Security and Privacy in Cloud Computing |
|||
Department of Computer Science at Johns Hopkins University |
CS 600.412. Spring 2011 |
||
InstructorRagib Hasan |
TimeMonday 3.00 pm - 3.50 pm PlaceShaffer 302 |
News1/30: Course webpage launched
|
![]() |
Course DescriptionThis course focuses on the security and privacy issues in Cloud Computing systems. While the cloud computing paradigm gains more popularity, there are many unresolved issues related to confidentiality, integrity, and availability of data and computations involving a cloud. In this course, we will examine cloud computing models, look into the threat model and security issues related to data and computation outsourcing, and explore practical applications of secure cloud computing. Since cloud computing is a very young field, we will mainly study the cutting edge research published in recent conferences. |
|||
Course Topics
|
|||
EvaluationEvaluation will be done through weekly review assignments. Each assignment will consist of writing a very brief review of a paper. For each review, you will have to write the following:
Assignments are due at 2.30 pm each Monday. |
|||
Schedule |
|||
01/31 - Lecture 1: A Walk in the Clouds: Overview of Cloud Computing [pptx] [pdf] Further reading : [Above the Clouds: A Berkeley View of Cloud Computing] [pdf] |
|||
02/07 - Lecture 2: Attacks and Attack Surfaces in a Cloud [pptx] [pdf] Review Assignment #1: Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, Ristenpart et al., CCS 2009. [pdf] (due 2/14) |
|||
02/14 - Lecture 3: Trustworthy Cloud Infrastructures [pptx]
Review Assignment #2: Santos et al., Towards Trusted Cloud Computing, USENIX HotCloud 2009 [pdf] (due 2/21) |
|||
02/21 - Lecture 4: Securing Data in a Cloud - I [pptx] , [PDP slides (pdf)] Review Assignment #3:Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary Peterson and Dawn Song, Provable data possession at untrusted stores, ACM Conference on Computer and Communications Security (CCS) 2007. [pdf] |
|||
02/28 - No Class |
|||
03/07 - Lecture 5: Securing Data in a Cloud - II Review Assignment #4:Bowers et al., HAIL: a high-availability and integrity layer for cloud storage, CCS 2009. Links to HAIL slides from RSA Labs: PoR, HAIL, HAIL, PoR and HAIL, HAIL slides from CCS |
|||
03/14- Lecture 6: Securing Computations [pptx] Review Assignment #5: Du et al., RunTest: Assuring Integrity of Dataflow Processing in Cloud Computing Infrastructures, AsiaCCS 2010. [pdf] Optional Reading: Wei et al., SecureMR: A Service Integrity Assurance Framework for MapReduce, ACSAC 2009. [pdf] (You don't have to submit reviews for this)
|
|||
03/21 - No Class: Spring Break | |||
03/28 - Lecture 7: Cloud Forensics [pptx] Review Assignment #6: Lu et al., Secure Provenance: The Essential Bread and Butter of Data Forensics in Cloud Computing, AsiaCCS 2010. [pdf] |
|||
04/04- Lecture 8: Privacy in Clouds [pptx] Review Assignment #7: Roy et al., Airavat: Security and Privacy for MapReduce, NSDI 2010. [pdf] |
|||
04/11- Lecture 9: Cloud Network Security [pptx] Review Assignment #8: Challenges for Cloud Networking Security. HP Labs Tech Report, 2010. [pdf] |
|||
04/18- Lecture 10:Malware and the Cloud [pptx] Review Assignment #9:Oberheide et al., CloudAV: N-Version Antivirus in the Network Cloud, USENIX Security 2008. [html] |
|||
04/25- Lecture 11: The Enemy Within: Attacking Cloud Availability. [pptx] Review Assignment #10:Han Liu, A New Form of DOS Attack in a Cloud and Its Avoidance Mechanism, ACM Cloud Computing Security Workshop 2010. [pdf] |
|||
05/02 - Lecture 12: Wrapping up: Summary of what we learned (No papers to review.) |
|||
Ethics PolicyThe students must comply with the Department of Computer Science Integrity Code, as described here. |
|||
Cloud Image credit: Wikimedia commons under Creative Commons Attribution ShareAlike licence