ACIT4013 Cloud Security Course description

Cloud computing has revolutionized the way organizations manage and deploy IT resources. However, it also introduces unique security challenges. This course provides an in-depth understanding of cloud security principles, focusing on protecting data, applications, and infrastructures in cloud environments.

Students will explore various security models, compliance requirements, and best practices to ensure robust cloud security. As modern security measures require the strategic orchestration of multiple tools and techniques, students will learn to navigate, deploy, manage, and monitor cloud-based applications, while applying the defense-in-depth principle and effectively handling shared security responsibilities.

Language of Instruction: English

It would be beneficial to have a completed course of at least 5 credits in network communications.

No formal requirements over and above the admission requirements.

A student who has completed this course should have the following learning outcomes defined in terms of knowledge, skills and general competence:

Knowledge:

After completing the course, the student has:

• advanced knowledge the concepts of cybersecurity and different cloud solutions protection.

• knowledge in different cloud service models (IaaS, PaaS, SaaS) and their security implications.

• thorough knowledge of specific software solutions used in cybersecurity in cloud-enabled environment

Skills:

On completion of the course, the student can:

• perform identity and access management tasks in cloud environments.

• perform incident response and disaster recovery in the cloud.

• analyze and apply the different tool-kits and security-in-depth options among modern cloud providers

• design and deploy corresponding infrastructure and architectural framework for data protection across network based on cloud infrastructure

General competence

On completion of the course, the student will be able to:

• evaluate limitations of selected measures and protection mechanisms in relation to a specific vulnerability or lack of security.

• adjudicate security considerations for hybrid and multi-cloud deployments.

• assess compliance of regulatory frameworks within the context of cloud environment

The course will include a variety of learning activities, including:

• Lectures
• Guest lectures
• Assigned readings
• Case studies related to security breach incidents
• Writing assignments
• Group discussions and presentations
• Collaborative group work and peer feedback on classmates’ contributions
• Scenario-based challenges

The following required coursework must be approved before the student can take the exam:

Three assignments (technical documentation on successful implementation of cloud security solutions for given scenarios) that can be performed individually, or in groups of max 2.

A 15-20 minute demonstration and oral presentation of successful deployment of secure cloud solutions, completed individually or in groups of max 2 students.

The exam cannot be appealed.

New/postponed exam: In case of failed exam or legal absence, the student may apply for a new or postponed exam. New or postponed exams are offered within a reasonable time span following the regular exam. The student is responsible for registering for a new/postponed exam within the time limits set by OsloMet. The Regulations for new or postponed examinations are available in Regulations relating to studies and examinations at OsloMet.

All aids are permitted, provided the rules for plagiarism and source referencing are complied with.

Grade scale A-F.

Two internal examiners. External examiners are used periodically.

Nurul Momen