PTCCS362 Security and Privacy in Cloud Syllabus:

PTCCS362 Security and Privacy in Cloud Syllabus – Anna University Part time Regulation 2023

COURSE OBJECTIVES:

 To Introduce Cloud Computing terminology, definition & concepts
 To understand the security design and architectural considerations for Cloud
 To understand the Identity, Access control in Cloud
 To follow best practices for Cloud security using various design patterns
 To be able to monitor and audit cloud applications for security

UNIT I FUNDAMENTALS OF CLOUD SECURITY CONCEPTS

Overview of cloud security- Security Services – Confidentiality, Integrity, Authentication, Nonrepudiation, Access Control – Basic of cryptography – Conventional and public-key cryptography, hash functions, authentication, and digital signatures.

UNIT II SECURITY DESIGN AND ARCHITECTURE FOR CLOUD

Security design principles for Cloud Computing – Comprehensive data protection – End-to-end access control – Common attack vectors and threats – Network and Storage – Secure Isolation Strategies – Virtualization strategies – Inter-tenant network segmentation strategies – Data Protection strategies: Data retention, deletion and archiving procedures for tenant data, Encryption, Data Redaction, Tokenization, Obfuscation, PKI and Key

UNIT III ACCESS CONTROL AND IDENTITY MANAGEMENT

Access control requirements for Cloud infrastructure – User Identification – Authentication and Authorization – Roles-based Access Control – Multi-factor authentication – Single Sign-on, Identity Federation – Identity providers and service consumers – Storage and network access control options – OS Hardening and minimization – Verified and measured boot – Intruder Detection and prevention

UNIT IV CLOUD SECURITY DESIGN PATTERNS

Introduction to Design Patterns, Cloud bursting, Geo-tagging, Secure Cloud Interfaces, Cloud Resource Access Control, Secure On-Premise Internet Access, Secure External Cloud

UNIT V MONITORING, AUDITING AND MANAGEMENT

Proactive activity monitoring – Incident Response, Monitoring for unauthorized access, malicious traffic, abuse of system privileges – Events and alerts – Auditing – Record generation, Reporting and Management, Tamper-proofing audit logs, Quality of Services, Secure Management, User management, Identity management, Security Information and Event Management

30 PERIODS
PRACTICAL EXERCISES: 30 PERIODS

1. Simulate a cloud scenario using Cloud Sim and run a scheduling algorithm not present in Cloud Sim
2. simulate resource management using cloud sim
3. simulate log forensics using cloud sim
4. simulate a secure file sharing using a cloud sim
5. Implement data anonymization techniques over the simple dataset (masking, kanonymization, etc)
6. Implement any encryption algorithm to protect the images
7. Implement any image obfuscation mechanism
8. Implement a role-based access control mechanism in a specific scenario
9. implement an attribute-based access control mechanism based on a particular scenario
10. Develop a log monitoring system with incident management in the cloud

COURSE OUTCOMES:

CO1: Understand the cloud concepts and fundamentals.
CO2: Explain the security challenges in the cloud.
CO3: Define cloud policy and Identity and Access Management.
CO4: Understand various risks and audit and monitoring mechanisms in the cloud.
CO5: Define the various architectural and design considerations for security in the cloud.

TOTAL:60 PERIODS
TEXTBOOKS

1. Raj Kumar Buyya , James Broberg, andrzejGoscinski, “Cloud Computing:‖, Wiley 2013
2. Dave shackleford, “Virtualization Security‖, SYBEX a wiley Brand 2013.
3. Mather, Kumaraswamy and Latif, “Cloud Security and Privacy‖, OREILLY 2011

REFERENCES

1. Mark C. Chu-Carroll “Code in the Cloud‖,CRC Press, 2011
2. Mastering Cloud Computing Foundations and Applications Programming RajkumarBuyya, Christian Vechhiola, S. ThamaraiSelvi