Josef Horalek

Security Issues of Mobile Application Using Cloud Computing

Security issues of the mobile application using cloud computation services are discussed in this paper. Communication between smart phone as a client on the one side and cloud server on the other is described. Security analyse for proposed solution of the health monitoring application is introduced as well. Data about health of the person are one of the most confidential thus need to be secured against different types of threats. Proposed solution is based on the smartphone as a client gathering data and the cloud servers as a computational platform for data storage and analysing. The sensors embedded in the smart phone measure data about monitored person then are partly processed and sent to the server by the internet connection for the deeper analysis.

Communication protocols in substation automation and IEC 61850 based proposal

The automation of control systems of substations in the energy industry uses a variety of specialized standards, technologies and protocols. Among the most frequently used belong MODBUS, IEC60870, DNP3 and IEC61850 protocols. The present paper analyses and compares approaches to data communication among the abovementioned protocols with the main focus on modern standard IEC61850. The paper was created on the basis of experience while implementing data communications for ČEPS a.s., the national distributor in the Czech Republic.

Lower Layers of a Cloud Driven Smart Home System

This presented article introduces utilization of a cloud solution as a part of inovative smart home system (HAUSY - Home Automation System). This solution is based on highly modular structure, which ensures a unique solution for individual implementations. In scope of the presented solution, a universal architecture not requiring a specialized hardware for its utilization is suggested. In the first part, the original three-part smart home system architecture and the functionality of individual layers are introduced. The second part of the article introduces a specific solution for functionalities and communication between individual end nods and microcontrollers. The suggested solution is unique for its option of personalizations of user access and priorities, comfortable interface for defining rules of autonomous operations, and the option of connecting external systems via a unified API with the option of using cloud.

Effective penetration testing with Metasploit framework and methodologies

Nowadays, information security is very important, because more and more confidential information, like medical reports, is being stored electronically on computer systems and those systems are often connected to computer networks. This represents new challenges for people working in information technology. They have to ensure that those systems are as much secure as possible and confidential information will not be revealed. One possible way how to prove system security is to conduct regular penetration tests - e.g. simulate attackers malicious activity. This article briefly introduces the basics of penetration testing and shows how to deploy and use Metasploit framework when conducting penetration testing. Finally, a case study in production environment is shown. Software tools and techniques described in this work are also valid and applicable for SCADA systems and moreover in any other field where computer networks are used.

Statistics and analysis of service availability in cloud computing

This paper focuses on solving the problem of measuring and monitoring service availability in Cloud Computing. It introduces existing Service-Level Agreement (SLA) monitoring approaches and frameworks. On this basis, it presents a new approach which monitors cloud service availability from the client-centric point of view. This approach was designed, implemented and tested on a sample cloud environment. The measured data is statistically analyzed to obtain results which are as accurate as possible. The entire process of monitoring and statistical analysis is automated so that it can be incorporated in further research to create a complete solution for managing SLA in Cloud Computing from a client-centric perspective.

Remote laboratory for computer networks

The article introduces the reasons for realisation of the remote laboratory of computer networks which originate from the comparisons of the alternatives of working with the specialised networking hardware. These use the principle of virtualisation or simulation of such devices as an alternative for obtaining competencies from the area of computer networks. Due to this reason, this article discusses other technical solutions and the analysis of usability of such solutions is conducted. For a maximal efficiency of the networking hardware utilization in laboratories it is necessary to make it fully available for students which is the 24/7 regime. This option can be executed using secure technologies and protocols for distant accessing of laboratory hardware. This solution, which is based on using console controllers and single utility interface, is introduced and described in detail in the following paragraphs. Moreover, from the analysis of the pilot operation of remote access to the laboratory equipment of the networking laboratory, suggestions for improvement of the current solution and its usage in fully working condition - access to a greater number of students in unlimited regime - can be obtained.

The deployment of Security Information and Event Management in cloud infrastructure

This article deals with the problematics of data safety and security in cloud environment while using Security Information and Event Management (SIEM). This article introduces and critically assesses the basic principles of SIEM in data infrastructure, its deployments in specific cloud environment, and technical requirements for SIEM solution implementation into a cloud environment applied to individual cloud distribution models.

Methods of deploying security standards in a business environment

Information is the essential building block of society and is found in each field of business. They can represent a business plan, personnel data, manufacturing know-how, financial transactions and many others. Information is part of company assets and thus has to be protected. This article describes methods of deploying security standards in a business environment. The practical part of the article describes implementation of Information Security Management System in a real automotive company located in the Czech Republic.

Gateway redundancy protocols

This paper covers how to increase the availability of data networks. Issue of high available services is very actual today. Redundancy is usually solved by the Spanning Tree Protocol on the 2nd layer of ISO/OSI model. This paper is dedicated to redundancy on 3rd layer of ISO/OSI model. The goal of paper is to explore possible solutions for the default gateway redundancy to increase availability of external networks. The survey is focused on FHRP (First Hop Redundancy Protocol) protocols, description of their functionality, network communication, and basic configuration. Next aim of the paper is comparison of these protocols and real time measurements of protocol performance. Outcome of the paper is functional description of HSRP, VRRP and GLBP protocols. Meaning of parameters in communication messages of HSRP and VRRP protocols is explained further. Paper contains basic configuration for every protocol with brief explanation of configuration commands. Measurements delay of choosing new active gateway has been performed on physical topology with physical devices. Latest version of FHRP was used during these measurements. The measured results indicate that performance of tested FHRP protocols is almost equivalent.

Performance comparison of selected virtualization platforms

The suitability assessment of implemented virtual platform must precede the implementation itself. The aim of the article is to experimentally assess the performance of freely available virtualization tools in several aspects. In the process of virtualization of any environment the performance decreases regarding a host system because of an application of isolating technologies. The performance parameters of CPU, inquired in two different tests, speed of retrieving and writing on a virtualized hard disc and also speed of response of a virtual network interface were chosen for comparison. The aim of the article is also to present the results of testing and chosen tested tools together with used methodology. The measured values are presented in graphs and accompanied by their interpretations. On the grounds of measured values one of the tested virtualization tools is recommended, which measured values shown the best characteristics.