| | SLO | ENG | Cookies and privacy

Bigger font | Smaller font

Show document Help

Title:Analiza varnosti sistema authq
Authors:ID Završnik, Maša (Author)
ID Werber, Borut (Mentor) More about this mentor... New window
Files:.pdf MAG_Zavrsnik_Masa_2023.pdf (1,97 MB)
MD5: 0D9EFB42C93A7E6FD434D581C1A5A594
 
Language:Slovenian
Work type:Master's thesis/paper
Typology:2.09 - Master's Thesis
Organization:FOV - Faculty of Organizational Sciences in Kranj
Abstract:V magistrski nalogi smo se poglobili v analizo varnosti sistema AuthQ, ki je vstopil na trg kot odgovor na naraščajočo potrebo po rešitvah na področju digitalne varnosti. V današnjem hitro napredujočem digitalnem okolju, ko tehnološki mejniki padajo skoraj vsak dan, se postavlja nujno vprašanje, kako zagotoviti, da novi inovativni produkti, kot je AuthQ, ne samo izpolnjujejo, ampak presegajo najvišje standarde varnosti in zaupanja. Spletne grožnje nenehno nastajajo, zato je nujno, da se vsi vidiki sistema temeljito preverijo in ovrednotijo, še preden se produkt ponudi v uporabo. Naša prva naloga je bila prepoznati ključne standarde, ki jih AuthQ mora doseči, da bi se lahko učinkovito certificiral in svojim uporabnikom zagotovil visoko stopnjo zaupanja. Hkrati smo analizirali raznovrstne pristope za testiranje varnosti sistema, saj le testiranje omogoča odkritje morebitnih ranljivosti in njihovo pravočasno odpravo. Takšen pristop zagotavlja, da AuthQ ni le obetaven na papirju, ampak ima trdno podlago za svoj razvoj. Nadaljnja faza je obsegala varnostno analizo sistema, ki je zajemala prepoznavanje morebitnih groženj, oceno tveganja in analizo po metodologiji DREAD. To nam je omogočilo jasen vpogled v morebitne šibke točke sistema in kritična področja, ki zahtevajo posebno pozornost. Celosten pristop k analizi varnosti nam omogoča, da zaznamo morebitne težave in se ustrezno pripravimo na njihovo reševanje. S končnimi sklepi in podprto s SWOT-analizo smo se lotili vprašanja prihodnjega razvoja AuthQ. Ugotovili smo, da je ta produkt perspektiven in vreden nadaljnjega razvoja v okolju, kjer je varnost ključna. Obenem smo se zavedali, da se pojavljajo izzivi, ki zahtevajo preudarnost in strategijo. Prilagajanje zakonodaji, sodelovanje s strokovnjaki za testiranje in vzdrževanje certifikacij so ključni elementi, ki bodo omogočili AuthQ, da ostane odgovor na zahtevne izzive digitalne dobe tudi v prihodnosti.
Keywords:standardi kakovosti, eIDAS, varnost na spletu, SSL-certifikati
Place of publishing:Maribor
Year of publishing:2023
PID:20.500.12556/DKUM-85626 New window
COBISS.SI-ID:174472963 New window
Publication date in DKUM:01.12.2023
Views:262
Downloads:14
Metadata:XML RDF-CHPDL DC-XML DC-RDF
Categories:FOV
:
Copy citation
  
Average score:(0 votes)
Your score:Voting is allowed only for logged in users.
Share:Bookmark and Share


Hover the mouse pointer over a document title to show the abstract or click on the title to get all document metadata.

Licences

License:CC BY-NC-ND 4.0, Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International
Link:http://creativecommons.org/licenses/by-nc-nd/4.0/
Description:The most restrictive Creative Commons license. This only allows people to download and share the work for no commercial gain and for no other purposes.
Licensing start date:05.09.2023

Secondary language

Language:English
Title:Analyzing the security of the authq system
Abstract:In our master's thesis, we delved into a comprehensive analysis of the security system AuthQ, which entered the market as a response to the growing need for advanced solutions in digital security. In today's rapidly advancing digital environment, where technological milestones are being reached almost every day, the critical question arises of how to ensure that new innovative products, like AuthQ, not only meet but exceed the highest standards of security and trust. Online threats are constantly evolving, making it crucial for all aspects of the system to be thoroughly examined and evaluated before the product is offered for use. Our first task was to identify the key standards that AuthQ must achieve in order to effectively certify itself and provide a high level of trust to its users. We analyzed various approaches for testing the security of the system, as only testing allows for the discovery of potential vulnerabilities and their timely rectification. Such an approach ensures that AuthQ is not only promising on paper but has a solid foundation for its development. The next phase involved a security analysis of the system, encompassing the identification of potential threats, risk assessment, and a deep dive analysis using the DREAD methodology. This provided us with a clear insight into potential weak points of the system and critical areas that require special attention. A holistic approach to security analysis enables us to anticipate potential issues and adequately prepare for their resolution. With final conclusions supported by a SWOT analysis, we approached the question of AuthQ's future development. We found that it is promising and worth further development in an environment where security is paramount. Simultaneously, we acknowledged that challenges arise, demanding prudence and strategy. Adapting to legislation, collaborating with security testing experts, and maintaining certifications are key elements that will enable AuthQ to remain a response to the demanding challenges of the future.
Keywords:Quality standards, eIDAS, online safety, SSL certificates


Comments

Leave comment

You must log in to leave a comment.

Comments (0)
0 - 0 / 0
 
There are no comments!

Back
Logos of partners University of Maribor University of Ljubljana University of Primorska University of Nova Gorica