Dieses Bild zeigt  Guido Schmitz

Herr Dr.

Guido Schmitz


Kontakt

+49 711 685-88425

Universitaetsstraße 38
70569 Stuttgart
Deutschland
Raum: 2.434

Sprechstunde

Please contact me via email to arrange an appointment.

If you are interested in writing a thesis at the SEC or are looking for a lab project, please first follow this link before contacting me.

  1. 2019

    1. Guido Schmitz, “Privacy-Preserving Web Single Sign-On: Formal Security Analysis and Design,” University of Stuttgart, Ph.D. Thesis, 2019.
  2. 2017

    1. Daniel Fett, Ralf Küsters, and Guido Schmitz, “The Web SSO Standard OpenID Connect: In-Depth Formal Security Analysis and Security Guidelines,” in IEEE 30th Computer Security Foundations Symposium (CSF 2017), 2017, pp. 189--202.
    2. Daniel Fett, Ralf Küsters, and Guido Schmitz, “The Web SSO Standard OpenID Connect: In-Depth Formal Security Analysis and Security Guidelines,” arXiv, Technical Report arXiv:1704.08539, 2017. Available at http://arxiv.org/abs/1704.08539.
  3. 2016

    1. Daniel Fett and Guido Schmitz, “Pi and More - Eine Veranstaltungsreihe rund um ‘kleine Computer,’” in Informatik 2016, 46. Jahrestagung der Gesellschaft für Informatik, 26.-30. September 2016, Klagenfurt, Österreich, 2016, vol. P-259, pp. 1195--1196.
    2. Daniel Fett, Ralf Küsters, and Guido Schmitz, “A Comprehensive Formal Security Analysis of OAuth 2.0,” in Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security (CCS 2016), 2016, pp. 1204--1215.
    3. Daniel Fett, Ralf Küsters, and Guido Schmitz, “A Comprehensive Formal Security Analysis of OAuth 2.0,” arXiv, Technical Report arXiv:1601.01229, 2016. Available at http://arxiv.org/abs/1601.01229.
  4. 2015

    1. Daniel Fett, Ralf Küsters, and Guido Schmitz, “SPRESSO: A Secure, Privacy-Respecting Single Sign-On System for the Web,” arXiv, Technical Report arXiv:1508.01719, 2015. Available at http://arxiv.org/abs/1508.01719.
    2. Daniel Fett, Ralf Küsters, and Guido Schmitz, “SPRESSO: A Secure, Privacy-Respecting Single Sign-On System for the Web,” in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS 2015), 2015, pp. 1358--1369.
    3. Daniel Fett, Ralf Küsters, and Guido Schmitz, “Analyzing the BrowserID SSO System with Primary Identity Providers Using an Expressive Model of the Web,” in Computer Security - ESORICS 2015 - 20th European Symposium on Research in Computer Security, Vienna, Austria, September 21-25, 2015, Proceedings, Part I, 2015, pp. 43--65.
    4. Daniel Fett, Ralf Küsters, and Guido Schmitz, “Analyzing the BrowserID SSO System with Primary Identity Providers Using an Expressive Model of the Web,” arXiv, Technical Report arXiv:1411.7210v2, 2015. Available at http://arxiv.org/abs/1411.7210v2.
  5. 2014

    1. Daniel Fett, Ralf Küsters, and Guido Schmitz, “An Expressive Model for the Web Infrastructure: Definition and Application to the BrowserID SSO System,” arXiv, Technical Report arXiv:1403.1866, 2014. Available at http://arxiv.org/abs/1403.1866.
    2. Daniel Fett, Ralf Küsters, and Guido Schmitz, “An Expressive Model for the Web Infrastructure: Definition and Application to the BrowserID SSO System,” in 35th IEEE Symposium on Security and Privacy (S&P 2014), 2014, pp. 673–688.

Winter Terms

Summer Terms

Others (not on a fixed semester schedule)

  • OAuth Security Workshop is an annual conference that aims at fostering the exchange between academic researchers, standardization bodies (e.g., IETF and OpenID Foundation), and industry.
  • Pi and More is a bi-annually conference focussing on Raspberry Pi and other embedded systems. The events target beginners and experts alike and brings students, makers, and professinals together. Pi and More is one of the largest conferences in this field.
  • SecCampCologne is an annually "unconference" that brings together IT security experts from academia and industry.
  • 2020 (final round postponed) Finalist, CAST/GI IT security Ph.D. award
  • 2016 Finalist, German IT security award of the Horst Görtz Stiftung
  • 2016 2nd place, publication award of the Graduate Center of the University of Trier
  • 2013 Mozilla Bug Bounty for Security Report “Identity Forgery in BrowserID-Sideshow (federation gateway)”
  • 2013 Mozilla Bug Bounty for Security Report “Identity Forgery in BrowserID-BigTent (federation gateway)”
  • 2013 Mozilla Bug Bounty for Security Report “Attacker is able to inject own assertion in login process”
  • 2012 Best diploma in Computer Science (graduate year 2011/2012)

Umfangreichere Informationen finden Sie auf unserer englischsprachigen Seite.

Zum Seitenanfang