Lochlin Duperron                                                 Oliver Jourmel
VIU              VPN Virtually Secure Isolated Cluster           November 2014


## Extended Abstract ##
-------------------------------------------------------------------------------

We will be considering writing a set by step guide to create openVPN client
and server keys. Additionally, we may be writing a small shell script to
do this automatically. While this is not necessarily new, it is convenient,
and is not too difficult.

   There are some resources currently available to do this:
      * https://wiki.debian.org/openvpn%20for%20server%20and%20client
      * https://openvpn.net/index.php/open-source/documentation/howto.html

We will then be considering the deployment of a cluster software on the VPN.
We are currently considering using the SLURM software.
   More resources: 
      * https://computing.llnl.gov/linux/slurm

Once this is set up, we will be exploring the possibility of hardeneng the
VPN and Closer server to verify that it is secure against direct attacks.
As external attacks to a VPN network have been considered in the past,
we will be focusing on outgoing attacks.

That is, can we verify that running a VPN/Cluster on a large number of Virtual
Box machines, is not a threat to the host computers and networks it is running
on.

We will be hardening the VPN and Cluster server using SELinux, or some
similar tools, and we will be hardening the Virtual Box hosts to prevent
any outgoing attacks, originating from the VPN.

By showing that a VPN/Cluster deployed on a series of Virtual Boxes, is both
safe from external attacks, and secure from outgoing internal attacks, we
can put forth the idea of deploying VPN Virtually Secure, Isolated Clusters,
in University labs without a significant risk of security breach.

This deployment would open the possibilities for student to work in a sandboxes
environment, with full containment, and accountability of programs executed.