Computing and Information Systems - Theses
Permanent URI for this collection
Search Results
1 - 7 of 7
-
ItemProtecting organizational knowledge: a strategic perspective framework( 2014)Organizational knowledge is considered a valuable resource for providing competitive advantage. Extensive research has been done on strategies to encourage knowledge creation and sharing. However, limited research has been done on strategies for protecting this valuable resource from the risk of leakage. This research aims to contribute in bridging this gap by two contributions: developing a model that describes knowledge leakage, and providing a framework of strategies for protecting competitive organisational knowledge. The research is grounded on two bodies of literature: Knowledge management and information security. The research aims for identifying security strategies in literature and adapting them to address knowledge protection needs.
-
ItemAnomaly detection in streaming data from air quality monitoring system( 2015)Detection of abnormalities is an important aspect of air quality monitoring. Wireless Sensor Networks (WSNs) provide a flexible and low-cost solution for air quality monitoring. However, considering the limited resources available in these networks in terms of power, memory and computational resources, obtaining a high anomaly detection rate while prolonging the life span of these networks is a challenging task. In recent years, both parametric and non-parametric algorithms are put forward to tackle this challenge. In order to save energy and memory, researchers have been investigating the iterative detection algorithms. In this thesis, we proposed a new efficient parametric iterative algorithm, in which the cumulative sum of likelihood ratio is calculated then we compare the cumulative sum with a manually defined control limit. We also evaluate effectiveness of our proposed algorithms both on synthetic data and real sensor data and compare it with a recently proposed algorithm. In evaluation on synthetic data, we design different experimental cases with respect to real environment and point out principles in selection of the two algorithms in practice. In evaluation on real data, we analyse and discuss the result and compare the effectiveness and efficiency of the two algorithms.
-
ItemEnhancing the security and privacy of cloud-based health records systems( 2015-11-04)Electronic health records (EHR) and personal health records (PHR) are emerging services for electronic health. They allow healthcare providers, clinicians and patients to manage, access and share medical data. EHR and PHR increase healthcare e ciency by preventing unnecessary diagnostics. They can assist clinicians in tracking the status of patients’ chronic illnesses and dealing with any encountered problems. There is growing interest in storing patient data in cloud computing storage instead of storing data in healthcare providers’ decentralised data centres. More and more health information is stored in cloud-based storage and this makes securing this information a challenging task. If cloud- based storage is compromised, health information might be revealed. Also, healthcare providers and patients lose control of this information. To address these challenging issues, there is a need to develop an efficient cryptographic scheme that can secure and preserve the privacy of the stored information. The proposed scheme needs to allow both healthcare providers and patients to gain full control of health information by being able to enforce a fine-grained access policy on each data file stored in the cloud. We propose a multi-authority attribute-based scheme for securing electronic and personal health records. This scheme allows healthcare providers to send encrypted copies of any health record to a patient. It also provides a feature to assist healthcare providers in monitoring patient health. In addition, patients are able to share any record with other users. Using the proposed scheme, all health records (medical files with their directory entries) need to be encrypted before they are uploaded to cloud-based storage. Medical data files are encrypted using a symmetric key while their directory entries are encrypted twice: first using ciphertext-policy attribute-based encryption and second using patient-controlled encryption. Finally, we evaluate the effectiveness and efficiency of the proposed scheme.
-
ItemMitigating BYOD information security risks( 2015)BYOD is a trend in organizations to allow employees, contractors and suppliers to use their personal devices in the workplace. Users can access electronic organizational resources from their tablets, smartphones, laptops, etc. The benefits of allowing BYOD in organizations are convenient for both employees and organizations. Employees will feel more comfortable employing their personal devices and organizations will save resources that should be used to purchase of electronic equipment for their employees. However, the confidentiality, integrity and ability of the information are at risk because individuals will have access to it employing their personal devices. The challenge to organizations is to keep that information secure. While BYOD is a well-defined and accepted trend in several organizations, there is little documentation to address the information security risks posed by BYOD. The following research, in the form of an extensive literature review, has defined a comprehensive list of information security risks that are associated with allowing BYOD in the organizations. This list will be used to evaluate five BYOD policy documents from different organizations to determine how comprehensively BYOD information security risks are addressed. Based on this evaluation, it will be identified which BYOD information security risks have been acknowledged and addressed by these organizations.
-
ItemInformation security manager as a strategist( 2015)The modern organisation operates within a highly complex and sophisticated security threat landscape that exposes its information infrastructure to a range of security risks. This threat landscape includes advanced persistent threat (APT) – attackers are well-trained, organised, well-funded and capable of utilising a range of technologies to inflict damage over a prolonged period of time (Giura & Wang 2012; Ahmad 2010). Unsurprisingly, despite the existence of industry ‘best-practice’ security standards and unprecedented levels of investment in security infrastructure, the rate of incidents continues to escalate. The fundamental premise of this thesis is that the level of sophistication of threat requires organisations to develop novel security strategies that draw on creative and lateral thinking approaches. Such a security campaign requires the security manager to function as a ‘strategist’ by exercising ‘strategic thinking’. A review of security literature found little or no evidence that security managers are able or expected to function as strategists. Therefore this research project aims to identify the specific capabilities required by security managers to become effective strategists. A systematic literature review approach was adopted to determine 1) the existing role of the security manager from security literature, and 2) characteristics of a strategist from the management literature. Findings from a review of these literatures revealed 1) a strategic perspective of Information Security Management is missing, and 2) the management literature identifies a range of characteristics and qualities of a strategist. The latter was coded into the 5 dimensions of the strategist. These 5 dimensions are then discussed in the context of security managers and current strategic challenges facing security management. The result was a set of security capabilities required by security mangers to function as strategists. The thesis outlines implications for further research, including the need to expand the scope of literature review to warfare literature and the need to empirically test the 5 dimensions.
-
ItemTowards interpreting informal place descriptions(The University of Melbourne, 2012)Informal place descriptions are human-generated descriptions of locations, ex- pressed by the means of natural language in an arbitrary fashion. The aim we pur- sued in this thesis is _nding methods for better automatic interpretation of situated informal place descriptions. This work presents a framework within which we attempt to automatically classify informal place descriptions for the accuracy of the location information they contain. Having an available corpus of informal place descriptions, we identified placenames contained therein and manually annotated them for properties such as geospatial granularity and identifiability. First, we make use of the annotations and a machine learning method to conduct the classification task, and then report the accuracy scores reaching 84%. Next, we classify the descriptions again, but instead of using the manual annotations we identify the properties of placenames automatically.
-
ItemExtracting characteristics of human-produced video descriptions( 2012)This thesis contributes to the SMILE project, aiming for video understanding. We focus on the final stage of the project where information extracted from a video should be transformed into a natural language description. Working with a corpus of human-made video descriptions, we examine it to find patterns in the descriptions. We develop a machine-learning procedure for finding statistical dependencies between linguistic features of the descriptions. Evaluating its results when run on a small sample of data, we conclude that it can be successfully extended to larger datasets. e method is generally applicable for finding dependencies in data, and extends methods for association rule mining for the option to specify distributions of features. We show future directions which, if followed, will lead to extracting a specification of common sentence patterns of video descriptions. This would allow for generating naturally sounding descriptions from the video understanding software.