Laboratory of Open Systems and Networks has years of experience in research and development in the field of information security, privacy protection and cyber crime. Security research was performed both from the technical and socio-economic point of view.
Current activities are focused on critical infrastructure protection, identity management, tools and methods for detection of vulnerable web sites, and trust and reputation management.
In the DEFENDER project we are addressing the issues of European critical energy infrastructures security and dependability. The laboratory leads the work on cyber-physical threats assessment and analysis and contributes to the development and implementation of the project threat mitigation and situation awareness solutions.
The main goal of the SI-PASS and eID4U projects is to set up an infrastructure for secure cross-border services in different application domains. The SI-PASS project, which is coordinated by the Laboratory for Open Systems and Networks, has established the central eIDAS node in Slovenia at the Ministry of Public Administration and has integrated four public and one private cross-border e-services in the fields of e-health (zVEM), pension and disability insurance (eZPIZ), intellectual property protection, company registers (Portal AJPES), and e-commerce (ePero). In the eID4U project, we have also linked the test eIDAS node with trusted sources of information about students (central evidence system for e-higher education eVŠ) and various e-learning services.
Identity and digital certificate-based services, e.g. the first public-key certification authority in Slovenia, were developed in various projects, such as ICE-TEL, ICE-CAR, CADENUS and NASTEC. Experience gained was also used in preparation of Slovenian Electronic commerce and electronic signature act.
In the FP5 FAIN project, we have designed and implemented a flexible, adaptable and dependable network element based on the active networks principles, while the final result of the FP6 DIADEM project was a distributed firewall prototype. In the FP6 DAIDALOS integrated project architecture for privacy provision in pervasive systems and a protocol for trust negotiation between users and pervasive service providers were developed.
The FP7 P2P-Next project was focused toward development of an open source, efficient, trusted, personalized, user-centric and participatory content delivery system with social and collaborative connotation using the Peer-to-Peer paradigm. Distributed access control to the multimedia content was enabled by the newly developed ECS (Enhanced Closed Swarm) protocol that became an item of standardization within the Internet Engineering Task Force (IETF).
In order to improve authentication and prevent identity theft a novel graphical recognition-based authentication system for mobile devices has been developed. Within the national competence centre on cloud computing (CLASS) a cloud single sign-on solution has been developed that enables unified authentication in diverse cloud environments. Using the solution enterprises or institutions can mitigate some of cloud security risks and simplify user accounts and credentials management.
Within the EU STORK 2.0 and eSENS CIP projects we have contributed building blocks for a pan-European e-identity infrastructure that solves e-identity interoperability problems within Europe and supports a number of e-identity based services, such as e-learning, e-banking, e-business etc. We have also established three cross-border education and academic e-services: virtual learning environment, anonymous e-surveys, and job selection service. The services promise to be beneficial both for students and higher educational institutions, as well as for companies that make decisions on the basis of proven academic information, for example when validating job applicant’s qualifications in an electronic way.
As part of the “Dynamic Forensics Evaluation and Training (DFET)” project activities from the EU “Prevention of and Fight Against Crime “ (ISEC) programme we have created a cloud-based platform for digital forensics education and training, named EDUFORS. The platform enables automatic and dynamic generation, delivery and evaluation of investigation challenges that law enforcement officers, students and security specialists have to solve with cyber forensic analytical tools.
Within the “Cybercrime and cyberterrorism European research agenda (COURAGE)” project we have made a contribution to the research and development agenda in the area of the fight against cybercrime and cyberterrorism (CC/CT).
The fight against cybercrime was the main focus of the SENTER project that created a single point of reference for EU national cybercrime centres of excellence (CoE) and developed further national CoE into well-defined and well-functioning community. Laboratory for Open Systems and Networks was acting in the project as Slovenian CoE.
With regard to trust and reputation management we are investigating and improving on-line trust and reputation mechanisms and introduce new insights in the management of trust information under uncertainty.
From the socio-economic point of view we were analysing the assessment of the appropriate investment that is economically affordable and provides enough protection for the enterprise information systems.
Peer-reviewed journal papers
- CALLANAN, Cormac, JERMAN-BLAŽIČ, Borka, JERMAN BLAŽIČ, Andrej. User tolerance of privacy abuse on mobile Internet and the country level of development. Information development, ISSN 0266-6669, Jun. 2016, vol. 32, iss. 3, pp. 728-750, doi: 10.1177/0266666915571171.
- MIHAJLOV, Martin, JERMAN-BLAŽIČ, Borka, CIUNOVA SHULESKA, Anita. Why that picture? Discovering password properties in recognition-based graphical authentication. International journal of human-computer studies, ISSN 1071-5819, [in press] 2016, 15 pages, doi: 10.1080/10447318.2016.1220103.
- CALLANAN, Cormac, JERMAN-BLAŽIČ, Borka, JERMAN BLAŽIČ, Andrej. User awareness and tolerance of privacy abuse on mobile internet : an exploratory study. Telematics and informatics, ISSN 0736-5853, 2016, vol. 33, iss. 1, pp. 109-128, doi: 10.1016/j.tele.2015.04.009.
- IVANC, Blaž, KLOBUČAR, Tomaž. ESM: an enhanced attack tree model for critical infrastructure. Control Engineering and Applied Informatics, ISSN 1454-8658, 2015, vol. 17, no. 4, pp. 102-113.
- CIGOJ, Primož, JERMAN-BLAŽIČ, Borka. An authentication and authorization solution for a multiplatform cloud environment. Information security journal, ISSN 1939-3555, [in press] 2015, 12 pages, doi: 10.1080/19393555.2015.1078424.
- CALLANAN, Cormac, JERMAN-BLAŽIČ, Borka, JERMAN BLAŽIČ, Andrej. User tolerance of privacy abuse on mobile Internet and the country level of development. Information development, ISSN 0266-6669, [in press] 2015, 10 pages, doi: 10.1177/0266666915571171.
- JOVANOVIKJ, Vladimir, GABRIJELČIČ, Dušan, KLOBUČAR, Tomaž. A Conceptual Model of Security Context. International journal of information security, Springer, ISSN 1615-5262, 2014, 11 pages.
- AŽDERSKA, Tanja, JERMAN-BLAŽIČ, Borka. A holistic approach for designing human-centric trust systems. Syst. pract. action res. (Dordr., Online), 2013, vol. 26, no. 5, pp. 417-450.
- BOJANC, Rok, JERMAN-BLAŽIČ, Borka. A quantitative model for information-security risk management. Eng. manag. j., 2013, vol. 25, no. 3, pp. 25-37.
- BOJANC, Rok, JERMAN-BLAŽIČ, Borka, TEKAVČIČ, Metka. Managing the investment in information security technology by use of a quantitative modeling. Inf. process. manage.. [Print ed.], 2012, vol. 48, no. 6, pp. 1031-1052.
- AŽDERSKA, Tanja, JERMAN-BLAŽIČ, Borka. Trust as an organismic trait of e-commerce systems. Lect. notes comput. sci., 2012, vol. 7465, pp. 161-175.
- MIHAJLOV, Martin, JERMAN-BLAŽIČ, Borka. On designing usable and secure recognition-based graphical authentication mechanisms. Interact. comput.. [Print ed.], 2011, vol. 23, no. 6, pp. 582-593.
- BOJANC, Rok, JERMAN-BLAŽIČ, Borka. An economic modelling approach to information security risk management. Int. j. inf. manage.. [Print ed.], 2008, vol. 28, no. 5, pp. 413-422.
- BOJANC, Rok, JERMAN-BLAŽIČ, Borka. Towards a standard approach for quantifying an ICT security investment. Comput. stand. interfaces. [Print ed.], 2008, vol. 30, no. 4, pp. 216-222. http://dx.doi.org/10.1016/j.csi.2007.10.013.
- JERMAN-BLAŽIČ, Aleksej, KLOBUČAR, Tomaž, JERMAN-BLAŽIČ, Borka. Long-term trusted preservation service using service interaction protocol and evidence records. Comput. stand. interfaces. [Print ed.], 2007, vol. 29, pp. 398-412.
- POREKAR, Jan, DOLINAR, Kajetan, JERMAN-BLAŽIČ, Borka. Middleware for privacy protection of ambient intelligence and pervasive systems. WSEAS transactions on information science and applications, 2007, vol. 4, no. 3, pp. 633-641.
- GABRIJELČIČ, Dušan, JERMAN-BLAŽIČ, Borka, TASIČ, Jurij F. Future active Ip netwoks security architecture. Comput. commun.. [Print ed.], 2005, vol. 28, pp. 688-701.
- JERMAN-BLAŽIČ, Borka, KLOBUČAR, Tomaž. Privacy provision in e-learning standardized systems: status and improvements. Computer Standards and Interfaces. [Print ed.], 2005, vol. 27, pp. 561-578.
- KLOBUČAR, Tomaž, SENIČAR, Vanja, JERMAN-BLAŽIČ, Borka. Privacy and personalisation in a smart space for learning. Int. j. contin. eng. educ. life-long learn., 2004, vol. 14, pp. 388-401.
- JERMAN-BLAŽIČ, Borka, KLOBUČAR, Tomaž, TEKAVČIČ, Metka. Privacy provision in e-learning systems. WSEAS transactions on information science and applications, 2004, vol. 1, pp. 1314-1319.
- SENIČAR, Vanja, JERMAN-BLAŽIČ, Borka, KLOBUČAR, Tomaž. Privacy-enhancing technologies – approaches and development, Comput. stand. interfaces, vol. 25, pp. 147-158, 2003.
- SAVANOVIĆ, Arso, GABRIJELČIČ, Dušan, JERMAN-BLAŽIČ, Borka, KARNOUSKOS, Stamatis. An active networks security architecture. Informatica (Ljublj.), 2002, vol. 26, no. 2, pp. 211-221.
- KLOBUČAR, Tomaž, JERMAN-BLAŽIČ, Borka. A formalisation and evaluation of certificate policies, Computer Communications 22 (1999), št. 12, pp. 1104-1110.
- KLOBUČAR, Tomaž, JERMAN-BLAŽIČ, Borka. Certificate policies formalisation and comparison. Comput. stand. interfaces. [Print ed.], 1999, vol. 21, pp. 299-307.
- KLOBUČAR, Tomaž, JERMAN-BLAŽIČ, Borka. An infrastructure for support of digital signatures. Informatica (Ljublj.), 1999, vol. 23, št. 4, pp. 447-481.
- FERREIRA, J. N., HANSEN, A., KLOBUČAR, Tomaž, KOSSAKOWSKI, Klaus-Peter, MEDINA, M., RAJNOVIĆ, D., SCHJELDERUP, O., STIKVOORT, D. CERTs in Europe, Computer Networks and ISDN Systems 28 (1996), pp. 1947-1952.
- JERMAN-BLAŽIČ, Borka, TRČEK, Denis, KLOBUČAR, Tomaž, BRAČUN, Franc. A tool for support of key distribution and validity certificate check in global Directory service, Computer Networks and ISDN Systems 28 (1996), pp. 709-717.
- JERMAN-BLAŽIČ, Borka. Tehnike in tehnologije za varovanje zasebnosti v elektronskih komunikacijah : modeli zaščtite. 1. del. Varstvoslovje, 2005, let. 7, no. 2, pp. 123-132.
- JERMAN-BLAŽIČ, Borka, KLOBUČAR, Tomaž. Towards the development of a research agenda for cybercrime and cyberterrorism – identifying the technical challenges and missing solutions. In: AKGBAR, Babak (Ed.), BREWSTER, Ben (Ed.). Combatting cybercrime and cyberterrosism : challenges, trends and priorities, (Advanced sciences and technologies for security applications, ISSN 1613-5113). [S. l.]: Springer, 2016, pp. 157-174.
- POREKAR, Jan, KLOBUČAR, Tomaž, ŠALJIĆ, Svetlana, GABRIJELČIČ, Dušan. Applying the SERENITY methodology to the domain of trusted electronic archiving. In: SPANOUDAKIS, George (Ed.), GOMEZ, Antonio Maña (Ed.), KOKOLAKIS, Spyros (Ed.). Security and dependability for ambient intelligence, (Advances in information security, vol. 55). New York; London: Springer, 2009, pp. 343-357.
- KLOBUČAR, Tomaž, JENABI, Mahsa, KAIBEL, Andreas, KARAPIDIS, Alexander. Security and privacy issues in technology-enhanced learning. In: Expanding the Knowledge Economy: Issues, Applications, Case Studies; P. Cunningham (Ed.), M. Cunningham (Ed.) IOS Press, 2007 Amsterdam, ISBN 978-1-58603-801-4, pp. 1233-1240.
- POREKAR, Jan, DOLINAR; Kajetan, JERMAN-BLAŽIČ, Aleksej, KLOBUČAR, Tomaž. Pervasive Systems: Enhancing Trust Negotiation with Privacy Support. In: Mobile and Wireless Network Security and Privacy, Makki, K.; Reiher, P.; Makki, K.; Pissinou, N.; Makki, S. (ur.) 2007, New York, Springer, ISBN: 978-0-387-71057-0, pp. 23-38.
- GABRIJELČIČ, Dušan, SAVANOVIĆ, Arso. Security management. In: Programmable networks for IP service deployment, (Artech House telecommunications library). Boston; London: Artech House, 2004, pp. 225-251.
- GABRIJELČIČ, Dušan, SAVANOVIĆ, Arso, JERMAN-BLAŽIČ, Borka. Design, implementation and evaluation of security facilities for a next generation network element. In: JERMAN-BLAŽIČ, Borka (Ed.), SCHNEIDER, Wolfgang (Ed.), KLOBUČAR, Tomaž (Ed.). Security and privacy in advanced networking technologies, (NATO science series, Series III, Computer and systems sciences, vol. 193). Amsterdam [etc.]: IOS Press, 2004, pp. 115-134.
- SENIČAR, Vanja, KLOBUČAR, Tomaž, JERMAN-BLAŽIČ, Borka. Privacy-enhancing technologies. In: JERMAN-BLAŽIČ, Borka (Ed.), SCHNEIDER, Wolfgang (Ed.), KLOBUČAR, Tomaž (Ed.). Security and privacy in advanced networking technologies, (NATO science series, Series III, Computer and systems sciences, vol. 193). Amsterdam [etc.]: IOS Press, 2004, pp. 213-227.
- PAVLIHA, Marko, JERMAN-BLAŽIČ, Borka, BOGATAJ, Maja, KLOBUČAR, Tomaž, MATAS, Sašo, VLAČIČ, Patrick, PUHARIČ, Krešimir. Zakon o elektronskem poslovanju in elektronskem podpisu (ZEPEP) : s komentarjem. 1. natis. Ljubljana: GV založba, 2002. 222 pages, ilustr. ISBN 86-7061-277-1.