Security and Privacy in Cloud Computing

Department of Computer Science at Johns Hopkins University
CS 600.412. Spring 2011


Ragib Hasan
Department of Computer Science
Johns Hopkins University
rhasan7 AT jhu DOT edu

Office Hours : Monday 4 pm - 5 pm


Monday 3.00 pm - 3.50 pm


Shaffer 302


1/30: Course webpage launched


[Description]       [Schedule]        [Evaluation]       [Policy]       [Spring 2010 course page]

Course Description

This course focuses on the security and privacy issues in Cloud Computing systems. While the cloud computing paradigm gains more popularity, there are many unresolved issues related to confidentiality, integrity, and availability of data and computations involving a cloud. In this course, we will examine cloud computing models, look into the threat model and security issues related to data and computation outsourcing, and explore practical applications of secure cloud computing.

Since cloud computing is a very young field, we will mainly study the cutting edge research published in recent conferences.


Course Topics

  1. Definition of Cloud computing (NIST)
  2. Cloud computing models
  3. Secure data outsourcing
  4. Secure computation outsourcing
  5. Proof of data possession / retrievability
  6. Virtual machine security
  7. Trusted computing technology and clouds
  8. Cloud-centric regulatory compliance issues and mechanisms
  9. Business and security risk models
  10. Applications of secure cloud computing


Evaluation will be done through weekly review assignments. Each assignment will consist of writing a very brief review of a paper.

For each review, you will have to write the following:

  • summary: a short overview of the paper (no longer than a paragraph of 5-10 sentences)
  • pros: 3 or more things about the paper that you liked
  • cons: 3 or more shortcomings of the paper
  • ideas: any suggestions on how to fix the shortcomings of the paper

Assignments are due at 2.30 pm each Monday.



01/31 - Lecture 1: A Walk in the Clouds: Overview of Cloud Computing [pptx] [pdf]

Further reading : [Above the Clouds: A Berkeley View of Cloud Computing] [pdf]


02/07 - Lecture 2: Attacks and Attack Surfaces in a Cloud [pptx] [pdf]

Review Assignment #1: Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, Ristenpart et al., CCS 2009. [pdf] (due 2/14)

02/14 - Lecture 3: Trustworthy Cloud Infrastructures [pptx]

Review Assignment #2: Santos et al., Towards Trusted Cloud Computing, USENIX HotCloud 2009 [pdf] (due 2/21)


02/21 - Lecture 4: Securing Data in a Cloud - I [pptx] , [PDP slides (pdf)]

Review Assignment #3:Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary Peterson and Dawn Song, Provable data possession at untrusted stores, ACM Conference on Computer and Communications Security (CCS) 2007. [pdf]


02/28 - No Class


03/07 - Lecture 5: Securing Data in a Cloud - II

Review Assignment #4:Bowers et al., HAIL: a high-availability and integrity layer for cloud storage, CCS 2009.

Links to HAIL slides from RSA Labs: PoR, HAIL, HAIL, PoR and HAIL, HAIL slides from CCS


03/14- Lecture 6: Securing Computations [pptx]

Review Assignment #5: Du et al., RunTest: Assuring Integrity of Dataflow Processing in Cloud Computing Infrastructures, AsiaCCS 2010. [pdf]

Optional Reading: Wei et al., SecureMR: A Service Integrity Assurance Framework for MapReduce, ACSAC 2009. [pdf] (You don't have to submit reviews for this)


03/21 - No Class: Spring Break

03/28 - Lecture 7: Cloud Forensics [pptx]

Review Assignment #6: Lu et al., Secure Provenance: The Essential Bread and Butter of Data Forensics in Cloud Computing, AsiaCCS 2010. [pdf]


04/04- Lecture 8: Privacy in Clouds [pptx]

Review Assignment #7: Roy et al., Airavat: Security and Privacy for MapReduce, NSDI 2010. [pdf]


04/11- Lecture 9: Cloud Network Security [pptx]

Review Assignment #8: Challenges for Cloud Networking Security. HP Labs Tech Report, 2010. [pdf]


04/18- Lecture 10:Malware and the Cloud [pptx]

Review Assignment #9:Oberheide et al., CloudAV: N-Version Antivirus in the Network Cloud, USENIX Security 2008. [html]


04/25- Lecture 11: The Enemy Within: Attacking Cloud Availability. [pptx]

Review Assignment #10:Han Liu, A New Form of DOS Attack in a Cloud and Its Avoidance Mechanism, ACM Cloud Computing Security Workshop 2010. [pdf]


05/02 - Lecture 12: Wrapping up: Summary of what we learned

(No papers to review.)


Ethics Policy

The students must comply with the Department of Computer Science Integrity Code, as described here.


Cloud Image credit: Wikimedia commons under Creative Commons Attribution ShareAlike licence