Search results

I begin with a discussion of code and its primary types: embedded, source, binary and interpreted. I then consider three measures in which code is fundamentally different than print. In particular I speak of the trust inherent in connectivity, the organizational difficulties of information, and the problem of archiving information that may change rapidly. Following each of these explanations I offer my own hypotheses about how code and ubiquitous digital media might alter society and the sensibilities of its participants.

The purpose of this paper is to propose practical and usable interactions that will allow more informed, risk-aware comparisons for individuals during app selections. The authors include an explicit argument for the role of human decision-making during app selection and close with a discussion of the strengths of a Bayesian approach to evaluating privacy and security interventions.

The authors focused on the risk communication in mobile marketplace’s realm, examining how risk indicators can help people choose more secure and privacy-preserving apps. Combining canonical findings in risk perception with previous work in usable security, the authors designed indicators for each app to enable decisions that prioritize risk avoidance. Specifically, the authors performed a natural experiment with N = 60 participants, where they asked them to select applications on Android tablets with accurate real-time marketplace data.

In the aggregate, the authors found that app selections changed to be more risk-averse in the presence of a user-centered multi-level warning system using visual indicators that enabled a click-thru to the more detailed risk and permissions information.

Privacy research in the laboratory is often in conflict with privacy decision-making in the marketplace, resulting in a privacy paradox. To better understand this, the authors implemented a research design based on clinical experimental approaches, testing the interaction in a noisy, confounded field environment.

Phishing is a well-known cybersecurity attack that has rapidly increased in recent years. It poses risks to businesses, government agencies and all users due to sensitive data breaches and subsequent financial losses. To study the user side, this paper aims to conduct a literature review and user study.

To investigate phishing attacks, the authors provide a detailed overview of previous research on phishing techniques by conducting a systematic literature review of n = 367 peer-reviewed academic papers published in ACM Digital Library. Also, the authors report on an evaluation of a high school community. The authors engaged 57 high school students and faculty members (12 high school students, 45 staff members) as participants in research using signal detection theory (SDT).

Through the literature review which goes back to as early as 2004, the authors found that only 13.9% of papers focused on user studies. In the user study, through scenario-based analysis, participants were tasked with distinguishing phishing e-mails from authentic e-mails. The results revealed an overconfidence bias in self-detection from the participants, regardless of their technical background.

The authors conducted a literature review with a focus on user study which is a first in this field as far the authors know. Additionally, the authors conducted a detailed user study with high school students and faculty using SDT which is also an understudied area and population.

The purpose of this study is to identify factors that determine computer and security expertise in end users. They can be significant determinants of human behaviour and interactions in the security and privacy context. Standardized, externally valid instruments for measuring end-user security expertise are non-existent.

A questionnaire encompassing skills and knowledge-based questions was developed to identify critical factors that constitute expertise in end users. Exploratory factor analysis was applied on the results from 898 participants from a wide range of populations. Cluster analysis was applied to characterize the relationship between computer and security expertise. Ordered logistic regression models were applied to measure efficacy of the proposed security and computing factors in predicting user comprehension of security concepts: phishing and certificates.

There are levels to peoples’ computer and security expertise that could be reasonably measured and operationalized. Four factors that constitute computer security-related skills and knowledge are, namely, basic computer skills, advanced computer skills, security knowledge and advanced security skills, and these are identified as determinants of computer expertise.

Findings from this work can be used to guide the design of security interfaces such that it caters to people with different expertise levels and does not force users to exercise more cognitive processes than required.

This work identified four factors that constitute security expertise in end users. Findings from this work were integrated to propose a framework called Security SRK for guiding further research on security expertise. This work posits that security expertise instrument for end user should measure three cognitive dimensions: security skills, rules and knowledge.

Contends the Internet is a medium for commerce, marketing, advertising and distribution, as well as invention, entertainment and discussion. Reckons that on the Internet there is only on certainty – when creative destruction reigns it is business as usual. Concludes that succeeding in the global Internet economy is very difficult, and survival is far from assured.

There is growing contestation between states and private actors over cybersecurity responsibilities, and its governance is ever more susceptible to nationalization. The authors believe these developments are based on an incomplete picture of how cybersecurity is actually governed in practice and theory. Given this disconnect, this paper aims to attempt to provide a cohesive understanding of the cybersecurity institutional landscape.

Drawing from institutional economics and using extensive desk research, the authors develop a conceptual model and broadly sketch the activities and contributions of market, networked and hierarchical governance structures and analyze how they interact to produce and govern cybersecurity.

Analysis shows a robust market and networked governance structures and a more limited role for hierarchical structures. Ex ante efforts to produce cybersecurity using purely hierarchical governance structures, even buttressed with support from networked governance structures, struggle without market demand like in the case of secure internet identifiers. To the contrary, ex post efforts like botnet mitigation, route monitoring and other activities involving information sharing seem to work under a variety of combinations of governance structures.

The authors’ conceptual framework and observations offer a useful starting point for unpacking how cybersecurity is produced and governed; ultimately, we need to understand if and how these governance structure arrangements actually impact variation in observed levels of cybersecurity.

Experts cite the lack of a sound business plan and a diminished regard for basic marketing and management practices as major reasons for the failure rate of Web‐based retailers. The dot‐com platform alone was often viewed as a sufficient basis for business success. This article provides a guide in applying marketing management principles to Internet‐based retailers. The format for this guide uses marketing management plans, providers, access, distribution, markets, products, prices, and promotions. The practices and examples provided in this guide are useful for gaining competitive advantage in the retail, dot‐com marketplace.

This paper presents the biography of one of Australia’s earliest female accountants, Miss Evelyn Maude West (aka Eva). The paper uses this history sub-genre to understand the significant impacts Eva West made across several fields. Eva West was not only a pioneer woman accountant but also an active philanthropist with an interest in social issues and a nature lover who promoted and encouraged an appreciation of the environment.

The paper leverages a diverse array of qualitative resources, responding to Carnegie and Napier's (1996) call to expand the concept of the accounting-based archive. Notably, rare nature study diaries and a book detailing camping adventures serve as poignant examples, illustrating Eva West's profound social and environmental engagement. Additionally, personal and business letters, digitised newspapers, pamphlets, annual reports, minute books and even poems contribute to the comprehensive exploration of Eva West's life and impact. Collectively, these varied sources offer a rich tapestry of evidence, facilitating the documentation of this unique narrative.

Throughout her life, Eva West made significant contributions as a pioneering woman in the field of accounting, a dedicated philanthropist and a passionate environmentalist. Together, these offer a multifaceted portrait of a well-rounded individual. With a solid foundation in accounting, Eva utilized her expertise to benefit numerous charitable organisations, leaving a lasting impact on the community. Moreover, her deep love for the environment is illustrated in nature study diaries and books documenting her camping adventures, highlighting the interconnectedness between her accounting pursuits and her commitment to environmental stewardship.

While previous studies briefly mention the additional contributions of early women to various organisations and movements, none provide the depth of insight seen in the portrayal of Miss Eva West. Rather than critiquing these earlier narratives, this observation presents an opportunity for further research to honour pioneering individuals for their multifaceted roles beyond accounting. Future studies could spotlight trailblazers as accountants with diverse interests and societal contributions, whether in social or environmental spheres. Additionally, this paper demonstrates how archives maintained by individuals, such as nature or travel diaries and camping books, can enrich accounting and accountability-based historical research.

Biographical studies in accounting have played a significant role in advancing historical research, yet there remains a call for additional studies to gain deeper insights into specific individuals. Few biographical narratives have explored how accountants integrate their professional careers with other interests, particularly highlighting the well-roundedness of individuals, especially women. Furthermore, this paper contributes to filling the gap in research that examines the intersection of accounting professionals and environmental concerns.

Modern browsers are designed to inform users as to whether it is secure to login to a website, but most users are not aware of this information and even those who are sometimes ignore it. This study aims to assess users’ knowledge of security warnings communicated via browser indicators and the likelihood that their online decision-making adheres to this knowledge.

Participants from Amazon’s Mechanical Turk visited a series of secure and insecure websites and decided as quickly and as accurately as possible whether it was safe to login. An online survey was then used to assess their knowledge of information security.

Knowledge of information security was not necessarily a good predictor of decisions regarding whether to sign-in to a website. Moreover, these decisions were modulated by attention to security indicators, familiarity of the website and psychosocial stress induced by bonus payments determined by response times and accuracy.

Even individuals with security knowledge are unable to draw the necessary conclusions about digital risks when browsing the web. Users are being educated through daily use to ignore recommended security indicators.

This study represents a new way to entice participants into risky behavior by monetizing both speed and accuracy. This approach could be broadly useful as a way to study risky environments without placing participants at risk.