|
| |
|
|
Design of an Information System Part
Kaššák, Marián ; Markus, Jakub (referee) ; Neuwirth, Bernard (advisor)
The diploma thesis deals with the analysis of the company and the focus on data security. Based on the company analysis and requirements is designed a new system of employee authorization in CMS systems of the company. The design of the employee authorization API solution is based on the OAuth 2.0 protocol.
|
|
|
Web Services Security
Kubáni, Tomáš ; Doležel, Radek (referee) ; Malina, Lukáš (advisor)
The bachelor thesis analyzes the current state of Web services and their security. The first chapter describes the construction details, options and features web services, with primary focus on the technologies (SOAP, XML, HTTP, WSDL, etc.) used for communicating and processing information and resources. The most important part of this work is focused on cryptography and security for these services. The essence of cryptography and encryption methods is explained, the main safety requirements and security mechanisms is pointed out, security standards are presented and compared. Finally, the bachelor thesis contains the theoretical and practical proposal of our secure Web Service, according to selected and necessary criteria.
|
|
|
Methods of Authentication to WiFi Network
Valašek, Filip ; Kašpárek, Tomáš (referee) ; Lampa, Petr (advisor)
This diploma thesis deals with authentication using RADIUS protocol and authentication methods in accordance with standard IEEE 802.1X. At the beginning there are shortly characteristics of chosen authentication methods, such as CHAP, PAP and some EAP types. Document includes summary of RADIUS protocols implementations, especially the FreeRADIUS server. Our goal is to implement a management tool to adminitrate FreeRADIUS server.
|
|
|
Implementation of External Authentication Modules for nginx
Kameníčková, Petra ; Očenášek, Pavel (referee) ; Rychlý, Marek (advisor)
This bachelor's thesis describes the process of design and development of authentication modules for nginx web server. These modules are used for enrollment of nginx-based applications and services into FreeIPA environment. The first part of the thesis explains the basics of FreeIPA and nginx architectures and principles of Kerberos and PAM authentication mechanisms as well. The second part of the thesis solves the practical problems - existing Apache modules analysis, nginx design description and implementation details. The last part describes confi guration requirements and possible enhancements.
|
|
|
Secure and Usable Password Manager
Haderka, Martin ; Firc, Anton (referee) ; Malinka, Kamil (advisor)
Přístupové údaje jsou nedílnou součástí uživatelů internetu. Jedná se o mechanizmus, který umožňuje prokázání se, že se jedná oprávněnou osobu a zároveň zabraňuje znežití osobních dat cizími uživateli. Počet hesel, který si dnešní uživatel musí zapamovat, se v posledních letech značně navýšil. Existují programy (správci hesel), které tento problém uživatelům ulehčují, a jsou zároveň snadno dostupné. Přesto je používá málo lidí. Cílem této práce je zjištění problémů, které mají dopad na použitelnost správců hesel a zároveň se snaží nabídnout řešení těchto problémů. Součástí analýzy je i nalezení bezpečnostních a použitelnostních nedostatků, kterými aktuálně správci hesel trpí. V poslední části je navržena a implementována ukázka správce hesel, který nabízí důležité funkce, je dostupný a snadno použitelný všemi uživateli internetu.
|
|
|
Company User Authentication Proposal
Klaška, Patrik ; Jordán, Vilém (referee) ; Ondrák, Viktor (advisor)
This thesis is focused on the creation of functional authentication process of users into computer network in company Wistron InfoComm s.r.o. and discusses issues related to this process. The main aim of the thesis is to implement a functional and simultaneously realistic solution based on the company's requirements as well as described problems associated with the implementation of this solution.
|
|
|
Microelectronics Time-Space Authentication Techniques
Jaroš, David ; Burda, Karel (referee) ; Sýkora, Jiří (referee) ; Kuchta, Radek (advisor)
This dissertation work focusses on using information about the location of the user during the authentication process on computer networks. With the growth of mobile computer devices over the last two decades the physical location of users is becoming one of the main issues for access management. This work researches existing solutions which are divided in to two groups related to the source of location information (SATNAV systems for example GPS and based on communication with active infrastructure such as GSM, Wi-Fi). This work shows the methodology for evaluating authentication data which use the principle of fuzzy logic. In comparison with binary logic it is possible to evaluate authentication data accurately. As a result of the authentication process the information is of a higher value, which can be taken into account when setting the levels of user privileges. An important aspect of working with location information is that the user is located in the same place and from where they are asking for access to the system. Solving this question could be linking user biometrics for example finger prints. This principle is used in two types of microelectronic authentication terminals which were developed in conjunction with this work. The first type of terminal uses a SATNAV receiver and an ISM wireless communication module as a source of location information. On the first type of authentication terminal newly developed authentication techniques were tested. The users biometrics are checked by finger print sensor with embedded processing. In the second type authentication terminal a Wi-Fi and GSM module were added for location purposes. In the conclusion of this dissertation the testing methodology of the data authorization and evaluation process of the second type of microelectronic authentication terminal is shown. This confirms the practicality of the suggested methodology and the time-space information in the authentication process.
|
|
|
Authorization and Authentication Solutions on the Java Platform
Geffert, Maroš ; Rychlý, Marek (referee) ; Burget, Radek (advisor)
The aim of this work is to analyze the current authentication and authorization libraries on the Java platform and create a web application that supports user authentication, including multi-phase authentication (MFA), user and group authorization and is resistant to the most common attacks. I performed an analysis of existing solutions and based on best practises, I created my own solution. As an implementation language I used Java 11 and libraries Spring Framework, Spring Security, MyBatis and a tool for sending HTTP queries Postman. The implemented service satisfy the set criteria, while I tested the functionality of the proposed solutions and the time-consuming process of access control.
|
|
|
Security protocols in practice
Milfajt, Jiří ; Koutný, Martin (referee) ; Pelka, Tomáš (advisor)
This bachelor's thesis maps the most used AAA protocols in these days. These protocols include RADIUS, TACACS+, DIAMETER and KERBEROS. The first part considers its main signs. Then there is describes basic communication between user and server. The thesis also compares each protocol by its advantages, disadvantages and its possible security weaknesses. The second part is dedicated to configuration of RADIUS and KERBEROS protocol.
|
guest ::
