'n Bestuurs- en metodologiese benadering tot gebeurlikheidsbeplanning vir die gerekenariseerde stelsels van 'n organisasie
- Authors: Nel, Yvette
- Date: 2014-07-28
- Subjects: Computer networks - Security measures , Information technology
- Type: Thesis
- Identifier: uj:11844 , http://hdl.handle.net/10210/11576
- Description: M.Com. (Informatics) , The-utilization of information technology is essential for an organization, not only to handle daily business activities but also to facilitate management decisions. The greater the dependence of the organization upon information technology, the greater the risk the organization is exposed to in case of an information systems interruption. Computer disasters, such as fires, floods, storms, sabotage and human error, constitute a security threat which could prejudice the survival of an organization. Disaster recovery planning is a realistic and imperative activity for each organization whether large or small. In the light of the potential economic and legal implications o fa disaster, it is no longer acceptable not to be prepared for such an occurrence today.A well designed and tested disaster recovery plan, as part of the total information security strategy of the organization, is therefore not only essential in the terms of the recovery of business functions, but for the SURVIVAL of the organization. In viewpoint above, it can be expected that disaster counterrevolutionary be standard practice for all organizations. However that is not the case. The literature study undertook, as well as exposure in practice, indicate clearly that disaster recovery planning enjoys low priority in most organizations. The majority existentialists are superficial, unstructured and insufficient and will not be successful when real disaster strikes.:The most important single cause for the failure of an organization ~ disaster recovery plan, will be that too much emphasis is being placed on the technical aspects rather than on the management or organizational aspects. The solutions an integrated approach of strategies and the multiple technologies which are available today. These strategies and technologies should be combined to meet the specific needs of the individual organization. The purpose of this dissertation was firstly to identify the most critical problems related to disaster recovery planning and secondly to provide a methodology for the development and implementation of a disaster recovery plan which addresses these problems. This methodology constitutes an enhancement on an existing information security methodology in order to establish a total information security strategy for a large organization with disaster recovery as an essential aspect of this strategy. The final disaster recovery planning methodology as proposed in this dissertation, was developed as a result of an extensive literature study undertook as well as involvement during the development of a disaster recovery system by the company which initiated this study.
- Full Text:
- Authors: Nel, Yvette
- Date: 2014-07-28
- Subjects: Computer networks - Security measures , Information technology
- Type: Thesis
- Identifier: uj:11844 , http://hdl.handle.net/10210/11576
- Description: M.Com. (Informatics) , The-utilization of information technology is essential for an organization, not only to handle daily business activities but also to facilitate management decisions. The greater the dependence of the organization upon information technology, the greater the risk the organization is exposed to in case of an information systems interruption. Computer disasters, such as fires, floods, storms, sabotage and human error, constitute a security threat which could prejudice the survival of an organization. Disaster recovery planning is a realistic and imperative activity for each organization whether large or small. In the light of the potential economic and legal implications o fa disaster, it is no longer acceptable not to be prepared for such an occurrence today.A well designed and tested disaster recovery plan, as part of the total information security strategy of the organization, is therefore not only essential in the terms of the recovery of business functions, but for the SURVIVAL of the organization. In viewpoint above, it can be expected that disaster counterrevolutionary be standard practice for all organizations. However that is not the case. The literature study undertook, as well as exposure in practice, indicate clearly that disaster recovery planning enjoys low priority in most organizations. The majority existentialists are superficial, unstructured and insufficient and will not be successful when real disaster strikes.:The most important single cause for the failure of an organization ~ disaster recovery plan, will be that too much emphasis is being placed on the technical aspects rather than on the management or organizational aspects. The solutions an integrated approach of strategies and the multiple technologies which are available today. These strategies and technologies should be combined to meet the specific needs of the individual organization. The purpose of this dissertation was firstly to identify the most critical problems related to disaster recovery planning and secondly to provide a methodology for the development and implementation of a disaster recovery plan which addresses these problems. This methodology constitutes an enhancement on an existing information security methodology in order to establish a total information security strategy for a large organization with disaster recovery as an essential aspect of this strategy. The final disaster recovery planning methodology as proposed in this dissertation, was developed as a result of an extensive literature study undertook as well as involvement during the development of a disaster recovery system by the company which initiated this study.
- Full Text:
A model for the evaluation of control with reference to a simple path context model in a UNIX environment
- Authors: Du Plessis, Gerrit Steyn
- Date: 2015-09-08
- Subjects: Computer security - Evaluation , UNIX (Computer file) , Auditing - Access control , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:14055 , http://hdl.handle.net/10210/14471
- Description: M.Com. , Information and the IT systems that support it are important business assets. Their availability, integrity and confidentiality are essential to maintain an organisations competitive edge, cash flow, profitability, company image and compliance with legal requirements. Organisations world-wide are now facing increased security threats from a wide range of sources. Information systems may be the target of a range of serious threats including computer-based fraud, espionage, sabotage, vandalism and other sources of failure or disaster ...
- Full Text:
- Authors: Du Plessis, Gerrit Steyn
- Date: 2015-09-08
- Subjects: Computer security - Evaluation , UNIX (Computer file) , Auditing - Access control , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:14055 , http://hdl.handle.net/10210/14471
- Description: M.Com. , Information and the IT systems that support it are important business assets. Their availability, integrity and confidentiality are essential to maintain an organisations competitive edge, cash flow, profitability, company image and compliance with legal requirements. Organisations world-wide are now facing increased security threats from a wide range of sources. Information systems may be the target of a range of serious threats including computer-based fraud, espionage, sabotage, vandalism and other sources of failure or disaster ...
- Full Text:
A systematic literature review of the Internet of Things
- Authors: Khanyile, Sibusiso
- Date: 2017
- Subjects: Internet of things , Embedded Internet devices , Mobile computing , Computer networks - Security measures
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/269236 , uj:28602
- Description: Abstract: The explosiveness of the internet continuously transforms communication between people and information technology systems. The mass adoption of the web transformed the methods of communication, giving the ability to interconnect anytime, anywhere in different time zones in the world. The information technology development is the primary bridge that enabled a seamlessly connected environment despite geographical location. The technology progressions from accessing information from the internet through mobile devices using social media to deliver information to users brought enrichment to society and enterprises with information at fingertips. With this interest, there has been a rise in academic interest resulting in an acceleration of research on the Internet of Things (IoT). The scientific research in IoT has been exponentially growing in the last decade. There has been an abundance of research material generated on the issues of IoT. The research primarily focuses on the rise of the research interest in IoT for the industrial sector in the last decade. Moreover, the research provides a systematic review in the attempt to address IoT security, standards, and practices. The dissertation highlights the rise in scientific research in IoT lead by Energy, Industry 4.0 and Health. The IoT proliferation in the noted industry sectors attracts security concerns; several security themes are presented in conjunction with standards and practices to address the issue of security. Moreover, the research provides a systematic review in the attempt to address IoT security, standards, and practices. The review process identified 632 papers, of which 45 primary studies are classified pertinent to the IoT security. The data is extracted from articles to determine various challenges of IoT concerning security. The evaluation process identified the strategies to deal with issues arising from IoT and provided a review of initiatives by standards bodies to combat IoT security. The findings are expected to help other researchers and experts in the field of IoT to understand the challenges involved with technology evolution of IoT and the approaches offered to deal with them. , M.Phil. (Engineering Management)
- Full Text:
- Authors: Khanyile, Sibusiso
- Date: 2017
- Subjects: Internet of things , Embedded Internet devices , Mobile computing , Computer networks - Security measures
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/269236 , uj:28602
- Description: Abstract: The explosiveness of the internet continuously transforms communication between people and information technology systems. The mass adoption of the web transformed the methods of communication, giving the ability to interconnect anytime, anywhere in different time zones in the world. The information technology development is the primary bridge that enabled a seamlessly connected environment despite geographical location. The technology progressions from accessing information from the internet through mobile devices using social media to deliver information to users brought enrichment to society and enterprises with information at fingertips. With this interest, there has been a rise in academic interest resulting in an acceleration of research on the Internet of Things (IoT). The scientific research in IoT has been exponentially growing in the last decade. There has been an abundance of research material generated on the issues of IoT. The research primarily focuses on the rise of the research interest in IoT for the industrial sector in the last decade. Moreover, the research provides a systematic review in the attempt to address IoT security, standards, and practices. The dissertation highlights the rise in scientific research in IoT lead by Energy, Industry 4.0 and Health. The IoT proliferation in the noted industry sectors attracts security concerns; several security themes are presented in conjunction with standards and practices to address the issue of security. Moreover, the research provides a systematic review in the attempt to address IoT security, standards, and practices. The review process identified 632 papers, of which 45 primary studies are classified pertinent to the IoT security. The data is extracted from articles to determine various challenges of IoT concerning security. The evaluation process identified the strategies to deal with issues arising from IoT and provided a review of initiatives by standards bodies to combat IoT security. The findings are expected to help other researchers and experts in the field of IoT to understand the challenges involved with technology evolution of IoT and the approaches offered to deal with them. , M.Phil. (Engineering Management)
- Full Text:
Alert modeling on supervisory control and data acquisition system with remote terminal unit
- Authors: Dey, A.K.
- Date: 2015
- Subjects: Supervisory control systems , Automatic data collection systems , Computer networks - Security measures , Computer security
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/82632 , uj:18981
- Description: Abstract: Supervisory control and data acquisition (SCADA) systems have evolved over from standalone, compartmentalized operations into networked architectures that communicate across large distances. In addition, their implementations have migrated from custom hardware and software to standard hardware and software platforms. These changes have led to reduced development and operational as well as providing executive management with real-time information that can be used to support planning, supervision, and decision making. For reasons of efficiency, maintenance, data acquisition and control platforms have migrated from isolated in-plant networks security using proprietary hardware and software to Remote Terminal Unit using standard software, network protocols, and the Internet. Control engineering might be absorbed or closely integrated with the corporate software. Integrating SCADA data collection and alert monitoring with corporate customer data provides management with an increased ability to run the organization more efficiently and effectively. This thesis provides a conceptual analysis for the creation of a SCADA network security exploration alert. A framework application using common SCADA network security logic is created to provide a proof of concept. Development of a viable alert system for identifying SCADA network remotely will help improve critical infrastructure security by improving situational awareness for network managers. , M.Eng.
- Full Text:
- Authors: Dey, A.K.
- Date: 2015
- Subjects: Supervisory control systems , Automatic data collection systems , Computer networks - Security measures , Computer security
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/82632 , uj:18981
- Description: Abstract: Supervisory control and data acquisition (SCADA) systems have evolved over from standalone, compartmentalized operations into networked architectures that communicate across large distances. In addition, their implementations have migrated from custom hardware and software to standard hardware and software platforms. These changes have led to reduced development and operational as well as providing executive management with real-time information that can be used to support planning, supervision, and decision making. For reasons of efficiency, maintenance, data acquisition and control platforms have migrated from isolated in-plant networks security using proprietary hardware and software to Remote Terminal Unit using standard software, network protocols, and the Internet. Control engineering might be absorbed or closely integrated with the corporate software. Integrating SCADA data collection and alert monitoring with corporate customer data provides management with an increased ability to run the organization more efficiently and effectively. This thesis provides a conceptual analysis for the creation of a SCADA network security exploration alert. A framework application using common SCADA network security logic is created to provide a proof of concept. Development of a viable alert system for identifying SCADA network remotely will help improve critical infrastructure security by improving situational awareness for network managers. , M.Eng.
- Full Text:
An architecture for anti-malware protection based on collaboration
- Corregedor, Manuel Rodrigues
- Authors: Corregedor, Manuel Rodrigues
- Date: 2017
- Subjects: Malware (Computer software) - Prevention , Computer networks - Security measures , Computer security , Computer crimes - Prevention
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/243085 , uj:25090
- Description: Ph.D. (Computer Science) , Abstract: Anyone who uses a computer for work or recreational purposes has come across the problem of malware, for example, viruses, worms, trojans, rootkits, adware etc. This is especially the case if the computer is connected to the Internet. A number of security organisations and / or vendors such as the European Union Agency for Network and Information Security (ENISA), Microsoft and McAfee release annual reports that contain statistics on the latest threats. The reports show that malware is a growing problem that needs to be addressed [1][2]. Furthermore, organisations such as AV-Comparatives [3] that conduct independent testing of security software have demonstrated that no anti-virus product guarantees a 100% detection of malware while keeping the false positive rate at zero i.e. benign (safe) files that are detected as malicious. Additionally, it should be noted as per the remarks in the AV-Comparatives report [4], that although some products have 100% detection rates in a test month report it does not mean the products will always protect against all existing and unknown viruses (malware). Therefore, this thesis will address the problem that current anti-malware products do not guarantee a 100% detection and / or prevention of malware. The main objective of this thesis is to create an architecture called Collab-AV that can be used to protect the home user from malware by leveraging the aspect of proactive collaboration between different sources of information and different existing anti-malware vendors thus following a strength in numbers philosophy. In order to achieve this objective the following approach is taken: • The different types of malware threats are identified and discussed • A comprehensive literature study on current and proposed anti-malware techniques is performed • Through the comprehensive literature study, the weaknesses and strengths of each antimalware technique are identified The Collab-AV architecture incorporates the identified strengths while addressing the identified weaknesses through collaboration...
- Full Text:
- Authors: Corregedor, Manuel Rodrigues
- Date: 2017
- Subjects: Malware (Computer software) - Prevention , Computer networks - Security measures , Computer security , Computer crimes - Prevention
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/243085 , uj:25090
- Description: Ph.D. (Computer Science) , Abstract: Anyone who uses a computer for work or recreational purposes has come across the problem of malware, for example, viruses, worms, trojans, rootkits, adware etc. This is especially the case if the computer is connected to the Internet. A number of security organisations and / or vendors such as the European Union Agency for Network and Information Security (ENISA), Microsoft and McAfee release annual reports that contain statistics on the latest threats. The reports show that malware is a growing problem that needs to be addressed [1][2]. Furthermore, organisations such as AV-Comparatives [3] that conduct independent testing of security software have demonstrated that no anti-virus product guarantees a 100% detection of malware while keeping the false positive rate at zero i.e. benign (safe) files that are detected as malicious. Additionally, it should be noted as per the remarks in the AV-Comparatives report [4], that although some products have 100% detection rates in a test month report it does not mean the products will always protect against all existing and unknown viruses (malware). Therefore, this thesis will address the problem that current anti-malware products do not guarantee a 100% detection and / or prevention of malware. The main objective of this thesis is to create an architecture called Collab-AV that can be used to protect the home user from malware by leveraging the aspect of proactive collaboration between different sources of information and different existing anti-malware vendors thus following a strength in numbers philosophy. In order to achieve this objective the following approach is taken: • The different types of malware threats are identified and discussed • A comprehensive literature study on current and proposed anti-malware techniques is performed • Through the comprehensive literature study, the weaknesses and strengths of each antimalware technique are identified The Collab-AV architecture incorporates the identified strengths while addressing the identified weaknesses through collaboration...
- Full Text:
Authorisation as audit risk in an information technology environment
- Authors: Kruger, Willem Jacobus
- Date: 2014-02-05
- Subjects: Auditing - Access control. , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:3679 , http://hdl.handle.net/10210/9062
- Description: M.Comm. , Please refer to full text to view abstract
- Full Text:
- Authors: Kruger, Willem Jacobus
- Date: 2014-02-05
- Subjects: Auditing - Access control. , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:3679 , http://hdl.handle.net/10210/9062
- Description: M.Comm. , Please refer to full text to view abstract
- Full Text:
Best practice strategy framework for developing countries to secure cyberspace
- Authors: Jaquire, Victor John
- Date: 2015-11-12
- Subjects: Computer networks - Security measures , Data encryption (Computer science) , Cyberspace - Security measures , Cyberterrorism - Prevention , Information warfare - Prevention
- Type: Thesis
- Identifier: uj:14558 , http://hdl.handle.net/10210/15091
- Description: M.Com. (Informatics) , Cyber issues are global phenomena in a world of inter-related systems, and as such, the discussion on cybersecurity frameworks, policies and strategies inevitably requires reference to, and benchmarking with regional, continental and global trends and solutions. This, in the context of the effects of globalisation on developing countries, with specific reference to areas such as Africa as a developing continent with regard to the protection of its cyberspace. More drastic measures, such as the utilization of cyber warfare techniques and pre-emptive cyber strike-teams in addition to traditional cybersecurity mechanisms as an essential part of a national security effort to protect cyberspace has become more prevalent within the developed worlds. Likewise, developing nations need to gear themselves in a structured, coordinated and responsible way in order to do their part to secure their own environments. Cyberspace is a dynamic global environment with cyber related issues being a global concern. Although countries generally regulate their own cyber environment through policy; cross-border cyber issues are difficult to resolve and the lack of international cyber laws impede cybersecurity efforts. Cybercrime and the management of cross-border cyber incidents are becoming a growing national security concern as the lack of effective controls leave critical infrastructure and the cyber-connected environment vulnerable to attack. Some developing countries are on track with the maturity of their cybersecurity initiatives, but appropriate cybersecurity frameworks for many developing countries require careful consideration, especially due to the lack of resources, infrastructure and local technology development capabilities.
- Full Text:
- Authors: Jaquire, Victor John
- Date: 2015-11-12
- Subjects: Computer networks - Security measures , Data encryption (Computer science) , Cyberspace - Security measures , Cyberterrorism - Prevention , Information warfare - Prevention
- Type: Thesis
- Identifier: uj:14558 , http://hdl.handle.net/10210/15091
- Description: M.Com. (Informatics) , Cyber issues are global phenomena in a world of inter-related systems, and as such, the discussion on cybersecurity frameworks, policies and strategies inevitably requires reference to, and benchmarking with regional, continental and global trends and solutions. This, in the context of the effects of globalisation on developing countries, with specific reference to areas such as Africa as a developing continent with regard to the protection of its cyberspace. More drastic measures, such as the utilization of cyber warfare techniques and pre-emptive cyber strike-teams in addition to traditional cybersecurity mechanisms as an essential part of a national security effort to protect cyberspace has become more prevalent within the developed worlds. Likewise, developing nations need to gear themselves in a structured, coordinated and responsible way in order to do their part to secure their own environments. Cyberspace is a dynamic global environment with cyber related issues being a global concern. Although countries generally regulate their own cyber environment through policy; cross-border cyber issues are difficult to resolve and the lack of international cyber laws impede cybersecurity efforts. Cybercrime and the management of cross-border cyber incidents are becoming a growing national security concern as the lack of effective controls leave critical infrastructure and the cyber-connected environment vulnerable to attack. Some developing countries are on track with the maturity of their cybersecurity initiatives, but appropriate cybersecurity frameworks for many developing countries require careful consideration, especially due to the lack of resources, infrastructure and local technology development capabilities.
- Full Text:
Conceptualising antecedents of systems innovation on information security risks
- Authors: Botsime, Mogotsi Steven
- Date: 2019
- Subjects: Computer security - Management , Computer networks - Security measures , Information technology - Security measures
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/402702 , uj:33711
- Description: Abstract : This research represents a comprehensive conceptualisation of antecedents of systems innovation and how they affect systems innovation in an organisational context. It further examines the relationship between information security risks and systems innovation. Antecedents of systems innovation are identified based on the existing theories such as Diffusion of Innovation (DoI) and Organisational Innovation. This research makes use of new systems and technologies which include Big Data/Cloud Computing, Blockchain, Internet of Things (IoT), Virtual/Augmented reality and Artificial Intelligence (AI) to examine organisations strides towards systems innovation. This research is underpinned by the increase in systems innovation and the growing concerns of information security risks faced by organisations. A quantitative method of analysis was used to analyse data using statistical methods with a view to identify relationships between variables. Data collected shows that systems and technology must have increased benefits in order to be adopted and the complexity of systems does not affect the adoption of such systems and technologies. Individual characteristics were found to have no effect in systems innovation whereas organisational and environmental elements highly influence innovation in the organisation. A relationship could not be established between systems innovation and information security risks. This research highlights the importance of ensuring that new systems and technologies adds value to the organisation and equally important is to ensure management of organisational and environmental elements that affect systems innovation. Information security risks should also not be a deterrence for systems innovation. , M.Com. (Business Management)
- Full Text:
- Authors: Botsime, Mogotsi Steven
- Date: 2019
- Subjects: Computer security - Management , Computer networks - Security measures , Information technology - Security measures
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/402702 , uj:33711
- Description: Abstract : This research represents a comprehensive conceptualisation of antecedents of systems innovation and how they affect systems innovation in an organisational context. It further examines the relationship between information security risks and systems innovation. Antecedents of systems innovation are identified based on the existing theories such as Diffusion of Innovation (DoI) and Organisational Innovation. This research makes use of new systems and technologies which include Big Data/Cloud Computing, Blockchain, Internet of Things (IoT), Virtual/Augmented reality and Artificial Intelligence (AI) to examine organisations strides towards systems innovation. This research is underpinned by the increase in systems innovation and the growing concerns of information security risks faced by organisations. A quantitative method of analysis was used to analyse data using statistical methods with a view to identify relationships between variables. Data collected shows that systems and technology must have increased benefits in order to be adopted and the complexity of systems does not affect the adoption of such systems and technologies. Individual characteristics were found to have no effect in systems innovation whereas organisational and environmental elements highly influence innovation in the organisation. A relationship could not be established between systems innovation and information security risks. This research highlights the importance of ensuring that new systems and technologies adds value to the organisation and equally important is to ensure management of organisational and environmental elements that affect systems innovation. Information security risks should also not be a deterrence for systems innovation. , M.Com. (Business Management)
- Full Text:
Critical information infrastructure protection for developing countries
- Authors: Ellefsen, Ian David
- Date: 2012-08-16
- Subjects: Computer crimes prevention , Computer security , Computer networks - Access control , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:9498 , http://hdl.handle.net/10210/5928
- Description: D.Phil.(Computer Science) , In this thesis we will investigate the development of Critical Information Infrastructure Protection (CIIP) structures in the developing world. Developing regions are experiencing fast-paced development of information infrastructures, and improvements in related technologies such as Internet connectivity and wireless technologies. The use of these new technologies and the number of new users that are introduced to the Internet can allow cyber threats to flourish. In many cases, Computer Security Incident Response Teams (CSIRTs) can be used to provide CIIP. However, the development of traditional CSIRT-like structures can be problematic in developing regions where technological challenges, legal frameworks, and limited capacity can reduce its overall effectiveness. In this thesis we will introduce the Community-oriented Security, Advisory and Warning (C-SAW) Team. This model is designed to address the challenges to CIIP faced by developing regions by defining a structure that is loosely-coupled and flexible in nature. Furthermore, the aspect of community-orientation is used to allow a C-SAW Team to operate within a designated community of members. This thesis is divided into three primary parts. In Part 1 we will discuss the background research undertaken during this study. The background chapters will lay the foundation for the later chapters in this thesis. In Part 2 we will introduce the C-SAW Team model and elaborate on the construction, relationships, positioning, services, and framework in which it can be deployed. Finally, in Part 3 we present our conclusions to this thesis.
- Full Text:
- Authors: Ellefsen, Ian David
- Date: 2012-08-16
- Subjects: Computer crimes prevention , Computer security , Computer networks - Access control , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:9498 , http://hdl.handle.net/10210/5928
- Description: D.Phil.(Computer Science) , In this thesis we will investigate the development of Critical Information Infrastructure Protection (CIIP) structures in the developing world. Developing regions are experiencing fast-paced development of information infrastructures, and improvements in related technologies such as Internet connectivity and wireless technologies. The use of these new technologies and the number of new users that are introduced to the Internet can allow cyber threats to flourish. In many cases, Computer Security Incident Response Teams (CSIRTs) can be used to provide CIIP. However, the development of traditional CSIRT-like structures can be problematic in developing regions where technological challenges, legal frameworks, and limited capacity can reduce its overall effectiveness. In this thesis we will introduce the Community-oriented Security, Advisory and Warning (C-SAW) Team. This model is designed to address the challenges to CIIP faced by developing regions by defining a structure that is loosely-coupled and flexible in nature. Furthermore, the aspect of community-orientation is used to allow a C-SAW Team to operate within a designated community of members. This thesis is divided into three primary parts. In Part 1 we will discuss the background research undertaken during this study. The background chapters will lay the foundation for the later chapters in this thesis. In Part 2 we will introduce the C-SAW Team model and elaborate on the construction, relationships, positioning, services, and framework in which it can be deployed. Finally, in Part 3 we present our conclusions to this thesis.
- Full Text:
Die integrering van inligtingsekerheid met programmatuuringenieurswese
- Booysen, Hester Aletta Susanna
- Authors: Booysen, Hester Aletta Susanna
- Date: 2014-11-20
- Subjects: Computer security , Software engineering , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:13039 , http://hdl.handle.net/10210/12921
- Description: M.Com. (Informatiks) , Please refer to full text to view abstract
- Full Text:
- Authors: Booysen, Hester Aletta Susanna
- Date: 2014-11-20
- Subjects: Computer security , Software engineering , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:13039 , http://hdl.handle.net/10210/12921
- Description: M.Com. (Informatiks) , Please refer to full text to view abstract
- Full Text:
Information security in a distributed banking environment, with specific reference to security protocols.
- Authors: Van Buuren, Suzi
- Date: 2012-08-22
- Subjects: Banks and banking - Security measures , Intranets (Computer networks) - Security measures , Internet - Security measures , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:3063 , http://hdl.handle.net/10210/6484
- Description: M.Comm. , The principal aim of the present dissertation is to determine the nature of an electronicbanking environment, to determine the threats within such an environment and the security functionality needed to ward off these threats. Security solutions for each area at risk will be provided in short. The main focus of the dissertation will fall on the security protocols that can be used as solutions to protect a banking system. In the dissertation, indication will also be given of what the security protocols, in their turn, depend on to provide protection to a banking system. There are several security protocols that can be used to secure a banking system. The problem, however, is to determine which protocol will provide the best security for a bank in a specific application. This dissertation is also aimed at providing a general security framework that banks could use to evaluate various security protocols which could be implemented to secure a banking system. Such framework should indicate which security protocols will provide a bank in a certain banking environment with the best protection against security threats. It should also indicate which protocols could be used in combination with others to provide the best security.
- Full Text:
- Authors: Van Buuren, Suzi
- Date: 2012-08-22
- Subjects: Banks and banking - Security measures , Intranets (Computer networks) - Security measures , Internet - Security measures , Computer networks - Security measures
- Type: Thesis
- Identifier: uj:3063 , http://hdl.handle.net/10210/6484
- Description: M.Comm. , The principal aim of the present dissertation is to determine the nature of an electronicbanking environment, to determine the threats within such an environment and the security functionality needed to ward off these threats. Security solutions for each area at risk will be provided in short. The main focus of the dissertation will fall on the security protocols that can be used as solutions to protect a banking system. In the dissertation, indication will also be given of what the security protocols, in their turn, depend on to provide protection to a banking system. There are several security protocols that can be used to secure a banking system. The problem, however, is to determine which protocol will provide the best security for a bank in a specific application. This dissertation is also aimed at providing a general security framework that banks could use to evaluate various security protocols which could be implemented to secure a banking system. Such framework should indicate which security protocols will provide a bank in a certain banking environment with the best protection against security threats. It should also indicate which protocols could be used in combination with others to provide the best security.
- Full Text:
Information security using intelligent software agents
- Authors: Van der Merwe, Jacobus
- Date: 2012-08-20
- Subjects: Computer security , Computer networks - Security measures , Internet - Security measures , Intelligent agents (Computer software)
- Type: Thesis
- Identifier: http://ujcontent.uj.ac.za8080/10210/387930 , uj:2793 , http://hdl.handle.net/10210/6231
- Description: Ph.D. , Many organisations are starting to make large parts of their information resources publicly accessible. For example, many organisations publish information using the Internet. Some organisations allow non-employees to connect to their systems and retrieve information - many banks allow customers to retrieve account statements via the Internet. There is a trend towards more open information systems and more distributed processing such as client/server processing. The above are just some of the trends in computer information processing that creates new and complex problems in providing information systems that are both secure and manageable. To add to the complexity of the information security problem, organisations use the Internet to conduct some of their business and use many different applications, each with its own unique access control mechanisms. Central management of information security in a heterogeneous and distributed environments, such as the Internet has become a nightmare. There is a need for an information security model that will allow organisations to make use of the new trends in information processing, but still have confidence that they have adequate security and that the management of their information security systems is fairly easy. In this thesis we propose a model that satisfies the above requirements. We call this model the Intelligent Security Agent Model (ISAM). The ISAM model is based on two technologies: intelligent software agents and distributed objects. The main component of the model is Intelligent Security Agents that act as security brokers for its users in a distributed environment. In chapter 2 of the thesis, we design an Intelligent Security Agent which provides various information security services in open client/server environments. The Intelligent Security Agent Model addresses certain problems/requirements, such as single sign-on, in information security. These problems and possible solutions are described in chapter 4 to chapter 10 of this thesis. An Intelligent Security Agent must be protected from unauthorised modification, theft, etc. Chapter 3 shows how an Intelligent Security Agent is secured by implementing it as a distributed object. We show that the combination of intelligent software agents and distributed objects creates an agent that was not possible before, and solves many information security problems.In short, this thesis documents the results of a study in computer information security. The result of the study is a new information security model in which intelligent software agents and distributed objects are combined to create a security agent which acts on behalf of a user in open environments such as client/server systems and the Internet. The agent provides a set of services to its user and handles all information security related requests on behalf of its user.
- Full Text:
- Authors: Van der Merwe, Jacobus
- Date: 2012-08-20
- Subjects: Computer security , Computer networks - Security measures , Internet - Security measures , Intelligent agents (Computer software)
- Type: Thesis
- Identifier: http://ujcontent.uj.ac.za8080/10210/387930 , uj:2793 , http://hdl.handle.net/10210/6231
- Description: Ph.D. , Many organisations are starting to make large parts of their information resources publicly accessible. For example, many organisations publish information using the Internet. Some organisations allow non-employees to connect to their systems and retrieve information - many banks allow customers to retrieve account statements via the Internet. There is a trend towards more open information systems and more distributed processing such as client/server processing. The above are just some of the trends in computer information processing that creates new and complex problems in providing information systems that are both secure and manageable. To add to the complexity of the information security problem, organisations use the Internet to conduct some of their business and use many different applications, each with its own unique access control mechanisms. Central management of information security in a heterogeneous and distributed environments, such as the Internet has become a nightmare. There is a need for an information security model that will allow organisations to make use of the new trends in information processing, but still have confidence that they have adequate security and that the management of their information security systems is fairly easy. In this thesis we propose a model that satisfies the above requirements. We call this model the Intelligent Security Agent Model (ISAM). The ISAM model is based on two technologies: intelligent software agents and distributed objects. The main component of the model is Intelligent Security Agents that act as security brokers for its users in a distributed environment. In chapter 2 of the thesis, we design an Intelligent Security Agent which provides various information security services in open client/server environments. The Intelligent Security Agent Model addresses certain problems/requirements, such as single sign-on, in information security. These problems and possible solutions are described in chapter 4 to chapter 10 of this thesis. An Intelligent Security Agent must be protected from unauthorised modification, theft, etc. Chapter 3 shows how an Intelligent Security Agent is secured by implementing it as a distributed object. We show that the combination of intelligent software agents and distributed objects creates an agent that was not possible before, and solves many information security problems.In short, this thesis documents the results of a study in computer information security. The result of the study is a new information security model in which intelligent software agents and distributed objects are combined to create a security agent which acts on behalf of a user in open environments such as client/server systems and the Internet. The agent provides a set of services to its user and handles all information security related requests on behalf of its user.
- Full Text:
MOSS : a model for open system security
- Van Zyl, Pieter Willem Jordaan
- Authors: Van Zyl, Pieter Willem Jordaan
- Date: 2012-09-12
- Subjects: Computer security - South Africa , Computer networks - Security measures , Security systems - Models. , Computers - Access control
- Type: Thesis
- Identifier: uj:10276 , http://hdl.handle.net/10210/7645
- Description: Ph.D , This thesis looks at current security problems within open system environments, that is security problems within heterogeneous computer system environments that are interconnected via computer networks. Thereafter two security models, Kerberos and the Path Context Model, are considered together with their respective ability to address these security problems. Using concepts of the Path Context Model, a new security model, called MOSS (Model for Open System Security), is developed and it is shown how MOSS can address all the security problems identified. Two possible implementations of MOSS are then considered: the one is based on the concept of Static Security Agents (SSAs) for contemporary open system environments, and the other is based on the concept of Roaming Security Agents (RSAs) for object orientated open system environments. The research is concluded with a summary of possible future research considerations
- Full Text:
- Authors: Van Zyl, Pieter Willem Jordaan
- Date: 2012-09-12
- Subjects: Computer security - South Africa , Computer networks - Security measures , Security systems - Models. , Computers - Access control
- Type: Thesis
- Identifier: uj:10276 , http://hdl.handle.net/10210/7645
- Description: Ph.D , This thesis looks at current security problems within open system environments, that is security problems within heterogeneous computer system environments that are interconnected via computer networks. Thereafter two security models, Kerberos and the Path Context Model, are considered together with their respective ability to address these security problems. Using concepts of the Path Context Model, a new security model, called MOSS (Model for Open System Security), is developed and it is shown how MOSS can address all the security problems identified. Two possible implementations of MOSS are then considered: the one is based on the concept of Static Security Agents (SSAs) for contemporary open system environments, and the other is based on the concept of Roaming Security Agents (RSAs) for object orientated open system environments. The research is concluded with a summary of possible future research considerations
- Full Text:
Network intrusion detection system using neural networks approach in networked biometrics system
- Authors: Mgabile, Tinny
- Date: 2014-04-09
- Subjects: Computer networks - Security measures , Neural networks (Computer science) , Pattern recognition systems , Biometric identification
- Type: Thesis
- Identifier: uj:10528 , http://hdl.handle.net/10210/10054
- Description: M.Phil. (Electrical and Electronic Engineering) , Network security has become increasingly important as more and more applica- tions are making their way into the market. The research community has proposed various methods to build a reliable network intrusion detection system to detect unauthorised activities in networked systems. However many network intrusion detection systems that have been reported in literature su er from an excessive number of false positives, false negatives, and are unable to cope with new, elegant and structured attacks. This is mainly because most network intrusion detection systems rely on security experts to analyze the network tra c data and manually construct intrusion detection rules. This study proposes to use a machine learning technique such as neural network approach to anomaly based network intrusion detection system (NIDS). The main objective for this study is to construct an NIDS model that will produce approx- imate to zero false positive or no false positive at all and have high degree of accuracy in detecting network attacks. The neural network (NN) model is trained on a biometric networked system dataset simulated in the study, containing strictly replayed and normal network tra c that encourage the development of the pro- posed NIDS. By analyzing the NN{based NIDS results, the study reached the false positive rate of 0, and high accuracy rate of 100 percent. To support the results obtained in this study, the performance of the NN{based NIDS was compared to two other classi cation methods (k{nearest neighbor algorithm (KNN) and Naive Bayes). The results obtained from KNN and naive Bayes were 99.87 and 99.75 percent respectively. These results show that the proposed model can successfully be used as an e ective tool for solving complicated classi cation problems such as NIDS.
- Full Text:
- Authors: Mgabile, Tinny
- Date: 2014-04-09
- Subjects: Computer networks - Security measures , Neural networks (Computer science) , Pattern recognition systems , Biometric identification
- Type: Thesis
- Identifier: uj:10528 , http://hdl.handle.net/10210/10054
- Description: M.Phil. (Electrical and Electronic Engineering) , Network security has become increasingly important as more and more applica- tions are making their way into the market. The research community has proposed various methods to build a reliable network intrusion detection system to detect unauthorised activities in networked systems. However many network intrusion detection systems that have been reported in literature su er from an excessive number of false positives, false negatives, and are unable to cope with new, elegant and structured attacks. This is mainly because most network intrusion detection systems rely on security experts to analyze the network tra c data and manually construct intrusion detection rules. This study proposes to use a machine learning technique such as neural network approach to anomaly based network intrusion detection system (NIDS). The main objective for this study is to construct an NIDS model that will produce approx- imate to zero false positive or no false positive at all and have high degree of accuracy in detecting network attacks. The neural network (NN) model is trained on a biometric networked system dataset simulated in the study, containing strictly replayed and normal network tra c that encourage the development of the pro- posed NIDS. By analyzing the NN{based NIDS results, the study reached the false positive rate of 0, and high accuracy rate of 100 percent. To support the results obtained in this study, the performance of the NN{based NIDS was compared to two other classi cation methods (k{nearest neighbor algorithm (KNN) and Naive Bayes). The results obtained from KNN and naive Bayes were 99.87 and 99.75 percent respectively. These results show that the proposed model can successfully be used as an e ective tool for solving complicated classi cation problems such as NIDS.
- Full Text:
Network security by preventing DDOS attack using honeypot
- Authors: Selvaraj, Rajalakshmi
- Date: 2017
- Subjects: Computer security , Computer networks - Security measures , Machine learning , Intrusion detection systems (Computer security)
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/263140 , uj:27812
- Description: D.Ing. (Electrical Engineering) , Abstract: Basically, Intrusion Detection System (IDS) is introduced in the modern environment in order to secure the system that works in terms of signature, where they are not fit for recognizing most unidentified attackers. The identification of indistinct attack and interruption is not more supportive to recognize the few sorts of attacks, where interruption dependent attack has turned into a huge task to identify interrupter on the system. An intelligent attacker can get a sensible data and information from the framework only after detecting the shortcomings. Distributed Denial of Service (DDoS) is a main cause over the security and also it turns into a most challenging thread in future. There are such a large number of sorts of Denial of Service (DoS), for example, Smurf, Ping of Death, and Clone attack. Some methodologies are not being effortlessly actualized in the system of genuine enterprises, on account of practically trained framework which is trained by the specimen of malware or profound investigation of packet assessment or relies upon the host-based strategy that requires a major limitation for conservation. The Honeypots are a standout amongst the best techniques to gather the examples of malware thus it is used for investigation and for the determination of attacks. Honeypot is a novel application which comprises of huge energy and conceivable outcomes in the field of security. It helps in compromising the behavior of the attack as well as attackers information. Distributed Denial of Service (DDoS) turns into a main goal in the system as it influences the system at multi-level. This prompts a congestion overhead and wastage of transmission capacity usage. In order to overcome these issues, a roaming virtual...
- Full Text:
- Authors: Selvaraj, Rajalakshmi
- Date: 2017
- Subjects: Computer security , Computer networks - Security measures , Machine learning , Intrusion detection systems (Computer security)
- Language: English
- Type: Doctoral (Thesis)
- Identifier: http://hdl.handle.net/10210/263140 , uj:27812
- Description: D.Ing. (Electrical Engineering) , Abstract: Basically, Intrusion Detection System (IDS) is introduced in the modern environment in order to secure the system that works in terms of signature, where they are not fit for recognizing most unidentified attackers. The identification of indistinct attack and interruption is not more supportive to recognize the few sorts of attacks, where interruption dependent attack has turned into a huge task to identify interrupter on the system. An intelligent attacker can get a sensible data and information from the framework only after detecting the shortcomings. Distributed Denial of Service (DDoS) is a main cause over the security and also it turns into a most challenging thread in future. There are such a large number of sorts of Denial of Service (DoS), for example, Smurf, Ping of Death, and Clone attack. Some methodologies are not being effortlessly actualized in the system of genuine enterprises, on account of practically trained framework which is trained by the specimen of malware or profound investigation of packet assessment or relies upon the host-based strategy that requires a major limitation for conservation. The Honeypots are a standout amongst the best techniques to gather the examples of malware thus it is used for investigation and for the determination of attacks. Honeypot is a novel application which comprises of huge energy and conceivable outcomes in the field of security. It helps in compromising the behavior of the attack as well as attackers information. Distributed Denial of Service (DDoS) turns into a main goal in the system as it influences the system at multi-level. This prompts a congestion overhead and wastage of transmission capacity usage. In order to overcome these issues, a roaming virtual...
- Full Text:
Service oriented architecture governance tools within information security
- Authors: Mokgosi, Letlhogonolo
- Date: 2012-06-07
- Subjects: Service oriented architecture (Computer science) , Information security , Computer security , Information technology management , Management information systems , Computer networks - Security measures , Computer network architectures , Software architecture , Computer architecture
- Type: Thesis
- Identifier: uj:8655 , http://hdl.handle.net/10210/5010
- Description: M.Tech. , Service Oriented Architecture has many advantages. For example, organisations can align business with Information Technology, reuse the developed functionality, reduce development and maintain cost for applications. Organisations adopt Service Oriented Architecture with the aim of automating and integrating business processes. However, it has information security vulnerabilities that should be considered. For example, applications exchange information across the Internet, where it can be tampered with. Information security is therefore one of the crucial qualities that need to be satisfied within information systems. This dissertation addresses the issue of information security within Service Oriented Architecture applications. Some organisations rely on Service Oriented Architecture governance tools when securing information in their Service Oriented Architecture environment. However, they may purchase them without investigating whether they include information security. The aim of this dissertation is to analyse whether these tools include information security. Each tool is benchmarked against the five information security services, defined by the ISO 7498/2 document and including identification and authentication, authorisation, confidentiality, integrity and non-repudiation. The dissertation concludes with a table summarising the results. This dissertation offers decision-makers information that can assist them in analysing whether Service Oriented Architecture governance tools includes information security. It also assists organisations to be aware of security vulnerabilities within Service Oriented Architecture applications, and the consequences that may arise if information security measures are ignored.
- Full Text:
- Authors: Mokgosi, Letlhogonolo
- Date: 2012-06-07
- Subjects: Service oriented architecture (Computer science) , Information security , Computer security , Information technology management , Management information systems , Computer networks - Security measures , Computer network architectures , Software architecture , Computer architecture
- Type: Thesis
- Identifier: uj:8655 , http://hdl.handle.net/10210/5010
- Description: M.Tech. , Service Oriented Architecture has many advantages. For example, organisations can align business with Information Technology, reuse the developed functionality, reduce development and maintain cost for applications. Organisations adopt Service Oriented Architecture with the aim of automating and integrating business processes. However, it has information security vulnerabilities that should be considered. For example, applications exchange information across the Internet, where it can be tampered with. Information security is therefore one of the crucial qualities that need to be satisfied within information systems. This dissertation addresses the issue of information security within Service Oriented Architecture applications. Some organisations rely on Service Oriented Architecture governance tools when securing information in their Service Oriented Architecture environment. However, they may purchase them without investigating whether they include information security. The aim of this dissertation is to analyse whether these tools include information security. Each tool is benchmarked against the five information security services, defined by the ISO 7498/2 document and including identification and authentication, authorisation, confidentiality, integrity and non-repudiation. The dissertation concludes with a table summarising the results. This dissertation offers decision-makers information that can assist them in analysing whether Service Oriented Architecture governance tools includes information security. It also assists organisations to be aware of security vulnerabilities within Service Oriented Architecture applications, and the consequences that may arise if information security measures are ignored.
- Full Text:
Testing the functionality and effectiveness of software defined networks
- Authors: Adedayo, Adebayo Oluwaseun
- Date: 2017
- Subjects: Software-defined networking (Computer network technology) , Broadband communication systems , Computer networks - Security measures
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/280486 , uj:30140
- Description: M.Ing. (Electrical Engineering) , Abstract: An important part of Information Technology is networking which has made communication between two or more computers or devices to be possible. Traditional network architecture is not able to meet the challenges of the current trends in networking due to the complexity of handling devices and its non-scalable nature. Software Defined Networking (SDN) is an emerging dynamic approach to networking that makes use of logically centralized controllers in managing a network thus simplifying network design and operation. The project involves the design of a prototype network based on SDN architecture. An analysis of the network is conducted by considering various aspects of the Software Defined Networks that affects its functionality such as transfer of data between the control plane and the data plane. Furthermore, we analyse the use of virtualization technology, troubleshooting and verification of the behaviour of SDN. Since SDN is a new networking approach, there are various aspects of the technology that still needs to be understood and improved. The aim of this research is to test the functionality and effectiveness of SDN and to investigate various aspects of the architecture that affects its operation. Recommendations and conclusions emerging from the analysis are made to enhance the understanding and functionality of SDN.
- Full Text:
- Authors: Adedayo, Adebayo Oluwaseun
- Date: 2017
- Subjects: Software-defined networking (Computer network technology) , Broadband communication systems , Computer networks - Security measures
- Language: English
- Type: Masters (Thesis)
- Identifier: http://hdl.handle.net/10210/280486 , uj:30140
- Description: M.Ing. (Electrical Engineering) , Abstract: An important part of Information Technology is networking which has made communication between two or more computers or devices to be possible. Traditional network architecture is not able to meet the challenges of the current trends in networking due to the complexity of handling devices and its non-scalable nature. Software Defined Networking (SDN) is an emerging dynamic approach to networking that makes use of logically centralized controllers in managing a network thus simplifying network design and operation. The project involves the design of a prototype network based on SDN architecture. An analysis of the network is conducted by considering various aspects of the Software Defined Networks that affects its functionality such as transfer of data between the control plane and the data plane. Furthermore, we analyse the use of virtualization technology, troubleshooting and verification of the behaviour of SDN. Since SDN is a new networking approach, there are various aspects of the technology that still needs to be understood and improved. The aim of this research is to test the functionality and effectiveness of SDN and to investigate various aspects of the architecture that affects its operation. Recommendations and conclusions emerging from the analysis are made to enhance the understanding and functionality of SDN.
- Full Text:
The computer incident response framework (CIRF)
- Authors: Pieterse, Theron Anton
- Date: 2014-10-10
- Subjects: Information technology - Security measures , Computer networks - Security measures , Risk management , Computer security
- Type: Thesis
- Identifier: http://ujcontent.uj.ac.za8080/10210/369666 , uj:12577 , http://hdl.handle.net/10210/12368
- Description: M.Com. (Informatics) , A company’s valuable information assets face many risks from internal and external sources. When these risks are exploited and reports on information assets are made public, it is usually easy to determine which companies had a contingency plan to deal with the various aspects of these “computer incidents”. This study incorporates important factors of computer incidents into a framework which will assists the company in effectively dealing and managing computer incidents when they occur.
- Full Text:
- Authors: Pieterse, Theron Anton
- Date: 2014-10-10
- Subjects: Information technology - Security measures , Computer networks - Security measures , Risk management , Computer security
- Type: Thesis
- Identifier: http://ujcontent.uj.ac.za8080/10210/369666 , uj:12577 , http://hdl.handle.net/10210/12368
- Description: M.Com. (Informatics) , A company’s valuable information assets face many risks from internal and external sources. When these risks are exploited and reports on information assets are made public, it is usually easy to determine which companies had a contingency plan to deal with the various aspects of these “computer incidents”. This study incorporates important factors of computer incidents into a framework which will assists the company in effectively dealing and managing computer incidents when they occur.
- Full Text:
The evaluation and analysis of the control facilities in a network environment with specific reference to Novell 4
- Authors: Kleinsmit, Michael J.
- Date: 2015-09-08
- Subjects: Netware Novell 4 (Computer operating system) , Computer networks - Security measures , Database security , Electronic data processing - Auditing
- Type: Thesis
- Identifier: uj:14074 , http://hdl.handle.net/10210/14490
- Description: M.Com. , The auditor has the objective to express an opinion on the financial statements on which he is reporting. It is important for the auditor to know that the data which he is auditing has not been changed without the necessary authority or been lost and that the data meets the three Information Security Objectives (IS0s) ...
- Full Text:
- Authors: Kleinsmit, Michael J.
- Date: 2015-09-08
- Subjects: Netware Novell 4 (Computer operating system) , Computer networks - Security measures , Database security , Electronic data processing - Auditing
- Type: Thesis
- Identifier: uj:14074 , http://hdl.handle.net/10210/14490
- Description: M.Com. , The auditor has the objective to express an opinion on the financial statements on which he is reporting. It is important for the auditor to know that the data which he is auditing has not been changed without the necessary authority or been lost and that the data meets the three Information Security Objectives (IS0s) ...
- Full Text:
The management of networks with specific reference to security management
- Authors: Kersten, Karin
- Date: 2012-08-15
- Subjects: Computer networks - Management , Computer networks - Security measures , Computer crimes
- Type: Thesis
- Identifier: uj:9296 , http://hdl.handle.net/10210/5739
- Description: M.Comm. , This dissertation is devoted to an investigation into the network-management environment, with special emphasis on the security aspects and the provision of a reference framework when choosing a network-management product. The dissertation is aimed at those responsible for network-management and the selection of the various network-management products by providing a framework for evaluating network management products. The first four chapters provide the background to the reference framework. The following two chapters are devoted to those aspects to be taken into consideration when evaluating a network-management product. The consolidation and the case study in chapters seven and eight provide an abridged version of the framework and illustrate how the framework could be applied to a network-management product. Chapter one provides the background to the reference framework regarding networks and network-management. The concept of network-management is introduced, as well as the three forms of architectures that could be implemented, namely centralised, hierarchical and distributed architectures. A number of network-management functions have to be taken into consideration when evaluating a network-management package, namely configuration, asset, fault, performance, accounting and security management. These functions are also covered in chapter six. Chapter two provides the background to the security aspect of the reference framework. The three main topics covered in this respect are the definition of network-security, computer crime and specific elements of network-security. This chapter also provides a springboard for the evaluation of the network-management environment, as well as an idea of what issues and measures should be addressed and taken in order to prevent, or at least minimise, the effects of network-security breaches. Chapter three covers issues relating to network-security responsibilities, with special reference to the management side of network-management, including those issues that management should take into consideration when evaluating the network-management environment. Two methods that could be implemented include network-management policies and strategies. Network-security policies and strategies encompass those issues necessary for effective security within an organisation. This chapter, however, covers the more theoretical or higher-level goals or objectives of network-management. Chapter four relates to more of the day-to-day management issues of the network-security and the network-security management services and functions that should be considered. These include issues such as network-security services, managing network access, monitoring and controlling the network security system and the maintenance and modification of the said system. Network-management product considerations are discussed in chapter five, which chapter can be viewed as the business and practical side of the reference framework. The topics discussed here are more closely related to the business considerations when evaluating a networkmanagement package and the practical issues of network-management. Topics discussed in this chapter include security and network-management products, practical approaches to choosing network-management products, critical success factors of network-management and analysis of the cost component. In contrast to these issues, the reference framework expounded in chapter six concentrates on the technical and network-management functions. Chapter six constitutes the culmination of the present dissertation in the form of a reference framework, which is for the greater part formulated along the lines of the criteria given. This reference framework is aimed at those experts enlisted to evaluate and select networkmanagement products, specifically as far as their security-management features are concerned. The areas covered include the user framework, the product framework, networkfault management, network-performance management, network-accounting management, network configuration and change management, network-security management and conformance testing. The topics discussed are, however, by no means exclusive and there are a number of other issues that have not been addressed in this dissertation, but which, depending on the network environment, would have to be taken into consideration. Chapter seven is a consolidation of the reference framework given in chapter six, as well as of some of the main points and criteria that could be considered when performing a quick evaluation of a product. This chapter does not, however, make any pretence to being exhaustive, but merely serves to highlight a few crucial criteria. Chapter eight is devoted to a case study in terms of which the reference framework is applied to a network-management product. In conclusion, a summary of the dissertation is given in chapter nine.
- Full Text:
- Authors: Kersten, Karin
- Date: 2012-08-15
- Subjects: Computer networks - Management , Computer networks - Security measures , Computer crimes
- Type: Thesis
- Identifier: uj:9296 , http://hdl.handle.net/10210/5739
- Description: M.Comm. , This dissertation is devoted to an investigation into the network-management environment, with special emphasis on the security aspects and the provision of a reference framework when choosing a network-management product. The dissertation is aimed at those responsible for network-management and the selection of the various network-management products by providing a framework for evaluating network management products. The first four chapters provide the background to the reference framework. The following two chapters are devoted to those aspects to be taken into consideration when evaluating a network-management product. The consolidation and the case study in chapters seven and eight provide an abridged version of the framework and illustrate how the framework could be applied to a network-management product. Chapter one provides the background to the reference framework regarding networks and network-management. The concept of network-management is introduced, as well as the three forms of architectures that could be implemented, namely centralised, hierarchical and distributed architectures. A number of network-management functions have to be taken into consideration when evaluating a network-management package, namely configuration, asset, fault, performance, accounting and security management. These functions are also covered in chapter six. Chapter two provides the background to the security aspect of the reference framework. The three main topics covered in this respect are the definition of network-security, computer crime and specific elements of network-security. This chapter also provides a springboard for the evaluation of the network-management environment, as well as an idea of what issues and measures should be addressed and taken in order to prevent, or at least minimise, the effects of network-security breaches. Chapter three covers issues relating to network-security responsibilities, with special reference to the management side of network-management, including those issues that management should take into consideration when evaluating the network-management environment. Two methods that could be implemented include network-management policies and strategies. Network-security policies and strategies encompass those issues necessary for effective security within an organisation. This chapter, however, covers the more theoretical or higher-level goals or objectives of network-management. Chapter four relates to more of the day-to-day management issues of the network-security and the network-security management services and functions that should be considered. These include issues such as network-security services, managing network access, monitoring and controlling the network security system and the maintenance and modification of the said system. Network-management product considerations are discussed in chapter five, which chapter can be viewed as the business and practical side of the reference framework. The topics discussed here are more closely related to the business considerations when evaluating a networkmanagement package and the practical issues of network-management. Topics discussed in this chapter include security and network-management products, practical approaches to choosing network-management products, critical success factors of network-management and analysis of the cost component. In contrast to these issues, the reference framework expounded in chapter six concentrates on the technical and network-management functions. Chapter six constitutes the culmination of the present dissertation in the form of a reference framework, which is for the greater part formulated along the lines of the criteria given. This reference framework is aimed at those experts enlisted to evaluate and select networkmanagement products, specifically as far as their security-management features are concerned. The areas covered include the user framework, the product framework, networkfault management, network-performance management, network-accounting management, network configuration and change management, network-security management and conformance testing. The topics discussed are, however, by no means exclusive and there are a number of other issues that have not been addressed in this dissertation, but which, depending on the network environment, would have to be taken into consideration. Chapter seven is a consolidation of the reference framework given in chapter six, as well as of some of the main points and criteria that could be considered when performing a quick evaluation of a product. This chapter does not, however, make any pretence to being exhaustive, but merely serves to highlight a few crucial criteria. Chapter eight is devoted to a case study in terms of which the reference framework is applied to a network-management product. In conclusion, a summary of the dissertation is given in chapter nine.
- Full Text: