1 / 25

Secure Web Services and Cloud Computing

Secure Web Services and Cloud Computing. Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course and Overview of Material covered in class January 20, 2012 – May 4, 2012. Objective of the Unit.

steve
Download Presentation

Secure Web Services and Cloud Computing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Web Services and Cloud Computing Dr. Bhavani Thuraisingham The University of Texas at Dallas Introduction to the Course and Overview of Material covered in class January 20, 2012 – May 4, 2012

  2. Objective of the Unit • This unit provides an overview of the course. The course describes concepts, developments, challenges, and directions in • Secure Web Services • Secure Semantic Web • Assured Cloud Computing

  3. Outline of the Unit • Outline of Course • Course Work • Course Rules • Contact • Index to lectures and preparation for exam #1 • Papers to read for lectures March 23, 30, April 6, 13, 20 • Index to lectures and preparation for exam #2 • Conclusion (what we have learned in class) • Acknowledgement: • AFOSR for funding our research in assured cloud computing • NSF for funding our capacity building effort in cloud computing

  4. Outline of the Course January 20, 2012: Introduction, Background on Data Security, Introduction to Cyber Security January 27 and February 3: Secure Web Services February 10 and February 17: Secure Semantic Web February 24 and March 2: Assured Cloud Computing March 9: Exam #1 After the Spring Break additional lectures on assured cloud computing and several papers for the students to read and present in class

  5. Course Work • Two exams each worth 20 points • March 9, May 4 (second class period) • Programming project worth 14 points • April 27 • Two homework assignments prior to the mid-term: 8 points each • February 17, March 2 • Two term papers after the mid-term: 10 points each • March 30, April 20 • Two Surprise Quizzes: 5 points each

  6. Course Rules • Course attendance is mandatory; unless permission is obtained from instructor for missing a class with a valid reason (documentation needed for medical emergency for student or a close family member – e.g., spouse, parent, child). Attendance will be collected every lecture. 5 points will be deducted out of 100 for each lecture missed without approval. • Each student will work individually • Late assignments will not be accepted. All assignments have to be turned in just after the lecture on the due date • No make up exams unless student can produce a medical certificate or give evidence of close family emergency • Copying material from other sources will not be permitted unless the source is properly referenced • Any student who plagiarizes from other sources will be reported to the appropriate UTD authroities

  7. Contact • For more information please contact • Dr. Bhavani Thuraisingham • Professor of Computer Science and • Director of Cyber Security Research Center Erik Jonsson School of Engineering and Computer Science EC31, The University of Texas at Dallas Richardson, TX 75080 • Phone: 972-883-4738 • Fax: 972-883-2399 • Email: bhavani.thuraisingham@utdallas.edu • URL:http://www.utdallas.edu/~bxt043000/

  8. Papers to Read for Exam 1 • Elisa Bertino, Barbara Carminati, Elena Ferrari, Bhavani M. Thuraisingham, Amar Gupta: Selective and Authentic Third-Party Distribution of XML Documents. IEEE Trans. Knowl. Data Eng. 16(10): 1263-1278 (2004)

  9. Index to Lectures for Exam #1 • Lecture 1: Introduction (this unit) • Lecture 2: Security Modules • Lecture 3: Data, Info and Knowledge Management • Lecture 4: Access Control • Lecture 5: Policies • Lecture 6: Web Services and Security, Overview • Lecture 7: Web Services and Security, Details • Lecture 8: Assignment #1 • Lecture 9: Secure sharing of digital evidence (XML Security) • Lecture 10: Introduction to Semantic Web • Lecture 11: Trustworthy Semantic Web • Lecture 12: Inference Problem • Lecture 13: Scalable access control (Dr. Tyrone) not included

  10. Index to Lectures for Exam #1 • Lecture 14: Assignment #2 • Lecture 15: Introduction to cloud and secure cloud • Lecture 16: Assured Cloud Computing • Lecture 17: Tools for cloud computing • Lecture 18: Jena and Hbase • Lecture 19: Twitter Storm • Lecture 20: NIST NVD (Jyothsna lecture)

  11. Papers to Read for March 23, 2012 Wei She, I-Ling Yen, Bhavani M. Thuraisingham: Enhancing Security Modeling for Web Services Using Delegation and Pass-On. ICWS 2008: 545-552 Wei She, I-Ling Yen, Bhavani M. Thuraisingham, Elisa Bertino: The SCIFC Model for Information Flow Control in Web Service Composition. ICWS 2009: 1-8 Cloud Identity Management http://cis.cau.edu/cms/files/CIS509-OAUTH/cloud-computing-identity-management.pdf Eric Olden IEEE Computer March 2011 http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5719572

  12. Papers to Read for March 30, 2012 • 1. KAoS Policy and Domain Services: Toward a Description-Logic Approach to Policy Representation, Deconfliction, and Enforcementhttp://www4.wiwiss.fu-berlin.de/bizer/SWTSGuide/KAoS/KAoS_Policy_03.pdf2. http://groups.csail.mit.edu/dig/Rein/rein-paper.pdfRein Policy Framework for the Semantic Web. Decentralized framework for representing and reasoning over distributed policies in the Semantic Web using Rei and CWM. Lalana Kagal and Tim Berners-Lee.3. Barbara Carminati, Elena Ferrari, Raymond Heatherly, Murat Kantarcioglu, Bhavani M. Thuraisingham: A semantic web based framework for social network access control. SACMAT 2009: 177-1864. Timothy W. Finin, Anupam Joshi, Lalana Kagal, Jianwei Niu, Ravi S. Sandhu, William H. Winsborough, Bhavani M. Thuraisingham: ROWLBAC: representing role based access control in OWL. SACMAT 2008: 73-82

  13. Papers to Read for April 6, 2012 • http://www.cl.cam.ac.uk/research/srg/netos/papers/2003-xensosp.pdf • http://www.cl.cam.ac.uk/research/srg/netos/papers/2004-oasis-ngio.pdf • http://www.fujitsu.com/downloads/MAG/vol46-4/paper09.pdf • http://www.eecs.berkeley.edu/~elaines/docs/ccsw.pdf • http://delivery.acm.org/10.1145/2050000/2046665/p15-brown.pdf?ip=129.110.241.91&acc=ACTIVE%20SERVICE&CFID=75242210&CFTOKEN=69399126&__acm__=1333321759_25edce9244a170683f6ea888814e192e (paper discussed on April 13)

  14. Papers to Read for April 13 (in addition to the last paper for April 6) • http://www.sec.in.tum.de/assets/lehre/ss09/seminar_virtualisierung/Secure_Hypervisors_S-Vogl.pdf (Secure Hypervisors) • Reiner Sailer, Trent Jaeger, Enriquillo Valdez, Ramón Cáceres, Ronald Perez, Stefan Berger, John Griffin, Leendert van Doorn: Building a MAC-based Security Architecture for the Xen Opensource Hypervisor. 21st Annual Computer Security Applications Conference (ACSAC), December 5-9, Tucson, Arizona, 2005. (IEEE web site) • http://delivery.acm.org/10.1145/2050000/2046665/p15-brown.pdf?ip=129.110.241.91&acc=ACTIVE%20SERVICE&CFID=75242210&CFTOKEN=69399126&__acm__=1333321759_25edce9244a170683f6ea888814e192e (this was assigned for April 6 but we did not discuss in class)

  15. Papers to Read for April 20 1. Dawn Song, Elaine Shi, Ian Fischer, Umesh Shankar: Cloud Data Protection for the Masses. IEEE Computer 45(1): 39-45 (2012) 2. Privacy and Security in Cloud Computing (High level paper) • http://www.brookings.edu/~/media/Files/rc/papers/2010/1026_cloud_computing_friedman_west/1026_cloud_computing_friedman_west.pdf 3. Addressing Cloud Computing Security Issues • http://www.sciencedirect.com/science/article/pii/S0167739X10002554 4. Joseph Idziorek, Mark Tannian, Doug Jacobson: Detecting fraudulent use of cloud resources. CCSW 2011: 61-72 5. Vyas Sekar, Petros Maniatis: Verifiable resource accounting for cloud computing services. CCSW 2011: 21-26

  16. Papers to Read for Exam #2

  17. Papers to Read for Exam #2 • Mohammad Farhan Husain, James P. McGlothlin, Mohammad M. Masud, Latifur R. Khan, Bhavani M. Thuraisingham: Heuristics-Based Query Processing for Large RDF Graphs Using Cloud Computing. IEEE Trans. Knowl. Data Eng. 23(9): 1312-1327 (2011) – Section 1, 2, 3, • Arindam Khaled, Mohammad Farhan Husain, Latifur Khan, Kevin W. Hamlen, Bhavani M. Thuraisingham: A Token-Based Access Control System for RDF Data in the Clouds. CloudCom 2010: 104-111 – Section 1, 2, 3 • http://groups.csail.mit.edu/dig/Rein/rein-paper.pdfRein Policy Framework for the Semantic Web. Decentralized framework for representing and reasoning over distributed policies in the Semantic Web using Rei and CWM. Lalana Kagal and Tim Berners-Lee. • Timothy W. Finin, Anupam Joshi, Lalana Kagal, Jianwei Niu, Ravi S. Sandhu, William H. Winsborough, Bhavani M. Thuraisingham: ROWLBAC: representing role based access control in OWL. SACMAT 2008: 73-82

  18. Papers to Read for Exam #2 * Cloud Identity Management http://cis.cau.edu/cms/files/CIS509-OAUTH/cloud-computing-identity-management.pdf * Eric Olden IEEE Computer March 2011 http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5719572 * Reiner Sailer, Trent Jaeger, Enriquillo Valdez, Ramón Cáceres, Ronald Perez, Stefan Berger, John Griffin, Leendert van Doorn: Building a MAC-based Security Architecture for the Xen Opensource Hypervisor. 21st Annual Computer Security Applications Conference (ACSAC), December 5-9, Tucson, Arizona, 2005. (IEEE web site) * Dawn Song, Elaine Shi, Ian Fischer, Umesh Shankar: Cloud Data Protection for the Masses. IEEE Computer 45(1): 39-45 (2012) * Vyas Sekar, Petros Maniatis: Verifiable resource accounting for cloud computing services. CCSW 2011: 21-26

  19. Papers to Read for Exam #2 • http://www.cl.cam.ac.uk/research/srg/netos/papers/2003-xensosp.pdf • http://www.cl.cam.ac.uk/research/srg/netos/papers/2004-oasis-ngio.pdf • http://www.fujitsu.com/downloads/MAG/vol46-4/paper09.pdf • http://www.eecs.berkeley.edu/~elaines/docs/ccsw.pdf

  20. Index to Lectures for Exam #2 • Lecture 21: Secure Social networks • Lecture 22: Exam #1 • Lecture 23: Ontology Alignment • Lecture 24: Cloud Query Processing • Lecture 25: Token based access control • Lecture 26: Cloud data storage (Dr. Murat) • Lecture 27: NIST Guidelines • Lecture 28: Comprehensive overview of cloud computing • Lecture 29: Cloud Security Alliance papers

  21. Conclusion

  22. What have we learned? • Background on Cyber Security and Data Security • CISSP Modules (emphasis on Governance and Risk management, Access Control, Security Architectures as well as some cryptography basics) • Data and Applications Security including Query Modification, Access Control, Policies and Trust Management, Inference Control • Secure Web Services • Overview of Secure Web Services • SOA, XACML, SAML • Details of Secure Web Services • WS* Security, Identity Management, Secure Service Oriented Analysis and Design • Papers on Secure web services (UTD Research)

  23. What have we learned? • Secure Semantic Web • Overview of Semantic Web • Trustworthy Semantic Web • Secure Publication of XML Data • NIST NVD Project • Security and Privacy of Social Networks (with semantic web; UTD Research) • Ontology Alignment (Guest Lecture) • Semantic Web Tools: Jena • Papers on Secure semantic web (including papers on REIN, ROWLBAC, KAOS)

  24. What have we learned? • Secure Cloud Computing • Introduction to Cloud Computing and Secure Cloud Computing • Comprehensive Overview of Secure Cloud Computing • Selected topics in Cloud Security (e.g, Amazon Cloud, Azure) • NIST Security and Privacy Guidelines for the Cloud • Cloud Security Alliance • Secure Hypervisors • Secure Cloud Query Processing (UTD Research) • Assured Information Sharing via Cloud (UTD Research) • Cloud Computing Tools (Hadoop. MapReduce, TwitterStorm) • Papers on Secure Cloud (including on identity management, secure XEN and hypervisors, Fujitsu work on secure cloud)

  25. Acknowledgement • Mr. Iftehkar (TA for the Class) • Mr. Vaibhav Khadilkar – for his extensive help in explaining cloud computing tools and the assistance in cloud computing project • Ms. Jyothsna Rachapalli for guest lecture on the NIST/NVD project • Dr. Neda Alipanah – for guest lecture on secure ontology alignment • AFOSR for funding our research in assured cloud computing; the research material was used for several of the lectures • NSF for funding the assured cloud computing education grant. • Students for giving feedback on the course (in addition to the standard evaluation) that will be used for future classes. In assured cloud computing. • Book on Building and Securing the Cloud will be published in late 2012 by Taylor and Francis to be used for the Spring 2013 Class

More Related