Towards a Severity Assessment Method for Potential Cyber Attacks to Connected and Autonomous Vehicles

CAV (connected and autonomous vehicle) is a crucial part of intelligent transportation systems. CAVs utilize both sensors and communication components to make driving decisions. A large number of companies, research organizations, and governments have researched extensively on the development of CAVs. The increasing number of autonomous and connected functions however means that CAVs are exposed to more cyber security vulnerabilities. Unlike computer cyber security attacks, cyber attacks to CAVs could lead to not only information leakage but also physical damage. According to the UK CAV Cyber Security Principles, preventing CAVs from cyber security attacks need to be considered at the beginning of CAV development. In this paper, a large set of potential cyber attacks are collected and investigated from the aspects of target assets, risks, and consequences. Severity of each type of attacks is then analysed based on clearly defined new set of criteria. The levels of severity for the attacks can be categorized as critical, important, moderate, and minor. Mitigation methods including prevention, reduction, transference, acceptance, and contingency are then suggested. It is found that remote control, fake vision on cameras, hidden objects to LiDAR and Radar, spoofing attack to GNSS, and fake identity in cloud authority are the most dangerous and of the highest vulnerabilities in CAV cyber security

Securing the Elderly: A Developmental Approach to Hypermedia-Based Online Information Security for Senior Novice Computer Users

Whilst security threats to the general public continue to evolve, elderly computer users with limited skill and knowledge are left playing catch-up in an ever-widening gap in fundamental cyber-related comprehension. As a definable cohort, the elderly generally lack awareness of current security threats, and remain under-educated in terms of applying appropriate controls and safeguards to their computers and networking devices. This paper identifies that web-based computer security information sources do not adequately provide helpful information to senior citizen end-users in terms of both design and content

The Impact Of Technology Trust On The Acceptance Of Mobile Banking Technology Within Nigeria

With advancement in the use of information technology seen as a key factor in economic development, developed countries are increasingly reviewing traditional systems, in various sectors such as education, health, transport and finance, and identifying how they may be improved or replaced with automated systems. In this study, the authors examine the role of technology trust in the acceptance of mobile banking in Nigeria as the country attempts to transition into a cashless economy. For Nigeria, like many other countries, its economic growth is linked, at least in part, to its improvement in information technology infrastructure, as well as establishing secure, convenient and reliable payments systems. Utilising the Technology Acceptance Model, this study investigates causal relationships between technology trust and other factors influencing user’s intention to adopt technology; focusing on the impact of seven factors contributing to technology trust. Data from 1725 respondents was analysed using confirmatory factor analysis and the results showed that confidentiality, integrity, authentication, access control, best business practices and non-repudiation significantly influenced technology trust. Technology trust showed a direct significant influence on perceived ease of use and usefulness, a direct influence on intention to use as well as an indirect influence on intention to use through its impact on perceived usefulness and perceived ease of use. Furthermore, perceived ease of use and perceived usefulness showed significant influence on consumer’s intention to adopt the technology. With mobile banking being a key driver of Nigeria’s cashless economy goals, this study provides quantitative knowledge regarding technology trust and adoption behaviour in Nigeria as well as significant insight on areas where policy makers and mobile banking vendors can focus strategies engineered to improve trust in mobile banking and increase user adoption of their technology

Linking consumer trust perception in constructing an e-commerce trust model

Trust issues is still considered as a main obstacle in the implementation of eCommerce Due to the increasing numbers of cyber crimes committed today, consumers are faced with doubt to engage in online shopping. As a safety precaution, consumers will take certain measures to protect their information by evaluating and assessing these websites trustworthiness before an actual purchase occurs. This paper describes a model that examines the elements related to online consumer behavior and to investigate this behavior towards building and increasing trust. The applicability of the model was tested in attempt to view consumers' acceptance towards the model and its component. The fmdings indicate the respondents are aware of the trust issue surrounding e-Commerce implementation as they accept and agreed with the model and its components

Practical Methods for Information Security Risk Management

The purpose of this paper is to present some directions to perform the risk man-agement for information security. The article follows to practical methods through question-naire that asses the internal control, and through evaluation based on existing controls as part of vulnerability assessment. The methods presented contains all the key elements that concurs in risk management, through the elements proposed for evaluation questionnaire, list of threats, resource classification and evaluation, correlation between risks and controls and residual risk computation.Risk Management, Threats, Vulnerabilities, Information Security

Generating citizen trust in e-government using a trust verification agent: A research note

Generating Citizen Trust in e-Government using a Trust Verification AgentThis is an eGISE network paper. It is motivated by a concern about the extent to which trust issues inhibit a citizen’s take-up of online public sector services or engagement with public decision and policy making. A citizen’s decision to use online systems is influenced by their willingness to trust the environment and agency involved. This project addresses one aspect of individual “trust” decisions by providing support for citizens trying to evaluate the implications of the security infrastructure provided by the agency. Based on studies of the way both groups (citizens and agencies) express their concerns and concepts in the security area, the project will develop a software tool – a trust verification agent (TVA) - that can take an agency’s security statements (or security audit) and infer how effectively this meets the security concerns of a particular citizen. This will enable citizens to state their concerns and obtain an evaluation of the agency’s provision in appropriate “citizen friendly” language. Further, by employing rule-based expert systems techniques the TVA will also be able to explain its evaluation.Engineering and Physical Sciences Research Council, UK (grant GR/T27020/01