A model for best practice driven information security governance

Lessing, Martha Maria

04 June 2008

To ensure the likely success of an organisation’s Information Security Governance, discipline leaders recommend that organisations follow the guidelines as set out in Information Security Governance best practice documents. Best practices and related documents from the Information Security Governance discipline, as well as best practices and related documents from the Corporate Governance and Information Technology Governance disciplines, all include sections pertaining to Information Security, Information Security Governance and Information Technology assets. This study puts these sections together, and constructs an Information Security Governance model that combines all aspects of Information Security Governance. In theory, this model should guide an organisation to the ultimate level of Information Security Governance. / Prof. S. H. von Solms

Computer security

Business enterprises computer networks

Knowledge sharing via enterprise intranets

Van der Walt, Celeste

23 July 2008

Successful enterprises are those that consistently create new knowledge, disseminate it widely throughout the enterprise and quickly embed it in new technologies and products. These ‘knowledge-creating’ enterprises understand what knowledge is and what they should do to exploit it. In other words, they successfully manage and share their knowledge throughout their enterprise. When launching a knowledge management initiative, it is important to identify which knowledge management processes are most relevant to the enterprise’s environment and systems, and steps should be taken to support these activities and integrate them into daily operations. Broader elements and issues should also be identified and recognised for the influence they have on the knowledge management process. For example that enterprises should encourage individuals to interact, to work together on projects, or to share their ideas on an informal basis and systems are needed to codify the knowledge of individuals so that others can use it. Applying these elements involves: information technology; formal and informal structures; and specific knowledge management tools. Another important factor in the success of a knowledge management project is to ground knowledge management and knowledge sharing within the context of the enterprise’s business strategy seeing that the intranet can assist in the creation of economic value and competitive advantage for the enterprise. The knowledge sharing or knowledge contribution part of the knowledge management process seems to be the most difficult for enterprises. Knowledge sharing often takes place in enterprises via employees’ informal networks. Knowledge management could turn this informal, ad hoc process into a more systematic process. Creating a corporate culture where knowledge is valued and shared effectively is a challenge. Part of the solution could be for an enterprise to be aware of their specific corporate culture and how it influences their behaviour and attitude towards knowledge sharing. Because the employee’s behaviour determines the sharing of knowledge, leadership has an important role to play and they could use various motivational practices to encourage knowledge sharing. Leadership should commit to creating an environment, within which employees are able to share, assess and experiment with new knowledge gained. The corporate intranet could be used as such an environment, but employees need to be trained to use their knowledge management IT tools, making it as easy as possible for employees to contribute to the enterprise knowledge base. Effective intranet usage should be embedded in the enterprise’s general corporate and knowledge sharing culture. The intranet should be seen as an essential part of the enterprise’s knowledge management system and should be designed to suit and enhance the enterprise knowledge sharing activities and culture. It is also important that intranets should be evaluated regularly to determine its current contribution to as well as future potential of the knowledge sharing capability of the enterprise. The importance of evaluating and measuring the enterprise intranet and various measurement tools were discussed in depth, which consequently led to the formulation of an intranet evaluation tool in the form of a questionnaire. The prototype questionnaire was compiled by using measurement tools developed previously. The questionnaire brought together the concepts of knowledge management, knowledge sharing cultures and intranet functionalities. The evaluation tool was then applied to measure the effectiveness of a management consulting business’s intranet in enhancing the enterprise’s knowledge sharing culture. Recommendations were made to enterprises use the questionnaire when using the questionnaire in similar environments. An intranet represents a tool of potentially high value to any enterprise, but in order to realise this value, the intranets should be properly measured and managed and every employee needs to take ownership and buy into the concept of the intranet as a knowledge sharing enabler. This calls for an employee to be motivated to participate in knowledge sharing, so that they can experience the value they could add and receive by using the intranet for knowledge sharing activities. / Prof. P.A. van Brakel Mnr. J.A. Kok

Intranets (Computer networks)

Knowledge management

Corporate culture

QoS aware packet scheduling in the downlink of LTE-advanced networks

Kauser, Rehana

January 2013

No description available.

621.3845

An investigation into the effects that internet user experience, payment reliability and delivery reliability have on e-Commerce use in South Africa

Comline, Gregory Ian

10 March 2010

This research investigates the extent of retail e-commerce use in South Africa with respect to the reliability of payments and the delivery system. This is aligned to the consumer’s internet experience. The Technology Acceptance Model and e-Service Quality Model provide a framework for this research. This investigation has focussed on the use of e-commerce through various distribution channels, such as services (e-Tickets or flights), delivered goods, downloaded media and auction sites. This quantitative research was conducted through a survey of internet users (within LSM 9 and 10) and the findings compared the respondents’ internet experience with their use of e-commerce. It was found that e-commerce adoption is related to the years of internet use and degree of internet utilisation. Furthermore, the amount spent by consumers through the internet increases with more frequent e-commerce use. The findings also reveal that a high proportion of respondents were tentative, to some degree, about online payments. In addition, the delivery of items through the postal services was considered to be unreliable, compared to courier services that were perceived to be reliable. These factors align with previous research and have an influence over the acceptance and growth of e-commerce in South Africa. Copyright / Dissertation (MBA)--University of Pretoria, 2010. / Gordon Institute of Business Science (GIBS) / unrestricted

UCTD

Business enterprises

Electronic commerce

Computer networks

An empirical, in-depth investigation into service creation in H.323 Version 4 Networks

Penton, Jason Barry

24 May 2013

Over the past few years there has been an increasing tendency to carry voice on IP networks as opposed to the PSTN and other switched circuit networks. Initially this trend was favoured due to reduced costs but occurred at the expense of sacrificing the quality of the voice communications. Switched circuit networks have therefore remained the preferred carrier-grade voice communication network, but this is again changing. The advancement in improved quality of service (QoS) of real-time traffic on the IP network is a contributing factor to the anticipated future of the IP network supplying carrier-grade voice communications. Another contributing factor is the possibility of creating a new range of innovative, state-of-the-art telephony and communications services that acquire leverage through the intelligence and flexibility of the IP network. The latter has yet to be fully explored. Various protocols exist that facilitate the transport of voice and other media on IP networks. The most well known and widely supported of these is H.323. This work presents and discusses H.323 version 4 service creation. The work also categorises the various H.323 services and presents the mechanisms provided by H.323 version 4 that have facilitated the development of the three services I have developed, EmailReader, Telgo323 and CANS.

Computer programming

Computer networks

Computer network protocols

An investigation into some critical computer networking parameters : Internet addressing and routing

Isted, Edwin David

January 1996

This thesis describes the evaluation of several proposals suggested as replacements for the currenT Internet's TCPJIP protocol suite. The emphasis of this thesis is on how the proposals solve the current routing and addressing problems associated with the Internet. The addressing problem is found to be related to address space depletion, and the routing problem related to excessive routing costs. The evaluation is performed based on criteria selected for their applicability as future Internet design criteria. AIl the protocols are evaluated using the above-mentioned criteria. It is concluded that the most suitable addressing mechanism is an expandable multi-level format, with a logical separation of location and host identification information. Similarly, the most suitable network representation technique is found to be an unrestricted hierarchical structure which uses a suitable abstraction mechanism. It is further found that these two solutions could adequately solve the existing addressing and routing problems and allow substantial growth of the Internet.

Computer networks

Internet

Electronic mail systems

The analysis of a computer music network and the implementation of essential subsystems

Wilks, Antony John

January 1995

The inability to share resources in commercial and institutional computer music studios results in non-optimal resource utilisation. The use of computers to process, store and communicate data can be extended within these studios, to provide the capability of sharing resources amongst their users. This thesis describes a computer music network which was designed for this purpose. Certain devices had to be custom built for the implementation of the network. The thesis discusses the design and construction of these devices.

Computer networks

Computer music

MIDI (Standard)

A concurrent simulation of ethernet

Medvitz, Charles M

January 1982

Typescript (photocopy).

Computer networks

Computer simulation

Data transmission systems

A model for information security control audit for small to mid-sized organisations

Deysel, Natasha

January 2009

Organisations are increasingly dependent on their information. Compromise to this information in terms of loss, inaccuracy or competitors gaining unauthorised access could have devastating consequences for the organisation. Therefore, information security governance has become a major concern for all organisations, large and small. Information security governance is based on a set of policies and internal controls by which organisations direct and manage their information security. An effective information security governance programme should be based on a recognised framework, such as the Control Objectives for Information and related Technology (COBIT). COBIT focuses on what control objectives must be achieved in order to effectively manage the information technology environment. It has become very clear that if a company is serious about information security governance, it needs to apply the COBIT framework that deals with information security. The problem in some medium-sized organisations is that they do not realise the importance of information security governance and are either unaware of the risks or choose to ignore these risks as they do not have the expertise or resources available to provide them with assurance that they have the right information security controls in place to protect their organisation against threats.

Data protection

Towards a user centric model for identity and access management within the online environment

Deas, Matthew Burns

January 2008

Today, one is expected to remember multiple user names and passwords for different domains when one wants to access on the Internet. Identity management seeks to solve this problem through creating a digital identity that is exchangeable across organisational boundaries. Through the setup of collaboration agreements between multiple domains, users can easily switch across domains without being required to sign in again. However, use of this technology comes with risks of user identity and personal information being compromised. Criminals make use of spoofed websites and social engineering techniques to gain illegal access to user information. Due to this, the need for users to be protected from online threats has increased. Two processes are required to protect the user login information at the time of sign-on. Firstly, user’s information must be protected at the time of sign-on, and secondly, a simple method for the identification of the website is required by the user. This treatise looks at the process for identifying and verifying user information, and how the user can verify the system at sign-in. Three models for identity management are analysed, namely the Microsoft .NET Passport, Liberty Alliance Federated Identity for Single Sign-on and the Mozilla TrustBar for system authentication.

Computers -- Access control

Computer networks -- Security measures