The effective combating of intrusion attacks through fuzzy logic and neural networks
- Authors: Goss, Robert Melvin
- Date: 2007
- Subjects: Computer security , Fuzzy logic , Neural networks (Computer science)
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9794 , http://hdl.handle.net/10948/512 , http://hdl.handle.net/10948/d1011917 , Computer security , Fuzzy logic , Neural networks (Computer science)
- Description: The importance of properly securing an organization’s information and computing resources has become paramount in modern business. Since the advent of the Internet, securing this organizational information has become increasingly difficult. Organizations deploy many security mechanisms in the protection of their data, intrusion detection systems in particular have an increasingly valuable role to play, and as networks grow, administrators need better ways to monitor their systems. Currently, many intrusion detection systems lack the means to accurately monitor and report on wireless segments within the corporate network. This dissertation proposes an extension to the NeGPAIM model, known as NeGPAIM-W, which allows for the accurate detection of attacks originating on wireless network segments. The NeGPAIM-W model is able to detect both wired and wireless based attacks, and with the extensions to the original model mentioned previously, also provide for correlation of intrusion attacks sourced on both wired and wireless network segments. This provides for a holistic detection strategy for an organization. This has been accomplished with the use of Fuzzy logic and neural networks utilized in the detection of attacks. The model works on the assumption that each user has, and leaves, a unique footprint on a computer system. Thus, all intrusive behaviour on the system and networks which support it, can be traced back to the user account which was used to perform the intrusive behavior.
- Full Text:
- Date Issued: 2007
- Authors: Goss, Robert Melvin
- Date: 2007
- Subjects: Computer security , Fuzzy logic , Neural networks (Computer science)
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9794 , http://hdl.handle.net/10948/512 , http://hdl.handle.net/10948/d1011917 , Computer security , Fuzzy logic , Neural networks (Computer science)
- Description: The importance of properly securing an organization’s information and computing resources has become paramount in modern business. Since the advent of the Internet, securing this organizational information has become increasingly difficult. Organizations deploy many security mechanisms in the protection of their data, intrusion detection systems in particular have an increasingly valuable role to play, and as networks grow, administrators need better ways to monitor their systems. Currently, many intrusion detection systems lack the means to accurately monitor and report on wireless segments within the corporate network. This dissertation proposes an extension to the NeGPAIM model, known as NeGPAIM-W, which allows for the accurate detection of attacks originating on wireless network segments. The NeGPAIM-W model is able to detect both wired and wireless based attacks, and with the extensions to the original model mentioned previously, also provide for correlation of intrusion attacks sourced on both wired and wireless network segments. This provides for a holistic detection strategy for an organization. This has been accomplished with the use of Fuzzy logic and neural networks utilized in the detection of attacks. The model works on the assumption that each user has, and leaves, a unique footprint on a computer system. Thus, all intrusive behaviour on the system and networks which support it, can be traced back to the user account which was used to perform the intrusive behavior.
- Full Text:
- Date Issued: 2007
Towards a framework for identity verification of vulnerable children within the Eastern Cape
- Authors: Rautenbach, James
- Date: 2007
- Subjects: Biometric identification , Information storage and retrieval systems , Children -- Services for -- South Africa -- Eastern Cape
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9792 , http://hdl.handle.net/10948/597 , http://hdl.handle.net/10948/d1011702 , Biometric identification , Information storage and retrieval systems , Children -- Services for -- South Africa -- Eastern Cape
- Description: This dissertation proposes the development of an identification verification model that can be implemented within the context of the Eastern Cape, South Africa in order to ensure that vulnerable children are provided with the requisite care that they deserve from the state. The dissertation provides both a developed and developing world perspective on the identification verification needs of vulnerable children by providing an overview of relevant South African policy with regard to caring for vulnerable children and presenting an international perspective with specific reference to current legislative developments in the United Kingdom and Malaysia. Chapter 1 provides a motivation for a framework to be used for the identification verification of children in developing countries by emphasising that the provision of basic social services to children is an urgent requirement for poverty eradication and is a necessity as documented in the United Nations Convention on the Rights of the Child. A background to the needs of vulnerable children in South Africa is given and the scope, limitations and research methodology used in the dissertation is presented. Chapter 2 provides an overview of child related policy in the South African Context both from a National Government and Eastern Cape perspective. Although extensive progress has been made in the development of policies aimed at protecting vulnerable children, the practical implementation of these policies has been hampered by numerous issues including the lack of coordination between key entities. Chapter 3 provides an introduction to several noteworthy international developments with regard to the identity verification of vulnerable children. Lessons learnt from identity verification systems from the United Kingdom and Malaysia are analyzed for applicability to the South African context. In addition to this, the use of biometric technology in identity verification systems and a number of biometric identification methodologies available are discussed. Chapter 4 proposes the development and implementation of a biometric identity verification model in the Eastern Cape Province of South Africa based on lessons learnt from the assessment of South African policy and international best practice. The system should be piloted in the Eastern Cape and, if successful, be implemented throughout South Africa with a possible view to future implementation on the African continent. The scope of the system, the technological requirements and a high level implementation plan together with the need to further research certain key aspects e.g. the cost implications are discussed. It is clear that the development of such a model and the implementation of such a system will ensure that vulnerable children are provided with the requisite care that they are constitutionally entitled to. Significant follow up research is required during the development of the model to ensure that all aspects of the model are well documented and during the implementation of the system to ensure that the requirements of the users both within the government and the general public are met.
- Full Text:
- Date Issued: 2007
- Authors: Rautenbach, James
- Date: 2007
- Subjects: Biometric identification , Information storage and retrieval systems , Children -- Services for -- South Africa -- Eastern Cape
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9792 , http://hdl.handle.net/10948/597 , http://hdl.handle.net/10948/d1011702 , Biometric identification , Information storage and retrieval systems , Children -- Services for -- South Africa -- Eastern Cape
- Description: This dissertation proposes the development of an identification verification model that can be implemented within the context of the Eastern Cape, South Africa in order to ensure that vulnerable children are provided with the requisite care that they deserve from the state. The dissertation provides both a developed and developing world perspective on the identification verification needs of vulnerable children by providing an overview of relevant South African policy with regard to caring for vulnerable children and presenting an international perspective with specific reference to current legislative developments in the United Kingdom and Malaysia. Chapter 1 provides a motivation for a framework to be used for the identification verification of children in developing countries by emphasising that the provision of basic social services to children is an urgent requirement for poverty eradication and is a necessity as documented in the United Nations Convention on the Rights of the Child. A background to the needs of vulnerable children in South Africa is given and the scope, limitations and research methodology used in the dissertation is presented. Chapter 2 provides an overview of child related policy in the South African Context both from a National Government and Eastern Cape perspective. Although extensive progress has been made in the development of policies aimed at protecting vulnerable children, the practical implementation of these policies has been hampered by numerous issues including the lack of coordination between key entities. Chapter 3 provides an introduction to several noteworthy international developments with regard to the identity verification of vulnerable children. Lessons learnt from identity verification systems from the United Kingdom and Malaysia are analyzed for applicability to the South African context. In addition to this, the use of biometric technology in identity verification systems and a number of biometric identification methodologies available are discussed. Chapter 4 proposes the development and implementation of a biometric identity verification model in the Eastern Cape Province of South Africa based on lessons learnt from the assessment of South African policy and international best practice. The system should be piloted in the Eastern Cape and, if successful, be implemented throughout South Africa with a possible view to future implementation on the African continent. The scope of the system, the technological requirements and a high level implementation plan together with the need to further research certain key aspects e.g. the cost implications are discussed. It is clear that the development of such a model and the implementation of such a system will ensure that vulnerable children are provided with the requisite care that they are constitutionally entitled to. Significant follow up research is required during the development of the model to ensure that all aspects of the model are well documented and during the implementation of the system to ensure that the requirements of the users both within the government and the general public are met.
- Full Text:
- Date Issued: 2007
Analysing the effect of FSP on MIG-laser hybrid welded 6082-T6 AA joints
- Authors: Mjali, Kadephi Vuyolwethu
- Date: 2007
- Subjects: Friction stir welding
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9610 , http://hdl.handle.net/10948/563 , Friction stir welding
- Description: Friction Stir Processing (FSP) of aluminium alloys has been used to modify and improve the microstructure and relevant properties of fusion welded aluminium alloys. The effect of FSP on MIG-Laser Hybrid (MLH) welded aluminium alloy 6082-T6 mechanical and microstructural properties has been studied in this research. The FSP process was used on 6mm thick aluminium alloy plates and a tool was designed specifically for FSP, and the effect of varying speeds was analysed before the final FSP welds were made. The effect of FSP was analysed by optical microscopy, tensile, microhardness and fatigue testing. The aim of the study was to determine whether the FSP process has a beneficial influence on the mechanical properties and metallurgical integrity of MIG-Laser Hybrid welded 6082-T6 aluminium alloy with varying gap tolerances. Three welding processes were compared, namely combined Friction Stir Processing on MIG-Laser hybrid process (FSP-MLH), MLH and Friction Stir Welding (FSW) as part of the analysis. (FSP was carried out on MLH components when it was found that FSP is not an entirely complete welding process but rather a finishing process per se.) The aim of this dissertation is to investigate the effects of the FSP process on the weld quality of MLH welded joints and also to compare this to individual processes like FSW and MLH. This investigation was undertaken in order to gain an understanding of the effect of these processes on fatigue performance and microhardness distribution on aluminium alloy 6082-T6 weld joints.
- Full Text:
- Date Issued: 2007
- Authors: Mjali, Kadephi Vuyolwethu
- Date: 2007
- Subjects: Friction stir welding
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9610 , http://hdl.handle.net/10948/563 , Friction stir welding
- Description: Friction Stir Processing (FSP) of aluminium alloys has been used to modify and improve the microstructure and relevant properties of fusion welded aluminium alloys. The effect of FSP on MIG-Laser Hybrid (MLH) welded aluminium alloy 6082-T6 mechanical and microstructural properties has been studied in this research. The FSP process was used on 6mm thick aluminium alloy plates and a tool was designed specifically for FSP, and the effect of varying speeds was analysed before the final FSP welds were made. The effect of FSP was analysed by optical microscopy, tensile, microhardness and fatigue testing. The aim of the study was to determine whether the FSP process has a beneficial influence on the mechanical properties and metallurgical integrity of MIG-Laser Hybrid welded 6082-T6 aluminium alloy with varying gap tolerances. Three welding processes were compared, namely combined Friction Stir Processing on MIG-Laser hybrid process (FSP-MLH), MLH and Friction Stir Welding (FSW) as part of the analysis. (FSP was carried out on MLH components when it was found that FSP is not an entirely complete welding process but rather a finishing process per se.) The aim of this dissertation is to investigate the effects of the FSP process on the weld quality of MLH welded joints and also to compare this to individual processes like FSW and MLH. This investigation was undertaken in order to gain an understanding of the effect of these processes on fatigue performance and microhardness distribution on aluminium alloy 6082-T6 weld joints.
- Full Text:
- Date Issued: 2007
An appraisal of secure, wireless grid-enabled data warehousing
- Authors: Seelo, Gaolathe
- Date: 2007
- Subjects: Data warehousing , Computer security
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9790 , http://hdl.handle.net/10948/602 , http://hdl.handle.net/10948/d1011700 , Data warehousing , Computer security
- Description: In most research, appropriate collections of data play a significant role in aiding decision-making processes. This is more critical if the data is being accessed across organisational barriers. Further, for the data to be mined and analysed efficiently, to aid decision-making processes, it must be harnessed in a suitably-structured fashion. There is, for example, a need to perform diverse data analyses and interpretation of structured (non-personal) HIV/AIDS patient-data from various quarters in South Africa. Although this data does exist, to some extent, it is autonomously owned and stored in disparate data storages, and not readily available to all interested parties. In order to put this data to meaningful use, it is imperative to integrate and store this data in a manner in which it can be better utilized by all those involved in the ontological field. This implies integration of (and hence, interoperability), and appropriate accessibility to, the information systems of the autonomous organizations providing data and data-processing. This is a typical problem-scenario for a Virtual Inter-Organisational Information System (VIOIS), proposed in this study. The VIOIS envisaged is a hypothetical, secure, Wireless Grid-enabled Data Warehouse (WGDW) that enables IOIS interaction, such as the storage and processing of HIV/AIDS patient-data to be utilized for HIV/AIDS-specific research. The proposed WDGW offers a methodical approach for arriving at such a collaborative (HIV/AIDS research) integrated system. The proposed WDGW is virtual community that consists mainly of data-providers, service-providers and information-consumers. The WGDW-basis resulted from systematic literaturesurvey that covered a variety of technologies and standards that support datastorage, data-management, computation and connectivity between virtual community members in Grid computing contexts. A Grid computing paradigm is proposed for data-storage, data management and computation in the WGDW. Informational or analytical processing will be enabled through data warehousing while connectivity will be attained wirelessly (for addressing the paucity of connectivity infrastructure in rural parts of developing countries, like South Africa).
- Full Text:
- Date Issued: 2007
- Authors: Seelo, Gaolathe
- Date: 2007
- Subjects: Data warehousing , Computer security
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9790 , http://hdl.handle.net/10948/602 , http://hdl.handle.net/10948/d1011700 , Data warehousing , Computer security
- Description: In most research, appropriate collections of data play a significant role in aiding decision-making processes. This is more critical if the data is being accessed across organisational barriers. Further, for the data to be mined and analysed efficiently, to aid decision-making processes, it must be harnessed in a suitably-structured fashion. There is, for example, a need to perform diverse data analyses and interpretation of structured (non-personal) HIV/AIDS patient-data from various quarters in South Africa. Although this data does exist, to some extent, it is autonomously owned and stored in disparate data storages, and not readily available to all interested parties. In order to put this data to meaningful use, it is imperative to integrate and store this data in a manner in which it can be better utilized by all those involved in the ontological field. This implies integration of (and hence, interoperability), and appropriate accessibility to, the information systems of the autonomous organizations providing data and data-processing. This is a typical problem-scenario for a Virtual Inter-Organisational Information System (VIOIS), proposed in this study. The VIOIS envisaged is a hypothetical, secure, Wireless Grid-enabled Data Warehouse (WGDW) that enables IOIS interaction, such as the storage and processing of HIV/AIDS patient-data to be utilized for HIV/AIDS-specific research. The proposed WDGW offers a methodical approach for arriving at such a collaborative (HIV/AIDS research) integrated system. The proposed WDGW is virtual community that consists mainly of data-providers, service-providers and information-consumers. The WGDW-basis resulted from systematic literaturesurvey that covered a variety of technologies and standards that support datastorage, data-management, computation and connectivity between virtual community members in Grid computing contexts. A Grid computing paradigm is proposed for data-storage, data management and computation in the WGDW. Informational or analytical processing will be enabled through data warehousing while connectivity will be attained wirelessly (for addressing the paucity of connectivity infrastructure in rural parts of developing countries, like South Africa).
- Full Text:
- Date Issued: 2007
MISSTEV : model for information security shared tacit espoused values
- Authors: Thomson, Kerry-Lynn
- Date: 2007
- Subjects: Computer security -- Management , Management information systems -- Security measures , Data protection
- Language: English
- Type: Thesis , Doctoral , DTech
- Identifier: vital:9787 , http://hdl.handle.net/10948/717 , Computer security -- Management , Management information systems -- Security measures , Data protection
- Description: One of the most critical assets in most organisations is information. It is often described as the lifeblood of an organisation. For this reason, it is vital that this asset is protected through sound information security practices. However, the incorrect and indifferent behaviour of employees often leads to information assets becoming vulnerable. Incorrect employee behaviour could have an extremely negative impact on the protection of information. An information security solution should be a fundamental component in most organisations. It is, however, possible for an organisation to have the most comprehensive physical and technical information security controls in place, but the operational controls, and associated employee behaviour, have not received much consideration. Therefore, the issue of employee behaviour must be addressed in an organisation to assist in ensuring the protection of information assets. The corporate culture of an organisation is largely responsible for the actions and behaviour of employees. Therefore, to address operational information security controls, the corporate culture of an organisation should be considered. To ensure the integration of information security into the corporate culture of an organisation, the protection of information should become part of the way the employees conduct their everyday tasks – from senior management, right throughout the entire organisation. Therefore, information security should become an integral component of the corporate culture of the organisation. To address the integration of information security into the corporate culture of an organisation, a model was developed which depicted the learning stages and modes of knowledge creation necessary to transform the corporate culture into one that is information security aware.
- Full Text:
- Date Issued: 2007
- Authors: Thomson, Kerry-Lynn
- Date: 2007
- Subjects: Computer security -- Management , Management information systems -- Security measures , Data protection
- Language: English
- Type: Thesis , Doctoral , DTech
- Identifier: vital:9787 , http://hdl.handle.net/10948/717 , Computer security -- Management , Management information systems -- Security measures , Data protection
- Description: One of the most critical assets in most organisations is information. It is often described as the lifeblood of an organisation. For this reason, it is vital that this asset is protected through sound information security practices. However, the incorrect and indifferent behaviour of employees often leads to information assets becoming vulnerable. Incorrect employee behaviour could have an extremely negative impact on the protection of information. An information security solution should be a fundamental component in most organisations. It is, however, possible for an organisation to have the most comprehensive physical and technical information security controls in place, but the operational controls, and associated employee behaviour, have not received much consideration. Therefore, the issue of employee behaviour must be addressed in an organisation to assist in ensuring the protection of information assets. The corporate culture of an organisation is largely responsible for the actions and behaviour of employees. Therefore, to address operational information security controls, the corporate culture of an organisation should be considered. To ensure the integration of information security into the corporate culture of an organisation, the protection of information should become part of the way the employees conduct their everyday tasks – from senior management, right throughout the entire organisation. Therefore, information security should become an integral component of the corporate culture of the organisation. To address the integration of information security into the corporate culture of an organisation, a model was developed which depicted the learning stages and modes of knowledge creation necessary to transform the corporate culture into one that is information security aware.
- Full Text:
- Date Issued: 2007
Information security awareness: generic content, tools and techniques
- Authors: Mauwa, Hope
- Date: 2007
- Subjects: Computer security , Data protection , Computers -- Safety measures , Information technology -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9733 , http://hdl.handle.net/10948/560 , Computer security , Data protection , Computers -- Safety measures , Information technology -- Security measures
- Description: In today’s computing environment, awareness programmes play a much more important role in organizations’ complete information security programmes. Information security awareness programmes are there to change behaviour or reinforce good security practices, and provide a baseline of security knowledge for all information users. Security awareness is a learning process, which changes individual and organizational attitudes and perceptions so that the importance of security and the adverse consequences of its failure are realized. Therefore, with proper awareness, employees become the most effective layer in an organization’s security defence. With the important role that these awareness programmes play in organizations’ complete information security programmes, it is a must that all organizations that are serious about information security must implement it. But though awareness programmes have become increasing important, the level of awareness in most organizations is still low. It seems that the current approach of developing these programmes does not satisfy the needs of most organizations. Therefore, another approach, which tries to meet the needs of most organizations, is proposed in this project as part of the solution of raising the level of awareness programmes in organizations.
- Full Text:
- Date Issued: 2007
- Authors: Mauwa, Hope
- Date: 2007
- Subjects: Computer security , Data protection , Computers -- Safety measures , Information technology -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9733 , http://hdl.handle.net/10948/560 , Computer security , Data protection , Computers -- Safety measures , Information technology -- Security measures
- Description: In today’s computing environment, awareness programmes play a much more important role in organizations’ complete information security programmes. Information security awareness programmes are there to change behaviour or reinforce good security practices, and provide a baseline of security knowledge for all information users. Security awareness is a learning process, which changes individual and organizational attitudes and perceptions so that the importance of security and the adverse consequences of its failure are realized. Therefore, with proper awareness, employees become the most effective layer in an organization’s security defence. With the important role that these awareness programmes play in organizations’ complete information security programmes, it is a must that all organizations that are serious about information security must implement it. But though awareness programmes have become increasing important, the level of awareness in most organizations is still low. It seems that the current approach of developing these programmes does not satisfy the needs of most organizations. Therefore, another approach, which tries to meet the needs of most organizations, is proposed in this project as part of the solution of raising the level of awareness programmes in organizations.
- Full Text:
- Date Issued: 2007
Establishing the benefits of implementing an I.T. project management office in the Nelson Mandela Metropolitan area
- Martin, Michael Ronald Charles
- Authors: Martin, Michael Ronald Charles
- Date: 2007
- Subjects: Project management -- South Africa -- Port Elizabeth -- Computer network resources , Information technology -- South Africa -- Port Elizabeth -- Management
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9266 , http://hdl.handle.net/10948/558 , Project management -- South Africa -- Port Elizabeth -- Computer network resources , Information technology -- South Africa -- Port Elizabeth -- Management
- Description: The well-known concept of a Project Manager managing an I.T. project in relative isolation is no longer a viable option for organisations that are running numerous projects simultaneously. Due to the enormous costs and risks involved in many of these projects, there needs to be a means to ensure success. This has led to the establishment of the concept of a Project Management Office (PMO). An autonomous business unit that is responsible for managing all projects within an organisation. The need for a Project Management Office (PMO) to effectively manage multiple projects is becoming more and more accepted worldwide. The benefits of a PMO are well documented, but whether these benefits will apply to organisations within the NMM area needed to be investigated. A detailed analysis of the benefits of Project Management and in particular a PMO, have been investigated by means of a literature study. An investigation into the effectiveness of PMO’s in South Africa in general, was conducted by means of a survey targeted at a group of I.T. Project Managers located in all the major centres. A further survey was conducted among local I.T. managers to determine their current level of success and their expectations for the future. When reviewing the expectations of local I.T. management against the performance of Project Managers that are currently operating within PMOs, it is clear that organisations within the NMM area are in need of PMO’s and would certainly benefit from their establishment.
- Full Text:
- Date Issued: 2007
- Authors: Martin, Michael Ronald Charles
- Date: 2007
- Subjects: Project management -- South Africa -- Port Elizabeth -- Computer network resources , Information technology -- South Africa -- Port Elizabeth -- Management
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9266 , http://hdl.handle.net/10948/558 , Project management -- South Africa -- Port Elizabeth -- Computer network resources , Information technology -- South Africa -- Port Elizabeth -- Management
- Description: The well-known concept of a Project Manager managing an I.T. project in relative isolation is no longer a viable option for organisations that are running numerous projects simultaneously. Due to the enormous costs and risks involved in many of these projects, there needs to be a means to ensure success. This has led to the establishment of the concept of a Project Management Office (PMO). An autonomous business unit that is responsible for managing all projects within an organisation. The need for a Project Management Office (PMO) to effectively manage multiple projects is becoming more and more accepted worldwide. The benefits of a PMO are well documented, but whether these benefits will apply to organisations within the NMM area needed to be investigated. A detailed analysis of the benefits of Project Management and in particular a PMO, have been investigated by means of a literature study. An investigation into the effectiveness of PMO’s in South Africa in general, was conducted by means of a survey targeted at a group of I.T. Project Managers located in all the major centres. A further survey was conducted among local I.T. managers to determine their current level of success and their expectations for the future. When reviewing the expectations of local I.T. management against the performance of Project Managers that are currently operating within PMOs, it is clear that organisations within the NMM area are in need of PMO’s and would certainly benefit from their establishment.
- Full Text:
- Date Issued: 2007
A methodology for measuring and monitoring IT risk
- Authors: Tansley, Natalie Vanessa
- Date: 2007
- Subjects: Electronic data processing departments -- Security measures , Business -- Data processing -- Security measures , Information resources management , Information technology -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9781 , http://hdl.handle.net/10948/772 , Electronic data processing departments -- Security measures , Business -- Data processing -- Security measures , Information resources management , Information technology -- Security measures
- Description: The primary objective of the research is to develop a methodology for monitoring and measuring IT risks, strictly focusing on internal controls. The research delivers a methodology whereby an organization can measure its system of internal controls, providing assurance that the risks are at an acceptable level. To achieve the primary objective a number of secondary objectives were addressed: What are the drivers forcing organizations to better corporate governance in managing risk? What is IT risk management, specifically focusing on operational risk. What is internal control and specifically focusing on COSO’s internal control process. Investigation of measurement methods, such as, Balance Scorecards, Critical Success Factors, Maturity Models, Key Performance Indicators and Key Goal Indicators. Investigation of various frameworks such as CobiT, COSO and ISO 17799, ITIL and BS 7799 as to how they manage IT risk relating to internal control.
- Full Text:
- Date Issued: 2007
- Authors: Tansley, Natalie Vanessa
- Date: 2007
- Subjects: Electronic data processing departments -- Security measures , Business -- Data processing -- Security measures , Information resources management , Information technology -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9781 , http://hdl.handle.net/10948/772 , Electronic data processing departments -- Security measures , Business -- Data processing -- Security measures , Information resources management , Information technology -- Security measures
- Description: The primary objective of the research is to develop a methodology for monitoring and measuring IT risks, strictly focusing on internal controls. The research delivers a methodology whereby an organization can measure its system of internal controls, providing assurance that the risks are at an acceptable level. To achieve the primary objective a number of secondary objectives were addressed: What are the drivers forcing organizations to better corporate governance in managing risk? What is IT risk management, specifically focusing on operational risk. What is internal control and specifically focusing on COSO’s internal control process. Investigation of measurement methods, such as, Balance Scorecards, Critical Success Factors, Maturity Models, Key Performance Indicators and Key Goal Indicators. Investigation of various frameworks such as CobiT, COSO and ISO 17799, ITIL and BS 7799 as to how they manage IT risk relating to internal control.
- Full Text:
- Date Issued: 2007
Multi-income level investment in golf estates
- Authors: Ngubeni, Steven Piet
- Date: 2007
- Subjects: Real estate development , Sustainable development -- South Africa , Housing development -- South Africa , Planned communities
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9694 , http://hdl.handle.net/10948/771 , Real estate development , Sustainable development -- South Africa , Housing development -- South Africa , Planned communities
- Description: The government of South African has stated its intentions to enforce a policy which will compel developers of upmarket residential properties to set aside 20 percent of their upmarket residential developments to accommodate affordable housing. The developers on the other hand, have expressed concerns about this approach. The principal aim of this study and of the research was to investigate the desirability of the concept of multi-income-level investment approach to the development of golf estates. A phenomenological strand of qualitative research method was used in the research. The following formed the focal point of the research: • An investigation into the perceptions of the stakeholders, especially the buyers of up-market properties, about mixed-income-level investments in golf estates. • The potential effect of the implementation of including affordable housing in the development of golf estates • An investigation of the perceived effect on the profitability of investments by the inclusion of affordable housing in golf estate properties. • The extent of the contribution of including affordable housing in golf estate developments to the reduction of the current backlog
- Full Text:
- Date Issued: 2007
- Authors: Ngubeni, Steven Piet
- Date: 2007
- Subjects: Real estate development , Sustainable development -- South Africa , Housing development -- South Africa , Planned communities
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9694 , http://hdl.handle.net/10948/771 , Real estate development , Sustainable development -- South Africa , Housing development -- South Africa , Planned communities
- Description: The government of South African has stated its intentions to enforce a policy which will compel developers of upmarket residential properties to set aside 20 percent of their upmarket residential developments to accommodate affordable housing. The developers on the other hand, have expressed concerns about this approach. The principal aim of this study and of the research was to investigate the desirability of the concept of multi-income-level investment approach to the development of golf estates. A phenomenological strand of qualitative research method was used in the research. The following formed the focal point of the research: • An investigation into the perceptions of the stakeholders, especially the buyers of up-market properties, about mixed-income-level investments in golf estates. • The potential effect of the implementation of including affordable housing in the development of golf estates • An investigation of the perceived effect on the profitability of investments by the inclusion of affordable housing in golf estate properties. • The extent of the contribution of including affordable housing in golf estate developments to the reduction of the current backlog
- Full Text:
- Date Issued: 2007
Improving construction planning through 4D planning
- Authors: Allen, Christopher James
- Date: 2007
- Subjects: Construction industry -- Management , Construction industry -- Computer-aided design
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9698 , http://hdl.handle.net/10948/467 , http://hdl.handle.net/10948/d1011923 , Construction industry -- Management , Construction industry -- Computer-aided design
- Description: Construction Planning will increasingly play a more critical role within the realm of the Built Environment. Existing practices used to plan and communicate the construction process to be undertaken are failing to deliver the desired results for construction companies and clients alike. At a time of unprecedented growth in the industry around the world, which is leading to a general skills shortage, especially in management positions, construction planners are increasingly being asked to deal with more responsibility. As with other industries, technological improvement in the tools at their disposal is one way to address the inadequacies of the present situation. Increasingly, three dimensional design packages are being used to generate construction information which can then be used for quantities calculations, automated manufacturing processes and construction simulation. The latter forms the basis for their use in the process of planning, through new technologies being developed as virtual construction tools or 4D planning, the addition of time to the 3D model environment, but using the elements within the model as the basis for the construction programme. The benefit of using the design information to form the basis of the programme is that the interface tasks and logistical activities, as well as location related constraints, can be identified and then communicated to all levels within the construction team through a time based visual image. The purpose of this study is therefore to establish a scientifically analysed alternative method for the creation, review and delivery of construction programmes. In order to achieve the research objectives, three methodologies have been employed. Firstly, the literature review in the fields of planning including existing methodologies and previous research of 4D related techniques has been analysed. An overview of the perceived weaknesses to current practises and proposed solution will be explored and best case scenarios outlined and further investigated. Secondly, the 51 Lime Street project provides an environment in which the proposed 4D planning techniques have been implemented and the benefits of the process can, through observation / participation methodology, be validated. Thirdly, through interview questionnaires, with Lime St contractors and management, and e-mail questionnaires to a broader sample stratum, data on the ability of the tools, the techniques employed on 51 Lime Street and similar projects have been collated and statistically analysed to validate the reliability and relevance for future implementation. The result of the research will provide management teams with a practical alternative to existing planning methodologies. Construction planners will have alternative technique that can further enhance their role within the project team whilst increasing their ability to communicate the team’s vision to a wider audience, making them and the project more efficient and effective in the process. It has been proposed that clients insist on the use of 3D from the commencement of the design process so that this information can be passed downstream through the construction process and onto facilities management. Planners need to be able to communicate their requirements better and the 4D planning models provide both a more inclusive way of planning alongside a better communications medium in the form of moving images. A picture tells a thousand words.
- Full Text:
- Date Issued: 2007
- Authors: Allen, Christopher James
- Date: 2007
- Subjects: Construction industry -- Management , Construction industry -- Computer-aided design
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9698 , http://hdl.handle.net/10948/467 , http://hdl.handle.net/10948/d1011923 , Construction industry -- Management , Construction industry -- Computer-aided design
- Description: Construction Planning will increasingly play a more critical role within the realm of the Built Environment. Existing practices used to plan and communicate the construction process to be undertaken are failing to deliver the desired results for construction companies and clients alike. At a time of unprecedented growth in the industry around the world, which is leading to a general skills shortage, especially in management positions, construction planners are increasingly being asked to deal with more responsibility. As with other industries, technological improvement in the tools at their disposal is one way to address the inadequacies of the present situation. Increasingly, three dimensional design packages are being used to generate construction information which can then be used for quantities calculations, automated manufacturing processes and construction simulation. The latter forms the basis for their use in the process of planning, through new technologies being developed as virtual construction tools or 4D planning, the addition of time to the 3D model environment, but using the elements within the model as the basis for the construction programme. The benefit of using the design information to form the basis of the programme is that the interface tasks and logistical activities, as well as location related constraints, can be identified and then communicated to all levels within the construction team through a time based visual image. The purpose of this study is therefore to establish a scientifically analysed alternative method for the creation, review and delivery of construction programmes. In order to achieve the research objectives, three methodologies have been employed. Firstly, the literature review in the fields of planning including existing methodologies and previous research of 4D related techniques has been analysed. An overview of the perceived weaknesses to current practises and proposed solution will be explored and best case scenarios outlined and further investigated. Secondly, the 51 Lime Street project provides an environment in which the proposed 4D planning techniques have been implemented and the benefits of the process can, through observation / participation methodology, be validated. Thirdly, through interview questionnaires, with Lime St contractors and management, and e-mail questionnaires to a broader sample stratum, data on the ability of the tools, the techniques employed on 51 Lime Street and similar projects have been collated and statistically analysed to validate the reliability and relevance for future implementation. The result of the research will provide management teams with a practical alternative to existing planning methodologies. Construction planners will have alternative technique that can further enhance their role within the project team whilst increasing their ability to communicate the team’s vision to a wider audience, making them and the project more efficient and effective in the process. It has been proposed that clients insist on the use of 3D from the commencement of the design process so that this information can be passed downstream through the construction process and onto facilities management. Planners need to be able to communicate their requirements better and the 4D planning models provide both a more inclusive way of planning alongside a better communications medium in the form of moving images. A picture tells a thousand words.
- Full Text:
- Date Issued: 2007
Using agreements as an abstraction for access control administration
- Authors: Reyneke, André
- Date: 2007
- Subjects: Information -- control and access , Computer security -- Management
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9791 , http://hdl.handle.net/10948/598 , http://hdl.handle.net/10948/d1011701 , Information -- control and access , Computer security -- Management
- Description: The last couple of decades saw lots of changes in the business world. Not only did technology change at a rapid pace, but businesses' views with respect to the role that information plays also changed drastically. Information is now seen as a strategic resource. This change paved the way for the so-called knowledge worker that not only consumes information, but actively participates in creating new knowledge from information. Employees must therefore be empowered to fulfill their new role as knowledge workers. Empowerment happens through job redefinition and by ensuring that the appropriate information is at hand. Although information is more readily available to employees, appropriate access controls must still be implemented. However, there is conflict between the need to share information and the need to keep information confidential. These conflicting needs must be reflected in the administration of access control. In order to resolve these conflicts, a finer granularity of access controls must be implemented. However, to implement a finer granularity of access control, an increase in the number of access controls and, therefore, the administrative burden is inevitable. Access control administrators must cater for a potentially large number of systems. These systems can not only be heterogenous as far as architecture and technology are concerned, but also with respect to access control paradigms. Vendors have realized that human involvement must be minimized, giving birth to so-called "provisioning systems". Provisioning systems, in principle, automate certain parts of access control administration. However, currently implementations are done in an ad hoc manner, that is, without a systematic process of identifying the real access control needs. This study aims to address this problem by proposing the "agreement abstraction" as a possible vehicle for systematically analyzing the access control requirements in a business. In essence, the agreement abstraction allows us to identify opportunities where access control can be automated. A specific methodological approach is suggested whereby the business is analysed in terms of business processes, as opposed to the more traditional resource perspective. Various business processes are used as examples to explain and motivate the proposed agreement abstraction further. This dissertation therefore contributes to the field of discourse by presenting a new abstraction that can be used systematically to analyse access control administration requirements.
- Full Text:
- Date Issued: 2007
- Authors: Reyneke, André
- Date: 2007
- Subjects: Information -- control and access , Computer security -- Management
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9791 , http://hdl.handle.net/10948/598 , http://hdl.handle.net/10948/d1011701 , Information -- control and access , Computer security -- Management
- Description: The last couple of decades saw lots of changes in the business world. Not only did technology change at a rapid pace, but businesses' views with respect to the role that information plays also changed drastically. Information is now seen as a strategic resource. This change paved the way for the so-called knowledge worker that not only consumes information, but actively participates in creating new knowledge from information. Employees must therefore be empowered to fulfill their new role as knowledge workers. Empowerment happens through job redefinition and by ensuring that the appropriate information is at hand. Although information is more readily available to employees, appropriate access controls must still be implemented. However, there is conflict between the need to share information and the need to keep information confidential. These conflicting needs must be reflected in the administration of access control. In order to resolve these conflicts, a finer granularity of access controls must be implemented. However, to implement a finer granularity of access control, an increase in the number of access controls and, therefore, the administrative burden is inevitable. Access control administrators must cater for a potentially large number of systems. These systems can not only be heterogenous as far as architecture and technology are concerned, but also with respect to access control paradigms. Vendors have realized that human involvement must be minimized, giving birth to so-called "provisioning systems". Provisioning systems, in principle, automate certain parts of access control administration. However, currently implementations are done in an ad hoc manner, that is, without a systematic process of identifying the real access control needs. This study aims to address this problem by proposing the "agreement abstraction" as a possible vehicle for systematically analyzing the access control requirements in a business. In essence, the agreement abstraction allows us to identify opportunities where access control can be automated. A specific methodological approach is suggested whereby the business is analysed in terms of business processes, as opposed to the more traditional resource perspective. Various business processes are used as examples to explain and motivate the proposed agreement abstraction further. This dissertation therefore contributes to the field of discourse by presenting a new abstraction that can be used systematically to analyse access control administration requirements.
- Full Text:
- Date Issued: 2007
Analysis of fuel consumption reduction potential through the use of an electrically driven air conditioning compressor
- Authors: Marais, Charel
- Date: 2007
- Subjects: Automobiles -- Air conditioning , Electric vehicles -- Power supply , Automobiles -- Fuel systems , Electric automobiles
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9623 , http://hdl.handle.net/10948/774 , Automobiles -- Air conditioning , Electric vehicles -- Power supply , Automobiles -- Fuel systems , Electric automobiles
- Description: The disturbing current situation regarding the world climate has initiated a major wave of urgent developments towards decreasing the overall impact of human activities on the living environment. A major role player in this development is the automobile industry that is inherently connected to pollution of various types, be it air, water or noise pollution. There have been drastic changes not only in the technologies employed in producing vehicles and components, but also in the construction and technologies built into modern automobiles to lessen the overall environmental impact of the industry. Noxious emissions have been decreased, overall efficiencies increased and vehicles are becoming more economical with each new generation. Stricter laws dictate that the level of acceptable vehicle emissions is to be decreased ever further and all manufacturers are developing various possibilities to achieve this. With the emergence of hybrid vehicle technology, there was also a sudden development of different electrical systems that were made viable by the higher onboard voltage systems employed in hybrid vehicles. One of these developments was the electrical air conditioning compressor for use in automobile applications. Although it is designed to operate with a higher voltage than the traditional 12V onboard vehicle systems, it is theoretically possible to incorporate it into a 12V system by making use of a DC-DC converter to step up the supply voltage of the electrical compressor sufficiently to allow for its successful operation. The question therefore arises whether it would be feasible and sensible to employ an electrical air conditioning system in conventional combustion engine vehicles from an overall fuel consumption and vehicle emissions point of view. A modelling approach was taken where an overall vehicle driving simulation was created to represent an average modern production vehicle. The simulation was then extended to include the options of incorporating models for both mechanically and electrically driven air conditioning systems. This provides insight into the influences of the air conditioning system on the vehicle’s overall fuel consumption and an opportunity to compare the influences from the two different systems. This study attempted to provide answers to some of the viability questions regarding the incorporation of electrically driven air conditioning systems into vehicles that use standard 12V onboard voltage systems. It was found that the electrical system has definite potential as a viable replacement option for the conventional system should it be combined with an appropriate alternator and equipped with an efficient control system.
- Full Text:
- Date Issued: 2007
- Authors: Marais, Charel
- Date: 2007
- Subjects: Automobiles -- Air conditioning , Electric vehicles -- Power supply , Automobiles -- Fuel systems , Electric automobiles
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9623 , http://hdl.handle.net/10948/774 , Automobiles -- Air conditioning , Electric vehicles -- Power supply , Automobiles -- Fuel systems , Electric automobiles
- Description: The disturbing current situation regarding the world climate has initiated a major wave of urgent developments towards decreasing the overall impact of human activities on the living environment. A major role player in this development is the automobile industry that is inherently connected to pollution of various types, be it air, water or noise pollution. There have been drastic changes not only in the technologies employed in producing vehicles and components, but also in the construction and technologies built into modern automobiles to lessen the overall environmental impact of the industry. Noxious emissions have been decreased, overall efficiencies increased and vehicles are becoming more economical with each new generation. Stricter laws dictate that the level of acceptable vehicle emissions is to be decreased ever further and all manufacturers are developing various possibilities to achieve this. With the emergence of hybrid vehicle technology, there was also a sudden development of different electrical systems that were made viable by the higher onboard voltage systems employed in hybrid vehicles. One of these developments was the electrical air conditioning compressor for use in automobile applications. Although it is designed to operate with a higher voltage than the traditional 12V onboard vehicle systems, it is theoretically possible to incorporate it into a 12V system by making use of a DC-DC converter to step up the supply voltage of the electrical compressor sufficiently to allow for its successful operation. The question therefore arises whether it would be feasible and sensible to employ an electrical air conditioning system in conventional combustion engine vehicles from an overall fuel consumption and vehicle emissions point of view. A modelling approach was taken where an overall vehicle driving simulation was created to represent an average modern production vehicle. The simulation was then extended to include the options of incorporating models for both mechanically and electrically driven air conditioning systems. This provides insight into the influences of the air conditioning system on the vehicle’s overall fuel consumption and an opportunity to compare the influences from the two different systems. This study attempted to provide answers to some of the viability questions regarding the incorporation of electrically driven air conditioning systems into vehicles that use standard 12V onboard voltage systems. It was found that the electrical system has definite potential as a viable replacement option for the conventional system should it be combined with an appropriate alternator and equipped with an efficient control system.
- Full Text:
- Date Issued: 2007
A model for integrating information security into the software development life cycle
- Authors: Futcher, Lynn Ann
- Date: 2007
- Subjects: Computer security , Software maintenance
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9737 , http://hdl.handle.net/10948/506 , Computer security , Software maintenance
- Description: It is within highly integrated technology environments that information security is becoming a focal point for designing, developing and deploying software applications. Ensuring a high level of trust in the security and quality of these applications is crucial to their ultimate success. Therefore, information security has become a core requirement for software applications, driven by the need to protect critical assets and the need to build and preserve widespread trust in computing. However, a common weakness that is inherent in the traditional software development methodologies is the lack of attention given to the security aspects of software development. Most of these methodologies do not explicitly include a standardised method for incorporating information security into their life cycles. Meaningful security can be achieved when information security issues are considered as part of a routine development process, and security safeguards are integrated into the software application throughout its life cycle. This, in turn, will lead to users being more confident to use software applications, and to entrust today's computer systems with their personal information. To build better or more secure software, an improved software development process is required. Security of a software application must be based on the risk associated with the application. In order to understand this risk, the relevant information assets need to be identified together with their threats and vulnerabilities. Therefore, security considerations provide input into every phase of the Software Development Life Cycle (SDLC), from requirements gathering to design, implementation, testing and deployment. This research project presents a Secure Software Development Model (SecSDM) for incorporating information security into all phases of the SDLC, from requirements gathering to systems maintenance. The SecSDM is based on many of the recommendations provided by relevant international standards and best practices, for example, the ISO 7498-2 (1989) standard which addresses the underlying security services and mechanisms that form an integral part of the model.
- Full Text:
- Date Issued: 2007
- Authors: Futcher, Lynn Ann
- Date: 2007
- Subjects: Computer security , Software maintenance
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9737 , http://hdl.handle.net/10948/506 , Computer security , Software maintenance
- Description: It is within highly integrated technology environments that information security is becoming a focal point for designing, developing and deploying software applications. Ensuring a high level of trust in the security and quality of these applications is crucial to their ultimate success. Therefore, information security has become a core requirement for software applications, driven by the need to protect critical assets and the need to build and preserve widespread trust in computing. However, a common weakness that is inherent in the traditional software development methodologies is the lack of attention given to the security aspects of software development. Most of these methodologies do not explicitly include a standardised method for incorporating information security into their life cycles. Meaningful security can be achieved when information security issues are considered as part of a routine development process, and security safeguards are integrated into the software application throughout its life cycle. This, in turn, will lead to users being more confident to use software applications, and to entrust today's computer systems with their personal information. To build better or more secure software, an improved software development process is required. Security of a software application must be based on the risk associated with the application. In order to understand this risk, the relevant information assets need to be identified together with their threats and vulnerabilities. Therefore, security considerations provide input into every phase of the Software Development Life Cycle (SDLC), from requirements gathering to design, implementation, testing and deployment. This research project presents a Secure Software Development Model (SecSDM) for incorporating information security into all phases of the SDLC, from requirements gathering to systems maintenance. The SecSDM is based on many of the recommendations provided by relevant international standards and best practices, for example, the ISO 7498-2 (1989) standard which addresses the underlying security services and mechanisms that form an integral part of the model.
- Full Text:
- Date Issued: 2007
The application of quality models and techniques in selected SMMEs in the Eastern Cape
- Authors: Murray, Andrew Thomas
- Date: 2007
- Subjects: Business enterprises -- South Africa -- Eastern Cape , Quality management -- South Africa -- Eastern Cape
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9608 , http://hdl.handle.net/10948/832 , Business enterprises -- South Africa -- Eastern Cape , Quality management -- South Africa -- Eastern Cape
- Description: With the increase of imports from China and more pressure being put on the Small, Medium and Micro enterprises (SMME’s) from their larger customers, survival has become more and more difficult, quality is no longer being a choise but a prerequisite if the companies want to survive. This research evaluates the use of quality and productivity or the lack thereof in selected SMMEs in the Eastern Cape environment from both the SMME and Larger companies’ point of view. The research has focused on the effectiveness and understanding of what has been put in place by the SMMEs, what is available for the SMMEs to use, governmental support, and the requirements of the customers. Certain shortcomings have been highlighted as to the use and benefits of the processes that have been implemented. The researcher made use of both quantitative and qualitative data to determine the outcome of the research. The thesis concludes that the SMME sector knows the importance of the use of quality; it is the effectiveness and management thereof that is the concern.
- Full Text:
- Date Issued: 2007
- Authors: Murray, Andrew Thomas
- Date: 2007
- Subjects: Business enterprises -- South Africa -- Eastern Cape , Quality management -- South Africa -- Eastern Cape
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9608 , http://hdl.handle.net/10948/832 , Business enterprises -- South Africa -- Eastern Cape , Quality management -- South Africa -- Eastern Cape
- Description: With the increase of imports from China and more pressure being put on the Small, Medium and Micro enterprises (SMME’s) from their larger customers, survival has become more and more difficult, quality is no longer being a choise but a prerequisite if the companies want to survive. This research evaluates the use of quality and productivity or the lack thereof in selected SMMEs in the Eastern Cape environment from both the SMME and Larger companies’ point of view. The research has focused on the effectiveness and understanding of what has been put in place by the SMMEs, what is available for the SMMEs to use, governmental support, and the requirements of the customers. Certain shortcomings have been highlighted as to the use and benefits of the processes that have been implemented. The researcher made use of both quantitative and qualitative data to determine the outcome of the research. The thesis concludes that the SMME sector knows the importance of the use of quality; it is the effectiveness and management thereof that is the concern.
- Full Text:
- Date Issued: 2007
Evolving a secure grid-enabled, distributed data warehouse : a standards-based perspective
- Authors: Li, Xiao-Yu
- Date: 2007
- Subjects: Computational grids (Computer systems) , Computer networks -- Security measures , Electronic data processing -- Distributed processing
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9738 , http://hdl.handle.net/10948/544 , Computational grids (Computer systems) , Computer networks -- Security measures , Electronic data processing -- Distributed processing
- Description: As digital data-collection has increased in scale and number, it becomes an important type of resource serving a wide community of researchers. Cross-institutional data-sharing and collaboration introduce a suitable approach to facilitate those research institutions that are suffering the lack of data and related IT infrastructures. Grid computing has become a widely adopted approach to enable cross-institutional resource-sharing and collaboration. It integrates a distributed and heterogeneous collection of locally managed users and resources. This project proposes a distributed data warehouse system, which uses Grid technology to enable data-access and integration, and collaborative operations across multi-distributed institutions in the context of HV/AIDS research. This study is based on wider research into OGSA-based Grid services architecture, comprising a data-analysis system which utilizes a data warehouse, data marts, and near-line operational database that are hosted by distributed institutions. Within this framework, specific patterns for collaboration, interoperability, resource virtualization and security are included. The heterogeneous and dynamic nature of the Grid environment introduces a number of security challenges. This study also concerns a set of particular security aspects, including PKI-based authentication, single sign-on, dynamic delegation, and attribute-based authorization. These mechanisms, as supported by the Globus Toolkit’s Grid Security Infrastructure, are used to enable interoperability and establish trust relationship between various security mechanisms and policies within different institutions; manage credentials; and ensure secure interactions.
- Full Text:
- Date Issued: 2007
- Authors: Li, Xiao-Yu
- Date: 2007
- Subjects: Computational grids (Computer systems) , Computer networks -- Security measures , Electronic data processing -- Distributed processing
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9738 , http://hdl.handle.net/10948/544 , Computational grids (Computer systems) , Computer networks -- Security measures , Electronic data processing -- Distributed processing
- Description: As digital data-collection has increased in scale and number, it becomes an important type of resource serving a wide community of researchers. Cross-institutional data-sharing and collaboration introduce a suitable approach to facilitate those research institutions that are suffering the lack of data and related IT infrastructures. Grid computing has become a widely adopted approach to enable cross-institutional resource-sharing and collaboration. It integrates a distributed and heterogeneous collection of locally managed users and resources. This project proposes a distributed data warehouse system, which uses Grid technology to enable data-access and integration, and collaborative operations across multi-distributed institutions in the context of HV/AIDS research. This study is based on wider research into OGSA-based Grid services architecture, comprising a data-analysis system which utilizes a data warehouse, data marts, and near-line operational database that are hosted by distributed institutions. Within this framework, specific patterns for collaboration, interoperability, resource virtualization and security are included. The heterogeneous and dynamic nature of the Grid environment introduces a number of security challenges. This study also concerns a set of particular security aspects, including PKI-based authentication, single sign-on, dynamic delegation, and attribute-based authorization. These mechanisms, as supported by the Globus Toolkit’s Grid Security Infrastructure, are used to enable interoperability and establish trust relationship between various security mechanisms and policies within different institutions; manage credentials; and ensure secure interactions.
- Full Text:
- Date Issued: 2007
A general genetic algorithm for one and two dimensional cutting and packing problems
- Authors: Mancapa, Vusisizwe
- Date: 2007
- Subjects: Packaging -- Data processing , Genetic algorithms , Cutting stock problem , Packing for shipment , Manufacturing processes -- Planning
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9602 , http://hdl.handle.net/10948/555 , http://hdl.handle.net/10948/d1011727 , Packaging -- Data processing , Genetic algorithms , Cutting stock problem , Packing for shipment , Manufacturing processes -- Planning
- Description: Cutting and packing problems are combinatorial optimisation problems. The major interest in these problems is their practical significance, in manufacturing and other business sectors. In most manufacturing situations a raw material usually in some standard size has to be divided or be cut into smaller items to complete the production of some product. Since the cost of this raw material usually forms a significant portion of the input costs, it is therefore desirable that this resource be used efficiently. A hybrid general genetic algorithm is presented in this work to solve one and two dimensional problems of this nature. The novelties with this algorithm are: A novel placement heuristic hybridised with a Genetic Algorithm is introduced and a general solution encoding scheme which is used to encode one dimensional and two dimensional problems is also introduced.
- Full Text:
- Date Issued: 2007
- Authors: Mancapa, Vusisizwe
- Date: 2007
- Subjects: Packaging -- Data processing , Genetic algorithms , Cutting stock problem , Packing for shipment , Manufacturing processes -- Planning
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9602 , http://hdl.handle.net/10948/555 , http://hdl.handle.net/10948/d1011727 , Packaging -- Data processing , Genetic algorithms , Cutting stock problem , Packing for shipment , Manufacturing processes -- Planning
- Description: Cutting and packing problems are combinatorial optimisation problems. The major interest in these problems is their practical significance, in manufacturing and other business sectors. In most manufacturing situations a raw material usually in some standard size has to be divided or be cut into smaller items to complete the production of some product. Since the cost of this raw material usually forms a significant portion of the input costs, it is therefore desirable that this resource be used efficiently. A hybrid general genetic algorithm is presented in this work to solve one and two dimensional problems of this nature. The novelties with this algorithm are: A novel placement heuristic hybridised with a Genetic Algorithm is introduced and a general solution encoding scheme which is used to encode one dimensional and two dimensional problems is also introduced.
- Full Text:
- Date Issued: 2007
A COP optimized control system for a CO₂ based automotive A/C-system
- Authors: Rapp, Tobias
- Date: 2007
- Subjects: Automobiles -- Air conditioning , Motor vehicles -- Automatic control
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9624 , http://hdl.handle.net/10948/773 , Automobiles -- Air conditioning , Motor vehicles -- Automatic control
- Description: In the last few years carbon dioxide received increasing attention as a possible replacement for fluorocarbon-based refrigerants used within present automotive A/C system technology. R-134a is harmless to the ozone layer but the greenhouse effect is more than 1300 times higher than that of an equivalent amount of CO2. Alternative refrigerants are natural gasses such as propane and butane, however these gasses are considered explosive. With many objections raised it appears if CO2 will be the future refrigrant for automotive use. One concern with R-744 is its high operating pressure and suction/discharge pressure difference when compared to common refrigeration processes. A major problem with the CO2 cycle is the loss of effciency at high ambient temperatures. With a COP optimized control system for the expansion value based on pressure, temperature and mass flow of the refrigerant, an effective A/C system for CO2 could be deleloped. This resrach offers basic knowledge of refrigerant cycles and gives an overall view of the refrigerant change-over problem. With the results obtained from the experimental work a better understanding of the CO2 cycle and a better understanding towards effective A/C systems have been realized.
- Full Text:
- Date Issued: 2007
- Authors: Rapp, Tobias
- Date: 2007
- Subjects: Automobiles -- Air conditioning , Motor vehicles -- Automatic control
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9624 , http://hdl.handle.net/10948/773 , Automobiles -- Air conditioning , Motor vehicles -- Automatic control
- Description: In the last few years carbon dioxide received increasing attention as a possible replacement for fluorocarbon-based refrigerants used within present automotive A/C system technology. R-134a is harmless to the ozone layer but the greenhouse effect is more than 1300 times higher than that of an equivalent amount of CO2. Alternative refrigerants are natural gasses such as propane and butane, however these gasses are considered explosive. With many objections raised it appears if CO2 will be the future refrigrant for automotive use. One concern with R-744 is its high operating pressure and suction/discharge pressure difference when compared to common refrigeration processes. A major problem with the CO2 cycle is the loss of effciency at high ambient temperatures. With a COP optimized control system for the expansion value based on pressure, temperature and mass flow of the refrigerant, an effective A/C system for CO2 could be deleloped. This resrach offers basic knowledge of refrigerant cycles and gives an overall view of the refrigerant change-over problem. With the results obtained from the experimental work a better understanding of the CO2 cycle and a better understanding towards effective A/C systems have been realized.
- Full Text:
- Date Issued: 2007
Governing information security using organisational information security profiles
- Authors: Tyukala, Mkhululi
- Date: 2007
- Subjects: Data protection , Computer security -- Management , Computer networks -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9788 , http://hdl.handle.net/10948/626 , Data protection , Computer security -- Management , Computer networks -- Security measures
- Description: The corporate scandals of the last few years have changed the face of information security and its governance. Information security has been elevated to the board of director level due to legislation and corporate governance regulations resulting from the scandals. Now boards of directors have corporate responsibility to ensure that the information assets of an organisation are secure. They are forced to embrace information security and make it part of business strategies. The new support from the board of directors gives information security weight and the voice from the top as well as the financial muscle that other business activities experience. However, as an area that is made up of specialist activities, information security may not easily be comprehended at board level like other business related activities. Yet the board of directors needs to provide oversight of information security. That is, put an information security programme in place to ensure that information is adequately protected. This raises a number of challenges. One of the challenges is how can information security be understood and well informed decisions about it be made at the board level? This dissertation provides a mechanism to present information at board level on how information security is implemented according to the vision of the board of directors. This mechanism is built upon well accepted and documented concepts of information security. The mechanism (termed An Organisational Information Security Profile or OISP) will assist organisations with the initialisation, monitoring, measuring, reporting and reviewing of information security programmes. Ultimately, the OISP will make it possible to know if the information security endeavours of the organisation are effective or not. If the information security programme is found to be ineffective, The OISP will facilitate the pointing out of areas that are ineffective and what caused the ineffectiveness. This dissertation also presents how the effectiveness or ineffctiveness of information security can be presented at board level using well known visualisation methods. Finally the contribution, limits and areas that need more investigation are provided.
- Full Text:
- Date Issued: 2007
- Authors: Tyukala, Mkhululi
- Date: 2007
- Subjects: Data protection , Computer security -- Management , Computer networks -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9788 , http://hdl.handle.net/10948/626 , Data protection , Computer security -- Management , Computer networks -- Security measures
- Description: The corporate scandals of the last few years have changed the face of information security and its governance. Information security has been elevated to the board of director level due to legislation and corporate governance regulations resulting from the scandals. Now boards of directors have corporate responsibility to ensure that the information assets of an organisation are secure. They are forced to embrace information security and make it part of business strategies. The new support from the board of directors gives information security weight and the voice from the top as well as the financial muscle that other business activities experience. However, as an area that is made up of specialist activities, information security may not easily be comprehended at board level like other business related activities. Yet the board of directors needs to provide oversight of information security. That is, put an information security programme in place to ensure that information is adequately protected. This raises a number of challenges. One of the challenges is how can information security be understood and well informed decisions about it be made at the board level? This dissertation provides a mechanism to present information at board level on how information security is implemented according to the vision of the board of directors. This mechanism is built upon well accepted and documented concepts of information security. The mechanism (termed An Organisational Information Security Profile or OISP) will assist organisations with the initialisation, monitoring, measuring, reporting and reviewing of information security programmes. Ultimately, the OISP will make it possible to know if the information security endeavours of the organisation are effective or not. If the information security programme is found to be ineffective, The OISP will facilitate the pointing out of areas that are ineffective and what caused the ineffectiveness. This dissertation also presents how the effectiveness or ineffctiveness of information security can be presented at board level using well known visualisation methods. Finally the contribution, limits and areas that need more investigation are provided.
- Full Text:
- Date Issued: 2007
A code of practice for practitioners in private healthcare: a privacy perspective
- Authors: Harvey, Brett D
- Date: 2007
- Subjects: Information storage and retrieval systems -- Medical care , Medical records -- Data processing , Privacy, Right of Comparative studies
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9735 , http://hdl.handle.net/10948/521 , Information storage and retrieval systems -- Medical care , Medical records -- Data processing , Privacy, Right of Comparative studies
- Description: Whereas there are various initiatives to standardize the storage, processing and use of electronic patient information in the South African health sector, the sector is fragmented through the adoption of various approaches on national, provincial and district levels. Divergent IT systems are used in the public and private health sectors (“Recommendations of the Committee on …” 2003). Furthermore, general practitioners in some parts of the country still use paper as a primary means of documentation and storage. Nonetheless, the use of computerized systems is increasing, even in the most remote rural areas. This leads to the exposure of patient information to various threats that are perpetuated through the use of information technology. Irrespective of the level of technology adoption by practitioners in private healthcare practice, the security and privacy of patient information remains of critical importance. The disclosure of patient information whether intentional or not, can have dire consequences for a patient. In general, the requirements pertaining to the privacy of patient information are controlled and enforced through the adoption of legislation by the governing body of a country. Compared with developed nations, South Africa has limited legislation to help enforce privacy in the health sector. Conversely, Australia, New Zealand and Canada have some of the most advanced legislative frameworks when it comes to the privacy of patient information. In this dissertation, the Australian, New Zealand, Canadian and South African health sectors and the legislation they have in place to ensure the privacy of health information, will be investigated. Additionally, codes of practice and guidelines on privacy of patient information for GPs, in the afore-mentioned countries, will be investigated to form an idea as to what is needed in creating and formulating a new code of practice for the South African GP, as well as a pragmatic tool (checklist) to check adherence to privacy requirements.
- Full Text:
- Date Issued: 2007
- Authors: Harvey, Brett D
- Date: 2007
- Subjects: Information storage and retrieval systems -- Medical care , Medical records -- Data processing , Privacy, Right of Comparative studies
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9735 , http://hdl.handle.net/10948/521 , Information storage and retrieval systems -- Medical care , Medical records -- Data processing , Privacy, Right of Comparative studies
- Description: Whereas there are various initiatives to standardize the storage, processing and use of electronic patient information in the South African health sector, the sector is fragmented through the adoption of various approaches on national, provincial and district levels. Divergent IT systems are used in the public and private health sectors (“Recommendations of the Committee on …” 2003). Furthermore, general practitioners in some parts of the country still use paper as a primary means of documentation and storage. Nonetheless, the use of computerized systems is increasing, even in the most remote rural areas. This leads to the exposure of patient information to various threats that are perpetuated through the use of information technology. Irrespective of the level of technology adoption by practitioners in private healthcare practice, the security and privacy of patient information remains of critical importance. The disclosure of patient information whether intentional or not, can have dire consequences for a patient. In general, the requirements pertaining to the privacy of patient information are controlled and enforced through the adoption of legislation by the governing body of a country. Compared with developed nations, South Africa has limited legislation to help enforce privacy in the health sector. Conversely, Australia, New Zealand and Canada have some of the most advanced legislative frameworks when it comes to the privacy of patient information. In this dissertation, the Australian, New Zealand, Canadian and South African health sectors and the legislation they have in place to ensure the privacy of health information, will be investigated. Additionally, codes of practice and guidelines on privacy of patient information for GPs, in the afore-mentioned countries, will be investigated to form an idea as to what is needed in creating and formulating a new code of practice for the South African GP, as well as a pragmatic tool (checklist) to check adherence to privacy requirements.
- Full Text:
- Date Issued: 2007
The perceived economic impact of the city of Johannesburg's storm water attenuation policy on private property developers
- Authors: Aldous, Michael Geoffrey
- Date: 2007
- Subjects: Runoff -- South Africa -- Johannesburg , Real estate development -- South Africa -- Johannesburg
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9668 , http://hdl.handle.net/10948/765 , Runoff -- South Africa -- Johannesburg , Real estate development -- South Africa -- Johannesburg
- Description: Stormwater attenuation policy has, over recent years, become a highly contentious issue for the property development community. Increased urbanisation, locally and internationally, has forced municipal authorities to reconsider the role of stormwater management in this evolving urban landscape. It is within this context that the legislative support and municipal policy for stormwater management in the City of Johannesburg has been explored, particularly in terms of the economic impact on property developers. The research aimed to explore the relationship between stormwater attenuation policy and the economic impact thereof on private property developers. Consideration was given to the cost, risk and time factors of legislative and policy requirements within the development process. Further consideration was given to the physical environment that has brought about current pressures. Based upon research of international issues highlighted in countries with well developed attenuation policy, a questionnaire was constructed to evaluate the response of local private property developers to selected issues as key sub-problems. The responses were tested against the developed set of hypotheses. The research indicated that developers had a generally poor level of knowledge with regard to the stormwater management policy of the City of Johannesburg, as well as the supporting legislative requirements of provincial and national policy documents. The results of the survey also indicated that developers were strongly opposed to the loss of developable area, but indicated a limited financial impact of the current stormwater attenuation policy. The risk inherent in incorporating an attenuation facility within a development was identified as being low with little perceived impact. Developers further indicated that the inclusion of attenuation facilities was seen as a significant contributing factor in the delay, approval and acceptance of new developments in which attenuation facilities were required, while maintenance costs were indicated to be of a low level of importance. Recommendations in response to the research findings included the establishment of detailed policy documentation and support for effective distribution channels in conjunction with industry and public focused information campaigns, improved municipal capacity and a greater level of technical support. A need for additional stormwater research and an increase in the capture of relevant data for GIS purposes was identified.
- Full Text:
- Date Issued: 2007
- Authors: Aldous, Michael Geoffrey
- Date: 2007
- Subjects: Runoff -- South Africa -- Johannesburg , Real estate development -- South Africa -- Johannesburg
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9668 , http://hdl.handle.net/10948/765 , Runoff -- South Africa -- Johannesburg , Real estate development -- South Africa -- Johannesburg
- Description: Stormwater attenuation policy has, over recent years, become a highly contentious issue for the property development community. Increased urbanisation, locally and internationally, has forced municipal authorities to reconsider the role of stormwater management in this evolving urban landscape. It is within this context that the legislative support and municipal policy for stormwater management in the City of Johannesburg has been explored, particularly in terms of the economic impact on property developers. The research aimed to explore the relationship between stormwater attenuation policy and the economic impact thereof on private property developers. Consideration was given to the cost, risk and time factors of legislative and policy requirements within the development process. Further consideration was given to the physical environment that has brought about current pressures. Based upon research of international issues highlighted in countries with well developed attenuation policy, a questionnaire was constructed to evaluate the response of local private property developers to selected issues as key sub-problems. The responses were tested against the developed set of hypotheses. The research indicated that developers had a generally poor level of knowledge with regard to the stormwater management policy of the City of Johannesburg, as well as the supporting legislative requirements of provincial and national policy documents. The results of the survey also indicated that developers were strongly opposed to the loss of developable area, but indicated a limited financial impact of the current stormwater attenuation policy. The risk inherent in incorporating an attenuation facility within a development was identified as being low with little perceived impact. Developers further indicated that the inclusion of attenuation facilities was seen as a significant contributing factor in the delay, approval and acceptance of new developments in which attenuation facilities were required, while maintenance costs were indicated to be of a low level of importance. Recommendations in response to the research findings included the establishment of detailed policy documentation and support for effective distribution channels in conjunction with industry and public focused information campaigns, improved municipal capacity and a greater level of technical support. A need for additional stormwater research and an increase in the capture of relevant data for GIS purposes was identified.
- Full Text:
- Date Issued: 2007