Cloud Security

Learning Outcomes: 
The course on cloud security introduces the basic concepts of security systems and cryptographic protocols, which are widely used in the design of cloud security. The issues related multi tenancy operation, visualized infrastructure security and methods
On successful completion of this course, the learner will be able to
• Compare modern security concepts as they are applied to cloud computing
• Assess the security of virtual systems
• Evaluate the security issues related to multi-tenancy
• Appraise compliance issues that arise from cloud computing
Syllabus: 
Unit NoTopics
1

Security Concepts:
Confidentiality, privacy, integrity, authentication, non-repudiation, availability, access control, defence in depth, least privilege, how these concepts apply in the cloud, what these concepts mean and their importance in PaaS, IaaS and SaaS. e.g. User authentication in the cloud; Cryptographic Systems- Symmetric cryptography, stream ciphers, block ciphers, modes of operation, public-key cryptography, hashing, digital signatures, public-key infrastructures, key management, X.509 certificates, OpenSSL.

2

Multi-Tenancy Issues:

Isolation of users/VMs from each other. How the cloud provider can provide this; Virtualization System Security Issues- e.g. ESX and ESXi Security, ESX file system security, storage considerations, backup and recovery; Virtualization System Vulnerabilities- Management console vulnerabilities, management server vulnerabilities, administrative VM vulnerabilities, guest VM vulnerabilities, hypervisor vulnerabilities, hypervisor escape vulnerabilities, configuration issues, malware (botnets etc).

3

Virtualization System-Specific Attacks:
Guest hopping, attacks on the VM (delete the VM, attack on the control of the VM, code or file injection into the virtualized file structure), VM migration attack, hyperjacking.

4

Technologies For Virtualization-Based Security Enhancement:
IBM security virtual server protection, virtualization-based sandboxing; Storage Security- HIDPS, log management, Data Loss Prevention. Location of the Perimeter.

5

Legal And Compliance Issues:
Responsibility, ownership of data, right to penetration test, local law where data is held, examination of modern Security Standards (eg PCIDSS), how standards deal with cloud services and virtualization, compliance for the cloud provider vs. compliance for the customer.

Text Books: 
Name : 
Enterprise Cloud Computing - A Strategy Guide for Business and Technology Leaders
Author: 
Mulholland, Jon Pyke, Peter Finger
Publication: 
Meghan Kiffer [ISBN: 0929652290]
Name : 
Easiest Ever Guide to Strategic IT Planning
Author: 
Arnold J Cummins
Reference Books: 
Name: 
Cloud Computing and SOA Convergence in Your Enterprise
Author: 
David S. Linthicum
Publication: 
Addison Wesley
Name: 
Management Strategies for the Cloud Revolution
Author: 
Charles Babcock
Publication: 
1st Ed., McGraw/Hill
Name: 
A Quick Start Guide to Cloud Computing: Moving Your Business into the Cloud
Author: 
Mark I. Williams
Name: 
Website: Whitepapers and news for the CIO
Syllabus PDF: 
AttachmentSize
PDF icon Cloud Security.pdf181.04 KB
branch: 
CBA
Course: 
2016
Stream: 
M.Tech