• de

Michael Menzel

Ph.D. Student


Phone:  +49 (0) 331 5509-516

Email:   michael.menzel (at) hpi.uni-potsdam.de

Room:   B-1.7

Research Group  Internet-Technologies and Systems of Prof. Dr. Christoph Meinel


  • Model-driven Security for Service-oriented Architectures

    • Security Design Languages for SOA
    • SOA Security Meta-Model
    • Model-driven Generation of web service policies

  • Service Composition under Security Constraints
  • Policy Management and Policy Enforcement in SOA
  • Digital Identity Management in SOA

Working Groups

I am active in the following working groups in the field SOA Security and Digital Identity Management:


  • The HPI/Our chair is co-founder of a german chapter of the global Information Card Initiative. See Information Card Foundation DACH Initiative
  • In the TeleTrust SOA Security working group, we are working on a catalogue for authentication and identity management patterns to support the usage and development of standardized frameworks for service-oriented architectures.


  • SOA Security LAB - The SOA-Security LAB is a web-based platform to model, monitor and analyse SOA Security mechanisms for web service-based applications.

Further Activities


  • Michael Menzel, Ivonne Thomas, Christoph Meinel: "SOA, aber sicher", In: "<kes> Die Zeitschrift für Informations-Sicherheit", 1/2009, S.38, ISSN 1611-440X. Download. (Mit freundlicher Genehmigung von www.kes.info,  Lektorat: Vera Cornel)
  • Ivonne Thomas, Michael Menzel, Christoph Meinel: "Ein Weg aus dem Passwortdilemma? Von domänen-basierten zu offenen Identitätsmanagementmodellen", FAZ Sonderteil vom 24.09.09.



  • Michael Menzel, Robert Warschofsky, Ivonne Thomas, Christian Willems, Christoph Meinel: The Service Security Lab: A Model-Driven Platform to Compose and Explore Service Security in the Cloud. Proceedings of the 2010 IEEE World Congress on Services (Services 2010), pp.115-122, (Miami, USA, Juli 2010).
  • Michael Menzel, Robert Warschofsky, Christoph Meinel: A Pattern-Driven Generation of Security Policies for Service-Oriented Architectures. Proceedings of the 2010 IEEE International Conference on Web Services (ICWS 2010), pp.243-250, (Miami, USA, Juli 2010).
  • Michael Menzel, Christoph Meinel: SecureSOA - Modelling Security Requirements for Service-oriented Architectures. Proceedings of the 2010 IEEE International Conference on Services Computing (SCC 2010), pp.146-153, Miami, USA, Juli 2010.


  • Michael Menzel, Christoph Meinel: A Security Meta-Model for Service-Oriented Architectures. Proceedings of the IEEE Conference on Service Computing (SCC 2009), Bangalore, India, September 2009.
  • Michael Menzel, Ivonne Thomas, and Christoph Meinel 
    Security Requirements Specification in Service-oriented Business Process Management. In Proceedings of the 2009 IEEE International Dependability Conference (ARES-09) (Fukuoka, Japan, March 16 - 19, 2009).
  • Christian Wolter, Michael Menzel, Andreas Schaad, Philip Miseldine, and Christoph Meinel. Model-driven business process security requirement speci cation. Journal of Systems Architecture Special Issue on Secure Web Services, 2009.
  • Martin Wolf, Ivonne Thomas, Michael Menzel, and Christoph Meinel: A Message Meta Model for Federated Authentication in Service-oriented Infrastructures In Proceedings of the 2009 IEEE International Conference on Service-Oriented Computing and Applications (Los Alamitos, CA, USA, 2009).
  • Uwe KylauIvonne Thomas, Michael Menzel, and Christoph Meinel 
    Trust Requirements in Identity Federation Topologies
    In Proceedings of the 2009 IEEE International Conference on Advanced Information Networking and Applications (AINA-09)(Bradford, UK, May 26 - 29, 2009).


  • Ivonne Thomas, Michael Menzel, and Christoph Meinel 
    Using Quantified Trust Levels to describe Authentication Requirements in Federated Identity Management 
    In Proceedings of the 2008 ACM Workshop on Secure Web Services (Alexandria, Virginia, USA, October 31 - 31, 2008). SWS '08. pp. 71 - 80,  ISBN:978-1-60558-292-4
  • Ivonne Thomas, Michael Menzel, Christoph Meinel
    Quantified Trust Levels for Authentication,
    Proc. ISSE 2008, Vieweg-Verlag, 2008.
  • Michael Menzel, Christian Wolter, Christoph Meinel
    Towards the Aggregation of Security Requirements in Cross-Organisational Service Compositions
    Proc. 11th BIS, Springer LNCS, Innsbruck, Austria, May 2008, ISBN: 978-3-540-79396-3
  • Christian Wolter, Michael Menzel, Christoph Meinel
    Modelling Security Goals in Business Processes
    Proc. GI Modellierung 2008, GI LNI, Berlin, Germany, March 2008, ISBN 978-3-88579-221-5


  • Michael Menzel, Christian Wolter, Christoph Meinel
    Access Control for Cross-Organisational Web Service Composition,
    Journal of Information Assurance and Security 2 (2007),
    Dynamic Publisher, Atlanta, GA 30362, USA, ISSN 1554-1010
  • Michael Menzel, Ivonne Thomas, Christian Wolter, and Christoph Meinel
    SOA Security - Secure Cross-Organizational Service Composition
    Proc. Stuttgarter Softwaretechnik Forum (SSF), Fraunhofer IRB-Verlag, Stuttgart, Germany, November 2007. pp. 41 - 53,  ISBN 978-3-8167-7493-8
  • Michael Menzel, Christian Wolter, Christoph Meinel
    Access Control for Cross-Organisational Web Service Composition
    Proc. 2nd Workshop SIS, Wisla, Poland, October 2007. pp. 701 - 711, ISSN: 1896-7094
  • Michael Menzel, Feng Cheng, Christoph Meinel
    Providing Secure Web Services Using Physical Separation
    Proc. 9th ICICS, Zhengzhou, China, December 2007.
  • Feng Cheng, Michael Menzel, Christoph Meinel
    A Secure Web Services Providing Framework based on Lock-Keeper