Masmali,Miah

DOI: https://doi.org/10.48550/arXiv.2110.04540

2021-10-09

Computers and Society

Abstract:While cyber security has become a prominent concept of emerging information governance, the Kingdom of Saudi Arabia has been dealing with severe threats to individual and organizational IT systems for a long time. These risks have recently permeated into educational institutions, thereby undermining the confidentiality of information as well as the delivery of education. Recent research has identified various causes and possible solutions to the problem. However, most scholars have considered a reductionist approach, in which the ability of computer configurations to prevent unwanted intrusions is evaluated by breaking them down to their constituent parts. This method is inadequate at studying complex adaptive systems. Therefore, the proposed project is designed to utilize a holistic stance to assess the cybersecurity management and policies in Saudi Arabian universities. Qualitative research, entailing a thorough critical review of ten public universities, will be utilized to investigate the subject matter. The subsequent recommendations can be adopted to enhance the security of IT systems, not only in institutional settings but also in any other environment in which such structures are used.

Thamer Alhussain,Ahmad Ali AlZubi,Osama AlFarraj,Salem Alkhalaf,Musab S. Alkhalaf

DOI: https://doi.org/10.1007/978-3-030-44041-1_108

2020-01-01

Abstract:This article proposes an information security management system (ISMS) model for automated data processing systems of critical applications (ADPS-CAs). The model allows users to carry out an assessment of the risk level for information security (IS) purposes and provides support for decision-making related to countering unauthorized access to the information circulating in an ADPS-CA. Further, this article analyzes the effect of a control parameter on the probability of launching an information integrity monitoring service (IMS) during a procedure that launches a typical ADPS-CA and its IS subsystem. The results present system quality indicators for protecting information from unauthorized access. The simulation was performed in relation to automated workstations as part of the ADPS-CA of a large enterprise.

Salem Alkhalaf,Steve Drew,Anne Nguyen

DOI: https://doi.org/10.48550/arXiv.1301.0648

2013-01-03

Computers and Society

Abstract:The IS-Impact Measurement Model, developed by Gable, Sedera and Chan in 2008, represents the to-date and expected stream of net profits from a given information system (IS), as perceived by all major user classes. Although this model has been stringently validated in previous studies, its generalizability and verified effectiveness are enhanced through this new application in e-learning. This paper focuses on the re-validation of the findings of the IS-Impact Model in two universities in the Kingdom of Saudi Arabia (KSA). Among the users of 2 universities e-learning systems, 528 students were recruited. A formative validation measurement with SmartPLS, a graphical structural equation modeling tool was used to analyse the collected data. On the basis of the SmartPLS results, as well as with the aid of data-supported IS impact measurements and dimensions, we confirmed the validity of the IS-Impact Model for assessing the effect of e-learning systems in KSA universities. The newly constructed model is more understandable, its use was proved as robust and applicable to various circumstances.

Amer Mutrik Sayaf,Mohammed Alamri,Mohammed Ayid Alqahtani,Waleed Mugahed Al-Rahmi,Mahdi Mohammed Alamri

DOI: https://doi.org/10.3390/su13137074

IF: 3.9

2021-06-23

Sustainability

Abstract:Teaching and learning are significantly influenced by information and communications technology (ICT). The goal of this study was to develop a new model and conduct confirmatory factor analysis to learn more about how students use ICT for digital learning as sustainability. The purpose of this research project was to investigate computer self-efficacy, computer anxiety, perceived enjoyment and acceptance of digital learning as sustainability at Saudi universities, based on students’ satisfaction with actual ICT usage for digital learning as sustainability. This research project made use of structural equation modelling with SEM-AMOS and an expanded variant of the technology acceptance model as the research model. A questionnaire based on the technology acceptance model and social cognitive theory was employed as the main data collection method and was distributed to 684 students from students at two universities. Students’ answers were categorized into seven categories and evaluated to determine how satisfied students were with ICT and how likely they were to continue using it for digital learning as sustainability. The findings revealed a connection between computer self-efficacy, computer anxiety and perceived enjoyment, factors which all played a significant role in perceived usefulness and ease of use. Perceived usefulness and ease of use also had an impact on students’ continued intention to use and satisfaction. This research-built model was effective in explaining students’ continued desire to use ICT and their satisfaction with it.

environmental sciences,environmental studies,green & sustainable science & technology

Sabah Al-Fedaghi,Hadeel Alnasser

DOI: https://doi.org/10.48550/arXiv.2003.13509

2020-03-30

Software Engineering

Abstract:We study operational security in computer network security, including infrastructure, internal processes, resources, information, and physical environment. Current works on developing a security framework focus on a security ontology that contributes to applying common vocabulary, but such an approach does not assist in constructing a foundation for a holistic security methodology. We focus on defining the bounds and creating a representation of a security system by developing a diagrammatic representation (i.e. a model) as a means to describe computer network processes. The model, referred to a thinging machine, is a first step toward developing a security strategy and plan. The general aim is to demonstrate that the representation of the security system plays a key role in making thinking visible through conceptual description of the operational environment, a region in which active security operations are undertaken. We apply the proposed model for email security by conceptually describing a real email system.

Rajasekar Ramalingam,Shimaz Khan,Shameer Mohammed

DOI: https://doi.org/10.48550/arXiv.1602.06510

2016-02-21

Cryptography and Security

Abstract:The revolution of internet technology and its usage have led a significant increase in the number of online transactions and electronic data transfer, parallely increased the number of cybercrime incidents around the world. Steady economic growth in the Sultanate of Oman accelerated the volume of online utilization for e-commerce, banking, communication, education and so forth. Normally attackers target the users who ignore security practices due to the lack of information security awareness. Unawareness of information security practices, user negligence, lack of awareness programs and trainings are the root cause for information security threats. Earlier studies reveal there is a considerable and continuous cybercrime incident in Oman which compromises the security policy of the organizations, affecting the business continuity and the economic growth. In this study, a survey was performed among the educational institutions in Oman to investigate the level of information security awareness and based on the study, a security awareness model is proposed to enable information security practices in the educational institutions.

Hammad ALSHAMMARI,Sultan Hammad ALSHAMMARI

DOI: https://doi.org/10.17718/tojde.762034

2020-07-01

Turkish Online Journal of Distance Education

Abstract:Learning Management System is a software-based technology that is widely adopted by universities. While the implementation of LMS has been successful in developed countries, the utilisation of LMS in developing countries is still considered low. It is believed that there are some barriers that may influence the use of LMS which include Technical Support, Instructional Design and Self-Efficacy. The present research aims at examining the influence of these factors on students’ use of LMS. Thus, a research model will be developed based on extending Technology Acceptance Model (TAM). Using the Stratified Random Sampling (SRS), 400 students were selected from three Saudi universities. The participants completed the survey questionnaire that measures their responses to the seven constructs. The data was analysed using Structural Equation Modelling by AMOS. The results showed that the three proposed external factors including technical support, instructional design and perceived self-efficacy had a significant influence on students’ use of LMS. These factors had significant direct effects on both perceived ease of use and perceived usefulness of LMS. The results confirmed the validity of the extended TAM model in determining users’ usage of LMS. The study also addressed several significant implications for the practitioners and researchers in the field.

Saqib Saeed

DOI: https://doi.org/10.3390/su15076019

IF: 3.9

2023-03-30

Sustainability

Abstract:In the post pandemic era, the telecommuting of business employees has widely become acceptable in organizations, which demands extensive dependence on digital technologies. In addition, this poses additional security threats for business employees as well as organizations. In order to better respond to security threats, business employees must have a higher level of awareness of the potential threats that are relevant to digital infrastructure used within the workplace. In this paper, we present a quantitative study conducted in line with the theory of planned behavior to gain insight into employee behavior toward information security within different business sectors in Saudi Arabia. The key factors chosen for our model were password management, infrastructure security management, email management, organizational security policy, organizational support and training, and the perception of the level of security. We have applied structured equation modelling to identify most of the relevant factors based on the respondents’ feedback. The results based on the business employee behavior showed that they respondents did not perceive all of the constructs of our model as relevant security factors, which can potentially result in security lapses. This indicates that more security-related measures should be put in place and that business employees should be updated periodically about potential security threats. To this effect, we divided the studied security measures into those which should be implemented at organizational and individual levels. The results will potentially help business managers to design appropriate security trainings, guidelines, and policies for their employees to ensure more information security awareness and protect their technological infrastructure, especially within home office environments.

environmental sciences,environmental studies,green & sustainable science & technology

Ahmed I. Al-Darwish,Pilsung Choe

DOI: https://doi.org/10.1007/978-3-030-22351-9_15

2019-01-01

Abstract: Information systems support organizations to achieve strategic competitiveness over other organizations and assist senior management in the decision-making process. In addition, they help organizations in timely implementation of projects and effective risk management. A reliable and coherent Information System requires a solid security framework that ensures Confidentiality, Integrity, Availability, Authenticity and Auditability of the critical information assets; therefore, managing security is essential for organizations doing business in a globally networked and competitive environment whilst seeking to achieve their objectives and goals and ensuring the continuity of business. This paper provides an integrated framework that classifies and holistic view of challenges in Information Security Systems, and their interrelationships. The framework is expected to provide a basis that can be used to evaluate individual organizational members’ behavior and the adequateness of existing security measures.

Mohamed Elhassan Seliaman,Mohammed Suliman Albahly

DOI: https://doi.org/10.3390/ijerph20043132

2023-02-10

Abstract:This research aims to identify the technological and non-technological factors influencing user acceptance of the CDSS in a group of healthcare facilities in Saudi Arabia. The study proposes an integrated model that indicates the factors to be considered when designing and evaluating CDSS. This model is developed by integrating factors from the "Fit between Individuals, Task, and Technology" (FITT) framework into the three domains of the human, organization, and technology-fit (HOT-fit) model. The resulting FITT-HOT-fit integrated model was tested using a quantitative approach to evaluate the currently implemented CDSS as a part of Hospital Information System BESTCare 2.0 in the Saudi Ministry of National Guard Health Affairs. For data collection, a survey questionnaire was conducted at all Ministry of National Guard Health Affairs hospitals. Then, the collected survey data were analyzed using Structural Equation Modeling (SEM). This analysis included measurement instrument reliability, discriminant validity, convergent validity, and hypothesis testing. Moreover, a CDSS usage data sample was extracted from the data warehouse to be analyzed as an additional data source. The results of the hypotheses test show that usability, availability, and medical history accessibility are critical factors influencing user acceptance of CDSS. This study provides prudence about healthcare facilities and their higher management to adopt CDSS.

Mumtaz Abdul Hameed,Nalin Asanka Gamagedara Arachchilage

DOI: https://doi.org/10.48550/arXiv.1704.03867

2017-04-12

Cryptography and Security

Abstract:Information System (IS) Security threats is still a major concern for many organisations. However, most organisations fall short in achieving a successful adoption and implementation of IS security measures. In this paper, we developed a theoretical model for the adoption process of IS Security innovations in organisations. The model was derived by combining four theoretical models of innovation adoption, namely: Diffusion of Innovation theory (DOI), the Technology Acceptance Model (TAM), the Theory of Planned Behaviour (TPB) and the Technology-Organisation-Environment (TOE) framework. The model depicts IS security innovation adoption in organisations, as two decision proceedings. The adoption process from the initiation stage until the acquisition of innovation is considered as a decision made by organisation while the process of innovation assimilation is assumed as a result of the user acceptance of innovation within the organisation. In addition, the model describes the IS Security adoption process progressing in three sequential stages, i.e. pre-adoption, adoption- decision and post-adoption phases. The model also introduces several factors that influence the different stages of IS Security innovation adoption process. This study contributes to IS security literature by proposing an overall model of IS security adoption that includes organisational adoption and user acceptance of innovation in a single illustration. Also, IS security adoption model proposed in this study provides important practical implications for research and practice.

Zhang Lianhua,Zhang Jie,Bai Yingcai

DOI: https://doi.org/10.3969/j.issn.1000-386X.2006.08.047

2006-01-01

Abstract:Security model need the feature attributes of the protected information system.For example,alert correlation analysis can evaluate whether the alert is false or not by comparing the attack prerequisite with the configuration information of attacked destination information system.A new information system model from the security view is proposed in this paper,which include both the static structure and dynamic activity.The model incorporates the present related information model such as NERD,Netmap etc.and,more inportantly,it provides a bridge between the security theory research and engineering practice.

Someah Alangari,Saeed M. Alshahrani,Nayyar Ahmed Khan,Abdulrahman Abdullah Alghamdi,Jameel Almalki,Waleed Al Shehri

DOI: https://doi.org/10.7717/peerj-cs.1120

2022-09-29

PeerJ Computer Science

Abstract:New universities and educational organizations are increasing in Saudi Arabia with the increase in the need for high-quality education. This increased the need for a fast transformation to digitise the educational system in Saudi Arabia, which is one of the important pillars of the Saudi Vision 2030. The students who study in these organizations suffer the verification of academic records and other educational documents. Students who want to study at universities abroad also face the challenge of academic records and certificates verification. A secure, fast, and transparent model is required in the education sector in order to verify academic certificates issued by various educational organizations. Blockchain technology can be used with high data security to empower the educational sector of Saudi Arabia in the digital transformation and to help the educational organizations in verifying academic documents. In order to avoid any document fraud and forgery, along with the ease of verification of academic records and educational documents for the students. This research focuses on developing a model which will be helpful in achieving digital transformation in academic document verification by blockchain technology.

computer science, information systems, artificial intelligence, theory & methods

Muhammed Sabo,,Zake Muwanga,Manjula V.S.,Saleh Auwal,,,

DOI: https://doi.org/10.59568/jasic-2023-4-1-06

2023-07-10

Abstract:The security of information technology, specifically web applications, has become an area of concern today. Computer cybercrime is now a significant problem that affects more than just businesses and organizations. Higher education institutions also began to experience computer threats that revealed their information assets. Universities, polytechnics, colleges of education, research centers, and other postsecondary institutions are probably the most vulnerable because they house sensitive data on their faculty, staff, and students, as well as academic records of scientific and technological advancements and research. The first step in an information system security strategy is risk analysis management It helps in assessing the risk of information assets to know their security level or status, and assist in define a security control measures and implementation of technical plan to avoid threats that exploit some vulnerability that could cause severe damage to an asset or infrastructure of institutions higher education (IHEs). This article presents some recommendations to perform a risk analysis management in IHEs to accessed threats and vulnerability that helps to lower the risk of their information assets. This article presents existing educational threat and vulnerability on their web applications. Ensuring security is a goal of every organization regardless of its size or purpose and also proposed a risk management model. With the information technology, an organization may be considered secure when it ensures the confidentiality, integrity, and availability of information and IT assets. Confidentiality may be broken due to theft of sensitive information such as trade secrets, clients’ personal information.

Mumtaz Abdul Hameed,Nalin Asanka Gamagedara Arachchilage

DOI: https://doi.org/10.48550/arXiv.1609.07911

2016-09-26

Abstract:In this paper, we develop a theoretical model for the adoption process of Information System Security innovations in organisations. The model stemmed from the Diffusion of Innovation theory (DOI), the Technology Acceptance Model (TAM), the Theory of Planned Behaviour (TPB) and the Technology-Organisation-Environment (TOE) framework. The model portrays Information System Security adoption process progressing in a sequence of stages. The study considers the adoption process from the initiation stage until the acquisition of innovation as an organisational level judgement while the process of innovation assimilation and integration is assessed in terms of the user behaviour within the organisation. The model also introduces several factors that influence the Information System Security innovation adoption. By merging the organisational adoption and user acceptance of innovation in a single depiction, this research contributes to IS security literature a more comprehensive model for IS security adoption in organisation, compare to any of the past representations.

Computers and Society,Cryptography and Security

Khaled Alshammari,Murad Thomran,Rayed Alobaid,Mohieddin Grada,Abdulsalam Alquhaif,Ali Saleh Alshebami,Syed Ali Fazal,Hamed M. S. Ahmed,Fahad Al-Anazi

DOI: https://doi.org/10.3390/su16125025

IF: 3.9

2024-06-14

Sustainability

Abstract:The successful implementation of effective data governance in universities is crucial in complementing the massive information technology (IT) developments in higher education institutions globally. Hence, to identify the enablers of IT governance, this study examined the effects of knowledge value, knowledge-oriented culture, and knowledge-sharing process on the integration of IT governance in the curriculum and the latter's effects on academic performance and perceived employability among university students in Saudi Arabia. We used a cross-sectional approach to collect quantitative data from 280 university students and employed structural equation modelling and partial least squares to conduct the data analysis. Our results confirmed the significant positive effects of knowledge value and the knowledge-sharing process on IT governance, along with a positive significant effect of IT governance on academic performance and perceived employment. Moreover, the results revealed a direct, positive, and significant effect of academic performance on perceived employment, as well as the significant mediating effects of IT governance and academic performance between these two. Apart from extending the relevant literature, this study offers several policy implications.

environmental sciences,environmental studies,green & sustainable science & technology

Muaadh Mukred,Zawiyah M. Yusof

DOI: https://doi.org/10.1007/978-3-319-59427-9_84

2017-05-27

Abstract:Information dedicated to electronic media has been experiencing an exponential growth and in turn, modern technology has brought about change in the way governments, organizations and individuals carry out their business. This leads to the transformation of the nature of dealing with records. In the context of Higher Professional Education (HPE) of developing countries, computers as well as other ICT infrastructure have shown a considerable increase and this had led to a monumental amount of e-records. However, without the appropriate management strategy, e-records may include unauthentic, unreliable information that lacks integrity, and is thus unusable. In this background, Electronics Records Management System (ERMS), a system for e-records management could play a key role in efficiently and effectively managing records within organizations. This paper’s objectives were two-fold; first, it focuses on examining ERMS in HPE institutions and demonstrates the research requirements; and second, it presents the crucial factors that influence the ERMS adoption in the HPE sector. Quantitative approach is used to collect data from 364 respondents. Findings show that system quality, information quality and service quality have significant relationship with intention to adopt ERMS.

Yakubu Abdul-Wahab Nawusu,Abukari Abdul Aziz Danaa,Diyawu Mumin,Shiraz Ismail

DOI: https://doi.org/10.9734/ajrcos/2024/v17i5448

2024-03-15

Asian Journal of Research in Computer Science

Abstract:Student academic records are an invaluable resource for universities and colleges worldwide, yet, their safekeeping is still a major concern for many of these institutions. The security measures currently applied to protect academic record systems are deemed unsatisfactory. This paper surveys the security issues relating to students’ academic records delving into existing students’ academic records systems, cybersecurity challenges and measures to deal with the security concerns. The paper proposes a practical security model, the PIEM model, to address these security issues aimed at empowering academic institutions to build and maintain strongly protected academic record systems for capturing, storing and retrieving student academic data. The work underscores the urgent need of educational institutions to exert extra efforts to securely maintain students’ academic records and facilitate easy access and use by the various educational actors.

Khalid Assiri,Khalid Almdani,Hassan Al Saeedi,Abdullah Softah,Sultan Khogeer

DOI: https://doi.org/10.18535/ijsrm/v10i6.ec01

2022-06-18

International Journal of Scientific Research and Management

Abstract:Saudi organizations are increasingly using digital technologies. Despite widespread efforts to benefit from digitalization, few companies can claim to have seen significant results. Organizational employees have been linked to the success or failure of the digitization process in a growing body of studies. Three hypotheses regarding the security of the digital transition have been suggested in this study. These hypotheses include determining how security has evolved because of the increased use of digital systems, as well as determining the best risk management strategies. A range of public and private Saudi entities will get an electronic survey as part of this study. In summary, we have found that as the digital transformation grows, the security risk increases as well, necessitating the implementation of a robust security system and the most effective risk management measures. Additionally, the business must include employees in the development and implementation of the digital transformation to maintain their loyalty. Additionally, all employees must understand and agree on the digital transformation goals, objectives, and plans. Successful business leaders can build a compelling vision, unite, and engage staff to adopt new methods of doing business.

Mansour Naser Alraja,Usman Javed Butt,Maysam Abbod

DOI: https://doi.org/10.1016/j.cose.2023.103208

IF: 5.105

2023-06-01

Computers & Security

Abstract:Information security threats have a severe negative impact on enterprises. Organizations rely on employee compliance with information security policies to eliminate or reduce these hazards. The Unified Model of Information Security Policies Compliance (UMISPC) is employed to identify the factors that may affect employees' intention towards compliance with information systems security policy and reactance in a global setting. The study was assessed in two phases. The model's validity and measurement reliability were evaluated in the first phase, while in the second phase, all preliminary model relationships were appraised. This was achieved utilizing structural equation modelling to establish whether the proposed constructs, i.e. neutralization, response efficacy, fear, threat, habit and role values were good predictors for intention or reactance towards compliance with information systems security policy. Participants included 348 employees from 7 nations, i.e. the USA, the UK, Oman, India, Pakistan, Malaysia, and the Philippines. SmartPLS v. 3.3.9 was used for data analysis. The models' measurement reliability and validity were affirmed. Fear and role values have a significant influence on intention toward ISPC. RE significantly predicted threat which in turn significantly predicted fear, and the latter demonstrated a significant effect on reactance as well as Neutralization predicted reactance. In contrast, habit failed to reach a significant influence on intention towards ISPC. The implications are presented, together with proposals for further studies. Our findings are helpful for ISS literature and application by supporting the crucial functions of role values in encouraging employees to behave in a compliant manner. Additionally, it is regarded as the first empirical attempt to estimate intended compliance concerning ISPs in higher education from a worldwide viewpoint.

computer science, information systems