National Repository of Grey Literature 46 records found  1 - 10nextend  jump to record: Search took 0.00 seconds. 
The Legal Status of Minors and Other Vulnerable Applicants for International Protection
Edelmannová, Anna ; Pítrová, Lenka (advisor) ; Scheu, Harald Christian (referee)
Persons who seek international protection in the European Union are entitled to number of rights contained in the EU law, international law and national law. Some applicants for international protection are entitled to additional rights and guarantees due to their weakened position. This thesis analyses the legal position of vulnerable applicants for international protection (or more precisely applicants with special needs). The position of minor applicants is dealt with in more detail. The thesis further deals with the legislation of the Common European Asylum System, attention is also paid to the European Court of Human Right's case- law, to the UN Convention on the Rights of the Child and to other relevant documents. All applicants for international protection can be seen as vulnerable. In the view of the European Court of Human Rights applicant for international protection is "as such, a member of a particularly underprivileged and vulnerable population group in need of special protection". The EU law does not explicitly describe applicants as vulnerable, but it entitles them to a certain standard of rights by which it reflects their difficult position. Furthermore, the Reception Conditions Directive and Asylum Procedures Directive define applicants with special needs (more precisely applicants...
Detection of Blueborne Revealed Vulnerability
Janček, Matej ; Malinka, Kamil (referee) ; Hujňák, Ondřej (advisor)
Táto práca sa zaoberá tvorbou automatickej metódy na detekciu Blueborne zraniteľností v Android zariadeniach. V riešení bola použitá metóda, ktorej základné fungovanie je z vyvolania pretečenia pamäti na zariadení. Následne výsledný nástroj vyhodnotí či sa to podarilo a, či zariadenie je zraniteľné. Nástroj bol testovaný na viacerých zariadeniach, ktoré majú rôzne verzie systému. Testovanie tejto metódy detekcie potvrdilo funkčnosť nástroja.
Security exercises for ethical hacking
Paučo, Daniel ; Lieskovan, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
This master thesis deals with penetration testing and ethical hacking. Regarding to the layout of the thesis there was prepared appropiate enviroment to realize Red/Blue team exercise, where Red team is in a role of the attacker and Blue team is in a role of defender of the network infrastructure. Whole infrastructure is implemented in a cloud virtual enviroment of VMware vSphere. Second part of the thesis consists of preparation and creation of the exercise to test web application security. Third part of the thesis is dedicating to the automatization of redteaming. Main focus of this master thesis is to demonstrate different attack vectors how to attack the network infrastructure and web applications and use of the defense mechanisms to avoid this kinds of attacks.
Design of methodology for vulnerability assesment
Pecl, David ; Martinásek, Zdeněk (referee) ; Gerlich, Tomáš (advisor)
The thesis deals with the assessment of security vulnerabilities. The aim of this work is to create a new method of vulnerability assessment, which will better prioritize critical vulnerabilities and reflect parameters that are not used in currently used methods. Firstly, it describes the common methods used to assess vulnerabilities and the parameters used in each method. The first described method is the Common Vulnerability Scoring System for which are described all three types of scores. The second analysed method is OWASP Risk Rating Methodology. The second part is devoted to the design of the own method, which aims to assess vulnerabilities that it is easier to identify those with high priority. The method is based on three groups of parameters. The first group describes the technical assessment of the vulnerability, the second is based on the requirements to ensure the confidentiality, integrity and availability of the asset and the third group of parameters evaluates the implemented security measures. All three groups of parameters are important for prioritization. Parameters describing the vulnerability are divided into permanent and up-to-date, where the most important up-to-date parameter are Threat Intelligence and easy of exploitation. The parameters of the impact on confidentiality, integrity and availability are linked to the priority of the asset, and to the evaluation of security measures, which increase the protection of confidentiality, integrity and availability. The priority of the asset and the quality of the countermeasures are assessed based on questionnaires, which are submitted to the owners of the examined assets as part of the vulnerability assessment. In the third part of the thesis, the method is compared with the currently widely used the Common Vulnerability Scoring System. The strengths of the proposed method are shown in several examples. The effectiveness of prioritization is based primarily on the priority of the asset and the security measures in place. The method was practically tested in a laboratory environment, where vulnerabilities were made on several different assets. These vulnerabilities were assessed using the proposed method, the priority of the asset and the quality of the measures were considered, and everything was included in the priority of vulnerability. This testing confirmed that the method more effectively prioritizes vulnerabilities that are easily exploitable, recently exploited by an attacker, and found on assets with minimal protection and higher priority.
Security of Red Hat Enterprise Linux based operating systems
Kňažeková, Nikola ; Ilgner, Petr (referee) ; Komosný, Dan (advisor)
Táto diplomová práca sa zameriava zvyšovanie bezpečnosti v operačných systémoch založených na Red Hat Enterprise Linux, na základe analyzovaných zraniteľnosti za posledných 5 rokov. V teoretickej časti sú popísané slabiny a zraniteľnosti, základné bezpečnostné mechanizmy v Linuxe, so zameraním na technológiu SELinux. Technológia SELinux je súčasťou operačných systémov Red Hat Enterprise Linux, Fedora a CentOS. Na základe analyzovaných zraniteľností bola v praktickej časti navrhnutá konfigurácia technológie SELinux. V návrhu sú popísané prvky, ktoré sa budú konfigurovať a tými sú SELinuxové booleany, SELinuxové moduly a SELinuxoví užívatelia, so zameraním na ochranu pamäte, eskalovanie privilégií, spúšťaniu kódu, úniku dat a obmedzenie procesov a užívateľov. Na základe návrhov bola vytvorená konfigurácia v konfiguračnom nástroji Ansible, ktorej cieľom je umožniť užívateľovi jednoducho a rýchlo nakonfigurovať hosťa. Okrem nej boli vytvorene ďalšie dve konfigurácie, ktoré umožnia vrátiť systém do predchádzajúceho stavu alebo uzamknúť SELinuxovú konfiguráciu. Následne sa overoval dopad konfigurácií na použiteľnosť systému a nájdené chyby boli opravené alebo nahlásené. Posledná časť overuje funkčnosť konfigurácie pred zneužitím zraniteľností.
A Tool for Easily Securing Computers with Linux
Barabas, Maroš ; Hanáček, Petr (referee) ; Vojnar, Tomáš (advisor)
The purpose of this thesis is to explain new approaches to scanning and locking vulnerabilities in computer security and to design a new system to improve security of computers running the Linux operating system. The purpose of this system is to analyze remote operating systems and detect and lock down vulnerabilities by existing security standards.
Design of a smart meter testing methodology focusing on invasive testing
Biolek, Martin ; Sikora, Marek (referee) ; Lieskovan, Tomáš (advisor)
Bachelor thesis is focused on investigating the security deficits of smart meters through penetration testing. The theoretical part describes the standards that should be followed by smart meter manufacturers. This is followed by the practical part where the testing of two smart meter systems was conducted in order to discover their vulnerabilities. The result of the work is the exposure of one of the two systems of interest that requires significant security improvements before deployment of another version. A description of the vulnerabilities is included in the practical part of the thesis.
The proposal of ISMS implementation in the public administration
Štukhejl, Kamil ; Tomáš,, Krejčí (referee) ; Sedlák, Petr (advisor)
This diploma thesis focuses on the implementation of information security management system in the public administration based on ISO/IEC 27000 series of standards. The thesis contains theoretical background, introduction of the organization, risk analysis and a proposal of appropriate measures for minimization of these identified risks. In the end, an implementation plan is proposed including an economic evaluation.

National Repository of Grey Literature : 46 records found   1 - 10nextend  jump to record:
Interested in being notified about new results for this query?
Subscribe to the RSS feed.