|
|
SELinux application for Linux server security
Jirka, Michal ; Pelka, Tomáš (referee) ; Šimek, Milan (advisor)
This work is engaged in access control mechanism in GNU/Linux operating systems. At first discretionary and mandatory access control are compared and examine basic technologies based on mandatory access control. More closely is focused on project SELinux, whose generation of new rules is explained. Within the thesis is made application for logging evaluation and for writing new Type Enforcement rules.
|
|
|
Interactive Web Page Design Environment
Moravec, Jaroslav ; Očenášek, Pavel (referee) ; Burget, Radek (advisor)
This master's thesis describes an environment for creation and management of interactive web pages. It deals with both the structure design and the visual part. The basic idea is that the page consists of individual elements that can be arbitrarily composed together. There exist several kinds of such elements: interactive, content, database and informative elements. Furthermore, the environment includes tools for account management, access control, database administration, auditing, multilanguage support and some more.
|
|
|
Electronic Security Systems
Tomek, Dominik ; Baumgartnerová, Alena (referee) ; Rujbrová, Šárka (advisor)
Cílem této práce je seznámit čtenáře s nejběžněji používanými elektronickými zabezpečovacími systémy. Práce popisuje základní principy, vlastnosti a využití moderních elektronických zabezpečovacích systémů používaných v domácnostech a firmách. Dále práce porovnává jednotlivá zabezpečovací zařízení, která se v těchto systémech používají a uvádí jejich výhody a nevýhody. Tento dokument je vhodný pro studenty a osoby, které chtějí začít pracovat v tomto oboru nebo je tato problematika pouze zajímá.
|
|
|
Cryptography and Privacy Protection
Malík, Ondrej ; Dzurenda, Petr (referee) ; Hajný, Jan (advisor)
The main goal of this diploma thesis was to create web applications for issuer, verifier and revocation authority of revocable keyed-verification anonymous credentials system. Applications created in this thesis provide functions for all tasks, that are performed by each entity. Using these applications a global management of RKVAC system is possible. Authentication module created in verifier’s app is universaly usable for access control to any web service. Both issuer’s and revocation authority’s app are compatible with whole RKVAC system and are therefor applicable as central elements of systems.
|
|
|
Multiplatform authentication system
Pokorný, Lukáš ; Hajný, Jan (referee) ; Malina, Lukáš (advisor)
This thesis describes the design of a multiplatform authentication system that enables user authentication by using a wide variety of authentication tokens. The theoretical part is devoted to an overview of authentication interfaces with focus on modern methods of verification. There is also an overview of authentication schemes. The practical part gives requirements for an authentication terminal and sets a specific hardware structure, including the specification of individual functional blocks. The implementation of the software logic uses Java and JavaScript programming languages. Attention is also paid to the used authentication schemes including details and comparison of used platforms. Finally, we evaluate the user and security aspects of the proposed solution. It is also given the possibility of additional hardware and software optimization.
|
|
|
Test implementation of the ACP protocol
Ležák, Petr ; Strašil, Ivo (referee) ; Burda, Karel (advisor)
In general this master’s thesis deals with access control methods and their individual modules and in particular with authentication of supplicants. There are listed authentication methods useful in the implementation of the ACP protocol. ACP protocol is also discussed including possibilities and uses. ACP message format is described in detail with AVP format and types. The transaction mechanism is also mentioned here. The main part of the thesis is focused on software design for protocol testing. Possibilities of the testing are discussed and test scenarios are suggested. Consequently, requirements for test software are listed and its implementation is designed. Furthermore, there is technical documentation of the program. The main ideas used in the program are explained in it. The purpose of each part of the program is written including links between them. Finally, there is a manual for the program. It also contains an illustrative example describing how to make and test a simple scenario of the authentication.
|
|
|
Modern access control system
Vomáčka, Martin ; Hajný, Jan (referee) ; Malina, Lukáš (advisor)
The thesis describes the design of scheme for access system with user authentication via smart cards. The first chapter explains various types of identification items used for authentication of users and different types of readers and terminals, followed by chapter 2 with a deeper insight on smart cards with focus on their types, what internal structure and principle of communication with card readers are used, etc. with primary focus on Java cards. The third chapter describes Java Card cryptography - especially elliptic curve cryptography used on this platform. The fourth part focuses on PACE protocol with subsections dedicated to the individual parts of the protocol and its applicability to smart cards environment. Chapter 5 explains the proposed design of the authentication scheme elaborated in the thesis, including a detailed description of specific parts, their funcionality and exemplary usage in the created applications.
|
|
|
Physical Security in an Industrial Company
Konečný, Pavel ; Ondrák, Viktor (referee) ; Sedlák, Petr (advisor)
The diploma thesis focuses on physical security solutions in an organization acting in a metallurgy segment. The analytical part identifies the weaknesses in individual areas of physical security according to ČSN/ISO 27 000 regulation. The practical part is divided into individual chapters bringing suggestions for corrections, modernization and modifications of the system. The theoretical part deals mainly with clarification of the terminology and proceses used in the practical part. I see the benefit of my work in the practical suggestions for the changes. If they are implemented correctly, the physical security of the organization will be of high quality.
|
|
|
Secure communication within the PX4 platform
Ligocki, Roman ; Martinásek, Zdeněk (referee) ; Číka, Petr (advisor)
PX4 platforma je jedna z nepoužívanějších softwarových balíčků pro řízení bezpilotníhosystému. Používá MAVLink protokol pro komunikaci mezi autopilotem, pozemní stanicía dalšími zařízeními v MAVLink síti. Je speciálně navržen pro bezpilotní systémy použí-vající rádia s nízkou datovou propustností. S rostoucím počtem těchto zařízení docházírovněž k růstu počtu útoků na tyto systémy. Tato diplomová práce obsahuje analízua popis bezpečnostních nedostatků v telemetrické komunikaci platformy PX4 běžící naprotokolu MAVLink. Na základě těchto nedostatků byla dále navržená a implementovánabezpečnostní řešení. Tato implementace zahrnuje šifrování, řízení přístupu, autentizacia systém pro výměnu klíčů. Bezpečnostní implementace je postavená na knihovně Mo-noCypher. Všechny části práce jsou naprogramováno v jazyce C. Cílem autora je sdíletvýsledky, kterých dosáhl s komunitou kolem paltformy PX4. Proto během finální částipráce vznikl pull request do veřejného repozitáře.
|
|
|
Integration of SELinux Audit Logs into ABRT Tool
Vrabec, Lukáš ; Kačic, Matej (referee) ; Barabas, Maroš (advisor)
The main aim of the thesis is to introduce the security of Linux operating systems and the access control list mechanism. The thesis focuses on processing security messages produced by the security mechanism into logging services and on displaying those messages. In addition, the thesis includes a concept solution and its implementation, which integrates security messages into a centralized system, keeps them and reports bugs in the Linux community distribution Fedora and in the Linux commercial distribution Red Hat Enterprise Linux.
|
guest ::
