Global ETD Search

561	Legal and policy aspects to consider when providing information security in the corporate environment Dagada, Rabelani 11 1900 (has links) E-commerce is growing rapidly due to the massive usage of the Internet to conduct commercial transactions. This growth has presented both customers and merchants with many advantages. However, one of the challenges in E-commerce is information security. In order to mitigate e-crime, the South African government promulgated laws that contain information security legal aspects that should be integrated into the establishment of information security. Although several authors have written about legal and policy aspects regarding information security in the South African context, it has not yet been explained how these aspects are used in the provision of information security in the South African corporate environment. This is the premise upon which the study was undertaken. Forty-five South African organisations participated in this research. Data gathering methods included individual interviews, website analysis, and document analysis. The findings of this study indicate that most organisations in South Africa are not integrating legal aspects into their information security policies. One of the most important outcomes of this study is the proposed Concept Model of Legal Compliance in the Corporate Environment. This Concept Model embodies the contribution of this study and demonstrates how legal requirements can be incorporated into information security endeavours. The fact that the proposed Concept Model is technology-independent and that it can be implemented in a real corporate environment, regardless of the organisation’s governance and management structure, holds great promise for the future of information security in South Africa and abroad. Furthermore, this thesis has generated a topology for linking legislation to the provision of information security which can be used by any academic or practitioner who intends to implement information security measures in line with the provisions of the law. It is on the basis of this premise that practitioners can, to some extent, construe that the integration of legislation into information security policies can be done in other South African organisations that did not participate in this study. Although this study has yielded theoretical, methodological and practical contributions, there is, in reality, more research work to be done in this area. / School of Computing / D. Phil. (Information Systems) 343.9944068 Intellectual property -- South Africa
562	Società digitale e libertà religiosa / Digital Society and Religious Freedom RESTA, VALENTINA 13 March 2008 (has links) Gli sviluppi tecnologici vissuti nell'ultimo quarto di secolo hanno determinato forti mutamenti non solo nella materialità dell'esistere, ma anche nella dimensione spirituale della persona. L'avvento della cittadinanza digitale ha obbligato ad un ripensamento del catalogo dei diritti e delle forme di esercizio degli stessi. La libertà religiosa, tanto nella sua dimensione individuale quanto in quella associata non solo ha subito l'influenza di tali cambiamenti, ma si è dimostrata in molti casi settore privilegiato per verificare la validità delle nuove forme di governo derivanti dallo sviluppo sempre più massiccio delle tecnologie informatiche. A partire, dunque, da un ripensamento dei rapporti tra diritto e religione sono stati individuati alcuni settori specifici di analisi al cui interno saggiare le nuove forme di governo elettronico, per comprendere le nuove declinazioni del diritto di libertà religiosa nella società digitale. Tali settori sono: la presenza delle confessioni nel sistema della stampa nazionale; il nuovo mondo di Internet e le problematiche connesse alla tutela dei marchi e del sentimento religioso; la presenza delle confessioni religiose nel sistema radio televisivo; la tutela dei dati sensibili religiosi nel nuovo Codice sulla privacy. / Last 25 years, technological developments have determined very important changes both on the material side and on the spiritual one of the people. The introduction of digital citizenship has obliged to rethink the bunch of rights and the way to apply them. The religious freedom, both individually and in association, has suffered the effects of these changes, but moreover has been a preferred sector where testing new governance rules needed to manage the innovations due to constantly increasing presence of information technologies in day by day life. Therefore, starting from a deep rethinking of the relationships between law and religion, some sectors of analysis, where testing new electronic governance rules, has been identified, in order to understand new evolutions of religious freedom rights in the digital society. These sectors are: presence of religious denominations in the national press; Internet world and issues related both to the trademark management and to religious sentiments; presence of religious denominations in radio-TV system; protection of religious sensitive personal data in agreement with the new privacy Code.
563	The human element in information security : an analysis of social engineering attacks in the greater Tshwane area of Gauteng, South Africa Van Rensburg, Kim Shandre Jansen 06 1900 (has links) Criminology and Security Science / D. Litt. et Phil. (Criminology) Criminological theories Hacking Impersonation Information security Personal information Phishing Privacy Risk Social engineering Social networks Threat Vulnerability Multi-inter-transdisciplinary (MIT) 005.80968227
564	The right to privacy and identity on social network sites : a comparative legal perspective Skosana, Milton Themba 12 April 2018 (has links) This study focuses on the use of Social Network Sites (SNSs) and certain personality rights (specifically the right to privacy and the right to identity) that may be infringed by this use. The study also discusses data protection law as the protection of the rights to privacy and identity are interlinked with data protection in that data protection assumes importance when there is processing of personal information on SNSs. The study seeks to determine whether South African law provides adequate protection for the interests that form the object of these personality rights, and highlights certain shortcomings, particularly in the context of SNSs. It also suggests solutions where there are shortcomings by learning from other jurisdictions. Related issues investigated are: who should be held responsible for the user-generated content uploaded on SNSs; the role of the Internet Service Provider (ISP); and how to deal with anonymous defendants. / Private Law / LL. M. Anonymous user Discovery Data law Protection of personal information Social network sites Social media Right to privacy Right to identity Internet service provider liability 342.858068 Privacy, Right of -- South Africa Liability (Law) -- South Africa
565	Awareness and training: the influence on end-user' attitude towards information security policy compliance Snyman, Mmabatho Charity 02 1900 (has links) Research accentuates that end-users‘ noncompliance with information security policy (ISP) is a key concern for government just as it is for the private sector. Although awareness and training programmes are important factors impacting employees‘ intentions to comply with an organisation‘s ISP, it can be argued that there is insufficient empirical evidence to support this assertion. To address this gap, this study seeks to expand research on ISP compliance by focusing on attitudes as targets of change. A research model based on the Theory of Planned Behaviour was proposed to illustrate the influence of ISP awareness training on end-users‘ attitudes towards complying with their organisation‘s ISP. Relevant hypotheses were developed to test the research conceptualisation. A survey and an experiment was undertaken to collect the data from a sample of 173 end-users of a single government organisation in one province. The data was captured and analysed using a Statistical Package for Social Sciences (SPSS). Furthermore, Structural Equation Modelling (SEM) was used to test whether the overall model appears to be a good fit to support the hypotheses. The reliability, validity, and model fit were found to be statistically significant, and three out of five research hypotheses were supported. Overall this study contributes to the existing body of knowledge by providing an understanding of the methods that can be used to encourage end-users‘ ISP compliance behaviour through an attitudinal shift, thereby targeting end-users‘ attitude as a means to improve information security policy compliance. Implications of the findings are further discussed in the paper. / Information Technology / M. Tech. (Information Technology) Attitudes Information security Information security policy Awareness training Intentions to comply Information security compliance Self-efficacy 005.8 Computer security -- Government policy Data protection -- Government policy Computer networks -- Security measures Compliance auditing Information technology -- Management
566	Strafregtelike beskerming van inligting Nienaber, Catharina Wilhelmina 11 1900 (has links) In hierdie proefskrif is die belangrike rol wat inligting tans en toenemend in die samelewing speel ondersoek, om te beklemtoon hoe noodsaaklik dit tans is om `n misdryf wat die wederregtelike en opsetlike verkryging van inligting strafbaar sal reël, te verorden. Die rol wat industriële spioenasie in die verband speel word uitgelig. As gevolg van die bepaalde onliggaamlike aard van inligting kan inligting nie soos liggaamlike eiendom `n persoon ontneem word nie. Inligting word gewoonlik bloot gekopieer en die oorspronklike houer van die inligting behou die inligting hoewel die dader ook die inligting verkry. Die gemeenregtelike misdaad van diefstal maak dus nie voorsiening vir die diefstal van inligting waar die inligting bloot gekopieer of gedupliseer is nie. Om te bepaal hoe hierdie bepaalde probleem in ander lande se regstelsels aangespreek word en om kennis op te doen oor hoe dit in die Suid-Afrikaanse reg aangespreek behoort te word, is die strafregtelike bepalings en selfs nie-strafregtelike bepalings in lande soos Engeland, Amerika, Kanada en Nederland ondersoek. Ten einde vas te stel welke inligting deur die strafreg beskerm behoort te word, is selfs sekere nie-strafregtelike bepalings van vermelde lande en van die Suid-Afrikaanse reg nagegaan. Insigte is verkry oor welke elemente sodanige inligting aan moet voldoen en `n definisie van beskermwaardige inligting word aanbeveel. Vir hierdie doel is `n nuwe begrip van beskermwaardige inligting geskep. Die redes waarom diefstal van inligting nie in Suid-Afrikaanse en die ander lande se regstelsels nie erken word nie, is bespreek. Die wyse waarop die gemeenregtelike misdaad van diefstal na die diefstal van onliggaamlike geld uitgebrei is, is ondersoek waarna `n aanbeveling gemaak word oor hoe die definisie van diefstal uitgebrei kan word om ook ander onliggaamlike objekte in te sluit. As gevolg van die bepaalde aard van inligting kan die gemeenregtelike definisie van diefstal nie uitgebrei word om inligting as `n objek in te sluit nie en word `n statutêre misdryf van diefstal van inligting voorgestel. / Jurisprudence / LL. D. Inligting Handelsgeheime Onliggaamlike sake Onliggaamlike eiendom Spioenasie Vertroulikheid Diefstal Gemeenregtelike misdaad Kriminalisering Geld Data Beskermwaardige inligting Ekonomiese waarde Kommunikasies Intellektuele eiendom Business intelligence -- South Africa Computer crimes -- South Africa Commercial crimes -- South Africa Information warfare -- South Africa
567	How should the protection of privacy, threatened by new technologies like radio frequency identification (RFID), be seen from a Judeo-Christian perspective? Schmidt, Erwin Walter 11 1900 (has links) Radio Frequency Identification (RFID) is a new technology which allows people to identify objects automatically but there is a suspicion that, if people are tracked, their privacy may be infringed. This raises questions about how far this technology is acceptable and how privacy should be protected. It is also initiated a discussion involving a wide range of technical, philosophical, political, social, cultural, and economical aspects. There is also a need to consider the ethical and theological perspectives. This dissertation takes all its relevant directions from a Judeo-Christian theological perspective. On one side the use of technology is considered, and on the other side the value of privacy, its infringements and protection are investigated. According to Jewish and Christian understanding human dignity has to be respected including the right to privacy. As a consequence of this RFID may only used for applications that do not infringe this right. This conclusion, however, is not limited to RFID; it will be relevant for other, future surveillance technologies as well. / Philosophy and Systematic Theology / M. Th. (Theological ethics) Radio frequency identification Privacy Human rights Right to privacy Technology Information and communication technology Privacy enhancing technology Internet of things Data protection Privacy impact assessment 201.66 Technology -- Religious aspects Technology -- Moral and ethical aspects Human rights Privacy, Right of
568	A framework to manage sensitive information during its migration between software platforms Ajigini, Olusegun Ademolu 06 1900 (has links) Software migrations are mostly performed by organisations using migration teams. Such migration teams need to be aware of how sensitive information ought to be handled and protected during the implementation of the migration projects. There is a need to ensure that sensitive information is identified, classified and protected during the migration process. This thesis suggests how sensitive information in organisations can be handled and protected during migrations by using the migration from proprietary software to open source software to develop a management framework that can be used to manage such a migration process.A rudimentary management framework on information sensitivity during software migrations and a model on the security challenges during open source migrations are utilised to propose a preliminary management framework using a sequential explanatory mixed methods case study. The preliminary management framework resulting from the quantitative data analysis is enhanced and validated to conceptualise the final management framework on information sensitivity during software migrations at the end of the qualitative data analysis. The final management framework is validated and found to be significant, valid and reliable by using statistical techniques like Exploratory Factor Analysis, reliability analysis and multivariate analysis as well as a qualitative coding process. / Information Science / D. Litt. et Phil. (Information Systems) Closed Source Software Information classification Information protection Information security Information sensitivity Information sensitivity IP Protection IS Migration IS theory development IT control frameworks 005.8 Information technology -- Management Computer programs -- Software Information science -- Software Computer programs -- Security measures Data protection
569	Construction of Secure and Efficient Private Set Intersection Protocol Kumar, Vikas January 2013 (has links) (PDF) Private set intersection(PSI) is a two party protocol where both parties possess a private set and at the end of the protocol, one party (client) learns the intersection while other party (server) learns nothing. Motivated by some interesting practical applications, several provably secure and efficient PSI protocols have appeared in the literature in recent past. Some of the proposed solutions are secure in the honest-but-curious (HbC) model while the others are secure in the (stronger) malicious model. Security in the latter is traditionally achieved by following the classical approach of attaching a zero knowledge proof of knowledge (ZKPoK) (and/or using the so-called cut-and-choose technique). These approaches prevent the parties from deviating from normal protocol execution, albeit with significant computational overhead and increased complexity in the security argument, which includes incase of ZKPoK, knowledge extraction through rewinding. We critically investigate a subset of the existing protocols. Our study reveals some interesting points about the so-called provable security guarantee of some of the proposed solutions. Surprisingly, we point out some gaps in the security argument of several protocols. We also discuss an attack on a protocol when executed multiple times between the same client and server. The attack, in fact, indicates some limitation in the existing security definition of PSI. On the positive side, we show how to correct the security argument for the above mentioned protocols and show that in the HbC model the security can be based on some standard computational assumption like RSA and Gap Diﬃe-Hellman problem. For a protocol, we give improved version of that protocol and prove security in the HbC model under standard computational assumption. For the malicious model, we construct two PSI protocols using deterministic blind signatures i.e., Boldyreva’s blind signature and Chaum’s blind signature, which do not involve ZKPoK or cut-and-choose technique. Chaum’s blind signature gives a new protocol in the RSA setting and Boldyreva’s blind signature gives protocol in gap Diﬃe-Hellman setting which is quite similar to an existing protocol but it is efficient and does not involve ZKPoK. Data Protection Private Set Intersection (PSI) Simulation-based Proofs Malicious Model Secure Two-Party Computation Cryptographic Protocols Honest-But-Curious Model Data Security Models HbC Model Gap Diffie-Hellman Setting Computer Science
570	Řízení provozu IT v modelu MBI se zaměřením na prostředí středních škol / IT Management in MBI Focused on Secondary Schools Černohorský, Jan January 2014 (has links) The aim of my thesis is to elucitade MBI model to primary and secondary educational system, it means to schools and their elected IT processes from practical point of view. The reference model of Management Business Information is developed at the Department of Information at the Faculty of Information and Statistics at the School of Economics in Prague. The theoretical part of my thesis deals with elucitading of the reference MBI model to a reader. It briefly summarizes IT processes at educational system and refers to sources used while defining new MBI objects. This chapter also defines elected IT processes at educational system for which there are made MBI objects in a practical part of my thesis. In practical part of my thesis there are made proposals of defined objects including samples of documentation patterns. These objects are presented in charts that correspond with a format of MBI objects. In the last part of my thesis there is an example of applying the defined objects in practice while solving the process of installation the safety (camera) system with recording -- personal data processing. The proposals of defined objects are also published on MBI portal.

Search results