1. Developing and Securing the Cloud Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January – May 2016

2. Objective of the Unit l This unit provides an overview of the course. The course describes concepts, developments, challenges, and directions in - Secure Web Services - Secure Cloud Computing l Reference Book: Bhavani Thuraisingham, Developing and Securing the Cloud, CRC Press, November 2013

3. Outline of the Unit l Outline of Course l Course Work l Course Rules l Contact l Papers to read for lectures after Spring Break l Index to lectures and preparation for exams l Acknowledgement: - AFOSR for funding our research in assured cloud computing - NSF for funding our capacity building effort in cloud computing

4. Topics Covered for Exam #1 l Secure Web Services l Secure Cloud Computing l Secure Virtualization and Hypervisor l Access Control and Identity Management l Secure Cloud Data Publishing l Secure Cloud Query Processing l Secure Information Sharing l Secure Cloud Data Storage l Cloud Data Forensics l Secure Cloud Computing Tools

5. Topics Covered for Exam #2 l Selected Papers from Secure Cloud Computing Conferences

6. Course Work l Two exams each worth 25 points (March 11, May 7) l Programming project worth 20 points (April 29) l Two homework assignments – 7 points each (February 19, April 1) l Two term papers – 8 points each (March 4, April 8) l Programming Project Proposal – Due on March 25

7. Course Rules l Course attendance is mandatory; unless permission is obtained from instructor for missing a class with a valid reason (documentation needed for medical emergency for student or a close family member – e.g., spouse, parent, child). Attendance will be collected every lecture. 3 points will be deducted out of 100 for each lecture missed without approval. l Each student will work individually l Late assignments will not be accepted. All assignments have to be turned in just after the lecture on the due date l No make up exams unless student can produce a medical certificate or give evidence of close family emergency l Copying material from other sources will not be permitted unless the source is properly referenced l Any student who plagiarizes from other sources will be reported to the appropriate UTD authroities

8. Term Paper l Any topic we have discussed in class (e.g., web services, identity management, secure cloud, secure cloud query processing, …) l Survey different approaches l Give your analysis of the approaches l Organization - Abstract - Approaches - Analysis - Conclusion - References

9. Programming Project l Any topic related to cloud security and implement l Learn the Hadoop/MapReduce Framework l Example - Query modification in the cloud - Secure information sharing in the cloud - Secure social network in the cloud - Email filtering in the cloud

10. Contact l For more information please contact - Dr. Bhavani Thuraisingham - Professor of Computer Science and - Director of Cyber Security Research Center Erik Jonsson School of Engineering and Computer Science EC31, The University of Texas at Dallas Richardson, TX 75080 - Phone: 972-883-4738 - Fax: 972-883-2399 - Email: bhavani.thuraisingham@utdallas.edu - URL: http://www.utdallas.edu/~bxt043000/ URL: http://www.utdallas.edu/~bxt043000/

11. Papers to Read for Exam #1 l Paper 1: Elisa Bertino, Barbara Carminati, Elena Ferrari, Bhavani M. Thuraisingham, Amar Gupta: Selective and Authentic Third-Party Distribution of XML Documents. IEEE Trans. Knowl. Data Eng. 16(10): 1263-1278 (2004), Up to Section 6: Elisa BertinoBarbara CarminatiElena FerrariAmar GuptaIEEE Trans. Knowl. Data Eng. 16 l Paper 2: Tyrone Cadenhead, Murat Kantarcioglu, Vaibhav Khadilkar, Bhavani M. Thuraisingham: Design and Implementation of a Cloud-Based Assured Information Sharing System. MMM-ACNS 2012: 36-50Murat KantarciogluVaibhav KhadilkarBhavani M. ThuraisinghamMMM-ACNS 2012 l Paper 3: Arindam Khaled, Mohammad Farhan Husain, Latifur Khan, Kevin W. Hamlen, Bhavani M. Thuraisingham: A Token-Based Access Control System for RDF Data in the Clouds. CloudCom 2010: 104-111 – Section 1, 2, 3Mohammad Farhan HusainLatifur KhanKevin W. HamlenCloudCom 2010 l Paper 4: Bhavani M. Thuraisingham, Vaibhav Khadilkar, Anuj Gupta, Murat Kantarcioglu, Latifur Khan: Secure data storage and retrieval in the cloud. CollaborateCom 2010: 1-8

12. Papers to Read for Exam #1 l Paper 5: Kerim Yasin Oktay, Vaibhav Khadilkar, Bijit Hore, Murat Kantarcioglu, Sharad Mehrotra, Bhavani M. Thuraisingham: Risk-Aware Workload Distribution in Hybrid Clouds. IEEE CLOUD 2012: 229-236Kerim Yasin OktayVaibhav KhadilkarBijit HoreSharad MehrotraBhavani M. ThuraisinghamIEEE CLOUD 2012 l Paper 6: Yangchun Fu, Zhiqiang Lin: Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection. IEEE Symposium on Security and Privacy 2012: 586-600Zhiqiang LinIEEE Symposium on Security and Privacy 2012

13. Index to Lectures for Exam #1 l Lecture 1 – Cyber Security l Lecture 2 – Secure Web Services l Lecture 3 – Introduction to SOA, Secure SOA, Cloud Computing l Lecture 4 – Comprehensive Overview of Cloud Computing l Lecture 5 – Secure Document Publication l Lecture 6 – Assignment #1 l Lecture 7 – NIST Guidelines l Lecture 8 – Virtualization and Cloud Forensics l Lecture 9 – Cloud Centric Assured Information Sharing l Lecture 10 – Dr. Murat Lecture – Secure Cloud Data Storage l Lecture 11 – Secure Virtualization l Lecture 12 – Hypervisor Security

14. Index to Lectures for Exam #1 l Lecture 13 – Identity and Access Management l Lecture 14 – Assignment #2 l Lecture 15 – Dr. Khan Lecture: Access Control for the Cloud l Lecture 16 – Secure Cloud Computing Tools and Products l Lecture 17: Guest Lecture: Virtual Machine Introspection

15. Programming Project l Any topic related to cloud security and implement l Learn the Hadoop/MapReduce Framework l Example - Query modification in the cloud - Secure information sharing in the cloud - Secure social network in the cloud - Email filtering in the cloud

16. Papers to Read for Exam #2 – ACM CCS Cloud Workshop 2011 (March 25, 2016) l All Your Clouds are Belong to us - Security Analysis of Cloud Management Interfaces Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Joerg Schwenk, Nils Gruschka and Luigi Lo Iacono l Trusted Platform-as-a-Service: A Foundation for Trustworthy Cloud- Hosted Applications Andrew Brown and Jeff Chase l Detecting Fraudulent Use of Cloud Resources Joseph Idziorek, Mark Tannian and Doug Jacobson l Managing Multi-Jurisdictional Requirements in the Cloud: Towards a Computational Legal Landscape, David Gordon and Travis Breaux

17. Papers to Read for Exam #2 – ACM CCS Cloud Workshop 2012 (April 1, 2016) l Fast Dynamic Extracted Honeypots in Cloud Computing Sebastian Biedermann, Martin Mink, Stefan Katzenbeisser l Unity: Secure and Durable Personal Cloud Storage Beom Heyn Kim, Wei Huang, David Lie l Exploiting Split Browsers for Efficiently Protecting User Data Angeliki Zavou, Elias Athanasopoulos, Georgios Portokalidis, Angelos Keromytis l CloudFilter: Practical Control of Sensitive Data Propagation to the Cloud Ioannis Papagiannis, Peter Pietzuch

18. Papers to Read for Exam #2 – ACM CCS Cloud Workshop 2013 (April 1, 2016) l Structural Cloud Audits that Protect Private Information Hongda Xiao; Bryan Ford; Joan Feigenbaum l Cloudoscopy: Services Discovery and Topology Mapping Amir Herzberg; Haya Shulman; Johanna Ullrich; Edgar Weippl l Cloudsweeper: Enabling Data-Centric Document Management for Secure Cloud Archives Chris Kanich; Peter Snyder l Supporting complex queries and access policies for multi-user encrypted databases, Muhammad Rizwan Asghar, Giovanni Russello, Bruno Crispo, Mihaela Ion