ASU Electronic Theses and Dissertations
This collection includes most of the ASU Theses and Dissertations from 2011 to present. ASU Theses and Dissertations are available in downloadable PDF format; however, a small percentage of items are under embargo. Information about the dissertations/theses includes degree information, committee members, an abstract, supporting data or media.
In addition to the electronic theses found in the ASU Digital Repository, ASU Theses and Dissertations can be found in the ASU Library Catalog.
Dissertations and Theses granted by Arizona State University are archived and made available through a joint effort of the ASU Graduate College and the ASU Libraries. For more information or questions about this collection contact or visit the Digital Repository ETD Library Guide or contact the ASU Graduate College at gradformat@asu.edu.
Displaying 31 - 40 of 134
Filtering by
- Creators: Ahn, Gail-Joon
- Creators: Shen, Wei
Description冷链物流主要是指食品在生产到消费者食用前始终处于适宜的温度环境,以保障食品品质、降低流通过程中的损耗。冷链物流相比于传统物流而言是一项更复杂的系统性工程,受到政策和市场需求的影响呈现迅猛发展态势。但是,冷链物流企业长期以来因规模小、固定资产少、服务范围窄、服务规范性弱而发展困难重重,核心问题是资金的问题。政府引导和鼓励打造冷链物流产业园,推动产业园投资和建设主体打造平台,实现对园区内冷链企业的聚集效应并通过金融服务解决企业发展的资金问题。通过产融结合助力冷链物流企业发展,成为目前冷链物流行业发展的主要方式和未来趋势。
本研究聚焦冷链物流产业园金融服务助力冷链物流企业发展问题,主要研究内容包括:第一,基于产融结合理论,梳理冷链物流企业与产业园之间关系,从供需两侧探索冷链物流企业和产业园的金融服务的范围、类型和特点。第二,基于平台理论,构建冷链物流企业采纳产业园金融服务的研究模型,探索金融服务影响冷链物流企业的经营因素,分析冷链物流企业采纳产业园金融服务的因素和途径。第三,基于信息不对称理论,关切信息技术支持和知识分享在冷链物流企业采纳产业园提供金融服务过程中的调节作用。同时,梳理产业园提供金融服务可能面临哪些风险,制订冷链物流企业入驻园区的标准,防范风险。
本文运用实证研究方法,通过对国内18家冷链物流相关的产业园、物流园、冷链物流、商贸流通、金融等企业实地考察和专家访谈基础上,拟定问卷并对268家企业进行调查收集数据,使用结构方程模型进行假设检验。研究发现:金融服务的有形性、可靠性、移情性、经济性对冷链物流企业采纳产业园金融服务影响显著,而响应性的影响不显著。同时
信息技术支持和知识共享的调节作用不显著。最后,针对产业园吸引冷链物流企业提供金融服务、冷链物流企业采纳产业园金融服务的风险,提出防范策略措施。
本研究聚焦冷链物流产业园金融服务助力冷链物流企业发展问题,主要研究内容包括:第一,基于产融结合理论,梳理冷链物流企业与产业园之间关系,从供需两侧探索冷链物流企业和产业园的金融服务的范围、类型和特点。第二,基于平台理论,构建冷链物流企业采纳产业园金融服务的研究模型,探索金融服务影响冷链物流企业的经营因素,分析冷链物流企业采纳产业园金融服务的因素和途径。第三,基于信息不对称理论,关切信息技术支持和知识分享在冷链物流企业采纳产业园提供金融服务过程中的调节作用。同时,梳理产业园提供金融服务可能面临哪些风险,制订冷链物流企业入驻园区的标准,防范风险。
本文运用实证研究方法,通过对国内18家冷链物流相关的产业园、物流园、冷链物流、商贸流通、金融等企业实地考察和专家访谈基础上,拟定问卷并对268家企业进行调查收集数据,使用结构方程模型进行假设检验。研究发现:金融服务的有形性、可靠性、移情性、经济性对冷链物流企业采纳产业园金融服务影响显著,而响应性的影响不显著。同时
信息技术支持和知识共享的调节作用不显著。最后,针对产业园吸引冷链物流企业提供金融服务、冷链物流企业采纳产业园金融服务的风险,提出防范策略措施。
ContributorsYang, Su (Author) / Shen, Wei (Thesis advisor) / Chen, Xinlei (Thesis advisor) / Gu, Bin (Committee member) / Arizona State University (Publisher)
Created2019
Description
The telephone network is used by almost every person in the modern world. With the rise of Internet access to the PSTN, the telephone network today is rife with telephone spam and scams. Spam calls are significant annoyances for telephone users, unlike email spam, spam calls demand immediate attention. They are not only significant annoyances but also result in significant financial losses in the economy. According to complaint data from the FTC, complaints on illegal calls have made record numbers in recent years. Americans lose billions to fraud due to malicious telephone communication, despite various efforts to subdue telephone spam, scam, and robocalls.
In this dissertation, a study of what causes the users to fall victim to telephone scams is presented, and it demonstrates that impersonation is at the heart of the problem. Most solutions today primarily rely on gathering offending caller IDs, however, they do not work effectively when the caller ID has been spoofed. Due to a lack of authentication in the PSTN caller ID transmission scheme, fraudsters can manipulate the caller ID to impersonate a trusted entity and further a variety of scams. To provide a solution to this fundamental problem, a novel architecture and method to authenticate the transmission of the caller ID is proposed. The solution enables the possibility of a security indicator which can provide an early warning to help users stay vigilant against telephone impersonation scams, as well as provide a foundation for existing and future defenses to stop unwanted telephone communication based on the caller ID information.
In this dissertation, a study of what causes the users to fall victim to telephone scams is presented, and it demonstrates that impersonation is at the heart of the problem. Most solutions today primarily rely on gathering offending caller IDs, however, they do not work effectively when the caller ID has been spoofed. Due to a lack of authentication in the PSTN caller ID transmission scheme, fraudsters can manipulate the caller ID to impersonate a trusted entity and further a variety of scams. To provide a solution to this fundamental problem, a novel architecture and method to authenticate the transmission of the caller ID is proposed. The solution enables the possibility of a security indicator which can provide an early warning to help users stay vigilant against telephone impersonation scams, as well as provide a foundation for existing and future defenses to stop unwanted telephone communication based on the caller ID information.
ContributorsTu, Huahong (Author) / Doupe, Adam (Thesis advisor) / Ahn, Gail-Joon (Thesis advisor) / Huang, Dijiang (Committee member) / Zhang, Yanchao (Committee member) / Zhao, Ziming (Committee member) / Arizona State University (Publisher)
Created2017
Description
Compartmentalizing access to content, be it websites accessed in a browser or documents and applications accessed outside the browser, is an established method for protecting information integrity [12, 19, 21, 60]. Compartmentalization solutions change the user experience, introduce performance overhead and provide varying degrees of security. Striking a balance between usability and security is not an easy task. If the usability aspects are neglected or sacrificed in favor of more security, the resulting solution would have a hard time being adopted by end-users. The usability is affected by factors including (1) the generality of the solution in supporting various applications, (2) the type of changes required, (3) the performance overhead introduced by the solution, and (4) how much the user experience is preserved. The security is affected by factors including (1) the attack surface of the compartmentalization mechanism, and (2) the security decisions offloaded to the user. This dissertation evaluates existing solutions based on the above factors and presents two novel compartmentalization solutions that are arguably more practical than their existing counterparts.
The first solution, called FlexICon, is an attractive alternative in the design space of compartmentalization solutions on the desktop. FlexICon allows for the creation of a large number of containers with small memory footprint and low disk overhead. This is achieved by using lightweight virtualization based on Linux namespaces. FlexICon uses two mechanisms to reduce user mistakes: 1) a trusted file dialog for selecting files for opening and launching it in the appropriate containers, and 2) a secure URL redirection mechanism that detects the user’s intent and opens the URL in the proper container. FlexICon also provides a language to specify the access constraints that should be enforced by various containers.
The second solution called Auto-FBI, deals with web-based attacks by creating multiple instances of the browser and providing mechanisms for switching between the browser instances. The prototype implementation for Firefox and Chrome uses system call interposition to control the browser’s network access. Auto-FBI can be ported to other platforms easily due to simple design and the ubiquity of system call interposition methods on all major desktop platforms.
The first solution, called FlexICon, is an attractive alternative in the design space of compartmentalization solutions on the desktop. FlexICon allows for the creation of a large number of containers with small memory footprint and low disk overhead. This is achieved by using lightweight virtualization based on Linux namespaces. FlexICon uses two mechanisms to reduce user mistakes: 1) a trusted file dialog for selecting files for opening and launching it in the appropriate containers, and 2) a secure URL redirection mechanism that detects the user’s intent and opens the URL in the proper container. FlexICon also provides a language to specify the access constraints that should be enforced by various containers.
The second solution called Auto-FBI, deals with web-based attacks by creating multiple instances of the browser and providing mechanisms for switching between the browser instances. The prototype implementation for Firefox and Chrome uses system call interposition to control the browser’s network access. Auto-FBI can be ported to other platforms easily due to simple design and the ubiquity of system call interposition methods on all major desktop platforms.
ContributorsZohrevandi, Mohsen (Author) / Bazzi, Rida A (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Doupe, Adam (Committee member) / Zhao, Ming (Committee member) / Arizona State University (Publisher)
Created2018
Description
Reasoning about the activities of cyber threat actors is critical to defend against cyber
attacks. However, this task is difficult for a variety of reasons. In simple terms, it is difficult
to determine who the attacker is, what the desired goals are of the attacker, and how they will
carry out their attacks. These three questions essentially entail understanding the attacker’s
use of deception, the capabilities available, and the intent of launching the attack. These
three issues are highly inter-related. If an adversary can hide their intent, they can better
deceive a defender. If an adversary’s capabilities are not well understood, then determining
what their goals are becomes difficult as the defender is uncertain if they have the necessary
tools to accomplish them. However, the understanding of these aspects are also mutually
supportive. If we have a clear picture of capabilities, intent can better be deciphered. If we
understand intent and capabilities, a defender may be able to see through deception schemes.
In this dissertation, I present three pieces of work to tackle these questions to obtain
a better understanding of cyber threats. First, we introduce a new reasoning framework
to address deception. We evaluate the framework by building a dataset from DEFCON
capture-the-flag exercise to identify the person or group responsible for a cyber attack.
We demonstrate that the framework not only handles cases of deception but also provides
transparent decision making in identifying the threat actor. The second task uses a cognitive
learning model to determine the intent – goals of the threat actor on the target system.
The third task looks at understanding the capabilities of threat actors to target systems by
identifying at-risk systems from hacker discussions on darkweb websites. To achieve this
task we gather discussions from more than 300 darkweb websites relating to malicious
hacking.
attacks. However, this task is difficult for a variety of reasons. In simple terms, it is difficult
to determine who the attacker is, what the desired goals are of the attacker, and how they will
carry out their attacks. These three questions essentially entail understanding the attacker’s
use of deception, the capabilities available, and the intent of launching the attack. These
three issues are highly inter-related. If an adversary can hide their intent, they can better
deceive a defender. If an adversary’s capabilities are not well understood, then determining
what their goals are becomes difficult as the defender is uncertain if they have the necessary
tools to accomplish them. However, the understanding of these aspects are also mutually
supportive. If we have a clear picture of capabilities, intent can better be deciphered. If we
understand intent and capabilities, a defender may be able to see through deception schemes.
In this dissertation, I present three pieces of work to tackle these questions to obtain
a better understanding of cyber threats. First, we introduce a new reasoning framework
to address deception. We evaluate the framework by building a dataset from DEFCON
capture-the-flag exercise to identify the person or group responsible for a cyber attack.
We demonstrate that the framework not only handles cases of deception but also provides
transparent decision making in identifying the threat actor. The second task uses a cognitive
learning model to determine the intent – goals of the threat actor on the target system.
The third task looks at understanding the capabilities of threat actors to target systems by
identifying at-risk systems from hacker discussions on darkweb websites. To achieve this
task we gather discussions from more than 300 darkweb websites relating to malicious
hacking.
ContributorsNunes, Eric (Author) / Shakarian, Paulo (Thesis advisor) / Ahn, Gail-Joon (Committee member) / Baral, Chitta (Committee member) / Cooke, Nancy J. (Committee member) / Arizona State University (Publisher)
Created2018
Description
Network Management is a critical process for an enterprise to configure and monitor the network devices using cost effective methods. It is imperative for it to be robust and free from adversarial or accidental security flaws. With the advent of cloud computing and increasing demands for centralized network control, conventional management protocols like Simple Network Management Protocol (SNMP) appear inadequate and newer techniques like Network Management Datastore Architecture (NMDA) design and Network Configuration (NETCONF) have been invented. However, unlike SNMP which underwent improvements concentrating on security, the new data management and storage techniques have not been scrutinized for the inherent security flaws.
In this thesis, I identify several vulnerabilities in the widely used critical infrastructures which leverage the NMDA design. Software Defined Networking (SDN), a proponent of NMDA, heavily relies on its datastores to program and manage the network. I base my research on the security challenges put forth by the existing datastore’s design as implemented by the SDN controllers. The vulnerabilities identified in this work have a direct impact on the controllers like OpenDayLight, Open Network Operating System and their proprietary implementations (by CISCO, Ericsson, RedHat, Brocade, Juniper, etc). Using the threat detection methodology, I demonstrate how the NMDA-based implementations are vulnerable to attacks which compromise availability, integrity, and confidentiality of the network. I finally propose defense measures to address the security threats in the existing design and discuss the challenges faced while employing these countermeasures.
In this thesis, I identify several vulnerabilities in the widely used critical infrastructures which leverage the NMDA design. Software Defined Networking (SDN), a proponent of NMDA, heavily relies on its datastores to program and manage the network. I base my research on the security challenges put forth by the existing datastore’s design as implemented by the SDN controllers. The vulnerabilities identified in this work have a direct impact on the controllers like OpenDayLight, Open Network Operating System and their proprietary implementations (by CISCO, Ericsson, RedHat, Brocade, Juniper, etc). Using the threat detection methodology, I demonstrate how the NMDA-based implementations are vulnerable to attacks which compromise availability, integrity, and confidentiality of the network. I finally propose defense measures to address the security threats in the existing design and discuss the challenges faced while employing these countermeasures.
ContributorsDixit, Vaibhav Hemant (Author) / Ahn, Gail-Joon (Thesis advisor) / Doupe, Adam (Thesis advisor) / Shoshitaishvili, Yan (Committee member) / Zhao, Ziming (Committee member) / Arizona State University (Publisher)
Created2018
Description
An examination of 12 darkweb sites involved in selling hacking services - often referred to as ”Hacking-as-a-Service” (HaaS) sites is performed. Data is gathered and analyzed for 7 months via weekly site crawling and parsing. In this empirical study, after examining over 200 forum threads, common categories of services available on HaaS sites are identified as well as their associated topics of conversation. Some of the most common hacking service categories in the HaaS market include Social Media, Database, and Phone hacking. These types of services are the most commonly advertised; found on over 50\% of all HaaS sites, while services related to Malware and Ransomware are advertised on less than 30\% of these sites. Additionally, an analysis is performed on prices of these services along with their volume of demand and comparisons made between the prices listed in posts seeking services with those sites selling services. It is observed that individuals looking to hire hackers for these services are offering to pay premium prices, on average, 73\% more than what the individual hackers are requesting on their own sites. Overall, this study provides insights into illicit markets for contact based hacking especially with regards to services such as social media hacking, email breaches, and website defacement.
ContributorsVincent, Brian W (Author) / Shakarian, Paulo (Thesis advisor) / Candan, Selcuk (Committee member) / Ahn, Gail-Joon (Committee member) / Arizona State University (Publisher)
Created2018
Description
Cyber-systems and networks are the target of different types of cyber-threats and attacks, which are becoming more common, sophisticated, and damaging. Those attacks can vary in the way they are performed. However, there are similar strategies
and tactics often used because they are time-proven to be effective. The motivations behind cyber-attacks play an important role in designating how attackers plan and proceed to achieve their goals. Generally, there are three categories of motivation
are: political, economical, and socio-cultural motivations. These indicate that to defend against possible attacks in an enterprise environment, it is necessary to consider what makes such an enterprise environment a target. That said, we can understand
what threats to consider and how to deploy the right defense system. In other words, detecting an attack depends on the defenders having a clear understanding of why they become targets and what possible attacks they should expect. For instance,
attackers may preform Denial of Service (DoS), or even worse Distributed Denial of Service (DDoS), with intention to cause damage to targeted organizations and prevent legitimate users from accessing their services. However, in some cases, attackers are very skilled and try to hide in a system undetected for a long period of time with the incentive to steal and collect data rather than causing damages.
Nowadays, not only the variety of attack types and the way they are launched are important. However, advancement in technology is another factor to consider. Over the last decades, we have experienced various new technologies. Obviously, in the beginning, new technologies will have their own limitations before they stand out. There are a number of related technical areas whose understanding is still less than satisfactory, and in which long-term research is needed. On the other hand, these new technologies can boost the advancement of deploying security solutions and countermeasures when they are carefully adapted. That said, Software Defined Networking i(SDN), its related security threats and solutions, and its adaption in enterprise environments bring us new chances to enhance our security solutions. To reach the optimal level of deploying SDN technology in enterprise environments, it is important to consider re-evaluating current deployed security solutions in traditional networks before deploying them to SDN-based infrastructures. Although DDoS attacks are a bit sinister, there are other types of cyber-threats that are very harmful, sophisticated, and intelligent. Thus, current security defense solutions to detect DDoS cannot detect them. These kinds of attacks are complex, persistent, and stealthy, also referred to Advanced Persistent Threats (APTs) which often leverage the bot control and remotely access valuable information. APT uses multiple stages to break into a network. APT is a sort of unseen, continuous and long-term penetrative network and attackers can bypass the existing security detection systems. It can modify and steal the sensitive data as well as specifically cause physical damage the target system. In this dissertation, two cyber-attack motivations are considered: sabotage, where the motive is the destruction; and information theft, where attackers aim to acquire invaluable information (customer info, business information, etc). I deal with two types of attacks (DDoS attacks and APT attacks) where DDoS attacks are classified under sabotage motivation category, and the APT attacks are classified under information theft motivation category. To detect and mitigate each of these attacks, I utilize the ease of programmability in SDN and its great platform for implementation, dynamic topology changes, decentralized network management, and ease of deploying security countermeasures.
and tactics often used because they are time-proven to be effective. The motivations behind cyber-attacks play an important role in designating how attackers plan and proceed to achieve their goals. Generally, there are three categories of motivation
are: political, economical, and socio-cultural motivations. These indicate that to defend against possible attacks in an enterprise environment, it is necessary to consider what makes such an enterprise environment a target. That said, we can understand
what threats to consider and how to deploy the right defense system. In other words, detecting an attack depends on the defenders having a clear understanding of why they become targets and what possible attacks they should expect. For instance,
attackers may preform Denial of Service (DoS), or even worse Distributed Denial of Service (DDoS), with intention to cause damage to targeted organizations and prevent legitimate users from accessing their services. However, in some cases, attackers are very skilled and try to hide in a system undetected for a long period of time with the incentive to steal and collect data rather than causing damages.
Nowadays, not only the variety of attack types and the way they are launched are important. However, advancement in technology is another factor to consider. Over the last decades, we have experienced various new technologies. Obviously, in the beginning, new technologies will have their own limitations before they stand out. There are a number of related technical areas whose understanding is still less than satisfactory, and in which long-term research is needed. On the other hand, these new technologies can boost the advancement of deploying security solutions and countermeasures when they are carefully adapted. That said, Software Defined Networking i(SDN), its related security threats and solutions, and its adaption in enterprise environments bring us new chances to enhance our security solutions. To reach the optimal level of deploying SDN technology in enterprise environments, it is important to consider re-evaluating current deployed security solutions in traditional networks before deploying them to SDN-based infrastructures. Although DDoS attacks are a bit sinister, there are other types of cyber-threats that are very harmful, sophisticated, and intelligent. Thus, current security defense solutions to detect DDoS cannot detect them. These kinds of attacks are complex, persistent, and stealthy, also referred to Advanced Persistent Threats (APTs) which often leverage the bot control and remotely access valuable information. APT uses multiple stages to break into a network. APT is a sort of unseen, continuous and long-term penetrative network and attackers can bypass the existing security detection systems. It can modify and steal the sensitive data as well as specifically cause physical damage the target system. In this dissertation, two cyber-attack motivations are considered: sabotage, where the motive is the destruction; and information theft, where attackers aim to acquire invaluable information (customer info, business information, etc). I deal with two types of attacks (DDoS attacks and APT attacks) where DDoS attacks are classified under sabotage motivation category, and the APT attacks are classified under information theft motivation category. To detect and mitigate each of these attacks, I utilize the ease of programmability in SDN and its great platform for implementation, dynamic topology changes, decentralized network management, and ease of deploying security countermeasures.
ContributorsAlshamrani, Adel (Author) / Huang, Dijiang (Thesis advisor) / Doupe, Adam (Committee member) / Ahn, Gail-Joon (Committee member) / Davulcu, Hasan (Committee member) / Arizona State University (Publisher)
Created2018
Description财富管理是一个高度信息不对称的行业,因此投资人需要尽可能减少自身的不确定来做投资决策,通过文献整理,本文发现通过建立信任来消除不确定性是很多投资人都会选择的帮助投资决策的方法。纵观历史,美国2007-2008年的金融危机也恰恰导致金融市场投资人对于理财机构信任的严重缺失,相同的情况也可能发生在中国财富管理市场,因此本文将此选作研究重点,希望深入研究财富管理公司投资人对理财师的信任来得到一系列结论。本文最终发现就平台和理财师相比,投资人更看重平台的信誉度。 投资人大多认为平台的信誉度要高于理财师的信誉度,但是这并不意味着理财师不重要。本文进一步的分析发现,多数投资人会和理财师建立起一种私人联系,且该私人关系有助于加强客户和平台的联系。投资人认为行业经验、为人诚恳,说话可信以及责任心是加强这种私人关系的重要因素。最后,投资人对于钜派平台的信任主要由对于理财师的信任来维持,同时对于理财师的信任主要来自与情感信任。本文的发现对财富管理平台具有战略意义。
ContributorsWu, Qimin (Author) / Shen, Wei (Thesis advisor) / Chang, Chun (Thesis advisor) / Zhu, Hongquan (Committee member) / Arizona State University (Publisher)
Created2019
Description摘要
在复杂多变的商业环境中,企业传统的人力资源管理已经难以应对日益频发的员工职业倦怠、人际间矛盾冲突、频繁跳槽等局面与问题。企业员工工作的价值与意义早已不再是传统的雇佣模式下,通过出卖劳动力或智力从而获得工资以实现“养家糊口”的目的那么单纯与简单,员工也希望通过辛勤的工作,以获得个体的幸福感、荣誉感与认同感等。对于现代企业的管理者而言,员工追求事业的提升、个人价值的实现,不仅体现在薪酬、福利待遇的提升,更重要的是员工个人的成长以及潜能和竞争力的提升。
随着组织行为学和心理学的不断发展与演变,与员工幸福感相关的研究备受关注。对现代企业而言,管理者借助制度设计对员工幸福积极管理,可以最大限度地发挥员工的积极性、主动性与创造性,实现员工与企业之间的利益相趋同,从而更为高效地实现组织的目标。基于此,本文以民营企业员工工作幸福感作为研究的切入点,借助理论分析、问卷调查和实证分析相结合的研究方法,系统深入地研究我国民营企业员工工作幸福感的构成、可控前因和绩效后果等问题。
本文研究发现:
第一,员工薪酬的提高有助于员工工作幸福感的提升,薪资对基层员工幸福感的影响显著高于其对高层员工幸福感的影响;
第二,完善的晋升机制对于中层员工而言更能提升其幸福感,完善的晋升机制更有利于中层员工;
第三,公平性的提高有助于提高员工工作幸福感,而且这种正效应更多体现在基层员工群体之中;
第四,高层员工更注重自我价值的实现,高层员工的工作挑战性越高,其自我实现需求获得的满足感则约高,但是对于基层员工和中层员工而言,其效果则恰恰相反,基础员工和高层员工更多地将工作挑战性和压力看作是一种负面的因素;
第五,员工幸福感的确会给企业带来正向的绩效。
本文的研究框架和实证结论不仅可以丰富学术界有关员工工作幸福感的研究,而且为企业管理者进行绩效管理以及员工工作质量的提升提供理论和实证借鉴。
在复杂多变的商业环境中,企业传统的人力资源管理已经难以应对日益频发的员工职业倦怠、人际间矛盾冲突、频繁跳槽等局面与问题。企业员工工作的价值与意义早已不再是传统的雇佣模式下,通过出卖劳动力或智力从而获得工资以实现“养家糊口”的目的那么单纯与简单,员工也希望通过辛勤的工作,以获得个体的幸福感、荣誉感与认同感等。对于现代企业的管理者而言,员工追求事业的提升、个人价值的实现,不仅体现在薪酬、福利待遇的提升,更重要的是员工个人的成长以及潜能和竞争力的提升。
随着组织行为学和心理学的不断发展与演变,与员工幸福感相关的研究备受关注。对现代企业而言,管理者借助制度设计对员工幸福积极管理,可以最大限度地发挥员工的积极性、主动性与创造性,实现员工与企业之间的利益相趋同,从而更为高效地实现组织的目标。基于此,本文以民营企业员工工作幸福感作为研究的切入点,借助理论分析、问卷调查和实证分析相结合的研究方法,系统深入地研究我国民营企业员工工作幸福感的构成、可控前因和绩效后果等问题。
本文研究发现:
第一,员工薪酬的提高有助于员工工作幸福感的提升,薪资对基层员工幸福感的影响显著高于其对高层员工幸福感的影响;
第二,完善的晋升机制对于中层员工而言更能提升其幸福感,完善的晋升机制更有利于中层员工;
第三,公平性的提高有助于提高员工工作幸福感,而且这种正效应更多体现在基层员工群体之中;
第四,高层员工更注重自我价值的实现,高层员工的工作挑战性越高,其自我实现需求获得的满足感则约高,但是对于基层员工和中层员工而言,其效果则恰恰相反,基础员工和高层员工更多地将工作挑战性和压力看作是一种负面的因素;
第五,员工幸福感的确会给企业带来正向的绩效。
本文的研究框架和实证结论不仅可以丰富学术界有关员工工作幸福感的研究,而且为企业管理者进行绩效管理以及员工工作质量的提升提供理论和实证借鉴。
ContributorsShu, Man (Author) / Shen, Wei (Thesis advisor) / Wu, Fei (Thesis advisor) / Chen, Xin (Committee member) / Arizona State University (Publisher)
Created2019
Description当前,上市公司的盈余管理问题已是我国资本市场中普遍存在的突出问题。一般来说,一些企业为了满足资本市场对于上市、增发等条件的要求,以及为有效推动企业的并购、重组等行为的顺利实现,甚至为了谋求公司管理层的个别利益,往往运用盈余管理等举措实施公司财报及关键指标的粉饰修正,让不知情的股民蒙受一定的损失。普遍分析显示,我国股市中民营企业比其他企业遭遇的问题和压力更多、更大、更突出,因此民营企业从客观上来说拥有更强的盈余管理动机。而从当前我国资本市场的实际情况来看,我国相关专家学者对盈余管理的系统性深入研究,一般都瞄准了上市企业群体或持续亏损企业,对盈余管理的研究不系统、不全面、不深入,这将对我国进一步提升盈余管理监管水平构成一定不利影响。当前,由于我国民企在自身管理及发展动力方面的特殊性,我国民企的管理、盈余管理特点和国外上市公司还存在着很大的不同,进一步深入研究我国民企上市公司自身管理方面的突出特点,以及其对企业盈余管理等方面的深层次影响,有助于监管层对症下药,更有针对性地研究出台全新的监管措施,进一步提升管理水平。这还可以为公司发展的决策层及相关会计信息使用人员提供一定的决策参考, 因此其拥有十分重要的意义。
本文首先认真总结分析了有关上市企业治理结构和盈余管理等方面的历史文献资料,依托当前资本市场上普遍运用的委托代理、内部人控制和契约等理论,系统研究了我国民企上市公司在自身治理结构方面的突出特征以及其对盈余管理方面所构成影响的深层次原理。在此基础上,本文通过2015-2017年我国上市企业数据,基于截面Jones模型对民营企业和非民营企业盈余管理程度进行测算和比较分析,发现民营企业盈余管理程度更高;从四个层面系统研究民企公司自身的治理结构突出特点,设立回归模型论证了民营企业独特的公司治理结构特征对盈余管理程度确实会产生影响;最后,本文进一步利用修正的费尔萨姆一奥尔森估价模型对民营上市公司盈余管理有公司价值的关系进行了验证,发现两者具有显著相关性。
本文首先认真总结分析了有关上市企业治理结构和盈余管理等方面的历史文献资料,依托当前资本市场上普遍运用的委托代理、内部人控制和契约等理论,系统研究了我国民企上市公司在自身治理结构方面的突出特征以及其对盈余管理方面所构成影响的深层次原理。在此基础上,本文通过2015-2017年我国上市企业数据,基于截面Jones模型对民营企业和非民营企业盈余管理程度进行测算和比较分析,发现民营企业盈余管理程度更高;从四个层面系统研究民企公司自身的治理结构突出特点,设立回归模型论证了民营企业独特的公司治理结构特征对盈余管理程度确实会产生影响;最后,本文进一步利用修正的费尔萨姆一奥尔森估价模型对民营上市公司盈余管理有公司价值的关系进行了验证,发现两者具有显著相关性。
ContributorsChen, Hui (Author) / Shen, Wei (Thesis advisor) / Chang, Chun (Thesis advisor) / Huang, Xiaochuan (Committee member) / Arizona State University (Publisher)
Created2019