Andree E. Widjaja Jengchung Victor Chen

Similar documents
Factors affecting the Satisfaction of China s Mobile Services Industry Customer. Su-Chao Chang a, Chi-Min Chou a, *

1 Introduction. 2 What is Cloud Computing?

VENDOR RISK MANAGEMENT UPDATE- ARE YOU AT RISK? Larry L. Llirán, CISA, CISM December 10, 2015 ISACA Puerto Rico Symposium

The Security Impact of Mobile Device Use by Employees

Clarity in the Cloud. Defining cloud services and the strategic impact on businesses.

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao

Investigating firm s acceptance of cloud computing as disruptive information system: a conceptual model

Data Protection: From PKI to Virtualization & Cloud

An Instrument to Assess Organizational Readiness to Implement Knowledge Management Process

EXAMINING HEALTHCARE PROFESSIONALS ACCEPTANCE OF ELECTRONIC MEDICAL RECORDS USING UTAUT

The Retailing of Life Insurance in Nigeria: An Assessment of Consumers Attitudes

HIT 9 KEY FACTORS INFLUENCING THE ADOPTION OF EMR IN TAIWAN HOSPITAL

Jort Kollerie SonicWALL

Cloud Computing: A Comparison Between Educational Technology Experts' and Information Professionals' Perspectives

On the features and challenges of security and privacy in distributed internet of things. C. Anurag Varma CpE /24/2016

Cloud? Should. My Business Be in the. What you need to know about cloud-based computing for your business. By Bill Natalie

SECURE BACKUP SYSTEM DESKTOP AND MOBILE-PHONE SECURE BACKUP SYSTEM HOSTED ON A STORAGE CLOUD

Attacks from the Inside

Cloud computing: benefits, risks and recommendations for information security

CLOUD COMPUTING SECURITY ISSUES

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution

Spyware is the latest epidemic security threat. Investigating Factors Affecting

Cloud Data Protection for the Masses

Top Five Ways Any Business Can Benefit from Box

WEBSITE PRIVACY POLICY. Last modified 10/20/11

CUSTOMER INFORMATION COMMZOOM, LLC PRIVACY POLICY. For additional and updated information, please visit our website at

Key Security Questions to Ask a Financial Data Aggregation Provider Is the data aggregation partner you re considering following the best practices

Columbia, MO Columbia, MO 65211

Bellevue University Cybersecurity Programs & Courses

CROSS-CULTURAL CONSUMERS KANSEI RESEARCH: THE STUDY OF PRODUCT NEEDS ON MALE AND FEMALE

Security Model for VM in Cloud

Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture

CHAPTER 1 INTRODUCTION

12/19/2014. HIPAA More Important Than You Realize. Administrative Simplification Privacy Rule Security Rule

Protecting Saskatchewan data the USA Patriot Act

Learning Attitude and Its Effect on Applying Cloud Computing Service to IT Education

Challenges of Data Privacy in the Era of Big Data. Rebecca C. Steorts, Vishesh Karwa Carnegie Mellon University November 18, 2014

DEVELOPING AN EXTENDED TECHNOLOGY ACCEPTANCE MODEL: DOCTORS ACCEPTANCE OF ELECTRONIC MEDICAL RECORDS IN JORDAN

The reality of cloud. Go beyond the hype and make a better choice. t e sales@365itms.co.uk.

Cloud Computing. What is Cloud Computing?

Keyfort Cloud Services (KCS)

Targeted Advertising and Consumer Privacy Concerns Experimental Studies in an Internet Context

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

SOFTWARE PIRACY: EXPLORING AWARENESS OF THE LAW AS A DETERMINANT OF SOFTLIFTING ATTITUDE AND INTENTION

How To Deal With Cloud Computing

CLOUD COMPUTING An Overview

A Secure Authenticate Framework for Cloud Computing Environment

APPLYING THE TECHNOLOGY ACCEPTANCE MODEL AND FLOW THEORY TO ONLINE E-LEARNING USERS ACCEPTANCE BEHAVIOR

Session 11 : (additional) Cloud Computing Advantages and Disadvantages

SECURITY RISK MANAGEMENT

AN EMPIRICAL STUDY ON THE INTENTIONS OF PHYSICIANS IN ADOPTING ELECTRONIC MEDICAL RECORDS WITH MODIFIED TECHNOLOGY ACCEPTANCE MODELS IN RURAL AREAS OF

Keywords: Cloud computing, Characteristics of Cloud computing, Models of Cloud computing, Distance learning, Higher education.

Ensuring security the last barrier to Cloud adoption

PCI Compliance: Protection Against Data Breaches

SCADA Cloud Computing

BERKELEY COLLEGE DATA SECURITY POLICY

Fostering Incident Response and Digital Forensics Research

Employee Compliance with Information Systems Security Policy in Retail Industry. Case: Store Level Employees

A COMPARISON ANALYSIS ON THE INTENTION TO CONTINUED USE OF A LIFELONG LEARNING WEBSITE

The Online Banking Usage in Indonesia: An Empirical Study

Cloud Computing for SCADA

Guidelines for Non-Discriminatory Practice

Penta Security 3rd Generation Web Application Firewall No Signature Required.

A Forrester Consulting Thought Leadership Paper Commissioned By Brother. December 2014

Auditing the Security and Management of Smart Devices. ISACA Dallas Meeting February 13, 2014

LSICLG18 Interpret and apply ethical and legal frameworks in the practice of counselling

How To Study Information Security

DESTINATION MELBOURNE PRIVACY POLICY

Transcription:

Andree E. Widjaja Jengchung Victor Chen Institute of International Management National Cheng Kung University, Tainan, Taiwan Andree/Victor 1

Agenda Introduction Cloud Computing Information Security and Privacy issues Study Objective and Research Questions Theoretical Framework Research Model and Hypotheses Research Methodology Questionnaires Design Data analysis Discussion & Conclusion Andree/Victor 2

Introduction Cloud Computing is one of the most promising technology in computing today that represents Information technology (IT) efficiency and Business Agility Trend of using Cloud Computing has become more popular. Cloud Computing Providers (CCP) target a variety of end users from software developers to the general public on every level For example, You Tube and Google docs Andree/Victor 3

Introduction You Tube or Google docs is Cloud Computing since the operations, executions, and users data are stored in remote servers. Users can access their servers through high speed networks, e.g. the Internet Advantages of Cloud Computing: Cutting edge of Computing Technology Strong Computing Powers Flexibilities (scalable hardware and software resources) Cost Saving (no longer need huge IT investment) Andree/Victor 4

Cloud Computing Information Security and Privacy Issues Organizations or users who use Cloud Computing service tend to be critically examine information security and confidentially (privacy) issues Guaranteeing the security data in the cloud is difficult since the provider provide different services and each services has its own security issues Having security and privacy requirements is a must for every CCP in order to mitigate various threats Andree/Victor 5

Cloud Computing Information Security and Privacy Issues Security technology (technically) itself may not enough, thus CCP should establish a robust set of policies and protocols to guarantee the security and privacy rights on cloud environment However, there are still great risks, particularly in information security and privacy A recent survey conducted by International Data Cooperation (IDC) revealed the main concern in using Cloud Computing service, almost 75% of respondents were worried about security issues Andree/Victor 6

Cloud Computing Information Security and Privacy Issues Complaint with US federal trade commission (FTC) about security standards or Google Cloud Computing Does not provide encryption for the information stored in their servers Most relevant threats in Cloud Computing: Abuse and nefarious use Account and service hijacking (Phising, fraud, etc) Unknown security profile Though CCP acknowledge the Information security and privacy policies, there is still vague understanding on how this policy could totally guarantee the users Andree/Victor 7

Study Objective There are recent research in discussing Cloud Computing architectures, applications, advantages, risks, etc. However, there are still few studies to explore Cloud Computing in relations to the Information Security and Privacy from end users perspective This study main objective: to consider users Information Security and Privacy concerns, and how these concerns would affect their trust, then the attitude and intention to use Cloud Computing Andree/Victor 8

Research Question How users Information Security and Privacy concerns would affect users trust, attitude and the intention to use Cloud Computing? Andree/Victor 9

Theoretical Framework Cloud Computing Definition Technical arrangement which users stored their data in the remote servers and operated computers under control of other parties (CCP), and rely on software applications executed and stored somewhere else (Svantesson and Clarke, 2010) Analogy of Monitor and Servers Andree/Victor 10

Theoretical Framework Theory of Reasoned Action (TRA) will be used to explain the attitude and intention to use Cloud Computing service TRA based on social psychology field concerned with the determinants of consciously intended behavior (Ajzen & Fishbein) 3 constructs Attitude Subjective Norm (influence of others) Behavioral Intention Andree/Victor 11

Theoretical Framework Contract Based Ethical Theory derived from social contract-theory which emphasizes criteria involving explicit social contracts and individual rights In social contracts theory, a moral system comes into being by virtue of certain contractual agreements between individual Contract CCP Information Security and Privacy Policy By complying the contract would directly lead to CCP good ethical conduct no harm to users Andree/Victor 12

Hypotheses development Attitude and Behavioral Intention Based on TRA, person s specified behavior is determined by their behavior and it is jointly determined by the person s attitude and subjective norm Attitudinal components will have an effect on behavioral intention Attitude is defined as users attitude toward Cloud Computing, Behavior is defined as Intention to use Cloud Computing H1: Attitude would positively influence behavioral intention to use Cloud Computing service. Andree/Victor 13

Hypotheses development Trust In this study, trust is referred as the attitudinal component in TRA If users trust the CCP, they would have positive attitude toward Cloud Computing as they believe CCP are able to deliver trusted services possible by fully complying to their Information Security and Privacy policies H2: Trust in CCP would positively affect users attitudes in using Cloud Computing services. Andree/Victor 14

Hypotheses development Concern for Information Privacy (CFIP) CFIP has emerged when individual has lost control over their information Lots of previous study found, CFIP has closed relation with Trust This relation is negative, since the higher users CFIP, the less users trust H3: Concerns for Information Privacy would negatively affect users trust in using Cloud Computing services Andree/Victor 15

Hypotheses development General Information Security and Privacy Awareness (GISPA) Defined as general knowledge understanding of potential issues related to Information Security and Privacy and their ramifications GISPA can be viewed as knowing something from personal experiences or external sources High GISPA would cause users to have higher privacy concerns, and influence negative attitude H4: General Information Security and Privacy Awareness (GISPA) would positively affect Concern for Information Privacy in using Cloud computing services. H5: General Information Security and Privacy Awareness (GISPA) would negatively affect users Attitude in using Cloud computing services. Andree/Victor 16

Hypotheses development Information Security and Privacy Policies Awareness (ISPPA) Defined as users knowledge and understanding of the policies, rules, or agreements prescribed by particular CCP in using their services Users who know better ISPPA would have less concerns for information privacy, and would influence users positive attitude towards Cloud Computing H6: Information Security and Privacy Policies Awareness (ISPPA) would negatively affect Concern for Information Privacy in using cloud computing services H7: Information Security and Privacy Policies Awareness (ISPPA) would positively affect Users Attitude in using Cloud computing services. Andree/Victor 17

Hypotheses development Subjective Norm Can be derived from beliefs of what others think, what experts think, and motivation to comply with others (Ajzen & Fishbein, 1980) This study conceptualized as the influence of friends, experts, and general other people Subjective Norm would influence the behavioral intention in using Cloud Computing in many ways positive or negative H8: Subjective norm would positively affect behavioral Intention to use Cloud Computing service Andree/Victor 18

Hypotheses development By seeing users, whether their friends, expert, or general users use the service, users would have tendency to become more trust (or distrust) in using Cloud Computing service. H9: Subjective norm would positively affect users trust in using Cloud Computing services. Andree/Victor 19

Research Model Andree/Victor 20

Research Methodology Online survey Measurement items were adapted from previous studies Target respondents are all users who have used or heard about Cloud Computing Demographic variables included: Gender, age, IT knowledge, IT previous education, nationality, current occupation, type of CCP, name of CCP Partial Least Square (PLS) was used for data analysis (using Smart PLS 2.0) Andree/Victor 21

Questionnaire items There are 7 adapted questionnaires items Intention to use (Ajzen & Fishbein, 1980) 3 items Attitude (Ajzen & Fishbein, 1980) 4 items Trust (Cheung & Lee, 2001) 9 items Concern for Information Privacy (Smith, 1996) 15 items GISPA (Bulgurcu, 2010) 3 items ISPPA (Bulgurcu, 2010) 3 items Subjective Norm (Ajzen & Fishbein, 1980) 3 items All items are specifically modified to suit this study Andree/Victor 22

Data analysis - Demographic 201 respondents students (under & grad) Andree/Victor 23

Data analysis Descriptive statistic Andree/Victor 24

Data analysis cross factor loading Andree/Victor 25

Data analysis PLS result (smart pls 2.0) Andree/Victor 26

Discussion The PLS result showed two unsupported hypotheses (H4 and H5) due to very low t-value in boot strapping procedure, one partially supported (H7) The rest hypotheses are strongly supported due to the t-value significant level (H1, H2, H3, H6, H8, and H9) TRA has been proven successful to predict the intention to use Cloud Computing service through attitude and subjective norm Andree/Victor 27

Discussion Trust is important for users perspective in the context of using Cloud Computing service. Meanwhile, trust also has positive significant effect toward the attitude The trust is greatly influenced by CFIP. The path shows negative relationship between CFIP and trust. The result is strongly consistent with most of the CFIP and trust related studies (Eastlick et al., 2006; Kim, 2008) As hypothesized, the more we are aware in ISSPA, the less we concern about information privacy in using Cloud computing service, and vice versa. This result would confirm that users do care about the policies prescribed by CCP GISPA doesn t have any significant relationship neither to CFIP nor attitude. This result is quite surprising Don t have adequate knowledge may not care too much Andree/Victor 28

Conclusion This study empirically showed the model of Information Security and Privacy in using Cloud computing service from the end users subjective perspective This study may become the basic foundation of further study in Information security and privacy within the context of specific use of Cloud Computing service Andree/Victor 29

Thank You for Listening Q&A and Discussion Andree/Victor 30

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information