@@ 24,23 24,20 @@ most IT systems shared between people, can't be considered trusted
environments; they must have a high degree of protection and isolation, as to
prevent users' actions from compromising their peers' safety and privacy.
-It is visible that administrators thus have to strike a careful balance between
-user security and flexibility.
-
Specially in the aforementioned computer-related institutions, flexibility is
even more important: each student might prefer to use different software
tooling, and each class or subject might require completely different software
stacks.
-These issues minimize the amount of tooling choices users have, and maximize
-maintenance burden with constant installation and update requests.
+It is visible that administrators thus have to strike a careful balance between
+user security and flexibility, while keeping maintenance burden under control.
### 1.1 Existing solutions
Security usually requires denying superuser privileges to users. Most computer
operating systems do not natively support unprivileged software management,
-forcing IT administrators to handle installing and maintaining (a specific
-subset of) packages.
+forcing IT administrators to fully handle installing and maintaining (a
+specific subset of) packages.
All solutions boil down to some sort of isolation between different users'
state: be it enforced by the operational system, for example Microsoft's Active
@@ 48,14 45,14 @@ Directory; or by lower level resources, such as virtual machines or
network-boot images.
Each of these bring different advantages and issues to laboratories, some
-haven't been applied to computer labs in literature; through investigation and
-research is required to provide the best possible solution.
+haven't been previously formally applied to the computer lab issue. Thorough
+investigation and research is required to provide the best possible solution.
## 2. Objective
With this work, the author aims to research, build, and evaluate a computer lab
-system that will greatly increase user software freedom, as well as enforce
-tight security and decrease IT management burden; simultaneously.
+system that will help increase user software freedom, enforce tight security,
+and decrease IT management burden; all simultaneously.
## 3. Methodology
@@ 76,8 73,8 @@ Results will be measured by three benefit groups the solution must provide to
its users: software and workflow flexibility, safety and privacy, and universal
ease of use.
-Two main kinds of evaluation methods will be employed: acceptance testing with
-different user groups, to evaluate workflows and ease of use; as well as
+Two kinds of evaluation methods will be employed: acceptance testing with
+different user groups to evaluate workflows and ease of use, and well as
penetration testing to evaluate the system's security.
## 4. Case study and expected outcomes