J. Theor. Appl. Electron. Commer. Res., Volume 1, Issue 2 (August 2006) – 9 articles

As universities seek to adopt increased e-business, e-commerce and e-learning initiates, the overall approach taken for security management within the organisation plays an increasingly relevant role. In many cases security in universities is approached through the addition of tactical solutions. Often systems security is added on as a final consideration instead of during early design stages. This approach can be incomprehensive and inefficient. Although this approach can provide limited security, there is no guarantee that business requirements for security are incorporated and integrated effectively. This situation is partly due to security management in Australian universities being challenged by the complexity of both university culture and diverse operating environments. In many circumstances the champion for security in universities tends to be relegated to an officer in the IT department, hidden away from the business itself. Often this person with operational responsibility for security will have a detailed understanding of what should occur in security, but faces difficulties in determining exactly how to go about achieving this on an enterprise level. In order to assist in securing university IT systems and thereby improving e-business security, this research proposes a security practitioner’s management model. This model is aimed at facilitating the transition of security knowledge into actual implementation across the enterprise, with an end goal of an improved culture of compliance towards security practices in the university sector. This work is of significant value as it results from a study into specific security management issues facing Australian universities. This study highlights that future research would be well-placed to focus on benchmarking information security management within the university sector. Full article

M-commerce, a growing sub-category of E-business, allows business to be done ‘anywhere, anytime’. However security of wireless devices remains problematic. It is unclear whether protocols to alleviate security problems, such as wireless vulnerability assessments (WNVAs), are being used or are effective. The paper reports on a survey-based study of Australian computer security professionals’ use of and opinions about two types of WNVA: wireless monitoring and penetration testing. An initially surprising finding was how little both types are used, despite the ease with which wireless networks can be attacked and the fact that penetration testing is fairly well understood. In the light of organizational culture the survey findings become more explicable. Senior management, and even IT staff, may still hold a traditional, ‘wired network’ view of their organization. Aspects of organizational culture also appear to limit the way WNVA users go about the assessment process. A cultural shift could help change users’ perceptions about the risks and rewards of WNVAs. This could threaten IT staff’s professional identity, however, and needs further research. Full article

This paper examines the users’ perspective on the security of Internet banking in Australia within the social context. This user-centered design approach supplements the technological and industrial approaches to security. The user-centered research on banking was conducted at the Royal Melbourne University of Technology University and Griffith University, both of which are part of the Smart Internet Technology Cooperative Research Centre. We conclude that the most effective way to increase the perception of Internet banking security is to increase ease of use, convenience, personalisation and trust. Without the perception of security, there will be little trust in banking and transactions on the Internet. This will impede the use of Internet banking and e-commerce which are increasingly important aspects of the nation’s critical infrastructure. Full article

The expansion of new platforms of digital democracy does not necessarily entail an increase in citizen participation. The VOTESCRIPT group has made a sociological analysis to determine the causes of this apparent failure, reaching the conclusion that users are demanding capabilities that are not available in present systems. This paper presents a proposal for an advanced system of debate in an environment of digital democracy which overcomes the limitations of existing systems. We have been especially careful in applying security procedures in telematic systems, for they are to offer citizens the guarantees that society demands. New functional tools have been included to ensure user authentication and to permit anonymous participation where the system is unable to disclose or even to know the identity of system users. The platform prevents participation by non-entitled persons who do not belong to the authorized group from giving their opinion. Furthermore, this proposal allows for verifying the proper function of the system, free of tampering or fraud intended to alter the conclusions or outcomes of participation. All these tools guarantee important aspects of both a social and technical nature, most importantly: freedom of expression, equality and auditability. Full article

The purpose of this paper is to present the perceptions and experiences of Electronic Commerce (EC) implementation in Australia. The study is investigated from the perspective of Small- and Medium-sized Enterprises (SMEs) and the framework of implementation is represented by the extent of deployment. Based on the sample of about 115 small businesses in Australia, this paper uses regression modelling to explore and establish the factors that are related to the extent of deployment in EC. A multiple regression analysis shows that seven factors: perceived relative advantage, trialability, observability, variety of information sources, communication amount, competitive pressure, and non-trading institutional influences, significantly influence the extent of EC deployment by SMEs in Australia. The results and interpretations have some implications for managers in determining the appropriateness of deploying EC strategies to achieve profitability and operational efficiency. Full article

This paper describes the use of experiential learning theory in the development of an undergraduate subject in collaborative systems. The purpose of the subject was to introduce students to the design, development and use of collaborative systems in organizational environments. Early in the subject’s development it was decided that in order for students to gain a deeper understanding of the issues involved in the development of collaborative systems, they should collaborate using an e-learning system so that they could experience these problems first hand. The paper provides an overview of the subject structure, the views of students with regard to the learning approach and some of the outcomes that were observed. The findings revealed that the experiential approach was successful in providing students with a good understanding of the issues associated with the design and use of collaborative systems. However, while many achieved deeper learning outcomes than would normally be provided by a traditional didactic approach, there were students who failed to achieve the desired learning levels. The findings not only provide support for Perry’s model of intellectual development and the value of setting unstructured problems, but also demonstrate the need for structure in early experiential events to which students are exposed. Full article

This study deals with user acceptability of a proposed e-Passport in the European Union (EU). E-passport is an advanced version of a combined national identity card and travelling document which holds digitised biometric features of its associated individual for enhanced security of personal authentication. We attempt here to investigate the nature of the innovation and citizens’ attitudes to an e-Passport (or analogous innovation) in a range of socio-political-contexts within which the implementation occur. This paper reports the findings of an Internet Survey, conducted as the second part following a larger research program on biometrics-based e- Identity (e-Passport) acceptability and deployment issues. The data collected are interpreted under the guidance of the theoretic framework ‘Price of Convenience’ briefly described and fully referenced herein and theories of national culture after Hofstede [15], [16]. We found that although a direct and complete extrapolation of results from countries of similar cultural dimensions to another is not possible, limited referencing is still possible and provides a rather rich understanding of a country when it is used together with other dimensions of study. Although useful in helping to draw parallels between different countries, Hofstede’s work is not all encompassing. Thus we also proposed other contingency factors and indicators for e-Passport acceptance which can make countries with similar cultural dimensions appear very different in biometric technological adoption. Full article

In this paper we present an anonymous protocol for a mobile payment system based on a Kiosk Centric Case Mobile Scenario where the customer cannot communicate with the issuer due to absence of Internet access with her mobile device and the costs of implementing other mechanism of communication between both of them are high. Our protocol protects the real identity of the clients during the purchase and employs a digital signature scheme with message recovery using self-certified public keys that reduces the public space and the communication cost in comparison with the certificate-based signature schemes. Moreover, our proposed protocol requires low computational power that makes it suitable for mobile devices. As a result, our proposal illustrates how a portable device equipped with a short range link (such Bluetooth, Infrared or Wi-Fi) and low computational power should be enough to interact with a vendor machine in order to buy goods or services in a secure way. Full article