COMP 436/536 - Secure and Cloud Computing

Instructor: Ang Chen
Room: AEL A121
Lectures: W+F 2:30-3:45pm
Office hour: F 3:45-4:45pm DH3004

Course description

What is "cloud computing"? How do we build cloud-scale systems and components that are secure against malicious attacks, and scale to millions of users? Many of today's services run inside the cloud -- a set of geographically distributed data centers running heterogeneous software stacks. Cloud systems must scale across tens of thousands of machines, support millions of concurrent requests, and they must do so with high security guarantees. This course will start with the fundamentals of cloud computing, introduce key techniques in building scalable and secure systems, and expose students to state-of-the-art research advances as well as emerging security threats and defenses in today's cloud systems.

Piazza link


One or more of the following courses:

COMP/ELEC 429/556 (Introduction to Computer Networks)
COMP/ELEC 529 (Advanced Computer Networks)
COMP/ELEC 421, COMP 521/ELEC 552 (Operating Systems and Concurrent Programming)
COMP 427 (Introduction to Computer Security)


We will have two 1.5-hour lectures per week. There will also be regular homework assignments and a course project that requires a significant amount of hands-on implementation, experimental validation, as well as a report.

For the course project, students can form groups of three and work on the project together. Talk with me if you plan to have a group size different from three. The project requires approval from the instructor, but each team may pick a different project of their interest. Students are also encouraged to talk with me in person to identify a project. Each team will present the project proposal, and write a final report in (roughly) six pages.


Homework 25%, quizzes 10%, project 45%, presentation and report 20%, participation 5% (extra).

Homework assignments

The homework assignments will be available at Piazza. You can submit the solutions via Canvas.


Students with a documented disability needing academic adjustments or accommodations in this course are encouraged to contact me and Disability Support Services in the Allen Center, Room 111.

Tentative schedule

Date Topic Details Reading Remarks
August 22 Introduction Principles of building systems
Project management
Course overview
Lampson: Hints for computer systems design
August 24 The Cloud Cloud applications
Web vs. cloud vs. cluster
Armbrust et al.:A view of cloud computing
August 29 Concurrency Consistency models
Vogels: Eventually consistent
August 31 Faults and Failures I Internet basics
Byzantine faults
Tseitlin: The antifragile organization
September 5 Faults and Failures II Handling failures
CAP theorem
Corbató: On building systems that will fail
September 7 Cloud basics Amazon Web Service
September 12 Networking the cloud Datacenter networks HW1 online
September 14 Software-defined networks SDNs Feamster et al.: The road to SDN
September 19 Project proposal Presentations
September 21 Programmable networks Protocol-independent packet processing Bosshart et al: P4
September 26 P4 Programming in P4 P4 tutorial: Tutorial HW1 due
September 28 P4 lab P4 hands-on exercises
October 3 Load balancing ECMP, Load-sensitive routing Katta et al: Hula
October 5 Cloud storage Key value stores
Concurrency control
October 10
Class canceled — Ang at OSDI

October 12 Storage at Facebook Case study: Facebook
October 17 Diagnosis Declarative Networking
Provenance and Diagnosis
Loo et al.: Declarative networking
October 19
Mid-term presentations

October 24 MapReduce Programming model
HW2 online
October 26
Class canceled — Ang at NSF

October 31 Peer-to-Peer P2P networks
November 2 Security basics Crypto basics
November 7 Denial of service Smurf sttacks
The Mirai botnet HW2 due
November 9 Differential Privacy Data privacy
Dwork et al.:Differential Privacy
November 14 Anonymity DCNet
November 16 Routing security BGP
Prefix hijacking
November 21 Blockchain Bitcoin
Hash chains
November 23 Thanksgiving break— no class
November 28 Accountability Fault detection
Timing fault
November 30 Final presentations
December 7 Final reports due