1. D. Chadwick, I. You and H. Chang, “Proceedings of the 1st International Workshop on Managing Insider Security Threats (MIST2009)”, Purdue University, West Lafayette, USA, June 16, 2009.
  2. D. W. Chadwick, “Federated identity management”, in Foundations of Security Analysis and Design V, A Aldini, G. Bathe and R Gorrieri, FOSAD 2008/2009, LNCS 5705, 2009, pp. 96-120.


  1. B. Van Alsenoy, D. De Cock, K. Simoens, J. Dumortier and B. Preneel, “Delegation and digital mandates: Legal requirements and security objectives”, Computer Law & Security Review, vol. 25, no. 5, pp. 415-431, Sept. 2009.
  2. D. Chadwick, S. Otenko and T. Nguyen, “Adding support to XACML for multi-domain user to user dynamic delegation of authority”, International Journal of Information Security, vol. 8, pp. 137-152, Apr. 2009.
  3. D. W. Chadwick, G. Inman, “Attribute aggregation in federated identity management”, IEEE Computer, vol. 42, no. 5, pp. 46-53, May 2009.
  4. D. W. Chadwick et al., “Handle With Care”, Public Service Review: Home Affairs, PSCA International, no. 19, pp. 88-89, Spring 2009.
  5. U. M. Mbanaso, G. S. Cooper, D. Chadwick and A. Anderson, “Obligations of trust for privacy and confidentiality in distributed transactions”, Internet Research, vol. 19, no. 2, pp. 153-173, 2009.
  6. T. Kirkham et al., “Aggregating Polices in user centric, real-time and distributed applications”, ICITST, pp. 1-6, Nov. 2009.


  1. D. W. Chadwick, “Functional Components of Grid Service Provider Authorisation Service Middleware”, GFD. 156, October 29 2009.
  2. D. W. Chadwick, L. Su, “Use of WS-TRUST and SAML to access a Credential Validation Service”, GFD. 157, November 13 2009.
  3. G. W. Chadwick, L. Su and R. Laborde, “Use of XACML Request Context to Obtain an Authorisation Decision”, GFD. 159, November 13 2009.
  4. V. Venturi, T. Scavo and D. W. Chadwick, “Use of SAML to retrieve Authorization Credentials”, GFD. 158, November 13 2009.

Published Conference Proceedings

  1. A. Sorniotti, R. Molva, “A Provably Secure Secret Handshake with Dynamic Controlled Matching”, in 24th IFIP TC 11 International Information Security Conference, Pafos, Cyprus, May 18-20 2009, pp. 330.
  2. F. Kerschbaum, A. Sorniotti, “RFID-based supply chain partner authentication and key agreement”, in 2nd ACM conference on Wireless network security, 2009, pp. 41-50.
  3. T. Kirkham, S. Winfield and M. Santos, “Developing user centered management of personal data in a distributed student placement application”, in 5th Int. Summer School organised jointly by the PrimeLife EU project, in cooperation with the IFIP WG 9.2, 9.6/11.7 11.4, 11.6., Privacy and Identity Management for Life, Nice, France, 2009.
  4. P. Ferdinand, A. Kiefel, M. Kutscher and M. Santos, “Accomplishing Privacy and Security requirements in ROLE with TAS³ findings”, in Stellar Alpine Rendez-vous, Garmisch-Partenkirchen, Germany, 2009.
  5. A. Bertolino, G. De Angelis and A. Polini, “On-line validation of service oriented systems in the European Project TAS³”, in International Workshop on Principles of Engineering Service Oriented Systems, Vancouver, Canada, 2009, pp. 107-110.
  6. A. Bertolino, A. Polini, “SOA test governance: Enabling service integration testing across organization and technology borders”, in 1st Int. Workshop on Web Testing, Denver, CO, 2009, pp. 277-286.
  7. C. Bartolini, A. Bertolino, E. Marchetti and A. Polini, “WS-TAXI: a WSDL-based testing tool for Web Services”, in 2nd International Conference on Software Testing Verification and Validation, Denver, CO, 2009, pp. 326-335.
  8. M. Pascale, M. Roselli, U. Rugani, C. Bartolini, A. Bertolino, F. Lonetti, E. Marchetti and A. Polini, “Automated testing of healthcare document transformations in the PICASSO interoperability platform”, in 31st International Conference on Software Engineering, Vancouver, Canada, 2009, pp. 163-171.
  9. A. Bertolino, “Approaches to testing service-oriented software systems”, in ACM 1st international workshop on Quality of service-oriented software systems, Amsterdam, The Netherlands, 2009, pp. 1-2.
  10. C. Bartolini, A. Bertolino, S. Elbaum and E. Marchetti, “Whitening SOA testing”, in 7th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering, Amsterdam, The Netherlands, 2009, pp. 161-170.
  11. G. Zhao, D. W. Chadwick, “On the modeling of Bell-LaPadula security policies Using RBAC”, in Proceedings of the 17th IEEE Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, Rome, Italy, June 2009, pp. 257-262.
  12. D. W. Chadwick, “FileSpace: an alternative to CardSpace that supports multiple token authorisation and portability between devices”, in Proceedings of the 8th Symposium on Identity and Trust on the Internet, Gaithersberg, MD, 2009, pp. 94-102.
  13. A. S. Wazan, R. Laborde, D. W. Chadwick, F. Barrere and A. M. Benzekri, “Which Web Browsers Process SSL Certificates in a Standardized Way?”, in 24th IFIP International Information Security Conference, Pafos, Cyprus, May 18-20 2009, pp. 432-442.
  14. D. W. Chadwick, K. Fatema, “An advanced policy based authorisation infrastructure”, in Proceedings of the 5th ACM workshop on Digital identity management, Chicago, IL, 2009, pp. 81-84.
  15. A. Ferreira, D. W. Chadwick, P. Farinha, R. Correia, G. Zao, R. Chilro and L. Antunes, “How to securely break into RBAC: the BTG-RBAC model”, in Annual Computer Security Applications Conference, Honolulu, HI, 2009, pp. 23-31.
  16. T. Burghardt, K. Böhm, E. Buchmann, J. Kühling and A. Sivridis, “A Study on the Lack of Enforcement of Data Protection Acts”, in Proceedings of the 3rd International Conference on e-Democracy, Athens, Greece, September 23-25 2009, pp. 3.
  17. C. Weth, K. Böhm, T. Burghardt, C. Hütter and J. Z. Yue, “Indirect Reciprocity in Policy-Based Helping Experiments”, in Proceedings of the 7th IEEE European Conference on Web Services, 2009, pp. 171-180.
  18. A. Spiessens, J. den Hartog and S. . Etalle, “Know what you trust: Analyzing and designing trust policies with Scoll”, in Proc. 5th International Workshop Formal Aspects in Security and Trust (FAST 2008), Lecture Notes in Comnputer Science}
    , 2009, pp. 129-142.
  19. D. Trivellato, F. Spiessens, N. Zannone and S. . Etalle, “POLIPO: Policies & OntoLogies for Interoperability, Portability, and autOnomy”, in IEEE International Symposium on Policies for Distributed Systems and Networks, London, Jul. 2009, pp. 110-113.
  20. D. Trivellato, F. Spiessens, N. Zannone and S. . Etalle, “Reputation-Based Ontology Alignment for Autonomy and Interoperability in Distributed Access Control”, in IEEE International Conference on Computational Science and Engineering, Vancouver, BC, Aug. 2009, pp. 252-258.

Papers Presented at Conferences

  1. T. Kirkham, S. Winfield, “Developing user centered management of personal data in a distributed student placement application”, presented at the PrimeLife Summer School, Nice, France, 2009.

Theses and Dissertations

  1. T. Haberecht, “Structural adaptation of BPMN/BPEL-Workflows and integration with the Intalio BPMS”, diploma thesis, IPD, KIT, Karlsruhe, Germany, 2009.