E5 – LABORATORY FOR OPEN SYSTEMS AND NETWORKS

Description

Laboratory of Open Systems and Networks has years of experience in research and development in the field of information security, privacy protection and cyber crime. Security research was performed both from the technical and socio-economic point of view.

Current activities

Current activities are focused on AI-based cybersecurity, quantum key distribution, critical infrastructure protection, and identity management.

In the Cybersecurity and large language models project, we are investigating the possibility of using large language models (LLM) to enhance cybersecurity and to locally deploy and fine-tune an open source LLM for cybersecurity needs. The results will enable a better understanding of the role, potential and performance requirements of LLM-based systems in cybersecurity, and facilitate the integration of such systems into existing IT systems and with other security solutions, such as firewalls, intrusion detection systems, etc.

SiQUID (Slovenian Quantum Communication Infrastructure Demonstration) aims at establishing quantum key distribution (QKD) links among multiple government nodes in Slovenia, while also creating a test-bed quantum network for advanced quantum-communication protocols among research institutions in Ljubljana. Our laboratory is involved in collecting use cases and defining system security requirements, as well as in assessing the risks of deploying QKD technology and interconnection with existing security systems. The role of quantum technologies in the field of security is investigated in the KVANTEH project.

Previous results

In the DEFENDER project we are addressing the issues of European critical energy infrastructures security and dependability. The laboratory leads the work on cyber-physical threats assessment and analysis and contributes to the development and implementation of the project threat mitigation and situation awareness solutions.

The main goal of the DE4A, SI-PASS 2.0, SI-PASS and eID4U projects was to set up an infrastructure for secure cross-border services in different application domains. The DE4A project facilitated migration towards secure European digital public services co-delivered across borders, across sectors and with different participants, and implemented the latest EU directives and regulations (e.g. Single Digital Gateway). The SI-PASS 2-0 and SI-PASS project, which were coordinated by the Laboratory for Open Systems and Networks, established the central eIDAS node in Slovenia at the Ministry of Public Administration and integrated various public and private cross-border e-services in the fields of e-government, e-health, higher education, municipalities, health, pension and disability insurance, intellectual property protection, company registers, financial services, and e-commerce. In the eID4U project, we also linked the test eIDAS node with trusted sources of information about students (central evidence system for e-higher education eVŠ) and various e-learning services.

Identity and digital certificate-based services, e.g. the first public-key certification authority in Slovenia, were developed in various projects, such as ICE-TEL, ICE-CAR, CADENUS and NASTEC. Experience gained was also used in preparation of Slovenian Electronic commerce and electronic signature act.

In the FP5 FAIN project, we have designed and implemented a flexible, adaptable and dependable network element based on the active networks principles, while the final result of the FP6 DIADEM project was a distributed firewall prototype. In the FP6 DAIDALOS integrated project architecture for privacy provision in pervasive systems and a protocol for trust negotiation between users and pervasive service providers were developed.

The FP7 P2P-Next project was focused toward development of an open source, efficient, trusted, personalized, user-centric and participatory content delivery system with social and collaborative connotation using the Peer-to-Peer paradigm. Distributed access control to the multimedia content was enabled by the newly developed ECS (Enhanced Closed Swarm) protocol that became an item of standardization within the Internet Engineering Task Force (IETF).

In order to improve authentication and prevent identity theft a novel graphical recognition-based authentication system for mobile devices has been developed. Within the national competence centre on cloud computing (CLASS) a cloud single sign-on solution has been developed that enables unified authentication in diverse cloud environments. Using the solution enterprises or institutions can mitigate some of cloud security risks and simplify user accounts and credentials management.

Within the EU STORK 2.0 and eSENS CIP projects we have contributed building blocks for a pan-European e-identity infrastructure that solves e-identity interoperability problems within Europe and supports a number of e-identity based services, such as e-learning, e-banking, e-business etc. We have also established three cross-border education and academic e-services: virtual learning environment, anonymous e-surveys, and job selection service. The services promise to be beneficial both for students and higher educational institutions, as well as for companies that make decisions on the basis of proven academic information, for example when validating job applicant’s qualifications in an electronic way.

As part of the “Dynamic Forensics Evaluation and Training (DFET)” project activities from the EU “Prevention of and Fight Against Crime “ (ISEC) programme we have created a cloud-based platform for digital forensics education and training, named EDUFORS. The platform enables automatic and dynamic generation, delivery and evaluation of investigation challenges that law enforcement officers, students and security specialists have to solve with cyber forensic analytical tools.

Within the “Cybercrime and cyberterrorism European research agenda (COURAGE)” project we have made a contribution to the research and development agenda in the area of the fight against cybercrime and cyberterrorism (CC/CT).

The fight against cybercrime was the main focus of the SENTER project that created a single point of reference for EU national cybercrime centres of excellence (CoE) and developed further national CoE into well-defined and well-functioning community. Laboratory for Open Systems and Networks was acting in the project as Slovenian CoE.

With regard to trust and reputation management we are investigating and improving on-line trust and reputation mechanisms and introduce new insights in the management of trust information under uncertainty.

From the socio-economic point of view we were analysing the assessment of the appropriate investment that is economically affordable and provides enough protection for the enterprise information systems.

Publications

Peer-reviewed journal papers

  1. PAVLESKA, Tanja, SELLITTO, Giovanni Paolo, ARANHA, Helder. Crafting organizational security policies for critical infrastructures: an architectural approach. Journal of surveillance, security and safety. 2024, vol. 5, str. 116-139, ilustr. ISSN 2694-1015. https://www.oaepublish.com/articles/jsss.2023.40, DOI: 10.20517/jsss.2023.40.
  2. BAJRIĆ, Samed. Enabling secure and trustworthy quantum networks: current state-of-the-art, key challenges, and potential solutions. IEEE access. 2023, vol. 11, pp. 128801-128809, ilustr. ISSN 2169-3536. https://ieeexplore.ieee.org/document/10318033, DOI: 10.1109/ACCESS.2023.3333020
  3. KAUR, Ramanpreet, GABRIJELČIČ, Dušan, KLOBUČAR, Tomaž. Artificial intelligence for cybersecurity: literature review and future research directions. Information fusion. [Online ed.]. Sep. 2023, vol. 97, [article no.] 101804, pp. 1-29, ilustr. ISSN 1872-6305. https://www.sciencedirect.com/science/article/pii/S1566253523001136?via%3Dihub, DOI: 10.1016/j.inffus.2023.101804.
  4. MASI, Massimiliano, SELLITTO, Giovanni Paolo, ARANHA, Helder, PAVLESKA, Tanja. Securing critical infrastructures with a cybersecurity digital twin. Software and systems modeling. [Online ed.]. Apr. 2023, vol. 22, iss. 2, pp. 689-707, ilustr. ISSN 1619-1374. DOI: 10.1007/s10270-022-01075-0
  5. BAJRIĆ, Samed. Data security and privacy issues in healthcare. Applied Medical Informatics. 2020, vol. 42, no. 1, pp. 19-27. ISSN 2067-7855. https://ami.info.umfcluj.ro/index.php/AMI/article/view/702.
  6. CALLANAN, Cormac, JERMAN-BLAŽIČ, Borka. Privacy risks with smartphone technologies when using the mobile Internet. ERA-Forum: scripta iuris europaei. Print ed. 2020, vol. 20, no.3 , pp. 471-489. ISSN 1612-3093. DOI: 10.1007/s12027-019-00572-y.
  7. JERMAN-BLAŽIČ, Borka, KLOBUČAR, Tomaž. Removing the barriers in cross-border crime investigation by gathering e-evidence in an interconnected society. Information & communications technology law. 2020, vol. 29, no. 1, pp. 66-81. ISSN 1360-0834. DOI: 10.1080/13600834.2020.1705035.
  8. CIGOJ, Primož, JERMAN-BLAŽIČ, Borka. An intelligent and automated WCMS vulnerability-discovery tool : the current state of the web. IEEE access. 2019, vol. 7, pp. 175466-175473.
  9. CALLANAN, Cormac, JERMAN-BLAŽIČ, Borka, JERMAN BLAŽIČ, Andrej. User tolerance of privacy abuse on mobile Internet and the country level of development. Information development, ISSN 0266-6669, Jun. 2016, vol. 32, iss. 3, pp. 728-750, doi: 10.1177/0266666915571171.
  10. MIHAJLOV, Martin, JERMAN-BLAŽIČ, Borka, CIUNOVA SHULESKA, Anita. Why that picture? Discovering password properties in recognition-based graphical authentication. International journal of human-computer studies, ISSN 1071-5819, 2016, 15 pages, doi: 10.1080/10447318.2016.1220103.
  11. CALLANAN, Cormac, JERMAN-BLAŽIČ, Borka, JERMAN BLAŽIČ, Andrej. User awareness and tolerance of privacy abuse on mobile internet : an exploratory study. Telematics and informatics, ISSN 0736-5853, 2016, vol. 33, iss. 1, pp. 109-128, doi: 10.1016/j.tele.2015.04.009.
  12. IVANC, Blaž, KLOBUČAR, Tomaž. ESM: an enhanced attack tree model for critical infrastructure. Control Engineering and Applied Informatics, ISSN 1454-8658, 2015, vol. 17, no. 4, pp. 102-113.
  13. CIGOJ, Primož, JERMAN-BLAŽIČ, Borka. An authentication and authorization solution for a multiplatform cloud environment. Information security journal, ISSN 1939-3555, [in press] 2015, 12 pages, doi: 10.1080/19393555.2015.1078424.
  14. CALLANAN, Cormac, JERMAN-BLAŽIČ, Borka, JERMAN BLAŽIČ, Andrej. User tolerance of privacy abuse on mobile Internet and the country level of development. Information development, ISSN 0266-6669, [in press] 2015, 10 pages, doi: 10.1177/0266666915571171.
  15. JOVANOVIKJ, Vladimir, GABRIJELČIČ, Dušan, KLOBUČAR, Tomaž. A Conceptual Model of Security Context. International journal of information security, Springer, ISSN 1615-5262, 2014, 11 pages.
  16. AŽDERSKA, Tanja, JERMAN-BLAŽIČ, Borka. A holistic approach for designing human-centric trust systems. Syst. pract. action res. (Dordr., Online), 2013, vol. 26, no. 5, pp. 417-450.
  17. BOJANC, Rok, JERMAN-BLAŽIČ, Borka. A quantitative model for information-security risk management. Eng. manag. j., 2013, vol. 25, no. 3, pp. 25-37.
  18. BOJANC, Rok, JERMAN-BLAŽIČ, Borka, TEKAVČIČ, Metka. Managing the investment in information security technology by use of a quantitative modeling. Inf. process. manage.. [Print ed.], 2012, vol. 48, no. 6, pp. 1031-1052.
  19. AŽDERSKA, Tanja, JERMAN-BLAŽIČ, Borka. Trust as an organismic trait of e-commerce systems. Lect. notes comput. sci., 2012, vol. 7465, pp. 161-175.
  20. MIHAJLOV, Martin, JERMAN-BLAŽIČ, Borka. On designing usable and secure recognition-based graphical authentication mechanisms. Interact. comput.. [Print ed.], 2011, vol. 23, no. 6, pp. 582-593.
  21. BOJANC, Rok, JERMAN-BLAŽIČ, Borka. An economic modelling approach to information security risk management. Int. j. inf. manage.. [Print ed.], 2008, vol. 28, no. 5, pp. 413-422.
  22. BOJANC, Rok, JERMAN-BLAŽIČ, Borka. Towards a standard approach for quantifying an ICT security investment. Comput. stand. interfaces. [Print ed.], 2008, vol. 30, no. 4, pp. 216-222. http://dx.doi.org/10.1016/j.csi.2007.10.013.
  23. JERMAN-BLAŽIČ, Aleksej, KLOBUČAR, Tomaž, JERMAN-BLAŽIČ, Borka. Long-term trusted preservation service using service interaction protocol and evidence records. Comput. stand. interfaces. [Print ed.], 2007, vol. 29, pp. 398-412.
  24. POREKAR, Jan, DOLINAR, Kajetan, JERMAN-BLAŽIČ, Borka. Middleware for privacy protection of ambient intelligence and pervasive systems. WSEAS transactions on information science and applications, 2007, vol. 4, no. 3, pp. 633-641.
  25. GABRIJELČIČ, Dušan, JERMAN-BLAŽIČ, Borka, TASIČ, Jurij F. Future active Ip netwoks security architecture. Comput. commun.. [Print ed.], 2005, vol. 28, pp. 688-701.
  26. JERMAN-BLAŽIČ, Borka, KLOBUČAR, Tomaž. Privacy provision in e-learning standardized systems: status and improvements. Computer Standards and Interfaces. [Print ed.], 2005, vol. 27, pp. 561-578.
  27. KLOBUČAR, Tomaž, SENIČAR, Vanja, JERMAN-BLAŽIČ, Borka. Privacy and personalisation in a smart space for learning. Int. j. contin. eng. educ. life-long learn., 2004, vol. 14, pp. 388-401.
  28. JERMAN-BLAŽIČ, Borka, KLOBUČAR, Tomaž, TEKAVČIČ, Metka. Privacy provision in e-learning systems. WSEAS transactions on information science and applications, 2004, vol. 1, pp. 1314-1319.
  29. SENIČAR, Vanja, JERMAN-BLAŽIČ, Borka, KLOBUČAR, Tomaž. Privacy-enhancing technologies – approaches and development, Comput. stand. interfaces, vol. 25, pp. 147-158, 2003.
  30. SAVANOVIĆ, Arso, GABRIJELČIČ, Dušan, JERMAN-BLAŽIČ, Borka, KARNOUSKOS, Stamatis. An active networks security architecture. Informatica (Ljublj.), 2002, vol. 26, no. 2, pp. 211-221.
  31. KLOBUČAR, Tomaž, JERMAN-BLAŽIČ, Borka. A formalisation and evaluation of certificate policies, Computer Communications 22 (1999), št. 12, pp. 1104-1110.
  32. KLOBUČAR, Tomaž, JERMAN-BLAŽIČ, Borka. Certificate policies formalisation and comparison. Comput. stand. interfaces. [Print ed.], 1999, vol. 21, pp. 299-307.
  33. KLOBUČAR, Tomaž, JERMAN-BLAŽIČ, Borka. An infrastructure for support of digital signatures. Informatica (Ljublj.), 1999, vol. 23, št. 4, pp. 447-481.
  34. FERREIRA, J. N., HANSEN, A., KLOBUČAR, Tomaž, KOSSAKOWSKI, Klaus-Peter, MEDINA, M., RAJNOVIĆ, D., SCHJELDERUP, O., STIKVOORT, D. CERTs in Europe, Computer Networks and ISDN Systems 28 (1996), pp. 1947-1952.
  35. JERMAN-BLAŽIČ, Borka, TRČEK, Denis, KLOBUČAR, Tomaž, BRAČUN, Franc. A tool for support of key distribution and validity certificate check in global Directory service, Computer Networks and ISDN Systems 28 (1996), pp. 709-717.

Book chapters

  1. JERMAN-BLAŽIČ, Borka, CIGOJ, Primož. Website security study at large: vulnerability analysis, tools and remedies. In: POPOV, Oliver B. (Ed.), SUKHOSTAT, Lyudmila (Ed.). Cybersecurity for critical infrastructure protection via reflection of industrial control systems. Amsterdam; Berlin; Washington: IOS Press, 2022. Pp. 72-80. Nato science for peace and security series, Vol. 62.
  2. PAVLESKA, Tanja. Architecting and evaluating cybersecurity in clinical IoT. In: HUDSON, Florence D. (Ed.). Women securing the future with TIPPSS for connected healthcare: trust, identity, privacy, protection, safety, security. Cham: Springer, 2022. Pp. 21-47. ISBN 978-3-030-93592-4, ISBN 978-3-030-93591-7.
  3. KAUR, Ramanpreet, KLOBUČAR, Tomaž, GABRIJELČIČ, Dušan. Privacy in online social networks : threat analysis and countermeasures. In: CRUZ-CUNHA, Maria Manuela (Ed.), MATEUS-COELHO, Nuno Ricardo (Ed.), MATEUS-COELHO, Nuno Ricardo (Ed.). Handbook of research on cyber crime and information privacy. Hershey: IGI Global, 2021. Pp. 567-598. ISBN 978-1-79985-729-7, ISBN 1-79985-729-8.
  4. GABRIJELČIČ, Dušan, ČALETA, Denis, ZAHARIADIS, Theodore, SANTORI, Francesca, DE SANTIS, Corrado, GASPARINI, Teni. Security challenges for the critical infrastructures of the energy sector. In: SOLDATOS, John (Ed.). Cyber-physical threat intelligence for critical infrastructures security: a guide to integrated cyber-physical protection of modern critical infrastructures. Hanover; Delft: Now Publishers, 2020. Pp. 226-244, graf. prikazi. ISBN 978-1-68083-686-8, ISBN 978-1-68083-687-5, DOI: 10.1561/9781680836875.ch13.
  5. BAJRIĆ, Samed. Implementing symmetric cryptography using sequence of semi-bent functions. In: DOMB, Menachem. Modern cryptography : current challenges and solutions. London: IntechOpen, 2019. Pp. 1-16. ISBN 978-1-78984-470-2, ISBN 978-1-78984-471-9.
  6. BAJRIĆ, Samed. An analysis of cryptographic algorithms in IoT. In: JOEL, J. P. C. (Ed.). Smart devices, applications, and protocols for the IoT. Hershey: IGI Global, 2019. Pp. 83-104. Premier reference source. ISBN 978-1-52257-811-6, ISBN 978-1-52257-812-3. DOI: 10.4018/978-1-5225-7811-6.ch005.
  7. JERMAN-BLAŽIČ, Borka, KLOBUČAR, Tomaž. Towards the development of a research agenda for cybercrime and cyberterrorism – identifying the technical challenges and missing solutions. In: AKGBAR, Babak (Ed.), BREWSTER, Ben (Ed.). Combatting cybercrime and cyberterrosism : challenges, trends and priorities, (Advanced sciences and technologies for security applications, ISSN 1613-5113). [S. l.]: Springer, 2016, pp. 157-174.
  8. POREKAR, Jan, KLOBUČAR, Tomaž, ŠALJIĆ, Svetlana, GABRIJELČIČ, Dušan. Applying the SERENITY methodology to the domain of trusted electronic archiving. In: SPANOUDAKIS, George (Ed.), GOMEZ, Antonio Maña (Ed.), KOKOLAKIS, Spyros (Ed.). Security and dependability for ambient intelligence, (Advances in information security, vol. 55). New York; London: Springer, 2009, pp. 343-357.
  9. KLOBUČAR, Tomaž, JENABI, Mahsa, KAIBEL, Andreas, KARAPIDIS, Alexander. Security and privacy issues in technology-enhanced learning. In: Expanding the Knowledge Economy: Issues, Applications, Case Studies; P. Cunningham (Ed.), M. Cunningham (Ed.) IOS Press, 2007 Amsterdam, ISBN 978-1-58603-801-4, pp. 1233-1240.
  10. POREKAR, Jan, DOLINAR; Kajetan, JERMAN-BLAŽIČ, Aleksej, KLOBUČAR, Tomaž. Pervasive Systems: Enhancing Trust Negotiation with Privacy Support. In: Mobile and Wireless Network Security and Privacy, Makki, K.; Reiher, P.; Makki, K.; Pissinou, N.; Makki, S. (ur.) 2007, New York, Springer, ISBN: 978-0-387-71057-0, pp. 23-38.
  11. GABRIJELČIČ, Dušan, SAVANOVIĆ, Arso. Security management. In: Programmable networks for IP service deployment, (Artech House telecommunications library). Boston; London: Artech House, 2004, pp. 225-251.
  12. GABRIJELČIČ, Dušan, SAVANOVIĆ, Arso, JERMAN-BLAŽIČ, Borka. Design, implementation and evaluation of security facilities for a next generation network element. In: JERMAN-BLAŽIČ, Borka (Ed.), SCHNEIDER, Wolfgang (Ed.), KLOBUČAR, Tomaž (Ed.). Security and privacy in advanced networking technologies, (NATO science series, Series III, Computer and systems sciences, vol. 193). Amsterdam [etc.]: IOS Press, 2004, pp. 115-134.
  13. SENIČAR, Vanja, KLOBUČAR, Tomaž, JERMAN-BLAŽIČ, Borka. Privacy-enhancing technologies. In: JERMAN-BLAŽIČ, Borka (Ed.), SCHNEIDER, Wolfgang (Ed.), KLOBUČAR, Tomaž (Ed.). Security and privacy in advanced networking technologies, (NATO science series, Series III, Computer and systems sciences, vol. 193). Amsterdam [etc.]: IOS Press, 2004, pp. 213-227.

demo

Laboratory for open systems and networks

  • Jamova cesta 39, 1000, Ljubljana
  • + 386 (0)1 477 3900
  • info@e5.ijs.si