Posredovanje znanja v regionalnih digitalnih ekosistemih

The knowledge-based networked business ecosystem represents a geographical (or virtual) area where specific regional policy initiatives could foster growth and improve innovation, productivity and social aspects through the optimal use of local assets empowered by information and communication systems (ICT). Effective human interaction with ICT within such a regional digital ecosystem depends on access methods, suitability and form of content and knowledge sharing. A network of digital ecosystems, as public common resource, offers to regions and to less-developed areas opportunities to participate in the global economy. Key words: digital ecosystem, regional business digital ecosystem, integrated business information, electronic content management, document management system, knowledge sharing and management;Na znanju temelječ in mrežno povezan poslovni ekosistem predstavlja geografsko (ali virtualno) področje, kjer bi lahko specifič ne regionalne politične pobude spodbujale rast in izboljšale inoviranje, produktivnost ter družbene vidike s pomočjo optimalne uporabe lokalnih virov, ki so okrepljeni z informacijskimi in komunikacijskimi sistemi. Učinkovita človeška interakcija z informacijskimi in komunikacijskimi sistemi, kot je na primer regionalni digitalni ekosistem, je odvisna od pristopnih metod, ustreznosti in oblike vsebine ter posredovanja znanja. Mreža digitalnih ekosistemov kot skupni javni vir ponuja regijam in manj razvitim področjem priložnost, da sodelujejo v globalnem gospodarstvu. Ključne besede: digitalni ekosistem, regionalni poslovni digitalni ekosistem, integrirano poslovno informiranje, upravljanje elektronskih vsebin, upravljanje s sistemom dokumentov, posredovanje znanja in upravljanje

Risk Assessment Framework for Evaluation of Cybersecurity Threats and Vulnerabilities in Medical Devices

Medical devices are vulnerable to cybersecurity exploitation and, while they can provide improvements to clinical care, they can put healthcare organizations and their patients at risk of adverse impacts. Evidence has shown that the proliferation of devices on medical networks present cybersecurity challenges for healthcare organizations due to their lack of built-in cybersecurity controls and the inability for organizations to implement security controls on them. The negative impacts of cybersecurity exploitation in healthcare can include the loss of patient confidentiality, risk to patient safety, negative financial consequences for the organization, and loss of business reputation. Assessing the risk of vulnerabilities and threats to medical devices can inform healthcare organizations toward prioritization of resources to reduce risk most effectively. In this research, we build upon a database-driven approach to risk assessment that is based on the elements of threat, vulnerability, asset, and control (TVA-C). We contribute a novel framework for the cybersecurity risk assessment of medical devices. Using a series of papers, we answer questions related to the risk assessment of networked medical devices. We first conducted a case study empirical analysis that determined the scope of security vulnerabilities in a typical computerized medical environment. We then created a cybersecurity risk framework to identify threats and vulnerabilities to medical devices and produce a quantified risk assessment. These results supported actionable decision making at managerial and operational levels of a typical healthcare organization. Finally, we applied the framework using a data set of medical devices received from a partnering healthcare organization. We compare the assessment results of our framework to a commercial risk assessment vulnerability management system used to analyze the same assets. The study also compares our framework results to the NIST Common Vulnerability Scoring System (CVSS) scores related to identified vulnerabilities reported through the Common Vulnerability and Exposure (CVE) program. As a result of these studies, we recognize several contributions to the area of healthcare cybersecurity. To begin with, we provide the first comprehensive vulnerability assessment of a robotic surgical environment, using a da Vinci surgical robot along with its supporting computing assets. This assessment supports the assertion that networked computer environments are at risk of being compromised in healthcare facilities. Next, our framework, known as MedDevRisk, provides a novel method for risk quantification. In addition, our assessment approach uniquely considers the assets that are of value to a medical organization, going beyond the medical device itself. Finally, our incorporation of risk scenarios into the framework represents a novel approach to medical device risk assessment, which was synthesized from other well-known standards. To our knowledge, our research is the first to apply a quantified assessment framework to the problem area of healthcare cybersecurity and medical networked devices. We would conclude that a reduction in the uncertainty about the riskiness of the cybersecurity status of medical devices can be achieved using this framework

The use of e-voting as a new tool of e-participation in modern democracies

Finding the answer to the question of the role of electronic voting in a modern country constitutes an important part of researches into electronic democracy. The recent dynamic development of information and communication technologies (ICT) and mass media have been leading to noticeable changes in functioning of contemporary countries and societies. ICT is beginning to play a greater and greater role and filter down to almost every field of contemporary human life – including politics. Electronic voting represents one of the more and more popular forms of so called e-democracy, and is an interesting research subject in the context of mechanisms for implementing this form of participation in elections, its legitimization, specific technological solutions for e-voting and their effectiveness as well as unintended consequences. The main subject of this text is the use of electronic voting (e-voting) as one of the forms of electronic democracy. The article attempts to answer the following research questions: First, what is the impact of ICT on the political processes – particularly on the voting procedures? Secondly, what is the essence of electronic voting and what are its main features? Finally, what are the e-voting experiences in the European countries? The text is devoted rather to general remarks on e-voting, and does not constitute a complete analysis of the issue. It is intended to be a contribution to the further considerations.Znalezienie odpowiedzi na pytanie o rolę elektronicznego głosowania w elekcjach państwowych stanowi ważną część badań nad demokracją elektroniczną. W wyniku dynamicznego rozwoju technologii informacyjnych i komunikacyjnych (ICT) doszło do zauważalnych zmian w funkcjonowaniu współczesnych państw i społeczeństw. ICT zaczynają odgrywać większą rolę, przenikając niemal każdą dziedzinę życia współczesnego człowieka – także politykę. Elektroniczne głosowanie stanowi jedną z coraz bardziej popularnych form tzw. e-demokracji, i staje się interesującym przedmiotem badań. Głównym zagadnieniem niniejszego tekstu jest wykorzystanie głosowania elektronicznego (e-głosowania) jako jednej z form demokracji elektronicznej. Artykuł stanowi próbę odpowiedzi na następujące pytania badawcze: po pierwsze, jak ICT wpływają na procesy polityczne – szczególnie na procedury głosowania? Po drugie, co jest istotą głosowania elektronicznego i jakie są jego główne cechy? Wreszcie, jakie doświadczenia z e-głosowaniem mają państwa europejskie? Tekst nie stanowi wyczerpującej analizy przedmiotu badań. Ma być raczej przyczynkiem do dalszych rozważań nad e-demokracją, e-partycypacją, a przede wszystkim e-głosowaniem

The Role of Cybersecurity in the Public Sphere - The European Dimension

he aim of this paper is to present the areas in EU and domestic legal systems which cover currently applicable laws on cybersecurity and the related cyber-liability. Legal regulations related to cybersecurity that are currently in force embrace only a very narrow understanding of the notions of cyberspace and cybercrime. This paper aims to present those areas of the existing regulations in which the notions of cyber-liability have been preliminarily defined. Issues that are currently viewed as only marginally relevant to the functioning of states in the domain of cyberspace operations or artificial intelligence are also related to cyber-liability. The paper covers issues related to online platforms as well as the role of the state and public administration, network technologies and financial institutions in cybersecurity system especially from European perspective. It also investigates the issues related to strategic and political responsibility, cooperation mechanisms, obligations of telecommunication entrepreneurs, personal data and drone operations in public space. Part of the paper is also related to the movement of cultural assents, digital platforms, blocking injunctions and blocking access, threats of the cyberterrorism, cybersecurity, cybercrime in Hungary, including COVID-19 environment, as well as authorities competent for cybersecurity in Germany. This broad perspective is used to better understand regulatory purposes in European contexts to secure digital society development

Measuring the Semantic Integrity of a Process Self

The focus of the thesis is the definition of a framework to protect a process from attacks against the process self, i.e. attacks that alter the expected behavior of the process, by integrating static analysis and run-time monitoring. The static analysis of the program returns a description of the process self that consists of a context-free grammar, which defines the legal system call traces, and a set of invariants on process variables that hold when a system call is issued. Run-time monitoring assures the semantic integrity of the process by checking that its behavior is coherent with the process self returned by the static analysis. The proposed framework can also cover kernel integrity to protect the process from attacks from the kernel-level. The implementation of the run-time monitoring is based upon introspection, a technique that analyzes the state of a computer to rebuild and check the consistency of kernel or user-level data structures. The ability of observing the run-time values of variables reduces the complexity of the static analysis and increases the amount of information that can be extracted on the run-time behavior of the process. To achieve transparency of the controls for the process while avoiding the introduction of special purpose hardware units that access the memory, the architecture of the run-time monitoring adopts virtualization technology and introduces two virtual machines, the monitored and the introspection virtual machines. This approach increases the overall robustness because a distinct virtual machine, the introspection virtual machine, applies introspection in a transparent way both to verify the kernel integrity and to retrieve the status of the process to check the process self. After presenting the framework and its implementation, the thesis discusses some of its applications to increase the security of a computer network. The first application of the proposed framework is the remote attestation of the semantic integrity of a process. Then, the thesis describes a set of extensions to the framework to protect a process from physical attacks by running an obfuscated version of the process code. Finally, the thesis generalizes the framework to support the efficient sharing of an information infrastructure among users and applications with distinct security and reliability requirements by introducing highly parallel overlays

Digitalization and Public Services: A Labour Perspective

This report was commissioned by PSI. In addition to an extensive literature review, the study finds its main sources in interviews and information gathered from trade union representatives from PSI-affiliated organizations in different public service sectors around the world, including in Africa (Burkina Faso, Morocco), Asia (South Korea, Singapore, India), North America (Canada, United States), South America (Argentina, Brazil) and Europe (Denmark, France, Germany, Norway, Spain, and the United Kingdom). The interviewees represent a wide range of public services from central administration and local and regional government to health and care services, hospitals, utilities, police, emergency services and education and cultural services.info:eu-repo/semantics/publishedVersio