An approach to information system isolation and security in a shared facility,

January 1973

by Stuart E. Madnick [and] John J. Donovan. / Bibliography: leaf 15.

HD28 .M414 no.648-, 73

Έλεγχος ασφαλούς λειτουργίας κλασικών οδοντιατρικών ακτινολογικών μηχανημάτων Νομού Αχαΐας

Σταυριανού, Καλλιρρόη

20 September 2010

- / -

Μέτρα ασφαλείας

Ακτινοβολία

616.075 705

Radiography, Dental

Security measures

Radiation

Business counterintelligence : sustainable practice or passing fad?

Shear, Christopher James

03 1900

Thesis (MA (Information Science))--University of Stellenbosch, 2009. / Traditional information protection mechanisms are no longer adequately placed to effectively deal with the adversarial threats that have arisen as a result of the rise in importance of knowledge for today’s organisations. Business counterintelligence appears to be a protective entity, which in principle can effectively engage with and mitigate many of these newly manifested threats. Yet, business counterintelligence is also an entity that is accompanied by a great deal of haze and confusion as to its use, implementation and integration within different organisations. This is evident from the literature where there currently exist multiple fragmented definitions of what business counterintelligence is. Organisations may as a result adopt a particular business counterintelligence definition that may not be effective for their context. This can result in the ineffective protection of critical information assets and the misappropriation of organisational resources; something which is not sustainable. This thesis proposes that in order to allay the confusion caused by these differing fragmented definitions, one needs to be able to arrive at a consolidated definition of what constitutes business counterintelligence; this thesis’s primary objective. This has been examined by firstly contextualising business counterintelligence in order to better understand the topic; the information society was used as a backdrop for this purpose. Secondly, an examination of the prevailing views of business counterintelligence and its role within organisations is offered in order to build clarity. Thirdly, a consolidated definition of business counterintelligence is proposed and its implications for different organisations examined. Finally, the implications of this consolidated definition for the sustainability of business counterintelligence are discussed and conclusions based on the evidence presented within the thesis drawn. Based on the arguments presented, this thesis postulates that a consolidated definition of business counterintelligence is more effective and is thus more sustainable.

Risk management

Dissertations -- Information science

Theses -- Information science

Business intelligence

Industries -- Security measures

L3-arpsec - módulo seguro para controle e proteção do protocolo de resolução de endereços em redes definidas por software /

Oliveira, Rogério Leão Santos de.

January 2015

Orientador: Ailton Akira Shinoda / Co-orientador: Christiane Marie Schweitzer / Banca: Antonio Marco Cossi / Banca: Ed'Wilson Tavares Ferreira / Resumo: O protocolo de resolução de endereços (ARP) é usado para mapear endereços IP a endereços MAC em redes locais. Este protocolo possui algumas vulnerabilidades de segurança e uma delas é ataque Man-in-the-Middle (MITM), em que o cache ARP permite a um host interceptar pacotes trocados entre dois outros hosts. O conceito de Redes Definidas por Software (SDNs) representam uma abordagem inovadora na área de redes de computadores, uma vez que propõe um novo modelo para o controle de repasse e roteamento dos pacotes de dados que navegam na Internet. Uma das principais características deste novo paradigma é a capacidade de programar funcionalidades nos controladores de rede para gerenciar o tráfego. Este trabalho apresenta o modulo L3-ARPSec, um conjunto de instruções escritas em linguagem de programação Python que propõe uma maneira de controlar a troca de mensagens ARP e também mitigar o ataque MITM em redes locais. O módulo gerencia as requisições e respostas ARP entre todos dispositivos da rede e não permite o envenenamento do cache ARP. Depois de apresentados alguns conceitos do paradigma SDN, a estrutura do protocolo ARP e como o ataque MITM ocorre, o modulo L3-ARPSec é explicado em detalhes e os resultados de diversos testes executados são mostrados / Abstract: The Address Resolution Protocol (ARP) is used to map IP addresses to MAC addresses in local area networks. This protocol has some security vulnerabilities and one of them is the Man-in-the-Middle (MITM) attack, a way to poisoning the ARP cache that allows a host to intercept packets switched between two other hosts. Software-Defined Networks (SDNs) represent an innovative approach in the area of computer networks, since they propose a new model to control forwarding and routing data packets that navigate the World Wide Web. One of the main features of this new paradigm is the ability to program functionalities in network controllers to manage the traffic. This study presents the module L3-ARPSec, a set of instructions written in the Python programming language that proposes a way to control the switching of ARP messages and also mitigates the MITM attack in local area networks. The module manages the ARP request, reply messages between all network devices and does not permit the ARP cache poisoning. After presenting some concepts of the SDN paradigm, the ARP protocol structure and how MITM attacks occurs, the L3-ARPSec module is explained in detail and the results of several tests performed are displayed / Mestre

Internet - Sistemas de segurança.

Redes de computadores - Protocolos.

Internet - Security measures.

Constructing the internet panoptic-fortification: a legal study on China's internet regulatory mechanism

Du, Juan

31 August 2018

With the development of the information network technologies and the popularisation of the Internet, Chinese society is experiencing a Triple Revolution. Regulating the Internet has become a priority in China. In this context, this study seeks a comprehensive and in-depth understanding of China's Internet regulatory mechanism. Through the systematical analysis on Internet law in China, supplemented by the case study on how the issue of the Occupy Movement in Hong Kong was regulated, this study argues that China has developed a hybrid Internet regulatory model, which values both external defense and internal control in pursuit of the goal of cybersecurity, and which combines hierarchical regulation with horizontal monitoring to address challenges brought by contemporary network society. The Internet panoptic-fortification model is developed to illuminate China's Internet regulatory mechanism. The Internet panoptic-fortification model is featured by the centralised control from the authorities and ISPs, the establishment of Chinese sovereign cyberspace with jurisdictional and technical supports, the implementation of the network real-name system and the Internet-surfing record backup system to regulate individual Internet users, and the tight ideological control. This conceptual model reflects important aspects of Michel Foucault's account of governmentality, incorporating both centralised power and diffuse micro-power. This study suggests that China's Internet law to some extent has become an instrument for the state to promote the social discipline in the sovereign cyberspace, and the Internet regulatory mechanism serves for the national security and social stability in a broader context.

A formalised ontology for network attack classification

Van Heerden, Renier Pelser

January 2014

One of the most popular attack vectors against computers are their network connections. Attacks on computers through their networks are commonplace and have various levels of complexity. This research formally describes network-based computer attacks in the form of a story, formally and within an ontology. The ontology categorises network attacks where attack scenarios are the focal class. This class consists of: Denial-of- Service, Industrial Espionage, Web Defacement, Unauthorised Data Access, Financial Theft, Industrial Sabotage, Cyber-Warfare, Resource Theft, System Compromise, and Runaway Malware. This ontology was developed by building a taxonomy and a temporal network attack model. Network attack instances (also know as individuals) are classified according to their respective attack scenarios, with the use of an automated reasoner within the ontology. The automated reasoner deductions are verified formally; and via the automated reasoner, a relaxed set of scenarios is determined, which is relevant in a near real-time environment. A prototype system (called Aeneas) was developed to classify network-based attacks. Aeneas integrates the sensors into a detection system that can classify network attacks in a near real-time environment. To verify the ontology and the prototype Aeneas, a virtual test bed was developed in which network-based attacks were generated to verify the detection system. Aeneas was able to detect incoming attacks and classify them according to their scenario. The novel part of this research is the attack scenarios that are described in the form of a story, as well as formally and in an ontology. The ontology is used in a novel way to determine to which class attack instances belong and how the network attack ontology is affected in a near real-time environment.

Computer networks -- Security measures

Computer security

Computer crimes -- Investigation

Computer crimes -- Prevention

An investigation into the role played by perceived security concerns in the adoption of mobile money services : a Zimbabwean case study

Madebwe, Charles

January 2015

The ubiquitous nature of mobile phones and their popularity has led to opportunistic value added services (VAS), such as mobile money, riding on this phenomenon to be implemented. Several studies have been done to find factors that influence the adoption of mobile money and other information systems. The thesis looks at factors determining the uptake of mobile money over cellular networks with a special emphasis on aspects relating to perceived security even though other factors namely perceived usefulness, perceived ease of use, perceived trust and perceived cost were also looked at. The research further looks at the security threats introduced to mobile money by virtue of the nature, architecture, standards and protocols of Global System for Mobile Communications (GSM). The model employed for this research was the Technology Acceptance Model (TAM). Literature review was done on the security of GSM. Data was collected from a sample population around Harare, Zimbabwe using physical questionnaires. Statistical tests were performed on the collected data to find the significance of each construct to mobile money adoption. The research has found positive correlation between perceived security concerns and the adoption of money mobile money services over cellular networks. Perceived usefulness was found to be the most important factor in the adoption of mobile money. The research also found that customers need to trust the network service provider and the systems in use for them to adopt mobile money. Other factors driving consumer adoption were found to be perceived ease of use and perceived cost. The findings show that players who intend to introduce mobile money should strive to offer secure and useful systems that are trustworthy without making the service expensive or difficult to use. Literature review done showed that there is a possibility of compromising mobile money transactions done over GSM

Banks and banking, Mobile -- Zimbabwe

Global system for mobile communications

Cell phones -- Security measures

Protection of personal information in the South African cloud computing environment: a framework for cloud computing adoption

Skolmen, Dayne Edward

January 2016

Cloud Computing has advanced to the point where it may be considered an attractive proposition for an increasing number of South African organisations, yet the adoption of Cloud Computing in South Africa remains relatively low. Many organisations have been hesitant to adopt Cloud solutions owing to a variety of inhibiting factors and concerns that have created mistrust in Cloud Computing. One of the top concerns identified is security within the Cloud Computing environment. The approaching commencement of new data protection legislation in South Africa, known as the Protection of Personal Information Act (POPI), may provide an ideal opportunity to address the information security-related inhibiting factors and foster a trust relationship between potential Cloud users and Cloud providers. POPI applies to anyone who processes personal information and regulates how they must handle, store and secure that information. POPI is considered to be beneficial to Cloud providers as it gives them the opportunity to build trust with potential Cloud users through achieving compliance and providing assurance. The aim of this dissertation is, therefore, to develop a framework for Cloud Computing adoption that will assist in mitigating the information security-related factors inhibiting Cloud adoption by fostering a trust relationship through compliance with the POPI Act. It is believed that such a framework would be useful to South African Cloud providers and could ultimately assist in the promotion of Cloud adoption in South Africa.

Cloud computing -- Security measures

Privacy, Right of

Log analysis aided by latent semantic mapping

Buys, Stephanus

14 April 2013

In an age of zero-day exploits and increased on-line attacks on computing infrastructure, operational security practitioners are becoming increasingly aware of the value of the information captured in log events. Analysis of these events is critical during incident response, forensic investigations related to network breaches, hacking attacks and data leaks. Such analysis has led to the discipline of Security Event Analysis, also known as Log Analysis. There are several challenges when dealing with events, foremost being the increased volumes at which events are often generated and stored. Furthermore, events are often captured as unstructured data, with very little consistency in the formats or contents of the events. In this environment, security analysts and implementers of Log Management (LM) or Security Information and Event Management (SIEM) systems face the daunting task of identifying, classifying and disambiguating massive volumes of events in order for security analysis and automation to proceed. Latent Semantic Mapping (LSM) is a proven paradigm shown to be an effective method of, among other things, enabling word clustering, document clustering, topic clustering and semantic inference. This research is an investigation into the practical application of LSM in the discipline of Security Event Analysis, showing the value of using LSM to assist practitioners in identifying types of events, classifying events as belonging to certain sources or technologies and disambiguating different events from each other. The culmination of this research presents adaptations to traditional natural language processing techniques that resulted in improved efficacy of LSM when dealing with Security Event Analysis. This research provides strong evidence supporting the wider adoption and use of LSM, as well as further investigation into Security Event Analysis assisted by LSM and other natural language or computer-learning processing techniques. / LaTeX with hyperref package / Adobe Acrobat 9.54 Paper Capture Plug-in

Latent semantic indexing

Data mining

Computer networks -- Security measures

Computer hackers

Computer security

Evaluation of virtual private network impact on network performance

Nawej, Mukatshung Claude

09 1900

The aim of the study is to investigate what impact the use of VPN has on network performance. An empirical investigation using quantitative research methods was carried out. Two sample scenarios were involved in the study: scenario without VPN and scenario with VPN. In both scenarios, three applications were used in turns, an HTTP, an FTP, and a CBR. FTP was configured to use window size and packet size, while CBR used connection rate and packet size. On the other side, the number of connection was the only parameter used for HTTP. These applications were injected in a 100 Mbps fixed link of an NS2 simulation environment. Throughput and delay averages were measured respectively for the two scenarios and values compared using Student’s t-test. While the TCP and HTTP throughputs were found decreasing, the UDP throughput was not affected by the presence of this VPN. Concerning the delay; the TCP, UDP and HTTP delay were found increasing. / Electrical Engineering / M. Tech. (Electrical Engineering (Computer Systems))

Simulation

VPN

NS2

Network performance

004.68

Extranets (Computer networks)

Computer simulation