-
Notifications
You must be signed in to change notification settings - Fork 9
Idea List for GSoC
Here is the idea List for our project for GSoC. For more general information visit: https://www.digitale-nachhaltigkeit.unibe.ch/services_and_support/lernstick/index_eng.html
Before choosing a idea for a project proposal, research into the given ideas and technologies is required. Lernstick is based on a lot of different technologies and for some tasks you have to have an understanding about most of them. If you are interested in an idea and have questions please contact the given Mentor or ask on the mailing list.
The list is split into two parts Exam environment and general Tasks for Lernstick.
For the user data partition called "persistence" we currently use ext4. ext4 is pretty stable but newer filesystems like Btrfs provide snapshots which can be used with a relative small overhead.
- Design a subvolume layout that works for our use case
- Create a utility for creating the snapshots
- Integrate support into DebianLive Copy
- Add support for backups via btrfs-send
- Add a user friendly way to browse snapshots (Integration into Nautilus?)
Using Btrfs as persistence partition is supported. Basic discussion for an implementation can be found here: https://github.com/imedias/lernstickAdvanced/issues/22
Debian, basic knowledge of file systems, Java (for integration with DebianLive Copy)
Medium
Dr. Ronny Standtke: ronny.standtke@inf.unibe.ch
Lernstick is installed on removable Media like a USB thumb drive and depending on the use case students store their personal information on them. This data is stored on a partition called "persistence" and is currently not encrypted. Which is an issue because a thumb drive is easily lost or stolen. To prevent that their data is exposed to any one that gets that drive the "persistence" needs to encrypted and for the user there must be an easy way to utilize that encryption. The challenge is to build a system that is robust enough to enable encryption by default without making Lernstick a lot tougher to use for administrators and users.
- Designing the encryption architecture
- Decryption for Updates
- School update master key
- Default encryption
- Decryption for Updates
- User Interface
- Managing keys in a user friendly manner
- Backup strategies
- Testing encryption support in Debian Live
- Implementing encryption in DebianLive Copy
- Create user Interface (Integration into LernstickWelcome)
- Creating visual passphrases for students that are still learing to read
Basic support is integrated into Debian Live and DebianLive Copy. This already enables some users to encrypt their partition, but is not user friendly such that it can be enabled by default.
Debian, Boot procedures, Bash, Java
Advanced
Dr. Ronny Standtke: ronny.standtke@inf.unibe.ch
- Live-Boot (Debian) : https://salsa.debian.org/live-team/live-boot
- Live-Boot (Lernstick): https://github.com/imedias/live-boot/tree/lernstick-debian9
- DebianLive Copy: https://github.com/imedias/DebianLiveCopy
- Live Config: https://github.com/imedias/lernstick-config
- Debian Live Manual: https://live-team.pages.debian.net/live-manual/html/live-manual/index.en.html
The exam environment is of the core use cases of Lernstick. It provides an flexible environment for mainly schools to do BYOD exams. This environment can be coupled with the exam server called Glados. With Glados the exam can be controlled from a central place. (E.g. collecting the exams after writing, deploying software based on the exam) You can see an early version of the environment here: https://www.youtube.com/watch?v=yPDJ_19uHIc
- Exam Server (Glados): https://github.com/imedias/glados
- Glados Manual: https://github.com/imedias/glados/blob/master/howtos/README.md
- Branch of Lernstick for exams: https://github.com/imedias/lernstickAdvanced/tree/exam-debian10
Other useful parts
- LernstickWelcome (Configuration tool): https://github.com/imedias/lernstickWelcome
- Lernstick Remastering tool: https://github.com/imedias/DebianLiveCopy
- Firewall application: https://github.com/imedias/lernstick-firewall
Main contact: Roman Gruber: roman.gruber@inf.unibe.ch
For an exam it is important to have good documentation how the exam was taken and have backups if anything unexpected happens. At the present we take screenshots at a given interval and backup them. This is suboptimal because the images change not that much and we create (massive) amount of traffic in an exam that we don't need. So the task is to implement a efficient way to document and backup the data of the students.
PHP (for Glados), General knowledge about Debian and compression, (Java might be helpful)
Medium
Roman Gruber: roman.gruber@inf.unibe.ch
The teacher should have the possibility to lock and unlock the students screen at will. This sould be scalable. It therfore sould work especially if there are 200+ students taking an exam at the same time. Combined with this, after the student has started a still locked exam, he/she should see a message on the screen indicating that the exam has no started yet (a locked screen), when the boot procedure has finished. The teacher sould then be able to unlock all (200+) screens at the same time (up to some seconds). This might be a challenging task, if we consider scalability and the fact that the exam systems don't have a established connection to the exam server all the time.
PHP, Networking (multicast/broadcast)
Advanced
Roman Gruber: roman.gruber@inf.unibe.ch
We (and the student) currently have no cryptographic proof that their data is the same as written. The task here is to add support for adding that functionality to Glados. One challenge here is to balance cryptographic accuracy and user experience. Currently the student gets a ticket ID. Maybe there is a way to add some functionality for singing that reuses that
In an exam Lernstick is normally booted from an USB thumb drive. Currently we have no checks in place for verifying that our image has been tampered with. The idea here is to look into securing our boot chain by using signed images and because most new devices have a trusted platform module (TPM) it might be possible to use that for challenge response tasks.
Linux, PHP, Bash, Boot procedures, basing knowledge about cryptography
Advanced
Roman Gruber: roman.gruber@inf.unibe.ch Dr. Ronny Standtke: ronny.standtke@inf.unibe.ch
A powerful search functionality is essential for an application containing a large amount of data. It should be possible to search through files created by the student during an exam as soon as the data resides on the server. The data produced by the student can be arbitrary; for example office documents, PDFs, or mere text files. An example scenario where the search functionality is crucial can be if the student accidentally deleted an important file. The teacher can search for that file by its contents and restore it, instead of browsing through the backups.
There is already quite some integration work done (https://github.com/imedias/glados/tree/elasticsearch), but specially the mappings, analyzers, tokenizers and indices for elasticsearch are subject of this topic.
Elasticsearch, Indexing
Medium
Roman Gruber: roman.gruber@inf.unibe.ch
If you have other ideas to improve Lernstick with your project, feel free to submit your own project proposal. Here are some ideas to look into:
- Migration to dracut
- Instead of using a customized Debian-Live migrate to dracut
- Delta Updates for packages
- Snapshots
- Improving build tooling (currently some bash scripts)
- Add the support for automated testing with for example openQA
- Reviewing and implementing Remote Desktop Support