| 1. |
- Faizi, Ana, et al.
(författare)
-
From rationale to lessons learned in the cloud information security risk assessment : a study of organizations in Sweden
- 2022
-
Ingår i: Information and Computer Security. - : Emerald Group Publishing Limited. - 2056-4961. ; 30:2, s. 190-205
-
Tidskriftsartikel (refereegranskat)abstract
- Purpose:This study aims to address the issue of practicing information security risk assessment (ISRA) on cloud solutions by studying municipalities and large organizations in Sweden.Design/methodology/approach:Four large organizations and five municipalities that use cloud services and conduct ISRA to adhere to their information security risk management practices were studied. Data were gathered qualitatively to answer the study’s research question: How is ISRA practiced on the cloud? The Coat Hanger model was used as a theoretical lens to study and theorize the practices.Findings:The results showed that the organizations aimed to follow the guidelines, in the form of frameworks or their own experience, to conduct ISRA; furthermore, the frameworks were altered to fit the organizations’ needs. The results further indicated that one of the main concerns with the cloud ISRA was the absence of a culture that integrates risk management. Finally, the findings also stressed the importance of a good understanding and a well-written legal contract between the cloud providers and the organizations using the cloud services.Originality/value:As opposed to the previous research, which was more inclined to try out and evaluate various cloud ISRA, the study provides insights into the practice of cloud ISRA experienced by the organizations. This study represents the first attempt to investigate cloud ISRA that organizations practice in managing their information security.
|
|
| 2. |
- Islami, Lejla
(författare)
-
Envisioning Usable Privacy in Smart Environments : A Technical and Intercultural Perspective
- 2024
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Smart environments provide users with a large number of new services that will improve their lives, such as smarter and more efficient transportation, advanced smart home services, and pervasive healthcare. Yet, they also have the potential for collecting staggering amounts of personal information, which, if misused, poses a multitude of privacy threats to users ranging from tracking, stalking to monitoring and profiling. Consequently, the users’ right to informational self-determination is at stake in smart environments. Therefore, there is a need for solutions that empower individuals with control over their data in smart environments. Privacy-Enhancing Technologies (PETs) and privacy by design and by default can help to protect users’ privacy. In particular, usable Privacy-Enhancing Identity Management (PE-IdM) can re-establish user control and, thus, informational self-determination by offering users a selection of meaningful preference-based privacy settings that they could choose from to lessen the configuration burden of privacy settings. However, different privacy trade-offs need to be considered and managed for the configuration of the identity management system, as well as various factors influencing users’ privacy preferences. Guidelines for the design of usable management of privacy settings that address varying end-user preferences for control, location sharing and privacy conflicting goals are needed. The objective of this thesis is to propose viable approaches for enforcing usable PE-IdM for smart environments, with a focus on vehicular ad hoc networks (VANETs). To that end, we unravel the technical state of the art regarding the problem space and solutions. We employ qualitative and quantitative empirical Human-Computer Interaction (HCI) research methods to investigate different users’ privacy preferences and factors affecting such preferences. Our results demonstrate a cultural and regional influence on willingness to share location data and preferences for trade-offs for location privacy. Based on our results, we elicit end-users and design requirements and propose high-level design guidelines for usable PE-IdM for VANETs. These guidelines aim to simplify privacy and identity management for users by offering selectable settings that will cater for their different privacy needs and preferences.
|
|
| 3. |
- Lindqvist, Gunnar, et al.
(författare)
-
How do Bitcoin Users Manage Their Private Keys?
- 2021
-
Ingår i: Proceedings of the 7th International Workshop on Socio-Technical Perspective in IS Development (STPIS 2021). ; , s. 11-21
-
Konferensbidrag (refereegranskat)abstract
- Bitcoin has emerged as the most recognisable cryptocurrency due to its usages as a speculative asset,medium of exchange and store of value. The fundamental characteristics of trustless and secure soundmoney have made it appealing to people. As a result of the immutability of Bitcoin, monetary lossescaused by user security mistakes such as lose possession of private keys may hinder Bitcoin usage. Wesurveyed 339 Bitcoin users to explore the interaction between individuals and the technology of Bitcoinof how they safeguard their Bitcoin private keys. The results showed that users employed technologiesto enhance the protection of their Bitcoin private keys, such as encryption and multi-signature. However,a proportion of users employed less secure approaches. The study results suggest that users preferencrypting their private keys rather than multi-signature due to convenience and ease of use. Hardwarewallets were moreover the most used wallet by the participants.
|
|
| 4. |
- Lundgren, Martin, et al.
(författare)
-
A Review of Cyber Threat (Artificial) Intelligence in Security Management
- 2023. - 1
-
Ingår i: Artificial Intelligence and Cybersecurity. - Cham : Springer Nature Switzerland AG. - 9783031150296 - 9783031150326 - 9783031150302 ; , s. 29-45
-
Bokkapitel (refereegranskat)abstract
- Managing cybersecurity within organizations typically relies on careful consideration and management of its risks. By following an iterative—often sequential—risk management process, an organization’s exposure to risks can be assessed by weighing organizational digital asset values against the probability of being harmed by a threat [29]. However, this approach has been criticized for reflecting only a snapshot of the organization’s assets and threats. Furthermore, identifying threats and the ability to remain updated on current threats and vulnerabilities are often dependent on skilled and experienced experts, causing risks to be primarily determined based on subjective judgment [46]. Nevertheless, this also poses a challenge to organizations that cannot stay up-to-date with what assets are vulnerable or attain personnel with the necessary experience and know-how to obtain relevant information on cybersecurity threats towards those assets [8, 30, 37].
|
|
| 5. |
- Lundgren, Martin, et al.
(författare)
-
Security and Privacy of Smart Homes : Issues and Solutions
- 2021
-
Ingår i: Security and Privacy in the Internet of Things. - : John Wiley & Sons. - 9781119607748 - 9781119607755 - 9781119607762 - 9781119607779 ; , s. 235-260
-
Bokkapitel (refereegranskat)abstract
- The current discussion and adoption of new technologies such as Internet of Things and smart technologies, like smart homes, have blossomed over the last decade. The user-centric aspect plays a vital role in the development of smart homes, since its spread and usage is fundamentally depending on people adopting new technologies into their normal everyday lives. This chapter contributes to raising our understanding of the security and privacy challenges and solutions that exist within smart homes. It first investigates various dimensions of information security and privacy in order to build a framework to analyze actual or perceived security and privacy issues that can arise from new technologies like smart homes. The chapter presents what security techniques and mechanisms are available to address these. Finally, it discusses what the future might hold in terms of security and privacy of smart homes, followed by a section highlighting the contributions of this chapter.
|
|
| 6. |
- Mannebäck, Emelie, et al.
(författare)
-
Challenges of Managing Information Security during the Pandemic
- 2021
-
Ingår i: Challenges. - : MDPI. - 2078-1547. ; 12:2
-
Tidskriftsartikel (refereegranskat)abstract
- The COVID-19 pandemic of 2019 surprised information security practitioners in the organizations due to the change imposed on employees’ work routines. Employees were asked to work from home, and therefore changes were necessary to reduce information security risks actively. The abrupt change of work environments brought many challenges to the practitioners, which caused them to make decisions regarding organizational information security. This article aims to uncover those challenges through an ethnography study within an organization during the fourteen months of teleworking. On an overarching level, we found four challenges to be of concern: technical security, regulations and policies, employee awareness of security issues, and, finally, preparedness for the new work environment of teleworking. We believe that the challenges brought by the analysis will inspire discussions about the future of research and practice regarding information security management in case of disasters.
|
|
| 7. |
- Padyab, Ali, et al.
(författare)
-
Issues and Adoption Barriers in Wearable Technologies
- 2021
-
Ingår i: International Journal of Technology Diffusion (IJTD). - : IGI Global. - 1947-9301 .- 1947-931X. ; 12:1
-
Tidskriftsartikel (refereegranskat)abstract
- The rapid growth of the Internet of Things (IoT) has given rise to many wearable devices integrated into daily life. However, achieving end-users' long-term adoption is still an issue. While wearables' technological implementation is advancing rapidly, their consequences need to be scrutinized to alleviate the concerns that threaten a strong civil and sustainable society. The purpose of this article is to investigate issues (social, ethical, and ecological) and adoption barriers related to wearable technologies from end-users' perspectives. The authors undertook a systematic literature review combined with two rounds of interviews with domain experts as well as end-users of IoT wearable devices to find relevant issues and adoption barriers. This article summarizes social, ethical, and ecological issues as well as adoption barriers of wearable technologies. These issues and adoption barriers have important implications that need to be addressed to increase the adoption and diffusion of wearable technologies.
|
|
| 8. |
- Padyab, Ali Mohammad, et al.
(författare)
-
Adoption Barriers of IoT in Large Scale Pilots
- 2020
-
Ingår i: Information. - : MDPI. - 2078-2489. ; 11:23, s. 1-23
-
Tidskriftsartikel (refereegranskat)abstract
- The pervasive connectivity of devices enabled by Internet of Things (IoT) technologies is leading the way in various innovative services and applications. This increasing connectivity comes with its own complexity. Thus, large scale pilots (LSPs) are designed to develop, test and use IoT innovations in various domains in conditions very similar to their operational scalable setting. One of the key challenges facing the diffusion of such innovations within the course of an LSP is understanding the conditions in which their respective users decide to adopt them (or not). Accordingly, in this study we explore IoT adoption barriers in four LSPs in Europe from the following domains: smart cities, autonomous driving, wearables and smart agriculture and farming. By applying Roger’s Diffusion of Innovation as a theoretical lens and using empirical data from workshops and expert interviews, we identify a set of common and domain specific adoption barriers. Our results reveal that trust, cost, perceived value, privacy and security are common concerns, yet shape differently across domains. In order to overcome various barriers, the relative advantage or value of using the innovation needs to be clearly communicated and related to the users’ situational use; while this value can be economic in some domains, it is more hedonic in others. LSPs were particularly challenged in applying established strategies to overcome some of those barriers (e.g., co-creation with end-users) due to the immaturity of the technology as well as the scale of pilots. Accordingly, we reflect on the theoretical choice in the discussion as well as the implications of this study on research and practice. We conclude with providing practical recommendations to LSPs and avenues for future research
|
|
| 9. |
- Padyab, Ali, et al.
(författare)
-
Perceived Privacy Problems Within Digital Contact Tracing : A Study Among Swedish Citizens
- 2021
-
Ingår i: ICT Systems Security and Privacy Protection. - Cham : Springer. - 9783030781224 - 9783030781200 - 9783030781194 ; , s. 270-283
-
Konferensbidrag (refereegranskat)abstract
- Several governments employed digital contact tracing using smartphone apps to combat the COVID-19 pandemic in 2020. Research shows that privacy concerns hinder the adoption of such apps, while privacy problems which emerged by using them are empirically unknown. This study aims to uncover the dimensions of privacy problems available in digital contact tracing through a survey from 453 citizens in Sweden. Our results show that respondents found privacy problems regarding surveillance, identification, aggregation, secondary use, disclosure, and stigma highly relevant in contact tracing apps. Among demographic factors, younger respondents were generally more concerned about privacy risks than older respondents. This study extends previous literature by revealing privacy problems arising from contact tracing apps.
|
|
| 10. |
- Padyab, Ali, et al.
(författare)
-
Stress in doctoral supervision : A perspective on supervisors
- 2023
-
Ingår i: Journal of Praxis in Higher Education. - : University of Borås. - 2003-3605. ; 5:2, s. 91-117
-
Tidskriftsartikel (refereegranskat)abstract
- This paper shares findings from an interview study designed to open up critical conversations on complexity in advising. Using a narrative inquiry approach to centre storytelling and personal experience as valuable knowledge, I interview advisors (both academic and unofficial) who were central to my own doctoral research journey, as well as former doctoral students of mine. The interview results are put in relation with my own critical reflection on my advising practices as an ethos, as opposed to a set of tasks or functions, and put into context with larger social concepts such as positionality.This new perspective is suggested as a supplement to complexify and expand earlier research on advising styles. Advisingis characterised as deeply entangled with mentoring as well as teaching at large, and the paper concludes with identification of larger ethea, reflecting howadvising practices are co-constituted in relation with a range of other factors,such as positionality, institutional and disciplinary context, the larger student lifeworld, and perspectives on teaching and learning.
|
|
