Establishing the benefits of implementing an I.T. project management office in the Nelson Mandela Metropolitan area
- Martin, Michael Ronald Charles
- Authors: Martin, Michael Ronald Charles
- Date: 2007
- Subjects: Project management -- South Africa -- Port Elizabeth -- Computer network resources , Information technology -- South Africa -- Port Elizabeth -- Management
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9266 , http://hdl.handle.net/10948/558 , Project management -- South Africa -- Port Elizabeth -- Computer network resources , Information technology -- South Africa -- Port Elizabeth -- Management
- Description: The well-known concept of a Project Manager managing an I.T. project in relative isolation is no longer a viable option for organisations that are running numerous projects simultaneously. Due to the enormous costs and risks involved in many of these projects, there needs to be a means to ensure success. This has led to the establishment of the concept of a Project Management Office (PMO). An autonomous business unit that is responsible for managing all projects within an organisation. The need for a Project Management Office (PMO) to effectively manage multiple projects is becoming more and more accepted worldwide. The benefits of a PMO are well documented, but whether these benefits will apply to organisations within the NMM area needed to be investigated. A detailed analysis of the benefits of Project Management and in particular a PMO, have been investigated by means of a literature study. An investigation into the effectiveness of PMO’s in South Africa in general, was conducted by means of a survey targeted at a group of I.T. Project Managers located in all the major centres. A further survey was conducted among local I.T. managers to determine their current level of success and their expectations for the future. When reviewing the expectations of local I.T. management against the performance of Project Managers that are currently operating within PMOs, it is clear that organisations within the NMM area are in need of PMO’s and would certainly benefit from their establishment.
- Full Text:
- Date Issued: 2007
- Authors: Martin, Michael Ronald Charles
- Date: 2007
- Subjects: Project management -- South Africa -- Port Elizabeth -- Computer network resources , Information technology -- South Africa -- Port Elizabeth -- Management
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9266 , http://hdl.handle.net/10948/558 , Project management -- South Africa -- Port Elizabeth -- Computer network resources , Information technology -- South Africa -- Port Elizabeth -- Management
- Description: The well-known concept of a Project Manager managing an I.T. project in relative isolation is no longer a viable option for organisations that are running numerous projects simultaneously. Due to the enormous costs and risks involved in many of these projects, there needs to be a means to ensure success. This has led to the establishment of the concept of a Project Management Office (PMO). An autonomous business unit that is responsible for managing all projects within an organisation. The need for a Project Management Office (PMO) to effectively manage multiple projects is becoming more and more accepted worldwide. The benefits of a PMO are well documented, but whether these benefits will apply to organisations within the NMM area needed to be investigated. A detailed analysis of the benefits of Project Management and in particular a PMO, have been investigated by means of a literature study. An investigation into the effectiveness of PMO’s in South Africa in general, was conducted by means of a survey targeted at a group of I.T. Project Managers located in all the major centres. A further survey was conducted among local I.T. managers to determine their current level of success and their expectations for the future. When reviewing the expectations of local I.T. management against the performance of Project Managers that are currently operating within PMOs, it is clear that organisations within the NMM area are in need of PMO’s and would certainly benefit from their establishment.
- Full Text:
- Date Issued: 2007
Evolving a secure grid-enabled, distributed data warehouse : a standards-based perspective
- Authors: Li, Xiao-Yu
- Date: 2007
- Subjects: Computational grids (Computer systems) , Computer networks -- Security measures , Electronic data processing -- Distributed processing
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9738 , http://hdl.handle.net/10948/544 , Computational grids (Computer systems) , Computer networks -- Security measures , Electronic data processing -- Distributed processing
- Description: As digital data-collection has increased in scale and number, it becomes an important type of resource serving a wide community of researchers. Cross-institutional data-sharing and collaboration introduce a suitable approach to facilitate those research institutions that are suffering the lack of data and related IT infrastructures. Grid computing has become a widely adopted approach to enable cross-institutional resource-sharing and collaboration. It integrates a distributed and heterogeneous collection of locally managed users and resources. This project proposes a distributed data warehouse system, which uses Grid technology to enable data-access and integration, and collaborative operations across multi-distributed institutions in the context of HV/AIDS research. This study is based on wider research into OGSA-based Grid services architecture, comprising a data-analysis system which utilizes a data warehouse, data marts, and near-line operational database that are hosted by distributed institutions. Within this framework, specific patterns for collaboration, interoperability, resource virtualization and security are included. The heterogeneous and dynamic nature of the Grid environment introduces a number of security challenges. This study also concerns a set of particular security aspects, including PKI-based authentication, single sign-on, dynamic delegation, and attribute-based authorization. These mechanisms, as supported by the Globus Toolkit’s Grid Security Infrastructure, are used to enable interoperability and establish trust relationship between various security mechanisms and policies within different institutions; manage credentials; and ensure secure interactions.
- Full Text:
- Date Issued: 2007
- Authors: Li, Xiao-Yu
- Date: 2007
- Subjects: Computational grids (Computer systems) , Computer networks -- Security measures , Electronic data processing -- Distributed processing
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9738 , http://hdl.handle.net/10948/544 , Computational grids (Computer systems) , Computer networks -- Security measures , Electronic data processing -- Distributed processing
- Description: As digital data-collection has increased in scale and number, it becomes an important type of resource serving a wide community of researchers. Cross-institutional data-sharing and collaboration introduce a suitable approach to facilitate those research institutions that are suffering the lack of data and related IT infrastructures. Grid computing has become a widely adopted approach to enable cross-institutional resource-sharing and collaboration. It integrates a distributed and heterogeneous collection of locally managed users and resources. This project proposes a distributed data warehouse system, which uses Grid technology to enable data-access and integration, and collaborative operations across multi-distributed institutions in the context of HV/AIDS research. This study is based on wider research into OGSA-based Grid services architecture, comprising a data-analysis system which utilizes a data warehouse, data marts, and near-line operational database that are hosted by distributed institutions. Within this framework, specific patterns for collaboration, interoperability, resource virtualization and security are included. The heterogeneous and dynamic nature of the Grid environment introduces a number of security challenges. This study also concerns a set of particular security aspects, including PKI-based authentication, single sign-on, dynamic delegation, and attribute-based authorization. These mechanisms, as supported by the Globus Toolkit’s Grid Security Infrastructure, are used to enable interoperability and establish trust relationship between various security mechanisms and policies within different institutions; manage credentials; and ensure secure interactions.
- Full Text:
- Date Issued: 2007
Governing information security using organisational information security profiles
- Authors: Tyukala, Mkhululi
- Date: 2007
- Subjects: Data protection , Computer security -- Management , Computer networks -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9788 , http://hdl.handle.net/10948/626 , Data protection , Computer security -- Management , Computer networks -- Security measures
- Description: The corporate scandals of the last few years have changed the face of information security and its governance. Information security has been elevated to the board of director level due to legislation and corporate governance regulations resulting from the scandals. Now boards of directors have corporate responsibility to ensure that the information assets of an organisation are secure. They are forced to embrace information security and make it part of business strategies. The new support from the board of directors gives information security weight and the voice from the top as well as the financial muscle that other business activities experience. However, as an area that is made up of specialist activities, information security may not easily be comprehended at board level like other business related activities. Yet the board of directors needs to provide oversight of information security. That is, put an information security programme in place to ensure that information is adequately protected. This raises a number of challenges. One of the challenges is how can information security be understood and well informed decisions about it be made at the board level? This dissertation provides a mechanism to present information at board level on how information security is implemented according to the vision of the board of directors. This mechanism is built upon well accepted and documented concepts of information security. The mechanism (termed An Organisational Information Security Profile or OISP) will assist organisations with the initialisation, monitoring, measuring, reporting and reviewing of information security programmes. Ultimately, the OISP will make it possible to know if the information security endeavours of the organisation are effective or not. If the information security programme is found to be ineffective, The OISP will facilitate the pointing out of areas that are ineffective and what caused the ineffectiveness. This dissertation also presents how the effectiveness or ineffctiveness of information security can be presented at board level using well known visualisation methods. Finally the contribution, limits and areas that need more investigation are provided.
- Full Text:
- Date Issued: 2007
- Authors: Tyukala, Mkhululi
- Date: 2007
- Subjects: Data protection , Computer security -- Management , Computer networks -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9788 , http://hdl.handle.net/10948/626 , Data protection , Computer security -- Management , Computer networks -- Security measures
- Description: The corporate scandals of the last few years have changed the face of information security and its governance. Information security has been elevated to the board of director level due to legislation and corporate governance regulations resulting from the scandals. Now boards of directors have corporate responsibility to ensure that the information assets of an organisation are secure. They are forced to embrace information security and make it part of business strategies. The new support from the board of directors gives information security weight and the voice from the top as well as the financial muscle that other business activities experience. However, as an area that is made up of specialist activities, information security may not easily be comprehended at board level like other business related activities. Yet the board of directors needs to provide oversight of information security. That is, put an information security programme in place to ensure that information is adequately protected. This raises a number of challenges. One of the challenges is how can information security be understood and well informed decisions about it be made at the board level? This dissertation provides a mechanism to present information at board level on how information security is implemented according to the vision of the board of directors. This mechanism is built upon well accepted and documented concepts of information security. The mechanism (termed An Organisational Information Security Profile or OISP) will assist organisations with the initialisation, monitoring, measuring, reporting and reviewing of information security programmes. Ultimately, the OISP will make it possible to know if the information security endeavours of the organisation are effective or not. If the information security programme is found to be ineffective, The OISP will facilitate the pointing out of areas that are ineffective and what caused the ineffectiveness. This dissertation also presents how the effectiveness or ineffctiveness of information security can be presented at board level using well known visualisation methods. Finally the contribution, limits and areas that need more investigation are provided.
- Full Text:
- Date Issued: 2007
Improving construction planning through 4D planning
- Authors: Allen, Christopher James
- Date: 2007
- Subjects: Construction industry -- Management , Construction industry -- Computer-aided design
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9698 , http://hdl.handle.net/10948/467 , http://hdl.handle.net/10948/d1011923 , Construction industry -- Management , Construction industry -- Computer-aided design
- Description: Construction Planning will increasingly play a more critical role within the realm of the Built Environment. Existing practices used to plan and communicate the construction process to be undertaken are failing to deliver the desired results for construction companies and clients alike. At a time of unprecedented growth in the industry around the world, which is leading to a general skills shortage, especially in management positions, construction planners are increasingly being asked to deal with more responsibility. As with other industries, technological improvement in the tools at their disposal is one way to address the inadequacies of the present situation. Increasingly, three dimensional design packages are being used to generate construction information which can then be used for quantities calculations, automated manufacturing processes and construction simulation. The latter forms the basis for their use in the process of planning, through new technologies being developed as virtual construction tools or 4D planning, the addition of time to the 3D model environment, but using the elements within the model as the basis for the construction programme. The benefit of using the design information to form the basis of the programme is that the interface tasks and logistical activities, as well as location related constraints, can be identified and then communicated to all levels within the construction team through a time based visual image. The purpose of this study is therefore to establish a scientifically analysed alternative method for the creation, review and delivery of construction programmes. In order to achieve the research objectives, three methodologies have been employed. Firstly, the literature review in the fields of planning including existing methodologies and previous research of 4D related techniques has been analysed. An overview of the perceived weaknesses to current practises and proposed solution will be explored and best case scenarios outlined and further investigated. Secondly, the 51 Lime Street project provides an environment in which the proposed 4D planning techniques have been implemented and the benefits of the process can, through observation / participation methodology, be validated. Thirdly, through interview questionnaires, with Lime St contractors and management, and e-mail questionnaires to a broader sample stratum, data on the ability of the tools, the techniques employed on 51 Lime Street and similar projects have been collated and statistically analysed to validate the reliability and relevance for future implementation. The result of the research will provide management teams with a practical alternative to existing planning methodologies. Construction planners will have alternative technique that can further enhance their role within the project team whilst increasing their ability to communicate the team’s vision to a wider audience, making them and the project more efficient and effective in the process. It has been proposed that clients insist on the use of 3D from the commencement of the design process so that this information can be passed downstream through the construction process and onto facilities management. Planners need to be able to communicate their requirements better and the 4D planning models provide both a more inclusive way of planning alongside a better communications medium in the form of moving images. A picture tells a thousand words.
- Full Text:
- Date Issued: 2007
- Authors: Allen, Christopher James
- Date: 2007
- Subjects: Construction industry -- Management , Construction industry -- Computer-aided design
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9698 , http://hdl.handle.net/10948/467 , http://hdl.handle.net/10948/d1011923 , Construction industry -- Management , Construction industry -- Computer-aided design
- Description: Construction Planning will increasingly play a more critical role within the realm of the Built Environment. Existing practices used to plan and communicate the construction process to be undertaken are failing to deliver the desired results for construction companies and clients alike. At a time of unprecedented growth in the industry around the world, which is leading to a general skills shortage, especially in management positions, construction planners are increasingly being asked to deal with more responsibility. As with other industries, technological improvement in the tools at their disposal is one way to address the inadequacies of the present situation. Increasingly, three dimensional design packages are being used to generate construction information which can then be used for quantities calculations, automated manufacturing processes and construction simulation. The latter forms the basis for their use in the process of planning, through new technologies being developed as virtual construction tools or 4D planning, the addition of time to the 3D model environment, but using the elements within the model as the basis for the construction programme. The benefit of using the design information to form the basis of the programme is that the interface tasks and logistical activities, as well as location related constraints, can be identified and then communicated to all levels within the construction team through a time based visual image. The purpose of this study is therefore to establish a scientifically analysed alternative method for the creation, review and delivery of construction programmes. In order to achieve the research objectives, three methodologies have been employed. Firstly, the literature review in the fields of planning including existing methodologies and previous research of 4D related techniques has been analysed. An overview of the perceived weaknesses to current practises and proposed solution will be explored and best case scenarios outlined and further investigated. Secondly, the 51 Lime Street project provides an environment in which the proposed 4D planning techniques have been implemented and the benefits of the process can, through observation / participation methodology, be validated. Thirdly, through interview questionnaires, with Lime St contractors and management, and e-mail questionnaires to a broader sample stratum, data on the ability of the tools, the techniques employed on 51 Lime Street and similar projects have been collated and statistically analysed to validate the reliability and relevance for future implementation. The result of the research will provide management teams with a practical alternative to existing planning methodologies. Construction planners will have alternative technique that can further enhance their role within the project team whilst increasing their ability to communicate the team’s vision to a wider audience, making them and the project more efficient and effective in the process. It has been proposed that clients insist on the use of 3D from the commencement of the design process so that this information can be passed downstream through the construction process and onto facilities management. Planners need to be able to communicate their requirements better and the 4D planning models provide both a more inclusive way of planning alongside a better communications medium in the form of moving images. A picture tells a thousand words.
- Full Text:
- Date Issued: 2007
Information security awareness: generic content, tools and techniques
- Authors: Mauwa, Hope
- Date: 2007
- Subjects: Computer security , Data protection , Computers -- Safety measures , Information technology -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9733 , http://hdl.handle.net/10948/560 , Computer security , Data protection , Computers -- Safety measures , Information technology -- Security measures
- Description: In today’s computing environment, awareness programmes play a much more important role in organizations’ complete information security programmes. Information security awareness programmes are there to change behaviour or reinforce good security practices, and provide a baseline of security knowledge for all information users. Security awareness is a learning process, which changes individual and organizational attitudes and perceptions so that the importance of security and the adverse consequences of its failure are realized. Therefore, with proper awareness, employees become the most effective layer in an organization’s security defence. With the important role that these awareness programmes play in organizations’ complete information security programmes, it is a must that all organizations that are serious about information security must implement it. But though awareness programmes have become increasing important, the level of awareness in most organizations is still low. It seems that the current approach of developing these programmes does not satisfy the needs of most organizations. Therefore, another approach, which tries to meet the needs of most organizations, is proposed in this project as part of the solution of raising the level of awareness programmes in organizations.
- Full Text:
- Date Issued: 2007
- Authors: Mauwa, Hope
- Date: 2007
- Subjects: Computer security , Data protection , Computers -- Safety measures , Information technology -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9733 , http://hdl.handle.net/10948/560 , Computer security , Data protection , Computers -- Safety measures , Information technology -- Security measures
- Description: In today’s computing environment, awareness programmes play a much more important role in organizations’ complete information security programmes. Information security awareness programmes are there to change behaviour or reinforce good security practices, and provide a baseline of security knowledge for all information users. Security awareness is a learning process, which changes individual and organizational attitudes and perceptions so that the importance of security and the adverse consequences of its failure are realized. Therefore, with proper awareness, employees become the most effective layer in an organization’s security defence. With the important role that these awareness programmes play in organizations’ complete information security programmes, it is a must that all organizations that are serious about information security must implement it. But though awareness programmes have become increasing important, the level of awareness in most organizations is still low. It seems that the current approach of developing these programmes does not satisfy the needs of most organizations. Therefore, another approach, which tries to meet the needs of most organizations, is proposed in this project as part of the solution of raising the level of awareness programmes in organizations.
- Full Text:
- Date Issued: 2007
MISSTEV : model for information security shared tacit espoused values
- Authors: Thomson, Kerry-Lynn
- Date: 2007
- Subjects: Computer security -- Management , Management information systems -- Security measures , Data protection
- Language: English
- Type: Thesis , Doctoral , DTech
- Identifier: vital:9787 , http://hdl.handle.net/10948/717 , Computer security -- Management , Management information systems -- Security measures , Data protection
- Description: One of the most critical assets in most organisations is information. It is often described as the lifeblood of an organisation. For this reason, it is vital that this asset is protected through sound information security practices. However, the incorrect and indifferent behaviour of employees often leads to information assets becoming vulnerable. Incorrect employee behaviour could have an extremely negative impact on the protection of information. An information security solution should be a fundamental component in most organisations. It is, however, possible for an organisation to have the most comprehensive physical and technical information security controls in place, but the operational controls, and associated employee behaviour, have not received much consideration. Therefore, the issue of employee behaviour must be addressed in an organisation to assist in ensuring the protection of information assets. The corporate culture of an organisation is largely responsible for the actions and behaviour of employees. Therefore, to address operational information security controls, the corporate culture of an organisation should be considered. To ensure the integration of information security into the corporate culture of an organisation, the protection of information should become part of the way the employees conduct their everyday tasks – from senior management, right throughout the entire organisation. Therefore, information security should become an integral component of the corporate culture of the organisation. To address the integration of information security into the corporate culture of an organisation, a model was developed which depicted the learning stages and modes of knowledge creation necessary to transform the corporate culture into one that is information security aware.
- Full Text:
- Date Issued: 2007
- Authors: Thomson, Kerry-Lynn
- Date: 2007
- Subjects: Computer security -- Management , Management information systems -- Security measures , Data protection
- Language: English
- Type: Thesis , Doctoral , DTech
- Identifier: vital:9787 , http://hdl.handle.net/10948/717 , Computer security -- Management , Management information systems -- Security measures , Data protection
- Description: One of the most critical assets in most organisations is information. It is often described as the lifeblood of an organisation. For this reason, it is vital that this asset is protected through sound information security practices. However, the incorrect and indifferent behaviour of employees often leads to information assets becoming vulnerable. Incorrect employee behaviour could have an extremely negative impact on the protection of information. An information security solution should be a fundamental component in most organisations. It is, however, possible for an organisation to have the most comprehensive physical and technical information security controls in place, but the operational controls, and associated employee behaviour, have not received much consideration. Therefore, the issue of employee behaviour must be addressed in an organisation to assist in ensuring the protection of information assets. The corporate culture of an organisation is largely responsible for the actions and behaviour of employees. Therefore, to address operational information security controls, the corporate culture of an organisation should be considered. To ensure the integration of information security into the corporate culture of an organisation, the protection of information should become part of the way the employees conduct their everyday tasks – from senior management, right throughout the entire organisation. Therefore, information security should become an integral component of the corporate culture of the organisation. To address the integration of information security into the corporate culture of an organisation, a model was developed which depicted the learning stages and modes of knowledge creation necessary to transform the corporate culture into one that is information security aware.
- Full Text:
- Date Issued: 2007
Multi-income level investment in golf estates
- Authors: Ngubeni, Steven Piet
- Date: 2007
- Subjects: Real estate development , Sustainable development -- South Africa , Housing development -- South Africa , Planned communities
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9694 , http://hdl.handle.net/10948/771 , Real estate development , Sustainable development -- South Africa , Housing development -- South Africa , Planned communities
- Description: The government of South African has stated its intentions to enforce a policy which will compel developers of upmarket residential properties to set aside 20 percent of their upmarket residential developments to accommodate affordable housing. The developers on the other hand, have expressed concerns about this approach. The principal aim of this study and of the research was to investigate the desirability of the concept of multi-income-level investment approach to the development of golf estates. A phenomenological strand of qualitative research method was used in the research. The following formed the focal point of the research: • An investigation into the perceptions of the stakeholders, especially the buyers of up-market properties, about mixed-income-level investments in golf estates. • The potential effect of the implementation of including affordable housing in the development of golf estates • An investigation of the perceived effect on the profitability of investments by the inclusion of affordable housing in golf estate properties. • The extent of the contribution of including affordable housing in golf estate developments to the reduction of the current backlog
- Full Text:
- Date Issued: 2007
- Authors: Ngubeni, Steven Piet
- Date: 2007
- Subjects: Real estate development , Sustainable development -- South Africa , Housing development -- South Africa , Planned communities
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9694 , http://hdl.handle.net/10948/771 , Real estate development , Sustainable development -- South Africa , Housing development -- South Africa , Planned communities
- Description: The government of South African has stated its intentions to enforce a policy which will compel developers of upmarket residential properties to set aside 20 percent of their upmarket residential developments to accommodate affordable housing. The developers on the other hand, have expressed concerns about this approach. The principal aim of this study and of the research was to investigate the desirability of the concept of multi-income-level investment approach to the development of golf estates. A phenomenological strand of qualitative research method was used in the research. The following formed the focal point of the research: • An investigation into the perceptions of the stakeholders, especially the buyers of up-market properties, about mixed-income-level investments in golf estates. • The potential effect of the implementation of including affordable housing in the development of golf estates • An investigation of the perceived effect on the profitability of investments by the inclusion of affordable housing in golf estate properties. • The extent of the contribution of including affordable housing in golf estate developments to the reduction of the current backlog
- Full Text:
- Date Issued: 2007
The application of quality models and techniques in selected SMMEs in the Eastern Cape
- Authors: Murray, Andrew Thomas
- Date: 2007
- Subjects: Business enterprises -- South Africa -- Eastern Cape , Quality management -- South Africa -- Eastern Cape
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9608 , http://hdl.handle.net/10948/832 , Business enterprises -- South Africa -- Eastern Cape , Quality management -- South Africa -- Eastern Cape
- Description: With the increase of imports from China and more pressure being put on the Small, Medium and Micro enterprises (SMME’s) from their larger customers, survival has become more and more difficult, quality is no longer being a choise but a prerequisite if the companies want to survive. This research evaluates the use of quality and productivity or the lack thereof in selected SMMEs in the Eastern Cape environment from both the SMME and Larger companies’ point of view. The research has focused on the effectiveness and understanding of what has been put in place by the SMMEs, what is available for the SMMEs to use, governmental support, and the requirements of the customers. Certain shortcomings have been highlighted as to the use and benefits of the processes that have been implemented. The researcher made use of both quantitative and qualitative data to determine the outcome of the research. The thesis concludes that the SMME sector knows the importance of the use of quality; it is the effectiveness and management thereof that is the concern.
- Full Text:
- Date Issued: 2007
- Authors: Murray, Andrew Thomas
- Date: 2007
- Subjects: Business enterprises -- South Africa -- Eastern Cape , Quality management -- South Africa -- Eastern Cape
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9608 , http://hdl.handle.net/10948/832 , Business enterprises -- South Africa -- Eastern Cape , Quality management -- South Africa -- Eastern Cape
- Description: With the increase of imports from China and more pressure being put on the Small, Medium and Micro enterprises (SMME’s) from their larger customers, survival has become more and more difficult, quality is no longer being a choise but a prerequisite if the companies want to survive. This research evaluates the use of quality and productivity or the lack thereof in selected SMMEs in the Eastern Cape environment from both the SMME and Larger companies’ point of view. The research has focused on the effectiveness and understanding of what has been put in place by the SMMEs, what is available for the SMMEs to use, governmental support, and the requirements of the customers. Certain shortcomings have been highlighted as to the use and benefits of the processes that have been implemented. The researcher made use of both quantitative and qualitative data to determine the outcome of the research. The thesis concludes that the SMME sector knows the importance of the use of quality; it is the effectiveness and management thereof that is the concern.
- Full Text:
- Date Issued: 2007
The effective combating of intrusion attacks through fuzzy logic and neural networks
- Authors: Goss, Robert Melvin
- Date: 2007
- Subjects: Computer security , Fuzzy logic , Neural networks (Computer science)
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9794 , http://hdl.handle.net/10948/512 , http://hdl.handle.net/10948/d1011917 , Computer security , Fuzzy logic , Neural networks (Computer science)
- Description: The importance of properly securing an organization’s information and computing resources has become paramount in modern business. Since the advent of the Internet, securing this organizational information has become increasingly difficult. Organizations deploy many security mechanisms in the protection of their data, intrusion detection systems in particular have an increasingly valuable role to play, and as networks grow, administrators need better ways to monitor their systems. Currently, many intrusion detection systems lack the means to accurately monitor and report on wireless segments within the corporate network. This dissertation proposes an extension to the NeGPAIM model, known as NeGPAIM-W, which allows for the accurate detection of attacks originating on wireless network segments. The NeGPAIM-W model is able to detect both wired and wireless based attacks, and with the extensions to the original model mentioned previously, also provide for correlation of intrusion attacks sourced on both wired and wireless network segments. This provides for a holistic detection strategy for an organization. This has been accomplished with the use of Fuzzy logic and neural networks utilized in the detection of attacks. The model works on the assumption that each user has, and leaves, a unique footprint on a computer system. Thus, all intrusive behaviour on the system and networks which support it, can be traced back to the user account which was used to perform the intrusive behavior.
- Full Text:
- Date Issued: 2007
- Authors: Goss, Robert Melvin
- Date: 2007
- Subjects: Computer security , Fuzzy logic , Neural networks (Computer science)
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9794 , http://hdl.handle.net/10948/512 , http://hdl.handle.net/10948/d1011917 , Computer security , Fuzzy logic , Neural networks (Computer science)
- Description: The importance of properly securing an organization’s information and computing resources has become paramount in modern business. Since the advent of the Internet, securing this organizational information has become increasingly difficult. Organizations deploy many security mechanisms in the protection of their data, intrusion detection systems in particular have an increasingly valuable role to play, and as networks grow, administrators need better ways to monitor their systems. Currently, many intrusion detection systems lack the means to accurately monitor and report on wireless segments within the corporate network. This dissertation proposes an extension to the NeGPAIM model, known as NeGPAIM-W, which allows for the accurate detection of attacks originating on wireless network segments. The NeGPAIM-W model is able to detect both wired and wireless based attacks, and with the extensions to the original model mentioned previously, also provide for correlation of intrusion attacks sourced on both wired and wireless network segments. This provides for a holistic detection strategy for an organization. This has been accomplished with the use of Fuzzy logic and neural networks utilized in the detection of attacks. The model works on the assumption that each user has, and leaves, a unique footprint on a computer system. Thus, all intrusive behaviour on the system and networks which support it, can be traced back to the user account which was used to perform the intrusive behavior.
- Full Text:
- Date Issued: 2007
The mangement of government immovable assets
- Authors: Mavasa, Tamari Tlangelani
- Date: 2007
- Subjects: Government property -- South Africa , Public administration -- South Africa
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9669 , http://hdl.handle.net/10948/561 , http://hdl.handle.net/10948/d1011726 , Government property -- South Africa , Public administration -- South Africa
- Description: Immovable asset management is the key element in enabling better service delivery by the national government. An improvement in the management of government’s immovable assets is required in South Africa to ensure that assets are optimally utilised for service delivery. The entire research attests to the importance of excellent management of government immovable assets throughout its life cycle within a framework of cost effectiveness, efficiency and reduced risk. The study discusses three technical challenges which comprise the incompleteness of the asset register, immovable asset life cycle management, a lack of implementation of the immovable asset management plan, the asset performance measures and standards for the immovable assets. The National Department of Public Works was targeted as a potential candidate to participate in this research. Primary data was collected through questionnaires and interviews to reveal the strengths and weaknesses and to develop the current theories and models. Secondary data was collected from books, journals, internet and conference papers. The asset management branch in the department was formed recently. The results of the research indicated that the asset management frameworks and the immovable asset management plans are not implemented as designed and there is no integration between the asset’s life cycle processes. The corrosion of information in the asset register was because of a lack of asset-computerized systems, competent personnel and adequate skills. In conclusion, immovable assets should be managed through integrated life cycle processes, policies and procedural documents should be developed and planning is important to the management of immovable assets. The asset register should work as a basic system for the management of immovable assets.
- Full Text:
- Date Issued: 2007
- Authors: Mavasa, Tamari Tlangelani
- Date: 2007
- Subjects: Government property -- South Africa , Public administration -- South Africa
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9669 , http://hdl.handle.net/10948/561 , http://hdl.handle.net/10948/d1011726 , Government property -- South Africa , Public administration -- South Africa
- Description: Immovable asset management is the key element in enabling better service delivery by the national government. An improvement in the management of government’s immovable assets is required in South Africa to ensure that assets are optimally utilised for service delivery. The entire research attests to the importance of excellent management of government immovable assets throughout its life cycle within a framework of cost effectiveness, efficiency and reduced risk. The study discusses three technical challenges which comprise the incompleteness of the asset register, immovable asset life cycle management, a lack of implementation of the immovable asset management plan, the asset performance measures and standards for the immovable assets. The National Department of Public Works was targeted as a potential candidate to participate in this research. Primary data was collected through questionnaires and interviews to reveal the strengths and weaknesses and to develop the current theories and models. Secondary data was collected from books, journals, internet and conference papers. The asset management branch in the department was formed recently. The results of the research indicated that the asset management frameworks and the immovable asset management plans are not implemented as designed and there is no integration between the asset’s life cycle processes. The corrosion of information in the asset register was because of a lack of asset-computerized systems, competent personnel and adequate skills. In conclusion, immovable assets should be managed through integrated life cycle processes, policies and procedural documents should be developed and planning is important to the management of immovable assets. The asset register should work as a basic system for the management of immovable assets.
- Full Text:
- Date Issued: 2007
The perceived economic impact of the city of Johannesburg's storm water attenuation policy on private property developers
- Authors: Aldous, Michael Geoffrey
- Date: 2007
- Subjects: Runoff -- South Africa -- Johannesburg , Real estate development -- South Africa -- Johannesburg
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9668 , http://hdl.handle.net/10948/765 , Runoff -- South Africa -- Johannesburg , Real estate development -- South Africa -- Johannesburg
- Description: Stormwater attenuation policy has, over recent years, become a highly contentious issue for the property development community. Increased urbanisation, locally and internationally, has forced municipal authorities to reconsider the role of stormwater management in this evolving urban landscape. It is within this context that the legislative support and municipal policy for stormwater management in the City of Johannesburg has been explored, particularly in terms of the economic impact on property developers. The research aimed to explore the relationship between stormwater attenuation policy and the economic impact thereof on private property developers. Consideration was given to the cost, risk and time factors of legislative and policy requirements within the development process. Further consideration was given to the physical environment that has brought about current pressures. Based upon research of international issues highlighted in countries with well developed attenuation policy, a questionnaire was constructed to evaluate the response of local private property developers to selected issues as key sub-problems. The responses were tested against the developed set of hypotheses. The research indicated that developers had a generally poor level of knowledge with regard to the stormwater management policy of the City of Johannesburg, as well as the supporting legislative requirements of provincial and national policy documents. The results of the survey also indicated that developers were strongly opposed to the loss of developable area, but indicated a limited financial impact of the current stormwater attenuation policy. The risk inherent in incorporating an attenuation facility within a development was identified as being low with little perceived impact. Developers further indicated that the inclusion of attenuation facilities was seen as a significant contributing factor in the delay, approval and acceptance of new developments in which attenuation facilities were required, while maintenance costs were indicated to be of a low level of importance. Recommendations in response to the research findings included the establishment of detailed policy documentation and support for effective distribution channels in conjunction with industry and public focused information campaigns, improved municipal capacity and a greater level of technical support. A need for additional stormwater research and an increase in the capture of relevant data for GIS purposes was identified.
- Full Text:
- Date Issued: 2007
- Authors: Aldous, Michael Geoffrey
- Date: 2007
- Subjects: Runoff -- South Africa -- Johannesburg , Real estate development -- South Africa -- Johannesburg
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:9668 , http://hdl.handle.net/10948/765 , Runoff -- South Africa -- Johannesburg , Real estate development -- South Africa -- Johannesburg
- Description: Stormwater attenuation policy has, over recent years, become a highly contentious issue for the property development community. Increased urbanisation, locally and internationally, has forced municipal authorities to reconsider the role of stormwater management in this evolving urban landscape. It is within this context that the legislative support and municipal policy for stormwater management in the City of Johannesburg has been explored, particularly in terms of the economic impact on property developers. The research aimed to explore the relationship between stormwater attenuation policy and the economic impact thereof on private property developers. Consideration was given to the cost, risk and time factors of legislative and policy requirements within the development process. Further consideration was given to the physical environment that has brought about current pressures. Based upon research of international issues highlighted in countries with well developed attenuation policy, a questionnaire was constructed to evaluate the response of local private property developers to selected issues as key sub-problems. The responses were tested against the developed set of hypotheses. The research indicated that developers had a generally poor level of knowledge with regard to the stormwater management policy of the City of Johannesburg, as well as the supporting legislative requirements of provincial and national policy documents. The results of the survey also indicated that developers were strongly opposed to the loss of developable area, but indicated a limited financial impact of the current stormwater attenuation policy. The risk inherent in incorporating an attenuation facility within a development was identified as being low with little perceived impact. Developers further indicated that the inclusion of attenuation facilities was seen as a significant contributing factor in the delay, approval and acceptance of new developments in which attenuation facilities were required, while maintenance costs were indicated to be of a low level of importance. Recommendations in response to the research findings included the establishment of detailed policy documentation and support for effective distribution channels in conjunction with industry and public focused information campaigns, improved municipal capacity and a greater level of technical support. A need for additional stormwater research and an increase in the capture of relevant data for GIS purposes was identified.
- Full Text:
- Date Issued: 2007
Towards a framework for identity verification of vulnerable children within the Eastern Cape
- Authors: Rautenbach, James
- Date: 2007
- Subjects: Biometric identification , Information storage and retrieval systems , Children -- Services for -- South Africa -- Eastern Cape
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9792 , http://hdl.handle.net/10948/597 , http://hdl.handle.net/10948/d1011702 , Biometric identification , Information storage and retrieval systems , Children -- Services for -- South Africa -- Eastern Cape
- Description: This dissertation proposes the development of an identification verification model that can be implemented within the context of the Eastern Cape, South Africa in order to ensure that vulnerable children are provided with the requisite care that they deserve from the state. The dissertation provides both a developed and developing world perspective on the identification verification needs of vulnerable children by providing an overview of relevant South African policy with regard to caring for vulnerable children and presenting an international perspective with specific reference to current legislative developments in the United Kingdom and Malaysia. Chapter 1 provides a motivation for a framework to be used for the identification verification of children in developing countries by emphasising that the provision of basic social services to children is an urgent requirement for poverty eradication and is a necessity as documented in the United Nations Convention on the Rights of the Child. A background to the needs of vulnerable children in South Africa is given and the scope, limitations and research methodology used in the dissertation is presented. Chapter 2 provides an overview of child related policy in the South African Context both from a National Government and Eastern Cape perspective. Although extensive progress has been made in the development of policies aimed at protecting vulnerable children, the practical implementation of these policies has been hampered by numerous issues including the lack of coordination between key entities. Chapter 3 provides an introduction to several noteworthy international developments with regard to the identity verification of vulnerable children. Lessons learnt from identity verification systems from the United Kingdom and Malaysia are analyzed for applicability to the South African context. In addition to this, the use of biometric technology in identity verification systems and a number of biometric identification methodologies available are discussed. Chapter 4 proposes the development and implementation of a biometric identity verification model in the Eastern Cape Province of South Africa based on lessons learnt from the assessment of South African policy and international best practice. The system should be piloted in the Eastern Cape and, if successful, be implemented throughout South Africa with a possible view to future implementation on the African continent. The scope of the system, the technological requirements and a high level implementation plan together with the need to further research certain key aspects e.g. the cost implications are discussed. It is clear that the development of such a model and the implementation of such a system will ensure that vulnerable children are provided with the requisite care that they are constitutionally entitled to. Significant follow up research is required during the development of the model to ensure that all aspects of the model are well documented and during the implementation of the system to ensure that the requirements of the users both within the government and the general public are met.
- Full Text:
- Date Issued: 2007
- Authors: Rautenbach, James
- Date: 2007
- Subjects: Biometric identification , Information storage and retrieval systems , Children -- Services for -- South Africa -- Eastern Cape
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9792 , http://hdl.handle.net/10948/597 , http://hdl.handle.net/10948/d1011702 , Biometric identification , Information storage and retrieval systems , Children -- Services for -- South Africa -- Eastern Cape
- Description: This dissertation proposes the development of an identification verification model that can be implemented within the context of the Eastern Cape, South Africa in order to ensure that vulnerable children are provided with the requisite care that they deserve from the state. The dissertation provides both a developed and developing world perspective on the identification verification needs of vulnerable children by providing an overview of relevant South African policy with regard to caring for vulnerable children and presenting an international perspective with specific reference to current legislative developments in the United Kingdom and Malaysia. Chapter 1 provides a motivation for a framework to be used for the identification verification of children in developing countries by emphasising that the provision of basic social services to children is an urgent requirement for poverty eradication and is a necessity as documented in the United Nations Convention on the Rights of the Child. A background to the needs of vulnerable children in South Africa is given and the scope, limitations and research methodology used in the dissertation is presented. Chapter 2 provides an overview of child related policy in the South African Context both from a National Government and Eastern Cape perspective. Although extensive progress has been made in the development of policies aimed at protecting vulnerable children, the practical implementation of these policies has been hampered by numerous issues including the lack of coordination between key entities. Chapter 3 provides an introduction to several noteworthy international developments with regard to the identity verification of vulnerable children. Lessons learnt from identity verification systems from the United Kingdom and Malaysia are analyzed for applicability to the South African context. In addition to this, the use of biometric technology in identity verification systems and a number of biometric identification methodologies available are discussed. Chapter 4 proposes the development and implementation of a biometric identity verification model in the Eastern Cape Province of South Africa based on lessons learnt from the assessment of South African policy and international best practice. The system should be piloted in the Eastern Cape and, if successful, be implemented throughout South Africa with a possible view to future implementation on the African continent. The scope of the system, the technological requirements and a high level implementation plan together with the need to further research certain key aspects e.g. the cost implications are discussed. It is clear that the development of such a model and the implementation of such a system will ensure that vulnerable children are provided with the requisite care that they are constitutionally entitled to. Significant follow up research is required during the development of the model to ensure that all aspects of the model are well documented and during the implementation of the system to ensure that the requirements of the users both within the government and the general public are met.
- Full Text:
- Date Issued: 2007
Using agreements as an abstraction for access control administration
- Authors: Reyneke, André
- Date: 2007
- Subjects: Information -- control and access , Computer security -- Management
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9791 , http://hdl.handle.net/10948/598 , http://hdl.handle.net/10948/d1011701 , Information -- control and access , Computer security -- Management
- Description: The last couple of decades saw lots of changes in the business world. Not only did technology change at a rapid pace, but businesses' views with respect to the role that information plays also changed drastically. Information is now seen as a strategic resource. This change paved the way for the so-called knowledge worker that not only consumes information, but actively participates in creating new knowledge from information. Employees must therefore be empowered to fulfill their new role as knowledge workers. Empowerment happens through job redefinition and by ensuring that the appropriate information is at hand. Although information is more readily available to employees, appropriate access controls must still be implemented. However, there is conflict between the need to share information and the need to keep information confidential. These conflicting needs must be reflected in the administration of access control. In order to resolve these conflicts, a finer granularity of access controls must be implemented. However, to implement a finer granularity of access control, an increase in the number of access controls and, therefore, the administrative burden is inevitable. Access control administrators must cater for a potentially large number of systems. These systems can not only be heterogenous as far as architecture and technology are concerned, but also with respect to access control paradigms. Vendors have realized that human involvement must be minimized, giving birth to so-called "provisioning systems". Provisioning systems, in principle, automate certain parts of access control administration. However, currently implementations are done in an ad hoc manner, that is, without a systematic process of identifying the real access control needs. This study aims to address this problem by proposing the "agreement abstraction" as a possible vehicle for systematically analyzing the access control requirements in a business. In essence, the agreement abstraction allows us to identify opportunities where access control can be automated. A specific methodological approach is suggested whereby the business is analysed in terms of business processes, as opposed to the more traditional resource perspective. Various business processes are used as examples to explain and motivate the proposed agreement abstraction further. This dissertation therefore contributes to the field of discourse by presenting a new abstraction that can be used systematically to analyse access control administration requirements.
- Full Text:
- Date Issued: 2007
- Authors: Reyneke, André
- Date: 2007
- Subjects: Information -- control and access , Computer security -- Management
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9791 , http://hdl.handle.net/10948/598 , http://hdl.handle.net/10948/d1011701 , Information -- control and access , Computer security -- Management
- Description: The last couple of decades saw lots of changes in the business world. Not only did technology change at a rapid pace, but businesses' views with respect to the role that information plays also changed drastically. Information is now seen as a strategic resource. This change paved the way for the so-called knowledge worker that not only consumes information, but actively participates in creating new knowledge from information. Employees must therefore be empowered to fulfill their new role as knowledge workers. Empowerment happens through job redefinition and by ensuring that the appropriate information is at hand. Although information is more readily available to employees, appropriate access controls must still be implemented. However, there is conflict between the need to share information and the need to keep information confidential. These conflicting needs must be reflected in the administration of access control. In order to resolve these conflicts, a finer granularity of access controls must be implemented. However, to implement a finer granularity of access control, an increase in the number of access controls and, therefore, the administrative burden is inevitable. Access control administrators must cater for a potentially large number of systems. These systems can not only be heterogenous as far as architecture and technology are concerned, but also with respect to access control paradigms. Vendors have realized that human involvement must be minimized, giving birth to so-called "provisioning systems". Provisioning systems, in principle, automate certain parts of access control administration. However, currently implementations are done in an ad hoc manner, that is, without a systematic process of identifying the real access control needs. This study aims to address this problem by proposing the "agreement abstraction" as a possible vehicle for systematically analyzing the access control requirements in a business. In essence, the agreement abstraction allows us to identify opportunities where access control can be automated. A specific methodological approach is suggested whereby the business is analysed in terms of business processes, as opposed to the more traditional resource perspective. Various business processes are used as examples to explain and motivate the proposed agreement abstraction further. This dissertation therefore contributes to the field of discourse by presenting a new abstraction that can be used systematically to analyse access control administration requirements.
- Full Text:
- Date Issued: 2007
A framework for secure mobility in wireless overlay networks
- Authors: Chen, Hejun
- Date: 2006
- Subjects: Wireless communication systems , Computer networks
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9778 , http://hdl.handle.net/10948/819 , Wireless communication systems , Computer networks
- Description: Various wireless networks are widely deployed world wide. Current technologies employed in these networks vary widely in terms of bandwidths, latencies, frequencies, and media access methods. Most existing wireless network technologies can be divided into two categories: those that provide a low-bandwidth service over a wide geographic area, for example UMTS, and those that provide a high bandwidth service over a narrow geographic area, for example 802.11. Although it would be desirable to provide a high- bandwidth service over a wide coverage region to mobile users all the time, no single wireless network technology simultaneously satisfies these require- ments. Wireless Overlay Networks, a hierarchical structure of wireless personal area, local area, and wide area data networks, is considered as an efficient and scalable way to solve this problem. Due to the wide deployment of UMTS and 802.11 WLAN, this study attempts to combine them to implement the concept of Wireless Overlay Net- works. Furthermore, the information transmitted over this Wireless Overlay Networks is protected in terms of authentication, integrity and confidentiality. To achieve this goal, this study aims to combine GPRS, Mobile IP and IPSec to propose a framework for secure mobility in Wireless Overlay Networks. The framework is developed in three steps: Firstly, this study addresses the problem of combining GPRS and Mo- bile IP, so that GPRS users are provided with Mobile IP service. This results in presenting a uniform Mobile IP interface to peers regardless of whether mobile users use UMTS or 802.11 WLAN. Secondly, this study discovers the existing problem when combining Mobile IP and IPSec, and proposes a Dual Home Agent Architecture to achieve secure mobility. Finally, based on the output of the previous two steps, a complete framework is proposed, which achieves secure mobility in Wireless Overlay Networks, specifically, in UMTS and 802.11 WLAN. The framework also implements seamless handover when mobile users switch between UMTS and 802.11. This results in UMTS and 802.11 WLAN looking like a single network when participating in this framework, and presents seamless and secure mobility.
- Full Text:
- Date Issued: 2006
- Authors: Chen, Hejun
- Date: 2006
- Subjects: Wireless communication systems , Computer networks
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9778 , http://hdl.handle.net/10948/819 , Wireless communication systems , Computer networks
- Description: Various wireless networks are widely deployed world wide. Current technologies employed in these networks vary widely in terms of bandwidths, latencies, frequencies, and media access methods. Most existing wireless network technologies can be divided into two categories: those that provide a low-bandwidth service over a wide geographic area, for example UMTS, and those that provide a high bandwidth service over a narrow geographic area, for example 802.11. Although it would be desirable to provide a high- bandwidth service over a wide coverage region to mobile users all the time, no single wireless network technology simultaneously satisfies these require- ments. Wireless Overlay Networks, a hierarchical structure of wireless personal area, local area, and wide area data networks, is considered as an efficient and scalable way to solve this problem. Due to the wide deployment of UMTS and 802.11 WLAN, this study attempts to combine them to implement the concept of Wireless Overlay Net- works. Furthermore, the information transmitted over this Wireless Overlay Networks is protected in terms of authentication, integrity and confidentiality. To achieve this goal, this study aims to combine GPRS, Mobile IP and IPSec to propose a framework for secure mobility in Wireless Overlay Networks. The framework is developed in three steps: Firstly, this study addresses the problem of combining GPRS and Mo- bile IP, so that GPRS users are provided with Mobile IP service. This results in presenting a uniform Mobile IP interface to peers regardless of whether mobile users use UMTS or 802.11 WLAN. Secondly, this study discovers the existing problem when combining Mobile IP and IPSec, and proposes a Dual Home Agent Architecture to achieve secure mobility. Finally, based on the output of the previous two steps, a complete framework is proposed, which achieves secure mobility in Wireless Overlay Networks, specifically, in UMTS and 802.11 WLAN. The framework also implements seamless handover when mobile users switch between UMTS and 802.11. This results in UMTS and 802.11 WLAN looking like a single network when participating in this framework, and presents seamless and secure mobility.
- Full Text:
- Date Issued: 2006
A fuzzy logic control system for a friction stir welding process
- Authors: Majara, Khotso Ernest
- Date: 2006
- Subjects: Friction welding , Fuzzy logic , Automatic control , Fuzzy systems
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9594 , http://hdl.handle.net/10948/405 , Friction welding , Fuzzy logic , Automatic control , Fuzzy systems
- Description: FSW is a welding technique invented and patented by The Welding Institute in 1991. This welding technique utilises the benefits of solid-state welding to materials regarded as difficult to weld by fusion processes. The productivity of the process was not optimised as the real-time dynamics of the material and tool changes were not considered. Furthermore, the process has a plastic weld region where no traditional modelling describing the interaction between the tool and work piece is available. Fuzzy logic technology is one of the artificial intelligent strategies used to improve the control of the dynamics of industrial processes. Fuzzy control was proposed as a viable solution to improve the productivity of the FSW process. The simulations indicated that FLC can use feed rate and welding speed to adaptively regulate the feed force and tool temperature respectively, irrespective of varying tool and material change. The simulations presented fuzzy logic technology to be robust enough to regulate FSW process in the absence of accurate mathematical models.
- Full Text:
- Date Issued: 2006
- Authors: Majara, Khotso Ernest
- Date: 2006
- Subjects: Friction welding , Fuzzy logic , Automatic control , Fuzzy systems
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9594 , http://hdl.handle.net/10948/405 , Friction welding , Fuzzy logic , Automatic control , Fuzzy systems
- Description: FSW is a welding technique invented and patented by The Welding Institute in 1991. This welding technique utilises the benefits of solid-state welding to materials regarded as difficult to weld by fusion processes. The productivity of the process was not optimised as the real-time dynamics of the material and tool changes were not considered. Furthermore, the process has a plastic weld region where no traditional modelling describing the interaction between the tool and work piece is available. Fuzzy logic technology is one of the artificial intelligent strategies used to improve the control of the dynamics of industrial processes. Fuzzy control was proposed as a viable solution to improve the productivity of the FSW process. The simulations indicated that FLC can use feed rate and welding speed to adaptively regulate the feed force and tool temperature respectively, irrespective of varying tool and material change. The simulations presented fuzzy logic technology to be robust enough to regulate FSW process in the absence of accurate mathematical models.
- Full Text:
- Date Issued: 2006
A holistic approach to network security in OGSA-based grid systems
- Authors: Loutsios, Demetrios
- Date: 2006
- Subjects: Computer networks -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9736 , http://hdl.handle.net/10948/550 , Computer networks -- Security measures
- Description: Grid computing technologies facilitate complex scientific collaborations between globally dispersed parties, which make use of heterogeneous technologies and computing systems. However, in recent years the commercial sector has developed a growing interest in Grid technologies. Prominent Grid researchers have predicted Grids will grow into the commercial mainstream, even though its origins were in scientific research. This is much the same way as the Internet started as a vehicle for research collaboration between universities and government institutions, and grew into a technology with large commercial applications. Grids facilitate complex trust relationships between globally dispersed business partners, research groups, and non-profit organizations. Almost any dispersed “virtual organization” willing to share computing resources can make use of Grid technologies. Grid computing facilitates the networking of shared services; the inter-connection of a potentially unlimited number of computing resources within a “Grid” is possible. Grid technologies leverage a range of open standards and technologies to provide interoperability between heterogeneous computing systems. Newer Grids build on key capabilities of Web-Service technologies to provide easy and dynamic publishing and discovery of Grid resources. Due to the inter-organisational nature of Grid systems, there is a need to provide adequate security to Grid users and to Grid resources. This research proposes a framework, using a specific brokered pattern, which addresses several common Grid security challenges, which include: Providing secure and consistent cross-site Authentication and Authorization; Single-sign on capabilities to Grid users; Abstract iii; Underlying platform and runtime security, and; Grid network communications and messaging security. These Grid security challenges can be viewed as comprising two (proposed) logical layers of a Grid. These layers are: a Common Grid Layer (higher level Grid interactions), and a Local Resource Layer (Lower level technology security concerns). This research is concerned with providing a generic and holistic security framework to secure both layers. This research makes extensive use of STRIDE - an acronym for Microsoft approach to addressing security threats - as part of a holistic Grid security framework. STRIDE and key Grid related standards, such as Open Grid Service Architecture (OGSA), Web-Service Resource Framework (WS-RF), and the Globus Toolkit are used to formulate the proposed framework.
- Full Text:
- Date Issued: 2006
- Authors: Loutsios, Demetrios
- Date: 2006
- Subjects: Computer networks -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9736 , http://hdl.handle.net/10948/550 , Computer networks -- Security measures
- Description: Grid computing technologies facilitate complex scientific collaborations between globally dispersed parties, which make use of heterogeneous technologies and computing systems. However, in recent years the commercial sector has developed a growing interest in Grid technologies. Prominent Grid researchers have predicted Grids will grow into the commercial mainstream, even though its origins were in scientific research. This is much the same way as the Internet started as a vehicle for research collaboration between universities and government institutions, and grew into a technology with large commercial applications. Grids facilitate complex trust relationships between globally dispersed business partners, research groups, and non-profit organizations. Almost any dispersed “virtual organization” willing to share computing resources can make use of Grid technologies. Grid computing facilitates the networking of shared services; the inter-connection of a potentially unlimited number of computing resources within a “Grid” is possible. Grid technologies leverage a range of open standards and technologies to provide interoperability between heterogeneous computing systems. Newer Grids build on key capabilities of Web-Service technologies to provide easy and dynamic publishing and discovery of Grid resources. Due to the inter-organisational nature of Grid systems, there is a need to provide adequate security to Grid users and to Grid resources. This research proposes a framework, using a specific brokered pattern, which addresses several common Grid security challenges, which include: Providing secure and consistent cross-site Authentication and Authorization; Single-sign on capabilities to Grid users; Abstract iii; Underlying platform and runtime security, and; Grid network communications and messaging security. These Grid security challenges can be viewed as comprising two (proposed) logical layers of a Grid. These layers are: a Common Grid Layer (higher level Grid interactions), and a Local Resource Layer (Lower level technology security concerns). This research is concerned with providing a generic and holistic security framework to secure both layers. This research makes extensive use of STRIDE - an acronym for Microsoft approach to addressing security threats - as part of a holistic Grid security framework. STRIDE and key Grid related standards, such as Open Grid Service Architecture (OGSA), Web-Service Resource Framework (WS-RF), and the Globus Toolkit are used to formulate the proposed framework.
- Full Text:
- Date Issued: 2006
Corporate information risk : an information security governance framework
- Authors: Posthumus, Shaun Murray
- Date: 2006
- Subjects: Computer security , Business enterprises -- Computer networks -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9776 , http://hdl.handle.net/10948/814 , Computer security , Business enterprises -- Computer networks -- Security measures
- Description: Information Security is currently viewed from a technical point of view only. Some authors believe that Information Security is a process that involves more than merely Risk Management at the department level, as it is also a strategic and potentially legal issue. Hence, there is a need to elevate the importance of Information Security to a governance level through Information Security Governance and propose a framework to help guide the Board of Directors in their Information Security Governance efforts. IT is a major facilitator of organizational business processes and these processes manipulate and transmit sensitive customer and financial information. IT, which involves major risks, may threaten the security if corporate information assets. Therefore, IT requires attention at board level to ensure that technology-related information risks are within an organization’s accepted risk appetite. However, IT issues are a neglected topic at board level and this could bring about enronesque disasters. Therefore, there is a need for the Board of Directors to direct and control IT-related risks effectively to reduce the potential for Information Security breaches and bring about a stronger system of internal control. The IT Oversight Committee is a proven means of achieving this, and this study further motivates the necessity for such a committee to solidify an organization’s Information Security posture among other IT-related issues.
- Full Text:
- Date Issued: 2006
- Authors: Posthumus, Shaun Murray
- Date: 2006
- Subjects: Computer security , Business enterprises -- Computer networks -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9776 , http://hdl.handle.net/10948/814 , Computer security , Business enterprises -- Computer networks -- Security measures
- Description: Information Security is currently viewed from a technical point of view only. Some authors believe that Information Security is a process that involves more than merely Risk Management at the department level, as it is also a strategic and potentially legal issue. Hence, there is a need to elevate the importance of Information Security to a governance level through Information Security Governance and propose a framework to help guide the Board of Directors in their Information Security Governance efforts. IT is a major facilitator of organizational business processes and these processes manipulate and transmit sensitive customer and financial information. IT, which involves major risks, may threaten the security if corporate information assets. Therefore, IT requires attention at board level to ensure that technology-related information risks are within an organization’s accepted risk appetite. However, IT issues are a neglected topic at board level and this could bring about enronesque disasters. Therefore, there is a need for the Board of Directors to direct and control IT-related risks effectively to reduce the potential for Information Security breaches and bring about a stronger system of internal control. The IT Oversight Committee is a proven means of achieving this, and this study further motivates the necessity for such a committee to solidify an organization’s Information Security posture among other IT-related issues.
- Full Text:
- Date Issued: 2006
Epirismm: an enterprise information risk management model
- Authors: Lategan, Neil
- Date: 2006
- Subjects: Risk management , Small business , Information technology -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9734 , http://hdl.handle.net/10948/541 , Risk management , Small business , Information technology -- Security measures
- Description: Today, information is considered a commodity and no enterprise can operate without it. Indeed, the information and the supporting technology are pivotal in all enterprises. However, a major problem being experienced in the business environment is that enterprise risk cannot be managed effectively because business and information-related risk are not congruently aligned with risk management terminology and practices. The business environment and information technology are bound together by information. For this reason, it is imperative that risk management is synergised in the business, ICT (Information and Communication Technology) and information environments. A thorough, all inclusive, risk analysis exercise needs to be conducted in business and supporting environments in order to develop an effective internal control system. Such an internal control system should reduce the exposure of risk and aid the safeguarding of assets. Indeed, in today’s so-called information age, where business processes integrate the business and ICT environments, it is imperative that a unary internal control system be established, based on a holistic risk management exercise. To ensure that the enterprise, information and ICT environments operate free of the risks that threaten them, the risks should be properly governed. A model, EPiRISMM (Enterprise Information Risk Management Model) is proposed that offers to combine risk management practices from an ICT, information, governance, and enterprise perspective because there are so many overlapping aspects inherent in them. EPiRISMM combines various well-known standards and frameworks into one coherent model. By employing EPiRISMM, an enterprise will be able to eliminate the traditional segmented approach of the ICT department and thus eliminate any previous discontinuity in risk management practices.
- Full Text:
- Date Issued: 2006
- Authors: Lategan, Neil
- Date: 2006
- Subjects: Risk management , Small business , Information technology -- Security measures
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9734 , http://hdl.handle.net/10948/541 , Risk management , Small business , Information technology -- Security measures
- Description: Today, information is considered a commodity and no enterprise can operate without it. Indeed, the information and the supporting technology are pivotal in all enterprises. However, a major problem being experienced in the business environment is that enterprise risk cannot be managed effectively because business and information-related risk are not congruently aligned with risk management terminology and practices. The business environment and information technology are bound together by information. For this reason, it is imperative that risk management is synergised in the business, ICT (Information and Communication Technology) and information environments. A thorough, all inclusive, risk analysis exercise needs to be conducted in business and supporting environments in order to develop an effective internal control system. Such an internal control system should reduce the exposure of risk and aid the safeguarding of assets. Indeed, in today’s so-called information age, where business processes integrate the business and ICT environments, it is imperative that a unary internal control system be established, based on a holistic risk management exercise. To ensure that the enterprise, information and ICT environments operate free of the risks that threaten them, the risks should be properly governed. A model, EPiRISMM (Enterprise Information Risk Management Model) is proposed that offers to combine risk management practices from an ICT, information, governance, and enterprise perspective because there are so many overlapping aspects inherent in them. EPiRISMM combines various well-known standards and frameworks into one coherent model. By employing EPiRISMM, an enterprise will be able to eliminate the traditional segmented approach of the ICT department and thus eliminate any previous discontinuity in risk management practices.
- Full Text:
- Date Issued: 2006
Monitoring and intelligent control for complex curvature friction stir welding
- Hua, Tao
- Authors: Hua, Tao
- Date: 2006
- Subjects: Friction welding , Fuzzy systems
- Language: English
- Type: Thesis , Doctoral , DTech
- Identifier: vital:9612 , http://hdl.handle.net/10948/420 , Friction welding , Fuzzy systems
- Description: A multi-input multi-output system to implement on-line process monitoring and intelligent control of complex curvature friction stir welding was proposed. An extra rotation axis was added to the existing three translation axes to perform friction stir welding of complex curvature other than straight welding line. A clamping system was designed for locating and holding the workpieces to bear the large force involved in the process between the welding tool and workpieces. Process parameters (feed rate, spindle speed, tilt angle and plunge depth), and process conditions (parent material and curvature), were used as factors for the orthogonal array experiments to collect sensor data of force, torque and tool temperature using multiple sensors and telemetry system. Using statistic analysis of the experimental data, sensitive signal features were selected to train the feed-forward neural networks, which were used for mapping the relationships between process parameters, process conditions and sensor data. A fuzzy controller with initial input/output membership functions and fuzzy rules generated on-line from the trained neural network was applied to perceive process condition changes and make adjustment of process parameters to maintain tool/workpiece contact and energy input. Input/output scaling factors of the fuzzy controller were tuned on-line to improve output response to the amount and trend of control variable deviation from the reference value. Simulation results showed that the presented neuro-fuzzy control scheme has adaptability to process conditions such as parent material and curvature changes, and that the control variables were well regulated. The presented neuro-fuzzy control scheme can be also expected to be applied in other multi-input multi-output machining processes.
- Full Text:
- Date Issued: 2006
- Authors: Hua, Tao
- Date: 2006
- Subjects: Friction welding , Fuzzy systems
- Language: English
- Type: Thesis , Doctoral , DTech
- Identifier: vital:9612 , http://hdl.handle.net/10948/420 , Friction welding , Fuzzy systems
- Description: A multi-input multi-output system to implement on-line process monitoring and intelligent control of complex curvature friction stir welding was proposed. An extra rotation axis was added to the existing three translation axes to perform friction stir welding of complex curvature other than straight welding line. A clamping system was designed for locating and holding the workpieces to bear the large force involved in the process between the welding tool and workpieces. Process parameters (feed rate, spindle speed, tilt angle and plunge depth), and process conditions (parent material and curvature), were used as factors for the orthogonal array experiments to collect sensor data of force, torque and tool temperature using multiple sensors and telemetry system. Using statistic analysis of the experimental data, sensitive signal features were selected to train the feed-forward neural networks, which were used for mapping the relationships between process parameters, process conditions and sensor data. A fuzzy controller with initial input/output membership functions and fuzzy rules generated on-line from the trained neural network was applied to perceive process condition changes and make adjustment of process parameters to maintain tool/workpiece contact and energy input. Input/output scaling factors of the fuzzy controller were tuned on-line to improve output response to the amount and trend of control variable deviation from the reference value. Simulation results showed that the presented neuro-fuzzy control scheme has adaptability to process conditions such as parent material and curvature changes, and that the control variables were well regulated. The presented neuro-fuzzy control scheme can be also expected to be applied in other multi-input multi-output machining processes.
- Full Text:
- Date Issued: 2006
Restoring trust by verifying information integrity through continuous auditing
- Authors: Flowerday, Stephen
- Date: 2006
- Subjects: Auditing, Internal , Corporate governance
- Language: English
- Type: Thesis , Doctoral , DTech
- Identifier: vital:9796 , http://hdl.handle.net/10948/504 , http://hdl.handle.net/10948/d1011920 , Auditing, Internal , Corporate governance
- Description: Corporate scandals such as Enron, WorldCom and Parmalat, have focused recent governance efforts in the domain of financial reporting due to fraudulent and/or erroneous accounting practices. In addition, the ineffectiveness of the current system of controls has been highlighted, including that some directors have been weak and ineffective monitors of managers. This board of director ‘weakness’ has called for additional mechanisms for monitoring and controlling of management, focusing on financial reporting. This problem intensifies in that today companies function in real-time, and decisions are based on available realtime financial information. However, the assurances provided by traditional auditing take place months after the transactions have occurred and therefore, a trust problem arises because information is not verified in real-time. Consequently, the errors and fraud concealed within the financial information is not discovered until months later. To address this trust problem a conceptual causal model is proposed in this study based on the principles of systems theory. The emergent property of the causal model is increased trust and control. This study establishes that mutual assurances assist in building trust and that information security assists in safeguarding trust. Subsequently, in order to have a positive relationship between the company directors and various stakeholders, uncertainty needs to be contained, and the level of trust needs to surpass the perceived risks. The study concludes that assurances need to be provided in real-time to restore stakeholder confidence and trust in the domain of financial reporting. In order to provide assurances in real-time, continuous auditing is required to verify the integrity of financial information when it becomes available, and not months later. A continuous auditing process has its foundations grounded in information technology and attends to the challenges in real-time by addressing the standardisation of data to enable effective analysis, the validation of the accuracy of the data and the reliability of the system.
- Full Text:
- Date Issued: 2006
- Authors: Flowerday, Stephen
- Date: 2006
- Subjects: Auditing, Internal , Corporate governance
- Language: English
- Type: Thesis , Doctoral , DTech
- Identifier: vital:9796 , http://hdl.handle.net/10948/504 , http://hdl.handle.net/10948/d1011920 , Auditing, Internal , Corporate governance
- Description: Corporate scandals such as Enron, WorldCom and Parmalat, have focused recent governance efforts in the domain of financial reporting due to fraudulent and/or erroneous accounting practices. In addition, the ineffectiveness of the current system of controls has been highlighted, including that some directors have been weak and ineffective monitors of managers. This board of director ‘weakness’ has called for additional mechanisms for monitoring and controlling of management, focusing on financial reporting. This problem intensifies in that today companies function in real-time, and decisions are based on available realtime financial information. However, the assurances provided by traditional auditing take place months after the transactions have occurred and therefore, a trust problem arises because information is not verified in real-time. Consequently, the errors and fraud concealed within the financial information is not discovered until months later. To address this trust problem a conceptual causal model is proposed in this study based on the principles of systems theory. The emergent property of the causal model is increased trust and control. This study establishes that mutual assurances assist in building trust and that information security assists in safeguarding trust. Subsequently, in order to have a positive relationship between the company directors and various stakeholders, uncertainty needs to be contained, and the level of trust needs to surpass the perceived risks. The study concludes that assurances need to be provided in real-time to restore stakeholder confidence and trust in the domain of financial reporting. In order to provide assurances in real-time, continuous auditing is required to verify the integrity of financial information when it becomes available, and not months later. A continuous auditing process has its foundations grounded in information technology and attends to the challenges in real-time by addressing the standardisation of data to enable effective analysis, the validation of the accuracy of the data and the reliability of the system.
- Full Text:
- Date Issued: 2006