South African Computer Journal - Volume 2003, Issue 31, 2003
Volumes & issues
Volume 2003, Issue 31, 2003
Author Derrick KourieSource: South African Computer Journal 2003 (2003)More Less
No doubt, many readers will know that, after a thorough scrutiny of journal quality and policy, the Department of National Education as agreed that articles published in SACJ should be treated as articles in ISI accredited journals. That means, of course, that South African tertiary institutions whose members publish in SACJ will receive the same state subsidy that is used for publication in ISI accredited journals. Initial investigations into the process for obtaining ISI accreditation suggest that it is a rather long and bureaucratic one. It relies, inter alia, on metrics such as the number of references in existing ISI accredited journals to articles in the applying journal, on the journal's review policy, its editorial board, etc. Notwithstanding these hurdles, SACJ will continue to strive for quality that conforms to other ISI accredited journals, even though such accreditation should not be regarded as imminent.
Source: South African Computer Journal 2003, pp 2 –8 (2003)More Less
We discuss the design of an integrated security architecture for authorization and authentication in a distributed object environment. Our architecture will have four main components : an authentication engine, an interface, a session manager and an authorization engine. The core component of our model is the session manager, which issues XML-based session certificates to authenticated users. A session certificate will be used by the authorization engine to establish the legitimacy of an access request by a user. We will also describe how the architecture supports dynamic revocation of session certificates and delegation.
Author N.C. NarendraSource: South African Computer Journal 2003, pp 9 –17 (2003)More Less
Adaptive Workflow and Software Agent technology have the potential to revolutionize B2B E-Commerce in the 21st century. Adaptive workflow allows for dynamism in business process definition and enactment, while Agent technology helps to automate decision making among the entities executing the adaptive workflows. Hence integrating Adaptive Workflow and Agents is highly essential for effectively facilitating B2B E-Commerce. However, efforts to integrate the two have been lacking so far, and this paper attempts to bridge this gap.
In this paper, we describe our work on developing and implementing an integrated architecture called AdaptAgent where Adaptive Workflows and Multi-Agent Conversations are modeled, executed and adapted together. AdaptAgent extends our previous work on a 3-tier adaptive workflow architecture ; it also builds on our earlier work on what we call "flexible workflow support" , which provides a means for increased flexibility in defining and managing adaptive workflows.
Source: South African Computer Journal 2003, pp 18 –24 (2003)More Less
The domain of information security research is no longer exclusively of a technological nature as it has become permeated with aspects of human behaviour. Similarly the broad field of ethics is no longer only a human issue, as is reflected by the establishment of computing ethics as a separate research area. Advances in the past decade have led to the emergence of among others, new technologies, frameworks and methodologies in the field of computing. Examples include the Internet, global connectivity and agent technology - in particular intelligent agents. The attribute intelligentbrings with it a concomitant human characteristic that is assigned to an inanimate technological object. It is even plausible to think of communities of intelligent agents, inhabiting cyberspace, interacting with other agents, human users and hosts, and in this way developing a social life. This raises issues concerning information security as well as the ethical and social behaviour of intelligent agents.
In this paper we thus briefly discuss agent computing and its impact on the environment in which it exists. In particular we focus on some relevant security and ethical issues associated with agent computing. The purpose of the paper is to present a framework within which the security and ethical behaviour of agents can be evaluated and analysed.
Source: South African Computer Journal 2003, pp 25 –32 (2003)More Less
Security protocols make use of cryptographic techniques to achieve goals such as confidentiality, authentication and integrity. However, the fact that strong cryptographic algorithms exist does not guarantee the security of a communications system. In fact, it is recognised that the engineering of security protocols is a challenging task, since protocols that appear secure can contain subtle flaws that attackers can exploit. A number of techniques exist for the analysis of security protocol specifications. Individually they are not capable of detecting every possible flaw or attack against a protocol. However, when combined, these techniques all complement each other, allowing a protocol engineer to obtain a more accurate overview of the security of a protocol that is being designed. This is the rationale for multi-dimensional security protocol engineering, a concept introduced by previous projects of ours over several years. We propose an attack construction approach to security protocol analysis within a multi-dimensional contex. This analysis method complements the existing inference construction analysis tools developed earlier in the group. We give a brief overview of the concepts associated with the project, including a summary of existing security protocol analysis techniques, and a description of the strand space model, which is the intended formalism for the analysis.
Source: South African Computer Journal 2003, pp 33 –39 (2003)More Less
This paper describes the image analysis and processing of an automatic vehicle identification system. The envisioned system will identify vehicles based on video or still images of unique identifying marks, namely metallurgical fingerprints, as proposed by De Kock in his South African patent . Two candidate image analysis algorithms for automatic vehicle identification are selected. The selection criteria and the process for identification of these algorithms are described. The algorithms were tested on a dataset of real-world vehicle images. The experimental approach and the results obtained from applying these algorithms to the automatic vehicle identification problem form the main theme of our paper. Based on the results, the recommended system uses a nearest-neighbour classifier with features as extracted with a wedge-ring detector from the frequency domain of the image on a histogram preprocessed dataset. Finally we present excellent verification results using the proposed approach on separate verification dataset.
Source: South African Computer Journal 2003, pp 40 –45 (2003)More Less
The focus of this paper is to give an overview of current vulnerability detection and vulnerability scanner (VS) products. Since each VS product available on the software market today is developed by a separate vendor, there are significant differences in these VS products. Some VS products can detect more vulnerabilities than others. Some VS products can detect certain vulnerabilities while other VS tools may detect different vulnerabilities. Furthermore, the modus operandi of exactly how vulnerabilities are detected may also differ from one VS product to another. Due to these issues it is difficult to study the differences between these VS products especially when an organisation has to choose which VS product is the right one for their needs. This paper will attempt to point out the differences between some VS products available today by using the concept of harmonised vulnerability categories. These harmonised vulnerability categories attempt to represent the entire population of vulnerabilities as currently known. One of the advantages of using these harmonised vulnerability categories, for example, is to point out whether or not a specific VS product is able to detect specific kinds of vulnerabilities. This paper, therefore, shows salient results of how harmonised vulnerability categories can be used as an evaluation tool for VS products.
Source: South African Computer Journal 2003, pp 46 –52 (2003)More Less
Information Security Culture includes all socio-cultural measures that support technical security methods, so that information security becomes a natural aspect in the daily activity of every employee. To apply these socio-cultural measures in an effective and efficient way, certain management models and tools are needed. In our research we developed a framework analyzing the security culture of an organization which we then applied in a pre-evaluation survey. This paper is based on the results of this survey. We will develop a management model for creating, changing and maintaining Information Security Culture. This model will then be used to define explicit socio-cultural measures, based on the concept of internal marketing.
Author M.S. OlivierSource: South African Computer Journal 2003, pp 53 –61 (2003)More Less
While a number of privacy-enhancing technologies have been proposed over the past quarter century, very little has been done to generalise the notion. Privacy-enhancing technologies have typically been discussed for specific applications (such as confidential and /or anonymous e-mail) or in specific contexts (such as on the Internet). This paper takes cognisance of existing privacy-enhancing technologies, abstracts from them to a more general environment, and structures the technologies in a general architecture, based on the relationships between the technologies.
The resulting architecture consists of four layers, viz the personal communications, identity management, organisational safeguards and personal control layers. It is also argued that a strong ordering exists between the layers - in the order just given.
The proposed architecture can form the basis of an approach to constructing integrated, comprehensive privacy solutions.
Source: South African Computer Journal 2003, pp 62 –69 (2003)More Less
Infringement of privacy and denial of service attacks can take various forms. Coercing unsolicited e-mails upon an individual or an organisation is one of those not so obvious forms. Our approach aims at effectively stopping spam and minimizing false-positives by applying filters at both the sender side and the receiver side on the basis of a merit-accumulation scheme. Our merit scheme is designed in such a way that, while the cooperation of the sender and the receiver of an e-mail is voluntary, their active cooperation will reap much greater benefit. As a result, our scheme will increase the accuracy and the effectiveness of the spam filtering, and the normal e-mail traffic will steadily ferment and enrich the merits that would lead to smarter e-mail classifications and could also propagate across to the other participating organizations.