Cloud Security

Objectives and outcomes
The aim of the course is to familiarise students with the new challenges in the field of information security of systems that have been fully or partially migrated to the cloud. The overview of problems in the field of data security and cloud computing services. Students familiarise with legal frameworks and relevant standards. They are introduced to the security differences between traditional and cloud computing systems. They have the necessary knowledge to develop the cloud security architecture. They can choose and apply appropriate measures to protect data and services in the cloud. They know the relevant cloud security specifications and standards.

Lectures
Basic concepts and the development of cloud system security architecture. Threat and anomaly detection in the cloud. Possible types of attacks: information gathering and mapping, physical attacks on devices, protocol attacks, application attacks. Building security into design, threat modeling, standards compliance, system monitoring, penetration testing, security training and education. Data center security. Defence against DDoS attacks. Service security and data protection by labeling. Secure cloud operations management. Security as a service. Identity and access management. Security assessment of authentication and authorization systems, databases and infrastructure. Cloud encryption. The international legal framework for the regulation of privacy and security in the cloud.

Practical classes
Exercises on AWS, Microsoft Azure and Google Cloud instances and containers. Container and orchestration security. Docker Swarm and Kubernetes. Container scanning for CVE (Common Vulnerability and Exploit). Using open-source scanning tools: Trivy, Anchore and Clair. Gauntlt attack testing tool and its adapters for curl, nmap, sslyze, sqlmap and Garmr. Git repository security testing (Gitleaks, GitRob). Web server scanning. Using the open-source tool Nikto. Monitoring of dynamic services and operations in the cloud (Netdata and Commissioner). Secure infrastructure management (Cloud Custodian tool).