- Information Security. I am interested in all aspects of information security, and particularly in the following areas:
- Trust & Reputation Management. There is a need to explore new types of trust and reputation systems that can assist users and organisations in assessing the trustworthiness of resources and remote parties on the Internet.
- Network security. The technology used to provide security in networks must integrate the human end user and the operational context in order to provide solutions that are practically secure, not just theoretically secure.
- Identity and Access Management. The problem with current identity management is that the solutions are designed to be practical from the service providers' point of view. More user-centric approaches are needed to make online service provisioning scalable for all.
- Security Usability. People are often the weakest link in the security chain of systems and applications, which means that research is security usability is needed for reducing this vulnerability.
- Reasoning with Belief and Uncertainty. In particular I work on the following technologies:
- Subjective logic is a type of probabilistic logic that is suitable for modelling and analysing situations characterised by certainty, uncertainty, belief, trust, and/or incomplete information.
- Bayesian Networks are used for modelling real world situations characterised by conditional probability, belief or uncertainty between states and events.
I'm lobbying for the teaching of all security courses to be centralized at IfI. Send me an email if you want to express your support.
Student projects in information security
Students who are interested in information security are welcome to discuss possible topics for a project.
Audun Jøsang joined Oslo University in 2008 and its Informatics Dep. in 2011. Prior to that he was Associate Professor at QUT, research leader of Security at DSTC in Brisbane, worked in the telecommunications industry for Alcatel in Belgium and for Telenor in Norway. He was also Associate Professor at the Norwegian University of Science and Technology (NTNU). He has a Master's in Information Security from Royal Holloway College, University of London, and a PhD from NTNU in Norway. He is a CISSP and CISM with broad knowledge and experience in information security.
Publications, presentations, demonstrations etc.