izpis_h1_title_alt

Implementacija programsko določljivega roba omrežja s tuneli WireGuard
ID SUHADOLNIK, URBAN (Author), ID Ciglarič, Mojca (Mentor) More about this mentor... This link opens in a new window, ID Grohar, Miha (Comentor)

.pdfPDF - Presentation file, Download (950,26 KB)
MD5: 6916F2CC65068784924E5ED3434B11AB

Abstract
Na področju računalniške varnosti se iz leta v leto soočamo z novimi izzivi in tveganji. V omrežje vključujemo podedovane naprave in naprave interneta stvari, ki so pogosto varnostno ranljive. Zaradi nenehnega naraščanja števila naprav in kompleksnosti internih omrežij moramo iskati nove rešitve za zagotavljanje računalniške varnosti. Pristop programsko določljivega omrežja ponuja nove možnost. V diplomski nalogi raziščemo izzive segmentacije omrežja in oddaljenega dostopa. Pregledamo koncept programsko določljivega roba, predlagamo nadgradnjo s pomočjo tunelov WireGuard in razvijemo svojo implementacijo T-SDP. Novo implementacijo SDP smo implementirali v topologiji odjemalec-krmilnik-prehod. Kontrolna komunikacija poteka v obliki HTTP REST klicev med odjemalcem in krmilnikom ter med krmilnikom in prehodom. Podatkovna povezava poteka neposredno med odjemalci in prehodi preko protokola za tuneliranje WireGuard. Končni rezultat diplome je funkcionalna specifikacija in prototipni sistem T-SDP, ki izboljša varnost in bi lahko nadomestila omrežja VPN.

Language:Slovenian
Keywords:Programsko določljiv rob omrežja, SDP, Programsko določljivo omrežje, SDN, Požarni zid, Modeliranje napadalca, Tunel, WireGuard, Oddaljen dostop, VPN, Varnost, IoT, Kibernetska varnost
Work type:Bachelor thesis/paper
Typology:2.11 - Undergraduate Thesis
Organization:FRI - Faculty of Computer and Information Science
Year:2021
PID:20.500.12556/RUL-129719 This link opens in a new window
COBISS.SI-ID:76056067 This link opens in a new window
Publication date in RUL:07.09.2021
Views:1292
Downloads:151
Metadata:XML DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Secondary language

Language:English
Title:Software defined perimeter implementation with WireGuard tunnels
Abstract:
In the field of computer security, we face new challenges and risks year after year. Modern networks include Legacy devices and Internet of Things devices that are often vulnerable to exploitation. Due to the ever-increasing complexity of internal networks, we need to explore new approaches to ensure network security. Software defined networks offer such new possibilities. In this thesis, we explore the challenges of network segmentation and remote access. We review the concept of software defined network, propose an improvement to SDP using WireGuard tunnels, and develop our own SDP implementation. We have made T-SDP in the client-controller-gateway topology. Control communication takes place in the form of HTTP REST calls between client and controller and between controller and gateway. Data connection takes place directly between clients and gateways via the WireGuard tunnels. The result of this thesis is a functional specification and SDP prototype T-SDP which is more secure and could replace VPNs in the future.

Keywords:Software defined perimeter, SDP, Software defined network, SDN, Firewall, Adversary modeling, Tunnel, WireGuard, Remote access, VPN, Security, IoT, Cybersecurity

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back