Spelling suggestions: "subject:"computer networks 2security measures"" "subject:"computer networks bsecurity measures""
161 |
Governance of virtual private networks using COBIT as frameworkSherry, Zaida 04 1900 (has links)
Thesis (MAcc (Accountancy))--University of Stellenbosch, 2007. / The purpose of this assignment is to ascertain whether the COBIT framework is an adequate framework to assist in the governance of virtual private networks. The assignment focuses on whether the framework can ensure the identification of virtual private network-related risks and address IT compliance with policies and statutory regulations.
A brief summary of the risks and issues pertaining to the pre-implementation, implementation and post-implementation phases of virtual private networks is included in the assignment. These risks and issues are then individually mapped onto a relevant COBIT control objective. The scope of the assignment does not include the intricacies of how these networks operate, the different types of network topologies or the different technologies used in virtual private networks.
It was found that the COBIT framework can be implemented to manage and/or mitigate virtual private network risks.
|
162 |
Investigating the possible introduction of managed broadband internet security : a pilot studyKruger, Richard Carl 03 1900 (has links)
Thesis (MBA (Business Management))--Stellenbosch University, 2008. / ENGLISH ABSTRACT: Soon after the development of the internet as a network structure connecting computers on a global scale, was the introduction of malicious computer code, which was disseminated through this network. Initially this code was the relegation of pranksters, but evolved quickly to be code causing destruction, intrusion and loss of privacy while on the internet. This code became known as the computer virus and was soon used by fraudsters to infiltrate networks to create deception and fraud for financial gain. It has become of paramount importance for users of the internet to protect themselves and their networks from these attacks, through various ingenious mechanisms of protection. The traditional mainstay for computer virus protection has been the software approach using counter code to protect against any malicious computer code. This protection has had limited success as the very nature of malicious code is constantly changing and evolving, making it sometimes an impossible task for internet users to be protected with the latest anti-virus software for protection. The author of this study introduces a managed anti-virus protection alternative which is delivered by a computer hardware device. This is a new technology and a full description is made of the role of this product as a new product development. The empirical research of this paper focuses around the test for a need for the product described to the point, but excluding commercialization. / AFRIKAANSE OPSOMMING: Kort na die ontwikkeling van die internet as 'n netwerkstruktuur wat rekenaars op 'n globale skaal verbind, was daar die bekendstelling van kwaadwillige rekenaarkodes wat reg deur die netwerk versprei het. Aanvanklik was die kode gemik op die verdrywing van poetsbakkers, maar het spoedig ontwikkel in kodeverdrywing, inmenging en verlies aan privaatheid op die internet. Hierdie kode het bekend geword as die rekenaarvirus, en is spoedig deur bedrieërs gebruik om netwerke te infiltreer om gebruikers te mislei en te bedrieg vir eie finansiële gewin. Dit het vir gebruikers van die internet van uiterste belang geword om hulle en hulle netwerkte teen hierdie aanvalle te beskerm, en wel deur middel van verskeie meganismes. Die bekendste bekermingsmatreël teen die virus is die aanwending van sagteware as teenkode. Hierdie bekermingsmetode het egter tot dusver beperkte sukses behaal, aangesien die aard van kwaadwilligheid voortdurend verander en ontwikkel, sodat dit soms onmoontlik is dat gebruikers deur die nuutste anti-virussagteware beskerm kan word. Die skrywer van hierdie verhandeling stel 'n werkbare, alternatiewe anti-virusbeskermer bekend wat deur rekenaar-hardewareplan daargestel is. Dit het nuwe tegnologie, en 'n volledige beskrywing word gegee van die rol van hierdie produk as 'n nuwe ontwikkeling. Die empiriese navorsing van die verhandeling fokus op die toets vir die noodsaaklikheid van so 'n produk, met die uisluiting van kommersialisering.
|
163 |
Maintaining Web Applications Integrity Running on RADIUMUr-Rehman, Wasi 08 1900 (has links)
Computer security attacks take place due to the presence of vulnerabilities and bugs in software applications. Bugs and vulnerabilities are the result of weak software architecture and lack of standard software development practices. Despite the fact that software companies are investing millions of dollars in the research and development of software designs security risks are still at large. In some cases software applications are found to carry vulnerabilities for many years before being identified. A recent such example is the popular Heart Bleed Bug in the Open SSL/TSL. In today’s world, where new software application are continuously being developed for a varied community of users; it’s highly unlikely to have software applications running without flaws. Attackers on computer system securities exploit these vulnerabilities and bugs and cause threat to privacy without leaving any trace. The most critical vulnerabilities are those which are related to the integrity of the software applications. Because integrity is directly linked to the credibility of software application and data it contains. Here I am giving solution of maintaining web applications integrity running on RADIUM by using daikon. Daikon generates invariants, these invariants are used to maintain the integrity of the web application and also check the correct behavior of web application at run time on RADIUM architecture in case of any attack or malware. I used data invariants and program flow invariants in my solution to maintain the integrity of web-application against such attack or malware. I check the behavior of my proposed invariants at run-time using Lib-VMI/Volatility memory introspection tool. This is a novel approach and proof of concept toward maintaining web application integrity on RADIUM.
|
164 |
A Study on Partially Homomorphic Encryption SchemesUnknown Date (has links)
High processing time and implementation complexity of the fully homomorphic
encryption schemes intrigued cryptographers to extend partially homomorphic
encryption schemes to allow homomorphic computation for larger classes of polynomials.
In this thesis, we study several public key and partially homomorphic schemes
and discuss a recent technique for boosting linearly homomorphic encryption schemes.
Further, we implement this boosting technique on CGS linearly homomorphic encryption
scheme to allow one single multiplication as well as arbitrary number of additions
on encrypted plaintexts. We provide MAGMA source codes for the implementation
of the CGS scheme along with the boosted CGS scheme. / Includes bibliography. / Thesis (M.S.)--Florida Atlantic University, 2017. / FAU Electronic Theses and Dissertations Collection
|
165 |
Unifying the conceptual levels of network security through the use of patternsUnknown Date (has links)
Network architectures are described by the International Standard for
Organization (ISO), which contains seven layers. The internet uses four of these layers,
of which three are of interest to us. These layers are Internet Protocol (IP) or Network
Layer, Transport Layer and Application Layer. We need to protect against attacks that
may come through any of these layers. In the world of network security, systems are plagued by various attacks, internal and external, and could result in Denial of Service (DoS) and/or other damaging effects. Such attacks and loss of service can be devastating for the users of the system. The implementation of security devices such as Firewalls and Intrusion Detection Systems
(IDS), the protection of network traffic with Virtual Private Networks (VPNs), and the
use of secure protocols for the layers are important to enhance the security at each of
these layers.We have done a survey of the existing network security patterns and we have written the missing patterns. We have developed security patterns for abstract IDS, Behavior–based IDS and Rule-based IDS and as well as for Internet Protocol Security (IPSec) and Transport Layer Security (TLS) protocols. We have also identified the need for a VPN pattern and have developed security patterns for abstract VPN, an IPSec VPN and a TLS VPN. We also evaluated these patterns with respect to some aspects to simplify their application by system designers. We have tried to unify the security of the network layers using security patterns by tying in security patterns for network transmission, network protocols and network boundary devices. / Includes bibliography. / Dissertation (Ph.D.)--Florida Atlantic University, 2014. / FAU Electronic Theses and Dissertations Collection
|
166 |
Perception of employees concerning information security policy compliance : case studies of a European and South African universityLububu, Steven January 2018 (has links)
Thesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2018. / This study recognises that, regardless of information security policies, information about institutions continues to be leaked due to the lack of employee compliance. The problem is that information leakages have serious consequences for institutions, especially those that rely on information for its sustainability, functionality and competitiveness. As such, institutions ensure that information about their processes, activities and services are secured, which they do through enforcement and compliance of policies. The aim of this study is to explore the extent of non-compliance with information security policy in an institution. The study followed an interpretive, qualitative case study approach to understand the meaningful characteristics of the actual situations of security breaches in institutions. Qualitative data was collected from two universities, using semi-structured interviews, with 17 participants. Two departments were selected: Human Resources and the Administrative office. These two departments were selected based on the following criteria: they both play key roles within an institution, they maintain and improve the university’s policies, and both departments manage and keep confidential university information (Human Resources transects and keeps employees’ information, whilst the Administrative office manages students’ records). This study used structuration theory as a lens to view and interpret the data. The qualitative content analysis was used to analyse documentation, such as brochures and information obtained from the websites of the case study’s universities. The documentation was then further used to support the data from the interviews. The findings revealed some factors that influence non-compliance with regards to information security policy, such as a lack of leadership skills, favouritism, fraud, corruption, insufficiency of infrastructure, lack of security education and miscommunication. In the context of this study, these factors have severe consequences on an institution, such as the loss of the institution’s credibility or the institution’s closure. Recommendations for further study are also made available.
|
167 |
Elliptic curves: identity-based signing and quantum arithmeticUnknown Date (has links)
Pairing-friendly curves and elliptic curves with a trapdoor for the discrete
logarithm problem are versatile tools in the design of cryptographic protocols. We
show that curves having both properties enable a deterministic identity-based signing
with “short” signatures in the random oracle model. At PKC 2003, Choon and Cheon
proposed an identity-based signature scheme along with a provable security reduction.
We propose a modification of their scheme with several performance benefits. In
addition to faster signing, for batch signing the signature size can be reduced, and if
multiple signatures for the same identity need to be verified, the verification can be
accelerated. Neither the signing nor the verification algorithm rely on the availability
of a (pseudo)random generator, and we give a provable security reduction in the
random oracle model to the (`-)Strong Diffie-Hellman problem. Implementing the group arithmetic is a cost-critical task when designing quantum circuits for Shor’s algorithm to solve the discrete logarithm problem. We introduce a tool for the automatic generation of addition circuits for ordinary binary elliptic curves, a prominent platform group for digital signatures. Our Python software generates circuit descriptions that, without increasing the number of qubits or T-depth, involve less than 39% of the number of T-gates in the best previous construction. The software also optimizes the (CNOT) depth for F2-linear operations by means of suitable graph colorings. / Includes bibliography. / Dissertation (Ph.D.)--Florida Atlantic University, 2014. / FAU Electronic Theses and Dissertations Collection
|
168 |
General Deterrence Theory: Assessing Information Systems Security Effectiveness in Large versus Small BusinessesSchuessler, Joseph H. 05 1900 (has links)
This research sought to shed light on information systems security (ISS) by conceptualizing an organization's use of countermeasures using general deterrence theory, positing a non-recursive relationship between threats and countermeasures, and by extending the ISS construct developed in prior research. Industry affiliation and organizational size are considered in terms of differences in threats that firms face, the different countermeasures in use by various firms, and ultimately, how a firm's ISS effectiveness is affected. Six information systems professionals were interviewed in order to develop the appropriate instruments necessary to assess the research model put forth; the final instrument was further refined by pilot testing with the intent of further clarifying the wording and layout of the instrument. Finally, the Association of Information Technology Professionals was surveyed using an online survey. The model was assessed using SmartPLS and a two-stage least squares analysis. Results indicate that a non-recursive relationship does indeed exist between threats and countermeasures and that countermeasures can be used to effectively frame an organization's use of countermeasures. Implications for practitioners include the ability to target the use of certain countermeasures to have desired effects on both ISS effectiveness and future threats. Additionally, the model put forth in this research can be used by practitioners to both assess their current ISS effectiveness as well as to prescriptively target desired levels of ISS effectiveness.
|
169 |
Distributed file systems in an authentication systemMerritt, John W January 2010 (has links)
Typescript (photocopy). / Digitized by Kansas Correctional Industries / Department: Computer Science.
|
170 |
Scaling and Visualizing Network Data to Facilitate in Intrusion Detection TasksAbdullah, Kulsoom B. 07 April 2006 (has links)
As the trend of successful network attacks continue to rise, better forms of intrusion, detection and prevention are needed. This thesis addresses network traffic visualization techniques that aid administrators in recognizing attacks. A view of port statistics and Intrusion Detection System (IDS) alerts has been developed. Each help to address issues with analyzing large datasets involving networks. Due to the amount of traffic as well as the range of possible port numbers and IP addresses, scaling techniques are necessary.
A port-based overview of network activity produces an improved representation for detecting and responding to malicious activity. We have found that presenting an overview using stacked histograms of aggregate port activity, combined with the ability to drill-down for finer details allows small, yet important details to be noticed and investigated without being obscured by large, usual traffic.
Another problem administrators face is the cumbersome amount of alarm data generated from IDS sensors. As a result, important details are often overlooked, and it is difficult to get an overall picture of what is occurring in the network by manually traversing textual alarm logs. We have designed a novel visualization to address this problem by showing alarm activity within a network. Alarm data is presented in an overview from which system administrators can get a general sense of network activity and easily detect anomalies. They additionally have the option of then zooming and drilling down for details. Based on our system administrator requirements study, this graphical layout addresses what system administrators need to see, is faster and easier than analyzing text logs, and uses visualization techniques to effectively scale and display the data. With this design, we have built a tool that effectively uses operational alarm log data generated on the Georgia Tech campus network.
For both of these systems, we describe the input data, the system design, and examples. Finally, we summarize potential future work.
|
Page generated in 0.0798 seconds