Cloud Security. Copyright Ramesh Nagappan. All rights reserved.

Transcription

1 Cloud Security 1

2 Cloud Security Week 1 Lecture 1 Ramesh Nagappan Harvard University Extension School Brandeis University GPS 2

3 Week 1 Lecture - 1 Course Introduction Evolution of Cloud Computing Introduction to Cloud Security 3

4 Course Introduction Agenda Course Overview Faculty Information Ramesh Nagappan TAs Course Information Lectures, Reading, Assignments & Quizzes, Grading criteria Work expectations Academic Integrity - Do s & Dont s Course Outcomes 4

5 CSCI E-49: Cloud Security Course Objectives Ground-up coverage on the concepts & guiding principles Cloud landscape and architectural principles with primary focus on security techniques and security design Deep dive on Security architecture, design patterns and best practices Current security standards, protocols, and best practices intended for delivering Cloud based enterprise IT services Architectural and design approaches to designing secure cloud services Applying industry security standards, regulatory mandates, audit policies and compliance requirements Survey on Cloud vendor security implementations and compliance 5

6 Cloud Security Meeting Times & Syllabus 6

7 Cloud Security Course Prerequisites & Credits 7

8 Faculty Profile Ramesh Nagappan Over 19+ years in Information Security Cryptography, Hardware assisted cryptography and Multi-tier application security Core team member of Java Security and Java EE Security teams Identity & Access Management, Provisioning and Identity Federation Identity Assurance & Multi-factor authentication using PKI, Smartcards, Biometrics IT Datacenter Security Compute and Network Virtualization Cloud infrastructure security IAAS, PAAS, SAAS Compliance auditing PCI-DSS, FIPS-140, EU Data Protection directives Experienced with National ID, Defense, Law enforcement and Cybersecurity initiatives Represented in IT Security standards : OASIS, Liberty Alliance, NIST 8

9 Faculty Profile continued Ramesh Nagappan Co-author of Core Security Patterns (Prentice Hall) and 5 Other books Currently Security Technologist at Oracle Engineered Systems & Cloud Infrastructure security Hardware assisted Cryptography Security Certifications : CISSP, CISA, CRISC Holds Masters degrees in Industrial Automation & Applied Sciences A Ph.D dropout Adjunct faculty at Brandeis University & Harvard University Applied Cryptography & Identity Management Cloud Security Secure Applications, Web Services & SAAS 9

10 Course Structure Lectures, Reading List & Student Deliverables 10

11 Course Structure Grading Criteria Percentage Deliverable 30% Weekly Discussions 30% 2 Case Study Assignments 20% 4 Bi-weekly Quizzes (20 Minutes each) 20% Final Project (Individual or Group) + 5% Optional Extra-credit Assignment or Quiz 11

12 Course Structure List of Lectures (Week 1 thru 7) 12

13 Course Structure List of Lectures (Week 8 thru 14) 13

14 Work Expectations Students require to spend at 5 7 hours/week For weekly review and assignment work Assignments are case studies Based on the topics discussed in the class. Open-response not more than 7 10 pages including illustrations Quizzes Refer to Class lecture notes and reading list Final Project Students may choose to work as an individual or group project (Max. 3) Project expectations and template provided Project report (No page limit) 14

15 Course Outcomes Students will learn and develop understanding of the following: Fundamentals of cloud computing architectures based on current standards, protocols, and best practices Identify the known threats, risks, vulnerabilities and privacy issues associated with Cloud and evolve appropriate safeguards and countermeasures Design Cloud security architectures that assures secure isolation of compute, network and storage infrastructures, comprehensive data protection, end-to-end identity and access management, monitoring and auditing processes and compliance with industry and regulatory mandates. Cloud computing security guidelines set forth by ISO, NIST, ENISA and Cloud Security Alliance (CSA) Prepares for Cloud Security - CBK Certifications from Cloud Security Alliance (CSA). 15

16 Cloud Security - Course Outcomes Monitoring & Auditing Access Control Data Protection Secure Isolation Architecture and Governance Advise Assist Architect Assess 16

17 Academic Integrity Please comply with Brandeis GPS Academic Integrity policies Make sure to use your sources responsibly Not knowing the rules, misunderstanding the rules, running out of time, submitting the wrong draft, or being overwhelmed with multiple demands are not acceptable excuses. There are no excuses for failure to uphold academic integrity. Faculty is required to report Plagiarism to GPS Thanks for understanding 17

18 Other Expectations No Proprietary or Vendor Product in Assignments and Coursework All references must pertain to Cloud Industry standards and guidelines Communication with Faculty and TAs Late assignments 18

19 Where To Reach Us Ramesh Nagappan Contact Information Virtual Meetings by appointment 19

20 20

21 Notes 21