|
|
Data-efficient security of cloud storages
Elis, Martin ; Fujdiak, Radek (referee) ; Člupek, Vlastimil (advisor)
This work is focused on problematics of a cloud solution, especially on its security side. It describes the current security trends and approaches used by security engineers when creating sophisticated designs of secure cloud systems. As part of it there is a risk analysis and an overview of the most common types of attacks led against the cloud solutions. Also, this document deals with the possibilities, principles, advantages and negatives of different types of cloud distributions. Another text deals with the usual methods used for accessing the cloud. This thesis contains author’s own design of possible realization. In the next part of the document, process of building a safe cloud data storage is described together with principles of ensuring its security. In the conclusion, the author focuses on comparison of cryptographic algorithms and their behavior depending on the length of a used keys.
|
|
| |
|
|
Design of methodology for vulnerability assesment
Pecl, David ; Martinásek, Zdeněk (referee) ; Gerlich, Tomáš (advisor)
The thesis deals with the assessment of security vulnerabilities. The aim of this work is to create a new method of vulnerability assessment, which will better prioritize critical vulnerabilities and reflect parameters that are not used in currently used methods. Firstly, it describes the common methods used to assess vulnerabilities and the parameters used in each method. The first described method is the Common Vulnerability Scoring System for which are described all three types of scores. The second analysed method is OWASP Risk Rating Methodology. The second part is devoted to the design of the own method, which aims to assess vulnerabilities that it is easier to identify those with high priority. The method is based on three groups of parameters. The first group describes the technical assessment of the vulnerability, the second is based on the requirements to ensure the confidentiality, integrity and availability of the asset and the third group of parameters evaluates the implemented security measures. All three groups of parameters are important for prioritization. Parameters describing the vulnerability are divided into permanent and up-to-date, where the most important up-to-date parameter are Threat Intelligence and easy of exploitation. The parameters of the impact on confidentiality, integrity and availability are linked to the priority of the asset, and to the evaluation of security measures, which increase the protection of confidentiality, integrity and availability. The priority of the asset and the quality of the countermeasures are assessed based on questionnaires, which are submitted to the owners of the examined assets as part of the vulnerability assessment. In the third part of the thesis, the method is compared with the currently widely used the Common Vulnerability Scoring System. The strengths of the proposed method are shown in several examples. The effectiveness of prioritization is based primarily on the priority of the asset and the security measures in place. The method was practically tested in a laboratory environment, where vulnerabilities were made on several different assets. These vulnerabilities were assessed using the proposed method, the priority of the asset and the quality of the measures were considered, and everything was included in the priority of vulnerability. This testing confirmed that the method more effectively prioritizes vulnerabilities that are easily exploitable, recently exploited by an attacker, and found on assets with minimal protection and higher priority.
|
|
|
Safety of e-business
Jonáš, Martin ; CSc, Ivo Beroun, (referee) ; Dvořák, Jiří (advisor)
Bachelor´s thesis is supposed to formulation safety of information system functions, description of elktronic signature and certificion authority. Next is oriented at conversion, launching and application of elektronic signature.
|
|
|
Safety of E-commerce
Jonáš, Martin ; Beroun,, Ivo (referee) ; Dvořák, Jiří (advisor)
Diplom´s thesis is supposed to formulation safety of information system functions, description of elktronic signature and certificion authority. Next is oriented at conversion, launching and application of elektronic signature.
|
|
|
Interception of Modern Encrypted Protocols
Marček, Ján ; Korček, Pavol (referee) ; Kajan, Michal (advisor)
This thesis deals with the introduction to the security mechanism.The procedure explains the basic concepts, principles of cryptography and security of modern protocols and basic principles that are used for information transmission network. The work also describes the most common types of attacks targeting the eavesdropping of communication. The result is a design of the eavesdropping and the implementation of an attack on the secure communication of the SSL protocol..The attacker uses a false certificate and attacks based on poisoning the ARP and DNS tables for this purpose. The thesis discusses the principles of the SSL protocol and methodology of attacks on the ARP and DNS tables.
|
|
|
Analysis of Selected Security Protocols
Říha, Tomáš ; Trchalík, Roman (referee) ; Očenášek, Pavel (advisor)
This bachelor's thesis deals with the SRI Constraint Solver tool used for analysis of security protocols. The tool is shortly characterised, and its syntax is shown on an implementation of the Needham-Schroeder Public Key protocol. The practical part shows some examples of analysed protocols. Every protocol is specified; it's run in the tool, published attack and found attack in case of its presence. At the end of the thesis, a method of analysis of each protocol and a comparison of achieved results with published are described.
|
|
|
Coaching as a profession: bases for professional ethics of coaching and reflection on selected topics
Červenka Kocourková, Karolína ; Jinek, Jakub (advisor) ; Sousedík, Prokop (referee)
This diploma thesis presents coaching as an independent profession. It shows that it is not just a method of training, counseling or employee management, which would then follow the ethics of the fields in which it is applied, but that coaching is a profession that has its own methodology, research and practice, during which atise a specific ethical issues, and this diploma thesis will focus on selected ones. The first part deals with the issue of the concept of coaching. Based on the definition of coaching and its historical development, it tries to distinguish coaching from psychotherapy, mentoring, counseling and also from sports coaching. It examines the etymology of the word coach, whether there is any more suitable Czech equivalent of this profession designation, which is closely connected primarily with the sports environment. It tries to define the professional base of coaching, to find its position among the helping professions, to show its independence and thus to obtain starting points for future ethical reflections. In the second part of the diploma thesis, the paradigm of the coach- client relationship is determined, the coach's professional competencies and assumptions on the client's side are defined. It also presents ethical issues that are specific to the coaching profession. These...
|
|
|
Ensuring the confidentiality and integrity of electronic activity records (logs) for the purposes of judicial evidence
DUCHAN, Pavel
The thesis deals with the issue of processing records of employee activities in organization's information systems. The aim of the thesis is to design organizational, procedural and technical measures that will allow the use of records of employee activities as admissible evidence in a dispute with an employee. To create a suitable policy, a methodology based on the procedures of implementing an Information Security Management System (ISMS) is used and an analysis of legislative requirements and requirements of internationally recognized standards such as ISO, NIST for content, storage and security of logs is performed. The thesis also takes into account the requirements of the Personal Data Processing Act and the Labor Code. The output is a policy proposal that provides for chosen organization comprehensive solution for processing records while meeting all relevant requirements of the organization.
|
|
|
Design of methodology for vulnerability assesment
Pecl, David ; Martinásek, Zdeněk (referee) ; Gerlich, Tomáš (advisor)
The thesis deals with the assessment of security vulnerabilities. The aim of this work is to create a new method of vulnerability assessment, which will better prioritize critical vulnerabilities and reflect parameters that are not used in currently used methods. Firstly, it describes the common methods used to assess vulnerabilities and the parameters used in each method. The first described method is the Common Vulnerability Scoring System for which are described all three types of scores. The second analysed method is OWASP Risk Rating Methodology. The second part is devoted to the design of the own method, which aims to assess vulnerabilities that it is easier to identify those with high priority. The method is based on three groups of parameters. The first group describes the technical assessment of the vulnerability, the second is based on the requirements to ensure the confidentiality, integrity and availability of the asset and the third group of parameters evaluates the implemented security measures. All three groups of parameters are important for prioritization. Parameters describing the vulnerability are divided into permanent and up-to-date, where the most important up-to-date parameter are Threat Intelligence and easy of exploitation. The parameters of the impact on confidentiality, integrity and availability are linked to the priority of the asset, and to the evaluation of security measures, which increase the protection of confidentiality, integrity and availability. The priority of the asset and the quality of the countermeasures are assessed based on questionnaires, which are submitted to the owners of the examined assets as part of the vulnerability assessment. In the third part of the thesis, the method is compared with the currently widely used the Common Vulnerability Scoring System. The strengths of the proposed method are shown in several examples. The effectiveness of prioritization is based primarily on the priority of the asset and the security measures in place. The method was practically tested in a laboratory environment, where vulnerabilities were made on several different assets. These vulnerabilities were assessed using the proposed method, the priority of the asset and the quality of the measures were considered, and everything was included in the priority of vulnerability. This testing confirmed that the method more effectively prioritizes vulnerabilities that are easily exploitable, recently exploited by an attacker, and found on assets with minimal protection and higher priority.
|
guest ::
