MSIT Theses and Dissertations (2010)

Permanent URI for this collection

http://hdl.handle.net/11071/1446

Browse

Recent Submissions

Now showing 1 - 5 of 13
  • Thumbnail Image
    Item
    A crowdsourcing model for continual collaboration between companies and their consumers
    (Strathmore University, 2010) Mwangi, Anthony
    Crowdsourcing is a business model in which a given task is resolved or resources are accumulated from a large, diverse group of otherwise unrelated persons, often over the Internet, and normally for an incentive that is not necessarily monetary. Several models have been proposed and platforms developed, but most are faced by two key challenges. First, the resource investment required to develop and maintain enterprise-owned platforms often outweighs the benefits to be accrued for many organizations, and secondly, most outsourced crowdsourcing platforms fail to actively foster continual collaboration between the company and its consumers. The research studies the crowdsourcing models currently applied globally. This was achieved by randomly selecting crowdsourcing platforms and projects and categorizing them into identified models. These models were then compared for their support of collaboration based on criteria determined in this study as required by the research design selected – descriptive comparative research design. The factors supporting collaboration were then identified and used to design a model specifically designed to support continual collaboration between companies and their consumers. Community-based crowdsourcing models such as collective collaboration and crowd funding displayed the highest levels of collaboration. The resultant model proposes that the maintenance of the community and developing the tools be separated from the actual undertaking of crowdsourcing activities. This allows companies to continually collaborate with their consumers at a significantly reduced cost due to the economies of scale. In addition to the proposed model, other results of the research include criteria of collecting and comparing data on support a crowdsourcing platform provides for collaboration, and a refinement of the models usable for classifying crowdsourcing projects and platforms.
  • Thumbnail Image
    Item
    E-government security: information security management model for public administration in Kenya
    (Strathmore University, 2010-06) Oyieyo, William O.
    Information security in e-government in public administration in Kenya has not been adequately addressed. In order to develop an Information Security Management Model for Public Administration in Kenya, a questionnaire was used to gather data on e- government security, access control mechanisms used, presence of ICT policies, customers served, age and Internet use from 77 Public Administration employees from 24 Kenya Government ministries and agencies taking training programmes at Kenya Institute of Administration in August, 2009. The widely accepted ISACA's Business Model for Information Security and ISO/IEC 17799 Information Security Management Standard Model were used to derive the research theoretical framework. Cronbach internal consistency test on e-government services security construct of eight independent variables produced an alpha of 0,719. Logistic regression was used to test the null hypotheses. The preliminary findings indicate that e-govenment services are not secure. In government agencies where there is lCT/computer use policies, the public administration employees were in strong agreement that the e-government services were secure at X2(8, N = 77) = 18.249, P = 0.019, CI9s; and in government agencies where the citizens are considered as important customers, the public administration employees are also in strong agreement that the e-government services are secure at X\8, N = 77) = 18.082, P = 0.021, C19s. The study also found a significant relationship between age above 40 of the Public Administration employees and secure e-government services at /(8, N = 77) = 17.249, P =0.026, CI9s . The research did not find a significant relationship between the access control mechanisms and secure e-government services at X2(8, N = 77) = 12.812, P = 0.118, C19s. This study suggests that a combination of age of Public Administration employees and presence of computer lICT use policy can be used to enhance information security in Public Administration in Kenya. This study recommends further research on the contents and comprehensiveness of the ICT /Computer use policies currently existing within the Public Administration in Kenya.
  • Thumbnail Image
    Item
    Agent-based modeling of spread of computer virus in a college campus.
    (Strathmore University, 2010) Odunga, Nelson Ochieng
    Computer and data resources are critical assets to every organization. There is need to provide confidentiality, integrity, authentication and non-repudiation for these resources. Computer virus presents a threat to the provision of these requirements. Due to the increased complexity of computer virus code, there is need to study how viruses propagate in complex networks so that effective countermeasures can be developed. Of particular concern to this study was the impact of user awareness and vigilance on computer virus spread. The study aimed to come up with an agent-based computer simulation model to explain the influence of computer user awareness in controlling computer virus spread and a control framework based on this model. A questionnaire survey done for Strathmore University community revealed that users were ill-aware of computer virus and countermeasures necessary to control their spread. This information was used to calibrate the proposed model and also indicated the importance of explicitly incorporating user awareness as a parameter in any models to explain computer virus spread. The study came up with the conclusion that user awareness and vigilance (defined as the proportion of users that practice safe computing) helps control computer virus spread but only up to about 40%. Beyond that, the additional investment incurred in training users does not pay off. Based on that finding, the proposed control framework suggested training users on computer virus awareness and vigilance and also deliberately protecting network nodes within particular groups within Strathmore University community that are deemed to be important (based on their nodal degree).
  • Thumbnail Image
    Item
    Information technology in medical research improving the security of medical research information. a case study of Kenya Medical Research Institute (KEMRI)
    (Strathmore University, 2010) Lelei, Linda Chelagat
    This research describes the current status of the security of medical research information with the focus on Kenya Medical Research Institute (KEMRI) and how to improve it. Currently, there are no adequate security protection mechanisms for medical research information at the institution. The aim of this research was to design a framework that would ensure improved security of medical research information. To achieve this, the researcher had to determine and document the specific threats to the medical research information and their relative frequency of occurrence, determine the information systems security controls in place to secure the information and their relative predominance and to determine the security policies in place to govern the medical research information on storage and during transmission. Qualitative and quantitative research methods were used to collect data for the study. Research instruments employed were interviews, observations and structured questionnaires. The respondents were data analysts, lab technicians and doctors. Study results show that 75% of the threats most experienced were from viruses and worms followed by data leakage at 42.2%. The security measures in place were also inadequate, with 73% of the respondents using passwords and 68% using access restrictions. Security policies were not clearly defined, documented, distributed, or communicated to the employees and 55% were not aware of any policy. The policies were also not easily accessible. There were also no security policies to govern electronic medical research information The proposed framework, called the Comprehensive Enterprise Security Approach (CESA), consists of Security Policy, Asset Classification, Threat Classification, Controls Analysis, Implementation, Audit and Maintenance activities. When implemented, it will aid the organisation to increase user awareness through trainings, add the security measures and security policies, and protect the hardware and the information or data by preventing threats, hence increasing the security to the medical research information.
  • Thumbnail Image
    Item
    Influence of chief executive officer-chief information officer relationship on alignment of is/it to business : a case for Nairobi stock exchange listed companies
    (Strathmore University, 2010) Mugo, Eric Micheni
    This descriptive survey aimed at establishing the type of CEO/CIO relationship and the effects of this relationship on the alignment of IS/IT to the business goals. The study focused on the on the Nairobi Stock Exchange (NSE) listed companies. The research methodology involved data collection using a questionnaire, which was pretested before rolling out, where the target population was the ClO and the CEO of thirty (30) out of possible fbrt two (42) companies listed in the Nairobi Stock Exchange out of which twenty four (24) or 58% of the total population responded positively. The results show that 74% of CIOs report directly to the CEO, have budget, a strategic plan that is geared to the business strategy and had high knowledge of their business environment which strengthened their position in accessing the CEO and also involved in decision making. In the companies surveyed, the average age of the ClO was fort one (41) years and the CEO fifty (50) years with an average stay of four to five (4-5) years and greater than five (5) years respectively. In companies that had good CEO-CIO relationship, the investment in IT was high in the recent past and the return on the investment could be seen in the increased profitability. A framework has been proposed that takes into consideration the CEOClO relationship and its impact on the implementation of the organization’s business strategy. In conclusion, the study shows that most of the companies have elevated the position of the ClO to the top level management with a budgetary provision, ISSP process and the general relationship with the CEO that is good since their earlier IT phobia is slowly diminishing resulting in more interest and involvement in IT. The study recommends that organizations requires to elevate the position of the CIO to a level that s/he can influence decision making process and be innovative particularly in companies that are dealing with manufacturing.