Title: REFERENCES

References

Robert Aarts, Bronislav Kavsan, and Thomas Wason: Liberty ID-FF Bindings and Profiles Specification Version: 1.2-errata-v2.0. http://www.projectliberty.org/specs/draft-libertyidff-bindings-profiles-1.2-errata-v2.0.pdf. Liberty Alliance. 2005. 

Robert Aarts, Carolina Canales-Valenzuela, Scott Cantor, Frederick Hirsch, Jeff Hodges, John Kemp, John Linn, Paul Madsen, Jonathan Sergent and Greg Whitehead: Liberty ID-WSF Security Mechanisms Version: 1.2. http://www.projectliberty.org/specs/liberty-idwsf-securitymechanisms-v1.2.pdf. Liberty Alliance. 2005. 

Rafael Accorsi: On the Relationship of Privacy and Secure Remote Logging in Dynamic Systems. In Proceedings of IFIP International Federation for Information Processing, Volume 201, Security and Privacy in Dynamic Environments, S. Fischer-Hübner, K. Rannenberg, L. Yngström, S. Lindskog, Springer-Verlag, pp. 329—338, 2006. 

Christer Andersson, Jan Camenisch, Stephen Crane, Simone Fischer-Hübner, Ronald Leenes, Siani Pearsson, John Sören Petterson, Dieter Sommer, “Trust in PRIME”, Proceedings of the 5th IEEE Int. Symposium on Signal Processing and IT, December 18-21, 2005, Athens, Greece. 

Rajeev Angal, Conor Cahill, Andy Feng, Gael Gourmelen, Lena Kannappan, Sampo Kellomaki, John Kemp, and Jonathan Sergent:  Liberty ID-WSF Data Services Template Specification Version: v1.1. http://www.projectliberty.org/specs/liberty-idwsf-dstv1.1.pdf. Liberty  Alliance. 2005.

Kristie Ball, David Lyon, David Murakami Wood, Clive Norris, and Charles Raab: A Report on the Surveillance Society: Full Report. http://www.ico.gov.uk/about_us/news_and_views/current_topics/Surveillance. 2006.

Carsten Bange and Heiko Schinzer: Rentablere Kundenbeziehungen durch automatisierte Analyse und Personalisierung. In Rainer Thome, Heiko Schinzer, and Martin Hepp (eds.): Electronic Commerce und Electronic Business – Mehrwert durch Integration und Automation, Vol. 3, p. 53—79, Franz Vahlen, Munich, 2005.

Mihir Bellare, Juan A. Garay, Ralf Hauser, Amir Herzberg, Hugo Krawczyk, Michael Steiner, Gene Tudsik, and Michael Waidner: iKP – A Family of Secure Electronic Payment Protocols. 1st USENIX Workshop on Eletronic Commerce 1995. http://www.zurich.ibm.com/Technology/Security/extern/ecommerce/iKP.html. 1995.

Oliver Berthold, Hannes Federrath, and M. Köhntopp: Project ‘Anonymity and Unobservability in the Internet’. In Workshop on Freedom and Privacy by Design / Conference on Freedom and Privacy 2000. p. 57—65. 2000. 

J. Bohn, V. Coroama et al: Social, Economic, and Ethical Implications of Ambient Intelligence and Ubiquitous Computing. Ambient Intelligence. W. Weber, J. Rabaey and E. Aarts. Zurich, Springer: 5-29, 2005. 

Gilles Brassard, David Chaum, and Claude Crépeau: Minimum disclosure proofs of knowledge. Journal of Computer and System Sciences Vol. 37. p. 156—189. 1988. 

Stefan A. Brands: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press. 2000.

J. Buchmann, M. Ruppert, and M. Tak: FlexiPKI - Realisierung einer flexiblen Public-Key-Infrastruktur. Technical report TU Darmstadt. 1999.

L. Bygrave: Minding the Machine. Art.15 and the EC Data Protection Directive and automated profiling. Computer Law & Security Report. 17: 17-24,.2001. 

Jan Camenisch and Anna Lysyanskaya: Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In EUROCRYPT 2001. Vol. 2045. Springer. p. 91—118. 2001. 

Jan Camenisch and Els Van Herreweghen: Design and Implementation of the idemix Anonymous Credential System. In 9th ACM Conference on Computer and Communications Security. ACM Press. p.21—30.. 2002. 

Jan Camenisch and Anna Lysyanskaya: Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials. In Moti Yung (Hrsg.), CRYPTO 2002. Lecture Notes in Computer Science Vol. 2442. p. 61—76. Springer. 2002. 

Jan Camenisch and Anna Lysyanskaya. A signature scheme with efficient protocols. In SCN 2002, volume 2576 of LNCS, pages 268–289. 2002.

Jan Camenisch, Abhi Shelat, Dieter Sommer, Simone Fischer-Hübner, Marit Hansen, Henry Krasemann, Gerard Lacoste, Ronald Leenes and Jimmy Tseng: Privacy and identity management for everyone. In DIM ’05: Proceedings of the 2005 workshop on Digital identity management, New York. p. 20—27. ACM Press. 2005. 

Jan Camenisch, Susan Hohenberger, Markulf Kohlweiss, Anna Lysyanskaya, and Mira Meyerovich. How to Win the Clone Wars: Efficient Periodic n-Times Anonymous Authentication. In ACM CCS (to appear), 2006.

Scott Cantor, Jeff Hodges, John Kemp, and Peter Thompson: Liberty ID-FF Architecture Overview Version: 1.2-errata-v1.0. http://www.projectliberty.org/specs/liberty-idffarch-overview-v1.2.pdf. Liberty Alliance. 2005. 

Steven Carmody, Marlena Erdos, Keith Hazelton, Walter Hoehn, RL "BobMMorgan, Tom Scavo, and DavisWasley: Shibboleth Architecture Protocols and Profiles. 2005. 

David Chaum. Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Communications of the ACM 24(2). p. 84–88. 1981. 

David Chaum, Amos Fiat, and Moni Naor: Untraceable electronic cash. In CRYPTO ’88. Lecture Notes in Computer Science Vol. 403. p. 319—327. Springer. 1990. 

Custers, B. (2004). The Power of Knowledge. Ethical, Legal, and Technological Aspects of Data Mining and Group Profiling in Epidemiology. Nijmegen, Wolf Legal Publishers. 

T. Dierks und E. Rescorla: The Transport Layer Security (TLS) Protocol Version 1.1. Request for Comments 4346. 2006. 

Nathan Dors: Shibboleth Architecture Technical Overview, 2005. 

Dietmar Eifert: Wert von Kundenprofilen im Electronic Commerce. Electronic Commerce Vol. 28. Lohmar. Cologne. 2004. 

C. Ellison, B. Frantz, B. Lamspon, R. Rivest, B. Thomas, and T. Ylonen: SPKI Certificate Theory. Internet Request for Comments 2693. Network Working Group. 1999. 

EPIC and Privacy International: Privacy & Human Rights 2005. Electronic Privacy Information. 2006. 

European Commission: Directive 95/46/EC of the European Parliament and of the Council of 24th October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities L281. p. 31—50. 1995. 

European Commission: Directive 2002/58/EC of the European Parliament and of the Council of 12th July 2002 concerning the processing of personal data and the protection of privacy in the electronic communication sector (Directive on privacy and electronic communications). Official Journal of the European Communities L201. p. 37—47. 2002. 

European Commission: Directive 2006/58/EC of the European Parliament and of the Council of 15th March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC. Official Journal of the European Communities L105. p. 54—63. 2006. 

S. Farrell und R. Housley: An Internet Attribute Certificate Profile for Authorisation. Internet Request for Comments 3281. 2002.

Warwick Ford and Michael S. Baum: Secure Electronic Commerce. Prentice-Hall, Inc., New Jersey. 1997.

Jason Garman: Kerberos: The Definitive Guide. O’Reilly. 2003. 

German Federal Constitutional Court: Volkszählungsurteil. In Entscheidungen des Bundesverfassungsgerichts. Band 65. 1983.

German Federal Government: German Teleservices Data Protection Act. 1997.

German Federal Government: Federal Data Protection Act. 2001. 

Hidehito Gomi,Makoto Hatakeyama, Shigeru Hosono, and Satoru Fujita: A delegation framework for federated identity management. New York. ACM Press. p. 94–103. 2005. 

John Hagel III and John Seely Brown: Your Next IT Strategy. Harvard Business Review, p. 105—113. 2001. 

Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman: Protection in operating systems. Communications of the ACM 19(8). p. 461–471. 1976. 

Kurt Haubner: FiinTS V4.0 Kompendium Financial Transaction Services. SIX SIGMA EDV-Konzepte. 2004. 

Harry Henderson: Privacy in the Information Age. Facts on File. New York. 1999. 

Mireille Hildebrandt:. Defining Profiling: A New Type of Knowledge. Profiling the European Citisen. A Cross-disciplinary Perspective. M. Hildebrandt and S. Gutwirth, under review

Mireille Hildebrandt: Technology and the End of Law. The Limits of (the Rule of) Law. E. Claes and B. Keirsbilck. 2007. 

Michael N. Huhns and Munindar P. Singh: Service-Oriented Computing: Key Concepts and Principles. IEEE Computing 49(1), p. 75—81. 2005. 

International Civil Aviation Organisation. Machine readable travel documents. http://www.icao.int/mrtd/Home/Index.cfm.. 2006.

Scenarios for Ambient Intelligence in 2010, Information Society Technology Advisory Group: available at: http://www.cordis.lu/ist/istag-reports.htm. 2006. 

The Internet of Things. Geneva, International Telecommunications Union (ITU) 

Safeguard Privacy in Ubiquitous Computing with Decentralised Information Spaces: Bridging the Technical and the Social. Privacy Workshop September 29, 2002, University of California, Berkeley. Berkeley, available at: http://guir.berkeley.edu/pubs/ubicomp2002/privacyworkshop/papers/jiang-privacyworkshop.pdf

Uwe Jendricke and Daniela Gerd tom Markotten: Usability meets security - the Identity-Manager as your personal security assistant for the Internet. In 16th Annual Computer Security Applications Conference (ACSAC’00) 2000. 2000. 

Uwe Jendricke, Michael Kreutzer, and Alf Zugenmaier: Mobile Identity Management. Technical report 178. Institute of Computer Science and Social Studies (Telematics). Workshop on Security in Ubiquitous Computing UBICOMP 2002. 2002. 

Uwe Jendricke: Sichere Kommunikation zum Schutz der Privatsphäre durch Identitätsmanagement. RHOMBOS Verlag, Berlin, 2003.

Günter Karjoth, Matthias Schunter and Michael Waidner. Privacy-enabled Services for Enterprises In Proc. of the 13th International Conference on Database and Expert Systems Applications (DEXA’02). IEEE Computer Press, 2002

John Kemp, Paul Madsen, Jonathan Sergent, and Greg Whitehead: Liberty ID-WSF Interaction Service Specification Version v1.1. http://www.projectliberty.org/specs/liberty-idwsfinteraction-svc-v1.1.pdf. Liberty Alliance. 2005. 

John Kemp, Robert Aarts, Nick Bone, David Castellanos-Zamora, Jean-Michel Crom, Lena Kannappan, Andrew Lindsay-Stewart, Kenichi Maeda, Mike Meyerstein, Alain Nochimowski, Alfredo Gonzalez, Alain Poignet, Xavier Serret, James Vanderbeek, Juliette Vittu, Alex Walter, Jonathan Sergent, Paul Madsen, Conor Cahill, John Linn, Susan Landau and Paule Sibieta: Liberty ID-FF Implementation Guidelines Version 1.2. http://www.projectliberty.org/specs/liberty-idff-guidelinesv1.2.pdf. Liberty Alliance. 2005. 

J. Kohl and C. Neuman: The Kerberos Network Authentication Service (V5). Request for Comments 1510. 1993. 

Markus Kohlweiss: Towards Anonymous Digital Credentials – Integrating Idemix with Access Control Products. Master thesis. University of Klagenfurt. 2003.

Thomas Kriegelstein: Entwurf und Implementierung eines Identitätsmanagement anhand eines Beispielszenarios. Master thesis, TU Dresden, 2002.

Marc Langheinrich: Die Privatsphäre im Ubiquitous Computing – Datenschutzaspekte der RFID-Technologie. In Elgar Fleisch and Friedemann Mattern (eds.); Das Internet der Dinge – Ubiquitous Computing und RFID in der Praxis. P. 329—362. Springer. 2005.

Cp. Lévy, P.: Les technologies de l’intelligence. L’avenir de la pensée à l’ère informatique. Paris, La Découverte; Hildebrandt, M. (2007). Technology and the End of Law. The Limits of (the Rule of) Law. 1990.

E. Claes and B. Keirsbilck: Liberty Alliance Project: Specifications Version 1.2. http://www.projectliberty.org/specs/liberty-20051121.zip, November 2005. last accessed at February 15th, 2006.

Thorsten Litfin and Gerd Wolfram: New Automated Checkout Systems. In Manfred Krafft and Murali K. Mantrala (eds.): Retailing in the 21st Century: Current and Future Trends., p. 143—159. Springer. 2006.

Eve Maler, Prateek Mishra, and Rob Philpott: Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V1.1. 2003. 

Martin Meints: ‘Datenschutz durch Prozesse’. to be published in Datenschutz und Datensicherheit 4/2007. Wiesbaden 2007.

Microsoft Corporation: Microsoft .NET Passport Review Guide. http://www.microsoft.com/net/services/passport/review_guide.asp. 2003. 

Esther Moir: The Justice of Peace. Penguin Books. 1969. 

Günter Müller and Sven Wohlgemuth (eds.): Study on Mobile Identity Management. European Commission Framework Programme Future of Identity in the Information Society (FIDIS). 2005. 

K. Nielsen, R. Molich, C. Snyder and S. Farell: E-commerce user experience: Trust. Nielsen Norman Group, 2000. 

Organisation for Economic Co-operation and Development: OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. http://www.oecd.org/document/18/0,2340,en_2649_34255_1815186_1_1_1_1,00.html. 1980. 

Jaehong Park and Ravi Sandhu: The UCONABC usage control model. ACM Transactions on Information and System Security 7(1). p. 128–174. 2004. 

John Sören Pettersson, Simone Fischer-Hübner, Mike Bergmann, “Outlining Data Track: Privacy-friendly Data Maintenance for End-users”, Proceedings of the 15th International Conference on Information Systems Development (ISD 2006), Budapest, 31st August - 2nd September 2006, Springer Scientific Publishers. 2006. 

John Sören Pettersson, Simone Fischer-Hübner, chapter 5.3.3 “The UI to implement functions”, in: R. Leenes, S. Fischer-Hübner (Editors), PRIME Framework V2, 27 July 2006, https://www.prime-project.eu/prime_products/reports/fmwk/. 2006. 

Andreas Pfitzmann and Marit Hansen: Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management – A Consolidated Proposal for Terminology v0.28. http://dud.inf.tu-dresden.de/Anon_Terminology.shtml. 2006. 

William Pitt: Speech on the Excise Bill.. 1765. 

William Prosser: Privacy. California Law Review 48. p. 383—423. 1960. 

Kai Rannenberg, Andreas Pfitzmann, and Günter Müller: IT Security and Multilateral Security. In: Multilateral Security in Communications - Technology, Infrastructure, Economy. P. 21—29. Addison-Wesley-Longman. 1999. 

R. L. Rivest, A. Shamir, and L. Adleman: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2). p. 120–126. 1978.

Alexander Roßnagel: Moderinisierung des Datenschutzrechts für eine Welt allgegenwärtiger Datenverarbeitung. Multimedia und Recht 8(2). 2005. 

Stefan Sackmann and Jens Strüker: Electronic Commerce Enquête 2005 – 10 Jahre Electronic Commerce: Eine stille Revolution in deutschen Unternehmen. Technical Report, Institute of Computer Science and Social Studies (Telematics), Freiburg I.Br., 2005.

Stefan Sackmann, Jens Strücker, and Rafael Accorsi: Personalisation in Privacy-Aware Highly Dynamic Systems. Communications of the ACM, Vol. 49(9), p. 32—38. 2006.

Jerry H. Saltzer and Mike D. Schroeder: The protection of information in computer systems. In proceedings of the IEEE 63(9). p. 1278—1308. 1975. 

F. Schauer: Profiles Probabilities and Stereotypes. Cambridge, Massachusetts London, England, Belknap Press of Harvard University Press. 2003.

Roland E. Schmid, Volker Bach, and Hubert Österle: Mit Customer Relationship Management zum Prozessportal, Springer, 2000.

W. Schreurs and M. Hildebrandt: Legal Issues. Report on the Actual and Possible Profiling Techniques in the Field of Ambient Intelligence. W. Schreurs, M. Hildebrandt, M. Gasson and K. Warwick. Brussels, FIDIS deliverable 7.3, available at www.fidis.net: 36-59. 2005. 

W. Schreurs, M. Hildebrandt et al.: Cogitas ergo sum: The role of data protection law and non-discrimination law in group profiling in the private sphere. Profiling the European Citisen: Cross-Disciplinary Perspectives. M. Hildebrandt and S. Gutwirth, Springer, 2008.

Igor Sedov, Marc Haase, Clemens Cap, and Dirk Timmermann: Hardware Security Concept for Spontaneous Network Integration of Mobile Devices. In Proceedings of the International Workshop "Innovative Internet Computing Systems". Ilmenau. 2001.

Shyong K. “Tony” Lam, Dan Frankowksi, and John Riedl: Do You Trust Your Recommendation? An Exploration of Security and Privacy Issues in Recommender Systems. In Proceedings of Emerging Trends in Information and Communication Security (ETRICS) 2006. Lecture Notes of Computer Science. Vol. 2995. p. 14—29. Springer. 2006.

Robert Ellis Smith: The law of privacy in a nutshell. Privacy Journal 19(6). P. 50—51. 1993. 

Daniel J. Solove: A Taxonomy of Privacy. University of Pennsylvania Law Review 154(3), p. 477—564, 2006. 

Daniel J. Solove: The Digital Person: Technology and Privacy in the Information Age. New York University Press. 2006.

Jens Strüker and Stefan Sackmann: New Forms of Customer Communication: Concepts and Pilot Projects. In Proceedings of the 10th Americas Conference on Information Systems (AMCIS ’04) USA. 2004.

United Nations: The Universal Declaration of Human Rights. http://www.unhchr.ch/udhr/index.htm. 1948. 

Carolina Canales Venezuela, Garry Ellison, Jeff Hodges, Sampo Kellomäki, John Kemp, John Linn, and Peter Thompson: Liberty ID-WSF Security and Privacy Overview Version: 1.0. http://www.projectliberty.org/specs/liberty-idwsf-securityprivacy-overview-v1.0.pdf. Liberty Alliance. 2005.

Von Welch, Ian Foster, Carl Kesselmann, Olle Mulmo, Laura Pearlman, Steven Tuecke, Jarek Gawor, Sam Medder, and Frank Siebenlist: X.509 Proxy Certificates for Dynamic Delegation. In 3rd Annual PKI R&D Workshop. 2004.

Samuel D. Warren and Louis D. Brandeis: The Right to Privacy. Harvard Law Review 193(4). 1890. 

Alan F. Westin: Privacy and Freedom. Atheneum. New York. 1967.

Sven Wohlgemuth, Uwe Jendricke, Daniela Gerd tom Markotten, Felix Dorner, and Günter Müller: Sicherheit und Benutzbarkeit durch Identitätsmanagement. In D. Spath and K. Haases (eds.): Tagungsband zum doIT Software-Forschungstag 2003, Aktuelle Trends in der Softwareforschung, Stuttgart, p. 241—260, IRB Verlag, 2004.

W. Yeong, T. Howes, and S. Kille: Lightweight Directory Access Protocol. Internet Request for Comments 1777. 1995.

Alf Zugenmaier: Anonymity for Users of Mobile Devices through Location Adressing. RHOMBOS-Verlag. 2003. 

Zarsky, T. Z.: "Mine Your Own Business!": Making the Case for the Implications of the Data Mining or Personal Information in the Forum of Public Opinion." Yale Journal of Law & Technology 5 (4): 17-47, 2002-2003.