Confidentiality, Integrity, and Availability of Knowledge and Data Minitrack

Permanent URI for this collection

https://hdl.handle.net/10125/42516

We have heard and read many times in the last several decades that the most important asset of an organization is the knowledge of its employees. While this knowledge can be a target of sophisticated cyber-attacks or fraud, most likely the leaking of knowledge can happen because of careless organizational practices, asset misuse, or behavior of employees. Organizations put in place many technology-based security measures (firewalls, filtering systems) to guard against attacks, yet it is not that easy to guard against the human-side of security practices. An organization can have the best security technology in place, yet a careless employee talking or emailing or posting on Facebook about the ‘new development’ at the company bypasses all this security technology with ease.

Furthermore, one can find lot of information about current projects done by a company by searching the web. How can an organization effectively protect its intellectual property remains an unanswered question. What type of security and intelligence techniques are out that that can protect the intellectual property? What are the best ways to train employees so that they would spot potentially criminal activity, such as fraud, among employees? Could crowdsourcing be used in this case, meaning asking employees to vote on a particular issue to determine whether it represents a potential threat? Could implementation of KMS potentially cause legal problems because some KM artifacts could be uncovered during discovery and used as evidence against a company?

This minitrack seeks papers that investigate issues related to security and protection of intellectual assets and explore how organizations can use security measures to protect their KM practices. Possible topics include, but are not limited to:

  • Securing intellectual assets
  • Filtering messages regarding current business practices on social media (e.g., Facebook, LinkedIn)
  • Legal concerns when implementing KMS
  • Techniques used to scan employee communication channels (e.g., email, Facebook, text messages)
  • Security strategies within and outside the company boundaries
  • Training employees on potential threats to security breaches
  • Preventative measures to secure KM assets
  • Knowledge loss risk management
  • Impact of immigration and cultural issues on potential KM security breach
  • Using KM security to mitigate impacts of retirement and worker transience
  • Measuring risk of knowledge loss due to security breach
  • Security models and architectures for knowledge systems
  • Modeling risk in knowledge systems
  • Tradeoffs in knowledge systems between security and knowledge sharing
  • Technologies for knowledge system security
  • Using Knowledge and KM to improve organizational security

Minitrack Co-Chairs:

Alexandra Durcikova (Primary Contact)
University of Oklahoma
Email: alex@ou.edu

Murray Jennex
San Diego State University
Email: mjennex@mail.sdsu.edu

Browse

Recent Submissions

Now showing 1 - 3 of 3
  • Item
    Introducing the Factor Importance to Trust of Sources and Certainty of Data in Knowledge Processing Systems - A new Approach for Incorporation and Processing
    ( 2017-01-04) Jäger, Markus ; Küng, Josef
    In knowledge processing systems data is gathered from several sources. After some calculating and processing steps are taken in the system, a result is finally computed and may be used for further steps or by other systems. Most of the time the origin and provenance of input data is not verified. Using unverified data can cause inconsistencies in processing and generating output, and could lead to corrupting threats for the system and the environment as a whole. \ \ We propose an approach where several characterizing values in a given environment - trust of source, certainty of data, and importance (of data) in the current processing step - are used to compute new output characteristics of a knowledge processing system. These values represent the trustworthiness and the certainty of the output in multi-step processing systems based on all used sources and input data. We demonstrate the application of our approach on simple and advanced fictitious scenarios as well as on a real world scenario from the agricultural domain.
  • Item
    Combating Phishing Attacks: A Knowledge Management Approach
    ( 2017-01-04) Jensen, Matthew ; Durcikova, Alexandra ; Wright, Ryan
    This paper explores how an organization can utilize its employees to combat phishing attacks collectively through coordinating their activities to create a human firewall. We utilize knowledge management research on knowledge sharing to guide the design of an experiment that explores a central reporting and dissemination platform for phishing attacks. The 2x2 experiment tests the effects of public attribution (to the first person reporting a phishing message) and validation (by the security team) of phishing messages on reporting motivation and accuracy. Results demonstrate that knowledge management techniques are transferable to organizational security and that knowledge management can benefit from insights gained from combating phishing. Specifically, we highlight the need to both publicly acknowledge the contribution to a knowledge management system and provide validation of the contribution. As we saw in our experiment, doing only one or the other does not improve outcomes for correct phishing reports (hits).
  • Item