A framework to integrate secure programming principles into undergraduate computing curricula
- Authors: Bangani, Sifiso Matthews
- Date: 2020
- Subjects: Information technology -- Study and teaching (Higher) , Electronic data processing personnel -- Training of Computer software -- Development
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/46019 , vital:39409
- Description: Many graduate software developers are not competent in secure programming, resulting in risks that are caused by vulnerabilities in the application code of software applications. These graduate software developers are equipped with programming knowledge and skills from universities, however, these software developers are rarely equipped with secure programming knowledge and skills from the undergraduate level. Although there are various techniques for writing secure code in the current body of knowledge, these techniques are rarely fundamental components of a computing curriculum, resulting in incompetent graduate software developers. The security aspect of software applications, is considered as an important aspect that can reflect the ability of a system to prevent data exposures and loss of information. For businesses that rely on software applications to keep operations running, a failure of a software application can stop production, interrupt processes, and may lead to data breaches and financial losses. This research argued that secure programming education needs to be included across computing curricula, and thus, the primary objective of this dissertation was: To develop a framework for integrating secure programming principles into undergraduate computing curricula. It proposes a framework for the incorporation of secure programming principles into undergraduate computing curricula, through a step-by-step approach. This framework includes the identification of application risks and secure programming practices as they relate to each other, and to the basic programming concepts taught to undergraduate students. It specifically aims to improve the security of software applications developed in the .Net framework environment. The main research methods used in this study included a literature view, thematic content analysis, argumentation, and modelling.
- Full Text:
- Date Issued: 2020
A study of the reintegration of female former child soldiers in Gulu District, northern Uganda
- Authors: Bertelsen, Anna
- Date: 2014
- Subjects: Women soldiers -- Uganda -- Gulu District , Child soldiers -- Uganda -- Gulu District , Patriarchy -- Uganda -- Gulu District
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: vital:8324 , http://hdl.handle.net/10948/d1020192
- Description: This research explores the perceptions and experiences of female former child soldiers in regard to their reintegration within the community of Gulu District, northern Uganda. In many societies women are generally excluded due to prevailing patriarchal hegemonies, with northern Uganda being no exception. Moreover, former child soldiers are commonly marginalized and discriminated against because members of communities commonly believe that they should be punished for the perceived atrocities that they allegedly committed during times of conflict, rather than be reintegrated into society. In this regard female former child soldiers can be identified as a particularly vulnerable and marginalized group. Therefore, it can be suggested that although the distinction between traditional gender roles has been eroded during times of armed conflict, there is still widespread evidence that women are largely overlooked and disregarded in the process of peace building. In order to explore the perceptions and experiences of former female child soldiers, a qualitative case study method was utilized based on in-depth face to face interviews with women from Gulu District, northern Uganda. The findings of this study indicate that, even though these women went through considerable hardships, all of them displayed a strong sense of resilience. Many of them had taken on the role as active change agents in their own lives and provided an array of suggestions on how their situation could be improved. The major themes constructed from the study include: challenges facing returnees; facilitating factors for returnees and suggestions on improved reintegration. Based on these findings a number of recommendations emerged. The recommendations are presented in order to assist organizations and other stakeholders involved in reintegration of child soldiers in northern Uganda and elsewhere in the world. Apart from providing information to the existing body of research, future areas of proposed research are also outlined.
- Full Text:
- Date Issued: 2014
Managing an information security policy architecture : a technical documentation perspective
- Authors: Maninjwa, Prosecutor Mvikeli
- Date: 2012
- Subjects: Computer security -- Management , Computer architecture , Data protection
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9825 , http://hdl.handle.net/10948/d1020757
- Description: Information and the related assets form critical business assets for most organizations. Organizations depend on their information assets to survive and to remain competitive. However, the organization’s information assets are faced with a number of internal and external threats, aimed at compromising the confidentiality, integrity and/or availability (CIA) of information assets. These threats can be of physical, technical, or operational nature. For an organization to successfully conduct its business operations, information assets should always be protected from these threats. The process of protecting information and its related assets, ensuring the CIA thereof, is referred to as information security. To be effective, information security should be viewed as critical to the overall success of the organization, and therefore be included as one of the organization’s Corporate Governance sub-functions, referred to as Information Security Governance. Information Security Governance is the strategic system for directing and controlling the organization’s information security initiatives. Directing is the process whereby management issues directives, giving a strategic direction for information security within an organization. Controlling is the process of ensuring that management directives are being adhered to within an organization. To be effective, Information Security Governance directing and controlling depend on the organization’s Information Security Policy Architecture. An Information Security Policy Architecture is a hierarchical representation of the various information security policies and related documentation that an organization has used. When directing, management directives should be issued in the form of an Information Security Policy Architecture, and controlling should ensure adherence to the Information Security Policy Architecture. However, this study noted that in both literature and organizational practices, Information Security Policy Architectures are not comprehensively addressed and adequately managed. Therefore, this study argues towards a more comprehensive Information Security Policy Architecture, and the proper management thereof.
- Full Text:
- Date Issued: 2012