|
| |
|
| |
|
|
Implementation of ISMS in the Commercial Company
Dejmek, Martin ; Soška, Libor (referee) ; Sedlák, Petr (advisor)
This master thesis deals with the implementation of information security management system in the company. It summarizes the theoretical background in this field and uses it to analyze the current state of information security, as well as analysis and risk management and not least the actual implementation of ISMS in the particular company. This work also contains three groups of measures that reduce the impact of identified risks and which also implements an essential parts of ISMS.
|
|
|
Mandatory access control
Grepl, Miroslav ; Soumar, Michal (referee) ; Pelka, Tomáš (advisor)
This master's thesis describes the problems of SELinux, and the methods of creation of a proper security policy with a focus on the SELinux reference policy and its mechanisms. It designs the methodics of formulation of specific security rules, supplemented with the practical example of its application. Furthermore, it describes the available security rules commonly used for http, ftp and ssh services securing, their modification and practical utilization. According to the proposed methodology, these services are protected with their own security rules and both security methods are mutually compared and evaluated.
|
|
|
The Introduction of Information Security Management System in IT Enterprise
Riegl, Tomáš ; Sedlák, Petr (referee) ; Ondrák, Viktor (advisor)
This thesis deals with the introduction of information security management system in IT enterprise. It includes theoretical knowledge which are necessary for the understanding of this issue and their application for the analysis of the current state of information security, risk analysis and risk management. Last but not least for the actual implementation of information security management system in the company. The implementation of ISMS was divided into two phases. This thesis details the first phase.
|
|
|
Draft of ICT Security Policy in Company
Špak, Jiří ; Vobecký, Tomáš (referee) ; Ondrák, Viktor (advisor)
The presented bachelor's thesis analyses problems of ICT security in the factual environment of international company operating in Brno. It is divided in to three parts. First part contains analysis of current conditions. Second part explains theoretical background. Third part includes propositions how to improve company's security situation.
|
|
|
Extending audit2allow to Provide More Restrictive Solutions
Žárský, Jan ; Janoušek, Vladimír (referee) ; Smrčka, Aleš (advisor)
The thesis analyzes the role of the audit2allow utility in troubleshooting Security-Enhanced Linux denials and proposes extensions that will provide more restrictive and more secure solutions to the user. Basic concepts of SELinux and SELinux security policy are explained. Situations when audit2allow provides ineffective and insecure solutions are analyzed. Support for generating extended permission access vector rules was implemented. Basic support for checking security labels of files was implemented. Implementation details and testing of both extensions to the audit2allow utility are described.
|
|
| |
|
| |
|
|
Integration of SELinux Audit Logs into ABRT Tool
Vrabec, Lukáš ; Kačic, Matej (referee) ; Barabas, Maroš (advisor)
The main aim of the thesis is to introduce the security of Linux operating systems and the access control list mechanism. The thesis focuses on processing security messages produced by the security mechanism into logging services and on displaying those messages. In addition, the thesis includes a concept solution and its implementation, which integrates security messages into a centralized system, keeps them and reports bugs in the Linux community distribution Fedora and in the Linux commercial distribution Red Hat Enterprise Linux.
|
guest ::
