Automatic seccomp syscall policy generator

Develop a syscall policy generator based on inputs from an application syscall logger and with an output to seccomp based policy code.

Continuous Integration and Automated Code Review in Open Source Projects

Ensuring code quality and enforcing coding standards and styling are essential aspects of the developer experience in any open source project. Having automated feedback for any proposed code change helps both the developer and the maintainers produce quality code. The goal of this thesis is to analyze this workflow in the ManageIQ project, compare it with workflows used in other popular open source projects, and, based on the results, enhance the developer experience in the said project.

Modern TreeView component for the web

One of the best solutions for navigating in a hierarchical structure is to use a tree view. It has been implemented in file managers, XML viewers and version control systems. The goal of this thesis is to create a tree view web component with modern technologies and optimized performance.

OCSP must staple in practice

Recently X.509 certificate profile was extended to include extension that specifies what TLS extensions must be implemented and provided by the server using that certificate. The goal of that change was to indicate to clients that the genuine server will always support specific extensions - status_request (OCSP staple) in particular. The goal is to implement support for it in a python TLS library and provide test harnesses for other libraries.

Client side DNSSEC deployment

DNSSEC is already a well established technology, which extends the DNS protocol to provide integrity and authenticity. This enables new types of applications and functionality like: * Verify a remote server SSH fingerprint using SSHFP record in DNS (RFC 4255) * Verify a TLS certificate offered by the remote server using DANE and TLSA record in DNS (RFC 6698) * Get IPsec keys for a particular remote host automatically using IPSECKEY record in DNS (RFC 4025) * Get X.509 or OpenPGP certificates using CERT record in DNS (RFC 4398) * Verify that a specific Certification Authority is authorized to issue a certificate for a particular domain, using the CAA record in DNS (RFC 6844) The DNSSEC configuration and deployment on the server side is a well understood and for most of the part already solved problem. The applications using DNS records mentioned above are mostly useful on the client side. While the client side configuration may seem trivial, it is non-trivial for mobile devices roaming across various networks (at the airport, local cafe or at work) which may be OK for DNSSEC, broken or misconfigured. These networks can also apply various policies, e.g. dropping DNS packets larger than 512 bytes. Therefore, on such mobile clients, there is a need for a software, that would test the network on each network configuration change and reconfigure a locally running validating DNS resolver in order to provide DNSSEC validation.

Remote API Web Reference for Java Enterprise Applications

The goal of the thesis is to **develop a generic remote API web reference for Java Enterprise applications**. Often these JavaEE applications provide REST and WS web services which want to document in order to make them easily available to the developers. The work builds on an existing tool **JRAPIDoc** which currently lacks a good representation of the remote interfaces. Ultimately, JRAPIDoc should **provide** not only a **remote API reference** but also the **functionality to test and call the listed web services**.

Automatic topology for FreeIPA deployments

FreeIPA supports multi-master replication. When setting up environment with dozens of replicas, replication agreements (edges in the topology graph) need to be created to ensure smooth operation of the setup, while not exceeding an informal limit of agreements that each server should have without negatively affecting performance. We are looking for algorithm and its implementation for creating the replication agreements automatically, without admin's manual intervention.

Implement detection of duplicate test coverage for Java applications

Objective of this thesis is to design and implement an enhancement of a well-known open-source code coverage tool for Java that will identify duplicate tests and time spent in test execution.

Infrastructure for Enterprise Applications Deployment

Come to create a thesis that makes a difference! You will have the ability to learn cool technologies, work with great guys in a team where you can gain experience and ultimately create a piece of an open-source system that will make the world a better place! In case the topics is interesting to you but you are afraid that it is too complex, don’t be shy and ask. We always set unrealistic expectations. How getting started in open source can help your career -