Cloud computing essentials: – Characteristics, cloud computing models, service models, deployment models, NIST reference architecture, virtualization, containers, popular cloud platforms, open source architectures. Attacks in various layers of cloud computing. Threats classification and counter measures: – Infrastructure and host threats, service provider threats, generic threats, threats assessment, CSA Top threats. Risk in cloud computing: assessment, risk and trust models, security SLA. Protecting Data in the Cloud:- Tokenization, Cryptographic key management for data protection, homomorphic encryption. Vulnerability management: – Differences from traditional IT, vulnerable areas, finding and fixing vulnerabilities. Cloud computing security architecture: – general issues, trusted cloud computing platform, identity management and access control. Cloud-centric regulatory compliance issues and mechanisms.
Lab: Familiarization of popular cloud platforms, VM creation, Container management, Storage management, Network management, Access control mechanism in computing environment,Virtual private cloud, Design and deployment of secure microservice applications, TPM, Homomorphic encryption.