ETD Collection

Permanent URI for this collectionhttps://wiredspace.wits.ac.za/handle/10539/104


Please note: Digitised content is made available at the best possible quality range, taking into consideration file size and the condition of the original item. These restrictions may sometimes affect the quality of the final published item. For queries regarding content of ETD collection please contact IR specialists by email : IR specialists or Tel : 011 717 4652 / 1954

Follow the link below for important information about Electronic Theses and Dissertations (ETD)

Library Guide about ETD

Browse

Subject: search.filters.subject.Data encryption (Computer science)

Search Results

Now showing 1 - 3 of 3
  • No Thumbnail Available
    Item
    Government and private sector cooperation on security of critical information infrastructures
    (2017) Mshunqane, Zoyisile
    Information and Communications Technologies (ICTs), in particular interconnected computer and related digital systems, create opportunities for innovation, competitiveness and economic growth. These technologies also expose key sectors of the economy such as banking, telecommunications, manufacturing, emergency services, transportation, energy, and social services to new security risks and threats. This security challenge has given rise to a need for the adoption of appropriate strategies to secure critical information systems commonly referred to as Critical Information Infrastructures or CIIs. The European Union defines CIIs as ICT systems that are critical and essential for the operation of Critical Infrastructures, such as telecommunications, computers, the internet, and communications satellites. The African Union has defined CIIs as the cyber infrastructures essential to vital services for public safety, economic stability, national security, international stability, and the sustainability and restoration of critical cyberspace. Given their complexity and sophistication, CIIs are increasingly owned or operated by the private sector, and governments generally purchase these services on behalf of the general public. This interdependence between the public and private sectors calls for structured co-operation aimed at ensuring the security and uninterrupted availability of CIIs. This study examines the extent to which South Africa’s public policies for securing CIIs promote co-operation between the government and the private sector. It includes a literature review which shows that policy aimed at promoting and regulating public-private cooperation is a key element of efforts to secure CIIs and combat cybercrime in Europe, the Americas and Asia. The report also shows that the Council of Europe, through the Budapest Convention, has played a central role in creating a legal framework for combating cybercrime and promoting public- private cooperation on cybersecurity. Government and private sector cooperation on security of Critical information Infrastructures Page 11 of 80 Research also shows that not much has been done in Africa to combat cybercrime. Some initiatives have been undertaken by Senegal, Morocco, South Africa and Mauritius. These countries are members of the Budapest Convention, and participated in initiatives of the Council of Europe in their capacity as members of the Convention. In 2014, the AU adopted the AU Convention on Cyber Security and Personal Data Protection. This convention has only been signed by eight of 54 African countries, and has not entered into force because it has not been ratified by the required number of countries. This means that there is no valid instrument for promoting cooperation on cyber security in Africa. Since 2002, the South African government has adopted various policies and laws aimed at promoting cooperation with the private sector. However, there is no evidence of these policies or legislation being implemented. The research also shows that the government has failed to develop a consistent strategy for implementing policy in this field. In 2015, the government approved the National Cybersecurity Policy Framework (NCPF), which calls for public–private partnerships and cooperation. However, the research shows that it has not adopted a strategy that will allow this approach to succeed. In this regard, the research report points to the 5C protocol as a useful guide to successful policy implementation. In interviews conducted for this study, senior government officials acknowledge that, as in many other areas of governance, good policy has been made, but implementation is lagging. The study concludes with recommendations for improving cyber security in South Africa. These include fast-tracking the Cybersecurity and Cybercrimes Bill, which has been tabled in Parliament; developing and institutionalising a policy implementation framework in line with the 5C protocol; and developing the required skills and capacity to institutionalise and structure cooperation between the government the private sector in identifying and protecting CIIs, and pursuing a regional approach to cybersecurity
  • No Thumbnail Available
    Item
    JSE Matching engine simulator
    (2017) Sing, Dharmesh
    The Johannesburg Stock Exchange (JSE) started High Frequency Trading when their matching engine moved from London to Johannesburg in 2012. The study of market microstructure at the JSE is not possible without access to their matching engine. This dissertation investigates the challenges of studying market microstructure and describes the design and implementation of an open source matching engine. CoinTossX was developed as an open source low latency high throughput stock exchange. The software was developed in Java and used open source libraries. The software is tested using an 8-variate mutually-exciting Hawkes process to govern the times of coupled liquidity demand and supply events, while trade and quote prices and volumes are generated consistent with the event type. The testing showed that CoinTossX is able to support multiple clients, stocks and matching algorithms.
  • No Thumbnail Available
    Item
    Whether using encryption in SCADA systems, the services performance requirements are still met in OT IT environment over an MPLS core network?
    (2016) Chego, Lloyd
    Utilities use Supervisory Control and Data Acquisition systems as their industrial control system. The architecture of these systems in the past was based on them being isolated from other networks. Now with recent ever changing requirements of capabilities from these systems there is a need to converge with information technology systems and with the need to have these industrial networks communicating on packet switched networks there are cyber security concerns that come up. This research project looks at the whether using encryption in an IP/MPLS core network for SCADA in an OT IT environment has an effect on the performance requirements. This was done through an experimental simulation with the results recorded. The research project also looks at the key literature study considerations. The key research question for the research project of this MSc 50/50 mini-thesis is “whether using encryption in SCADA systems, the services performance requirements are still met in OT/ IT environment over an MPLS core network”? The research project seeks to determine if SCADA performance requirements are met over an encrypted MPLS/IP core network in an OT/IT environment. The key focus area of the research project is only encryption in the whole cyber security value chain versus SCADA services performances. This means that the research project only focused on the encryption portion of the whole cyber security value chain and the scope did not focus on other aspects of the value chain. This suffices for an MSc 50/50 mini-thesis research project as a focus on the whole value chain would require a full MSc thesis. Thus the primary objective for the research project is to research and demonstrate that encryption is essential for secure SCADA communication over a MPLS/IP core network. As aforementioned encryption forms an essential part of the Cyber Security value chain which has to achieve the following objectives. Confidentiality: ensuring that the information source is really from that source. Integrity: ensuring that the information has not been altered in any way. Availability: ensuring that system is not comprised but that it is available. These objectives of encryption should be met with SCADA service performance requirements not violated which is the objective of the research project.