This document articulates research priorities in the area of information security as seen by NISNet (Norsk Ressursnettverk for Informasjonssikkerhet, Norwegian Information Security Network) in 2008. The document is intended as input to discussions in the IT security community, and to provide advice to government bodies responsible for defining research policies and for allocating research funding.
Information security research should focus on global research challenges where significant contributions by Norwegian research institutions can be achieved, either alone or in collaboration with other national or international partners. Information research should also prioritize specific national challenges, e.g. in case specific security threats, vulnerabilities and risks are relatively more severe within the national domain than elsewhere.
Given the diversity of expertise among national research groups in the area of information security, research efforts should be allowed and encouraged to focus on different areas. This diversity is also reflected by the many national and international collaborative industry and academic links that our national research groups maintain. To reflect this diversity while at the same time preserving coherence and structure, the research priorities have been grouped under the two main themes fundamental information security and application oriented information security.