Cloud Security. Copyright Ramesh Nagappan. All rights reserved.

Similar documents
Network Security

Advisory: Students should have already taken MICROCOMPUTER APPLICATIONS II - 431

COURSE OUTLINE. Last Amendment Edition Procedure No. Lecturer /blog Room No. Phone No. / Name.

EU General Data Protection Regulation (GDPR) Achieving compliance

COMPLIANCE IN THE CLOUD

ITT Technical Institute. IT360 Networking Security I Onsite Course SYLLABUS

Standard Course Outline IS 656 Information Systems Security and Assurance

Compliance & Security in Azure. April 21, 2018

ISM 324: Information Systems Security Spring 2014

INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA

ITSY Information Technology Security Course Syllabus Spring 2018

MSc Enterprise Security & Digital Forensics

IS305 Managing Risk in Information Systems [Onsite and Online]

COURSE OUTLINE. Course code: SCSR 4473 Academic Session/Semester: /2. Course name: Security Management Pre/co requisite (course name

Information Systems and Tech (IST)

I. PREREQUISITE For information regarding prerequisites for this course, please refer to the Academic Course Catalog.

Cloud Customer Architecture for Securing Workloads on Cloud Services

E-guide Getting your CISSP Certification

FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY

Securing Your Digital Transformation

MORGAN STATE UNIVERSITY DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING COURSE SYLLABUS FALL, 2015

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education

Threat and Vulnerability Assessment Tool

Cybersecurity & Privacy Enhancements

Controlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:

ISO LEAD AUDITOR TRAINING

Cyber Risks in the Boardroom Conference

Privacy hacking & Data Theft

The Business of Security in the Cloud

HITRUST CSF: One Framework

Securing the cloud ISACA Korea. Han Ther, Lee CISA, CISM, CISSP, CRISC, ITILF, MCSA

BHConsulting. Your trusted cybersecurity partner

The NIST Cybersecurity Framework

MIS Week 9 Host Hardening

Layer Security White Paper

CSA GUIDANCE VERSION 4 S TAT E O F T H E A R T CLOUD SECURITY AND GDPR NOTES. Hing-Yan Lee (Dr.) EVP, APAC, Cloud Security Alliance

CSCI 201L Syllabus Principles of Software Development Spring 2018

Required Textbook and Materials. Course Objectives. Course Outline

San José State University Department of Computer Science CS 166 / SE 166, Information Security, Section 4, spring, 2017

Model 4.2 Faculty member + student Course syllabus for Advanced programming language - CS313D

Governance, Organisation, Law, Regulation and Standards Syllabus QAN 603/0855/2

NCSF Foundation Certification

South Portland, Maine Computer Information Security

Auditing the Cloud. Paul Engle CISA, CIA

Seagate Supply Chain Standards and Operational Systems

NCSF Practitioner Certification

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

In this course, you need to use Pearson etext. Go to "Pearson etext and Video Notes".

ISO Lead Auditor Program Risk Management System (RMS) Training Program

Certified information Systems Security Professional(CISSP) Bootcamp

01.0 Policy Responsibilities and Oversight

SAC PA Security Frameworks - FISMA and NIST

The Challenge of Cloud Security

Security Models for Cloud

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

City University of Hong Kong. Course Syllabus. offered by Department of Computer Science with effect from Semester B 2016/17

NIS Standardisation ENISA view

ISATI 231: Windows Client (4 credits) Spring 2018 Mon, Tue, Wed, Thu, 13:10-14:40, MTB 105

Why the cloud matters?

locuz.com SOC Services

UNIT OUTLINE. Network Engineering 304. Mr Iain Murray. Department of Electrical and Computer Engineering Curtin Engineering

Introduction to AWS GoldBase

NYS DFS Cybersecurity Requirements. Stephen Head Senior Manager Risk Advisory Services

Temple University Fox School of Business MS Auditing and Cyber Security Program

Cloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015

CLOUD GOVERNANCE SPECIALIST Certification

*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***

Accelerate GDPR compliance with the Microsoft Cloud Ole Tom Seierstad National Security Officer Microsoft Norway

Microsoft Azure Security, Privacy, & Compliance

Protecting vital data with NIST Framework

Aligning IT, Security and Risk Management Programs. Ahmed Qurram Baig, CISSP, CBCP, CRISC, CISM Information Security & GRC Expert

Mitigating Risks with Cloud Computing Dan Reis

NYDFS Cybersecurity Regulations: What do they mean? What is their impact?

Contemporary Challenges for Cloud Service Providers Seeking FedRAMP Compliance

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV

ITSY Y1 Information Technology Security Course Syllabus _ Page 1 COURSE SYLLABUS. Course Name INFORMATION TECHNOLOGY SECURITY

Course Outline. CISSP - Certified Information Systems Security Professional

IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO

Cloud Computing Risks & Reality. Sandra Liepkalns, CRISC

SoftLayer Security and Compliance:

Syllabus: AIT Information Systems Infrastructure Lifecycle Management

Copyright 2011 EMC Corporation. All rights reserved.

Philadelphia University FACULTY OF ADMINISTRATIVE & FINANCIAL SCIENCES Department of Accounting 0000 Semester

Syllabus Revised 01/03/2018

Improving Internet of Things Device Certification with Policy Based Management

Challenges and Solutions of Distributed Systems Composition. Tsui, Tsun-Te / Dr. Jeng, Albert B. Telecom Technology Center

SYSTEMS ASSET MANAGEMENT POLICY

Who s Protecting Your Keys? August 2018

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Protecting Controlled Unclassified Information(CUI) in Nonfederal Information Systems and Organizations

FPM-IT-420B: FAC-P/PM-IT Planning & Acquiring Operations of IT Systems Course Details

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO

Protect Your Institution with Effective Cybersecurity Governance. Baker Tilly Virchow Krause, LLP

Run the business. Not the risks.

BHConsulting. Your trusted cybersecurity partner

Oracle Database 11g: Security Release 2

Spring CISM 3330 Section 01D (crn: # 10300) Monday & Wednesday Classroom Miller 2329 Syllabus revision: #

City University of Hong Kong Course Syllabus. offered by College/School/Department of Electronic Engineering with effect from Semester B in 2017/2018

VMware, SQL Server and Encrypting Private Data Townsend Security

Transcription:

Cloud Security 1

Cloud Security Week 1 Lecture 1 Ramesh Nagappan Harvard University Extension School Brandeis University GPS 2

Week 1 Lecture - 1 Course Introduction Evolution of Cloud Computing Introduction to Cloud Security 3

Course Introduction Agenda Course Overview Faculty Information Ramesh Nagappan TAs Course Information Lectures, Reading, Assignments & Quizzes, Grading criteria Work expectations Academic Integrity - Do s & Dont s Course Outcomes 4

CSCI E-49: Cloud Security Course Objectives Ground-up coverage on the concepts & guiding principles Cloud landscape and architectural principles with primary focus on security techniques and security design Deep dive on Security architecture, design patterns and best practices Current security standards, protocols, and best practices intended for delivering Cloud based enterprise IT services Architectural and design approaches to designing secure cloud services Applying industry security standards, regulatory mandates, audit policies and compliance requirements Survey on Cloud vendor security implementations and compliance 5

Cloud Security Meeting Times & Syllabus 6

Cloud Security Course Prerequisites & Credits 7

Faculty Profile Ramesh Nagappan Over 19+ years in Information Security Cryptography, Hardware assisted cryptography and Multi-tier application security Core team member of Java Security and Java EE Security teams Identity & Access Management, Provisioning and Identity Federation Identity Assurance & Multi-factor authentication using PKI, Smartcards, Biometrics IT Datacenter Security Compute and Network Virtualization Cloud infrastructure security IAAS, PAAS, SAAS Compliance auditing PCI-DSS, FIPS-140, EU Data Protection directives Experienced with National ID, Defense, Law enforcement and Cybersecurity initiatives Represented in IT Security standards : OASIS, Liberty Alliance, NIST 8

Faculty Profile continued Ramesh Nagappan Co-author of Core Security Patterns (Prentice Hall) and 5 Other books Currently Security Technologist at Oracle Engineered Systems & Cloud Infrastructure security Hardware assisted Cryptography Security Certifications : CISSP, CISA, CRISC Holds Masters degrees in Industrial Automation & Applied Sciences A Ph.D dropout Adjunct faculty at Brandeis University & Harvard University Applied Cryptography & Identity Management Cloud Security Secure Applications, Web Services & SAAS 9

Course Structure Lectures, Reading List & Student Deliverables 10

Course Structure Grading Criteria Percentage Deliverable 30% Weekly Discussions 30% 2 Case Study Assignments 20% 4 Bi-weekly Quizzes (20 Minutes each) 20% Final Project (Individual or Group) + 5% Optional Extra-credit Assignment or Quiz 11

Course Structure List of Lectures (Week 1 thru 7) 12

Course Structure List of Lectures (Week 8 thru 14) 13

Work Expectations Students require to spend at 5 7 hours/week For weekly review and assignment work Assignments are case studies Based on the topics discussed in the class. Open-response not more than 7 10 pages including illustrations Quizzes Refer to Class lecture notes and reading list Final Project Students may choose to work as an individual or group project (Max. 3) Project expectations and template provided Project report (No page limit) 14

Course Outcomes Students will learn and develop understanding of the following: Fundamentals of cloud computing architectures based on current standards, protocols, and best practices Identify the known threats, risks, vulnerabilities and privacy issues associated with Cloud and evolve appropriate safeguards and countermeasures Design Cloud security architectures that assures secure isolation of compute, network and storage infrastructures, comprehensive data protection, end-to-end identity and access management, monitoring and auditing processes and compliance with industry and regulatory mandates. Cloud computing security guidelines set forth by ISO, NIST, ENISA and Cloud Security Alliance (CSA) Prepares for Cloud Security - CBK Certifications from Cloud Security Alliance (CSA). 15

Cloud Security - Course Outcomes Monitoring & Auditing Access Control Data Protection Secure Isolation Architecture and Governance Advise Assist Architect Assess 16

Academic Integrity Please comply with Brandeis GPS Academic Integrity policies Make sure to use your sources responsibly Not knowing the rules, misunderstanding the rules, running out of time, submitting the wrong draft, or being overwhelmed with multiple demands are not acceptable excuses. There are no excuses for failure to uphold academic integrity. Faculty is required to report Plagiarism to GPS Thanks for understanding 17

Other Expectations No Proprietary or Vendor Product in Assignments and Coursework All references must pertain to Cloud Industry standards and guidelines Communication with Faculty and TAs Late assignments 18

Where To Reach Us Ramesh Nagappan Contact Information nramesh@brandeis.edu Virtual Meetings by appointment 19

20

Notes 21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback