The Department of Computer Science offers several courses related to assured cloud computing:
- Secure Cloud Data Storage
- Data and Applications Security - Units on Secure Cloud Data Management
- Advanced Digital Forensics and Data Reverse Engineering - Unit on Cloud Forensics
- Secure Web Services and Cloud Computing
- Systems Security and Binary Code Analysis - Unit on Virtualization Security
- Information and Security Analytics - Units on the Impact of Cloud Computing
Secure Cloud Data Storage:
This course provides a comprehensive overview of cloud data security and storage issues. Students will learn various cryptography techniques to secure the data in the cloud. They will also learn storage schemes in the cloud. Finally students will have a thorough knowledge of the various cloud offerings and their data storage aspects.
Learning outcome: Students will have a solid understanding of data storage and security strategies for the cloud.
Data and Applications Security - Units on Secure Cloud Data Management:
This course taught principles, technologies, tools and trends for data and applications security. Topics covered include:
Confidentiality, Privacy and Trust Management, Secure Databases, Secure Distributed Systems, Secure Multimedia and Object Systems, Secure Data Warehouses, Data Mining for Security Applications, Assured Information Sharing, Secure Knowledge Management, Trustworthy Semantic Web and Secure Social Networks. In addition, several units on secure cloud data management were introduced.
Learning outcome: Students have a thorough understanding of the principles, practice and technologies of secure data management.
Advanced Digital Forensics and Data Reverse Engineering - Unit on Cloud Forensics:
The course covered the underlying technical details of digital forensics and data reverse engineering, discussed various security applications, analyzed potential limitations of existing systems and proposed solutions to develop a more secure systems. Unit on cloud forensics was also introduced.
Learning outcome: Students have a good understanding of the fundamentals of digital forensics through reverse engineering.
Secure Web Services and Cloud Computing:
The first half of the course explores secure web services, semantic web services which are fundamental to cloud computing. The second half of the course is devoted entirely to secure cloud computing. Topics include secure virtualization, secure cloud data storage, identity management in the cloud and secure cloud computing technologies, tools and standards. A book based on this course is expected to be published in Fall 2012.
Learning outcome: Students understand the various cloud technologies and the use of the Hadoop/MapReduce framework to develop assured cloud computing tools.
Systems Security and Binary Code Analysis - Unit on Virtualization Security:
This course explained low-level system details from compiler, linker, loader to OS kernel and computer architectures, examine the weakest link in each system component, explore the left bits and bytes after all these transformations and study the state-of-the-art offenses and defenses. Attacks due to virtualization (related to secure cloud) were also included in the course.
Learning outcome: Students will be able to understand how an attack is launched (e.g., how an exploit is created), and how to do the defense (e.g., developing OS patches, analyzing the binary code, and detecting intrusions)
Cloud Computing:
This course covers a series of current cloud computing technologies including technologies for Infrastructure as a Service, Platform as a Service, Software as a Service, and Physical Systems as a Service. For different layers of the cloud technologies, practical solutions such as Google, Amazon, Microsoft, SalesForce.com, etc. solutions as well as theoretical solutions (covered by a set of papers) are introduced.
Learning outcome: By engaging in hands-on exploration of existing cloud technologies as well as development of new technologies, students develop an in-depth understanding of cloud computing.
Information and Security Analytics - Units on the Impact of Cloud Computing:
This course covers the ten CISSP modules. This includes Security Governance and Risk, Access Control, Security Architecture, Cryptography, Network Security, Physical Security, Applications Security, Business Recovery Management, Operating Security, Legal aspects and Forensics. We have introduced units on the impact of the cloud on the ten modules.
Learning outcome: At the end of the course in August 2012, students will have a solid understanding on the CISSP modules for the cloud. For example, what are the governance issues for the cloud? What are the access control and identity management issues for the cloud?