Computing and Information Systems - Theses

Permanent URI for this collection

http://hdl.handle.net/11343/351

Filters

2015 4
Reset filters

Settings
Statistics
Citations
Type: Masters Coursework thesis × Start date: 2015 × End date: 2015 ×

Search Results

Now showing 1 - 4 of 4
  • Item
    Thumbnail Image
    Anomaly detection in streaming data from air quality monitoring system
    Cong, Yue ( 2015)
    Detection of abnormalities is an important aspect of air quality monitoring. Wireless Sensor Networks (WSNs) provide a flexible and low-cost solution for air quality monitoring. However, considering the limited resources available in these networks in terms of power, memory and computational resources, obtaining a high anomaly detection rate while prolonging the life span of these networks is a challenging task. In recent years, both parametric and non-parametric algorithms are put forward to tackle this challenge. In order to save energy and memory, researchers have been investigating the iterative detection algorithms. In this thesis, we proposed a new efficient parametric iterative algorithm, in which the cumulative sum of likelihood ratio is calculated then we compare the cumulative sum with a manually defined control limit. We also evaluate effectiveness of our proposed algorithms both on synthetic data and real sensor data and compare it with a recently proposed algorithm. In evaluation on synthetic data, we design different experimental cases with respect to real environment and point out principles in selection of the two algorithms in practice. In evaluation on real data, we analyse and discuss the result and compare the effectiveness and efficiency of the two algorithms.
  • Item
    Thumbnail Image
    Enhancing the security and privacy of cloud-based health records systems
    Alwuthaynani, Maha Mohammed ( 2015-11-04)
    Electronic health records (EHR) and personal health records (PHR) are emerging services for electronic health. They allow healthcare providers, clinicians and patients to manage, access and share medical data. EHR and PHR increase healthcare e ciency by preventing unnecessary diagnostics. They can assist clinicians in tracking the status of patients’ chronic illnesses and dealing with any encountered problems. There is growing interest in storing patient data in cloud computing storage instead of storing data in healthcare providers’ decentralised data centres. More and more health information is stored in cloud-based storage and this makes securing this information a challenging task. If cloud- based storage is compromised, health information might be revealed. Also, healthcare providers and patients lose control of this information. To address these challenging issues, there is a need to develop an efficient cryptographic scheme that can secure and preserve the privacy of the stored information. The proposed scheme needs to allow both healthcare providers and patients to gain full control of health information by being able to enforce a fine-grained access policy on each data file stored in the cloud. We propose a multi-authority attribute-based scheme for securing electronic and personal health records. This scheme allows healthcare providers to send encrypted copies of any health record to a patient. It also provides a feature to assist healthcare providers in monitoring patient health. In addition, patients are able to share any record with other users. Using the proposed scheme, all health records (medical files with their directory entries) need to be encrypted before they are uploaded to cloud-based storage. Medical data files are encrypted using a symmetric key while their directory entries are encrypted twice: first using ciphertext-policy attribute-based encryption and second using patient-controlled encryption. Finally, we evaluate the effectiveness and efficiency of the proposed scheme.
  • Item
    Thumbnail Image
    Mitigating BYOD information security risks
    Arregui, Daniel ( 2015)
    BYOD is a trend in organizations to allow employees, contractors and suppliers to use their personal devices in the workplace. Users can access electronic organizational resources from their tablets, smartphones, laptops, etc. The benefits of allowing BYOD in organizations are convenient for both employees and organizations. Employees will feel more comfortable employing their personal devices and organizations will save resources that should be used to purchase of electronic equipment for their employees. However, the confidentiality, integrity and ability of the information are at risk because individuals will have access to it employing their personal devices. The challenge to organizations is to keep that information secure. While BYOD is a well-defined and accepted trend in several organizations, there is little documentation to address the information security risks posed by BYOD. The following research, in the form of an extensive literature review, has defined a comprehensive list of information security risks that are associated with allowing BYOD in the organizations. This list will be used to evaluate five BYOD policy documents from different organizations to determine how comprehensively BYOD information security risks are addressed. Based on this evaluation, it will be identified which BYOD information security risks have been acknowledged and addressed by these organizations.
  • Item
    Thumbnail Image
    Information security manager as a strategist
    Onibere, Mazino ( 2015)
    The modern organisation operates within a highly complex and sophisticated security threat landscape that exposes its information infrastructure to a range of security risks. This threat landscape includes advanced persistent threat (APT) – attackers are well-trained, organised, well-funded and capable of utilising a range of technologies to inflict damage over a prolonged period of time (Giura & Wang 2012; Ahmad 2010). Unsurprisingly, despite the existence of industry ‘best-practice’ security standards and unprecedented levels of investment in security infrastructure, the rate of incidents continues to escalate. The fundamental premise of this thesis is that the level of sophistication of threat requires organisations to develop novel security strategies that draw on creative and lateral thinking approaches. Such a security campaign requires the security manager to function as a ‘strategist’ by exercising ‘strategic thinking’. A review of security literature found little or no evidence that security managers are able or expected to function as strategists. Therefore this research project aims to identify the specific capabilities required by security managers to become effective strategists. A systematic literature review approach was adopted to determine 1) the existing role of the security manager from security literature, and 2) characteristics of a strategist from the management literature. Findings from a review of these literatures revealed 1) a strategic perspective of Information Security Management is missing, and 2) the management literature identifies a range of characteristics and qualities of a strategist. The latter was coded into the 5 dimensions of the strategist. These 5 dimensions are then discussed in the context of security managers and current strategic challenges facing security management. The result was a set of security capabilities required by security mangers to function as strategists. The thesis outlines implications for further research, including the need to expand the scope of literature review to warfare literature and the need to empirically test the 5 dimensions.