|
|
Web application security
Matušek, Václav ; Palovský, Radomír (advisor) ; Pinkas, Otakar (referee)
The Bachelor thesis deals with the security of web applications. The main aim is to create complex view of most frequent attacks in practice and also to describe possibilities in prevention of the attacks. The prevention is described for both, user's and developer's side. Thesis contains also information about their origin and reminds the attacks from the past. It includes review of the standards and Czech legislation, which affect the security or define proper way how to develop the application. Important output of this thesis is also list of rules, which helps the developer to design secure application.
|
|
|
Security policyes of SELinux for selected application in Gnome environment
Sládek, Michael ; Palovský, Radomír (advisor) ; Vadinský, Ondřej (referee)
The goal of this work is creation of SELinux security policy for selected application. To achieve this goal is this work divided to several parts. The first part is presentation of basic security principles, on which SELinux is based and then presentation of structure of the SELinux itself. The second part is analysis of the degree of support of SELinux in some selected, user favorite, distributions of Linux. In the last part is, on the specific application, presented process of creation of SELinux security policy. Specifically, remaking of document browser Evince into secure browser of untrusted documents. The contribution of this work is to create a working policy for application Evince for GNOME user environment and mapping the extent of SELinux support in selected Linux distributions.
|
|
|
Building and use of small computer networks
Pecka, Jiří ; Pinkas, Otakar (advisor) ; Palovský, Radomír (referee)
The thesis deals with a new design for the home network according to the given requirements of its users. The main aim is to describe how the network can be expanded to include other elements to allow users to access the Internet, data storage and other services via wireless networks in selected locations. The thesis it divided into three parts. The first part describes the previous state of the network and users' requirements for improvements. The second part describes the network and device settings. The third part is devoted to the network testing, including evaluation of the signal strength of access points in all areas of the selected sites and attack simulation on the access point.
|
|
|
Building and use of small computer networks
Šilhavý, Dominik ; Pinkas, Otakar (advisor) ; Palovský, Radomír (referee)
This bachelor's thesis describes present network of Vyšší odborná škola obalové techniky a SŠ in Štětí. This school consists of five segments, which are interconnected by different technologies. In these segments it is possible to connect both with cable or wireless. The goal is to perform detail analysis of the network, thanks to which I will be able to expose narrow spots and suggest solutions which could lead to elimination of these problems. I reach it by collecting information about functionality and plans of the network, thanks to which I can perform analysis and then suggest changes leading to increased efficiency. This thesis contains description of the network including plans, network addresses, devices, security and monitoring. My contribution is performing all the measurement and based on that I can suggest changes in hardware or software leading to improvement of the current network.
|
|
|
Setup and securing of the network used by hotel guests
Prajer, Richard ; Palovský, Radomír (advisor) ; Pinkas, Otakar (referee)
The aim of this Bachelor Thesis is to secure access to the Internet in a small European hotel chain. Given the circumstances, specified in the text, following question emerged: How to delegate the responsibility of the guest's conduct on the Internet away from the hotels. Considering other possibilities I chose the individual users authentication as the best solution available. Captive portal was selected as the best authentication method regarding the hotel environment. Further the text is devoted to the tailoring of the system to the specific needs of this particular use: Both from a technical view as well as with regard to user-friendliness. The structure of the work follows the logic of the implementation process of the new system: from the theoretical introduction, which summarizes the requirements on system and it's possible executions, to the practical part. There I link the variety of tools, programs and configurations to the new system for providing the Internet connection. In conclusion, the weaknesses of the system are discussed.
|
|
|
TPM - Trusted Platform Module
Eichenmann, Filip ; Pavlíček, Luboš (advisor) ; Palovský, Radomír (referee)
The thesis begins with description of the TPM architecture and explanation of related terms. Basic functions of the chip are then described. The principles for implementation and deployment of TPM are introduced in the following part. These principles are reffered to as best practices. Then the possibilities of practical use of the chip are suggested. One chapter is specifically focused on the criticism of the chip and explains several arguments against its use. Software, which supports TPM, is discussed and compared in the next chapter. It is divided into three parts -- direct OS support, preinstalled tools and commercial solutions. Last chapter focuses on one company and its IT structure. Several possible solutions based on TPM are introduced for this particular situation. Every solution is described in more detail with suggested steps for deployment. The conclusion summarizes the results of the work and its benefits.
|
|
|
Design of nrmetwork infrastructure, ICT and application platfo for a small company.
Hurych, Tomáš ; Palovský, Radomír (advisor) ; Pinkas, Otakar (referee)
This bachelor work deals with the design of a network infrastructure for a small company. Designing a network infrastructure consists of a link between two workplaces using a wireless connection and a realization of active and passive elements on both places of work. The thesis further looks into a design and realization of an application server in the MS Windows Server environment and a data storage running on a Linux kernel. That was achieved by the analysis of possible solutions of customer requirements, selection and putting the best of them into practice. The main contribution of this work is the design of a secure, functional and an affordable solution for a small company. The work is divided into three logical aggregates. At first it analyzes the current situation of the company and the specification of its requirements. It also discusses theoretical solutions for given requirements and last but not least it includes a suggestion for their solution.
|
|
|
Application virtualization in secondary school
Černohorský, Jan ; Pavlíček, Luboš (advisor) ; Palovský, Radomír (referee)
The first part is devoted to basic concepts of general application virtualization terminology. The reader is familiar with the advantages and disadvantages of deploying virtualization technologies to deploy virtualized applications. In the following parts with the work the most important properties of selected virtualization technologies with practical examples from both testing virtualization technology are briefly described. The reader learns here mainly practical demonstrations from the use of both technologies. Advantages and disadvantages of selected technologies are pointed out in this thesis. The final part of this thesis is devoted to the practical deployment of virtualization technology APP-V in productive background in the secondary school with the explanation of selected procedures and evaluating the deployment advantages of virtualization technology to manage applications in the secondary school.
|
|
|
Analysis of attacks on asymmetric cryptosystems
Tvaroh, Tomáš ; Ivánek, Jiří (advisor) ; Palovský, Radomír (referee)
This thesis analyzes various attacks on underlying computational problem of asymmetric cryptosystems. First part introduces two of the most used problems asymmetric cryptography is based on, which are integer factorization and computation of discrete logarithm. Algorithms for solving these problems are described and for each of them there is a discussion about when the use of this particular algorithm is appropriate and when it isn't. In the next part computational problems are related to algorithms RSA and ECC and it is shown, how solving the underlying problem enables us to crack the cypher. As a part of this thesis an application was developed that measures the efficiency of described attacks and by providing easy-to-understand enumeration of algorithm's steps it can be used to demonstrate how the attack works. Based on the results of performed analysis, most secure asymmetric cryptosystem is selected along with some recommendations regarding key pair generation.
|
|
|
Setting and wireless security network
Hendrich, Michal ; Palovský, Radomír (advisor) ; Pinkas, Otakar (referee)
The work discusses wireless security in practice. And the security at access points, application-layer security, security data storage and protection against weather finally surrounding networks and the Internet. Part of the practical part, which describes the real install a RADIUS server. The RADIUS server is then connected to the enterprise Wi-Fi solution, which is called UniFi. Finally, it created an HTTP proxy that uses the user accounts created on the RADIUS server. The HTTP proxy access rights are defined, and this is achieved by different approaches to neighboring networks for different users or user groups.
|
guest ::
