6,247 research outputs found

    The Datafication of Open Banking: A critical interrogation into the data privacy issues and cybersecurity risk implications of cross-border data flows under Canada’s proposed Open Banking Framework

    Get PDF
    Banks have always served as the chief custodians of financial data and in this role, they regulate the activities between customers, technology, and merchants. The worldwide consumer demands have added pressure to financial institutions to adopt more streamlined methods when it comes to accessing financial data. This comes at a time when the financial services industry sits on the verge of pending reforms through digitisation and crossborder transactions. Open banking is one such change which is predicted to shake up the traditional banking model and is expected to bring a plethora of benefits to both customers and the financial industry. Open banking provides access to consumer banking, transactions, and other financial information to third party providers (TPPs) via application programming interfaces (APIs). Open banking has the possibility of expanding to include user consent-based movement of information for investments, insurance, telecommunications, utilities and more. This ability to share financial data through APIs could promote faster, easier, and more secure payments, particularly crossborder transactions. There are three major challenges with open banking that this research covers. The first is that open banking introduces a consumer data portability feature at a time when there is no existing right under the current law. The second is that open banking is a consent-based system that will require a higher standard of consent from a privacy law perspective especially in relation to crossborder transactions. The third is that open banking exacerbates existing cybersecurity risks while creating new ones which may require additional protections through either the financial or privacy law regimes. It is useful to explore that each country imposes separate regulatory limits on what personal data can be transferred or stored in their markets and whether there can ultimately be interoperability of these structures for crossborder transactions. Open banking raises concern that it may become a dangerous route for criminals to trick naĂŻve consumers into disclosing secret information, allowing illegal access to their personal data. As such, there is no room for error in rolling out open banking as a model, as its failure could result in harsh economic impacts across the financial sector

    Using Analytical Information for Digital Business Transformation through DataOps: A Review and Conceptual Framework

    Get PDF
    Organisations are increasingly practising business analytics to generate actionable insights that can guide their digital business transformation. Transforming business digitally using business analytics is an ongoing process that requires an integrated and disciplined approach to leveraging analytics and promoting collaboration. An emerging business analytics practice, Data Operations (DataOps), provides a disciplined approach for organisations to collaborate using analytical information for digital business transformation. We propose a conceptual framework by reviewing the literature on business analytics, DataOps and organisational information processing theory (OIPT). This conceptual framework explains how organisations can employ DataOps as an integrated and disciplined approach for developing the analytical information processing capability and facilitating boundary-spanning activities required for digital business transformation. This research (a) extends current knowledge on digital transformation by linking it with business analytics from the perspective of OIPT and boundary-spanning activities, and (b) presents DataOps as a novel approach for using analytical information for digital business transformation

    A Survey on Forensics and Compliance Auditing for Critical Infrastructure Protection

    Get PDF
    The broadening dependency and reliance that modern societies have on essential services provided by Critical Infrastructures is increasing the relevance of their trustworthiness. However, Critical Infrastructures are attractive targets for cyberattacks, due to the potential for considerable impact, not just at the economic level but also in terms of physical damage and even loss of human life. Complementing traditional security mechanisms, forensics and compliance audit processes play an important role in ensuring Critical Infrastructure trustworthiness. Compliance auditing contributes to checking if security measures are in place and compliant with standards and internal policies. Forensics assist the investigation of past security incidents. Since these two areas significantly overlap, in terms of data sources, tools and techniques, they can be merged into unified Forensics and Compliance Auditing (FCA) frameworks. In this paper, we survey the latest developments, methodologies, challenges, and solutions addressing forensics and compliance auditing in the scope of Critical Infrastructure Protection. This survey focuses on relevant contributions, capable of tackling the requirements imposed by massively distributed and complex Industrial Automation and Control Systems, in terms of handling large volumes of heterogeneous data (that can be noisy, ambiguous, and redundant) for analytic purposes, with adequate performance and reliability. The achieved results produced a taxonomy in the field of FCA whose key categories denote the relevant topics in the literature. Also, the collected knowledge resulted in the establishment of a reference FCA architecture, proposed as a generic template for a converged platform. These results are intended to guide future research on forensics and compliance auditing for Critical Infrastructure Protection.info:eu-repo/semantics/publishedVersio

    Exploring Campus through Web-Based Immersive Adventures Using Virtual Reality Photography: A Low-Cost Virtual Tour Experience

    Get PDF
    This study aims to assess the incorporation of virtual reality (VR) photography into the web-based immersive application “virtual interactive campus tour (VICT).” This application offers users an immersive experience, allowing them to virtually explore university campuses and access information about the facilities and services available. The VICT application offers a cost-effective, attractive, and sustainable alternative for universities to display their resources and interact with potential students. Through black box testing, we conducted user acceptance testing (UAT) and functionality testing, confirming the application’s readiness for deployment and its capability to meet institutional and end-user requirements. This study also examined the potential for universities to use VR to meet the expectations of prospective students. The application is compatible with both desktop and mobile devices. The results indicated that the overall average validity score was 0.88, suggesting that the measure is valid. The validation results were thoroughly tested and reliable. This study emphasizes the potential of immersive web-based tours in higher education and aims to bridge the divide between virtual exploration and physical visits. By offering an immersive virtual campus experience, this innovative tool has the potential to revolutionize university marketing strategies, increase student engagement, and transform campus visit approaches

    Configuration Management of Distributed Systems over Unreliable and Hostile Networks

    Get PDF
    Economic incentives of large criminal profits and the threat of legal consequences have pushed criminals to continuously improve their malware, especially command and control channels. This thesis applied concepts from successful malware command and control to explore the survivability and resilience of benign configuration management systems. This work expands on existing stage models of malware life cycle to contribute a new model for identifying malware concepts applicable to benign configuration management. The Hidden Master architecture is a contribution to master-agent network communication. In the Hidden Master architecture, communication between master and agent is asynchronous and can operate trough intermediate nodes. This protects the master secret key, which gives full control of all computers participating in configuration management. Multiple improvements to idempotent configuration were proposed, including the definition of the minimal base resource dependency model, simplified resource revalidation and the use of imperative general purpose language for defining idempotent configuration. Following the constructive research approach, the improvements to configuration management were designed into two prototypes. This allowed validation in laboratory testing, in two case studies and in expert interviews. In laboratory testing, the Hidden Master prototype was more resilient than leading configuration management tools in high load and low memory conditions, and against packet loss and corruption. Only the research prototype was adaptable to a network without stable topology due to the asynchronous nature of the Hidden Master architecture. The main case study used the research prototype in a complex environment to deploy a multi-room, authenticated audiovisual system for a client of an organization deploying the configuration. The case studies indicated that imperative general purpose language can be used for idempotent configuration in real life, for defining new configurations in unexpected situations using the base resources, and abstracting those using standard language features; and that such a system seems easy to learn. Potential business benefits were identified and evaluated using individual semistructured expert interviews. Respondents agreed that the models and the Hidden Master architecture could reduce costs and risks, improve developer productivity and allow faster time-to-market. Protection of master secret keys and the reduced need for incident response were seen as key drivers for improved security. Low-cost geographic scaling and leveraging file serving capabilities of commodity servers were seen to improve scaling and resiliency. Respondents identified jurisdictional legal limitations to encryption and requirements for cloud operator auditing as factors potentially limiting the full use of some concepts

    An indigenous perspective on institutions for sustainable business in China

    Get PDF

    Perceived creepiness in response to smart home assistants: A multi-method study

    Get PDF
    Smart home assistants (SHAs) have gained a foothold in many households. Although SHAs have many beneficial capabilities, they also have characteristics that are colloquially described as creepy – a fact that may deter potential users from adopting and utilizing them. Previous research has examined SHAs neither from the perspective of resistance nor the perspective of creepiness. The present research addresses this gap and adopts a multi-method research design with four sequential studies. Study 1 serves as a pre-study and provides initial exploratory insights into the concept of creepiness in the context of SHAs. Study 2 focuses on developing a measurement instrument to assess perceived creepiness. Study 3 uses an online experiment to test the nomological validity of the construct of creepiness in a larger conceptual model. Study 4 further elucidates the underlying behavioral dynamics using focus group analysis. The findings contribute to the literature on the dark side of smart technology by analyzing the triggers and mechanisms underlying perceived creepiness as a novel inhibitor to SHAs. In addition, this study provides actionable design recommendations that allow practitioners to mitigate end users’ potential perceptions of creepiness associated with SHAs and similar smart technologies

    Distributed Ledger Technology (DLT) Applications in Payment, Clearing, and Settlement Systems:A Study of Blockchain-Based Payment Barriers and Potential Solutions, and DLT Application in Central Bank Payment System Functions

    Get PDF
    Payment, clearing, and settlement systems are essential components of the financial markets and exert considerable influence on the overall economy. While there have been considerable technological advancements in payment systems, the conventional systems still depend on centralized architecture, with inherent limitations and risks. The emergence of Distributed ledger technology (DLT) is being regarded as a potential solution to transform payment and settlement processes and address certain challenges posed by the centralized architecture of traditional payment systems (Bank for International Settlements, 2017). While proof-of-concept projects have demonstrated the technical feasibility of DLT, significant barriers still hinder its adoption and implementation. The overarching objective of this thesis is to contribute to the developing area of DLT application in payment, clearing and settlement systems, which is still in its initial stages of applications development and lacks a substantial body of scholarly literature and empirical research. This is achieved by identifying the socio-technical barriers to adoption and diffusion of blockchain-based payment systems and the solutions proposed to address them. Furthermore, the thesis examines and classifies various applications of DLT in central bank payment system functions, offering valuable insights into the motivations, DLT platforms used, and consensus algorithms for applicable use cases. To achieve these objectives, the methodology employed involved a systematic literature review (SLR) of academic literature on blockchain-based payment systems. Furthermore, we utilized a thematic analysis approach to examine data collected from various sources regarding the use of DLT applications in central bank payment system functions, such as central bank white papers, industry reports, and policy documents. The study's findings on blockchain-based payment systems barriers and proposed solutions; challenge the prevailing emphasis on technological and regulatory barriers in the literature and industry discourse regarding the adoption and implementation of blockchain-based payment systems. It highlights the importance of considering the broader socio-technical context and identifying barriers across all five dimensions of the social technical framework, including technological, infrastructural, user practices/market, regulatory, and cultural dimensions. Furthermore, the research identified seven DLT applications in central bank payment system functions. These are grouped into three overarching themes: central banks' operational responsibilities in payment and settlement systems, issuance of central bank digital money, and regulatory oversight/supervisory functions, along with other ancillary functions. Each of these applications has unique motivations or value proposition, which is the underlying reason for utilizing in that particular use case

    Barriers to blockchain adoption in humanitarian logistics in an uncertain environment

    Get PDF
    In the digital age, blockchain technology is recognized as an operational innovation that is rapidly joining the field of supply chain and humanitarian logistics. Hence, blockchain technology has the potential to fundamentally change the field of humanitarian aid, but still relatively little research has been published aimed at improving understanding of the various barriers to blockchain adoption in humanitarian logistics. The aim of this research is to provide an integrated framework for evaluating the barriers to blockchain adoption in the field of humanitarian logistics. To assess the barriers, integrated approach has been applied in three phases. In the first phase of this approach, based on the literature, 10 barriers to the adoption of blockchain in humanitarian logistics are identified and evaluated using the FMEA method. In the second phase, using the opinions of experts, the weights of the three factors are calculated. Then, in the third phase and according to the outputs of the previous phases, obstacles are prioritized using the proposed Z-ARAS method. In addition to assigning different weights to the three factors considering uncertainty and reliability in barriers is also considered in this approach through the theory of Z numbers. The proposed approach of current study was implemented in the evaluation of blockchain adoption barriers in humanitarian logistics. According to the results, the most critical barriers concern with integrating issues, risk of cyber-attacks, and technology risks. The results shown the capability and superiority of the proposed approach compared to other traditional methods such as FMEA and Fuzzy ARAS
    • …
    corecore