CQUNIVERSITY Capstone Project Final Report COIT20265 COIT13236 Design of a Distributed System to Support the Online Learning Operations of a Large University
EXECUTIVE SUMMARY
This should be a brief section, not larger than a page, that summarises the key facts relating to the project; purpose and goals; scope and deliverables; issues encountered; lessons learned; and other facts that you might think are important to highlight. Do not include in this executive summary any background information or introductions.
The introduction should be a clear and concise description of your project in terms of TGU’s needs and requirements. Make sure to include a background to the case study (i.e. characterisation and importance of large distributed systems), description of TGU, TGU business domain, requirements, and statement of works. The last paragraph of the introduction should be an outline of the structure of this report.
This section should discuss Large Distributed Systems. Use it as the theoretical background to frame your recommended infrastructure. What is a distributed system? How does it differ from traditional centralized computer architectures? Security, configuration, performance, scalability, and resiliency issues of distributed systems? Distributed Systems vs Cloud Systems? Are they the same? Cloud Computing Platforms: IaaS, PaaS, SaaS?
This section should discuss the cloud infrastructure options available to TGU. First, you should provide a background of what constitutes: a) private; b) private and third-party; and, c) fully public cloud services. Secondly, highlight the advantages and disadvantages of all options in terms of the following five factors:
In this section, using the five factors outlined in section 2.2, choose your option: a) private; b) private and third-party; or, c) fully public cloud services. Then, justify your recommendation to TGU based on its business and technical needs. Make sure to elaborate on the security, configuration, performance, scalability, and resiliency of the recommended system.
This is meant to be a holistic recommendation. To that end, frame your justification around facts that add value to your recommendation. You may consider, for example, the nature of the business organization (i.e. TGU), its organisational culture, mission statement, size, widespread geographical locations (France, Japan, Argentina, India, and South Africa), coverage, quality of service, competition, interoperability, ROI (return on investment), TCO (total cost of ownership), vertical or horizontal integration, level of automation, operations, and service level agreements amongst others.
If you use figures and tables to support your argument, remember you should label, number, explain, and reference them appropriately. I expect that all tables and figures in the report are designed and produced by you. Copying and pasting original tables and figures is unacceptable. You should redraw and reference them accordingly.
The online network infrastructure analysis should address all requirements articulated in the case study. I suggest classifying the requirements in two groups: business requirements and technical requirements. Then proceed to abstract and analyse them using a LAN / WAN network design methodology that best matches TGU needs. The analysis should be conducive to deliver a logical network design (LANs / WANs). Ultimately, this design needs to be consistent with your recommendation in section 2 above.
Business Requirements
Technical Requirements
When performing the analysis, you may take into account the following questions:
Being an International University, TGU has established its branches in different parts of the world having its headquarter in France. Despite, most of the important tasks and decisions are made in France, all other offices in Japan, Argentina, South Africa and India have Cloud Data Centers having application servers, virtual machines, physical machines, load balancers, bare machines, storage and internet access. It seems these CDCs are separate businesses on itself but they are all controlled by the head office.
As we are using Distributed System, it is easy to scale the system growth easily. (https://keetmalin.wixsite.com/keetmalin/single-post/2017/09/24/An-Introduction-to-Distributed-Systems)
Hierarchical Design helps in scalability.
User Comunities:
User Community Name |
Size of Community (Number of Users) |
Location(s) of Community |
Application(s) Used by Community |
Students |
250,000 |
-- |
Moodle Server |
Academics |
2000 |
France |
|
Administrative, Operational, and Student support staffs |
4000 |
France |
|
Research Staffs |
1000 |
France |
|
Data Stores:
Data Store |
Location |
Application(s) |
Used by User Community (or communities) |
Traffic Flows:
You may consider the following design-related questions:
Recall this section should be completed in accordance with the NIST Special Publication 800-30
Before you tackle section 4, you should conduct a brief research literature to understand the security challenges faced by online network infrastructures similar to TGU.
Recall this section should be completed in accordance with NIST Contingency Planning Guide 800-34
This should be a systematic disaster recovery plan to inform TGU on how to get all IT infrastructure and operations back to normal work after an outage.
You might consider the following:
This should be a systematic business continuity plan to inform TGU on how to get all business processes back to full functionality after a crisis.
You might consider the following thoughts:
Based on the hardware and software you opted to use (either cloud computing, VirtualBox / VMware hypervisor, or small home Internet), give a brief description of the nature of the proof of concept and network infrastructure you want to demonstrate.
Download and install the Moodle package along with its associated software in the platform you chose to demonstrate the PoC. Then, configure the applications according to the recommendations given by the Moodle site. The Moodle site contains many community resources and tutorials showing you how to do that.
Give evidence of your installation and configuration by illustrating with screenshots and describing briefly the tasks conducted.
Note that this will be verified during the DEMO of your system in week 12.
Provide a physical network diagram of your PoC labelling the technical components of your infrastructure including the interfaces, type of connections, operating systems, databases, servers, firewalls, etc. You may use figure 2 in the case study as a reference to draw your diagram.
You should demonstrate and give evidence of the ten (10) system administration good practices you implemented to make the Moodle system more solid and secure. This can be done by listing each practice, explaining how it was practically implemented in the system, and including a screenshot.
For example, let’s assume that one of the practices you decide to implement in Moodle is blacklisting. To that end, you build a domain blacklist by adding IP addresses that you wish to block. The outcome is that any IP address that is in the list is blocked. You may document this example as follows:
Good Practice # 1: Blacklisting
Description of the practice
This practice was implemented by building in the Moodle system a list of IP addresses to block. After logging in as admin, we navigated to Site administration>Security>IP blocker to access the settings. Then, following the instructions in the settings, we entered the list of IP addresses to block and saved the changes.
Screenshots
Note that this will be verified during the DEMO of your system in week 12.
In hardening the Moodle system, you are also required to explain how your Moodle security implementation protects against each of the security risks listed and compiled by OWASP top 10 (Ten Most Critical Web Application Security Risks). Basically, provide a table witht the OWASP top 10 in a column, description of the security risk, and your mitigation strategy in another column. The following table illustrates an example (SQL injection) of how to document this section. You may use this table as a reference [do not forget to delete the example entry].
OWASP # |
OWASP Description |
Mitigation strategy |
1 SQL injection |
Moodle is written in PHP and distributed under the GNU General Public License. That makes it vulnerable to SQL injection hacking malpractices. |
This risk was mitigated by configuring Suhosin (an advanced protection system for PHP 5 installations) as a Plugin in Moodle. Suhosin is designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. |
2 |
||
3 |
Based on your security risk management approach recommended in point 3 above, use free tools, for example Kali tools [5], to perform both vulnerability and penetration tests in your system. You should perform 10 tests. For each test provide the following:
List your references in accordance with CQUuniversity referencing guidelines.
Use this section to report any project-related supplementary materials.
Urgenthomework helped me with finance homework problems and taught math portion of my course as well. Initially, I used a tutor that taught me math course I felt that as if I was not getting the help I needed. With the help of Urgenthomework, I got precisely where I was weak: Sheryl. Read More
Follow Us