|
|
Implementation of External Authentication Modules for nginx
Kameníčková, Petra ; Očenášek, Pavel (referee) ; Rychlý, Marek (advisor)
This bachelor's thesis describes the process of design and development of authentication modules for nginx web server. These modules are used for enrollment of nginx-based applications and services into FreeIPA environment. The first part of the thesis explains the basics of FreeIPA and nginx architectures and principles of Kerberos and PAM authentication mechanisms as well. The second part of the thesis solves the practical problems - existing Apache modules analysis, nginx design description and implementation details. The last part describes confi guration requirements and possible enhancements.
|
|
|
Secure and Usable Password Manager
Haderka, Martin ; Firc, Anton (referee) ; Malinka, Kamil (advisor)
Přístupové údaje jsou nedílnou součástí uživatelů internetu. Jedná se o mechanizmus, který umožňuje prokázání se, že se jedná oprávněnou osobu a zároveň zabraňuje znežití osobních dat cizími uživateli. Počet hesel, který si dnešní uživatel musí zapamovat, se v posledních letech značně navýšil. Existují programy (správci hesel), které tento problém uživatelům ulehčují, a jsou zároveň snadno dostupné. Přesto je používá málo lidí. Cílem této práce je zjištění problémů, které mají dopad na použitelnost správců hesel a zároveň se snaží nabídnout řešení těchto problémů. Součástí analýzy je i nalezení bezpečnostních a použitelnostních nedostatků, kterými aktuálně správci hesel trpí. V poslední části je navržena a implementována ukázka správce hesel, který nabízí důležité funkce, je dostupný a snadno použitelný všemi uživateli internetu.
|
|
|
Company User Authentication Proposal
Klaška, Patrik ; Jordán, Vilém (referee) ; Ondrák, Viktor (advisor)
This thesis is focused on the creation of functional authentication process of users into computer network in company Wistron InfoComm s.r.o. and discusses issues related to this process. The main aim of the thesis is to implement a functional and simultaneously realistic solution based on the company's requirements as well as described problems associated with the implementation of this solution.
|
|
|
Microelectronics Time-Space Authentication Techniques
Jaroš, David ; Burda, Karel (referee) ; Sýkora, Jiří (referee) ; Kuchta, Radek (advisor)
This dissertation work focusses on using information about the location of the user during the authentication process on computer networks. With the growth of mobile computer devices over the last two decades the physical location of users is becoming one of the main issues for access management. This work researches existing solutions which are divided in to two groups related to the source of location information (SATNAV systems for example GPS and based on communication with active infrastructure such as GSM, Wi-Fi). This work shows the methodology for evaluating authentication data which use the principle of fuzzy logic. In comparison with binary logic it is possible to evaluate authentication data accurately. As a result of the authentication process the information is of a higher value, which can be taken into account when setting the levels of user privileges. An important aspect of working with location information is that the user is located in the same place and from where they are asking for access to the system. Solving this question could be linking user biometrics for example finger prints. This principle is used in two types of microelectronic authentication terminals which were developed in conjunction with this work. The first type of terminal uses a SATNAV receiver and an ISM wireless communication module as a source of location information. On the first type of authentication terminal newly developed authentication techniques were tested. The users biometrics are checked by finger print sensor with embedded processing. In the second type authentication terminal a Wi-Fi and GSM module were added for location purposes. In the conclusion of this dissertation the testing methodology of the data authorization and evaluation process of the second type of microelectronic authentication terminal is shown. This confirms the practicality of the suggested methodology and the time-space information in the authentication process.
|
|
|
Security protocols in practice
Milfajt, Jiří ; Koutný, Martin (referee) ; Pelka, Tomáš (advisor)
This bachelor's thesis maps the most used AAA protocols in these days. These protocols include RADIUS, TACACS+, DIAMETER and KERBEROS. The first part considers its main signs. Then there is describes basic communication between user and server. The thesis also compares each protocol by its advantages, disadvantages and its possible security weaknesses. The second part is dedicated to configuration of RADIUS and KERBEROS protocol.
|
|
|
Browser Game with Artificial Intelligence
Moravec, Michal ; Volf, Tomáš (referee) ; Bartík, Vladimír (advisor)
Thesis describes design and implementation of a web browser game, which can be played by multiple players via the internet. The main goal is to manage the economy, although players can cooperate (trading) or play against each other (battles). NoSQL database is used for persistent storage of progress, which is also described in the thesis. Apart from human players there are also agents/bots, which play the game autonomously via state machines generated by genetic algorithms. Paper describes design and functionality of either the genetic algorithms, but also the state machines.
|
|
|
Security of Electronic Banking
Rennét, Jiří ; Müller, Richard (referee) ; Dvořák, Jiří (advisor)
Master’s thesis analyzes in detail the security of electronic banking within the chosen banks in Czech republic. On the base of these knowledge it defines and recommendes the most secure electronic banking for Profes Project s.r.o. company. In the folowing it investigates a current electronic banking in the company and it carries out basic theoretical findings.
|
|
|
Corporation Identity Management System Design
Nop, Dominik ; Klimeš,, Daniel (referee) ; Ondrák, Viktor (advisor)
This bachelor thesis’ main task is development of a new variation of the corporal identity management system. Firstly, this thesis deals with theoretical knowledge related to the subject of identity management. Secondly, it analyses the current status of the identity management system in a company ABC. A plan for system improvement in this work is based on this analysis and theoretical knowledge as well. Finally, the work contains an evaluation and suggests possible improvements of the new system for the future time.
|
|
|
Parental Mode in KDE
Mrázek, Petr ; Dittrich, Petr (referee) ; Mlích, Jozef (advisor)
This work describes the KAuthorized and KAuth authorization interfaces, which are based on the KConfig configuration system and PolicyKit authorization system, respectively. KAuth is integrated into KAuthorized and tests of this integration are implemented, along with a tool that converts the KConfig-based settings to PolicyKit. During the testing phase, a local Denial of Service attack on PolicyKit is discovered. The second part of the work decribes the port of the PolicyKit tool to KDE~4 and the improvement of its user interface.
|
|
| |
guest ::
