Wolfgang Hommel

Learn More
With Federated Identity Management (FIM) protocols, service providers can request user attributes, such as the billing address, from the user’s identity provider. Access to this information is managed using so-called Attribute Release Policies (ARPs). In this paper, we first analyze various shortcomings of existing ARP implementations; then, we demonstrate(More)
We present a holistic, process-oriented approach to ISO/IEC 27001 compliant security incident management that integrates multiple state-of-the-art security tools and has been applied to a real-world scenario very successfully for one year so far. The computer security incident response team, CSIRT, is enabled to correlate IT security related events across(More)
Similar as the Internet is the network of networks, the evolution from Clouds towards the Inter-Cloud, a global cloud of clouds, represents a huge developmental leap for cloud computing, enabling the development of new innovative value-added services. One of the challenges in the field of Inter-Cloud is Identity Management. Up to now, no concepts have been(More)
Outsourcing is the remedy for many enterprises to improve their efficiency. However, to be able to assess the potential of one’s own as well as the external providers’ services, detailed information about the IT infrastructure and services is needed. In currently predominant IT Service Management Frameworks the so-called Configuration Management process(More)
For highly dynamic Grid scenarios, scalable solutions for resource, service and access management are essential. However, in today’s real world Grid projects, organizations still struggle with system and account management tools that have been designed for intra-organizational use and fail to handle cross-organizational requirements as imposed by Dynamic(More)
The growing amount of international collaborations in research, education, and business fields has raised once again the demand for quality assurance of network connections, which the projects and applications are realized upon. A large spectrum of examples with diverse requirements is found in areas such as \emph{GRID} and \emph{cloud computing},(More)
Large-scale distributed systems that are provided in an inter-organizational manner require scalable, dynamic access control paradigms for dealing with known, but also with new users. This paper presents an innovative, trust management based approach for such scenarios. It aggregates and evaluates trust levels from several trust dimensions and has been(More)