{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,9]],"date-time":"2026-07-09T06:39:36Z","timestamp":1783579176118,"version":"3.55.0"},"publisher-location":"Cham","reference-count":49,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031301216","type":"print"},{"value":"9783031301223","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-30122-3_7","type":"book-chapter","created":{"date-parts":[[2023,3,31]],"date-time":"2023-03-31T07:03:57Z","timestamp":1680246237000},"page":"104-119","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Towards a\u00a0Maturity Model for\u00a0Crypto-Agility Assessment"],"prefix":"10.1007","author":[{"given":"Julian","family":"Hohm","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Andreas","family":"Heinemann","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Alexander","family":"Wiesmaier","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2023,4,1]]},"reference":[{"key":"7_CR1","unstructured":"Aceituno, V.: Open information security management maturity model. Open group standard, The Open Group (2017). https:\/\/www.ism3.com\/node\/39"},{"key":"7_CR2","unstructured":"Alnahawi, N., Schmitt, N., Wiesmaier, A., Heinemann, A., Gra\u00dfmeyer, T.: On the state of crypto agility. In: 18. Dt. IT-Sicherheitskongress. SecuMedia (2022)"},{"key":"7_CR3","unstructured":"Alnahawi, N., et al.: On the state of post-quantum cryptography migration. In: INFORMATIK 2021\u2014PQKP-Workshop. LNI, vol. 308 (2021)"},{"issue":"3","key":"7_CR4","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1007\/s12599-009-0044-5","volume":"1","author":"J Becker","year":"2009","unstructured":"Becker, J., Knackstedt, R., P\u00f6ppelbu\u00df, J.: Developing maturity models for IT management. Bus. Inf. Syst. Eng. 1(3), 213\u2013222 (2009). https:\/\/doi.org\/10.1007\/s12599-009-0044-5","journal-title":"Bus. Inf. Syst. Eng."},{"key":"7_CR5","unstructured":"Becker, J., Niehaves, B., P\u00f6ppelbu\u00df, J., Simons, A.: Maturity models in is research. In: ECIS 2010 Proceedings. AISeL (2010)"},{"key":"7_CR6","unstructured":"Brocke, J.v., Simons, A., Niehaves, B., Reimer, K., Plattfaut, R., Cleven, A.: Reconstructing the giant: on the importance of Rigour in documenting the literature search process. In: European Conference on Information Systems (2009)"},{"key":"7_CR7","unstructured":"Bruin, T.D., Rosemann, M., Freeze, R., Kaulkarni, U.: Understanding the main phases of developing a maturity assessment model. In: Australasian Conference on Information Systems (ACIS), pp. 8\u201319. Australasian Chapter of the Association for Information Systems (2005)"},{"key":"7_CR8","unstructured":"CMMI Product Team: Cmmi\u00ae for development, version 1.3. Technical report, Software Engineering Institute, Hanscom AFB (2010)"},{"key":"7_CR9","unstructured":"Computer Security Division, ITL: NIST. PQC Standardization Project (2017). https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography"},{"key":"7_CR10","unstructured":"Computing Community Consortium (CCC): Identifying Research Challenges in Post Quantum Cryptography Migration and Cryptographic Agility (2019)"},{"key":"7_CR11","unstructured":"DigiCert: Post-quantum cryptography (PQC) maturity model. Technical report, DigiCert, Inc. (2020). https:\/\/www.digicert.com\/content\/dam\/digicert\/pdfs\/post-quantum-cryptography-maturity-model-whitepaper-en.pdf"},{"key":"7_CR12","unstructured":"DOE: Cybersecurity capability maturity model (C2M2) (2021). https:\/\/www.energy.gov\/sites\/default\/files\/2021-07\/C2M2%20Version%202.0%20July%202021_508.pdf, version 2.0"},{"key":"7_CR13","doi-asserted-by":"crossref","unstructured":"Donenfeld, J.A.: WireGuard: next generation kernel network tunnel. In: NDSS Symposium (2017)","DOI":"10.14722\/ndss.2017.23160"},{"key":"7_CR14","doi-asserted-by":"crossref","unstructured":"Dukhovni, V.: Opportunistic Security: Some Protection Most of the Time. RFC 7435 (2014). https:\/\/rfc-editor.org\/rfc\/rfc7435.txt","DOI":"10.17487\/rfc7435"},{"key":"7_CR15","doi-asserted-by":"crossref","unstructured":"Grote, O., Ahrens, A., Benavente-Peces, C.: A review of post-quantum cryptography and crypto-agility strategies. In: 2019 International Interdisciplinary PhD Workshop, pp. 115\u2013120. IEEE (2019)","DOI":"10.1109\/IIPHDW.2019.8755433"},{"key":"7_CR16","unstructured":"Hohm, J.: Reifegradmodell f\u00fcr die Krypto-Agilit\u00e4t. Master\u2019s thesis, Hochschule Darmstadt, Darmstadt, Germany (2021)"},{"key":"7_CR17","doi-asserted-by":"crossref","unstructured":"Housley, R.: Guidelines for Cryptographic Algorithm Agility and Selecting Mandatory-to-Implement Algorithms. RFC 7696 (2015)","DOI":"10.17487\/RFC7696"},{"key":"7_CR18","unstructured":"ISO\/IEC: Information technology - Security techniques - Systems Security Engineering - Capability Maturity Model\u00ae (SSE-CMM\u00ae). Standard ISO\/IEC 21827:2008, International Organization for Standardization, Geneva, CH (2008)"},{"key":"7_CR19","unstructured":"ISO\/IEC: Systems and software engineering - systems and software quality requirements and evaluation (square) - system and software quality models. Standard ISO\/IEC 25010:2011(E), International Organization for Standardization (2011)"},{"key":"7_CR20","doi-asserted-by":"crossref","unstructured":"Johnson, A.F., Millett, L.I. (eds.): Cryptographic agility and interoperability. Proceedings of a Workshop. The National Academies Press, Washington, DC (2017). https:\/\/doi.org\/10.17226\/24636","DOI":"10.17226\/24636"},{"key":"7_CR21","volume-title":"Test Process Improvement: A Practical Step-by-Step Guide to Structured Testing","author":"T Koomen","year":"1999","unstructured":"Koomen, T., Pol, M.: Test Process Improvement: A Practical Step-by-Step Guide to Structured Testing. Addison-Wesley Longman Publishing Co. Inc, USA (1999)"},{"key":"7_CR22","unstructured":"Kreutzer, M., Niederhagen, R., Waidner, M. (eds.): Eberbacher Gespr\u00e4ch on Next Generation Crypto. Fraunhofer SIT (2018)"},{"key":"7_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"176","DOI":"10.1007\/978-3-642-20633-7_13","volume-title":"Service-Oriented Perspectives in Design Science Research","author":"G Lahrmann","year":"2011","unstructured":"Lahrmann, G., Marx, F., Mettler, T., Winter, R., Wortmann, F.: Inductive design of maturity models: applying the Rasch algorithm for design science research. In: Jain, H., Sinha, A.P., Vitharana, P. (eds.) DESRIST 2011. LNCS, vol. 6629, pp. 176\u2013191. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-20633-7_13"},{"key":"7_CR24","unstructured":"Lasrado, L.A., Vatrapu, R., Andersen, K.N.: Maturity models development in is research: a literature review. In: IRIS Selected Papers of the Information Systems Research Seminar in Scandinavia. vol. 6. IRIS, New York (2015)"},{"key":"7_CR25","doi-asserted-by":"publisher","first-page":"181","DOI":"10.28945\/479","volume":"9","author":"Y Levy","year":"2006","unstructured":"Levy, Y., Ellis, T.J.: A systems approach to conduct an effective literature review in support of information systems research. Informing Sci. J. 9, 181\u2013212 (2006)","journal-title":"Informing Sci. J."},{"key":"7_CR26","doi-asserted-by":"crossref","unstructured":"Ma, C., Colon, L., Dera, J., Rashidi, B., Garg, V.: CARAF: crypto agility risk assessment framework. J. Cybersecurity 7(1), tyab013 (2021)","DOI":"10.1093\/cybsec\/tyab013"},{"key":"7_CR27","unstructured":"Macaulay, T., Henderson, R.: Cryptographic agility in practice: emerging use-cases. Infosec Global"},{"key":"7_CR28","unstructured":"Mehrez, H.A., El Omri, O.: The crypto-agility properties. In: Callaos, N.C. (ed.) The 12th International Conference on Society, Cybernetics and Informatics, pp. 99\u2013103. IIIS (2018). https:\/\/www.iiis.org\/cds2018\/cd2018summer\/papers\/ha536vg.pdf"},{"key":"7_CR29","doi-asserted-by":"publisher","unstructured":"Mettler, T., Rohner, P., Winter, R.: Towards a classification of maturity models in information systems. In: D\u2019Atri, A., De Marco, M., Braccini, A.M., Cabiddu, F. (eds.) Management of the Interconnected World. pp. 333\u2013340. Physica-Verlag HD (2010). https:\/\/doi.org\/10.1007\/978-3-7908-2404-9_39","DOI":"10.1007\/978-3-7908-2404-9_39"},{"key":"7_CR30","doi-asserted-by":"crossref","unstructured":"Nelson, D.B.: Crypto-Agility Requirements for Remote Authentication Dial-In User Service (RADIUS). RFC 6421 (2011)","DOI":"10.17487\/rfc6421"},{"key":"7_CR31","unstructured":"Niederhagen, R., Waidner, M.: Practical post-quantum cryptography. white paper. Technical report, Fraunhofer SIT, Darmstadt (2017)"},{"key":"7_CR32","unstructured":"NSA: Commercial National Security Algorithms Suite 2.0 (2022)"},{"key":"7_CR33","unstructured":"OUSD(A &S): Cybersecurity maturity model certification (2020). https:\/\/www.acq.osd.mil\/cmmc\/docs\/CMMC_ModelMain_V1.02_20200318.pdf"},{"key":"7_CR34","doi-asserted-by":"crossref","unstructured":"Paulk, M.C., Curtis, B., Chrissis, M.B., Weber, C.V.: Capability maturity model, version 1.1. IEEE Softw. 10(4), 18\u201327 (1993)","DOI":"10.1109\/52.219617"},{"key":"7_CR35","volume-title":"Requirements Engineering Fundamentals: A Study Guide for the Certified Professional for Requirements Engineering Exam-foundation Level-IREB Compliant","author":"K Pohl","year":"2016","unstructured":"Pohl, K.: Requirements Engineering Fundamentals: A Study Guide for the Certified Professional for Requirements Engineering Exam-foundation Level-IREB Compliant. Rocky Nook Inc., San Rafael (2016)"},{"issue":"1","key":"7_CR36","first-page":"011038","volume":"11","author":"S Richter","year":"2021","unstructured":"Richter, S., et al.: Agile and versatile quantum communication: signatures and secrets. Phys. Rev. X 11(1), 011038 (2021)","journal-title":"Phys. Rev. X"},{"key":"7_CR37","volume-title":"Mastering the Requirements Process: Getting Requirements Right","author":"S Robertson","year":"2013","unstructured":"Robertson, S., Robertson, J.: Mastering the Requirements Process: Getting Requirements Right. Addison-Wesley\/Pearson, Upper Saddle River (2013)"},{"key":"7_CR38","unstructured":"Ross-Gower, S.: What is cryptography lifecycle management and why do i need it? Cryptosense (2021). https:\/\/cryptosense.com\/blog\/what-is-cryptography-lifecycle-management-and-why-do-i-need-it"},{"key":"7_CR39","unstructured":"Salem, M.B., McCarty, B.: The race to crypto-agility. Technical report. Accenture (2021)"},{"key":"7_CR40","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1080\/10919392.2010.494535","volume":"20","author":"H Solli-S\u00e6ther","year":"2010","unstructured":"Solli-S\u00e6ther, H., Gottschalk, P.: The modeling process for stage models. J. Org. Comput. Electron. Commer. 20, 279\u2013293 (2010)","journal-title":"J. Org. Comput. Electron. Commer."},{"key":"7_CR41","unstructured":"Steel, G.: Achieving \u2018crypto agility\u2019. Cryptosense (2019). https:\/\/cryptosense.com\/blog\/achieving-crypto-agility"},{"key":"7_CR42","series-title":"Lecture Notes in Business Information Processing","doi-asserted-by":"publisher","first-page":"240","DOI":"10.1007\/978-3-540-88710-2_19","volume-title":"Enterprise Information Systems","author":"M van Steenbergen","year":"2008","unstructured":"van Steenbergen, M., van den Berg, M., Brinkkemper, S.: A balanced approach to developing the enterprise architecture practice. In: Filipe, J., Cordeiro, J., Cardoso, J. (eds.) ICEIS 2007. LNBIP, vol. 12, pp. 240\u2013253. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-88710-2_19"},{"key":"7_CR43","unstructured":"Sullivan, B.: Cryptographic agility. MSDN Mag. 24(8) (2009). https:\/\/docs.microsoft.com\/en-us\/archive\/msdn-magazine\/2009\/august\/cryptographic-agility"},{"key":"7_CR44","unstructured":"Sullivan, B.: Cryptographic Agility: Defending Against the Sneakers Scenario (2010). https:\/\/infocondb.org\/con\/black-hat\/black-hat-usa-2010\/cryptographic-agility-defending-against-the-sneakers-scenario. Talk at BLACK HAT 2010, USA"},{"key":"7_CR45","unstructured":"Utimaco: Post-quantum cryptography: Secure encryption for the quantum age (2018). White Paper"},{"key":"7_CR46","volume-title":"Building an Enterprise Architecture Practice: Tools, Tips, Best Practices, Ready-to-Use Insights","author":"M Van Den Berg","year":"2007","unstructured":"Van Den Berg, M., Van Steenbergen, M.: Building an Enterprise Architecture Practice: Tools, Tips, Best Practices, Ready-to-Use Insights. Springer, Berlin (2007)"},{"key":"7_CR47","volume-title":"Requirements Engineering: From System Goals to UML Models to Software Specifications","author":"A van Lamsweerde","year":"2009","unstructured":"van Lamsweerde, A.: Requirements Engineering: From System Goals to UML Models to Software Specifications. Wiley, Chichester (2009)"},{"key":"7_CR48","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"317","DOI":"10.1007\/978-3-642-13335-0_22","volume-title":"Global Perspectives on Design Science Research","author":"M van Steenbergen","year":"2010","unstructured":"van Steenbergen, M., Bos, R., Brinkkemper, S., van de Weerd, I., Bekkers, W.: The design of focus area maturity models. In: Winter, R., Zhao, J.L., Aier, S. (eds.) DESRIST 2010. LNCS, vol. 6105, pp. 317\u2013332. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-13335-0_22"},{"key":"7_CR49","series-title":"Lecture Notes in Business Information Processing","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1007\/978-3-642-13633-7_7","volume-title":"Software Business","author":"I van de Weerd","year":"2010","unstructured":"van de Weerd, I., Bekkers, W., Brinkkemper, S.: Developing a maturity matrix for software product management. In: Tyrv\u00e4inen, P., Jansen, S., Cusumano, M.A. (eds.) ICSOB 2010. LNBIP, vol. 51, pp. 76\u201389. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-13633-7_7"}],"container-title":["Lecture Notes in Computer Science","Foundations and Practice of Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-30122-3_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,3,31]],"date-time":"2023-03-31T07:07:37Z","timestamp":1680246457000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-30122-3_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031301216","9783031301223"],"references-count":49,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-30122-3_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"1 April 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FPS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Foundations and Practice of Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Ottawa, ON","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Canada","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 December 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 December 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fps2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.fps-2022.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easy chair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"83","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"31% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}