Skip to main content

Syllabus — Security and Privacy in Cloud Computing

Year I, Part II — MSNCS, IOE Pulchowk, Tribhuvan University. 4 credits.

Chapter 1 — Introduction to Cloud Computing (8 marks)

  • 1.1 History of Cloud Computing
  • 1.2 Features of Cloud Computing
  • 1.3 Cloud Services Requirements
  • 1.4 Cloud and Dynamic Infrastructure
  • 1.5 Challenges of Cloud Computing

Chapter 2 — Cloud Computing Architecture (12 marks)

  • 2.1 Cloud Reference Model — Platform as a Service
  • 2.2 Software as a Service, Infrastructure as a Service
  • 2.3 Cloud Deployment Models (Public, Private, Community, Hybrid)
  • 2.4 Cloud Design and Implementation using SOA
  • 2.5 Security, Trust and Privacy

Chapter 3 — Security Management in the Cloud (10 marks)

  • 3.1 Security Management Standards
  • 3.2 Security Management in the Cloud — Availability Management
  • 3.3 SaaS Availability Management
  • 3.4 PaaS Availability Management
  • 3.5 IaaS Availability Management
  • 3.6 Access Control
  • 3.7 Security Vulnerability
  • 3.8 Patch and Configuration Management

Chapter 4 — Data Privacy for Cloud Infrastructure and Services (12 marks)

  • 4.1 Cloud-based Information Life Cycle
  • 4.2 Data Protection for Confidentiality and Integrity
  • 4.3 Common Attack Vectors and Threats
  • 4.4 Encryption, Data Redaction, Tokenization, Obfuscation, PKI and Key Management
  • 4.5 Assuring Data Deletion
  • 4.6 Data Retention, Deletion and Archiving Procedures for Tenant Data
  • 4.7 Data Protection Plan and Strategies

Chapter 5 — Monitoring, Auditing and Management (12 marks)

  • 5.1 Proactive Activity Monitoring
  • 5.2 Incident Response
  • 5.3 Monitoring for Unauthorized Access, Malicious Traffic, Abuse of System Privileges, Intrusion
  • 5.4 Detection, Events and Alerts Auditing
  • 5.5 Tamper-proofing Audit Logs
  • 5.6 Quality of Services
  • 5.7 Secure Management
  • 5.8 User Management
  • 5.9 Identity Management
  • 5.10 Security Information and Event Management

Chapter 6 — Cloud Security (6 marks)

  • 6.1 Software-as-a-Service Security
  • 6.2 Security Monitoring
  • 6.3 Security Architecture Design
  • 6.4 Data Security
  • 6.5 Application Security
  • 6.6 Virtual Machine Security
  • 6.7 Identity Management and Access Control
· min read