Herd behavior in purchasing books online

Previous studies on informational cascades have stressed the importance of informational social influences in decision-making. When people use the product evaluations of others to indicate product quality on the Internet, online herd behavior occurs. This work presents four studies examining herd behavior of online book purchasing. The first two studies addressed how two cues frequently found on the Internet, i.e., star ratings and sales volume, influence consumer online product choices. The last two studies investigated the relative effectiveness of different recommendation sources. The experimental results demonstrated that subjects use the product evaluations and choices of others as cues in making purchasing book decisions on the Internet bookstore. Additionally, recommendations of other consumers exerted a greater influence on subject choices than recommendations of an expert. Finally, recommendations from recommender system influenced online consumer choices more than those from website owners. The results and implications of this research are discussed.     

An analysis of multiple factors relating to teachers' problematic information security behavior

Given the high Internet penetration rate and the huge repository of data stored online, there is a growing trend urging people to utilize data. However, the potential for the malicious use of data disclosed online necessitates attention. Risky information security behavior often leads to damage. Previous research has focused on information security behavior in the workplace; however, there has been little research on teachers' perceptions of their own information security behavior, in particular for teachers in primary and secondary education. For students at this age, their teachers can serve as models. Through understanding teachers' information security behavioral intentions and related protection motivation, we can design training programs for teachers and hence increase teachers' as well as students' normative judgment with regard to information security behavior. The purpose of this research is to explore those factors that relate to teachers' information security behavior as grounded in Protection Motivation Theory. Additionally, the construct of social norms was incorporated based on several studies. Overall, we wish to examine how perceived severity, vulnerability, response-efficacy, self-efficacy, response costs and social norms related to teachers' problematic information security behavior. Structural equation modeling was implemented to analyze the relationships. The results and implications are presented.     

Standardization in information security management

The paper describes the state of the art in the standardization in information security management. The requirements to the standards being developed, the types of standards, and the principles to adhere to are discussed. The study is based on the documents adopted within the subcommittee 27 “IT Security techniques” of the joint technical committee ISO/IEC JTC 1 “Information technology”.     

The information security digital divide between information security managers and users

Empirical findings from surveys and in-depth interviews with information security managers and users indicate that a digital divide exists between these groups in terms of their views on and experience of information security practices. Information security professionals mainly regard users as an information security threat, whereas users believe themselves that they are an untapped resource for security work. The limited interaction between users and information security managers results in a lack of understanding for the other's point of view. These divergent views on and interpretations of information security mean that managers tend to base their practical method on unrealistic assumptions, resulting in management approaches that are poorly aligned with the dynamics of the users' working day.     

具备反向学习和局部学习能力的磷虾群算法

针对磷虾群算法易陷入局部最优、收敛速度慢等缺点,提出了具备反向学习和局部学习能力的磷虾群算法。利用混沌映射和反向学习的思想初始化种群,根据算法迭代次数自适应调整学习维度,对精英个体进行反向学习,能有效保持种群的多样性,选取精英群体,通过自适应的Lévy飞行分布和改进的差分变异算子,提高种群的局部学习能力。这种新颖的元启发方式能加速收敛速度的同时可以保证磷虾群算法的鲁棒性。通过对8个基准函数进行仿真测试,实验结果表明：与最近的KH优化算法相比,该算法在收敛速度、收敛精度等方面得到明显改进。     

Survey of information security

The 21st century is the age of information when information becomes an important strategic resource. The information obtaining, processing and security guarantee capability are playing critical roles in comprehensive national power, and information security is related to the national security and social stability. Therefore, we should take measures to ensure the information security of our country. In recent years, momentous accomplishments have been obtained with the rapid development of information security technology. There are extensive theories about information security and technology. However, due to the limitation of length, this article mainly focuses on the research and development of cryptology, trusted computing, security of network, and information hiding, etc.     

Enterprise information security strategies

Security decisions are made at every level of an organization and from diverse perspectives. At the tactical and operational levels of an organization, decision making focuses on the optimization of security resources, that is, an integrated combination of plans, personnel, procedures, guidelines and technology that minimize damages and losses. While these actions and tactics reduce the frequency and/or consequences of security breaches, they are bounded by the organization's global security budget. At the strategic, enterprise level management must answer the question, “What is the security budget (cost expenditures), where each dollar spent on security must be weighed against alternative non-security expenditures, that is justified by the foregone (prevented) losses and damages?” The answer to that question depends on the tolerances of decision makers for risk and the information employed to reach it.     

一种基于OFDM的信息安全算法

寻找大量的正交矩阵,一方面用来降低OFDM（正交频分复用）信号的峰均功率比,一方面作为密钥使用,是基于OFDM的信息安全算法的重点。经证明用生成多相正交矩阵的方法,可将单一的用来降低OFDM信号峰均功率比的正交矩阵,变换为数量远大于[N!×NN]个的正交矩阵,具有了作为密钥的功能。计算机仿真表明,变换后的正交矩阵与原矩阵在降低OFDM信号峰均功率比的性能上类似,可用于信息安全算法中。     

基于信度评估的网络安全决策系统

为了提升网络安全管理能力,丰富网络安全强化手段,设计了一种网络安全决策系统.引入D-S证据理论对网络监控设备产生的海量安全事件进行信度评估,发现网络中真实存在的安全事实,结合网络中主机的核心安全属性及主机安全等级,通过推理机推理出应采取的安全策略,从事先建立好的策略库中将这些策略调用执行,达到强化网络系统安全性的目的.实验结果表明了该方法的可行性和有效性.     

论网络信息安全的信息管理

当前,保证网络信息安全是促进信息管理的前提,在计算机网络信息管理中占有拳足轻重的地位笔者结合自身工作实践,在本文中阐述了网络信息安全管理的概念及分类,分析了当前网络信息的安全问题,并在此基础上,提出了进一步加强信息管理的对策措施,以期对业内同行有所参考借鉴。     

Conceptualising improvisation in information systems security

Information Systems Security (ISS) has constantly been ranked as a key concern for Information Systems (IS) managers. Research in the field has largely assumed rational choice (functional) approaches to managing ISS. Such approaches do not give due recognition to the role of improvisation in ISS work. Empirical evidence in organisations suggests that in the context of dynamic, volatile and uncertain environments practitioners are both rational and adaptive (a manifestation of improvisation). In this paper, we conceptualise and demonstrate the manifestation of improvisation in ISS. In order to develop a better understanding of improvisation in ISS activities, hermeneutical and exegetical techniques were employed. Empirical data were collected through in-depth interviews in a single case study. The data obtained were analysed and interpreted hermeneutically. Generally it was found that improvisation is manifested in ISS activities. Implications of these and other findings for the scholarly community and for practical use are discussed.     

Intelligent data analysis in information security

At present, there are a large number of trends and developments in artificial intelligence systems. This paper deals with the available intelligent data analysis in information security and the possibilities provided by data mining. Examples of tasks that can be solved using artificial intelligence systems are presented, including safe resource management, prediction of critical states and failures, resolution of conflicts in computational processes and information security regulations, and forensics.     

Questions to ask in information security

Fred CohenFred Cohen speculates on the application of open questions to make access decisions in information security.     

加密技术下的信息安全

计算机和通信网络的广泛应用,一方面为人们的生活和工作带来了极大的方便,另一方面也带来了许多亟待解决的问题,以“棱镜门”事件为例,信息的安全性就是其中的重中之重.信息安全性主要体现在两个方面:信息的保密性和认证性.保密性的目的是防止对手破译系统中的机密信息.认证的目的主要有两个,一个是验证信息发送者是真的而不是冒充的;另一个是验证信息的完整性,即信息在传输和处理的过程中没有被篡改.加密技术是保证信息安全的关键技术,常用的加密技术有:对称密钥加密、公开密钥加密、哈希函数加密等,其应用有:数字认证及授权,安全协议等.而一系列的加密技术都依赖于密码学技术.本文将主要通过对密码学及各种加密技术的研究与分析,来论述加密技术与信息安全之间的不可分割的关系及应用.     

数据库安全在电力信息系统等级保护中的应用

简述了数据库安全，详细介绍了电力信息系统对数据库安全的要求，并介绍了在电力信息系统中用到的保障数据库安全的具体措施。     

从网络安全角度剖析银行卡的信息安全

伴随着信息社会的飞速发展,现代社会中银行卡的使用日渐普及。人们通过有线或无线网络都可以进行资金的转账和消费。银行卡的资金安全关系到我们每一个人的正常生活,所以必须最大程度地确保银行卡信息的安全。本文从网络安全加密手段的角度,分析了我们在使用银行卡时应注意哪些方面以及在网络信息传输中保证信息安全的方法,找出其中的关键因素,以提高人们的防范意识。     

融合网络安全信息的网络安全态势评估模型

提出了融合网络安全信息的网络安全态势评估模型,该模型对多源安全设备的告警信息和主机系统日志进行校验、聚集融合,从而整体上降低安全设备的误报率,然后综合告警信息威胁量化结果和网络中漏洞的脆弱性量化结果两部分信息,对网络安全进行态势量化评估。经实验证实该模型能够比较准确的反映网络安全运行态势。     

信息安全等级保护浅析

信息安全等级保护已经作为实现信息安全的一项根本制度确定下来,并正在全国范围内全力推进。但是,对于信息安全等级保护,人们的认识还远远不能适应形势发展的需要。全面认识信息安全,正确理解等级保护,对于信息安全等级保护制度的贯彻执行显得十分重要。本文将从信息安全等级保     

国际社会信息安全相关法律基础设施的建设

信息安全保障的一个不可或缺的基础支持就是相关的法律、法规等基础设施的建设.目前我国在这方面的建设相对滞后,国际社会在这方面的努力和成果对建设我国信息安全保障法律法规基础设施有着重要的借鉴意义.本文试简要探讨到目前为止国际社会的一些工作.