Study on Mobile Identity Management REFERENCES

References

Alkassar, A.  and Stüble, C. Towards secure IFF: preventing mafia fraud attacks. In MILCOM 2002. 21st Century Military Communications Conference, volume 2, pages 1139–1144, Anaheim, CA, Oct. 2002. IEEE.

Alkassar, A. and Wetzel, S. An Untraceable Coin-based Incentive Scheme for Multi-Hop Networks. Stevens Technical Report, Stevens Institute of Technology, New Jersey, U.S.A, September 2004. 

Alkassar, A., Sadeghi, A.-R. and Stüble, C. Secure Object Identification – Or: Solving the Chess-Grandmaster Problem. In ACM Press: Proceedings of the New Security Paradigms Workshop, Ascona, Switzerland, 2003.

Anderson, R. Onion Routing Information, in R. Anderson (Ed). “Information Hiding”, LNCS 1174, Springer Verlag, Berlin, 1996. 

Andersson, C.; Fischer-Hübner, S. and Lundin, R. Enabling Anonymity in the Mobile Internet using the mCrowds Approach. In: Proceedings of IFIP WG 9.2, 9.6/11.7 Summer School on Risks and Challenges of the Network Society. Karlstad, Sweden. August 2003.

Andersson, C., Lundin, R. and Fischer-Hübner, S. Privacy Enhanced WAP Browsing with mCrowds: Anonymity Properties and Performance Evaluation of the mCrowds System, Proceedings of the ISSA 2004 Conference, Johannesburg, 30 June - 2 July 2004.

Article 29 Data Protection Working Party (2004) Work Package 100, Opinion on More Harmonised Information Provisions“, available at: <http://europa.eu.int/comm/ internal_market/privacy/workingroup/wp2004/wpdocs04_en.htm>. 

Balfanz, D. Usable Access Control for the World Wide Web. ACSAC, pp. 406-415, 2003. 

Ben Salem, N., Buttyan, L., Hubaux, J. P and Jakobsson, M. A Charging and Rewarding Scheme for Packet Forwarding in Multi-hop Cellular Networks. In Proceedings of MobiHOC, 2003.  

Bengio, S., Brassard, G., Desmedt, Y. G., Goutier, C. and Quisquater, J.­J. Secure implementation ofidentification systems. Journal of Cryptology, 4(3):175–183, 1991. 

Bennett, K. and Grothoff, C. GAP - Practical Anonymous Networking. In: International Workshop on Privacy Enhancing Technologies, PET 2003. Lecture Notes in Computer Science: Springer-Verlag GmbH. p.141-160. Dresden, Germany. March 2003. 

Berthold, O., Federrath, H. and Köpsell, S. Web MIXes: A System for Anonymous and Unobservable Internet Access. Pubslihed in Lecture Notes in Computer Science, Springer Verlag, 2009:115-129, 2001. 

Berthold, O, Federrath, H. and Köhntopp, M. Project ‘Anonymity and Unobservability in the Internet’. In Workshop on Freedom and Privacy by Design / Conference on Freedom and Privacy 2000, S. 57-65, Toronto/Canada, April 2000.

Beslay, L. and Hakala, H. Digital territories: bubbles, to be published in the Vision Book, 2005.

Beth, T. and Desmedt, Y. Identification tokens — or: Solving the chess grandmaster problem. In A. Menezes and S. Vanstone, editors, Advances in Cryptology – CRYPTO ’90, volume 537 of Lecture Notes in Computer Science, pages 169–176. International Association for Cryptologic Research, Springer­Verlag, Berlin Germany, 1991.  

Brands, S. An efficient off-line electronic cash system based on the representation problem. Technical Report CS-R9323, Centrum voor Wiskunde en Informatica, March 1993.  

Brands, S.  and Chaum, D. Distance­bounding protocols. In T. Helleseth, editor, Advances in Cryptology – EUROCRYPT ’93, volume 765 of Lecture Notes in Computer Science, pages 344–359. International Association for Cryptologic Research, Springer­Verlag, Berlin Germany, 1994.

Brown, Z. Cebolla: Pragmatic IP Anonymity. In: Proceedings of the Ottawa Linux Symposium. p.55-65. Ottawa, Ontario, Canada. June 2002. 

Buchegger, S. In Proceedings of MobiHoc 2002, Lausanne, June 2002.

Buchmann, J., Ruppert, M. and Tak, M. FlexiPKI - Realisierung einer flexiblen Public-Key-Infrastruktur. Technical Report, TU Darmstadt, December 1999.

Buttyan, L. and Hubaux, J. P. Enforcing service availability in mobile ad hoc wans. In Proceedings of IEEE/ACM Workshop on Mobile AdHoc Networking and Computing (MobiHOC), Boston, MA, USA, August 2000. 

Buttyan, L. and Hubaux, J. P. Stimulating cooperation in self-organizing mobile ad hoc networks. ACM/Kluwer Mobile Networks and Applications, 8(5), October 2003.  

Cabrera, L.F., Kurt, C. and Box, D. An Introduction to the Web Services Architecture and Its Specifications. Version 2.0. October 2004. http://msdn.microsoft.com/webservices/understanding/advancedwebservices/default.aspx?pull=/library/en-us/dnwebsrv/html/introwsa.asp. 

Chaum, D. Untraceable Electronic Mail, Return Addresses and Digital Pseudonyms. In: Communications of the ACM, v.24, i.2, Feb. 1981, p.84-90. New York, New York, U.S.A.: ACM Press, 1981. 

Chaum, D. The dining cryptographers problem: unconditional sender and recipient untraceability, Journal of Cryptology, pp 65-75, 1 (1), 1988. 

Claessens, J., Preneel, B. and Vandewalle, J. Combining World Wide Web and wireless security. Informatica, 26(2):123–132, July 2002. 

Claessens, J. Analysis and design of an advanced infrastructure for secure and anonymous electronic payment systems on the Internet. Ph.D. thesis, K.U.Leuven. December 2002.

Denning, D. and MacDoran, P. Location-based Authentication: Grounding Cyberspace for Better Security, Computer Fraud and Security, pages 167-174, Elsevier Science, February 1996. 

Desmedt, Y. Major security problems with the ‘unforgeable’ (feige)­fiat­shamir proofs of identity and how to overcome them. In SecuriCom ’88, SEDEP Paris, France, 1988.  

Dingledine, R., Mathewson, N. and Syverson, P. Tor: The Second Generation Onion Router. Published in Proceedings of the 13th USENIX Security Symposium, San Diego, USA, 2004. 

Escudero-Pascual, A., Heidenfalk, M. and Heselius, P. Flying Freedom: Location Privacy in Mobile Internetworking. Published in Proceedings of INET 2001, Stockholm, Sweden, 2001. 

Escudero-Pascual, A., Holleboom, T. and Fischer-Hübner, S. Privacy of Location Data in Mobile Networks. Published in Proceedings of the Nordsec 2002, Karlstad, Sweden, 2002. 

FDA, COMBATING COUNTERFEIT DRUGS, A Report of the Food and Drug Administration (USA), February 2004. 

Figge, S. Situation dependent m-commerce applications. Proceedings of the Conference on Telecommunications and Information Markets, Kingston, 2001 

Figge, S. et. al.: EARNING M-ONEY - A Situation based Approach for Mobile Business Models, In: Proceedings of the 11th European Conference on Information Systems (ECIS); Naples, Italy, 2003 

Fischer-Hübner, S. IT-Security and Privacy: Design and Use of Privacy-Enhancing Security Mechanisms. Lecture Notes in Computer Science, vol.1958. Springer-Verlag Berlin Heildelberg. 2001. 351p.

Fischer-Hübner, S., Nilsson, M. and Lindskog, H. Self-Determination in Mobile Internet, Proceedings of IFIP TC11 17th International Conference on Information Security (SEC 2002), Cairo/Egypt, 7-9 May 2002, Kluwer, Academic Publishers., 2002. 

Freedman, M.J. and Morris, R. Tarzan: A Peer-to-Peer Anonymizing Network Layer. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002). Washington, DC, USA. November 2002.

Gerd tom Markotten, D. and Kaiser, J. Benutzbare Sicherheit – Herausforderungen und Modell für E-Commerce-Systeme. In: Wirtschaftsinformatik, Vol. 6, pp. 531-538, December 2000. 

Gerd tom Markotten, D., Jendricke, U. and Müller, G. Benutzbare Sicherheit - Der Identitätsmanager als universelles Sicherheitswerkzeug. In Günter Müller und Martin Reichenbach (Eds.), Sicherheitskonzepte für das Internet, Kapitel 7, S. 135-146. Springer-Verlag Berlin, May 2001.

Gerd tom Markotten, D., Wohlgemuth, S. and Müller, G. Mit Sicherheit zukunftsfähig. PIK Sonderheft Sicherheit 2003, 26(1):5-14, 2003. 

Gerd tom Markotten, D. Benutzbare Sicherheit in informationstechnischen Systemen. RHOMBOS-Verlag, Berlin, 2004.

Girard, J., Hirst, C., Mobile Authentication Yields Anytime, Anywhere Control, Gartner Research Group report; G00123588; October 2004. 

Goel, S. et al. Herbivore: A Scalable and Efficient Protocol for Anonymous Communication. In: Cornell University Computing and Information Science Technical Report, TR2003-1890, 17p. Ithaca, New York, U.S.A. February 2003. 

Hansen, M., Krasemann, H., Krause, C., Rost, M. and Genghini, R. Identity Management Systems (IMS): Identification and Comparison Study, p. 82 – 83, Seville 2003; download: http://www.datenschutzzentrum.de/projekte/idmanage/study.htm 

IBM Corporation and Microsoft Corporation. Secure, Reliable, Transacted Web Services: Architecture and Composition. September 2003. http://msdn.microsoft.com/webservices/understanding/advancedwebservices/default.aspx?pull=/library/en-us/dnwebsrv/html/wsoverview.asp.  

IBM Corporation and Microsoft Corporation. Federation of Identities in a Web Services World. Version 1.0. July 8, 2003. http://msdn.microsoft.com/webservices/understanding/advancedwebservices/default.aspx?pull=/library/en-us/dnglobspec/html/ws-federation-strategy.asp. 

Jakobsson, M. Buttyan, L. and Hubaux, J. P. A micro-payment scheme encour­aging ollaboration in multi-hop cellular networks. In Proceedings of the Fourth Conference on Financial Cryptography (FC’03), Lecture Notes in Computer Sci­ence, pages 15–33, Hamilton, Bermuda, Springer-Verlag, Berlin Germany, 2003.

Jakobsson, M. , Capkun, S. and Hubaux, J. P. Secure and privacy-preserving com­munication in hybrid ad hoc networks. Technical Report IC/2004/10, EPFL-DI-ICA, January 2004.  

JAP Web Mixes, http://anon.inf.tu-dresden.de/, accessed 21 November 2003. 

Jendricke, U. and Gerd tom Markotten, D. Usability meets Security - The Identity-Manager as your Personal Security Assistant for the Internet. In Proceedings of the 16th Annual Computer Security Applications Conference, pages 344-353, December 2000.

Jendricke, U. and Gerd tom Markotten, D. Identitätsmanagement: Einheiten und Systemarchitektur. In Dirk Fox, Marit Köhntopp and Andreas Pfitzmann (Hrsg.), Verlässliche IT-Systeme - Sicherheit in komplexen Infrastrukturen, S. 77-85. Vieweg, Wiesbaden, September 2001.

Jendricke, U., Kreutzer, M. and Zugenmaier, A. Mobile Identity Management. Technical Report 178, Institute fuer Informatik, Universität Freiburg, October 2002. Workshop on Security in Ubquitous Computing, UBICOMP 2002.

Jiejun Kong, X. H. Andor: Anonymous on demand routing with untraceable routes for mobile ad hoc networks. In Fourth ACM International Symposium on Mobile AdHoc Networking and Computing (MobiHoc’03), pages 291–302, 2003.  

Levine, B.N. and Shields, C. Hordes: a multicast based protocol for anonymity. In: ACM Journal of Computer Security. v.10, i.3, 2002. p.213-240. Amsterdam, The Netherlands: IOS Press, 2002. 

Marti, S., Giuli, T., Lai, K. and Baker, M. Mitigating routing misbehaviour in mobile ad hoc networks. In Proceedings of the sixth annual International Conference on Mobile Computing and Networking, pages 255–265, Boston MA, USA, Aug. 2000.  

Michiardi, P. and Molva, R. CORE: a collaborative reputation mechanism to en-force node cooperation in mobile ad hoc networks. In CMS’2002, Communication and Multimedia Security 2002 Conference, Portoroz, Slovenia, August 2002.  

Microsoft Corporation and Vodafone Group Services Ltd. Mobile Web Services: Convergence of PC and Mobile Applications and Services. November 2003. http://www.microsoft.com/serviceproviders/mobilewebservices/mws_whitepaper.asp.  

Microsoft Corporation and Vodafone Group Services Ltd. Mobile Web Services Technical Roadmap. November 2003. http://www.microsoft.com/serviceproviders/mobilewebservices/mws_tech_roadmap.asp.  

Mislove, A. et al. AP3: Cooperative, Decentralized Anonymous Communication. In: Proceedings of the 11th ACM SIGOPS (Special Interest Group on Operating Systems) European Workshop (EW’04). Leuven, Belgium. September 2004.

Müller, G. and Stapf, K.H. Mehrseitige Sicherheit in der Kommunikationstechnik. Vol. 2. Erwartung, Akzeptanz, Nutzung, Addison-Wesley, Bonn, 1998. 

Müller, L., Jacomet, M., Cattin, R., Dispositif de sécurité pour transaction en ligne, Patentschrift EP1255178 , 2002. 

Narten, T. and Draves, R. Privacy Extensions for Stateless Autoconfiguration in IPv6, RFC3041, January 2001. Accessed at http://www.ietf.org/rfc/rfc3041.txt on June 21, 2002. 

Nilsson, M., Lindskog, H. and Fischer-Hübner, S. Privacy Enhancements in the Mobile Internet, Proceedings of IFIP WG 9.6/11.7 working conference on Security and Control of IT in Society, Bratislava, 15 -16 June 2001. 

Papadimitratos, P. and Haas, Z. In SCS Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS2002), San Antonio, TX, Jan. 2002.  

Pettersson, J. S. P3P and Usability – the Mobile Case. In Duquennoy, P., S. Fischer-Hübner, J. Holvast & A. Zuccato (eds.) Risk and challenges of the network society, Karlstad University Studies 2004:35., 2004.

Pettersson, J. S., ed. (2004b) D06.1.a: General mock-ups, confidential deliverable from the PRIME project (www.prime-project.eu.org/)

Pfitzmann, A. and Hansen, M. Anonymity, Unobservability, Pseudonymity, and Identity Management – A Proposal for Terminology v0.21, 2004. Accessed at http://dud.inf.tu-dresden.de/Literatur_V1.shtml, February 2004. 

P3P 1.0 element definitions and translations - 27 November 2003 Draft, available at <http://www.w3.org/P3P/2003/11-p3p-translation.htm>. 

P3P The Platform for Privacy Preferences 1.1 (P3P1.1) Specification, W3C Working Draft 20 July 2004, http://www.w3.org/TR/2004/WD-P3P11-20040720/

Rannenberg, K., Pfitzmann, A. and Müller, G. Sicherheit, insbesondere mehrseitige IT-Sicherheit. In Günter Müller und Andreas Pfitzmann (Hrsg.), Mehrseitige Sicherheit in der Kommunikationstechnik, S. 21-29. Addison-Wesley Longman Verlag GmbH, 1997.

Reiter, M. and Rubin, A. Crowds: Anonymity for Web Transactions. Published in DIMACS Technical report, 97-15, 1997. 

Reiter, M. and Rubin, A. Crowds: Anonymity for Web Transactions, ACM Trans. On Information and Systems Security, pp 66-92, 1 (1), 1998. 

Reiter, M. and Rubin, A. Anonymous Web transactions with Crowds. In: Communications of the ACM. v.42, i.2, Feb. 1999, p.32-48. New York, New York, USA: ACM Press, 1999. 

Rennhard, M. and Platter, B. Introducing MorphMix: Peer-to-Peer based Anonymous Internet usage with Collusion Detection. In: Proceedings of the Workshop on Privacy in Electronic Society (WPES). Washington, DC, USA. Nov. 2002. 

Reynolds, F., Hjelm, J., Dawkins, S. and Singhal, S. CC/PP: A user side framework for content negotiation. W3C Note, URL: http://www.w3.org/TR/NOTE-CCPP/. July 1999. 

Shapiro, C. and Varian, H.R.: Information Rules, Harvard Business School Press (Boston) 1999 

Sherwood, R., Bhattacharjee, B. and Srinivasan, A.. P5: A Protocol for Scalable Anonymous Communication. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy. Washington, D.C., U.S.A: IEEE Computer Society. p.58-70. Berkeley, California, U.S.A. May 2002. 

Sedov, I., Haase, M., Cap, C. and Timmermann, D. Hardware Security Concept for Spontaneous Network Integration of Mobile Devices. In Proceedings of the International Workshop "Innovative Internet Computing Systems", Ilmenau, June 2001.

Simon, H.A. Models of Man - Social and Rational. John Wiley & Sons, New York 1957. 

Syverson, P. F., Goldschlag, D. M. and Reed, M. G. Anonymous connections and onion routing. In Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1997. IEEE Computer Society, Technical Committee on Security and Privacy, IEEE Computer Society Press. 

UAProf, WAP-174: WAG UAPROF User Agent Profile Specification. Wireless Application Group. http://www1.wapforum.org/tech/terms.asp?doc=SPEC-UAProf-19991110.pdf

Waidner, M. Open Issues in Secure Electronic Commerce. Technical Report, IBM Research Division, Zürich, October 1998. 

Waidner, M. and Pfitzmann, B. Unconditional Sender and Recipient Untraceability in spite of Active Attacks – Some Remarks, Fakultät für Informatik, Universität Karlsruhe, Interner Bericht 5/89, March 1989. Accessed at http://www.semper.org/sirene/publ/WaPf_89IB_DCandFailStop.ps.gz, on May 24, 2002. 

Weiser, M., “The computer for the Twenty-First Century”, Scientific American 165, 1991, p. 94-104. 

Westin, A. F., Privacy and Freedom. Atheneum, New York, NY. 1967

Whitten, A. and Tygar, J.D. Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0. In: Proceedings of the 8th USENIX Security Symposium, August 1999. 

Wikipedia - the free encyclopedia. Accessed in: http://en.wikipedia.org/wiki/Peer-to-peer, on February 16, 2005. 

Wohlgemuth, S., Gerd tom Markotten, D., Jendricke, U. and Müller, G. DFG-Schwerpunktprogramm "Sicherheit in der Informations- und Kommunikationstechnik”. it – Information Technology, 45(1):46-54, 2003. 

Wolf, G. and Pfitzmann, A. Properties of protection goals and their integration into a user interface. Computer Networks, 32:685-699, 2000.

World Wide Web Consortium (W3C), Composite Capability/Preference Profiles (CC/PP): Structure and Vocabularies 1.0, W3C Recommendation 15 January 2004, http://www.w3.org/TR/2004/REC-CCPP-struct-vocab-20040115/ 

Ying-Dar Jason Lin, Y.-C. H. Multihop cellular: A new architecture for wireless communications. In INFOCOM2000, volume 3, pages 1273–1282. IEEE, 2000.  

Zhong, S.  Chen, J. and Yang, Y. R. Sprite: A simple, cheat-proof, credit-based system for mobile ad hoc networks. In Proceedings of IEEE INFOCOM’03, San Francesco, CA, April 2003.

Zhu, Y. and Hu, Y.. TAP: A Novel Tunneling Approach for Anonymity in Structured P2P Systems. In: Proceedings of the 2004 International Conference on Parallel Processing (ICPP 2004). Montreal, Quebec, Canada. August 2004. 

Zugenmaier, A. Anonymity for Users of Mobile Devices through Location Addressing, Rhombus-Verlag, Berlin, 2003.