Skip to main content
Skip header

Data Center Networks and Cloud Computing Security

* Exchange students do not have to consider this information when selecting suitable courses for an exchange stay.

Course Unit Code460-4124/01
Number of ECTS Credits Allocated4 ECTS credits
Type of Course Unit *Compulsory
Level of Course Unit *Second Cycle
Year of Study *Second Year
Semester when the Course Unit is deliveredSummer Semester
Mode of DeliveryFace-to-face
Language of InstructionCzech
Prerequisites and Co-Requisites Course succeeds to compulsory courses of previous semester
Name of Lecturer(s)Personal IDName
MOR03Ing. Pavel Moravec, Ph.D.
Summary
The aim of the course is to introduce students to the basic aspects of building secure data centers and cloud solutions and securing of their operation. In the introduction the current network technologies used in large data centers are presented. Emphasis is placed on a comprehensive approach, starting at the physical security level, a secure network infrastructure, to the security of the software services running on the servers themselves. Remote access methods, data center interconnection, and securing of transmission routes are discussed. Further, the issues of cloud services security, especially in terms of availability, confidentiality and data security issues related to the operation, and security mechanisms are described. As part of the laboratory work, students will learn about advanced network infrastructure, virtual servers and their security.
Learning Outcomes of the Course Unit
After the course completion the student should be able to:
- Describe key technologies which improve data center security.
- Define the physical and logical levels of data and service security.
- Configure basic network elements in a more secure manner.
- Explain and apply techniques, improving the cloud solutions security.
- Describe the most common attacks on data center and cloud service infrastructure.
- Explain basic principles of defense against network attacks on data centers.
Course Contents
Lecure schedule:
1. Design and implementation of data centers (hardware and software redundancy), overview of the most common networking (TIA-942, ISO/IEC 11801-5) and software technologies.
2. Data center operation and its efficiency (facilities, PUE)
3. Security and safety of data center standards (TIER certification, EN 50600).
4. Securing the communication interfaces (Fibre Channel - port security, fabric binding, FCIP - traffic engineering, cost profile).
5. Logging and monitoring of data center infrastructure and services, audit trail.
6. Identity and permission management (SAML, OAuth, OpenID). Technologies for data center management and remote access.
7. Data center network infrastructure, services and application security. Integrated solutions for data center security and their common features.
8. Service models of cloud services and their deployment models (SaaS, PaaS, IaaS). Data and application accessibility in cloud environment, data recovery, privacy of stored data.
9. Public and Private Cloud (Amazon, Microsoft Azure, Google Cloud).
10. Cloud security controls. DDoS attacks on cloud services and their prevention.

Computer laboratories focus on practical implementation of topics covered on the lectures.

Laboratory schedule:
1. Introduction to the laboratory and assignments during the semester.
2. Implementation of L2 security.
3. Implementation of L3 security.
4. Deployment of IDS and IPS solutions.
5. Zone-based firewalling.
6. Remote management and remote access configuration.
7. Cloud platforms - OpenStack.
8. Cloud platforms - Amazon AWS.
9. Cloud platforms - Microsoft Azure.
10. Physical safety and security of data centers.
Recommended or Required Reading
Required Reading:
1. Lee, G. : Cloud Networking: Understanding Cloud-based Data Center Networks, Morgan Kaufmann, 2014, ISBN 978-0128007280.
2. Yeluri R., Castro-Leon E.: Building the Infrastructure for Cloud Security: A Solutions View. Apress, 2013, ISBN 978-1-4302-6145-2.4
3. Uptime Institute: Tier Standard: Operational Sustainability, 2013.
4. Uptime Institute: Tier Standard: Topology, 2012.
1. Lee, G. : Cloud Networking: Understanding Cloud-based Data Center Networks, Morgan Kaufmann, 2014, ISBN 978-0128007280.
2. Yeluri R., Castro-Leon E.: Building the Infrastructure for Cloud Security: A Solutions View. Apress, 2013, ISBN 978-1-4302-6145-2.4
3. Uptime Institute: Tier Standard: Operational Sustainability, 2013.
4. Uptime Institute: Tier Standard: Topology, 2012.
Recommended Reading:
1. Krutz, R. L., Russell D. V.: Cloud Security: A Comprehensive Guide to Secure Cloud Computing, Wiley, 2010, ISBN: 978-0-470-58987-8.
2. Santana G. A. A. : Data Center Virtualization Fundamentals: Understanding Techniques and Designs for Highly Efficient Data Centers with Cisco Nexus, UCS, MDS, and Beyond, Cisco Press, 2013, ISBN 978-1587143243.
3. Buecker A., et al: Managing Security and Compliance in Cloud or Virtualized Data Centers Using IBM PowerSC. IBM Redbooks, 2013, ISBN 978-0738437675.
1. Krutz, R. L., Russell D. V.: Cloud Security: A Comprehensive Guide to Secure Cloud Computing, Wiley, 2010, ISBN: 978-0-470-58987-8.
2. Santana G. A. A. : Data Center Virtualization Fundamentals: Understanding Techniques and Designs for Highly Efficient Data Centers with Cisco Nexus, UCS, MDS, and Beyond, Cisco Press, 2013, ISBN 978-1587143243.
3. Buecker A., et al: Managing Security and Compliance in Cloud or Virtualized Data Centers Using IBM PowerSC. IBM Redbooks, 2013, ISBN 978-0738437675.
Planned learning activities and teaching methods
Lectures, Tutorials, Experimental work in labs, Project work
Assesment methods and criteria
Task TitleTask TypeMaximum Number of Points
(Act. for Subtasks)
Minimum Number of Points for Task Passing
Credit and ExaminationCredit and Examination100 (100)51
        CreditCredit45 22
        ExaminationExamination55 29