|
| |
|
|
Data-efficient security of cloud storages
Elis, Martin ; Fujdiak, Radek (referee) ; Člupek, Vlastimil (advisor)
This work is focused on problematics of a cloud solution, especially on its security side. It describes the current security trends and approaches used by security engineers when creating sophisticated designs of secure cloud systems. As part of it there is a risk analysis and an overview of the most common types of attacks led against the cloud solutions. Also, this document deals with the possibilities, principles, advantages and negatives of different types of cloud distributions. Another text deals with the usual methods used for accessing the cloud. This thesis contains author’s own design of possible realization. In the next part of the document, process of building a safe cloud data storage is described together with principles of ensuring its security. In the conclusion, the author focuses on comparison of cryptographic algorithms and their behavior depending on the length of a used keys.
|
|
|
Security GAP analasys in enterprise environment
Sommer, Vojtěch ; Kornelly, Aleš (referee) ; Sedlák, Petr (advisor)
The diploma thesis deals with level of information security in selected company environment. For this purpose, a security GAP analysis will be performed based on the recommended standard ISO/IEC 27002. Based on the performed analysis a proposal of security precautions is suggested, which should reduce risk of threats under the acceptable level and also should no longer be in conflict with mentioned standard.
|
|
|
Security of wireless computer networks
Jelínek, Martin ; Pelka, Tomáš (referee) ; Doležel, Radek (advisor)
The master's thesis deals with the issue of Wireless Local Area Network (WLAN) from the viewpoint of the security and functional principle of security mechanisms. The transition to the issue concerning the security is accompanied by the methods of wireless data transmission operating on the level of physical layer (FHSS, DSSS, OFDM, MIMO), which is followed by the summary of individual 802.11 standards. The next part deals with the issue of shared transmission medium (CSMA/CA), influence of interference and correcting mechanisms (RTS/CTS). Within the security, the principles of the authentication along with the commonly used methods of security (WEP, WPA, WPA2) are described in detail. The first part concerning security deals with the security in the form of the WEP protocol, which is considered insufficient nowadays and points out the imperfect implementation and the consequent risks. The following part describes the security in the form of WPA which eliminates the implementation weaknesses of the previous WEP security protocol. The description of commonly used mechanisms of authentication (PSK, 802.1x), required temporary key management (PTK, GTK), data integrity (MIC) and encryption which uses TKIP protocol are also included. The last part, possible WLAN security, is aimed at the full support of 802.11i standard, which is called WPA2 (sometimes RSN). That part describes the basic encryption security element CCMP, which is based on the AES block cipher modes. The practical part of the thesis deals with the security verification of current wireless networks. In the process of verification the accessible HW means and programming tools of Open Source Software (OSS) are used. By means of verification it has been pointed out that there are possible security risks resulting from the security method which has been used. Also several recommendations how to reduce the security risks of the used method to minimum are mentioned.
|
|
|
Library of Algorithms for Text Ciphering
Mikulka, Jiří ; Havel, Jiří (referee) ; Kubíček, Radek (advisor)
This thesis brings an overview of historical and modern methods and approaches used in cryptography. It also describes and assesses ciphers, which have been used since the very beginning of encryption till modern ciphers. Based on information resulting from this overview the reader should be able to distinguish between ciphers, know their advantages and disadvantages, and be able to choose the best cipher for any purpose. Ciphers mentioned in this thesis are implemented in a library called CipherLib , which shows usage of every described cipher.
|
|
|
Modern trends in Wi-Fi IEEE 802.11 networks security
Lieskovan, Tomáš ; Škorpil, Vladislav (referee) ; Endrle, Pavel (advisor)
This work treats the matters of wireless networks, Wi-Fi. The paper describes the various principles of coding, such as WEP, WPA and WPA2. At first the WEP security method is analyzed with the view of the fact that it doesn´t meet contemporary safety requirements, further its successor WPA, namely TKIP and AES authentication methods, and last but not least WPA2 which nowadays serve as a safety standard. The work assesses the safety risks of individual security methods and makes several recommendations to achieve maximum security for wireless networks. In the work a commercially available hardware and for free dissemination available software (Open Source) are used.
|
|
|
Secured audio codec for Asterisk PBX
Jakubíček, Michal ; Sysel, Petr (referee) ; Krajsa, Ondřej (advisor)
This thesis is focused on the design of secured audio codec for Asterisk PBX. The first chapter is focused on the basic division of traditional PBX producers and the open source PBX. The second chapter explains the structure of Asterisk PBX and its fundamental difference from a traditional PBX. Asterisk is based on components called modules, therefore the work also deals with the most important modules for operation of exchanges and their division of terms of support and dividing by the type of application and their properties. In this chapter there are described in more detail audio codec A-law and u-law. The third chapter contains simple instructions to get your orientation in the construction of the module for Asterisk PBX and this guide is accompanied by a simple example of creating a module demonstration of his method of translation, commissioning and loaded into Asterisk. Simulation of voice security is in the fourth chapter which provides a description of the proposed security solutions with subsequent implementation in Simulink. This simulation verifies the functionality of the solution proposed security phone call. In the fifth chapter outlines the historical use of encryption techniques primarily mirroring the spectrum and time division signal and comparing them with current modern digital technics. In the last sixth chapter is the actual implementation audio codec module with encryption.
|
|
|
Security of operating systems
Kuchař, Karel ; Komosný, Dan (referee) ; Člupek, Vlastimil (advisor)
This bachelor thesis is focused on security of operating systems, which is more and more important. At first, basics of security of operating systems will be covered, followed by describing elements, which help secure communication on internet. In the third chapter, there are discussed the most using operating systems in terms of security and mentioned their most common weaknesses. Following chapter talks about scenarios in which is defined how to properly set each part of the system, so it is secure; also, security applications that make operating system more secure are mentioned. In fifth chapter are above mentioned scenarios applied to virtual machines. To test chosen security settings were individual machines exposed to penetration test. Afterwards, the chosen security settings are evaluated and further steps are recommended. The goal of this thesis is to apprise with problems of security of operating systems and the importance of implementation of security measures.
|
|
|
Safe Cryptography Algorithms
Mahdal, Jakub ; Hanáček, Petr (referee) ; Chmelař, Petr (advisor)
This thesis brings a reader an overview about historical and modern world of cryptographic methods, as well evaluates actual state of cryptographic algorithm progressions, which are used in applications nowadays. The aim of the work describes common symmetric, asymmetric encryption methods, cryptographic hash functions and as well pseudorandom number generators, authentication protocols and protocols for building VPNs. This document also shows the basics of the successful modern cryptanalysis and reveals algorithms that shouldn't be used and which algorithms are vulnerable. The reader will be also recommended an overview of cryptographic algorithms that are expected to stay safe in the future.
|
|
|
Portal for the support of cryptography instruction
Forman, Tomáš ; Doležel, Radek (referee) ; Zeman, Václav (advisor)
The main goal of this master's thesis is building of web portal for presentation basic cryptography algorithms. Those algorithms would be explained in the theoretical page in the first place. After that, they would be demonstrated by scripts. One part of this project is designing simplified theoretical element for basic impletion portal of information. Next part is creating web portal by one of the free available CMS´s systems. Programming language JAVA would be used as an instrument for creating demonstration scripts. For creating animations will be used the Flash animation tool. Target of formed web portal is creating community of expert public. It would make new articles, scripts and knowledge. This way, the portal would be kept current. The section which would include failure the most widely used algorithms and instructions how to eliminate it will be part of portal.
|
guest ::
