BC4006 Cloud Security Syllabus:

BC4006 Cloud Security Syllabus – Anna University PG Syllabus Regulation 2021

COURSE OBJECTIVES:

 To Introduce Cloud Computing terminology, definition & concepts
 To understand the security design and architectural considerations for Cloud
 To understand the Identity, Access control in Cloud
 To follow best practices for Cloud security using various design patterns
 To be able to monitor and audit cloud applications for security

UNIT I FUNDAMENTALS OF CLOUD COMPUTING

Understand what is Cloud computing, Architectural and Technological Influences of Cloud Computing, Understand the Cloud deployment models, Public, Private, Community and Hybrid models, Scope of Control, Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS), Cloud Computing Roles, Risks and Security Concerns

UNIT II SECURITY DESIGN AND ARCHITECTURE FOR CLOUD

Guiding Security design principles for Cloud Computing, Comprehensive data protection, End-to-end access control, CSA, NIST and ENISA guidelines for Cloud Security, Common attack vectors and threats, Compute, Network and Storage, Secure Isolation Strategies, Multitenancy, Virtualization strategies, Inter-tenant network segmentation strategies, Storage isolation strategies, Data Protection strategies, Data retention, deletion and archiving procedures for tenant data, Encryption, Data Redaction, Tokenization, Obfuscation, PKI and Key

UNIT III ACCESS CONTROL AND IDENTITY MANAGEMENT

Understand the access control requirements for Cloud infrastructure, Enforcing Access Control Strategies, Authentication and Authorization, Roles-based Access Control, Multi-factor authentication, Host, storage and network access control options, OS Hardening and minimization, securing remote access, Verified and measured boot, Firewalls, Intruder Detection, Intruder prevention and honeypots, User Identification, Authentication, and Authorization in Cloud Infrastructure, Identity & Access Management, Single Sign-on, Identity Federation, Identity
providers and service consumers, The role of Identity provisioning

UNIT IV CLOUD SECURITY DESIGN PATTERNS

Introduction to Design Patterns, Platform-to-Virtualization & Virtualization-to-Cloud, Cloud bursting, Geo-tagging, Cloud VM Platform Encryption, Secure Cloud Interfaces, Cloud Resource Access Control, Secure On-Premise Internet Access, Secure External Cloud Connection, Cloud Denial-of-Service Protection, Cloud Traffic Hijacking Protection, Cloud Authentication Gateway, Federated Cloud Authentication, Cloud Key Management

UNIT V MONITORING, AUDITING AND MANAGEMENT

Proactive activity monitoring, Incident Response, Monitoring for unauthorized access, malicious traffic, abuse of system privileges, intrusion detection, events and alerts, Auditing – Record generation, Reporting and Management, Tamper-proofing audit logs, Quality of Services, Secure Management, User management, Identity management, Security Information and Event Management

COURSE OUTCOMES:

CO1: Understand the cloud concepts and fundamentals.
CO2: Explain the security challenges in cloud.
CO3: Define cloud policy and Identity and Access Managements.
CO4: Understand various risks, and audit and monitoring mechanisms in cloud.
CO5: Define the various architectural and design considerations for security in cloud.

TOTAL PERIODS:45

REFERENCES

1. Raj Kumar Buyya , James Broberg, andrzej Goscinski, ―Cloud Computing:‖, Wiley 2013
2. Dave shackleford, ―Virtualization Security‖, SYBEX a wiley Brand 2013.
3. Mather, Kumaraswamy and Latif, ―Cloud Security and Privacy‖, OREILLY 2011
4. Mark C. Chu-Carroll ―Code in the Cloud‖,CRC Press, 2011
5. Mastering Cloud Computing Foundations and Applications Programming Rajkumar Buyya, Christian Vechhiola, S. Thamarai Selvi

Related posts:

  1. OIT552 Cloud Computing Syllabus
  2. MP4251 Cloud Computing Technologies Syllabus
  3. NC4201 Internet of Things and Cloud Syllabus
  4. MC4203 Cloud Computing Technologies Syllabus
  5. EC3401 Networks and Security Syllabus
  6. CP4391 Security Practices Syllabus
  7. NE4251 Network Security Syllabus
  8. MU4252 Media Security Syllabus
  9. MC4205 Cyber Security Syllabus
  10. BC4004 Biometric Security Syllabus
  11. ET4012 Embedded Systems Security Syllabus
  12. IF4301 Information and Network Security Syllabus
  13. NE4261 Network Security Laboratory Syllabus
  14. EL4004 Cryptography and Network Security Syllabus
  15. MC4028 Network Programming and Security Syllabus
  16. CE4151 Principles of Cyber Security Syllabus
  17. BC4003 Operating System Security Syllabus
  18. DS4016 Internet of Things System Design and Security Syllabus
  19. PS4001 Power System State Estimation and Security Assessment Syllabus