Cloud computing is a new concept using old technologies. It has quickly become a vital tool in organizations across all industries as an Internet-scale computing infrastructure. Nevertheless, despite Cloud computing’s increasing relevance and popularity, there is a lack of understanding of the security risks associated with Clouds and optimal approaches for migration into Clouds. This course covers these from a practical angle; specifically, it covers Cloud computing architecture, management services, and security challenges. It also discusses Cloud migration planning and the main requirements to move current Cloud untrusted infrastructure to a trustworthy Internet-scale Cloud critical computing infrastructure.
By the end of the course, participants will be able to:
- Understand cloud strengths and misconceptions, and discuss its benefits and weaknesses
- Explain cloud structure, properties and management services
- Set a cloud adoption strategy
- Discuss the main requirements to move current cloud untrusted infrastructure to a trustworthy internet-scale cloud critical computing infrastructure
- Analyze the major risks associated with the different cloud services and deployment models
- Discuss the main principles, mechanisms and best practices for treating cloud risks
- Demonstrate the discussed concepts using practical case studies, business models and industrial tools
IT and infrastructure leaders, decision makers (CxO), risk analysts, strategic planners, architects, administrators, software and business developers, and project managers.
Cloud overview
- Cloud definition, misconceptions and evolution
- Cloud services and deployment types
- Challenges
Cloud management
- Cloud structure and its properties
- Virtual and application layer management services
- Cloud dynamic nature and its challenges
- Application development and integration within clouds
- Security best practices for automating cloud infrastructure management
- Clarifying the concepts using industrial platforms
Establishing trust in clouds
- Defining cloud trustworthiness
- Its properties
- Assessing cloud trustworthiness
- Establishing trust in:
- Private
- Hybrid
- CommunityPublic cloud deployment types
- IaaS (Infrastructure as a Service)
- PaaS (Platform as a Service)
- SaaS (Software as a Service)
- Clarifying the concepts using openstack management platform
Identity and access management
- Authentication
- Authorization
- Access management
- Federated access management
- Insiders vs attackers
- Insiders analysis and management
- Related industrial tools:
- Cloud insider treatments
- Cloud strong authentication
Provenance in clouds
- Definition and attributes
- Challenges faced
- Security risks mitigation using provenance
- Case studies for using provenance:
- Forensic investigation
- Trustworthy operational management
- Proactive and predictive management
- Bill assurance
