Developing and Securing the Cloud

Slides:



Advertisements
Similar presentations
Operating System Security
Advertisements

CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Course Introduction.
Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) October 2011 Cloud-based Assured Information Sharing and Identity Management.
Developing and Securing the Cloud Dr. Bhavani Thuraisingham The University of Texas at Dallas Papers to be Presented on May 1.
Cyber Security Essentials Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Secure Knowledge Management: and.
Developing and Securing the Cloud Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January – May 2014.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course August 31, 2012.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Review for Final Exam November 19, 2010.
Cloud Computing Cloud Security– an overview Keke Chen.
Secure Web Services and Cloud Computing Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course and Overview of Material.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January.
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course August 24, 2011.
Evaluation and Testbed Development Bhavani Thuraisingham The University of Texas at Dallas Jim Massaro and Ravi Sandhu.
Spring 2011 CIS 4911 Senior Project Catalog Description: Students work on faculty supervised projects in teams of up to 5 members to design and implement.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course August.
Data and Applications Security Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Introduction to Data and Applications Security August.
Copyright © Clifford Neuman and Dongho Kim - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Advanced Operating Systems Lecture.
Data and Applications Security Developments and Directions Guest Lecture Dr. Kevin Hamlen Given in February 2012.
Secure Sensor Data/Information Management and Mining Bhavani Thuraisingham The University of Texas at Dallas October 2005.
Cyber Security Essentials Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course May 29, 2015.
Information Security Analytics Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course.
Trustworthy Semantic Web Dr. Bhavani Thuraisingham The University of Texas at Dallas Review for the Final Exam December 8, 2008.
Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course August 20, 2007.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #22 Secure Web Information.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January.
Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course.
CS151 Introduction to Digital Design Noura Alhakbani Prince Sultan University, College for Women.
Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course August 22, 2005.
Information Security Analytics Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course.
Cyber in the Cloud & Network Enabling Offense and Defense Mark Odell April 28, 2015.
Erik Jonsson School of Engineering and Computer Science The University of Texas at Dallas Cyber Security Research on Engineering Solutions Dr. Bhavani.
Developing and Securing the Cloud Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January – May 2016.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January.
Data and Applications Security
CS101 Computer Programming I
Cloud Security– an overview Keke Chen
Building Trustworthy Semantic Webs
Data and Applications Security Developments and Directions
Digital Forensics Dr. Bhavani Thuraisingham
Data and Applications Security
Dr. Bhavani Thuraisingham The University of Texas at Dallas
Developing and Securing the Cloud
First Semester 1439/1440 Welcome 
Prof. Bhavani Thuraisingham The University of Texas at Dallas
Building Trustworthy Semantic Webs
Prof. Bhavani Thuraisingham The University of Texas at Dallas
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Trustworthy Semantic Webs
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Dr. Bhavani Thuraisingham The University of Texas at Dallas
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security
Dr. Bhavani Thuraisingham The University of Texas at Dallas
Developing and Securing the Cloud
Data and Applications Security
Developing and Securing the Cloud
Data and Applications Security
Digital Forensics Dr. Bhavani Thuraisingham
Presentation transcript:

Developing and Securing the Cloud Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January – May 2015

Objective of the Unit This unit provides an overview of the course. The course describes concepts, developments, challenges, and directions in Lectures Secure Web Services Secure Cloud Computing Paper Presentations Book: Bhavani Thuraisingham, Developing and Securing the Cloud, CRC Press, November 2013

Outline of the Unit Outline of Course Course Work Course Rules Contact Papers to read for lectures after Spring Break Index to lectures and preparation for exams Acknowledgement: AFOSR for funding our research in assured cloud computing NSF for funding our capacity building effort in cloud computing

Topics for Lectures January 16: Background Information Cyber Security, Web Services January 23: Secure Web Services, Secure Cloud Computing January 30: Comprehensive Overview of Secure Cloud; Cloud-based Assured Information Sharing February 6: Secure Document Publishing in the Cloud; Secure Cloud Computing Guidelines February 13: Secure Virtualization; Virtual Machine Introspection February 20: Secure Cloud Data and Storage Management February 27/March 6: Identity Management for the Cloud; Secure Cloud Computing Products March 13: Exam #1 – Repeat exam: March 27, 2015

Topics for Lectures March 20: Mid-term break March 27 – repeat Exam #1 April 3 lecture – Host Health Detection; Big Data Security and Privacy April 10, 17, 24: Paper presentations May 1: Paper presentation, Programming project presentation, and review for exam #2 May 6 – Exam #2

Course Work Two exams each worth 24 points Programming project worth 16 points Four homework assignments – 4 points each Two term papers – 8 points each (revised: One term paper 8 points) Paper Presentation - 4 points Extra credit for term paper #2: 2 points

Course Rules Course attendance is mandatory; unless permission is obtained from instructor for missing a class with a valid reason (documentation needed for medical emergency for student or a close family member – e.g., spouse, parent, child). Attendance will be collected every lecture. 2 points will be deducted out of 100 for each lecture missed without approval. Each student will work individually Late assignments will not be accepted. All assignments have to be turned in just after the lecture on the due date No make up exams unless student can produce a medical certificate or give evidence of close family emergency Copying material from other sources will not be permitted unless the source is properly referenced Any student who plagiarizes from other sources will be reported to the appropriate UTD authorities

Contact For more information please contact Dr. Bhavani Thuraisingham Professor of Computer Science and Director of Cyber Security Research Center Erik Jonsson School of Engineering and Computer Science EC31, The University of Texas at Dallas Richardson, TX 75080 Phone: 972-883-4738 Fax: 972-883-2399 Email: bhavani.thuraisingham@utdallas.edu URL:http://www.utdallas.edu/~bxt043000/

Assignments/Term Papers/Programming Project Schedule Posted in Lecture #8 Given on January 30, 2015; Due on February 13, 2015 Assignment #2 Posted in Lecture #12 Given on Feb 13; Due on Feb 27 Assignment #3 Given on April 3, 2015; Due on April 17, 2015 Assignment #4 Given on April 20, 2015; Due on May 4, 2015 Term Paper #1 due on March 6, 2015 Programming project due on May 1, 2015

Term Paper Topics Secure Virtualization for the Cloud Cloud Storage and Data Security Identity Management for the Cloud Security Management for the Cloud Privacy for the Cloud Audit and Compliance for the Cloud Cloud Forensics

Programming Project Deliverables Introduction / problem statement Design of the system (what you would like to implement) Implementation overview of the system (since you may not be able to implement the entire design) Test runs/screen shots (if the program does not work explain what the challenges were) Future work Also for multi-person project who contributed to which parts

Programming Project Sample Topics Policy-based information sharing in the cloud Storing documents in the cloud (e.g., Google docs), encrypt and decrypt Implement a malware detection technique in the cloud Implement some services (e.g., identity management), access control in the cloud

Papers to Read for Exam #1 Elisa Bertino, Barbara Carminati, Elena Ferrari, Bhavani M. Thuraisingham, Amar Gupta: Selective and Authentic Third-Party Distribution of XML Documents. IEEE Trans. Knowl. Data Eng. 16(10): 1263-1278 (2004) (first 6 sections only, proofs are not necessary) Tyrone Cadenhead, Murat Kantarcioglu, Vaibhav Khadilkar, Bhavani M. Thuraisingham: Design and Implementation of a Cloud-Based Assured Information Sharing System. MMM-ACNS 2012: 36-50 Yangchun Fu, Zhiqiang Lin: Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection. IEEE Symposium on Security and Privacy 2012: 586-600 Kerim Yasin Oktay, Vaibhav Khadilkar, Bijit Hore, Murat Kantarcioglu, Sharad Mehrotra, Bhavani M. Thuraisingham: Risk- Aware Workload Distribution in Hybrid Clouds. IEEE CLOUD 2012: 229-236

Index to Lectures for Exam #1 Lecture 1: Cyber Security essentials (Guest Lecturem not in exam)) Lecture 2: Developments in Web Services Lecture 3: Introduction to SOA, Cloud Computing and Secure Cloud Computing Lecture 4: Cloud Computing and Secure Cloud Computing Lecture 5: Comprehensive Overview of Secure Cloud Computing Lecture 6: Secure Document Publication in the Cloud (paper #1) Lecture 7: Cloud-based Assured Information Sharing (paper #2) Lecture 8: Assignment #1 Lecture 9: NIST Guidelines for Secure Cloud Computing

Index to Lectures for Exam #1 Lecture 10: Secure Virtualization Lecture 11: Virtual Machine Introspection (paper #3) Lecture 12: Assignment #2 Lecture 13: Hypervisor Security (Extra credit question) Lecture 14: Cloud Data Management (Guest Lecture, not in exam) Lecture 15: Secure Cloud Data Storage (paper #4) Lecture 16: Identity and Access Management Lecture 17: Revisiting Secure Cloud Computing Concepts and Tools

Index to Lectures for Exam #2 Lecture 18: Assignment #3 Lecture 19: VM Fingerprinting Lecture 20: Big Data Security and Privacy Lecture 21: Papers to read for April 10 Lecture 22: Papers to read for April 17 Lecture 23: Papers to read for April 24 Lecture 24: Papers to read for May 1 Lecture 25: Assignment #4 Lecture 26: Final Papers selected for Exam #2

Papers to Read for Exam #2 – ACM CCS Cloud Workshop 2011 (April 10 lecture) All Your Clouds are Belong to us - Security Analysis of Cloud Management Interfaces Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Joerg Schwenk, Nils Gruschka and Luigi Lo Iacono (David Liou, Jinisha) Trusted Platform-as-a-Service: A Foundation for Trustworthy Cloud-Hosted Applications Andrew Brown and Jeff Chase (Mahdi, Amon) Detecting Fraudulent Use of Cloud Resources Joseph Idziorek, Mark Tannian and Doug Jacobson (Hamzaleka, Prathika) Managing Multi-Jurisdictional Requirements in the Cloud: Towards a Computational Legal Landscape, David Gordon and Travis Breaux (Arpita, Lauren)

Papers to Read for Exam #2 – ACM CCS Cloud Workshop 2012 (April 10 lecture) Fast Dynamic Extracted Honeypots in Cloud Computing Sebastian Biedermann, Martin Mink, Stefan Katzenbeisser (Pavan, Marilyn) Unity: Secure and Durable Personal Cloud Storage Beom Heyn Kim, Wei Huang, David Lie (Navjoth, Ashwini) Exploiting Split Browsers for Efficiently Protecting User Data Angeliki Zavou, Elias Athanasopoulos, Georgios Portokalidis, Angelos Keromytis (Arti, Dipika) CloudFilter: Practical Control of Sensitive Data Propagation to the Cloud Ioannis Papagiannis, Peter Pietzuch (Varsha, Pragathi)

Papers to Read for Exam #2 – ACM CCS Cloud Workshop 2013 (April 10 lecture) Structural Cloud Audits that Protect Private Information Hongda Xiao; Bryan Ford; Joan Feigenbaum (Shravani, Vivek) Cloudoscopy: Services Discovery and Topology Mapping Amir Herzberg; Haya Shulman; Johanna Ullrich; Edgar Weippl (Spoorthy, Gauthum) Cloudsweeper: Enabling Data-Centric Document Management for Secure Cloud Archives Chris Kanich; Peter Snyder (Suhithya, Aravind) Supporting Complex Queries and Access Policies for Multi-user Encrypted Databases Muhammad Rizwan Asghar; Giovanni Russello; Bruno Crispo (Vidya, Bala)

Papers to Read for Exam #2 – ACM CCS Cloud Workshop 2014 (April 17 lecture) RAID-PIR: Practical Multi-Server PIR Daniel Demmler; Amir Herzberg;Thomas Schneider (Karthik, Ajit) CloudSafetyNet: Detecting Data Leakage between Cloud Tenants Christian Priebe; Divya Muthukumaran; Dan O'Keeffe; David Eyers; Brian Shand; Ruediger Kapitza; Peter Pietzuch (Madav, Prathamik) Inevitable Failures: The Flawed Trust Assumption in Cloud Yuqiong Sun; Giuseppe Petracca; Trent Jaeger (Swetha, Priyanka) Memory Access Pattern Protection in the World of Malicious Operating Systems and Commercial Hardware Srini Devadas (Harshamareka, Anirudda)

Papers to Read for Exam #2 – ACM CCS Cloud Workshop 2014 (April 17 lecture) A Visitor's Guide to a Post-Privacy World Ari Juels (Vinay, Pradnya) This paper is not included in the presentations – an alternate paper will be assigned to the students. A new look at human problem solving: near-optimal solutions to NP- hard problems, Zygmunt Pizlo (Amit, Prathanik) Reconciling End-to-End Confidentiality and Data Reduction In Cloud Storage, Nathalie Baracaldo; Elli Androulaki; Joseph Glider; Alessandro Sorniotti (Krishnan, Monica) A Framework for Outsourcing of Secure Computation Jesper Buus Nielsen; Claudio Orlandi (Prathusha Kendala, Rohini)

Papers to Read for Exam #2 – ACM CCS Cloud Workshop 2014 (April 17 lecture) Guardians of the Clouds: When Identity Providers Fail Andreas Mayer; Marcus Niemietz; Vladislav Mladenov; Joerg Schwenk (Raju, Moses) Your Software at my Service Vladislav Mladenov, Christian Mainka; Florian Feldmann; Julian Krautwald; Joerg Schwenk (Chad, Devin) Co-Location-Resistant Clouds Yossi Azar; Seny Kamara; Ishai Menache; Mariana Raykova; Bruce Shepherd (Prathusha Karnati, Pujitha) Swap and Play: Live Updating Hypervisors and Its Application to Xen Franz Ferdinand Brasser; Mihai Bucicoiu; Ahmad-Reza Sadeghi (Sridevi, Gayathro)

Papers to Read for Exam #2 – IEEE CloudCom 2012, 2013, 2014 (April 24 lecture) 2014: FlowK: Information Flow Control for the Cloud Thomas F. J.-M. Pasquier, Jean Bacon, David Eyers (Prashand Pathasarathy) Verifying Secure Information Flow in Federated Clouds Wen Zeng, Maciej Koutny, Paul Watson (Prashand Pathasarathi) VLOC: An Approach To Verify The Physical Location Of A Virtual Machine In Cloud; Mojtaba Eskandari, Anderson Santana de Oliveira, Bruno Crispo (Mihir) Anonymous User Revocation for Using Attribute-Based Signature in Cloud Computing Zhiqian Xu; Keith M. Martin (Akshay) Multi-User Searchable Encryption with Efficient Access Control for Cloud Storage Zhiquan Lv, Min Zhang, Dengguo Feng (Adhirai)

Papers to Read for Exam #2 – IEEE CloudCom 2012, 2013, 2014 (April 24 lecture) 2013: Asma Guesmi and Patrice Clemente. Access Control and Security Properties Requirements Specification for Clouds’ SecLAs. (Solomon) Abdul-Majeed, M., Mahdjoubi, L. and Booth, C. Challenges to BIM-cloud integration: Implication of security issues on secure collaboration (Yifan) Kenneth Johnson, Yuanzhi Wang, Radu Calinescu, Ian Sommerville, and Gordon Baxter. Services2Cloud: A Framework for Revenue Analysis of Software-as-a-Service Provisioning (Srinidhi)

Papers to Read for Exam #2 – IEEE CloudCom 2012, 2013, 2014 (April 24 lecture) 2012: SAPPHIRE: Anonymity for Enhanced Control and Private Collaboration in Healthcare Clouds John Pecarina, Shi Pu and Jyh-Charn Liu (Shivani) A Cloud Design for User-controlled Storage and Processing of Sensor Data René Hummen, Martin Henze, Daniel Catrein and Klaus Wehrle (Athreya) Thunder in the Clouds: Security Challenges and Solutions for Federated Clouds Karin Bernsmed, Martin Gilje Jaatun, Per Håkon Meland and Astrid Undheim (Kiruja) Security Risks and their Management in Cloud Computing Afnan Ullah Khan, Manuel Oriol, Mariam Kiran, Ming Jiang and Karim Djemame (Avinash)

Papers to Read for Exam #2 – IEEE Cloud, 2013 (Please note this is different from CloudCom; April 24 Lecture) Secure Enterprise Data Deduplication in the Cloud, Fatema Rashid, Ali Miri, Isaac Woungang (Pradnya)) Security Threats in Cloud Computing Models: A Systematic Mapping Study Carlo Marcelo Revoredo da Silva, José Lutiano Costa da Silva (Vinay) A Practical and Secure Multi-Keyword Search Method over Encrypted Cloud Data Cengiz Orencik, Murat Kantarcioglu, Erkay Savas (Paresh)

Papers to Read for Exam #2 – ACM CODASPY (May 1 Lecture) Secure Information and Resource Sharing in Cloud; Yun Zhang (UTSA); Prosunjil Biswas (UTSA); Ram Krishnan; (UTSA); Ravi Sandhu (UTSA) Aniruddha Virtual Resource Orchestration Constraints in Cloud Infrastructure as a Service Khalid Bijon (UTSA); Ram Krishnan (UTSA); Ravi Sandhu (UTSA) Harshawardhan CODASPY 2013 Wei Wei, Ting Yu, Rui Xue: iBigTable: practical data integrity for bigtable in public cloud. 341-352 Amit Bo Chen, Reza Curtmola: Towards self-repairing replication-based storage systems using untrusted clouds. 377-388 Prathanik

Papers to Read for Exam #2 – Additional Papers (May 1 Lecture) ACM Cloud Computing Symposium, 2012 OS-Sommelier: Memory-Only Operating System Fingerprinting in the Cloud (paper | presentation) Yufei Gu (University of Texas at Dallas), Yangchun Fu (University of Texas at Dallas), Aravind Prakash (Syracuse University), Zhiqiang Lin (University of Texas at Dallas), and Heng Yin (Syracuse University) ACM Cloud and Autonomic Computing Conference, CAC '13 Resilient Cloud Data Storage Services - Hemayamini Kurra, Youssif Al-Nashif and Salim Hariri

Final Papers Selected for Exam #2 All Your Clouds are Belong to us - Security Analysis of Cloud Management Interfaces Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Joerg Schwenk, Nils Gruschka and Luigi Lo Iacono Detecting Fraudulent Use of Cloud Resources Joseph Idziorek, Mark Tannian and Doug Jacobson Fast Dynamic Extracted Honeypots in Cloud Computing Sebastian Biedermann, Martin Mink, Stefan Katzenbeisser Cloudsweeper: Enabling Data-Centric Document Management for Secure Cloud Archives Chris Kanich; Peter Snyder RAID-PIR: Practical Multi-Server PIR Daniel Demmler; Amir Herzberg;Thomas Schneider

Final Papers Selected for Exam #2 Guardians of the Clouds: When Identity Providers Fail Andreas Mayer; Marcus Niemietz; Vladislav Mladenov; Joerg Schwenk Swap and Play: Live Updating Hypervisors and Its Application to Xen Franz Ferdinand Brasser; Mihai Bucicoiu; Ahmad-Reza Sadeghi Anonymous User Revocation for Using Attribute-Based Signature in Cloud Computing Zhiqian Xu; Keith M. Martin Secure Enterprise Data Deduplication in the Cloud, Fatema Rashid, Ali Miri, Isaac Woungang 10th paper is any paper of your choice in the reading list for April 10, 17, 24, May 1 and also presented in class