NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 34
  • 3
  • 2
  • 1
  • 1
  • 1
  • Tagged with
  • 49
  • 49
  • 49
  • 49
  • 33
  • 22
  • 22
  • 17
  • 16
  • 12
  • 11
  • 8
  • 8
  • 8
  • 6
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 11 to 20 of 49 (0.173 seconds)

Spelling suggestions: "subject:"forminformation technology security measures"" "subject:"informationation technology security measures""

11

The institutionalisation of an information security culture in a petroleum organisation in the Western Cape

Michiel, Michael January 2018 (has links)
Thesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2018. / In today’s world, organisations cannot exist without having information readily available. The protection of information relies not only on technology but also on the behaviour of employees. The failure to institutionalise an information security culture inside an organisation will cause the continued occurrence of security breaches. The aim of the research is to explore how an information security culture can be institutionalised within a petroleum organisation in the Western Cape. The primary research question is posed as follows: “What are the factors affecting the institutionalisation of an information security culture?” To answer the research question, a study was conducted at a petroleum organisation in the Western Cape. A subjectivist ontological and interpretivist epistemological stance has been adopted and an inductive research approach was followed. The research strategy was a case study. Data for this study were gathered through interviews (12 in total) using semi-structured questionnaires. The data collected were transcribed, summarised, and categorised to provide a clear understanding of the data. For this study, twenty-four findings and seven themes were identified. The themes are: i) user awareness training and education; ii) user management; iii) compliance and monitoring; iv) change management; v) process simplification; vi) communication strategy; and vii) top management support. Guidelines are proposed, comprising four primary components. Ethical clearance to conduct the study was obtained from the Ethics committee of CPUT and permission to conduct the study was obtained from the Chief Information Officer (CIO) of the petroleum organisation. The findings point to collaboration between employees, the Information Security department, and management in order to institute a culture of security inside the organisation.
Corporations -- Security measures
Computer security
Corporate culture
Security systems
12

Information security risk management in the South African small, medium and micro enterprise environment

Van Niekerk, Liesel 07 July 2008 (has links)
The small, medium and micro enterprise (SMME) environment of South Africa contributes 42% to the national gross domestic product. This is a high number for a largely under-regulated environment. The corporate governance and IT governance standards that apply to South African companies are not feasible for SMMEs, and neither are they enforced, although 80% of failures of SMMEs are attributable to lack of enterprise management skill. The first objective of this dissertation is to examine the South African SMME, and in so doing determine whether local regulatory standards can be used for this unique enterprise formation. The second objective of this dissertation is to determine whether international methodologies for information security risk management, as an inclusive of IT governance, may be used in the unique local SMME formation. The result of these two objectives creates a gap in a typical information security risk management methodology that is suitable for the South African regulatory and economic environment for SMMEs. A model has been created as a possible answer for filling the gap. The dissertation includes the Peculium Model, which answers the regulatory and economic requirements that resulted from the second objective. The Model allows the small enterprise a simple but effective method for managing risks to its information assets, with the control of corporate governance and IT governance included in its framework. The Model answers the methods for identifying and assessing risk in a tradition-based but feasible new qualitative technique. / Labuschagne, L., Prof.
Small business
Risk management
Computer security management
Information technology security measures
13

Information security in health-care systems: a new approach to IT risk management

Smith, Elmé 16 August 2012 (has links)
Ph.D. / The present study originated from a realisation about the unique nature of the medical domain and about the limitations of existing risk-management methodologies with respect to incorporating the special demands and salient features of the said domain. A further incentive for the study was the long-felt need for proper Information Technology (IT) risk management for medical domains, especially in the light of the fact that IT is playing an ever-greater part in the rendering of health-care services. This part, however, introduces new information-security challenges every day, especially as far as securing sensitive medical information and ensuring patients' privacy are concerned. The study is, therefore, principally aimed at making a contribution to improving IT risk management in the medical domain and, for this reason, culminates in an IT risk-management model specifically developed for and propounded in the medical domain. While developing this model, special care was taken not only to take into consideration the special demands of the said domain when assessing IT risks but also that it would be suited to the concepts, terminology and standards used in and applied to this domain every day. The most important objectives of the study can be summarised as follows: A thorough investigation into modern trends in information security in the medical domain will soon uncover the key role IT is playing in this domain. Regrettably, however, this very trend also triggers a steep increase in IT riskincidence figures, which, in this domain, could often constitute the difference between life and death. The clamant need for effective risk-management methods to enhance the information security of medical institutions is, therefore, self-evident. After having explored the dynamic nature of the medical domain, the requirements were identified for a risk-management model aimed at effectively vi managing the IT risks to be incurred in a typical medical institution. Next, a critical evaluation of current risk-assessment techniques revealed that a fresh approach to IT risk management in medical domains is urgently necessary. An IT risk-management model, entitled "RiMaHCoF" (that is, "Risk Management in Health Care — using Cognitive Fuzzy techniques"), was developed and propounded specifically for the medical domain hereafter. The proposed model enhances IT risk management in the said domain in the sense that it proceeds on the assumption that the patient and his/her medical information constitute the primary assets of the medical institution.
Information resources management
Computer security
Health facilities management
14

An investigation of ISO/IEC 27001 adoption in South Africa

Coetzer, Christo January 2015 (has links)
The research objective of this study is to investigate the low adoption of the ISO/IEC 27001 standard in South African organisations. This study does not differentiate between the ISO/IEC 27001:2005 and ISO/IEC 27001:2013 versions, as the focus is on adoption of the ISO/IEC 27001 standard. A survey-based research design was selected as the data collection method. The research instruments used in this study include a web-based questionnaire and in-person interviews with the participants. Based on the findings of this research, the organisations that participated in this study have an understanding of the ISO/IEC 27001 standard; however, fewer than a quarter of these have fully adopted the ISO/IEC 27001 standard. Furthermore, the main business objectives for organisations that have adopted the ISO/IEC 27001 standard were to ensure legal and regulatory compliance, and to fulfil client requirements. An Information Security Management System management guide based on the ISO/IEC 27001 Plan-Do-Check-Act model is developed to help organisations interested in the standard move towards ISO/IEC 27001 compliance.
ISO 27001 Standard
Computer security
Data protection
15

Information security awareness: generic content, tools and techniques

Mauwa, Hope January 2007 (has links)
In today’s computing environment, awareness programmes play a much more important role in organizations’ complete information security programmes. Information security awareness programmes are there to change behaviour or reinforce good security practices, and provide a baseline of security knowledge for all information users. Security awareness is a learning process, which changes individual and organizational attitudes and perceptions so that the importance of security and the adverse consequences of its failure are realized. Therefore, with proper awareness, employees become the most effective layer in an organization’s security defence. With the important role that these awareness programmes play in organizations’ complete information security programmes, it is a must that all organizations that are serious about information security must implement it. But though awareness programmes have become increasing important, the level of awareness in most organizations is still low. It seems that the current approach of developing these programmes does not satisfy the needs of most organizations. Therefore, another approach, which tries to meet the needs of most organizations, is proposed in this project as part of the solution of raising the level of awareness programmes in organizations.
Computer security
Data protection
Computers -- Safety measures
16

The computer incident response framework (CIRF)

Pieterse, Theron Anton 10 October 2014 (has links)
M.Com. (Informatics) / A company’s valuable information assets face many risks from internal and external sources. When these risks are exploited and reports on information assets are made public, it is usually easy to determine which companies had a contingency plan to deal with the various aspects of these “computer incidents”. This study incorporates important factors of computer incidents into a framework which will assists the company in effectively dealing and managing computer incidents when they occur.
Computer networks - Security measures
Risk management
Computer security
17

Region aware DCT domain invisible robust blind watermarking for color images.

Naraharisetti, Sahasan 12 1900 (has links)
The multimedia revolution has made a strong impact on our society. The explosive growth of the Internet, the access to this digital information generates new opportunities and challenges. The ease of editing and duplication in digital domain created the concern of copyright protection for content providers. Various schemes to embed secondary data in the digital media are investigated to preserve copyright and to discourage unauthorized duplication: where digital watermarking is a viable solution. This thesis proposes a novel invisible watermarking scheme: a discrete cosine transform (DCT) domain based watermark embedding and blind extraction algorithm for copyright protection of the color images. Testing of the proposed watermarking scheme's robustness and security via different benchmarks proves its resilience to digital attacks. The detectors response, PSNR and RMSE results show that our algorithm has a better security performance than most of the existing algorithms.
Digital watermarking
RMSE
PSNB
invisible robust blind
Digital watermarking.
Data protection.
18

Hardware and Software Codesign of a JPEG2000 Watermarking Encoder

Mendoza, Jose Antonio 12 1900 (has links)
Analog technology has been around for a long time. The use of analog technology is necessary since we live in an analog world. However, the transmission and storage of analog technology is more complicated and in many cases less efficient than digital technology. Digital technology, on the other hand, provides fast means to be transmitted and stored. Digital technology continues to grow and it is more widely used than ever before. However, with the advent of new technology that can reproduce digital documents or images with unprecedented accuracy, it poses a risk to the intellectual rights of many artists and also on personal security. One way to protect intellectual rights of digital works is by embedding watermarks in them. The watermarks can be visible or invisible depending on the application and the final objective of the intellectual work. This thesis deals with watermarking images in the discrete wavelet transform domain. The watermarking process was done using the JPEG2000 compression standard as a platform. The hardware implementation was achieved using the ALTERA DSP Builder and SIMULINK software to program the DE2 ALTERA FPGA board. The JPEG2000 color transform and the wavelet transformation blocks were implemented using the hardware-in-the-loop (HIL) configuration.
Watermarking
wavelet transform
JPEG2000
Digital watermarking.
Data protection.
19

User compliance with the organisation's information security policy: a deterrence theory study

Fachin, Dario January 2016 (has links)
MCom Information Systems Research report 2015 / In today’s age of increasing cyber-attacks, with even national governments interests forming cyber warfare departments to defend their countries, there is no company globally which cannot be prepared for their critical infrastructure or information to be stolen, destroyed, manipulated or be made unavailable from various cyber-attacks. In most organisations, the user of the Information Systems is vital to ensuring that systems are protected by adhering to the Information Security Policy. Failure to comply with the Information Security Policy by end users exposes the company to the risk of the loss of sensitive information which could have major reputational, legal and financial impacts. The study followed a positivist research philosophy using a hypothetical model to test various hypotheses. Through the lens of deterrence theory, using a survey method to gather the information, the hypotheses are tested and analysed to further understand user compliance with an organisation’s Information Security Policy. The findings reveal that some elements of the deterrence theory are strong predictors to ensuring user compliance within a large global mining firm. The certainty of being caught for end users and the celerity of not adhering to the Information Security policy are strong predictors to ensure user compliance. The awareness of severity for not complying with the Information Security Policy or the awareness of being monitored is reflected to not be strong predictors to ensure user compliance. The research is intended to further assist both academics and practitioners to further their understanding of user compliance to the Information Security Policy. / MT2017
Computer networks--Security measures
Business enterprises--Security measures
20

The design, development and evaluation of a holistic cloud migration decision framework

Mushi, Tumelo Nicholas January 2020 (has links)
No keywords provided in dissertation / Cloud Computing has gained traction since its emergence and client organisations that want to benefit from the Cloud are looking for ways to migrate their on-premise applications to the Cloud. To assist client organisations with migration projects, researchers and practitioners have proposed various Cloud migration approaches. However, these approaches differ in applicability depending on the type of application being migrated and the Cloud Service Provider where the application is being migrated to. The various approaches to Cloud migration create complexity in Cloud migration decisions as client organisations have to consider various approaches depending on the migration project. The purpose of this dissertation is to create a universal Cloud migration approach that can be applied to every Cloud migration project. In this dissertation, a cloud migration decision framework is proposed; namely, A Holistic Cloud Migration Decision Framework (HCMDF). The research strategy that was followed is Design Science Research (DSR) and was selected since the output of the research is going to be an Information Technology (IT) research artefact. By applying the DSR strategy, the HCMDF was successfully developed and evaluated in the real world using an adaptive case study. The analysis of the results indicated that the HCMDF solves Cloud migration problem and that it can be applied to every Cloud migration project. Throughout the evaluation, areas of improvement were identified and these will be considered in future research. / School of Computing / M. Tech (Information Technology)
004.6782
Cloud computing
Information resources management
Systems migration
Cloud computing -- Management

Page generated in 0.1947 seconds