Buradasınız

Anasayfa » Content

Dijital Kütüphane Ortamında Bilgi Güvenliği Sorunları: Literatür Değerlendirmesi

Information Security Issues in a Digital Library Environment: A Literature Review

Journal Name:

  • Bilgi Dünyası

Publication Year:

  • 2012

Key Words:

Keywords (Original Language):

Author Name
Abstract (2. Language): 
This paper aimed to explore the literature on security issues that digital libraries should consider in managing digital resources. Books on information security and network security were consulted as well as several databases such as ERIC, Ebrary, LISA, Science Direct, EbscoHost, ISI, Google Scholar, ProQuest, Emerald Insight, ACM were searched to understand what particular aspect of information security and privacy in digital libraries exist from 2000 - 2010. Security in digital libraries is an issue of the most important, and should be considered carefully in creating policies and strategic plans of institutions wanting to set up a digital library. This paper focused on the four main streams that concerns security in the digital environment, namely: infrastructure, digital content, users and standards and legal issues. This literature review also built upon previous literature reviews, and is one of the few of its kind in the topic.
Bookmark/Search this post with
Abstract (Original Language): 
Bu çalışma dijital kütüphanelerin kaynakların yönetiminde göz önünde bulundurması gereken güvenlik sorunlarına ilişkin literatürü ortaya koymayı amaçlamaktadır. Bilgi Güvenliği, Ağ Güvenliği, Kişisel Gizlilik konuları üzerine 2000 - 2010 yıl aralığını kapsayan kitaplar ve makaleler ERIC, Ebrary, LISA, Science Direct, EbscoHost, ISI, Google Akademik, ProQuest, Emerald Insight ve ACM gibi çeşitli veri tabanlarından taranmıştır. İncelenen literatürden elde edilen sonuçlara göre, bilgi güvenliği dijital kütüphaneler için son derece önemli bir konudur ve dijitalleşme sürecinde bir kütüphane, güvenlik politikalarını ve stratejik planlarını dikkatle göz önünde bulundurmalıdır. Bu araştırmada dijital ortamda güvenliği ilgilendiren Altyapı, Dijital İçerik, Kullanıcılar, Standartlar ve Hukuki Konular olmak üzere dört ana madde üzerinde durulmuştur. Bu çalışma ayrıca daha önceki literatür taramalarını da kapsamaktadır.
FULL TEXT (PDF): 
PDF icon arastirmax-dijital-kutuphane-ortaminda-bilgi-guvenligi-sorunlari-literatur-degerlendirmesi.pdf
  • 1
117-137
  • Turkish

REFERENCES

References: 

Abrams, S.L. (2005). Establishing a global digital format registry. Library Trends, 54(1), 125-143. doi:
10.1353/lib.2006.0001.
Al-Suqri M. and Afzal W. (2007). Digital age: Challenges for libraries. Information, Society and
Justice. 1(1), 43-48. doi: 10.3734/isj.2007.1105.
American Library Association (2008). Code of ethics of the American Library Association. Retrieved
on 14th April 2011 from http://www.ala.org/advocacy/proethics/codeofethics/codeethics
Balas, J. (2005). Close the gate, lock the windows, bolt the doors: Securing library computers.
Computers in Libraries, (March), 28-31.
Beagrie, N., Semple, N., Williams, P. and Wright, R. (2008). Digital preservation policies part 1:
Final report October 2008. Strategies. pp.1-60. Retrieved on 15th April 2011 from http://
www.jisc.hosting.eduserv.org.uk/media/documents/programmes/preservation/...
p1finalreport.pdf.
Birnbaum, J.S. (2004). Cybersecurity considerations for digital libraries in an era of pervasive
computing. In Proceedings ACM/IEEE Conference on Digital Libraries (JCDL’04) (pp.169-169)
New York: ACM.
Bowers, S. (2006). Privacy and library records. The Journal of Academic Librarianship, 32(4), 377-383.
BSI - The British Standards Institute and British Standards Publications (2010). The British Standards
Institute and British Standards Publications. Retrieved on 5th May 2011 from http://www.
standardsuk.com/bsi/.
Chen, S.S., Choo, C.Y. and Chow, R.Y. (2006). Internet security: A novel role/object-based access
control for digital libraries. Journal of Organizational Computing and Electronic Commerce.
16(2), 87-103.
Cyveillance (2008). Phishing using cross-site scripting: Definition, illustration and prevention.
Syveillance, USA.
Dlaminia M., Eloffa J. and Eloffb, M. (2009). Information security: The moving target. Computers &
Security, 28(3-4),189-199.
Dourish, P. et.al. (2004). Security in the wild: User strategies for managing security as an everyday
practical problem. Pers Ubiquit Comput, 8, 391-401.
Fox, E. and ElSherbiny, N. (2011). Security and digital libraries, digital libraries - methods and
applications, Kuo Hung Huang (Ed.), InTech, Retrieved on April 2011 from http://www.
intechopen.com/articles/show/title/security-and-digital-libraries
Fox, R. (2006). Vandals at the gates. OCLC Systems & Services, 22(4), 249-255. doi:
10.1108/10650750610706961.
Gast, M. (2002). 802.11 Wireless networks: The definitive guide. O’Reilly: North Sebastopol, USA
Gerber, M. and Solms, R. (2008). Information security requirements: Interpreting the legal aspects.
Computers & Security, 27, 124-135.
Goodall, J.R., Lutters, W. G., and Komlodi, A. (2009). Developing expertise for network intrusion
detection. Information Technology & People, 22(2), 92-108.
136
BİLGİ DÜNYASI, 2012, 13 (1) 117-137 Audrey ANDAY, Enrico FRANCESE et al.
Gorman, M. (2001). Privacy in the digital environment-issues for libraries. In Libraries and
Librarians: Making a Difference in the Knowledge Age. IFLA Council and General Conference.
(pp.57-65). Boston, Massachusetts: IFLA
The Government of the Hong Kong Special Administrative Region (2008). An Overview of
Information Security Standards. Retrieved on 25th March 2011 from www.infosec.gov.hk/
english/technical/files/overview.pdf.
Guimarães, Bernardo Damele Assumpção (2009). Advanced SQL injection to operating system
full control. Black Hat Briefings Europe, Amsterdam. Retrieved on 17th April 2011 from http://
www.blackhat.com/presentations/bh-europe-09/Guimaraes/Blackhat-europe-09...
SQLInjection-slides.pdf.
Hadow, K. (2009). Data security for libraries: Prevent problems, don’t detect them. Feliciter, 55(2).
Hedstrom, M. (1998). Digital preservation: A time bomb for digital libraries. Computers and
Humanities, 31, 189-202.
Information Security and Privacy (2010). Information security and privacy. Retrieved on 25th April
2011 from http://www.oecd.org/department/0,3355,en_2649_34255_1_1_1_1_1,00.html.
ISSA (2004). Generally Accepted Information Security Principles (GAISP), (3rd ed). Information System
Security Association.
ISO Standards (2007). ISO/IEC 27001:2005 (Information Security Management System -
Requirements). Retrieved on 2nd April 2011 from http://www.iso.org/iso/iso_catalogue/
catalogue_tc/catalogue_detail.htm?csnumber=42103.
Jones, A. (2006). The Information Security Forum. Infosecurity Today, 3(6), 38- 40.
Kuny, T. (1997). A digital dark ages? Proceedings of the 63rd IFLA General Conference. International
Federation of Library Associations and Institutions. Retrieved on 14th March 2011 from http://
www.ifla.org/IV/ifla63/63kuny1.pdf.
Kuzma, J. (2010). European digital libraries: Web security vulnerabilities. Library Hi Tech, 28(3), 402-
413. doi: 10.1108/07378831011076657.
Khalil, M.A. (2004). Vision to reality: Applications of wireless laptops in accessing information from
digital libraries: End user’s view points. Library Hi-Tech News, 21(7), 25-29.
Lampson, B. (2004). Computers security in the real world. Computer, 37(6), 37-46.
Maniatis, P., Roussopoulos, M., Giuli, T., Rosenthal, D.S.H. and Baker, M. (2005). The LOCKSS Peer-topeer
digital preservation system. ACM Transactions on Computer Systems, 23(1).
National Forum on Education Statistics (2003). Weaving a secure web around education: A
guide to technology standards and security. National Forum on Education Statistics (ED/
OERI):Washington DC.
Neuhaus, P. (2003). Privacy and confidentiality in digital reference. Reference & User Services
Quarterly. 32(1).
Newby, G. (2000). Information security in libraries. Proceedings of the Information Resources
Management Association (IRMA) Annual Conference. Hershey, Pennsylvania: IRMA.
Anchorage, Alaska. May 20-24, 2000. 6p. Republished in Kisielnicki, Jerzy (Ed.). 2002. “Modern
Organizations in Virtual Communities.” Idea Group: Hershey, Pennsylvania.
137
Information Security Issues in a Digital Library... BİLGİ DÜNYASI, 2012, 13 (1) 117-137
OCLC. (2006). OCLC Digital Archive Preservation Policy and Supporting Documentation. Dublin,
OH. Retrieved on 22nd March 2011 from http://www.oclc.org/support/documentation/
digitalarchive/preservationpolicy.pdf.
Ozkan, S. and Karabacak, B.(2010). Collaborative risk method for information security management
practices: A case context within Turkey. International Journal of Information Management,
30(6), 567-572.
Patel, A., Qassim, O. and Wills, C. (2010). A survey of intrusion detection and prevention systems.
Information Management & Computer Security, 18(4), 277-290
Pearson, D. and Webb, C. (2008). Defining file format obsolescence: A risky journey. International
Journal of Digital Curation, 3(1), 89-106.
Porter, B. (2002). 802.11 Security. O’Reilly: North Sebastopol, USA.
Rosenthal, D.S.H. (2010a). Keeping bits safe. Communications of the ACM, 53(11), 47. doi:
10.1145/1839676.1839692.
Rosenthal, D.S.H. (2010b). Format obsolescence: Assessing the threat and the defenses. Library Hi
Tech, 28(2), 195-210. doi: 10.1108/07378831011047613.
Rothenberg, J. (1995). Ensuring the longevity of digital documents. Scientific American, 95(1), 24-29.
Rowlingson, R. and Winsborrow, R. (2006). A comparison of the payment card industry data
security standard with ISO17799. Computer Fraud & Security, 3, 16-19.
Saeednia, S. (2000). How to maintain both privacy and authentication in digital libraries.
International Journal on Digital Libraries, 2(4), 251-258.
Singh, S. (2003). Digital library: Definition to implementation. Ranganathan Research Centre: Delhi.
Retrieved on 15th April 2011 from http://www.oocities.org/esukhdev/lecture_rcc.pdf.
Siponen, M. and Willison, R. (2009). Information security management standards: Problems and
solutions. Information & Management, 46(5), 267-270.
Smedinghoff, T. (2004). The state of information security law: A focus on the key legal trends. Retrieved
on 30th March 2011 from http://ssrn.com/abstract=1114246.
Sturges P., Davies E., Dearnley J., Illiffe U., Oppenheim C. and Hardy R. (2003), User privacy in
the digital library environment: An investigation of policies and preparedness. Library
Management, 24(1/2). doi: 10.1108/01435120310454502.
Sutlieff, L. and Chelin, J. (2010). ’An absolute prerequisite’: The importance of user privacy and
trust in maintaining academic freedom at the library. Journal of Librarianship and Information
Science, 42(3), 163-177. doi: 10.1177/0961000610368916.
Thompson, S. (2006). Helping the hacker? Library information, security and social
engineering. Information Technology and Libraries, December, 222-225.
Turle, M. (2008).Data security: Past, present and future. Computers & Security, 25, 51-58.
Whitman, M.E. (2003). Enemy at the gate: Threats to information security. Communications of the
ACM, 46(8), 91-95. doi: 10.1145/859670.859675.
Zimerman, M. (2010). Protect your library’s computers. New Library World, 111(5/6), 203-212. doi:
10.1108/03074801011044070.

Thank you for copying data from http://www.arastirmax.com