Global ETD Search

231	The legal aspects of cybercrime in Nigeria : an analysis with the UK provisions Ibekwe, Chibuko Raphael January 2015 (has links) Cybercrime offences know no limits to physical geographic boundaries and have continued to create unprecedented issues regarding to the feasibility and legitimacy of applying traditional legislations based on geographic boundaries. These offences also come with procedural issues of enforcement of the existing legislations and continue to subject nations with problems unprecedented to its sovereignty and jurisdictions. This research is a critical study on the legal aspects of cybercrime in Nigeria, which examines how laws and regulations are made and applied in a well-established system to effectively answer questions raised by shortcomings on the implementation of cybercrime legislations, and critically reviews various laws in Nigeria relating or closely related to cybercrime. This research will provide insight into current global cybercrime legislations and the shortfalls to their procedural enforcement; and further bares the cybercrime issues in Nigeria while analysing and proffering a critique to the provisions as provided in the recently enacted Nigerian Cybercrime (Prohibition and Prevention) Act 2015, in contradistinction to the existing legal framework in the United Kingdom and the other regional enactments like the Council of Europe Convention on Cybercrime, African Union Convention on Cybersecurity and Personal Data Protection 2014, and the ECOWAS Directive on Cybercrime 2011. 364.16
232	An enterprise information security model for a micro finance company: a case study Owen, Morné January 2009 (has links) The world has entered the information age. How the information is used within an organization will determine success or failure of the organisation. This study aims to provide a model, that once implemented, will provide the required protection for the information assets. The model is based on ISO 27002, an international security standard. The primary objective is to build a model that will provide a holistic security system specifically for a South African Micro Finance Company (MFC). The secondary objectives focuses on successful implementation of such a model, the uniqueness of the MFC that should be taken into account, and the maintenance of the model once implemented to ensure ongoing relevance. A questionnaire conducted at the MFC provided insight into the perceived understanding of information security. The questionnaire results were used to ensure the model solution addressed current information security shortcomings within the MFC. This study found that the information security controls in ISO 27002 should be applicable to any industry. The uniqueness for the MFC is not in the security controls, but rather in the regulations and laws applicable to it.
233	A standards-based security model for health information systems Thomson, Steven Michael January 2008 (has links) In the healthcare environment, various types of patient information are stored in electronic format. This prevents the re-entering of information that was captured previously. In the past this information was stored on paper and kept in large filing cabinets. However, with the technology advancements that have occurred over the years, the idea of storing patient information in electronic systems arose. This led to a number of electronic health information systems being created, which in turn led to an increase in possible security risks. Any organization that stores information of a sensitive nature must apply information security principles in order to ensure that the stored information is kept secure. At a basic level, this entails ensuring the confidentiality, integrity and availability of the information, which is not an easy feat in today’s distributed and networked environments. This paved the way for organized standardization activities in the areas of information security and information security management. Throughout history, there have been practices that were created to help “standardize” industries of all areas, to the extent that there are professional organizations whose main objective it is to create such standards to help connect industries all over the world. This applies equally to the healthcare environment, where standardization took off in the late eighties. Healthcare organizations must follow standardized security measures to ensure that patient information stored in health information systems is kept secure. However, the proliferation in standards makes it difficult to understand, adopt and deploy these standards in a coherent manner. This research, therefore, proposes a standards-based security model for health information systems to ensure that such standards are applied in a manner that contributes to securing the healthcare environment as a whole, rather than in a piecemeal fashion.
234	Direct Online/Offline Digital Signature Schemes. Yu, Ping 12 1900 (has links) Online/offline signature schemes are useful in many situations, and two such scenarios are considered in this dissertation: bursty server authentication and embedded device authentication. In this dissertation, new techniques for online/offline signing are introduced, those are applied in a variety of ways for creating online/offline signature schemes, and five different online/offline signature schemes that are proved secure under a variety of models and assumptions are proposed. Two of the proposed five schemes have the best offline or best online performance of any currently known technique, and are particularly well-suited for the scenarios that are considered in this dissertation. To determine if the proposed schemes provide the expected practical improvements, a series of experiments were conducted comparing the proposed schemes with each other and with other state-of-the-art schemes in this area, both on a desktop class computer, and under AVR Studio, a simulation platform for an 8-bit processor that is popular for embedded systems. Under AVR Studio, the proposed SGE scheme using a typical key size for the embedded device authentication scenario, can complete the offline phase in about 24 seconds and then produce a signature (the online phase) in 15 milliseconds, which is the best offline performance of any known signature scheme that has been proven secure in the standard model. In the tests on a desktop class computer, the proposed SGS scheme, which has the best online performance and is designed for the bursty server authentication scenario, generated 469,109 signatures per second, and the Schnorr scheme (the next best scheme in terms of online performance) generated only 223,548 signatures. The experimental results demonstrate that the SGE and SGS schemes are the most efficient techniques for embedded device authentication and bursty server authentication, respectively. bursty server authentication standard model Online/offline digital signature schemes embedded dvice authentication Digital signatures. Computer networks -- Access control. Computer networks -- Security measures.
235	Contribuições e avaliações das arquiteturas para as VPNs convergentes com escalabilidade, segurança e qualidade de serviço / Contributions and assessments for converging VPN architectures with scalability, security and quality of service Boava, Adão 18 August 2018 (has links) Orientador: Yuzo Iano / Tese (doutorado) - Universidade Estadual de Campinas, Faculdade de Engenharia Elétrica e de Computação / Made available in DSpace on 2018-08-18T15:52:00Z (GMT). No. of bitstreams: 1 Boava_Adao_D.pdf: 10725757 bytes, checksum: b362a8b8e87465a0da12692a4fe7633f (MD5) Previous issue date: 2011 / Resumo: Os próximos anos prometem ser os das tecnologias das redes de nova geração para as operadoras de telecomunicações, fornecedores de equipamentos e usuários, com ênfase na integração das redes móveis sem fio, como 3G e 4G, com as redes fixas tradicionais, integração essa chamada às vezes de convergência das redes. Como consequência da convergência, vive-se um momento em que várias operadoras de telecomunicações fixas e móveis começaram a oferecer alguns serviços básicos de banda larga e os fornecedores de equipamentos iniciaram o processo de homologação de tais serviços, sendo que basicamente o único serviço disponível pelas operadoras que utilizam as redes de banda larga móveis e fixa é o acesso à internet. Esta tese apresenta alternativas para integrar as redes fixas com as redes móveis das operadoras a fim de oferecer serviços de VPNs (Virtual Private Network) fixo - móveis para aplicações que exijam mobilidade, baixo custo, qualidade de serviço, conectividade e segurança com alta escalabilidade. Para oferecer a mobilidade, são apresentadas as principais soluções de acesso banda larga para a formação de MVPN (Mobile Virtual Private Network). Essas são analisadas e avaliadas a fim de mostrar suas deficiências para utilização em acessos das VPNs. A qualidade de serviço, conectividade, segurança e escalabilidade serão alcançadas com a implementação do protocolo MPLS (Multi-Protocol Label Switching) no núcleo da rede. A implementação do MPLS no núcleo da rede consolida o transporte para as diversas tecnologias de acesso sem fio e com fio, reduzindo os custos operacionais das operadoras e tornando a redes mais escaláveis e confiáveis, preparando, assim, a operadora para as redes de acesso de quarta geração (4G). A partir dos requisitos das aplicações que irão trafegar na VPN, são propostas novas contribuições para as VPNs fixo - móveis para que estas atendam a esses requisitos com alta escalabilidade, mobilidade, segurança, conectividade e qualidade de serviço para o usuário e a operadora. Para validar as novas contribuições propostas, foi implementado um ambiente de teste para avaliar a conectividade e isolamento das VPNs e a qualidade de serviço. Duas propostas para resolver o problema de escalabilidade das VPNs são apresentadas, uma baseada em lista de controle de acesso ACL (Access Control List) e outra baseada em firewall. Também é apresentada uma proposta de IPSec (IP Security Protocol) sobre MPLS para resolver o problema de erros de configuração quando cometidos pelas operadoras de telecom / Abstract: The following years will be dominated by next generation network technology for telecommunication providers, equipment suppliers and users who emphasize the integration of mobile wireless networks such as 3G and 4G with traditional fixed networks - an integration often dubbed as network convergence. As a consequence of convergence, it is possible to observe that various fixed and mobile telecommunication providers are beginning to offer basic broadband services and equipment suppliers have initiated corresponding homologation processes, in which the only service made available by providers that utilize mobile and fixed broadband networks is internet access. This thesis presents alternatives to integrate the fixed and mobile network of providers so as to offer MVPN (Mobile Virtual Private Network) and fixed services for application that require mobility, low cost, quality of service, connectivity and security with high scalability. The main solutions for broadband access for MVPN formation are presented to offer mobility. These solutions are analyzed and assessed in order to show their deficiencies for the utilization in VPN accessing. Quality of service, connectivity, security and scalability will be reached with the implementation of MPLS (Multi-Protocol Label Switching) in the core network. The implementation of MPLS in the core network consolidates transportation for several wireless and fixed access technologies, reducing the operational costs of providers, making networks more scalable and trustworthy, thereby preparing the provider for fourth generation (4G) access networks. Based on the requirements of the applications that will travel in the VPN, new contributions are proposed for fixed-mobile VPNs so that it meets these requirements with high scalability, mobility, security, connectivity and quality of service, both for the user and the provider. To validate the proposed contributions a test environment was implemented to evaluate the connectivity and isolation of the VPNs and the quality of service. Two proposals to solve the VPN scalability problems are presented, one based on ACL (Access Control List) and the other based on firewall. An IPSec (IP Security Protocol) on MPLS proposal is also presented in order to solve configuration errors made by telecommunication providers / Doutorado / Telecomunicações e Telemática / Doutor em Engenharia Elétrica Comunicação movel Redes de comunicação Sistemas de comunicação sem fio Mobile communication Communication networks Wireless communication systems Computer networks - Security measures
236	Mathematical security models for multi-agent distributed systems Ma, Chunyan 01 January 2004 (has links) This thesis presents the developed taxonomy of the security threats in agent-based distributed systems. Based on this taxonomy, a set of theories is developed to facilitate analyzng the security threats of the mobile-agent systems. We propose the idea of using the developed security risk graph to model the system's vulnerabilties. Computer security -- Mathematical models Computer networks -- Security measures Information Security
237	The design of an effective extreme controller mechanism scheme for software defined cognitive radio network Sibanda, Brian January 2021 (has links) Thesis( M. A. (Computer Science)) -- University of Limpopo , 2021 / In Software Defined Cognitive Radio Network (SDCRN), network security is a significant issue. This issue arises when Software Defined Network (SDN) architecture integrates with the Cognitive Radio Network (CRN) technology. SDN is designed to improve network resource management, while CRN technology is meant at improving spectrum management. These technologies are vulnerable to several malicious attacks. These attacks include Distributed Denial of Service (DDoS) and Primary User Emulation (PUE). Both the DDoS and PUE can be disrupt services in the SDCRN. To curb these attacks, schemes which hardens the security of SDCRN need to be designed. Thus, in this study we propose a security mechanism called Extreme_Controller_Mechanism (XCM) that reduce the effects of DDoS and PUE. The proposed XCM scheme was designed and evaluated in three simulation environment, the OMNeT++, Octave, and MATLAB simulators. The SDCRN data set was generated using the Neural Network back propagation algorithms. The data set was then used in Matlab to evaluate the effectiveness of the prosed XCM scheme. XCM proved to be effective and efficient at detection and prevention of DDoS and PUE attacks in SDCRN. In terms of memory and processor utilisation, XCM proved to the best when compared to other schemes such as the Advanced Support Vector Machine (ASVM) and deep learning convolution network (CDLN). But in terms of detection time, the ASVM was found to be the best performing scheme. Regarding our test for detection rate, false positive and false negative, the XCM, ASVM and CDLM performed the same. The results of the XCM were therefore the best and superior to the ASVM and CDLM. This can be attributed to the fact that the XCM scheme is optimised for DDoS and PUE attacks. We can therefore conclude that our XCM scheme is the best performing scheme compared to the ASVM and CDLN schemes. Software defined cognitive radio network Distributed denial of service Primary user emulation Computer networks -- Security measures
238	An analysis and a comparative study of cryptographic algorithms used on the internet of things (IoT) based on avalanche effect Muthavhine, Khumbelo Difference 07 1900 (has links) Ubiquitous computing is already weaving itself around us and it is connecting everything to the network of networks. This interconnection of objects to the internet is new computing paradigm called the Internet of Things (IoT) networks. Many capacity and non-capacity constrained devices, such as sensors are connecting to the Internet. These devices interact with each other through the network and provide a new experience to its users. In order to make full use of this ubiquitous paradigm, security on IoT is important. There are problems with privacy concerns regarding certain algorithms that are on IoT, particularly in the area that relates to their avalanche effect means that a small change in the plaintext or key should create a significant change in the ciphertext. The higher the significant change, the higher the security if that algorithm. If the avalanche effect of an algorithm is less than 50% then that algorithm is weak and can create security undesirability in any network. In this, case IoT. In this study, we propose to do the following: (1) Search and select existing block cryptographic algorithms (maximum of ten) used for authentication and encryption from different devices used on IoT. (2) Analyse the avalanche effect of select cryptographic algorithms and determine if they give efficient authentication on IoT. (3) Improve their avalanche effect by designing a mathematical model that improves their robustness against attacks. This is done through the usage of the initial vector XORed with plaintext and final vector XORed with cipher tect. (4) Test the new mathematical model for any enhancement on the avalanche effect of each algorithm as stated in the preceding sentences. (5) Propose future work on how to enhance security on IoT. Results show that when using the proposed method with variation of key, the avalanche effect significantly improved for seven out of ten algorithms. This means that we have managed to improve 70% of algorithms tested. Therefore indicating a substantial success rate for the proposed method as far as the avalanche effect is concerned. We propose that the seven algorithms be replaced by our improved versions in each of their implementation on IoT whenever the plaintext is varied. / Electrical and Mining Engineering / M. Tech. (Electrical Engineering) 005.8 Internet of things -- Security measures Data encryption (Computer science) Computer networks -- Security measures Computer algorithms
239	Particle swarm optimization applied to real-time asset allocation Reynolds, Joshua 05 1900 (has links) Particle Swam Optimization (PSO) is especially useful for rapid optimization of problems involving multiple objectives and constraints in dynamic environments. It regularly and substantially outperforms other algorithms in benchmark tests. This paper describes research leading to the application of PSO to the autonomous asset management problem in electronic warfare. The PSO speed provides fast optimization of frequency allocations for receivers and jammers in highly complex and dynamic environments. The key contribution is the simultaneous optimization of the frequency allocations, signal priority, signal strength, and the spatial locations of the assets. The fitness function takes into account the assets' locations in 2 dimensions, maximizing their spatial distribution while maintaining allocations based on signal priority and power. The fast speed of the optimization enables rapid responses to changing conditions in these complex signal environments, which can have real-time battlefield impact. Results optimizing receiver frequencies and locations in 2 dimensions have been successful. Current run-times are between 450ms (3 receivers, 30 transmitters) and 1100ms (7 receivers, 50 transmitters) on a single-threaded x86 based PC. Run-times can be substantially decreased by an order of magnitude when smaller swarm populations and smart swarm termination methods are used, however a trade off exists between run-time and repeatability of solutions. The results of the research on the PSO parameters and fitness function for this problem are demonstrated. Particle swarm optimization Asset allocation Mathematical optimization Particles (Nuclear physics) Swarm intelligence Electronic intelligence Electronics in military engineering Information warfare Military telecommunication Computer networks -- Security measures
240	Ontology Based Security Threat Assessment and Mitigation for Cloud Systems Kamongi, Patrick 12 1900 (has links) A malicious actor often relies on security vulnerabilities of IT systems to launch a cyber attack. Most cloud services are supported by an orchestration of large and complex systems which are prone to vulnerabilities, making threat assessment very challenging. In this research, I developed formal and practical ontology-based techniques that enable automated evaluation of a cloud system's security threats. I use an architecture for threat assessment of cloud systems that leverages a dynamically generated ontology knowledge base. I created an ontology model and represented the components of a cloud system. These ontologies are designed for a set of domains that covers some cloud's aspects and information technology products' cyber threat data. The inputs to our architecture are the configurations of cloud assets and components specification (which encompass the desired assessment procedures) and the outputs are actionable threat assessment results. The focus of this work is on ways of enumerating, assessing, and mitigating emerging cyber security threats. A research toolkit system has been developed to evaluate our architecture. We expect our techniques to be leveraged by any cloud provider or consumer in closing the gap of identifying and remediating known or impending security threats facing their cloud's assets. Ontology Cybersecurity Cloud Computing Vulnerability Ranking Threat Risk Prediction Assessment Mitigation Systems Computer networks -- Security measures. Computer security. Cloud computing -- Security measures. Ontologies (Information retrieval)

Search results