Cloud computing

Dulith KasunInstitute of Engineering Technology

Cloud Network….

ET/10/8027

ET/10/8050

ET/10/8159

EE/10/8060

"What's the cloud?"

"Where is the cloud?"

"Are we in the cloud now?!"

You May Ask…….

"What's the cloud?"

"Where is the cloud?"

"Are we in the cloud now?!"

So The Questions Arisen…..

Storing and Accessing Data and Programs over the Internet instead of your computer's Hard Drive.

Get The IDEA!

Salesforce.com Appistry Appscale AT&T Engine Yard Enomaly

Go Grid Google Microsoft G cloud 3 Amazon EC2 Gizmox

Cloud Computing Providers…

Storage Devices

Block Storage DevicesOffer raw storage to the clients. This raw storage can be partitioned to create volumes.

File Storage DevicesOffer storage to clients in form of files, maintaining it’s own file system.This storage is in the form of Network Attached Storage (NAS)

Cloud Computing – Data Storage

Lower Cost

Easier to Manage

Scalability

Business Contingency

Flexibility

On-Demand-Computing

Why Cloud Computing…?

Cloud Computing - Architecture

The Cloud Computing architecture comprises of many cloud components, each of them are loosely coupled. We can broadly divide the cloud architecture into two parts:

Front End refers to the client part of cloud computing system. It consists of interfaces and applications that are required to access the cloud computing platforms, e.g., Web Browser.

Back End refers to the cloud itself. It consists of all the resources required to provide cloud computing services. It comprises of huge data storage, virtual machines, security mechanism, services, deployment models, servers, etc.

Development Models

Public Private Hybrid Community

Service Models

SaaS PaaS IaaS

Basic Concepts…

Public Cloud

Private Cloud

Hybrid Cloud

Community Cloud

Development Models…

Public Cloud allows systems and services to be easily accessible to general public, e.g., Google, Amazon, Microsoft offers cloud services via Internet.

Public Cloud Model

Private Cloud allows systems and services to be accessible with in an organization. The Private Cloud is operated only within a single organization. However, It may be managed internally or by third-party.

Private Cloud Model

Hybrid Cloud is a mixture of public and private cloud. Non-critical activities are performed using public cloud while the critical activities are performed using private cloud.

Hybrid Cloud Model

Community Cloud allows system and services to be accessible by group of organizations. It shares the infrastructure between several organizations from a specific community. It may be managed internally or by the third-party.

Community Cloud Model

Software as a Service (Saas)

Platform as a service (PaaS)

Integration/infrastructure as a Service (IaaS)

Service Models in Cloud Computing

When an organization is considering Cloud security it should consider both the differences and similarities between these three segments of Cloud Service Models

This particular model is focused on managing access to applications.

For example, policy controls may dictate that a sales person can only download particular information from sales CRM applications(Customer Relationship Management).

For example, they are only permitted to download certain leads, within certain geographies or during local office working hours. In effect, the security officer needs to focus on establishing controls regarding users' access to applications.

Software as a Service (Saas)

The primary focus of this model is on protecting data. This is especially important in the case of storage as a service. An important element to consider within PaaS is the ability to plan against the possibility of an outage from a Cloud provider.

The security operation needs to consider providing for the ability to load balance across providers to ensure fail over of services in the event of an outage. Another key consideration should be the ability to encrypt the data whilst stored on a third-party platform and to be aware of the regulatory issues that may apply to data availability in different geographies

Platform as a service (PaaS)

Within this model the focus is on managing virtual machines.

The CSOs (Chief Security Officers) priority is to overlay a governance framework to enable the organization to put controls in place regarding how virtual machines are created uncontrolled access and potential costly wastage

Integration/Infrastructure as a Service (IaaS)

Protect your API Keys

Many Cloud services are accessed using simple REST Web Services interfaces. These are commonly called "APIs", since they are similar in concept to the more heavyweight C++ or Java APIs used by programmers, though they are much easier to leverage from a Web page or from a mobile phone, hence their increasing ubiquity

Does not access private user data

CSOs focused on SaaS, PaaS and IaaS all the time.

BENIFITS

High EfficiencyReliability & Flexibility

Manipulate & configure apps

online

Cost Effective

No software Required

On Demand self service Online

Development

Resources Available on

Network

Applications as utilities over

Internet

Cloud Computing - Technologies

Virtualization

Service-Oriented Architecture (SOA)

Grid Computing

Utility Computing

Virtualization is a technique, which allows to share single physical instance of an application or resource among multiple organizations or tenants (customers). It does so by assigning a logical name to a physical resource and providing a pointer to that physical resource when demanded

Virtualization

Service-Oriented Architecture helps to use applications as a service for other applications regardless the type of vendor, product or technology.

Service-Oriented Architecture(SOA)

Grid Computing refers to distributed computing in which a group of computers from multiple locations are connected with each other to achieve common objective. These computer resources are heterogeneous and geographically dispersed

Grid Computing

Utility computing is based on Pay per Use model. It offers computational resources on demand as a metered service.

Cloud computing, grid computing, and managed IT services are based on the concept of Utility computing.

Utility Computing

Although Cloud Computing is a great innovation in the world of computing, there also exist downsides of cloud computing.

It is the biggest concern about cloud computing. Since data management and infrastructure

management in cloud is provided by third-party, it is always a risk to handover the sensitive information to such providers.

Although the cloud computing vendors ensure more secure password protected accounts, any sign of security breach would result in loss of clients and businesses.

RISKS

SECURITY & PRIVACY

Cloud Computing Challenges

Security and Privacy of information is the biggest challenge to cloud computing. Security and privacy issues can be overcome by employing encryption, security hardware and security applications.

PORTABILITY

INTEROPERABILITY

COMPUTING PERFORMANCE

RELIABILITY AND AVAILABILITY

SECURITY & PRIVACY

It is very difficult for the customers to switch from one Cloud Service Provider (CSP) to another. It results in dependency on a particular CSP for service.

This risk involves the failure of isolation mechanism that separates storage, memory, routing between the different tenants

LOCK-IN

ISOLATION FAILURE

Encryption helps to protect data from being compromised. It protects data that is being transferred as well as data stored in the cloud. Although encryption helps to protect data from any unauthorized access, it does not prevent from data loss.

Encryption…

Characteristics

Data Security and Privacy Requirement

Budget Requirements

Type of cloud - public, private or hybrid

Data backup requirements

Training requirements

Dashboard and reporting requirements

Client access requirements

Data export requirements

Cloud Computing - Planning