A model for information security management and regulatory compliance in the South African health sector
- Authors: Tuyikeze, Tite
- Date: 2005
- Subjects: Computer networks -- Security measures , Public health -- South Africa
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9740 , http://hdl.handle.net/10948/425 , Computer networks -- Security measures , Public health -- South Africa
- Description: Information Security is becoming a part of the core business processes in every organization. Companies are faced with contradictory requirements to ensure open systems and accessible information while maintaining high protection standards. In addition, the contemporary management of Information Security requires a variety of approaches in different areas, ranging from technological to organizational issues and legislation. These approaches are often isolated while Security Management requires an integrated approach. Information Technology promises many benefits to healthcare organizations. It helps to make accurate information more readily available to healthcare providers and workers, researchers and patients and advanced computing and communication technology can improve the quality and lower the costs of healthcare. However, the prospect of storing health information in an electronic form raises concerns about patient privacy and security. Healthcare organizations are required to establish formal Information Security program, for example through the adoption of the ISO 17799 standard, to ensure an appropriate and consistent level of information security for computer-based patient records, both within individual healthcare organizations and throughout the entire healthcare delivery system. However, proper Information Security Management practices, alone, do not necessarily ensure regulatory compliance. South African healthcare organizations must comply with the South African National Health Act (SANHA) and the Electronic Communication Transaction Act (ECTA). It is necessary to consider compliance with the Health Insurance Portability and Accountability Act (HIPAA) to meet healthcare international industry standards. The main purpose of this project is to propose a compliance strategy, which ensures full compliance with regulatory requirements and at the same time assures customers that international industry standards are being used. This is preceded by a comparative analysis of the requirements posed by the ISO 17799 standard and the HIPAA, SANHA and ECTA regulations.
- Full Text:
- Date Issued: 2005
- Authors: Tuyikeze, Tite
- Date: 2005
- Subjects: Computer networks -- Security measures , Public health -- South Africa
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9740 , http://hdl.handle.net/10948/425 , Computer networks -- Security measures , Public health -- South Africa
- Description: Information Security is becoming a part of the core business processes in every organization. Companies are faced with contradictory requirements to ensure open systems and accessible information while maintaining high protection standards. In addition, the contemporary management of Information Security requires a variety of approaches in different areas, ranging from technological to organizational issues and legislation. These approaches are often isolated while Security Management requires an integrated approach. Information Technology promises many benefits to healthcare organizations. It helps to make accurate information more readily available to healthcare providers and workers, researchers and patients and advanced computing and communication technology can improve the quality and lower the costs of healthcare. However, the prospect of storing health information in an electronic form raises concerns about patient privacy and security. Healthcare organizations are required to establish formal Information Security program, for example through the adoption of the ISO 17799 standard, to ensure an appropriate and consistent level of information security for computer-based patient records, both within individual healthcare organizations and throughout the entire healthcare delivery system. However, proper Information Security Management practices, alone, do not necessarily ensure regulatory compliance. South African healthcare organizations must comply with the South African National Health Act (SANHA) and the Electronic Communication Transaction Act (ECTA). It is necessary to consider compliance with the Health Insurance Portability and Accountability Act (HIPAA) to meet healthcare international industry standards. The main purpose of this project is to propose a compliance strategy, which ensures full compliance with regulatory requirements and at the same time assures customers that international industry standards are being used. This is preceded by a comparative analysis of the requirements posed by the ISO 17799 standard and the HIPAA, SANHA and ECTA regulations.
- Full Text:
- Date Issued: 2005
A SOAP-based Model for secure messaging in a global context
- Authors: Van Eeden, Johannes Jurie
- Date: 2005
- Subjects: Telecommunication systems -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9777 , http://hdl.handle.net/10948/817 , Telecommunication systems -- Security measures
- Description: For integration between application-systems in a global context, interoperability needs to be established on a global level; global interoperability, in turn, is based on a global common application-interface. This is achieved through resolving differences in, inter alia, protocol profiles, among participants in the global network. ebXML is used as the point of departure. A messaging framework, which is based on existing Web technology and standards, is proposed. Certain security and Web service standards are examined to determine specific parameters for an interoperable secure messaging environment. A security based framework comprising a predefined message format and architecture is investigated for a secure interoperable global electronic marketspace.
- Full Text:
- Date Issued: 2005
- Authors: Van Eeden, Johannes Jurie
- Date: 2005
- Subjects: Telecommunication systems -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9777 , http://hdl.handle.net/10948/817 , Telecommunication systems -- Security measures
- Description: For integration between application-systems in a global context, interoperability needs to be established on a global level; global interoperability, in turn, is based on a global common application-interface. This is achieved through resolving differences in, inter alia, protocol profiles, among participants in the global network. ebXML is used as the point of departure. A messaging framework, which is based on existing Web technology and standards, is proposed. Certain security and Web service standards are examined to determine specific parameters for an interoperable secure messaging environment. A security based framework comprising a predefined message format and architecture is investigated for a secure interoperable global electronic marketspace.
- Full Text:
- Date Issued: 2005
Applying a framework for IT governance in South African higher education institutions
- Authors: Viljoen, Stephen
- Date: 2005
- Subjects: Computer security , Universities and colleges -- Computer networks -- Security measures -- South Africa , Data protection
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9739 , http://hdl.handle.net/10948/416 , Computer security , Universities and colleges -- Computer networks -- Security measures -- South Africa , Data protection
- Description: Background: Higher Education (HE), through HE Institutions, plays a very important role in society. There is thus a need for this sector to be well managed, especially with regards to planning, organising, and controlling. Corporate Governance has received a lot of attention in recent times, especially to engender trust on the part of the stakeholders. There are many similarities, but also significant differences in the governance of HE institutions and public companies. Information Technology (IT) plays an extremely important role in the modern organisation, creating huge opportunities, but also increasing the risk to the organisation. Therefore, effective governance of IT in HE Institutions is of great importance.
- Full Text:
- Date Issued: 2005
- Authors: Viljoen, Stephen
- Date: 2005
- Subjects: Computer security , Universities and colleges -- Computer networks -- Security measures -- South Africa , Data protection
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9739 , http://hdl.handle.net/10948/416 , Computer security , Universities and colleges -- Computer networks -- Security measures -- South Africa , Data protection
- Description: Background: Higher Education (HE), through HE Institutions, plays a very important role in society. There is thus a need for this sector to be well managed, especially with regards to planning, organising, and controlling. Corporate Governance has received a lot of attention in recent times, especially to engender trust on the part of the stakeholders. There are many similarities, but also significant differences in the governance of HE institutions and public companies. Information Technology (IT) plays an extremely important role in the modern organisation, creating huge opportunities, but also increasing the risk to the organisation. Therefore, effective governance of IT in HE Institutions is of great importance.
- Full Text:
- Date Issued: 2005
Development and analysis of a friction stir spot welding process for aluminium
- Authors: Stephen, Michael George
- Date: 2005
- Subjects: Friction welding , Electric welding , Aluminum alloys -- Welding
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9631 , http://hdl.handle.net/10948/1351 , Friction welding , Electric welding , Aluminum alloys -- Welding
- Description: Friction Stir Spot Welding (FSSW) has been developed from the conventional Friction Stir Welding (FSW) process, developed at The Welding Institute (TWI). FSSWs have been done without the keyhole being eliminated. Elimination of the keyhole would result in the process being more commercially viable. This dissertation focuses on an attempt of eliminating the keyhole using a retractable pin tool as well as a comparison of the weld integrity of a FSSW to that of a conventional Resistance Spot Weld (RSW). Welds were conducted on aluminium alloy 6063 T4. Comparisons between different weld procedures were done. Further analysis of the weld integrity between FSSW and RSW were conducted, comparing tensile strengths, microstructure and hardness. For the above welding procedure to take place, the current retractable pin tool, patented by PE Technikon, was redesigned. Problems associated during the welding process and the results obtained are documented. Reasons for the keyhole not being eliminated as well as recommendations for future work in the attempt to remove the keyhole are discussed.
- Full Text:
- Date Issued: 2005
- Authors: Stephen, Michael George
- Date: 2005
- Subjects: Friction welding , Electric welding , Aluminum alloys -- Welding
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9631 , http://hdl.handle.net/10948/1351 , Friction welding , Electric welding , Aluminum alloys -- Welding
- Description: Friction Stir Spot Welding (FSSW) has been developed from the conventional Friction Stir Welding (FSW) process, developed at The Welding Institute (TWI). FSSWs have been done without the keyhole being eliminated. Elimination of the keyhole would result in the process being more commercially viable. This dissertation focuses on an attempt of eliminating the keyhole using a retractable pin tool as well as a comparison of the weld integrity of a FSSW to that of a conventional Resistance Spot Weld (RSW). Welds were conducted on aluminium alloy 6063 T4. Comparisons between different weld procedures were done. Further analysis of the weld integrity between FSSW and RSW were conducted, comparing tensile strengths, microstructure and hardness. For the above welding procedure to take place, the current retractable pin tool, patented by PE Technikon, was redesigned. Problems associated during the welding process and the results obtained are documented. Reasons for the keyhole not being eliminated as well as recommendations for future work in the attempt to remove the keyhole are discussed.
- Full Text:
- Date Issued: 2005
Establishing an information security culture in organizations : an outcomes based education approach
- Van Niekerk, Johannes Frederick
- Authors: Van Niekerk, Johannes Frederick
- Date: 2005
- Subjects: Computer security , Management information systems -- Security measures , Competency-based education
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9742 , http://hdl.handle.net/10948/164 , Computer security , Management information systems -- Security measures , Competency-based education
- Description: Information security is crucial to the continuous well-being of modern orga- nizations. Humans play a signfiicant role in the processes needed to secure an organization's information resources. Without an adequate level of user co-operation and knowledge, many security techniques are liable to be misused or misinterpreted by users. This may result in an adequate security measure becoming inadequate. It is therefor necessary to educate the orga- nization's employees regarding information security and also to establish a corporate sub-culture of information security in the organization, which will ensure that the employees have the correct attitude towards their security responsibilities. Current information security education programs fails to pay su±cient attention to the behavioral sciences. There also exist a lack of knowledge regarding the principles, and processes, that would be needed for the establishment of an corporate sub-culture, specific to information security. Without both the necessary knowledge, and the desired attitude amongst the employee, it will be impossible to guarantee that the organi- zation's information resources are secure. It would therefor make sense to address both these dimensions to the human factor in information security, using a single integrated, holistic approach. This dissertation presents such an approach, which is based on an integration of sound behavioral theories.
- Full Text:
- Date Issued: 2005
Establishing an information security culture in organizations : an outcomes based education approach
- Authors: Van Niekerk, Johannes Frederick
- Date: 2005
- Subjects: Computer security , Management information systems -- Security measures , Competency-based education
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9742 , http://hdl.handle.net/10948/164 , Computer security , Management information systems -- Security measures , Competency-based education
- Description: Information security is crucial to the continuous well-being of modern orga- nizations. Humans play a signfiicant role in the processes needed to secure an organization's information resources. Without an adequate level of user co-operation and knowledge, many security techniques are liable to be misused or misinterpreted by users. This may result in an adequate security measure becoming inadequate. It is therefor necessary to educate the orga- nization's employees regarding information security and also to establish a corporate sub-culture of information security in the organization, which will ensure that the employees have the correct attitude towards their security responsibilities. Current information security education programs fails to pay su±cient attention to the behavioral sciences. There also exist a lack of knowledge regarding the principles, and processes, that would be needed for the establishment of an corporate sub-culture, specific to information security. Without both the necessary knowledge, and the desired attitude amongst the employee, it will be impossible to guarantee that the organi- zation's information resources are secure. It would therefor make sense to address both these dimensions to the human factor in information security, using a single integrated, holistic approach. This dissertation presents such an approach, which is based on an integration of sound behavioral theories.
- Full Text:
- Date Issued: 2005
Introducing hippocratic log files for personal privacy control
- Authors: Rutherford, Andrew
- Date: 2005
- Subjects: Computer security , Internet -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9743 , http://hdl.handle.net/10948/171 , Computer security , Internet -- Security measures
- Description: The rapid growth of the Internet has served to intensify existing privacy concerns of the individual, to the point that privacy is the number one concern amongst Internet users today. Tools exist that can provide users with a choice of anonymity or pseudonymity. However, many Web transactions require the release of personally identifying information, thus rendering such tools infeasible in many instances. Since it is then a given that users are often required to release personal information, which could be recorded, it follows that they require a greater degree of control over the information they release. Hippocratic databases, designed by Agrawal, Kiernan, Srikant, and Xu (2002), aim to give users greater control over information stored in a data- base. Their design was inspired by the medical Hippocratic oath, and makes data privacy protection a fundamental responsibility of the database itself. To achieve the privacy of data, Hippocratic databases are governed by 10 key privacy principles. This dissertation argues, that asides from a few challenges, the 10 prin- ciples of Hippocratic databases can be applied to log ¯les. This argument is supported by presenting a high-level functional view of a Hippocratic log file architecture. This architecture focuses on issues that highlight the con- trol users gain over their personal information that is collected in log files. By presenting a layered view of the aforementioned architecture, it was, fur- thermore, possible to provide greater insight into the major processes that would be at work in a Hippocratic log file implementation. An exploratory prototype served to understand and demonstrate certain of the architectural components of Hippocratic log files. This dissertation, thus, makes a contribution to the ideal of providing users with greater control over their personal information, by proposing the use of Hippocratic logfiles.
- Full Text:
- Date Issued: 2005
- Authors: Rutherford, Andrew
- Date: 2005
- Subjects: Computer security , Internet -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9743 , http://hdl.handle.net/10948/171 , Computer security , Internet -- Security measures
- Description: The rapid growth of the Internet has served to intensify existing privacy concerns of the individual, to the point that privacy is the number one concern amongst Internet users today. Tools exist that can provide users with a choice of anonymity or pseudonymity. However, many Web transactions require the release of personally identifying information, thus rendering such tools infeasible in many instances. Since it is then a given that users are often required to release personal information, which could be recorded, it follows that they require a greater degree of control over the information they release. Hippocratic databases, designed by Agrawal, Kiernan, Srikant, and Xu (2002), aim to give users greater control over information stored in a data- base. Their design was inspired by the medical Hippocratic oath, and makes data privacy protection a fundamental responsibility of the database itself. To achieve the privacy of data, Hippocratic databases are governed by 10 key privacy principles. This dissertation argues, that asides from a few challenges, the 10 prin- ciples of Hippocratic databases can be applied to log ¯les. This argument is supported by presenting a high-level functional view of a Hippocratic log file architecture. This architecture focuses on issues that highlight the con- trol users gain over their personal information that is collected in log files. By presenting a layered view of the aforementioned architecture, it was, fur- thermore, possible to provide greater insight into the major processes that would be at work in a Hippocratic log file implementation. An exploratory prototype served to understand and demonstrate certain of the architectural components of Hippocratic log files. This dissertation, thus, makes a contribution to the ideal of providing users with greater control over their personal information, by proposing the use of Hippocratic logfiles.
- Full Text:
- Date Issued: 2005
Investigation of the effect of selected polypropylene fibres and ultra-fine aggregate on plastic shrinkage cracks on South African roads
- Authors: Kluyts, Grant
- Date: 2005
- Subjects: Concrete roads -- South Africa -- Design and construction , Fiber-reinforced concrete , Reinforced concrete -- Cracking , Concrete -- Expansion and contraction , Polypropylene fibers
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9592 , http://hdl.handle.net/10948/174 , Concrete roads -- South Africa -- Design and construction , Fiber-reinforced concrete , Reinforced concrete -- Cracking , Concrete -- Expansion and contraction , Polypropylene fibers
- Description: Plastic shrinkage cracks, although not inherently structurally debilitating, expose the reinforcement in low-volume reinforced concrete roads to deleterious substances, which may reduce its effectiveness leading ultimately to structural failure. In un-reinforced low-volume concrete road these cracks appear unsightly and cause the road user an unpleasant riding experience. Many researchers believe that plastic shrinkage crack development remains a concern to the concrete industry, occurring in particularly large–area pours such as low-volume concrete roads, and therefore requires further research to understand their formation and minimization. This study reports findings on the effectiveness of oxyfluorinated polypropylene fibres to control plastic shrinkage cracks, and the effect the addition of ultra-fine material has on the formation and/or propagation of these cracks. Findings indicate that low volume dosages (2 kg/m³), of oxyfluorinated polypropylene fibre significantly reduced the formation of plastic shrinkage cracks under test conditions. Furthermore, that the addition of ultra-fine material in excess of 63 kg/m³ increased the formation and/or development of plastic shrinkage cracks.
- Full Text:
- Date Issued: 2005
- Authors: Kluyts, Grant
- Date: 2005
- Subjects: Concrete roads -- South Africa -- Design and construction , Fiber-reinforced concrete , Reinforced concrete -- Cracking , Concrete -- Expansion and contraction , Polypropylene fibers
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9592 , http://hdl.handle.net/10948/174 , Concrete roads -- South Africa -- Design and construction , Fiber-reinforced concrete , Reinforced concrete -- Cracking , Concrete -- Expansion and contraction , Polypropylene fibers
- Description: Plastic shrinkage cracks, although not inherently structurally debilitating, expose the reinforcement in low-volume reinforced concrete roads to deleterious substances, which may reduce its effectiveness leading ultimately to structural failure. In un-reinforced low-volume concrete road these cracks appear unsightly and cause the road user an unpleasant riding experience. Many researchers believe that plastic shrinkage crack development remains a concern to the concrete industry, occurring in particularly large–area pours such as low-volume concrete roads, and therefore requires further research to understand their formation and minimization. This study reports findings on the effectiveness of oxyfluorinated polypropylene fibres to control plastic shrinkage cracks, and the effect the addition of ultra-fine material has on the formation and/or propagation of these cracks. Findings indicate that low volume dosages (2 kg/m³), of oxyfluorinated polypropylene fibre significantly reduced the formation of plastic shrinkage cracks under test conditions. Furthermore, that the addition of ultra-fine material in excess of 63 kg/m³ increased the formation and/or development of plastic shrinkage cracks.
- Full Text:
- Date Issued: 2005
- «
- ‹
- 1
- ›
- »