June Wei,Yuan Liu,June Lu,Milos Slaninka,Kristie Abston

DOI: https://doi.org/10.1504/ijmc.2021.114313

2021-01-01

International Journal of Mobile Communications

Abstract:This paper proposed an indexed matrix to assess information security risks' impacts on mobile social media to help organisations address security risks effectively and efficiently. It developed and integrated a static social media information security risk model and a dynamic social media information flow model in the mobile environment to investigate the potential security risks in social networks. The pattern of security risks with three levels was identified using cluster analysis. An indexed matrix is also proposed to assess the information security impacts on social media via the relative-weigh quantitative method. The results can help to develop an effective and safe way to transmit information through social media. This research is the first attempt to integrate static information security threats into the dynamic social media information flow processes to assess the information security risk levels by developing a new indexed method. The theoretical and practical implications are presented.

Zijun Mao,Yuqi Zhu

DOI: https://doi.org/10.1108/ajim-10-2022-0461

IF: 1.935

2023-04-12

Aslib Journal of Information Management

Abstract:PurposeThe study focuses on influential factors of collaboration on government data security by the Chinese government.Design/methodology/approachThe article explores the case of e-government in the Chinese centralized unitary state system context, using a structured–pragmatic–situational (SPS) approach and the boundary theory as an analytical lens.FindingsThe findings indicate that e-government operates in highly interconnected environments where the safe flow of government data requires collaborative and cross-boundary strategies. Any organization is a potential “weakest link”. In addition, collaboration is fragmented by ambiguous accountability and organizational inertia across government departments, resources differences and limited visibility and measurability of security efforts across government levels and conflicts and uncertainties in principal–agent relationships. The solutions for those obstacles are also discussed from the multi-function, multi-level and multi-actor dimensions, respectively. A multi-dimensional overarching security model for the flow of government data is proposed.Originality/valueThe study advances the technology-oriented micro-analysis of previous studies on government data security to cross-organizational revealing at the macrolevel by connecting streams of research in information systems and public administration. These findings will contribute to making the safe flow of government data more resilient in the transformation of e-government.

Computer Science,Political Science

Jiahao Pan

Abstract:. This study brings together risk governance theory and proposes a framework of privacy risk identification mechanism for government data openness in order to comprehensively and precisely identify the privacy risks contained in the process of open government data and to help privacy risk governance facilitate the process of open government data. Based on the analysis, this paper proposes an effective mechanism framework combining a directional identification mechanism,adrivingmechanism,aregulationmechanism,andtherelationshipsbetween eachmechanism.Takingthisapproachcanreducetheriskofprivatedatabeing usedforillegalpurposesbygovernments,whichisworthpayingattentionto.

Law,Political Science,Computer Science

Jing Zhang,Ning Wang

DOI: https://doi.org/10.1016/j.eswa.2024.123725

IF: 8.5

2024-03-28

Expert Systems with Applications

Abstract:In the era of new media, it is crucial to investigate the transmission paths of emergency information due to the rising risk of such information. We take the risks caused by the dissemination of various heterogeneous negative information public opinion arising from the emergencies as the research object. Starting from the coupling of multiple risks and considering the behavioral impact of different government measures, we construct a three-layer coupling network S1I1S1-S2I2S2-UAU model between different types of negative information ( Info1, Info2 ) and government information ( Info3 ) diffusion, and analyze the coupling mechanisms of negative information and government information. Second, the MMCA is used to analyze the dissemination process and the diffusion threshold of government information. Finally, the rationality and effectiveness of the S1I1S1-S2I2S2-UAU model are verified by numerical simulation and real case. Our research results can help establish the cognitive of information risk coupling propagation law, providing support for government departments in controlling information risk.

computer science, artificial intelligence,engineering, electrical & electronic,operations research & management science

Wei Xu,Rong Wei

DOI: https://doi.org/10.1088/1742-6596/1648/3/032068

2020-10-01

Journal of Physics: Conference Series

Abstract:Abstract With the widespread use of Internet technology and the acceleration of the informationization process, citizens’ personal information has become more open and transparent, and more and more social cases have resulted from the leakage of personal information. This paper summarizes the performance of personal information security disorder in China, analyzes its harm, and combs the status of relevant protection work that has been initially carried out, and then analyzes the reasons for the poor management of personal information security disorder, and finally puts forward the relevant suggestions to protect the personal information security of citizens.

Zheng Chun-hui

Abstract:The private information is an exception to the government's public information,but sometimes this policy is also against citizen's right to privacy.Citizens should not only protect their privacy from others to access,or to disseminate private information,but also hope government's information fully protect their right to know,which is becoming most importance in Digital Age.Therefore,while government agencies publish their information,how to achieve reasonable disclosure of government information and protect the privacy of citizens is worth considering.

Computer Science,Law,Business,Political Science

Dr. Brijender Kahanwal,Dr. Tejinder Pal Singh

DOI: https://doi.org/10.48550/arXiv.1312.1460

2013-12-05

Cryptography and Security

Abstract:Todays modern society is extremely dependent on computer based information systems. Many of the organizations would simply not be able to function properly without services provided by these systems, just like financing organizations. Although interruption might decrease the efficiency of an organization, theft or unintentional disclosure of entrusted private data could have more serious consequences, such as legal actions as well as loss of business due to lack of trust from potential users. This dependence on information systems has lead to a need for securing these systems and this in turn has created a need for knowing how secure they are. The introduction of the information society has changed how people interact with government agencies. Government agencies are now encouraged to uphold a 24-hour electronic service to the citizens. The introduction of government services on the Internet is meant to facilitate communication with agencies, decrease service times and to lessen the amount of papers that needs to be processed. The increased connectivity to the Internet results in a rising demand for information security in these systems. In this article, we have discussed about many file data breaches in the past and current history and they are going to increase day by day as the reports by DataLossDB (Open Security Foundation) organization, a non-profit organization in US.

Wang Xixin

2011-01-01

Abstract:The Open Government Information Regulation requires government information open to public,the ambivalence of openness and secret keeping reflected in the regulation itself and the inadequacy of judicial protection of individual right to know are huge challenges to the open government information system.Logic contradiction and conflict of legal provisions between open information system and secret - keeping system,together with the weak role of courts in reviewing agency action with respect to government information openness creates both institutional barriers and harsh environment for an open government.This paper analyzes those challenges and calls for reforms of secret - keeping system and a more active role of courts in the context of open government information context.

Yujing Lai

DOI: https://doi.org/10.54097/hbem.v16i.10783

2023-08-02

Abstract:To address the problem of improper disclosure of a large amount of personal private information generated in the disclosure of government information, through empirical research and relevant literature analysis at home and abroad, it is found that there are some problems in the protection of personal private information in the disclosure of government information, such as unclear administrative discretion standards for the disclosure of personal private information, imperfect management systems for government information disclosure, imperfect supervision and responsibility mechanisms for government information disclosure, and incomplete relief systems after personal private information is violated. This paper studies its protection path from three perspectives, preregulation, in-process management and postrelief, to alleviate the conflict between government information disclosure and personal private information protection and protect citizens' personal private information.

Law

Sun Baoyun,Zhou Zhiren

DOI: https://doi.org/10.3782/j.issn.1006-0863.2013.07.17

2013-01-01

Abstract:The Publicity of government information depends on both security regimes and public mechanism.In America,two mechanisms make good convergence under the Constitutional Framework,and the security regimes can promote the process of the government information disclosure.In our country,the situation is difficult to satisfactory.Because the open mechanism and confidentiality mechanisms are in parallel and lack of effective path of convergence,the security management is not only difficult to become the help of the government information disclosure,but also degenerated into the constraints forces.It is difficult to meet the situation which government information disclosure needs.Therefore,we should learn from the experience of the United States,and coordination legislation under the constitutional framework to establish the publicity of government information integration management mechanism.

Yikun Xia

DOI: https://doi.org/10.3772/j.issn.1000-0135.2017.01.003

2017-01-01

Abstract:The risks caused by government data open have not yet received a high level of concern.This paper reveals the risks of open government data about its meaning,types and manifestation,then combined with the practice at home and abroad,pointing out that the main factors caused opening data risks are as follows,including cognitive beliefs,organizational system and its culture,capability of government data management,data structure and open technologies,information skills of civil servants.At last,it also proposes the risk management objective of open government data.Moreover,it puts forward some suggestions on how to manage opening data risks,such as establishing risk identification and evaluation mechanism,strengthen the inside management of data risk and cultivate social capability to data risks control.

Wei Liu,Wei Zhou

DOI: https://doi.org/10.1155/2022/1326579

IF: 1.4

2022-04-29

Discrete Dynamics in Nature and Society

Abstract:The “information cocoon” can hinder the normal dissemination and flow of emergency information during emergencies. It is important to explore the factors of this effect and to resolve the negative effects of the information cocoon, so as to help the public to “break out of the cocoon” and help the government to better promote emergency information management. Based on information ecology theory and the S-O-R model, this study designed questionnaires using a Likert five-level scale and selected 388 publics from several smart city pilot areas in Changsha, Zhuzhou, Shaoshan, and Yueyang cities in Hunan Province. Field research was conducted based on four factors, information ontology, information technology, government regulation, and social network, and empirical analysis was conducted through structural equations. The study shows that information ontology, information technology, government regulation, and social networks have significant effects on the information cocoon effect by influencing the reinforcement of public information preferences. Among them, government regulation ( P = 0.34) has the most significant effect on the reinforcement of public information preferences, followed by information ontology ( P = 0.32) and social networks ( P = 0.31), and information technology ( P = 0.29) has the weakest effect. Combining the results of empirical analysis, we propose a four-dimensional path of “information-technology-regulation-value” to break the cocoon. By optimizing information ontology, using technology for good governance, promoting algorithmic fairness, and enhancing social stickiness, we help the public break through the shackles and negative effects of the information cocoon and promote the harmonious, stable, and healthy development of the emergency information field.

mathematics, interdisciplinary applications,multidisciplinary sciences

Liurong Zhao,Xiaoxi Yu,Xinyu Zhou

DOI: https://doi.org/10.1371/journal.pone.0304467

IF: 3.7

2024-06-21

PLoS ONE

Abstract:The security crowd-testing regulatory mechanism is a vital means to promote collaborative vulnerability disclosure. However, existing regulatory mechanisms have not considered multi-agent responsibility boundaries and stakeholders' conflicts of interest, leading to their dysfunction. Distinguishing from previous research on the motivations and constraints of ethical hacks' vulnerability disclosure behaviors from a legal perspective, this paper constructs an evolutionary game model of SRCs, security researchers, and the government from a managerial perspective to propose regulatory mechanisms promoting tripartite collaborative vulnerability disclosure. The results show that the higher the initial willingness of the three parties to choose the collaborative strategy, the faster the system evolves into a stable state. Regarding the government's incentive mechanism, establishing reward and punishment mechanisms based on effective thresholds is essential. However, it is worth noting that the government has an incentive to adopt such mechanisms only if it receives sufficient regulatory benefits. To further facilitate collaborative disclosure, Security Response Centers (SRC) should establish incentive mechanisms including punishment and trust mechanisms. Additionally, publicity and training mechanisms for security researchers should be introduced to reduce their revenue from illegal participation, which promotes the healthy development of security crowd-testing. These findings contribute to improving SRCs' service quality, guiding security researchers' legal participation, enhancing the government's regulatory effectiveness, and ultimately establishing a multi-party collaborative vulnerability disclosure system.

Wai Peng Wong,Hwee Chin Tan,Kim Hua Tan,Ming-Lang Tseng

DOI: https://doi.org/10.1108/imds-12-2018-0546

2019-07-08

Abstract:Purpose The purpose of this paper is to explore the human factors triggering information leakage and investigate how companies mitigate insider threat for information sharing integrity. Design/methodology/approach The methodology employed is multiple case studies approach with in-depth interviews with five multinational enterprises (MNEs)/multinational corporations (MNCs). Findings The findings reveal that information leakage can be approached with human governance mechanism such as organizational ethical climate and information security culture. Besides, higher frequency of leakages negatively affects information sharing integrity. Moreover, this paper also contributes to a research framework which could be a guide to overcome information leakage issue in information sharing. Research limitations/implications The current study involved MNCs/MNEs operating in Malaysia, while companies in other countries may have different ethical climate and information sharing culture. Thus, for future research, it will be good to replicate the study in a larger geographic region to verify the findings and insights of this research. Practical implications This research contributes to the industry and business that are striving toward solving the mounting problem of information leakage by raising awareness of human factors and to take appropriate mitigating governance strategies to pre-empt information leakage. This paper also contributes to a novel theoretical model that characterizes the iniquities of humans in sharing information, and suggests measures which could be a guide to avert disruptive leakages. Originality/value This paper is likely an unprecedented research in molding human governance in the domain of information sharing and its Achilles’ heel which is information leakage.

computer science, interdisciplinary applications,engineering, industrial

Zhao Yan,Maoying Zhang

DOI: https://doi.org/10.54691/bcpssh.v19i.1726

2022-08-30

BCP Social Sciences & Humanities

Abstract:Personal information protection is the focus of data security governance, while government information disclosure is a practical need for government administration in the context of the information age. As a public authority, the government's disclosure of information is effectively regulated by the administrative law. The revised Regulation of the People's Republic of China on the Disclosure of Government Information protects personal information mainly in terms of administrative procedures for seeking consent, administrative supervision of information disclosure departments, and administrative remedies for infringement of personal information. However, it still faces problems such as low level of legislation, irregular enforcement procedures, lack of supervision, and imperfect supervision and remedy systems. The future protection of personal information needs to further improve the path of administrative regulation of government information disclosure, make up for the shortcomings in legislation and supervision, improve the consultation system of prior notification and information disclosure as well as continue to follow the principle of procedural due process.

Harold Abelson,Ross Anderson,Steven M Bellovin,Josh Benaloh,Matt Blaze,Jon Callas,Whitfield Diffie,Susan Landau,Peter G Neumann,Ronald L Rivest,Jeffrey I Schiller,Bruce Schneier,Vanessa Teague,Carmela Troncoso

DOI: https://doi.org/10.1093/cybsec/tyad020

2024-01-01

Journal of Cyber Security

Abstract:Abstract Our increasing reliance on digital technology for personal, economic, and government affairs has made it essential to secure the communications and devices of private citizens, businesses, and governments. This has led to pervasive use of cryptography across society. Despite its evident advantages, law enforcement and national security agencies have argued that the spread of cryptography has hindered access to evidence and intelligence. Some in industry and government now advocate a new technology to access targeted data: client-side scanning (CSS). Instead of weakening encryption or providing law enforcement with backdoor keys to decrypt communications, CSS would enable on-device analysis of data in the clear. If targeted information were detected, its existence and, potentially, its source would be revealed to the agencies; otherwise, little or no information would leave the client device. Its proponents claim that CSS is a solution to the encryption versus public safety debate: it offers privacy—in the sense of unimpeded end-to-end encryption—and the ability to successfully investigate serious crime. In this paper, we argue that CSS neither guarantees efficacious crime prevention nor prevents surveillance. Indeed, the effect is the opposite. CSS by its nature creates serious security and privacy risks for all society, while the assistance it can provide for law enforcement is at best problematic. There are multiple ways in which CSS can fail, can be evaded, and can be abused.

Min Sun,Lin Li,Xiao Sun,Shan Cong

DOI: https://doi.org/10.3969/j.issn.1002-1965.2017.01.007

2017-01-01

Abstract:Purpose/Significance] The willingness of the intelligence community to share information has a great effect on the quality of shared information. This essay analyzes the key factors related to the willingness of the intelligence organizations in information sharing so as to provide a solid foundation for effective measures to foster it. [ Method/Process] Based on the analysis of the U. S. documents and practice, the essay firstly analyzed three factors related to the unwillingness of the intelligence organizations, including the concerns of in-telligence leaking, neglect of the intelligence information’ s significance as a strategic resource and the complex composition of intelligence added-value in the intelligence generation process. [ Result/Conclusion] In conclusion, the essay puts forward that the authority should take measures focusing on the conflicts and concerns of the intelligence organizations, which may include the improvement on safeguarding the shared information, the cultivation of new competitive power of the intelligence organizations and the refinement of the assessment and compensation mechanism of the intelligence products.

Yong Wu,Mengyao Xu,Dong Cheng,Tao Dai

DOI: https://doi.org/10.1287/deca.2021.0442

2022-03-23

Decision Analysis

Abstract:Information resources have been shared to promote the business operations of firms. However, the connection of business information sharing interfaces between firms has increased the attack surface and created opportunities for the hacker. We examine the benefits and risks of business information sharing for firms who exert security efforts against a strategic hacker that launches attacks subjectively. We show that two kinds of security efforts, security investment and security knowledge sharing, act as strategic substitutes when the business-sharing degree is low and act as strategic complements otherwise. Besides, the strategic hacker is not always aggressive, who will give up launching attack activities when the business-sharing degree is relatively low. Moreover, as a specific characteristic in the security domain, the risk interdependency first enhances and then suppresses both firms’ security investments and the hacker’s attack effort, which causes a free-riding problem for two firms. Then, two coordination mechanisms, an investment-based mechanism and liability-based mechanism, are proposed to help firms coordinate their strategies to reach socially optimal security levels. Last, we extend the main model to three cases to make our model more general. This paper provides the first evidence to assess the security risks exacerbated by business information sharing while considering a strategic hacker. Some management insights to managers for making security decisions are provided.

management

Zhihui Wang,Siqin Li,Xuchen Zhou,Yu Wang,Wenbiao Xing,Yun Zhu,Zijing Tan,Wei Wang

DOI: https://doi.org/10.1007/978-3-030-59419-0_59

2020-01-01

Abstract:The wide spread and sharing of considerable information promotes the development of many industries such as the health care and so on. However, data owners should pay attention to the problem of privacy preservation during the sharing of data. A risk assessment system is presented in this paper. The system can assess the risk of privacy disclosure due to the sharing of data, and help data owners to evaluate whether it is safe or not to share the data.

Wang Xin-ca

Abstract:The issue of Disclosure of Government Information Act in our country is the symbol of legalization, which is significant for safeguarding citizen's right to know, and promoting socialist democracy and transparency of the modern government. This article deeply analyses the structural imbalances of"information surplus"and"information shortage"during the process of disclosure of government information from the perspective of the relevant government department and the social public, and suggests some reasonable measures to the problem, which will further promote the disclosure of government information towards a healthy and orderly direction.

Law,Business,Political Science