| Abstract [eng] |
Nowadays, there is an increasing trend that more and more companies are allowing employees to use their smart devices. The performance of laptops is not inferior, and sometimes even surpasses that of enterprise workstations. Such a rapid change in technological performance allows an employee to choose a job not from an office environment, but from a comfortable, home, or other environment that he or she will choose to perform his or her duties. Some employees choose their personal equipment for different reasons: sometimes it is more powerful than what the company offers, or the employee is simply more comfortable using their personal device that is always with them. According to Gartner’s business surveys, the use of BYOD policies in companies is becoming an increasingly common practice. When using personal equipment, an increase in employee productivity and satisfaction was observed, additionally allowing the company to save on the purchase of equipment and maintenance of employees' workplaces. BYOD typically includes devices such as mobile devices and tablets, but BYOD can also be applied to personal laptops. While BYOD integration offers many benefits to the company, the company must also consider security vulnerabilities. Before allowing BYOD devices to work in a company, a plan must be drawn up for how to protect such devices in the event of loss or burglary, how to manage them, and authenticate them in the system. Typically, to securely connect to a company’s infrastructure, companies use VPN solutions that allow employees to easily connect to all the resources they need to work. BYOD is one of the more popular strategies used in businesses to allow the use of personal devices for work. The object of the master's thesis research is a system of secure authentication of mobile devices. Work structure: − In the first part, we review the security analysis of portable devices used in enterprises. In the analysis, we examine in detail the vulnerabilities of the mentioned devices, emerging security threats and security technologies designed to address security threats. − The second part presents a model of a secure authentication system for personal devices used in enterprises. We present the system architecture, client, server and proxy broker communication schemes, and system operation mechanisms. In this section, we also provide a description of the system prototype implementation. − The third part examines the rate of false-authenticated clients of the authentication system with two different system configurations. The speed of the authentication system is also studied, together with the speed of termination of unauthorized programs and the performance indicator of terminated programs. Based on the obtained results, recommendations are made as to which configuration is best for which case. − Conclusions are presented at the end of the work. |
