Auflistung nach Autor:in "Waldmann, Ulrich"
1 - 6 von 6
Treffer pro Seite
Sortieroptionen
- TextdokumentKeys4All(INFORMATIK 2017, 2017) Enzmann, Matthias; Selzer, Annika; Volkamer, Melanie; Waldmann, Ulrich
- WorkshopbeitragLegal Requirements and Technical Metrics for Controlling Privacy of Employees’ Location Data(Mensch und Computer 2023 - Workshopband, 2023) Waldmann, Ulrich; Kunz, Thomas; Schleper, Janine; Kohn, Matthias; Pesch, Paulina JoCompanies usually store a lot of personal data about their employees. Metrics for automated verification of the compliance with the data minimization and storage limitation requirements provided in the General Data Protection Regulation (GDPR) can help companies meet their monitoring obligations. Furthermore, employees can monitor the processing of their personal data and verify that the processing of their personal data is lawful. In particular, metrics can be used to monitor complex data privacy requirements such as the data minimization or storage limitation. For this purpose, suitable data sources are combined in a meaningful way to obtain indicators of data protection. This paper outlines basic metrics for an application scenario from the field of agile workforce management in logistics. The metrics are intended to verify compliance when processing real-time location data for rescheduling employees. To this end, the local logistics and workforce management system is supplemented by a proxy server and a metrics service – two trusted components within the logistics enterprise network. In particular, the metrics system prevents the internal company network from directly accessing employee location data. Depending on the role in the company (e. g., data subject, management, works council, data protection officer), it can provide different sets of metrics on current data protection.
- KonferenzbeitragOn the measurement of data protection compliance of cloud services(Informatik 2014, 2014) Kunz, Thomas; Selzer, Annika; Waldmann, UlrichCompanies want to benefit from the numerous advantages of cloud services such as flexibility and cost efficiency. However, cloud services vary considerably with respect to the security and privacy mechanisms provided. Moreover, security-aware companies complain the lack of transparency concerning the security measures and processes the cloud provider has installed. As a solution for the latter one, auditors may evaluate cloud providers and issue certificates attesting whether the cloud provider meets the agreed requirements. However, due to the characteristics of cloud computing, on-site inspections in the data centers of a cloud provider do not seem to be realistic. In this paper we show how metrics can be derived from data protection requirements and how these metrics can be expressed in the form of formal policies, in order to be used for an automated evaluation of cloud services1.
- KonferenzbeitragSupplemental biometric user authentication for digital-signature smart cards(BIOSIG 2009: biometrics and electronic signatures, 2009) Henniger, Olaf; Waldmann, UlrichThis paper specifies how biometric verification methods can be applied in addition to PIN verification on digital-signature smart cards in compliance with established smart-card standards. After successful PIN verification, multiple digital signatures can be created; each signature creation, however, is preceded by biometric verification.
- TextdokumentVerfahren zur vertrauenswürdigen Verteilung von Verschlüsselungsschlüsseln(INFORMATIK 2017, 2017) Fischer, Peter; Kunz, Thomas; Lorenz, Katharina; Waldmann, UlrichEin Grund für die geringe Verbreitung der E-Mail-Verschlüsselung liegt darin, dass viele Nutzer, die ihre E-Mails verschlüsseln möchten, nicht wissen, wie sie evtl. existierende Verschlüsselungsschlüssel der gewünschten Empfänger finden und einen gefundenen Schlüssel vor seiner Nutzung auf Herkunftsechtheit und Aktualität überprüfen können. Dieser Beitrag beschreibt ein Verfahren der Schlüsselverteilung auf Grundlage von „DNS Security Extensions“ (DNSSEC). Das Verfahren ermöglicht Nutzern einen einfachen Zugang zu vertrauenswürdigen Schlüsseln. Dazu veröffentlichen die Nutzer ihre öffentlichen Schlüssel auf einem Schlüsselverzeichnis ihres E-Mail-Anbieters. Die Betreiber des zugehörigen DNS-Servers stellen gesicherte Informationen über das jeweilige Schlüsselverzeichnis zur Verfügung. Mittels einer Erweiterung der E-Mail-Anwendung wird der für eine E-Mail-Kommunikation benötigte öffentliche Schlüssel eines Kommunikationspartners automatisch ermittelt. Dazu ist ausschließlich die Angabe der E-Mail-Adresse des Empfängers notwendig.
- KonferenzbeitragWerkzeuge zur Messung der datenschutzkonformen Einhaltung des Verarbeitungsstandorts in der Cloud(INFORMATIK 2015, 2015) Jäger, Bernd; Kraft, Reiner; Selzer, Annika; Waldmann, Ulrich