Course: CS 145/245: Cloud Networking and Computing
Course Level: Upper-level undergraduate and graduate
Course Description: “Clouds have become critical infrastructures for many applications in business and society (e.g., social media, public health, and entertainment). In this course, we will take a look inside the cloud infrastructure and learn critical technology trends and challenges in the networking and computing layers. We will discuss the design choices of performance, scalability, manageability, and cost in various cloud companies such as Amazon, Google, Microsoft, and Facebook. This course includes lectures and system programming projects.
Module Topic: The Ethics of Cloud Security
Module Author: Cat Wade
Semesters Taught: Spring 2019
Module Overview: In this module, we discuss why computer security matters from an ethical perspective, focusing on the special case of cloud security (security for cloud computing systems). More specifically, the module focuses on three issues. First, we consider the varying reasons different groups of stakeholders, such as service providers and end users, have to care about cloud security. Second (and relatedly), we discuss the connection between cloud security and privacy. Third, we consider who is morally responsible for maintaining cloud security and how to determine responsibility when it is breached.
Connection to Course Technical Material: This course focuses on the technical aspects of data storage and management in the cloud context. The module comes right at the end of the “cloud management” portion of the semester and builds directly on technical material the students have just covered by considering ethical questions raised by real world examples of cloud security breaches.
Key Philosophical Questions:
Key Philosophical Concepts:
The students were assigned the following two optional readings:
Sample Class Activity: In this activity, students break up into small groups and consider three real-world cases in which the security of a cloud computing system was compromised:
Students are asked to answer two questions about each case:
After the small-group discussion, the Embedded EthiCS fellow leads a debrief with the full class.
Module Assignment: In this assignment, students are asked to write a short essay discussing the value of cloud security in the following hypothetical case study:
It is May of 2018. You are the manager of a small European company that uses cloud services to manage and store personal customer information. Consequently, with GDPR on the horizon, you have to begin to prepare your employees and customers for the changes and disruptions that will come about as a result of meeting these new regulations.
In the essay, students first identify and explain one of the reasons to value cloud security discussed in class. Second, they appeal to this reason in order to justify the costs involved in satisfying the new GDPR regulations to two different groups of stakeholders: their customers, and their employees.
Students are especially engaged in a technical CS course like this by philosophical discussion that attends to more concrete technical problems. Future iterations of this module would be benefitted by balancing the sometimes very abstract concepts with more extensive discussion of technical examples.