Search results
1 – 10 of over 32000Jeong Hoon Jo, Shailendra Rathore, Vincenzo Loia and Jong Hyuk Park
The purpose of this paper is to propose a trusted security zone architecture that uses a blockchain technology to provide secure sharing of data in the security zone while…
Abstract
Purpose
The purpose of this paper is to propose a trusted security zone architecture that uses a blockchain technology to provide secure sharing of data in the security zone while maintaining the integrity, confidentiality and availability of data. The blockchain uses a distributed network to ensure data availability and uses public ledgers to ensure the integrity and confidentiality of data.
Design/methodology/approach
The proposed architecture uses a blockchain technology to provide secure sharing of data in the security zone while maintaining the integrity, confidentiality and availability of data. The blockchain uses a distributed network to ensure data availability and uses public ledgers to ensure the integrity and confidentiality of data.
Findings
Analysis of the proposed architecture with a use case scenario demonstrates that it provides a robust security measure against unauthorized network intrusions.
Originality/value
Unlike the existing security zone, this paper adopts a method of storing data by using blockchain. It meets the need to study integrated authentication management methods of future research.
Details
Keywords
The integrity of the data used to operate and make decisions about a business affects the relative efficiency of operations and quality of decisions made. Protecting that integrity…
Abstract
The integrity of the data used to operate and make decisions about a business affects the relative efficiency of operations and quality of decisions made. Protecting that integrity can be difficult and becomes more difficult as the size and complexity of the business and its systems increase. Recovering data integrity may be impossible once it is compromised. Stewards of transactional and planning systems must therefore employ a combination of procedures including systematic safeguards and user‐training programs to counteract and prevent dirty data in those systems. Users of transactional and planning systems must understand the origins and effects of dirty data and the importance of and means of guarding against it. This requires a shared understanding within the context of the business of the meaning, uses, and value of data across functional entities. In this paper, we discuss issues related to the origin of dirty data, associated problems and costs of using dirty data in an organization, the process of dealing with dirty data in a migration to a new system: enterprise resource planning (ERP), and the benefits of an ERP in managing dirty data. These issues are explored in the paper using a case study.
Details
Keywords
Nkholedzeni Sidney Netshakhuma
This paper aims to assess the Protection of Personal Information Act (No. 4 of 2013) (POPIA) in South African (SA) universities sector with the objective to formulate code of…
Abstract
Purpose
This paper aims to assess the Protection of Personal Information Act (No. 4 of 2013) (POPIA) in South African (SA) universities sector with the objective to formulate code of conduct to improve compliance.
Design/methodology/approach
The case study approach was used in this study. Data were collected using interviews with the SA universities’ representatives during the POPIA consultative workshop.
Findings
The results showed that most of the participants were not aware of the POPIA, lack of collaboration between the legal practitioners, records managers and archivist. Internal control systems with Information Communication Technology (ICT) need to be in in place to provide information integrity and the value of international integrity with regard to the international students and staff.
Research limitations/implications
This paper is based on the first phase of the national consultative workshop with 25 SA public universities held between January and November 2018. The findings of the study are transferable to other sectors like health and infrastructure.
Practical implications
The findings are expected to be instrumental to the formulation of universities’ code of conduct in line with POPIA.
Social implications
The POPIA, if not properly implemented, can contribute to the violation of information integrity of the international students with regard to research and cultural exchange programme. Furthermore, it can affect SA trade relations with the European countries as it is a requirement for non- European countries to comply with the European Union General Data Protection Regulations (GDPR).
Originality/value
This study is useful to ensure consultation of the POPIA. Is also essential for the POPIA to be aligned with the international norms and standards such as GDPR.
Details
Keywords
Avi Rushinek and Sara F. Rushinek
Studies in the area of evaluating asset safeguarding and dataintegrity have usually dealt with evidential evaluation procedures andthe judgement decisions taken by the auditors…
Abstract
Studies in the area of evaluating asset safeguarding and data integrity have usually dealt with evidential evaluation procedures and the judgement decisions taken by the auditors during initial and subsequent audits. The qualities, measures and techniques of asset safeguarding and data integrity when examined jointly relate a degree of concern for cost‐effectiveness considerations, internal controls and the effects of making global judgements using piecemeal evidence. The design of the appropriate internal control system, combined with the impact of proper data security and risk and computer reliability, make up the circumambience under which auditors′, as well as management′s, assessments are brought to bear.
Details
Keywords
Ivan Tarkhanov, Denis Fomin-Nilov and Michael Fomin
The purpose of this paper is to address the problem of content immutability and integrity of online scientific periodicals on the sites of small publishers that can be violated…
Abstract
Purpose
The purpose of this paper is to address the problem of content immutability and integrity of online scientific periodicals on the sites of small publishers that can be violated not only by the external hack of the publisher’s site but also by publisher’s and author’s misconduct or by submitting different versions of a periodical to different sites.
Design/methodology/approach
The authors defined a list of requirements that verify online scientific publications immutability and integrity. Then, the authors analyzed existing projects and recently emerged information on security technologies and identified challenges met during the development and testing. The use of the public blockchain network Ethereum as a secure storage location for data was explained.
Findings
The authors developed the method of checking online scientific periodicals for immutability and presented ecosystem architecture to control immutability and integrity of data. On the example of the online periodical “Istoriya”, it was demonstrated how the immutability of online scientific publication has been verified with the use of the public blockchain over a six-month period. First, operating results were evaluated; challenges hampering the implementation of the suggested ecosystem on Ethereum now were identified; and potential advantages of the suggested approach as compared to similar projects were discovered.
Research limitations/implications
The considered prototype is not a ready-to-use system, but in future providing higher transparency and the development of general distributed ecosystem small publishers will have new opportunities for development given that the issues of scalability, reliability and operating speed on a public blockchain will be addressed. Introduction of the described ecosystem may even provoke some changes on such conservative market as that of publishing of academic papers.
Originality/value
This research is one of the first attempts to expand digital object identifier technology with the use of additional verifications based on the data storage and search in the public blockchain. The suggested idea is the example of “blockchainified science” that was brought to implementation in a real online journal. This method has some advantages compared to Crossmark service.
Details
Keywords
Anika Ludwig and Mary Marshall
Research into crime is reliant on data that is recorded and published by criminal justice agencies; data which is collected for other purposes. Considering the suitability of…
Abstract
Purpose
Research into crime is reliant on data that is recorded and published by criminal justice agencies; data which is collected for other purposes. Considering the suitability of geocoded crime data for academic research purposes, this paper will demonstrate the difficulties faced regarding the availability, integrity and reliability of readily accessible criminal justice data.
Design/methodology/approach
Data from two countries – England and Germany – were considered and set in a wider European Union (EU) context. Using the data received from requests made to the Freedom of Information Act (FOIA) in England and openly published reports and data available from Germany, the authors provide a contextual picture of the availability and operability of data recorded by these agencies. Geocoded data that enable cross-national comparisons with respect to immigration, ethnicity and crime are particularly hard to locate, and conducting research using data (such as crime data) whose “integrity” is questionable in an academic environment becomes increasingly problematic.
Findings
Analysing secondary data produced by a number of agencies are amplified due to the different methods of collection, management, retention and dissemination. It was found that even within England, the information provided by police forces varied greatly. Data in Germany were found to be more openly available and published electronically by a number of different criminal justice agencies; however, many of the issues apparent in English data regarding data integrity were also identified here.
Originality/value
The need for good record-keeping and information sharing practices has taken on added significance in today’s global environment. The better availability of comparable criminal justice data has the potential to provide academics with increased opportunities to develop an evidence base for policymaking.
Details
Keywords
Lamya Abdullah and Juan Quintero
The purpose of this study is to propose an approach to avoid having to trust a single entity in cloud-based applications. In cloud computing, data processing is delegated to a…
Abstract
Purpose
The purpose of this study is to propose an approach to avoid having to trust a single entity in cloud-based applications. In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is data privacy; hence, the confidentiality and integrity of data processing needs to be protected. In the common scenarios of cloud computing today, this can only be achieved by assuming that the remote party does not in any form act maliciously.
Design/methodology/approach
An approach that avoids having to trust a single entity is proposed. This approach is based on two concepts: the technical abstraction of sealed computation, i.e. a technical mechanism to confine a privacy-aware processing of data within a tamper-proof hardware container, and the role of an auditing party that itself cannot add functionality to the system but is able to check whether the system (including the mechanism for sealed computation) works as expected.
Findings
Discussion and analysis of the abstract, technical and procedural requirements of these concepts and how they can be applied in practice are explained.
Originality/value
A preliminary version of this paper was published in the proceedings of the second International Workshop on SECurity and Privacy Requirements Engineering (SECPRE, 2018).
Details
Keywords
The purpose of this paper is to examine whether comments made by Big‐Six auditors about their post‐audit perceptions of the client's integrity were influenced by their firm's…
Abstract
Purpose
The purpose of this paper is to examine whether comments made by Big‐Six auditors about their post‐audit perceptions of the client's integrity were influenced by their firm's rating of the client's integrity prior to the start of the current audit.
Design/methodology/approach
The paper uses an established fraud detection case study with a manipulation of client integrity. The participants include 152 managers and 342 seniors from five of the then Big‐Six firms.
Findings
The findings indicates that auditors were insensitive to client integrity ratings in the audit planning/risk assessment stage of the audit.
Practical implications
The very foundation of corporate governance and the value of the audit are weakened when client integrity is questionable and may not result in implementing more rigorous audit procedures suggested by Mautz and Sharaf.
Originality/value
The existent literature cannot be used to determine whether or not Auditing Standards enacted since 1991 have had any effect on the practice of auditing in this area. Consequently, this paper contributes to the literature by establishing a 1991 (i.e. before Statement of Auditing Standards 82) baseline for evaluation purposes. (A baseline being a point of reference to compare the results of future research.)
Ming‐Kuen Chen and Shih‐Ching Wang
Over the past decade, many small‐ and medium‐sized enterprises have incurred dramatic losses due to major disasters, causing loss of their business information systems and…
Abstract
Purpose
Over the past decade, many small‐ and medium‐sized enterprises have incurred dramatic losses due to major disasters, causing loss of their business information systems and transaction data, so, they have started to outsource their information operations to data centers (DCs), in order to monitor critical business data operations. The purpose of this paper is to propose a dual‐sided business data integrity policy framework.
Design/methodology/approach
Based on a review of the available literature, case studies, and in‐depth interviews with top CEOs and experts in the field, a fuzzy Delphi method is proposed in two frameworks. In addition, a risk evaluation rule is derived by applying Bayesian decision analysis to mitigate the risk and lower the cost in their outsourcing policy; and Delphi method is used to extract 11 DC service quality evaluation indicators and also use these indicators to conduct a benchmark in Taiwan. Furthermore, the proposed framework is applied to figure out critical service advantages as well as suggestions for the DC involved in the benchmark.
Findings
The results of framework point out that enterprises should monitor the four operation elements (facility and infrastructure, server system management, information security management, and disaster recovery (DR) mechanism) to ensure and improve their data integrity; and DC firms need to build robust facilities and services in the five operation elements (customizability, serviceability, information technology infrastructure, security management, and knowledge intensity).
Originality/value
This paper uses a hybrid Delphi‐Bayesian method to propose a new framework, which is adequately integrated with the consensus of experts and business decision makers; higher professionalism and content validity are achieved. Enterprises can use these indicators to evaluate the service quality of DCs among DC firms.
Details
Keywords
Ahmed H. Al-Dmour, Masam Abood and Hani H. Al-Dmour
This study aims at investigating the extent of SysTrust’s framework (principles and criteria) as an internal control approach for assuring the reliability of accounting…
Abstract
Purpose
This study aims at investigating the extent of SysTrust’s framework (principles and criteria) as an internal control approach for assuring the reliability of accounting information system (AIS) were being implemented in Jordanian business organizations.
Design/methodology/approach
The study is based on primary data collected through a structured questionnaire from 239 out of 328 shareholdings companies. The survey units were the shareholding companies in Jordan, and the single key respondents approach was adopted. The extents of SysTrust principles were also measured. Previously validated instruments were used where required. The data were analysed using t-test and ANOVA.
Findings
The results indicated that the extent of SysTrust being implemented could be considered to be moderate at this stage. This implies that there are some variations among business organizations in terms of their level of implementing of SysTrust principles and criteria. The results also showed that the extent of SysTrust principles being implemented was varied among business organizations based on their business sector. However, there were not found varied due to their size of business and a length of time in business (experience).
Research limitations/implications
This study is only conducted in Jordan as a developing country. Although Jordan is a valid indicator of prevalent factors in the wider MENA region and developing countries, the lack of external validity of this research means that any generalization of the research findings should be made with caution. Future research can be orientated to other national and cultural settings and compared with the results of this study.
Practical implications
The study provides evidence of the need for management to recognize the importance of the implementation of SysTrust principles and criteria as an internal control for assuring the reliability of AIS within their organizations and be aware which of these principles are appropriate to their size and industry sector.
Originality/value
The findings would be valuable for academic researchers, managers and professional accounting to acquire a better undemanding of the current status of the implementation of the SysTrust principles (i.e., availability, security, integrity processing, confidentiality, and privacy) as an internal control method for assuring the reliability of AIS by testing the phenomenon in Jordan as a developing country.
Details