project proposal

 Propose a topic for your final project. Use one of the topics from the list in this folder. Write  400 words or more explaining why this topic is important for your peers to understand. Be focused and specific. Look into the general topic to find something new and interesting to write about.

below are the topics – pick one..

1. With      different types of cloud service delivery, what are the different      licensing requirements that an owner must be aware of when moving to the      cloud.
2. Discuss      Shared technology vulnerabilities in the cloud,
3. How does a      customer know what software versions cloud providers are using? Without      that knowledge how can they do a proper risk assessment?
4. What      policies should be in place for users to help reduce cloud based threats.
5. How can a      consumer evaluate the physical security of their cloud provider? What      standards should apply. What external and internal barriers should be in      place? What access controls? What sort of surveillance should be provided,      power redundancy, and fire suppression? Is a service contract sufficient?      Should physical inspection be available? What about physical location? Are      their volcanoes, tornadoes, earthquakes or other natural disasters common?      Is the site near political unrest? Access to water? Outside temperature?      Is there a physical buffer? Should the walls be made of ballistic material      to withstand explosions? Staffing
6. Discuss the      four tiers of Uptime Institutes functional recommendations for physical      security for data centers.
7. What is a      hypervisor? Differentiate between type I and type II. What are the      security vulnerabilities of each?
8. Which is      better for security server virtualization or application isolation? Why?
9. What are      desktop virtualization, storage virtualization, memory virtualization,      network virtualization? What are the security issues and benefits for each
10. Global      boundaries and the cloud – separating politics from security
11. The      relationship of net neutrality and cloud security
12. Ensuring      Proper Access Control in the Cloud?
13. Cloud      security risks from misconfiguration
14. Cloud service      interruptions from DDOS
15. Preventive      controls for Internal (non-routable) security threats
16. Detective      Controls for routable and non-routable addresses
17. How security      zones, groups or domains have      replaced traditional zones and      tiers
18. On being a      cloud broker -tasks and challenges
19. Trust      boundaries and division of responsibilities
20. Elasticity      effect on threat surface
21. How to      insure that your cloud provider has appropriate detective and preventive      controls in place
22. How to      secure virtualization layer
23. Threats to the      hypervisor
24. What      hardening means
25. Top ten      recommendations for securing virtual servers
26. Vulnerabilities      resulting from web programming frameworks
27. Preventing      attacks on web applications
28. The      relationship between DOS attacks and your cloud invoice
29. Good browser      hygiene and cloud security
30. Compartmentalization      and isolation in virtual multi-tenant environments
31. Security      standards in PaaS API design
32. FIPS
33. Data      Protection techniques under the The Data Accountability and Trust Act
34. Comparing      block symmetric algorthms with streaming symmetric algorthms
35. Message      authentication codes and hash functions.
36. Externalizing      authentication: Trust Boundaries and IAM
37. Sustaining      IAM with rapid turnover and job changes
38. IAM      Compliance Management
39. Identity      Federation Management
40. OAUTH
41. ITIL
42. ISO      27001/27002
43. Vulnerability      and Risk assessment
44. Incident      response
45. What can we      learn from CCID (Cloud Computing Incidents Database
46. Cloud Health      monitoring (internal and 3rd party)
47. Reading a Cloud Security Provider      agreement
48. Discussing      the data life cycle in the context of cloud computing
49. Facebook’s new privacy initiative
50. Cloud Security and the Federal Rules of      Civil Procedure
51. With      different types of cloud service delivery, what are the different      licensing requirements that an owner must be aware of when moving to the      cloud.
52. Discuss      Shared technology vulnerabilities in the cloud,
53. How does a      customer know what software versions cloud providers are using? Without      that knowledge how can they do a proper risk assessment?
54. What      policies should be in place for users to help reduce cloud based threats.
55. How can a      consumer evaluate the physical security of their cloud provider? What      standards should apply. What external and internal barriers should be in      place? What access controls? What sort of surveillance should be provided,      power redundancy, and fire suppression? Is a service contract sufficient?      Should physical inspection be available? What about physical location? Are      their volcanoes, tornadoes, earthquakes or other natural disasters common?      Is the site near political unrest? Access to water? Outside temperature?      Is there a physical buffer? Should the walls be made of ballistic material      to withstand explosions? Staffing
56. Discuss the      four tiers of Uptime Institutes functional recommendations for physical      security for data centers.
57. What is a      hypervisor? Differentiate between type I and type II. What are the      security vulnerabilities of each?
58. Which is      better for security server virtualization or application isolation? Why?
59. What are      desktop virtualization, storage virtualization, memory virtualization,      network virtualization? What are the security issues and benefits for each
60. Global      boundaries and the cloud – separating politics from security
61. The      relationship of net neutrality and cloud security
62. Ensuring      Proper Access Control in the Cloud?
63. Cloud      security risks from misconfiguration
64. Cloud service      interruptions from DDOS
65. Preventive      controls for Internal (non-routable) security threats
66. Detective      Controls for routable and non-routable addresses
67. How security      zones, groups or domains have      replaced traditional zones and      tiers
68. On being a      cloud broker -tasks and challenges
69. Trust      boundaries and division of responsibilities
70. Elasticity      effect on threat surface
71. How to      insure that your cloud provider has appropriate detective and preventive      controls in place
72. How to      secure virtualization layer
73. Threats to the      hypervisor
74. What      hardening means
75. Top ten      recommendations for securing virtual servers
76. Vulnerabilities      resulting from web programming frameworks
77. Preventing      attacks on web applications
78. The      relationship between DOS attacks and your cloud invoice
79. Good browser      hygiene and cloud security
80. Compartmentalization      and isolation in virtual multi-tenant environments
81. Security      standards in PaaS API design
82. FIPS
83. Data      Protection techniques under the The Data Accountability and Trust Act
84. Comparing      block symmetric algorthms with streaming symmetric algorthms
85. Message      authentication codes and hash functions.
86. Externalizing      authentication: Trust Boundaries and IAM
87. Sustaining      IAM with rapid turnover and job changes
88. IAM      Compliance Management
89. Identity      Federation Management
90. OAUTH
91. ITIL
92. ISO      27001/27002
93. Vulnerability      and Risk assessment
94. Incident      response
95. What can we      learn from CCID (Cloud Computing Incidents Database
96. Cloud Health      monitoring (internal and 3rd party)
97. Reading a Cloud Security Provider      agreement
98. Discussing      the data life cycle in the context of cloud computing
99. Facebook’s new privacy initiative
100. Cloud Security and the Federal Rules of      Civil Procedure
101. With      different types of cloud service delivery, what are the different      licensing requirements that an owner must be aware of when moving to the      cloud.
102. Discuss      Shared technology vulnerabilities in the cloud,
103. How does a      customer know what software versions cloud providers are using? Without      that knowledge how can they do a proper risk assessment?
104. What      policies should be in place for users to help reduce cloud based threats.
105. How can a      consumer evaluate the physical security of their cloud provider? What      standards should apply. What external and internal barriers should be in      place? What access controls? What sort of surveillance should be provided,      power redundancy, and fire suppression? Is a service contract sufficient?      Should physical inspection be available? What about physical location? Are      their volcanoes, tornadoes, earthquakes or other natural disasters common?      Is the site near political unrest? Access to water? Outside temperature?      Is there a physical buffer? Should the walls be made of ballistic material      to withstand explosions? Staffing
106. Discuss the      four tiers of Uptime Institutes functional recommendations for physical      security for data centers.
107. What is a      hypervisor? Differentiate between type I and type II. What are the      security vulnerabilities of each?
108. Which is      better for security server virtualization or application isolation? Why?
109. What are      desktop virtualization, storage virtualization, memory virtualization,      network virtualization? What are the security issues and benefits for each
110. Global      boundaries and the cloud – separating politics from security
111. The      relationship of net neutrality and cloud security
112. Ensuring      Proper Access Control in the Cloud?
113. Cloud      security risks from misconfiguration
114. Cloud service      interruptions from DDOS
115. Preventive      controls for Internal (non-routable) security threats
116. Detective      Controls for routable and non-routable addresses
117. How security      zones, groups or domains have      replaced traditional zones and      tiers
118. On being a      cloud broker -tasks and challenges
119. Trust      boundaries and division of responsibilities
120. Elasticity      effect on threat surface
121. How to      insure that your cloud provider has appropriate detective and preventive      controls in place
122. How to      secure virtualization layer
123. Threats to the      hypervisor
124. What      hardening means
125. Top ten      recommendations for securing virtual servers
126. Vulnerabilities      resulting from web programming frameworks
127. Preventing      attacks on web applications
128. The      relationship between DOS attacks and your cloud invoice
129. Good browser      hygiene and cloud security
130. Compartmentalization      and isolation in virtual multi-tenant environments
131. Security      standards in PaaS API design
132. FIPS
133. Data      Protection techniques under the The Data Accountability and Trust Act
134. Comparing      block symmetric algorthms with streaming symmetric algorthms
135. Message      authentication codes and hash functions.
136. Externalizing      authentication: Trust Boundaries and IAM
137. Sustaining      IAM with rapid turnover and job changes
138. IAM      Compliance Management
139. Identity      Federation Management
140. OAUTH
141. ITIL
142. ISO      27001/27002
143. Vulnerability      and Risk assessment
144. Incident      response
145. What can we      learn from CCID (Cloud Computing Incidents Database
146. Cloud Health      monitoring (internal and 3rd party)
147. Reading a Cloud Security Provider      agreement
148. Discussing      the data life cycle in the context of cloud computing
149. Facebook’s new privacy initiative
150. Cloud Security and the Federal Rules of      Civil Procedure