izpis_h1_title_alt

Dinamično dodeljevanje dostopa do omrežnih naprav
KRMELJ, GREGOR ROBERT (Author), Ciglarič, Mojca (Mentor) More about this mentor... This link opens in a new window, Pančur, Matjaž (Co-mentor)

.pdfPDF - Presentation file, Download (1,40 MB)

Abstract
Programska oprema postaja vse bolj kompleksna, tako po številu vrstic kot tudi po funkcionalnosti. V želji, da bi programski izdelek čim prej tržili velikokrat programska oprema vsebuje določene pomanjkljivosti zaradi katerih izdelek nima zadostne zaščite. Obstoječi varnostni mehanizmi, ki naj bi zagotavljali, da aplikacije ne bi bile dostopne za neznane oziroma nezaželene uporabnike, se ponavadi aktivirajo šele v višjih slojih aplikacij. Z obstoječimi varnostnimi mehanizmi praviloma težje določimo, ali ima uporabnik pravice dostopa na nižjih slojih. V primeru, ko so ranljivi mehanizmi avtentikacije in avtorizacije, je ogrožena splošna varnost programske storitve. Diplomsko delo predstavi možnost omejitve dostopa do sistema na omre\-žnem sloju, tako da dinamično dodelimo pravice uporabniku v požarnem zidu. Posledično to omogoča, da storitev vzpostavimo na internetu in da je le ta omrežno nevidna vsem neavtoriziranim uporabnikom.

Language:Slovenian
Keywords:omrežje, internet, požarni zid, SDP, SPA, varnost, OpenSPA, OpenSDP, skrite storitve
Work type:Bachelor thesis/paper (mb11)
Organization:FRI - Faculty of computer and information science
Year:2018
Views:431
Downloads:158
Metadata:XML RDF-CHPDL DC-XML DC-RDF
 
Average score:(0 votes)
Your score:Voting is allowed only to logged in users.
:
Share:AddThis
AddThis uses cookies that require your consent. Edit consent...

Secondary language

Language:English
Title:Dynamic Access Control to Network Devices
Abstract:
Today’s software is getting more complex by the number of lines of code as well as the number of included features. Due to the rising complexity of software and market demands to release new products, the number of new vulnerabilities is on the rise too. Current mechanisms to defend against unauthorized access are usually implemented in higher layers of the network stack. Limiting access in the application layer is a common practice, while lower layers access rights are harder to implement. The problem becomes evident when an application is vulnerable and the mechanisms of authentication and authorization are threatened. This thesis proposes a method of user authentication and authorization which functions on the network layer by dynamically assigning firewall rules. This in turn facilitates deployment of dark network applications on the internet - applications which are accessible on the network layer only to authorized users.

Keywords:network, internet, firewall, SDP, SPA, security, OpenSPA, OpenSDP, hidden services

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Comments

Leave comment

You have to log in to leave a comment.

Comments (0)
0 - 0 / 0
 
There are no comments!

Back