Skip to content
THS-on edited this page Feb 17, 2021 · 7 revisions

Here is the idea List for our project for GSoC. For more general information visit: https://www.digitale-nachhaltigkeit.unibe.ch/services_and_support/lernstick/index_eng.html

Before choosing a idea for a project proposal, research into the given ideas and technologies is required. Lernstick is based on a lot of different technologies and for some tasks you have to have an understanding about most of them. If you are interested in an idea and have questions please contact the given Mentor or ask on the mailing list.

The list is split into two parts Exam environment and general Tasks for Lernstick.

Lernstick

Automatic snapshot creation with Btrfs

For the user data partition called "persistence" we currently use ext4. ext4 is pretty stable but newer filesystems like Btrfs provide snapshots which can be used with a relative small overhead.

Subtaks

  • Design a subvolume layout that works for our use case
  • Create a utility for creating the snapshots
  • Integrate support into DebianLive Copy
  • Add support for backups via btrfs-send
  • Add a user friendly way to browse snapshots (Integration into Nautilus?)

Current status

Using Btrfs as persistence partition is supported. Basic discussion for an implementation can be found here: https://github.com/imedias/lernstickAdvanced/issues/22

required skills / knowledge

Debian, basic knowledge of file systems, Java (for integration with DebianLive Copy)

Difficulty

Medium

Possible mentors

Dr. Ronny Standtke: ronny.standtke@inf.unibe.ch

Full disk encryption

Lernstick is installed on removable Media like a USB thumb drive and depending on the use case students store their personal information on them. This data is stored on a partition called "persistence" and is currently not encrypted. Which is an issue because a thumb drive is easily lost or stolen. To prevent that their data is exposed to any one that gets that drive the "persistence" needs to encrypted and for the user there must be an easy way to utilize that encryption. The challenge is to build a system that is robust enough to enable encryption by default without making Lernstick a lot tougher to use for administrators and users.

Substask

  • Designing the encryption architecture
    • Decryption for Updates
      • School update master key
      • Default encryption
  • User Interface
  • Managing keys in a user friendly manner
  • Backup strategies
  • Testing encryption support in Debian Live
  • Implementing encryption in DebianLive Copy
  • Create user Interface (Integration into LernstickWelcome)

Stretch goals

  • Creating visual passphrases for students that are still learing to read

Current status

Basic support is integrated into Debian Live and DebianLive Copy. This already enables some users to encrypt their partition, but is not user friendly such that it can be enabled by default.

required skills / knowledge

Debian, Boot procedures, Bash, Java

Difficulty

Advanced

Possible mentors

Dr. Ronny Standtke: ronny.standtke@inf.unibe.ch

Useful links

Exam Environment

The exam environment is of the core use cases of Lernstick. It provides an flexible environment for mainly schools to do BYOD exams. This environment can be coupled with the exam server called Glados. With Glados the exam can be controlled from a central place. (E.g. collecting the exams after writing, deploying software based on the exam) You can see an early version of the environment here: https://www.youtube.com/watch?v=yPDJ_19uHIc

Main links for Exam enviorment

Other useful parts

Main contact: Roman Gruber: roman.gruber@inf.unibe.ch

Improving Exam documentation and backups

For an exam it is important to have good documentation how the exam was taken and have backups if anything unexpected happens. At the present we take screenshots at a given interval and backup them. This is suboptimal because the images change not that much and we create (massive) amount of traffic in an exam that we don't need. So the task is to implement a efficient way to document and backup the data of the students.

Required skills

PHP (for Glados), General knowledge about Debian and compression, (Java might be helpful)

Difficulty

Medium

Potential mentors

Roman Gruber: roman.gruber@inf.unibe.ch

Lock screen during exams

The teacher should have the possibility to lock and unlock the students screen at will. This sould be scalable. It therfore sould work especially if there are 200+ students taking an exam at the same time. Combined with this, after the student has started a still locked exam, he/she should see a message on the screen indicating that the exam has no started yet (a locked screen), when the boot procedure has finished. The teacher sould then be able to unlock all (200+) screens at the same time (up to some seconds). This might be a challenging task, if we consider scalability and the fact that the exam systems don't have a established connection to the exam server all the time.

Required skills

PHP, Networking (multicast/broadcast)

Difficulty

Advanced

Potential mentors

Roman Gruber: roman.gruber@inf.unibe.ch

Adding cryptographic proof and anti tampering to the Exam environment

We (and the student) currently have no cryptographic proof that their data is the same as written. The task here is to add support for adding that functionality to Glados. One challenge here is to balance cryptographic accuracy and user experience. Currently the student gets a ticket ID. Maybe there is a way to add some functionality for singing that reuses that

In an exam Lernstick is normally booted from an USB thumb drive. Currently we have no checks in place for verifying that our image has been tampered with. The idea here is to look into securing our boot chain by using signed images and because most new devices have a trusted platform module (TPM) it might be possible to use that for challenge response tasks.

Required skills

Linux, PHP, Bash, Boot procedures, basing knowledge about cryptography

Difficulty

Advanced

Potential mentors

Roman Gruber: roman.gruber@inf.unibe.ch Dr. Ronny Standtke: ronny.standtke@inf.unibe.ch

Elasticsearch integration in Glados

A powerful search functionality is essential for an application containing a large amount of data. It should be possible to search through files created by the student during an exam as soon as the data resides on the server. The data produced by the student can be arbitrary; for example office documents, PDFs, or mere text files. An example scenario where the search functionality is crucial can be if the student accidentally deleted an important file. The teacher can search for that file by its contents and restore it, instead of browsing through the backups.

There is already quite some integration work done (https://github.com/imedias/glados/tree/elasticsearch), but specially the mappings, analyzers, tokenizers and indices for elasticsearch are subject of this topic.

Required skills

Elasticsearch, Indexing

Difficulty

Medium

Potential mentors

Roman Gruber: roman.gruber@inf.unibe.ch

Other Ideas

If you have other ideas to improve Lernstick with your project, feel free to submit your own project proposal. Here are some ideas to look into:

  • Migration to dracut
    • Instead of using a customized Debian-Live migrate to dracut
  • Delta Updates for packages
    • Snapshots
  • Improving build tooling (currently some bash scripts)
  • Add the support for automated testing with for example openQA
  • Reviewing and implementing Remote Desktop Support
Clone this wiki locally