CSC 603: Access Control in the Cloud
- Instructor: Linh B. Ngo
- Office: UNA 138
- Office Hours Fall 2022:
- MWF : 11:00AM-12:00PM (in-person and online)
- TR : 11:00AM-12:00PM (online)
- Email: lngo AT wcupa DOT edu
- Phone: 610-436-2595
Course Description
This course discusses role-based and attribute-based access control (RBAC and ABAC) and their application in cloud computing systems. More specifically, we learn how RBAC and ABAC are used to specify and manage access policies on the wide range of resources available in the cloud, and how RBAC and ABAC can be used to enforce other complex access control scenarios. Hands-on practices are developed using Kubernetes and its access control API.
Learning Objectives
The following are clear, measurable and observable outcomes from taking this course:
- Be able to understand the basic concepts of access control in information security.
- Be able to understand and differentiate between role-based and attribute-based access control
- Be able to apply RBAC/ABAC principles in securing cloud infrastructures.
Recommended Text
- Role-based Access Control by David F. Ferraiolo, D. Richard Kuhn, and Ramaswamy Chandramouli. 2nd Ed, 2007.
- Attribute-based Access Control by Vincent C. Hu, David F. Ferraiolo, Ramaswamy Chandramouli, and D. Richard Kuhn. 2018.
Evaluation Policy
| Assessment | % of Final Grade | CSLO | CSPO |
| Assignments | 60% | 1,2 | 1, 2 |
| Group Presentations | 30% | 1 | 1, 2 |
| Class Participation | 10% | 1 | 1 |
Grade Scale:
D grades are not used. Refer to the Graduate Catalog for description of NG (No Grade), W, & other grades.
Assessments:
- Assignments: Be able to understand and implement complete software program based on pseudocode.
- Presentation: Be able to read and understand research papers on advanced data structures.
- Partition: A mixture of attendance check and degree of participation in class discussion
Assignments that are late are assessed a 10% per day late penalty. Saturday and Sunday are each days.
```
{!assets/text/policy.md!}