Security and Privacy in Cloud Computing

Instructor

Ragib Hasan
324NEB
Department of Computer Science
Johns Hopkins University
rhasan7 AT jhu DOT edu

Time

Monday 3.00 pm - 3.50 pm

Place

Shaffer 202

News

02/08: Snow day, no class

01/25: First day of class

01/21: Course webpage launched

Course Description

This course focuses on the security and privacy issues in Cloud Computing systems. While the cloud computing paradigm gains more popularity, there are many unresolved issues related to confidentiality, integrity, and availability of data and computations involving a cloud. In this course, we will examine cloud computing models, look into the threat model and security issues related to data and computation outsourcing, and explore practical applications of secure cloud computing.

Since cloud computing is a very young field, we will mainly study the cutting edge research published in recent conferences.

Course Topics

1. Definition of Cloud computing (NIST)
2. Cloud computing models
3. Secure data outsourcing
4. Secure computation outsourcing
5. Proof of data possession / retrievability
6. Virtual machine security
7. Trusted computing technology and clouds
8. Cloud-centric regulatory compliance issues and mechanisms
9. Business and security risk models
10. Applications of secure cloud computing

Evaluation

Based on paper reviews

Schedule

01/25 - Lecture 1: A Walk in the Clouds: Overview of Cloud Computing [pptx] [pdf]

Further reading : [Above the Clouds: A Berkeley View of Cloud Computing] [pdf]

02/01 - Lecture 2: Attacks, Vulnerabilities, and Enemies: Modeling threats in a cloud [pptx] [pdf]

Further Reading: [The STRIDE threat model]

02/08 Snow day

02/15 - Lecture 3: Topology Attacks on Clouds. [pptx] [pdf]

Review: Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage, Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Compute Clouds, proc. ACM Conference on Computer and Communications Security (CCS) 2009, 199--212, ACM, 2009. [pdf]

Review : Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary Peterson and Dawn Song, Provable data possession at untrusted stores, ACM Conference on Computer and Communications Security (CCS) 2007. [pdf]

03/08- Lecture 5: How to secure clouds? Hardware, CloudNet, and Private Virtualization based approaches [pptx] [pdf]

Review: Santos et al., Towards Trusted Cloud Computing, USENIX HotCloud 2009 [pdf] [slides]

Read: Wood et al., The Case for Enterprise-Ready Virtual Private Clouds [pdf] [slides]

Read: Krautheim, Private Virtual Infrastructure for Cloud Computing [pdf] [slides]

03/22- Lecture 6: Verifying Computations in Clouds [pptx] [pdf]

Review: Du et al., RunTest: Assuring Integrity of Dataflow Processing in Cloud Computing Infrastructures, AsiaCCS 2010. [pdf]

Optional Reading: Wei et al., SecureMR: A Service Integrity Assurance Framework for MapReduce, ACSAC 2009. [pdf]

03/29- Lecture 7: Cloud Forensics [pptx] [pdf]

Review: Lu et al., Secure Provenance: The Essential Bread and Butter of Data Forensics in Cloud Computing, AsiaCCS 2010. [pdf]

04/05- Lecture 8: Verifiability of Data in clouds.

Review: Wang et al. Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , ESORICS 2009. [pdf]

04/12- Lecture 9: Availability and Integrity in Clouds

Review: Bowers et al., HAIL: a high-availability and integrity layer for cloud storage, CCS 2009. [pdf]

04/19- Lecture 10: Securing MapReduce

Review: Roy et al., Airavat: Security and Privacy for MapReduce, NSDI 2010. [pdf] [alternate_link]

04/26 - Lecture 11: Wrapping up: Summary of what we learned

(No papers to review.)

Ethics Policy

The students must comply with the Department of Computer Science Integrity Code, as described here.