Profile
Keywords: Blockchain, Cybersecurity, Internet of things (IoT), Technology
Atefeh (Atty) Mashatan is a Professor of Information Technology Management and holds a Canada Research Chair (Tier II) in Quality of Security (QoS) Framework for Internet-of-Things (IoT) at Toronto Metropolitan University (TMU). She is the founder and director of the Cybersecurity Research Lab (CRL). Through strategic collaborations with government and industry, Mashatan and the CRL seek to spearhead crucial, ongoing dialogue with the Information and Computer Technology (ICT) industry in Canada, and to help solve industry problems through cutting edge information security and research into cyber risk mitigation strategies and solutions.
Most recently Atty was recognized as one of Top 100 Most Powerful women in Canada in the Executive Leaders category in 2023.
Outputs Show only Author
Title
Category
Date
Authors
Projects
Understanding Adoption Intentions for Blockchain-based Personal Health Records: Integrating Technology Usage and Initial Trust Perspectives Blockchain-based personal health records (PHR) is an impending blockchain use case that supports patient-centred care and interoperability in the healthcare industry. This paper studies the adoption of blockchain-based PHR by individuals. It proposes a multi-perspective theoretical framework containing the unified theory of acceptance and use of technology (UTAUT) and initial trust model (ITM) to understand how individuals’ perceptions and formation of trust prior to adoption may contribute to their behavioral intention toward adopting blockchain-based medical records. This research empirically tested this model using a cross-sectional questionnaire. Partial least squares structural equation modelling (PLS-SEM) was used to conduct data analysis. The results validate the theoretical model and demonstrate full support for the ITM and partial support for the UTUAT. Entrants in the blockchain-based PHR market are advised to create trustworthy systems, consider partnering with healthcare institutions to boost institution-based trust and design solutions that meet the performance expectations of users.TRS1 1.5 Toronto Metropolitan University Publication 2024-08-20 TRS1 1.5 Unveiling the Experiences of Racialized Immigrant Women in Cybersecurity - An Intersectional Qualitative Inquiry Skilled immigrant women’s integration in science, technology, engineering, and mathematics professions is influenced by the prevalent racial and gendered conditions present in these fields. This study employs qualitative interviews to investigate barriers to equity, diversity, and inclusion faced by immigrant women professionals in the cybersecurity sector in Canada. Using an intersectional approach, this paper unveils how racial and gender discourses affect immigrant women’s experiences of exclusion in the workplace. Findings suggest that immigrant women face multiple barriers at the intersection of gender, race, and immigration status to enter the sector and advance in their careers. Drawing on the interview data, this paper demonstrates how workplaces reproduce multiple forms of inequality for racialized immigrant women. These inequalities arise through the division of positions, the perpetuation of stereotypes that hinder upward mobility, work schedules designed for the ideal men employees, and the penalties associated with cultural differences that specifically disadvantage immigrants.TRS2 1.8 Toronto Metropolitan University Publication 2025-02-10 TRS2 1.8 A Novel Framework for Investigating Immigrant Experiences in Cybersecurity – Integrating Human Capital Theory with Equity, Diversity, and Inclusion The cybersecurity sector has faced chronic talent shortages in recent years. One potential solution for addressing this issue is to leverage the expertise of immigrants. The literature on immigrants’ integration has predominantly used a human capital lens, which overlooks the structural issues of integration. Whereas equity, diversity, and inclusion (EDI) in organizational literature is more focused on gender and race. There is a need to bridge these approaches in order to create a holistic conceptual framework to guide research into the integration challenges that skilled immigrants face in host countries. This research first identifies the key aspects of immigrant employment outcomes by reviewing literature on immigrant integration and EDI. Using the cybersecurity sector in Canada as a case study, this paper presents a conceptual framework for investigating employment integration of skilled immigrants, which can also be applied to other skilled sectors.TRS2 1.8 Toronto Metropolitan University Publication 2025-02-10 TRS2 1.8 Understanding Adoption Intentions for Blockchain-based Personal Health Records: Integrating Technology Usage and Initial Trust Perspectives Initial knowledge mobilization of preliminary results presented at AMCIS 2024 in Salt Lake City, Utah (https://aisel.aisnet.org/amcis2024/adoptdiff/adoptdiff/24/). This is a leading academic conference, with more than 1200 registrants, that is focused on advancing digital equity, through identification of disparities in access to technology, especially among marginalized populations such as immigrant/migrant populations. This community of practice is gathered annually to work towards a path for a more equitable socially conscious digital future. In this case valuable feedback was received on initial findings that were presented that will inform ongoing work.TRS1 1.5 Toronto Metropolitan University Activity 2024-08-15 TRS1 1.5 Formal unlinkability analysis of message authentication protocols based on authentic channels. Toronto Metropolitan University Publication 2022-12-14 Raising cybersecurity awareness through electronic work of mouth: A data-driven assessment. International Conference on Human-Computer Interaction Toronto Metropolitan University Publication 2023-07-09 Changing hearts and minds: The role of cybersecurity champion programs in cybersecurity culture Toronto Metropolitan University Publication 2023-07-09 Collaborative SRC Award The Collaborative Scholarly Research and Creative (SRC) Award is a university-wide, annual award presented to a researcher who has demonstrated excellence in an SRC project or projects undertaken with a multidisciplinary or multi-institutional team(s). This recognition will be awarded to a researcher who has demonstrated excellence in their SRC collaboration(s) with industry, universities, hospitals or professional societies to facilitate research leading to positive change and impact, as defined in their respective field.
Award recipient(s) will receive a certificate of recognition and a monetary award of $2,000 as a one-time payment (subject to applicable deductions).
Key criteria: Scholarly, research and creative activity
2025 recipients
Atefeh (Atty) Mashatan
Ted Rogers School of Management
Dr. Mashatan is a prominent scholar in information security and cyber resilience, advancing the understanding of emerging technologies like quantum computing in enterprise cybersecurity. She has led a multidisciplinary research program with 14 partners from public, finance, technology, consulting, and energy sectors, addressing key cybersecurity challenges and developing effective mitigation strategies. Her collaborative efforts have resulted in 42 journal articles and 22 conference publications, secured $7.1 million in external funding, and trained over 87 highly qualified personnel. Through her collaborative research, she has greatly enhanced cybersecurity scholarship and made significant contributions to the advancement of cybersecurity resilience across various sectors. Toronto Metropolitan University Award 2025-03-18 The Personal Health Dossier: A proposed decentralized personal health record system using verifiable credentials Health information systems are continuously evolving to meet the changing business models, regulatory environment and needs of users. Today, these systems are changing to realize a patient-centric approach to improve health outcomes and establish greater access and autonomy over health information. Verifiable credential technology will become an essential part of the move to private and secure patient-centric interoperable health information systems. The widespread adoption of mobile devices has opened up the ability to store a patient’s personal health record at the edge of the system. In this type of decentralized architecture, the patient is the locus of their health data and they gain agency over who they grant access to their data. The data that the patient holds is a key to meaningful interoperability between siloed systems. The authors present a novel architecture based on a secure, patient-centric, interoperable design using verifiable credentials to realize these objectives.TRS1 1.5 Toronto Metropolitan University Activity 2025-08-12 TRS1 1.5 Building Detection-Resistant Reconnaissance Attacks Based on Adversarial Explainability The growing popularity of Internet-of-Things devices makes them a desired target for malicious actors. Most attacks start with a reconnaissance phase where the attacker gathers information about the services running on the device, the open ports, and any existing vulnerabilities. These attacks are considered the initial step in most attack scenarios, and threat models. However, these attacks are usually easy to detect using machine learning-based detectors due to their simple nature and easy construction. In this paper, we present a novel method to construct detection-resistant reconnaissance attacks based on analysis of detection model's explanability. The proposed attack was implemented with a success rate exceeding 95% in bypassing detection with the change of one feature only. Toronto Metropolitan University Publication 2024-05-20 PETRIoT - A Privacy Enhancing Technology Recommendation Framework for IoT Computing Toronto Metropolitan University Publication 2024-01-01 Explainable Ensemble-Based Detection of Cyber Attacks on Internet of Medical Things As new applications of the Internet of Things emerge in the health and medical services, malicious actors target these applications increasingly. These growing application bring a variety of privacy and security challenges. In this paper, we present an explainable machine learning ensemble designed to detect attacks on Internet-of-Medical-Things with high accuracy. The proposed system was tested using WUSTL-EHMS-2020 dataset. Tests showed that the proposed ensemble is capable of delivering an accuracy exceeding 99%, with an score exceeding 0.99. The proposed system was explained using SHAP values to provide insights into the most impactful features, and the nature of their impact on the system's decisions. Toronto Metropolitan University Publication 2023-11-14 XMal: A lightweight memory-based explainable obfuscated-malware detector Toronto Metropolitan University Publication 2023-07-28 Quantum Computing Threats to IEC 62351 Cryptographic Algorithms: An In-Depth Analysis Toronto Metropolitan University Publication 2025-07-26 Brian Goncalves, Arash Mahari,
Mashatan, A. , Mohammadreza Fakhari Moghaddam Arani, Marthe Kassouf
Exploring Smart Speaker Disclosure and Adoption Intentions: A Privacy Adoption Calculus Perspective Toronto Metropolitan University Publication 2025-01-01 Unveiling the Experiences of Racialized Immigrant Women in Cybersecurity - An Intersectional Qualitative Inquiry Toronto Metropolitan University Publication 2025-01-01 ConCERTS: An IoT Cybersecurity Research Range for Education, Experimentation, and Security Research Toronto Metropolitan University Publication 2025-01-01 Optimal roadworks schedule in multi-agent transportation models In this paper we consider the problem of the optimal roadworks scheduling in the road traffic network optimization. The main goal of this research is to find the optimal order of roadworks and minimize their negative impact on the transportation network throughput. In order to model the dynamics of a transportation system, we propose a large-scale, multi-agent vehicle routing modelling framework for traffic simulation and impact of roadworks on traffic throughput. We present a quick and effective heuristic algorithm for streamlining the road repairs. Finally, the numeric experiment in a real-world setting is conducted. The obtained results indicate the flexibility of the proposed algorithm, which can be effectively applied by decision makers who need to carry out roadworks with limited time and resources. Toronto Metropolitan University Publication 2024-11-13 Marcin Opalski, Przemysław Szufel, Bogumił Kamiński,
Mashatan, A. , Paweł Prałat
A holistic analysis towards understanding consumer perceptions of virtual reality devices in the post-adoption phase
Despite gaining consumer momentum and interest of Virtual Reality (VR) in the consumer marketplace, the literature has lagged in exploring the continuance usage behaviour and factors associated with the post-adoption. To build on this, the current research seeks to identify factors that support the continuance usage of current VR users. To examine this, we employ a mixed-method approach. In Study 1, we initially gathered a total of 3,205 actual purchasers (Amazon verified purchase) from the top 10 VR brands listed in Amazon.com, Through a nethnographic content analysis, the key determinants of post-adoption of VR devices emerged (i.e. perceived functional benefit, perceived discomfort, perceived focused immersion, temporal dissociation, perceived health risk, and task quality). In Study 2, hypotheses were tested using structural equation modelling from 119 current VR users. The results demonstrate temporal dissociation and task quality were found to be the most significant antecedents affecting continuance usage. Theoretical and managerial implications are debated, as well as suggestions for future research.
Toronto Metropolitan UniversityPublication 2024-11-05 Touching holograms with windows mixed reality: Renovating the consumer retailing services
Recent technological advances in wearable technologies, such as mixed-reality devices, have enabled consumers to interact with artificial three-dimensional visual environments. This presents an incredible opportunity for service retailers to present alternative ways of interacting with their services. This study empirically investigates the potential applications of Windows Mixed Reality devices, while specifically examining various forms of consumer perceptions and behavioural intentions. This research is among the first to empirically examine the effect of windows mixed reality experiences, enabled by the latest wearable devices, on intentions of users in a services retailing context. The results of this study help guide retailers who are looking to integrate Windows Mixed Reality devices in their practice to increase user satisfaction, trust, and utilitarian needs. The paper recommends specific theoretical and managerial implications.
Toronto Metropolitan UniversityPublication 2024-11-05 Breaking the mold: the pursuit of decentralized trade and supply chain finance Purpose Blockchain technology (BT) presents a decentralized approach that has promising potentials to alleviate many of the long-lasting risks and inefficiencies in trade finance (TF) and supply chain finance (SCF) operations, providing international traders greater access to working capital. Despite this, the actual adoption of the technology and related issues in this space has remained under-researched. This paper examines the state of the practice to identify the main drivers and inhibitors faced by TF/SCF parties in their BT adoption efforts. Design/methodology/approach This exploratory study applies a multi-stakeholder perspective and a mixed-methods approach using semi-structured interviews with practitioners in various stages of BT implementation in TF/SCF initiatives across North America, Europe and Asia. The study then determines the priority of the identified factors using the Bayesian best-worst method (BWM). Findings The findings show that while the discussion has focused on the technological drivers of BT adoption for TF/SCF, practitioners rely more on non-technological factors such as peer adoption and fostering innovation. The findings also reveal how practitioners address common BT issues, including scalability and interoperability. Originality/value The study offers insights into important requirements for realizing the full benefits of BT in support of TF and SCF from an extended technology-organization-environment (TOE) perspective. On a more general level, it highlights what is required to transform this industry toward digitization. Toronto Metropolitan University Publication 2024-10-24 Preparing for the Information Security Threat from Quantum Computers A major threat posed by quantum computers is that they will be able to crack current standardized cryptography. A scalable quantum computer is still challenging to build from an engineering perspective, but there is an imminent threat to digital security and privacy where encrypted information, such as personally identifiable information, will remain valuable for a long time. The insights from our research provide guidelines on how IT departments and/or security solution providers can prepare to transform their currently quantum-vulnerable systems to quantum-resistant alternatives.
Toronto Metropolitan UniversityPublication 2024-04-03 An Enterprise Transformation Guide for the Inevitable Blockchain Disruption Blockchain technology presents significant potential along with risk. The blockchain technology transformation framework informs decision makers on how blockchain fits in their processes, what data will be in the transactions, and who the participants will be, allowing users to lower risks and increase their chances for a successful blockchain solution.
Toronto Metropolitan UniversityPublication 2024-04-03 Environmental Factors that Hinder an Organization’s Ability to Learn from Cyber Incidents: A Case Study on SolarWinds Toronto Metropolitan University Publication 2024-01-01 Towards Generalized Diffie-Hellman-esque Key Agreement via Generic Split KEM Construction Toronto Metropolitan University Publication 2024-01-01 Multiparty Computation: To Secure Privacy, Do the Math: A discussion with Nigel Smart, Joshua W. Baron, Sanjay Saravanan, Jordan Brandt, and Atefeh Mashatan Multiparty Computation is based on complex math, and over the past decade, MPC has been harnessed as one of the most powerful tools available for the protection of sensitive data. MPC now serves as the basis for protocols that let a set of parties interact and compute on a pool of private inputs without revealing any of the data contained within those inputs. In the end, only the results are revealed. The implications of this can often prove profound. Toronto Metropolitan University Publication 2023-12-31 Nigel P Smart, Joshua Baron, Sanjay Saravanan, Jordan Brandt,
Mashatan, A. Introducing technological disruption: how breaking media attention on corporate events impacts online sentiment One modern strategy to anticipate consumer reaction to new products and services involves looking towards social media sites to explore consumer opinions. A rich body of literature on social media marketing suggests that an effective way to leverage social media platforms is the empirical analysis of electronic word-of-mouth (eWOM), particularly through sentiment analysis (SA). We propose a novel method for innovators to leverage social media by exploring how breaking media attention on notable corporate events impacts the general public sentiment surrounding a pre-introduced, potentially disruptive innovation (PPDI). Twitter conversations surrounding Facebook's pre-introduced payment system called Libra, a permissioned blockchain-based cryptocurrency, were analysed as a case study. The analysis suggests that breaking media attention leads to a significant change in sentiment polarity. An event with a preannouncement leads to an emotional momentum effect whereby sentiment polarity accumulates across an anticipation period. Implications for how managers may leverage these insights are discussed. Toronto Metropolitan University Publication 2023-10-31 What is driving consumer resistance to crypto‐payment? A multianalytical investigation Abstract Despite the extensive interest in cryptocurrencies over the past years, their application as a means of payment in e‐commerce and retail purchases continues to be much slower than anticipated. This paper investigates the underlying mechanisms and elements that drive consumer resistance in this space. Drawing upon the stimulus‐organism‐response paradigm and the innovation resistance theory, the paper explores how the characteristics of the current cryptocurrency landscape contribute to different factors associated with crypto‐payment rejection. Our findings from empirical and experimental studies reveal how ecosystem volatility and the lack of structural assurances for cryptocurrencies foster negative consumer perceptions, leading to resistance against crypto‐payment use. The paper develops new insights into the main predictors of consumer resistance to crypto‐payment, which is a precursor to the mainstream use of cryptocurrencies. Moreover, it sheds light on the interactions among context‐specific, psychological, and functional determinants of behavioral consumer response. Toronto Metropolitan University Publication 2023-10-29 Women’s Executive Network (WXN) 2023 Canada’s Most Powerful Women: Top 100 Award - BMO STEM Toronto Metropolitan University Award 2023-10-21 Collaborative SRC Award Her work is building our knowledge of emerging technologies like quantum computing that will enhance cybersecurity for enterprises. Toronto Metropolitan University Award 2025-02-26 Top 25 Women of Influence in Canada Toronto Metropolitan University Award 2024-03-05 Women’s Executive Network (WXN) 2024 Canada’s Most Powerful Women: Top 100 Award - BMO STEM Toronto Metropolitan University Award 2024-10-21 Collaborative Scholarly Research and Creative (SRC) Award Toronto Metropolitan University Award 2025-03-03 TRSM Research Ambassador Award - Information Technology Management Toronto Metropolitan University Award 2025-05-29
YouTube
