CYB 404: Cloud Computing Security



Learning Outcomes
At the end of this course, students should be able to:
1. review the concept of cloud, cloud computing, and benefits of the cloud and knowledge
of cloud-enabling technologies, virtualisation and multi-tenanting;
2. describe cloud services and service-oriented architectures, and examine the cloud
reference model and cloud service models such as IaaS, PaaS and SaaS;
3. state the cloud deployment models of Public, Private, Hybrid and Community clouds and
express how to build a cloud, the open standards and open source cloud management
tools, architectural best practices and how to design for the cloud;
4. discuss the security in the cloud and how to efficiently secure your cloud, security for cloud
5. apply the economics of the cloud, costs and payment models, have knowledge of when to
use the cloud, cloud strategy, standards and the future;
6. analyse data centres, servers, data storage, data centre networking and virtualisation,
cloud cube model, cloud threats, threat mitigation, cloud and security risks, real world
issues with cloud computing, and cloud security alliance; and
7. distinguish the National Institute of Standards and Technology, Information Assurance
Framework, Cloud Audit, Cloud Management Audit/Assurance Programme, Cloud Business
Continuity Planning for secured and effective management of the cloud.

Course Contents
Introduction to cloud computing, cloud computing vendors, cloud computing threats, cloud
reference model. Cloud-enabling technologies. Services, Service-Oriented Architectures. Cloud
service models. Cloud deployment models. Introduction to data centres: servers, data storage,
networking and virtualisation. Data centre networking. Introduction to server virtualisation
software: VMware VSphere. Virtual machine management: configuration, placement and
resource allocation. Power efficiency in virtual data centres. Fault tolerance in virtual data
centres. The cloud cube model and security for cloud computing. Security in the cloud. Cloud
threats, threat mitigation and security risks. Real world issues with cloud computing. Cloud
security alliance. National Institute of Standards and Technology, Information Assurance
Framework. Cloud audit. Cloud management audit/assurance programme, Cloud business
continuity planning. Building a cloud. Architectural best practices: Designing for the cloud.
Economics of the cloud. Cloud strategy. Cloud standards and the future. Security of the cloud.