CBAC – a model for conflict-based access control

Organisations that seek a competitive advantage cannot afford to compromise their brand reputation or expose it to disrepute. When employees leek information, it is not only the breach of confidentiality that is a problem, but it also causes a major brand reputation problem for the organisation. Any possible breach of confidentiality should be minimised by implementing adequate security within the organisation and among its employees. An important issue to address is the development of suitable access control models that are able to restrict access not only to unauthorised data sets, but also to unauthorised combinations of data sets. Within organisations such as banks, clients may exist that are in conflict with one another. This conflict results from the fact that clients are functioning in the same business domain and that their information should be shielded from one another because they are in competition for various reasons. When information on any of these conflicting clients is extracted from their data sets via a data-mining process and used to their detriment or to the benefit of the guilty party, this is considered a breach of confidentiality. In data-mining environments, access control usually strips the data of any identity so as to concentrate on tendencies and ensure that data cannot be traced back to a respondent. There is an active research field in data mining that focuses specifically on ‘preserving’ the privacy of the data during the data-mining process. However, this approach does not account for those situations when data mining needs to be performed to give answers to specific clients. In such cases, when the clients’ identity cannot be stripped, it is essential to minimise the chances of a possible breach of confidentiality. For this reason, this thesis investigated an environment where conflicting clients’ information can easily be gathered and used or sold, as to justify the inclusion of conflict management in the proposed access control model. This thesis presents the Conflict-based Access Control (CBAC) model. The model makes it possible to manage conflict on different levels of severity among the clients of an organisation – not only as specified by the clients, but also as calculated by the organisation. Both types of conflict have their own cut-off points when the conflict is considered to be of no value any longer. Finally, a proof-of-concept prototype illustrates that the incorporation of conflict management is a viable solution to the problem of access control as it minimises the chances of a breach of confidentialityThesis (PhD)--University of Pretoria, 2012.Computer Scienceunrestricte

Knowledge-based support for object-oriented design

The research is conducted in the area of Software Engineering, with emphasis on the design phase of the Software Development Life Cycle (SDLC). The object-oriented paradigm is the point of departure. The investigation deals with the problem of creating support for the design phase of object-oriented system development. This support must be able to guide the system designer through the design process, according to a sound design method, highlight opportunities for prototyping and point out where to re-iterate a design step, for example. A solution is proposed in the form of a knowledge-based support system. In the prototype this support guides a designer partially through the first step of the System Design task for object-oriented design. The intention is that the knowledge-based system should capture the know-how of an expert system designer and assist an inexperienced system designer to create good designs.ComputingM. Sc. (Information Systems

A Reference Point for Designing a Cybersecurity Curriculum for Universities

The objective of this study is to propose a cybersecurity curriculum from a best practice perspective for universities and other higher educational institutions. Cybersecurity is a fast-growing part of the overall job market and cybersecurity skills shortage is a factor that needs attention worldwide. An updated approach is needed to build the cybersecurity labour force. A scoping literature review was applied on academic databases for proposed cybersecurity skills cur-ricula. It was also applied on cybersecurity curricula offered by top universities as well as by studying cybersecurity curriculum frameworks and guidelines. The knowledge, skills, abilities and modules from the aforementioned were integrated to compile a holistic reference point for a cybersecurity curriculum. The study found that there is a global need for cybersecurity degrees and specifically for African countries like South African. More cybersecurity professionals need to be trained in the necessary technical abilities, combined by the necessary soft skills to be productive and fill the gaps in industry. This is possible by concentrating on this study’s proposal namely a reference point for cybersecurity modules to be included in a cybersecurity curriculum.School of Computin

Conceptualising a Cloud Business Intelligence Security Evaluation Framework for Small and Medium Enterprises in Small Towns of the Limpopo Province, South Africa

The purpose of this study was to investigate security evaluation practices among small and medium enterprises (SMEs) in small South African towns when adopting cloud business intelligence (Cloud BI). The study employed a quantitative design in which 57 SMEs from the Limpopo Province were surveyed using an online questionnaire. The study found that: (1) the level of cybersecurity threats awareness among decision-makers was high; (2) decision-makers preferred simple checklists and guidelines over conventional security policies, standards, and frameworks; and (3) decision-makers considered financial risks, data and application security, and cloud service provider reliability as the main aspects to consider when evaluating Cloud BI applications. The study conceptualised a five-component security framework for evaluating Cloud BI applications, integrating key aspects of conventional security frameworks and methodologies. The framework was validated for relevance by IT specialists and acceptance by SME owners. The Spearman correlational test for relevance and acceptance of the proposed framework was found to be highly significant at p < 0.05. The study concluded that SMEs require user-friendly frameworks for evaluating Cloud BI applications. The major contribution of this study is the security evaluation framework conceptualised from the best practices of existing security standards and frameworks for use by decision-makers from small towns in Limpopo. The study recommends that future research consider end-user needs when customising or proposing new solutions for SMEs in small towns

HCMV Displays a Unique Transcriptome of Immunomodulatory Genes in Primary Monocyte-Derived Cell Types

<div><p>Human cytomegalovirus (HCMV) is a betaherpesvirus which rarely presents problems in healthy individuals, yet may result in severe morbidity in immunocompromised patients and in immune-naïve neonates. HCMV has a large 235 kb genome with a coding capacity of at least 165 open reading frames (ORFs). This large genome allows complex gene regulation resulting in different sets of transcripts during lytic and latent infection. While latent virus mainly resides within monocytes and CD34⁺ progenitor cells, reactivation to lytic infection is driven by differentiation towards terminally differentiated myeloid dendritic cells and macrophages. Consequently, it has been suggested that macrophages and dendritic cells contribute to viral spread <i>in vivo</i>. Thus far only limited knowledge is available on the expression of HCMV genes in terminally differentiated myeloid primary cells and whether or not the virus exhibits a different set of lytic genes in primary cells compared with lytic infection in NHDF fibroblasts. To address these questions, we used Illumina next generation sequencing to determine the HCMV transcriptome in macrophages and dendritic cells during lytic infection and compared it to the transcriptome in NHDF fibroblasts. Here, we demonstrate unique expression profiles in macrophages and dendritic cells which significantly differ from the transcriptome in fibroblasts mainly by modulating the expression of viral transcripts involved in immune modulation, cell tropism and viral spread. In a head to head comparison between macrophages and dendritic cells, we observed that factors involved in viral spread and virion composition are differentially regulated suggesting that the plasticity of the virion facilitates the infection of surrounding cells. Taken together, this study provides the full transcript expression analysis of lytic HCMV genes in monocyte-derived type 1 and type 2 macrophages as well as in monocyte-derived dendritic cells. Thereby underlining the potential of HCMV to adapt to or influence different cellular environments to promote its own survival.</p></div

Enrichment of functional groups when comparing DCs with both types of macrophages and when comparing MΦ1 with MΦ2 macrophages.

<p>The HCMV was annotated and a mathematical model was used to determine which functional groups were significantly enriched in the differentially regulated genes. Based on this algorithm, genes involved in cell tropism, viral spread and immunomodulation are the most enriched groups in DCs, MΦ2 and MΦ1.</p

Expression levels of the HCMV genes transcriptome in fibroblasts (MOI 0.16).

<p>Log(10) of the RPKM values per gene were binned in six categories and mapped on the reference genome of TB40/E.</p

Percentage of mapped reads to the HCMV transcriptome in primary cell types.

<p>Six different blood donors (A-F) were processed to obtain monocytes which were differentiated to DCs, MΦ1 and MΦ2. Subsequently, these primary cell types were infected with TB40/E at MOI5. As a comparison, we infected NHDF cells (n = 3) at MOI 0.16, MOI 0.5 and MOI 5. Given in the top panel are the percentages of mapped reads on the HCMV genome for each cell type.</p

Differential regulation of HCMV gene expression in monocyte-derived DCs, MΦ1 and MΦ2 (MOI5) compared to lytic infection in NHDF fibroblasts (MOI0.16).

<p>On the graph is the fold increase or decrease (reflecting genes which are expressed higher/lower in fibroblasts than in primary cell types). Red bars represent significant changes in gene expression between the indicated cell type and NHDF fibroblasts (adjusted p<0.05), black bars indicate modulated genes which did not reach the significance threshold (adjusted p≥0.05).</p