Welcome at the Research Group IT-Risk-Management

The group IT Risk Management does research on the analysis, assessment and management of risks of information and communication infrastructures. The analysis and assessment is based on international standards such as the ISO Common Criteria for IT security and the ISO 17799 code of practice for information security management. The criteria are subject of research themselves. The management of risks includes the development, practical trials and the deployment of security mechanisms. The aim of the security mechanisms is to protect the authenticity and integrity of the subjects and objects, as well as the availability of services. A special focus is on the support of binding communication in e-commerce and e-government services. This requires the study of how security mechanisms are embedded in their applications.