|
|
Analysis of deal-of-the-day services market from the viewpoint of security
Maskaliunets, Stanislau ; Veber, Jaromír (advisor) ; Luc, Ladislav (referee)
In this bachelor thesis I analyze the market of deal-of-the-day services from the viewpoint of security. First of all, I describe the security of the information systems as a term. I also explain the methods of securing web applications. Web applications run on HTTP protocol, and the more secure web applications use the HTTPS protocol, which contains the TLS/SSL. In this work I describe working principle of HTTP protocol. I also describe the SSL/TLS protocols and methods of their acquiring. In the theoretical part, I also describe the methods of cryptography. In the practical part, I describe the methods of defense against attacks and analyze the deal-of-the-day services. I describe the evolution of both the world and Czech deal-of-the-day services. At the end, I analyze deal-of-the-day websites security and compare the results of this analysis.
|
|
|
Analysis and implementation of application for digital currency Bitcoin
DRDÁK, František
The thesis is focused on the topic of virtual cryptocurrency Bitcoin. The theoretical part is divided into several chapters. First of all, there is a chapter containing basic information about the currency's history, its development to the present, as well as principles of operation of this currency. Because it is a currency based on cryptographic principles next chapter summarizing cryptographic techniques, which is necessary to know for subsequent analysis of this currency. In other parts is elaborated a detailed analysis of the principles of Bitcoin. The main point of this analysis is a system of transactions, decentralized history, then joining the transactions into blocks and in the end creating blockchain. It also explains the principle of P2P networks. The practical part of this work focuses on the analysis and design of payment applications for mobile devices. There used open-source libraries such BitcoinJ. The application is developed in Java programming language with plugin for portable devices, which work under the operating system Android. For the purposes of analysis and design of graphical user interface is used UML diagrams. The specification of the UML diagrams was utilized by freely available graphics software and the result is also included in this work.
|
|
|
Credit cards on the internet
Kolář, Jiří ; Matuštík, Ondřej (advisor) ; Kalina, Jaroslav (referee)
Using credit cards to buy goods and services is becoming more and more popular and this trend can be observed even when paying by card over the Internet. From a customer perspective is indeed a comfortable and quick way of paying. Merchants realize this and so in their online stores card payment allows. The content of this work illustrates the issue of security of payment cards on the Internet, encryption and secure communication, as a basis for describing 3D Secure standard. The aim is to analyze the security features of payment cards issued by banks and credit institutions operating on the Czech market from the perspective of the owner of the credit card. At the same time to estimate future developments in this sector based on facts and trends.
|
|
|
Online Password Manager
Ort, Štěpán ; Buchalcevová, Alena (advisor) ; Mészáros, Jan (referee)
The objective of this thesis is to show on which principles a modern password manager works. The introductory theoretical part describes cryptographic algorithms and evaluates whether they are suitable for use in current applications. At the same time it presents methods how to create a password which is strong and also easily remembered. The second part explains the key characteristics of a password manager. The last chapter illustrates the architecture of online password storage and the way of communicating with the password manager. Measures that have to be taken in order to make such storage secure are also described here.
|
|
|
Electronic Payment Systems in the Eastern Europe
Achatov, Igor ; Mészáros, Jan (advisor) ; Buchalcevová, Alena (referee)
This paper analyzes the electronic payment systems (EPS) market in the Eastern European countries. The main objective is to analyze the important and currently most popular electronic payment systems in Russia, Belarus, Ukraine, Latvia, Lithuania and Estonia, to provide an overview of all the technical, financial and other options that these systems offer, to create comparable characteristics of the analyzed systems and to compile recommendations and helpful instructions for implementing user or merchant solutions. Another objective is to analyze security technologies used by today's EPS, including solutions of related problems and risk reductions, and provide useful recommendations. The paper is divided into three parts: the first attends to analysis of Russian EPS, examines history of development of EPS and the prospects of Russian payment systems market, also provides detailed analysis of currently most popular EPS in Russia; the second section attends to analysis of EPS markets of Ukraine, Belarus, Latvia, Lithuania and Estonia; in the third part all of the analyzed systems are compared in terms of various criteria and characteristics. The final part of the paper also analyses the issues of EPS security and features methods and ways of solving security related problems. The information provided by the paper can be useful to EPS users and customers, merchants intending to conduct business using electronic payment systems in Eastern Europe, developers and web programmers. The outcome and recommendations of the paper may be used for further analytic, statistical and other purposes.
|
|
|
.NET & Cryptology
PSÍK, Tomáš
The point of this work is to show how to solve certain cryptographic problems in Microsoft .Net Framework 3.5. The work is divided into three parts. The first is an overview of basic classes and methods which can be used to solve particular cryptographic tasks. This part shows how to use these classes and also is an overview of the most common cryptological terminology also used in this work. The second part shows how to use abstract classes prepared in the framework for implementing an application interface, which unifies usage of all cryptographic transformations under .net. The third part is about deciding on quality of certain implemented cryptographic algorithm. Implementing speed testing application for block ciphers and hash function and it also contains references of basic attacks. Implementations of speed testing program, two block ciphers (Rijndael and Skipjack), all in c#, are listed in Appendix.
|
|
|
Comparison of the legislation of electronic signature in selected countries
Hautke, Tomáš ; Toman, Prokop (advisor) ; Svatá, Vlasta (referee)
Focus of this thesis is to compare legislation of electronic signature in the Czech Republic and in the USA. In first chapter are explained basic terms, such as cryptography, certificate or certification authority. Next two chapters deal with laws concerning electronic communication. In chapter about Czech legislation they are electronic signature law and electronic transactions and authorized document conversion law. Moreover, Czech Republic has to abide EU directive. Chapter about USA legislation consists of ESIGN act and UETA. Following chapter is dedicated to problems caused by imperfect legislation. Last chapter contains evaluation of described legislation.
|
|
|
Latest trends in public-key cryptography
Tvaroh, Tomáš ; Ivánek, Jiří (advisor) ; Palovský, Radomír (referee)
The goal of this thesis is to describe principles of public-key cryptography, introduce and compare latest algorithms for asymmetric encryption and point out their advantages over the most popular cryptosystem - RSA. At the beginning, this thesis describes the evolution of public-key cryptography, its differences compared to symmetric-key cryptography and possibilities of using it for data encryption and digital signature. Mathematical background as well as principles of RSA are described afterwards. At the end, this thesis focuses on the latest algorithms on the basis of eliptic curves and their advantages over the most common algorithms are pointed out. The comparison is then summarized and a recommendation for the best cryptosystem is offered.
|
|
|
Methods for maintaining state information in the HTTP protocol
Polsemov, Anton ; Pinkas, Otakar (advisor) ; Šváb, Ondřej (referee)
This bachelor thesis is focusing on HTTP protocol, its features, and technological aspects. The HTTP protocol is stateless so it is necessary to search for methods to keep status information. These methods are cookies, URL query, session id, http authentication, hidden fields in forms, IP address and additional. Every method has its own strong and weak features. Security of these methods influences a final resolution. Ahead of description of the methods, the thesis is concerning cryptography a describing HTTP cookies in detail. The practical section contains an analysis of online banking in Czech Republic and characterization of trends in this brand. Also, an installation of a PHP5, HTTP Apache server, creation and signification of an OpenSSL certificate is in the last chapter and finally, a simple application of online Banking is created.
|
|
|
Comparsion of classic and modern authentication methods
Koudela, Radek ; Doucek, Petr (advisor) ; Cidlina, Jaroslav (referee)
Owing to the growing significance of data protection and informatics in general, the importance of information system security counts among the most actual topics at this time. The main goal of this work is to give a comprehensive overview of the issue of users' authentication, including current trends on this field. There are also described the principles and working methods of classic and modern authentication methods, and listed their pros and cons. The main benefit lies in the comparison of these methods as well as in the evaluation of their deployment. As a result of this are suggestions, which can managers take into account when deciding about the method of authentication, and a description of weak points that need an attention. One part of this work also includes a reliability and performance test of modern biometric device.
|
guest ::
