Browsing by Author "Muchiri, Geoffrey Muketha"

Filter results by typing the first few letters
Now showing 1 - 3 of 3
  • Thumbnail Image
    Item
    A conceptual model for a holistic predictive attack ability metric for secure service oriented architecture software
    (International Journal of Information and Communication Technology Research, 2012) Mbuguah, Samuel Mungai; Mwangi, Waweru; Song', Pang Chol; Muchiri, Geoffrey Muketha
    Software based systems are ubiquitous in modern day operations. There has been an increase in software based system attacks; leading to the need to equip the project managers, software designers and software developers with a better predictive attackability model at the architectural design stage. Attackability is a concept proposed recently in research literature to measure the extent that a software system or service could be the target of a successful attack. A literature survey of existing technical models was carried out to identify gaps in them. Also, a literature survey on, human traits that lead to human beings and the software system they man being subject to social engineering attacks was undertaken. Then a conceptual model has been proposed to extend the existing technical model and incorporate a social attackability model to produce a holistic predictive attackability model.
  • Thumbnail Image
    Item
    Experimental validation of the technical attack ability metrics model
    (International Journal of Information and Communication Technology Research, 2013) Mbuguah, Samuel Mungai; Mwangi, Waweru; Song, Pang Chol; Muchiri, Geoffrey Muketha
    Computer systems have become gradually and fully embedded into our daily activities. Software based systems attackers have noted these dependency, and have increased the number of attacks of such systems. Software managers and designers require a means of predicting the Attackability of system at the design state. Attackability is a concept proposed recently in literature to measure the extent that a software system or service could be the target of a successful attack. These authors have published such a conceptual model called the Holistic predictive attackability metric model for secure service oriented software. Holistic in that it comprises of a social and technical aspect. This paper is considers experimental validation of the technical metrics part of model only. The technical part uses internal software attributes; complexity cohesion and coupling (3C’s) to predict attackability an external attribute. Pilot experiments were conducted with selected objects from which relationship between Attackability and the corresponding attribute was established. A model was generated for each after carrying out Kendall Tau-b correlation, performing regression testing and curve estimation using SPSS software package. The results were then combined to generate Mean Technical attackability model metrics, which was validated through sample 12 software. Jhawk tool was used measure the 3C’s for each software. The data were to used to generate Calculated mean Technical attackability metrics. The results were tabulated against the measured mean attackability. Pearson correlation and regression testing analysis were performed. The results indicates the model and the corresponding metrics could be used in predicting the mean Technical attackability of a software system.
  • Thumbnail Image
    Item
    Factors affecting requirements elicitation for heterogeneous users of information systems
    (International Journal of Computer Science Engineering and Technology, 2015) Ronoh, Lilian Cherotich; Muchiri, Geoffrey Muketha; Wabwoba, Franklin
    Modern organizations keep up with the fast changing technology through successful information systems development and integration to automate their business operations. Among others, this can be achieved through effective requirements elicitation which a sub-phase of requirements engineering. It is recognized as one of the most critical, knowledge-intensive phase therefore determining the overall success or failure of the information system. In a setup whereby users are heterogeneous by nature, requirements elicitation becomes quite challenging. To improve the effectiveness of the requirements elicitation process from this type of users, the analysts should determine the factors that affect this process which are unique to this type of users. To address this issue, we have conducted research in two Kenyan public universities whereby information systems users are heterogeneous in nature. The objective of the study was to determine the factors that affect requirements elicitation process among heterogeneous user groups of information systems. Nine factors were identified by using multiple regression analysis namely, users’ availability, users’ and analysts’ diverse cultural background, users’ geographical distribution, communication issues, users’ awareness and training on the process, technique used, institutional politics and bureaucracy, requirements elicitation policy and user's cooperation & motivation. These factors form a practical guide that can help analysts to consider before carrying out requirements elicitation from heterogeneous users.