Öz

Bu çalışma dijital kütüphanelerin kaynakların yönetiminde göz önünde bulundurması gereken güvenlik sorunlarına ilişkin literatürü ortaya koymayı amaçlamaktadır. Bilgi Güvenliği, Ağ Güvenliği, Kişisel Gizlilik konuları üzerine 2000 - 2010 yıl aralığını kapsayan kitaplar ve makaleler ERIC, Ebrary, LISA, Science Direct, EbscoHost, ISI, Google Akademik, ProQuest, Emerald Insight ve ACM gibi çeşitli veri tabanlarından taranmıştır. İncelenen literatürden elde edilen sonuçlara göre, bilgi güvenliği dijital kütüphaneler için son derece önemli bir konudur ve dijitalleşme sürecinde bir kütüphane, güvenlik politikalarını ve stratejik planlarını dikkatle göz önünde bulundurmalıdır. Bu araştırmada dijital ortamda güvenliği ilgilendiren Altyapı, Dijital İçerik, Kullanıcılar, Standartlar ve Hukuki Konular olmak üzere dört ana madde üzerinde durulmuştur. Bu çalışma ayrıca daha önceki literatür taramalarını da kapsamaktadır.

Anahtar Kelimeler: Bilgi güvenliği, Dijital kütüphaneler, Veri koruma

Referanslar

  1. Abrams, S.L. (2005). Establishing a global digital format registry. Library Trends, 54(1), 125-143. doi: 10.1353/lib.2006.0001.
  2. Al-Suqri M. and Afzal W. (2007). Digital age: Challenges for libraries. Information, Society and Justice. 1(1), 43-48. doi: 10.3734/isj.2007.1105.
  3. American Library Association (2008). Code of ethics of the American Library Association. Retrieved on 14th April 2011 from http://www.ala.org/advocacy/proethics/codeofethics/codeethics
  4. Balas, J. (2005). Close the gate, lock the windows, bolt the doors: Securing library computers. Computers in Libraries, (March), 28-31.
  5. Beagrie, N., Semple, N., Williams, P. and Wright, R. (2008). Digital preservation policies part 1: Final report October 2008. Strategies. pp.1-60. Retrieved on 15th April 2011 from http://www.jisc.hosting.eduserv.org.uk/media/documents/programmes/preservation/jiscpolicy_p1finalreport.pdf.
  6. Birnbaum, J.S. (2004). Cybersecurity considerations for digital libraries in an era of pervasive computing. In Proceedings ACM/IEEE Conference on Digital Libraries (JCDL’04) (pp.169-169) New York: ACM.
  7. Bowers, S. (2006). Privacy and library records. The Journal of Academic Librarianship, 32(4), 377-383.
  8. BSI - The British Standards Institute and British Standards Publications (2010). The British Standards Institute and British Standards Publications. Retrieved on 5th May 2011 from http://www.standardsuk.com/bsi/.
  9. Chen, S.S., Choo, C.Y. and Chow, R.Y. (2006). Internet security: A novel role/object-based access control for digital libraries. Journal of Organizational Computing and Electronic Commerce. 16(2), 87-103.
  10. Cyveillance (2008). Phishing using cross-site scripting: Definition, illustration and prevention. Syveillance, USA.
  11. Dlaminia M., Eloffa J. and Eloffb, M. (2009). Information security: The moving target. Computers & Security, 28(3-4),189-199.
  12. Dourish, P. et.al. (2004). Security in the wild: User strategies for managing security as an everyday practical problem. Pers Ubiquit Comput, 8, 391-401.
  13. Fox, E. and ElSherbiny, N. (2011). Security and digital libraries, digital libraries - methods and applications, Kuo Hung Huang (Ed.), InTech, Retrieved on April 2011 from http://www.intechopen.com/articles/show/title/security-and-digital-libraries
  14. Fox, R. (2006). Vandals at the gates. OCLC Systems & Services, 22(4), 249-255. doi: 10.1108/10650750610706961.
  15. Gast, M. (2002). 802.11 Wireless networks: The definitive guide. O’Reilly: North Sebastopol, USA
  16. Gerber, M. and Solms, R. (2008). Information security requirements: Interpreting the legal aspects. Computers & Security, 27, 124-135.
  17. Goodall, J.R., Lutters, W. G., and Komlodi, A. (2009). Developing expertise for network intrusion detection. Information Technology & People, 22(2), 92-108.
  18. Gorman, M. (2001). Privacy in the digital environment-issues for libraries. In Libraries and Librarians: Making a Difference in the Knowledge Age. IFLA Council and General Conference. (pp.57-65). Boston, Massachusetts: IFLA
  19. The Government of the Hong Kong Special Administrative Region (2008). An Overview of Information Security Standards. Retrieved on 25th March 2011 from www.infosec.gov.hk/english/technical/files/overview.pdf.
  20. Guimarães, Bernardo Damele Assumpção (2009). Advanced SQL injection to operating system full control. Black Hat Briefings Europe, Amsterdam. Retrieved on 17th April 2011 from http://www.blackhat.com/presentations/bh-europe-09/Guimaraes/Blackhat-europe-09-DameleSQLInjection-slides.pdf.
  21. Hadow, K. (2009). Data security for libraries: Prevent problems, don’t detect them. Feliciter, 55(2).
  22. Hedstrom, M. (1998). Digital preservation: A time bomb for digital libraries. Computers and Humanities, 31, 189-202.
  23. Information Security and Privacy (2010). Information security and privacy. Retrieved on 25th April 2011 from http://www.oecd.org/department/0,3355,en_2649_34255_1_1_1_1_1,00.html.
  24. ISSA (2004). Generally Accepted Information Security Principles (GAISP), (3rd ed). Information System Security Association.
  25. ISO Standards (2007). ISO/IEC 27001:2005 (Information Security Management System - Requirements). Retrieved on 2nd April 2011 from http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=42103.
  26. Jones, A. (2006). The Information Security Forum. Infosecurity Today, 3(6), 38-40.
  27. Kuny, T. (1997). A digital dark ages? Proceedings of the 63rd IFLA General Conference. International Federation of Library Associations and Institutions. Retrieved on 14th March 2011 from http://www.ifla.org/IV/ifla63/63kuny1.pdf.
  28. Kuzma, J. (2010). European digital libraries: Web security vulnerabilities. Library Hi Tech, 28(3), 402-413. doi: 10.1108/07378831011076657.
  29. Khalil, M.A. (2004). Vision to reality: Applications of wireless laptops in accessing information from digital libraries: End user’s view points. Library Hi-Tech News, 21(7), 25-29.
  30. Lampson, B. (2004). Computers security in the real world. Computer, 37(6), 37-46.
  31. Maniatis, P., Roussopoulos, M., Giuli, T., Rosenthal, D.S.H. and Baker, M. (2005). The LOCKSS Peer-to-peer digital preservation system. ACM Transactions on Computer Systems, 23(1).
  32. National Forum on Education Statistics (2003). Weaving a secure web around education: A guide to technology standards and security. National Forum on Education Statistics (ED/OERI):Washington DC.
  33. Neuhaus, P. (2003). Privacy and confidentiality in digital reference. Reference & User Services Quarterly. 32(1).
  34. Newby, G. (2000). Information security in libraries. Proceedings of the Information Resources Management Association (IRMA) Annual Conference. Hershey, Pennsylvania: IRMA. Anchorage, Alaska. May 20-24, 2000. 6p. Republished in Kisielnicki, Jerzy (Ed.). 2002. “Modern Organizations in Virtual Communities.” Idea Group: Hershey, Pennsylvania.
  35. OCLC. (2006). OCLC Digital Archive Preservation Policy and Supporting Documentation. Dublin, OH. Retrieved on 22nd March 2011 from http://www.oclc.org/support/documentation/digitalarchive/preservationpolicy.pdf.
  36. Ozkan, S. and Karabacak, B.(2010). Collaborative risk method for information security management practices: A case context within Turkey. International Journal of Information Management, 30(6), 567-572.
  37. Patel, A., Qassim, O. and Wills, C. (2010). A survey of intrusion detection and prevention systems. Information Management & Computer Security, 18(4), 277-290
  38. Pearson, D. and Webb, C. (2008). Defining file format obsolescence: A risky journey. International Journal of Digital Curation, 3(1), 89-106.
  39. Porter, B. (2002). 802.11 Security. O’Reilly: North Sebastopol, USA.
  40. Rosenthal, D.S.H. (2010a). Keeping bits safe. Communications of the ACM, 53(11), 47. doi: 10.1145/1839676.1839692.
  41. Rosenthal, D.S.H. (2010b). Format obsolescence: Assessing the threat and the defenses. Library Hi Tech, 28(2), 195-210. doi: 10.1108/07378831011047613.
  42. Rothenberg, J. (1995). Ensuring the longevity of digital documents. Scientific American, 95(1), 24-29.
  43. Rowlingson, R. and Winsborrow, R. (2006). A comparison of the payment card industry data security standard with ISO17799. Computer Fraud & Security, 3, 16-19.
  44. Saeednia, S. (2000). How to maintain both privacy and authentication in digital libraries. International Journal on Digital Libraries, 2(4), 251-258.
  45. Singh, S. (2003). Digital library: Definition to implementation. Ranganathan Research Centre: Delhi. Retrieved on 15th April 2011 from http://www.oocities.org/esukhdev/lecture_rcc.pdf.
  46. Siponen, M. and Willison, R. (2009). Information security management standards: Problems and solutions. Information & Management, 46(5), 267-270.
  47. Smedinghoff, T. (2004). The state of information security law: A focus on the key legal trends. Retrieved on 30th March 2011 from http://ssrn.com/abstract=1114246.
  48. Sturges P., Davies E., Dearnley J., Illiffe U., Oppenheim C. and Hardy R. (2003), User privacy in the digital library environment: An investigation of policies and preparedness. Library Management, 24(1/2). doi: 10.1108/01435120310454502.
  49. Sutlieff, L. and Chelin, J. (2010). ’An absolute prerequisite’: The importance of user privacy and trust in maintaining academic freedom at the library. Journal of Librarianship and Information Science, 42(3), 163-177. doi: 10.1177/0961000610368916.
  50. Thompson, S. (2006). Helping the hacker? Library information, security and social engineering. Information Technology and Libraries, December, 222-225.
  51. Turle, M. (2008).Data security: Past, present and future. Computers & Security, 25, 51-58.
  52. Whitman, M.E. (2003). Enemy at the gate: Threats to information security. Communications of the ACM, 46(8), 91-95. doi: 10.1145/859670.859675.
  53. Zimerman, M. (2010). Protect your library’s computers. New Library World, 111(5/6), 203-212. doi: 10.1108/03074801011044070.

Lisans

Telif Hakkı (c) 2012 Yazar(lar). Açık erişimli bu makale, orijinal çalışmaya uygun şekilde atıfta bulunulması koşuluyla, herhangi bir ortamda veya formatta sınırsız kullanım, dağıtım ve çoğaltmaya izin veren Creative Commons Attribution License (CC BY) altında dağıtılmıştır.

Nasıl Atıf Yapılır

Anday, A., Francese, E., Huurdeman, H. C., Yılmaz, M., & Zengenene, D. (2012). Dijital Kütüphane Ortamında Bilgi Güvenliği Sorunları: Literatür Değerlendirmesi. Bilgi Dünyası, 13(1), 117-137. https://doi.org/10.15612/BD.2012.171