784 research outputs found
Author ID’s: enhance visibility and accessibility: Workshop 2
Papers presented at the second workshop on Author ID’s: enhance visibility and accessibility , Auditorium, Merensky Library, University of Pretoria, 28 October 2015Follow up on the first workshop (Researcher ID Workshop), the aim of this workshop was to continue discussion on the information specialists' role in enhancing research visibility and accessibility. A large part of the workshop was devoted to a discussion and practical demonstration of ORCID ID by Mr Matthew Buys, the Regional Director of ORCID. Author IDs were also discussed from different perspectives, including a junior information specialist (Ms Lesego Makhafola); a cataloguer (Ms Martha De Waal); a researcher (Prof. Estelle Venter) and a case study at GIBS (Ms Beulah Muller).mn201
A comprehensive and harmonised digital forensic investigation process model
Thesis (PhD)--University of Pretoria, 2015.Recent decades have seen a significant increase in the importance of the field of digital
forensics as a result of the rapid development of information and communication
technologies and their penetration into every corner of our lives and society. Furthermore,
information security incidents are not only becoming more versatile every year, but are also
growing in number, thus emphasising the importance of digital forensic investigations.
Performing a digital forensic investigation requires a standardised and formalised process in
order to ensure the admissibility of digital evidence, as well as the effectiveness and
efficiency of investigations and collaboration between stakeholders. When this thesis was
being prepared, there existed neither an international standard for formalising the overarching
digital forensic investigation process, nor a process model that was accepted as a harmonised
model across different jurisdictions worldwide.
The author studied existing state-of-the-art digital forensic investigation process (DFIP)
models and concluded that there are significant disparities between them, pertaining to the
number of processes, the scope, the hierarchical levels and concepts applied (for example,
some of the models are based on the physical crime investigation processes, whereas others
focus only on the digital aspects of the investigation process). This thesis proposes a
comprehensive DFIP model that harmonises existing models for the purpose of establishing
an international standard. An effort was made to incorporate all relevant types of processes
proposed by the existing models, including those aimed at achieving digital forensic
readiness, while introducing a number of novelties.
The author introduces a novel class of processes called concurrent processes. This is a novel
contribution that should, together with the rest of the model, enable more efficient and
effective digital forensic investigations, while ensuring the admissibility of digital evidence.
The author also proposes a prototype that would guide the user through the implementation of
a standardised and harmonised DFIP, and ultimately validate the use of a proper digital
forensic investigation process.
Both the proposed model and the prototype were tested and evaluated, and the results of these
evaluations are presented in the thesis. The proposed model and the prototype contribute
significantly to the field of digital forensics. The author believes its application would render benefits that range from the higher admissibility of digital evidence and more effective
investigations to easier cross-border collaboration on international investigations, thus
fulfilling the initial reasons for creating a harmonised model. The proposed model is intended
to be used for different types of digital forensic investigation and should ultimately culminate
in an international standard. In fact, while this thesis was being written, an international
standard on digital forensic investigation process model – as developed by the author was
published as a result of the research reported on in this thesis.tm2015Computer SciencePhDUnrestricte
Digital Forensic Readiness in Mobile Device Management Systems
Dissertation (MSc)--University of Pretoria, 2018.Mobile devices have become very popular, and virtually everyone owns a smart
device. As more employees became owners of smart devices, the organisations were put under pressure to allow employees to use their smart devices for work purposes, or alternatively provide employees with smart devices.
Most organisations opted for a Bring Your Own Device policy, where employees
use their own smart devices for work purposes, with the organisation reimbursing
some of the costs. Adopting such a policy introduced risks into the organisations,
since the organisations do not own and do not have direct control over employees' personal devices.
One of the most widely used solutions to this problem is Mobile Device Management (MDM) software, which is installed on employees' devices and prevent them from taking actions that may be harmful to the organisation.
This leads us to the problem statement of this research. Since MDM systems are
purely preventative and devices are not owned by the organisation, it is expensive
and sometimes impossible for organisations to retrieve potential evidence from the devices when an incident occurs.
This research proposes a model to solve this problem by introducing a digital
forensic readiness component into an MDM system. Adding digital forensic readiness to an existing MDM solution reduces costs by collecting evidence when suspicious activity is detected, reducing investigation times and legal costs involved in collecting evidence.
A prototype was created to show that the proposed model could be implemented
in practice. The prototype shows how this solution can be utilised to collect data
from devices and utilise it in an investigation.
Finally, the research and prototype are critically evaluated, and the bene ts and
shortcomings of such a solution are presented. The author also addresses privacy
concerns arising from the data collection component.Computer ScienceMScUnrestricte
Eben Venter as gewete van die vleiseters
This artide explores the representation of meat in three novels by Eben Venter, namely Foxtrot van die vleiseters (1993) (published in translation as Foxtrot of the Meat-Eaters), Ek stamel ek sterwe (2005) (published in translation as My Beautiful Death), and Horrelpoot (2006) (published in translation as Trencherman). The author uses the metaphor of meat and meat consumption to comment on the greed and oppression associated with the white farm owner and patriarch, as well as on other related issues such as gender, the body and sexuality. Finally the artide explores the use of vegetarianism as a counter-discourse by the author to undermine the prevalent meat-loving culture associated with the farm-novel tradition in Afrikaans. In all three novels there is an opposition between life on the farm and life in the big city, predominantly life in large Australian cities after the main characters have emigrated to Australia.
Opsomming Hierdie artikel ondersoek die simboliese uitbeelding van vleis in drie romans deur Eben Venter, naamlik Foxtrot van die vleiseters (1993), Ek stamel ek sterwe (2005) (in Engels gepubliseer as My Beautiful Death) en Horrelpoot (2006) (in Engels gepubliseer as Trencherman). Die auteur gebruik die metafoor van vleis en die eet of verbruik daarvan, om kommentaar te lewer op die gierigheid en onderdrukking wat verband hou met die blanke plaaseienaar en patriarg, sowel as ander verwante kwessies soos geslag, die liggaam en seksualiteit. Uiteindelik ondersoek die artikel ook die gebruik van vegetarisme as \u27n teendiskoers deur die auteur, om sodoende die dominante vleiseterkultuur, wat verband hou met die plaasromantradisie in Afrikaans, te ondermyn. In al drie romans is daar \u27n teestelling tussen die lewe op die plaas en die in die grootstad, hoofsaaklik in groat Australiese stede, nadat die hoofkarakters na Australie geemigreer het.
FReadyPass : creating digital passports to track the location of data in the cloud
Dissertation (MSc)--University of Pretoria, 2018.The cloud has exacerbated the difficulty of digital forensic investigations because data may be spread over an ever-changing set of hosts and data centers. The normal search and seizure approach digital forensic investigators tend to follow does not scale well in the cloud because it is difficult to identify the physical device�s data resides on. The location of these devices is often unknown or unreachable. A solution to identifying the physical devices can be found in data provenance. Similar to the tags included in an email header indicating where the email originated from, a tag added to data as it is accessed both in and out of the cloud identifies where the data has been. If such a trace can be provided for data in the cloud, it may ease the investigating process by indicating where the data can be found to be able to continue with the investigation. In this research, the author proposes the development of a Digital Passport that aims to provide a detailed history of where user data came from and where it has been since it came under the control of a cloud service provider. The Digital Passport further provides the user with access control, allowing the user to choose the location from where the digital passport may be accessed. The ability to control access to the digital passport regarding its location holds many advantages for cloud service providers, users and digital forensic investigators alike. The digital passport provides digital forensic investigators with a clear audit log of where the data has been. The digital passport furthermore holds the advantage that digital forensic investigating teams are not limited by jurisdictional issues that grant them only limited access to the data they need. Because of location-based access control, it is possible to ensure the data does not move into a jurisdiction that is outside the control of the cloud service provider.Computer ScienceMScUnrestricte
Digital Forensic Model for a Cloud Environment
Thesis (PhD)--University of Pretoria, 2015.Cloud computing is a relatively new computing paradigm that builds upon virtualisation
technologies to provide hardware, platforms and software as services over the
Internet. The cloud can be deployed in four basic deployment models namely private
cloud, community cloud, public cloud and hybrid cloud. Private cloud is owned and
utilised by a single organisation and may be hosted internally and by a third party.
The community clouds is meant for organisations with similar business interests, while
the public cloud is accessible to the general public over the Internet. The hybrid cloud
is a combination of any of the other cloud deployment models.All the cloud deployment
models are characterised by multi-tenancy, namely data belonging to multiple
users reside on the same physical host. Powering off a multi-tenant host would disrupt
co-hosted services in a physical host which would then affect their availability. This
affects other tenants that are not related to an incident. The cloud is distributed and
often spans multiple jurisdictions. Its distributed nature also prevents conventional
procedures for collecting evidence data and preservation. New approaches in conducting
digital forensic investigations are required. In this thesis, different dimensions of
digital forensic challenges brought by the advent of cloud computing are presented.
The extent to which traditional digital forensic approaches address the issue of digital
forensics in cloud environments are also presented. Digital forensic standards are considered
important in this thesis as they are an aspect that can contribute positively to
investigating cloud environments when multi-jurisdictional collaboration is required.
Standards can also enhance acceptability of digital forensic evidence gathered from
cloud environments. As a solution towards addressing issues of digital forensic investigation
in cloud environments, in this thesis the author presents standard procedures
that can be used to conduct a digital forensic investigation in cloud environments. To enable execution of these procedures, a cloud forensic service model is presented
that guides digital forensic investigators through a standardised collaborative process
of investigating cloud environments. Both proposed digital forensic procedures and
the service mentioned above were evaluated in a private cloud environment. Evaluation
results have shown that a collaborative environment can be used to investigated
cloud-based incident scenes in a standardised and cost efficient manner.tm2015Computer SciencePhDUnrestricte
A Digital Forensic Readiness Approach for e-Supply Chain Systems
Dissertation (MEng)--University of Pretoria, 2019.The internet has had a major impact on how information is shared within supply chains, and in
commerce in general. This has resulted in the establishment of information systems such as esupply
chains (eSCs) amongst others which integrate the internet and other information and
communications technology (ICT) with traditional business processes for the swift
transmission of information between trading partners. Many organisations have reaped the
benefits that come from adopting the eSC model, but have also faced the challenges with which
it comes. One such major challenge is information security. With the current state of
cybercrime, system developers are challenged with the task of developing cutting-edge digital
forensic readiness (DFR) systems that can keep up with current technological advancements,
such as eSCs. Hence, the research highlights the lack of a well-formulated eSC-DFR approach
that can assist system developers in the development of e-supply chain digital forensic
readiness systems. The main objective of such a system is that it must be able to provide law
enforcement/digital forensic investigators that operate on eSC platforms with forensically
sound and readily available potential digital evidence that can expedite and support digital
forensics incident-response processes. This approach, if implemented can also prepare trading
partners for security incidents that might take place, if not prevent them from occurring.
Therefore, the work presented in this research is aimed at providing a procedural approach that
is based on digital forensic principles for eSC system architects and eSC network service
providers to follow in the design of eSC-DFR tools. The author proposes an eSC-DFR process
model and eSC-DFR system architectural design that was implemented as part of this research
illustrating the concepts of evidence collection, evidence pre-analysis, evidence preservation,
system usability alongside other digital forensic principles and techniques. It is the view of the
authors that the conclusions drawn from this research can spearhead the development of
cutting-edge eSC-DFR systems that are intelligent, effective, user friendly and compliant with
international standards.Computer ScienceMScUnrestricte
Case Study of the Usage of an Authentication and Authorization Infrastructure (AAI) in an E-learning Project
Using distributed ledger technology for digital forensic investigation purposes on tendering projects
Dissertation (MSc(Computer Science))--University of Pretoria, 2023.The tendering system used by the South African Government is regarded as a central method used by the organs of state to procure goods and services, including delivering some services to citizens with the aim of promoting social industrial, or environmental policies. Some of these projects are distributed using a tendering system aimed at developing and empowering the surrounding communities. Hence, the tendering system used by these organs of state should be fair, transparent, competitive, cost-effective, equitable, and free from corruption. However, the mismanagement of the tendering system might lead to interruption of operations, poor product quality, late service delivery, rising costs, and most importantly, fraud and corruption. The use of paperwork to share project information might also lead to the mismanagement of the tendering project because it might contribute towards illicit altering of project information during the process. This might also affect the fairness, transparency, data integrity, and competitiveness of the tendering system used by the South African Local Government. Additionally, the process of investigating any fraudulent activity is nearly impossible with the current paper-based tendering system.
The purpose of this study is to implement a Blockchain prototype that can be used to securely share project information with all the participants that have an interest in the tendering project. This Blockchain prototype is called the Share Tendering Project (ShareTendPro) network. Diagrams were used to visualise the design of the ShareTendPro network.
It is recommended that the use of the ShareTendPro network will enable various participants to have access to project information in real-time, allowing them to have access to the entire project history regardless of their geographical location. Access to real-time data would imply that the ShareTendPro network will also promote real-time auditing and digital forensic investigations because both auditors and investigators will have access to the project information of their interest in real-time. Additionally, the project information stored within the ShareTendPro network can also be regarded as credible digital evidence because it is immutable by default. Furthermore, the ShareTendPro network also seeks to reduce human interactions (i.e., human errors) by automating some of the processes within the network while assuring that all data is stored in a digital forensically sound format.Council for Scientific and Industrial Research (CSIR)Computer ScienceMSc(Computer Science)Unrestricte
On digital forensic readiness for information privacy incidents
Thesis (PhD)--University of Pretoria, 2012.The right to information privacy is considered a basic human right in countries that recognise the right to privacy. South Africa, and other countries that recognise this right, offer individuals legal protections for their information privacy. Individuals, organisations and even governments in these countries often have an obligation under such laws to protect information privacy. Large organisations, for example, multinational companies and government departments are of special concern when it comes to protecting information privacy as they often hold substantial amounts of information about many individuals. The protection of information privacy, therefore, has become ever more significant as technological advances enable information privacy to be breached with increasing ease. There is, however, little research on holistic approaches to protecting information privacy in large organisations. Holistic approaches take account of both technical and non-technical factors that affect information privacy. Nontechnical factors may include the management of information privacy protection measures and other factors such as manual business processes and organisational policies. Amongst the protections that can be used by large organisations to protect information privacy is the ability to investigate incidents involving information privacy. Since large organisations typically make extensive use of information technology to store or process information, such investigations are likely to involve digital forensics. Digital forensic investigations require a certain amount of preparedness or readiness for investigations to be executed in an optimal fashion. The available literature on digital forensics and digital forensic readiness (DFR), unfortunately, does not specifically deal with the protection of information privacy, which has requirements over and above typical digital forensic investigations that are more concerned with information security breaches. The aim of this thesis, therefore, is to address the lack of research into DFR with regard to information privacy incidents. It adopts a holistic approach to DFR since many of the necessary measures are non-technical. There is, thus, an increased focus on management as opposed to specific technical issues. In addressing the lack of research into information privacy-specific DFR, the thesis provides large organisations with knowledge to better conduct digital forensic investigations into information privacy incidents. Hence, it allows for increased information privacy protection in large organisations because investigations may reveal the causes of information privacy breaches. Such breaches may then be prevented in future. The ability to conduct effective investigations also has a deterrent effect that may dissuade attempts at breaching information privacy. This thesis addresses the lack of research into information privacy-specific DFR by presenting a framework that allows large organisations to develop a digital forensic readiness capability for information privacy incidents. The framework is an idealistic representation of measures that can be taken to develop such a capability. In reality, large organisations operate within cost constraints. We therefore also contribute by showing how a cost management methodology known as time-driven activity-based costing can be used to determine the cost of DFR measures. Organisations are then able to make cost versus risk decisions when deciding which measures in the framework they wish to implement. Lastly, we introduce the concept of a digital forensics management system. The management of DFR in a large organisation can be a difficult task prone to error as it involves coordinating resources across multiple departments and organisational functions. The concept of the digital forensics management system proposed here allows management to better manage DFR by providing a central system from which information is available and control is possible. We develop an architecture for such a system and validate the architecture through a proof-of-concept prototype.Computer Scienceunrestricte
- …
