Dr. Audun Jøsang

Professor, UniK, University of Oslo
Adjunct Professor, QUT

• Infosec@UniK
• AFSecurity
• NordSec 2009
• JTAER-Trust
• IFIPTM 2010
• Publications
• Trust Management
• Security Usability
• Subjective logic
• Teaching

Research Interests

Trust & Reputation Management for open computer networks includes developing trust and reputation systems that can assist users and organisations in assessing the trustworthiness of resources and remote parties on the Internet. Subjective Logic is compatible with Bayesian reputation systems, which provides a simple and elegant way of combining reputation systems with belief and trust reasoning.

Security Usability is a crucial but largely ignored element in the security chain. Poor usability of security directly leads to security vulnerabilities that can be exploited by hackers and criminals. People are often the weakest link in the security chain of systems and applications. This serious problem is amplified by poor security usability. The problem of poor security usability was already pointed out by the Belgian cryptographer Kerckhoffs in 1883.

Identity Management is a crucial enabler for the development of online services. The problem with current identity management is that the solutions are designed to be practical from the service providers' point of view. These solutions do not scale, and provide poor usability for service consumers. A new user-centric approach is needed to make online service provision scalable for all.

Subjective logic is a type of probabilistic logic where arguments can contain degrees of uncertainty and where belief ownership can be explicitly expressed. Subjective logic is suitable for modelling and analysing situations characterised by uncertainty and incomplete knowledge, e.g. for modelling trust networks and Bayesian networks. A rich set of operators makes subjective logic flexible and applicable for modelling practical situations.

Biography

Audun Jøsang joined UNIK in March 2008. Prior to that he was Associate Professor at QUT, research leader of the Security Unit at DSTC in Brisbane, worked in the telecommunications industry for Alcatel in Belgium and for Telenor in Norway. He was also Associate Professor at the Norwegian University of Science and Technology (NTNU). He has a Masters in Information Security from Royal Holloway College London, and a PhD from NTNU in Norway.