = {Personalization of service delivery is an important means for the telecommunication industry of keeping their customers in spite of their market becoming more open to other players. Personalization involves using user-specific, dynamic information about communication activities, device capabilities, user context, and service availability for making real-time decisions about handling running sessions according to the user's preferences. This paper proposes a flexible mechanism for making such decisions based on policies, and defines an extension to the XACML 2.0 language which enables it to be used for this purpose.}
}
@inproceedings{Chadwick-2009,
  author = {David Chadwick and Mario Lischka},
  title = {Obligation Standardization},
  year = {2009},
  booktitle = {W3C Workshop on Access Control Application Scenarios},
  month = {November},
  addreess = {Luxembourg},
  pdf = {http://www.w3.org/2009/policy-ws/papers/Chadwick.pdf}
}
@misc{Friese-2009,
  author = {Ingo Friese and Jonas H{\"o}gberg and Mario Lischka and Ga{\"e}l Gourmelen and Fulup Ar Foll and Joni Brennan},
  title = {{Bridging IMS and Internet Identity, Liberty Alliance Project}},
  year = {2009},
  month = {Dec},
  institution = {Liberty Alliance Project},
  pdf = {Bridging IMS and Internet Identity, Liberty Alliance Project},
  howpublished = {White Paper},
  pdf1 = {http://www.projectliberty.org/liberty/content/download/4315/28869/file/WP-BridgingIMS\\\\\\\\\_AndInternetIdentity\\\\\\\\\_V1.0.pdf}
}
@inproceedings{Friese-2010,
  author = {Ingo Friese and Jonas H{\"o}gberg and Fulup Ar Foll and Ga{\"e}l Gourmelen and Mario Lischka and Joni Brennan and Peter Weik and Sebastian Lampe},
  booktitle = {Intelligence in Next Generation Networks (ICIN), 2010 14th International Conference on},
  title = {Bridging IMS and Internet Identity},
  year = {2010},
  month = oct,
  pages = {1--6},
  abstract = {Digital Identity has grown separately in the IP Multimedia Subsystem (IMS) and the Internet in general. On the one hand secure but walled garden services are offered on the other hand the focus is on openness and third party integration. However, future Telco-business needs an inter-working of IMS and Internet. This paper discusses use cases, economical benefits and technical solutions for bridging these two worlds based on the findings presented also in an upcoming whitepaper from the Telecommunication Identity work group of the Kantara Initiative.},
  doi = {10.1109/ICIN.2010.5640948},
  pdf = {http://kantarainitiative.org/confluence/download/attachments/41649652/ICIN10\\\\\\_IMS\\\\\\_and+Internet\\\\\\_Identity\\\\\\_v\\\\\\_1\\\\\\_0\\\\\\_1.doc}
}
@article{Gross-2011,
  author = {Stephan Gro{\ss} and Nils Gruschka and Meiko Jensen and Mario Lischka and Andr{\'e} Miede and Marc Mosch and Stefan Schulte and Melanie Siebenhaar},
  title = {Sicherheitsprobleme im Cloud Computing},
  month = {Sep},
  year = {2011},
  journal = {Praxis der Informationsverarbeitung und Kommunikation (PIK)},
  number = {3},
  pages = {126--134},
  volume = {34},
  issn = {0930-5157}
}
@inproceedings{Kuhnen-2009,
  author = {Marcus Q. Kuhnen and Daniel Kraft and Anett Sch{\"u}lke and Jochen Bauknecht and Johannes H{\"a}u{\ss}ler and Mario Lischka},
  title = {"Personalization-based Optimization of Real-time Service Delivery in a Multi-Device Environment"},
  booktitle = {2009 IEEE Wireless Communications and Networking Conference},
  year = {2009},
  address = {Budapest, Hungary},
  month = {April},
  url = {http://dx.doi.org/10.1109/WCNC.2009.4917906},
  pages = {3029--3034},
  abstract = {The success of future NGN services depends on the ability to adapt and personalize service delivery according to the user's context as well as service and device capabilities. Personalization includes not only respecting explicit user preferences, but also offering optimized multi-device communication. Flexible handling of multiple devices as well as multiple sessions is an increasing demand in the ubiquitous networking environment. In this paper, we describe how user preferences and device capabilitiy profiles for multiple devices can be managed and used for personalization. We integrated these methods into our earlier-proposed Personalized Communication Controller (PCC), a Service Delivery Platform component for optimiziming multidevice communication through real-time decision-making. Information about related standardization efforts complements the paper. },
  doi = {10.1109/WCNC.2009.4917906}
}
@inproceedings{Kuhnen-2012,
  title = {Triggering IDM Authentication Methods based on Device Capabilities Information},
  booktitle = {GI Sicherheit 2012},
  author = {Marcus Q. Kuhnen and Mario Lischka and F{\'e}lix {G{\'o}mez M{\'a}rmol}},
  year = 2012,
  series = {Lecture Notes in Informatics},
  editor = {Neeraj Suri and Michael Waidner},
  publisher = {Springer},
  location = {Darmstadt, Germany},
  pages = {235--244},
  month = {March 7-9}
}
@phdthesis{Lischka-2006,
  author = {Mario Lischka},
  title = {Dezentrale Rollenbasierte Autorisierung und Administrierung},
  school = {University of Dortmund},
  year = 2006,
  month = {Mai},
  url = {https://eldorado.tu-dortmund.de/handle/2003/24208},
  pdf = {https://eldorado.tu-dortmund.de/bitstream/2003/24208/1/DISSERTATIONLISCHKA.PDF}
}
@inproceedings{Lischka-2009,
  title = {{Deductive Policies with XACML}},
  author = {Mario Lischka and Yukiko Endo and Manuel {S{\'a}nchez Cuenca}},
  booktitle = {Proceedings of the Workshop on Secure Web Services},
  month = {November 13},
  year = 2009,
  pages = {37--44},
  publisher = {ACM},
  address = {Chicago, IL},
  doi = {10.1145/1655121.1655130},
  url = {http://portal.acm.org/citation.cfm?doid=1655121.1655130},
  abstract = {SaaS technology might comprise of a bundle of different services provided by different entities. Thus monolithic access policies are not feasible as each of the service partners and the companies using the service would have to provide their internal and potentially confidential rules on which they base their policies. In addition internal information such as concrete position of the user or affiliation to a specific project might be utilized in the policies and should not be provided to any external entity. Deduction of decisions has been investigated for more than a decade, but no widely spread standard has been defined, so far. OASIS XACML is being used in many applications and services nowadays. Additionally, tools for modeling the policies are available and many engineers share common understanding of this approach. In this paper we present an extension of the XACML language to support deduction of decisions, together with a distributed definition of the policies and at the same time avoiding problems known from current solutions on deductive policy languages.}
}
@inproceedings{Lischka-2009-W3C,
  author = {Mario Lischka and Yukiko Endo and Elena Torroglosa and Alejandro P{\'e}rez and Antonio G. Skarmeta},
  title = {Towards Standardization of Distributed Access Control},
  year = {2009},
  booktitle = {W3C Workshop on Access Control Application Scenarios},
  month = {November},
  addreess = {Luxembourg},
  pdf = {http://www.w3.org/2009/policy-ws/papers/Lischka.pdf}
}
@inproceedings{Lischka-2010,
  author = {Mario Lischka},
  booktitle = {12th IEEE/IFIP Network Operations and Management Symposium (NOMS 2010)},
  title = {Dynamic Obligation Specification and Negotiation},
  year = {2010},
  address = {Osaka, Japan},
  doi = {10.1109/NOMS.2010.5488453},
  editor = {optional optional {optional optional}},
  month = {April},
  pages = {155--162},
  publisher = {IEEE},
  abstract = {OASIS XACML has become a recognized standard for the specification of access control policies, and has specified a generic framework for access control. While the XACML policy language is very flexible for access privileges, there is currently no method to specify the obligations send from a policy decision point (PDP) to a policy enforcement point (PEP) in a generic way. Potential conflicts between obligations are not even considered in the language specification, thus no generic detection of these conflicts is possible. But this becomes an important aspect in a distributed environment like SaaS, in which the policies and their enforcement are not coordinated by a single entity. In this paper we will present a dynamic obligation specification language which covers the following aspects. First, it allows us to define the actual obligation and its parameters including the relationship, especially conflicts among them. Second, the negotiation of the supported obligation between distributed PDP and PEP is introduced. Third, potential conflicts are detected and partially solved at runtime based on the definition of the obligations. We show how the introduced extensible obligation markup language (XOML) could be integrated into the XACML standard.}
}
@techreport{Lischka-2011,
  title = {{Identity and Access Management for Networks and Services; Requirements of an Enforcement Framework in a Distributed Environment Enforcement Framework in a Distributed Environment}},
  editor = {Mario Lischka},
  institution = {ETSI},
  address = {Sophia Antipolis},
  number = {ISG INS 005},
  month = {3},
  year = {2011},
  url = {http://webapp.etsi.org/workprogram/Report_WorkItem.asp?WKI_ID=34616&curItemNr=2&totalNrItems=8&optDisplay=10&qSORT=HIGHVERSION&qETSI_ALL=&SearchPage=TRUE&qETSI_STANDARD_TYPE=%27GS%27&qTB_ID=735%3BINS&qINCLUDE_SUB_TB=True&qINCLUDE_MOVED_ON=&qSTOP_FLG=&qKEYWORD_BOOLEAN=&qSTOPPING_OUTDATED=&butSimple=Search&includeNonActiveTB=FALSE&includeSubProjectCode=&qREPORT_TYPE=SUMMARY}
}
@mastersthesis{Lischka:1998,
  author = {Mario Lischka},
  title = {{Verteilte kompetenzbasierte Authentifizierung von Knoten im Dragon Slayer III System}},
  school = {Informatik III, University of Dortmund},
  year = 1998,
  month = {Juli},
  pdf = {../Publikationen/DaL98.pdf}
}
@article{Perez-2010,
  author = {Alejandro P{\'e}rez and Elena Mar{\'i}a Torroglosa and Gabriel L{\'o}pez and Antonio F. G{\'o}mez-Skarmeta and Joao Girao and Mario Lischka},
  title = {{SWIFT -- Advanced Services for Identity Management}},
  month = {January},
  year = {2010},
  journal = {Novatica, Journal of Sociaci{\'o}n de T{\'e}cnicos de Inform{\'a}tica, Spain},
  abstract = {In recent years, Identity Management (IdM) has gained a lot of attention in industry, standardisation and academia. In particular, a couple of research projects, like Daidalos or Prime, have invested considerable effort to bring IdM forward, to take advantage of features like improved usability and security. Nevertheless, there are important issues that have not been addressed so far. The SWIFT project leverages IdM as a key technology of the Future Internet, tackling problems like the integration of the network and application layer from an IdM perspective as well as the use of electronic identity cards. Moreover, aspects like the integration of several user devices, backward compatibility and a new access control infrastructure are required by future IdM solutions. We consider all these aspects by extending existing IdM solutions with six new security and privacy enablers that are part of the overall SWIFT framework. These enablers have been partially implemented towards a new IdM architecture. First evaluation results of the implementation are promising to pave the way towards future IdM solutions. }
}
@inproceedings{Ros2012,
  author = {Santiago Pina Ros and Mario Lischka and F{\'e}lix G{\'o}mez M{\'a}rmol},
  booktitle = {SACMAT '12: Proceedings of the 17th ACM symposium on Access control models and technologies},
  isbn = {9781450312950},
  title = {{Graph-Based XACML Evaluation}},
  year = {2012},
  publisher = {ACM},
  location = {Newark, NJ},
  month = {June},
  note = {to be published},
  file = {:home/mario/Papers/SACMAT2012/sacmat05-pina.pdf:pdf}
}
@misc{Sarma-2009-WP,
  author = {Amardeo Sarma and Antonio F. G{\'o}mez-Skarmeta and Gabriel L{\'o}pez and {\'O}scar C{\'a}novas and Alejandro P{\'e}rez and Elena Mar{\'i}a Torroglosa and Rudolphe Marquesa and Ricardo Azevedo and Mario Lischka and Yukiko Endo and Marc Barisch and Hervais C. Simo Fhom},
  title = {{SWIFT White Paper: Identity as a Convergence Layer}},
  year = {2009},
  howpublished = {White Paper},
  pdf = {http://www.ist-swift.org/component/option,com\\\\\\\\\\\\_docman/task,doc\\\\\\\\\\\\_download/gid,20/Itemid,37/}
}
@inproceedings{Schuelke-2008,
  title = {{Real-Time SDP Personalization in a Multi-Device Environment}},
  author = {A. Schulke and D. Kraft and J. Bauknecht and A. Hassan and M. Kuhnen and M. Lischka},
  booktitle = {IEEE Global Telecommunications Conference},
  year = {2008},
  month = {Nov 30 -- Dec. 4},
  pages = {1--5},
  url = {http://ieeexplore.ieee.org/search/freesrchabstract.jsp?tp=&arnumber=4698842},
  doi = {10.1109/GLOCOM.2008.ECP.1067},
  issn = {1930-529X},
  abstract = {The creation of new service revenue streams supported by consistent user experiences is one of the topics for the future service layer. Personalization over real-time decision enablement is one important option to explore for new business models. The paper introduces a novel personalization communication control mechanism across services, devices and platforms realizing realtime decision enablement for an IMS-based SDP environment, accompanied with marketing, standards and detailed technology studies.}
}
@inproceedings{WeddeFarooqLischka-2004-GECCO,
  author = {Horst F. Wedde and Muddassar Farooq and Mario Lischka},
  title = {{An Evolutionary Meta Hierarchical Scheduler for Linux Operating System}},
  booktitle = {Proceedings of the Genetic and Evolutionary Computation Conference (GECCO 2004) - Part II},
  year = 2004,
  series = {Lecture Notes in Computer Science},
  editor = {Kalyanmoy Deb et. al et. al et. al et. al et. al et. al et. al et. al},
  pages = {1334 -- 1335},
  month = {June 26-30},
  address = {Seatle, WA, USA},
  publisher = {Springer Verlag},
  volume = 3103,
  url = {http://springerlink.metapress.com/link.asp?id=72c01b0gk5arcj0k},
  pdf = {http://ls3-www.cs.uni-dortmund.de/downloads/pdf/WFL04a.pdf}
}
@inproceedings{WeddeFarooqLischka-2004-ICAI,
  author = {Horst F. Wedde and Muddassar Farooq and Mario Lischka},
  title = {{A User Centered Evolutionary Scheduling Framework}},
  booktitle = {The 2004 International Conference on Artificial Intelligence (IC-AI'04)},
  year = 2004,
  month = {June 21-24},
  publisher = {CSREA Press},
  address = {Las Vegas, NV, USA},
  volume = {2},
  pages = {1126--1132},
  pdf = {http://ls3-www.cs.uni-dortmund.de/downloads/pdf/icai2004.pdf}
}
@inproceedings{WeddeLischka-2001,
  author = {Horst F. Wedde and Mario Lischka},
  title = {{Modular Authorization}},
  booktitle = {Proceedings of the sixth ACM Symposium on Access Control Models and Technologies (SACMAT)},
  editor = {Ravi Sandhu and Trent Jaeger},
  pages = {97--105},
  year = 2001,
  address = {Chantilly, Virginia},
  month = {May 3-4},
  organization = {ACM SIGSAC},
  publisher = {ACM Press},
  url = {http://portal.acm.org/citation.cfm?doid=373256.373274},
  pdf = {../Publikationen/sacmat2001.pdf},
  abstract = {There are three major drawbacks of a centralized security administration in distributed systems: It creates a bottleneck for request handling, it tends to enforce homogeneous security structures in heterogeneous user groups and organizations, and it is a weak point in terms of security attacks, reliability, and fault tolerance. In this paper we introduce a distributed authorization concept which is based on a modular authorization language for supporting cooperatingdistributed authorization teams. These teams are partially ordered into a hierarchy in that they inherit authorization rules from higher order teams but still exercise their autonomy by (dynamically) setting local rules that serve the special local needs in distributed organizations.Conflictsbetween between rules inherited from different higher ranking sources, orviolationsof higher order rules through local rules would be detected, on the logical level or through request evaluation, as contradictions or contradicting results, respectively. Conflict resolution mechanisms are presented, and examples are discussed extensively.}
}
@inproceedings{WeddeLischka-2003-SACMAT,
  author = {Horst F. Wedde and Mario Lischka},
  title = {{Cooperative Role-Based Administration}},
  booktitle = {Proceedings of the eigth ACM Symposium on Access Control Models and Technologies (SACMAT)},
  editor = {Elena Ferrari and David Ferraiolo},
  year = 2003,
  address = {Como, Italy},
  month = {June, 2--3},
  organization = {ACM SIGSAC},
  publisher = {ACM Press},
  url = {http://portal.acm.org/citation.cfm?doid=775412.775416},
  pdf = {../Publikationen/sacmat2003.pdf}
}
@inproceedings{WeddeLischka-2003-esoc,
  author = {Horst F. Wedde and Mario Lischka},
  title = {{Composing Heterogenous Access Policies between Organizations}},
  booktitle = {Proceedings of the IADIS International Conference e-Society 2003},
  year = 2003,
  address = {Lisbon/ Portugal},
  month = {June, 3-6},
  organization = {International Association for Development of the Information Society},
  pdf = {http://ls3-www.cs.uni-dortmund.de/downloads/pdf/es2003-Comp.pdf}
}
@inproceedings{WeddeLischka-2004-SACMAT,
  author = {Horst F. Wedde and Mario Lischka},
  title = {{Role-Based Access Control in Ambient and Remote Space}},
  booktitle = {Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies (SACMAT)},
  editor = {Trent Jaeger and Elena Ferrari},
  year = 2004,
  address = {Yorktown Heights, NY},
  month = {June, 2--4},
  organization = {ACM SIGSAC},
  publisher = {ACM Press},
  doi = {10.1145/990036.990040},
  url = {http://portal.acm.org/citation.cfm?doid=990036.990040},
  pdf = {http://ls3-www.cs.uni-dortmund.de/downloads/pdf/sacmat2004.pdf},
  pages = {21--30}
}
@article{WeddeLischka-2004-TISSEC,
  author = {Horst F. Wedde and Mario Lischka},
  title = {{Modular Authorization and Administration}},
  journal = {ACM Transactions on Information and System Security},
  year = 2004,
  volume = 7,
  number = 3,
  pages = {363--391},
  month = {August},
  url = {http://doi.acm.org/10.1145/1015040.1015042},
  doi = {10.1145/1015040.1015042},
  abstract = { In large organizations the administration of access privileges (such as the assignment of access rights to a user in a particular role) is handled cooperatively through distributed administrators in various different capacities. A quorum may be necessary, or a veto may be possible for such a decision. In this paper, we present two major contributions: We develop a role-based access control (RBAC) approach for specifying distributed administration requirements, and procedures between administrators, or administration teams, extending earlier work on distributed (modular) authorization. While a comprehensive specification in such a language is conceivable it would be quite tedious to evaluate, or analyze, their operational aspects and properties in practice. For this reason we create a new class of extended Petri Nets called Administration Nets (Adm-Nets) such that any RBAC specification of (cooperative) administration requirements (given in terms of predicate logic formulas) can be embedded into an Adm-Net. This net behaves within the constraints specified by the logical formulas, and at the same time, it explicitly exhibits all needed operational details such as allowing for an efficient and comprehensive formal analysis of administrative behavior. We introduce the new concepts and illustrate their use in several examples. While Adm-Nets are much more refined and (behaviorally) explicit than workflow systems our work provides for a constructive step towards novel workflow management tools as well. We demonstrate the usefulness of Adm-Nets by modeling typical examples of administration processes concerned with sets of distributed authorization rules. }
}
@inproceedings{WeddeLischka:1999,
  author = {Horst F. Wedde and Mario Lischka},
  title = {{New Dimensions in Distributed Journalism Through Dragon Slayer III}},
  booktitle = {Proc. of the 7th Euromicro Workshop on Parallel and Distributed Processing},
  year = 1999,
  month = {Feb},
  organization = {Euromicro},
  publisher = {IEEE Computer Society Press},
  address = {Madeira, Portugal},
  pdf = {../Publikationen/pdp99.pdf},
  url = {http://csdl.computer.org/comp/proceedings/euromicro-pdp/1999/0059/00/00590112abs.htm}
}