CLOUD SYSTEMS AND SECURITY

SHE Level 4
SCQF Credit Points 20.00
ECTS Credit Points 10.00
Module Code MHI122335
Module Leader Huaglory Tianfield
School School of Computing, Engineering and Built Environment
Subject Computing
Trimester
  • A (September start)

Pre-Requisite Knowledge

Operating Systems & Security, Enterprise Systems Engineering, Quantitative Modelling and Cryptography or equivalent

Summary of Content

This module is concerned with the important area of security with respect to cloud systems. The module includes coverage of the fundamentals of cloud systems, common architectures, cloud system capabilities and cloud services. The areas of system security specific to cloud systems, and the concepts, standards and technologies associated with identity and access management will also be covered. In addition, cloud security management will be considered as well as the range of cloud service providers currently operating. A programme of lab sessions is included with a focus on allowing students to gain hands-on experience of using and configuring cloud systems from the perspective of ensuring that they are secure.

Syllabus

Fundamentals of Cloud Systems - Cloud Services Delivery Models; SaaS, PaaS and IaaS - Cloud Deployment Models; Public, Private, Hybrid Virtualisation technologies - Virtualisation architectures - Types of hypervisors and toolkits Systems Security Architecture - Infrastructure Security at Network, Host and Application Levels - Data Security and Storage - Availability Management; SaaS, PaaS, IaaS - Access Control - Vulnerability, Patch and Configuration Management Identity and Access Management (IAM) - IAM Definitions - Trust Boundaries - Cloud Standards and Protocols; SAML, SPML, XACML, OAuth, OpenID etc. - Cloud Practices; Identity Administration, Federation/SSO, Authorization Management Cloud Platforms - Overview of current Platforms and their security capabilities. - Virtual Data Centre - Cloud Service Provider (CSP) practices

Learning Outcomes

On completion of this module, students should be able to:Demonstrate a comprehensive understanding of cloud systems and service models.Compare and contrast cloud virtualisation technologies.Compare and contrast cloud systems security architectures.Critically appraise Identity and Access Management techniques applicable to cloud systems.Critically evaluate cloud systems security.Understand the range of Cloud Platforms.

Teaching / Learning Strategy

This module will be taught by means of lectures, seminars/tutorials, and practical exercises. Students are directed to study appropriate texts and articles both paper based and web based to consolidate their knowledge of the topics covered. Assessment of learning outcomes will consist of reports and presentations from practical exercises and a final exam. A Virtual Learning Environment (VLE) will also be used to provide access to a range of relevant learning resources and materials to enhance the teaching strategy.

Indicative Reading

Cloud Security Alliance (2011) Security Guidance for Critical Areas of Focus in Cloud Computing V3.0. Cloud Security Alliance. European Network and Information Security Agency (ENISA) (2012) Cloud Computing: Benefits, Risks and Recommendations for Information Security Mather T., Kumaraswamy, S. & Latif S. (2009) Cloud Security and Privacy. O'Reilly. Rittinghouse, J. & Ransome, J. (2010) Cloud Computing Implementation, Management, and Security. CRC Press. Winkler, V. (2011) Securing the Cloud. Syngress.

Transferrable Skills

TRADITIONAL ACADEMIC SKILLS - specialist knowledge, ability to apply knowledge, critical analysis, problem-solving, written and spoken communication, computer literacy and research skills. PERSONAL DEVELOPMENT SKILLS - self-confidence, self-discipline, self-reliance, creativity. ENTERPRISE OR BUSINESS SKILLS - ability to prioritise tasks, time management, interpersonal skills, innovation.

Module Structure

Activity Total Hours
Lectures (PT) 24.00
Independent Learning (PT) 126.00
Independent Learning (FT) 120.00
Tutorials (FT) 12.00
Lectures (FT) 24.00
Assessment (PT) 20.00
Practicals (FT) 24.00
Tutorials (PT) 6.00
Assessment (FT) 20.00
Practicals (PT) 24.00

Assessment Methods

Component Duration Weighting Threshold Description
Exam (Exams Office) 2.00 50.00 35% Unseen written exam
Coursework 1 0.00 50.00 35% Practical Assignment