Presentation is loading. Please wait.

Presentation is loading. Please wait.

Developing and Securing the Cloud Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January – May 2014.

Similar presentations


Presentation on theme: "Developing and Securing the Cloud Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January – May 2014."— Presentation transcript:

1 Developing and Securing the Cloud Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January – May 2014

2 Objective of the Unit l This unit provides an overview of the course. The course describes concepts, developments, challenges, and directions in - Secure Web Services - Secure Cloud Computing l Book: Bhavani Thuraisingham, Developing and Securing the Cloud, CRC Press, November 2013

3 Outline of the Unit l Outline of Course l Course Work l Course Rules l Contact l Papers to read for lectures after Spring Break l Index to lectures and preparation for exams l Acknowledgement: - AFOSR for funding our research in assured cloud computing - NSF for funding our capacity building effort in cloud computing

4 Course Work l Two exams each worth 25 points l Programming project worth 20 points l Two homework assignments – 7 points each - Assignment 1 due Feb 21, Assignment 2 due March 28 l Two term papers – 8 points each - Term paper 1 due Feb 28, Term paper 2 due April 18 l Programming Project - Due date: May 2 l Exams - Exam #1 March 7; Exam #2 is May 7.

5 Course Rules l Course attendance is mandatory; unless permission is obtained from instructor for missing a class with a valid reason (documentation needed for medical emergency for student or a close family member – e.g., spouse, parent, child). Attendance will be collected every lecture. 3 points will be deducted out of 100 for each lecture missed without approval. l Each student will work individually l Late assignments will not be accepted. All assignments have to be turned in just after the lecture on the due date l No make up exams unless student can produce a medical certificate or give evidence of close family emergency l Copying material from other sources will not be permitted unless the source is properly referenced l Any student who plagiarizes from other sources will be reported to the appropriate UTD authroities

6 Contact l For more information please contact - Dr. Bhavani Thuraisingham - Professor of Computer Science and - Director of Cyber Security Research Center Erik Jonsson School of Engineering and Computer Science EC31, The University of Texas at Dallas Richardson, TX 75080 - Phone: 972-883-4738 - Fax: 972-883-2399 - Email: bhavani.thuraisingham@utdallas.edu - URL: http://www.utdallas.edu/~bxt043000/ URL: http://www.utdallas.edu/~bxt043000/

7 Course Syllabus l January 17: Malware Detection, Insider Threat l January 24: Cyber Security Modules l January 31: Secure Web Services, Secure Semantic Web l February 7: Introduction to Cloud Computing l February 14: Secure Cloud-based Data Publication and Sharing l February 21: Secure Cloud Query Processing l February 28: Hands-on Cloud Computing Tools l March 7 – Exam #1 l March 14 – Spring Break l March 21: Google File Systems l March 28: Secure Virtualization l April/May – Papers from ACM Cloud Security Workshop + Some Guest Lectures

8 Papers to Read for Exam #1 l Paper 1: Elisa Bertino, Barbara Carminati, Elena Ferrari, Bhavani M. Thuraisingham, Amar Gupta: Selective and Authentic Third-Party Distribution of XML Documents. IEEE Trans. Knowl. Data Eng. 16(10): 1263-1278 (2004): Elisa BertinoBarbara CarminatiElena FerrariAmar GuptaIEEE Trans. Knowl. Data Eng. 16 l Paper 2: Tyrone Cadenhead, Murat Kantarcioglu, Vaibhav Khadilkar, Bhavani M. Thuraisingham: Design and Implementation of a Cloud-Based Assured Information Sharing System. MMM-ACNS 2012: 36-50Murat KantarciogluVaibhav KhadilkarBhavani M. ThuraisinghamMMM-ACNS 2012 l Reference paper: Mohammad Farhan Husain, James P. McGlothlin, Mohammad M. Masud, Latifur R. Khan, Bhavani M. Thuraisingham: Heuristics-Based Query Processing for Large RDF Graphs Using Cloud Computing. IEEE Trans. Knowl. Data Eng. 23(9): 1312-1327 (2011) – Section 1, 2, 3,: Mohammad Farhan HusainJames P. McGlothlin Mohammad M. MasudLatifur R. KhanIEEE Trans. Knowl. Data Eng. 23 l Paper 3: Arindam Khaled, Mohammad Farhan Husain, Latifur Khan, Kevin W. Hamlen, Bhavani M. Thuraisingham: A Token-Based Access Control System for RDF Data in the Clouds. CloudCom 2010: 104-111 – Section 1, 2, 3Mohammad Farhan HusainLatifur KhanKevin W. HamlenCloudCom 2010

9 Papers to Read for Exam #1 l Paper 4: Bhavani M. Thuraisingham, Vaibhav Khadilkar, Anuj Gupta, Murat Kantarcioglu, Latifur Khan: Secure data storage and retrieval in the cloud. CollaborateCom 2010: 1-8 l Paper 5: Chadwick, D. W., & Inman, G. (2009). Attribute aggregation in federated identity management. IEEE Computer, 42(5), 33-40.

10 Index to Lectures for Exam #1 Lecture 1 – Data mining for malware – extra credit Lecture 2 – Insider threat – Guest lecture Lecture 3 – Data management – Guest Lecture Lecture 4 – Cyber Security Modules – extra credit Lecture 5 – Secure web services – Part 1 – one question Lecture 6 – Secure web services – Part 2 – one question Lecture 7 – Trustworthy semantic web – one questions Lecture 8 – Introduction to semantic web – guest lecture Lecture 9 – Intro to cloud computing – guest lecture Lecture 10 – Comprehensive overview – one question Lecture 11 – NIST Guidelines – one question Lecture 12 – Assignment #1 (may be included in exam) Lecture 13 – Cloud-based Secure Publication – one question (paper 1)

11 Index to Lectures for Exam #1 Lecture 14 – Cloud-based info sharing – one question (paper 2) Lecture 15 – Cloud query processing – Guest lecture Lecture 16 – Secure Cloud query processing – One question (paper 3) Lecture 17 – Cloud tools – Guest lecture Lecture 18 – Secure data storage – One question of part of a question (Paper 4) Lecture 19 – Security and federated identity management - One question - (paper 5) Lecture 20 – Comprehensive Overview, Part II (Continuation of Lecture 10) One question or part of a question

12 Term Paper l Any topic we have discussed in class (e.g., web services, identity management, secure cloud, secure cloud query processing, …) l Survey different approaches l Give your analysis of the approaches l Organization - Abstract - Approaches - Analysis - Conclusion - References

13 Programming Project l Any topic related to cloud security and implement l Learn the Hadoop/MapReduce Framework l Example - Query modification in the cloud - Secure information sharing in the cloud - Secure social network in the cloud - Email filtering in the cloud

14 Papers to Read for Exam #2 – ACM CCS Cloud Workshop 2011 l All Your Clouds are Belong to us - Security Analysis of Cloud Management Interfaces Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Joerg Schwenk, Nils Gruschka and Luigi Lo Iacono l Trusted Platform-as-a-Service: A Foundation for Trustworthy Cloud- Hosted Applications Andrew Brown and Jeff Chase l Detecting Fraudulent Use of Cloud Resources Joseph Idziorek, Mark Tannian and Doug Jacobson l Managing Multi-Jurisdictional Requirements in the Cloud: Towards a Computational Legal Landscape, David Gordon and Travis Breaux

15 Papers to Read for Exam #2 – ACM CCS Cloud Workshop 2012 l Fast Dynamic Extracted Honeypots in Cloud Computing Sebastian Biedermann, Martin Mink, Stefan Katzenbeisser l Unity: Secure and Durable Personal Cloud Storage Beom Heyn Kim, Wei Huang, David Lie l Exploiting Split Browsers for Efficiently Protecting User Data Angeliki Zavou, Elias Athanasopoulos, Georgios Portokalidis, Angelos Keromytis l CloudFilter: Practical Control of Sensitive Data Propagation to the Cloud Ioannis Papagiannis, Peter Pietzuch

16 Papers to Read for Exam #2 – ACM CCS Cloud Workshop 2013 l Structural Cloud Audits that Protect Private Information Hongda Xiao; Bryan Ford; Joan Feigenbaum l Cloudoscopy: Services Discovery and Topology Mapping Amir Herzberg; Haya Shulman; Johanna Ullrich; Edgar Weippl l Cloudsweeper: Enabling Data-Centric Document Management for Secure Cloud Archives Chris Kanich; Peter Snyder l In addition, the following paper from IEEE S&P Symposium l Yangchun Fu, Zhiqiang Lin: Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection. IEEE Symposium on Security and Privacy 2012: 586-600 Yangchun FuIEEE Symposium on Security and Privacy 2012

17 Index to Lectures since Exam #1 Note: You need to read the 12 papers in the previous three charts for Exam #2. Index to lectures is for information only Lecture 21 – Cloud Computing Tools – Guest Lecture Lecture 22 – Guest Lecture by Dr. Yen Lecture 23 – Guest Lecture by Dr. Lin Lecture 24 – Cloud Security Alliance Papers – Guest Lecture Lecture 25 – ACM Cloud Security 2011 Workshop Paper List Lecture 26 - Intro to Cyber Security, Part II – Guest Lecture Lecture 27 – ACM Cloud Security 2012 Workshop Paper List Lecture 28 – ACM 2013 Cloud Security Workshop Paper List Lecture 29 – Guest Lecture by Dr. Hamlen Lecture 30 – Cloud and Stream Data Guest Lecture Lecture 31 – Android Malware Detection Guest Lecture


Download ppt "Developing and Securing the Cloud Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course January – May 2014."

Similar presentations


Ads by Google