THESIS: MCP Security and Authentication Analysis
6 days ago
With the rising popularity of AI agents, Anthropic has developed a new protocol for LLM models to communicate with tools. The Model Context Protocol (MCP) is slowly becoming a standard for developing tools for LLMs and LLM Agents. In MCP there are no security or authentication methods, so exposing tools towards end users can be harmful or risk exposing data.
This thesis aims to investigate security and authentication solutions for MCP and implement a POC on how we can expose external tools to end users without the risk of leaking data.
Who are we looking for?Bachelor/Master of Science in Computer Science/Engineering
Project descriptionThis thesis aims to investigate how MCP can be secured and exposed to external users. The investigation should end in the development of a POC where an AI Agent can call tools with the security context of the current user and only expose data accessible to the user.
Purpose and ScopeIn this thesis investigate these questions:
- Are there current solutions for MCP security?
- Can MCP be extended with security or is a new protocol required?
- Can the MCP standard be extend with authentication?
- What are the limits of securing tool calling for an LLM?
References:
MCP,
Quarkus MCP Lib,
Awesome MCP,
An Exciting Journey with Knightec Group
Semcon and Knightec have joined forces as Knightec Group. Together, we are Northern Europe's leading strategic partner in product and digital service development. With a unique combination of cross-functional expertise and a holistic business understanding, we help our clients realize their strategies – from idea to complete solution.
Practical Information
This is a thesis position, located at our office in Sundsvall. Start date January or March 2026.
Please submit your application as soon as possible, but no later than If you have any questions, you are welcome to contact Johanna Edström. Note that due to GDPR, we only accept applications through our careers page.
-
THESIS: Enriching APIs with AI
6 days ago
Sundsvall, Sweden Knightec Group Full time 450,000 - 600,000 per yearBackgroundIn today's digital landscape, services and offerings are increasingly composed of multiple interconnected applications and systems. This complexity makes it difficult to trace which services are tied to a specific customer identifier and to detect issues such as failed orders or recurring system errors.Traditionally, support and operations teams...
-
THESIS: AI Imposter validation
6 days ago
Sundsvall, Sweden Knightec Group Full time 40,000 - 60,000 per yearHigh level descriptionWith the rapid advancement of artificial intelligence, AI-driven communication tools such as chatbots, virtual assistants, and deepfake voice generators, are becoming increasingly indistinguishable from human interaction. While these technologies offer numerous benefits, they also pose significant risks by blurring the line between...
-
Sundsvall, Sweden Knightec Group Full time 350,000 - 550,000 per yearHigh level descriptionGenerative AI is increasingly used in software development to write code, tests and suggest solutions. This increases productivity but at the cost of several risks, one being security. The AI tools being used may generate code that contains vulnerabilities, reproduce insecure patterns from training data, or create a false sense of...
-
Sundsvall, Sweden Knightec Group Full time 450,000 - 550,000 per yearHigh-Level DescriptionThis thesis explores designing a mesh VPN architecture, inspired by Tailscale, to enable secure and scalable communication between IoT devices and cloud services. The goal is to adapt modern mesh VPN principles to improve device-to-device and device-to-cloud connectivity.Project DescriptionThe project involves developing a mesh VPN...
-
Sundsvall, Sweden Knightec Group Full time 350,000 - 550,000 per yearHigh level descriptionWith the rising amount of AI agents (ChatGPT, OpenAI, Grok, Microsoft CoPilot, Google Gemini, …), it becomes more difficult to know which AI agent to use in different contexts. Some agents might not be fact based enough with no access to real time data, others are easily manipulated by the user, others might provide propaganda due to...
-
Sundsvall, Sweden Knightec Group Full time 550,000 - 850,000 per yearHigh level descriptionData engineering is the process of refining raw data into a usable state. For example, transforming raw CSV or JSON files into structured formats ready for analysis. There are many platforms and tools available to support this process, each with different trade-offs in terms of performance, scalability, and usability. This thesis will...
-
Sundsvall, Sweden Knightec Group Full time 360,000 - 420,000 per yearHigh level descriptionCross-platform frameworks like React-Native and Flutter has enabled developers to use a single language and code base to develop apps for both iOS and Android. With the growing popularity for machine-learning based applications, cross-platform options for machine-learning runtimes has emerged. An example of this is the ONNX runtime...
-
Sundsvall, Sweden Knightec Group Full time 60,000 - 80,000 per yearAbstractManaging third-party dependencies is critical for software security, yet existing tools such as Dependabot treat all version updates and reported vulnerabilities as equally urgent. This lack of prioritization leads to alert fatigue and wasted developer effort. This thesis explores how AI can make dependency risk management more contextual and...
-
Sundsvall, Sweden Knightec Group Full time 350,000 - 550,000 per yearHigh level descriptionComponent reusability is essential for maintaining consistency and efficiency in modern software development organizations. Traditional npm packages (either public or private) have long been the standard approach for sharing code across projects, while shadcn's registry system represents a newer paradigm that focuses on code ownership...
