Faculty of information technology
Chapter 2 Analysis of requirements
Download 1.67 Mb. Pdf ko'rish
|
full thesis
- Bu sahifa navigatsiya:
- CS to DS
|
Chapter 2
Analysis of requirements The final system is intended to meet real life needs of a router-manufacturing company. For this reason there are several requirements on its architecture and functionality, which will be introduced in this chapter. 2.1 Architecture overview The system architecture can be broken down into 3 main components: Customer Server (CS), which is the central hub where all the devices connect to and where all the manage- ment takes place; Dispatch Server (DS), used for licensing purposes and to help routers locate their CS; and routers with their respective LANs, who want to communicate with each other. The system must be easily scalable and capable of handling thousands of devices at the same time. All communication between the components must be encrypted and secure against Man-in-the-middle and other types of attacks. Before any new device is allowed to participate in communication within the VPN, its identity must first be verified, so as to prevent any unauthorized and possibly malicious devices from gaining access. Figure 2.1 shows an overview of the mentioned components. There are 3 main lines of communication where authentication is important: ∙ CS to DS - Registration of CS’s current IP address. ∙ DS to router - Passing of information about the CS to which the router belongs. ∙ Router to CS - Establishment of a secure channel through which all future commu- nication would flow. IPv6 support will not be included in this thesis. Nevertheless it is planned to be added later on and as such it needs to be considered during all major decisions. 2.2 Customer Server This is where the brunt of the work is done. All the traffic between connected routers (and their LANs) flows through CS and is routed from here to where it belongs. It must allow communication only between the routers that are grouped together. Each router can be in any number of groups. It must be possible to create new groups, delete them and 4 |
