Online Platform for Interactive Tutorials: Cloud-Native Security

Thumbnail Image
Files
master_Mammo_Kidus_2020.pdf (6.09 MB)
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu | Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.
Author
Date
2020-08-18
Department
Major/Subject
Security and Cloud Computing
Mcode
SCI3084
Degree programme
Master’s Programme in Security and Cloud Computing (SECCLO)
Language
en
Pages
50
Series
Abstract
Computer science students have to develop hands-on experience with a wide array of programming languages, software development tools, and emerging technologies to keep up with the fast-evolving field. However, learning new technologies can be a daunting experience when students are required to setup new environments or perform many downloads and tedious configurations just to get started. This thesis introduces a novel online learning platform that solves this problem by providing students access to virtual environments that come prepackaged with the tools and dependencies required for a lesson. These environments are provided using Docker containers that students can directly access through a web-based terminal. This allows students to follow the instructions of labs, and perform the required actions in the terminal. Moreover, the platform is designed for higher education institutions and thus provides mechanisms to track student progress in labs, which can be used to offer graded assignments. Google Kubernetes Engine is used to deploy both the platform's application and the student's container-based virtual environments. Granting users access to these containers introduces security risks as malicious users can mount attacks such as network-based intrusion, denial of service, or privilege escalation against the platform or other users. To prevent these attacks, several security policies are enforced to secure the different components of the cloud-native application. A comprehensive overview of the security configuration of the platform and recommendations for future improvements is provided in this work.
Description
Supervisor
Di Francesco, Mario
Thesis advisor
Di Francesco, Mario
Keywords
docker, kubernetes, cloud-native security, online learning, interactive learning
Citation
Permanent link to this item
https://urn.fi/URN:NBN:fi:aalto-202008245152
Collections
[dipl] Perustieteiden korkeakoulu / SCI