|
|
Privacy-Enhancing Technologies and Privacy-Enhancing Cryptography for Wearables
Casanova-Marqués, Raúl ; Pendo,, Cristiano Gonçalves (referee) ; PhD, Lukasz Michal Chmielewski, (referee) ; Hajný, Jan (advisor)
The increasing concern surrounding privacy and the safeguarding of digital identities has emphasized the pressing necessity of establishing secure and confidential communication channels. This concern has led to the development of cryptographic mechanisms aimed at facilitating impervious information exchange. Nevertheless, traditional cryptographic approaches are proving insufficient in dynamic and resource-constrained environments, such as wearable devices. As a result, attribute-based credential schemes have emerged as a promising solution, offering fine-grained access control to digital services based on user-specific attributes. This doctoral thesis examines the efficacy and scalability of attribute-based anonymous credential schemes in ensuring the authenticity and security of users within dynamic architectures of wearable devices. It also explores enhancements to these schemes, with a primary focus on incorporating user revocation while maintaining privacy. Additionally, the thesis presents devised mechanisms to enable attribute-based authentication protocols on smart cards with limited support for elliptic curve cryptography. It addresses specific challenges associated with the usability of smart cards. Moreover, the thesis investigates the integration of anonymous authentication schemes in collaborative indoor positioning systems, aiming to provide privacy and security. Lastly, it explores the implementation of attribute-based authentication schemes in resource-constrained environments, with an emphasis on Internet of Things devices, and evaluates their feasibility within the dynamic architectures of wearable devices. The first contribution of this thesis introduces a purposefully designed protocol for anonymous authentication on smart cards. This protocol combines attribute-based credentials and user revocation while ensuring computational efficiency. To facilitate effective implementation and evaluation, the thesis employs smart cards equipped with the MULTOS operating system. The second contribution focuses on optimizing the capabilities of smart cards using Java Card technology for the implementation of attribute-based credential schemes. These smart cards are presented as a more accessible alternative for a wider consumer base. To overcome limitations in their application programming interface, the thesis devises strategies to augment the constrained support for elliptic curve cryptography and effectively implement such schemes. The third contribution presents the Privacy-Enhancing Authentication System, a robust solution compatible with smart cards, smartphones, and smartwatches. This system addresses the functional challenges associated with smart cards, including the absence of a graphical interface and limited user control over attribute disclosure. Consequently, it offers a practical and deployable solution for real-world scenarios. Finally, the thesis proposes a groundbreaking scheme to safeguard collaborative indoor positioning systems by addressing both privacy and security concerns. This scheme ensures the preservation of privacy and security by eliminating centralized architectures and employing encryption techniques for positioning information. The thesis includes comprehensive details such as protocol use cases, implementation specifics, execution benchmarks, and a comparative analysis with existing protocols.
|
|
|
Anonymization of users when collecting network traffic
Hamár, Lukáš ; Blažek, Petr (referee) ; Sikora, Marek (advisor)
This thesis deals with anonymization of data, which could lead to disclosure of the identity of end users in network traffic. Work describes algorithms by which individual data parts are anonymized and also tools which use these techniques for network traffic anonymization. The next part of the thesis describes construction of a laboratory network, in which is the network traffic captured, containing pcap and NetFlow data. With using of the captured data, the anonymization tools are tested and the results are compared. In the last part of the thesis is created graphical interface for one of the tested anonymization softwares.
|
|
|
Open Data of justice.cz and ARES
Mikyska, Daniel ; Loutocký, Pavel (referee) ; Míšek, Jakub (advisor)
This bachelor thesis deals with public sector information, especially open data. It describes their definition, conditions, legislation and mandatory entities that are obliged to create this data. The next section deals with possible obstacles that may arise when opening, or reusing, open data. The protection of privacy and personal data is described the most. It states here what personal data is, how their processing is defined and who is the controller of personal data. In the last part, this work deals with the practical part, which aims to show how the basic way to use open data in a simple web application.
|
|
|
Privacy protection in cloud
Chernikau, Ivan ; Smékal, David (referee) ; Dzurenda, Petr (advisor)
In the Master’s thesis were described privacy protection problems while using cloud technologies. Some of the problems can be solved with help of homomorphic encryption, data splitting or searchable encryption. These techniques were described and compared by provided security, privacy protection and efficiency. The data splitting technique was chosen and implemented in the C language. Afterwards a performance of the implemented solution was compared to AES encryption/decryption performance. An application for secured data storing in cloud was designed and implemented. This application is using the implemented data splitting technique and third-party application CloudCross. The designed application provides command line interface (CLI) and graphical user interface (GUI). GUI extends the capabilities of CLI with an ability to register cloud and with an autodetection of registered clouds. The process of uploading/downloading the data to/from cloud storage is transparent and it does not overload the user with technical details of used data splitting technique.
|
|
|
Personal data protection and cookies
Svetlík, Adam ; Stupka, Václav (referee) ; Míšek, Jakub (advisor)
This thesis deals with an analysis of cookies, a specific field of personal data protection. In particular, the thesis examines the legal aspects of the technology, as well as their insufficiencies. Besides that, it provides an analysis of several examples of privacy violations caused by cookies.
|
|
|
Tunneling and Cryptographic protocols as a privacy protection on regulated internet
Čížek, Michal ; Pust, Radim (referee) ; Burda, Karel (advisor)
This thesis is about internet regulations and usage of tunneling protocols as a privacy protection on regulated internet. The thesis includes detailed description of most widely used tunneling protocols focused on their usage in regulated networks. The produce the teoretical part of the thesis is synoptical comparative table including benefits and disadvantages of each protocol and examples of suitable usage. The practical part presents the tunneling protocols in three different scenarios which are very frequent in practice. Each scenario has been realized, the communication has been captured using Wireshark network protocol analyzer and also the analysis of potential risks has been done for the event that the communication would be captured by a third party - the regulator.
|
|
|
Person de-identification upon primary biometric traits
Šidó, Balázs ; Burget, Radim (referee) ; Přinosil, Jiří (advisor)
This bachelor’s thesis deals with various methods protecting privacy by de-identification based on the primary biometric traits. The first chapter describes face de-identification with ad-hoc, naive and advanced methods. It also describes the Active Appearance Models and the Active Shape Models. The second chapter consists of a general overview of voice signal processing and of voice de-identification methods by changing the levels of energy in each frequency band and by pitch shift. The following chapters are describing the realized face de-identification program and an algorithm design for reversible face de-identification using the appearance parameters of the Active Appearance Model. This is followed by algorithm designs for voice de-identification. The results of the experiments done with the de-identified pictures are introduced in the last chapter. The realized program were written in Matlab.
|
|
|
Spam detection methods
Rickwood, Michal ; Horváth, Tomáš (referee) ; Oujezský, Václav (advisor)
Hlavním cílem této práce je navrhnout a implementovat detekční algoritmus na spam, který využívá výhradně záznamy provozu v podobě Netflow zpráv. Poskytovatelé internetových služeb musí spam detekovat, aby zabránili označování celých jejich subnetů za spammery. Algoritmus byl navržen na základě analýzy mnohých datasetů obsahující Netflow záznamy. Tyto datasety obsahovaly validní emaily, spam a také běžný internetový provoz. Algoritmus v prvním kroku využívá domain name system blacklistů pro verifikaci spammovací stanice. Veškerá komunikace ze stanic, které se objeví na některém ze seznamů jsou okamžitě zahozeny. Filtrační kritéria algoritmu jsou aplikována pouze na stanice, které nejsou blacklisty označeny. Tato kritéria byla rozdělena na akceptační a seřaďovací. Akceptační kritérium bylo navrženo k nalezení potenciálně významných stanic. Bylo formulováno pět kritérií určených k seřazování těchto vybraných IP adresy dle pravděpodobnosti, že se jedná o spamovací stanice. Za každým kritérium stojí matematická rovnice vracející hodnotu mezi 0 a 1. Celkový součet takto vrácených hodnot se u spamovacích stanic blíží k pěti, zatímco legitimní stanice mají hodnoty znatelně nižší. Výstupem vyvinutého algoritmu je seznam potenciálních spamovacích stanic seřazených podle pravděpodobnosti, že se jedná o spamovací stanice.
|
|
|
Privacy Protection on Mobile Devives
Aron, Lukáš ; Hudec,, Ladislav (referee) ; Drahanský, Martin (referee) ; Hanáček, Petr (advisor)
Tato práce analyzuje ochranu citlivých dat na mobilních zařízeních a představuje metodu pro ochranu těchto dat před možností úniku informaci ze zařízení. Ochrana se zaměřuje na využívání zařízení, jak pro osobní účely, tak i v pracovním prostředí. Koncept navrženého řešení je implementován ve formě prototypu. Model implementace je verifikován s modelem požadovaného chování. Součástí práce jsou experimenty s prototypem a experimenty zaměřené na verifikaci mezi danými modely.
|
|
|
SCL group a Cambridge analytica: jak ovlivnily politiku a společnost v Evropě a Severní Americe
Komínek, Martin
The bachelor's thesis focuses on the scandal involving Cambridge Analytica and compares its impacts on society and politics in Europe and the USA. The theoretical part introduces key concepts in the field of modern technologies, which play an important role in communication and are essential for understanding political marketing strategies. Furthermore, an analysis of the SCL Group and its subsidiaries, which specialize in data analysis and political marketing, is conducted. In the empirical part, factors related to the Cambridge Analytica scandal that influence politics and society in Europe and North America are analyzed through a comparison of two events: the United Kingdom's referendum on membership in the European Union and the 2016 US presidential election. The conclusion presents the results of the findings.
|
guest ::
