Data security and privacy

We conduct research into technologies and methods for privacy protection and data security. We analyse and evaluate how privacy and security are provided by various technologies, systems, and organisations.

Data security

Data security is a large and comprehensive field addressing protection of sensitive data, where confidentiality, integrity, and authenticity are the most common security goals. Data security affects several elements of society and requires knowledge and expertise from different disciplines such as security management, cryptography, information and communication technology, and mathematics. Our research covers various aspects of data security, and we conduct security and privacy assessment, as well as risk and vulnerability assessment, on different levels, including methods, information systems, and organizations.

Privacy

Rules and regulation for handling personal data are addressed by the Norwegian Personal Data Act and the EU’s Personal Data Protection Regulation (GDPR), which ensures privacy in several areas, such as the right to access, delete and restrict personal data. These regulations emphasise protection of sensitive personal data. Preserving privacy of personal data is relevant in many areas, such as healthcare, finance, banking, insurance, police, etc. Personally identifiable information can point to specific individuals. To meet the privacy requirements when analysing such data, anonymization techniques can be employed for identification and protection of personally identifiable information. However, this may not be a trivial task. As such, we have expertise in methods for privacy-preservation and data anonymization.

Machine learning and artificial intelligence are central to data analytics. Using confidential computing methods, such as homomorphic encryption, we can analyse the encrypted data and produce meaningful inferences while preserving data privacy.