Abstract
Sharing information between collaborators without relinquishing control of that information has for many years been a tantalizing goal in the research community, but despite application support, the concept of usage control has failed to take hold in the business community. In this paper we present the results of a case study in the Norwegian oil & gas domain. The purpose of the study is to better understand the reasons for the slow adoption rate of usage control technology to control shared information. To this end we investigate risk perception, existing control measures and the attitude towards usage control technology. The study shows that although participants in the case study do not think their information is properly protected, there are several practical challenges that prevent them from adopting usage control technology as a means to improve protection.
Chapter PDF
References
Park, J., Sandhu, R.: The UCON ABC usage control model. ACM Trans. Inf. Syst. Secur. 7, 128–174 (2004)
Nyre, Å.A.: Usage Control Enforcement - A Survey. In: Tjoa, A.M., Quirchmayr, G., You, I., Xu, L. (eds.) ARES 2011. LNCS, vol. 6908, pp. 38–49. Springer, Heidelberg (2011)
Pretschner, A., Hilty, M., Basin, D.: Distributed usage control. Communications of the ACM 49, 39–44 (2006)
Norman, P., Boer, H., Seydel, E.R.: Protection motivation theory. In: Conner, M., Norman, P. (eds.) Predicting Health Behaviour: Research and Practice with Social Cognition Models, pp. 81–126. Open University Press, Maidenhead (2005)
Rogers, R.W.: A protection motivation theory of fear appeals and attitude. Journal of Psychology 91 (1975)
Rogers, E.M.: Diffusion of Innovations, 5th edn. Free Press (2003)
Nyre, Å.A., Jaatun, M.G.: On the adoption of usage control technology in collaborative environments. In: Proceedings of the 12th International Conference on Innovative Internet Community Systems, Trondheim, Norway (accepted for publication, 2012)
Seaman, C.B.: Qualitative methods. In: Shull, F., Singer, J., Sjøberg, D.I.K. (eds.) Guide to Advanced Empirical Software Engineering, pp. 35–62. Springer, London (2008)
Robson, C.: Real World Research, 3rd edn. John Wiley & Sons (2011)
Siponen, M., Pahnila, S., Mahmood, A.: Employees’ Adherence to Information Security Policies: An Empirical Study. In: Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Solms, R. (eds.) New Approaches for Security, Privacy and Trust in Complex Environments. IFIP, vol. 232, pp. 133–144. Springer, Boston (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Nyre, Å.A., Jaatun, M.G. (2012). Usage Control in Inter-organisational Collaborative Environments – A Case Study from an Industry Perspective. In: Quirchmayr, G., Basl, J., You, I., Xu, L., Weippl, E. (eds) Multidisciplinary Research and Practice for Information Systems. CD-ARES 2012. Lecture Notes in Computer Science, vol 7465. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32498-7_24
Download citation
DOI: https://doi.org/10.1007/978-3-642-32498-7_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32497-0
Online ISBN: 978-3-642-32498-7
eBook Packages: Computer ScienceComputer Science (R0)