{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00240923","sets":["6164:6165:6462:11854"]},"path":["11854"],"owner":"11","recid":"240923","title":["小規模地方自治体職員の情報セキュリティインシデント報告行動を促進する要因の分析"],"pubdate":{"attribute_name":"PubDate","attribute_value":"2024-10-15"},"_buckets":{"deposit":"63584ad4-69a6-4611-ac25-c7536b12add2"},"_deposit":{"id":"240923","pid":{"type":"depid","value":"240923","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"小規模地方自治体職員の情報セキュリティインシデント報告行動を促進する要因の分析","author_link":["662253","662254","662255","662256"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"小規模地方自治体職員の情報セキュリティインシデント報告行動を促進する要因の分析","subitem_title_language":"ja"},{"subitem_title":"An analysis of factors to Encourage Information Security Incident Reporting Behavior of officials in Small Local Governments","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"情報セキュリティインシデント，報告行動，地方公共団体，小規模自治体","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2024-10-15","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"長崎県立大学"},{"subitem_text_value":"長崎県立大学"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"University of Nagasaki","subitem_text_language":"en"},{"subitem_text_value":"University of Nagasaki","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/240923/files/IPSJ-CSS2024177.pdf","label":"IPSJ-CSS2024177.pdf"},"date":[{"dateType":"Available","dateValue":"2026-10-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSS2024177.pdf","filesize":[{"value":"1.2 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"e09d7267-f72a-4cdf-af4b-bd1579ded79a","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2024 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"岡, 佳伸"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"島, 成佳"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Yoshinobu, Oka","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Shigeyoshi, Shima","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"著者らが所属する町村のような小規模な地方自治体では，一般的に専門人材の不在や限られた予算等によって，理想的な情報セキュリティ対策を実施することが難しい．標的型攻撃メールをはじめとした様々なサイバー攻撃を受けているが，前述の制約により情報セキュリティインシデント時の検知を目的とする技術的対策の導入は一部に留まっている．本研究では，この情報セキュリティインシデントの早期検知を目的として，職員からの報告行動を促すための施策に注目する．具体的には，情報セキュリティ対策の中で，専門人材や予算を必要としない制度的セキュリティである情報セキュリティポリシーの策定や運用を対象とする．情報セキュリティポリシーにより職員からの報告を促すため，報告行動に関係する仮説を設定し，著者らが所属する地方自治体で実施した研修とアンケート調査結果を用いて分析・考察した結果を報告する．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Small local governments, such as the towns and villages to which the authors belong, generally lack expert personnel and have limited budgets, making it difficult to implement ideal information security measures. In addition, despite being exposed to various cyber attacks including targeted e-mail attacks, the above limitations limit the implementation of technical measures for the purpose of detecting information security incidents when they occur. This study focuses on measures to promote staff reporting behavior for early detection of such information security incidents. The authors developed a hypothesis on reporting behavior to promote reporting from employees through the formulation and operation of information security policies, which are institutional security measures that do not require specialized personnel or budget, and analyzed and discussed the results of training and questionnaire surveys conducted in the local government to which the authors belong. The results are reported here.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"1329","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2024論文集"}],"bibliographicPageStart":"1322","bibliographicIssueDates":{"bibliographicIssueDate":"2024-10-15","bibliographicIssueDateType":"Issued"}}]},"relation_version_is_last":true,"weko_creator_id":"11"},"id":240923,"updated":"2025-03-06T05:57:00.249688+00:00","links":{},"created":"2025-01-19T01:45:23.541592+00:00"}