Sirvi Autor "Krips, Kristjan, juhendaja" järgi

Nüüd näidatakse 1 - 6 6

Authorization of Web Requests Based on Merkle Trees
(Tartu Ülikool, 2020) Eesmaa, Gregor; Krips, Kristjan, juhendaja; Tartu Ülikool. Loodus- ja täppisteaduste valdkond; Tartu Ülikool. Arvutiteaduse instituut
People should not have access to unauthorized data. Web applications can employ many different authentication and authorization schemes to accomplish this. To prove user permissions, session IDs or signed sets of claims are often used. However, scalability and efficiency are increasingly important in microservice architecture. It is also beneficial to decrease privacy risks when communicating with unknown parties. Thus, we propose a way of signing and selectively transmitting a large set of claims using the Merkle tree. In addition, we implement a JavaScript library based on the concept, that is optimized
E-election Processes on the Example of the Parliamentary Elections of the Republic of Estonia
(Tartu Ülikool, 2024) Ütsik, Lauri; Krips, Kristjan, juhendaja; Villemson, Jan, juhendaja; Tartu Ülikool. Loodus- ja täppisteaduste valdkond; Tartu Ülikool. Arvutiteaduse instituut
The scope of this master's thesis is the modelling of the processes of Estonian e-elections in the BPMN modelling language, from the obligation to organise elections arising from the Constitution of the Republic of Estonia to the last sub-process, which is the destruction of the system disk, key shares and e-votes used for e-election procedures. The more precise focus of the work is aimed at auditing e-elections. The process modelling is followed by the analysis part, in which inconsistencies between the instructional material and the actual situation are pointed out, and opportunities for improvement are proposed. The research was carried out using the example of the Parliamentary elections of the Republic of Estonia.
Eesti infoturbe standardi (E-ITS) nõuete kirjeldamine riigihangetes
(Tartu Ülikool, 2024) Koit, Kadri; Krips, Kristjan, juhendaja; Tartu Ülikool. Loodus- ja täppisteaduste valdkond; Tartu Ülikool. Arvutiteaduse instituut
Estonia, one of the world's most digitally dependent countries, confronts significantly greater repercussions from cyber threats compared to many other nations. In response to this pressing challenge, the Estonian government has introduced the new Estonian Information Security Standard (E-ITS), aimed at bolstering information security management across enterprises of varying scales. The obligation to implement the standard applies to all organizations within the scope of the Cyber Security Act, effective from January 2023. A considerable proportion of these entities no longer maintain their own IT infrastructure and procure IT services from external service providers. However, the introduction of the standard has created a conundrum where procurement processes still make reference to previously applicable ISKE system, indicating the complexities and challenges of the transition period. On the other hand, there exists an issue pertaining to the vagueness in the technical specifications of procurements, resulting in ambiguity regarding the party responsible for implementing security measures. The aim of the master's thesis was to provide one possible approach to help procurers define the technical requirements for information security measures in ICT service procurements. The compendium of checklists developed during the master's thesis helps procurers define information security measures aligned with their organization's security policies, which can be requested from service providers within the scope of the services procured, thereby providing methodological support for drafting technical specifications in public procurements.
Plokiahela kasutamine avalikes e-teenustes Eesti näitel
(Tartu Ülikool, 2024) Pajoma, Pirgit; Villemson, Jan, juhendaja; Krips, Kristjan, juhendaja; Tartu Ülikool. Loodus- ja täppisteaduste valdkond; Tartu Ülikool. Arvutiteaduse instituut
Today, Estonia is a country with a highly developed digital infrastructure, where most important public services are available online. It is often claimed that one of the keys to success in the development of Estonian public e-services is the use of blockchain. This master's thesis examines in more detail the actual scope of blockchain use in Estonian public e-services. The research methods used were a systematic literature analysis, which resulted in a literature review, and interviews, which resulted in an overview of the actual use of blockchain in three Estonian public e-services. This research helps to better understand whether and how the blockchain is integrated into Estonian digital services and what is the added value of its use to the systems.
Privacy Preserving Fingerprint Identification
(Tartu Ülikool, 2020) Eerikson, Hendrik; Talviste, Riivo, juhendaja; Krips, Kristjan, juhendaja; Tartu Ülikool. Loodus- ja täppisteaduste valdkond; Tartu Ülikool. Arvutiteaduse instituut
Privacy preserving technologies are used to create applications for computing on sensitive data without compromising on the secrecy of said data. In this thesis, secret sharing based multi-party computation is used to identify a fingerprint sample amongst a database of templates while preserving the secrecy of the sample and the templates. The FingerCode representation of fingerprints is used. Privacy preserving fingerprint identification mitigates some of the privacy and security risks in biometric identification systems. The secret sharing based fingerprint identification application developed in this thesis is more performant than a previous homomorphic encryption based one. Methodology for identifying fingerprints and programming privacy preserving applications using multi-party computation is given. Fingerprint-based identification systems are vital tools for border control and law enforcement. Privacy preserving fingerprint identification could be used to prevent leakage and abuse of fingerprint data.
Töötajate teadlikkus õngitsusrünnakutest Balt-Hellin OÜ näitel
(Tartu Ülikool, 2024) Markus, Kerli; Krips, Kristjan, juhendaja; Tartu Ülikool. Loodus- ja täppisteaduste valdkond; Tartu Ülikool. Arvutiteaduse instituut
This master's thesis investigates the awareness of phishing attacks among the employees of Balt-Hellin OÜ before and after completing cyber training and helps to find the most suitable solution for conducting cyber security training in the future. The study includes an overview of different cyber training environments applied for Estonia, phishing attack simulators, conducting phishing experiments and describing the results. The results of the experiment revealed the main weaknesses of the employees in relation to the recognition of phishing attacks and provided recommendations for further cyber security training options.