Topic outline

  • Projects

    • Everyone has to do three security design and implementation projects:

      • Project 1: NFC ticket application
      • Project 2: IPsec VPN: connecting IoT devices to cloud
      • Project 3: Wireguard

      The projects can be done in pairs or individually (working in pairs is highly recommended).

      For each project, you need to do the following:

      1. Presentation (5-10 min) and demo about the design
      2. After the demo, submit in MyCourses a zip file containing the following:
          • Presentation slides (PowerPoint or PDF)
          • Design documentation (PDF, about 2 pages, reuse material from the presentation)
          • Source code for the implementation (typically only the modified files)


      The demo and presentation are the main way of getting feedback and the main method of evaluating your solution. You can reserve a demo time slot to get feedback on a partial solution before it is ready. You can also improve the design implementation after the demo, but for most changes, another demo will be needed. 

    • Group choice icon
      Select your group here Group choice
    • URL icon
      Project demo and advice sessions - Zoom link URL
    • Scheduler icon
      Project demo and advice sessions - booking Scheduler

    • Project 1: NFC tickets


      We will provide each group with Ultralight C smart cards. The cards can be collected after the lectures.

      Furthermore, we have a small number of Android phones with NFC that can be borrowed. To borrow a phone, send an email to cs-e4300@aalto.fi with your group name and student number. The phones can be collected from the CS building.


    • Folder icon
      Project 1 (NFC ticket) materials Folder
    • Assignment icon
      Project 1 (NFC ticket) submission Assignment

    • Project 2: VPN from IoT devices to the cloud

    • File icon
      Project 2 instructions File PDF
    • Assignment icon
      Project 2 (VPN) submission Assignment

      Please submit the following in a zip or tar file:

      • A short PDF documentation of your solution that would enable a knowledgeable person to re-implement it. You can submit the presentation slides from the demo session as the documentation, but please check that the information is up to date and complete. The submitted documentation should contain at least the following information:
        • ip address allocation to different gateways and networks (if changed). You can edit (e.g., with Google Docs) the setup overview from img/setup.odp
        • server scalability solution (if changed)
        • authentication credentials configuration
        • deployment process (if not entirely manual)
        • commands and/or scripts used for the configuration
        • modified configuration files (or sections) for the gateways and other important nodes, including ipsec (e.g. /etc/ipsec.conf) and firewall (e.g. /etc/iptables/rules.v4)
      • Output of debugging commands that you find useful on the gateways, at least the following:
        • ip a
        • route -n
        • ipsec statusall (if using StrongSwan)
        • ip xfrm policy
        • ip xfrm state (when client connected to server)
        • iptables-save (should be the same as /etc/iptables/rules.v4)
      Include your group number in all the documents!

    • Project 3: Wireguard

    • Assignment icon
      Project 3 (Wireguard) submission Assignment
    • File icon
      Project 3 description File PDF
Previous section
Lectures
Next section
Results