Research Domains

DIGISEC research spans a number of different research domains in digital security. The domains below represent some areas of knowledge in digital security covered by DIGISEC, according to the taxonomy proposed by the Joint Research Centre (JRC) of the European Commission. 

Data Security and Privacy

This domain includes security and privacy issues related to data in order to (a) reduce or avoid by design privacy, confidentiality, and integrity risks without inappropriately impairing data processing purposes or (b) by preventing misuse of data after it is accessed by authorized entities.

Theoretical Foundations

This domain refers to the use of analysis and verification techniques based on formal methods to provide theoretical proof of security properties either in software, hardware and algorithm design.

Identity Management

This domain covers processes and policies involved in managing the lifecycle and value, type and optional metadata of attributes in identities known in a particular domain. Furthermore, it also considers access management aspects including authentication, authorization and access control of individuals and smart objects when accessing resources. These concerns may include physical and digital elements of authentication systems and legal aspects related to compliance and law enforcement.

Network and Distributed Systems

Network security is concerned with hardware, software, basic communication protocols, network frame structure, and communication mechanisms factors of the network [ISO/IEC TR 29181-5].


In distributed systems, security deals with all the aspects of distributed computation and coordination, such as message integrity, availability, confidentiality and  authentication.

Software and Hardware Security Engineering

This domain concerns with security aspects in the software and hardware development lifecycle such as risk and requirements analysis, architecture design, code implementation, validation, verification, testing, deployment and runtime monitoring of operation.



Trust Management and Accountability

This domain comprises trust issues related to digital and physical entities such as applications, services, components, or systems. Trust management approaches can be employed in order to assess assurance and accountability guarantees.

Education and Training

This domain concerns with the learning process of acquiring knowledge, know-how, skills and/or competences necessary to protect network and information systems, their users, and affected persons from cyber threats.

Assurance and Certification

This domain refers to the methodologies, frameworks and tools that provide ground for having confidence that a system, software, service, process or network is working or has been designed to operate at the desired security target or according to a defined security policy.


This domain covers the mathematical aspects of cryptology, the algorithmic aspects, their technical implementation and infrastructural architectures as well as the implementation of cryptanalytic methodologies, techniques and tools.


Nicola Dragoni
Deputy director, head of section, Professor
DTU Compute
+45 45 25 37 31