|
|
New approaches in a field of cryptology: using a biological material
Jeřábková, Kamila ; Ivánek, Jiří (advisor) ; Palovský, Radomír (referee)
Biological cryptology, a new branch of cryptology combines computer science and chemistry together. It uses biological molecules, such as DNA, RNA, PNA or proteins, or it is inspired by biological principles happening in living cells. Biological cryptology is still in the development stage, so the goal of my Master thesis is to describe existing biological cryptologic methods and to draw interest in this new field. Thus the first chapter states advantages of biological cryptology. Then three big chapters follow afterwards, describing chemical background, DNA computing and the most importantly a field of DNA cryptology. In the last chapter I summarized drawbacks which turned up while I was studying those methods and which need to be handled before biological cryptology moves from labs into our normal lives.
|
|
|
One Time Passwords
Škarda, Filip ; Pavlíček, Luboš (advisor) ; Palovský, Radomír (referee)
This Bachelor thesis describes the one-time passwords and their various implementation possibilities. The one-time passwords are passwords, which are valid only for one login or transaction. In contrast to regular passwords, one-time passwords are immune against reply attacks, which means that if a possible attacker eavedroppes the used password, he cannot exploit it, because it is not valid anymore. The theoretical section of the thesis explains the reasons for using one-time passwords and demonstrates some particular OTP systems. The practical section shows two different examples of using open-source OTP systems. The first one describes the use of OTPasswd for authentication to a server over SSH, the other one uses MultiOTP PHP class for authentication to a web application.
|
|
|
CMS model in the browser
Herma, Tomáš ; Palovský, Radomír (advisor) ; Hubáček, Josef (referee)
This Bachelor thesis deals with creation of a web application that lets a user manage not only the content but also a web page design. The first part of work analyses the current freely available content management systems. The second part describes the selected technology and creation of a separate application.
|
|
|
SELinux security policies for chosen applications of KDE desktop environment
Vadinský, Ondřej ; Palovský, Radomír (advisor) ; Šmejkal, Ivo (referee)
This thesis deals with technologies of SELinux security policy writing. Furthermore the thesis analyzes userspace of GNU/Linux operating system with special focus on KDE desktop environment. On the basis of this analysis a bottom-up methodics to create a security policy is devised. Acquired knowledge is then used in practice when realizing the main goal of the thesis, which is to create example security policies for chosen KDE applications. When describing technologies of security policy writing the thesis draws information from available sources of information. Input for userspace analysis are available electronic sources of information and author's own experience with analyzed applications. This is used with common philosophic principles to devise bottom-up methodics of policy writting. Following act of policy building draws from defined security goals, acquired knowledge, created methodics and defined usecases. Theoretical contribution of the thesis is devised methodics of userspace policy building. Main practical contribution are then created example SELinux policies for chosen KDE applications. The structure of the thesis follows its goals. For them three parts are created: background research of available resources, author's own theoretical contemplations and practical output of the thesis. Those parts are then devided into sections according to needs of each topic.
|
|
|
Building and using of small computer network
Sládek, Jiří ; Pinkas, Otakar (advisor) ; Palovský, Radomír (referee)
This text disserts on technological standards used in small local company networks and on these technologies itselfs. It focuses on basic network technologies, services built on TCP/IP network protocol, wired networks, wireless networks and active network components. Practical part is concerned with mapping and describing specific local network, testing of its functionality and satisfying users' original requirements. Results of this part will be used in network documentation.
|
|
|
Operating Systems' Resource Access Control Models
Vopička, Adam ; Pavlíček, Luboš (advisor) ; Palovský, Radomír (referee)
The thesis deals with models used in access control to operating systems' resources. The thesis' goals are the theoretical description of these models and their comparison, the description of their implementations in selected operating systems and the description of their utilization in securing typified servers. In the first chapter, the reader is introduced to basic terms and principles of computer security and access control. In the second, also theoretical part, selected access control models are described from different viewpoints, for example their factual specialization, basic rules, principles and evolution. At the end of the chapter, the models are compared to each other according to specified criteria. The third, more practically oriented chapter, continues from the initial, both general and concrete introduction with operating systems, to description of access control model implementations in selected operating systems. At the end of the chapter, these implementations too are compared according to specified criteria. The fourth, final part, is dedicated to the description of the actual securing of a web and file server using operating system level access control means. The end of the chapter is dedicated to the possibilities of using these means to secure web applications. The contribution of this thesis from the theoretical point of view is a well-arranged and compact access control model comparison, and also the merger of the theoretical base with practical use of the described model implementations. The thesis is recommended to people interested in the computer security issues in general and people interested in access control from both theoretical and practical sides, e.g. system administrators or system designers.
|
|
|
Comparison of Microsoft Hyper-V and Citrix XenServer
Ferbr, David ; Pavlíček, Luboš (advisor) ; Palovský, Radomír (referee)
This work aims at comparison of the two freely availabe virtualization solutions developed by commercial companies. It analyses the possibilities provided ty these products, their management tools and procedures and the consequences resulting from their differences. These goals are achieved through studying the available resource about the products and virtualization in general, followed by doing a practical test of running the products. The work provides the reader with guide to choosing the right virtualization tool and shows the ways how to work with it. It starts with explaining the basic terms in the area of virtualization and continues by introducing the products and their features and how to manage and use them, finishing with the conlusive evaluation.
|
|
|
Database design for ISP
Mareček, Aleš ; Palovská, Helena (advisor) ; Palovský, Radomír (referee)
This bachelor thesis deals with analysis, design and implementation of database application, which could benefit an organization providing internet access. The whole text is built on several years of personal experience of the author in providing an Internet connection. Main goal of this thesis is to create a flexible database design and test it successfully in a database system, Oracle 10g Express Edition. The main function of the database is to cover the following three business processes: customer records, asset management and providing an overview of individual employees. Database functionality is verified by the implementation and filling the database with test data.
|
|
|
SELinux
Oblezar, Marek ; Palovský, Radomír (advisor) ; Pavlíček, Luboš (referee)
Bachelor thesis aims to explore and describe the basic principles of SELinux technology. SELinux or Security Enhanced Linux is a technology that enhances the security of Linux systems in such a way that it restricts the set of tasks and files, with which may the given application be working. This is an implementation of so-called managed access control. The work is divided into theoretical and practical part. The theoretical part deals with description of the project status, exploration and summarization of rules or the status of project support of Security Enhanced Linux within Linux distributions. The practical part deals with putting SELinux into operation and evaluation of the security policy tool Multi-Level Security and the subsequent testing of its functionality for selected Linux distributions. The findings are drawn from the project documentation, technical articles, blogs, and conferences in English and Czech languages. Benefits of the bachelor thesis lies mainly in the development of rules for Multi-Level Security on a concrete example, where there is evidence of the functionality of all knowledge and experience gained during the elaboration of this thesis.
|
|
|
Opensource solution for small ISP
Vomáčko, Vít ; Palovský, Radomír (advisor) ; Pavlíček, Luboš (referee)
Focus of this work is to create a comprehensive look at open source solutions to enable small companies to make up their ISP routing infrastructure. Aims to explore the available alternatives for routing software and related services. Then describe the important features and characteristics which are taken from real operation of such a solution and analyze it in parts. Shows how to modify other standard Linux distribution to offer the necessary functionality. Describes the security mechanisms to prevent its further spread of the complexity of the system and degrade its performance. Outlining how to address the monitoring infrastructure as well as running services it provides to customers. It also tries to show which areas are not sufficiently operational and offers suggestions for further work in developing such a solution. Working mainly draws on the experience gained from long-term effort to launch the best solution, but do not tie the hands of its creators and allow colleagues to avoid various failures and shutdowns.
|
guest ::
