You are currently viewing our Archived Site. Visit http://www.uonbi.ac.ke to view our updated content
University of Nairobi
A world-class university committed to scholarly excellence
- Quick Links
- Faculties/Schools/Institutes
- Post Graduate Studies
- Biotechnology & Bioinformatics
- Open & Distance Learning
- Faculty Of Agriculture
- Faculty Of Arts
- Faculty Of Veterinary Medicine
- Development Studies
- Institute Of African Studies
- Diplomacy & International Studies
- Nuclear Science & Technology
- Tropical & Infectious Diseases
- Kenya Science Campus
- Population Studies & Research
- School Of Law
- School Of Medicine
- School Of Biological Sciences
- School Of Business
- School Of Computing & Informatics
- Continuing & Distance Education
- School Of Dental Sciences
- School Of Economics
- School Of Education
- School Of Engineering
- School Of Journalism
- School Of Mathematics
- School Of Nursing Sciences
- School Of Pharmacy
- School Of Physical Sciences
- School Of The Arts & Design
- School Of The Built Environment
LAYERED INFORMOATION SECURITY FRAMEWORK
Abstract This project has developed a framework which is layered. The framework can be used by any organization to rate their security "goodness" by being able to know what they have been able to implement and what is lacking. All the layers are equally important, they need to be secure This framework consists of nine layers and all the nine layers are not physical but logical layers. Since information flow through a network from one computer to another can be looked at as layered, flowing from the application layer to the physical layer, security can also be implemented layer wise. The security deals with more than the seven logical layers of information flow and therefore two more layers have been incorporated. These are the User/Administrative layer and the security policy layer. The security policy guides the users on what they are supposed to do and what not. The users interact with the application layer. After developing the framework it was tested using several organizations. These organizations are a representation of all the networked organizations. The testing was done using questionnaires and the questionnaires are in three sets. One set for the system administrator, another for members of staff and another for students. The students and staff questionnaire was only used in educational institutions. For the other organizations i used only the system administrator questionnaire. It will be easy for an organization to know if their network has a weakness and to know also what to put to overcome the weakness. An organization can also compare its security level in each layer and see what it has emphasized and what has been ignored. This will also increase the awareness of the organizations to improve their security. The framework has been used on several organizations and the analysis of the results done and displayed in a presentation format The results show security implementation varied from one organization to another, with some organizations having keen interest in their network implementations and others not very keen. In general private organizations were noted to be keener to protect their networks. Other organizations kept a good average for each layer and therefore they never performed very poorly in any of the layers neither extremely well in any of the layers. The results give evidence of some organizations, which really emphasized on some layers forgetting others and this could be the source of their network security problems. Generally speaking, layer six and seven were the most insecure with their security fulling below 400!cl. Layer three and eight were the most secure with their security about 75%
<< Go Back to Projects List
General Information
Contacts
-
P. O. Box 30197 - 00100GPO Nairobi
School of Computing & Informatics Building - Chiromo Campus, off Riverside Drive University of Nairobi
Tel: +254-4447870,+254-4446543,+254-4446544
Fax: +254-4447870
Email: ics@uonbi.ac.ke
Message From the Director
Read message from the Director >>