This document provides an overview and outline for the course INSE 6620 (Cloud Computing Security and Privacy). It discusses prerequisites, course administration details, exam and grading policies, and projected topics. The course will require strong problem solving and research paper comprehension skills. Exams will focus on applying concepts from lectures and readings. The grading will be based on two exams and a project involving a proposal, report, and presentation. Academic integrity is strictly enforced. Late submissions are allowed with penalties.
3. PrerequisitesPrerequisites
Important:
This is a very challenging course. It requires strong
problem solving skills, capabilities of understanding
difficult research papers, and extensive backgrounddifficult research papers, and extensive background
knowledge in computer science and security.
INSE6110 (preferably also 6130 and 6160)
You will have a hard time in the exams and receive
a bad grade if you don’t have such prerequisites.
3
4. Course Web Page and ContactCourse Web Page and Contact
Course URL:
Google “Lingyu Wang” → Teaching
Important to visit the page regularly
Don’t depend on email notificationDon’t depend on email notification
Contact: wang@ciise.concordia.ca
The best way to reach meThe best way to reach me
Include “INSE 6620” in your subject line
Office: EV007.637Office: EV007.637
Office hours: See course web page
4
5. Submission of Proposal and ReportSubmission of Proposal and Report
All through the EAS:
No hard copy or email submission will be accepted
https://eas.encs.concordia.ca/eas/authentication.jsp
5
6. ExamExam
To pass the exams, you need to
Fully understand all lectures
Be able to apply what you have learned
If youIf you
have no background in computer science or security
are scared of solving hard problems,g p ,
hate reading difficult research papers,
expect only ‘known’ problems in exams, or
f ‘ i ti ’ t f tiprefer ‘memorization’ type of exam questions,
then this is not the right course for you. Better
drop it now than regret later
6
drop it now than regret later.
I will never change grades based on ‘needs’
7. ReferenceReference
No textbook (as a good book is unavailable).
Exams only cover lectures. But naturally the
more you read, the more you learn (and a
bette g de i mo e likel )better grade is more likely).
What to read (in addition to given papers):
Cl d ACM SOCC IEEE CLOUD IEEE CLOUDCOMCloud: ACM SOCC, IEEE CLOUD, IEEE CLOUDCOM,
IEEE Trans. cloud computing, etc.
Security: IEEE S&P, ACM CCS, ESORICS, CSFW,Security: IEEE S&P, ACM CCS, ESORICS, CSFW,
ACSAC, USENIX, NDSS, PETS, RAID, ASIACCS, etc.
Index: Google Scholar, DBLP, etc.
7
8. GradingGrading
Academic Integrity
All students must follow the university's policies
regarding academic integrity
I take the Code of Conduct very seriously!I take the Code of Conduct very seriously!
I will do my best to identify any plagiarism in your
report, and will have zero tolerance regarding this
Take pride in your work (and self)
Grading
Two exams (closed-book, 35% and 35%,
respectively)
A project (a proposal a final report 15% and a
8
A project (a proposal, a final report 15%, and a
presentation 15%)
9. ProjectProject
See project description
What’s new/special?
The presentation will count for 15% of overall grade
The presentation will be given in-class
Selected presentations will be covered in the exam
9
10. PoliciesPolicies
Again, be very serious about the code of
d tconduct
Cheating/Plagiarism is the easiest way to get a
really bad gradereally bad grade
Late submission policy
Late project reports will be accepted with 20%Late project reports will be accepted with 20%
penalty for each day past due up to five days
Late submission of proposal or insufficient progress
reported in the progress report will also result in
penalty on the group
10
11. Policies (Cont’d)Policies (Cont d)
Make-up exam
Possible ONLY under a university-approved
condition, such as sickness with the university
doctor's note. Other events such as a businessdoctor s note. Other events such as a business
travel are not excused. No exception
You must write me BEFORE the normal exam date
t kto arrange a make up exam
What I can guarantee is
The make up exam will be completely different from theThe make up exam will be completely different from the
normal exam
What I can’t guarantee is
Th ill b f tl th diffi lt
11
They will be of exactly the same difficulty
12. Course DescriptionCourse Description
From the catalog
Cl d ti t SOA d l d i t li ti d l d l dCloud computing concepts, SOA and cloud, virtualization and cloud, cloud
service delivery models, cloud storage models, cloud deployment scenarios,
public/ private/ hybrid/ community cloud, cloud computing architectures,
SaaS, PaaS, IaaS, agility, scalability and elasticity of cloud, cloud security,
l d i h hi ti hi t d l d d tcloud privacy, homomorphic encryption, searching encrypted cloud data,
secure data outsourcing, secure computation outsourcing, proof of data
possession / retrievability, virtual machine security, trusted computing in
clouds, cloud-centric regulatory compliance, business and security risk models,
l d it id tit t i l d SAML li ti fcloud user security, identity management in cloud, SAML, applications of
secure cloud computing. Project/term paper.
What to expect from this course
State of the art (we’ll read many research papers)
State of the practice (e.g., Google, Amazon, Yahoo,
etc )etc.)
12
13. (Likely) Topics to be Covered(Likely) Topics to be Covered
Cloud computing basics
Cloud-enabling techniques
Mapreduce, Hadoop, GFS, Dynamo, BigTable,
PNUTS etcPNUTS, etc.
Attacks on cloud
Clo d sec it and p i acCloud security and privacy
Data integrity, access control, trust, privacy
Cloud/Web applications securityCloud/Web applications security
Side channel attacks, privacy protection, data leaks
etcetc.
You present what you would like to be covered!
13
14. OutlineOutline
Course administration
Cloud computing basics
Partially based on:
14
Partially based on:
Ragib Hasan, A Walk in the Clouds: Overview of Cloud Computing
Armbrust et al., Above the Clouds: A Berkeley View of Cloud Computing
15. What Is Cloud Computing?What Is Cloud Computing?
The infinite wisdom of the crowds (via Google Suggest)
16. What Is Cloud Computing?What Is Cloud Computing?
Larry Ellison,
f d f O l
We’ve redefined Cloud Computing to
include everything that we already do.
founder of Oracle
include everything that we already do.
. . . I don’t understand what we would
do differently in the light of Cloud
Computing other than change thep g g
wording of some of our ads.
’ idi ’ hIt’s stupidity. It’s worse than
stupidity: it’s a marketing hype
campaign
Richard Stallman
GNU
17. The NIST DefinitionThe NIST Definition
“Cloud computing is a model
for enabling ubiquitous, convenient, on-
demand network access
to a shared pool of configurable computing
resources (e.g., networks, servers, storage,
applications and services) thatapplications, and services) that
can be rapidly provisioned and released with
minimal management effort or service providerminimal management effort or service provider
interaction.”
17
18. The NIST Definition Cont’dThe NIST Definition Cont d
Essential Characteristics:
On-demand self-service.On demand self service.
Broad network access.
Resource pooling.
Rapid elasticity.
Measured service.
Service Models:
Software as a Service (SaaS)
Platform as a Service (PaaS).
Infrastructure as a Service (IaaS).
Deployment Models:
l dPrivate cloud.
Community cloud.
Public cloud.
Hybrid cloudHybrid cloud.
18
19. 3-Tier View3 Tier View
“X=[Hardware, Infrastrucuture, Platform] as a service”
Conf singConfusing
Better: 3-layer view
Cloud provider providing Utility computingp p g y p g
Cloud user/service providers providing web applications
SaaS users
What’s new/good in cloud computingWhat s new/good in cloud computing
Illusion of infinite computing resources (no planning)
No up-front cost (start small and grow up)
Fine-grained billing (maximizing utility/conservation)
19
20. Why Now?Why Now?
“Computing Utility” – holy grail of computer
i i th 1960 C d MULTICSscience in the 1960s. Code name: MULTICS
Mid to late ’90s, Grid computing
was proposed to link and sharep p
computing resources
20
21. Why Now? Cont’dWhy Now? Cont d
Post-dot-com bust, big
companies ended up with largecompanies ended up with large
data centers, with low utilization
Solution: Let’s throw inSolution: Let s throw in
virtualization, and sell the
excess computing power to
make some good money!make some good money!
And thus, Cloud Computing was born …
Other factors
Pervasive broadband Internet
Fast x86 virtualization
Pay-as-you-go billing model
Standard software stack
21
22. Cloud Computing Is Growing RapidlyCloud Computing Is Growing Rapidly
IDC: public IT cloud market will grow
from $16B to $55.5B in five years
What technologies are behind a cloud?
IMC 2010, Melbourne
22
Li et al., CloudCmp: Comparing Public Cloud Providers, IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet
measurement, Pages 1-14
23. Cloud Computing ArchitectureCloud Computing Architecture
e.g., Web browser
SaaS , e.g., Google
Docs
PaaS
Google AppEngine
Provides a
programmable
Microsoft Azure
Clients can choose
languages, but can’t
change the operating
platform that can
scale easily
IaaS
change the operating
system or runtime
Amazon EC2
Clients can rent
virtualized hardwarevirtualized hardware,
can control the
software stack on the
rented machines 23
24. Cloud Killer AppsCloud Killer Apps
Mobile and web applications
Highly available and large data set (mashups)
Extensions of desktop software
Matlab, image rendering, calendar
Batch processing
“C t i ti it ” 1k 1h 1 1k h“Cost associativity”: 1k servers 1hr=1server 1k hrs
Bigdata analytics
G l “W ld d bi d t ”Google: “Worldcup and bigdata”
Wh t d t k i l d t k t diWhat do not work in cloud: stock trading
24
25. Economics of Cloud UsersEconomics of Cloud Users
• Pay by use instead of provisioning for peak
Capacity
s
s
Demand
Resources
Capacity
Resources
Time
Demand
Time
Unused resources
Static data center Data center in the cloud
25
26. Economics of Cloud UsersEconomics of Cloud Users
• Risk of over-
Capacity
provisioning:
underutilization
Demand
Resources
Time
• Risk of under-
ces
ces
provisioning:
underutilization
Resourc
Demand
Capacity
Resourc
Demand
Capacity
26
Lost revenue Lost users
Time (days)
1 2 3
Time (days)
1 2 3
27. Economics of Cloud ProvidersEconomics of Cloud Providers
5-7x economies of scale [Hamilton 2008]
Resource
Cost in
Medium DC (1k)
Cost in
Very Large DC (50k)
Ratio
$ $Network $95 / Mbps / month $13 / Mbps / month 7.1x
Storage $2.20 / GB / month $0.40 / GB / month 5.7x
Administration ≈140 servers/admin >1000 servers/admin 7.1x
Extra benefits
Administration 140 servers/admin 1000 servers/admin 7.1x
Amazon: utilize off-peak capacity
Microsoft: sell .NET tools
Google: reuse existing infrastructure
27
28. Adoption ChallengesAdoption Challenges
Challenge Opportunity
Availability Multiple providers & DCsAvailability Multiple providers & DCs
Data lock-in Standardization
Data Confidentiality and Auditability Encryption, VLANs, Firewalls
Data transfer bottlenecks FedEx-ing disks, Data Backup/Archival
Performance unpredictability Improved VM support, flash memory,
scheduling VMs
Scalable storage Invent scalable store
Bugs in large distributed systems Invent Debugger for Distributed VMs
Scaling quickly Invent Auto Scaler that employs machineScaling quickly Invent Auto-Scaler that employs machine
learning and statistics
Reputation Fate Sharing Offer reputation-guarding services like
those for email
28
those for email
Software Licensing Pay-for-use licenses; Bulk use sales
30. The Fear Factor Cont’dThe Fear Factor Cont d
Confidentiality
Will the sensitive data stored on a cloud outside the
organization remain confidential?
Will cloud compromises leak confidential client dataWill cloud compromises leak confidential client data
(i.e., fear of loss of control over data)?
Will other tenants sharing the same physical
machine be able to learn about my applications?
e.g., vulnerabilities have appeared in VMWare, Xen, and
Microsoft’s Virtual PC and Virtual Server.
Will the cloud provider itself be honest and won’t
peek into the data?
31. The Fear Factor Cont’dThe Fear Factor Cont d
Integrity
How do I know that the cloud provider is doing the
computations correctly?
How do I ensure that the cloud provider reallyHow do I ensure that the cloud provider really
stored my data without tampering with it?
How do I know if my data is encrypted as
promised?
How do I know if my data is stored inside Canada?
H t t d l l th ti ti / t l tHow to extend local authentication/access control to
cloud?
32. The Fear Factor Cont’dThe Fear Factor Cont d
Availability
Now that all my data and applications are in cloud
What if critical services become unavailable to
customers because the cloud or network is down?customers because the cloud or network is down?
Single-point-of-failure
“Criminals threaten to cut off the incomes of SaaS
providers by making their service unavailable,
extorting $10,000 to $50,000 payments to prevent
the launch of a DDoS attack.”the launch of a DDoS attack.
What happens if cloud provider goes out of
business? (and I didn’t have time to backup my
d ?)data?)
33. The Fear Factor Cont’dThe Fear Factor Cont d
Privacy issues raised via massive data mining
Cloud now stores data from a lot of clients, and can
run data mining algorithms to get large amounts of
information on clientsinformation on clients
“Facebook's participation in a mass experiment
whereby it manipulated the news feeds of 700,000
t k th iti ti iusers to make them more positive or negative, in an
attempt to alter their mood one way or the other”
34. The Fear Factor Cont’dThe Fear Factor Cont d
Increased attack surface
Entity outside the organization now stores and
computes data, and so
Attackers can now target the communication linkAttackers can now target the communication link
between cloud provider and client
Cloud provider employees can be phished
35. The Fear Factor Cont’dThe Fear Factor Cont d
Auditability and forensics
Difficult to audit data held outside organization in a
cloud
Requires transparency of cloud’s operationRequires transparency of cloud s operation
Forensics also made difficult since now clients don’t
maintain data locally
36. The Fear Factor Cont’dThe Fear Factor Cont d
Legal quagmire and transitive trust issues
Who is responsible for complying with regulations
(e.g., SOX, HIPAA, GLBA)?
If cloud provider subcontracts to third party cloudsIf cloud provider subcontracts to third party clouds,
will the data still be secure?
37. The Fear Factor Cont’dThe Fear Factor Cont d
Cloud Computing is aCloud Computing is a
security nightmare
and it can't be handled inand it can t be handled in
traditional ways.
John Chambers
CISCO CEO
38. The Fear Factor Cont’dThe Fear Factor Cont d
Cloud Computing will
become a focal point of
our work in security. I’m
optimistic …
Ron Rivest
The R of RSA