Is currently thinking about the Internet Identiy layer, and actively involved in the design of a Self-Sovereign Identity Framework


My expertise includes information security in a broad sense. I focus on

(1) security architectures, i.e. integrity of process- and system integration with special attention towards identity management, access control, and privacy (by design)

(2) security governance and risk models, including the associated processes.

My interests lie in formal underpinnings of these focal areas and making the results usable (understandable) in the business context.

Specialties: I am a good conceptual thinker, designer of (thought)models, identity management access controls, risk analysis, security policies, and more.


Personal website:



Rieks Joosten: Self-Sovereign Identity Framework and Blockchain. ERCIM News 2017(110) (2017)


HJM Joosten Aantoonbaar voldoen aan (komende) privacywet- en regelgeving in een IT-rijke context


HJM Joosten Van risicomanagement naar succes governance


Maarten Hoeve & HJM Joosten El Metodo Managing Risks in Value Chains


Harrie Bastiaansen & Rieks Joosten Hoe goed bent u in control over de robuustheid van uw ICT-keten?


HJM Joosten & Rieks Joosten Gescoopt risico management


Jaap-Henk Hoepman & Rieks Joosten Practical Schemes for Privacy and Security Enhanced RFID


Penny Duquenoy & Rieks Joosten & Diane Whitehouse: Putting Identifiers in the Context of eHealth