Nils Gruschka

Førsteamanuensis - DIS Digital infrastruktur og sikkerhet

English version of this page

E-post nilsgrus@ifi.uio.no

Telefon +47 22840858

Rom 9167

Brukernavn

Besøksadresse Gaustadalléen 23B Ole-Johan Dahls hus 0373 OSLO

Postadresse Postboks 1080 0316 Oslo

Last ned visittkort

Mer informasjon på engelsk hjemmeside.

More information on the English home page.

Emneord: Sikkerhet, Personvern

Baramashetru, Chinmayi; Tapia Tarifa, Silvia Lizeth; Owe, Olaf & Gruschka, Nils (2022). A Policy Language to Capture Compliance of Data Protection Requirements. Lecture Notes in Computer Science (LNCS). ISSN 0302-9743. 13274, s. 289–309. doi: 10.1007/978-3-031-07727-2%5C_16.
Büttner, Andre & Gruschka, Nils (2021). Enhancing FIDO Transaction Confirmation with Structured Data Formats. NIKT: Norsk IKT-konferanse for forskning og utdanning. ISSN 1892-0713. Vis sammendrag
FIDO Transaction Confirmation is an extension for the FIDO authentication protocols to enable the verification and signing of digital transactions, e.g., for online banking. The standard currently considers only to include a transaction message text in the assertion which is signed by the user’s authenticator. However, this is not useful for more complex transactions and leaves room for ambiguities that might lead to security vulnerabilities. Therefore, we propose to include the transaction information to the FIDO protocols in a structured data format with a strictly defined schema to validate and sign transactions more reliably and securely.
Windrich, Melanie; Speck, Andreas & Gruschka, Nils (2021). Representing Data Protection Aspects in Process Models by Coloring. I Gruschka, Nils; Rannenberg, Kai; Antunes, Luis & Drogkaris, Prokopios (Red.), Privacy Technologies and Policy: 9th Annual Privacy Forum, APF 2021. Springer Nature. ISSN 978-3-030-76662-7. s. 143–155. doi: 10.1007/978-3-030-76663-4_8.
Bisztray, Tamas; Gruschka, Nils; Bourlai, Thirimachos & Fritsch, Lothar (2021). Emerging Biometric Modalities and their Use: Loopholes in the Terminology of the GDPR and Resulting Privacy Risks. I Brömme, Arslan; Busch, Christoph; Damer, Naser; Dantcheva, Antitza; Gomez-Barrero, Marta; Raja, Kiran; Rathgeb, Christian; Sequeira, Ana F. & Uhl, Andreas (Red.), Proceedings of the 20th International Conference of the Biometrics Special Interest Group (BIOSIG2021). Gesellschaft für Informatik. ISSN 978-1-6654-2693-0. s. 81–90.
Fritsch, Lothar & Gruschka, Nils (2021). Extraction and Accumulation of Identity Attributes from the Internet of Things. I Roßnagel, Heiko; Schunk, Christian & Mödersheim, Sebastian (Red.), Open Identity Summit 2021 Proceedings. Gesellschaft für Informatik. ISSN 978-3-88579-706-7. Fulltekst i vitenarkiv
Büttner, Andre; Nguyen, Hoai Viet; Gruschka, Nils & Lo Iacono, Luigi (2021). Less is Often More: Header Whitelisting as Semantic Gap Mitigation in HTTP-Based Software Systems. I Jøsang, Audun; Futcher, Lynn & Hagen, Janne Merete (Red.), ICT Systems Security and Privacy Protection. Springer Nature. ISSN 978-3-030-78120-0. s. 332–347. doi: 10.1007/978-3-030-78120-0_22.
Bisztray, Tamas; Gruschka, Nils; Mavroeidis, Vasileios & Fritsch, Lothar (2020). Data Protection Impact Assessment in Identity Control Management with a Focus on Biometrics. I Roßnagel, Heiko; Schunck, Christian H.; Mödersheim, Sebastian & Hühnlein, Detlef (Red.), Open Identity Summit 2020. Gesellschaft für Informatik. ISSN 978-3-88579-699-2. s. 185–192. doi: 10.18420/ois2020_17.
Bisztray, Tamas & Gruschka, Nils (2019). Privacy impact assessment: Comparing methodologies with a focus on practicality. Lecture Notes in Computer Science (LNCS). ISSN 0302-9743. 11875 LNCS, s. 3–19. doi: 10.1007/978-3-030-35055-0_1.
Wiefling, Stephan; Gruschka, Nils & Lo Iacono, Luigi (2019). Even Turing Should Sometimes Not Be Able to Tell: Mimicking Humanoid Usage Behavior for Exploratory Studies of Online Service. I Askarov, Aslan; Hansen, René Rydhof & Rafnsson, Willard (Red.), Secure IT Systems - 24th Nordic Conference, NordSec 2019. Springer Nature. ISSN 978-3-030-35054-3. s. 188–203. doi: https%3A/doi.org/10.1007/978-3-030-35055-0_12.
Gruschka, Nils & Bisztray, Tamas (2019). Privacy Impact Assessment: Comparing Methodologies with a Focus on Practicality. I Askarov, Aslan; Hansen, René Rydhof & Rafnsson, Willard (Red.), Secure IT Systems - 24th Nordic Conference, NordSec 2019. Springer Nature. ISSN 978-3-030-35054-3. s. 3–19. doi: https%3A/doi.org/10.1007/978-3-030-35055-0_1.
Gruschka, Nils; Mavroeidis, Vasileios; Vishi, Kamer & Jensen, Meiko (2018). Privacy Issues and Data Protection in Big Data: A Case Study Analysis under GDPR. I Abe, Naoki; Liu, Huan; Hu, Xiaohua; Ahmed, Nesreen; Qiao, Mu; Song, Yang; Kossmann, Donald; Liu, Bing; Lee, Kisung; Tang, Jiliang; He, Jingrui & Saltz, Jeffrey (Red.), 2018 IEEE International Conference on Big Data (Big Data), Seattle, 10-13 Dec. 2018. IEEE (Institute of Electrical and Electronics Engineers). ISSN 978-1-5386-5035-6. s. 5027–5033. doi: 10.1109/BigData.2018.8622621.
Gruschka, Nils; Iacono, Luigi Lo & Tolsdorf, Jan (2018). Classification of android app permissions: Tell me what app you are and i tell you what you are allowed to do. Proceedings of the ... European conference on information warfare and security. ISSN 2048-8602. 2018-June, s. 181–189.

Se alle arbeider i Cristin

Gruschka, Nils; Rannenberg, Kai; Antunes, Luis & Drogkaris, Prokopios (2021). Privacy Technologies and Policy: 9th Annual Privacy Forum, APF 2021. Springer Nature. ISBN 978-3-030-76662-7. 169 s.
Gruschka, Nils (2018). Secure IT Systems - 23rd Nordic Conference, NordSec 2018, Oslo, Norway, November 28-30, 2018, Proceedings. Springer Nature. ISBN 978-3-030-03637-9. 486 s.

Se alle arbeider i Cristin

Gruschka, Nils; Antunes, Luís Filipe Coelho; Rannenberg, Kai & Drogkaris, Prokopios (2021). Preface. Lecture Notes in Computer Science (LNCS). ISSN 0302-9743. 12703.
Bisztray, Tamas; Gruschka, Nils; Bourlai, Thirimachos & Fritsch, Lothar (2021). Emerging Biometric Modalities and their Use: Loopholes in the Terminology of the GDPR and Resulting Privacy Risks. Vis sammendrag
Technological advancements allow biometric applications to be more omnipresent than in any other time before. This paper argues that in the current EU data protection regulation, classification applications using biometric data receive less protection compared to biometric recognition. We analyse preconditions in the regulatory language and explore how this has the potential to be the source of unique privacy risks for processing operations classifying individuals based on soft traits like emotions. This can have high impact on personal freedoms and human rights and, therefore, should be subject to data protection impact assessment.

Se alle arbeider i Cristin

Publisert 12. feb. 2018 18:38 - Sist endret 16. sep. 2019 13:22

Forskergrupper

Digital sikkerhet (SEC)