Tablets report

In January 2014, the Government of Malta launched the ‘One Tablet per Child’ pilot project whose aim is to foresee the introduction of computer tablets in primary schools. An expression of interest was also published in order to test different types of hardware and software solutions with the aim of collecting feedback from educators and students. As part of this initiative, the Faculty of Information and Communication Technology was requested to assist. In fact, an inter-departmental team was setup made up of academics from the Department of Intelligent Computer Systems and the Department of Computer Information Systems. These academics were entrusted with the task of analyzing the three major tablet platforms in order to create a coherent and impartial analysis, which can help during the selection of the ultimate platform. The result of this exercise is this document, which was presented to the committee responsible for the tablets project. Throughout this document, one can find a thorough discussion pertaining the positive and negative aspects of each platform; be it Android, iOS or Microsoft. Whilst praising the most positive features of each platform, the document also highlights the issues, which might arise when developing content for these operating systems (OSs) and the weaknesses, which currently exist. We also examined issues, which might arise when using these platforms. In particular, our analysis also takes into consideration the fact that the usage will happen in a primary classroom setting and thus, additional issues such as sturdiness of the device had to be considered. Even though we mentioned some examples, we did not really go into the merits of particular devices because the market is so fragmented that it would have been impossible to pinpoint specific models or brands. Being a highly volatile sector means that the information presented in this document can be considered correct at the time of writing however we are expecting major changes in the coming months which will definitely change the way in which we interact with computers forever. The document is well suited to help the committee get abreast with the latest offerings and future potential of each platform in order to allow them to take an informed decision. A decision, which will have a long lasting effect on the eventual success of the project and the ultimate wellbeing of our children.peer-reviewe

REMOTE MOBILE SCREEN (RMS): AN APPROACH FOR SECURE BYOD ENVIRONMENTS

Bring Your Own Device (BYOD) is a policy where employees use their own personal mobile devices to perform work-related tasks. Enterprises reduce their costs since they do not have to purchase and provide support for the mobile devices. BYOD increases job satisfaction and productivity in the employees, as they can choose which device to use and do not need to carry two or more devices. However, BYOD policies create an insecure environment, as the corporate network is extended and it becomes harder to protect it from attacks. In this scenario, the corporate information can be leaked, personal and corporate spaces are not separated, it becomes difficult to enforce security policies on the devices, and employees are worried about their privacy. Consequently, a secure BYOD environment must achieve the following goals: space isolation, corporate data protection, security policy enforcement, true space isolation, non-intrusiveness, and low resource consumption. We found that none of the currently available solutions achieve all of these goals. We developed Remote Mobile Screen (RMS), a framework that meets all the goals for a secure BYOD environment. To achieve this, the enterprise provides the employee with a Virtual Machine (VM) running a mobile operating system, which is located in the enterprise network and to which the employee connects using the mobile device. We provide an implementation of RMS using commonly available software for an x86 architecture. We address RMS challenges related to compatibility, scalability and latency. For the first challenge, we show that at least 90.2% of the productivity applications from Google Play can be installed on an x86 architecture, while at least 80.4% run normally. For the second challenge, we deployed our implementation on a high-performance server and run up to 596 VMs using 256 GB of RAM. Further, we show that the number of VMs is proportional to the available RAM. For the third challenge, we used our implementation on GENI and conclude that an application latency of 150 milliseconds can be achieved. Adviser: Byrav Ramamurth

Security comparison of ownCloud, Nextcloud, and Seafile in open source cloud storage solutions

Cloud storage has become one of the most efficient and economical ways to store data over the web. Although most organizations have adopted cloud storage, there are numerous privacy and security concerns about cloud storage and collaboration. Furthermore, adopting public cloud storage may be costly for many enterprises. An open-source cloud storage solution for cloud file sharing is a possible alternative in this instance. There is limited information on system architecture, security measures, and overall throughput consequences when selecting open-source cloud storage solutions despite widespread awareness. There are no comprehensive comparisons available to evaluate open-source cloud storage solutions (specifically owncloud, nextcloud, and seafile) and analyze the impact of platform selections. This thesis will present the concept of cloud storage, a comprehensive understanding of three popular open-source features, architecture, security features, vulnerabilities, and other angles in detail. The goal of the study is to conduct a comparison of these cloud solutions so that users may better understand the various open-source cloud storage solutions and make more knowledgeable selections. The author has focused on four attributes: features, architecture, security, and vulnerabilities of three cloud storage solutions ("ownCloud," "Nextcloud," and "Seafile") since most of the critical issues fall into one of these classifications. The findings show that, while the three services take slightly different approaches to confidentiality, integrity, and availability, they all achieve the same purpose. As a result of this research, the user will have a better understanding of the factors and will be able to make a more informed decision on cloud storage options

MANAGING AND SECURING ENDPOINTS: A SOLUTION FOR A TELEWORK ENVIRONMENT

This project introduces a business problem in which a water utility company – known as H2O District – was forced to discover and implement a solution that would enable the IT Department to effectively manage and secure their endpoints in a telework environment. Typically, an endpoint is defined as any device that is physically connected to a network. For the purposes of this project, the endpoints that the IT Department was concerned with consisted of Windows 10 PC’s, Laptops, and Apple iOS devices that employees use to access company resources while working outside of the corporate network. To properly manage endpoints, the IT Department was focused on being able to carry out their responsibilities for providing software deployments, software updates, operating system support, and remote support or troubleshooting. Regarding the security of their endpoints, the IT Department was concerned with being able to properly ensure endpoint compliance and provide adequate threat protection. Ultimately a decision was made to utilize various cloud services from Microsoft to assist the IT Department with carrying out their responsibilities in the new telework environment. The project analyzed the cloud technology used, e.g., Microsoft Azure Active Directory, Endpoint Manager, a Cloud Management Gateway, Intune, and Microsoft Defender for Endpoint; and examined some of the current on-premises infrastructure technology such as Microsoft Endpoint Configuration Manager, Active Directory, VPN, and Group Policy. The project also documented the implementation steps for configuring the cloud services and onboarding the endpoints to be properly managed and secured. The contribution of this project is: (i) to show how the H2O district examined the H2O district’s current infrastructure, (ii) identified any shortcomings with their current technological solutions, (iii) developed an understanding of the IT Departments service level agreements, and (iv) ultimately created a solution that allowed H2O to carry out its core responsibilities in the new telework environment. The project proved successful upon implementation and the IT Department was able to gain significant benefits by migrating some of their workloads to the cloud. The project also reports on some of the potential challenges the organization may face. Those include keeping up with the growing trend in hybrid remote work, managing the flow of information, and establishing zero trust. The solution implemented in this project can serve as an example for IT Departments facing similar challenges; namely, effectively managing and securing their endpoints in a telework environment

Implementing Cloud Computing In Small & Mid-Market Life-Sciences

This paper uses a mixed-method approach to study cloud computing implementation in emerging biotech and pharmaceutical companies. The study investigated four small biotech and pharmaceutical companies. The objective was to determine the positive and negative impacts of cloud computing and the impact of such implementation – especially the business impacts in an increasing global and competitive environment. The unique benefits, drawbacks, and various drivers of cloud implementation in these companies were identified. The research techniques were mixed qualitative methods that included action research, observations, and review of other case studies. The research indicated that small biotech and pharmaceutical companies found cloud computing to be very attractive albeit with some drawbacks. The paper provides a detailed discussion of the rationale in opting for cloud implementation by the emerging life-sciences companies; a comprehensive literature review of cloud implementation; the processes involved during the planning and implementation stages. The paper concludes by providing detailed recommendations on cloud implementation to organizations in the life-sciences domain

Implementing network security at Layer 2 and Layer 3 OSI model

This thesis investigated the features of security devices that would be suitable for implementations in medium to large enterprise networks at the global scale. In the thesis are covered open standard and proprietary security features. The open standard security features that are discussed in the report are the one that are developed by Internet Engineering Task Force – IETF and described in their Request For Comments – RFC. The proprietary features discussed in this report are from Cisco Systems and these features are always implemented in the Cisco Systems equipment. The author at the beginning describes common vulnerabilities, threats and attacks and then used comparative and quantities methodology to analyze the security features and its mitigation. Then in details were analyzed features of Cisco security devices, which operate at layer two and three of the OSI model, as the most commonly used equipment worldwide for securing entire computer networks. Based on their features and technical specifications it is shown that Cisco IOS Firewall feature set and Cisco Adaptive Security Appliance features are suitable for medium to big networks and with a staff that has advanced knowledge of risk security at computer networks. Network security is the process by which digital information assets are protected. The goals of security are to protect confidentiality, maintain integrity, and assure availability. With this in mind, it is imperative that all networks be protected from threats and vulnerabilities in order for a business to achieve its fullest potential. Typically, these threats are persistent due to vulnerabilities, which can arise from misconfigured hardware or software, poor network design, inherent technology weaknesses, or end-user carelessness. With the help of the Packet Tracer simulation software, different features and implementations of security features are tested. Using Packet Tracer software the author has created configuration script for every case used in a designed topology. At the end of the thesis under the Appendixes section is introduced operation of the Packet Tracer and configuration topology that is used throughout this report for the testing purposes

ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic

It is well known that apps running on mobile devices extensively track and leak users' personally identifiable information (PII); however, these users have little visibility into PII leaked through the network traffic generated by their devices, and have poor control over how, when and where that traffic is sent and handled by third parties. In this paper, we present the design, implementation, and evaluation of ReCon: a cross-platform system that reveals PII leaks and gives users control over them without requiring any special privileges or custom OSes. ReCon leverages machine learning to reveal potential PII leaks by inspecting network traffic, and provides a visualization tool to empower users with the ability to control these leaks via blocking or substitution of PII. We evaluate ReCon's effectiveness with measurements from controlled experiments using leaks from the 100 most popular iOS, Android, and Windows Phone apps, and via an IRB-approved user study with 92 participants. We show that ReCon is accurate, efficient, and identifies a wider range of PII than previous approaches.Comment: Please use MobiSys version when referencing this work: http://dl.acm.org/citation.cfm?id=2906392. 18 pages, recon.meddle.mob

BUBBLE-IN DIGITAL TESTING SYSTEM

Bubble-In is a cloud-based test-taking system build for students and teachers. The Bubble-In system is a test-taking application that interfaces with a cloud server. The mobile applications have been built for Android and Apple devices and the webserver is hosted on Digital Ocean VPS run with Nginx. The Bubble-In application is equipped with anti-cheating mechanisms such as question-answer key scrambling, not allowing screenshots, screen recording, or leaving the application. The tests students take are sent to the webserver to be graded and have statistics calculated and displayed in easy to use format for the test creator. Instructors can use the webserver to create exams or modify existing exams. This application was developed in Android Studio and XCode. These features were built using Java, Swift, Obj-C, PHP, HTTP requests, and MySQL. The application interacts with the database through the Nginx web server