izpis_h1_title_alt

Zagotavljanje varnosti pred napadi v kriptiranem prometu
ID HROVAT, ŠPELA (Author), ID Umek, Anton (Mentor) More about this mentor... This link opens in a new window

.pdfPDF - Presentation file, Download (2,84 MB)
MD5: 55BEB7F5E3EA902DF143854AF2F3AD88
PID: 20.500.12556/rul/15dc1046-7d9f-41f4-bd8f-4fbbcb69e9d4

Abstract
Glavni cilj diplomske naloge je obravnava težav pri varnostnem preverjanju šifriranega prometa spletnih povezav. Internetna in spletna varnost sta ogroženi na mnogo načinov. Večina povezav skozi javno omrežje je danes kriptiranih na transportni plasti. V prvem delu zato podajam potrebne osnove pomembnejših kriptografskih protokolov in njihovo vlogo na internetu. Podajam tudi pomen certifikatov in potek samega rokovanja. Delež šifriranega prometa se iz dneva v dan povečuje, s tem pa se povečujejo tudi varnostna tveganja na spletu. Kriptiran promet je potrebno varnostno nadzorovati in preverjati. Vidljivost v šifriranem prometu je ključna za varovanje podatkov. V primeru, da šifriranega prometa ne pregledujemo, obstaja velika verjetnost, da ne bomo zaznali določenih napadov, naša organizacija pa bo tako občutljiva na kršitve. Četrto poglavje naloge obravnava splošni pregled varnosti na nivoju šifiriranega prometa. Podane so najpogostejše ranljivosti in vrste napadov na transportni plasti. Seveda je skoraj nemogoče predstaviti vse izmed njih, saj jih je že samo v kriptografski knjižnici OpenSSL znanih preko 180 [1]. V nadaljevanju naloge obravnavam opis problemov na nivoju nekriptiranih povezav. V glavnem delu naloge navajam tudi analizo varnostnih rešitev, ki jih za kriptirani promet omogoča programska oprema proizvajalca F5 Networks. SSL zagotavlja varnost, vendar s seboj prinaša izzive na nivoju zagotovitve učinkovitega varovanja podatkov, zato je prav to fokus naslednjega poglavja. Glede na dosedanje trende bo kmalu obstajal le še kriptiran promet. V nadaljevanju podajam rešitev s pomočjo aplikacije vodilnega ponudnika rešitev v tehnologiji SSL, proizvajalca F5 Networks. Konkretna rešitev je izvedena s pomočjo vpogleda v šifriran promet in orkestracije le-tega.

Language:Slovenian
Keywords:SSL, TLS, https, varnost, orkestracija, ranljivost, napadi, vidljivost šifriranega prometa, F5 Networks
Work type:Bachelor thesis/paper
Organization:FE - Faculty of Electrical Engineering
Year:2018
PID:20.500.12556/RUL-99931 This link opens in a new window
Publication date in RUL:23.02.2018
Views:1588
Downloads:618
Metadata:XML DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Secondary language

Language:English
Title:Protection against attacks in encrypted traffic
Abstract:
The main goal of the thesis is the investigation of problems in security checks of encrypted web traffic. Both web and internet security are endangered in many ways. Most of the public network connections today are encrypted on the transport layer. In the first part, I therefore provide the necessary basics of important cryptographic protocols and their role on the internet. I also specify the importance of certificates and the course of the handshake itself. The percentage of encrypted traffic is increasing day by day thereby increasing the online security risks. Encrypted traffic must be securely supervised and checked. Visibility in encrypted traffic is crucial for data protection In the event that encrypted traffic is not reviewed, there is a high probability that we will not detect certain attacks, and our organization will be vulnerable to violations. Chapter four of the assignment examines a general overview of security at the encrypted traffic level. The most common vulnerabilities and types of attacks on the transport layer are specified. Of course it is almost impossible to present all of them, since there are over 180 of them in the OpenSSL cryptographic library alone [1]. In the continuation of the assignment, I discuss and describe problems at the level of non-encrypted connections. In the main part of the assignment I also provide an analysis of the security solutions provided by the software from the manufacturer F5 Networks for encrypted traffic. SSL provides security, but brings with it challenges at the level of ensuring effective data protection, which is why that is the focus of the next chapter. Given the current trends, soon there will only be encrypted traffic. In the continuation, I provide a solution with the help of an application from the leading provider of SSL technology solutions, manufactured by F5 Networks. The practical solution is carried out by means of insight into encrypted traffic and orchestration of said traffic.

Keywords:SSL, TLS, https, security, orchestration, vulnerabilities, attacks, encrypted traffic visibility, F5 Networks

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back