CLOUD VIRTUALISATION SECURITY

SHE Level 5
SCQF Credit Points 20.00
ECTS Credit Points 10.00
Module Code MMI124017
Module Leader Huaglory Tianfield
School School of Computing, Engineering and Built Environment
Subject Computing
Trimester
  • A (September start)

Summary of Content

This module provides a systematic study of the techniques and practices of protecting systems level security in cloud computing, i.e., virtualisation, which, in the event of being compromised, would cause catastrophic consequences for cloud infrastructures and service customers. The module will focus on the security issues arising from the use of virtualised infrastructures and will investigate the vulnerabilities and security techniques of hypervisors or virtual machine monitors (VMM) together with containers. The module will emphasise current industry strength techniques of achieving cloud virtualisation security. The module will equip students with hands-on skills and experience through targeted lab work.

Syllabus

- Security threats and risks of virtualised infrastructures, including hypervisors and containers - Mitigation and protection techniques for cloud virtualisation o vulnerability assessment methods o advanced persistent threats (APT) - Security in container, Linux and Windows - Compulsory and discretionary access control for cloud virtualisation - Virtual Machine Introspection (VMI) - IDS/IPS for cloud virtualisation - Malware analysis for cloud virtualisation - Security monitoring of cloud virtualisation environments o security information and event management (SIEM) for cloud virtualisation o in-box vs. out of box, interception of hypercalls o security analytics and machine learning techniques Examples of tasks undertaken by students in practical sessions are: Installation, configuration and test of the following toolkits: o Open-source cloud platforms, e.g., VirtualBox and Kernel-based Virtual Machine (KVM), and licensed enterprise could platforms, e.g., Microsoft Azure o Open-source toolkits for capturing traffic and logs, and IDS, e.g., Wireshark, netsniff-ng, snort. o Open-source toolkits for security analytics, e.g., Apache Hadoop, Apache Storm and Cassandra, R.

Learning Outcomes

On completion of this module the student should be able to:Demonstrate a critical and systematic understanding of vulnerabilities and their assessment methods at the virtualisation level of cloud computing.Critically evaluate the design and the implementation of state-of-the-art security monitoring and analytics techniques for cloud computing.Demonstrate practical skills in the analysis and management of cyber security for cloud computing.Apply techniques for systems isolation and disaster recovery management in cloud computing environments.

Teaching / Learning Strategy

The university 'Strategy for Learning' documentation has informed the learning and teaching strategy for this module. The module's material will be introduced through lectures, while practical exercises, based on the lecture material, will be given to students for their laboratory sessions. Where appropriate a studio learning approach will be implemented for practical work. Tutorials will be used to help explain and elaborate on both the lecture material and the laboratory exercises. All lecture, laboratory and tutorial material will be made available on GCU Learn and links will be provided to appropriate external material such as podcasts, MOOCs, videos and literature. During all lab and tutorial sessions students will receive formative feedback on their performance in undertaking the laboratory and tutorial exercises. Summative feedback and grades will also be provided for the coursework assignment undertaken as part of the module using GCU Learn. GCU Learn will also be used to provide the students with module specific Forums and Wikis to stimulate student and lecturer interaction outwith the normal lecture, laboratory and tutorial sessions. The coursework will include an open-ended extension element to encourage student to enhance their solution by exploring a sub-topic not otherwise covered in the module. Due to the provision of all material online, the module is suitable for use where Flexible and Distributed Learning (FDL) is required.

Indicative Reading

Matthew Portnoy, Virtualization Essentials. ISBN-10: 1118176715, ISBN-13: 978-1118176719, Publisher: Sybex; 1 st edition, 26 Apr 2012, 304 pages. Dave Shackleford, Virtualization Security: Protecting Virtualized Environments. ISBN-10: 1118288122, ISBN-13: 978-1118288122, Publisher: Sybex; 1 st edition, 4 December 2012, 360 pages. John Hoopes, Virtualization for Security. eBook ISBN: 9780080879352, Print Book ISBN: 9781597493055, Imprint: Syngress, 10 Dec 2008, 384 pages. Karen Scarfone, Murugiah Souppaya, Paul Hoffman, Guide to Security for Full Virtualization Technologies. NIST Special Publication 800-125, Jan 2011, 35 pages. PCI DSS Virtualization Guidelines. Version 2.0, Jun 2011, 39 pages. CSA, Best Practices for Mitigating Risks in Virtualized Environments. April 2015, 35 pages. David Miller, Shon Harris, Allen Harper, Stephen VanDyke, Chris Blask, Security Information and Event Management (SIEM) Implementation. ISBN: 0071701087, 9780071701082, Publisher: McGraw Hill Professional, 2010, 496 pages. Mark Talabis, Robert McPherson, I Miyamoto, Jason Martin, Information Security Analytics. Print Book ISBN: 9780128002070, eBook ISBN: 9780128005064, Imprint: Syngress, 1 st Edition, 27 Nov 2014, 182 pages

Transferrable Skills

D1 Specialist knowledge and application D2 Critical thinking and problem solving D3 Critical analysis D4 Communication skills, written, oral and listening D8 Self-confidence, self-discipline & self-reliance (independent working) D9 Awareness of strengths and weaknesses D10 Creativity, innovation & independent thinking D13 Reliability, integrity, honesty and ethical awareness D14 Ability to prioritise tasks and time management D15 Interpersonal skills, team working and leadership D16 Presentation skills

Module Structure

Activity Total Hours
Independent Learning (FT) 120.00
Tutorials (FT) 12.00
Assessment (FT) 20.00
Practicals (FT) 24.00
Lectures (FT) 24.00

Assessment Methods

Component Duration Weighting Threshold Description
Coursework 1 n/a 50.00 45% Practical report on virtualisation security with the cloud platform/toolkit used in the lab (3,000 word count approx.)
Coursework 2 n/a 50.00 45% Appraisal report on a state of the art technique of virtualisation security (4,000 word count approx.)