diff --git a/tex/conclusion.tex b/tex/conclusion.tex index 49f766a..461bb0d 100644 --- a/tex/conclusion.tex +++ b/tex/conclusion.tex @@ -1,43 +1,43 @@ % =========================================================================== % \nn{Conclusion} -The objectives of the thesis have been to create the Password Compromise -Monitoring Tool aimed at security-conscious user in order to validate their -assumptions on the security of their credentials. The thesis opened by diving -into cryptography topics such as encryption and briefly mentioned TLS. +The objectives of the thesis have been to create a tool that would enable users +to verify the potentiality of their compromise in time, i.e. monitor it, by +validating the assumptions on the security of their credentials. -Additionally, security mechanisms such as Site Isolation and Content Security -Policy, commonly employed by mainstream browsers of today, were introduced and -the reader learnt how Content Security Policy is easily and dynamically -configured. +In the theoretical part, conceptual foundations and technical underpinnings of +common pieces of the infrastructure were attended to and explained, with a +focus relating to creating web applications. Additionally, security mechanisms +such as Site Isolation and Content Security Policy, commonly employed by +mainstream browsers of today, were briefly introduced and it was proven how +Content Security Policy could be configured simply and quickly. Furthermore, +the criteria for local and online data sources were evaluated. An extensive body of the thesis then revolved around the practical part, -describing everything from tooling used through high-level view of -application's architecture to implementation of specific parts of the -application across the stack. +describing everything from tooling and development processes used, to +high-level view of application architecture, and then dove into implementation +details of specific parts of the application across the stack. Import of local +breach data and constructing database queries using a graph-like API were also +highlighted. -Finally, the practical part concluded by broadly depicting validation -methods used to verify if the application worked correctly. -The author would like to recognise that there are certain aspects of the thesis -in the need of further development. It is necessary to admit that not -everything could have realistically been realised in the limited timespan and -scope imposed on the project to prevent diverging. The concerns mentioned above -constitute clear candidates for future work of the author who intends to -improve on the existing state, for example accessibility-wise. The author's -unfamiliarity with the accessibility tooling sometimes compromised on the -quality in this segment of the application, but it is a known deficiency. -Furthermore, the list of tasks for the future may also contain adding -\emph{fuzzing} tests for the program, producing Software Bill of Materials, -utilising additional immutable database or unifying the frontend design -language across the pages. +Various deployment and configuration scenarios were considered, the validation +methods used to verify the correct working of the application were described +and justified, and the practical part concluded by showing screenshots of the +application in use. -The program does have a very solid core that for instance listens for OS -signals, handles graceful shutdown and supports structured logging but still -has room for improvements, despite the fact that its creation has been -best-effort. Due to a number of reasons mentioned earlier, it should not be -called an utterly \emph{finished} project yet, but it can already serve a clear -purpose. +The list of potential improvements for the future may also be amended by adding +\emph{fuzzing} tests for the program to help uncover potential bugs, producing +Software Bill of Materials to aid in ensuring compliance, and utilising +additional immutable database for activity logs. + +The program does have a very solid core, it listens for OS signals and can +handle shutdowns gracefully. It supports structured logging, with the option to +plug in a log exporter. Most importantly, it gives users a tool in the battle +against the always vigilant attackers that are after their passwords. + +Even though it might not be called an utterly \emph{finished} project yet, it +can already serve a clear purpose. % =========================================================================== %