Secure VoIP Performance Measurement

This project presents a mechanism for instrumentation of secure VoIP calls. The experiments were run under different network conditions and security systems. VoIP services such as Google Talk, Express Talk and Skype were under test. The project allowed analysis of the voice quality of the VoIP services based on the Mean Opinion Score (MOS) values generated by Perceptual valuation of Speech Quality (PESQ). The quality of the audio streams produced were subjected to end-to-end delay, jitter, packet loss and extra processing in the networking hardware and end devices due to Internetworking Layer security or Transport Layer security implementations. The MOS values were mapped to Perceptual Evaluation of Speech Quality for wideband (PESQ-WB) scores. From these PESQ-WB scores, the graphs of the mean of 10 runs and box and whisker plots for each parameter were drawn. Analysis on the graphs was performed in order to deduce the quality of each VoIP service. The E-model was used to predict the network readiness and Common vulnerability Scoring System (CVSS) was used to predict the network vulnerabilities. The project also provided the mechanism to measure the throughput for each test case. The overall performance of each VoIP service was determined by PESQ-WB scores, CVSS scores and the throughput. The experiment demonstrated the relationship among VoIP performance, VoIP security and VoIP service type. The experiment also suggested that, when compared to an unsecure IPIP tunnel, Internetworking Layer security like IPSec ESP or Transport Layer security like OpenVPN TLS would improve a VoIP security by reducing the vulnerabilities of the media part of the VoIP signal. Morever, adding a security layer has little impact on the VoIP voice quality

Small Business Information Security

Small businesses account for over fifty percent of the Gross National Product of the U.S. economy; and the security of their information systems is critical for them to operate, compete, and remain profitable. While many security studies have been conducted and reported on enterprise scale organizations, similar research on small businesses in the U.S. is limited. One small business was evaluated by an information security audit to determine if its information resources and network were adequately secure, and will be used as a test case to identify an approach a typical small business may take to secure their networks and data to avoid unnecessary liability exposure. By examining the specific risk factors in this case study, the author believes parallels can be drawn by other small businesses as a starting point for examining their own risk factors. Additionally this study provides a series of proposed mitigation processes to improve the small businesses' network security that can be adopted by other small businesses in like circumstances. The mitigation processes are specifically tailored to the small business industry itself, as opposed to a larger organization that has a greater exposure to risk vulnerability and that also has larger asset pools from which to secure their networks.   The method utilized for this research was qualitative in nature, using a form of Participatory Action Research (PAR). This approach was most appropriate in that it allows the researcher to act in partnership with the small business to attempt to affect social change that will help in securing the small business's information resources. An information security audit was performed on a small business to identify actual and potential threats, and an electronic questionnaire was distributed to the employees to gauge their individual perspectives of the clarity and comprehensibility of the business's security policy, the consequences of violations to the company's policy, how well the company's policy is disseminated and tracked for compliance, and if they have knowledge of steps to be taken in response to an incident or disaster. There were four objectives of this study. The first objective was to evaluate a small business's information security posture. The second objective was to determine if the small business had experienced any information technology security incidents. The third objective was to evaluate whether the incidents were caused by a lack of a policy, standard or procedure; an ineffective policy, standard or procedure; a lack of training and education; or a reluctance to enforce or monitor adherence to established policy, standards, or procedures. And the fourth objective was to recommend to the small business any changes or additions that would reduce the small business's exposure to information security threats, risks and vulnerabilities through effective information security risk management.  M.S

New marketing opportunities for fixed line telecommunication operators in South Africa : a strategic evaluation

Information, communication and broadcasting convergence is changing the business landscape in South Africa, as organisations adopt new converged information, communication technology (ICT) products and services to satisfy the needs of customers. Simultaneously, major changes are taking place in the South African telecommunications business environment creating new marketing opportunities and threats for Telkom SA, the only fixed line telecommunication operator in South Africa. Some of the findings of the study are • the commodization of the fixed line telecommunication network • political and regulatory changes are reshaping the telecommunications landscape by allowing the entry of new competitors • new technological innovations in Information Communication Technology (ICT) and mobile communication is driving change • social and economic change is fueling the speed of environmental change poor economic climate is quickening the competitive pace amongst South African businesses forcing them to attain efficiencies and effectiveness for survival • organisations worldwide are competing for limited resources and markets and turning to ICT to achieve their objectives • customer needs are changing - demanding better and innovative communication products and services - providing opportunities to competitors • the Internet is reshaping traditional business models as businesses are seeking to establish competitive advantages through the Internet • the migration of the Internet to the mobile telephony sector These changes are creating new marketing opportunities and threats for South African fixed line telecommunication operators and are threatening the survival of fixed line telecommunication operators worldwide and in South Africa. Information Technology, broadcasting and telecommunication technology convergence, has created many new ICT products and services opportunities that telecommunication competitors are offering existing customers of the fixed line operators network indicating lethargy from their side. In order for the fixed line operators to survive they must apply innovation and revise their strategic planning models.Business ManagementDCOM (Business Management