WebSAT: Web-based systems administration tool

Jeong, Juyong

01 January 2005

Discusses the development of WebSAT (Web-based systems administration tool), a computer network tool that allows systems administrators to create and delete accounts, disable and enable existing accounts, manage disk space conveniently, monitor the status of all network printers, and monitor network security. The WebSAT application was implemented using PHP, a server-side embedded scripting language, with a MySQL database.

Digital Communications and Networking

Towards a model for ensuring optimal interoperability between the security systems of trading partners in a business-to-business e-commerce context

Pather, Maree

25 August 2009

A vast range of controls/countermeasures exists for implementing security on information systems connected to the Internet. For the practitioner attempting to implement an integrated solution between trading partners operating across the Internet, this has serious implications in respect of interoperability between the security systems of the trading partners. The problem is exacerbated by the range of specification options within each control. This research is an attempt to find a set of relevant controls and specifications towards a framework for ensuring optimal interoperability between trading partners in this context. Since a policy-based, layered approach is advocated, which allows each trading partner to address localized risks independently, no exhaustive risk analysis is attempted. The focus is on infrastructure that is simultaneously optimally secure and provides optimal interoperability. It should also be scalable, allowing for additional security controls to be added whenever deemed necessary. / Computing / M. Sc. (Information Systems)

Security

Business-to-business e-commerce (B2B)

Extranet

Interoperability

Trading partner

005.71

Computer networks -- Security measures

Electronic commerce -- Security measures

Electronic data interchange

Towards a model for ensuring optimal interoperability between the security systems of trading partners in a business-to-business e-commerce context

Pather, Maree

25 August 2009

A vast range of controls/countermeasures exists for implementing security on information systems connected to the Internet. For the practitioner attempting to implement an integrated solution between trading partners operating across the Internet, this has serious implications in respect of interoperability between the security systems of the trading partners. The problem is exacerbated by the range of specification options within each control. This research is an attempt to find a set of relevant controls and specifications towards a framework for ensuring optimal interoperability between trading partners in this context. Since a policy-based, layered approach is advocated, which allows each trading partner to address localized risks independently, no exhaustive risk analysis is attempted. The focus is on infrastructure that is simultaneously optimally secure and provides optimal interoperability. It should also be scalable, allowing for additional security controls to be added whenever deemed necessary. / Computing / M. Sc. (Information Systems)

Security

Business-to-business e-commerce (B2B)

Extranet

Interoperability

Trading partner

005.71

Computer networks -- Security measures

Electronic commerce -- Security measures

Electronic data interchange

Web-based wireless sensor network monitoring using smartphones

Unknown Date

This thesis consists of the development of a web based wireless sensor network (WSN) monitoring system using smartphones. Typical WSNs consist of networks of wireless sensor nodes dispersed over predetermined areas to acquire, process, and transmit data from these locations. Often it is the case that the WSNs are located in areas too hazardous or inaccessible to humans. We focused on the need for access to this sensed data remotely and present our reference architecture to solve this problem. We developed this architecture for web-based wireless sensor network monitoring and have implemented a prototype that uses Crossbow Mica sensors and Android smartphones for bridging the wireless sensor network with the web services for data storage and retrieval. Our application has the ability to retrieve sensed data directly from a wireless senor network composed of Mica sensors and from a smartphones onboard sensors. The data is displayed on the phone's screen, and then, via Internet connection, they are forwarded to a remote database for manipulation and storage. The attributes sensed and stored by our application are temperature, light, acceleration, GPS position, and geographical direction. Authorized personnel are able to retrieve and observe this data both textually and graphically from any browser with Internet connectivity or through a native Android application. Web-based wireless sensor network architectures using smartphones provides a scalable and expandable solution with applicability in many areas, such as healthcare, environmental monitoring, infrastructure health monitoring, border security, and others. / by Anthony M. Marcus. / Thesis (M.S.C.S.)--Florida Atlantic University, 2011. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2011. Mode of access: World Wide Web.

Smartphones

Computer networks--Security measures

Data-centric security : towards a utopian model for protecting corporate data on mobile devices

Mayisela, Simphiwe Hector

January 2014

Data-centric security is significant in understanding, assessing and mitigating the various risks and impacts of sharing information outside corporate boundaries. Information generally leaves corporate boundaries through mobile devices. Mobile devices continue to evolve as multi-functional tools for everyday life, surpassing their initial intended use. This added capability and increasingly extensive use of mobile devices does not come without a degree of risk - hence the need to guard and protect information as it exists beyond the corporate boundaries and throughout its lifecycle. Literature on existing models crafted to protect data, rather than infrastructure in which the data resides, is reviewed. Technologies that organisations have implemented to adopt the data-centric model are studied. A utopian model that takes into account the shortcomings of existing technologies and deficiencies of common theories is proposed. Two sets of qualitative studies are reported; the first is a preliminary online survey to assess the ubiquity of mobile devices and extent of technology adoption towards implementation of data-centric model; and the second comprises of a focus survey and expert interviews pertaining on technologies that organisations have implemented to adopt the data-centric model. The latter study revealed insufficient data at the time of writing for the results to be statistically significant; however; indicative trends supported the assertions documented in the literature review. The question that this research answers is whether or not current technology implementations designed to mitigate risks from mobile devices, actually address business requirements. This research question, answered through these two sets qualitative studies, discovered inconsistencies between the technology implementations and business requirements. The thesis concludes by proposing a realistic model, based on the outcome of the qualitative study, which bridges the gap between the technology implementations and business requirements. Future work which could perhaps be conducted in light of the findings and the comments from this research is also considered.

Computer security

Computer networks -- Security measures

Mobile computing -- Security measures

An investigation into the state-of-practice of information security within Zambian copper mines: a case study

Lukweza, Chishala

January 2011

Zambian copper mines have embraced the use of information technologies for strategic operations and competitive advantage. This dependence on these technologies has not only been seen in the physical aspects of business operations but also in the use of information systems such as Enterprise Resource Planning Systems (ERPs) for strategic decision making and increased usage of Industrial Control Systems (ICS’) that are meant to enhance operational efficiency in production areas. A survey was conducted to explore leadership perceptions on information security practices in Zambian copper mines and an ISO/IEC 27002 Audit Tool was administered to middle management in a particular mine for an in-depth analysis of their information security practices. Results revealed that although information security controls may have been put in place in these organisations, there are still areas that require attention. Senior management and middle management have different perceptions as to the extent to which information security practices are conducted in these copper mines. This implies that management may not be fully involved in certain aspects of these organisations’ information security practices. The results concluded that management needs to be fully involved and provide support for information security programs. Furthermore, these information security programs should be standardised so as to effectively protect these organisations’ information assets. This should also include the involvement of personnel as key players in the information security process.

Information technology -- Zambia

Scalable framework for turn-key honeynet deployment

Brzeczko, Albert Walter

22 May 2014

Enterprise networks present very high value targets in the eyes of malicious actors who seek to exfiltrate sensitive proprietary data, disrupt the operations of a particular organization, or leverage considerable computational and network resources to further their own illicit goals. For this reason, enterprise networks typically attract the most determined of attackers. These attackers are prone to using the most novel and difficult-to-detect approaches so that they may have a high probability of success and continue operating undetected. Many existing network security approaches that fall under the category of intrusion detection systems (IDS) and intrusion prevention systems (IPS) are able to detect classes of attacks that are well-known. While these approaches are effective for filtering out routine attacks in automated fashion, they are ill-suited for detecting the types of novel tactics and zero-day exploits that are increasingly used against the enterprise. In this thesis, a solution is presented that augments existing security measures to provide enhanced coverage of novel attacks in conjunction with what is already provided by traditional IDS and IPS. The approach enables honeypots, a class of tech- nique that observes novel attacks by luring an attacker to perform malicious activity on a system having no production value, to be deployed in a turn-key fashion and at large scale on enterprise networks. In spite of the honeypot’s efficacy against tar- geted attacks, organizations can seldom afford to devote capital and IT manpower to integrating them into their security posture. Furthermore, misconfigured honeypots can actually weaken an organization’s security posture by giving the attacker a stag- ing ground on which to perform further attacks. A turn-key approach is needed for organizations to use honeypots to trap, observe, and mitigate novel targeted attacks.

Honeynet

Cloud computing

Information security

Computer networks Security measures

Multi-core design and resource allocation: from big core to ultra-tiny core

Kwok, Tai-on, Tyrone., 郭泰安.

January 2008

published_or_final_version / Electrical and Electronic Engineering / Doctoral / Doctor of Philosophy

Computer networks - Security measures

Systems on a chip.

Computer architecture.

Providing security services for mobile ad hoc networks

Dong, Ying, 董穎

January 2007

published_or_final_version / abstract / Electrical and Electronic Engineering / Doctoral / Doctor of Philosophy

Computer networks - Security measures.

A SYSTEM ANALYSIS OF A MULTILEVEL SECURE LOCAL AREA NETWORK (COMPUTER).

Benbrook, Jimmie Glen, 1943-

January 1986

No description available.

Computer network protocols.