NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 172
  • 19
  • 18
  • 11
  • 8
  • 2
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • Tagged with
  • 285
  • 285
  • 285
  • 279
  • 82
  • 72
  • 59
  • 52
  • 42
  • 40
  • 40
  • 40
  • 38
  • 35
  • 33
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 41 to 50 of 285 (0.053 seconds)

Spelling suggestions: "subject:"eomputer networks asecurity"" "subject:"eomputer networks 2security""

41

An evaluation of security issues in cloud-based file sharing technologies

Fana, Akhona January 2015 (has links)
Cloud computing is one of the most promising technologies for backup and data storage that provides flexible access to data. Cloud computing plays a vital role in remote backup. It is so unfortunate that this computing technique has flaws that thrilled and edgy end users in implementing it effectively. These flaws include factors like lack of integrity, confidentiality and privacy to information. A secure cloud is impossible unless the computer-generated environment is appropriately secured. In any form of technology it is always advisable that security challenges must be prior identified and fixed before the implementation of that particular technology. Primarily, this study will focus on finding security issues in cloud computing with the objective of finding concerns like credential theft and session management in the ―Cloud‖. Main arguments like HTTP banner disclosure, Bash ―ShellShock‖ Injection and password issues were discovered during the stages of study implementation. These challenges may provide information that will permit hackers in manipulating and exploiting cloud environment. Identifying credential theft and session management in cloud-based file sharing technologies a mixed method approach was implemented throughout the course of the study due to the nature of study and unity of analysis. Penetration tests were performed as security testing technique. Prevention and guideline of security threats leads to a friendly and authentic world of technology.
Cloud computing -- Security measures
Computer networks -- Security measures
Computer security
42

The conflict of interest between data sharing and data privacy : a middleware approach

Molema, Karabo Omphile January 2016 (has links)
Thesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2016. / People who are referred to as data owners in this study, use the Internet for various purposes and one of those is using online services like Gmail, Facebook, Twitter and so on. These online services are offered by organizations which are referred to as data controllers. When data owners use these service provided by data controllers they usually have to agree to the terms and conditions which gives data controllers indemnity against any privacy issues that may be raised by the data owner. Data controllers are then free to share that data with any other organizations, referred to as third parties. Though data controllers are protected from lawsuits it does not necessarily mean they are free of any act that may be considered a privacy violation by the data owner. This thesis aims to arrive at a design proposition using the design science research paradigm for a middleware extension, specifically focused on the Tomcat server which is a servlet engine running on the JVM. The design proposition proposes a client side annotation based API to be used by developers to specify classes which will carry data outside the scope of the data controller's system to a third party system, the specified classes will then have code weaved in that will communicate with a Privacy Engine component that will determine based on data owner's preferences if their data should be shared or not. The output of this study is a privacy enhancing platform that comprises of three components the client side annotation based API used by developers, an extension to Tomcat and finally a Privacy Engine.
Computer security
Data protection
Computer networks -- Security measures
Privacy, Right of
43

A cyber security awareness and education framework for South Africa

Kortjan, Noloxolo January 2013 (has links)
The Internet is becoming increasingly interwoven in the daily life of many individuals, organisations and nations. It has, to a large extent, had a positive effect on the way people communicate. It has also introduced new avenues for business and has offered nations an opportunity to govern online. Nevertheless, although cyberspace offers an endless list of services and opportunities, it is also accompanied by many risks. One of these risks is cybercrime. The Internet has given criminals a platform on which to grow and proliferate. As a result of the abstract nature of the Internet, it is easy for these criminals to go unpunished. Moreover, many who use the Internet are not aware of such threats; therefore they may themselves be at risk, together with businesses and governmental assets and infrastructure. In view of this, there is a need for cyber security awareness and education initiatives that will promote users who are well versed in the risks associated with the Internet. In this context, it is the role of the government to empower all levels of society by providing the necessary knowledge and expertise to act securely online. However, there is currently a definite lack in South Africa (SA) in this regard, as there are currently no government-led cyber security awareness and education initiatives. The primary research objective of this study, therefore, is to propose a cyber security awareness and education framework for SA that will assist in creating a cyber secure culture in SA among all of its users of the Internet.
Computer networks -- Security measures
Computer crimes -- Prevention
Computer security
44

Network Security Issues, Tools for Testing Security in Computer Network and Development Solution for Improving Security in Computer Network

Skaria, Sherin, Reza Fazely Hamedani, Amir January 2010 (has links)
No description available.
Computer networks Security
testing tools and solutions
Computer Engineering
Datorteknik
45

The management of networks with specific reference to security management

Kersten, Karin 15 August 2012 (has links)
M.Comm. / This dissertation is devoted to an investigation into the network-management environment, with special emphasis on the security aspects and the provision of a reference framework when choosing a network-management product. The dissertation is aimed at those responsible for network-management and the selection of the various network-management products by providing a framework for evaluating network management products. The first four chapters provide the background to the reference framework. The following two chapters are devoted to those aspects to be taken into consideration when evaluating a network-management product. The consolidation and the case study in chapters seven and eight provide an abridged version of the framework and illustrate how the framework could be applied to a network-management product. Chapter one provides the background to the reference framework regarding networks and network-management. The concept of network-management is introduced, as well as the three forms of architectures that could be implemented, namely centralised, hierarchical and distributed architectures. A number of network-management functions have to be taken into consideration when evaluating a network-management package, namely configuration, asset, fault, performance, accounting and security management. These functions are also covered in chapter six. Chapter two provides the background to the security aspect of the reference framework. The three main topics covered in this respect are the definition of network-security, computer crime and specific elements of network-security. This chapter also provides a springboard for the evaluation of the network-management environment, as well as an idea of what issues and measures should be addressed and taken in order to prevent, or at least minimise, the effects of network-security breaches. Chapter three covers issues relating to network-security responsibilities, with special reference to the management side of network-management, including those issues that management should take into consideration when evaluating the network-management environment. Two methods that could be implemented include network-management policies and strategies. Network-security policies and strategies encompass those issues necessary for effective security within an organisation. This chapter, however, covers the more theoretical or higher-level goals or objectives of network-management. Chapter four relates to more of the day-to-day management issues of the network-security and the network-security management services and functions that should be considered. These include issues such as network-security services, managing network access, monitoring and controlling the network security system and the maintenance and modification of the said system. Network-management product considerations are discussed in chapter five, which chapter can be viewed as the business and practical side of the reference framework. The topics discussed here are more closely related to the business considerations when evaluating a networkmanagement package and the practical issues of network-management. Topics discussed in this chapter include security and network-management products, practical approaches to choosing network-management products, critical success factors of network-management and analysis of the cost component. In contrast to these issues, the reference framework expounded in chapter six concentrates on the technical and network-management functions. Chapter six constitutes the culmination of the present dissertation in the form of a reference framework, which is for the greater part formulated along the lines of the criteria given. This reference framework is aimed at those experts enlisted to evaluate and select networkmanagement products, specifically as far as their security-management features are concerned. The areas covered include the user framework, the product framework, networkfault management, network-performance management, network-accounting management, network configuration and change management, network-security management and conformance testing. The topics discussed are, however, by no means exclusive and there are a number of other issues that have not been addressed in this dissertation, but which, depending on the network environment, would have to be taken into consideration. Chapter seven is a consolidation of the reference framework given in chapter six, as well as of some of the main points and criteria that could be considered when performing a quick evaluation of a product. This chapter does not, however, make any pretence to being exhaustive, but merely serves to highlight a few crucial criteria. Chapter eight is devoted to a case study in terms of which the reference framework is applied to a network-management product. In conclusion, a summary of the dissertation is given in chapter nine.
Computer networks - Management
Computer networks - Security measures
Computer crimes
46

Governing information security within the context of "bring your own device" in small, medium and micro enterprises

Fani, Noluvuyo January 2017 (has links)
Throughout history, information has been core to the communication, processing and storage of most tasks in the organisation, in this case in Small-Medium and Micro Enterprises (SMMEs). The implementation of these tasks relies on Information and Communication Technology (ICT). ICT is constantly evolving, and with each developed ICT, it becomes important that organisations adapt to the changing environment. Organisations need to adapt to the changing environment by incorporating innovative ICT that allows employees to perform their tasks with ease anywhere and anytime, whilst reducing the costs affiliated with the ICT. In this modern, performing tasks with ease anywhere and anytime requires that the employee is mobile whilst using the ICT. As a result, a relatively new phenomenon called “Bring Your Own Device” (BYOD) is currently infiltrating most organisations, where personally-owned mobile devices are used to access organisational information that will be used to conduct the various tasks of the organisation. The use of BYOD in organisations breeds the previously mentioned benefits such as performing organisational tasks anywhere and anytime. However, with the benefits highlighted for BYOD, organisations should be aware that there are risks to the implementation of BYOD. Therefore, the implementation of BYOD deems that organisations should implement BYOD with proper management thereof.
Data protection
Computer security -- Management
Computer networks -- Security measures
47

Educating users about information security by means of game play

Monk, Thomas Philippus January 2011 (has links)
Information is necessary for any business to function. However, if one does not manage one’s information assets properly then one’s business is likely to be at risk. By implementing Information Security controls, procedures, and/or safeguards one can secure information assets against risks. The risks of an organisation can be mitigated if employees implement safety measures. However, employees are often unable to work securely due to a lack of knowledge. This dissertation evaluates the premise that a computer game could be used to educate employees about Information Security. A game was developed with the aim of educating employees in this regard. If people were motivated to play the game, without external motivation from an organisation, then people would also, indirectly, be motivated to learn about Information Security. Therefore, a secondary aim of this game was to be self-motivating. An experiment was conducted in order to test whether or not these aims were met. The experiment was conducted on a play test group and a control group. The play test group played the game before completing a questionnaire that tested the information security knowledge of participants, while the control group simply completed the questionnaire. The two groups’ answers were compared in order to obtain results. This dissertation discusses the research design of the experiment and also provides an analysis of the results. The game design will be discussed which provides guidelines for future game designers to follow. The experiment indicated that the game is motivational, but perhaps not educational enough. However, the results suggest that a computer game can still be used to teach users about Information Security. Factors that involved consequence and repetition contributed towards the educational value of the game, whilst competitiveness and rewards contributed to the motivational aspect of the game.
Computer security
Educational games -- Design
Computer networks -- Security measures
48

Corporate information risk : an information security governance framework

Posthumus, Shaun Murray January 2006 (has links)
Information Security is currently viewed from a technical point of view only. Some authors believe that Information Security is a process that involves more than merely Risk Management at the department level, as it is also a strategic and potentially legal issue. Hence, there is a need to elevate the importance of Information Security to a governance level through Information Security Governance and propose a framework to help guide the Board of Directors in their Information Security Governance efforts. IT is a major facilitator of organizational business processes and these processes manipulate and transmit sensitive customer and financial information. IT, which involves major risks, may threaten the security if corporate information assets. Therefore, IT requires attention at board level to ensure that technology-related information risks are within an organization’s accepted risk appetite. However, IT issues are a neglected topic at board level and this could bring about enronesque disasters. Therefore, there is a need for the Board of Directors to direct and control IT-related risks effectively to reduce the potential for Information Security breaches and bring about a stronger system of internal control. The IT Oversight Committee is a proven means of achieving this, and this study further motivates the necessity for such a committee to solidify an organization’s Information Security posture among other IT-related issues.
Computer security
49

A model for information security management and regulatory compliance in the South African health sector

Tuyikeze, Tite January 2005 (has links)
Information Security is becoming a part of the core business processes in every organization. Companies are faced with contradictory requirements to ensure open systems and accessible information while maintaining high protection standards. In addition, the contemporary management of Information Security requires a variety of approaches in different areas, ranging from technological to organizational issues and legislation. These approaches are often isolated while Security Management requires an integrated approach. Information Technology promises many benefits to healthcare organizations. It helps to make accurate information more readily available to healthcare providers and workers, researchers and patients and advanced computing and communication technology can improve the quality and lower the costs of healthcare. However, the prospect of storing health information in an electronic form raises concerns about patient privacy and security. Healthcare organizations are required to establish formal Information Security program, for example through the adoption of the ISO 17799 standard, to ensure an appropriate and consistent level of information security for computer-based patient records, both within individual healthcare organizations and throughout the entire healthcare delivery system. However, proper Information Security Management practices, alone, do not necessarily ensure regulatory compliance. South African healthcare organizations must comply with the South African National Health Act (SANHA) and the Electronic Communication Transaction Act (ECTA). It is necessary to consider compliance with the Health Insurance Portability and Accountability Act (HIPAA) to meet healthcare international industry standards. The main purpose of this project is to propose a compliance strategy, which ensures full compliance with regulatory requirements and at the same time assures customers that international industry standards are being used. This is preceded by a comparative analysis of the requirements posed by the ISO 17799 standard and the HIPAA, SANHA and ECTA regulations.
Computer networks -- Security measures
Public health -- South Africa
50

Governing information security using organisational information security profiles

Tyukala, Mkhululi January 2007 (has links)
The corporate scandals of the last few years have changed the face of information security and its governance. Information security has been elevated to the board of director level due to legislation and corporate governance regulations resulting from the scandals. Now boards of directors have corporate responsibility to ensure that the information assets of an organisation are secure. They are forced to embrace information security and make it part of business strategies. The new support from the board of directors gives information security weight and the voice from the top as well as the financial muscle that other business activities experience. However, as an area that is made up of specialist activities, information security may not easily be comprehended at board level like other business related activities. Yet the board of directors needs to provide oversight of information security. That is, put an information security programme in place to ensure that information is adequately protected. This raises a number of challenges. One of the challenges is how can information security be understood and well informed decisions about it be made at the board level? This dissertation provides a mechanism to present information at board level on how information security is implemented according to the vision of the board of directors. This mechanism is built upon well accepted and documented concepts of information security. The mechanism (termed An Organisational Information Security Profile or OISP) will assist organisations with the initialisation, monitoring, measuring, reporting and reviewing of information security programmes. Ultimately, the OISP will make it possible to know if the information security endeavours of the organisation are effective or not. If the information security programme is found to be ineffective, The OISP will facilitate the pointing out of areas that are ineffective and what caused the ineffectiveness. This dissertation also presents how the effectiveness or ineffctiveness of information security can be presented at board level using well known visualisation methods. Finally the contribution, limits and areas that need more investigation are provided.
Data protection
Computer security -- Management
Computer networks -- Security measures

Page generated in 0.0645 seconds