Hasso-Plattner-Institut25 Jahre HPI
Hasso-Plattner-Institut25 Jahre HPI
 

Privacy in Public Clouds (Sommersemester 2018)

Dozent: Prof. Dr. Christoph Meinel (Internet-Technologien und -Systeme) , Hendrik Graupner (Internet-Technologien und -Systeme) , Kennedy Torkura (Internet-Technologien und -Systeme) , Muhamad Sukmana (Internet-Technologien und -Systeme)

Allgemeine Information

  • Semesterwochenstunden: 4
  • ECTS: 6
  • Benotet: Ja
  • Einschreibefrist: 20.04.2018
  • Lehrform: Seminar / Projekt
  • Belegungsart: Wahlpflichtmodul

Studiengänge, Modulgruppen & Module

IT-Systems Engineering BA

Beschreibung

Multi-cloud storage overcomes several challenges faced by public cloud storage systems such as security, vendor lock-in and availability. However, innovative techniques are imperative to fully explore the merits of this model majorly due to lack of standards for cloud architectures, interfaces and APIs. In this seminar, we aim at tackling security-related challenges in multi-cloud storage, more specifically we focus on approaches for unified monitoring, auditing, anomaly detection and scalable access control.

Voraussetzungen

  • Programming skills in Java are desirable, also students may benefit from previous experience of the lecture "Internet Security".
  • Practical software development skills.
  • Basic knowledge or interest in cloud technologies.

Literatur

  • Recommended book- Rittinghouse, J.W. and Ransome, J.F., 2016.  Cloud Computing : Implementation, Management, and Security  CRC press (check the Uni-Potsdam library)
  • Cloud Logs Analytics - Ficco, M., 2013. Security Event Correlation Approach for Cloud Computing . International Journal of High Performance Computing and Networking 
  • General Cloud Security Issues and Solutions-  Subashini, Subashini, and Veeraruna Kavitha. "A survey on security issues in service delivery models of cloud computing." Journal of network and computer applications. (online
  • Novel attacks against cloud storage -
    • Mulazzani, Martin, Sebastian Schrittwieser, Manuel Leithner, Markus Huber, and Edgar R. Weippl. "Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space." In USENIX security symposium 2011. (online)
    • A blog on Cumulus Toolkit - overview, uses and demo (online)
  • Multi-cloud storage with CloudRAID -
    • CloudRAID Project webpage 
    • BDrive - Commercialized version of CloudRAID for enterprises
    • Schnjakin, Maxim, and Christoph Meinel. "Implementation of cloud-raid: A secure and reliable storage above the clouds." International Conference on Grid and Pervasive Computing. Springer, Berlin, Heidelberg, 2013. (online)
    • Schnjakin, Maxim, and Christoph Meinel. "Evaluation of cloud-RAID: A secure and reliable storage above the clouds." Computer Communications and Networks (ICCCN), 2013 22nd International Conference on. IEEE, 2013. (online)
    • Graupner Hendrik, Kennedy Torkura, Philipp Berger, Christoph Meinel, and Maxim Schnjakin. "Secure access control for multi-cloud resources." In Local Computer Networks Conference Workshops (LCN Workshops) IEEE 2015.(online)
  • Attribute Based Encryption
    • Bethencourt, John, Amit Sahai, and Brent Waters. "Ciphertext-policy attribute-based encryption." Security and Privacy, 2007. SP'07. IEEE Symposium on. IEEE, 2007 (online)
    • Goyal, Vipul, et al. "Attribute-based encryption for fine-grained access control of encrypted data." Proceedings of the 13th ACM conference on Computer and communications security. Acm, 2006. (online)

Lern- und Lehrformen

This seminar is focused on practical work. Students will familiarize themselves with the topic "Privacy in Public Clouds" and develop ideas to solve specific given challenges. The main part of the seminar will be design and implementation of a suitable solution. Finally, students will be expected to present their results and submit a technical report. The bulk of seminar sessions will be dedicated for group work with provision for physical meetings with the tutors

Leistungserfassung

The final evaluation will be based on:

  • Concept development & presentation: 10%
  • Implementation: 50%
  • Result presentation: 20%
  • Report/Documentation: 20%

Zurück