Lothar Fritsch

• Momen, Nurul & Fritsch, Lothar (2020). App-generated digital identities extracted through Android permission-based data access - a survey of app privacy, In  Sicherheit 2020, Sicherheit, Schutz und Zuverlässigkeit, Konferenzband der 10. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI).  Springer Berlin/Heidelberg.  ISBN 978-3-88579-695-4.  artikkel.  s 15 - 28 Vis sammendrag

  Smartphone apps that run on Android devices can access many types of personal information. Such information can be used to identify, profile and track the device users when mapped into digital identity attributes. This article presents a model of identifiability through access to personal data protected by the Android access control mechanism called permissions. We present an abstraction of partial identity attributes related to such personal data, and then show how apps accumulate such attributes in a longitudinal study that was carried out over several months. We found that apps' successive access to permissions accumulates such identity attributes, where different apps show different interest in such attributes.

• Fritsch, Lothar (2018). How Big Data helps SDN with data protection and privacy, In Javid Taheri (ed.),  Big Data and Software Defined Networks.  The Institution of Engineering and Technology.  ISBN 978-1-78561-304-3.  Chapter 16.  s 339 - 351 Vis sammendrag

  This chapter will discuss Big Data (BD) as a tool in software-defined networking (SDN) from the perspective of information privacy and data protection. First, it will discuss how BD and SDN are connected and expected to provide better services. Then, the chapter will describe the core of data protection and privacy requirements in Europe, followed by a discussion about the implications for BD use in SDN. The chapter will conclude with recommendations and privacy design considerations for BD in SDN.

• Schulz, Trenton & Fritsch, Lothar (2014). Accessibility and Inclusion Requirements for Future e-Identity Solutions, In Klaus Miesenberger; Deborah Fels; Dominique Archambault; Petr Peňáz & Wolfgang Zagler (ed.),  Computers Helping People with Special Needs - Proceedings of the 14th International Conference, ICCHP 2014, Paris, France, July 9-11, 2014; Bind 2. Springer Lecture Notes on Computer Science (LNCS) 8648.  Springer.  ISBN 978-3-319-08598-2.  Chapter.  s 316 - 323 Vis sammendrag

  Future e-identity services will need to be accessible for people with different types of abilities. We review current sets of accessibility guidelines and standards, current assistive technology, and current e-identity technology to determine accessibility and inclusion requirements for a future e-identity solution. For our project, we found that the area we could influence the most was the development of user interface for the client for e-identity and focused on these areas with the assumption that users would have access to inclusive cards and card readers. The requirements are divided into content and presentation, control and operation, legal requirements, testing, and help and support. We also provide possible areas for future research.

• Paintsil, Ebenezer & Fritsch, Lothar (2013). Executable Model-Based Risk Analysis Method for Identity Management Systems: Using Hierarchical Colored Petri Nets, In Steven Furnell; Costas Lambrinoudakis & Javier Lopez (ed.),  Trust, Privacy, and Security in Digital Business.  Springer.  ISBN 978-3-642-40342-2.  article.  s 48 - 61 Vis sammendrag

  Model-based risk analysis methods use graphical models to facilitate participation, risk communication and documentation and thereby improve the risk analysis process. Currently, risk analysis methods for identity management systems (IDMSs) mainly rely on time consuming and expensive manual inspections and lack graphical models. This article introduces the executable model-based risk analysis method (EM-BRAM) with the aim of addressing these challenges. The EM-BRAM employs graphical models to enhance risk analysis in IDMSs. It identifies risk contributing factors for IDMSs and uses them as inputs to a colored petri nets (CPNs) model of a targeted IDMS. It then verifies the system’s risk using CPNs’ state space analysis and queries.

• Paintsil, Ebenezer & Fritsch, Lothar (2013). Executable Model-Based Risk Assessment Method for Identity Management Systems, In Simone Fischer-Hübner; Elisabeth de Leeuw & Chris Mitchell (ed.),  Policies and Research in Identity Management. Third IFIP WG 11.6 Working Conference, IDMAN 2013, London, UK, April 8-9, 2013. Proceedings.  Springer.  ISBN 978-3-642-37282-7.  Panel Session – Risk Management of Identity Management.  s 97 - 99 Vis sammendrag

  Currently, risk assessment methods for identity management systems (IDMSs) are lacking. This makes it difficult to compare IDMSs based on how they enhance privacy and security of system stakeholders. This article proposes the executable model-based risk assessment method (EM-BRAM) with the aim of addressing this challenge. The EM-BRAM identifies risk factors inherent in IDMSs and uses them as inputs to a colored petri nets (CPNs) model of a targeted IDMS. It then estimates or verifies the system’s security and privacy risks using CPNs’ state space analysis and queries.

• Røssvoll, Till Halbach & Fritsch, Lothar (2013). Reducing the User Burden of Identity Management: A Prototype Based Case Study for a Social-Media Payment Application, In Leslie Miller (ed.),  ACHI 2013, The Sixth International Conference on Advances in Computer-Human Interactions.  IARIA.  ISBN 978-1-61208-250-9.  ACHI 14: SOCIAL ASPECTS OF HUMAN-COMPUTER INTERACTION.  s 364 - 370
• Røssvoll, Till Halbach & Fritsch, Lothar (2013). Trustworthy and Inclusive Identity Management for Applications in Social Media, In Masaaki Kurosu (ed.),  Human-Computer Interaction. Users and Contexts of Use.  Springer.  ISBN 978-3-642-39264-1.  Lecture Notes in Computer Science.  s 68 - 77 Vis sammendrag

  We describe a prototype for inclusive and secure identity management regarding a bill sharing application in social media. Beginning with the principals of universal design, and involving groups of users with impairments, we designed a set of alternative authentication methods based on OpenID. This work explains the scenario and the particularities of designing a trust, security, and privacy infrastructure with a high degree of usability for diverse user groups, and which is aligned with the requirements from regulatory frameworks. The user trials show that several authentication alternatives in multiple modalities are welcomed by impaired users, but many have restrictions when it comes to payments in the context of social media.

• Schulz, Trenton & Fritsch, Lothar (2013). Identifying Trust Strategies in the Internet of Things, In Trenton Schulz (ed.),  Proceedings of the User-Centered Trust in Interactive Systems Workshop: a Workshop from NordiCHI 2012.  Norwegian Computing Center.  ISBN 978-82-539-0538-9.  5.  s 19 - 23 Vis sammendrag

  Users in the Internet of Things (IoT) use strategies to determine if they should trust a system or service. These strategies are not actively declared, but it can be useful to know which strategy is being used. We provide possible actions that users may perform when using different trust strategies and possible ways these can be captured for user studies.

• Fritsch, Lothar; Groven, Arne-Kristian & Schulz, Trenton (2012). On the Internet of Things, Trust is Relative. Communications in Computer and Information Science.  ISSN 1865-0929.  277, s 267- 273 . doi: 10.1007/978-3-642-31479-7_46 Vis sammendrag

  End-users on the Internet of Things (IoT) will encounter many different devices and services; they will need to decide whether or not they can trust these devices and services with their information. We identify three items of trust information that end-users will need to determine if they should trust something on the IoT. We create a taxonomy of the likely scenarios end-users will encounter on the IoT and present five trust strategies for obtaining this trust information. Upon applying these strategies to our scenarios, we find that there is no strategy that can work efficiently and effectively in every situations; end-users will need to apply the strategy that best fits their current situation. Offering multiple trust strategies in parallel and having this information transparent to end-users will ensure a sustainable IoT.

• Kohlweiss, Markulf & Fritsch, Lothar (2012). Privatsphäre trotz intelligenter Zähler. digma - Zeitschrift für Datenrecht und Informationssicherheit.  ISSN 1424-9944.  12(1), s 22- 26
• Zibuschka, Jan & Fritsch, Lothar (2012). A hybrid approach for highly available & secure storage of pseudo-SSO credentials, In Audun Jøsang & Bengt Carlsson (ed.),  Secure IT Systems: 17th Nordic Conference, NordSec 2012, Karlskrona, Sweden, October 31 – November 2, 2012. Proceedings.  Springer.  ISBN 978-3-642-34209-7.  Network Security.  s 169 - 183 Vis sammendrag

  Abstract: We present a novel approach for password/credential storage in Pseudo-SSO scenarios based on a hybrid password hashing/password syncing approach that is directly applicable to the contemporary Web. The approach supports passwords without requiring modification of the server side and thus is immediately useful; however, it may still prove useful for storing more advanced credentials in future SSO and identity management scenarios, and offers a high level of security. Keywords. Single sign-on, authentication, syncing, hashing.

• Fritsch, Lothar (2011). Security and privacy engineering for corporate use of social community platforms, In  INFORMATIK 2011 - Informatik schafft Communities.  Gesellschaft für Informatik.  ISBN 978-3-88579-286-4.  Kapitel.  s 416
• Paintsil, Ebenezer & Fritsch, Lothar (2011). A Taxonomy of Privacy and Security Risks Contributing Factors. IFIP Advances in Information and Communication Technology.  ISSN 1868-4238.  352, s 52- 63
• Paintsil, Ebenezer & Fritsch, Lothar (2011). Taxonomy of Privacy and Security Risks Contributing Factors, In Simone Fischer-Hübner; Penny Duquenoy; Marit Hansen; Ronald Leenes & Ge Zhang (ed.),  Privacy and Identity Management for Life. 6th IFIP WG 9.2, 9.6/11.7, 11.4, 11.6/PrimeLife International Summer School, Helsingborg, Sweden, August 2-6, 2010, Revised Selected Papers.  Springer.  ISBN 9783642207686.  Chapter.  s 52 - 63
• Paintsil, Ebenezer & Fritsch, Lothar (2011). Towards Legal Privacy Risk Assessment Automation in Social Media, In  INFORMATIK 2011 - Informatik schafft Communities.  Gesellschaft für Informatik.  ISBN 978-3-88579-286-4.  Kapitel.  s 411
• Scherner, Tobias & Fritsch, Lothar (2011). Technology Assurance, In  Digital Privacy.  Springer.  ISBN 978-3-642-19049-0.  chapter.  s 597 - 608 Vis sammendrag

  This chapter documents the experiences of assurance evaluation during the early stage of a large software development project. The PRIME project researches, contracts and integrates privacy-respecting software to business environments. There exist several approaches to ensure the quality of secure software. Some of these approaches have the focus of quality assurance at a very early stage of the development process and have weaknesses to ensure the quality of this process until the product is ready to enter the market. Other approaches, like the CC, focus on inspection, or more concrete evaluation, of ready-to-market products.

• Fritsch, Lothar; Fuglerud, Kristin Skeide & Solheim, Ivar (2010). Towards Inclusive Identity Management. Identity in the Information Society.  ISSN 1876-0678.  3(3), s 515- 538 . doi: 10.1007/s12394-010-0075-6 Vis sammendrag

  The article argues for a shift of perspective in identity management (IDM) research and development. Accessibility and usability issues affect identity management to such an extent that they demand a reframing and reformulation of basic designs and requirements of modern identity management systems. The rationale for the traditional design of identity management systems and mechanisms has been security concerns as defined in the field of security engineering. By default the highest security level has been recommended and implemented, often without taking end-user needs and accessibility issues into serious consideration. The article provides a conceptual framework for inclusive IDM, a brief overview of the regulatory status of inclusive IDM and a taxonomy of inclusive identity management methods. Several widespread IDM approaches, methods and techniques are analyzed and discussed from the perspective of inclusive design. Several important challenges are identified and some ideas for solutions addressing the challenges are proposed and discussed.

• Jøsang, Audun; Fritsch, Lothar & Mahler, Tobias (2010). Privacy Policy Referencing. Lecture Notes in Computer Science (LNCS).  ISSN 0302-9743.  6264, s 129- 140 Vis sammendrag

  Data protection legislation was originally defined for a context where personal information is mostly stored on centralized servers with limited connectivity and openness to 3rd party access. Currently, servers are connected to the Internet, where a large amount of personal information is continuously being exchanged as part of application transactions. This is very different from the original context of data protection regulation. Even though there are rather strict data protection laws in an increasing number of countries, it is in practice rather challenging to ensure an adequate protection for personal data that is communicated on-line. The enforcement of privacy legislation and policies therefore might require a technological basis, which is integrated with adequate amendments to the legal framework. This article describes a new approach called Privacy Policy Referencing, and outlines the technical and the complementary legal framework that needs to be established to support it.

• Jøsang, Audun; Fritsch, Lothar & Mahler, Tobias (2010). Privacy Policy Referencing, In Sokratis K. Katsikas; Javier Lopez & Miguel Soriano (ed.),  TrustBus, Trust, Privacy and Security in Digital Business, 7th International Conference, TrustBus 2010, Bilbao, Spain, August 30-31, 2010. Proceedings, Lecture Notes in Computer Science 6264.  Springer.  ISBN 978-3-642-15151-4.  Conference Paper.
• Solheim, Ivar; Dale, Øystein; Fritsch, Lothar; Røssvoll, Till Halbach; Holmqvist, Knut & Tjøstheim, Ingvar (2010). Search and navigation as retrieval strategies in large photo collections, In Aiden R. Doherty; Cathal Gurrin; Gareth J.F. Jones & Alan F. Smeaton (ed.),  Proceedings of the Information Access for Personal Media Archives Workshop (IAPMA2010).  Milton Keynes.  ISBN 1872327869.  Chapter.
• Fritsch, Lothar (2009). Business risks from naive use of RFID in tracking, tracing and logistics, In U Wissendheit & T Hollstein (ed.),  RFID SysTech 2009 - ITG Fachbericht 216.  VDE Verlag GmbH.  ISBN 978-3-8007-3168-8.  Chapter.
• Fritsch, Lothar; Groven, Arne-Kristian & Strand, Lars Kristoffer (2009). A holistic approach to Open-Source VoIP security: Preliminary results from the EUX2010SEC project, In Robert Bestak; George Laurent; Vladimir S. Zaborovsky & Cosmin Dini (ed.),  Proceedings of the The Eighth International Conference on Networks (ICN) 2009.  International Academy, Research and Industry Association (IARIA).  ISBN 978-0-7695-3552-4.  chapter.  s 275 - 280
• Fritsch, Lothar; Groven, Arne-Kristian; Strand, Lars Kristoffer; Leister, Wolfgang & Hagalisletto, Anders Moen (2009). A Holistic Approach to Open Source VoIP Security: Results from the EUX2010SEC Project. International journal on advances in security.  ISSN 1942-2636.  2(2&3), s 129- 141
• Fritsch, Lothar & Abie, Habtamu (2008). Towards a Research Road Map for the Management of Privacy Risks in Information Systems, In Ammar Alkassar & Jörg Siekmann (ed.),  Lecture Notes in Informatics.  Bonner Köllen Verlag.  ISBN 978-3-88579-222-2.  Chapter.

Se alle arbeider i Cristin

• de Leeuw, Elisabeth; Fischer-Hübner, Simone & Fritsch, Lothar (ed.) (2010). Second IFIP WG 11.6 Working Conference, IDMAN 2010. Springer.  ISBN 978-3-642-17302-8.  145 s.
• Fritsch, Lothar (2009). Privatsphäre per Design - Privatsphäre respektierende Infrastrukturen für verteilte Mehrparteien-Geschäftsmodelle und Dienste. Lothar Fritsch, Oslo.  ISBN 9788249703098.  104 s.
• Fritsch, Lothar (2008). Profiling and Location-Based Services, In: Hildebrandt, Mireille; Gutwirth, Serge (Eds.): Profiling the European Citizen - Cross-Disciplinary Perspectives. Springer.

Se alle arbeider i Cristin

• Fritsch, Lothar; Toresson, Ludwig; Shaker, Maher & Olars, Sebastian (2020). Privacy impact self-assessment app. Vis sammendrag

  The popularity of the Android OS has led to the development of millions of applications. The assumption of the majority of the Android user base is that these applications are trustworthy and that the Android system does enough to protect them from the untrustworthy applications. This assumption is however false as the Android system does allow trustworthy applications to track users in different ways and does nothing to detect and remove untrustworthy applications. This project aims at informing users about which of their installed applications is tracking them and all of the negative effects it can have on a persona that is similar to them. This is done through an application that uses a pre-filled log containing the data collection of different applications to match an application with negative effects on a specific predefined persona.

• Fritsch, Lothar; Tjøstheim, Ingvar & Kitkowska, Agnieszka (2018). I’m Not That Old Yet! The Elderly and Us in HCI and Assistive Technology.
• Tjøstheim, Ingvar & Fritsch, Lothar (2018). Similar Information Privacy Behavior in 60-65s vs. 50-59ers - Findings From A European Survey on The Elderly.
• Tjøstheim, Ingvar; Leister, Wolfgang; Mork, Heidi Camilla & Fritsch, Lothar (2016). Research Directions for Studying Users’ Privacy Awareness. NR-notat. DART/06/2016. Vis sammendrag

  In this document, we present a set of research questions on how to evoke reflection about sharing of personal data and privacy. We look into analytical approaches to understand the phenomenon of people’s privacy behaviour and into synthetical approaches to let the user practise privacy skills to increase awareness using visualisation and simulation technologies in scenarios of relevance to the user. We also review potential risks to security, privacy, anonymity, and other assets and the use of information in social media, for advertisement and commercial activities.

• Fritsch, Lothar (2015). Future identity ecosystems and eID provisioning -The EU project FutureID.
• Fritsch, Lothar (2015). Information privacy: Technology, principles, and challenges.
• Fritsch, Lothar (2014). Big Data - Bedeutung für die Unternehmensstrategie und -sicherheit. Vis sammendrag

  Big Data als Teil der Unternehmensstrategie bedarf besondere Berücksichtigung bei der Informationssicherheit. Diese Vorlesung erklärt das Big-Data-Konzept, überdeckt es mit den Grundprinzipien der IT-Sicherheit und des Sicherheitsmanagements im Unternehmen, reflektiert die Angreifer- und Verteidigerseite, und schliesst mit praktischen Erwägungen zu Datensicherheit und Datenschutz bei Big-Data-Anwendungen.

• Fritsch, Lothar (2014). E-ID, Sosiale Medier,industristandarder- nytteverdi og risiko. Innføring i populære e-ID-systemer. Vis sammendrag

  Innhold: Sosiale Medier E-ID – kort definisjon og egenskaper fra en forsker Globale e-ID systemer Sosiale medier som facebook, Google, og andre OpenID-løsninger Industriallianser Kantara, Fido Alliance, OASIS Muligheter og risiko Spesielt om personvern

• Fritsch, Lothar (2014). Helsedata, e-helse, IKT og personvern - hvor oppstår og lagres det helsedata?. Vis sammendrag

  E-helse: Framtid med intens datautveksling ►Helsearbeid produserer mye digital data: pasientdata, prosessdata, fakturadata, laboranalysedata, diagnostikk, mobile sensorer. ▪Data lagres, leses, deles, «leies ut» og kombineres. ▪Adgang, deling, arkivering baseres på datakommunikasjon, dvs. data deles med andre datasystemer og deres brukere. ►Med deling av data kommer det nye aktører inn i helsemarket, både i offentlig helsesektor og privat. ►Teknologi og kunnskap muliggjør nye scenarier i e-helse. Presentasjonen omhandler: 1. E-helse: Framtid med intens datautveksling 2. Data innenfor helsesystemet 3. Data utenfor helsesystemet 4. Data på grenseflaten 5. Tiltak for bedre personvern

• Fritsch, Lothar (2014). Innovasjoner innen trygge og personvernsøkende elektroniske identiteter fra forskning - Research innovations in information security and privacy in electronic identity management. Vis sammendrag

  Foredrag om risikoanalyse og løsninger for innebygget personvern i elektroniske identitetsforvaltningssystemer. Agenda * Kort om e-ID * Dagens e-ID-økosystemer * Personvernsutfordringer med e-ID * Løsninger for e-ID med innebygget personvern * Utfordringer med bruk av e-ID

• Fritsch, Lothar (2014). Management of Privacy Risks in Information Systems. Vis sammendrag

  Information Privacy & Privacy Enhancing Technologies (PETs) - What tools for anonymity & privacy are there? Information Privacy from a Management Perspective - How can IT security managers handle privacy? Challenges for Security and Risk Managers - Difficulties in application & open issues.

• Fritsch, Lothar (2014). The metered self vs. managed healthcare IoT - a reality check. Vis sammendrag

  Are managed sensor networkes in healthcare threatened by the quantified self wave? Quantified self – a new concept? Just a new form of shared social media narcissism? A form of identity reassurace in the times of lost traditions? «Dataism» or «Transhumanism» or «datasexuality»? Self-metering equipment is used in ad-hoc ways, often with little (medical) scientific verification of the claimed benefits Those technologies are very appealing to users due to the perceived empowerment (see E.Rogers, Diffusion of Innovations) Self-metering as of today puts all the burden of security and privacy evaluation on the end user. Most systems operate outside the European regualtion frameworks for e-health or data protection Some applications are beneficial to users already Most health apps are used for a few weeks only. This presentation analyzes self-metering and the Internet of Things for e-health from three perspectives: the user's, the health professional's and the privacy researcher's.

• Fritsch, Lothar; Grønli, Christin Straumsheim & Snekkenes, Einar (2014, 10. april). Vi gir for mye info om oss selv på nett. [Internett].  Forskning.no. Vis sammendrag

  Mange aktører jakter informasjon om oss på nettet. Ofte gir vi mer enn de trenger. Forskere finner nå datasystemer som tar vare på personvernet vårt.

• Fritsch, Lothar; Grønli, Kristen Straumsheim & Snekkenes, Einar (2014, 17. mars). Identifisering uten hamstring av persondata. [Internett].  Forskningsrådet.no. Vis sammendrag

  Mange aktører jakter informasjon om oss på nettet. Vi har få verktøy i vårt forsvar. Hvordan kan datasystemer håndtere elektroniske identiteter og samtidig ivareta personvernet?

• Grønli, Kristen Straumsheim; Hellman, Riitta; Fuglerud, Kristin Skeide & Fritsch, Lothar (2014, 02. mai). Snart kan passordene bestå av lyder, bilder og mønster - Norske forskere vil gjøre nett-tjenester tilgjengelig for alle. [Internett].  Teknisk Ukeblad. Vis sammendrag

  Mekanismene vi bruker til innlogging i dag gjør livet på nett krevende. Mange passord å holde styr på er en daglig utfordring. Folk forenkler gjerne ved å bruke det samme over alt, eller ved å skrive ned. Begge deler går ut over sikkerheten. Problemet vokser i takt med økningen i antall tjenester som krever innlogging med passord. For mennesker med hukommelsesproblemer eller lese- og skrivevansker er det enda verre. For ikke å snakke om for de som sliter med synet. Noen løsninger gjør det helt umulig for personer med funksjonshemminger å logge seg på.

• Grønli, Kristin Straumsheim; Fritsch, Lothar; Hellman, Riitta & Fuglerud, Kristin Skeide (2014, 27. april). Utestengt fra nettjenester. [Internett].  Forsnkningsrådet.no. Vis sammendrag

  Nesten halvparten av alle kundehenvendelser til Altinn handler om trøbbel med innlogging. Hvem skal sørge for at tjenester på nettet blir tilgjengelige for alle?

• Fritsch, Lothar (2013). The Clean Privacy Ecosystem of the Future Internet. Future Internet.  ISSN 1999-5903.  5(1), s 34- 45 . doi: 10.3390/fi5010034 Vis sammendrag

  This article speculates on the future of privacy and electronic identities on the Internet. Based on a short review of security models and the development of privacy-enhancing technology, privacy and electronic identities will be discussed as parts of a larger context—an ecosystem of personal information and electronic identities. The article argues for an ecosystem view of personal information and electronic identities, as both personal information and identity information are basic required input for many applications. Therefore, for both application owners and users, a functioning ecosystem of personal information and electronic identification is important. For the future of the Internet, high-quality information and controlled circulation of such information is therefore argued as decisive for the value of future Internet applications.

• Fritsch, Lothar & Abie, Habtamu (2013). 2nd PETweb II & ASSET joint PhD Seminar. NR-notat. DART/01/2013. Vis sammendrag

  The 2nd joint PhD seminar of the PETweb II and the ASSET projects, which is the 4th PhD seminar in the PETweb II project, presented the ASSET PhD proposals, the near‐final results of the PETweb II PhD students, and will perform education in scientific work for all participants that is not offered by the cooperation academic institution’s PhD courses.

• Fritsch, Lothar & Snekkenes, Einar (2013). Alternative Approaches to Privacy Risk Assessment: Summary of the PETweb II VERDIKT project sponsored by the Research Council of Norway (2009-2013). Report at the Norwegian Computing Center. 1029. Vis sammendrag

  The PETweb II project has turned out to be a truly multidisciplinary project. Although the project participants have had most of their training in either law or computer science, some of the most significant results from the project is a consequence of combining ideas from economics, psychology, decision science, journalism and computer science. We believe that this project is an excellent example of how a multidisciplinary perspective can benefit research. From economics, we have imported ideas regarding utility theory. Psychology has contributed with theories of incentives and motivation. Decision science has contributed with multi- attribute utility theory. The concept of framing, belonging to the field of journalism/rhetoric has provided inspiration to explore a new way of framing risk. Computer science has offered inspiration on how the risk management and analysis concepts can be modelled and how the ideas can be implemented as a software tool. Classical risk frame focuses on incident expected impact, i.e. a combination (product) of consequence and likelihood, possibly conditioned on knowledge. PETweb II developed two alternative approaches to risk analysis – the EM-BRAM and the CIRA method. EM-BRAM starts with a model of technical risk sources in identity management technology. From there, it aims at a modelling approach of a given system into an executable model that is used to detect the presence of the risk factors in a concrete system. The risk framing proposed in the CIRA method frames risk as the underlying cause of the incident. In this frame, risk corresponds to misaligned incentives. A preliminary – bleeding edge- alpha version of a CIRA tool was developed right at the end of the project. We intend to explore the possibility of deploying CIRA and associated software tools into the data cloud. It should be kept in mind that CIRA is still in its early days, and much more research need to be completed to enhance and validate the method. However, we have already established a new project to further develop CIRA. In addition, we are planning several new projects to further explore research into a multidisciplinary perspective on risk analysis.

• Paintsil, Ebenezer; Fritsch, Lothar & Snekkenes, Einar (2013). Privacy and Security Risks Analysis of Identity Management Systems. Doctoral Dissertations at Gjøvik University College. 1-2013. Vis sammendrag

  This thesis develops a risk model and model-based risk analysis method for privacy and security risks analysis of identity management systems (IDMSs) in order to reduce cost and provide scientific support for the choice of identity management approaches. In order to analyze a system, we need a clear understanding of the system as well as what can go wrong in it. Risk assessors often rely on system specifications and stakeholders (end-users and system owners) to understand a targeted system. Similarly, system stakeholders may rely on risk assessors to understand the risk analysis process. Model-based risk analysis methods use graphical models to assist system stakeholders to understand the risk analysis process. The graphical risk models communicate what can go wrong in a system and assist in the security risk analysis. They facilitate participation, risk communication and documentation. However, current model-based risk analysis methods provide general support for security risk analysis but pay little attention to privacy. Privacy requirements complement that of security but conflicts can arise in their implementation. Identifying and understanding such conflicts are a prerequisite for developing adequate and a balanced risk analysis method. Furthermore, due to lack of data on past events, model-based risk analysis methods either rely on subjective intuitions of risk assessors and system stakeholders, or complex mathematical validation techniques to determine a system’s risk. Subjective intuitions lead to high uncertainties in risk analysis. Moreover, complex mathematical risk modeling and validation techniques are expensive, difficult to learn and can impede risk communication among system stakeholders. This thesis develops a balanced approach to risk analysis where systems’ characteristics and tools that are relatively easy to learn are relied upon to analyze privacy and security risks in IDMSs. It provides new knowledge on how to develop a privacy and security risks model for IDMSs from the characteristics of information that flow in them. Furthermore, it develops an executable model-based risk analysis method (EM-BRAM) to improve risk communication, automation, participation as well as documentation in IDMSs. The EM-BRAM relies on system behaviors or characteristics rather than data on past events or intuitions of a risk assessor to analyze privacy and security risks in IDMSs. Consequently, the method can reduce subjectivity and uncertainty in risk analysis of IDMSs. EM-BRAM identifies risk factors inherent in IDMSs and uses them as inputs for the privacy and security risks analysis. The risk factors are categorized into external and internal misuse cases. The external misuse cases consist of risk factors that may be outside the control of IDMSs while the opposite is true for internal misuse cases. The internal misuse cases are used for the privacy and security risks analysis. In order to determine a system’s risk, the EM-BRAM uses Colored Petri Nets tools and queries to model and analyze the characteristics of information flow in the target IDMS. The method has been applied to analyze the security and privacy risks of popular IDMSs such as OpenID and SAML single sign-on services for Google Apps. The results show that the EM-BRAM is effective in analyzing privacy and security of IDMSs if it is applied to low level system specifications.

• Schulz, Trenton; Fritsch, Lothar; Schlehahn, Eva; Hansen, Marit & Zwingelberg, Harald (2013). FutureID Deliverable D22.7 Accessibility and Inclusion Requirements. Vis sammendrag

  This document defines the accessibility and inclusion requirements to be taken into account when developing the different prototypes in the FutureID project. It also serves as a back- ground document in informing project partners about different aspects of accessibility when dealing with ICT. This includes looking at definitions, different types of users, assistive tech- nology, and other existing work in the field. Legal requirements, including storing of personal information for making systems accessible, are also covered. The document includes the accessibility and inclusion requirements for both developing and testing the client.

• Fritsch, Lothar (2012). Documentation of the 2nd PETweb II PhD student workshop - 2-day PhD student workshop of the VERDIKT PETweb II projects in Rømskog, 19.3.2012. NR-notat. DART/09/2012.
• Fritsch, Lothar (2012). Documentation of the 3rd PETweb II PhD student workshop - Joint PhD student workshop of the VERDIKT PETweb II and ASSET projects in Gjøvik, 13.9.2012. NR-notat. DART/08/2012.
• Fritsch, Lothar (2012). Privacy visualization requirements in the Internet of Things - A uTRUSTit FP7 ICT project note, 7.9.2012. NR-notat. DART/07/2012. Vis sammendrag

  The Internet of Things (IoT) is a complex mesh‐up of devices, infrastructures and services. When connecting to a particular peer, users expose themselves to these infrastructures. This report reviews techniques and knowledge concerning the communication of status information about privacy and information security and trustworthiness to users of the IoT. Particular challenges are the complexity and instability of the infrastructures, the miniature user interfaces of smart things, and the arbitrariness and traceability of connections and device federations.

• Fritsch, Lothar (2012). Scientific Writing and Publishing - An introduction for new PhD students at NR. A course on writing guidlines, publication channels, and program committees as part of your publication strategy. Vis sammendrag

  Contents ► PhD learning goals ► A short definition of research in Computer Science ► Scientific Writing ► Publishing Articles

• Fritsch, Lothar (2012). Trust and Privacy in the Internet of Things in the User’s View - Keynote talk on "Future Trends and Challenges" track.
• Fritsch, Lothar (2012). Undesirable side effects: From NFC to IoT.
• Roßnagel, Heiko; Camenisch, Jan; Fritsch, Lothar; Houdeau, Detlef; Hühnlein, Detlef; Lehmann, Anja; Rodriguez, Pedro Soria & Shamah, Jon (2012). FutureID – Shaping the Future of Electronic Identity. Vis sammendrag

  Abstract. The FutureID project builds a comprehensive, flexible, privacy-aware and ubiquitously usable identity management infrastructure for Europe, which integrates existing eID technology and trust infrastructures, emerging federated identity management services and modern credential technologies to provide a user-centric system for the trustworthy and accountable management of identity claims. The FutureID infrastructure will provide great benefits to all stakeholders involved in the eID value chain. Users will benefit from the availability of a ubiquitously usable open source eID client that is capable of running on arbitrary desktop PCs, tablets and modern smart phones. FutureID will allow application and service providers to easily integrate their existing services with the FutureID infrastructure, providing them with the benefits from the strong security offered by eIDs without requiring them to make substantial investments. This will enable service providers to offer this technology to users as an alternative to username/password based systems, providing them with a choice for a more trustworthy, usable and innovative technology. For existing and emerging trust service providers and card issuers FutureID will provide an integrative framework, which eases using their authentication and signature related products across Europe and beyond. To demonstrate the applicability of the developed technologies and the feasibility of the overall approach FutureID will develop two pilot applications and is open for additional application services who want to use the innovative FutureID technology. This paper provides a short overview of the FutureID project. Keywords. Identity Management, eID, Identity Broker, Open Source Client

• Schulz, Trenton & Fritsch, Lothar (2012). Identifying Trust Strategies in the Internet of Things.
• Fritsch, Lothar (2011). Economics of Cybersecurity - Economic perspectives on Information Security.
• Fritsch, Lothar (2011, 18. juli). Eliteskrekk.  Dagens Næringsliv.
• Fritsch, Lothar (2011). Identifisering, Autentisering, Autorisering - Identifisering, Autentisering, Autorisering.
• Fritsch, Lothar (2011). Identifisering, Autentisering, Autorisering - forskjeller og implikasjoner i e-ID-anvendelser.
• Fritsch, Lothar (2011). Information Security in Social Media - Challenges for Corporate IT strategy.
• Fritsch, Lothar (2011). Management of Privacy Risks in Information Systems.
• Fritsch, Lothar (2011, 13. juli). Motbør for mobilbillett.  Aften.
• Fritsch, Lothar (2011). Motbør for mobilbillett - Intervjuet av Bjørn Egil Halvorsen. Ukjent.
• Fritsch, Lothar (2011). Privacy and Regulatory Requirements.
• Fritsch, Lothar (2011). Sikkerhet og Personvern i Sosiale Medier - Utfordringer i bedriftens IKT-strategi.
• Fritsch, Lothar (2011). Social Media, e-ID and Privacy - Background for the e-Me project. NR-notat. DART/02/2011.
• Fritsch, Lothar (2011). Social Media, e-ID and Privacy - Background for the e-Me project. NR-notat. DART/02/2011.
• Fritsch, Lothar (2011). Utprøving av Buypass e-ID og Altinn.no - Resultat av smartkort-studie i e-Me prosjekt. NR-notat. DART/03/2011.
• Fritsch, Lothar (2011). Utprøving av Buypass e-ID og Altinn.no - Resultat av smartkort-studie i e-Me prosjekt. NR-notat. DART/03/2011.
• Hagalisletto, Anders Moen & Fritsch, Lothar (2011). Mobilnett-kollapsen: Vi må leve med risikoen. Forskning.no.  ISSN 1891-635X.
• Hagalisletto, Anders Moen & Fritsch, Lothar (2011). Mobilnett-kollapsen: Vi må leve med risikoen (kronikk). Ukjent.  (http://www.forskning.no/artikler/2011/juni/291877)
• Schulz, Trenton; Fritsch, Lothar; Solheim, Ivar; Tjøstheim, Ingvar; Petró, Dániel; Arfwedson, Henrik & Back, Niklas (2011). uTRUSTit Deliverable D2.2 Definition of User Scenarios. Vis sammendrag

  We present scenarios in the three domains of smart home, smart office, and e-voting. The smart home consists of five scenarios; the smart office includes nine scenarios; e-voting has five scenarios. These scenarios cover a variety of situations that people may encounter in their everyday life and help to illustrate the trust issues that can show up when working with the Internet of Things (IoT). The scenarios form a foundation for many of the tasks and activities in the other work packages since the scenarios capture the functionality that we will work on. We also include a list of potential devices that may be used to realize these scenarios.

• Fritsch, Lothar (2010). Business Security and Privacy Risk of RFID.
• Fritsch, Lothar (2010). Location Privacy by Design - Technology & Business Incentives.
• Fritsch, Lothar (2010). Nettverksbygging og tverrfaglighet med EU ”Network of Excellence”.
• Fritsch, Lothar (2010). PETweb II – Privacy in Identity Management, presentation as part of the \Identity Management throughout life - solutions, trends, side effects\" networking session on Sep. 29, 2010".
• Fritsch, Lothar (2010). Sosiale Medier, e-IDer og Personvern - Innføring i begrepene og tema til e-Me oppstartmøte.
• Fritsch, Lothar (2010). Støtte til forsking og innovasjon i næringslivet : Støtteordninger innenfor IKT i Norge og EU.
• Fritsch, Lothar (2010). Technology and Methods for Information Privacy.
• Fritsch, Lothar & Fuglerud, Kristin Skeide (2010). Time and Usability as Upper Boundary in Friend and Family Security and Privacy. NR-notat. DART/11/2010.
• Fritsch, Lothar & Paintsil, Ebenezer (2010). 1st PhD retreat documentation - Minutes of the PETweb II PhD workshop, April 15-16, 2010. NR-notat. DART/04/2010.
• Skomedal, Åsmund & Fritsch, Lothar (2010). Høringsuttalelse Cybersikkerhet. Ukjent.
• Fritsch, Lothar (2009). Business risks from RFID in tracking, tracing and logistics.
• Fritsch, Lothar (2009). Business security and privacy risk of RFID.
• Fritsch, Lothar (2009). Inclusive Identity Management.
• Fritsch, Lothar (2009, 22. september). Intervju: GPS-peiling av eldre - utfordringer i sikkerhet og personvern. [Radio].
• Fritsch, Lothar (2009). PhD recruiting - PETweb II recruitment activities and results. NR-notat. DART/09/2009.
• Fritsch, Lothar (2009). Privacy technology as a key enabler for person-centric Location-based Services.
• Fritsch, Lothar (2009). Security Requirements and Security Modeling for VoIP Systems.
• Fritsch, Lothar & Groven, Arne-Kristian (2009). VoIP stakeholder profiling: Public stakeholders and infrastructure owners. NR-notat. DART/06/2009.
• Fuglerud, Kristin Skeide; Reinertsen, Arthur; Fritsch, Lothar & Dale, Øystein (2009). Universell utforming av IKT-baserte løsninger for registrering og autentisering: Resultater fra forprosjekt. NR-notat. DART/02/09.
• Holmqvist, Knut; Solheim, Ivar; Fritsch, Lothar; Dale, Øystein & Halbach, Till (2009). Search vs Navigation in Mariage Image Retrieval. NR-notat. DART 03/2009.
• Tjøstheim, Ingvar & Fritsch, Lothar (2009). Doing surveys where it matters - the GPS-age and privacy. How the MR industry can do surveys where the action is and at the same time deal with location data and privacy.
• Benito, Raúl; Dean, Roger; Fritsch, Lothar; Hoepman, Jaap-Henk; Lazar, Steve; Leitold, Herbert; Pote, Greg; Roßnagel, Heiko; von Schwedler, Arnim; Vitali, Daniele; Zimmermann, Frank; Årnes, André; Naumann, Ingo & Hogben, Giles (red.) (2008). Security Issues in the Context of Authentication Using Mobile Devices (Mobile eID).
• Fretland, Truls; Fritsch, Lothar & Groven, Arne-Kristian (2008). State of the Art of Digital Rights Management - A MARIAGE project report. Report at the Norwegian Computing Center. 1018.
• Fritsch, Lothar (2008). Data Retention in Norway: Technical Security Investments, Electronic Evidence, and the PET challenge.
• Fritsch, Lothar (2008). Investing in Privacy Protection with Privacy-Enhancing Technology.
• Fritsch, Lothar (2008). Tools and Methods for Information Privacy.
• Fritsch, Lothar; Fuglerud, Kristin Skeide & Solheim, Ivar (2008). 1st IDIS workshop 2008.

Se alle arbeider i Cristin