Investment in The Coconut Industry by Nancy Cheruiyot
Only Abstract
1. I ) Design and Implementation of an
Environment to Support Development of
Methods for Security Assessment
Abstract:
There is no debate over the importance of IT security. Equally important is the research
on security assessment; methods for evaluating the security of IT systems. The Swedish
Defense Research Agency has for the last couple of years been conducting research on
the area of security assessment. To verify the correctness of these methods, tools are
implemented.
This thesis presents the design and implementation of an environment to support and aid
future implementations and evaluations of security assessment methods. The aim of this
environment, known as the New Tool Environment, NTE, is to assist the developer by
facilitating the more time consuming parts of the implementation. A large part of this
thesis is devoted to the development of a database solution, which results in an
object/relational data access layer.
III) Risk Analysis of the applied RFID
system : Project Stolpen
Abstract:
This thesis will be a risk analysis of a RFID-system for a logistical application. The
system works as follows: Around Karlstad in Sweden there are three new weighing
machines for lorries. The load weight will be measured for the police to control
overweight and for logistical reasons such as issuing invoices and optimising the supply
chain. The lorries do not have to stop to be weighed. They have to drive slowly over the
weighing machine, so the loss of time is minimal. The lorries will be identified via RFID-
tags. So every time a lorry will be driven over the weighing machine, the identification
number and the measured weight will be logged and send to a database. In the future it is
planed to store the weight on the tag itself. The task is now to analyse the RFID-
communication and the transmission to the database. The thesis will contain several parts.
First RFID in general and how RFID will be used in the application-scenario will be
2. described. Next sections will be about the security and privacy requirements and the risks
in detail. Then possible solutions are outlined and concrete suggestions are presented.
Finally a conclusion will be drawn, which will show that the application has a low level
of security.
III ) Database security curriculum in InfoSec program
ABSTRACT
Database Security course is an important part of the InfoSec curriculum. In many
institutions this is not taught as an independent course. Parts of the contents presented in
this paper are usually incorporated in other courses such as Network Security. The
importance of database security concepts stems from the fact that a compromise of data at
rest could expose an organization to a greater security threat than otherwise. Database
vulnerabilities exposed recently in several high profile incidents would be a good reason
to dedicate a full course to this important topic. In this paper we present key topics such
as technologies for database protection, access control, multilevel security, database
vulnerabilities and defenses, privacy and legal issues, impact of policies and some well
known secure database models.
DATA WAREHOUSING
Iv) The Application of Case-Based Reasoning to the
Understanding of Constraints on Information Models
ABSTRACT
This thesis explores a case-based reasoning approach to understanding the constraints on
information models, in particular those written in the information modelling language
EXPRESS. In the context of this thesis, a constraint on a model is any condition (explicit
or implicit) that must not be violated by a data repository which conforms to that model.
The underlying motivation for this research is the need to understand the comparative
semantics of the constraints on two models of the same domain, for tasks such as schema-
to-schema mapping (automatically generating a program to map instances from one data
repository to another). This comparative understanding of constraints would enable a
system to see to what extent the constraints on one model are respected by another model
(e.g. in the case of schema-to-schema mapping, whether mapping valid instances from
the source model could violate constraints on the target model).
This thesis presents a method for understanding the constraints on a given EXPRESS
model. This understanding is realised by extracting from the model higher-level
knowledge about the constraints. This knowledge is represented as higher-level
3. constraints: constraints which are at a higher level of abstraction than the model itself,
making explicit their implicit semantics. In the case-based reasoning approach to
understanding the constraints on a model, cases that match particular fragments of the
model are used to suggest higher-level constraints to extract.
Although the current system only considers one model in isolation, this work will provide
a useful building block for future systems which are concerned with the comparative
semantics of the constraints on two models. The particular way in which the constraints
are understood is driven by the purpose of this comparative understanding: the (manual)
process of identifying higher-level constraints entails a comparative investigation of
models that have semantically equivalent constraints which are expressed in different
ways.
An experimental constraint-understanding system has been implemented, which is
capable of extracting higher-level constraints from valid EXPRESS models.
V ) Benefits of Network Security Consolidation
ABSTRACT
Driven by budget, space, power and other constraints, consolidation has become a
strategic imperative for enterprise IT professionals at all levels. In order to achieve the
most benefit and offer the highest levels of security effectiveness and efficiency, a
consolidated network security solution should offer complete integration of specialized
hardware with the software and security content.
Join John Pescatore, VP Security Research at Gartner, and Anthony James, VP of
Products at Fortinet, for a closer look at the benefits of network security consolidation in
a short 20 minute discussion exploring:
How consolidated security functions can help CIOs
Key benefits of a consolidated security solution versus multiple point solutions
How Fortinet delivers comprehensive security at industry leading performance
Why consolidated security make sense for the enterprise
Consolidation provides a higher level of security versus single function products
VI)Abstract
There is no debate over the importance of IT security. Equally important is the
research on security assessment; methods for evaluating the security of IT systems.
The Swedish Defense Research Agency has for the last couple of years been
conducting research on the area of security assessment. To verify the correctness of
4. these methods, tools are implemented.
This thesis presents the design and implementation of an environment to support
and aid future implementations and evaluations of security assessment methods. The
aim of this environment, known as the New Tool Environment, NTE, is to assist the
developer by facilitating the more time consuming parts of the implementation. A
large part of this thesis is devoted to the development of a database solution, which
results in an object/relational data access layer.
VIII ) A logic-programming approach to network security analysis
Abstract:
An important problem in network security management is to uncover potential multistage,
multihost attack paths due to software vulnerabilities and misconfigurations. This thesis
proposes a logic-programming approach to conduct this analysis automatically. We use
Datalog to specify network elements and their security interactions. The multihost,
multistage vulnerability analysis can be conducted by an off-the-shelf logic-programming
engine that can evaluate Datalog efficiently.
Compared with previous approaches, Datalog is purely declarative, providing a clear
specification of reasoning logic. This makes it easy to leverage multiple third-party tools
and data in the analysis. We built an end-to-end system, MulVAL, that is based on the
methodology discussed in this thesis. In MulVAL, a succinct set of Datalog rules captures
generic attack scenarios, including exploiting various kinds of software vulnerabilities,
operating-system sematics that enables or prohibits attack steps, and other common attack
techniques. The reasoning engine takes inputs from various off-the-shelf tools and formal
security advisories, performs analysis on the network level to determine if vulnerabilities
found on individual hosts can result in a condition violating a given high-level security
policy.
Datalog is a language that has efficient evaluation, and in practice it runs fast in off-the-
shelf logic programming engines. The flexibility of general logic programming also
allows for more advanced analysis, in particular hypothetical analysis, which searches for
attack paths due to unknown vulnerabilities. Hypothetical analysis is useful for checking
the security robustness of the configuration of a network and its ability to guard against
future threats. Once a potential attack path is discovered, MulVAL generates a visualized
attack tree that helps the system administrator understand how the attack could happen
and take countermeasures accordingly.
5. VII ) Evaluation of Security Risks Associated with Networ ked Info rmation Systems
Abstract
Security risk s associated with networ ked enterprise systems is a topic that has become
increasingly significant in the new millennium. As corporations rely ever more on
techno logy to run their businesses, connecting enterprise systems to each other to
perform seamless business transactions in a virtually borderless world, security is
beco ming a concern rather than an afterthought for IS managers around the world.
This thesis consists o f a comprehensive literature review and the results of a case
study conducted in Sydney dur ing June œ September 2001. The insights gained from
the literature were tested and o bservations made during the case study, which
involved a B2B Internet applicatio n implementation for a large Japanese electronics
conglo merate in Australia.
The Gartner Group estimates that 75% of all enterprises were Internet-isolated in
1999; however, they predict that 80% o f all businesses will be using the Internet as an
integr al part of their businesses by 2004 (Witty, 2001). It was identified that 85% to
90% of all businesses on the Internet r eported some fo rm of security incident in 2000
(CSI, 2001) , and Computer Economics estimated the cost o f computer crime to be
US$17.1 billion in 2000 ( Abreu, 2001). These facts clearly indicate that security is a
real problem.
Research has revealed that a large proportion of the secur ity lapses were attributed to
system ad ministrators‘ failure to update software patches, and to remain o n the top of
the latest developments in their trade. This behaviour is sometimes attributed to the
culture, or even the workload of admin istrators, who are typically respo nsib le for
looking after numerous disparate systems. The increasingly complex systems also
expect administrators to be experts in var ious techno logies, which is o ften beyo nd the
compre he nsion of ma ny syste ms admin ist rat ors.
The final outcome o f this research is a secur ity evaluation framework that is practical
enough to be used in real applications with acceptable results, witho ut having to be an
expert in the securityupo n concepts drawn frotested. to Australianleaders in the nal
Standards. It is built industry, and empirically m computer security and Internatio
arena. The framework co nforms
M.Bus (IT) Thesis, RMIT 2001
6. IX )Benefits of Network Security Consolidation
ABSTRACT
Driven by budget, space, power and other constraints, consolidation has become a
strategic imperative for enterprise IT professionals at all levels. In order to achieve the
most benefit and offer the highest levels of security effectiveness and efficiency, a
consolidated network security solution should offer complete integration of specialized
hardware with the software and security content.
Join John Pescatore, VP Security Research at Gartner, and Anthony James, VP of
Products at Fortinet, for a closer look at the benefits of network security consolidation in
a short 20 minute discussion exploring:
How consolidated security functions can help CIOs
Key benefits of a consolidated security solution versus multiple point solutions
How Fortinet delivers comprehensive security at industry leading performance
Why consolidated security make sense for the enterprise
Consolidation provides a higher level of security versus single function products