|
|
Link layer LAN network security
Sedláček, Jiří ; Grenar, David (referee) ; Slavíček, Karel (advisor)
The bachelor‘s thesis is about security concerning local area networks of the data link layer. The goal of the thesis is to characterize basic functioning of the ISO/OSI reference model as well as describing how the data link layer works to understand the topic, specify the possibilities of attacking the data link layer (for example rogue DHCP server, ARP spoofing, CAM table overflow, attacking the spanning tree protocol and others) and possible security measures to protect against the attacks. The purpose of the thesis is also a suggestion for assembling an experimental network relating to the topic of the thesis. Theoretical part determines the most important protocols of the data link layer, methods of abusing them and protection of those protocols. The practical part contains a brief description of the attacks, used utilities for accomplishing the attacks, a network topology, execution of the attacks, detection and protection against the attacks as well as briefly summarizing the results. The thesis also sums up some of the possible recommended configuration to repel the attacks and suggesting how to behave in a cyber environment. For the purpose of simulating the attacks, Kali Linux and Windows 10 are the operating systems that were used the most in this thesis.
|
|
|
RFID based access system in rooms
Mego, Roman ; Michal, Vratislav (referee) ; Frýza, Tomáš (advisor)
The master’s thesis aims to design an access control system using the RFID technology. The system should reduce security risks associated with its use. While working on project two devices were created. First is the access terminal operating on frequency of 13.56 MHz and second is the RFID reader for PC operating at frequency 125 kHz. Software for devices was created as well as system control application for PC. The document contains an overview of the RFID principles and possibility of implementation access control system. Next part of the project describes in detail step by step the process of designing electrical circuit for system parts. Last part talks about realized software, libraries which are used and the system control application for PC.
|
|
|
Securing Shared Data Storage
Škoda, Martin ; Hajný, Jan (referee) ; Malina, Lukáš (advisor)
This work presents the cloud computing model. It describes deployment models and distribution models of the cloud computing. The distribution models like software as a service and infrastructure as a service are described. Then the current solutions from companies Amazon.com, Microsoft and VMware and the description of security of the particular solutions are presented. The next section deals with data security in the cloud computing. In this section, the fundamental methods of data security (confidentiality, integrity and availability) and the examples of cryptographic methods used in the cloud computing are described. Further, the methods used for secure infrastructure and network (defense in depth), the protection of privacy and the security of data storage are described. Nowadays, the open problems are ensuring the protection of privacy of user data and data storage security auditing, which prevent users to gain trust in cloud computing. To solve these problems, Privacy as a Service (PasS), homomorphic encryption, privacy preserving data storage public auditing and Trusted Computing are described. In the final part of this work, the threads in the cloud computing environment and theirs countermeasures are analyzed. Finally, the design of model for securing shared data storage is proposed. Model is based on the previous findings. Model uses a tamper-proof hardware with cryptographic protections to ensure the privacy of computed data and the integrity of data stored on storage in the cloud computing.
|
|
|
Link layer LAN network security
Sedláček, Jiří ; Grenar, David (referee) ; Slavíček, Karel (advisor)
The bachelor‘s thesis is about security concerning local area networks of the data link layer. The goal of the thesis is to characterize basic functioning of the ISO/OSI reference model as well as describing how the data link layer works to understand the topic, specify the possibilities of attacking the data link layer (for example rogue DHCP server, ARP spoofing, CAM table overflow, attacking the spanning tree protocol and others) and possible security measures to protect against the attacks. The purpose of the thesis is also a suggestion for assembling an experimental network relating to the topic of the thesis. Theoretical part determines the most important protocols of the data link layer, methods of abusing them and protection of those protocols. The practical part contains a brief description of the attacks, used utilities for accomplishing the attacks, a network topology, execution of the attacks, detection and protection against the attacks as well as briefly summarizing the results. The thesis also sums up some of the possible recommended configuration to repel the attacks and suggesting how to behave in a cyber environment. For the purpose of simulating the attacks, Kali Linux and Windows 10 are the operating systems that were used the most in this thesis.
|
|
|
Securing Shared Data Storage
Škoda, Martin ; Hajný, Jan (referee) ; Malina, Lukáš (advisor)
This work presents the cloud computing model. It describes deployment models and distribution models of the cloud computing. The distribution models like software as a service and infrastructure as a service are described. Then the current solutions from companies Amazon.com, Microsoft and VMware and the description of security of the particular solutions are presented. The next section deals with data security in the cloud computing. In this section, the fundamental methods of data security (confidentiality, integrity and availability) and the examples of cryptographic methods used in the cloud computing are described. Further, the methods used for secure infrastructure and network (defense in depth), the protection of privacy and the security of data storage are described. Nowadays, the open problems are ensuring the protection of privacy of user data and data storage security auditing, which prevent users to gain trust in cloud computing. To solve these problems, Privacy as a Service (PasS), homomorphic encryption, privacy preserving data storage public auditing and Trusted Computing are described. In the final part of this work, the threads in the cloud computing environment and theirs countermeasures are analyzed. Finally, the design of model for securing shared data storage is proposed. Model is based on the previous findings. Model uses a tamper-proof hardware with cryptographic protections to ensure the privacy of computed data and the integrity of data stored on storage in the cloud computing.
|
|
|
RFID based access system in rooms
Mego, Roman ; Michal, Vratislav (referee) ; Frýza, Tomáš (advisor)
The master’s thesis aims to design an access control system using the RFID technology. The system should reduce security risks associated with its use. While working on project two devices were created. First is the access terminal operating on frequency of 13.56 MHz and second is the RFID reader for PC operating at frequency 125 kHz. Software for devices was created as well as system control application for PC. The document contains an overview of the RFID principles and possibility of implementation access control system. Next part of the project describes in detail step by step the process of designing electrical circuit for system parts. Last part talks about realized software, libraries which are used and the system control application for PC.
|
|
|
Testing e-commerce applications security
Trnka, Karel ; Veber, Jaromír (advisor) ; Klíma, Tomáš (referee)
The purpose of this bachelor's thesis is to describe concept of testing e-commerce applications security. The first part is dedicated to theoretical level. There are definitions of basic terms connected with the topic of this thesis followed by description of penetration testing. At the end of the first part of this bachelor's thesis there is introduction to project OWASP (Open Web Application Security Project) and documentation project Top Ten which describes ten most critical web applications security risks. Second part of this thesis is dedicated to practical penetration testing of three chosen e-commerce products. There is introduction to procedure and method of conducted and by the OWASP method standardized tests. Final report is included in next chapter also with possible solutions and recommendations based on the test results. Contribution of this thesis lies in finding vulnerabilities in selected e-commerce products. The final report will be sent to the developers of these applications together with proposals to address problems discovered.
|
|
|
Ethical Aspects of the Participation Soldiers of the Czech Army in Foreign Operations
ŠPÁNIKOVÁ, Jana
This thesis focuses on the ethical aspects of soldiers of the Army of the Czech republic participating in the foreign operations, not only in relation to the legality and legitimacy of military intervention, but also from the point of view of practical ethical questions of soldiers sent to perform tasks in these operations. The first part of this thesis introduces the Army of the Czech Republic as a tool to ensure national security and national sovereignty, built with emphasis to fulfill military traditions, virtues and professional ethics. Later, in historical and contemporary contexts summarizes the basic ethical solutions for the legitimate use of force to resolve international conflicts. The second part reflects the umanitarian and security operations taking place in the former Yugoslavia, Iraq and Afghanistan as the consequences of massive human rights violations, ethnic violence and global terrorism. In the context of the ethical and Christian dimension of legitimate use of military means, summarizes the basic issues while solving security threats and enforcing national interests.
|
|
|
Analyse of security risk in a holding company
Kaiser, Petr ; Mészáros, Jan (advisor) ; Buchalcevová, Alena (referee)
The main goal of the bachelor essay is to analyze security of information technology in holding company. Partial goal is to describe common risk of information technology in company and suggest appropriate solution. The essay is dedicated on information technology or security of data in current world. Every company, especially holding company, with many branch offices must have the data security on first place. The goal was reached by author's knowledge about company and consultation with other administrators in conjunction with theory about security in information technology. That theory was get on internet and in books dealing with those issues. Most of information is from many sources, because the essay must be as much independent as possible and verified of course. You can see in the essay that information world accelerates and the requirements for IT security are very important. The first part of the bachelor essay focus on theory about security of information technology. You can find information about history, types and attack details there. Of course there is information about types of security solution. In next part there is analyzed IT security of company. In last part are solutions of security threads that were found in the analysis. The analysis is revealed that company is trying to implement security solutions, but many of them are ignored.
|
|
|
The Influence of Both Legal and Illegal Migration on the Internal Security of the Czech Republic and the Crisis Management
HAVEL, David
The issue associated with the migration of foreigners, with the positive and negative aspects that inevitably bring, is a phenomenon that can not be left unnoticed by the authorities, regardless of whether they are migrants residing at the territory of the Czech Republic legally or illegally. Especially nowadays, when most countries are in the global economic crisis, it is the issue that deserves proper attention (with due regard for the possible impacts on the internal security of the Czech Republic, the economy, the social sphere and the citizens´ behaviour). The Czech Republic is aware of the risks associated with the high flow of immigrants. As a proof of that is, that this area has been evaluated as one of the possible non-military threats (or crisis situations) and as such it was defined in the crisis planning as a part of the Plan called {\clq},The Migration Wave of a Large Extent`` drawn by the National Security Council. This work on the topic of The Influence of Both Legal and Illegal Migration on the Internal Security of the Czech Republic and the Crisis Management contains an interpretation of the basic concepts and the development trends in the field of migration in the theoretical part and it also defines the authorities resposinble for solving of the individual issues related to the migration of foreigners. The practical part contains a situational analysis of the presence of foreigners in the South-Bohemian Region compared with the Czech Republic and also the rate of criminal activities committed by foreigners also compared with the Czech Republic as a whole. The research was conducted between the years of 2003 and 2009.
|
guest ::
