|
|
Electronic signature in practice
Miška, Matěj ; Burda, Karel (referee) ; Člupek, Vlastimil (advisor)
This bachelor's thesis deals with the creation and development of a system for management and security of digital certificates used for signing documents. The application created in this thesis is conceptualised as a console application used from command line of a system. This solution is justified by the possibility of being continued as a graphic user interface extension or adopted by another application. The application allows for the creation of a user account, through which a person can import their certificates with passwords into the application and subsequently use the certificates in signing PDF documents or PNG files. Algorithms ensuring the security of saved data are implemented by the application. The theoretical part of this thesis analyzes the creation and work with certificates and signature keys in real life, including the creation of own self-signed certificate. The theoretical part concludes with the testing of usage of the certificates.
|
|
|
Traffic detection and analysis using SSL/TLS
Hutar, Jan ; Dvořák, Jan (referee) ; Smékal, David (advisor)
This diploma thesis deals with a detection and analysis of secure connections of electro- nic communication through SSL/TLS protocols. The thesis begins with introduction to SSL/TLS protocols. Thereafter, an analysis of messages used to establish secure con- nections using STARTTLS and postal protocols SMTP, POP3, and IMAP was made. Metadata detection and extraction of secured simplex and duplex connections take place using deep packet inspection tools. The tool of choice is the nDPI library from the Ntop project. The library was extended to detect the connections and extract the metadata based on studies and analysis of transmitted messages. Finally, testing is performed on a training data set and a basic analysis of acquired metadata is made.
|
|
|
Trusted proxy in SSL/TLS connection
Smolík, Jiří ; Forst, Libor (advisor) ; Lukeš, Dan (referee)
The problem of SSL/TLS interception ("trusted proxy in SSL/TLS connection") has been known for years and many implementations exist. However, all of them share a single technical solution which is based solely on the PKI authentication mechanism and suffers from multiple serious disadvantages. Most importantly, it is not compatible with several aspects or future trends of SSL/TLS and PKI, there's almost no space for improvement and its real use may spawn legal issues. After we analyze technical background and the current solution, we will propose another one, based not only on PKI but SSL/TLS too. Both solutions will be compared and general superiority of the new one will be shown. Basic implementation and analysis will follow, along with deployment requirements and ideas for future development. Powered by TCPDF (www.tcpdf.org)
|
|
|
Support of Secure Boot in Systemd-Boot Project
Sekletár, Michal ; Kočí, Radek (referee) ; Smrčka, Aleš (advisor)
The aim of this master thesis is to convey an ellaborate overview of Secure Boot, the technology used for an authentization during a platfrom boot up. Overview is followed by a description of contemporary implementations of Secure Boot found in the operating systems based on the Linux kernel. Finally, we propose a new implemenation of Secure Boot support in the systemd-boot project.
|
|
|
Web Services Security for a Service Provider
Liška, Stanislav ; Jaša, Petr (referee) ; Rychlý, Marek (advisor)
This work makes the task of providing readers with insight into the possibilities of Web services security and authentication. The second chapter explains the general Web services and the third charter deals with security protocols along with authentication. The charter possibility of securing Web services in Java Enterprise Edition are described in the fourth chapter. The fifth chapter is devoted to Web services from the perspective of the service provider. The sixth chapter describes the implementation of secure services and seventh charter deals with testing services with the possibility of further extension.
|
|
|
Security of Electronic Documentation in Medical Environment
Hauserová, Markéta ; Malinka, Kamil (referee) ; Barabas, Maroš (advisor)
Thesis is analyzing czech laws which are related to medical documentation. Describes the points which are mandatory for information system, so the medical documentation can be stored electronically. Includes various algorithms for implementation of certain electronic signature and for identification of person. This thesis deals with asymmetric cryptography, specifically RSA, DSA, and ECDSA. Describes the hash functions and their functions and their characteristics. Describes the principle of the certificate, ways of its obtaining, invalidation and their formats. Analyzes medical information system and suggests ways to create a program for signing medical records. Then based on that analysis, the program is implemented. At the conclusion of the work is discussed, if created program meets the criteria.
|
|
|
Web Services Security for a Service Consumer
Novotný, Petr ; Weiss, Petr (referee) ; Rychlý, Marek (advisor)
The objective of this project was to introduce to a reader different possibilities of a web security and its authentication. Another part of this project was to create a client application communicates with the web service. The client part should at the some time serve the web services developer for checking chosen web securities.
|
|
|
Anonymous communication on the internet
Hořejš, Jan ; Babnič, Patrik (referee) ; Rosenberg, Martin (advisor)
The objective of this master’s thesis was to describe current capabilities of anonymous browsing over the Internet. The theoretical part focuses on three main methods of anonymization with main focus on Tor network. The master‘s thesis describes advantages and disadvantages of different solutions and possible attacks on them. In the next part is demonstrated Tor network, implementation of Hidden service and secured access to the server for clients and possible attacks against this proposal. The work also includes the results of measurements of all three anonymizers and the effects on their speed.
|
guest ::
