Automatic seccomp syscall policy generator
Develop a syscall policy generator based on inputs from an application syscall logger and with an output to seccomp based policy code. Specification: Study the fundamentals of linux syscalls, tools for monitoring syscalls, berkeley packet filter and libseccomp. Conduct research on intermediate representation of syscalls and optimizer of intermediate representation. Based on the research, design the intermediate representation and provide an analysis of appropriate optimizers. Implement tool which reads syscalls and translates it to the intermediate representation, optimizer of the inter. rep., translator from the inter. Repre. To a seccomp policy. Evaluate implementation of this tool. Suggest further improvements. Literature: […]
Continuous Integration and Automated Code Review in Open Source Projects
Ensuring code quality and enforcing coding standards and styling are essential aspects of the developer experience in any open source project. Having automated feedback for any proposed code change helps both the developer and the maintainers produce quality code. The goal of this thesis is to analyze this workflow in the ManageIQ project, compare it with workflows used in other popular open source projects, and, based on the results, enhance the developer experience in the said project. Tasks: Study the theoretical background behind continuous integration and automated code review Conduct research on the solutions used in popular open source projects […]
Modern TreeView component for the web
OCSP must staple in practice
The student will implement support for status_request (RFC 6066) extension in TLS client and server, OCSP request generation and response validation (RFC 6960) and support for the TLS Feature extensions to X.509 – Must Staple – (RFC 7633). Finally, test cases for other libraries (e.g. Mozilla NSS) to verify their behaviour will be implemented. Those enhancements will be provided as patches to the tlslite-ng and tlsfuzzer projects. Literature RFC 2246 – The TLS Protocol Version 1.0 RFC 4346 – The Transport Layer Security (TLS) Protocol Version 1.1 RFC 5246 – The Transport Layer Security (TLS) Protocol Version 1.2 RFC 6066 – Transport Layer Security (TLS) […]
Client side DNSSEC deployment
DNSSEC is already a well established technology, which extends the DNS protocol to provide integrity and authenticity. This enables new types of applications and functionality like: * Verify a remote server SSH fingerprint using SSHFP record in DNS (RFC 4255) * Verify a TLS certificate offered by the remote server using DANE and TLSA record in DNS (RFC 6698) * Get IPsec keys for a particular remote host automatically using IPSECKEY record in DNS (RFC 4025) * Get X.509 or OpenPGP certificates using CERT record in DNS (RFC 4398) * Verify that a specific Certification Authority is authorized to issue […]
On-the-fly analysis and visualisation of blockchain currency transactions
Blockchain transactions offer some level of anonymity. Still, the blockchain contains enough data which, when combined with external data, can provide useful aggregated information. The result should be a system that will aggregate data in blockchain, classify the transactions, and classify which of transactions are created by an currency exchange, which are fees, which are real business transactions (payments in shops), which are (probably) transfers between the same owner. The ways to figure out how to classify is the subject of the thesis. The result should also be visualized in forms of charts and graphs, using a library such like […]
Remote API Web Reference for Java Enterprise Applications
The goal of the thesis is to develop a generic remote API web reference for Java Enterprise applications. Often these JavaEE applications provide REST and WS web services which we want to document in order to make them easily available to the developers. The work builds on an existing tool JRAPIDoc which currently lacks a good representation of the remote interfaces. Ultimately, JRAPIDoc should provide not only a remote API reference but also the functionality to test and call the listed web services. The main tasks are: Study and seize REST and WS standards in order to capture all the essential aspects in the remote API reference. Get familiar with Red Hat […]
Automatic topology for FreeIPA deployments
FreeIPA supports multi-master replication. When setting up environment with dozens of replicas, replication agreements (edges in the topology graph) need to be created to ensure smooth operation of the setup, while not exceeding an informal limit of agreements that each server should have without negatively affecting performance. We are looking for algorithm and its implementation for creating the replication agreements automatically, without admin’s manual intervention.
Jenkins plugin for Windup
See http://windup.jboss.org/ See https://wiki.jenkins-ci.org/ Note that recently, another Jenkins plugin won a Dean’s award. https://wiki.jenkins-ci.org/display/JENKINS/GitHub+pull+request+builder+plugin
Implement detection of duplicate test coverage for Java applications
With increasing number of tests, their execution time increases as well. Currently, various tools provide metrics of test code coverage. These metrics however do not help identify duplicate test coverage, that leads only to unnecessary increase of test execution time without any benefit to effective code coverage. Information about duplicate coverage and execution time of duplicate tests would be a valuable help for subsequent refactoring of test code base. Objective of this thesis is to design and implement an enhancement of a well-known open-source code coverage tool for Java that will identify duplicate tests and time spent in test execution. […]
Special Data View for a High Productivity Information System
The types of views of data people tend to use are very useful but also limited in number. We believe that all of them could be implemented in a single system to provide users the most flexibility while keeping all their data in a single location. Analyze what options and data visualisation techniques could be used to show data records in a: calendar map agile board mind map wiki with links to query results Try to use visualisation techniques common for the given area. I.e. visual attributes for displaying data in a map. User must have the flexibility to select […]
Infrastructure for Enterprise Applications Deployment
Modern enterprise application require high-availability, security, data integrity and backup, and need to be scalable. To be able to maintain all the important parameters for large number of deployed applications, the whole infrastructure need to work as automated as possible. Analyze the best existing technologies and approach for deploying JEE enterprise applications in cloud (generic VPS, Amazon EC2, GCE, DigitalOcean, UpCloud) using containers like Docker. Design automated data backups, authentication and authorization management (possibly using Keycloak), shielding all applications behind HTTPS server (Apache 2 or NGINX) with automated SSL certificate renewal (Let’s Encrypt), and monitoring and automatic provisioning of additional […]
Business Processes for a High Productivity Information System
Investigate existing workflow solutions and figure out which one is easiest to integrate with or most comprehensible to users. Design simplified workflow editor on top of the selected framework. The important supported tasks in the workflow should be: a human task (what someone needs to accomplish), execute data query, write to a collection, send an email or any other notification. Demonstrate the proposed design by implementing a sample application leveraging open-source platform Lumeer.
Data Mining for High Productivity Information System
When dealing with large amounts of data it might be useful to either predict some trends or to figure out patterns in existing data. Investigate existing data mining algorithms – we would like to use stat-of-the-art version of really basic algorithms for classifiers, decision trees and clustering. Other options are also possible when suitable. Analyze the possibilities usage of data mining algorithms in an information system. Design a way how to bring the power of data mining algorithms available to basic users without any deep technical knowledge. The users should be able to use the algorithms to for example predict […]
Data Explorer for a High Productivity Information System
One of the typical tasks users perform in spreadsheets (Microsoft Excel, Google Sheets, LibreOffice Calc, etc.) is that they enter some sample data and see what happens when they do some changes to them. The changes can be adding or multiplication of values in a column, counting various averages and sums based on conditions, further filtering the data, adding input parameters and tweaking the parameters and in the end creating a chart displaying the influence of the parameters on the data entered. However, it might be hard to see what logical steps lead to the result. Design and implement an […]
Email Filtering for a High Productivity Information System
Propose a way of automated email processing and storing email data into a user collection. Analyze existing solutions and figure out whether these can be integrated or a new one must be created. Design the easiest way a user can configure which pieces of information in an email go into which fields. Implement a sample configuration application that is capable of receiving emails and parsing them into data collections. The implementation should leverage the open-source platform Lumeer and JEE technologies. It should be possible to integrate the resulting application into Lumeer later. This requires the backend to be based on […]
User Data Prediction Using Data Mining
Users often enter very similar data into specific fields in information systems. There even might be some semantic correlation between fields. Even when we cannot determine the entered value precisely, we can provide a list of options to select from. A typical example would be article tags based on the article’s fulltext content. Investigate existing data mining algorithms – we would like to use stat-of-the-art version of really basic algorithms for classifiers, decision trees and clustering. Other options are also possible when suitable. Analyze the possibilities usage of data mining algorithms in an information system to predict values being entered. […]
Performance comparison of open source API Management solutions
Student will get familiar with multiple open source API Management solutions (e.g. Tyk, apiman, Kong, 3scale) and compare their performance results. Part of the research would be to select the most appropriate benchmarking tool (e.g. perfcake, jmeter, gatling), metrics and environment configuration where to run the performance tests. Student will be given access to some of Red Hat infrastructure to run tests. Test scripts and test configurations used for benchmarking must be stored in github repository. Recommended Reading DYMO, Alexander. Ruby performance optimization: why Ruby is slow, and how to fix it. Pragmatic programmers. ISBN 1680500694. MATAM, Sai; JAIN, Jagdeep. Learn Apache JMeter […]
Decompilation of restored in-memory class fragments in running JVM
Based on ability of JVM to restructure already loaded classes and by using existing decompilers decompile in memory transformed fragments of java classes close to human-readable form. Student must investigate existing mechanisms in JVM allowing restoration of bytecode class representation. By modifications in existing decompilers the machine code can be decompiled to one or more JVM languages (java, clojure…) also with theirs various intermediate forms. As bonus the view can contain full syntax highlight or be able to compile the class back to JVM. Recommended environment is implementation as thermostat plugin as it allows easy access to running JVM
Property based testing in practice for NodeJS services
We have identified several areas in our projects that could leverage property-based testing. Aim of this thesis should be finding mature enough testing framework (or create your own if necessary) and design and implement a set of property based tests against a relevant FeedHenry project. Property-based testing is interesting tool in the Quality Assurance toolbox, especially when targeted outside of its comfort zone of unit testing of libraries to more difficult integration testing of running services. When successful, it can find otherwise hard-to-reproduce errors, such as race-conditions in synchronization as well as significantly broaden the surface area of testing . […]
Implementing TLS 1.3
The TLS 1.3 protocol is a new secure communications protocol; it is on its final stage of being standardized and includes features such as zero-rountrip mode and one-rountrip session establishment. It is a rewrite of TLS 1.2, and includes several novel cryptographic features. The goal of this thesis is to participate in the implementation of a TLS 1.3 library, while at the same time learn more about secure communications protocols and their implementations.
Performance optimization of testing automation framework based on Beakerlib
BeakerLib is a shell-level integration testing library, providing convenience functions which simplify writing, running and analysis of integration and black box tests. Tests written with Beakerlib can be run directly from Bash command line or as a part of wider work flow using one of available harnesses. These include Beah harness usable with Beaker machine provisioner and Restraint harness usable both with and without Beaker. Goal of this work is to carry out performance analysis of Beakerlib library alone and in conjunction with either Beah or Restraint (or both) harness and propose, implement and measure performance optimizations in these use […]
Develop an open-source application for sales registration
To ease the transition of small entrepreneurs to the new system of sales registration as required by Czech law, it is necessary to develop an open-source and free of charge application to set equal conditions for everybody. The application should work on Android tablets (or iPads) with minimal system requirements. Application should be able to print recipes on the USB or Bluetooth connected printer.
Synchronization of services communicating over HTTP
The aim of this thesis is to design and implement an open-source service that would be used as a mediator between two sides communicating through HTTP protocol. The whole communication will be sent unmodified to the address of the mediator, which will subsequently deliver it to the receiver. For the mediator there are no requirements regarding time of the delivery, which means that reply on the HTTP request does not have to be a real answer of the receiver, only a confirmation of the acceptance of the request. Subsequently, it would be necessary to design and implement a mean for […]
Unified Reporting for Performance Testing
Develop a unified and complex reporting component to performance testing framework PerfCake. The main goal is to figure out what are the most important values in the results of a performance tests based on the attributes that were observed and suggest ways to display these information so that any potential performance issues in the system under test are immediately visible. As part of this identify and describe typical performance problems of applications (e.g. spikes in response time, limited throughput, coordinated omission…) and figure out how to automatically detect them. Describe indicators of these issues in performance results like response time […]
Subscription Management Platform
Develop a system for management of 3rd party application subscription allowing application developers to register their applications, configure pricing and allow users to subscribe to the applications. Develop a system where application developers could register their applications, configure users who can edit and read the registered application, its properties, subscription types and pricing. An application will have an application key assigned for later verification of users through a REST API. Also provide a client in the same programming language as the backed will be developed. Any users can pick up a subscription type and select the time period for how […]
LinkedIn Search Query Builder
Goals The main goal if this thesis is to develop a web application in Ruby on Rails framework capable of creating and managing complex boolean queries. These queries must conform to with the LinkedIn search query requirements. This tool will be then used by Red Hat Talent Acquisition team. Student will get familiar with developing web applications in Ruby on Rails framework. Source code must be available on Github and licensed under Apache License 2.0 Recommended Reading HARTL, Michael. Ruby on rails tutorial: learn web development with rails. Third edition. New York: Addison-Wesley, 2015. ISBN 0134077709.
Existing Attacks on SSL/TLS Protocol
Study design and implementations of SSL/TLS protocol and existing attacks on its design and implementation , testing approaches and tlsfuzzer project . Get familiar with existing attacks againts SSL/TLS. Identify existing attacks that are suitable for reproduction in tlsfuzzer framework. Design a test suite for them. Implement the tests and necessary improvements to tlsfuzzer and tlslite-ng . Run the tests against existing SSL/TLS implementations and evaluate the results. Points that should be done during the first semester: 1. and 2.  https://www.feistyduck.com/books/bulletproof-ssl-and-tls/  https://github.com/tomato42/tlsfuzzer  https://github.com/tomato42/tlslite-ng
Continuous Integration System for TLS/SSL Libraries Interoperability
Study design and implementations of SSL/TLS protocol (focus on OpenSSL, NSS and GNUTLS) and current state of the art of its interoperability and integration testing. Get familiar with existing tools and solutions for implementing public projects with continuous integration features. Design a sytem for publicly sharing integration and interoperability SSL/TLS tests that is able to execute the test suite and expose testing results to public before incorporating particular commit and pull request in both the test suite and upstream implementation of SSL/TLS library. This system should support tests written in BeakerLib . Design a test suite for testing interoperability and […]
Web application for personal currency exchange
Design and implement an Open Source web application, that allows people to present their offers of currency exchange (for physical personal exchange near their location) and enables the people to set up a meeting for the exchange. Design and test the functionality and user interface on the scale of semestral work from MI-NUR (ideally, submit this part as your semestral work from MI-NUR). Implement a web application (beckend and REST API) in Python. Implement frontend in standard web languages (HTML, JS, CSS…). Develop the application in English, with ability of further localisation. Deploy the application to cloud. This is topic […]
Extend USBGuard to support external authorization policy sources
The USBGuard project provides user space components for implementing USB device authorization policies on Linux based systems. Currently, these authorization policies can be stored only in a local file. The aim of this thesis is to extended USBGuard to support multiple policy sources, including LDAP and SSSD. This will allow for centralized management of USB device authorization policies via LDAP and other backends. Motivation Centralized management of security and compliance policies is a basic requirement of good IT security practices. Extending USBGuard with centralized management capabilities would extend the applicability of the project from single machine deployments to company-wide computer infrastructures. Deliverables […]
Application-specific passwords / Multiple passwords for one user in FreeIPA
FreeIPA is an authentication and authorization server. At the moment, FreeIPA does not currently allow users to have more than one password. Aim of the thesis is to allow to use multiple passwords for single user. Motivation There are many possible use cases for multiple passwords for single user account: Several fall under a category that could be broadly defined as ‘application specific passwords’ (as Google refers to it), or possibly ‘partially trusted credentials’, or something. For instance: I have my mail server configured to use FreeIPA authentication via PAM. I have three computers, two phones and a tablet configured […]
Referral Program Platform
Develop a web application to manage referral programs. Referral programs enable us to send invitation links to potential users of some software (i.e. target application). Such a user should be, upon registration, able to send further invitations according to the configuration of the particular program. The platform should also maintain a waiting list of people interested in using the target application. The platform should allow us to add more users from the waiting list, spread new invitations or setting the number of referrals an existing user is able to send (both individually and in batches). We should be able to […]
Using the Immutables processor in the Java programming language
Java source code analysis using the Spoon library
Graphical frontend for antenna modeling tool nec2c
Get acquainted with the antenna modeling tool nec2c. Design and implement graphical frontend for this tool that will allow visualization of antenna radiation patterns. The frontend should allow displaying radiation patterns in vertical/horizontal planes, and in interactive 3D mode. It should be possible to display grid marked with degrees and dB. The frontend should allow interactive readings of degrees and dB by e.g. mouse. Optionally support other diagrams (e.g. Smith chart) and graphical antenna designing. The goal is to create better frontend than existing open source frontends (e.g. xnec2c), e.g. something like closed source EZNEC: Demonstrate functionality of your implementation. […]
Remote Execution Output Processing
Foreman Remote Execution is a tool for running arbitrary commands on a set of hosts. Its designed to support multiple providers (SSH, MCollective, Ansible, Salt) as well as complex network topologies. The goal of the thesis is to extend this tool, design and implement a solution for further processing of the data that is produced at the execution. It should allow to define a logic to extract meaningful data from the output in order to make it useful in other parts of the system (searching for the data, determining the status of hosts etc.) It should also provide an ability […]
Web Service for Generic Archive Comparison
During software development and maintenance, engineers need to include bug fixes and implement new features in programs, while not changing anything what was not planned. During new version verification, a developer needs to be able to effectively evaluate changes made to the program from consumer point of view. Goal of this project is to implement web service, which will display differences between objects of specified type (RPM packages, Docker containers, etc.) and that will allow to simplify and possibly automate verification, that is often being done manually now. Assignment – Study RPM packaging format for software distribution on operating system […]
Generic Embeddable Virtual Machine-like Entity Configuration Interface
The main goal is to implement a user interface for configuring virtual machine like entities which will be embeddable to oVirt’s webadmin, cockpit-ovirt plugin and to ManageIQ. To achieve this goal the following problems will have to be solved: – create an abstraction layer for communication with the particular backends (ManageIQ’s API, oVirt’s REST API) – propose and create a mechanism which allows the user interface to be able to configure a family of similar entities (Virtual Machines, Templates, Virtual Machine Pools, Instance Types). – considering that a virtual machine is composed of large amount of fields which are influencing […]
Provide automated unit testing and profiling in the file manager
Have you ever modified something in your project and then realised weeks later your project is broken in some cases and don’t know where or when you or your colleagues broke it? Have you ever made some change in the past and then someone commented how slow your application is, and you don’t know where and why? Stability and reliability in a file manager is on of the most important features, so we would like to have an automated unit testing for operations and interactions in the file manager, together with automated profiling and a nice graphical output to be […]
Web SDR receiver
Get acquainted with SDR (Software Defined Radio) concepts, Gnuradio framework, RTL-SDR. Design Web SDR receiver that will allow receiving (at least) AM, FM, SSB (USB/LSB), CW through Gnuradio / RTL-SDR. Deal with multiuser access (i.e. one user can control the underlying HW, other monitors). Optionally try to transfer the demodulation task to the clients (HTML5/Java) which would allow hosting the Web SDR on slow embedded HW (like RPI). Implement and demonstrate functionality of your design. It’s supposed that opensource project will be created and hosted on the internet (e.g. on GitHub).
Develop an IoT Application Runtime
The main goal of this topic is to develop a runtime for 3rd party applications to be used on Single Board Computers (e.g. Raspberry Pi). Student will get familiar with Single Board Computers and how to develop applications interacting with outside world. Furthermore, student will learn about developing Docker containers and the concept of Internet of Things. Platform Requirements Runtime must run as a docker container and re-use Bulldog Library at its core (to remain platform independent). Runtime must expose some communication channel (e.g. sockets, API, etc. ) which other applications could use, regardless of the language/framework they are written […]
Libvirt unified job control
Libvirt is an API, daemon and tool for managing virtual machines. It also prepares host environment whenever virtual machine configuration requires so. Therefore, Libvirt has subsystems for managing storage, (virtual) network interfaces, host devices and so on. Moreover, Libvirt exposes APIs so that entities from these subsystems can be managed directly too. For instance, storage units for virtual machines can be allocated directly via an API call, host network interfaces can be managed with simple Libvirt function call, and PCI device assignment is made easy with Libvirt. Following this logic, virtual machines are then just yet another class of objects […]
Docker image(s) for PerfRepo
The main goal of the topic is to define and create Docker image(s) for instances of a performance repository called PerfRepo. Performance result repository (PerfRepo) is a web application tool that intends to make it easy to capture and archive performance test results and simplify comparison of performance run results and detect a performance regression from one build to the next in an automated fashion. The PerfRepo repository would be deployed on the WildFly 10 application server as a web application and would use the latest PostgreSQL database for it’s dataources (v9.5.3 at the time of writing this). At least two […]
Testing TLS/SSL interoperability across systems
Currently interoperability checking of SSL and TLS implementations across systems is a manual task involving the deployment of the different systems and the checking of the implementations under test. The task of this thesis is to design a test suite for TLS and SSL implementations, and implement it using virtualization technology and automated tests on foreign systems. The student will have to get familiar with virtualization technologies, automated testing, and software testing frameworks.
Automatic configuration management targets detection
Investigate possible ways how to detect remote manageable devices operating on the network Familiarize with projects Katello and Foreman and their use for configuration management Analyze requirements and design a solution for detection of configuration management targets on managed subnets and possible integration with intrusion detection systems Implement the solution Compare different approaches in the possible implementations and suggest further development in this area Links Foreman http://theforeman.org/ Katello http://www.katello.org/ Comments The thesis is worked on in cooperation with Red Hat Czech The topic can be adjusted if needed
RedDeer Code Generator
Get familiar with the Eclipse IDE and its architecture . Focus on how to create plug-ins and create a basic plug-in with a simple user interface. Then, get familiar with the testing framework RedDeer  which is used for automating tests for Eclipse IDE plug-ins. Describe the principles of the testing framework RedDeer and suggest a solution how to improve writing tests by generating the code. Implement the suggested solution as an extension of the plug-in created in the first part.  VOGEL, Lars. Contributing to the Eclipse IDE Project: Principles, Plug-ins and Gerrit Code Review. Lars Vogel: vogella series, […]
Time/distance reachability map layer generator
The goal is to create a generator of map layer which would display, in an appropriate way, the time necessary to get to respective points on the map from some given place. For instance, given the point where the Red Hat office is, the generator would create a transparent layer with a color range, where each point’s color would mean the time necessary to reach that point by certain transportation mean. Mandatory mean of transport would be by public transport. Additionally, car reachability can be implemented as well. This generator would use some publicly available source of transport durations information. […]
USB HID monitor
Get acquainted with the USB HID standard, the terminology, descriptors and how to interact with the HID devices from Linux (e.g. libusb, libhid, …). Also learn how to create GUI in Linux (GTK/QT/ …). Design and implement tool which will allow interaction with the USB HID in the realtime. The tool should allow manipulation of the “outputs” (e.g. set the LEDs), should support manipulation of the “features” and should display the status of input controls in the human readable form (preferably in graphics through GUI). Demonstrate functionality of your implementation. It is supposed that at least the basic set of […]
Victims security database – new Java client
Victims is a security database watching the CVE issues. It has a Java client library, but it’s design has serious flaws and needs a complete rewrite. See https://github.com/victims/victims-lib-java See http://victi.ms/
PerfCake support in IDE tools
The goal is to update the current PerfCake IDE plugins for Eclipse, Intellij IDEA and NetBeans to work with the current version of PerfCake, to unify workflow and user experience.
Reverse engineering: Java SE + Graph database: Plugin for project Windup
An example of a plugin for a bachelor’s thesis is the Victims plugin, which uses the Victims library to identify the jars in the migrated application which contain a security vulnerability. For a master’s thesis, the topic would have to be a bit more inventive and academic. For instance, analysis of dependencies between application modules, analysis of dependencies between higher-level constructs like webservices endpoints and calls, or a visualisation of large-scale application migration plan.
Java EE + Angular 2 + geospatial: Carpooling application
The thesis should make use of Java EE, Angular 2 and some geospatial API (e.g. Google Maps or Here) to allow users to carpool. Possible cooperation with the Magistrate of Brno. Contact Ondrej Zizka for details.
Building docker images without accessing /build API endpoint
Docker inc., the company behind popular container engine, aims to move code for building images out of server. The component is named builder currently and is available at URL /build in daemon’s API. It is the most common and official method of building images. Upstream already managed to implement all low-level API calls which were needed to create an image (these were used internally by build API call). These functions are: create and start container commit container – transform a container to an image (this call is able to change metadata also) copy files or folders inside a container tag […]
Requirements The bot should be deployable into OpenShift, so part of the project should be also all the configuration files that are needed for it including the working PoC. Log rotation: preferably the time period of log rotation should be customizable Support for multiple channels: the bot should be able to track the communication in more channels simultaneously. Following the communication in real time using websockets. If there is a new message in the channel, the web ui should display it immediately using some server push technology. Admin UI – add remove channels, log rotation, etc. Code will be hosted […]
Search filters on the file manager
Abstract Did you ever wanted to do a search in all your files for songs that are from a specific band? Or did you ever wanted to search on your pc for your favorite e-book and the only thing you know for sure is that its author is “James” and the title of the book contains “Fifty”? Or how about the episode 7 of season 3 of the series Games Of Thrones that you have all around in a folder with a million more series? Task The task will consist on provide the most common search filters for video, documents, […]
IoT Devices Registry Portal
Create a web application allowing users to register and maintain their Internet of Things (IoT) devices. The portal will be implemented in Node.js using Express framework and will run on public cloud (OpenShift). The portal will have the following capabilities (subject to change upon a reasonable argument): it must have a friendly UI for both browsers and mobile devices (phones, tablets) it must allow users to register using social networks and plain username password it must be able to generate API keys for the IoT devices a new device will register itself using its unique ID and the provided API […]
Geo-spatial issue tracking in Java EE
This work could be done in cooperation with the city of Brno. A reasonable level of knowledge of the Java language is required. Knowledge of some map API is recommended.
Enhancement of PerfCake
Are you in search for an interesting thesis? Feel free to look around at PerfCake issues at Github. Especially those marked with “University project” label are well suitable. But you might want to look at others as well. https://github.com/PerfCake/PerfCake/labels/university%20project Once you find an issue that is interesting to you, let me know at firstname.lastname@example.org. We will then agree on a particular thesis.
Clustering of CDI components in SilverWare
The goal of this thesis is to add support for discovery and remote calls between CDI components in the microservice platform SilverWare. Several aspects need to be taken into account. First, it must be possible to configure load balancing. Next, various call strategies similar to Netflix/Hystrix should be implemented. Optionally, service versions could be considered for inter-JVM queries. The implemented functionality will be verified by integration tests. Optionally, a performance test will be executed. All features will be demonstrated in newly created quickstart examples. The created code and examples will be open-source and publicly available as part of the SilverWare […]
Timing side-channel detection in TLS implementations
Because cryptography used in TLS (and the old SSL) is used in online manner – the results of computations are sent over the network as soon as they are available – it makes it possible to attack the implementation by measuring the time it takes the server to respond or reject messages sent by attacker. The goal of this thesis is to extend an existing TLS test suite and test framework to be able to check if an implementation under test does leak information about keys or encrypted data through timing of responses. Complete feature would extend the tlsfuzzer test […]
Comparative study of password checking libraries
Most password checking libraries and utilities perform either minimal tests or arbitrary tests on the passwords tested. The goal of the thesis is to quantify how well those tests fare against passwords taken from real world data sets of leaked passwords and passwords generated with known complexity using rules commonly used by users. In the end we should be able to quantify the quality of checks performed by a given library and say if it is possible to configure it to align it with requirements from standards like NIST SP 800-63-1. Expectations Student will: analyse public corpus of leaked passwords […]
Possibilities for data-mining from n-dimensional matrix
Students goal is to research possibilities for data mining from n-dimensional matrix, find existing open-source tools for the subject and prepare practical proof of concept. For practical part of the work, we will provide data which can be interpreted as n-dimensional matrix (results of tests running on different versions of operating system, on different architectures, on different hardware configurations, on different networks). Work can be written in English or in Czech.
Third party authentication for OctoPrint
Examine the abilities of OctoPrint plugins. Design and implement a mechanism for multiple authentication backends for OctoPrint (using the plugin API). Integrate this mechanism to OctoPrint. Use a suitable existing Python library for third party authentication (such as python-social-auth) and integrate it with OctopRint through your authentication backends mechanism. Design and implement a way to administrate various authentication backends from OctoPrint. Prepare and deploy an instance of OctoPrint with FIT CTU OAuth 2 authentication backend suitable for the needs of the 3D Printing course. http://docs.octoprint.org/en/latest/plugins/index.html http://psa.matiasaguirre.net/docs/index.html https://rozvoj.fit.cvut.cz/Main/oauth2
Case Management Task Assignment Using OptaPlanner
Case Management is unique coordination of work (case) in specific context (e.g. health care, law, etc.) where the flow can be unknown and participants act in various roles. Assignments of tasks within cases can be tough and with increasing options we quickly get to a point where no human being is able to solve planning the assignments. Using OptaPlanner as a tool for business resource planning, tasks will be assigned based on predefined rules and priorities. Therefore, the aim of this thesis is to implement a module for automated task assignment using resource planning tool, OptaPlanner. Study Resource Management and Case Management including CMMN and BPMN notations. Get familiar with jBPM engine implementing case […]
STL is a file format representing a 3D models not only for 3D printing. Design and implement a GUI frontend for the ADMesh application, that allows automatic mesh topology repairing and STL file manipulation. Use C or Python library bindings of ADMesh. The goal of the project is to create an intuitive graphical user interface showing the loaded 3D model and allowing the user to run selected procedures from ADMesh, displaying the results.
Static Analyser for BeakerLib tests
BeakerLib is a shell-level integration testing library, providing convenience functions which simplify writing, running and analysis of integration and blackbox tests. While writing BeakerLib tests is not difficult, it is still possible to make errors while doing so. Discovering mistakes in tests by testing them live is costly, and not all mistakes are detected that way. Various BeakerLib commands have well defined interface and contracts, which can be statically checked. The thesis should take advantage of the front-end and internal model implemented within the bkrdoc project. The tool should focus on wrong usage patterns of the BeakerLib commands, not on […]
Messaging providers in the SilverWare microservices platform
Design and implement several plugins (so called providers) to enable messaging solutions in the SilverWare microservice platform. These two major components to achieve that are Vert.X for asynchronous I/O and ActiveMQ Artemis for Java messaging. It must be possible for any of these resources be injectable by CDI microservices. The proposed way will be verified by integration tests. Optionally, a performance test will be executed. All providers will be demonstrated in a newly created quickstart examples. The created code and examples will be open-source and publicly available as part of the SilverWare project. The recommended reading: Claus Ibsen: Camel in […]
Vizualizace práce CPU
OpenMAX performance benchmarks
Scene editor for Box2D physics simulator engine
Git reporting tool
Git reporting tool to enable project leaders to see statistics such as Git commits per person, by time period, per product, per component Size of git commit, e.g. differences in lines (added or removed) Additional characteristic (merges etc.)
Business Process Wizard
Business process wizard is an attempt to create an alternative way to traditional business process modeling in BPMN2 specification. The goal is to create a tool which would easily enable business (non-technical) users to create simple but comprehensive business processes without any technical details. Get familiar with Red Hat JBoss BPM Suite, the practices in business process modeling and BPMN2 specification. Analyze the existing alternative tools for business process modeling. Business Process Wizard should offer services to use in the designed process without any technical details → study APIMan and possible integration with it. Design user interface for practical use of the wizard mainly aimed on business (non-technical) users. Study GWT, the toolkit, in which the wizard should be […]
PerfCake scenario editor for NetBeans
Investigate and study the NetBeans plugin development. Make yourself familiar with the PerfCake performance testing framework. Design and implement user-friendly PerfCake scenario editor as a plugin into NetBeans. Design adn implement user-friendly PerfCake scenario creation wizard. The wizard would be part of the plugin. Design and implement the ability to actually execute the PerfCake scenario directly from NetBeans.
Integration SELinux troubleshooting into ABRT Tool
Describe the current SELinux troubleshooting together with its advantages/disadvantages. Describe and design improvements for the current SELinux troubleshooting. Implement designed improvements to get better integration with the desktop. Outline possible future improvements of this implemented solution.
Web editor of MusicXML files
Motivation MusicXML is a commonly used w3c open standard for music notation, however the community is missing an open source web based editor for this open format. Goals The main goal of this thesis is to develop an online music notation editor. Student will get familiar with the process of designing and developing a reactive HTML5 web application, MusicXML format structure and music notation standards. Project must be licensed under one of the open source licences and it’s source code deployed to GitHub. Progress of the respective work needs to be reported in corresponding issue. Editor Requirements The online editor need to be able […]
Technical documentation validator
Popište specifika tvorby technické dokumentace. Popište formáty používané pro tvorbu strukturované technické dokumentace. Vysvětlete význam sémantického značkování. Popište význam průběžné integrace (CI) v kontextu tvorby technické dokumentace. Prostudujte možnosti nabízené systémem Emender, který je určený pro deklaraci a spouštění testů nad dokumenty. Navrhněte a implementujte test, který z dokumentů získá adresy odkazů, ověří dostupnost těchto odkazů a do výsledku testu zapíše seznam validních a seznam nevalidních odkazů. Podporovány by měl být formát DocBook. Test by měl taktéž sledovat, zda odkazy neodpovídají zadaným regulárním výrazům. Navrhněte a implementujte test, který získá seznam názvů balíčků a ověří, zda zadané balíčky pro zvolený […]
Mobile application for Symphonia.io
Motivation Symphonia.io is an open source project, based on Audiveris, trying to provide users with an Optical Music Recognition (OMR) as a Service. For this purpose a mobile client for scanning music scores is vital. Goals The main goal of this thesis is to design and develop a hybrid mobile application for the OMR service, so that users are able to take a photo of their musical score and have them processed in Symphonia.io. Student will get familiar with developing hybrid mobile applications and basics of Optical Music Recognition, as well as Symphonia.io project. Mobile Application Requirements Mobile application needs to be […]
LESS-SASS style sheet converter
LESS and SASS are two dynamic style sheet languages with some minor differences. The goal of this thesis is to create a converter application between these formats. There are some converters available on the Internet, but all of them are working on the search and replace principle and can not produce 100% correct conversion. Tasks: Study the syntactical differences between LESS and SASS Implement an AST parser for both languages Study the implementational differences between LESS and SASS Implement a code generator for both languages Verify the correctness of the converter by writing automated tests References: http://lesscss.org/features/ http://sass-lang.com/documentation/file.SASS_REFERENCE.html https://github.com/brauliobo/less2sass https://github.com/jonschlinkert/grunt-refactor
ELF binary file infection – possibilities and implementation
Executable and Linkable Format (ELF, formerly called Extensible Linking Format) is a common standard file format for executables, object code, shared libraries, and core dumps. Explore possibilities of binary ELF format infection. Goal is to consider possibilities of infection, document them and implement functional tool to which alllows insert payload to existing ELF binary file.
Graphical ELF binary file viewer and simple editor
Executable and Linkable Format (ELF, formerly called Extensible Linking Format) is a common standard file format for executables, object code, shared libraries, and core dumps. Goal is to create simple and easy to use viewer/editor of ELF binary file. Requrements: * Knowledge of ELF binary format * Basic knowledge of assembler (x86_64 or arm) and C/C++ language * Knowledge of libraries for creating graphical applications * Application must be portable minimally between Mac OS X and Linux * Viewer should be able to cope with some kind of ELF obfuscation techniques. Explore obfuscation techniques and implement some heuristic.
Polymer elements for Business Process Management System
A Tool for Development of OVAL Definitions within OpenSCAP Project
OpenSCAP is an open source tool for security compliance auditing of IT infrastructure. Security policies are described using the OVAL – Open Vulnerability and Assessment Language. However, OVAL checks are difficult to write and the language is hard to learn. Moreover, the developers have to edit the XML files manually, there is no analysis tool, no debugger or any other diagnostic tool that could facilitate the security policies development. The aim of the thesis is to design and implement a simple tool that allows the users to create security policies easily and verify their correctness. Security policies developers will be […]
The effects of age on file system performance
In most cases, the performance of file system is measured on the new and empty file system. However this approach is not corresponding with real life cases. The aim of this work will be to move closer to measuring the performance of the real life file systems. 1. To create aged file system using some workload generator. Try to create such filesystem for different types of aging e.g. database server, backup server. It will be also necessary to define such types of aging workloads. 2. Uses benchmark tool, e.g. FIO for measuring the performance of such aged file system and […]
Eclipse plugin for triggering Project Newcastle workflows
Motivation Project Newcastle requires an IDE support to provide JBoss developers with a straightforward way of triggering the productized builds of community projects. An Eclipse plugin will be very helpful for community developers to analyze their dependency and align them with a productized version. Goals The main goal of this thesis is to Implement a new Eclipse plugin that would be capable of triggering a build process inside a remote PNC server. The input parameters will be tailored to the purposes of Project Newcastle workflows. Student will get familiar with concepts and architecture of open source projects under the Project Newcastle umbrella, […]
Build Automation for Continuous integration
Continuous integration (CI) is the practice, in software engineering, of merging all developer working copies with a shared mainline several times a day. The main aim of CI is to prevent integration problems, and provide trivial code pretests.. In order to implement modern and efficient CI , efficient automation and virtualization tools are needed to have easy to consume mechanism of build automation.
Libvirt Admin API
Libvirt is an management API for hypervisors and virtualization hosts. Among others, it allows users to define, start and manage virtual machines. It also has a set of API to gather various statistics over set of virtual machines. It offers several ways to manipulate environment of the virtualization hosts too. However, one piece of puzzle is still missing. It has no APIs to manage itself. Currently, there is no way to get any kind of information on connected users, limits set within the libvirtd and others. The aim of the thesis is to design and implement such set of APIs, […]
Automated testing of VPN applications
A VPN application testing involves multiple steps such as the establishment of a connection between two peers, followed by testing of DNS and traffic generation. That apparently cannot be performed within the same host in a straightforward way because the loopback interface, local routes and firewall rules will get in the way. The purpose of this project is to generate a testing framework for a VPN client and server application, so they can be tested in an automated way, using modern continuous integration building blocks (e.g., gitlab CI). The end result of this project will include basic VPN tests with […]
New UI for GNOME’s Online Account Settings
Settings → Online Accounts lets you configure your cloud and network accounts to GNOME’s single sign-on framework. Various applications and components use these to integrate your online content into the desktop. The user interface for this panel needs a face lift and we want to implement the latest mockups. You can break this into the following steps: The basic panel. This what you see when you first enter Settings → Online Accounts. It will show a list of existing accounts, and have controls to initiate creating a new account. Selecting an existing account should bring up the account information dialog. Account […]
“Broken” DNS proxy – for simulating DNS issues
Some DNS software solutions like Unbound, ISC BIND, FreeIPA, rely on the DNSSEC support of remote DNS resolver, when using it as forwarder. Some tools are intended to detect and assess the level of DNSSEC support of such remote DNS resolver. There are many issues that can arise. Some of them are specified in the IETF draft (http://www.ietf.org/id/draft-ietf-dnsop-dnssec-roadblock-avoidance-00.txt), some are based on real life issues and errors in specific implementations of DNS resolvers (e.g. wildcard NSEC issue in old versions of BIND). There is no simple way for simulating such DNS related issues for testing purposes. Purpose of this project […]
Analyze & improve the filters in GNOME Photos
GNOME Photos is an application to access, organize and share your photos on GNOME 3. It has some common image processing features built into it so that users can quickly tweak and enhance their photographs after importing them from the camera. One such feature is the ability to apply some preset effects to an image. Unfortunately, most of the algorithms behind these filters were not scientifically developed or tested. They are merely implementations of approaches described by various people on the Internet. One exception is the Caap filter which is based on an algorithm developed by Corey Hoard. Scientifically analyzing some well-known […]
Test shield for ARM-based boards
Get fimiliar with ARM-based boards (“ABB”) RaspberryPi, Cubieboard and BeagleBoneBlack. Design (schema and PCB) and build a universal test board (“TB”) that will: support GPIO (digital input, digital output, analog input, analog output), UART, I2C, SPI, have a single set of pins/connectors independent on the ABB, be connected to each ABB by an adapter (or a cable) with connector fitting ABB’s GPIO pin set on one side and with the connector fitting the TB’s pin set on the other side, be powered directly from the ABB, have short circuit / reverse polarity protection to avoid damaging the ABB. The test […]
DHCP support for FreeIPA server
Work out FreeIPA server architecture. Design flexible database schema for DHCP data which could cover maximal number of use cases. Write database back-end for DHCP server ISC Kea.
Identity information for Web applications on Windows platform
In the Web application authentication setup described at http://www.freeipa.org/page/Web_App_Authentication, the authentication and retrieval of additional user attributes including group membership is done via Apache modules that provide the information about the authenticated user to the application via environment variables or similar mechanism. Specifically, mod_lookup_identity which currently uses D-Bus interface to sssd is able to populated fields like REMOTE_USER_EMAIL or REMOTE_USER_GROUPS. We are looking for similar solution on the Windows platform.
Arquillian extension for performance testing
Motivation Currently, performance tests cannot be usually run reliably directly from an integration test suite. They usually require an external tool to be executed and maintained separately from the standard tests. Goals A student is supposed to study methods of integration testing and how they are facilitated by the Arquillian test framework. A possibilities for extensions will be suggested and an extension to be able to run performance tests using PerfCake will be implemented. The extension will be published as an open-source project at github.com/PerfCake. Resources and recommended reading Steven Haines: Pro Java EE 5 Performance Management and Optimization Ian […]
Graphical Debugger of GPIO Pins
Motivation When developing software solutions, it is beneficial to have an unified debugging tool, especially on ARM-based/embedded devices. To provide users with comprehensive development experience, Silverspoon.io needs to include user-friendly way of debugging IoT applications. Goals The main goal is to develop a library which can analyse activity on GPIO pins, and reuse it in a desktop application that might be used as a graphical debugger of GPIO Pins. Debugger needs to be able to set pin values to exact value (0,1). Requirements Develop a desktop application (e.g. Java Swing) that will graphically display activity on device gpio pins and […]
Camel Component for Silverspoon.io
Motivation Currently, IT Industry is still missing some comprehensive, enterprise ready and easy-to-use IoT development kit. Silverspoon.io project aims to provide such solution. To accomplish this ultimate goal, basic building blocks (camel components), needs to be developed. Goals The main goal is to develop an Apache Camel component that could be further reused in Silverspoon.io project. This new component is supposed to represent a specific device category connected to an ARM based computer, e.g. a temperature sensor. Student will learn how to programmatically control low-level interfaces of ARM based computers like Raspberry Pi. Furthermore, he will get familiar with general IoT concepts […]
A userspace VPN in Linux
A userspace VPN in the Linux system is typically implemented using tun devices which translate the IP packets received from the peer to IP packets on the network. This project is about eliminating the tun device and directly sending the packets on the network using a userspace NAT approach (similar to the old slirp approach). That is, the project is to replace the tun device functionality in OpenConnect VPN server with userspace networking, possibly by utilizing an existing library like SPICE/Slirp. That would effectively allow a VPN server to operate with entirely without administrative privileges.
Dependent identity lifecycle management
When external authentication and identity providers are used, applications store the provisioned user identity upon the first successful authentication of the user. Applications can update the user identity attributes upon every logon of the user. However, when users do not log in often, attributes of said user identity or indeed its whole validity and existence can grow stale over the time. The goal of the work is to devise approach of keeping the cached identities in sync with the master and implement it for typical scenarios.
Replacement of Datové schránky using open standards and protocols
Czech project Datové schránky (Data boxes) is considered by public as highly controversial among other reasons because all software for it (both server-side and client tools) is proprietary and created by one commercial company. Given how much proprietary and private information is being held in the system, it is disturbing that it is not possible to audit quality of the software and all bugs in the system are hidden from the users. On the other hand, from the broad point of view expectations on the Datové schránky is similar to the expectations of standard email systems, which are supported in […]
Extend openstack modules for Ansible
Ansible is automation tool. There are existing modules for OpenStack, but it covers only fraction of configuration. See Not Yet Supported chapter what needs to be done. There are other ideas in queue. Your task will be to implement that missing functionality.
Use of tags to classify content in Searchisko content management systems
Štítky (anglicku tag nebo label) jsou využívány v mnoha systémech spravujících obsahu pro flexibilní kategoricazi obsahu. Searchisko (https://github.com/searchisko/searchisko) je OpenSource projekt, který umožňuje rychlé vybudování systému pro práci s dokumenty pocházejícími z různých heterogenních zdrojů. Nabízí především služby indexace dat, normalizace dat při indexaci, persistence dat, efektivního vyhledávání a agregace dat, zabezpečený přístup k datům na základě rolí uživatele a další. Cílem této práce je seznámení z problematikou kategorizace obsahu pomocí štítků a rozšíření systému Searchisko o podporu flexibilní a efektivní práce se štítky. Předpokládané úkoly: seznámení a popis způsobů kategorizace obsahu pomocí štítků (co to je, výhody a nevýhody […]
Software Quality and Contribution Quality Metrics, Analysis and Visualization with Python and d3.js
Using free and open source software – focusing on using existing development tools and libraries available within the python 3 pip, scientific computation, process distribution and publication stacks, along with modern web-browser based d3.js data driven visualization technologies – build a tooling pipeline to automatically extract, analyse and derive various software “quality” and “quality contribution” metrics from a broad of publicly available data sources, such as Git, bug trackers, Continuous Integration servers and more – publishing a short, written analysis of results, along with the source codes required to reproduce the result as a result under a GPL or with […]
Automated Tests Execution in Libreswan
Get familiar with software testing and libreswan component, explore and study an architecture of its test suite. Categorize tests in libreswan test suite (for instance, by functionality they test). Select all tests which are actual and correct. Design a system for automatic execution of aforementioned test categories including a basic representation of test results. This system must support virtualization of the testing network, automatic libreswan configuration on all testing nodes, distribution and execution of test code and subsequent gathering and evaluation of test output. Implement and test designed system in Red Hat. Create a poster presenting your work. Evaluate your […]
MS Windows support for OpenSCAP project
The Security Content Automation Protocol (SCAP) is U.S. Government standard for automated vulnerability management, measurement, and policy compliance evaluation. OpenSCAP is open source implementation of SCAP standard. And as such, it becomes leading compliance management toolkit. OpenSCAP works well on Linux, BSD, and Solaris distributions. The port for Microsoft Windows is missing but demanded by community and bussinesses and government agencies. The instructions to compile limited part of OpenSCAP can be found at http://www.open-scap.org/page/Windows The most of OpenSCAP codebase is written in C in portable way, however there are certain parts that are POSIX specific. Which needs to be changed. Student […]
Study of tools used for tracing and testing Java programs
Popište základní vlastnosti bajtkódu JVM Popište způsob načítání bajtkódu do JVM s využitím classloaderů Prostudujte a popište základní vlastnosti nástroje Byteman Prostudujte a popiště základní vlastnosti nástroje Javassist Porovnejte možnosti obou výše zmíněných nástrojů Navrhněte a implementujte sadu příkladů, které budou využívat jeden z výše zmíněných nástrojů. Tyto příklady by měly ukazovat základní možnosti použití Bytemana/Javassistu při vývoji a testování programů v Javě
Study of FFI library in Lua
TBD after the first meeting with student.
Technical documentation validator: broken links reporter
Compose a list of all external links in a selected XML/AsciiDoc/Markdown/Markdown file. In DocBook 4.5, external links can be found in the href attribute of the ulink element. In Mallard, external links are stored in the href attribute of the link element. In both cases, the content of the element is irrelevant. Check if the URI scheme is on the list of white-listed schemes; if it is, report the link as ignored and proceed to test another link. Check if the host name is on the list of internal addresses; if it is, report the link as invalid and proceed […]
Technical documentation validator: invalid package names reporter
Compose a list of all package names in a selected XML/AsciiDoc/Markdown file. In DocBook 4.5, package names can be found in the package element. Check if the package name is on the list of white-listed packages; if it is, report it as ignored and proceed to test another package. Check if the package name is present in either of the supplied package databases; if it is, report it as valid and proceed to test another package. Report the package as invalid an proceed to test another package.
Technical documentation validator: XML snippets validator
To be updated after the meeting with a student.
Shenandoah GC on multiprocessors systems
To be updated after the meeting with a student.
Study of LuaJIT
Please ask BP/DP leader for details.
Functional programming in Lua
Please ask BP/DP leader for details.
Technical documentation validator: markup bloat checker
Calculate how many block elements “disrupting” the docs flow occurs per a certain number of text lines and report sections/topics that go over the set score. Calculate how many inline elements “disrupting” the readability of the text occurs per block and report sections/topics/paragraphs that go over the set score. A text corpus can help to calculate the overall scores from many documents to consider for the algorithm. Reported parts of the docs should be reviewed and updated to reduce the markup bloat. Fine tuning of the algorithm should reveal the most-effective combination of the above values.
Test automation framework for technical documentation
To be updated after the meeting with a student.
Technical documentation validator: checker for missing and unused images
To be updated after the meeting with a student.
Technical documentation validator: reporter of obvious violations of the Writing Style Guide
Ability to access the various style guides in use in electronic form. Effective and continuous (automated) data-mining of available style guides in order to maintain a list/database of potential transgressions.
Shenandoah GC on desktop computers
To be updated after the meeting with a student.
Benchmarks for LuaJIT
Please ask BP/DP leader for details.
Information System for Gathering and Visualising Test Results
Develop a web-based information system for gathering and visualizing test results: * System will gather data on tests periodically from external sources * System will support automatic periodical report publication, but will also provide interactive GUI * System will maintain history of test results, will enable the user to display graphical representation of test success/failure statistics: * To display stability of a single test in time * To display stability of a test suite in time * To analyze stability of a particular test * Research suitable web technologies (e.g. J2EE, Node.js), compare and choose one to use for implementation […]
Integration of FakeReplace with various frameworks
FakeReplace is a JRebel-like tool by Stuart Douglas. It allows to replace classes of a deployed app without re-deploying it – it fiddles with JVM content directly. As Stuart said, the main part of the work is making it work with various frameworks: CDI, JPA, web frameworks, … This topic would consist of identifying such frameworks, picking some of them and adding support for them to FakeReplace.
JBoss AS 7 TrayIcon
(Too easy, would be a part of some other topic; or maybe BP?) Tray icon with a menu with things like: start/stop/restart open web console open deployed app’s context root ding on deployment success/error show server.log open current config file (settings.xml) open CLI (+ –gui) set property deploy a war etc…
RichFaces cross-framework components – Apache Wicket 6.x integration layer
Not much information on this yet. Contact Ondřej Žižka or Lukáš Fryč if interested. RichFaces components usable not only for JSF, GWT and something, but also Wicket.
Remote API Reference Generator for Java Enterprise Applications
The aim of the thesis is to develop a remote API reference generator for Java Enterprise applications. Important parts of the work are also UI and UX for the designed web system that display the remote API reference. The main tasks are: Study and seize REST and WS API based on the specifications JAX-RS and JAX-WS used in Java. Optionally JMS. Get familiar with Apache Maven, especially with development of Maven plugins. Analyze the existing solutions of generating an HTML reference for a remote API. Design an innovative user interface with regard to clarity and simple use, even in a […]
Web Application for Sharing DevAssistant Assistants
The aim of this thesis is to create a web application for sharing DevAssistant assistants. This application will become part of DevAssistant web page (http://devassistant.org). The applicaton will have GUI and API that will allow: * uploading new assistants * updating assistants and their metadata * deleting assistants * tagging assistants with arbitrary tags * downloading assistants * rating assistants * fulltext search * mallware/spam reporting * login using existing third party services, primarily Fedora Account System
Multi-factor authentication in web applications using PAM
Study Pluggable Authentication Modules, focus on multi-factor authentication setups, configure multi-factor authentication for some common service (sshd). Study HTTP, focus on its state-less nature. Investigate the possibility of using full PAM stack in web applications, including multi-step conversations. Develop a solution which would allow the use of the PAM conversation over the web. Create prototype web application/setup to demonstrate the use of the solution using FreeOTP.
Add support for external authentication to web project
Study the central identity management and its role in enterprise IT deployments. Study open-source identity and authentication provider FreeIPA and its client-side counterpart SSSD. Study web application authentication setup described at http://www.freeipa.org/page/Web_App_Authentication which uses Apache httpd modules mod_auth_kerb, mod_authnz_pam, mod_intercept_form_submit, and mod_lookup_identity. Study the existing authentication options of web project X [to be replaced by the project agreed with the advisor]. Implement support for consuming Apache module authentication results by project X. Prepare patch and documentation. Work with upstream of project X to get the code changes to the upstream project. Document the changes and the result.
SSL Certificate management for WildFly/JBoss EAP using freeIPA
The aim of this thesis is to create an extension for WildFly/JBoss Application Server, that will allow to obtain and store SSL certificates from Free IPA server. It will be able to track and renew these certificates as needed, without the need of the server restart. Certificates will be stored in secured keystore, which is available to deployed applications and server itself.
Automated web application vulnerability detection
The focus of this thesis is to review state of the art in web application security scanning and propose enhancements to currently implemented mechanisms of vulnerability detection. Study common web application weaknesses and document existing mechanisms of their detection. Review and compare several available web application scanners and identify common weak points, e.g. with regards to detection of novel attacks. Building on the existing solutions, propose and implement enhancements to existing detection mechanisms and/or design new ways of vulnerability detection. Test proposed enhancements on popular open source web applications and discuss the results.
General Troubleshooting Tool for FreeIPA
Work up FreeIPA identity management project architecture with focus on requirements, assumptions or potential issues of it’s main services (LDAP server, KDC, PKI server) and their interaction. Research the most common user issues and think what could be done to detect such situations and mitigate them. Design an extensible and pluggable troubleshooting tool that administrators can run to verify correct functionality of the FreeIPA infrastructure and which would offer remediation help if a problem is detected. Add a basic set of troubleshooting checks and test the troubleshooting tool with FreeIPA developers and users. Upstream ticket: https://fedorahosted.org/freeipa/ticket/4008
Implement external authentication modules for nginx
Study the central identity management and its role in enterprise IT deployments. Study open-source identity and authentication provider FreeIPA. Study web application authentication setup described at http://www.freeipa.org/page/Web_App_Authentication which uses Apache httpd modules mod_intercept_form_submit and mod_lookup_identity. Study HTTP server nginx and its internals and module system. Implement modules to achieve the same authentication setup on nginx like the one described above. Work with nginx upstream to get the code changes to the upstream project. Document the changes and the result.
Support for annotation driven testing in Apache Camel
The goal of this work is to write a new component to Apache Camel project that will extend its test framework with annotation driven configuration. The student should analyze features provided by current implementation and turn them into specification. Also its necessary to study similar testing frameworks like Arquillian and Pax Exam to get familiar with moder approaches. Design a new API using annotations that will provide the same features as the current one but using declarative annotations. Co-operate with community on exact specification of necessary features and commit a functional solution together with tests, documentation and other stuff required […]
GNOME Keyring Storage in FreeIPA
Work up FreeIPA Identity Management project architecture with focus on user identity related information that can be or are already utilized by client desktop environment like GNOME (e.g. realmd project). Research on how the objects are stored in FreeIPA DIT, how access control to different user information is enforced. Design an extension to FreeIPA to store GNOME keyring, choose in which part of the DIT should be the data stored, choose or design an LDAP schema, access control by LDAP ACI and CLI/Web UI to manage them. Extend SSSD to deliver the keys to the GNOME, propose new or use […]
JTexy – markup language parser & converter
Texy is a markup language, parser and converter by David Grudl, written in PHP. JTexy is a port to Java. This work would improve the current port and implement some of the remaining modules.
IPv6 support for Linux disk quota RPC interface
Linux Disk Quota tools <https://sourceforge.net/p/linuxquota/> are used to manage disk quota subsystem on the Linux. The tools provide an rpc.rquotad server which utilizes Sun RPC (part of glibc) to query or change current disk quota settings over network. The drawback is the Sun RPC supports the IPv4 only. The purpose of this works is to port the tools to the TI-RPC library <http://nfsv4.bullopensource.org/doc/tirpc_rpcbind.php> which implements transport-independent remote call procedure and thus supports the IPv6.
Integration of JBoss Undertow http server with Apache Camel project
Design and implement a component for Apache Camel project, integrating Apache Camel and JBoss Undertow. This new component should be used as a web server (http provider). In your work, cooperate with community and provide the results as a patch so it can be used for next release of Apache Camel project. For this purpose investigate and study areas of Apache Camel extensions development, furthermore get familiar with JBoss Undertow project, implementing web server. During the development follow the process defined by Apache Foundation and follow coding standards set by the project. As a part of the work deliver unit […]
XPath 2.0 support to libxml
XPath, the XML Path Language, is a query language for selecting nodes from an XML document. XPath version 2.0 provides larger feature set. XPath 2.0 differs in some basic concepts from XPath 1.0. The goal of the thesis is to extend existing XPath 1.0 implementation and design data model allowing implementation of both XPath versions. This thesis is first step in making XSL Transformation version 2.0 generally available to open-source community. XSL Transformations, is a language for transforming XML documents into other XML documents (or HTML/textual output). The next version of standard, the XSLT 2.0 introduces number of compelling features […]
Shared storage for OpenShift
In this thesis, the student will analyse, propose and implement a shared storage solution for OpenShift. It should allow the end-user to access a shared file system storage across multiples OpenShift gears.
Analysis of randomness levels in the kernel entropy pool after boot
At system boot up several system daemons utilize the Linux kernel’s accumulated randomness via /dev/urandom to generate keys or initialize a Pseudorandom number generator (PRNG). The randomness is typically being accumulated by mixing to a pool several “entropy” sources. The Linux kernel however may operate on various hardware with different specifications, or even in a pure virtual environment without any physical hardware. For that it is desirable to know whether the randomness gathered in the first boot is sufficient for key generation or other cryptographic purposes. The goal of this thesis is to study the Linux kernel boot process on […]
A tool for storage configuration on GNU/Linux OS
The GNU/Linux OS provides many data storage technologies that can be layered one on each other providing variability allowing achieving great parameters for data processing but requiring good knowledge of a lot of tools which makes the configuration a hard task. The goal of this thesis is to implement a tool that would make storage configuration easier by providing user interfaces working with various storage technologies. It is expected that the tool will make use of the blivet library that covers the biggest part of the GNU/Linux storage technologies from the available libraries, will be implemented in the Python programming language, will […]
Performance comparison of JBoss integration platform implemtations (Fuse, SwitchYard)
The main goals are: * Investigate and study the areas of performance testing and system integration. * Make yourself familiar with the performance testing framework PerfCake. * Design a set of performance scenarios that will cover most parts of an integration platform. Implement those scenarios for JBoss Fuse and JBoss SwitchYard. * Design a stable environment for performance testing that would produce reliable and stable results. * Execute those scenarios in the environment using the PerfCake tool, collect the results and use it to compare the performance of the two JBoss integration implementations. * As soon as you have the […]
Add new activities to GCompris
GCompris is an educational software for kids. It contains 120+ activities. Some activities are for pre-school children, some are more suitable for 6 – 10 years and others for older children. And others can be added. There exist long wish list: http://gcompris.net/wiki/Ideas_for_activities Choose 1-3 activities for Bachelor’s Thesis and 3-9 for Diploma Thesis (depends on activity implementation difficulty) and implement it. Or come with your own idea for activity.
Migrate OBS to Fedora
Migrate Open Build Service to Fedora. This include packaging for Fedora. Capable of running on Fedora platform and use mock instead of SuSe “build” script.
GVfs caching subsystem
GIO is a flexible system in its nature which allows extraordinary possibilities but also brings troubles to its actual implementation, GVfs backends, as it tries to build a bridge between different design philosophies. As a result, not all operations are possible to implement to fit the GIO asynchronous random access design. At the end, user may experience difficulties accessing data on certain virtual file systems in certain applications, that don’t handle such exotic use scenarios properly. The goal of this thesis is to create a kind of emulation or fallback layer that would cover some of the shortcomings and brings […]
Networking Subsystem Configuration Interface
Get familiar with different network devices in OS Linux, study their specific attributes with regards to their configuration. Get familiar with current options of configuring different network devices, firewalls and routing in OS Linux. Design an extensible object oriented interface allowing the configuration of the networking subsystem, supporting reactive handling of change events. Based on the created model implement a library interface for selected configuration targets. Implement a userspace tool using this library. Evaluate achieved results and propose further improvements.
Unified Software Database for RPM Based Systems
Design and implement a central database where all the information about software installed on the machine will be kept and that all programs related to software manage will use.
Modular file scanner for RPM
Get familiar with the code base of RPM Design a file scanner engine with API for modules that will receive signals from the scanner Implement the scanner and one example module Test your solution and evaluate its benefits over current state
JBoss AS 7 application-level exception logging/storage, categorization, and analysis (ABRT style)
It would * using JVM debugging agent, create a breakpoint of type “when Exception thrown”, in the application – or – * using AS custom async logger (perf advantage) analyze stacktrace and msg, compare with existing DB of exceptions, suggest a solution Could work as an AS service (?) Possible ABRT integration.
Distributed Social Networking Protocol
Currently, the world of social networks is dominated by few plaeyrs – Facebook, Google Plus, Qzone, Twitter, LinkedIn – who compete on all levels, which limits data exchange. And they own user data. This project should design a protocol to exchange the basic social media content, i.e. instant messaging, posts, photos, links, events, and user profile data, amongst independent servers. The protocol must be secured, distributed, allow both synchronous (for chat) and asynchronous exchange (other content). It would have to support all of CRUD. Needed or strongly recommended: Knowledge of these protocols (and their history): HTTP, XMPP + extensions, SMTP, […]
IDE plugin for migration to JBoss AS 7
Eclipse, NetBeans or IDEA plugin which would migrate given Java EE project from legacy to Java EE 6, respectively JBoss AS 7. Possible re-use of existing migration projects (JBoss WindUp, JBoss WindRide, …) Could be planned by JBDS team. See JBDS-2501. Some related work was done by Ian Tewksburry: https://github.com/windup/windup-eclipse-plugin
JUnit status view for tested Eclipse instance
A plug-in will provide JUnit-like view on tested Eclipse instance during Eclipse UI test execution There can be reported some additional information related to test execution time, etc. The tool will allow to create specified number of screen-shot generated in selected interval and a log output containing information preceding test failure The feature should be accessible via eclipse update site
tail-like Logging subsystem hook for JBoss AS 7 to provide logging through management API
Currently, the only way to see the log messages as they are comming is to tail the log file, or use custom appender. There could be an appender which would push the messages to a connection to Management API (HTTP/JSON based). Ideally, it would use a non-blocking connection and push partial JSON. James Perkins already did initial work in this field: https://issues.jboss.org/browse/AS7-2213. As a follow-up, it could be possible to integrate this with NetBeans or IDEA (Eclipse already has it done differently).
JBoss AS 7 PHP/Quercus integration (may be for multiple students)
PHP is popular, Java is fast, development with JBoss AS is a pleasure. It would be cool to have it together. There’s an implementation of PHP interpreter and libraries in Java – Caucho Quercus, which is reportedly 4x faster. It seems to have lost momentum, but it’s almost fully compatible with the original PHP 5. First goal is to create a deployer which would scan a deployment for (public) PHP files, bind them to JBoss Web AS service. Also, it would have to deal with loading the other PHP scripts, probably through VFS. Second goal would be to research which […]
Teiid Connector for NoSQL Cassandra Database
Development of Teiid connector for Apache Cassandra.
Develop a Service Lifecycle Management Application
Motivation In SOA environments, it is beneficial to have a complete overview of all the services available, or currently running in production, to better identify which services need to be created or updated. These systems also help to make sure all the necessary steps are taken before a service is put in production or is made obsolete, and treated in a proper manner. Goals Goal of this thesis consists of creating a service lifecycle management application for JBoss SOA solution. Student will get familiar with JBoss open-source projects for application development, jBPM 6 and JBoss Overlord. Furthermore, student will design […]
Determine applications affected by upgrade
Problem: If you have package A, which have binary FOO (and which is running), which use library from package B. If you upgrade package B, then old version of library B is kept in memory untill FOO is restarted. Goal: Write plugin for yum (and later for dnf), which will determine if some file, which has been upgraded is currently used and loaded in memory. And will go transitively up. Then it will suggest you that some application (eg. firefox, ooffice) should be restarted, because some library have been upgraded. In theoretical part describe implication if some library have been […]
S-RAMP Repository Browser for JBoss Developer Studio
Motivation It is crucial to have a solid IDE support when developing new services for SOA applications. Currently, neither of the most popular IDEs (Eclipse, Netbeans, IntelliJ IDEA) have support for JBoss S-RAMP repository. Goals The main goal of this thesis is to Implement a new Eclipse plug-in for manipulating artifacts within JBoss S-RAMP (Artificer) repository. This plugin needs to be installable into JBoss Developer Studio 7. Student will get familiar with JBoss Overlord project, mainly JBoss S-RAMP (Artificer), and Eclipse plug-in development. Progress of development should be tracked in corresponding Jira issue, and final implementation deployed to public GitHub repository. […]
Teiid Connector for Amazon SimpleDB
Develop Teiid Connector for Amazon SimpleDB.
Advanced Methods for Integration Testing
The main goal of this thesis is to study different approaches to integration testing of systems that are hard to test by standard testing frameworks, and to apply the techniques in practice. The student is expected to: study, describe and propose methodologies for advanced integration testing of systems that are normally difficult to test with the main interest in mock testing and in-container testing (running own container instance) desing and develop new tests for PerfCake project (www.perfcake.org), especially tests for message senders which will require a practical usage of formerly studied techniques study and propose systems for code coverage reporting […]
Integration of Jenkins CI with Undertow
Jenkins CI is the most popular continuous integration server which contains embedded servlet container Winstone, which is archaic and not maintained. The aim of this thesis is to replace Winstone by Undertow. The student will: get familiar with Jenkins CI, especially with extras-executable-war package, get familiar with Undertow, compare Winsotne with Undertow and identify all possible backward compatibility issues (e.g. configuration options available in Winstone, but missing in Undertow), resolve possible backward compatibility issues by implementing new features into Undertow or by modification of appropriate part of Jenkins, replace embedded Winstone servlet container by Undertow, donate project to Jenkins community.
PerfCake scenario editor for Eclipse 4.3
Investigate and study the Eclipse platform plugin development. Make yourself familiar with the PerfCake performance testing framework. Design and implement user-friendly PerfCake scenario editor as a plugin into Eclipse 4.3. Design adn implement user-friendly PerfCake scenario creation wizard. The wizard would be part of the plugin. Design and implement the ability to actually execute the PerfCake scenario directly from Eclipse.
JBossWS interoperability with other WS implementations
The goal of this work is to create a tool/set of tests that will automatically check interoperability between JBossWS CXF and other WS implementations. The student will: Study the contents of WS-I specifications Get familiar with WS-I tests inside existing testsuites Create a tool/set of tests that will check interoperability between JBossWS CXF and other non JBoss stacks Create Hudson CI server matrix job/jobs to ensure automatic test execution
Implement missing WS specification for Apache CXF framework
The goal of this work is to implement one missing WS standard for Apache CXF framework. The student will: Study WS specifications and their structure and relations Select one from not implemented transaction specifications in Apache CXF project, for example WS-Transfer (Resource Specification). Get familiar with selected specification and Apache CXF project structure Introduce yourself to Apache CXF developers and discuss with them your plans Please note any development around the 2 specs above needs to actually be based on the WS-ResourceAccess version of them. There’s a convenient links list of the WS-RA specs at http://jbossws.blogspot.it/2011/12/web-services-resource-access.html Implement selected specification and work […]
Popcon for Fedora
describe options which are available in OSS world for measuring popularity of applications get familiar with Popcon http://popcon.debian.org/ customize the code so it can work with rpm packages as well package popcon with your modifications as rpm package
Comparison of RAD tools: JBoss Forge and Spring Roo
Describe advantages of using rapid application development tools Get familiar with JBoss Forge and Spring Roo Focus on extensibility of both tools Create extensions to help web application developers to test their application for both tools having the same functionality Describe advantages and disadvantages of the implementation
Planning task monitoring system
The goal of this thesis is to develop a system for monitoring the status of planning tasks from an external task execution engine using the Java language and Java EE 6 technologies with JBoss open-source projects. The system should monitor the status of individual tasks in a nice table with a progress bar for each task. It should be possible to pause and cancel a task and to show some task details as well. The system should display finished tasks as well and provide an interface to create new tasks. New tasks can be created from scratch or based on […]
AJAX-Enabled JSF Component to Work with Chart-Plotting Libraries
Study architecture of JavaServer Faces framework together with ways to create new components in this framework Get familiar with existing solutions for plotting charts on the web Design JSF component for plotting charts with support of AJAX technique, taking configurability and extensibility into consideration Implement designed component Create a simple sample application demonstrating component’s functionality and perform testing on this sample Evaluate achieved results
JamVM virtual machine on the ARM architecture
CACAO: an alternative Java virtual machine
Java.math package benchmark
Prostudujte dostupné nástroje pro měření výkonnosti různých implementací JVM, zaměřte se především na nástroj SPECjvm Popište, které výkonnostní testy jsou v těchto nástrojích implementovány i vlastnosti JVM, jejichž výkonnost je těmito testy měřena Popiště způsob implementace uložení čísel v objektech typu BigInteger a BigDecimal Popiště způsob implementace algoritmů pracujících nad hodnotami typu BigInteger a BigDecimal Navrhněte strukturu benchmarku pro měření výkonnosti vybraných operací balíčku java.math Proveďte měření výkonnostních parametrů různých JVM, především OpenJDK, Oracle JDK a IBM Java s vhodnou prezentací výsledků Zhodnoťte dosažené výsledky
JamVM: an alternative Java virtual machine
Java bytecode optimization for JamVM virtual machine
Java applications monitoring using Java Debugger Interface (JDI)
Prostudujte specifikaci JPDA a především JDI. Popište základní vlastnosti JDI a způsob jejího použití Vytvořte jednoduchou aplikaci s GUI, která bude sloužit pro připojení k JVM a sledování v ní běžící aplikace Sledovat by se mělo zejména obsazení operační paměti haldou (heapem) a zásobníkem Zhodnoťte dosažené výsledky a navrhněte možnosti dalšího vývoje projektu
Java NIO library benchmark
Java bytecode size optimization
SelfTest tool improvements and fixes
Students goal is to implement few improvements and new functions (e.g.: possibility to stop the test and continue later…). The work should result in series of patches implementing required changes in a quality allowing their direct application.
Dependent test phases execution optimization
Get familiar with graph theory. Get familiar with software testing; automated tests management and dependency definition. Propose possible approaches of linearization of oriented graphs with one ending node. Propose possible approaches of merging these graphs while considering restrictions. Implement suggested approaches and verify them on the dependent test structures. Propose and implement new restrictions so the testing process is more effective. Analyse and compare proposed approaches and highlight pros/cons on representative examples.
Graphical user interface (GUI) for Tuned tool
Get acquainted with power management in Fedora Linux distribution, with Tuned project (http://fedorahosted.org/tuned/) and learn how to create profiles for Tuned version 2. Propose a methodology how to automatically detect available Tuned plugins and their supported settings (e.g. from the Tuned 2 source codes). Design and implement graphical user interface (GUI) for Tuned control. Support at least profiles switching, profiles creation/editing, profiles deletion and optionally profiles merging using the information detected using the methodology from step 2. Demonstrate functionality of you implementation.
Add support for the MS Windows platform to the OpenSCAP project
Identify parts of the OpenSCAP library, which are problematic from the point of view of porting them to the Windows OS, suggest modifications and extensions needed to overcome the identified problems and implement your solution. Furthermore, create a fully functional implementation of an OVAL 5.11 object specific to the Windows OS platform, test its correctness and include the test in the OpenSCAP upstream test suite.
RdRand: vlastnosti a použití nové Intel-64 a IA-32 instrukce pro generování náhodných čísel
Prostudujte různé operační módy (rychlé generování náhodných čísel s použitím více vláken) versus pomalé generování kryptograficky bezpečných náhodných čísel, vhodných jako násada pro další PRNG. Navrhněte a implementujte jednoduchou aplikaci v jazyce C pro generování náhodných čísel v různých režimech s použitím této instrukce. Zkoumejte kvalitu náhodných čísel s použitím empirických testů (například baterie testů TestU01 http://en.wikipedia.org/wiki/TestU01) Navrhněte použití této instrukce v různých aplikacích. Diskutujte bezpečnost, rychlost a statistické vlastnosti jednotlivých použití. Jako zdroj entropie pro Linux kernel. Násadu pro RNG. Zdroj entropie pro kryptograficky bezpečný generátor náhodných čísel. Přímé použití.
Verifying and Improving Cryptographic Key Security in PKCS#11 Implementations
The PKCS#11 interface for cryptographic modules should be able to provide services without giving its users access to the raw values of the cryptographic keys. In practice, however, both the design and existing implementations have various problems and inconsistencies that allow extraction of the key data. Study the PKCS#11 interface standard, focusing on key protection facilities available in various versions Familiarize with existing attacks and existing tools for automatic implementation verification (e.g. Tookan) Write an open-source tool that performs an automated analysis of a PKCS#11 implementation to find ways to extract the key data; use it to validate the NSS […]
System Management with Dual Authorization
Design and implement an environment (at least a shell and a way to edit text files) that allows system management that is typically performed as the root user only if every operation is authorized by two different persons.
Yum plugin for suggesting packages based on usage
Yum/RPM package database does not have static recommended packages entries. Create new program in a language of choice that builds this database from Fedora public repositories statistical data, for example using Formal Conceptual Analysis (FCA). The approach should allow to recommend packages from a set of current and/or packages being installed. As a part of this theme develop new yum plugin that will periodically download the database from repositories and recommends packages upon installation. The key is to design and implement efficient, fast and bandwidth low-cost data format for storing and transmitting of package statistical database. Delivery artifacts: command line […]
Java Security Policy Centralization
Create an web application to allow edit and distribute Java Security Manager policies to number of JBoss EAP 6 servers (even for Cloud based deployment scales). It will be able to refresh itself without the need of the server restart. Design, implement and execute tests of new Java Policy Provider implementation in terms of security functionality and performance comparing to some production implementations available on the market (e.g. Oracle Java, IBM Java, OpenJDK).
Performance Regression QE
The main goal is to run as many as possible different tests and benchmarks for testing various kernel components. The main topics are e.g. file system regression tests where such tools as iozone or postmark are used or CPU testing with linpack or stream. The goal of this work is to focus on many not well known benchmark tools and utilities, select several of them and create benchmark script, which will run these utilities in various configuration and then will produce results and graphs.
WS-I Basic Profile compatibility verification inside WS-enabled ESB services
The student will Study the contents of WS-I specifications Get familiar with WS-I testing kit Create a tool that will run WS-I testing kit against ESB services Create ESB services that will serve as endpoints for WS-I testing Create Jenkins CI server job to ensure automatic execution of verification too
Netlink oVirt network configurator
The goal of this diploma thesis consists on designing and implementing an oVirt network configurator using Netlink. To do that the student shall: Study the Netlink protocol, Implement a Netlink Python implemenation that supports services like rtnl. Study oVirt, specifically its Virtual Desktop and Server Manager component (written in Python). Design and impement a Netlink configurator that fits with the current API and rollback mechanisms.
Enhancing ktest, a Linux kernel deployment and test infrastructure framework
ktest is a small utility that resides in the Linux kernel’s source repository. It’s purpose is to be a light weight kernel test infrastructure. Improving ktest’s usability will reduce setup time for bug reproduction, and may encourage more testing of kernel patches before they are submitted. Thesis Theme: Improve ktest’s usability by developing alternative interfaces. The alternative interfaces should all support the use of virtual machines for the target in which ktest will install and test the kernel-under-test. For example, one such new interface could be a make target. After a kernel developer compiles a new kernel by running ‘make’, she could then […]
Verification of the Linux Virtual Machine Monitor (KVM) for the ARM architecture
KVM is the Linux kernel module that enables the use of hardware virtual extensions. The Linux kernel and KVM support several architectures. One of the most recent additions for KVM is ARM. A unit test repository exists for KVM, and while the x86 architecture has several unit tests, ARM is currently missing. Thesis Theme: Develop KVM unit tests for ARM (both 32-bit and 64-bit). In addition, when possible, improve the KVM unit test repository to better share code across architectures. Note, if hardware is not available, then ARM’s Foundation Models may be used. All bugs found with the unit tests […]
Central management of DNS records for BIND 10
BIND is the famous Berkeley Internet Name Domain, probably the most widely deployed DNS server in the world. Aim of this work is to explore various ways how to store DNS data in LDAP database (Lightweight Directory Access Protocol DB) and implement proof-of-concept LDAP database driver for BIND version 10. Work up Domain Name System architecture, work up LDAP Directory Infomation Tree architecture, compare various LDAP schemas for DNS data (e.g. schema from FreeIPA, DLZ, UNINETT, your own proposal [if you want]). Discuss various aspects of schemas, including performance (e.g. impact of database indexing) and manageability (e.g. scattered DNS values […]
Reporting capability in FreeIPA
FreeIPA stores a lot of valuable identity and policy information in its LDAP tree. But this information is stored in a way that is easy to search, but not necessarily easy to digest for an Administrator. The users of the Identity Management system (Administrators and DevOps) are seeking a better introspection into who can access what and which policies apply in which situations. Reports like this are not an easy task to create. The thesis would start with investigation and research of what kind of information people are actually looking for, how the disjoint polices and objects are stored in […]
Time-Based Account Policies in FreeIPA
Work up FreeIPA identity management project architecture with focus on user management and authorization related policies applied to users. Research and evaluate existing solutions of time-based authorization policies in existing open source projects or commercial products (e.g. Microsoft Active Directory). Based on your findings, design extensions to FreeIPA and SSSD projects to support time-based authorization policies. Focus on finding the right storage for the required time concepts (date, time, ranges), user interface in FreeIPA CLI and Web UI, make sure the designed interface accounts for different time zones of both FreeIPA administrator and user. The final solution should allow FreeIPA […]
Nástroj pro testování knihoven pro přístup do Informačního systému datových schránek
Informační systém datových schránek (ISDS) nabízí rozhraní SOAP, které implementuje několik nezávislých knihoven. Úkolem je najít nebo vytvořit sadu nástrojů pro automatické testování shody knihoven se specifikací rozhraní. Protože každá knihovna má jiné aplikační rozhraní a protože specifikace se mění, je třeba poskytnout takový nástroj, v němž testy budou vyjádřeny na jednom místě způsobem nezávislým na knihovně. Poté pro vybranou knihovnu bude napsána překladová vrstva, která testy vykoná voláním knihovny proti simulovanému serveru.
PerfCake scenario editor for IntelliJ IDEA
Investigate and study the IntelliJ IDEA plugin development whereabouts. Make yourself familiar with the PerfCake performance testing framework. Design and implement user-friendly PerfCake scenario editor as a plugin into IntelliJ IDEA. Design adn implement user-friendly PerfCake scenario creation wizard. The wizard would be part of the plugin. Design and implement the ability to actually execute the PerfCake scenario directly from IntelliJ IDEA.
Filing cabinet as a SaaS
Create a generic filing cabinet that uses MongoDB as a storage. The application will work as a SaaS inside OpenShift environment and will support multi-user model. Every user can own one or more cabinets Every cabinet has a pre-defined schema – a list of typed fields together with mandatory/optional flag. The fields should support storage of multiple values (1:n relation). It is expected that user can store large binary data like images or audio files The application should provide web interface implemented in Java EE and should reflect the schema of filing cabinet – optional fields, content validation, multi-values, binary […]