Back to blog

HNC Digital Mini Projects 20/21

Posted on 3rd February 2021 at 15:13

As part of the HNC Computing (Harrow Campus), HNC Computing/Computing Plus (Hayes Campus) and HNC Computing Security (Uxbridge Campus) students took part in a mini project, which was set by an employer. This year, Alto Palo Networks and Heathrow Airport were involved in creating the project briefs. PhD students from Brunel University London also supervised the students on their projects.

The employer then had to judge the students solutions to the project, selecting the winning teams.

HNC Computing (Harrow Campus)

Project Brief:

As part of ongoing research and development, Palo Alto Networks, in conjunction with the West London Institute of Technology, wishes students to research the benefits of the SASE (Secure Access Service Edge) space and how it can help businesses adapt during the global pandemic.

Students are required to work in groups to investigate how an organisation could leverage SASE to help their employees work from home. What are the considerations they must make, what are the challenges they would face, what are the benefits of implementing a SASE technology.

Students need to explore and document your ideas along with possible solutions and present it to a panel of staff from both the WLIoT and Palo Alto.

HNC Computing (Harrow Campus) Winner

Winning Group: Ahmad Affash, Denis Cionca, Christopher Adu, Mariam Kamal, Ria Chadha

PhD Students from Brunel University London: Mahfuz Karim, Atefeh Momenikorbekandi

What is SASE?

It's a new concept of cybersecurity that many networks call the future of network security in the cloud.

It is also a security structure to empower secure and quick cloud reception, and help guarantee that clients and gadgets have secure admittance to the cloud to applications, information and administrations whenever and wherever.

Strengths and Weaknesses of SASE

Advantages:

SASE helps bring security to every edge, solving much of the scalability and infrastructure issues that arise in large, distributed organisations highly dependent on laaS/SaaS (Infrastructure as a Service/Software as a Service).

SASE providers can supply varying qualities of service so each application gets the bandwidth and network responsiveness it needs.

With SASE, enterprise IT staff have fewer chores related to deployment, monitoring and maintenance and can be assigned higher level tasks.

Disadvantages:

Some traditional vendors may also lack experience in evaluating context, which could limit their ability to make context-aware decisions.

Due to SASE's complexity, it's important that providers have well integrated features, not ones that are stitched together.

How Employees Traditionally Work From Home (VPN), and the Challenges That Technology Brings

Using VPN (Virtual Personal Network) while working from home, trackers collect and share data.

We need to be aware that the data shared is not identifiable or using data under a false name.

The challenges that may arise include using a corrupt network letting third party access your network by firewall not preventing unauthorised users and not blocking sites that are unsafe.

Can SASE Improve Upon Legacy of VPN Technologies?

The SASE model allows companies to expand their VPN platforms easily because the capability is all pre-built.

Once the service is turned on, the company is well positioned to support thousands of new home-based workers.

In a traditional network model, data and applications live in a core data centre.

As more and more companies move their data, workloads and applications to the cloud, they can work from anywhere in the world - this will also come with its downsides. One of them will be that on the company's server. There will be an increase of remote users which in turn will result in the user experiencing a significant latency when connecting to the corporate network via VPN, or else expose themselves to additional security risks when accessing company resources over an unsecured connection.

On the other hand, SASE places network control on the cloud itself. This is a higher level of protection and as all the data that is being transferred will be via SASE.

Investigate the Challenges of Implementing SASE and Considerations

SASE is a new system that has come into place. This can result in many different outcomes for the networks that want to implement it.

The installation and the process of implementing it within the company will take time.

SASE as we know is a "safer" and easier way of protecting sensitive data from any malware or virus that may want to infiltrate that network.

Some vendors may not know SASE and its depths.

Who Are the Key Players in the SASE Space, and What Are Their Strengths/Weaknesses?

Cato Networks, Cisco and even McAfee play a key role in the Secure Service Access Edge (SASE) space as they are all providers of SASE.

Advantages of SASE in any company:

Save time and money

Employer would not need to get buses, train or walk to workplace

Disadvantages of SASE in any company:

Not having the ability to communicate freely to others within the company or networks

If the system crashes then it will take time for system to reboot

Conclusion

You should keep in mind that SASE is a guiding principle or a framework, not a specific product or a compliance directive. As with any technology, you should understand its capabilities, match them with your requirements and choose vendors based on your network and analysis.

HNC Computing/Computing Plus/Computing Security (Hayes/Uxbridge Campus)

Project Brief:

As part of ongoing research and development, Heathrow, in conjunction with the West London Institute of Technology, wish to investigate the potential for the use of biometric technology in the day to day operation airport check in.

Students are required to work in groups of fellow HNC students to investigate the operation of check in within Heathrow, how biometrics could potentially be used to improve the operation, and what the challenges/issues might be with implementation.

Students will need to explore and document their ideas along with possible solutions and present it to a panel of staff from both the WLIoT and Heathrow.

HNC Computing Plus Winner

Winning Group: Richard Kiraly, Nikolay Codogno, Shivani Kai Chohan, Inacio Nunes, Hamza Ahmed, Samantha Yates, Rares Bosinceanu

PhD student from Brunel University London: Lamiek Abraham

Introduction

This project explored the use of Biometrics and its further enhancements in an ever evolving world. Last year brought us a global pandemic which dirupted international travel, and now the industry has to adapt to a touchless check in process. Furthermore, aviation has to steer towards more sustainable practices whilst increasing capacity and reducing pollution (process optimisation).

What is Biometrics?

Biometrics are used to identify individuals, mostly through biological or physical measures and characteristics.

There are three kinds of biometrics that are used:

Biological

Morphological

Behavioural

It works by using a reader or scanning device.

It would take in the data in using a software and run it against records within their database.

Examples of biometrics include fingerprint tracking, iris recognition, facial recognition, voice recognition

Biometrics in Airports

The use of this is called 'contactless travels'

Includes the use of biometric tokens

Users would share their digital identity ahead of time

Automatically recognised on arrival and when luggage is dropped off

Will speed up time and enable capacity for future demand

Check In Processes in Heathrow

Biometric

Biometric check in process uses cameras and face recognition systems with automated e-gates in order to improve security and efficiency.

Pros: Security and efficiency.

Cons: The images can be matched against a database in real time to further enhance security.

Standard

Standard check in process uses border control personnel in order to manually verify the identity of individuals.

Pros: Can function as back up if automated system fails, a must have in a contingency plan.

Cons: Slow and may be prone to human error.

OneID

Document-free process, based on identity management and biometric recognition

Passengers identify themselves at each airport touchpoint (Biometric recognition)

Objective is to achieve inter-operable system coordination world-wide

Passengers will have a more seamless experience

Airlines/Airports: cost-effectiveness and efficiency

Governments: enhanced security

Improvements Using OneID

Improvements Using OneID in Heathrow:

Speed up the process

Do not need to worry about physical documentation

Quick and simple process

Stress free experience

Improve traffic flow through the airport

Improve staff productivity

Improvements in General:

Creates a stress free experience while flying

Biometrics can be simple and quick

Near spoof proof (hard to bypass illegally)

Issues of OneID and Biometrics

Issues with Japan OneID:

Shared OneID for government services

Shared data could be exploited if the system gets hacked

Multiple registries of the users across other services

Blockchain technology requires a big store space for all users

Because of linkage, there is a 51% increase in attacks

Difficult and expensive to maintain

Scannability remains a massive vulnerability of the system

Issues with Biometrics:

Privacy broken for users

Cost of maintenance is high

If hacked, all private details will be leaked

Problem with some recognition

Scanners can be expensive

Possibility that it can be bypassed

People with disabilities are unable to use biometrics

Physical traits are hard to alter

No remote access is available for biometric systems

Challenges of Using OneID

Security concerns: Card could be used by another user, without authorisation

ID failure: Damaged ID card e.g broken chip inside and/or not being able to recognised by system

Out of dateL: If ID is outdated, travellers will not be able to travel

Conclusions

The use of OneID would cope with future demand

Allows passengers to have a contactless and paperless experience

A single biometric token would be needed

Using blockchain technology will help with security

More efficient than the current use of biometrics at the moment

HNC Computing Security Winner

Winning Group: Telaks Vinayagamoorthy, Ryan Rankin, Richard Kolo, Daniall Elahi, Suvisna Suresh, Abdul Kader

The project describes the use of Mobile Biometric check-in process to automatically detect and capture facial images and fingerprints for rapid identification of passenger.

Current Check-In Processes in Heathrow Airport

Face scanning: Used when checking in at the reception, a facial scan of the passenger is taken

Pat down procedure: This is where security at the airport search passengers to see if they are in possession of any concealed weapons or substances

Luggage scan: The passengers luggage bags are taken through a X-ray scanner to see the contents of the suitcase and search for any illegal substances or weapons