Part of the
4TU.
Cyber Security
TU DelftTU EindhovenUniversity of TwenteWageningen University
4TU.
Cyber Security
Close

4TU.Federation

+31(0)6 48 27 55 61

projectleider@4tu.nl

Website: 4TU.nl

SCC

4TU.CybSec Syllabus Secure Cloud Computing (SCC)

Credits: 5 EC

Prerequisites: Security and Cryptography (Crp).

Motivation: Cloud computing allows clients to rent major parts of their computing infrastructure instead of owning and maintaining large data centers. Due to virtualization techniques, this approach is scalable and gives flexibility in the used computational resources. Resources can be adapted as required, while the underlying hardware is provided and maintained by the cloud service provider. However, outsourcing vital business data and delegating business critical tasks requires trust in the cloud service provider. It is not surprising that a lack of such required trust is still one of the main obstacles for the full adoption of cloud computing.

Synopsis: This course covers security mechanisms specifically suitable for cloud computing. After a brief introduction to cloud computing, we discuss security mechanisms currently offered by big players such as Amazon and Microsoft and identify potential shortcomings thereof. The major content of this course presents recent research directions regarding data security in cloud computing scenarios. Among others, we will discuss constructions for outsourced encrypted databases and potential attacks on such systems, verifiable computation, hardware-aided security and privacy issues of outsourced data analytics.

Learning outcomes: The student will obtain:

Lecturers: Dr Florian Hahn (UT)

Examination: (Closed book) written exam (70%); three (practical) assignments (30%)

Contents: Platform-as-a-Service; Virtualization; Sandboxing; Key Management; Database-as-a-Service; Searchable Encryption; Attacks on Searchable Encryption; Oblivious RAM; Private Information Retrieval; Functional Encryption; Secure Multiparty Computation; Homomorphic Encryption; Intel SGX; Verifiable Computation;  Machine-Learning-as-a-Service; Model Inversion Attack

Core text: Various papers from the literature