2010 - ERCIS
2010 - ERCIS
2010 - ERCIS
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
University of Münster –<br />
Department of Information Systems –<br />
IT Security Research Group<br />
16<br />
New Research Group:<br />
IT Security at <strong>ERCIS</strong> HQ<br />
Whenever information systems are being<br />
connected, a new potential security<br />
hole is created. In a world where computer<br />
networks are an indispensable<br />
backbone of wealth and growth, basic<br />
knowledge of the principles of security<br />
and privacy are no longer the domain<br />
of spies and specialists. Instead, this<br />
qualification will soon belong the set to<br />
elementary skills of every businessperson<br />
and citizen – just like nowadays<br />
you know how to operate a door lock,<br />
or not to issue a blank check. <strong>ERCIS</strong> has<br />
accommodated to this need and welcomes<br />
Dr. Rainer Böhme as head of a<br />
new research group dedicated to IT security.<br />
West Coast to Westphalia<br />
Professor Dr.-Ing. Rainer Böhme was<br />
appointed as Assistant Professor (“Juniorprofessor”)<br />
on September 1st, <strong>2010</strong>.<br />
Prior to this position, he worked as<br />
Postdoctoral Fellow at the International<br />
Computer Science Institute in Berkeley,<br />
California. He holds a Master’s degree<br />
in Communication Science and Economics<br />
and a Doctorate in Computer<br />
Science, both from Technische Universität<br />
Dresden in Germany. He also<br />
worked at the European Central Bank,<br />
where he served for the directorates of<br />
economics and financial stability & supervision.<br />
Professor Böhme’s research<br />
interests include economics of information<br />
security and privacy as well as multimedia<br />
security. He is particularly keen<br />
on teaching security in its breadth to<br />
students of the University of Münster’s<br />
Master program.<br />
Security Economics<br />
The new research group will take an<br />
interdisciplinary approach on a range<br />
of research questions in information<br />
security and privacy. One key field of<br />
research is economics of information<br />
security.<br />
Security breaches are in the news almost<br />
daily, each bigger and more costly<br />
than the last. But rarely are they caused<br />
by technical failures. Bad security often<br />
is a result of wrong decisions on<br />
the deployment of security technology.<br />
The economic perspective on information<br />
security starts with looking at these<br />
decisions and analyzes underlying processes<br />
and incentive systems. Technology<br />
merely defines the action space. With<br />
insights into economic and behavioral<br />
mechanisms, technology can be designed<br />
and deployed in such a way that<br />
bad security decisions are less likely.<br />
Relevant research questions include:<br />
How can security be measured? How<br />
much shall individuals, firms, and governments<br />
spend on information security?<br />
How exactly shall they invest?<br />
What incentives really drive privacy decisions?<br />
What distinguishes cyber-risks<br />
from conventional risks and what consequences<br />
emerge for cyber-risk management?<br />
How does all this affect the IT<br />
security industry?<br />
The methods in the field of economics<br />
of information security range from<br />
economic modeling of isolated aspects,<br />
via quantitative empirical studies, to<br />
broader strategy/policy analyses targeted<br />
to corporate decision makers and<br />
governments.<br />
Impact<br />
Professor Böhme is an established<br />
capacity in this field. He has published<br />
nine papers on various topics in the past<br />
six editions of the prestigious Workshop<br />
on the Economics of Information Security.<br />
His work got cited in Science, The<br />
Economist, and in reports of international<br />
organizations like the UNCTAD, OECD<br />
and the European Commission. His 2009<br />
paper entitled “The Iterated Weakest<br />
Link”, co-authored with Dr. Tyler Moore<br />
of Harvard’s Center for Research on<br />
Computation and Society, was awarded<br />
the inaugural Gordon Price in Managing<br />
Information Security Resources by the<br />
University of Maryland’s Smith School<br />
of Business. In 2008, Dr. Böhme co-authored<br />
an influential report on Security<br />
Economics and European Policy commissioned<br />
by the European Network and<br />
Information Security Agency (ENISA).<br />
Some of the 15 recommendation formulated<br />
therein have been taken up by policymakers<br />
in Europe, the US, and Asia.<br />
Digital Image Forensics<br />
Besides economic and managerial<br />
questions, the research group also contributes<br />
to advance the state of security<br />
technology. Its members belong to the<br />
leading European researchers in the<br />
field of digital image forensics. Forensic<br />
methods in general deal with the search<br />
and analysis of traces with the aim of reconstructing<br />
(criminal) activities as well<br />
as identifying culprits.<br />
The wide acceptance of digital imaging<br />
coupled with ever better image processing<br />
software enables ordinary users to<br />
Image 1: Image released to the press