Thomas Fogwill

The adoption of open source software in business models: a Red Hat and IBM case study

Free / Libre open source software (FLOSS/OSS) has gained increasing popularity and utilisation in commercial and governmental organisations. Universities like Harvard and Stanford now offer courses on open source as a business and also on how businesses can compete with open source firms. However, very little research has been published in regards to the influence of OSS on business strategies; the use of OSS as a viable business or its value proposition within a commercial entity. The business model, a powerful tool for extracting economic value from the potential of technological innovation, clearly plays an important role in the success of a business. In this paper we investigate the role of open source in the business models of Red Hat and IBM and describe how OSS has contributed to their success. A framework recently developed by some of the authors is used to evaluate and identify the key factors important to the integration of OSS strategies into traditional business models.

Guidelines for procedures of a harmonised digital forensic process in network forensics

Cloud computing is a new computing paradigm that presents fresh research issues in the field of digital forensics. Cloud computing builds upon virtualisation technologies and is distributed in nature. Depending on its implementation, the cloud can span across numerous countries. Its distributed nature and virtualisation introduces digital forensic research issues that include among others difficulty in identifying and collecting forensically sound evidence. Even if the evidence may be identified and essential tools for collecting the evidence are acquired, it may be illegal to access computer data residing beyond the jurisdiction of a forensic investigator. The investigator needs to acquire a search warrant that can be executed in a specific foreign country - which may not be a single country due to the distributed nature of the cloud. Obtaining warrants for numerous countries at once may be costly and time consuming. Some countries may also fail to comply with the demands of cloud forensics. Since the field of digital forensics is itself still in its infancy, it lacks standardised forensic processes and procedures. Thus, digital forensic investigators are able to collect evidence, but often fail in following a valid investigation process that is acceptable in a court of law. In addressing digital forensic issues such as the above, the authors are writing a series of papers that are aimed at providing guidelines for digital forensic procedures in a cloud environment. Live forensics and network forensics constitute an integral part of cloud forensics. A paper that deals with guidelines for digital forensic procedures in live forensics was submitted elsewhere. The current paper is therefore the second in a series where the authors propose and present guidelines for digital forensic procedures in network forensics. The authors eventually aim to have guidelines for digital forensic procedures in a cloud environment as the last paper in the series.

Digital forensic readiness in a cloud environment

Although cloud computing is maturing, security issues are still prevalent. Most of the security issues that are in the cloud have existed since the advent of the Internet. These issues are escalated in a cloud environment due to its distributed nature, multi-tenancy and the sensitive and large amount of data that is transmitted over the Internet and hosted by third parties. The security aspect that this paper focuses on concerns digital forensics. The cloud spans over multi-jurisdictions. As such, service providers hosting the data that may be required for digital forensic investigation may be reluctant to comply with foreign law enforcement agencies. Even if they comply, this may be a costly and time-consuming exercise, given the amount of hosted data that belongs to multi-tenants. In this paper we present a forensic readiness model that makes use of a Forensic Service hosted in the cloud. The model is aimed at minimizing costs associated with conducting a digital forensic investigation in a distributed cloud environment. The scope of this paper however is limited to examining the impact that a forensic readiness mechanism put in place may have on other hosted cloud services. Preliminary results have shown a negligible effect in performance of cloud services by a having our proposed digital forensic readiness mechanism in place.

Designing for scale: optimising the health information system architecture for mobile maternal health messaging in South Africa (MomConnect)

MomConnect is a national initiative coordinated by the South African National Department of Health that sends text-based mobile phone messages free of charge to pregnant women who voluntarily register at any public healthcare facility in South Africa. We describe the system design and architecture of the MomConnect technical platform, planned as a nationally scalable and extensible initiative. It uses a health information exchange that can connect any standards-compliant electronic front-end application to any standards-compliant electronic back-end database. The implementation of the MomConnect technical platform, in turn, is a national reference application for electronic interoperability in line with the South African National Health Normative Standards Framework. The use of open content and messaging standards enables the architecture to include any application adhering to the selected standards. Its national implementation at scale demonstrates both the use of this technology and a key objective of global health information systems, which is to achieve implementation scale. The system’s limited clinical information, initially, allowed the architecture to focus on the base standards and profiles for interoperability in a resource-constrained environment with limited connectivity and infrastructural capacity. Maintenance of the system requires mobilisation of national resources. Future work aims to use the standard interfaces to include data from additional applications as well as to extend and interface the framework with other public health information systems in South Africa. The development of this platform has also shown the benefits of interoperability at both an organisational and technical level in South Africa.

An integrative ICT platform for eHealth

Both eHealth and mHealth have much potential for efficient and effective health service delivery. However, fragmentation of applications and the lack of interoperability have been identified as major challenges for the effective deployment of eHealth and mHealth solutions. This paper presents the design of an integrative ICT platform for eHealth that enables (1) the integration of heterogeneous health related information, (2) the orchestration of eHealth and mHealth services and (3) easy deployment of mobile services independent of mobile device, operating system or network. The aim of the platform is to accelerate the adoption of mHealth solutions in support of the reengineered primary health care model and to facilitate the integration of existing eHealth and mHealth solutions on a service and information level. The platform is designed for the context of the South African primary healthcare system, but is relevant to any eHealth environment where integration, orchestration and mobile communication is required.

Selection and ranking of remote hosts for digital forensic investigation in a Cloud environment

Cloud computing is a new computing paradigm which presents challenges for digital forensic investigators. Digital forensics is a branch of computer security that makes use of electronic evidence to build up a criminal case or for troubleshooting purposes. Advances have been made since the advent of Cloud computing in addressing issues that came with the Cloud including that of security. However, not all aspects of security are advancing. Developments in digital forensics still leave a lot to be desired in terms of standards and appropriate digital forensic tools that are applicable in the Cloud. To achieve that, standards as well as standard tools are required for successful evidence collection, preservation, analysis and conviction in case of a criminal case. This paper contributes towards addressing issues in digital forensics by presenting an algorithm that can be used in the evidence identification phase of a digital forensic process. Data in Cloud environments exist in the Internet or in networked environments and data is always accessed remotely. There is therefore at least one connection to a host that exists in a Cloud environment. In a case of a computer system that hosts a Cloud service, the number of connections from clients can be very large. In such a scenario it is very hard to identify an attacker from both active and recently disconnected connections to a host. This may require an investigator to probe all individual IP addresses connected to the host which can be time consuming and costly. There is therefore a need for a mechanism that can identify and rank remote hosts that are connected to a victim host and that may be associated with a malicious activity. In this paper we present an algorithm that uses probabilities to identify and rank suspicious remote hosts connected to a victim host. This algorithm helps minimize the effort required of investigators to probe each IP address that is connected to a victim as connected IP addresses will be prioritized according to their rank.