University of Oxford Logo University of OxfordSoftware Engineering - Home
On Facebook
Follow us on twitter
Linked in
Linked in
Google plus
Google plus
Stumble Upon
Stumble Upon

Cloud Security

Cloud computing is a new concept using old technologies. It originates from industry (commercial requirements and needs) and has recently moved to academia because of its promising potential as an Internet-scale computing infrastructure. Due to this there are scarce resources analyzing current Cloud infrastructure and its limitations. This in turn results in lack of understanding of security risks associated with Clouds. This module covers these from practical angle; specifically, it covers Cloud computing architecture, management services, and security challenges. It also discusses the main requirements to move current Cloud untrusted infrastructure to a trustworthy Internet-scale Cloud critical computing infrastructure.


This course normally runs twice a year.

Course dates

Future courses are expected, but yet to be scheduled.


The successful participants will


  • Be able to explain Cloud architecture, properties, management services, and security challenges.
  • Understand security risks associated with different Clouds’ deployment models, and what could be done to address such risks.
  • Experience a real demonstration, provided by on building a simple Cloud using an appropriate management tool, managing it, and hosting a web-application on it.



  • Introduction: Cloud definition, models and types. 
  • Cloud Infrastructure Management: Cloud Taxonomy, Cloud management tools, and Infrastructure properties and policies.
  • Secure Management of Cloud Infrastructure: virtual layer self-managed services, application layer self-managed service, and security best practices for automate Cloud infrastructure management.
  • Cloud Trust Model: Cloud Dynamic Nature, Operational trust in the Cloud, Establishing trust in IaaS, PaaS, and SaaS Cloud types
  • Security challenges related to data provenance: Forensic investigation in the Cloud, Fault detection and isolation in the Cloud, Billing in the Cloud
  • Insider threats analysis and mitigation in the Cloud: discuss how to lessen the effects of insiders in the Cloud.
  • Case Study on Home Healthcare using the above concepts


Participants should have a basic understanding of computer security to the level provided by the Security Principles course. A working knowledge of computer systems architecture and their network connectivity will be assumed.