| | SLO | ENG | Piškotki in zasebnost

Večja pisava | Manjša pisava

Iskanje po katalogu digitalne knjižnice Pomoč

Iskalni niz: išči po
išči po
išči po
išči po
* po starem in bolonjskem študiju

Opcije:
  Ponastavi


11 - 20 / 40
Na začetekNa prejšnjo stran1234Na naslednjo stranNa konec
11.
Informacijsko bojevanje v Sloveniji - od tradicionalno lokalnega v globalni kibernetski prostor
Igor Bernik, Kaja Prislan, 2011, pregledni znanstveni članek

Opis: Namen prispevka: Opozoriti želimo na tveganja, ki so jim izpostavljeni vsi informacijski sistemi in jih prinaša informacijsko bojevanje. Z razvojem sodobne informacijskokomunikacijske tehnologije (v nadaljevanju IKT) je vojaško, politično, gospodarsko in ideološko motivirano bojevanje pridobilo popolnoma nove razsežnosti in nevarnosti, čeprav se njene resnosti marsikatera država še vedno ne zaveda. Zaradi anonimnosti, možnosti dostopanja z oddaljene lokacije in zakrivanja izvora napada, storilci svoje cilje dosegajo lažje in hitreje, kot je to bilo mogoče pred razvojem spleta in informacijske tehnologije. To je omogočilo razvoj in prenos informacijskega bojevanja na različna družbena področja. Ker pa so tehnike informacijskega bojevanja postale primerljive z ostalo (klasično) računalniško kriminaliteto, je kompleksnost problematike še toliko širša. Resnost in nevarnost tovrstne grožnje prikazujemo skozi primere. S predstavitvijo trenutne zakonske ureditve v Sloveniji pa želimo prikazati neustrezno normativno podlago za delo organov pregona. Trenutna zakonska ureditev omogoča stanje, v katerih je primere informacijskega bojevanja lažje vršiti kot preganjati. Metode: Podan je pregled definicij informacijskega bojevanja v strokovni literaturi. Na podlagi analize definicij je predlagana konkretna in natančnejša opredelitev pojava informacijskega bojevanja. Kratko so predstavljeni nekateri primeri kibernetskih napadov, ki potrjujejo obstoj tovrstne grožnje. Analizirana je aktualna zakonodaja v Republiki Sloveniji. Na podlagi ugotovljenih slabosti so podani utemeljeni predlogi za izboljšave zakonodaje. Ugotovitve: Temeljna ugotovitev prispevka je, da se je (informacijsko) bojevanje, kot tradicionalni način doseganja ciljev, z razvojem sodobne IKT razširilo v vse sfere družbenega življenja, skladno s tem pa so se spremenile tudi njegove tehnike delovanja. Kibernetsko okolje je tej grožnji omogočilo neobvladljivo širjenje, kar je povzročilo novo globalno/transnacionalno tveganje za države in organizacije. Gospodarstvo, kritična infrastruktura, politični odnosi in svetovni mir so tista temeljna področja, ki jih informacijsko bojevanje želi kompromitirati. Kot kaže trenutno stanje normativne ureditve informacijskega bojevanja, so na nacionalni ravni naše države pomanjkanje politične volje, nerazumevanje in ravnodušnost temeljni atributi, ki omogočajo obstoj in razvoj informacijskega bojevanja. Na ravni svetovnih velesil in mednarodnih organizacij pa gre, zaradi zavedanja in uporabe prednosti tovrstnega bojevanja, za poskus ohranjanja neurejenega stanja, saj z informacijskim bojevanjem napadajo normativno ureditev. Izvirnost/pomembnost prispevka: Izvirna vrednost prispevka je opredelitev informacijskega bojevanja. Poleg tega pa je pomemben tudi prikaz narave informacijskega bojevanja na primerih in stanje normativne ureditve. Slednje je glavni zaviralec za preprečevanje opisane problematike.
Ključne besede: informacijsko bojevanje, informacijsko-kumunikacijske tehnologije, pravna podlaga, Slovenija
Objavljeno: 11.05.2020; Ogledov: 234; Prenosov: 24
.pdf Celotno besedilo (418,46 KB)
Gradivo ima več datotek! Več...

12.
Information security in risk management systems
Igor Bernik, Kaja Prislan, 2011, izvirni znanstveni članek

Opis: Purpose: Modern organizations are no longer able to operate and achieve their goals without information technology. The only stability in the modern world is change, and users adjust to them, as do the threats to information technology. Therefore, the only way to control threats to information security is to execute a process of risk management, which enables organizations to manage threats. This paper introduces various ways of managing information security threats and researches the existence of risk management systems in Slovenia. Design/Methods/Approach: The study focused on the research of the perception of information security risk management among Slovenian organizations. For this purpose, research has been conducted in different organizations. The results of this research revealed that threats to information security are largely not fully comprehended. Moreover, the structure of risk management systems depends completely on each individual organization. The problem is therefore the fact that there are as many systems as there are organizations. In theory, any information system must be examined thoroughly before risk management systems are established. It is important to know the weaknesses of the system, possible threats to it and ways of attack, and what consequences follow. Findings: Risks can be managed in different ways. Organizations choose mostly among the following approaches: (1) informal or unsystematic approach; (2) general approach, which provides the same protection mechanism for every organizational level; (3) exact approach, which refers to an analysis of the entire information system; (4) a combination of a general and an exact approach. When organizations choose their approach, they establish the control mechanisms. With these mechanisms it is possible to simply avoid risks, mitigate their consequences, accept a particular risk, or introduce adequate security mechanisms. Due to continual changes such systems must be constantly evaluated and improved. This means that systems must be constantly adjusted to new types of threats. By establishing a safe information system, organizations can consider different trends, recommendations and effective practices; for instance the ISO 27000 series of standards. In the process of managing information security, it is of great significance to establish a risk management system, to be able to recognize the most exposed areas, and to protect them accordingly. Research limitations: Research results cannot be generalized due to the relatively small number of companies interviewed. Practical implications: This paper represents a useful source of information for companies establishing information security risk management systems, and it represents the basis for further research. Originality/Value: Guidelines for establishing a secure information system and forms conclusions on how these guidelines are considered in practice are represented. The study has original value because it is based on a research of the current state of risk management procedures in different organizations. Organizations can consider different guidelines, recommendations and good practices for establishing their own effective information security. Findings show that defining management responsibility, identifying key vulnerabilities and securing them, are the three most significant elements in effective risk management and maintenance of information security.
Ključne besede: informacijski sistemi, informacijska varnost, grožnje, tveganje, management, Slovenija
Objavljeno: 05.05.2020; Ogledov: 273; Prenosov: 11
URL Povezava na datoteko
Gradivo ima več datotek! Več...

13.
Socialno-psihološke implikacije kibernetskega terorizma
Kaja Prislan, Igor Bernik, 2013, pregledni znanstveni članek

Opis: Namen prispevka: S prispevkom želimo predstaviti sinergijo učinkov nerealnih predstav o tehnologiji in terorizmu, realne sposobnosti in aktivnosti kibernetskih teroristov, hkrati pa opozoriti na grožnjo, ki je z vidika informacijske varnosti, predvsem na nacionalni ravni, ne smemo zanemariti. Metode: V prispevku je uporabljena deskriptivna metoda in metoda komparacije, s katerima smo analizirali predpostavke strokovnih in znanstvenih prispevkov na obravnavano tematiko. Z metodo sinteze spoznanj smo nadgradili trenutne teoretične pristope pri pojasnjevanju narave storilcev kibernetske kriminalitete in kibernetskega terorizma. Ugotovitve: Zaradi razvoja globalnega kibernetskega prostora je kriminaliteta pridobila povsem nove razsežnosti in priložnosti. Tako kot uporabniki sodobne tehnologije in klasični zlonamerni storilci v tem prostoru delujejo tudi kibernetski teroristi, katerih namen je s pomočjo tehnologije povzročiti čim večji strah in medijsko odzivnost. Psihološki učinki uporabe tehnologije prispevajo k temu, da kibernetski terorizem spremlja visoka stopnja nerazumevanja, posledično pa tudi strahu. Ker tovrstna kibernetska kriminaliteta nima urejene politične in pravne podlage, to skupaj z nerazumevanjem sodobne tehnologije, strahu pred njeno uporabo in možnimi zlorabami povzroča velik učinek zastraševanja. Čeprav kibernetski terorizem predstavlja resno grožnjo nacionalnim in organizacijskim informacijskim infrastrukturam, je njegovo udejanjanje v fizičnem okolju zgolj posredno. Teroristi sodobno tehnologijo za enkrat izkoriščajo predvsem kot orodje za pomoč pri načrtovanju napadov in ohranjanju lastnega obstoja. Izvirnost/pomembnost prispevka: Pomembnost prispevka se kaže v njegovi aktualnosti. Tako kot klasična kibernetska kriminaliteta tudi kibernetski terorizem postaja vse pogostejša tematika medijev in polemičnih razprav. S senzacionalnim poročanjem se velikokrat povzročajo dramatične in nerealne asociacije na kibernetski terorizem, v smislu možnih scenarijev in posledic. V prispevku predstavljamo njegove realne zmožnosti in temeljne značilnosti, izvirnost pa se kaže v njegovi pojasnjevalni in razlagalni vlogi.
Ključne besede: kibernetski terorizem, storilci, zastraševanje, psihološki vidik
Objavljeno: 23.04.2020; Ogledov: 306; Prenosov: 19
.pdf Celotno besedilo (361,93 KB)
Gradivo ima več datotek! Več...

14.
Efficiency of corporate security systems in managing information threats
Kaja Prislan, 2014, izvirni znanstveni članek

Opis: Purpose: Information security should be a strategic goal of every responsible and safety-conscious organisation that wants to follow current security and technological trends. The purpose of this paper is to summarize the corporate practices in addressing IT risks, to explain the benefits of a comprehensive approach to information security as a business function, and to improve understanding of the current issues associated with its management. Design/Methods/Approach: Topics presented in this paper were analysed using descriptive and qualitative analysis of international reports and surveys. The findings obtained using the comparative method and their synthesis are supported by other research in this area. Findings: Due to the large volume of information assets, sophisticated IT threats and the heterogeneous nature of security factors, the efficiency of information security is very difficult to achieve. It has been observed that many organisations are at an early stage in developing a comprehensive approach to information security, since, in practice, they are still dealing with the problems of the past, yet they are very consistent with tracking user trends. This disproportionate situation represents a major security challenge for an organisation’s management. Practical Implications: The findings of this research are useful for the further analysis and evaluation of information security and victimization of cybercrime, and are also applicable to facilitating strategic planning and decision making. Originality/Value: Based on the review of the current corporate state, this paper presents baseline information and security situations in the business environment and evaluates the efficiency of information security as a business tool. Based on the results, contemporary security challenges and organisational guidelines for the future were identified.
Objavljeno: 21.04.2020; Ogledov: 257; Prenosov: 15
.pdf Celotno besedilo (615,34 KB)
Gradivo ima več datotek! Več...

15.
Dejavniki sprejemanja odločitev pri urejanju učinkovite informacijske varnosti v organizacijah
Kaja Prislan, Igor Bernik, 2014, pregledni znanstveni članek

Opis: Namen prispevka: V preglednem znanstvenem prispevku analiziramo aktualne varnostne trende in sociološke ter psihološke ovire, s katerimi se sooča varnostni management, z namenom pojasniti dileme pri zagotavljanju informacijske varnosti. V času negotovih razmer v poslovnem okolju postaja informacijska varnost vse pomembnejši poslovni proces. Učinkovitost je pogojena z različnimi okoljskimi, strukturnimi in osebnostnimi dejavniki, ki jih je potrebno upravljati, če se želi ustrezno obvladovati tveganja, ki ogrožajo obstoj organizacij. Metode: Analiza varnostnih trendov je izvedena s pregledom aktualnih mednarodnih raziskav o trenutnem stanju informacijske varnosti. Prav tako je bil izveden pregled teorij, ki pojasnjujejo vpliv psiholoških dejavnikov na odločitvene procese. S sintezo ugotovitev smo izoblikovali predpostavke o vzrokih neracionalnih odločitev, teoretične pristope pa smo nadgradili z njihovo umestitvijo v organizacijsko in varnostno področje. Ugotovitve: Ugotavljamo, da organizacije funkcije informacijske varnosti ne razvijajo ustrezno. Pregled aktualnih raziskav je pokazal, da se organizacije pogosto neučinkovito odzivajo na povečana varnostna tveganja, saj jim to onemogočajo neugodne poslovne razmere, strokovna nepodkovanost in tradicionalna vodstvena mentaliteta, spremembe na področju varnostnih rešitev in kognitivne pristranskosti pri odločevalcih. Prav tako ugotavljamo, da je učinkovitost informacijske varnosti vse bolj pogojena z netehničnimi ukrepi, pri čemer največjo vlogo odigra usposobljen, dobro razvit in strateško naravnan varnostni management. Praktična uporabnost: Varnostni trendi, ki jih predstavljamo v prispevku, za večino sodobnih organizacij predstavljajo velik izziv pri doseganju poslovne uspešnosti. S prispevkom želimo opozoriti na sodobne varnostne dileme in prispevati k večji ozaveščenosti odgovornega managementa. Ponujamo tudi izhodiščne točke za učinkovito soočanje s kognitivnimi ovirami pri sprejemanju odločitev. Izvirnost/pomembnost prispevka: Prispevek je aktualen, saj analizira najnovejše raziskave o informacijski varnosti in na osnovi tega predstavlja sodobne trende. Prav tako je izviren, ker združuje spoznanja s področja psihologije tveganj in odločitev ter informacijske varnosti v organizacijski kontekst.
Ključne besede: informacijska varnost, organizacije, varnostni management, tveganja, odločitveni procesi
Objavljeno: 21.04.2020; Ogledov: 183; Prenosov: 19
.pdf Celotno besedilo (471,42 KB)
Gradivo ima več datotek! Več...

16.
Analysis of the relationship between smart cities, policing and criminal investigation
Kaja Prislan, Boštjan Slak, 2018, izvirni znanstveni članek

Opis: Purpose: The main objective is to present the symbiosis between smart cities, policing, criminal investigation and criminal intelligence. Moreover, another purpose is to critically address the underlying privacy concerns arising from smart city designs. Design/Methods/Approach: The paper is theoretical in scope and utilises a literature review as the basic method. Correlations between smart cities, policing and criminal investigations are identified by analysing the applicability of core smart city technologies and services [SCTS]. Findings: It is evident that SCTS can influence policing styles and police effectiveness. SCTS hold great potential for criminal investigations and criminal intelligence as they provide information upon which police can develop investigations or crime-control strategies. Vice-versa, criminal investigations and criminal intelligence can provide guidelines for SCTS developers and the governance of smart cities. However, privacy concerns and the slowly developing regulatory framework remain the biggest issues when it comes to SCTS adoption, thus making measures to safeguard privacy a key factor for the legitimacy of smart cities and smart policing. Practical Implications: The paper introduces practical knowledge about the implications of smart cities for policing and crime investigation. Some research ideas are presented as well as suggestions for legislators, developers and others whose work area falls in the scope of (smart) city governance. Originality/Value: A comprehensive study of the symbiosis between smart cities and policing must not only consider the potential of SCTS but the related need to develop regulation and skillsets of human resources. Only a handful of papers address the connectivity of smart cities, criminal investigations and criminal intelligence from such a multidisciplinary scope. Therefore, the paper represents a contribution to works discussing these concepts.
Ključne besede: smart cities, safety and security provision, policing, criminal investigation, criminal intelligence
Objavljeno: 20.04.2020; Ogledov: 278; Prenosov: 24
.pdf Celotno besedilo (611,90 KB)
Gradivo ima več datotek! Več...

17.
Analiza vedenja uporabnikov spletnega bančništva
Kaja Prislan, Branko Lobnikar, 2018, izvirni znanstveni članek

Opis: Namen prispevka: Namen prispevka je analizirati vedenjske vzorce uporabnikov in varnostna tveganja, ki se pojavljajo pri uporabi spletnega bančništva. V prispevku so predstavljeni temeljni in aplikativni teoretični okvirji ter modeli pojasnjevanja vedenja uporabnikov spletnega bančništva, na podlagi rezultatov empirične raziskave pa so izoblikovani predlogi za izboljšanje programov informiranja in ozaveščanja uporabnikov za varno uporabo spletnega bančništva. Metode: Izhajajoč iz okvirov vedenjskih teorij in usmeritev bank za varno uporabo spletnega bančništva je bila izvedena raziskava med uporabniki v Sloveniji (n = 210). Zbiranje podatkov je potekalo s pomočjo spletnega anketiranja. Proučili smo, kako uporabniki ob rabi spletnega bančništva skrbijo za varnost lastnih elektronskih naprav, gesel, digitalnih potrdil in na kakšen način skrbijo za varnost na spletu ter katere druge samozaščitne ukrepe pri tem uporabljajo. Ugotovitve: Rezultati kažejo, da so anketiranci dobro ozaveščeni o nevarnostih pri uporabi spletnega bančništva, vendar kljub temu še vedno zaznavamo neprimerne prakse pri zaščiti ključnih podatkov. Ugotavljamo tudi nizko stopnjo samoiniciativnosti pri uporabi varnostnih ukrepov, zato je zavzetost uporabnikov ključni izziv, ki ga je treba nasloviti za dvig stopnje varnosti pri uporabi spletnega bančništva. Omejitve raziskave Omejitve raziskave izhajajo iz majhnega vzorca udeležencev raziskave, vsebinsko pa je raziskava osredinjena na proučevanje vedenja uporabnikov spletnega bančništva in ukrepov, vezanih na tovrstno storitev. Drugi vidiki zagotavljanja varnosti in vedenja uporabnikov pri rabi spleta in interneta v prispevku niso analizirani. Praktična uporabnost: Ugotovitve raziskave so uporabne tako za ponudnike spletnega bančništva, njihove uporabnike kot tudi za vse zainteresirane in tiste, ki se ukvarjajo s procesi krepitve varne uporabe informacijske tehnologije. Izvirnost/pomembnost prispevka: Študija analizira vedenje uporabnikov spletnega bančništva s pomočjo različnih vedenjskih teorij, ki so bile osnova za oblikovanje vprašalnika, uporabljenega v raziskavi. Uporabljena metoda lahko predstavlja osnovo za bodoče raziskovanje vedenja uporabnikov tako na področju spletnega bančništva kot drugih spletnih storitev.
Ključne besede: banke, spletno bančništvo, varnost, vedenje, vedenje uporabnikov, samozaščita
Objavljeno: 15.04.2020; Ogledov: 169; Prenosov: 21
.pdf Celotno besedilo (387,15 KB)
Gradivo ima več datotek! Več...

18.
Residents' views on cyclist safety and cycling infrastructure in the City Municipality of Celje
Nastja Vodeb, Kaja Prislan, 2019, izvirni znanstveni članek

Opis: Purpose: The paper presents the results of two research studies analysing the views of different target populations on cyclist safety and the adequacy of preventive measures in Slovenia. The purpose of both research studies was to identify the shortcomings of different approaches to ensuring cyclist safety, evaluate the adequacy of planned solutions and propose some improvements of preventive actions taken by various stakeholders. Design/Methods/Approach: A field survey was conducted among the residents of the City Municipality of Celje (n = 171) on their satisfaction with cyclist safety, while an online survey was carried out among internet users (n = 210) on the usefulness of an alternative approach to raise cyclists’ awareness by digitising cycling routes and safety risks. Findings: Results show that respondents are generally not satisfied with cyclist safety, as most believe that municipal efforts are insufficient to ensure it. It was observed that cycling infrastructure needs to be properly regulated and that a positive traffic culture should be promoted at the municipal level, including through the promotion of preventive activities. Both internet users and local residents recognise a strong need to digitise cycle paths by indicating safety risks. Therefore, it would be reasonable to upgrade conventional approaches to raising public awareness by introducing solutions that are useful for cyclists. Research Limitations / Implications: The limitation of the research study arises from the fact that its results cannot be generalised to all municipalities, since they apply different approaches to ensuring cyclist safety due to their autonomy and are facing different safety risks. Moreover, due to the use of a non-random sample, caution is necessary when generalising research results. Practical Implications: The results of the presented studies are primarily useful to decision-makers and infrastructure managers at national and local level when planning changes and safety measures in the field of cyclist safety. Originality/Value: The paper encompasses two studies, the findings of which complement one another substantially and provide a deeper insight into the issues of cyclist safety and preventive actions taken by different stakeholders. They serve as a basis for further exploring this issue in different local environments with a view of obtaining a more comprehensive insight into the key challenges of traffic safety from a broader perspective.
Objavljeno: 10.04.2020; Ogledov: 246; Prenosov: 21
.pdf Celotno besedilo (395,16 KB)
Gradivo ima več datotek! Več...

19.
Preventing radicalisation and extremism - the views of police students in Croatia
Branko Lobnikar, Irena Cajner Mraović, Kaja Prislan, 2019, izvirni znanstveni članek

Opis: Purpose: The paper presents approaches and strategies to preventing radicalisation in Croatia, police officers training, together with a study among police officers on preventing and deterring radicalisation in Croatia. The purpose of the paper is to present the context and the state-of-the-knowledge on preventing radicalisation, and moreover to analyse the approaches, police officers perceptions and training models on a national level. Design/Methods/Approach: A study among 108 of students of the Police College, Ministry of the Interior of the Republic of Croatia, was conducted. The purpose was to analyse police officers’ perceptions of the state of radicalisation in Croatia and effectiveness of multi-stakeholder and cross-sectoral approach to preventing radicalisation and violent extremism in Croatia. Another study aim was to evaluate whether, using a proposed training design, it is possible to strengthen the notion of institutional interdependence in police officers’ efforts in the area of facilitating and supporting disengagement from radicalisation. A questionnaire developed in the First Line project dedicated to the training of various stakeholders in preventing radicalisation was used before and after the training. Findings: The findings of our study on preventing and deterring radicalisation in Croatia show that the tackling and prevention of violent extremism and terrorism is largely seen as being top-down-oriented by the respondents, driven by the nation state and the main task of security sector agencies, namely the government, intelligence services and specialised police units. It is also important to mention that the police officers did not underestimated their own role and accountability at the local level for preventing radicalisation. Originality/Value: Education and training in the area of preventing radicalisation is necessary for efficient collaboration between stakeholders. The study analysed the influence of proposed training model on practitioners’ perceptions. While the participants in the study still mainly emphasize the role of security agencies, we established that appropriate training can strengthen the awareness of the interdependence of the various stakeholders engaged in these efforts. The study results are useful for police management to further strengthen the transfer of prevention strategies to local level and develop training models for various stakeholders.
Objavljeno: 07.04.2020; Ogledov: 143; Prenosov: 13
URL Povezava na celotno besedilo
Gradivo ima več datotek! Več...

20.
Spear phishing: dovzetnost uporabnikov elektronske pošte
Aljaž Sok, 2019, diplomsko delo

Opis: Phishing predstavlja eno izmed najbolj razširjenih groženj v kibernetskem prostoru. Čez leta so se metode storilcev razvile in spremenile, pojavile so se nove pojavne oblike, s katerimi skušajo storilci pretentati uporabnike interneta in drugih omrežij. Med vse bolj razširjene oblike phishinga sodi spear phishing, ki je ciljni napad na posameznika ali organizacijo. Storilci se skušajo preko elektronske pošte ali lažne spletne strani dokopati do zaupnih podatkov, ki bi jim nadalje lahko prinesli finančno korist. V diplomski nalogi smo raziskali problematiko phishinga, njegovo zgodovino in sodobne metode, ki jih storilci najpogosteje uporabljajo. Osredotočili smo se na spear phishing, ki velja za eno najuspešnejših oblik phishinga in povzroča veliko finančne škode posameznikom in organizacijam. Z raziskavo smo preverjali dovzetnost uporabnikov elektronske pošte na spear phishing napade. S pomočjo kvazi eksperimenta smo preizkušali odzivnost uporabnikov na sumljivo elektronsko pošto. Vzorec naše raziskave so predstavljali mladi odrasli, za katere vemo, da so vsakodnevno vpeti v kibernetski prostor. Glavna ugotovitev je, da so mladi odrasli po večini sicer seznanjeni s problematiko, vendar nekateri še kljub temu nasedejo prevari. Prav tako smo skozi pregled stanja ugotovili, da je na področju zaščite uporabnikov pred phishingom potrebno še veliko obveščanja in izobraževanja o nevarnostih, ki jih ta prinaša.
Ključne besede: diplomske naloge, phishing, spear phishing, napad, elektronska pošta, uporabniki
Objavljeno: 07.10.2019; Ogledov: 455; Prenosov: 79
.pdf Celotno besedilo (731,89 KB)

Iskanje izvedeno v 0.29 sek.
Na vrh
Logotipi partnerjev Univerza v Mariboru Univerza v Ljubljani Univerza na Primorskem Univerza v Novi Gorici