HARNESSING CLOUD COMPUTING INFRASTRUCTURE FOR E-LEARNING SERVICES

This paper introduces an innovative model for harnessing cloud computing infrastructure within an e-learning ecosystem. The main goal was to design a scalable, reliable and secure IT environment that provides a plethora of e-learning services and seamless integration of the heterogeneous e-learning components through IaaS, PaaS and SaaS cloud service models. The e-learning services are tailored to foster courses for IT engineers in the areas of mobile technologies, social computing, Internet of Things and big data. The model was implemented and evaluated in the e-learning ecosystem of the E-business Lab, University of Belgrade

Diseño de la red de campus para el Centro de Formación Continua San Bartolo de la Universidad Politécnica Salesiana

This technical project was prepared for the Centro de Formación Continua San Bartolo of the Universidad Politécnica Salesiana, in order to provide students, teaching and administrative staff, with a professional proposal that contemplates the design of a campus network based on a modern technological infrastructure that meets the needs of Internet connection and communication, offering an agile and secure connectivity experience. During the situational analysis of the property it was found that this center does not have any connectivity infrastructure; which is why we propose the design of a network based on the hierarchical business architecture of CISCO, ensuring that it allows a correct distribution in the sending and receiving of data, while providing a solution with high scalability and availability. For the elaboration of the design of the network, the standards of length of structured cabling and wireless networks were observed, which specify the minimum requirements that these components must fulfill, such as; length and type of cable, accessories and work areas; likewise, wireless coverage, minimum signal levels, data speed, work frequency, among others. The project also aims to optimize the use of resources and achieve a design that is adaptable to the changes that are made in terms of space distribution or advances in the technology of active and passive equipment. Finally, this document presents a set of plans with the physical and logical distribution of the network components, estimating a budget for the execution of the project.El presente proyecto técnico fue elaborado para el Centro de Formación Continua San Bartolo de la Universidad Politécnica Salesiana, con el fin de brindar a los estudiantes, personal docente y administrativo, una propuesta profesional que contemple el diseño de una red de campus basada en una moderna infraestructura tecnológica que satisfaga las necesidades de conexión a Internet y de comunicación, ofreciendo una experiencia de conectividad ágil y segura. Durante el análisis situacional del predio se pudo constatar que este centro no cuenta con ninguna infraestructura de conectividad; razón por la cual, se propone el diseño de una red basada en la arquitectura jerárquica empresarial de CISCO, asegurando que la misma permita una correcta distribución en el envío y recepción de datos. Para la elaboración del diseño de la red, se observaron los estándares vigentes de cableado estructurado y de redes inalámbricas, los cuales especifican los requerimientos mínimos que deben cumplir estos componentes, tales como: longitud y tipo de cable, accesorios y áreas de trabajo; así mismo, cobertura inalámbrica, niveles de señal mínimos, velocidad de datos, frecuencia de trabajo, entre otros. El proyecto pretende, además, optimizar el uso de recursos y lograr un diseño que sea adaptable a los cambios que se efectúen en cuanto a la distribución del espacio o a los avances en la tecnología de los equipos activos y pasivos. Finalmente, este documento presenta un conjunto de los planos con la distribución física y lógica de los componentes de red, estimando un presupuesto para la ejecución del proyecto

AUTOMATED NETWORK SECURITY WITH EXCEPTIONS USING SDN

Campus networks have recently experienced a proliferation of devices ranging from personal use devices (e.g. smartphones, laptops, tablets), to special-purpose network equipment (e.g. firewalls, network address translation boxes, network caches, load balancers, virtual private network servers, and authentication servers), as well as special-purpose systems (badge readers, IP phones, cameras, location trackers, etc.). To establish directives and regulations regarding the ways in which these heterogeneous systems are allowed to interact with each other and the network infrastructure, organizations typically appoint policy writing committees (PWCs) to create acceptable use policy (AUP) documents describing the rules and behavioral guidelines that all campus network interactions must abide by. While users are the audience for AUP documents produced by an organization\u27s PWC, network administrators are the responsible party enforcing the contents of such policies using low-level CLI instructions and configuration files that are typically difficult to understand and are almost impossible to show that they do, in fact, enforce the AUPs. In other words, mapping the contents of imprecise unstructured sentences into technical configurations is a challenging task that relies on the interpretation and expertise of the network operator carrying out the policy enforcement. Moreover, there are multiple places where policy enforcement can take place. For example, policies governing servers (e.g., web, mail, and file servers) are often encoded into the server\u27s configuration files. However, from a security perspective, conflating policy enforcement with server configuration is a dangerous practice because minor server misconfigurations could open up avenues for security exploits. On the other hand, policies that are enforced in the network tend to rarely change over time and are often based on one-size-fits-all policies that can severely limit the fast-paced dynamics of emerging research workflows found in campus networks. This dissertation addresses the above problems by leveraging recent advances in Software-Defined Networking (SDN) to support systems that enable novel in-network approaches developed to support an organization\u27s network security policies. Namely, we introduce PoLanCO, a human-readable yet technically-precise policy language that serves as a middle-ground between the imprecise statements found in AUPs and the technical low-level mechanisms used to implement them. Real-world examples show that PoLanCO is capable of implementing a wide range of policies found in campus networks. In addition, we also present the concept of Network Security Caps, an enforcement layer that separates server/device functionality from policy enforcement. A Network Security Cap intercepts packets coming from, and going to, servers and ensures policy compliance before allowing network devices to process packets using the traditional forwarding mechanisms. Lastly, we propose the on-demand security exceptions model to cope with the dynamics of emerging research workflows that are not suited for a one-size-fits-all security approach. In the proposed model, network users and providers establish trust relationships that can be used to temporarily bypass the policy compliance checks applied to general-purpose traffic -- typically by network appliances that perform Deep Packet Inspection, thereby creating network bottlenecks. We describe the components of a prototype exception system as well as experiments showing that through short-lived exceptions researchers can realize significant improvements for their special-purpose traffic

Infrastructure for e-education based on software defined networking.

Предмет истраживања докторске дисертације је развој модела инфраструктуре за е-образовање, који је заснован на концепту и технологијама софтверски дефинисаних мрежа, као и развој образовног модула за учење софтверски дефинисаних мрежа. Централни проблем је испитивање могућности примене концепта софтверски дефинисаних мрежа у оквиру cloud computing инфраструктуре образовних установа и креирања адекватног образовног модула за учење софтверски дефинисаних мрежа..