Zabezpečený přístup k lokální počítačové síti / Secure access to local area network

Kočiš, Jan

January 2016

This master's thesis deals with the field of secure access to the local area computer network. The main aim of the thesis is to characterize theoretical background of controlled access to computer networks, which includes security principles, recommended practices, authentication methods, network protocols and related processes. This thesis also includes practical usage of acquired knowledge by implementing secure access to local area network in a real environment. The first part characterize the theoretical principles underlying the design and implementation of the entire system. The practical part deals with the implementation of specific secure access to the local area computer network solution in the engineering company. The first part introduces the company, its environment and requirements. The following section describes performed analysis of the original state and based on the obtained information summarizes the proposed solution. Implementation of the comprehensive system of the controlled access to the local area network is described in detail in the next section. Description of the system deployment into production operation process, the definition of acceptance tests and recommendations for solving of potential issues are part of this work as well. Conclusion chapter contains summary of the system's economic aspects and the potential impacts on information systems operation in the company. Final evaluation summarizes the thesis, highlights the benefits of the implemented system and analyses its weak points, with recommendations for further development. It finds the designed secure access to the local network as a suitable, secure and practical way to control access to local network resources.

Autentizace síťových portů pomocí protokolu 802.1X ve firemním prostředí

Malinka, Tomáš

January 2014

This thesis describes the draft and implementation of a new security with 802.1x in the corporate environment. The work is divided into two parts. The first part outlines the topic theoretically and the second part solves specific draft using 802.1x and its implementation in the corporate environment. The implementation is outlined with configuration of end clients, switches including RADIUS server and settings in AD. During the implementation, there is also described the authentication of devices by Mac Authentication Bypass.

Implementace OTP ve vybraném systému / OTP implementation in a selected information system

Jajtner, Petr

January 2016

At present, it is necessary to protect sensitive data against abuse, but also allow au-thorized persons to change these data. To increase the security of logging for authorized persons we often introduce a two-factors authentication, where the first step is verification of the user's identity and in a second step is required to insert a one-time password called OTP. This thesis deals with implementation of OTP and integration into the selected sys-tem. It also includes test and verification of the functionality of the selected solution.

Správa vývojové dokumentace přes WWW I / Administration of development documetation over WWW I

Kolář, Miroslav

January 2008

Master`s thesis is based on the assignment of company Honeywell to create integral system for saving and management of development documentation. Designed system will introduce data warehouse with transparent display of documents being connected with development of customer’s requirements, products and tests, test runs. Solution consists of two parts: A – Requirements and Products and B – Tests, Test runs and Person, whereas Master`s thesis deals with the part B. For system creation utilities of following programming languages were used HTML, PHP, JavaScript and database system MySQL. In the first phase was designed database structure (tables and relations between them). Except that was designed structure for authorization algorithm and integral concept of whole application was created. The second phase is realization. At first are created supporting algorithms. It is servicing database by functions, uniform displaying results from database and authorized access of users to the application. Further data library for integral display data forms, based on used template system Smarty and other libraries, f.e. attribution of the files to records in SQL tables. Important part was implementation of designed database system and related programs. In Tests and Test runs there is user interface established and individual relations between them. According to assignment all fundamental programs were designed together with support instruments. Individual source files are saved in transparent structure of folders, so this structure is possible to apply on any computer, where are installed programs to web hosting. The result of Master`s thesis is then integrated progress report together with functional source codes.

Bezpečnost lokálních počítačových sítí / Solving of Security Problems in Local Networks

Marek, Martin

January 2010

The diploma thesis is concerned with solving security problems in local computer networks. The main part deals with the solution of authorization of wireless clients against the RADIUS server and with the proposal of domain controller using open-source products and the tools of operating system GNU/Linux.

Vybrané činnosti ve výstavbě / Specified construction activities

Závěrková, Jana

January 2015

The thesis focuses to define the concept of selected activities in construction and further entities which are allowed to conduct the activities in construction and what qualification is needed for them and what is their range of responsibility. The thesis is divided on two parts. The theoretical part deals to define the basic concepts, which origins in law. The practical part contains exact example on which are, used activities of authorized persons, their duties during the activities in construction and their responsibility. The essential part of the thesis are the proposals and recommendations, which could open the discussion for some future changes leading to more effective achievement in selected activities in construction.

FreeIPA - správa přístupu dle URI / FreeIPA - URI Based Access Management

Hellebrandt, Lukáš

January 2016

Cílem práce je navržení a implementace řízení přístupu na základě URI požadovaného zdroje. Pro implementaci bylo jako základ použito rozšíření Host Based Access Control v nástroji pro správu identit FreeIPA. Zároveň bylo třeba rozšířit související infrastrukturu, především program SSSD. Jako příklad aplikace využívající HBAC na základě URI byl implementován autorizační modul pro Apache HTTP Server. Zásadním řešeným problémem byl návrh infrastruktury pro komunikaci nezbytných parametrů a návrh strategie vyhodnocení HBAC pravidel definujících přístupová práva. Kompletní řešení bylo předvedeno na příkladu zabezpečení instance webové aplikace Wordpress.

Systém pro sledování práce uživatelů na platformě Windows Azure / A System for End-User Monitoring on Windows Azure Platform

Tínes, Lukáš

January 2012

This thesis discusses design and implementation of a cloud computer system which processes end-user monitoring data. Using a defined web service interface, the system is receiving raw monitoring data and then it processes them. Finally, it presents the data to end-users. Entire application is written in C# and deployed to the Windows Azure Platform.

Autentizace a autorizace uživatele v počítačových sítích nové generace / User Authentication and Autorization for New Generation Networks

Přibyl, Radek

Unknown Date

This document describes methods of user authentication and authorisation via a trusted server. There is analysis of the system Kerberos, which is used as an inspiration for desing of a new authentication scheme. There are analysed programming layers and interfaces for specific applications ensuring user authentication and authorisation. The document contains a design and detailed description of a new authentication scheme. This scheme is implemented into the communication between email client and imap server.

Výber autentizačnej metódy pri prihlasovaní do elektronického bankovníctva v nadväznosti na zrušenie autentizácie GRID kartou / Choose authentication method for logging in to the electronic banking at the same time as cancellation of GRID cards authentication

Mazák, Matej

January 2017

The aim of this Master thesis is to choose appropriate authentication method for logging in to the electronic banking. The chosen solution will serve as an additional factor for authentication and authorization of client and at the same time as the replacement of the outdated security method GRID card. Development and direction of the electronic banking is explained in the theoretical part of the thesis. Further on, the advantages of this channel that are provided to clients and bank, are described. Some of the trends which daily affect the direction of the electronic banking are also described. Security is very important part of the electronic banking and that is why it is mentioned in the each part of this thesis. The practical part contains proposed cancellation procedure of GRID cards and proposal of the new solutions that could replace them in the future. It also contains selection and description of evaluation criteria and multi-criteria evaluation of the selected solutions. Saaty method and scoring method were used to determine the weight of the particular criteria. Conclusion of the thesis compares achieved results of the individual authentication methods and assets of this Master thesis.