C4.5: programs for machine learning
C4.5: programs for machine learning
Information and Management
Data Envelopment Analysis: Theory, Methodology and Application
Data Envelopment Analysis: Theory, Methodology and Application
The economics of information security investment
ACM Transactions on Information and System Security (TISSEC)
Information Systems Control and Audit
Information Systems Control and Audit
Why there aren't more information security research studies
Information and Management
A model for evaluating IT security investments
Communications of the ACM - Has the Internet become indispensable?
Measuring DEA efficiency in internet companies
Decision Support Systems
Efficiency analysis of controls in EDI applications
Information and Management
Investigating factors affecting the adoption of anti-spyware systems
Communications of the ACM - Spyware
Expert Systems with Applications: An International Journal
Generation of comprehensible decision trees through evolution of training data
CEC '02 Proceedings of the Evolutionary Computation on 2002. CEC '02. Proceedings of the 2002 Congress - Volume 02
Threats and countermeasures for information system security: A cross-industry study
Information and Management
Expert Systems with Applications: An International Journal
Efficiency evaluation of data warehouse operations
Decision Support Systems
Expert Systems with Applications: An International Journal
Using case-based reasoning for the design of controls for internet-based information systems
Expert Systems with Applications: An International Journal
An integrative study of information systems security effectiveness
International Journal of Information Management: The Journal for Information Professionals
Elucidating clinical context of lymphopenia by nonlinear modelling
Expert Systems with Applications: An International Journal
Credit risk assessment and decision making by a fusion approach
Knowledge-Based Systems
Hi-index | 0.00 |
Appropriate guidelines for controls in B2C (business-to-consumer) applications (hereafter B2C controls) should be provided such that these guidelines accomplish efficiency of controls in the context of specific system environments, given that many resources and skills are required for the implementation of such controls. This study uses a two-step process for the assessment of B2C controls, i.e., efficiency analysis and recommendation of controls. First, using a data envelopment analysis (DEA) model, the study analyzes the efficiency of B2C controls installed by three groups of organizations: financial firms, retail firms, and information service providers. The B2C controls are composed of controls for system continuity, access controls, and communication controls. DEA model uses B2C controls as input and three variables of implementation of B2C applications, i.e., volume, sophistication, and information contents as output. Second, decision trees are used to determine efficient firms and generate rules for recommending levels of controls. The results of the investigation of the DEA model indicate that retail firms and information service providers implement B2C controls more efficiently than financial firms do. Controls for system continuity are implemented more efficiently than access controls. In financial firms, controls for system continuity, communication controls, and access controls, in a descending order, are efficiently adopted in B2C applications. Every company can determine its relative level of reduction in each component of controls in order to make the control system efficient. The firms that efficiently implement B2C controls are determined using a decision tree model. The decision tree model is further used to recommend the level of controls and suggest rules for controls recommendation. This suggests the possibility of using decision trees for controls assessment in B2C applications.