Browsing by Subject "Network security"

Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    Cybersecurity education: RunLabs rapidly create virtualized labs based on a simple configuration file
    (2017) Justice, Connie; Vyas, Rushabh; Computer Information and Graphics Technology, School of Engineering and Technology
    The cornerstone in educating the future workforce in cybersecurity in higher education is experiential learning. Cybersecurity competitions are shown to have the potential to increase the workforce and encourage students to pursue the field of cybersecurity. Virtual laboratories allow emulating real life cyber threats and rapid generation of multiple scenarios and infrastructures. The purpose of RunLabs project was to create a lab infrastructure to allow instructors to generate virtualized environments rapidly. Instructors can create virtual lab for students easily, with a simple configuration file. The methods used for RunLabs creation consist of a javascript object notation (JSON) configuration file that creates virtual machines with specified network configuration. In addition, it creates virtual network computing (VNC) service for each virtual machine with a random password, which allows students to be able to access the virtual machines and work on their exercises. RunLabs has a web-based user interface for administration and an application programming interface (API). The API allows additional tools to be written around RunLabs. The administrator can reboot virtual machines, change VNC passwords. If defined in the configuration file, the administrator can create generic routing encapsulation (GRE) tunnel for the virtual machines across multiple hosts. RunLabs project used Python, Flask, SQLite, Minimega, KVM/QEMU, and OpenVSwitch as its backbone software. The analysis showed that the virtual machine host can capture virtual machines network traffic; and by default, any changes made to the virtual machines are not saved to the virtual disk. Due to the way KVM/QEMU work, one virtual disk can be used to spin up multiple virtual machines. Use case scenarios for this project included malware analysis, virtualized penetration testing network, and capture the flag competitions. Future development includes creating a virtual machine repository, bug fixes, and an option to save changes to the virtual disk. © American Society for Engineering Education, 2017.
  • Thumbnail Image
    Item
    Secure cloud computing infrastructure for K-12 education
    (2017) Justice, Connie; McFarland, Nichole; Computer Information and Graphics Technology, School of Engineering and Technology
    With cloud computing becoming more and more popular among businesses, there has become a higher demand for security in the cloud. K-12 school systems have a lack of IT resources and support to securely store and share data, thus making cloud services an attractive option. Additionally, there is increasing pressure on school systems to provide information for students and parents that require access to the information stored on school networks. Therefore, cloud services are a viable option for K-12 school systems to alleviate the administrative overhead and to provide access to necessary information for students and parents. This applied research project is an experimental design for addressing the issues that the K-12 school systems face. The secure cloud project consisted of four databases and three nodes. The databases were Keystone, Glance, Nova, and Neutron. First, the Keystone database handled the identity service. The second database was the image client, Glance. Images were launched through this database following a correct authentication token. The third database was Nova. Nova handled all the compute services for the controller and compute node. Fourth was the Neutron database service, which handled all the networking agents that traveled through all three nodes. There were three nodes; a compute node; a controller node; and a networking node to run the cloud. The controller node is the first to be used by verifying identity of the user. It then travels through the management network to the compute node that operates the virtualized network. Traffic between will be monitored by the network node to assign DHCP to each session. Future work to the secure cloud include: a security node to filter through the traffic to alert when an issue arises; and another server to allow for more space to be allocated for virtual machines. These improvements will enhance performance by segmenting information on a different secure network. © American Society for Engineering Education, 2017.