Browse IS/STAG - Portál UTB

Skip to page content
Website UTB
Portal title page UTB
Anonymous user Login Česky
Browse IS/STAG
Login Česky
  • Welcome
  • Browse IS/STAG
  • Applicant
  • Graduate
  • Web services
  • ECTS
  • User Info
Welcome
Browse IS/STAG
Information for applicantsElectronic applicationECTS arrivals
Getting startedAlumni ClubAbsolvent - website
Web services
ECTS
User Info

1st level navigation

  • Welcome
  • Browse IS/STAG
  • Applicant
  • Graduate
  • Web services
  • ECTS
  • User Info
User disconnected from the portal due to long time of inactivity.
Please, click this link to log back in.
(Sessions are disconnected after 240 minutes of inactivity. Note that mobile devices may get disconnected even sooner).

Prohlížení IS/STAG (S025)

Help

Main menu for Browse IS/STAG

  • Programmes and specializations.
  • Courses
  • Departments
  • Lecturers
  • Students
  • Examination dates
  • Timetable events
  • Theses, selected item
  • Pre-regist. study groups
  • Rooms
  • Rooms – all year
  • Free rooms – Semester
  • Free rooms – Year
  • Capstone project
  • Times overlap
  •  
  • Title page
  • Calendar
  • Help

Search for a Thesis

Print/export:  Bookmark this link in your browser so that you may quickly load this IS/STAG page in the future.
Only logged-in user will see student personal numbers.

Dates found, count: 1

Search result paging

Found 1 records Print Export to xls List URL
  Surname Name Title Thesis status   Supervisors Reviewers Type of thesis Date of def. Title
Student Type of thesis - - - - - - - - - -
Item shown in detail Mirre Includes the selected person into the timetable overlap calculation. Adam Password Compromise Monitoring Tool Password Compromise Monitoring Tool Thesis finished and defended successfully (DUO).   Malaník David Švejda Jaromír Master's thesis 1694383200000 11.09.2023 Password Compromise Monitoring Tool Thesis finished and defended successfully (DUO).
Adam Mirre Master's thesis 0XX 0XX 0XX 0XX 0XX 0XX 0XX 0XX 0XX 0XX

Thesis info Nástroj pro monitoring kompromitace hesel

  • Basic data
The document you are accessing is protected by copyright law. Unauthorised use may lead to criminal sanctions.
Name Mirre Adam Includes the selected person into the timetable overlap calculation.
Acad. Yr. 2022/2023
Assigning department AUIUI
Date of defence Sep 11, 2023
Type of thesis Master's thesis
Thesis status Thesis finished and defended successfully (DUO). Thesis finished and defended successfully (DUO).
Completeness of mandatory entries - All mandatory fields for this Thesis are filled in.
Main topic Nástroj pro monitoring kompromitace hesel
Main topic in English Password Compromise Monitoring Tool
Title according to student Nástroj pro monitoring kompromitace hesel
English title as given by the student Password Compromise Monitoring Tool
Parallel name -
Subtitle -
Thesis supervisor Malaník David, Ing. Ph.D.
External examiner Švejda Jaromír, Ing. Ph.D.
Annotation Cieľom diplomovej práce bolo vytvoriť a popísať nástroj na monitoring kompromitácie hesiel, ktorý umožní používateľovi overiť kompromitáciu. Teoretická časť pojednáva o kryptografických základoch a aplikácii hashov, venuje sa dejinám, použitiu a zmysluplnosti hesiel a skúma bezpečnostné mechanizmy, ktoré bežne využívajú webové prehliadače, ako napríklad Content Security Policy, a tiež spôsoby využitia týchto mechanizmov vo webových aplikáciách. Ďalej sa pojednáva o výbere vhodných zdrojov dát pre overenie kompromitácie, a časť končí rozborom scenárov nasadenia. Praktická časť vysvetľuje architektúru aplikácie vytvorenej k diplomovej práci, vybrané implementačné detaily, pridružené nástroje a metódy použité na overenie správnosti správania programu.
Annotation in English The aim of the thesis has been to program and describe a tool that enables the user to verify the potentiality of a credential breach. The theoretical part analyses the cryptographic foundations of hashing and their application, the history, usage as well as rationale of passwords. It explores security mechanisms commonly employed by web browsers, such as Content Security Policy, and also how web applications can make use of them. Potential data sources are then evaluated, and the part concludes by pondering deployment scenarios. The practical part explains the application architecture, chosen implementation details, associated tooling, and methods used to validate the correctness of program's behaviour.
Keywords Hesla, Monitoring kompromitace, Únik hesla, Bezpečnost webů
Keywords in English Passwords, Compromise monitoring, Password breach, Web security
Length of the covering note 82
Language AN
Annotation
Cieľom diplomovej práce bolo vytvoriť a popísať nástroj na monitoring kompromitácie hesiel, ktorý umožní používateľovi overiť kompromitáciu. Teoretická časť pojednáva o kryptografických základoch a aplikácii hashov, venuje sa dejinám, použitiu a zmysluplnosti hesiel a skúma bezpečnostné mechanizmy, ktoré bežne využívajú webové prehliadače, ako napríklad Content Security Policy, a tiež spôsoby využitia týchto mechanizmov vo webových aplikáciách. Ďalej sa pojednáva o výbere vhodných zdrojov dát pre overenie kompromitácie, a časť končí rozborom scenárov nasadenia. Praktická časť vysvetľuje architektúru aplikácie vytvorenej k diplomovej práci, vybrané implementačné detaily, pridružené nástroje a metódy použité na overenie správnosti správania programu.
Annotation in English
The aim of the thesis has been to program and describe a tool that enables the user to verify the potentiality of a credential breach. The theoretical part analyses the cryptographic foundations of hashing and their application, the history, usage as well as rationale of passwords. It explores security mechanisms commonly employed by web browsers, such as Content Security Policy, and also how web applications can make use of them. Potential data sources are then evaluated, and the part concludes by pondering deployment scenarios. The practical part explains the application architecture, chosen implementation details, associated tooling, and methods used to validate the correctness of program's behaviour.
Keywords
Hesla, Monitoring kompromitace, Únik hesla, Bezpečnost webů
Keywords in English
Passwords, Compromise monitoring, Password breach, Web security
Research Plan
  1. Specifikujte požadavky na systém s ohledem na jeho zabezpečení.
  2. Vyberte vhodné zdroje dat pro ověření kompromitace hesel.
  3. Navrhněte systém pro online správu vlastní databáze kompromitovaných loginů.
  4. Navržený systém implementujte v testovacím prostředí a ověřte jeho funkčnost.
  5. Ověřte izolaci uživatelských účtů Vašeho systému. Popište bezpečnostní mechanismy, které ji zajišťují.
Research Plan
  1. Specifikujte požadavky na systém s ohledem na jeho zabezpečení.
  2. Vyberte vhodné zdroje dat pro ověření kompromitace hesel.
  3. Navrhněte systém pro online správu vlastní databáze kompromitovaných loginů.
  4. Navržený systém implementujte v testovacím prostředí a ověřte jeho funkčnost.
  5. Ověřte izolaci uživatelských účtů Vašeho systému. Popište bezpečnostní mechanismy, které ji zajišťují.
Recommended resources
  1. S. Stamm, B. Sterne, and G. Markham, Reining in the Web with Content Security Policy, in Proceedings of the 19th International Conference on World Wide Web, ser. WWW ’10, 2010, p. 921–930
  2. OWASP top 10 web application security risks. [Online]. Available: https://owasp.org/www-project-top-ten/
  3. Lukas Weichselbaum, Michele Spagnuolo, Sebastian Lekies, and Artur Janc. 2016. CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16). Association for Computing Machinery, New York, NY, USA, 1376–1387. https://doi.org/10.1145/2976749.2978363
  4. Jean-Philippe Aumasson, Serious Cryptography, No Starch Press, 2017, ISBN-13: 9781593278267
  5. Sivathanu, Gopalan & Wright, Charles & Zadok, Erez. (2005). Ensuring data integrity in storage: techniques and applications. 26-36. 10.1145/1103780.1103784.
  6. A. K. Pandey et al., "Key Issues in Healthcare Data Integrity: Analysis and Recommendations," in IEEE Access, vol. 8, pp. 40612-40628, 2020, doi: 10.1109/ACCESS.2020.2976687.
  7. "Site Isolation - The Chromium Projects." [Online]. Available: https://www.chromium.org/Home/chromium-security/site-isolation
Recommended resources
  1. S. Stamm, B. Sterne, and G. Markham, Reining in the Web with Content Security Policy, in Proceedings of the 19th International Conference on World Wide Web, ser. WWW ’10, 2010, p. 921–930
  2. OWASP top 10 web application security risks. [Online]. Available: https://owasp.org/www-project-top-ten/
  3. Lukas Weichselbaum, Michele Spagnuolo, Sebastian Lekies, and Artur Janc. 2016. CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16). Association for Computing Machinery, New York, NY, USA, 1376–1387. https://doi.org/10.1145/2976749.2978363
  4. Jean-Philippe Aumasson, Serious Cryptography, No Starch Press, 2017, ISBN-13: 9781593278267
  5. Sivathanu, Gopalan & Wright, Charles & Zadok, Erez. (2005). Ensuring data integrity in storage: techniques and applications. 26-36. 10.1145/1103780.1103784.
  6. A. K. Pandey et al., "Key Issues in Healthcare Data Integrity: Analysis and Recommendations," in IEEE Access, vol. 8, pp. 40612-40628, 2020, doi: 10.1109/ACCESS.2020.2976687.
  7. "Site Isolation - The Chromium Projects." [Online]. Available: https://www.chromium.org/Home/chromium-security/site-isolation
Týká se praxe No
Enclosed appendices CD ROM
Appendices bound in thesis -
Taken from the library No
Full text of the thesis
Appendices
Reviewer's report
Supervisor's report
Defence procedure record file