系統識別號 | U0002-0207201816564800 |
---|---|
DOI | 10.6846/TKU.2018.00047 |
論文名稱(中文) | 資安威脅對使用者持續使用資安防護軟體意圖的影響 |
論文名稱(英文) | The Impact of Security Threats on Users’ Continuing Use of Information Security Software Intentions |
第三語言論文名稱 | |
校院名稱 | 淡江大學 |
系所名稱(中文) | 資訊管理學系碩士在職專班 |
系所名稱(英文) | On-the-Job Graduate Program in Advanced Information Management |
外國學位學校名稱 | |
外國學位學院名稱 | |
外國學位研究所名稱 | |
學年度 | 106 |
學期 | 2 |
出版年 | 107 |
研究生(中文) | 秦宗輝 |
研究生(英文) | Tsung-Hui Chin |
學號 | 705630167 |
學位類別 | 碩士 |
語言別 | 繁體中文 |
第二語言別 | |
口試日期 | 2018-06-02 |
論文頁數 | 50頁 |
口試委員 |
指導教授
-
吳錦波
委員 - 吳錦波 委員 - 梁德昭 委員 - 郭秋田 |
關鍵字(中) |
資訊安全 恐懼訴求 社會影響力 知覺有用性 使用者持續使用意圖 |
關鍵字(英) |
information secuity fear appearl social influence perceived usefulness user’s continuance intention |
第三語言關鍵字 | |
學科別分類 | |
中文摘要 |
現代社會以大量資訊設備與連結的網路為基礎,建構出能夠快速大量交換資訊的現代生活面貌。從中創造出各種新興經濟模式並產生龐大利益,但也衍生出透過網路攻擊個人或組織的新型犯罪模式。個人使用者面對資安威脅持續存在的情況下,其態度與反應的情況又是如何? 本研究針對資安威脅是否影響使用者持續使用資安防護軟體意圖進行研究,透從恐懼訴求的角度將存在的資安威脅作為驅動知覺有用性的主要成分,用以探討資安威脅以及使用者身邊的社會影響力,分析來自威脅與來自社會的影響是否成為對使用者持續使用意圖的影響因素。 研究成果顯示資安威脅的存在確實對使用者的知覺有用性有正向影響,而社會影響力同樣對使用者的持續使用意圖亦為正向影響,但影響使用者最大因素來自於資安防護軟體使用滿意度。本研究貢獻在於增加對使用者資安防護軟體意圖脈絡影響因素的理解並作為未來研究方向的基礎。 |
英文摘要 |
Modern society which is based on a huge numbers of information devices and connected with networks that can quickly and massively exchange information. It creates a variety of emerging economic models and generates huge benefits, but it also derives new type of criminal models that attack individuals or organizations through the Internet. What is the attitude and reaction of individual users when facing the continued threat of security? This study aims to investigate whether external threats affect the user’s intention to continue using the security software, and from the perspective of fear appeal, the existing security threat is used as the main component to drive the perceived usefulness to explore external threats and users. Also analyzes influences from society have become influential factors for users’ continuous use intentions or not The results show that the existence of an security threat does have a positive effect on the user's perceived usefulness, while the social influence also has a positive effect on the user's continuous use intention. However, the biggest factor affecting the user comes from the security software's satisfaction. The contribution of this research is to increase the understanding of the influencing factors of the user's network security protection software and to serve as a basis for future research. |
第三語言摘要 | |
論文目次 |
目 次 目 次 VI 表目錄 VII 圖目錄 VIII 第一章 緒論 1 第一節 研究背景與動機 1 第二節 研究目的 2 第三節 研究流程 3 第四節 論文架構 4 第二章 文獻探討 5 第一節 資訊安全威脅 5 第二節 恐懼訴求 7 第三節 期望確認理論與IS持續使用意圖理論 9 第三章 研究方法 12 第一節 研究架構 12 第二節 研究假設 13 第三節 操作型定義與衡量問項 19 第四節 問卷設計 26 第四章 資料分析與結果 27 第一節 基本資料分析 27 第二節 問卷資料分析 30 第三節 信度與效度檢定 32 第四節 假說與理論模型之驗證 33 第五章 結論與建議 36 第一節 結論 36 第二節 理論與實務意涵 38 第三節 研究限制 39 第四節 研究建議與未來方向 39 參考文獻 41 附錄A:問卷 45 附錄B:研究模型之路徑分析結果 50 表目錄 表2-1 部分資安威脅事件類型統計 6 表4-1 基本資料分析 27 表4-1 基本資料分析(續) 28 表4-2 因素分析 30 表4-2 因素分析(續) 31 表4-3 信效度分析表 32 表4-4 路徑係數分析結果 34 表4-5 11組假說檢定結果 35 圖目錄 圖1-1 研究流程圖 3 圖2-1 Johnston & Warkentin恐懼訴求模型 8 圖2-2 期望確認理論模型 9 圖2-3 資訊系統持續使用意圖理論模型 11 圖3-1 本研究建立之威脅驅動-IS持續使用模型 13 圖4-1 研究模型驗證結果 33 |
參考文獻 |
[1] Ajzen, I. (1991). The theory of planned behavior. Organizational Behavior and Human Decision Processes, 50(2), 179-211. doi:https://doi.org/10.1016/0749-5978(91)90020-T [2] Anderson, C. L., & Agarwal, R. (2010). Practicing Safe Computing: A Multimethod Empirical Examination of Home Computer User Security Behavioral Intentions. MIS Quarterly, 34(3), 613-643. doi:10.2307/25750694 [3] Anderson, E. W., & Sullivan, M. W. (1993). The Antecedents and Consequences of Customer Satisfaction for Firms. Marketing Science, 12(2), 125-143. [4] Bargh, J. A., & McKenna, K. Y. A. (2004). The Internet and Social Life. Annual Review of Psychology, 55(1), 573-590. doi:10.1146/annurev.psych.55.090902.141922 [5] Baskerville, R. (1993). “Information Systems Security Design Methods: Implications for Information Systems Development” (Vol. 25). [6] Bhattacherjee, A. (2001a). An empirical analysis of the antecedents of electronic commerce service continuance. Decision Support Systems, 32(2), 201-214. doi:https://doi.org/10.1016/S0167-9236(01)00111-7 [7] Bhattacherjee, A. (2001b). Understanding Information Systems Continuance: An Expectation-Confirmation Model. MIS Quarterly, 25(3), 351-370. doi:10.2307/3250921 [8] Boss, S. R., Kirsch, L. J., Angermeier, I., Shingler, R. A., & Boss, R. W. (2009). If someone is watching, I'll do what I'm asked: mandatoriness, control, and information security. European Journal of Information Systems, 18(2), 151-164. doi:10.1057/ejis.2009.8 [9] Castells, M. (1996). The rise of the network society. Malden, Mass.: Blackwell Publishers. [10] Cronin, J. J., & Taylor, S. A. (1992). Measuring Service Quality: A Reexamination and Extension. Journal of Marketing, 56(3), 55-68. doi:10.2307/1252296 [11] D'Arcy, J., Hovav, A., & Galletta, D. (2009). User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach. Info. Sys. Research, 20(1), 79-98. doi:10.1287/isre.1070.0160 [12] Davis, F. D., Bagozzi, R. P., & Warshaw, P. R. (1989). User Acceptance of Computer Technology: A Comparison of Two Theoretical Models. Management Science, 35(8), 982-1003. doi:10.1287/mnsc.35.8.982 [13] Dwyer, F. R., Schurr, P. H., & Oh, S. (1987). Developing Buyer-Seller Relationships. Journal of Marketing, 51(2), 11-27. doi:10.2307/1251126 [14] Evans, P., & Wurster, T. S. (2000). Blown to bits : how the new economics of information transforms strategy. Boston, Mass.: Harvard Business School Press. [15] Fishbein, M., & Ajzen, I. (1975). Belief, attitude, intention, and behavior : an introduction to theory and research. Reading, Mass.: Addison-Wesley Pub. Co. [16] Hoffer, J. A., & Straub, D. W., Jr. (1989). The 9 to 5 underground: are you policing computer crimes? Sloan Management Review(4), 35. [17] Hovland, C. I. (1953). Communication and persuasion; psychological studies of opinion change. New Haven,: Yale University Press. [18] Johnston, & Warkentin. (2010). Fear Appeals and Information Security Behaviors: An Empirical Study. MIS Quarterly, 34(3), 549-566. doi:10.2307/25750691 [19] Karahanna, E., Straub, D., & Chervany, N. (1999). Information Technology Adoption Across Time: A Cross-Sectional Comparison of Pre-Adoption and Post-Adoption Beliefs (Vol. 23). [20] L. Thompson, R., A. Higgins, C., & M. Howell, J. (1991). Personal Computing: Toward a Conceptual Model of Utilization (Vol. 15). [21] Lewis, W., Agarwal, R., & Sambamurthy, V. (2003). Sources of Influence on Beliefs about Information Technology Use: An Empirical Study of Knowledge Workers. MIS Quarterly, 27(4), 657-678. doi:10.2307/30036552 [22] Lin, C. S., Wu, S., & Tsai, R. J. (2005). Integrating perceived playfulness into expectation-confirmation model for web portal context. Information & Management, 42(5), 683-693. doi:https://doi.org/10.1016/j.im.2004.04.003 [23] Maddux, J., & W. Rogers, R. (1983). Protection Motivation and Self-Efficacy: A Revised Theory of Fear Appeals and Attitude Change (Vol. 19). [24] Moore, G. C., & Benbasat, I. (1991). Development of an Instrument to Measure the Perceptions of Adopting an Information Technology Innovation. Information Systems Research, 2(3), 192-222. doi:10.1287/isre.2.3.192 [25] Oliver, R. L. (1980). A Cognitive Model of the Antecedents and Consequences of Satisfaction Decisions. Journal of Marketing Research, 17(4), 460-469. doi:10.2307/3150499 [26] Oliver, R. L. (1993). Cognitive, Affective, and Attribute Bases of the Satisfaction Response. Journal of Consumer Research, 20(3), 418-430. doi:10.1086/209358 [27] Patterson, P. G., Johnson, L. W., & Spreng, R. A. (1997). Modeling the determinants of customer satisfaction for business-to-business professional services. Journal of the Academy of Marketing Science, 25(1), 4. doi:10.1007/BF02894505 [28] Rezabakhsh, B., Bornemann, D., Hansen, U., & Schrader, U. (2006). Consumer Power: A Comparison of the Old Economy and the Internet Economy. Journal of Consumer Policy, 29(1), 3-36. doi:10.1007/s10603-005-3307-7 [29] Roca, J. C., Chiu, C.-M., & Martínez, F. J. (2006). Understanding e-learning continuance intention: An extension of the Technology Acceptance Model. International Journal of Human-Computer Studies, 64(8), 683-696. doi:https://doi.org/10.1016/j.ijhcs.2006.01.003 [30] Rogers, E. M. (1995). Diffusion of innovations (4th ed.). New York: Free Press. [31] Rogers, R. W. (1975). A Protection Motivation Theory of Fear Appeals and Attitude Change1. The Journal of Psychology, 91(1), 93-114. doi:10.1080/00223980.1975.9915803 [32] Siponen, M. T. (2005). Analysis of modern IS security development approaches: towards the next generation of social and adaptable ISS methods. Information and Organization, 15(4), 339-375. doi:https://doi.org/10.1016/j.infoandorg.2004.11.001 [33] Symantec. (2012). ISTR: Symantec internet security threat report. 2011 Trends. 17. [34] Symantec. (2013). ISTR: Symantec internet security threat report. 2012 Trends. 18. [35] Symantec. (2014). ISTR: Symantec internet security threat report. 2013 Trends. 19. [36] Symantec. (2015). ISTR: Symantec internet security threat report. 2014 Trends. 20. [37] Symantec. (2016). ISTR: Symantec internet security threat report. 2015 Trends. 21. [38] Symantec. (2017). ISTR: Symantec internet security threat report. 2016 Trends. 22. [39] Venkatesh, V., & Bala, H. (2008). Technology Acceptance Model 3 and a Research Agenda on Interventions. Decision Sciences, 39(2), 273-315. doi:10.1111/j.1540-5915.2008.00192.x [40] Venkatesh, V., & Davis, F. D. (2000). A Theoretical Extension of the Technology Acceptance Model: Four Longitudinal Field Studies. Management Science, 46(2), 186-204. doi:10.1287/mnsc.46.2.186.11926 [41] Venkatesh, V., G Morris, M., B Davis, G., & Davis, F. (2003). User Acceptance of Information Technology: Toward a Unified View (Vol. 27). [42] Villarroel, R., Fernández-Medina, E., & Piattini, M. (2005). Secure information systems development – a survey and comparison. Computers & Security, 24(4), 308-321. doi:https://doi.org/10.1016/j.cose.2004.09.011 [43] Wall, D. (2003). Cyberspace crime. Aldershot: Ashgate. [44] Wall, D. (2004). What are Cybercrimes? Criminal Justice Matters, 58(1), 20-21. doi:10.1080/09627250408553239 [45] Wall, D. (2007). Cybercrime : the transformation of crime in the information age. Cambridge, UK ; Malden, MA . Polity. [46] Witte, K. (1992). Putting the fear back into fear appeals: The extended parallel process model. Communication Monographs, 59(4), 329-349. doi:10.1080/03637759209376276 [47] Workman, M., Bommer, W. H., & Straub, D. (2008). Security lapses and the omission of information security measures: A threat control model and empirical test. Computers in Human Behavior, 24(6), 2799-2816. doi:https://doi.org/10.1016/j.chb.2008.04.005 |
論文全文使用權限 |
如有問題,歡迎洽詢!
圖書館數位資訊組 (02)2621-5656 轉 2487 或 來信