Anyone who values their privacy and security uses a Virtual Private Network (VPN). Anyone that doesn’t, should. Let’s build a VPN service that’s totally not unlike the other VPN services out there, that allows users to sign up and create Secure, Fast and Private VPN connections to various servers worldwide, to protect themselves online and find out whether all the hype around the latest season of “Yet another Streaming Historical Drama” (which isn’t available in their region yet) is worth it. Before anyone else. Maybe it supports the addition of whitelists and blacklists for filtering out certain traffic.
Name: Ahmad Abu-Aysha
Student number: 46388528
EelNet will allow users anywhere in the world to sign up and create an account to use the service.
Users can then connect to one of the provided, location-specific servers which sets up an encrypted tunnel.
Users’ internet requests then all pass via the server to the intended destination, and return traffic is routed back to the user via the VPN server.
Users will also be able to:
Potential future extended functionality (aspirational/stretch goals) could be:
EelNet envisioned as a Distributed Service-Based Architecture
Security - With security and privacy being core to the desired functionality, this attribute naturally takes top priority.
Performance - The VPN service should not appreciably affect the user experience in terms of incresed latency or reduced bandwidth (Quantify the maximum acceptable degradation in latency or bandwidth).
Availability - Due to the continuous nature of users’ connection to the service, the system must provide a robust and fault-tolerant infrastructure that keeps disruption to an absolute minimum (Quantify the expected annual uptime - N 9s).
Scalability - There will conceivably be a large number of users connected to the service for long periods of time, from locations worldwide. This makes scalability a key quality attribute (Quantify the number of simultaneous users connected to the system without compromising Performance).
The Quality Attributes are listed in order of their priority. The quality attributes not mentioned (e.g., Extensibility, Portability and so on) would possibly be tradeoffs in order to accomplish the above to a high enough standard.
Security - Evaluate security and privacy of the service using recommended methods such as checking for DNS and IP Leaks, adding a kill switch and firewall configuration [2] [3].
Performance - Expect to quantify as a % increase in latency (due to routing and encryption/decryption) and % decrease in bandwidth. (Within a certain tolerance)
Availability - Fault tolerance to be established to allow N 9s uptime
Scalability - K users connected at full bandwidth without affecting system performance (Measured using the metrics for the previous quality attributes)
[1] Varvello, M., Azurmendi, I. Q., Nappa, A., Papadopoulos, P., Pestana, G., & Livshits, B. (2021). VPN-Zero: A Privacy-Preserving Decentralized Virtual Private Network. 2021 IFIP Networking Conference (IFIP Networking), 1–6. https://doi.org/10.23919/IFIPNetworking52078.2021.9472843
[2] H. Abbas et al., “Security Assessment and Evaluation of VPNs: A Comprehensive Survey,” ACM computing surveys, vol. 55, no. 13s, pp. 1–47, 2023, doi: 10.1145/3579162.
[3] OpenVPN “VPN Audits — A Primer and a Security Audit Checklist” OpenVPN, Accessed: Mar 28 2024. [Online] Available: https://openvpn.net/blog/vpn-audit/