COIT20265 Networks and Information Security
Assignment Objective
You are to design and build a secure, responsive, reliable, scalable, and resilient large distributed system to support an online video game service.
Background
Melbourne Streaming Services (MSS) is an award-winning multinational multimedia company founded in 1990 with headquarters in Melbourne (Docklands, Australia), and subsidiaries in North America (San Jose, California), and Europe (London, UK).
MSS’s main business is the design and manufacturing of video game consoles that over the years have gained a world-class reputation. MSS is also well-known in the research and development (R&D) of video games. Recently, MSS has partnered with other multimedia companies to offer its users the option of integrating music and video services into the MSS’s services. In addition to these operations, MSS owns a number of franchises and related-businesses all over the world.
MSS has three R&D centres located in Tokyo, Berlin, and Miami respectively. Video consoles, content production, video games, hardware, and software are designed, developed, and tested in these facilities. Blueprints are created and sent overseas for manufacturing.
Owing to the popularity of both video consoles and video games, MSS has recently announced a project to develop and deploy an online network enabling multiplayers to stream video games interactively to MSS consoles and PCs in general. Specifically, MSS aims to give free unlimited access to a selection of over 600 highly popular MSS video games to owners of MSS console players. Players using PCs and mobile devices are to pay a very small subscription fee per month.
MSS expects to build a secure, responsive, reliable, scalable, and resilient large distributed system. To that end, MSS wants to capitalise on the latest developments of cloud network technology and security infrastructure. In this regard, MSS is considering all options including a mix of on-premises private and third-party, or fully public cloud services, or hybrid (private systems on rented data centres spaces). MSS’s application stack, micro services, operating systems, business intelligence tools, utilities, application engines, and databases are to be built and tested in-house at the R&D centres.
System Requirements
- The distributed system should leverage four-tier application architectures.
- Within the first year of its deployment, the distributed system should support 50 million online subscribers playing around 100 million hours of MSS interactive video games in 150 countries.
- The distributed system should scale to support a subscription growth of 50% per year.
- The distributed system should operate 24/7 with some scheduled maintenance windows.
- The mean availability of the distributed system should fall within industry standard systems, typically between 99.5 per cent and 99.9 per cent uptime.
- Improve business efficiency and effectiveness through the automation of the majority of the network tasks and services.
- Support for MSS consoles, Windows and MACOS PCs; and mobile devices (Android and IOS).
- Support for the storing and streaming on demand of about 600 MSS video games to multiplayers spread all over the world.
- The distributed system should leverage micro services technology built and tested in-house at the R&D centres. In this regard, MSS estimates that around 1000 micro services will be available to control each of the many parts of online network service. An example of a micro service might be “game state” where users are to save the progress of the game to the cloud and enable them to resume after in the same device or any other compatible device.
- The distributed system should enable users with a very high broadband access network (like the NBN in Australia) to maximise their video gaming experience by guaranteeing server streaming of at least 720p and 1080p HDTV.
Security Requirements
- The security of this system should be as solid as possible to defend against attacks specifically designed to compromise the application stack, web services, micro services, and the infrastructure in general.
- MSS expects that any security event to be resolved within three hours of being logged (from event detection to ticket generation, and final resolution). The optimal goal would be the resolution of such events in real-time using automation as much as possible.
- The distributed system should incorporate strong Identity and Access Management (IAM).
- The system should leverage proxy servers, reverse proxy server, NAT (Network Address Translation), and subnetting to separate public from private services.
- The MSS internal range of private IPv4 addresses in the form of CIDR is 172.16.0.0/12
Statement of Works
- Recommend MSS the best infrastructure strategy. You need to recommend from a mix of on-premises private and third-party; or fully public cloud services; or hybrid (private clouds running on rented datacentres spaces). This recommendation should address the following five factors: Compliance, Performance, Privacy, Cost, and Control.
- Analyse and design the online network infrastructure.
- Perform a vulnerability assessment of the distributed system and recommend a security risk mitigation strategy.
- Provide MSS with both a Disaster Recovery Plan (DRP) and a Business Continuity Plan (BCP).
- Demonstrate a proof of concept of your online network. In doing so, build a small network using the free-tier of cloud computing services like OpenStack Public Cloud, Microsoft Azure, Google Cloud or Amazon Web services (AWS).
- Select your infrastructure. This might range from bare machines to networking, servers, virtual machines, and storage systems.
- Select the computing platform such as operating systems, data, business intelligence tools, machine learning, analytics, utilities, application engines, and databases.
- Install, configure, and secure some hosted applications. Examples of these might be: Web services (HTTP, HTTPS), e-mail services, Web-accessible applications, and music and video streaming Apps.
- To test your online network, demo a free multiplayer online network game like Minecraft or another game you are familiar with.
Note: For the final submission of these works, you must use the accompanying template provided in the Moodle Site. This template is specially formatted and contains further guidelines to address the project requirements.