Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 8 of 8
Full-Text Articles in Physical Sciences and Mathematics
Data Fusion For Trust Evaluation, Zheng Yan, Qinghua Zheng, Laurence T. Yang, Robert H. Deng
Data Fusion For Trust Evaluation, Zheng Yan, Qinghua Zheng, Laurence T. Yang, Robert H. Deng
Research Collection School Of Computing and Information Systems
Trust evaluation is a process to quantify trust by analyzing the data related to the factors that affect trust. It has been widely applied in many fields to facilitate decision making, system entity collaboration and security establishment. For example, in social networking, trust evaluation helps users make a social decision, reduce the risk of social interactions, and ensure the quality of a social networking environment. In digital communications, trust evaluation can be applied to detect malicious nodes, filter unwanted traffic and improve communication security. In e-commerce and cloud services, trust evaluation helps users selecting an appropriate product or service from …
Does Reputational Sanctions Deter Negligence In Information Security Management? A Field Quasi-Experiment, Qian Tang, Andrew B. Whinston
Does Reputational Sanctions Deter Negligence In Information Security Management? A Field Quasi-Experiment, Qian Tang, Andrew B. Whinston
Research Collection School Of Computing and Information Systems
Security negligence, a major cause of data breaches, occurs when an organization’s information technology management fails to adequately address security vulnerabilities. By conducting a field quasi-experiment using outgoing spam as a focal security issue, this study investigates the effectiveness of reputational sanctions in reducing security negligence in a global context. In the quasi-experiment, a reputational sanction mechanism based on outgoing spam was established for four countries, and for each country, reputational sanctions were imposed on the 10 organizations with the largest outgoing spam volumes—that is, these organizations were listed publicly. We find that because of our reputational sanction mechanism, organizations …
Profit-Maximizing Firm Investments In Customer Information Security, Yong Yick Lee, Robert J. Kauffman, Ryan Sougstad
Profit-Maximizing Firm Investments In Customer Information Security, Yong Yick Lee, Robert J. Kauffman, Ryan Sougstad
Research Collection School Of Computing and Information Systems
When a customer interacts with a firm, extensive personal information often is gathered without the individual's knowledge. Significant risks are associated with handling this kind of information. Providing protection may reduce the risk of the loss and misuse of private information, but it imposes some costs on both the firm and its customers. Nevertheless, customer information security breaches still may occur. They have several distinguishing characteristics: (1) typically it is hard to quantify monetary damages related to them; (2) customer information security breaches may be caused by intentional attacks, as well as through unintentional organizational and customer behaviors; and (3) …
Time-Bound Hierarchical Key Assignment: An Overview, Wen Tao Zhu, Robert H. Deng, Jianying Zhou, Feng Bao
Time-Bound Hierarchical Key Assignment: An Overview, Wen Tao Zhu, Robert H. Deng, Jianying Zhou, Feng Bao
Research Collection School Of Computing and Information Systems
The access privileges in distributed systems can be effectively organized as a partial-order hierarchy that consists of distinct security classes, and the access rights are often designated with certain temporal restrictions. The time-bound hierarchical key assignment problem is to assign distinct cryptographic keys to distinct security classes according to their privileges so that users from a higher class can use their class key to derive the keys of lower classes, and these keys are time-variant with respect to sequentially allocated temporal units called time slots. In this paper, we present the involved principle, survey the state of the art, and …
Cyber Attacks: Does Physical Boundary Matter?, Qiu-Hong Wang, Seung-Hyun Kim
Cyber Attacks: Does Physical Boundary Matter?, Qiu-Hong Wang, Seung-Hyun Kim
Research Collection School Of Computing and Information Systems
Information security issues are characterized with interdependence. Particularly, cyber criminals can easily cross national boundaries and exploit jurisdictional limitations between countries. Thus, whether cyber attacks are spatially autocorrelated is a strategic issue for government authorities and a tactic issue for insurance companies. Through an empirical study of cyber attacks across 62 countries during the period 2003-2007, we find little evidence on the spatial autocorrelation of cyber attacks at any week. However, after considering economic opportunity, IT infrastructure, international collaboration in enforcement and conventional crimes, we find strong evidence that cyber attacks were indeed spatially autocorrelated as they moved over time. …
New Efficient Mds Array Codes For Raid Part I: Reed-Solomon-Like Codes For Tolerating Three Disk Failures, Gui-Liang Feng, Robert H. Deng, Feng Bao, Jia-Chen Shen
New Efficient Mds Array Codes For Raid Part I: Reed-Solomon-Like Codes For Tolerating Three Disk Failures, Gui-Liang Feng, Robert H. Deng, Feng Bao, Jia-Chen Shen
Research Collection School Of Computing and Information Systems
This paper presents a class of binary maximum distance separable (MDS) array codes for tolerating disk failures in redundant arrays of inexpensive disks (RAID) architecture based on circular permutation matrices. The size of the information part is m×n, the size of the parity-check part is m×3, and the minimum distance is 4, where n is the number of information disks, the number of parity-check disks is 3, and (m+1) is a prime integer. In practical applications, m can be very large and n is from 20 to 50. The code rate is R=n/(n+3). These codes can be used for tolerating …
Vertical Sensitivity For The Information Security Health Rating Of Enterprises, Arcot Desai Narasimhalu, Nagarajan Dayasindhu, Raghavan Subramanian
Vertical Sensitivity For The Information Security Health Rating Of Enterprises, Arcot Desai Narasimhalu, Nagarajan Dayasindhu, Raghavan Subramanian
Research Collection School Of Computing and Information Systems
INFOSeMM Maturity model was developed jointly by SMU and Infosys. It is recognized that different industry verticals will have different levels of recommended maturity levels. This paper articulates the need for developing the industry vertical benchmarks.
Rating Information Security Maturity, Arcot Desai Narasimhalu, Nagarajan Dayasindhu
Rating Information Security Maturity, Arcot Desai Narasimhalu, Nagarajan Dayasindhu
Research Collection School Of Computing and Information Systems
Most CEOs have difficulty relating to the information security investments in their companies. This article presents a summary of a the information security maturity model that the CEOs could use to determine the desired level of investments into information security infrastructure, tools and applications.