|
|
Organizational measures to ensure information security at Faculty of business and management
Mráz, Tomáš ; Petr,, Barták (referee) ; Sedlák, Petr (advisor)
This diploma thesis deals with the analysis of the current state and the design of security measures within the information security management system at the Faculty of Business, Brno University of Technology. The proposed security measures take into account in particular the requirements set by Act No. 181/2014 Coll. on Cyber Security and on Amendments to Related Acts and Decree No. 82/2018 Coll. on security measures, cyber security incidents, reactive measures, filing requirements in the field of cyber security and data disposal.
|
|
|
Software for assisted study of access control protocols
Kopuletý, Michal ; Burda, Karel (referee) ; Vlček, Lukáš (advisor)
This bachelor’s thesis allows the reader to penetrate into the issues of access control protocols in area such as computer network, banking and access contactless cards. Each chapter provides example of frequently used authentication methods and lists of the pros and cons. Partially describes the methods of authoritzation. The main outcome of this bachelor’s thesis is an educational software executable in a web browser. For the reader’s better understanding there are, animation in the software. In order to verify student knowledge, there are test in teaching material. The thesis proposal provides authentication protocol that can be implemented into ACP protocol. The proposed authentication protocol can transmit information to a wide number of authentication methods (hash, symmetric cryptography, asymmetric cryptography)
|
|
|
RFID based access system in rooms
Mego, Roman ; Michal, Vratislav (referee) ; Frýza, Tomáš (advisor)
The master’s thesis aims to design an access control system using the RFID technology. The system should reduce security risks associated with its use. While working on project two devices were created. First is the access terminal operating on frequency of 13.56 MHz and second is the RFID reader for PC operating at frequency 125 kHz. Software for devices was created as well as system control application for PC. The document contains an overview of the RFID principles and possibility of implementation access control system. Next part of the project describes in detail step by step the process of designing electrical circuit for system parts. Last part talks about realized software, libraries which are used and the system control application for PC.
|
|
|
Secure Authentication and Access Control in Web Applications
Čižek, Martin ; Pecho, Peter (referee) ; Samek, Jan (advisor)
This thesis deals with security of web based applications and their access controlling. The work describes security of applications in WWW environment and security elements that help us to secure those systems against possible attacks. Authentication methods used in PHP applications are described in more detailed way with their advantages and disadvantages with consideration on security and usability.
|
|
|
Secret Sharing Authentication Key Agreement
Ryšavá, Pavla ; Dzurenda, Petr (referee) ; Ricci, Sara (advisor)
Práce se zabývá implementací a vytvořením kryptografické knihovny a grafického uživatelského rozhraní (GUI) pro nově navržený protokol "Smlouva o autentizačním klíči na základě Shamirova sdílení tajemnství" (ang. "Shamir’s Secret Sharing-based Authenticated Key Agreement", zkráceně ShSSAKA). Protokol je založený na principu AKA (autentizovaná domluva klíče), Schnorrově podpisu a rozšířen Paillierovým schématem pro možnost podílení se více zařízení na podpisu a autentizaci. Prezentovány jsou také benchmarky na osobním počítači a RaspberryPi.
|
|
|
Organizational measures to ensure information security at Faculty of business and management
Mráz, Tomáš ; Petr,, Barták (referee) ; Sedlák, Petr (advisor)
This diploma thesis deals with the analysis of the current state and the design of security measures within the information security management system at the Faculty of Business, Brno University of Technology. The proposed security measures take into account in particular the requirements set by Act No. 181/2014 Coll. on Cyber Security and on Amendments to Related Acts and Decree No. 82/2018 Coll. on security measures, cyber security incidents, reactive measures, filing requirements in the field of cyber security and data disposal.
|
|
|
Secret Sharing Authentication Key Agreement
Ryšavá, Pavla ; Dzurenda, Petr (referee) ; Ricci, Sara (advisor)
Práce se zabývá implementací a vytvořením kryptografické knihovny a grafického uživatelského rozhraní (GUI) pro nově navržený protokol "Smlouva o autentizačním klíči na základě Shamirova sdílení tajemnství" (ang. "Shamir’s Secret Sharing-based Authenticated Key Agreement", zkráceně ShSSAKA). Protokol je založený na principu AKA (autentizovaná domluva klíče), Schnorrově podpisu a rozšířen Paillierovým schématem pro možnost podílení se více zařízení na podpisu a autentizaci. Prezentovány jsou také benchmarky na osobním počítači a RaspberryPi.
|
|
|
Framework and DSL for Ensemble-Based Access Control
Matějek, Jan ; Bureš, Tomáš (advisor) ; Kofroň, Jan (referee)
Access control policies typically take the form of a set of static rules pertaining to individual entities under control. This can be impractical in real-world scenarios: authorization invariably depends on wider situational context which often tends to be highly dynamic. This leads to increasingly complex rules, which have to change over time to reflect the evolution of the controlled system. Ensemble-based architectures allow dynamic formation of goal-oriented groups in systems with large number of independent autonomous components. Because of the ad-hoc and situation-aware nature of group formation, ensembles offer a novel way of approaching access control. The goal of this work is to design a Scala framework and internal DSL for describing access control related situations via ensembles. In particular, the framework will define ensemble semantics suitable for evaluating the ensembles and establishing access control at runtime.
|
|
|
Cloud-Based Data Access Control
Chovanec, Erik ; Malina, Lukáš (referee) ; Hajný, Jan (advisor)
This thesis is dealing with problematic of cloud storage. The goal of this thesis is the implementation of cloud storage, that will be able to provide the required functionality. These functionalities are access control of multiple users, group rights, long-term file archiving, secure data transmission to cloud storage, protection of data integrity and confidentiality during transmission and storage. For achieving this goal, there is an evaluation of suitability using public cloud providers. Based on this evaluation, there was a conclusion, that these services are not suitable for storing highly sensitive data. Next is an evaluation of advantages associated with using software that is licensed under a free or open-source software license. Even though there are high start-up costs on infrastructure and there is a necessity to make a huge effort to run custom infrastructure with cloud storage, it is a much better option. Especially if it will be used for storing sensitive data. The following chapter describes an extensive analysis of existing open-source and free-software solutions. In the final part of this chapter, the application Nextcloud has been selected since it provides the most of required functionalities. The thesis also contains an installation of Nextcloud and shows its main functions. There are basic load tests, which are telling us about the efficiency of successfully dealing with parallel requests. In the last section of this thesis, we are dealing with the implementation of missing functionality in Nextcloud. This functionality is necessary to achieve our goal, which is long term archiving of files. This term means functionality that will enable the possibility to archive files with evidence about preservation integrity and confidentiality of archived files during a long period of their existence. This part of the thesis contains a theoretical design that aims to accomplish this goal. Description of the implementation follows after theoretical design. This functionality is implemented in form of a dedicated system. Archiving of files is triggered by a modified application, used in the Nextcloud server. This process will create a copy of the file to be archived on a separate hard drive. It will obtain evidence about integrity when storing the file and it will strengthen this evidence by obtaining a new one in regular periods. This happens on yearly basis. The quality of cryptographic protocols can degrade after a long period. This concept is trying to prevent this phenomenon.
|
|
|
Cryptography and Privacy Protection
Malík, Ondrej ; Dzurenda, Petr (referee) ; Hajný, Jan (advisor)
The main goal of this diploma thesis was to create web applications for issuer, verifier and revocation authority of revocable keyed-verification anonymous credentials system. Applications created in this thesis provide functions for all tasks, that are performed by each entity. Using these applications a global management of RKVAC system is possible. Authentication module created in verifier’s app is universaly usable for access control to any web service. Both issuer’s and revocation authority’s app are compatible with whole RKVAC system and are therefor applicable as central elements of systems.
|
guest ::
