Spelling suggestions: "subject:"betworks security"" "subject:"conetworks security""
221 |
A structured approach to the identification of the significant risks related to enterprise mobile solutions at a mobile technology component levelSahd, Lize-Marie 04 1900 (has links)
Thesis (MComm)--Stellenbosch University, 2015. / ENGLISH ABSTRACT: The consumerisation of mobile technology is driving the mobile revolution and
enterprises are forced to incorporate mobile solutions into their business processes
in order to remain competitive. While there are many benefits relating to the
investment in and use of mobile technology, significant risks are also being
introduced into the business. The fast pace of technological innovation and the rate
of adoption of mobile technology by employees has, however, created an
environment where enterprises are deploying mobile solutions on an ad hoc basis.
Enterprises are only addressing the risks as they are occurring and resulting in
losses. The key contributing factor to this lack of governance and management is the
fact that those charged with governance do not understand the underlying mobile
technology components.
The purpose of this research is to improve the understanding of the underlying
components of mobile technology. The research further proposes to use this
understanding to identify the significant risks related to mobile technology and to
formulate appropriate internal controls to address these risks. The findings of the
research identified the following underlying components of mobile technology: mobile
devices; mobile infrastructure, data delivery mechanisms and enabling technologies;
and mobile applications. Based on an understanding of the components and
subcategories of mobile technology, a control framework was used to identify the
significant risks related to each component and subcategory. The significant risks
identified included both risks to the users (including interoperability, user experience,
connectivity and IT support) as well as risks to the enterprise’s strategies (including
continuity, security, cost and data ownership). The research concludes by
formulating internal controls that the enterprise can implement to mitigate the
significant risks. This resulted in two matrixes that serve as quick-reference guides to
enterprises in the identification of significant risks at an enterprise specific mobile
technology component level, as well as the relevant internal controls to consider.
The matrixes also assist enterprises in determining the best mobile solutions to
deploy in their business, given their strategies, risk evaluation and control
environment. / AFRIKAANSE OPSOMMING: Die mobiele revolusie word deur die verbruiker van mobiele tegnologie aangedryf en,
ten einde kompeterend te bly, word ondernemings gedwing om mobiele tegnologie
in hul besigheidsprosesse te implementeer. Terwyl daar baie voordele verbonde is
aan die investering in en gebruik van mobiele tegnologie, word die besigheid egter
ook blootgestel aan wesenlike risiko’s. Die vinnige tempo waarteen mobiele
tegnologie ontwikkel en deur werknemers aangeneem word, het egter ʼn omgewing
geskep waarin ondernemings mobiele tegnologie op ʼn ad hoc basis ontplooi.
Besighede spreek eers die risiko’s aan nadat dit reeds voorgekom het en verliese as
gevolg gehad het. Die hoof bydraende faktor tot die tekort aan beheer en bestuur
van mobiele tegnologie is die feit dat diegene verantwoordelik vir beheer, nie
onderliggend mobiele tegnologie komponente verstaan nie.
Die doel van hierdie navorsing is om die begrip van die onderliggende komponente
van mobiele tegnologie te verbeter. Die navorsing poog verder om die wesenlike
risiko’s verbonde aan mobiele tegnologie te identifiseer en om toepaslike interne
beheermaatreëls te formuleer wat die risiko’s sal aanspreek. Die bevindinge van die
navorsing het die volgende onderliggende komponente van mobiele tegnologie
geïdentifiseer: mobiele toestelle; mobiele infrastruktuur, data afleweringsmeganismes,
en bemagtigende tegnologieë; en mobiele toepassings. Gebaseer op
ʼn begrip van die komponente en subkategorieë van mobiele tegnologie, is ʼn kontrole
raamwerk gebruik om die wesenlike risiko’s verbonde aan elke komponent en
subkategorie van die tegnologie, te identifiseer. Die wesenlike risiko’s sluit beide
risiko’s vir die gebruiker (insluitend kontinuïteit, gebruikerservaring, konnektiwiteit en
IT ondersteuning) sowel as risiko’s vir die onderneming se strategieë (insluitend
kontinuïteit, sekuriteit, koste en data eienaarskap) in. Die navorsing sluit af met die
formulering van die beheermaatreëls wat geïmplementeer kan word om die
wesenlike risiko’s aan te spreek. Dit het gelei tot twee tabelle wat as vinnige
verwysingsraamwerke deur ondernemings gebruik kan word in die identifisering van
wesenlike risiko’s op ʼn onderneming-spesifieke tegnologie komponentvlak asook die
oorweging van relevante interne beheermaatreëls. Die tabelle help ondernemings
ook om die beste mobiele tegnologie vir hul besigheid te implementeer, gebaseer op
hul strategie, risiko evaluering en beheeromgewing.
|
222 |
Benefits, business considerations and risks of big dataSmeda, Jorina 04 1900 (has links)
Thesis (MComm)--Stellenbosch University, 2015. / ENGLISH ABSTRACT: Big data is an emerging technology and its use holds great potential and benefits for
organisations. The governance of this technology is something that is still a big
concern and as aspect for which guidance to organisations wanting to use this
technology is still lacking.
In this study an extensive literature review was conducted to identify and define the
business imperatives distinctive of an organisation that will benefit from the use of
big data. The business imperatives were identified and defined based on the
characteristics and benefits of big data. If the characteristics and benefits are clear,
the relevant technology will be better understood. Furthermore, the business
imperatives provide business managers with guidance to whether their organisation
will benefit from the use of this technology or not.
The strategic and operational risks related to the use of big data were also identified
and they are discussed in this assignment, based on a literature review. The risks
specific to big data are highlighted and guidance is given to business managers as to
which risks should be addressed when using big data. The risks are then mapped
against COBIT 5 (Control Objectives for Information and Related Technology) to
highlight the processes most affected when implementing and using big data,
providing business managers with guidance when governing this technology. / AFRIKAANSE OPSOMMING: ‘Big data’ is 'n ontwikkelende tegnologie en die gebruik daarvan hou baie groot
potensiaal en voordele vir besighede in. Die bestuur van hierdie tegnologie is egter ʼn
groot bron van kommer en leiding aan besighede wat hierdie tegnologie wil gebruik
ontbreek steeds.
Deur middel van 'n uitgebreide literatuuroorsig is die besigheidsimperatiewe
kenmerkend van 'n besigheid wat voordeel sal trek uit die gebruik van ‘big data’
geïdentifiseer. Die besigheidsimperatiewe is geïdentifiseer en gedefinieer gebaseer
op die eienskappe en voordele van ‘big data’. Indien die eienskappe en voordele
behoorlik verstaan word, is 'n beter begrip van die tegnologie moontlik.
Daarbenewens bied die besigheidsimperatiewe leiding aan bestuur sodat hulle in
staat kan wees om te beoordeel of hulle besigheid voordeel sal trek uit die gebruik
van hierdie tegnologie of nie.
Die strategiese en operasionele risiko's wat verband hou met die gebruik van ‘big
data’ is ook geïdentifiseer en bespreek, gebaseer op 'n literatuuroorsig. Dit
beklemtoon die risiko's verbonde aan ‘big data’ en daardeur word leiding verskaf aan
besigheidsbestuurders ten opsigte van watter risiko's aangespreek moet word
wanneer ‘big data’ gebruik word. Die risiko's is vervolgens gekarteer teen COBIT 5
(‘Control Objectives for Information and Related Technology’) om die prosesse wat
die meeste geraak word deur die gebruik van ‘big data’ te beklemtoon, ten einde
leiding te gee aan besigheidsbestuurders vir die beheer en kontrole van hierdie
tegnologie.
|
223 |
A framework for correlation and aggregation of security alerts in communication networks : a reasoning correlation and aggregation approach to detect multi-stage attack scenarios using elementary alerts generated by Network Intrusion Detection Systems (NIDS) for a global security perspectiveAlserhani, Faeiz January 2011 (has links)
The tremendous increase in usage and complexity of modern communication and network systems connected to the Internet, places demands upon security management to protect organisations' sensitive data and resources from malicious intrusion. Malicious attacks by intruders and hackers exploit flaws and weakness points in deployed systems through several sophisticated techniques that cannot be prevented by traditional measures, such as user authentication, access controls and firewalls. Consequently, automated detection and timely response systems are urgently needed to detect abnormal activities by monitoring network traffic and system events. Network Intrusion Detection Systems (NIDS) and Network Intrusion Prevention Systems (NIPS) are technologies that inspect traffic and diagnose system behaviour to provide improved attack protection. The current implementation of intrusion detection systems (commercial and open-source) lacks the scalability to support the massive increase in network speed, the emergence of new protocols and services. Multi-giga networks have become a standard installation posing the NIDS to be susceptible to resource exhaustion attacks. The research focuses on two distinct problems for the NIDS: missing alerts due to packet loss as a result of NIDS performance limitations; and the huge volumes of generated alerts by the NIDS overwhelming the security analyst which makes event observation tedious. A methodology for analysing alerts using a proposed framework for alert correlation has been presented to provide the security operator with a global view of the security perspective. Missed alerts are recovered implicitly using a contextual technique to detect multi-stage attack scenarios. This is based on the assumption that the most serious intrusions consist of relevant steps that temporally ordered. The pre- and post- condition approach is used to identify the logical relations among low level alerts. The alerts are aggregated, verified using vulnerability modelling, and correlated to construct multi-stage attacks. A number of algorithms have been proposed in this research to support the functionality of our framework including: alert correlation, alert aggregation and graph reduction. These algorithms have been implemented in a tool called Multi-stage Attack Recognition System (MARS) consisting of a collection of integrated components. The system has been evaluated using a series of experiments and using different data sets i.e. publicly available datasets and data sets collected using real-life experiments. The results show that our approach can effectively detect multi-stage attacks. The false positive rates are reduced due to implementation of the vulnerability and target host information.
|
224 |
Whether using encryption in SCADA systems, the services performance requirements are still met in OT IT environment over an MPLS core network?Chego, Lloyd January 2016 (has links)
A Research Project Abstract
submitted in fulfillment of the requirements
for
Master of Science in Engineering [Electrical]: Telecommunications
at the
University Of The Witwatersrand, Johannesburg
07 June 2016 / Utilities use Supervisory Control and Data Acquisition systems as their industrial control
system. The architecture of these systems in the past was based on them being isolated from
other networks. Now with recent ever changing requirements of capabilities from these
systems there is a need to converge with information technology systems and with the need to
have these industrial networks communicating on packet switched networks there are cyber
security concerns that come up.
This research project looks at the whether using encryption in an IP/MPLS core network for
SCADA in an OT IT environment has an effect on the performance requirements. This was
done through an experimental simulation with the results recorded. The research project also
looks at the key literature study considerations.
The key research question for the research project of this MSc 50/50 mini-thesis is “whether
using encryption in SCADA systems, the services performance requirements are still met in
OT/ IT environment over an MPLS core network”? The research project seeks to determine if
SCADA performance requirements are met over an encrypted MPLS/IP core network in an
OT/IT environment. The key focus area of the research project is only encryption in the
whole cyber security value chain versus SCADA services performances. This means that the
research project only focused on the encryption portion of the whole cyber security value
chain and the scope did not focus on other aspects of the value chain. This suffices for an
MSc 50/50 mini-thesis research project as a focus on the whole value chain would require a
full MSc thesis.
Thus the primary objective for the research project is to research and demonstrate that
encryption is essential for secure SCADA communication over a MPLS/IP core network. As
aforementioned encryption forms an essential part of the Cyber Security value chain which
has to achieve the following objectives.
Confidentiality: ensuring that the information source is really from that source.
Integrity: ensuring that the information has not been altered in any way.
Availability: ensuring that system is not comprised but that it is available.
These objectives of encryption should be met with SCADA service performance
requirements not violated which is the objective of the research project. / M T 2016
|
225 |
An uncertainty-aware reputation system in mobile networks: analysis and applicationsUnknown Date (has links)
Many emerging mobile networks aim to provide wireless network services without relying on any infrastructure. The main challenge in these networks comes from their self-organized and distributed nature. There is an inherent reliance on collaboration among the participants in order to achieve the aimed functionalities. Therefore, establishing and quantifying trust, which is the driving force for collaboration, is important for applications in mobile networks. This dissertation focuses on evaluating and quantifying trust to stimulate collaboration in mobile networks, introducing uncertainty concepts and metrics, as well as providing the various analysis and applications of uncertainty-aware reputation systems. Many existing reputation systems sharply divide the trust value into right or wrong, thus ignoring another core dimension of trust: uncertainty. As uncertainty deeply impacts a node's anticipation of others' behavior and decisions during interaction, we include it in the reputation system. Specifically, we use an uncertainty metric to directly reflect a node's confidence in the sufficiency of its past experience, and study how the collection of trust information may affect uncertainty in nodes' opinions. Higher uncertainty leads to higher transaction cost and reduced acceptance of communication. We exploit mobility to efficiently reduce uncertainty and to speed up trust convergence. We also apply the new reputation system to enhance the analysis of the interactions among mobile nodes, and present three sample uncertainty-aware applications. We integrate the uncertainty-aware reputation model with game theory tools, and enhance the analysis on interactions among mobile nodes. / Instead of reactively protecting the mobile networks from existing attacks as in the traditional security paradigms, the analysis in this dissertation gives more insights on nodes' rationality in the interaction, which will enable the mechanism design in mobile networks to be security and incentive compatible. Moreover, we present three sample applications, in which we clearly identify the challenges, specifically formalize the problems, and cleverly employ the uncertainty mitigation schemes. These applications show that the uncertainty definition and mitigation schemes can benefit a broad range of applications, including fields such as security, network services, and routing. / by Feng Li. / Vita. / Thesis (Ph.D.)--Florida Atlantic University, 2009. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2009. Mode of access: World Wide Web.
|
226 |
Implementing security in an IP Multimedia Subsystem (IMS) next generation network - a case studyUnknown Date (has links)
The IP Multimedia Subsystem (IMS) has gone from just a step in the evolution of the GSM cellular architecture control core, to being the de-facto framework for Next Generation Network (NGN) implementations and deployments by operators world-wide, not only cellular mobile communications operators, but also fixed line, cable television, and alternative operators. With this transition from standards documents to the real world, engineers in these new multimedia communications companies need to face the task of making these new networks secure against threats and real attacks that were not a part of the previous generation of networks. We present the IMS and other competing frameworks, we analyze the security issues, we present the topic of Security Patterns, we introduce several new patterns, including the basis for a Generic Network pattern, and we apply these concepts to designing a security architecture for a fictitious 3G operator using IMS for the control core. / by Jose M. Ortiz-Villajos. / Thesis (M.S.C.S.)--Florida Atlantic University, 2009. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2009. Mode of access: World Wide Web.
|
227 |
Internet payment system--: mechanism, applications & experimentation.January 2000 (has links)
Ka-Lung Chong. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2000. / Includes bibliographical references (leaves 80-83). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgments --- p.iii / Chapter 1 --- Introduction & Motivation --- p.1 / Chapter 1.1 --- Introduction --- p.1 / Chapter 1.2 --- Internet Commerce --- p.3 / Chapter 1.3 --- Motivation --- p.6 / Chapter 1.4 --- Related Work --- p.7 / Chapter 1.4.1 --- Cryptographic Techniques --- p.7 / Chapter 1.4.2 --- Internet Payment Systems --- p.9 / Chapter 1.5 --- Contribution --- p.16 / Chapter 1.6 --- Outline of the Thesis --- p.17 / Chapter 2 --- A New Payment Model --- p.19 / Chapter 2.1 --- Model Description --- p.19 / Chapter 2.2 --- Characteristics of Our Model --- p.22 / Chapter 2.3 --- Model Architecture --- p.24 / Chapter 2.4 --- Comparison --- p.30 / Chapter 2.5 --- System Implementation --- p.30 / Chapter 2.5.1 --- Acquirer Interface --- p.31 / Chapter 2.5.2 --- Issuer Interface --- p.32 / Chapter 2.5.3 --- Merchant Interface --- p.32 / Chapter 2.5.4 --- Payment Gateway Interface --- p.33 / Chapter 2.5.5 --- Payment Cancellation Interface --- p.33 / Chapter 3 --- A E-Commerce Application - TravelNet --- p.35 / Chapter 3.1 --- System Architecture --- p.35 / Chapter 3.2 --- System Features --- p.38 / Chapter 3.3 --- System Snapshots --- p.39 / Chapter 4 --- Simulation --- p.44 / Chapter 4.1 --- Objective --- p.44 / Chapter 4.2 --- Simulation Flow --- p.45 / Chapter 4.3 --- Assumptions --- p.49 / Chapter 4.4 --- Simulation of Payment Systems --- p.50 / Chapter 5 --- Discussion of Security Concerns --- p.54 / Chapter 5.1 --- Threats to Internet Payment --- p.54 / Chapter 5.1.1 --- Eavesdropping --- p.55 / Chapter 5.1.2 --- Masquerading --- p.55 / Chapter 5.1.3 --- Message Tampering --- p.56 / Chapter 5.1.4 --- Replaying --- p.56 / Chapter 5.2 --- Aspects of A Secure Internet Payment System --- p.57 / Chapter 5.2.1 --- Authentication --- p.57 / Chapter 5.2.2 --- Confidentiality --- p.57 / Chapter 5.2.3 --- Integrity --- p.58 / Chapter 5.2.4 --- Non-Repudiation --- p.58 / Chapter 5.3 --- Our System Security --- p.58 / Chapter 5.4 --- TravelNet Application Security --- p.61 / Chapter 6 --- Discussion of Performance Evaluation --- p.64 / Chapter 6.1 --- Performance Concerns --- p.64 / Chapter 6.2 --- Experiments Conducted --- p.65 / Chapter 6.2.1 --- Description --- p.65 / Chapter 6.2.2 --- Analysis on the Results --- p.65 / Chapter 6.3 --- Simulation Analysis --- p.69 / Chapter 7 --- Conclusion & Future Work --- p.72 / Chapter A --- Experiment Specification --- p.74 / Chapter A.1 --- Configuration --- p.74 / Chapter A.2 --- Experiment Results --- p.74 / Chapter B --- Simulation Specification --- p.77 / Chapter B.1 --- Parameter Listing --- p.77 / Chapter B.2 --- Simulation Results --- p.77 / Bibliography --- p.80
|
228 |
Defining the Information Security Posture: An Empirical Examination of Structure, Integration, and Managerial EffectivenessYoung, Randall Frederick 08 1900 (has links)
The discipline of information security management is still in its infancy as evidenced by the lack of empirical scholarly work in this area. Most research within the information security domain focuses on specific technologies and algorithms and how it impacts the principles of confidentiality, integrity, and availability. But, an important area receiving little attention is the antecedents of effective information security management at the organizational level (Stanton, Guzman, Stam & Caldera, 2003). The little empirical research that has been conducted in this area has shown that information security management in many organizations is poor (Baskerville, 1993; Shimeall & McDermott, 1999). Several researchers have identified the need for methods to measure the organization-wide information security posture of organizations (Eloff & Von Solms, 2000; James, 1996). This dissertation attempts to measure the organization-wide information security posture by examining benchmark variables that assess role, planning orientation, and performance structure within the organization. Through this conceptualization of an organization's information security posture, a means is presented to measure overall information security and how it impacts the effective utilization of information security strategies. The presence of the dependent variable, effectiveness, gives academics and practitioners a success measure which can guide more effective decision making in the information security domain. An additional aim of this dissertation is to empirically examine the influence of management practices and decisions on effective use of information security strategies within the organization. The issues of centralization versus decentralization of information security activities will be evaluated along with its impact on information security posture of organizations and the effectiveness of the organization's information security strategies. Data was collected from 119 IT and information security executives. Results show that how the organization structures information security activities is not correlated with more effective utilization of information security strategies. Meanwhile, the organization's information security posture is significantly correlated with more effective utilization of information security strategies. The implications of this research is discussed.
|
229 |
Integrated planning of modern distribution networks incorporating UK utility practicesMansor, Nurulafiqah Nadzirah January 2018 (has links)
Distribution system plays a significant role in the overall electrical power system due to its impact on electricity costs, reliability as well as security of supplied energy. Optimal development planning of modern distribution system is mainly required to satisfy continuous change in customer demands and generations in a cost-effective manner, utilizing the available smart solutions. All these aspects need to be addressed in modern distribution planning methodology that can be applied today in real-life. Review has shown that there are no distributions planning models that adequately model security of supply of radially operated networks. Moreover, the optimal development planning models still do not consider multiple operating regimes, which has become a necessity due to connection of low carbon technologies. Numerous techniques published on this subject tend to ignore the regulations and planning standards that must be complied during system development, resulting in methodology that is not in-tuned with business practices. Furthermore, a comprehensive model that integrates all major components of todayâs real-life distribution planning is still lacking, even though many of them have been addressed individually. In this thesis, integrated planning methodology for development of distribution system is proposed, incorporating utility practices in the UK. The overall methodology built on two independent stages, investment stage and operation stage. The operation stage is further cast into two sub-stages, quality of supply planning and minimization of operation costs planning. The overall planning methodology incorporates the novel probabilistic decision tree concept for distribution system planning to consider probable network uncertainties. The first model which is the investment stage determines the new construction and reinforcement of circuits and switchgear, along with circuit decommissioning. Multiple operating regimes due to fluctuation in generation and load profiles are considered, in addition to explicit modelling of N-1 security constraint according to P2/6 planning standards. The quality of supply planning determines the allocation of switchgear and its automation to maximise the reliability benefits from the regulatory incentive regime. Finally, the operation model determines the optimal network configuration that minimises the total operation costs of distribution system. The final outputs are list of cables and switchgear for construction, reinforcement, and decommission, benefits harvested due to quality of supply investments on switchgear, optimal network running arrangement, etc. These studies have proven to be important in formulating effective strategies for development of distribution system, in compliance to the planning standards and resulted in higher network operation capabilities.
|
230 |
A framework for system fingerprintingRadhakrishnan, Sakthi Vignesh 29 March 2013 (has links)
The primary objective of the proposed research is to develop a framework for smart and robust fingerprinting of networked systems. Many fingerprinting techniques have been proposed in the past, however most of these techniques are designed for a specific purpose, such as Operating System (OS) fingerprinting, Access Point (AP) fingerprinting, etc. Such standalone techniques often have limitations which render them dysfunctional in certain scenarios or against certain counter measures. In order to overcome such limitations, we propose a fingerprinting framework that can combine multiple fingerprinting techniques in a smart manner, using a centralized decision making engine. We believe that any given scenario or a counter measure is less likely to circumvent a group of diverse fingerprinting techniques, which serves as the primary motivation behind the aforementioned method of attack. Another major portion of the thesis concentrates on the design and development of a device and device type fingerprinting sub-module (GTID) that has been integrated into the proposed framework. This sub-module used statistical analysis of packet inter arrival times (IATs) to identify the type of device that is generating the traffic. This work also analyzes the performance of the identification technique on a real campus network and propose modifications that use pattern recognition neural networks to improve the overall performance. Additionally, we impart capabilities to the fingerprinting technique to enable the identification of 'Unknown' devices (i.e., devices for which no signature is stored), and also show that it can be extended to perform both device and device type identification.
|
Page generated in 0.0589 seconds