Towards a framework for online information security applications development: A socio-technical approach

Mujinga, Mathias; Eloff, Mariki M.; Kroeze, Jan H.

doi:10.18489/sacj.v31i1.587

Cited by 7 publications

(22 citation statements)

References 23 publications

(35 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Twenty-nine government officials from agriculture, finance, education, and revenue offices were purposively selected from four districts; Mota, Woreta, Dangila, and Finoteselam, by the Amhara Regional State Science and ICT Commission. A qualitative interpretive approach using semi-structured interviews was used for the requirements elicitation process (see Appendix A) (Mujinga et al, 2019). The data was then transcribed into text and analysed thematically using Atlas.ti8 to identify 9 themes and 17 codes as shown in Table 1.…”

Section: Diagnosismentioning

confidence: 99%

Evaluating the optimization of limited government resources in low-income countries using a sharing economy platform

Gebeyehu

Twinomurinzi

2022

SACJ

View full text Add to dashboard Cite

This paper reports on the design and usefulness of a digital government innovation to share limited government resources in low-income countries (LICs) based on the sharing economy paradigm, collaborative consumption (CC). The innovation was developed using design science research and the usefulness was evaluated using the Unified Theory of Acceptance and Use of Technology (UTAUT) model (n=321) with Structural Equation Modeling (SEM). The key findings reveal that performance expectancy, effort expectancy, and facilitating conditions are significant factors of the behavioral intention to adopt the CC platform. Social influence was however not a significant factor. These key findings suggest the practical usefulness of the CC platform in motivating the sharing of limited government resources and overcoming traditional government bureaucracy. The study contributes to information systems theory in advocating for the adoption of a sharing economy ethos as a means to maximizing limited government resources in LICs, and in creating digital artifacts using design science research methods. The study recommends for LIC governments to further extend the resource sharing capability to include non-government organisations and citizens.

show abstract

Section: Diagnosismentioning

confidence: 99%

Evaluating the optimization of limited government resources in low-income countries using a sharing economy platform

Gebeyehu

Twinomurinzi

2022

SACJ

View full text Add to dashboard Cite

show abstract

“…However, the framework does not provide details such as mechanism for identification of the conflicts, elicitation of suitable trade-offs, dissemination mechanism for usable security patterns; all of which have been considered in the current work. Mujinga et al, (2019) proposed "Socio-technical Information Security Framework". The framework has been designed while considered both technical and social aspects of information security.…”

Section: Related Workmentioning

confidence: 99%

“…Mujinga et al (2019) proposed “Socio-technical Information Security Framework.” The framework has been designed while considering both technical and social aspects of information security. The authors claim that the development of security application can be improved by applying 12 design principles presented in the framework.…”

Section: Background and Related Workmentioning

confidence: 99%

Incorporating the human facet of security in developing systems and services

Naqvi

Clarke

Porras

2020

ICS

View full text Add to dashboard Cite

Purpose The purpose of this paper is to present an integrative framework for handling the security and usability conflicts during the system development lifecycle. The framework has been formulated while considering key concerns raised after conducting a series of interviews with practitioners from the industry. The framework is aimed at assisting system designers and developers in making reasonably accurate choices when it comes to the trade-offs between security and usability. The outcomes of using the framework are documented as design patterns, which are disseminated among the community of system designers and developers for use in other but similar contexts. Design/methodology/approach A design science research approach was used to develop the integrative framework for usable security. Interviews were conducted for identification of the key concerns; however, the framework was validated during a workshop. Moreover, to validate the patterns’ template and the usable security pattern identified after instantiating the framework, a survey instrument was used. Findings It is important to consider the usability aspect in the development of security systems; otherwise, the systems, despite being secure against attacks, would be susceptible to user mistakes leading to compromises. It is worthwhile to handle usable security concerns right from the start of system development life cycle. Design patterns can help the developers in assessing the usability of their security options. Practical implications Practical implications The framework would assist the designers and developers in handling the security and usability conflicts right from the start of the system development life cycle. The patterns documented after using the framework would help not only the designers and developers working in the industry but also freelancers. Originality/value The authors present a novel framework to handle the security and usability conflicts during the system development life cycle. The development process of the framework was driven by the concerns raised after a series of interviews with the practitioners from industry. The framework presented in this paper was validated during a workshop in which it was exposed for review and comments by the participants from the industry. To demonstrate the use of patterns in general and the framework in particular, a case study featuring smart grids from the domain of cyber-physical systems is presented, which (to the best of the authors’ knowledge) features the first work relevant to usable security in the domain of cyber-physical systems.

show abstract

“…In this case, the study professes SM usage into social and technical dimensions, respectively. The social dimension attributes consist of the behavioral (subjective) aspects of information security, while the technical dimension entails the technology (objective) aspects of information security [1] [3] [4]. In line with usable-security principles, no study has been done to identify SM usage information security factors, in the domain of social, and technical dimensions [3].…”

Section: Introductionmentioning

confidence: 99%

“…Existing studies often focus on information security attributes associated with mainly the technical aspect of SM usage [5]. And yet, numerous studies have reported social-engineering (behavioral) attacks as one of the prevalent forms of online information security breaches [4] [5]. Therefore, this study was intended to identify, examine, and validate SM socio-technical information security factors, in line with usable-security principles.…”

Section: Introductionmentioning

confidence: 99%

Identification and Validation of Social Media Socio-Technical Information Security Factors with Respect to Usable-Security Principles

Mutebi¹,

Kareyo²,

Chinecherem³

et al. 2022

JCC

View full text Add to dashboard Cite

The goal of this manuscript is to present a research finding, based on a study conducted to identify, examine, and validate Social Media (SM) socio-technical information security factors, in line with usable-security principles. The study followed literature search techniques, as well as theoretical and empirical methods of factor validation. The strategy used in literature search includes Boolean keywords search, and citation guides, using mainly web of science databases. As guided by study objectives, 9 SM socio-technical factors were identified, verified and validated. Both theoretical and empirical validation processes were followed. Thus, a theoretical validity test was conducted on 45 Likert scale items, involving 10 subject experts. From the score ratings of the experts, Content Validity Index (CVI) was calculated to determine the degree to which the identified factors exhibit appropriate items for the construct being measured, and 7 factors attained an adequate level of validity index. However, for reliability test, 32 respondents and 45 Likert scale items were used. Whereby, Cronbach's alpha coefficient (α-values) were generated using SPSS. Subsequently, 8 factors attained an adequate level of reliability. Overall, the validated factors include; 1) usability-visibility, learnability, and satisfaction; 2) education and training-help and documentation; 3) SM technology development-error handling, and revocability; 4) information security -security, privacy, and expressiveness. In this case, the confirmed factors would add knowledge by providing a theoretical basis for rationalizing information security requirements on SM usage.

show abstract

Towards a framework for online information security applications development: A socio-technical approach

Cited by 7 publications

References 23 publications

Evaluating the optimization of limited government resources in low-income countries using a sharing economy platform

Evaluating the optimization of limited government resources in low-income countries using a sharing economy platform

Incorporating the human facet of security in developing systems and services

Identification and Validation of Social Media Socio-Technical Information Security Factors with Respect to Usable-Security Principles

Contact Info

Product

Resources

About