Bibliography

Dr.-Ing. Matthias Schunter
Diplom-Informatiker

1 Publications and Patents

Abstracts and publications are partially online at http://www.semper.org/sirene/lit/sirene.abstracts.html. The most important papers outlining different research areas are:

Enterprise Privacy Management:[11, 24, 19]
Secure electronic commerce: [5, 7, 17, 27]
Security protocols: [4, 13, 28, 30]
Formal security models: [29, 65]

1.1 Theses

  1. Matthias Schunter: Optimistic Fair Exchange; Dissertation, Universität des Saarlandes, October 2000.
  2. Matthias Schunter: Spezifikation von Geheimhaltungseigenschaften für reaktive kryptologische Systeme; Diplomarbeit am Institut für Informatik, Universität Hildesheim, Januar 1994.

1.2 Refereed Journals

  1. Gerrit Bleumer, Matthias Schunter: Datenschutzorientierte Abrechnung medizinischer Leistungen; Datenschutz und Datensicherheit DuD 21/2 (1997) 88-97 (revised in [4]).
  2. Gerrit Bleumer, Matthias Schunter: Digital patient assistants — privacy vs. cost in compulsory health insurance; Health Informatics Journal 4 (1998) 138-156.
  3. Andreas Pfitzmann, Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Trusting Mobile User Devices and Security Modules; IEEE Computer 30/2 (1997) 61-68.
  4. Matthias Schunter, Michael Waidner, Dale Whinnett: A status report on the SEMPER framework for secure electronic commerce; Computer Networks and ISDN Systems 30/ (1998) 1501-1510, 1998 TERENA Networking Conference, Dresden, Germany, October 5-8.
  5. Matthias Schunter, Michael Waidner, Dale Whinnett: The SEMPER Framework for Secure Electronic Commerce; Wirtschaftsinformatik 41/3 (1999) 238-247.

1.3 Refereed Conferences

  1. N. Asokan, Birgit Baum-Waidner, Matthias Schunter, Michael Waidner: Optimistische Mehrparteienvertragsunterzeichnung; Verlä¨ssliche IT-Systeme, GI-Fachtagung VIS ’99, DuD Fachbeiträge, Vieweg, Braunschweig 1999, 49-66.
  2. Paul Ashley, Satoshi Hada, Günter Karjoth, and Matthias Schunter: E-P3P privacy policies and privacy authorization. ACM Workshop on Privacy in the Electronic Society (WPES) 2002, ACM Press 2003, 103-109
  3. Paul Ashley, Matthias Schunter: The Platform for Enterprise Privacy Practices, Information Security Solutions Europe (ISSE), Paris, 2002.
  4. P. Ashley, C. Powers, M. Schunter,: From Privacy Promises to Privacy Management A New Approach for Enforcing Privacy Throughout an Enterprise, ACM New Security Paradigms Workshop, Virginia Beach VA, ACM Press, October 2002.
  5. Paul Ashley, Calvin S. Powers, Matthias Schunter: New Technology for Managing Privacy, 3rd International Symposium on Electronic Commerce (ISEC 2002), Raleigh NC, IEEE Press, 2002.
  6. N. Asokan, Matthias Schunter, Michael Waidner: Optimistic Protocols for Fair Exchange; 4th ACM Conference on Computer and Communications Security, Zürich, April 1997, 6-17.
  7. M. Backes, W. Bagga, G. Karjoth, M. Schunter: Efficient Comparison of Enterprise Privacy Policies; In 19th Annual ACM Symposium on Applied Computing, pages 375-382. Nicosia, Cyprus, March 14-17, 2004.
  8. Michael Backes, Birgit Pfitzmann, Matthias Schunter: A Toolkit for Managing Enterprise Privacy Policies; 8th European Symposium on Research in Computer Security (ESORICS 2003), LNCS 2808, Springer-Verlag, Berlin 2003, 162-180.
  9. Michael Backes, Matthias Schunter: From Absence of Certain Vulnerabilities towards Security Proofs - Pushing the Limits of Formal Verification; Proceedings of the 10th ACM Workshop on New Security Paradigms (NSPW), Ascona, Switzerland, August, 2003.
  10. Jean-Paul Boly, Antoon Bosselaers, Ronald Cramer, Rolf Michelsen, Stig Mjolsnes, Frank Muller, Torben Pedersen, Birgit Pfitzmann, Peter de Rooij, Berry Schoenmakers, Matthias Schunter, Luc Vallée, Michael Waidner: The ESPRIT Project CAFE — High Security Digital Payment Systems; ESORICS 94 (Third European Symposium on Research in Computer Security), Brighton, LNCS 875, Springer-Verlag, Berlin 1994, 217-230.
  11. Gerrit Bleumer, Matthias Schunter: Privacy Oriented Clearing for the German Healthcare System; in Ross Anderson (ed.): Personal Information Security, Engineering and Ethics, Springer-Verlag 1997, 175-194 (revised in [4]).
  12. G. Karjoth, M. Schunter: A Privacy Policy Model for Enterprises, 15th IEEE Computer Security Foundations Workshop, IEEE Press, 2002.
  13. G. Karjoth, M. Schunter, M. Waidner: Platform for Enterprise Privacy Practices, Privacy-enhancing Technologies (PET 2002), San Francisco, Springer-Verlag LNCS, 2002.
  14. G. Karjoth, M. Schunter, M. Waidner: Privacy-enabled Services for Enterprises; In International Workshop on Trust and Privacy in Digital Business (Trustbus 2002), pages 483-487. IEEE Computer Press, 2002.
  15. Günter Karjoth, Matthias Schunter, Els Van Herreweghen: Enterprise Privacy Practices vs. Privacy Promises - How to Promise What You Can Keep; 4th IEEE International Workshop on Policies for Distributed Systems and Networks (Policy ’03), Lake Como, Italy, June 4-6, 2003, 135-146.
  16. Guenter Karjoth, Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Service-oriented Assurance - Comprehensive Security by Explicit Assurances; Quality of Protection: Security Measurements and Metrics. Dieter Gollmann and Fabio Massacci and Artsiom Yautsiukhin (eds.). Springer Verlag, 2006, pp 13–24.
  17. Günter Karjoth, Matthias Schunter, Els Van Herreweghen, Michael Waidner: Amending P3P for Clearer Privacy Promises; Trust and Privacy in Digital Business - TrustBus 03. In 14th Intíl Workshop on Database and Expert Systems Applications (DEXA), IEEE Press, Prague, 2003, 445-449.
  18. Michael R. Nelson, Matthias Schunter, Michael R. McCullough, John S. Bliss: Trust on Demand — Enabling Privacy, Security, Transparency, and Accountability in Distributed Systems; 33rd Research Conference on Communication, Information and Internet Policy (TPRC), September 23-25, Arlington VA, USA, 2005.
  19. Andreas Pfitzmann, Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Vertrauenswürdiger Entwurf portabler Benutzerendgeräte und Sicherheitsmodule; Hans H. Brüggemann, Waltraud Gerhardt-Häckl (ed.): Verläßliche IT-Systeme, Proceedings der GI-Fachtagung VIS ’95; DuD Fachbeiträge, Vieweg, Wiesbaden 1995, 329-350 (revised in [5]).
  20. Birgit Pfitzmann, Matthias Schunter, Michael Waidner: How to Break Another “Provably Secure” Payment System; Eurocrypt ’95, LNCS 921, Springer-Verlag, Berlin 1995, 121-132.
  21. Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Optimal Efficiency of Optimistic Contract Signing; 17th Symposium on Principles of Distributed Computing (PODC), ACM, New York 1998, 113-122.
  22. Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Cryptographic Security of Reactive Systems; Workshop on Secure Architectures and Information Flow, Royal Holloway, University of London, December 1 - 3, 1999; Electronic Notes in Theoretical Computer Science (ENTCS) 32 (2000).
  23. Birgit Pfitzmann, Matthias Schunter: Asymmetric Fingerprinting (Extended Abstract); Eurocrypt ’96, LNCS 1070, Springer-Verlag, Berlin 1996, 84-95.
  24. A. Sadeghi, M. Schunter, S. Steinbrecher: Private Auctions with Multiple Rounds and Multiple Items; TrustBus Workshop at DEXA2002, IEEE Press, 2002.
  25. Jan Holger Schmidt, Matthias Schunter, Arnd Weber: Ist elektronisches Geld realisierbar?; Verläßliche IT-Systeme, GI-Fachtagung VIS ’99, DuD Fachbeiträge, Vieweg, Braunschweig 1999, 1-18.
  26. Matthias Schunter, Christian Stüble: Effiziente Implementierung von kryptographischen Datenaustauschformaten am Beispiel von S/MIME und OpenPGP; Sicherheitsinfrastrukturen, DuD Fachbeiträge, Vieweg 1999, 272-284.
  27. Matthias Schunter and Chris Vanden Berghe: Privacy Injector – Automated Privacy Enforcement through Aspects; 6th Workshop on Privacy Enhancing Technologies Robinson College, Cambridge, United Kingdom June 28 - June 30, 2006,Lecture Notes in Computer Science, Springer Verlag, 2006.
  28. Matthias Schunter, Els Van Herreweghen, Michael Waidner: Expressive Privacy Promises — How to Improve the Platform for Privacy Preferences (P3P); W3C Workshop on the Future of P3P World Wide Web Consortium, Dulles VA, 11/12/2002.
  29. Matthias Schunter, Michael Waidner, Dale Whinnett: The SEMPER Framework for Secure Electronic Commerce; Electronic Business Engineering, 4. Internationale Tagung Wirtschaftsinformatik 1999, Physica-Verlag, Heidelberg 1999, 169-185 (revised in [7]).
  30. Matthias Schunter, Michael Waidner: Architecture and Design of a Secure Electronic Marketplace; Joint European Networking Conference (JENC8), Edinburgh, June 1997, 712.1-712.5 (revised in [7]).
  31. Matthias Schunter: Vertrauen als integraler Bestandteil kryptographischer Spezifikationen; Trust Center, Grundlagen, Rechtliche Aspekte, Standardisierung, Realisierung, DuD Fachbeiträge, Vieweg, Wiesbaden 1995, 173-179.

1.4 Book Chapters

  1. N. Asokan, Birgit Baum-Waidner, Torben Pedersen, Birgit Pfitzmann, Matthias Schunter, Michael Steiner, Michael Waidner: Technical Framework; In Gérard Lacoste, Birgit Pfitzmann, Michael Steiner, Michael Waidner (eds.): Secure Electronic Marketplace for Europe. LNCS 1854, Springer-Verlag, Berlin 2000.
  2. G. Karjoth, M. Schunter, M. Waidner: Unternehmensweites Datenschutzmanagement. Datenschutz Sommerakademie “Datenschutz als Wettbewerbsvorteil”, Kiel, Germany, September 18, 2001, Vieweg Verlag, 2002 (english in [21]).
  3. Andreas Pfitzmann, Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Trustworthy User Devices; In Günter Müller, Kai Rannenberg (ed.): Multilateral Security in Communications, Vol. 3: Technology, Infrastructure, Economy; Addison-Wesley, München 1999, 137-156 (extension of [5]).
  4. Jan Holger Schmidt, Matthias Schunter, Arnd Weber: Can Cash be Digitalised?; In Günter Müller, Kai Rannenberg (ed.): Multilateral Security in Communications, Vol. 3: Technology, Infrastructure, Economy; Addison-Wesley, München 1999, 301-320 (translation of [32]).
  5. Matthias Schunter: Fair Exchange — A New Paradigm for e-Commerce; In Gérard Lacoste, Birgit Pfitzmann, Michael Steiner, Michael Waidner (eds.): Secure Electronic Marketplace for Europe. LNCS 1854, Springer-Verlag, Berlin 2000 (extended in [1]).
  6. Matthias Schunter: Fair Exchange, Certified Mail, Contract Signing. In: Encyclopedia of Cryptography and Security (Henk van Tilborg ed.), Springer Verlag Berlin, May 2005.

1.5 Patents

  1. Matthias Schunter, Michael Waidner, Birgit Pfitzmann: Method for Tracing Payment Data in an Anonymous Payment System, as well as Payment System in which the Method is Applied; European Patent Specification EP 0 836 730 B1, 02.06.1999.
  2. M. Schunter et. al.: Using an object model to improve handling of personally identifiable information, US Patent Application US20030004734A1, IBM, 01/02/2003.
  3. Using an object model to improve handling of personally identifiable information, US patent application US20030004734A1, IBM, 2003.
  4. Dynamic access decision information module, US patent application US20050004913A1, IBM, 2005.
  5. Implementation and use of a PII data access control facility employing personally identifying information labels and purpose serving functions sets. US patent application US20050044409A1, IBM 2005.
  6. Method for access by server-side components using unsupported communication protocols through passthrough mechanism, US patent application US20050055434A1, IBM 2005.
  7. Conditionalized Access Control Based on Dynamic Content Analysis, US patent application US20050086228A1, IBM 2004.

1.6 Technical Reports

  1. Steve Adler, Paul Ashley, Satoshi Hada, Günter Karjoth, Calvin Powers, Matthias Schunter (ed.): Enterprise Privacy Authorization Language (EPAL); W3C Member Submission by International Business Machines Corporation (IBM), 11/10/2003. See http://www.w3.org/Submission/2003/07/.
  2. N. Asokan, Birgit Baum-Waidner, Matthias Schunter, Michael Waidner: Optimistic Synchronous Multi-Party Contract Signing; IBM Research Report RZ 3089 (#93135) 12/14/1998, IBM Research Division, Zürich, Dec. 1998 (published as [8]).
  3. Paul Ashley, Satoshi Hada, Günter Karjoth, Calvin Powers, Matthias Schunter (ed.): Enterprise Privacy Authorization Language (EPAL); IBM Research Report RZ 3485 (# 93951) 03/03/2003, IBM Zurich Research Laboratory, Zürich, March 2003. (published as [52])
  4. Paul Ashley, Satoshi Hada, Günter Karjoth, Matthias Schunter: Shortcomings of P3P for Privacy Authorization - Lessons learned when Using P3P-based Privacy Manager 1.1; Position Paper. Submitted to the W3C Workshop on the long term Future of P3P and Enterprise Privacy Languages; World Wide Web Consortium, Kiel, 18 - 20 June 2003.
  5. N. Asokan, Matthias Schunter, Michael Waidner: Optimistic Protocols for Multi-Party Fair Exchange; IBM Research Report RZ 2892, IBM Zurich Research Laboratory, Zürich, November 1996 (superseded by [8]).
  6. N. Asokan, Matthias Schunter, Michael Waidner: Optimistic Protocols for Fair Exchange; IBM Research Report RZ 2858, IBM Zurich Research Laboratory, Zürich, February 1996 (published as [13]).
  7. Endre-Felix Bangerter, Jan Camenisch, Matthias Schunter, Els Van Herreweghen, Michael Waidner: Idemix — Pseudonymity for e-Transactions, IBM SecureWorld ’01, Washington, DC, August 27-31, 2001.
  8. Günter Karjoth, Matthias Schunter, Michael Waidner: Privacy-enabled Services for Enterprises; IBM Research Report RZ 3391 (#93437), 01/21/02, IBM Research Division, Zürich, January 2002 (published as [21]).
  9. Günter Karjoth, Matthias Schunter, Michael Waidner: Privacy-enabled Management of Customer Data; IEEE Computer Society Bulletin of the Technical Committee on Data Engineering, March 2003, http://sites.computer.org/debull [revision of 20]
  10. Andreas Pfitzmann, Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Mobile User Devices and Security Modules: Design for Trustworthiness; IBM Research Report RZ 2784 (#89262) 02/05/96, IBM Research Division, Zürich, Feb. 1996 (published as [5]).
  11. Birgit Pfitzmann, Matthias Schunter, and Michael Waidner. Reactively simulatable certified mail. Record 2006/041, Cryptology ePrint Archive, February 2006.
  12. Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Secure Reactive Systems; IBM Research Report RZ 3206 (#93252) 02/14/00, IBM Research Division, Zürich, Feb. 2000.
  13. Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Optimal Efficiency of Optimistic Contract Signing; IBM Research Report RZ 2994 (#93040) 20/04/98, IBM Research Division, Zürich, April 1998 (published as [28]).
  14. Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Provably Secure Certified Mail; IBM Research Report RZ 3207 (#93253) 02/00, IBM Research Division, Zürich, Feb. 2000.
  15. Birgit Pfitzmann, Matthias Schunter: Die SEMPER Sicherheitsarchitektur für elektronischen Handel im Internet; Magazin Forschung 1/1999, Universität des Saarlandes 1999, 22-26.
  16. Jonathan Poritz, Matthias Schunter, Els Van Herreweghen, and Michael Waidner: Property Attestation — Scalable and Privacy-friendly Security Assessment of Peer Computers, IBM Research Report RZ 3548 (# 99559) 05/10/2004.
  17. Matthias Schunter and Els Van Herreweghen: Enterprise Privacy Practices vs. Privacy Promises — How to Promise What You Can Keep, RZ 3452 (# 93771) 09/09/2002, IBM Research Division, Zürich, 2002.
  18. Birgit Baum-Waidner, Armin Müller, Torben Pedersen, Matthias Schunter: Architecture of the Payment Gateway; Deliverable D14 of ACTS Project AC026, Project Public Report, November 22, 1996.
  19. Max Schmidt, Matthias Schunter, Arnd Weber: Is Electronic Cash Possible?; Technischer Bericht Nr. A/03/98, Fachbereich Informatik, Universität des Saarlandes, Saarbrücken 1998 (published as [32,42]).
  20. Matthias Schunter, Arnd Weber: Sicherheit und Datenschutz für Bankkunden; FiFF Kommunikation /1 (1996) 27-28.
  21. Matthias Schunter: Book Review “Ed Dawson, Jovan Golic: Cryptography: Policy and Algorithms, International Conference, LNCS 1029, Springer-Verlag, Berlin 1996.”; Datenschutz und Datensicherheit DuD 21/5 (1997) 309.
  22. Matthias Schunter: Conditional Access for Europe (CAFE); Data Security Letter 66 (1995) 15.