• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 178
  • 21
  • 20
  • 12
  • 9
  • 2
  • 2
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • Tagged with
  • 310
  • 310
  • 288
  • 287
  • 88
  • 77
  • 63
  • 58
  • 45
  • 44
  • 44
  • 41
  • 40
  • 39
  • 37
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
61

An adaptive multi-agent architecture for critical information infrastructure protection

Heydenrych, Mark 10 October 2014 (has links)
M.Sc. (Information Technology) / The purpose of the research presented in this dissertation is to explore the uses of an adaptive multi-agent system for critical information infrastructure protection (CIIP). As the name suggests, CIIP is the process of protecting the information system which are connected to the infrastructure essential to the continued running of a country or organisation. CIIP is challenging due largely to the diversity of these infrastructures. The dissertation examines a number of artificial intelligence techniques that can be applied to CIIP; these techniques range from multi-agent systems to swarm optimisation. The task of protection is broken into three distinct areas: preventing unauthorised communication from outside the system; identifying anomalous actions on computers within the system; and ensuring that communication within the system is not modified externally. A multi-agent learning model, MALAMANTEAU, is proposed as a way to address the problem of CIIP. Due to various problems facing CIIP, multi-agent systems present good opportunities for solving these many problems in a single model. Agents within the MALAMANTEAU model will use diverse artificial and computational intelligence techniques in order to provide an adaptable approach to protecting critical networks. The research presented in the dissertation shows how computational intelligence can be employed alongside multi-agent systems in order to provide powerful protection for critical networks without exposing further security risks.
62

WebSAT: Web-based systems administration tool

Jeong, Juyong 01 January 2005 (has links)
Discusses the development of WebSAT (Web-based systems administration tool), a computer network tool that allows systems administrators to create and delete accounts, disable and enable existing accounts, manage disk space conveniently, monitor the status of all network printers, and monitor network security. The WebSAT application was implemented using PHP, a server-side embedded scripting language, with a MySQL database.
63

Towards a model for ensuring optimal interoperability between the security systems of trading partners in a business-to-business e-commerce context

Pather, Maree 25 August 2009 (has links)
A vast range of controls/countermeasures exists for implementing security on information systems connected to the Internet. For the practitioner attempting to implement an integrated solution between trading partners operating across the Internet, this has serious implications in respect of interoperability between the security systems of the trading partners. The problem is exacerbated by the range of specification options within each control. This research is an attempt to find a set of relevant controls and specifications towards a framework for ensuring optimal interoperability between trading partners in this context. Since a policy-based, layered approach is advocated, which allows each trading partner to address localized risks independently, no exhaustive risk analysis is attempted. The focus is on infrastructure that is simultaneously optimally secure and provides optimal interoperability. It should also be scalable, allowing for additional security controls to be added whenever deemed necessary. / Computing / M. Sc. (Information Systems)
64

The status of information security in South Africa

Warricker, Anina M. 03 1900 (has links)
Thesis (MPhil)--Stellenbosch University, 2005. / ENGLISH ABSTRACT: The business and social environments are increasingly reliant on the information network, and the quality and integrity of the information to effectively conduct transactions, and "survive" in the new economy. These information networks facilitate communication and transactions between customers, suppliers, partners, and employees. Emerging technologies further encourage the extension of network boundaries beyond the branch office, to private homes, airports, and even the comer coffee shop, e.g. wireless internet access. Although technology advances contribute to significant increases in productivity, convenience, and competitive advantage, it also increases the risk of attacks on the integrity and confidentiality of any information interaction. One of the key questions is how to achieve the right level of information network security and implement effective protection systems, without impacting productivity by excessively restricting the flow of information. The issue of information security is not a localised problem, but a problem on global scale, and South African businesses are no less at risk than any other geographically located business. The risk of information security is even greater if aspects like globalisation are taken into account, and the growing inter-connectedness of the global business environment. The central question is: How does the South African business environment view information security, their perceived success in implementing information security measures, and their view of future trends in information security. Ingenue- Consulting is a global business focusing on technology consulting services, across a wide range of industries and technologies. Information security has been identified by Ingenue Consulting to be a global problem, and primary research into this business issue have been undertaken in different locations globally, e.g. Australia and South African executive level survey of what the perception and importance are of information security, of business leaders across public and private industries. Ingenue Consulting has an in-house research facility, and tasked them with conducting a survey in South Africa. The survey results can then be compared with global trends, and applied in the business environment, to highlight the impact of information security risks, and to help businesses to change and improve their information security processes and technologies. The research department started out doing an extensive literature study to identify global and local trends in information security, and to assist in the compilation of the survey questionnaire. A sample group of "blue chip" businesses across all industries was targeted at executive level to conduct a research survey - fifty interviews were conducted. The raw data was collated and analysed to formulate an opinion of the information security practices and perceptions of the business environment in South Africa. The survey confirmed that the South African market risks in terms of information security are very similar to global trends. Some of the key trends are: Information security agreements are normally signed at the onset of employment, but rarely updated or highlighted to ensure continued support and implementation. This is almost contradictory to the fact that information security are taken seriously by the executive level, and often discussed at board level. The mobility of information with the emergence of wireless networks is a key issue for most businesses - as information security is at its most vulnerable. Most of the respondents rated themselves ahead of the curve and their competitors - overestimation of competencies, could lead to larger future risks. The sensitive nature of information security industry makes benchmarking against local or global players difficult due to the sensitive nature -limited willingness to participate in a consultative forum. Companies that outsouree IT tend to "wash their hands off' security issues as the responsibility of the outsourcing vendor. Most local businesses haven't got a worldly view - they do not have an active process to find out what their peers are doing locally or globally, they rely mostly on vendor and consulting advice, or media coverage. / AFRIKAANSE OPSOMMING: Die besigheids en sosiale omgewings is toenemend afhanklik van die inligtings netwerke, en die kwaliteit en integriteit van inligting om transaksies effektief uit te voer, en om te "oorleef" in die nuwe ekonomie. Inligtings netwerke fasiliteer kommunikasie en transaksies tussen kliente, verskaffers, vennote, en werknemers. Nuwe tegnologiee verder veskuif netwerk grense, wyer as die tak-kantoor, na private huise, lughawens, of die koffie kafee - deur middel van draadlose internet toegang. Alhoewel tegnologie ontwikkelings bydra tot verbeterde produktiwiteit, en gemak van gebruik - dra dit ook by tot groter gevaar van aanvalle op die integriteit en konfidensialiteit van enige inligtings transaksie. Een van die sleutel vrae is hoe om die regte vlak van inligting netwerk sekuriteit te bereik, en om die regte beskermings metodes te implementeer - sonder om die produtiwiteit te inhibeer. Die inligting sekuritets vraagstuk is nie bloot 'n lokale vraagstuk nie, maar van globale skaal, en Suid-Afrikaanse besighede is nie minder in gevaar as enige ander besigheid in 'n ander lande nie, veral nie as aspekte soos globaliseering in ag geneem word nie. Die sentrale vraag is: Hoe sien die Suid-Afrikaanse besigheids wereld inligtings sekuriteit, en die waargenome sukses met die implementering van inligtings sekuriteit prosesse, en ook hoe hul die toekoms sien van inligtings sekuriteit. Ingenue* Consulting is 'n wereldwye besigheid, gefokus op tegnologie konsultasie dienste, oor 'n wye reeks industriee en tegnologiee. Inligting sekuriteit is deur Ingenue Consulting ge-identifiseer as 'n globale probleem, en primere navorsing in die area is al onderneem in verskillende geografiee, soos Australie en die Verenigde Koninkryk. Die Suid-Afrikaanse tak van Ingenue het vroeg in 2004 besluit om 'n lokale studie te doen oor top bestuur se persepsies van inligting sekuriteits risikos, in beide die publieke en privaat besigheids wereld. Die interne navorsings afdeling van Ingenue Consulting in Suid-Afrika is gevra om die nodige studie te ondeneem, om dit dan met globale studies te vergelyk, en te kan bepaal waar gapings mag wees, en hoe om die gapings aan te spreek. Die navorsings afdeling het begin deur 'n ekstensiewe literatuur studie te doen, as hulp tot die samestelling van die vrae-lys. 'n Teiken groep van top Suid-Afrikaanse besighede, verteenwoordigend van alle industriee is genader om 'n onderhoud toe te staan om die vrae-lys te voltooi - vyftig onderhoude was voltooi. Die rou data is gekollekteer en geanaliseer, om 'n opinie te formuleer oor die inligtings sekuriteit persepsies en praktyke van die besigheids omgewing in Suid-Afrika. Die navorsing het bevestig dat die Suid-Afrikaanse mark baie dieselfde is as ander geografiese markte - in terme van inligting sekuriteit. Van die sleutel konklusies is: Inligting sekuriteit ooreenkomste word meestal geteken met die aanvangs van diens, maar bitter selde dan weer opgevolg of hernu - dit is byna kontradikterend dat top bestuur ook baie besorg is oor inligting sekuriteit, en dat dit dikwels by raads vergaderings bespreek word. Die mobiliteit van inligting is 'n groeiende bekommernis, omrede inligting dan nog meer op risiko is. Meeste respondente sien hulself as beter of meer gevorderd as hul kompeteerders - 'n oor-estimasie van sukses in inligtings sekuriteit kan lei tot groter probleme in die toekoms. Die sensitiewe natuur van inligting sekuriteit maak ope vergelyking van gedetaileerde prosesse moeilik - en meeste besighede is nie bereid om deel te neem aan algemene gesprekke nie. Terwyl besighede wat hul tegnologie afdeling deur 'n derde party bestuur, neem geen verantwoordelikheid vir hul inligtings sekuriteit nie. 'n Groter bekommernis is dat besighede in Suid-Afrika nie 'n aktiewe proses het om op hoogte bly van wat die beste opsies is in inligtings sekuriteit nie, of wat hul teenstanders doen nie - maar vertrou op die advies van verkoops en konsultasie maatskappye, of media berigte.
65

Towards a model for ensuring optimal interoperability between the security systems of trading partners in a business-to-business e-commerce context

Pather, Maree 25 August 2009 (has links)
A vast range of controls/countermeasures exists for implementing security on information systems connected to the Internet. For the practitioner attempting to implement an integrated solution between trading partners operating across the Internet, this has serious implications in respect of interoperability between the security systems of the trading partners. The problem is exacerbated by the range of specification options within each control. This research is an attempt to find a set of relevant controls and specifications towards a framework for ensuring optimal interoperability between trading partners in this context. Since a policy-based, layered approach is advocated, which allows each trading partner to address localized risks independently, no exhaustive risk analysis is attempted. The focus is on infrastructure that is simultaneously optimally secure and provides optimal interoperability. It should also be scalable, allowing for additional security controls to be added whenever deemed necessary. / Computing / M. Sc. (Information Systems)
66

Reputation and trust-based security in wireless sensor networks

Unknown Date (has links)
This dissertation presents the results of research that led to the development of a novel reputation and trust-based monitoring paradigm for secure and reliable computing in Wireless Sensor Networks (WSNs). WSNs have undergone tremendous technological advances over the last few years. They have caused a giant leap toward "proactive computing," a paradigm where computers anticipate human needs and, when necessary, act on their behalf. Therefore, we cannot deploy such a critical technology without first addressing the security and privacy challenges to ensure that it does not turn against those whom it is meant to benefit. The core application of WSNs is to detect and report events, be it military or civilian applications. The building blocks of a WSN are small, battery-powered, lowcost, self-contained devices called "sensors" that measure factors like light, temperature, pressure, vibration, motion, etc. A WSN usually consists of hundreds of thousands of sensors that operate in unattended, hostile territories to monitor a given geographical area. Once deployed, the wireless sensors self-organize into ad-hoc wireless networks in order to cope with the dynamics of the surveillance field. During the post deployment phase, the wireless sensors aggregate data, then process and generate a report, which is subsequently relayed from one sensor to the next using secure multi-hop routing until the data reaches its desired destination, which is usually the sink. Since sensors operate in unattended and hostile territories, the adversary can capture a sensor node physically and extract all the information stored onboard, including cryptographic keying material. With this unique situation, WSNs are subject to a unique attack referred to as an "Insider Attack," in which the adversary becomes a legitimate member of the network being represented by the captured node. / To overcome this unique situation, a distributed Reputation and Trust-based Monitoring System (RTMS) is required. The most critical contribution of this dissertation work has been the proposal and design of a novel, clique-based, distributed group-key establishment protocol with specific application to RTMSs. We have also proposed and evaluated the application of RTMS models for securing beacon-based localization in WSNs addressing information asymmetry attacks, and proposed a novel k-parent tree model for securing broadcast communication in WSNs with an underlying RTMS model. Other issues addressed in this dissertation work include the proposal of a Connected Dominating Set (CDS) based reputation dissemination and bootstrapping model. This model also enables secure, certificateless node mobility and enables the model to be robust to ID Spoofing and node replication attacks. / by Avinash Srinivasan. / Thesis (Ph.D.)--Florida Atlantic University, 2008. / Includes bibliography. / Electronic reproduction. Boca Raton, FL : 2008 Mode of access: World Wide Web.
67

Web-based wireless sensor network monitoring using smartphones

Unknown Date (has links)
This thesis consists of the development of a web based wireless sensor network (WSN) monitoring system using smartphones. Typical WSNs consist of networks of wireless sensor nodes dispersed over predetermined areas to acquire, process, and transmit data from these locations. Often it is the case that the WSNs are located in areas too hazardous or inaccessible to humans. We focused on the need for access to this sensed data remotely and present our reference architecture to solve this problem. We developed this architecture for web-based wireless sensor network monitoring and have implemented a prototype that uses Crossbow Mica sensors and Android smartphones for bridging the wireless sensor network with the web services for data storage and retrieval. Our application has the ability to retrieve sensed data directly from a wireless senor network composed of Mica sensors and from a smartphones onboard sensors. The data is displayed on the phone's screen, and then, via Internet connection, they are forwarded to a remote database for manipulation and storage. The attributes sensed and stored by our application are temperature, light, acceleration, GPS position, and geographical direction. Authorized personnel are able to retrieve and observe this data both textually and graphically from any browser with Internet connectivity or through a native Android application. Web-based wireless sensor network architectures using smartphones provides a scalable and expandable solution with applicability in many areas, such as healthcare, environmental monitoring, infrastructure health monitoring, border security, and others. / by Anthony M. Marcus. / Thesis (M.S.C.S.)--Florida Atlantic University, 2011. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2011. Mode of access: World Wide Web.
68

Secure routing in wireless sensor networks

Unknown Date (has links)
This research addresses communication security in the highly constrained wireless sensor environment. The goal of the research is twofold: (1) to develop a key management scheme that provides these constrained systems with the basic security requirements and evaluate its effectiveness in terms of scalability, efficiency, resiliency, connectivity, and flexibility, and (2) to implement this scheme on an appropriate routing platform and measure its efficiency. / The proposed key management scheme is called Hierarchical Key Establishment Scheme (HIKES). In HIKES, the base station, acting as the central trust authority, empowers randomly selected sensors to act as local trust authorities, authenticating on its behalf the cluster members and issuing to them all secret keys necessary to secure their communications. HIKES uses a novel key escrow scheme that enables any sensor node selected as a cluster head to generate all the cryptographic keys needed to authenticate other sensors within its cluster. This scheme localizes secret key issuance and reduces the communication cost with the base station. The key escrow scheme also provides the HIKES with as large an addressing mechanism as needed. HIKES also provides a one-step broadcast authentication mechanism. HIKES provides entity authentication to every sensor in the network and is robust against most known attacks. We propose a hierarchical routing mechanism called Secure Hierarchical Energy-Efficient Routing protocol (SHEER). SHEER implements HIKES, which provides the communication security from the inception of the network. SHEER uses a probabilistic broadcast mechanism and a three-level hierarchical clustering architecture to improve the network energy performance and increase its lifetime. / Simulation results have shown that HIKES provides an energy-efficient and scalable solution to the key management problem. Cost analysis shows that HIKES is computationally efficient and has low storage requirement. Furthermore, high degree of address flexibility can be achieved in HIKES. Therefore, this scheme meets the desired criteria set forth in this work. Simulation studies also show that SHEER is more energy-efficient and has better scalability than the secure version of LEACH using HIKES. / by Jamil Ibriq. / Thesis (Ph. D.)--Florida Atlantic University, 2007. / Includes bibliography. / Also available in print. / Electronic reproduction. Boca Raton, FL : 2007. Mode of access: World Wide Web.
69

Data-centric security : towards a utopian model for protecting corporate data on mobile devices

Mayisela, Simphiwe Hector January 2014 (has links)
Data-centric security is significant in understanding, assessing and mitigating the various risks and impacts of sharing information outside corporate boundaries. Information generally leaves corporate boundaries through mobile devices. Mobile devices continue to evolve as multi-functional tools for everyday life, surpassing their initial intended use. This added capability and increasingly extensive use of mobile devices does not come without a degree of risk - hence the need to guard and protect information as it exists beyond the corporate boundaries and throughout its lifecycle. Literature on existing models crafted to protect data, rather than infrastructure in which the data resides, is reviewed. Technologies that organisations have implemented to adopt the data-centric model are studied. A utopian model that takes into account the shortcomings of existing technologies and deficiencies of common theories is proposed. Two sets of qualitative studies are reported; the first is a preliminary online survey to assess the ubiquity of mobile devices and extent of technology adoption towards implementation of data-centric model; and the second comprises of a focus survey and expert interviews pertaining on technologies that organisations have implemented to adopt the data-centric model. The latter study revealed insufficient data at the time of writing for the results to be statistically significant; however; indicative trends supported the assertions documented in the literature review. The question that this research answers is whether or not current technology implementations designed to mitigate risks from mobile devices, actually address business requirements. This research question, answered through these two sets qualitative studies, discovered inconsistencies between the technology implementations and business requirements. The thesis concludes by proposing a realistic model, based on the outcome of the qualitative study, which bridges the gap between the technology implementations and business requirements. Future work which could perhaps be conducted in light of the findings and the comments from this research is also considered.
70

An investigation into the state-of-practice of information security within Zambian copper mines: a case study

Lukweza, Chishala January 2011 (has links)
Zambian copper mines have embraced the use of information technologies for strategic operations and competitive advantage. This dependence on these technologies has not only been seen in the physical aspects of business operations but also in the use of information systems such as Enterprise Resource Planning Systems (ERPs) for strategic decision making and increased usage of Industrial Control Systems (ICS’) that are meant to enhance operational efficiency in production areas. A survey was conducted to explore leadership perceptions on information security practices in Zambian copper mines and an ISO/IEC 27002 Audit Tool was administered to middle management in a particular mine for an in-depth analysis of their information security practices. Results revealed that although information security controls may have been put in place in these organisations, there are still areas that require attention. Senior management and middle management have different perceptions as to the extent to which information security practices are conducted in these copper mines. This implies that management may not be fully involved in certain aspects of these organisations’ information security practices. The results concluded that management needs to be fully involved and provide support for information security programs. Furthermore, these information security programs should be standardised so as to effectively protect these organisations’ information assets. This should also include the involvement of personnel as key players in the information security process.

Page generated in 0.0535 seconds