professorship IT Risk Management
The group IT Risk Management does research on the analysis, assessment and management of risks of information and communication infrastructures. The analysis and assessment is based on international standards such as the ISO Common Criteria for IT security and the ISO 17799 code of practice for information security management. The criteria are subject of research themselves. The management of risks includes the development, practical trials and the deployment of security mechanisms. The aim of the security mechanisms is to protect the authenticity and integrity of the subjects and objects, as well as the availability of services. A special focus is on the support of binding communication in e-commerce and e-government services. This requires the study of how security mechanisms are embedded in their applications. Currently the group does research in the fields of biometry and privacy, e-commerce and trust, digital rights and fair usage of digital goods, electronic voting and political participation.