Security in Mobile Cloud
From CIS Lab, SJTU, China
|Name:||Chen, Kefei||Huang, Zheng|
|Office:||Electr-Building 3#429||Electr-Building 3#331|
|Tel:||3420 4221||3420 5716|
Goal of this course
The goal of this course is to foster security mindset in mobile cloud computing environment, including identifying the threats in mobile cloud, understanding how Security protocols work, applying cryptography, trusted computing and virtualization technologies to mitigate threats.
Students will be able to build secure applications in mobile cloud after this course.
preliminary: students in this course should have attended Computer Networks, Operation System, Information Security and Cryptography Algorithms related courses.
This course concerns mobile cloud security issues by looking at the current state of mobile cloud security, vulnerabilities in mobile cloud computation, and how to use cryptography technical to address those vulnerabilities.
2 Network Security
3 Security in commercial Cloud
4 Security in Mobile Device
5 Security Standards in Mobile Cloud
6 Wrap up and Conclusion
1 Galois Field and AES analysis in Mobile Cloud
The Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST). AES is the most used algorithm both in mobile and cloud server side. It is the key algorithm to protect mobile cloud security.
The calculation of AES is based on Galois Field (GF). GCM (Galois Counter Mode) which is one of AES's widely used working mode is also related with Galois Field. In this case study, we are going to explore the implementation of Galois Field calculation both on mobile device and the cloud server machine, we will also use our implementation to do linear analysis attack for AES.
2 Build secure mobile application using cloud service
Currently, there are many cloud computing service, e.g. openstack, Amazon EC2, at your hand. A lot of internet applications choose cloud service to be their backend. This has the advantage of easy to startup and easy to maintenance. The client of the applications are more likely to be the hand held devices, such as mobile phones and pads. It is becomes more tricky to build secure applications in such environment, since the developers have to follow both the security guidelines on mobile phone and cloud service platform.
3 What security mechanism can Processors offer in mobile device and cloud server
- Intel AES-NI
- Speeding Up Galois Field Arithmetic
- Security in Intel Atom Processor
and more ...
- Mobile Device Data Backup System?
Textbook and Reading List
There is no mandatory text book for this course. Instead, the instructors will give a reading list:
- Amazon Web Services–Overview of Security Processes: http://d36cz9buwru1tt.cloudfront.net/pdf/AWS_Security_Whitepaper.pdf
- Google’s security philosophy:http://www.google.com/intl/en/corporate/security.html
- Windows Azure General Availability: http://blogs.technet.com/b/microsoft_blog/archive/2010/02/01/windows-azure-general-availability.aspx
- Trusted Mobile Computing: http://www.kiskeya.net/ramon/work/pubs/mobiwi06.pdf
- OpenID Authentication 2.0 - Final: http://openid.net/specs/openid-authentication-2_0.html
- The OAuth 1.0 Protocol.2010.4: http://tools.ietf.org/html/rfc5849.
- Security Guidance for Critical Areas of Focus in Cloud Computing V2.1: https://cloudsecurityalliance.org/csaguide.pdf
- Grading Policy
- Class and Office Hour Times
This Course is sponsored by Intel