Course Curriculam

Course Code: CSE439 Credit Units L T P/S SW AS/DS FW No. of PSDA Total Credit Unit
Course Level UG 3 0 0 2 0 0 0 4
Course Title Cloud Security

Course
Description :

Course Objectives :

SN
Objectives
.
After finishing this course student will be able to get introduction of security concepts in cloud computing, its applications and importance. This course
1 explores the basic characteristics of cryptographic systems in details. It also helps in learning about the multi-tenancy issues in terms of security in
virtualization in cloud computing. Finally, it gives overview about the legal and compliances issues.

Pre-Requisites : General

SN. Course Code Course Name

Course Contents / Syllabus :

SN. Module Descriptors / Topics Weightage

Confidentiality, privacy, integrity, authentication, non-repudiation, availability, access control, defence in depth,
Security and
least privilege, importance of security in the cloud, Importance in PaaS, IaaS and SaaS, Symmetric cryptography,
1 Cryptographic 20.00
stream ciphers, block ciphers, modes of operation, publickey cryptography, hashing, digital signatures, public-key
Systems
infrastructures, key management, X.509 certificates, OpenSSL.
Isolation of users/VMs from each other. Virtualization System Security Issues: e.g. ESX and ESXi Security, ESX
file system security, storage considerations, backup and recovery; Virtualization System Vulnerabilities:
Multi-tenancy
2 Management console vulnerabilities, management server vulnerabilities, administrative VM vulnerabilities, guest 25.00
Issues
VM vulnerabilities, hypervisor vulnerabilities, hypervisor escape vulnerabilities, configuration issues, malware
(botnets etc).
Virtualization Guest hopping, attacks on the VM (delete the VM, attack on the control of the VM, code or file injection into the
System-Specific virtualized file structure), VM migration attack, hyperjacking. Technologies for Virtualization-Based Security
3 25.00
Attacks and Enhancement: IBM security virtual server protection, virtualization-based sandboxing; Storage Security: HIDPS,
Support log management, Data Loss Prevention. Location of the Perimeter
Responsibility, ownership of data, right to penetration test. Local laws, examination of modern Security Standards
Legal and
(eg PCIDSS), Standards to deal with cloud services and virtualization, compliance for the cloud provider vs.
4 Compliance 20.00
compliance for the customer. AWS Organizations-Identify different support plan levels and their associated
Issues
service levels, Support Services-prices associated with each of the support plans
Benefits of AWS Security, AWS Security Platform , Expert Guidance (Security Support, professional Services),
AWS Global Infrastructure, AWS Compliance, Vulnerability Reporting, AWS Partner Network, Software-defined
Cloud Security Cloud Manufacturing for Industry 4.0, AWS Manufacturing, Explore manufacturing processes in the cloud, AWS
5 10.00
for Industry for manufacturing benefits, Industry Oriented Case Studies in Manufacturing( Xilinx case study, The Kellogg
Company case study, SKF case study, Kemppi case study, iRobot case study, National Instruments case study
etc)

Course Learning Outcomes :

SN. Course Learning Outcomes

1 Able to understand the importance of cloud computing security
2 Design and development of cryptographic systems
3 Able to understand the multi-tenancy issues and its consequences
4 Understanding the basics of system-specific attacks in virtualization
5 Able to understand the legal and compliances issues

Pedagogy for Course Delivery :

SN. Pedagogy Methods

The course pedagogy will include lectures, case studies, seminars, videos and presentations through Remote Learning using Four Quadrant
1 Approach. The class will be taught using audio-visual aids and problem based method. In addition to assigning the problems, the course instructor
will spend considerable time in understanding the concept of innovation in alignment with the industry.

Theory /VAC / Architecture Assessment (L,T & Self Work): 100.00 Max : 100

Attendance+CE+EE : 5+35+60

SN. Type Component Name Marks

1 Attendance 5.00
2 End Term Examination (OMR) 60.00
3 Internal CLASS TEST 15.00
4 Internal HOME ASSIGNMENT 4.00
5 Internal CLASS QUIZ 10.00
6 Internal VIVA VOCE 3.00
7 Internal GROUP PRESENTATION 3.00

Lab/ Practical/ Studio/Arch. Studio/ Field Work Assessment : 0.00 Max : 100

N/A

List of Professional skill development activities :

No.of PSDA : 3
SN. PSDA Point
1 CLASS QUIZ
2 VIVA VOCE
3 GROUP PRESENTATION

Text & References :

SN. Type Title/Name Description ISBN/ URL

• Tim Mather, SubraKumaraswamy,
1 Book ShahedLatif, Cloud Security and Privacy:
An Enterprise Perspective o

2 Book • John Rittinghouse, James Ransome,

 Cloud Computing,2009.
• J.R. ("Vic") Winkler, Securing the
3 Book
Cloud,2011.
• Ronald L. Krutz, Russell Dean Vines,
4 Book
Cloud Security,2010
5 Url https://aws.amazon.com/security/
Mastering AWS Security Paperback – by
6 Book
Albert Anthony