Implementando segurança e controle em redes de computadores / Implementing security and control in computer networks

Bertholdo, Leandro Márcio

January 1997

O crescimento e proliferação da Internet nos últimos anos tem trazido à tona vários problemas relativos à segurança e operacionabilidade das máquinas de universidades e empresas. Inúmeras invasões são realizadas anualmente. Entretanto, a grande maioria delas não possui registro algum, sendo muitas vezes de total desconhecimento do administrador local. Para prover soluções para estes problemas foi realizado um estudo, aqui apresentado, que tem como principal objetivo propor uma filosofia de gerência de segurança. São utilizados para isso conceitos de gerenciamento de redes como SNMPv2, aliado à implementação de um conjunto de ferramentas que garantam a integridade dos vários sistemas envolvidos. O resultado foi um sistema denominado CUCO1, que alerta sobre tentativas de ataque e situações de risco. CUCO foi projetado para permitir a um administrador, protegido ou não por uma firewall, dispor de um controle maior e melhor sobre acessos e tentativas de acessos indevidos à sua rede. O sistema usa uma estratégia de monitoração de eventos em diferentes níveis e aplicações, tentando com isto detectar e alertar a ocorrência de ataques tradicionais. Também está incorporado um bloco de funções que visam identificar um agressor situado em algum lugar da Internet, e obter maiores informações sobre ele e o domínio onde esta localizado. / The Internet increase and proliferation in the last years has brought a lot of problems related to the security and handling of hosts in universities and corporations. Many break-ins are done each year, without any record or knowledge by the site’s administrator. To give solutions to this problems was made up a study, here presented, has as the main goal the proposal of a security management philosophy. Are used network management concepts, joined with a toolkit to ensure the integrity of many systems envolved. The result was a system named CUCO2, that alerts about attacks and risks situations. CUCO was designed to allow an administrator, protected or not by firewall, to have a bigger and better access control in his network. The system uses an event monitor strategy in different levels and applications, trying to detect and alert the occurrence of common attacks. Moreover, it is also incorporated by a set of functions that attempt to identify aggressor’s location in any place in the Internet, and get information about him and the domain where he is located.

Redes : Computadores

Seguranca : Redes : Computadores

Gerencia : Redes : Computadores

Firewall

Computer networks

Network management

Data security

System security

Security management

Tools

Webbplats med Jeopardyspel med CodeIgniter / Web Site With Jeopardy Game On CodeIgniter

Larsson, Björn

January 2011

Detta examensarbete kommer att behandla hur man kan skapa en webbplats med tillhörande spel med hjälp av PHP-ramverket CodeIgniter. Rapporten tar upp hur detta ramverk fungerar och hur applikationer i ramverket kan göras säkra. Läsaren kommer att få veta mer om vilka HTML-standarder man kan använda för webbplatser och om den programmeringsmetod, MVC-principen, som CodeIgniter använder sig av. Kortfattat tar rapporten upp teknisk webbutveckling och programmeringen bakom densamma. / This thesis will examine how to create a web site with a game, based on the PHP-framework CodeIgniter. The report explains how this framework works and how you can make secure applications by using the framework. The reader will also get to know more about the HTML-standards possible to use for web sites and about the programming method, the MVC-principle, CodeIgniter is using. In short, the report explains technical web development and the programming behind it. / Kontakt med författaren kan ske via dennes webbplats, http://www.bjornlarsson.se/.Detta verk är licensierat under en Creative Commons Erkännande-IckeKommersiell 2.5 Sverige Licens (http://creativecommons.org/licenses/by-nc/2.5/se/).

CodeIgniter

PHP

MySQL

MVC

Web site

Data security

Game

CodeIgniter

PHP

MySQL

MVC

Webbplats

Datasäkerhet

Spel

Software Engineering

Programvaruteknik

Bezpečnost mobilních zařízení na platformě Android / Security of mobile devices running Android

Novotný, Josef

January 2015

The main subject of this thesis is the security of Android platform mobile devices. The goal of the thesis is to design and develop an application that will check given devices from the security point of view and to check the security of applications developed as the subject of theses created in the last few years at the University of Economics. In the first part of thesis there is an analysis of ways to secure the Android platform devices and applications and ways to attack them. Both the offline and the client/server architecture applications are also taken into consideration. The next part includes a security analysis of the selected application based on the beforehand determined criteria. An analysis and development of the application designated to examine the security of the given device is next. The outcome of the thesis is an easy to use application that can be launched on the mobile devices running Android 2.2 Froyo and higher.

Právní a systémová analýza e-Governmentu / Legal and Systems Analysis of e-Government

Rieger, Pavel

January 2013

The goal of this doctoral thesis is to analyse some legal, technical and economic aspects, related to the development of e-Government in the Czech Republic and to draw some general prerequisites for a successful development of e-Government services. The work contains a review of the legislation, which has a direct or indirect impact on the development of e-Government. It concerns mainly the digital signature legislation, public administration information systems, general regulations on administrative procedures and some special regulations. In this thesis there are analysed in detail currently implemented e-Government projects, especially the public administration contact points, the data inboxes, the authorized documents' conversion and the basic registers of public administration. Special attention is also devoted to the questions of personal data security in information systems. Possible effects of e-Government are evaluated with regard to recipients of public administration, particularly to citizens and legal persons. Measurable indicators (metrics) are proposed to measure the progress of individual e-Government projects, along with the procedure of their calculation. This thesis concludes that for reliable measurement of efficiency, it is necessary to identify some quantifiable indicators on the cost side as well as and on the benefits side. These indicators should be oriented to the cost aspect as well as to the specific objectives of public administration. As for the methodology, in the thesis there are used the usual methods of research in the field of legal science. Concretely used methods are the process analysis, cost analysis and metrics analysis, whose methodology is based primarily on the economics, management and information management. Furthermore, the case studies have been used to fulfil the objectives of the thesis and to verify the thesis' hypotheses.

Rozhodování o poskytovatelicloudových služeb s ohledem na bezpečnost dat / Decision-making about cloud service providers with respect to data security

Račanský, Jan

January 2014

Organizations that during the past years become accustomed to run its services on its on-premise solution, have increasingly to decide if they will in these days continue to operate their IT services in this way, or take advantage of new opportunities for cloud-based solution. However, the transition to this new technology, which entrusts their data into the hands of external companies, accompanied by a fear of security of their sensitive data. The main objective of this thesis is to propose a reference model that will assist organizations in their selection process of cloud service providers with respect to data security. In conclusion the quality and usefulness of this reference model is validated by knowledge and information, which are obtained during interviews with IT specialists.

Návrh a tvorba webové služby pro správu rodinných fotografií / Design and Implementation of a Family Photo Management Web Application

Macháč, Jan

January 2019

This thesis focuses on the design and development of a web application that offers help in managing family photographic material, with the emphasis on data integrity and security, and maximum transparency when handling personal information. The application will be usable on any device with a screen, web browser and internet connection. One of its key features will be face detection on uploaded photographs.

Výpočty v Cloudu / Cloud computing

Bräuer, Jonáš

January 2019

Bezpečnost a zachování důvěrnosti dat uložených s využitím veřejných cloudových služeb je dnes velmi aktuální téma. V této práci se, na rozdíl od tradičního šifrování, zabýváme možností využití dělení dat k zabezpečení citlivých dat. Cílem práce je implementovat a porovnat dva již publikované protokoly pro násobení matic využívající dva rozdílné přístupy dělení dat. Na základě jejich vlastností byla navržena originální varianta, která na rozdíl od původních protokolů zohledňuje i případ, kdy poskytovatelé cloudových slu- žeb tajně spolupracují. Všechny tyto protokoly byly naimplementovány za použití plat- formy Java a veřejných cloudových služeb. Na závěr byla změřena výkonnostní náročnost a zhodnoceny požadavky na úložiště.

Volba informační strategie nového elektronického obchodu / Choice of Information Strategy for a New E-Shop

Slunečko, Miroslav

January 2011

The diploma thesis analyzes the new e-shop, and chooses its information strategy. The chosen solution shall support the achievement of the company's goals through the effective use of information technology.

Posouzení informačního systému firmy a návrh změn / Information System Assessment and Proposal for ICT Modification

Řezáč, Michal

January 2014

This diploma work deals with the information system assessment and proposal for its modification. The theoretical part describes the basic concepts and issues related to information systems. The analytical part of assessing information system according to the methods for determining the current state. The design part is based on the analytical part and the main goal of this section is to design changes to improve the current situation with the subsequent economic evaluation.

Nasazení kontextového DLP systému v rámci zavádění ISMS / Deployment of the Context DLP System within ISMS Implementation

Imrich, Martin

January 2015

This diploma thesis focuses on a DLP implementation within a specific organization. The thesis contains current situation analysis and provides decision for choice of the most suitable DLP based on the analysis findings. Eventually describes a real implementation of the chosen DLP system within the organization.