Title: REFERENCES

References

Abelson, H., Anderson, R., Bellovin, S.M., Benaloh, J., Blaze, M., Diffie, W., Gilmore, J., Neumann, P.G., Rivest, R.L., Schiller, J.I., Schneier, B., ‘The risks of key recovery, key escrow, and trusted third-party encryption’, World Wide Web Journal, (3), 1997, pp. 241-257.

Agrawal, R., Kiernan, J., Srikant, R., Xu, Y., ‘An XPath-based Preference Language for P3P’, Proceedings of the 12th International Conference on World Wide Web (WWW ’03), New York, NY, USA, 2003, pp. 629-639.

Anderson, A., A Comparison of Two Privacy Policy Languages: EPAL and XACML, September 2005, Sun Labs Technical Report TR-2005-147, http://research.sun.com/techrep/2005/smli_tr-2005-147.pdf (current September 2007).

Anderson, A., XACML-based Web Services Policy Constraint Language (WS-PolicyConstraints), Sun Microsystems, Inc., specification, whitepapers, slides, proof-of-concept, 2005-2006, http://research.sun.com/projects/xacml (current September 2007).

Anderson, A., Sun Position Paper: W3C Workshop on Languages for Privacy Policy Negotiation and Semantics-Driven Enforcement, 2006, http://www.w3.org/2006/07/privacy-ws/papers/17-anderson-position/ (current September 2007).

Andersson, C., Camenisch, J., Crane, S., Fischer-Hübner, S., Leenes, R., Pearson, S., Pettersson, J.S., Sommer, D., ‘Trust in PRIME’, Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, 2005, pp. 552-559.

Ardagna, C.A., De Capitani di Vimercati, S., Samarati, P., ‘Enhancing user privacy through data handling policies’, Proceedings of IFIP WG 11.3 Working Conference on Data and Applications Security, LNCS 4127, Springer, Berlin 2006, pp. 224-236, http://seclab.dti.unimi.it/Papers/samarati-ifip06.pdf (current September 2007).

Ashley, P., Hada, S., Karjoth, G., Schunter, M., ‘E-P3P Privacy Policies and Privacy Authorization’, Proceedings of the 2002 ACM Workshop on Privacy in the Electronic Society (WPES ‘02), New York, NY, USA, 2002, pp. 103-109.

Aura, T., Zugenmaier, A., ‘Privacy, Control and Internet Mobility’, Security Protocols Workshop 2004, 2004, pp. 133-145.

Ballinger, K. et al., Web Services Metadata Exchange (WS-MetadataExchange) v1.1, August 2006, http://www-128.ibm.com/developerworks/library/specification/ws-mex/ (current September 2007).

Barth, A., Mitchell, J.C., ‘Conflict and Combination in Privacy Policy Languages’, Proceedings of the 2004 ACM Workshop on Privacy in the Electronic Society (WPES ‘04), 2004.

Berthold, O., Federrath, H., Köpsell, S., ‘Web MIXes: A System for Anonymous and Unobservable Internet Access’, Workshop on Design Issues in Anonymity and Unobservability 2000, LNCS 2009, Springer-Verlag, Berlin 2001, pp. 115-129.

Bissias, G.D., Liberatore, M., Jensen, D., Levine, B.N., ‘Privacy Vulnerabilities in Encrypted HTTP Streams’, Proceedings of Privacy Enhancing Technologies Workshop (PET 2005), 2005, pp. 1-11.

Böhme, R., Danezis, G., Díaz, C., Köpsell, S., Pfitzmann, A., ‘On the PET Workshop Panel Mix Cascades Versus Peer-to-Peer: Is One Concept Superior?’, Proceedings of Privacy Enhancing Technologies workshop (PET 2004), LNCS 3424, Springer, Berlin 2004.

Bonatti, P.A., Duma, C., Fuchs, N.E., Nejdl, W., Olmedilla, D., Peer, J., Shahmehri, N., ‘Semantic Web Policies – A Discussion of Requirements and Research Issues’, Proceedings of 3rd European Semantic Web Conference (ESWC 2006), LNCS 4011, Springer, Berlin 2006, pp. 712-724, REWERSE Technical Report REWERSE-RP-2006-020, http://rewerse.net/publications/download/REWERSE-RP-2006-020.pdf (current September 2007).

Bonatti, P.A., Daniel Olmedilla, D., ‘Driving and monitoring provisional trust negotiation with metapolicies’, Proceedings of 6th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2005), IEEE Computer Society, 2005, pp. 14-23.

Bonatti, P.A., Olmedilla, D., Rule Based Policy Representation & Reasoning for the Semantic Web, Presentation at “Reasoning Web 2007 – Summer School“, Dresden, 5 September 2007, slides available at http://www.l3s.de/%7Eolmedilla/presentations/2007/20070905_REWERSE_SS.ppt (current September 2007).

Bohrer, K., Holland, B., Customer Profile Exchange (CPExchange) Specification, Version 1.0, Technical Report, October 2000.

Brands, S., Identity corner: Analysis of “pseudonyms” in SAML 2.0 & Liberty Alliance, February 2005, http://www.idcorner.org/?p=40 (current September 2007).

Camenisch, J., Lysyanskaya, A., ‘An efficient system for non-transferable anonymous credentials with optional anonymity revocation’, in Pfitzmann, B. (Ed.), EUROCRYPT, LNCS 2045, Springer, 2001, pp. 93-118.

Camenisch, J., Gross, T., and Sommer, D., ‘Enhancing Privacy of Federated Identity Management Protocols — Anonymous Credentials in WS-Security’, WPES 2006. 

Camenisch, J., Kohlweiss, M., Preneel, B., and Sommer, D., ‘Assertion-based Signatures for XML Signatures’, COSIC internal report, 21 pages, 2007. 

Cantor, S., Kemp, J., Philpott, R., Maler, E. (Eds.), Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard, 15 March 2005, http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf (current September 2007).

Casassa Mont, M., On the Need to Explicitly Manage Privacy Obligation Policies as Part of Good Data Handling Practices, Position Paper, 2006, http://www.w3.org/2006/07/privacy-ws/papers/03-casassa-mont-obligations/ (current September 2007).

Chaum, D., ‘Security without identification: transaction systems to make big brother obsolete’, Communications of the ACM, 28(10), 1985, pp. 1030-1044.

Chaum, D., ‘Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms’, Communications of the ACM, 24(2), 1981, pp. 84-88.

Cheriton, D.R., Gritter, M., TRIAD: A new next generation Internet architecture, 2000, http://www.dsg.stanford.edu/triad/triad.ps.gz (current September 2007).

Cranor, L.F., Web Privacy with P3P, Sebastopol, CA, USA, 2002.

Cvrček, D., Matyáš, V. (Eds.), D13.1: Identity and impact of privacy enhancing technologies, FIDIS Deliverable, Frankfurt a.M., Germany, 2007.

Damianou, N., Dulay, N., Lupu, E., Sloman, M., ‘The Ponder Policy Specification Language’, Proceedings of the International Workshop on Policies for Distributed Systems and Networks, LNCS 1995, Springer, London 2001, pp. 18-38.

Danezis, G., Dingledine, R., Mathewson, N., Mixminion: ‘Design of a Type III Anonymous Remailer Protocol’, IEEE Symposium on Security and Privacy 2003, IEEE Computer Society Press, 2003, pp. 2-15.

Dingledine, R., Mathewson, N., Syverson, P.F., ‘Tor: The Second-Generation Onion Router’, Proceedings of the 13th USENIX Security Symposium, USENIX Association, 2004, pp. 303-320.

Dournaee, B., XML Security, McGraw-Hill Osborne Media, February 2002.

Eastlake, D., Reagle, J. (Eds.), XML Encryption Syntax and Processing, W3C Recommendation 10 December 2002, http://www.w3.org/TR/xmlenc-core/ (current September 2007).

Eastlake, D., Reagle, J., Solo, D. (Eds.), XML-Signature Syntax and Processing – RFC 3275, W3C Recommendation 12 February 2002, http://www.w3.org/TR/xmldsig-core/ (current September 2007).

Ellis, K.J., Serinken, N., ‘Characteristics of radio transmitter fingerprints’, Radio Science, Vol. .36, No. 4, 2001, pp. 585-598.

Ellison, C., Schneier, B., ‘Ten risks of PKI: What you’re not being told about public-key infrastructure’, Computer Security Journal, 16(1), 2000, pp. 1-7.

Escudero Pascual, A., ‘Requirements for unobservability of privacy extension in IPv6’, Radio Vetenskap 2002, Stockholm, Sweden, 2002, pp. 58.

EU-DPD: The European Parliament and the Council of the European Union – ‘Directive 95/46/EC: On the protection of individuals with regard to the processing of personal data and on the free movement of such data’, Official Journal of the European Communities, (L. 281):31-39, November 1995.

Fellows, D., Jones, D., ‘DOCSIS Cable Modem Technology’, IEEE Communications, Vol. 39, Issue 3, March 2001, pp. 202-209.

FIND – Future Internet Network Design, National Science Foundation, 2005, http://www.nets-find.net/ (current September 2007).

Fischer-Hübner, S., Hedbom, H. (Eds.), D7.3: A holistic privacy framework for RFID, FIDIS Deliverable, Frankfurt a.M., Germany, 2007.

Gavriloaie, R., Nejdl, W., Olmedilla, D., Seamons, K.E., Winslett, M., ‘No registration needed: How to use declarative policies and negotiation to access sensitive resources on the semantic web’, Proceedings of 1st European Semantic Web Symposium (ESWS 2004), LNCS 3053, Springer 2004, pp. 342-356.

Gedik, B., Liu, L., A Customizable k-Anonymity Model for Protecting Location Privacy, Technical Report of Georgia Institute of Technology GIT-CERCS-04-15, April 2004.

GENI – Global Environment for Networking Innovations, National Science Foundation, 2007, http://www.geni.net/ (current September 2007).

Gruteser, M., Grunwald, D., ‘Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitative analysis’, Mobile Networks and Applications, Volume 10, Issue 3, June 2005, pp. 315-325.

Guha, S., Francis, P., ‘Identity Trail: Covert Surveillance Using DNS’, Proceedings of the Privacy Enhancing Technologies Symposium (PET ‘07), 2007.

Hada, S., Kudo, M., XML Access Control Language: Provisional Authorization for XML Documents, Technical Report, October 2000, http://www.trl.ibm.com/projects/xml/xacl/xacl-spec.html (current September 2007).

Hager, C.T., Midkiff, S.F., ‘An Analysis of Bluetooth Security Vulnerabilities’, Wireless Communications and Networking, Vol. 3, 2003, pp. 1825-1831.

Hall, J., Barbeau, M., Kranakis, E., ‘Radio Frequency Fingerprinting for Intrusion Detection in Wireless Networks’, IEEE Transactions on Dependable and Secure Computing, Manuscript received July, 2005, http://www.scs.carleton.ca/~jhall2/Publications/IEEETDSC.pdf (current September 2007).

Hansen, M., Meissner, S. (Eds.), Verkettung digitaler Identitäten, report commissioned by the Federal Ministry of Education and Research, Germany, 2007, in German, Executive Summary available in English, https://www.datenschutzzentrum.de/projekte/verkettung/2007-uld-tud-verkettung-digitaler-identitaeten-bmbf.pdf (current November 2007).

Hildebrandt, M., Backhouse, J. (Eds.), D7.2: Descriptive analysis and inventory of profiling practices, FIDIS Deliverable, Frankfurt a.M., Germany, 2005.

Iannella, R. (Ed.), Open Digital Rights Language (ODRL) Version 1.1, W3C Note 19 September 2002, http://www.w3.org/TR/odrl/ (current September 2007).

IBBT, E-Health Information Platforms, 2007, https://ehip.ibbt.be/ (current September 2007).

IBM Corporation, Microsoft Corporation, Federation of Identities in a Web Services World, Version 1.0, Joint White Paper, July 2003, ftp://www6.software.ibm.com/software/developer/library/ws-fedworld.pdf (current September 2007).

Jakobsson, M., Wetzel, S., ‘Security weaknesses in Bluetooth’, Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer’s Track at RSA, LNCS 2020, 2001, pp. 176-191.

Jerichow, A., Müller, J., Pfitzmann, A., Pfitzmann, B., Waidner, M., ‘Real-Time Mixes: A Bandwidth-Efficient Anonymity Protocol’, IEEE Journal on Selected Areas in Communications, Special issue “Copyright and privacy protection”, 4(1998), pp. 495-509.

Jesdanun, A., Privacy for Internet names moves forward, Associated Press, March 2007, http://www.theglobeandmail.com/servlet/story/RTGAM.20070320.wprivacy0320/BNStory/Technology/ (current September 2007).

Jøsang, A., Pope, S., ‘User centric identity management’, AusCERT Conference 2005, 2005.

Kagal, L., Rei: A Policy Language for the Me-Centric Project, Technical Report HPL-2002-270, HP Laboratories (2002), http://ebiquity.umbc.edu/_file_directory_/papers/57.pdf (current September 2007).

Karjoth, G., Schunter, M., Waidner, M., ‘Platform for Enterprise Privacy Practices: Privacy-enabled Management of Customer Data’, Proceedings of the 2nd Workshop on Privacy Enhancing Technologies, 2002, pp. 61-83.

Karapandzic, M., GÉANT2 Newcomers’ Introduction, 3rd GÉANT2 Technical Workshop, January 2007, http://www.geant2.net/upload/pdf/GN2_structure_and_management_-_Newcomers.pdf (current September 2007).

Kohlweiss, M., Idemix 2003 design, unpublished, 2002.

Köhntopp, M., Ruhmann, I., ‘Trust through participation of trusted parties in technology design’, in: Müller, G., Rannenberg, K. (Eds.), Multilateral Security in Communications – Technology, Infrastructure, Economy, Addison-Wesley 1999, pp., 499-514.

Kumaraguru, P., Cranor, L., Lobo, J., Calo, S., ‘A Survey of Privacy Policy Languages’, SOUPS 2007, 18-20 July, 2007, Pittsburgh, PA, USA, http://cups.cs.cmu.edu/soups/2007/workshop/Privacy_Policy_Languages.pdf (current September 2007).

Lackner, G., Lamberger, M., Payer, U., Teufl, P., ‘WiFi Chipset Fingerprinting’, Proceedings of DACH Mobility 2006, 17-18 October 2006, Munich, Germany, 2006.

Langheinrich, M. (Ed.), A P3P Preference Exchange Language 1.0 (APPEL1.0), W3C Working Draft 15 April 2002, http://www.w3.org/TR/P3P-preferences/ (current September 2007).

Leenes, R., Schallaböck, J., Hansen, M. (Eds.), Privacy and Identity Management for Europe – PRIME White Paper V2, 2007, https://www.prime-project.eu/prime_products/whitepaper/ (current September 2007).

Lessig, L., Code and other laws of cyberspace, New York, Basic Books, 1999.

Liberty Alliance, Specifications, August 2007, http://www.projectliberty.org/ (current September 2007).

Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S., ‘Pseudonym systems’, in Heys, H.M., Adams, C.M. (Eds.), Selected Areas in Cryptography, LNCS 1758, Springer, 2000, pp. 184-199.

Madsen, P., Casassa Mont, M., Wilton, R., A Privacy Policy Framework – A position paper for the W3C Workshop of Privacy Policy Negotiation, 2006, http://www.w3.org/2006/07/privacy-ws/papers/28-madsen-framework/ (current September 2007).

Molva, R., Internet Security Architecture, Computer Networks Vol. 31 No. 8, Amsterdam, Netherlands, 1999, pp. 787-804.

Moses, T. (Ed.), XACML profile for Web-services (WSPL), OASIS XACML Technical Committee Working Draft 04, 29 September 2003, http://www.oasis-open.org/committees/download.php/3661/draft-xacml-wspl-04.pdf (current September 2007).

Moses, T. (Ed.), eXtensible Access Control Markup Language (XACML) Version 2.0, OASIS Standard, 1 Feb 2005, http://docs.oasis-open.org/xacml/2.0/XACML-2.0-OS-NORMATIVE.zip (current September 2007).

Moses, T., (Ed.), Privacy policy profile of XACML v2.0, OASIS Standard, 1 February 2005, http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-privacy_profile-spec-os.pdf (current September 2007).

Nadalin, A., Goodner, M., Gudgin, M., Barbir, A., Granqvist, H. (Eds.), WS-Trust v1.3, OASIS Standard, 19 March 2007, http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.pdf (current September 2007).

Nadalin, A., Goodner, M., Gudgin, M., Barbir, A., Granqvist, H. (Eds.), WS-SecurityPolicy v1.2, OASIS Standard, 1 July 2007, http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf (current September 2007).

Nadalin, A., Kaler, C. (Eds.), Web Services Federation Language (WS-Federation), Version 1.1. http://download.boulder.ibm.com/ibmdl/pub/software/dw/specs/ws-fed/WS-Federation-V1-1B.pdf (current September, 2007), December 2006.

Nadalin, A., Kaler, C., Hallam-Baker, P., Monzillo, R. (Eds.), Web Services Security: SOAP Message Security 1.0, OASIS Standard, March 2004, http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf (current September 2007).

Olmedilla, D., ‘Security and Privacy on the Semantic Web’, in: Petkovic, M., Jonker, W. (Eds.), Security, Privacy and Trust in Modern Data Management, Data-Centric Systems and Applications, Springer 2007, pp. 399-415, REWERSE Report REWERSE-RP-2007-060, http://rewerse.net/publications/download/REWERSE-RP-2007-060.pdf (current September 2007).

Perkins, C., RTP Audio and Video for the Internet, Addison-Wesley, 2003.

Pfitzmann, A., Hansen, M., Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management – A Consolidated Proposal for Terminology, Version 0.29, July 2007, http://dud.inf.tu-dresden.de/Anon_Terminology.shtml (current September 2007).

Powers, C., Schunter, M. (Eds.), Enterprise Privacy Authorization Language (EPAL 1.2), W3C Member Submission 10 November 2003, http://www.w3.org/Submission/2003/SUBM-EPAL-20031110/ (current September 2007).

Ragouzis, N., Hughes, J., Philpott, R., Maler, E. (Eds.), Security Assertion Markup Language (SAML) V2.0, Technical Overview, OASIS Working Draft 10, 9 October 2006, http://www.oasis-open.org/committees/download.php/20645/sstc-saml-tech-overview-2%200-draft-10.pdf (current September 2007).

RSA Laboratories, PKCS #7: Cryptographic Message Syntax Standard v1.5, November 1993, ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-7.asc (current September 2007).

Roessler, T., ‘WHOIS: Datenschutz im DNS?’, Datenschutz und Datensicherheit 26/11, 2002.

Schulzrinne, H., Tschofenig, H. (Eds.), Geolocation Policy: A Document Format for Expressing Privacy Preferences for Location Information, GEOPRIV Internet Draft, May 2007, http://www.ietf.org/internet-drafts/draft-ietf-geopriv-policy-12.txt (current September 2007).

Shalunov, S., et al., Design Space for a Bulk Transport Tool, May 2005, http://e2epi.internet2.edu/transport/transport-design-space-10.pdf (current September 2007).

Stewart, R., Amer, P.D., ‘Why is SCTP needed given TCP and UDP are widely available?’, ISO Member Briefing #17, Internet Society, June 2004.

Tanenbaum, A.S., Computer Networks, fourth edition, Prentice Hall, Upper Saddle River, NJ, 892 pages, 2003 (first edition 1981).

Tonti, G., Bradshaw, J.M., Jeffers, R., Montanari, R., Suri, N., Uszok, A., ‘Semantic web languages for policy representation and reasoning: A comparison of KAoS, Rei, and Ponder’, Proceedings of 2nd International Semantic Web Conference (ISWC), LNCS 2870, Springer, 2003, pp. 419-437.

Toonstra, J., Kinsner, W., ‘A radio transmitter fingerprinting system ODO-1’, Canadian Conference on Electrical and Computer Engineering Vol. 1, 1996, pp. 60-63.

Uszok, A., Bradshaw, J.M., Jeffers, R., Suri, N., Hayes, P.J., Breedy, M.R., Bunch, L., Johnson, M., Kulkarni, S., Lott, J., ‘KAoS Policy and Domain Services: Toward a Description-Logic Approach to Policy Representation, Deconfliction, and Enforcement’, Proceedings of IEEE 4th International Workshop Policies for Distributed Systems and Networks, IEEE CS Press, 2003, pp. 93-96.

Weinstein, L, Neumann, P.G., ‘Privacy issues and privacy enhancing technologies’, in Ito, J. (Ed.), A Report of Research on Privacy for Electronic Government. Neoteny Co., Ltd., March 2003, pp. 315-349, http://joi.ito.com/joiwiki/PrivacyReport (current September 2007).

Wenning, R., Schunter, M. (Eds.), The Platform for Privacy Preferences 1.1 (P3P1.1) Specification, W3C Working Group Note 13 November 2006, http://www.w3.org/TR/P3P11/ (current September 2007).

Wikipedia contributors, Bluetooth, 2007.

Wikipedia contributors, Cable modem, 2007.

Wikipedia contributors, Directory service, 2007.

Wikipedia contributors, File Transfer Protocol, 2007.

Wikipedia contributors, Hypertext Transfer Protocol, 2007.

Wikipedia contributors, Mixmaster-Remailer, 2007.

Wikipedia contributors, Network layer, 2007.

Wikipedia contributors, OSI model, 2007.

Wikipedia contributors, Protocol (computing), 2007.

Wikipedia contributors, Real-time Transport Protocol, 2007.

Wikipedia contributors, Simple Mail Transfer Protocol, 2007.

Wikipedia contributors, Transmission Control Protocol, 2007.

Wong, F.-L, Stajano, F., ‘Location Privacy in Bluetooth’, Proceedings of 2nd European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS 2005), LNCS 3813, Springer, 2005, pp. 176-188.

World Wide Web Consortium (W3C), PLING - W3C Policy Languages Interest Group, Discussion and Coordination of Policy Languages and W3C’s metadata framework 2007, http://www.w3.org/Policy/pling/ (current November 2007).

Zero-Knowledge Systems, Privacy Rights Markup Language Specification, Version 0.9, June 2001, http://www.synomos.com/html/EPML/documents/prml-spec.pdf (current September 2007).