|
|
Secure Authentication and Access Control in Web Applications
Čižek, Martin ; Pecho, Peter (referee) ; Samek, Jan (advisor)
This thesis deals with security of web based applications and their access controlling. The work describes security of applications in WWW environment and security elements that help us to secure those systems against possible attacks. Authentication methods used in PHP applications are described in more detailed way with their advantages and disadvantages with consideration on security and usability.
|
|
| |
|
|
Mutli-Dimensional Access Control in Web Applications
Grešša, Pavol ; Burget, Radek (referee) ; Kolář, Dušan (advisor)
This master's thesis deals with the analysis, design and implementation of authentication and authorization subsystem into the environment of distributed web application. It unifies the well-known security models into the one universal security model that can be used for the development of authorization device enabling the user to secure the applications with various security models. Furthermore, it applies this integration of models into the Takeplace system.
|
|
|
Interactive Web Page Design Environment
Moravec, Jaroslav ; Očenášek, Pavel (referee) ; Burget, Radek (advisor)
This master's thesis describes an environment for creation and management of interactive web pages. It deals with both the structure design and the visual part. The basic idea is that the page consists of individual elements that can be arbitrarily composed together. There exist several kinds of such elements: interactive, content, database and informative elements. Furthermore, the environment includes tools for account management, access control, database administration, auditing, multilanguage support and some more.
|
|
|
Safety risks of current routers
Bubelíny, Peter ; Vymazal, Michal (referee) ; Vychodil, Petr (advisor)
The thesis aims to study and document the problem router security. It present the characteristic information about a router, functions, types and locations in a computer network. Because router is integrated part of network, next are described the most commonly types of attacks and generally available security technologies. The thesis also offers insight into the router as a safety device in the role of the throat network, part of the deeper security infrastructure or access point in wireless networks. Next are described the selected security technologies against some of already mentioned attacks and also are offered opportunities to improve safety router. The next are demonstrated DoS and brute-force attacks on router in ethernet network and attacks based on sniffing packets on router in wireless network. Finally, the results are presented.
|
|
|
Multiplatform authentication system
Pokorný, Lukáš ; Hajný, Jan (referee) ; Malina, Lukáš (advisor)
This thesis describes the design of a multiplatform authentication system that enables user authentication by using a wide variety of authentication tokens. The theoretical part is devoted to an overview of authentication interfaces with focus on modern methods of verification. There is also an overview of authentication schemes. The practical part gives requirements for an authentication terminal and sets a specific hardware structure, including the specification of individual functional blocks. The implementation of the software logic uses Java and JavaScript programming languages. Attention is also paid to the used authentication schemes including details and comparison of used platforms. Finally, we evaluate the user and security aspects of the proposed solution. It is also given the possibility of additional hardware and software optimization.
|
|
|
RFID based access system in rooms
Mego, Roman ; Michal, Vratislav (referee) ; Frýza, Tomáš (advisor)
The master’s thesis aims to design an access control system using the RFID technology. The system should reduce security risks associated with its use. While working on project two devices were created. First is the access terminal operating on frequency of 13.56 MHz and second is the RFID reader for PC operating at frequency 125 kHz. Software for devices was created as well as system control application for PC. The document contains an overview of the RFID principles and possibility of implementation access control system. Next part of the project describes in detail step by step the process of designing electrical circuit for system parts. Last part talks about realized software, libraries which are used and the system control application for PC.
|
|
|
Test implementation of the ACP protocol
Ležák, Petr ; Strašil, Ivo (referee) ; Burda, Karel (advisor)
In general this master’s thesis deals with access control methods and their individual modules and in particular with authentication of supplicants. There are listed authentication methods useful in the implementation of the ACP protocol. ACP protocol is also discussed including possibilities and uses. ACP message format is described in detail with AVP format and types. The transaction mechanism is also mentioned here. The main part of the thesis is focused on software design for protocol testing. Possibilities of the testing are discussed and test scenarios are suggested. Consequently, requirements for test software are listed and its implementation is designed. Furthermore, there is technical documentation of the program. The main ideas used in the program are explained in it. The purpose of each part of the program is written including links between them. Finally, there is a manual for the program. It also contains an illustrative example describing how to make and test a simple scenario of the authentication.
|
|
|
Implementation of the ACP protocol into L4 operating system
Kolarík, Tomáš ; Strašil, Ivo (referee) ; Burda, Karel (advisor)
This thesis deals with the implementation of ACP protocol which serves to manage the access for operation system based on L4 microkernel. The theoretical part of the thesis deals with methods of access management in computer networks. It focuses primarily on AAA systems which make access management possible. Furthermore it describes in detail the ACP protocol, the types of messages and their feedback. The next theoretical part is dedicated to operation systems and in particular to their architecture and services. Then we get a closer look at L4 microkernel family, their philosophy and properties. We continue with a detailed description of the L4 application interface and its ways of expansion. The practical section deals with the implemented concept of system for ACP protocol support in computers. General concept is then applied in real implementation of ACP protocol into the L4 operation system environment based on the L4 platform. To assist, I also included a detailed tutorial explaining the modeling and compilation of software for this platform. At this point we describe the methods used at the implementation and the description of particular modules and features. The end of the thesis concludes the information about the ways of testing and the implementation properties.
|
|
|
Lab of public key infrastructure
Slavík, Petr ; Lambertová, Petra (referee) ; Burda, Karel (advisor)
The aim of this thesis is to study and describe the theme of Public Key Infrastructure (PKI). Within the scope of minute PKI characterization there is a gradual depiction of particular structural elements, which are above all represented by cryptographic operations (asymetric and symetric cryptography, hash function and digital signature); then, there are also individual PKI subjects that are dealt with, like eg. certification authority, certificates, security protocols, secure heap etc. Last but not least there are a few complete Public Key Infrastructure implementation solutions described (OpenSSL, Microsft CA). The practical part of the thesis, a lab exercise, gives potential students the knowledge of installing OpenSSL system based certification authority. The next task educate students how to secure web server with certificate signed with own CA and also how to secure web server users‘ access control through certificates signed by the previously installed CA.
|
guest ::
