|
|
Tools for identity management in information systems
Fúdor, František ; Hynek, Jiří (referee) ; Burget, Radek (advisor)
Integration between midPoint and KeyCloak using OpenID Connect. Providing single sign-on, single logout and session control. Implementation of two Spring Boot applications using the OIDC client. The first application demonstrates ID token consumption and calling the userinfo endpoint and demonstrates single sign-on and sign logout functionality. The second application demonstrates an authorized call to the midPoint API endpoint which initiates a leave request that creates an approval process on a given user’s manager towards the midPoint. This environment provides central identity management.
|
|
|
Laboratory excercise on authentication cards for access control systems
Monček, Martin ; Zeman, Václav (referee) ; Burda, Karel (advisor)
The main objective of this document is to create a laboratory assignment for subject ZSY, in which students learn how access control systems and card used in it work. They also experience card cloning in both 125 kHz and 13.56 MHz MIFARE classic access control systems. This article summarizes history of access control systems and describe their basic components in addition it summarizes use case and possibilities which is given to modern systems by its control software in its next part article describes the history of identification tags and various possibilities of cloning them. In the last chapter it describes the assignment itself and its prerequisites.
|
|
|
SELinux application for Linux server security
Jirka, Michal ; Pelka, Tomáš (referee) ; Šimek, Milan (advisor)
This work is engaged in access control mechanism in GNU/Linux operating systems. At first discretionary and mandatory access control are compared and examine basic technologies based on mandatory access control. More closely is focused on project SELinux, whose generation of new rules is explained. Within the thesis is made application for logging evaluation and for writing new Type Enforcement rules.
|
|
|
Interactive Web Page Design Environment
Moravec, Jaroslav ; Očenášek, Pavel (referee) ; Burget, Radek (advisor)
This master's thesis describes an environment for creation and management of interactive web pages. It deals with both the structure design and the visual part. The basic idea is that the page consists of individual elements that can be arbitrarily composed together. There exist several kinds of such elements: interactive, content, database and informative elements. Furthermore, the environment includes tools for account management, access control, database administration, auditing, multilanguage support and some more.
|
|
|
Electronic Security Systems
Tomek, Dominik ; Baumgartnerová, Alena (referee) ; Rujbrová, Šárka (advisor)
Cílem této práce je seznámit čtenáře s nejběžněji používanými elektronickými zabezpečovacími systémy. Práce popisuje základní principy, vlastnosti a využití moderních elektronických zabezpečovacích systémů používaných v domácnostech a firmách. Dále práce porovnává jednotlivá zabezpečovací zařízení, která se v těchto systémech používají a uvádí jejich výhody a nevýhody. Tento dokument je vhodný pro studenty a osoby, které chtějí začít pracovat v tomto oboru nebo je tato problematika pouze zajímá.
|
|
|
Cryptography and Privacy Protection
Malík, Ondrej ; Dzurenda, Petr (referee) ; Hajný, Jan (advisor)
The main goal of this diploma thesis was to create web applications for issuer, verifier and revocation authority of revocable keyed-verification anonymous credentials system. Applications created in this thesis provide functions for all tasks, that are performed by each entity. Using these applications a global management of RKVAC system is possible. Authentication module created in verifier’s app is universaly usable for access control to any web service. Both issuer’s and revocation authority’s app are compatible with whole RKVAC system and are therefor applicable as central elements of systems.
|
|
|
Multiplatform authentication system
Pokorný, Lukáš ; Hajný, Jan (referee) ; Malina, Lukáš (advisor)
This thesis describes the design of a multiplatform authentication system that enables user authentication by using a wide variety of authentication tokens. The theoretical part is devoted to an overview of authentication interfaces with focus on modern methods of verification. There is also an overview of authentication schemes. The practical part gives requirements for an authentication terminal and sets a specific hardware structure, including the specification of individual functional blocks. The implementation of the software logic uses Java and JavaScript programming languages. Attention is also paid to the used authentication schemes including details and comparison of used platforms. Finally, we evaluate the user and security aspects of the proposed solution. It is also given the possibility of additional hardware and software optimization.
|
|
|
Test implementation of the ACP protocol
Ležák, Petr ; Strašil, Ivo (referee) ; Burda, Karel (advisor)
In general this master’s thesis deals with access control methods and their individual modules and in particular with authentication of supplicants. There are listed authentication methods useful in the implementation of the ACP protocol. ACP protocol is also discussed including possibilities and uses. ACP message format is described in detail with AVP format and types. The transaction mechanism is also mentioned here. The main part of the thesis is focused on software design for protocol testing. Possibilities of the testing are discussed and test scenarios are suggested. Consequently, requirements for test software are listed and its implementation is designed. Furthermore, there is technical documentation of the program. The main ideas used in the program are explained in it. The purpose of each part of the program is written including links between them. Finally, there is a manual for the program. It also contains an illustrative example describing how to make and test a simple scenario of the authentication.
|
|
|
Modern access control system
Vomáčka, Martin ; Hajný, Jan (referee) ; Malina, Lukáš (advisor)
The thesis describes the design of scheme for access system with user authentication via smart cards. The first chapter explains various types of identification items used for authentication of users and different types of readers and terminals, followed by chapter 2 with a deeper insight on smart cards with focus on their types, what internal structure and principle of communication with card readers are used, etc. with primary focus on Java cards. The third chapter describes Java Card cryptography - especially elliptic curve cryptography used on this platform. The fourth part focuses on PACE protocol with subsections dedicated to the individual parts of the protocol and its applicability to smart cards environment. Chapter 5 explains the proposed design of the authentication scheme elaborated in the thesis, including a detailed description of specific parts, their funcionality and exemplary usage in the created applications.
|
|
|
Physical Security in an Industrial Company
Konečný, Pavel ; Ondrák, Viktor (referee) ; Sedlák, Petr (advisor)
The diploma thesis focuses on physical security solutions in an organization acting in a metallurgy segment. The analytical part identifies the weaknesses in individual areas of physical security according to ČSN/ISO 27 000 regulation. The practical part is divided into individual chapters bringing suggestions for corrections, modernization and modifications of the system. The theoretical part deals mainly with clarification of the terminology and proceses used in the practical part. I see the benefit of my work in the practical suggestions for the changes. If they are implemented correctly, the physical security of the organization will be of high quality.
|
guest ::
