ISSA2002 - Information Security for South Africa

DRAFT PROGRAMME

Wednesday (Day 0)	Thursday (Day 1)	Friday (Day 2)

Day 0 – Wednesday, 10 July 2002 (Research in Progress & Capacity Building)
08:00 – 09:00	Registration
09:00 – 09:15	Welcome address – Developing research capacity in the field of Information Security, Dr Mariki Eloff, RAU Standard Bank Academy for Information Technology
09:15 - 10:00	Future Research in the field on Information Security - Dr Hettie Booysen, Information & Communication Technology (ICT) Specialist
	IS Management	IS Development
10:00 – 10:20	Corporate Governance: Information security the weakest link?, Kerry-Lynn Thomson, PE Technikon	Towards a pattern-based approach for achieving semantic integrity in object-relational databases, Lance A.K. Ingram, PE Technikon
10:20 – 10:40	A cyclic approach to Business Continuity Planning, Jacques Botha, PE Technikon	Towards a Content-based Billing Model: The Synergy between Access Control and Billing, Peter Jonathan de Villiers, PE Technikon
10:40 – 11:00	Access control and separation of duty in agent-based workflow environments, Willem Engelbrecht, PE Technikon	Quantum Cryptography - Advances in computer science may radically alter cryptography, Evan James Dembskey, Technikon SA
11:00 – 11:30	Tea
	Network / Internet Security	IS Management
11:30 – 11:50	An Analysis of Anonymity on the Internet, Francois Searle, PE Technikon	Information Security Policy - What do International Information Security Standards say?, Karin Höne , Gensec Bank
11:50 – 12:10	Secure Database Connectivity On The WWW, Marijke Coetzee, Technikon Witwatersrand	Information Security Health Check, Petrunel Gerber, PE Technikon
12:10 – 12:30	On the Semantic Web and its Web of Trust, Wesley Brandi, RAU	Auditing the Employee in the Work Environment with Regard to Information Security, Cheryl Vroom, PE Technikon
12:30 - 12:50	Security architecture of the Microsoft .NET framework, Oliver Andre Hoppe, Microsoft (UK) & PE Technikon	Information Security Awareness: Baseline Education and Certification, Lindie du Plessis, PE Technikon
12:50 - 13:10	A Model For The Dynamic Delegation Of Authorization Rights In A Secure Workflow Management System, Karin Venter, RAU	A Web-Based Portal For Information Security Education, Johan van Niekerk, PE Technikon
13:10 – 14:00	Lunch

	Certification workshop
14:00 – 14:10	Welcome and brief introduction - Prof Basie von Solms, Rau Standard Academy for Information Technology
14:10 – 14:40	ISO/IEC 17799 certification only by an Accredited Certification body - why its a must - Sean Mac Curtain, SANAS
14:40 – 15:20	ISO17799 / CERTIFICATION - Barry Paul, Bathekgi (PTY) Ltd - A SABS Subsidiary Company
15:20 – 15:50	Tea
15:50 – 16:10	ISO17799 - A Southern African perspective, Iain Muir, SAATCA and SAACB
16:10 – 16:30	Certification Panel Discussion with Prof Basie von Solms, Sean Mac Curtain, Barry Paul and Iain Muir
16:30 – 18:00	Research Workshop - Prof Rossouw von Solms, PE Technikon
18:00 - 20:00	Welcome reception and cocktails

Day 1 – Thursday, 11 July 2002
07:30 – 08:30	Registration
08:30 – 08:45	Conference opening and welcome address - Prof Jan Eloff, Chairman ISSIG
08:45 – 09:30	Key note speaker - Research Directions in Access Control - Prof Pierangela Samarati, Department of Information Technology University of Milan, Italy
09:30 – 10:15	Plenary speaker - Information Security in the context of eGovernment - Bheki Zungu, GCIO - DPSA
10:15 – 10:45	Tea
10:45 – 11:30	IT Security Governance: A Southern African perspective - Dr Karin Badenhorst, Information Security Consultant
11:30 – 12:15	Corporate Governance, IT Governance and IT Security Governance - Prof Basie von Solms, RAU Standard Bank Academy for Information Technology
12:15 – 13:30	Lunch
13:30 - 14:00	King II -Directors' reponsibility for good IT Governance, Johan Coetzee, Hofmeyr Herbstein & Gihwala Inc
14:00 – 14:30	Monitoring tools to support information security governance structure, Mark Louw, KPMG
14:30 – 15:00	Sign of the times - Analysis of the use and application of signatures in business systems looking at electronic and advanced electronic signatures as described in the ECT Bill - Maeson Maherry, NamITech
15:00 – 15:50	Tea
	Internet & Network Security	IS Management
15:30 – 16:00	Evaluating Usability Aspects of E-Commerce Sites, Paula Kotze, UNISA	A modified mean value approach to assess security risk, Albin Zuccato, Karlstad University
16:00 – 16:30	Promoting information security culture through an information security culture model, Adéle Martins, RAU & KPMG	Information Security Implementation Methodologies, Lizette Robbertze, RAU
16:30 – 17:00	Steganography - is it becoming a double-edged sword in computer security?, Kim Munro, University of the Witwatersrand	Information Security Issues in Data Mining, Marianne Loock, UNISA

17:30 – 18:30	African Rhythm Drumming Session <more...>
19:00 – 00:00	Gala dinner at Carnivore Restaurant <more...>

Day 2 – Friday, 12 July 2002
07:30 – 08:30	Registration
08:30 – 09:10	Keynote speaker - KPMG Global Security Survey 2002: A South African perspective – Frank Rizzo, KPMG Information Risk Management <more...>
09:10 – 09:50	Plenary speaker - The ways of getting a security solution implemented - Dr. Werner van der Walt, Nanoteq <more...>
09:50 – 10:30	Guest speaker - Supporting Reputations in Peer-to-Peer Networks - Prof Pierangela Samarati, Department of Information Technology University of Milan, Italy
10:30 – 11:00	Tea
11:00 – 11:30	Guest speaker - 0-DAY ARMAGEDDON: Exploring the impact of unpublished exploit code Exploring the impact of unpublished exploit code - Charl van der Walt, Sensepost <more...>
	Network Security	Technical IS
11:30 – 12:00	An Integrated Network Security Approach - Pairing Detecting Malicious Patterns with Anomaly Detection, Ulrich Ultes-Nitsche & InSeon Yoo, University of Southampton	Practical Unix Security - Securing IBM's AIX, Simon Taylor, IBM
12:00 – 12:30	An Efficient Intrusion Detection System Design, Thomas Holz, Brandenburg University of Technology	Configuring Firewalls - An XML-based Approach to Modelling and Implementing Firewall Configurations, Simon R. Chudley & Ulrich Ultes-Nitsche, University of Southampton
12:30 – 13:00	Generic Vulnerability Categories, Hein Venter, RAU	User Identification and Authentication - The First Pillar of IS Security, John Rollason, Tom Addison and Kim Munro, University of the Witwatersrand
13:00 – 13:10	Conference closing - Prof Les Labuschagne, Secretary ISSIG
13:10 – 14:30	Lunch

Day 0 – Wednesday, 10 July 2002 (Research in Progress & Capacity Building)

Registration

Certification workshop

14:00 – 14:10

14:10 – 14:40

Day 1 – Thursday, 11 July 2002

Key note speaker - Research Directions in Access Control - Prof Pierangela Samarati, Department of Information Technology University of Milan, Italy

Plenary speaker - Information Security in the context of eGovernment - Bheki Zungu, GCIO - DPSA

IT Security Governance: A Southern African perspective - Dr Karin Badenhorst, Information Security Consultant

Corporate Governance, IT Governance and IT Security Governance - Prof Basie von Solms, RAU Standard Bank Academy for Information Technology

Day 2 – Friday, 12 July 2002

Guest speaker - Supporting Reputations in Peer-to-Peer Networks - Prof Pierangela Samarati, Department of Information Technology University of Milan, Italy

Network Security

Technical IS