Search results

Security assurance evaluation (SAE) is a well-established approach for assessing the effectiveness of security measures in systems. However, one aspect that is often overlooked in these evaluations is the assurance context in which they are conducted. This paper aims to explore the role of assurance context in system SAEs and proposes a conceptual model to integrate the assurance context into the evaluation process.

The conceptual model highlights the interrelationships between the various elements of the assurance context, including system boundaries, stakeholders, security concerns, regulatory compliance and assurance assumptions and regulatory compliance.

By introducing the proposed conceptual model, this research provides a framework for incorporating the assurance context into SAEs and offers insights into how it can influence the evaluation outcomes.

By delving into the concept of assurance context, this research seeks to shed light on how it influences the scope, methodologies and outcomes of assurance evaluations, ultimately enabling organizations to strengthen their system security postures and mitigate risks effectively.

With the rapid development of Internet technology, cybersecurity threats such as security loopholes, data leaks, network fraud, and ransomware have become increasingly prominent, and organized and purposeful cyberattacks have increased, posing more challenges to cybersecurity protection. Therefore, reliable network risk assessment methods and effective network security protection schemes are urgently needed.

Based on the dynamic behavior patterns of attackers and defenders, a Bayesian network attack graph is constructed, and a multitarget risk dynamic assessment model is proposed based on network availability, network utilization impact and vulnerability attack possibility. Then, the self-organizing multiobjective evolutionary algorithm based on grey wolf optimization is proposed. And the authors use this algorithm to solve the multiobjective risk assessment model, and a variety of different attack strategies are obtained.

The experimental results demonstrate that the method yields 29 distinct attack strategies, and then attacker's preferences can be obtained according to these attack strategies. Furthermore, the method efficiently addresses the security assessment problem involving multiple decision variables, thereby providing constructive guidance for the construction of security network, security reinforcement and active defense.

A method for network risk assessment methods is given. And this study proposed a multiobjective risk dynamic assessment model based on network availability, network utilization impact and the possibility of vulnerability attacks. The example demonstrates the effectiveness of the method in addressing network security risks.

Effective information security management (ISM) contributes to building a healthy organizational digital ecology. However, few studies have built an analysis framework for critical influencing factors to discuss the combined influence mechanism of multiple factors on ISM performance (ISMP). This study aims to explore the critical success factors and understand how these factors contribute to ISMP.

This study used a mixed-method approach to achieve this study’s research goals. In Study 1, the authors conducted a qualitative analysis to take a series of International Organization for Standardization/International Electrotechnical Commission standard documents as the basis to refine the critical factors that may influence organizations’ ISMP. In Study 2, the authors built a research model based on the organizational control perspective and used the survey-based partial least squares-based structural equation modeling (PLS-SEM) approach to understand the relationships between these factors in promoting ISMP. In Study 3, the authors used the fuzzy set qualitative comparative analysis (fsQCA) method to empirically analyze the complex mechanisms of how the combinations of the factors affect ISMP.

The following three research findings are obtained. First, based on the text-based qualitative analysis, the authors refined the critical success factors that may increase ISMP, including information security policies (ISP), top management support (TMS), alignment (ALI), information security risk assessment (IRA), information security awareness (ISA) and information security culture (ISC). Second, the PLS-SEM testing results confirmed TMS is the antecedent variable motivating organization’s formation (ISP) and information control (ISC) approaches; these two types of organization control approaches increase IRA, ISA and ALI and then promote ISMP directly and indirectly. Third, the fsQCA testing results found two configurations that can achieve high ISMP and one driving path that leads to non-high ISMP.

This study extends knowledge by exploring configuration factors to improve or impede the performances of organizations’ ISM. To the best of the authors’ knowledge, this study is one of the first to explore the use of the fsQCA approach in information security studies, and the results not only revealed causal associations between single factors but also highlighted the critical role of configuration factors in developing organizational ISMP. This study calls attention to information security managers of an organization should highlight the combined effect between the factors and reasonably allocate organizational resources to achieve high ISMP.

Cyber security has never been more important than it is today in an ever more connected and pervasive digital world. However, frequently reported shortages of suitably skilled and trained information system (IS)/cyber security professionals elevate the importance of delivering effective Security Education,Training and Awareness (SETA) programmes within organisations. Therefore, the purpose of this study is the questionable effectiveness of SETA programmes at changing employee behaviour and an absence of empirical studies on the critical success factors (CSFs) for SETA programme effectiveness.

This exploratory study follows a three-stage research design to give voice to practitioners with SETA programme expertise. Data is gathered in Stage 1 using semi-structured interviews with 20 key informants (the emergence of the CSFs), in Stage 2 from 65 respondents to a short online survey (the ranking of the CSFs) and in Stage 3 using semi-structured interviews with nine IS/cyber security practitioners (the emergence of the guiding principles). Using a multi-stage research design allows the authors to propose and evaluate the 11 CSFs for SETA programme effectiveness.

This study conducted a mean score analysis to evaluate the level of importance of each CSF within two independent groups of IS/cyber security professionals. This multi-stage analysis produces a ranked list of 11 CSFs for SETA programme effectiveness, while the difference in the rankings leads to the emergence of five CSF-specific guiding principles (to increase the likelihood of delivering an effective SETA programme within an organisational context). This analysis also reveals that most of the contradictions/differences in CSF rankings between IS/cyber security practitioners are linked to the design phase of the SETA programme life cycle. While two CSFs, “maintain quarterly evaluation of employee performance” (CSF-DS6) and “build security awareness campaigns” (CSF-EV1), represent the most significant contradiction in this study.

The 11 CSFs for SETA programme effectiveness, along with the five CSF-specific guiding principles, provide a greater depth of knowledge contributing to both theory and practice and lays the foundation for future studies. Therefore, the outputs of this study provide valuable insights on the areas that practice needs to get right to deliver effective SETA programmes.

This study aims to investigate the implementation of lean human resource management (HRM) practices in manufacturing small- and medium-sized enterprises (SMEs) and explore how various factors interact to influence their successful adoption. By exploring the interplay among these factors, the research seeks to identify key drivers affecting the adoption of lean HRM in manufacturing SMEs. Ultimately, the research intends to provide insights that can guide organisations, practitioners and policymakers in effectively implementing lean HRM practices to enhance operational efficiency, workforce engagement and competitiveness within the manufacturing SME sector.

The study combined total interpretive structural modelling (TISM) and Matrice d'Impacts Croisés Multiplication Appliquée à un Classement (MICMAC) analysis. TISM helped in understanding the hierarchical relationship among different factors influencing lean HRM implementation, whereas MICMAC analysis provided insights into the level of influence and dependence of each factor on others.

The research revealed that “top management support” emerged as the most independent factor, indicating that strong support from top management is crucial for initiating and sustaining lean HRM practices in manufacturing SMEs. On the other hand, “employee involvement and empowerment” was identified as the most dependent factor, suggesting that fostering a culture of employee engagement and empowerment greatly relies on the successful implementation of lean HRM practices.

While the study provided valuable insights, it has certain limitations. The research was conducted within the specific context of manufacturing SMEs, which might limit the generalizability of the findings to other industries. Expert opinions introduce subjectivity in data collection. Additionally, the study may not cover all critical factors, allowing room for further exploration in future research.

The findings have practical implications for manufacturing SMEs aiming to implement lean HRM practices. Recognising the pivotal role of top management support, organisations should invest in cultivating a strong leadership commitment to lean HRM initiatives. Furthermore, enhancing employee involvement and empowerment can lead to better adoption of lean HRM practices, resulting in improved operational efficiency and overall competitiveness.

This research contributes to the field by offering a comprehensive exploration of the interplay among factors influencing lean HRM implementation. The use of TISM and MICMAC analysis provides a unique perspective on the relationship dynamics between these factors, allowing for a nuanced understanding of their roles in the adoption of lean HRM practices in manufacturing SMEs. The identification of “top management support” as the most independent and “employee involvement and empowerment” as the most dependent factors adds original insights to the existing literature.

This study aims to introduce and evaluate the COPULA framework, a construction project monitoring solution based on blockchain designed to address the inherent challenges of construction project monitoring and management. This research aims to enhance efficiency, transparency and trust within the dynamic and collaborative environment of the construction industry by leveraging the decentralized, secure and immutable nature of blockchain technology.

This paper employs a comprehensive approach encompassing the formulation of the COPULA model, the development of a digital solution using the ethereum blockchain and extensive testing to assess performance in terms of execution cost, time, integrity, immutability and security. A case analysis is conducted to demonstrate the practical application and benefits of blockchain technology in real-world construction project monitoring scenarios.

The findings reveal that the COPULA framework effectively addresses critical issues such as centralization, privacy and security vulnerabilities in construction project management. It facilitates seamless data exchange among stakeholders, ensuring real-time transparency and the creation of a tamper-proof communication channel. The framework demonstrates the potential to significantly enhance project efficiency and foster trust among all parties involved.

While the study provides promising insights into the application of blockchain technology in construction project monitoring, future research could explore the integration of COPULA with existing project management methodologies to broaden its applicability and impact. Further investigations into the solution’s scalability and adaptation to various construction project types and sizes are also suggested.

This research offers a comprehensive blockchain solution specifically tailored for the construction industry. Unlike prior studies focusing on theoretical aspects, this paper presents a practical, end-to-end solution encompassing model formulation, digital implementation, proof-of-concept testing and validation analysis. The COPULA framework marks a significant advancement in the digital transformation of construction project monitoring, providing a novel approach to overcoming longstanding industry challenges.

This paper aims to evaluate the Digital Government Collaborative Platform (DGCP), which facilitates collaborations between the citizens and the government to address environmental issues in Sri Lanka. The DGCP is an artifact developed by the value-sensitive design approach.

The DGCP is evaluated following the Framework for Evaluation in Design Science Research (FEDS). In total, 224 citizens participated in the survey based on the User Experience Questionnaire (UEQ) and open questions about human values embedded in the design. Fifteen government officers were interviewed to enhance the evaluation.

The DGCP received positive evaluations from the citizens and government officers. The platform is attractive, novel and pragmatic, also generating hedonic experiences for the citizens. The users believed that human values are reflected in the DGCP. Furthermore, they shared a few suggestions to improve it.

The paper contributes knowledge to evaluating digital government systems, especially in developing countries. The human-value-centered DGCP was evaluated using multiple methods of quantitative (i.e. UEQ Survey) and qualitative (i.e. qualitative interviews with stakeholders) techniques. Furthermore, the systematic process of DGCP evaluation produces a case-based guideline for evaluating related and similar digital government systems using FEDS.

To make more smart health-care system, the health-care data should be shared in the secure manner, and it improves health-care service quality. This paper aims to implement a modern decentralized blockchain, safe and easy-to-use health-care technology application in the cloud.

On observing the graph, the convergence analysis of proposed Levy Flight-integrated moth flame optimization method at 80th iteration was 4.59%, 2.80%, 3.316%, 8.92% and 2.55% higher than the traditional models MFO, artificial bee colony (ABC), particle swarm optimization (PSO), moth search algorithm (MSA) and glow worm swarm optimization (GWSO), respectively, for Hungarian data set. Particularly, in best case scenario, the adopted method attains low cost value (5.672671) when compared to all other traditional models such as MFO (5.727314), ABC (5.711577), PSO (5.706499), MSA (5.764517) and GWSO (5.723353).

The proposed method achieved effective performance in terms of key sensitivity, sanitization effectiveness, restoration effectiveness, etc.

Regarding human resource and labour relations management, academia focuses mainly on cities; however, rural areas are an integral part of China's economic structure. This study focuses on the movie projection industry in China's rural areas and explores how human resource practices (HRPs) are transformed and the labour process is reconstructed in digital transformation.

We adopt a case study of a rural movie projection company. The company's HRPs reconstructed the labour process of movie projection, and they have been promoted as national standards. Data were collected from in-depth interviews, files and observations.

Rural movie projection companies combine high-performance and paternalistic HRPs in the media industry's digital transformation. HRPs and digital technology jointly reconstruct the labour process. First, the HRPs direct labour process practices towards standardisation. Second, the digital supervision platform guides the control style from simple to technical, placing projectionists under pressure while increasing management efficiency. Third, rural movies made using digital technology have disenchanted rural residents. Accordingly, the conventional relationships between the “country and its citizens,” “individuals themselves,” and “models and individuals” have been removed, and a new relationship between “individuals themselves” is formed thanks to the novel HRPs.

This research plays a crucial role in exposing researchers to the labour process of rural movie projection, which is significant in China but often ignored by Western academia and advances the Chinese contextualisation of research on labour relations.

The purpose of this study is to test the impact of time and price sensitivity on consumer satisfaction and purchase intention on online-to-offline (O2O) takeout platforms and explore the moderating effect of purchase preference on time sensitivity and satisfaction, as well as price sensitivity and satisfaction, in order to guide market pricing.

A structural equation model (SEM) of customer purchase intention was constructed, and the relationships between the variables (time sensitivity, price sensitivity, satisfaction and purchase intention) were examined. The completed questionnaires of 349 respondents were collected from the Questionnaire Star platform in China. The research model and hypotheses were then tested. Analytic hierarchy procedure was used to determine the moderating effect of purchase preference. Finally, the study proposes a pricing strategy for customer-active selective services.

Satisfaction positively influences purchase intention, and price sensitivity significantly increases satisfaction and further increases purchase intention; however, time sensitivity negatively affects satisfaction. Specifically, purchase preference has strongly moderated the relationship between time, price sensitivity and satisfaction. In addition, the findings show that when purchase preference is high, the effect of price sensitivity on satisfaction is stronger, suggesting the importance of purchase preference in strengthening purchase intentions. The research work recommends a pricing strategy involving value-added pricing primarily for time-sensitive customers, which can help build a high-end brand image and reduce price competition. Reduced pricing is mainly for price-sensitive customers, which is conducive to stimulating consumption within a specific time. This pricing strategy is important for adjusting market sensitivity and flexibility.

This research provides new ideas for related disciplines and guidance for the differentiated pricing and promotion of takeout platforms, as well as a theoretical basis for the diversified development of takeout platforms, improvement of personalized service quality and enhancement of customer stickiness. This study fills gaps in the existing literature on the moderating effect of purchase preference on time sensitivity and satisfaction and price sensitivity and satisfaction.