1 - 4 of 4
ItemHow Espoused Culture Influences Misuse Intention: A Micro-Institutional Theory Perspective( 2017-01-04)Following Willson and Warkentin’s  call for understanding the interaction between employees and the organization in the context of computer abuse, this paper investigates the effect of espoused institutional pressure on misuse intention in South Korea. In addition, we hypothesize the effect of culture in the form of self-construal, power distance and Confucian dynamism on users’ perceptions of organizational coercive, normative and mimetic pressures. We collected 232 usable surveys. Since the sample was mostly a convenience sample, the response rate was close to a 100%. Our analysis found that coercive pressure has no effect on misuse intention, while normative pressures has significant deterring effect and mimetic has significant motivating effect on misuse intention. As to culture, self-construal had the strongest effect on institutional pressure and subsequently on misuse intention.
ItemA Threat-Vulnerability Based Risk Analysis Model for Cyber Physical System Security( 2017-01-04)The ability to network machinery and devices that are otherwise isolated is highly attractive to industry. This has led to growth in the use of cyber-physical systems (CPSs) with existing infrastructure. However, coupling physical and cyber processes leaves CPSs vulnerable to security attacks. A threat-vulnerability based risk model is developed through a detailed analysis of CPS security attack structures and threats. The Stuxnet malware attack is used to test the viability of the proposed model. An analysis of the Natanz system shows that, with an actual case security-risk score at Mitigation level 5, the infested facilities barely avoided a situation worse than the one which occurred. The paper concludes with a discussion on the need for risk analysis as part of CPS security and highlights the future work of modelling and comparing existing security solutions using the proposed model so to identify the sectors where CPS security is still lacking.
ItemA Synchronized Shared Key Generation Method for Maintaining End-to-End Security of Big Data Streams( 2017-01-04)A large number of mission critical applications ranging from disaster management to smart city are built on the Internet of Things (IoT) platform by deploying a number of smart sensors in a heterogeneous environment. The key requirements of such applications are the need of near real-time stream data processing in large scale sensing networks. This trend gives birth of an area called big data stream. One of the key problems in big data stream is to ensure the end-to-end security. To address this challenge, we proposed Dynamic Prime Number Based Security Verification (DPBSV) and Dynamic Key Length Based Security Framework (DLSeF) methods for big data streams based on the shared key derived from synchronized prime numbers in our earlier works. One of the major shortcomings of these methods is that they assume synchronization of the shared key. However, the assumption does not hold when the communication between Data Stream Manager (DSM) and sensing devices is broken. To address this problem, this paper proposes an adaptive technique to synchronize the shared key without communication between sensing devices and DSM, where sensing devices obtain the shared key re-initialization properties from its neighbours. Theoretical analyses and experimental results show that the proposed technique can be integrated with our DPBSV and DLSeF methods without degrading the performance and efficiency. We observed that the proposed synchronization method also strengthens the security of the models.