Auflistung nach Autor:in "Horsch, Moritz"
1 - 7 von 7
Treffer pro Seite
Sortieroptionen
- TextdokumentThe ENTOURAGE Privacy and Security Reference Architecture for Internet of Things Ecosystems(Open Identity Summit 2019, 2019) Zibuschka, Jan; Horsch, Moritz; Kubach, MichaelThe Internet of Things (IoT), with its ubiquitous sensors and actuators, enables highly useful novel use cases, notably in the field of digital assistance. It also raises unprecedented privacy and security issues. This contribution presents a reference architecture for an ecosystem of digital assistants with minimal barriers of entry, that aims to be both secure and privacy-respecting. We present concise definitions, requirements, and a layered architectural structure for IoT assistants. Moreover, we introduce privacy and security assistants building on privacy patterns such as privacy dashboard, privacy mode and security and privacy policies and interface.
- KonferenzbeitragAn extensible client platform for eID, signatures and more(Open Identity Summit 2013, 2013) Wich, Tobias; Horsch, Moritz; Petrautzki, Dirk; Schmölz, Johannes; Hühnlein, Detlef; Wieland, Thomas; Potzernheim, SimonThe present paper introduces an extensible client platform, which can be used for eID, electronic signatures and many more smart card enabled applications.
- KonferenzbeitragOn the design and implementation of the Open eCard App(SICHERHEIT 2012 – Sicherheit, Schutz und Zuverlässigkeit, 2012) Hühnlein, Detlef; Petrautzki, Dirk; Schmölz, Johannes; Wich, Tobias; Horsch, Moritz; Wieland, Thomas; Eichholz, Jan; Wiesmaier, Alexander; Braun, Johannes; Feldmann, Florian; Potzernheim, Simon; Schwenk, Jörg; Kahlo, Christian; Kühne, Andreas; Veit, HeikoThe paper at hand discusses the design and implementation of the “Open eCard App”, which is a lightweight and open eID client, which integrates major international standards. It supports strong authentication and electronic signatures with numerous common electronic identity cards in desktop as well as mobile environments. The Open eCard App is designed to be as lightweight, usable and modular as possible to support a variety of popular platforms including Android for example. It will be distributed under a suitable open source license and hence may provide an interesting alternative to existing eID clients.
- TextdokumentPassword Assistance(Open Identity Summit 2017, 2017) Horsch, Moritz; Braun, Johannes; Buchmann, JohannesFor decades, users are not able to realize secure passwords for their user accounts at Internet services. Users’ passwords need to fulfil general security requirements and the password requirements of services. Furthermore, users need to cope with different password implementations at services. Finally, users need to perform a multitude of tasks to properly manage their large password portfolios. This is practically impossible. In this paper, we introduce the vision of a password assistant. It supports users in all duties and tasks with regard to their passwords, from the creation of secure passwords to the recovery of them in case of loss. Moreover, it provides an extensive automatization of all password tasks that reduces the users’ efforts and activities to deal with passwords to a minimum. A password assistant enables high security for passwords as well as improves their ease of use. First, we provide a detailed description of the problem of users to realize secure passwords for their accounts in practice. Second, we outline the vision of a password assistant, describe its technical foundation, and introduce the related open-source project starting to realize the first password assistant.
- KonferenzbeitragPassword Policy Markup Language(2016) Horsch, Moritz; Schlipf, Mario; Haas, Stefan; Braun, Johannes; Buchmann, JohannesPassword-based authentication is the most widely used authentication scheme for granting access to user accounts on the Internet. Despite this, there exists no standard implementation of passwords by services. They have different password requirements as well as interfaces and procedures for login, password change, and password reset. This situation is very challenging for users and often leads to the choice of weak passwords and prevents security-conscious behavior. Furthermore, it prevents the development of applications that provide a fully-fledged assistance for users in securely generating and managing passwords. In this paper, we present a solution that bridges the gap between the different password implementations on the service-side and applications assisting users with their passwords on the client-side. First, we introduce the Password Policy Markup Language (PPML). It enables a uniformly specified Password Policy Description (PPD) for a services. A PPD describes the password requirements as well as password interfaces and procedures of a service and can be processed by applications. It enables applications to automatically (1) generate passwords in accordance with the password requirements of a service, (2) perform logins, (3) change passwords, and (4) reset passwords. Second, we present a prototypical password manager which uses PPDs and is capable of generating and completely managing passwords on behalf of users.
- KonferenzbeitragEine Referenzarchitektur für die Authentisierung und elektronische Signatur im Gesundheitswesen(INFORMATIK 2012, 2012) Hühnlein, Detlef; Schmölz, Johannes; Wich, Tobias; Biallowons, Benedikt; Horsch, Moritz; Hühnlein, TinaVor dem Hintergrund der differenzierten Empfehlungen für den Einsatz elektronischer Signaturen und Zeitstempel in Versorgungseinrichtungen des Gesundheitswesens [SKB+10] wird in diesem Beitrag auf Basis der Vorarbeit aus einschlägigen Projekten sowie unter Berücksichtigung der relevanten BSI-Richtlinien und internationalen Standards eine umfassende und zukunftsfähige Referenzarchitektur für die starke Authentisierung und elektronische Signatur im Gesundheitswesen entwickelt.
- KonferenzbeitragSAML Privacy-Enhancing Profile(Open Identity Summit 2014, 2014) Horsch, Moritz; Tuengerthal, Max; Wich, TobiasWe present the SAML Privacy-Enhancing (PE) profile which empowers users to take control of the authentication process and their personal data. Users have the full control of the application flow and get detailed information about the involved participants and the revealed attributes. This enables users to give informed consent for the authentication. The new profile builds on well-established standards and technologies. We use the common SAML Authentication Request and provide the additional information as extensions based on SAML Metadata.