|
|
Detection of Expressions with Undefined Behavior in C Language
Hellebrandt, Lukáš ; Vojnar, Tomáš (oponent) ; Müller, Petr (vedoucí práce)
This thesis engages in detection of undefined behavior in the C language programs. We focus on undefined behavior stemming from incorrect work with sequence points and side effects. We perform a theoretical analysis and put terms like undefined behavior or side effect in context of the paper. Furthermore, we explain dangerousness of the constructs leading to undefined behavior. We propose a method for automated detection of the mentioned kind of undefined behavior. Finally, we design and implement a tool for its automated static detection and show the principles of the tool’s function. While designing the tool, contrary to current solutions, we stress functionality even in cases like accessing the memory via a pointer or from a called function. The thesis contains examples of dangerous constructs, functions of the created tool are demonstrated on some of them.
|
|
|
Bezpečnostní analýza karet Mifare Classic
Bobčík, Martin ; Hellebrandt, Lukáš (oponent) ; Hujňák, Ondřej (vedoucí práce)
Cílem této bakalářské práce je studium bezpečnosti chytrých, bezkontaktních karet MIFARE Classic a analýza rizik spojených s jejich využíváním. Popisuje jednotlivé známé zranitelnosti v návrhu těchto karet a jejich šifrovacího algoritmu CRYPTO1. V této práci je dále experimentováno se zařízením Chameleon Mini, s jehož pomocí jsou provedeny dva útoky a jedna kryptoanalýza karty. Konkrétně emulace karty, relay útok a analýza nedostatečné náhodnosti generátoru pseudonáhodných čísel karty. Z těchto se úspěšně podařila pouze emulace karet.
|
|
|
FreeIPA - URI Based Access Management
Hellebrandt, Lukáš ; Michal, Bohumil (oponent) ; Kašpárek, Tomáš (vedoucí práce)
The goal of this thesis is designing and implementing access management based on URI of the requested resource. Host Based Access Control in the identity management tool FreeIPA was used as a basis for implementation. Furthermore, it was necessary to enhance the related infrastructure, namely the SSSD tool. The authorization module for Apache HTTP Server was used as an example of the application using URI-based HBAC. The main solved problem was design of the infrastructure for communication of the necessary parameters and strategy proposal for evaluating HBAC rules which define the access rights. The complete solution was demonstrated on the example of securing an instance of the web application Wordpress.
|
|
|
Security and Performance Testbed for Simulation of Proof-of-Stake Protocols
Kotráš, Jan ; Hellebrandt, Lukáš (oponent) ; Malinka, Kamil (vedoucí práce)
This diploma thesis deals with blockchain technology with focusing on the consensus protocols, especially on proof-of-stake protocols type. This thesis describes blockchain technology followed by description of consensus in this technology. First part precisely describes a comparison of specific proof-of-stake protocols based on the theoretical knowledge. Second part of thesis focuses on the design and the implementation of a testbed. The testbed is used for comparison of proof-of-stake protocols practically. In the last section of thesis, we discuss our observed properties of proof-of-stake protocols and on this basement we indicate some next ways of evolution and improvement in the consensus and proof-of-stake protocols.
|
|
|
Security and Performance Testbed for Simulation of Proof-of-Stake Protocols
Kotráš, Jan ; Hellebrandt, Lukáš (oponent) ; Malinka, Kamil (vedoucí práce)
This diploma thesis deals with blockchain technology with focusing on the consensus protocols, especially on proof-of-stake protocols type. This thesis describes blockchain technology followed by description of consensus in this technology. First part precisely describes a comparison of specific proof-of-stake protocols based on the theoretical knowledge. Second part of thesis focuses on the design and the implementation of a testbed. The testbed is used for comparison of proof-of-stake protocols practically. In the last section of thesis, we discuss our observed properties of proof-of-stake protocols and on this basement we indicate some next ways of evolution and improvement in the consensus and proof-of-stake protocols.
|
|
|
Bezpečnostní analýza karet Mifare Classic
Bobčík, Martin ; Hellebrandt, Lukáš (oponent) ; Hujňák, Ondřej (vedoucí práce)
Cílem této bakalářské práce je studium bezpečnosti chytrých, bezkontaktních karet MIFARE Classic a analýza rizik spojených s jejich využíváním. Popisuje jednotlivé známé zranitelnosti v návrhu těchto karet a jejich šifrovacího algoritmu CRYPTO1. V této práci je dále experimentováno se zařízením Chameleon Mini, s jehož pomocí jsou provedeny dva útoky a jedna kryptoanalýza karty. Konkrétně emulace karty, relay útok a analýza nedostatečné náhodnosti generátoru pseudonáhodných čísel karty. Z těchto se úspěšně podařila pouze emulace karet.
|
|
|
FreeIPA - URI Based Access Management
Hellebrandt, Lukáš ; Michal, Bohumil (oponent) ; Kašpárek, Tomáš (vedoucí práce)
The goal of this thesis is designing and implementing access management based on URI of the requested resource. Host Based Access Control in the identity management tool FreeIPA was used as a basis for implementation. Furthermore, it was necessary to enhance the related infrastructure, namely the SSSD tool. The authorization module for Apache HTTP Server was used as an example of the application using URI-based HBAC. The main solved problem was design of the infrastructure for communication of the necessary parameters and strategy proposal for evaluating HBAC rules which define the access rights. The complete solution was demonstrated on the example of securing an instance of the web application Wordpress.
|
|
|
Detection of Expressions with Undefined Behavior in C Language
Hellebrandt, Lukáš ; Vojnar, Tomáš (oponent) ; Müller, Petr (vedoucí práce)
This thesis engages in detection of undefined behavior in the C language programs. We focus on undefined behavior stemming from incorrect work with sequence points and side effects. We perform a theoretical analysis and put terms like undefined behavior or side effect in context of the paper. Furthermore, we explain dangerousness of the constructs leading to undefined behavior. We propose a method for automated detection of the mentioned kind of undefined behavior. Finally, we design and implement a tool for its automated static detection and show the principles of the tool’s function. While designing the tool, contrary to current solutions, we stress functionality even in cases like accessing the memory via a pointer or from a called function. The thesis contains examples of dangerous constructs, functions of the created tool are demonstrated on some of them.
|
host ::
RSS.