@VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

Module 1- Introduction: Introduction,Cloud Computing at a Glance, Historical Developments, Building

Cloud Computing Environments, Amazon Web Services (AWS), Google AppEngine, Microsoft Azure,
Hadoop, Force.com and Salesforce.com, Manjrasoft Aneka

Cloud Computing: Introduction

Cloud computing is the delivery of computing services—such as servers, storage, databases, networking, software,
and more—over the internet, or the "cloud." This allows users to access and use these services on demand, typically
on a pay-per-use or subscription basis, without the need for managing or owning physical hardware or IT
infrastructure. The core advantage of cloud computing is that it abstracts the complexities of physical hardware and
enables users to access sophisticated computing resources without substantial capital investment.

Key characteristics of cloud computing:

@
1. On-Demand Self-Service: Users can provision computing resources as needed, without requiring human
interaction with service providers.

2. Broad Network Access: Cloud services are available over the internet, allowing access from a variety of
devices like laptops, smartphones, and tablets.
VT
3. Resource Pooling: Providers use multi-tenant models where computing resources are pooled to serve
multiple consumers.

4. Rapid Elasticity: Cloud resources can be rapidly scaled up or down based on demand, offering flexibility.

5. Measured Service: Cloud computing is typically offered on a pay-per-use model, where consumers only
pay for the resources they use, akin to utility services like electricity or water.
U
Cloud computing allows businesses and individuals to avoid the cost and complexity of owning and maintaining
physical servers and other infrastructure. It provides a flexible, scalable, and cost-efficient solution for a wide range
of computing needs.
pa
The Vision of Cloud Computing

Cloud computing's vision is to transform IT infrastructure into a utility that can be accessed on demand, just like
electricity, water, or gas. The idea is that, rather than investing heavily in physical infrastructure, users can rent
computing resources—whether it be storage, processing power, or application services—on an as-needed basis. This
vision offers numerous benefits, such as reduced upfront costs, scalability, flexibility, and ease of maintenance. It
dh
allows users to focus on their core business logic and applications rather than worrying about hardware or
infrastructure.

The vision also anticipates a global marketplace for cloud services, where providers and consumers can trade
resources freely, breaking down barriers between different services and vendors. This would allow for greater
competition, improved service offerings, and the ability for users to seamlessly integrate services from different
ai
providers into their systems.

As the industry matures, the ability to dynamically provision computing services will enable organizations and
individuals to adapt to their needs quickly and efficiently. It also makes it easier for small businesses to access
powerful computing resources without needing significant capital investments in infrastructure.
 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

@
Defining a Cloud

Cloud computing is a broad and evolving concept that has become central to the modern IT landscape. It refers to
the delivery of computing services such as servers, storage, databases, networking, software, and more over the
VT
internet, typically on a pay-per-use basis. The cloud allows individuals and businesses to access IT resources without
having to own, manage, or maintain physical infrastructure, offering flexibility, scalability, and cost-efficiency.

Key Elements of Cloud Computing

• Virtualized Infrastructure: Cloud computing often involves the use of virtualized infrastructure. This
means that physical hardware resources, such as servers, storage, and networking, are abstracted into
U
virtual machines that can be provisioned and decommissioned dynamically based on demand.

• Utility Computing: Similar to traditional utilities like water or electricity, cloud computing is provided as a
service that users can access as needed, without significant upfront investments in infrastructure.
pa
• IT Outsourcing: Cloud computing often involves outsourcing IT needs to a third-party provider who
manages the infrastructure and services, allowing businesses to focus on their core activities.

• Platform and Software as a Service (PaaS and SaaS): In addition to infrastructure services (IaaS), cloud
computing includes software and platform services, such as Software as a Service (SaaS) and Platform as a
dh
Service (PaaS), which deliver prebuilt applications or environments for developers to build and deploy their
software.

Cloud Computing Technologies, Concepts, and Ideas

ai
 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

Figure 1.2 represents various technologies, concepts, and ideas related to cloud computing. These include:

• Green Computing: Cloud providers optimize energy usage in large data centers, contributing to
environmental sustainability.

• Elasticity: Cloud services can scale up or down quickly based on demand, providing flexibility.

• Pay as You Go: Users pay for services based on their actual usage, without upfront capital investment.

• Virtualization: Resources are abstracted and shared across multiple tenants, enabling efficient use of
hardware and flexibility in resource allocation.

• Security and Privacy: Cloud computing introduces new challenges around data security and privacy, but
these can be addressed through encryption and compliance with standards.
@
• Quality of Service (QoS): Cloud services are often defined by certain SLAs (Service Level Agreements)
that guarantee a minimum level of service quality.

• Provisioning on Demand: Resources are made available as required, allowing businesses to avoid over-
provisioning and reduce costs.
VT
Cloud Computing Definition

Cloud computing is best understood as both a set of applications delivered as services over the internet and the
hardware and system software that supports these services. It involves offering IT resources such as computing
power, storage, and development platforms as services, which can be provisioned and managed dynamically.

The Utility-Oriented Approach

U
Cloud computing is often described as a utility because it allows businesses to rent computing resources as needed,
with minimal upfront costs. This model significantly alters the way businesses approach IT infrastructure, shifting
from capital expenditures to operating expenses.
pa
Three Criteria for Cloud Services

Reese [29] outlines three key criteria for identifying cloud services:
dh
1. Accessible via Web or API: The service is available online through a web interface or API, meaning users
can access it without needing proprietary software.

2. Zero Capital Expenditure: Cloud services require no upfront investment in infrastructure. Users only pay
for the services they use.
ai
3. Pay-per-use: Users pay only for the resources they consume, making it an efficient and cost-effective
model.

A Closer Look at Cloud Computing

Cloud computing has a profound impact across various sectors. It offers solutions to both small and large
enterprises, as well as end users. Here are some examples:

1. Large Enterprises: The New York Times used cloud services to convert its digital archive into a web-
friendly format. By renting cloud resources (Amazon EC2 and S3), they completed this task in 36 hours,
paying only for the resources they used.
 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

2. Small Enterprises and Start-ups: Animoto, a company that creates videos from images, stores and
processes all its data on Amazon Web Services (AWS). The company benefits from the elasticity of the
cloud, scaling from 70 to 8,500 servers in one week due to high demand.

3. System Developers: Developers can focus on business logic instead of worrying about infrastructure. For
example, Little Fluffy Toys, a London-based company, used Google App Engine to quickly deploy its
widget providing bicycle rental information.

4. End Users: Cloud services like Apple iCloud allow users to store documents and photos in the cloud and
access them from any device. This seamless access is transparent to the user.

Cloud Computing Environment Overview (Figure 1.3)

@
VT
U
This figure provides a bird's-eye view of the cloud computing environment. It showcases the interconnectedness of
various cloud services and models:
pa
• Public Clouds: These are managed by third-party providers and are available to the general public or
businesses on a subscription basis. Public clouds are typically the most cost-effective and flexible option.

• Private Clouds: Private clouds are dedicated infrastructures used by a single organization. These are often
chosen by businesses or organizations with high security and privacy concerns.

• Hybrid Clouds: Hybrid clouds combine public and private cloud services, allowing organizations to use
dh
public cloud services when their private infrastructure is insufficient.

Cloud Deployment Models (Figure 1.4)

ai
 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

This figure illustrates the three primary deployment models for cloud computing:

1. Public Clouds: In this model, the infrastructure is owned and managed by a third-party provider. Resources
are shared among multiple users (multitenancy) and are available on a pay-per-use basis.

2. Private Clouds: These are cloud environments dedicated to a single organization, providing greater control
over data and security. They are typically used by large enterprises or government agencies with stringent
compliance requirements.

3. Hybrid Clouds: Hybrid clouds combine elements of both public and private clouds. Organizations can use
a private cloud for sensitive data and applications, while leveraging public clouds for other workloads.

The Cloud Computing Reference Model

@
The Cloud Computing Reference Model is a way to classify and understand the different types of cloud services
offered. It breaks down cloud computing into three primary categories: Infrastructure-as-a-Service (IaaS),
Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS). These categories reflect different layers of
services that provide varying levels of abstraction and functionality, catering to different needs.
VT
U
pa
dh
Figure 1.5: The Cloud Computing Reference Model

The model organizes the various cloud computing services in a layered stack, moving from the most foundational
infrastructure services to the most abstracted end-user applications.
ai
1. Infrastructure-as-a-Service (IaaS)

• Base Layer: This is the foundational layer of cloud computing where virtualized hardware resources are
provided on demand. IaaS delivers infrastructure like virtual machines, storage, and networking that can
be customized by users to run their applications.

• Virtualized Servers: Users get virtual machines (VMs) that emulate physical hardware, allowing them to
run custom software. These VMs are typically billed on an hourly basis, and pricing depends on the
hardware specifications (such as CPU, memory, and storage).

• Storage: IaaS offers two types of storage:

o Virtual storage: For storing persistent data that needs to be paired with virtual machines.
 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

o Object storage: A higher-level storage solution, which is more abstract and ideal for storing large
amounts of unstructured data (like files or backups).

• Networking: This involves managing the virtual networks that allow virtual machines to communicate
with each other or the outside world, including the internet. Virtual networking services are also used for
managing the security, access, and scaling of the network.

Examples of IaaS providers: Amazon EC2 (Elastic Compute Cloud), Amazon S3 (Simple Storage Service), Google
Compute Engine, vCloud, and Rightscale.

2. Platform-as-a-Service (PaaS)

• Middle Layer: PaaS builds on IaaS by providing a scalable and elastic runtime environment where
developers can deploy and run their applications. Rather than worrying about managing the underlying
@
hardware and infrastructure, users focus on writing code, while the platform handles scaling, availability,
and fault tolerance.

• Middleware: The platform includes the necessary software, tools, and frameworks needed to develop, test,
and run applications. This layer abstracts much of the complexity of infrastructure management.
VT
• Core Responsibility of Providers: The cloud provider is responsible for managing scalability and fault
tolerance, which helps developers deploy their applications without needing to configure servers or deal
with hardware directly.

Examples of PaaS providers: Google App Engine, Microsoft Windows Azure, and platforms like Hadoop or Aneka
that provide scalable environments for distributed applications.
U
3. Software-as-a-Service (SaaS)

• Top Layer: SaaS delivers ready-to-use, on-demand software applications through the internet. These
applications are hosted and managed by the service provider and are accessible to users via a web browser.
pa
• End-User Applications: SaaS offerings include common business software and consumer applications
such as email, document management, photo editing, and customer relationship management (CRM).
Social networking services (e.g., Facebook, Twitter) are also examples of SaaS, as they provide scalable
access to millions of users globally.

• Multi-Tenant Architecture: SaaS applications are shared across multiple users, with each user's data kept
dh
separate from others, providing scalability and cost efficiency.

Examples of SaaS providers: Google Docs, Salesforce, Microsoft Office 365, and platforms for social networking
like Facebook, Twitter, and Flickr.

How These Categories Relate

ai
• IaaS provides the basic building blocks, offering users raw computing resources (like virtual machines,
storage, and networking), which they can customize to their needs.

• PaaS adds a higher level of abstraction by providing a ready-made development platform, where
developers can build and deploy applications without managing the infrastructure.

• SaaS is the highest level of abstraction, offering fully developed applications that users can
 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

Characteristics of Cloud Computing

Cloud computing has several key characteristics that distinguish it from traditional IT models:

1. No Upfront Commitments: Users do not need to make large initial investments in hardware or software.
Cloud services are provided on a pay-as-you-go or subscription model.

2. On-demand Access: Cloud resources (compute, storage, applications) are available on-demand, allowing
users to access services whenever needed, without needing to plan or allocate resources in advance.

3. Flexible Pricing: The cloud follows a utility-based pricing model. Users pay only for what they use,
typically on a per-hour or per-use basis, which helps reduce overall costs.

4. Simplified Application Acceleration and Scalability: Cloud computing allows easy scaling of
applications based on demand. Resources can be quickly increased or decreased, facilitating rapid
@
application acceleration or expansion.

5. Efficient Resource Allocation: Cloud providers optimize the use of hardware resources across multiple
tenants, ensuring efficient resource utilization and reducing wastage.

6. Energy Efficiency: Due to large-scale infrastructure and centralization, cloud data centers are generally
VT
more energy-efficient compared to traditional IT setups.

7. Seamless Integration of Third-Party Services: Cloud computing makes it easier to integrate third-party
services into applications, helping businesses create new products or improve existing ones through
services that would otherwise be difficult to set up independently.

Benefits of Cloud Computing

U
1. Cost Efficiency: Cloud computing reduces capital expenses associated with purchasing IT infrastructure
and software. It converts these costs into operational expenses, with users paying only for what they use.
This can significantly reduce upfront investment and maintenance costs.
pa
2. Increased Agility: Organizations can rapidly deploy and adjust IT systems as needed without the need to
plan capacity in advance. If demand increases, resources like additional servers can be quickly added.

3. Scalability: Cloud computing services can scale up or down based on business needs, allowing
organizations to handle traffic spikes or reduced demand efficiently. This flexibility extends across the
dh
infrastructure, platform, and software layers.

4. Access Anytime, Anywhere: Cloud services enable access to data and applications from any device, at any
location, improving mobility and collaboration for businesses and end-users alike.

5. Energy and Resource Optimization: Centralized cloud data centers offer better energy efficiency and
resource utilization, often using virtualization to minimize energy consumption.
ai
6. Multitenancy: Cloud service providers host applications and services for multiple customers on the same
infrastructure, sharing costs and improving efficiency through economies of scale.

7. Improved Flexibility in Software Development: Developers can easily integrate and use third-party
services, creating new applications with minimal cost and time.
 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

Challenges of Cloud Computing

Despite its benefits, cloud computing faces several challenges, particularly related to security, privacy, and legal
concerns:

1. Security Concerns:

o Data Protection: Since organizations don’t own the physical infrastructure, they must trust the
cloud provider with their data. Confidentiality and data security become a critical concern,
especially when data is stored off-premises and can potentially be accessed by unauthorized
parties.

o Virtualization Risks: Data can be exposed in memory during processing, making it vulnerable to
@
malicious actors, including providers who have access to the underlying infrastructure.

2. Legal and Regulatory Issues:

o Data Privacy: Cloud computing can involve the storage of data in various geographic locations.
Different countries have varying laws about data privacy. For example, the U.S. has laws that may
VT
allow government agencies to access data for national security reasons, while European countries
have more restrictive privacy regulations.

o Jurisdictional Concerns: When data is stored in multiple locations (e.g., European servers for
U.S. companies), it becomes challenging to navigate the legal implications, especially when
governments from different jurisdictions seek access to that data.
U
3. Dynamic Resource Provisioning:

o Determining the optimal amount of resources to provision and the duration for which they are
required is a challenge. Overprovisioning leads to unnecessary costs, while underprovisioning can
pa
result in performance issues during peak demand.

4. Integration with Existing Infrastructure:

o Integrating cloud-based resources with legacy IT systems and processes can be complex.
Businesses may encounter issues with compatibility, security, and performance during such
dh
integration.

5. Vendor Lock-In:

o Cloud service consumers might find it difficult to move their data and applications from one
provider to another due to proprietary technologies and services. This can limit flexibility and
increase dependency on a particular cloud provider.
ai
6. Downtime and Reliability:

o While cloud providers offer high levels of reliability, there is still the risk of outages. The
dependency on external providers means that organizations have to manage the potential risk of
service interruptions that could affect business continuity.

Historical Developments in Cloud Computing

Cloud computing's evolution is deeply rooted in the development of distributed computing technologies over several
decades. Below are the key historical milestones and technologies that led to the rise of cloud computing:

1. Distributed Systems
 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

Distributed systems are a core technology behind cloud computing. A distributed system consists of multiple
independent computers that work together to appear as a single, unified entity to users. This concept is crucial for
cloud computing, where multiple resources (such as infrastructure, runtime environments, and services) are shared
among users. Key features of distributed systems—such as scalability, transparency, and continuous availability—
are also fundamental to cloud computing.

The primary goal of distributed systems is resource sharing, which is extended in cloud computing by renting
infrastructure and services to users, allowing companies to optimize the utilization of their computing resources.

2. Key Milestones in Distributed Computing

• Mainframe Computing (1950s-1970s): Mainframes were the first large computational facilities, relying
on multiple processing units. These systems were highly reliable and capable of performing massive
input/output (I/O) operations, making them ideal for data-intensive tasks like transactions and enterprise
@
resource planning. Though mainframes are no longer as prevalent, they evolved into cloud-like systems
capable of handling large-scale data processing.

• Cluster Computing (1980s): With advancements in technology, clusters of commodity machines became a
cost-effective alternative to mainframes and supercomputers. High-performance computing became
VT
accessible to a broader group, including small research labs and universities. Cluster computing laid the
foundation for modern distributed computing, contributing to the development of tools like Condor,
Parallel Virtual Machine (PVM), and Message Passing Interface (MPI).

• Grid Computing (1990s): Grid computing evolved from clusters, where geographically dispersed
computing resources were interconnected through the Internet. Grid computing allowed users to access
computational power and storage from multiple organizations, creating a large-scale distributed
U
infrastructure. This vision of shared computing resources was akin to the utility model—users "consume"
resources as needed, much like other utilities such as electricity or water.

3. Cloud Computing: The Evolutionary Outcome

pa
Cloud computing can be seen as the successor to grid computing. It integrates elements from all three major
technologies:

• Like mainframes, cloud computing offers large-scale, always-on, reliable computing facilities.

• Like clusters, cloud infrastructures often consist of commodity machines that can be expanded based on
dh
demand.

• Like grid computing, cloud computing offers resources on-demand through a utility-based model (pay-
per-use), allowing users to scale resources dynamically.

By the mid-2000s, cloud computing emerged as a powerful, cost-effective solution to IT needs, exemplified by
ai
services like Amazon AWS (EC2, S3), which allowed users to access computing and storage resources on-demand.

4. Key Technologies Influencing Cloud Computing

Several technological innovations have shaped cloud computing, including:

• Virtualization: Allowed the abstraction of hardware resources, enabling multiple virtual machines to run
on a single physical machine, which is essential for resource allocation in cloud environments.

• Web 2.0: Marked a shift towards user-generated content, social networking, and more interactive web
services, leading to the rise of cloud-based software as a service (SaaS) platforms.
 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

• Service Orientation: Led to the development of Service-Oriented Architectures (SOA), where applications
and services are designed to be modular and reusable—an approach that closely aligns with cloud service
offerings.

• Utility Computing: The concept of offering computing resources as a utility—paying only for what you
use—was a precursor to cloud computing and is central to its business model.

2. Virtualization

Virtualization is a technology that allows the creation of simulated (virtual) computing environments within a
physical machine. These environments behave like separate, independent machines, providing the ability to run
multiple software stacks on the same physical hardware. In the context of cloud computing, virtualization enables
several core functions:
@
• Resource Abstraction: It abstracts physical resources like storage, CPU, and network, allowing multiple
virtual environments to share the same hardware without interfering with each other.

• Customization: Users can create tailored virtual machines (VMs) with specific software stacks suited to
their needs, such as running different operating systems or applications.
VT
• On-demand Scalability: Cloud services, like Amazon EC2, use virtualization to provide scalable and
customizable computing environments that can be provisioned and decommissioned as needed.

Virtualization includes:

• Hardware Virtualization: Simulates hardware resources to run full operating systems in virtual machines.

• Process Virtualization: Focuses on isolating applications within virtual machines, enabling better control
U
over resource usage.

3. Web 2.0
pa
Web 2.0 refers to the evolution of the internet from a static collection of web pages to a dynamic platform for
interactive applications. It emphasizes user engagement, content sharing, and collaborative tools. The rise of Web
2.0 significantly influenced cloud computing in several ways:

• Interactivity: Web 2.0 enabled more interactive and user-centric web applications, which laid the
groundwork for cloud-based applications to be accessed via web browsers without requiring local
dh
installations.

• Collaboration and Social Interaction: Platforms like Facebook, Google Docs, and Flickr harnessed user-
generated content and collective intelligence. Cloud computing adopted similar principles, allowing users
to access, share, and collaborate on data stored in the cloud.
ai
• Rich User Experiences: Web 2.0 apps, powered by technologies like AJAX, allowed for faster, more
dynamic web pages. Cloud applications can offer rich, interactive interfaces, making them appealing and
accessible to a wide range of users.

4. Service-oriented Computing (SOC)

Service-oriented computing is a design philosophy where software applications are composed of discrete, reusable
services that communicate over a network. This approach enables rapid, flexible, and scalable system development.
Key aspects of SOC relevant to cloud computing include:

• Loose Coupling: Services are independent of each other and can be reused across different applications.
This makes it easier to build complex systems by composing various services.
 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

• Interoperability: Services can be written in different programming languages and deployed on different
platforms but still interact seamlessly.

• Software as a Service (SaaS): SOC gave rise to SaaS, a delivery model for applications where software is
hosted on cloud infrastructure and made available to users via the internet. Examples include applications
like Google Docs or Salesforce, where the infrastructure and software are managed by the provider and
delivered on a pay-per-use or subscription basis.

In cloud computing, the concept of Web Services has played a significant role in implementing SOC. Web services
expose functionalities through protocols like SOAP and WSDL, enabling services to be discovered and consumed
across the web.

5. Utility-oriented Computing
@
Utility computing is the concept of providing computing resources, such as processing power, storage, and
applications, on a pay-per-use basis. This model is akin to how utilities like electricity or water are provided to
consumers. Some key developments in utility computing include:

• Pay-per-Use Model: Cloud computing allows users to rent resources as needed, which helps reduce the
costs associated with maintaining IT infrastructure.
VT
• On-Demand Availability: Just as electricity can be accessed on demand, cloud resources are also available
whenever users need them, without upfront investments.

• E-commerce and Online Payment: The rise of e-commerce platforms in the late 1990s and early 2000s
provided the infrastructure for handling online payments, which is crucial for the utility computing model,
where users pay for services via credit cards or other payment systems.
U
The idea of utility computing dates back to the 1960s, when John McCarthy envisioned computing as a public
utility. With the development of grid computing and advances in networking, this vision became increasingly viable
and evolved into what we know today as cloud computing.
pa
Building Cloud Computing Environments

1.3.1 Application Development

Cloud computing provides scalability and flexibility, making it ideal for applications that experience fluctuating
dh
workloads. This includes two primary categories of applications:

• Web Applications: These are highly interactive, complex systems that handle varying user demands. Web
2.0 technologies enable rich user experiences and facilitate the seamless delivery of enterprise-grade
applications through the internet. These applications require dynamic resource allocation to handle
unpredictable workloads efficiently.
ai
• Resource-Intensive Applications: These include compute-intensive or data-intensive applications, such as
scientific research or large-scale simulations. These applications often demand substantial computational
power for short durations, making cloud computing an economical and practical solution.

Cloud computing supports these applications by:

1. Offering scalable compute power, storage, and networking resources.

2. Providing runtime environments tailored for dynamic resource allocation.

3. Delivering managed application services resembling desktop software.

 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

Developers use Web-based RESTful interfaces for accessing cloud services, ensuring simplicity and ease of
integration.

1.3.2 Infrastructure and System Development

Cloud systems are inherently distributed, requiring expertise in distributed computing, virtualization, Web 2.0
technologies, and service orientation. Key challenges and considerations include:

• Distributed Computing: Cloud systems are dynamic, provisioning resources on demand. Engineers must
manage this dynamism effectively, particularly when deploying Infrastructure-as-a-Service (IaaS) or
Platform-as-a-Service (PaaS) solutions.

• Service Orientation: Service-oriented architectures (SOA) underpin cloud systems, enabling the seamless
@
integration of services into existing applications. The "Everything-as-a-Service" (XaaS) model highlights
this paradigm.

• Web 2.0: Web services and interfaces are crucial for accessing and managing cloud systems
programmatically or through browsers.
VT
• Virtualization: Virtualization underlies cloud infrastructure. Developers must understand the limitations
and manage the volatility of virtual environments, whether dealing with virtual hardware or runtime
abstractions.

These considerations influence the design of cloud-based systems, focusing on managing surges in demand,
component replication, and system resilience.
U
1.3.3 Computing Platforms and Technologies
Cloud application development leverages various platforms and frameworks, ranging from basic infrastructure to
pa
specialized, customizable services. These platforms enable developers to focus on application functionality while
relying on the cloud for scalability, reliability, and resource management.

1.3.3.1 Amazon Web Services (AWS)

dh
AWS is a leading provider of cloud infrastructure and services, offering a comprehensive suite of tools. Key features
include:

• Elastic Compute Cloud (EC2): Customizable virtual hardware for deploying computing systems.

o Options include GPU and cluster instances.

ai
o Supports deployment via AWS console or Web services API.

o Allows saving running instances as templates (images) stored in S3.

• Simple Storage Service (S3): Persistent, scalable storage organized into buckets for storing binary objects
of any size.

• Additional Services: Networking, DNS, caching, databases (relational and non-relational), and more.
 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

1.3.3.2 Google AppEngine

AppEngine is a scalable runtime environment for Web applications, providing high performance and dynamic
scaling.

• Features:

o Secure execution environment for applications.

o Services like in-memory caching, scalable data storage, job queues, messaging, and cron tasks.

• Development Support:

o SDK for local development and testing.

@
o Easy migration to the AppEngine environment with cost management via quotas.

• Supported Languages: Python, Java, Go.

1.3.3.3 Microsoft Azure

VT
Azure provides a scalable cloud platform for Web and distributed applications.

• Roles:

o Web Role: Hosts Web applications.

U
o Worker Role: Generic container for workload processing.

o Virtual Machine Role: Fully customizable virtual environments, including OS configurations.

• Additional Services:
pa
o Relational data storage, blob storage, networking, caching, and content delivery.

1.3.3.4 Apache Hadoop

dh
Hadoop is an open-source framework for processing large data sets using commodity hardware.

• Core Components:

o MapReduce: Programming model for data processing.

▪ Map: Transforms and synthesizes input data.

ai
▪ Reduce: Aggregates map outputs.

o HDFS (Hadoop Distributed File System): Scalable storage for large data sets.

• Enterprise Usage:

o Yahoo! sponsors and uses Hadoop extensively for its cloud infrastructure.
 @VTUpadhai – Cloud Computing (21CS72) – Module 1 Notes

1.3.3.5 Force.com and Salesforce.com

Force.com is a platform for creating social enterprise applications and forms the foundation of Salesforce.com.

• Features:

o Ready-to-use components for enterprise applications.

o Support for custom components and integration with AppExchange.

• Development Capabilities:

o Design of data layouts, business rules, workflows, and user interfaces.

o Web services for accessing functionalities and hosted applications.

@
1.3.3.6 Manjrasoft Aneka

Aneka is a cloud application platform enabling scalable application development and deployment.
VT
• Programming Abstractions:

o Supports tasks, distributed threads, and MapReduce models.

• Runtime Environment:

o Distributed and service-oriented, deployable on heterogeneous hardware.

U
o Dynamic integration of resources on demand.

• Services:
pa
o Runtime management includes scheduling, execution, billing, storage, and quality of service.
dh
ai
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

Virtualization: Introduction, Characteristics of Virtualized, Environments Taxonomy of

Virtualization Techniques, Execution Virtualization, Other Types of Virtualizations, Virtualization
and Cloud Computing, Pros and Cons of Virtualization, Technology Examples

Virtualization Overview
Definition: Virtualization refers to technologies and methods used to create an abstract execution
environment, allowing applications to run in secure, customizable, and isolated settings, even on shared
physical infrastructure. Virtualization is a transformative technology with extensive applications in
modern IT infrastructure and cloud computing. It offers efficiency, scalability, and flexibility, addressing
challenges like underutilization, energy costs, and administrative overheads. As computing environments
@
evolve, virtualization continues to be a cornerstone of innovation in delivering scalable and sustainable IT
solutions.
Key Concept: Virtualization enables a program to emulate a separate environment for running
applications, distinct from the host environment, enhancing resource utilization, flexibility, and security.
VT
Example: A virtual machine running Windows OS on a Linux-hosted system.
Importance:
• Facilitates Infrastructure-as-a-Service (IaaS) in cloud computing.
• Delivers scalable, cost-efficient systems.
U
• Enables multiple virtualization types, including storage, memory, and networking.
Factors Driving Virtualization Adoption
pa
1. Increased Performance and Computing Capacity:
o Modern PCs and servers are highly powerful, often underutilized.
o These systems can efficiently host Virtual Machine Managers (VMMs) and virtual
machines (VMs).
dh
o Example: Supercomputers running thousands of VMs without performance issues.
2. Underutilized Hardware and Software Resources:
o Current IT infrastructure often operates below capacity.
ai
o Many resources, such as office PCs, remain idle during non-work hours.
o Virtualization repurposes these idle resources for other tasks, maximizing infrastructure
efficiency.
3. Lack of Space in Data Centers:
o Enterprises face challenges in expanding physical data centers due to space constraints
and cost.
o Virtualization facilitates server consolidation, reducing the physical footprint by
aggregating multiple workloads onto fewer servers.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

o Example: Hosting multiple services on a single server instead of using separate machines.
4. Environmental and Energy Efficiency (Greening Initiatives):
o Data centers consume significant power for server operation and cooling systems.
o Virtualization reduces server counts, lowering energy consumption and carbon footprints.
o Cooling demands decrease with fewer physical servers.
5. Rising Administrative Costs:
o Costs for power, cooling, and personnel for maintaining servers are escalating.
o Virtualization reduces the number of physical servers required, lowering administrative
@
workloads such as hardware monitoring, updates, and backups.

Virtualization Evolution and Adoption Milestones

VT
1. Programming Language-Level Virtualization:
o In 1995, Sun Microsystems introduced Java, enabling cross-platform virtual
environments for small applets and enterprise-class applications.
o Microsoft launched the .NET Framework in 2002, supporting multiple languages and
integrating with existing Microsoft technologies.
U
o Google adopted Java and Python, further showcasing the efficiency of virtualized
environments for managed code execution.
pa
2. Server Consolidation:
o Server consolidation, a direct application of hardware virtualization, aggregates multiple
services on a single physical server.
o Benefits: Reduces underutilization, energy consumption, and space needs in data centers.
dh
3. Virtual Machine-Based Models:
o Virtual machines (VMs) support secure and isolated application execution without
compromising host environments.
ai
o The rise of VM-based languages and tools demonstrated the readiness of virtualization
for enterprise solutions with minimal performance trade-offs.
Virtualization Components
1. Guest:
o Represents the system that interacts with the virtualization layer rather than directly with
the host.
o Examples: Virtual machines, applications, or clients accessing virtual storage or
networks.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

2. Host:
o The underlying physical environment, including hardware and operating systems, where
virtualization is implemented.
3. Virtualization Layer:
o Manages the virtual environment and translates operations between the guest and host.
o Examples: Virtual Machine Managers (VMMs) like VMware, Hyper-V, or VirtualBox.
@
VT

Applications of Virtualization
U
1. Hardware Virtualization:
o Virtual hardware allows running system images (OS and applications) independently of
pa
the host.
o Example: A virtual machine running on VMware or VirtualBox.
2. Virtual Storage:
o Clients or users interact with a software layer that emulates storage, such as virtual drives
dh
or cloud storage solutions.
3. Virtual Networking:
o Uses virtualized environments like VPNs to simulate a specific network.
ai
o Example: A VPN creates the illusion of being part of a remote network, enabling access
to restricted resources.

Characteristics of Virtualized Environments

1. Increased Security:
o Virtualization creates isolated environments, protecting the host from harmful operations
of guests.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

o Example: Sandboxed environments in Java Virtual Machine (JVM) restrict untrusted

applets from accessing sensitive resources.
o Tools: VMware, VirtualBox, and Parallels provide virtual environments with default
separation from the host system.
2. Managed Execution:
@

o Virtualization supports advanced features such as sharing, aggregation, emulation, and

VT
isolation:
▪ Sharing: Multiple guests share the host’s physical resources, maximizing
utilization.
▪ Aggregation: Combines resources from multiple hosts to appear as a single
U
virtual resource. Example: Cluster management software.
▪ Emulation: Virtualizes environments or devices not present in the host.
Example: Running legacy software on emulated hardware.
pa
▪ Isolation: Keeps guest activities separate from each other and the host,
preventing interference and enhancing stability.
o Performance Tuning:
▪ Adjusts virtual resource allocation to meet SLAs or QoS requirements.
dh
▪ Example: Allocating specific memory or CPU capacity to virtual machines.
o Migration:
▪ Captures and moves a guest's state to another host.
ai
▪ Example: Xen Hypervisor enables live migration to optimize data center
workloads.
3. Portability:
o Hardware Virtualization:
▪ Virtual images (guest environments) can be moved and executed across different
hosts.
▪ Example: Migrating a VMware virtual machine between servers.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

o Programming-Level Virtualization:
▪ Platforms like JVM or .NET allow applications to run on multiple systems
without recompilation.
o User Flexibility:
▪ Enables users to carry and deploy their system environments wherever a
▪ compatible virtualization platform exists.

Virtualization Techniques
@
Virtualization is the process of creating a virtual version of a physical entity, such as hardware, storage, or
network resources. It allows the emulation of one or more systems or services on a single physical
platform, enabling better utilization, isolation, and flexibility. Here’s a detailed breakdown:
VT
Taxonomy of Virtualization
Virtualization can be categorized based on the entity being emulated:
1. Execution Virtualization
Focuses on emulating the execution environment for applications or operating systems.
U
o

o Most developed and widely used form of virtualization.

o Further classified into:
pa
▪ Process-Level Virtualization
▪ System-Level Virtualization
2. Storage Virtualization
dh
o Abstracts physical storage into virtual pools that can be managed more efficiently.
o Examples include SAN (Storage Area Networks) and NAS (Network-Attached Storage).
3. Network Virtualization
ai
o Combines hardware and software network resources into a single, virtual network.
o Examples include SDN (Software-Defined Networking) and VLANs (Virtual Local Area
Networks).
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

@
Execution Virtualization Techniques
1. Process-Level Virtualization
VT
• Definition:
Virtualizes at the process level, running on top of an existing operating system.
• How it Works:
o The virtualization layer provides isolated environments for applications.
U
o These environments mimic individual operating systems but share the host's kernel.
• Benefits:
pa
o Lightweight and efficient since it does not emulate the entire OS.
o Ideal for running isolated instances of applications on the same system.
• Examples:
dh
o Docker: A containerization platform that packages applications with their dependencies.
o LXC (Linux Containers): Provides lightweight virtualization at the operating system
level.
• Use Cases:
ai
o Cloud-native applications.
o Continuous integration and deployment pipelines.
2. System-Level Virtualization
• Definition:
Virtualizes at the hardware level to provide a complete virtual machine environment.
• How it Works:
o Implemented directly on hardware or with minimal dependency on the host OS.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

o Provides each virtual machine (VM) with an environment closely resembling physical
hardware.
• Benefits:
o Supports multiple operating systems running simultaneously on the same physical
machine.
o Higher isolation compared to process-level virtualization.
• Techniques:
o Full Virtualization:
@
▪ Emulates the complete hardware environment, allowing unmodified guest
operating systems.
▪ Example: VMware ESXi, Microsoft Hyper-V.
o Paravirtualization:
VT
▪ Requires modifications to the guest OS to interact more efficiently with the
hypervisor.
▪ Example: Xen Hypervisor.
o Partial Virtualization:
U
▪ Emulates parts of the hardware environment, requiring some support from the
guest OS.
pa
▪ Used for specialized use cases where full virtualization is unnecessary.
• Use Cases:
o Hosting multiple virtual machines on a single physical server.
o Disaster recovery and testing.
dh

Virtualization Techniques and Models

1. Emulation
ai
• Creates an environment mimicking a different hardware or system architecture.
• Applications or operating systems run unmodified.
• Slower due to the need for complete hardware simulation.
2. Hardware-Assisted Virtualization
• Modern processors provide direct support for virtualization through features like Intel VT-x and
AMD-V.
• Enhances the performance and efficiency of system-level virtualization.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

3. High-Level Virtual Machines (VMs)

• Emulate entire operating systems or execution environments at a high level.
• Examples include JVM (Java Virtual Machine) for running Java applications.
4. Multiprogramming
• A simpler form of execution virtualization, allowing multiple programs to share CPU time
efficiently.

Machine Reference Model

@
The Machine Reference Model is essential for understanding how virtualization is implemented at
different levels of the computing stack. It abstracts complex operations into manageable layers, enabling
efficient multitasking, system development, and security.
Components of the Machine Reference Model
VT
1. Instruction Set Architecture (ISA):
o Definition:
The lowest level of abstraction that defines the processor's instruction set, including
registers, memory access, and interrupt handling.
U
o Purpose:
▪ Forms the interface between hardware and software.
pa
▪ Essential for system-level programming and application-level interactions.
o Types:
▪ System ISA: For OS developers, enabling hardware management.
▪ User ISA: For application developers, focusing on user-level interactions.
dh
2. Application Binary Interface (ABI):
o Definition:
The interface between the operating system and applications, providing low-level
program execution details.
ai
o Purpose:
▪ Defines calling conventions, data types, and memory alignment.
▪ Ensures application portability across different operating systems adhering to the
same ABI.
o Examples:
▪ System calls used by applications to request OS-level services.
3. Application Programming Interface (API):
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

o Definition:
The highest abstraction level, facilitating interaction between applications and system
libraries or OS services.
o Purpose:
▪ Simplifies high-level programming by abstracting system complexities.
▪ Offers functions for developers to build robust applications.
@
VT

Security and Privileged Execution

• Instruction Categories:
U
o Privileged Instructions:
▪ Impact shared resources or the processor's privileged state.
pa
▪ Executed only in supervisor mode (Ring 0).
▪ Examples: Modifying CPU registers, I/O operations.
o Non-Privileged Instructions:
▪ Operate in user mode (Ring 3).
dh
▪ Examples: Arithmetic or logic operations.
• Ring-Based Security Model:
o Ring 0 (Supervisor Mode): Full hardware access for OS kernels.
ai
o Ring 3 (User Mode): Restricted access for user applications.
o Modern architectures simplify this model to two levels for ease of use and security.
Hypervisor and Execution Modes
• Role of Hypervisor:
o A software layer managing multiple virtual machines (VMs).
o Ensures isolation and fair distribution of hardware resources.
o Handles sensitive instructions to maintain system integrity.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

• Challenges with Early ISAs:

o Some sensitive instructions were executable in user mode, posing security risks.
o New ISA features like Intel VT-x and AMD-V resolved this by ensuring sensitive
instructions run only in privileged mode.

Hardware-Level Virtualization
1. Key Components:
o Host: Physical computer hardware.
@
o Guest: Operating systems running in the virtual environment.
o Virtual Machine: Emulation of hardware, running guest OSs.
o Hypervisor (Virtual Machine Manager): Abstracts hardware to manage multiple VMs.
VT
2. Types of Hypervisors:
o Type I (Bare-Metal Hypervisors):
▪ Run directly on hardware without a host OS.
▪ Efficient and high-performing.
U
▪ Examples: VMware ESXi, Microsoft Hyper-V, Xen.
o Type II (Hosted Hypervisors):
pa
▪ Operate as an application within a host OS.
▪ Easier to set up but less efficient.
▪ Examples: VMware Workstation, Oracle VirtualBox.
dh
ai

Virtual Machine Manager (VMM) Design

1. Dispatcher: Routes VM instructions to appropriate VMM modules.
2. Allocator: Allocates resources (CPU, memory, I/O devices) to VMs.
3. Interpreter: Traps privileged instructions and executes corresponding routines.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

Goldberg and Popek Criteria for Virtualization –

@
The criteria established by Gerald J. Popek and Robert P. Goldberg define the requirements for a
computer architecture to support efficient virtualization. These criteria are crucial for the design of virtual
machine managers (VMMs) and for ensuring that a guest operating system can run correctly within a
virtualized environment. The core principles can be summarized as follows:
VT
• Equivalence: A program running under the control of a VMM should exhibit behavior that is
essentially identical to its behavior when executed directly on an equivalent machine. This means
that the guest operating system should not be able to detect that it is running in a virtualized
environment.
• Resource Control: The VMM must maintain complete control over the virtualized resources.
U
This ensures that the VMM can manage and allocate resources effectively among the various
virtual machines and can prevent interference between them.
• Efficiency: A statistically dominant fraction of the machine instructions should be executed
pa
without intervention from the VMM. In other words, most of the instructions should run directly
on the hardware without needing to be trapped or emulated by the VMM. This is crucial for
minimizing performance overhead introduced by virtualization.
Instruction Set Classification and Virtualization Popek and Goldberg also classified instructions based
dh
on their behavior within a virtualized environment. They proposed three theorems that define the
properties that hardware instructions need to satisfy to efficiently support virtualization:
• Sensitive Instructions: These instructions affect the state or behavior of the system. They must
be handled carefully in a virtualized environment to ensure proper isolation and control.
ai
o Sensitive instructions are divided into two categories:
▪ Control-sensitive instructions affect the control flow of the system.
▪ Behavior-sensitive instructions affect the behavior of system resources or state.
• Privileged Instructions: These instructions can only be executed in a privileged mode of
operation, typically by the operating system kernel. In a virtualized environment, they need to be
controlled by the VMM.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

Theorems for Virtualization The following theorems outline the requirements for an ISA to be
virtualizable:
• Theorem 1 (Virtualizability): For any conventional third-generation computer, a VMM may be
constructed if the set of sensitive instructions for that computer is a subset of the set of privileged
instructions. This theorem states that all instructions that modify the system's configuration
should generate a trap in user mode, allowing them to be executed under the control of the VMM.
This allows hypervisors to control the instructions that would reveal the presence of an
abstraction layer while executing the rest of the instructions without intervention.
• Theorem 2 (Recursive Virtualizability): A conventional third-generation computer is
recursively virtualizable if it is virtualizable (satisfies Theorem 1) and a VMM without any timing
dependencies can be constructed for it. Recursive virtualization allows nesting hypervisors,
@
meaning a VMM can run on top of another VMM, as long as resources are sufficient.
• Theorem 3 (Hybrid VMM): A hybrid VMM may be constructed for any conventional third-
generation machine where the set of user-sensitive instructions is a subset of the set of privileged
instructions. This theorem introduces the concept of hybrid virtual machine (HVM), where more
VT
instructions are interpreted instead of being executed directly, making it less efficient than a
virtual machine system.
Implications of the Criteria
• The criteria and theorems provide guidelines for the design of virtualizable architectures. If these
conditions are not met, virtualization may not be possible or could introduce significant
U
performance overhead.
• The x86 architecture, for example, did not initially meet the formal requirements established by
pa
Popek and Goldberg. This is why early virtualization products used binary translation to trap
sensitive instructions.
• Hardware extensions such as Intel VT and AMD-V were introduced to address this limitation by
providing hardware support for virtualization, which improves performance and reduces the
overhead.
dh
In summary, the Popek and Goldberg criteria provide a formal framework for understanding and
implementing efficient virtualization. These criteria are fundamental to the design of VMMs and the
development of virtualized environments.
Virtualization Techniques
ai
Hardware-Assisted Virtualization: This technique uses specific hardware features, such as Intel VT
(Intel Virtualization Technology) and AMD-V, to enhance virtualization. These technologies provide
direct support for virtual machine managers (hypervisors) to run guest operating systems in isolated
environments, improving performance by reducing the reliance on software-based emulation. This results
in better efficiency and faster execution of virtual machines, especially when handling multiple guest
OSes concurrently.
Full Virtualization: Full virtualization allows a guest OS to run in an isolated environment, using
complete hardware emulation without requiring modifications to the guest OS. This method provides
strong isolation and security, but it may face performance limitations, particularly when the guest OS
attempts to execute privileged instructions. To mitigate these performance challenges, hardware-assisted
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

virtualization is often used in conjunction with full virtualization, ensuring more efficient management of
virtual machines.
Paravirtualization: In paravirtualization, the guest operating system is modified to work directly with
the hypervisor for certain operations, such as I/O or memory management, to enhance performance. This
technique requires access to the guest OS's source code for modification, making it more suitable for
open-source systems. Paravirtualization improves performance by eliminating the need for full hardware
emulation, but it limits compatibility to modified guest OSes. An example of paravirtualization is the Xen
hypervisor.
Partial Virtualization: Partial virtualization involves emulating only parts of the system's hardware,
allowing certain applications or processes to operate in isolated environments, while the guest OS may
not require full emulation. This technique is used in scenarios where complete isolation of the OS isn't
@
necessary. An example of partial virtualization is address space virtualization, which isolates memory
spaces for different users or applications in time-sharing systems, offering efficient resource sharing.
Operating System-Level Virtualization: In OS-level virtualization, multiple isolated user-space
instances are created within the same OS kernel. Each instance behaves like a separate environment,
VT
enabling the concurrent execution of different applications or services in isolated contexts. Unlike
hardware virtualization, there is no need for a hypervisor, as the OS itself manages the separation. This
approach is efficient in scenarios where multiple applications share the same OS, like FreeBSD Jails,
Solaris Zones, and OpenVZ, providing resource isolation without the overhead of full virtualization.
Programming Language-Level Virtualization: This form of virtualization allows programs to be
U
executed in a managed environment across different platforms and operating systems. It uses a virtual
machine (VM) to execute bytecode generated from a program's source code, enabling the program to run
on any platform with a corresponding virtual machine. Virtual machines simplify deployment and
increase portability since the same bytecode can run across multiple systems without modification. The
pa
virtual machine abstracts the underlying hardware and typically uses either interpretation or just-in-time
(JIT) compilation for execution. Java’s platform and .NET Framework are notable examples of
programming language-level virtualization, where a uniform execution environment is provided across
diverse platforms.
dh
Application-Level Virtualization: This technique allows applications to run in environments that may
not natively support all required runtime features, such as libraries or OS components. Rather than
installing the application directly on the host system, the application runs in an isolated environment that
provides necessary support, often using partial file systems or library emulation. The process may involve
either interpretation or binary translation to adapt the application to the host system. Application-level
ai
virtualization is lighter than hardware virtualization and is effective for running incompatible or missing
libraries, as seen in tools like Wine for running Windows applications on Unix-like systems. It supports
specific environments and is often used for isolating individual applications without the need for full
system emulation.
Other Types of Virtualisation
Storage Virtualization: Storage virtualization is a technique that abstracts the physical organization of
storage hardware from its logical representation, making it easier for users to access and manage data
without worrying about its physical location. This approach consolidates multiple storage devices into a
unified virtual storage system, often using technologies like Storage Area Networks (SANs) for network-
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

based virtualization. SANs enable large bandwidth connections to storage devices, allowing for efficient
data management and scalability across various storage resources.
Network Virtualization: Network virtualization combines physical hardware with software to create
virtual networks. This can involve aggregating multiple physical networks into a single logical network
(external network virtualization), such as creating a Virtual LAN (VLAN), or providing virtual network
interfaces for operating system partitions (internal network virtualization). Internal network virtualization
often accompanies other types of virtualization, such as hardware or OS-level virtualization, allowing
virtual machines (VMs) to communicate through shared or private network interfaces using techniques
like Network Address Translation (NAT).
Desktop Virtualization: Desktop virtualization separates the desktop environment from the physical
hardware, allowing users to access their desktop remotely through a client-server model. The desktop
@
environment is typically hosted on a server or data center, providing high availability, persistence, and
accessibility across multiple devices. This enables users to access a consistent desktop experience from
any location. Common tools and platforms for desktop virtualization include Windows Remote Services,
VNC, and Citrix XenDesktop, with cloud-based solutions offering scalability and centralized
VT
management of desktop environments.
Application Server Virtualization: Application server virtualization abstracts and consolidates multiple
application servers into a single virtual server, utilizing load-balancing strategies and high-availability
infrastructure to ensure reliable service delivery. This approach improves service quality by providing
greater scalability and flexibility, similar to storage virtualization. By virtualizing the application server
layer, organizations can optimize resource usage, ensure fault tolerance, and deliver more efficient
U
services to users.
pa
Virtualization plays a central role in cloud computing, providing the necessary abstraction, isolation, and
flexibility for delivering IT services on demand. It is a core feature of the infrastructure used by cloud
providers.Here's a breakdown of the key roles virtualization plays in cloud computing:
• Abstraction and Resource Management: Virtualization abstracts the underlying physical
resources (hardware, storage, networking), allowing them to be presented as virtual resources to
dh
users. This abstraction simplifies resource management, making it easier to allocate, share, and
control resources.
o Virtualization enables the creation of different computing environments. These
environments are called virtual because they simulate the interface that is expected by a
ai
guest.
o Virtual hardware is used to provide compute on demand in the form of virtual machine
instances.
o Storage virtualization allows decoupling the physical organization of the hardware from
its logical representation.
o Network virtualization combines hardware appliances and specific software for the
creation and management of a virtual network.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

• Infrastructure-as-a-Service (IaaS): Virtualization is the fundamental technology for delivering

IaaS solutions. IaaS provides users with customizable infrastructure on demand, including virtual
hardware, storage, and networking.
o Hardware virtualization is a key component for IaaS, providing configurable computing
environments.
o Virtual machines (VMs) are the basic building blocks of a cloud computing
infrastructure, particularly for IaaS providers. They represent the unit of deployment for
addressing user requests.
o IaaS solutions provide the benefits of hardware virtualization such as workload
partitioning, application isolation, sandboxing, and hardware tuning.
@
• Platform-as-a-Service (PaaS): Virtualization, especially programming language virtualization, is
leveraged in PaaS offerings. PaaS provides a development and deployment platform for running
applications in the cloud.
o Virtualization technologies are used to replicate runtime environments for programs.
VT
• Isolation and Security: Virtualization creates isolated and controllable environments, allowing
multiple users to share the same resources without interference.
o Virtual machines operate in complete isolation from each other.
o The ability to control the execution of a guest in a transparent manner enables the
U
delivery of a secure, controlled execution environment.
o Virtualization provides an opportunity for improving security in a cloud computing
environment by isolating services running on the same hardware.
pa
• Customization and Flexibility: Virtualization confers the necessary degree of customization,
control, and flexibility for building production and enterprise systems. It allows users to have
customized software stacks on demand.
• Scalability and Elasticity: Virtualization enables the dynamic provisioning of resources,
dh
allowing systems to scale up or down based on demand. Virtualization allows for the creation of
elastically scalable systems that can provision additional capabilities with minimum cost.
o Virtual machine migration allows applications to move from one platform to another to
improve performance and reliability.
ai
• Efficient Resource Utilization: Virtualization allows for better exploitation of IT infrastructure.
o It helps reduce the number of required servers for a given workload, thus reducing
administrative costs.
o Virtualization allows for server consolidation by supporting multiple virtual machines on
a single physical server.
• Simplified Management: Virtualization simplifies the management of IT resources by allowing
administrators to manage virtual machines instead of physical hardware.
o Virtualization makes it easier to manage and migrate virtual environments.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

• Enabling Cloud Services: Cloud computing is realized through platforms that leverage
virtualization to provide on-demand services to a multitude of users across the globe.
Types of Virtualization Used in Cloud Computing:
• Hardware Virtualization: This is a core technology used in cloud computing to provide virtual
hardware. It allows for the coexistence of different software stacks on the same hardware.
o Type I and Type II hypervisors are used in cloud computing.
• Programming Language Virtualization: This type is leveraged in PaaS offerings.
• Storage Virtualization: This is used to decouple the physical organization of storage from its
logical representation.
@
• Network Virtualization: This is used to create and manage virtual networks.
• Desktop Virtualization: This abstracts the desktop environment available on a personal
computer.
VT
Advantages of Virtualization
1. Managed Execution and Isolation
Virtualization enables the creation of secure, isolated environments where harmful operations are
restricted. These environments ensure better control over computing resources and are crucial for
server consolidation. By isolating workloads, virtualization enhances security and reduces the risk
U
of interference between applications or systems. This capability is particularly valuable in IT
environments that require strict management of resources and robust security protocols.
2. Portability
pa
One of the standout advantages of virtualization is the ease of portability. Virtual machines are
encapsulated as files, making them simple to transfer between systems. This feature simplifies the
migration of workloads across different hardware or data centers and enhances the flexibility of
managing applications in diverse environments. Portability ensures that virtualized systems
remain operational regardless of underlying hardware changes, making administration seamless.
dh
3. Resource Efficiency
Virtualization allows multiple systems to share the same physical hardware resources without
interference. By maximizing the utilization of available computing power, organizations can
reduce the number of physical servers required. This leads to cost savings and more efficient use
of resources, particularly in environments where hardware is often underutilized.
ai
4. Cost Reduction
With virtualization, organizations can achieve significant cost savings by reducing the need for
physical machines. This translates into lower expenses for hardware acquisition, maintenance,
and energy consumption. Fewer physical servers also result in reduced cooling requirements,
contributing to energy conservation and minimizing environmental impact. Virtualization is an
effective strategy for businesses looking to optimize costs while maintaining robust IT operations.
5. Security
Virtualization provides a controlled, sandboxed environment for applications, reducing the risk of
harmful software affecting the underlying system. Each virtual machine operates independently,
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

ensuring that vulnerabilities or malware in one machine do not compromise the entire system.
This layered security approach makes virtualization a critical component in protecting sensitive
data and maintaining system integrity.
6. Dynamic Resource Allocation
Virtualization supports dynamic allocation of resources, enabling systems to adapt to changing
workload demands in real time. This flexibility is especially beneficial for applications that
experience fluctuating loads, such as web servers or cloud-based services. By adjusting resources
dynamically, virtualization ensures optimal performance and scalability, reducing the likelihood
of system bottlenecks.
@
Disadvantages of Virtualization
1. Performance Degradation
The additional layer introduced by virtualization can increase latency and reduce overall system
performance. This issue is especially noticeable in hardware virtualization, where the overhead of
VT
managing virtual processors, privileged instructions, and paging can slow down operations.
Performance-sensitive applications may experience noticeable delays compared to running
directly on physical hardware.
2. Inefficiency and Degraded User Experience
Due to the abstraction layer, virtual machines may not have full access to specific hardware
features or drivers. This limitation can lead to inefficiencies or reduced capabilities within
U
virtualized environments. For instance, some hardware-intensive applications may not perform
optimally, impacting user experience and overall system efficiency.
pa
3. Security Vulnerabilities
While virtualization enhances security in many ways, it can also introduce new vulnerabilities.
Malicious software, such as BluePill or SubVirt, can exploit weaknesses in virtual environments
to compromise the host system. These threats highlight the importance of robust security
measures and regular updates to hypervisors and virtualization platforms to mitigate risks.
dh
4. Complexity in Resource Management
Virtualization adds complexity to resource management, requiring advanced tools and expertise
to balance workloads and allocate resources effectively. Mismanagement of virtualized
environments can lead to resource contention or inefficiencies, negatively impacting
performance. Organizations must invest in proper training and tools to ensure smooth and
ai
efficient virtualization management.

Xen Paravirtualization :
1. Overview of Xen Virtualization:
o Xen is an open-source virtualization platform based on paravirtualization, developed by
the University of Cambridge and now supported by a large community, with Citrix
offering a commercial version (XenSource).
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

o Xen can be used for desktop virtualization, server virtualization, and cloud computing
solutions (e.g., Xen Cloud Platform or XCP).
o The core component of Xen is the Xen Hypervisor, responsible for managing and
controlling access to hardware resources for virtual machines (VMs).
2. Xen Paravirtualization:
o Paravirtualization allows for high-performance guest operating systems by modifying
parts of the guest OS to directly interact with the hypervisor, especially for handling
privileged instructions.
o This results in better performance compared to full virtualization, where guest OSes run
unmodified. It achieves this by eliminating performance penalties associated with
@
emulating privileged instructions in hardware.
3. Modification of Guest OS:
o Unlike full virtualization, which is transparent to the guest OS, paravirtualization requires
VT
modifications to the guest OS.
o The guest OS must use hypercalls (special calls provided by the hypervisor) instead of
privileged system calls that would normally require kernel-mode access.
4. Xen's Hypervisor:
U
o Xen's hypervisor runs at the highest privileged level (Ring 0) and manages resources such
as memory, CPU, and I/O devices for guest operating systems.
o Guest operating systems run in separate domains, where Domain 0 (also known as
pa
Dom0) has special privileges and manages VM creation, configuration, and termination.
5. Domain 0 (Dom0):
o Domain 0 is the first domain to boot when Xen is initialized. It controls and manages
virtual machine instances.
dh
o Dom0 includes an HTTP server for managing virtual machines and can be thought of as
the management layer for the virtual environment.
6. Xen and x86 Architecture:
ai
o Xen operates on the x86 architecture using a privilege model with different "rings"
(levels of CPU privilege). Ring 0 is the most privileged, and Ring 3 is the least
privileged.
o The Xen hypervisor runs in Ring 0, Domain 0 operates in Ring 1, and user applications
run in Ring 3.
7. Handling Privileged Instructions:
o Certain instructions in the x86 architecture allow code running in Ring 3 (user space) to
directly access Ring 0 (kernel mode). This access would normally cause faults in a
virtualized environment.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

o To manage this, Xen prevents such instructions from being executed in a virtualized
environment by trapping them and handling them through hypercalls, ensuring that the
system remains stable.
8. Operating Systems for Xen:
o Paravirtualization requires guest operating systems to be modified to use hypercalls.
Open-source operating systems like Linux can be easily adapted because their source
code is accessible.
o Windows operating systems generally do not support Xen unless hardware-assisted
virtualization is available. This is because Windows cannot be modified in the same way
as Linux.
@
9. Limitations and Compatibility:
o Xen's paravirtualization model has some limitations, particularly with legacy hardware
and older operating systems that cannot be modified.
VT
o However, the introduction of hardware-assisted virtualization (e.g., Intel VT or AMD-V)
has helped overcome these issues, allowing Xen to support full virtualization, where the
hypervisor can run in Ring 1 and the guest OS in Ring 0.
U
pa
dh
Explanation of the Figure (Xen Architecture):
• Xen Hypervisor (Ring 0):
ai
o The Xen Hypervisor runs in the highest privilege level, Ring 0. It is responsible for
managing resources, including CPU state, memory, and I/O devices, across all domains.
• Domain 0 (Ring 1):
o Domain 0 (Dom0) is the special control domain that has access to the hypervisor and
manages the virtual machines. It acts as a management interface, creating and terminating
virtual machines, and provides administrative services like a web interface for VM
control.
• Guest Domains (Domain U, Ring 1):
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

o Domain U refers to guest operating systems that run in Xen virtualized environments.
These guest OSes are modified to use hypercalls for system calls that would normally be
privileged (e.g., memory management, I/O operations).
o They run in Ring 1, where they interact with the Xen hypervisor to access hardware
resources safely. This differs from full virtualization, where the guest OS would normally
run in Ring 0.
• User Applications (Ring 3):
o Applications running within the guest OS run in the least privileged level, Ring 3, which
is the user mode.
• Hypercall Mechanism:
@
o When a guest OS makes a system call that requires privileged access (e.g., memory
management), it triggers a trap to the hypervisor. The hypervisor handles this instruction
and returns control back to the guest OS with the appropriate result, ensuring that no
unauthorized access to Ring 0 occurs.
VT
• Hardware Interaction:
o The Xen architecture ensures that guest OSes cannot directly execute privileged hardware
instructions in Ring 0, preventing potential crashes or faults in a virtualized environment.
Instead, Xen captures these privileged operations and manages them through the
U
hypervisor.

VMware Full Virtualization Technology

pa
1. Full Virtualization:
o VMware replicates the underlying hardware entirely.
o Guest OS runs unmodified and unaware of the virtualization layer.
dh
o Achieved via binary translation (for sensitive instructions) and direct execution (for
non-sensitive instructions).
2. Hypervisors:
ai
o Type I Hypervisors (e.g., VMware ESXi): Installed directly on hardware (bare metal).
o Type II Hypervisors (e.g., VMware Workstation): Run on top of an existing OS.
3. Binary Translation:
o Translates sensitive instructions into a set of safe instructions.
o Uses caching to improve performance by reusing translated instructions.
o Allows virtualization of x86 architecture without OS modification.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

4. Hardware-Assisted Virtualization:
o Introduced with Intel VT-x and AMD-V (2006 onward).
o Supports direct virtualization of x86 architecture by simplifying instruction translation.
VMware Components and Solutions:
1. End-User (Desktop) Virtualization:
o VMware Workstation (Windows/Linux): Creates isolated environments for different
OSs on a single desktop.
o VMware Fusion (macOS): Virtualizes Windows/Linux environments on macOS.
@
2. Server Virtualization:
o VMware GSX Server: Early solution for server virtualization with remote management
capabilities.
VT
o VMware ESX/ESXi:
▪ ESXi features a minimal OS kernel (VMkernel) for efficient resource
management.
▪ Offers centralized management, resource scheduling, and integration with
network and storage systems.
U
3. Infrastructure Virtualization:
o VMware vSphere: Combines virtualized servers into a unified infrastructure.
pa
o VMware vCloud: Provides IaaS solutions with self-service provisioning for virtual
environments.
4. Cloud and Application Solutions:
o vFabric: Scalable Java application development on virtualized infrastructure.
dh
o Zimbra: SaaS for email and collaboration, fully hosted in the cloud.
ai

Figure 3.12: Full Virtualization Reference Model

 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

1. Guest OS (Unmodified):
o Runs in Ring 1 and is unaware of the hypervisor.
o Sensitive instructions (e.g., privileged calls) are intercepted by the hypervisor.
2. Hypervisor:
o Operates in Ring 0 (highest privilege).
o Performs binary translation of sensitive instructions.
o Caches translated instructions for efficiency.
3. Direct Execution:
@
o Non-sensitive instructions run directly on hardware without translation.
VT
U
pa

Figure 3.13: VMware Workstation Architecture

dh
1. Host OS:
o Provides the base for the VMware Workstation application.
o Includes a VMware driver for managing hardware access.
ai
2. VMware Application:
o Creates and manages virtual machine instances.
o Handles I/O requests and performs binary translation when required.
3. Virtual Machine Instances:
o Guest OS runs within an isolated virtual environment.
o Supports integration with host OS (e.g., folder sharing).
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

Figure 3.14: VMware GSX Server Architecture

VT
1. Daemon (serverd):
o Manages virtual machines and processes user requests.
o Connects VMware applications to VM instances.
2. Web Server Interface:
U
o Provides remote management capabilities for virtual environments.
3. VM Instances:
pa
o Virtual machines running on top of a host OS with VMware drivers.
dh
ai

Figure 3.15: VMware ESXi Architecture

 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

1. VMkernel:
o A thin POSIX-compliant OS providing essential services (e.g., resource scheduling, I/O
stacks).
2. Agents:
o CIM Broker: Facilitates remote management.
o DCUI: Allows local management via a BIOS-like interface.
3. Hypervisor:
o Handles virtualization processes (e.g., memory, CPU scheduling).
@
4. VM Instances:
o Virtual machines with individual VMMs for hardware interaction.
VT
U
pa

Figure 3.16: VMware Cloud Solution Stack

1. Infrastructure Virtualization:
dh
o vSphere provides core services like compute, storage, and network virtualization.
2. Application Virtualization:
o vFabric supports scalable application development and deployment.
ai
3. Cloud Solutions:
o vCloud enables service providers to offer pay-per-use IaaS solutions.
4. SaaS:
o Zimbra delivers cloud-based email and collaboration tools.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

Microsoft Hyper-V
Microsoft Hyper-V is a virtualization solution designed to support server virtualization. It is built on a
hypervisor-based approach, allowing multiple guest operating systems to run on shared hardware
resources efficiently. Hyper-V is integrated as a role in Windows Server, starting from Windows Server
2008 R2. Despite being installed through the operating system, it directly manages hardware interactions,
positioning it as a hybrid solution between bare-metal and hosted hypervisors.
Architecture of Hyper-V
Hyper-V operates by organizing workloads into partitions, which are isolated environments for operating
systems. It distinguishes between the parent partition (root partition) and child partitions.
Parent Partition
@
• The parent partition runs the host operating system (Windows Server) and has direct access to the
hardware.
• It handles the virtualization stack and manages guest operating systems through the
VT
Virtualization Infrastructure Driver (VID).
• The parent partition also runs the Virtual Machine Worker Process (VMWP), which facilitates
the management of child partitions by interacting with the hypervisor.
Child Partitions
U
• Child partitions host guest operating systems.
• They are isolated environments created and managed by the parent partition.
pa
• Enlightened partitions (hypervisor-aware) benefit from advanced features like Enlightened I/O,
while unenlightened partitions rely on hardware emulation.

Hypervisor Components
dh
The hypervisor is the core of Hyper-V, directly interacting with the hardware and managing virtual
environments. Its components include:
1. Hypercalls Interface
o Provides an entry point for partitions to execute sensitive instructions.
ai
o Supports paravirtualization by enabling optimized communication between the
hypervisor and guest OS.
2. Memory Service Routines (MSRs)
o Control memory access for partitions.
o Utilize the IOMMU for efficient device access by translating virtual memory addresses.
3. Advanced Programmable Interrupt Controller (APIC)
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

o Handles interrupts from hardware and synthetic interrupt controllers (SynIC) for virtual
processors.
4. Scheduler
o Allocates physical processor time to virtual processors based on predefined policies.
5. Address Manager
o Manages virtual network addresses for guest operating systems.
6. Partition Manager
o Oversees the lifecycle of partitions, including their creation, destruction, and
@
configuration.
The hypervisor operates in Ring -1, a privileged mode that ensures compatibility with both legacy and
modern operating systems.
VT
Enlightened I/O and Synthetic Devices
Enlightened I/O enhances I/O performance for hypervisor-aware guest operating systems by bypassing
traditional hardware emulation.
Key Components
U
1. VMBus
o Acts as the interpartition communication channel between the parent and child partitions.
pa
o Facilitates fast data exchange without traversing the hardware emulation stack.
2. Virtual Service Providers (VSPs)
o Kernel-level drivers in the parent partition that provide access to physical hardware
devices.
dh
3. Virtual Service Clients (VSCs)
o Virtual device drivers in child partitions that interact with VSPs via the VMBus.
This design allows for enhanced performance in storage, networking, and other subsystems. Guest
ai
operating systems that are not hypervisor-aware rely on traditional device driver emulation, which is less
efficient.
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

@
Figure 3.17: Hyper-V Architecture
This figure illustrates the architecture of Hyper-V, highlighting the interactions between the hypervisor,
parent partition, child partitions, and hardware.
VT
1. Parent Partition (Root Partition)
o Located at the top, it includes the virtualization stack, I/O stack drivers, and
Virtualization Infrastructure Driver (VID).
o Directly interacts with the hypervisor and hardware.
U
2. Hypervisor
o Positioned centrally, it operates at Ring -1, providing a secure and efficient environment
pa
for partition management.
3. Child Partitions
o Showcases both enlightened and unenlightened child partitions.
o Enlightened partitions leverage VMBus for I/O, while unenlightened ones rely on
dh
traditional emulation.
4. Hardware (x86)
o Located at the bottom, including processors, memory, and I/O devices.
ai
This layered architecture demonstrates how Hyper-V creates a virtualized environment while ensuring
secure and efficient partition management.

Hyper-V in Cloud Computing and Infrastructure Management

Hyper-V serves as the foundation for Microsoft’s virtualization platform and integrates with other tools
for enhanced functionality.
Windows Server Core
 @VTUpadhai – Cloud Computing (21CS72) – Module 2 Notes

• A minimalist version of Windows Server designed to reduce overhead by removing GUI and non-
essential components.
• Benefits include:
o Reduced maintenance and disk space requirements.
o Smaller attack surface for security.
• Drawbacks include a reduced feature set, requiring remote management via tools like PowerShell.
System Center Virtual Machine Manager (SCVMM)
SCVMM extends Hyper-V’s capabilities by providing advanced management features, such as:
@
• Virtual machine creation and lifecycle management.
• Conversion tools for physical-to-virtual (P2V) and virtual-to-virtual (V2V) migrations.
• Host capacity planning and intelligent VM placement.
VT
Observations and Comparisons
Hyper-V blends paravirtualization and full hardware virtualization approaches. While its parent-child
partition model resembles Xen, its installation within an existing operating system aligns it closer to
VMware.
U
Advantages
• Flexibility in supporting diverse guest operating systems.
pa
• Integration with existing Windows Server environments.
Disadvantages
• Limited to 64-bit architectures and hardware with virtualization support.
dh
• Requires modern Windows Server platforms.
In conclusion, Hyper-V provides a robust virtualization platform with significant flexibility and
integration features, making it a cornerstone of Microsoft’s cloud and virtualization strategy. However, its
hardware and software dependencies can limit its applicability in some environments.
ai
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

Module 3- Cloud Computing Architecture: Introduction, Cloud Reference Model, Types of Clouds,
Economics of the Cloud, Open Challenges
Introduction

 Utility-Oriented Data Centers- These are the backbone of cloud computing, providing the
infrastructure for delivering services. They can be owned by providers or rented from third parties,
enabling the deployment of virtual hardware, development platforms, or application software.
 Cloud Infrastructure Composition- Cloud infrastructures consist of distributed systems like
datacenters, clusters, or networks of heterogeneous devices (e.g., PCs, workstations, servers).
Virtualization is a key feature, ensuring workload isolation and maximizing resource usage.

 Layered Architecture- Cloud systems use a layered approach to deliver services. Layers include
virtual machine managers (hypervisors) for resource control, development platforms for app
creation, and middleware for specialized functionalities.

 Reference Model for Categorization- A reference model helps classify cloud technologies,
applications, and services into structured categories, enabling better understanding of delivery
models like IaaS, PaaS, and SaaS.

Cloud Reference Model

Cloud computing offers IT services consumed like utilities, delivered through networks such as the
Internet. It encompasses infrastructure, platforms, applications, and services, organized into a reference
model with layers ranging from hardware to application-level services.
2. Cloud Architecture
Layered Structure- Cloud implementations are structured in a stack, including hardware, middleware,
and software systems. The stack provides computing power, resource management, and user-facing
services.
Physical Infrastructure- Built using resources like clusters, networked PCs, and databases, the physical
layer ensures scalability and performance. Virtualization, through hypervisors, partitions and isolates
resources while enhancing security.
Core Middleware- This layer manages infrastructure tasks such as runtime customization, Quality of
Service (QoS), resource monitoring, and billing.
Virtualization Strategies- Virtualization covers compute, storage, and networking, offering seamless
control over virtual resources. Programming-level virtualization supports portable environments for
technologies like Java and Python.
3. Service Layers in Cloud Reference Model
(a) Infrastructure-as-a-Service (IaaS)
Provides physical resources and management layers, enabling users to set up custom systems. Two types:
 IaaS: Includes management tools and physical infrastructure.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

 IaaS (M): Offers management tools only, integrating with external infrastructure.
(b) Platform-as-a-Service (PaaS)
Offers development platforms with integrated infrastructure. Tools include web interfaces and
programming frameworks, enabling cloud-native application development using APIs. Pure PaaS
provides only middleware, requiring external infrastructure.
(c) Software-as-a-Service (SaaS)
Delivers application-level services online, such as social media, gaming, and enterprise tools. SaaS
leverages IaaS and PaaS for scalability and performance.
4. Adaptive Management and XaaS (Everything as a Service)
Adaptive Management- Ensures elasticity for performance and availability. SaaS automates
management, while PaaS and IaaS offer APIs for customization.
XaaS- Combines services from various providers for integrated solutions, such as virtual web farms,
enabling cost-effective scaling for startups.

Core Components
Cloud Resources (System Infrastructure)- Includes physical components like virtual machines (VMs),
databases, and storage. These are virtualized and pooled using hypervisors.
Core Middleware- Manages SLA compliance, QoS negotiation, billing, and resource allocation.
Middleware Layers
User-Level Middleware- Provides APIs and environments for cloud-native development, including
distributed programming and workflow tools.
Applications Layer- Hosts cloud-based services like SaaS for social networking, gaming, and enterprise
applications.
Adaptive Management- A horizontal layer ensuring scalability and elasticity across the stack. It
incorporates autonomic features such as performance optimization and cost control.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

Infrastructure- and Hardware-as-a-Service (IaaS/HaaS

IaaS/HaaS represents a mature and popular segment in cloud computing, offering customizable
infrastructure on demand. These solutions range from single servers to full infrastructures, including
network devices, load balancers, and database/web servers. The backbone technology is hardware
virtualization, enabling the creation of virtual machines (VMs) tailored to user needs.
Key Benefits
IaaS/HaaS benefits both service providers and customers. Service providers can optimize IT infrastructure
usage while offering secure environments for third-party applications. For customers, these solutions reduce
capital expenditures on hardware, minimize maintenance efforts, and allow customization of virtual
infrastructures with selected operating systems and applications.
Virtual Machines and Services
Virtual machines form the core components of IaaS and are priced based on their specifications, such as
memory, CPU count, and storage capacity. Some solutions offer prepackaged system images, such as LAMP
stacks, while others allow users to upload their custom VM images. Advanced features like SLA-based
resource allocation, workload management, and integration with third-party IaaS solutions further enhance
functionality.

Figure 4.2: IaaS Architecture

User Interface Layer
At the top, the user interface provides access to IaaS services through Web services, RESTful APIs, or
management consoles. These interfaces support automation and programmatic interaction, enabling users
and applications to manage the infrastructure efficiently.
Infrastructure Management Software
The core layer of IaaS handles key management tasks, including:
 Pricing and Billing: Tracks resource usage for cost calculation.
 Monitoring: Logs system performance and VM execution.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

 Reservation: Manages VM deployment schedules.

 QoS/SLA Management: Ensures execution meets quality standards.
 VM Repository: Stores and catalogs VM images for deployment.
 Provisioning: Integrates external IaaS resources seamlessly.
Physical Infrastructure Layer
The bottom layer consists of physical resources, such as datacenters, clusters, PCs, or heterogeneous
environments. It also includes virtual resources rented from third-party providers. This layer forms the
foundation for the higher layers of IaaS services.
Complete vs. Partial IaaS Solutions
Complete IaaS solutions include all three layers (user interface, management software, and physical
infrastructure). Providers like Amazon EC2, Rackspace, and GoGrid own and operate large datacenters to
deliver these services. In contrast, partial solutions, such as Eucalyptus or OpenNebula, rely on third-party
infrastructures for physical resources but offer user interface and management layers.
Applications
IaaS can be tailored for computing or storage services. For computing, the focus lies on VM scheduling and
execution. For storage, the emphasis shifts to storage virtualization and data access management. These
capabilities make IaaS ideal for startups and enterprises, reducing initial investments while offering scalable
solutions for business growth.

Platform-as-a-Service (PaaS)
Platform-as-a-Service (PaaS) solutions offer a development and deployment platform for running
applications in the cloud. These platforms function as middleware, enabling developers to focus on building
applications without worrying about the underlying infrastructure. PaaS automates deployment,
configuration, and resource management, allowing applications to scale according to demand.
Key Features
PaaS typically includes:
 Web-Based Interfaces and APIs: Developers interact with PaaS through web portals, REST APIs,
and programming libraries.
 Elasticity and Scaling: The platform automatically adjusts resources to meet application demands,
ensuring scalability.
 Application and Resource Management: The core middleware manages application deployment,
load balancing, and resource allocation, abstracting the complexities of hardware and
infrastructure.
 Quality of Service (QoS) and SLA Management: Ensures that services meet predefined
performance and availability standards.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

Development Models
PaaS offers different development models depending on the platform:
1. Web-Based Interface: Some platforms provide entirely cloud-based interfaces for designing,
prototyping, and deploying applications, using visual programming or rapid prototyping tools.
2. Programming Languages: Other platforms offer a more flexible approach, allowing developers
to use traditional programming languages like Java, .NET, Python, or Ruby, with certain restrictions
to ensure scalability and security.
Types of PaaS
PaaS solutions can be categorized into three types:
1. PaaS-I: These platforms offer a complete web-hosted development environment, including
middleware and infrastructure. Examples include Force.com and Longjump.
2. PaaS-II: These platforms focus on scaling web applications, such as Google AppEngine, Heroku,
and Engine Yard. They provide a runtime environment for specific languages (e.g., Java, Python,
Ruby).
3. PaaS-III: These solutions provide a more comprehensive cloud programming platform for various
applications, not limited to web apps. Examples include Microsoft Azure and GigaSpaces.
Key Characteristics of PaaS
 Runtime Framework: A PaaS solution provides a "software stack" to run end-user applications,
automating deployment and scaling.
 Abstraction: Unlike IaaS, PaaS abstracts the infrastructure, allowing users to focus solely on
application development.
 Automation: PaaS automates resource scaling and provisioning according to service-level
agreements (SLAs).
 Cloud Services and APIs: PaaS offerings include APIs for easy integration and management of
services, helping developers create scalable and available cloud applications.
Vendor Lock-In and Portability
One challenge of using PaaS is vendor lock-in. PaaS environments typically tie applications to specific
runtimes, making it difficult to migrate them to another provider. However, some PaaS providers, like
Google AppEngine and Microsoft Azure, use industry-standard runtimes, which may offer some flexibility.
Others, such as Force.com, create proprietary frameworks that limit portability.
Financial Benefits
PaaS solutions reduce the costs associated with development, deployment, and maintenance of applications.
By offloading technology upgrades and infrastructure management to the provider, organizations can focus
on their core business. For small startups, PaaS combined with IaaS solutions offers an affordable way to
quickly scale and provide integrated solutions to customers.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

Figure 4.3 illustrates the Platform-as-a-Service (PaaS) reference model, which highlights the key
components of a PaaS environment. It includes:
 Web-Based Interface: A portal or dashboard for developers to interact with the platform.
 PaaS Core Middleware: Manages the runtime environment, scaling, and resource allocation.
 Elasticity & Scaling: Automatic adjustment of resources to meet application demand.
 Resources Management: Tools for managing compute power, storage, and databases.
 Physical Infrastructure: Underlying hardware that supports the PaaS environment.
 Runtime: The environment where applications run.
 Programming API / Libraries: Tools for developers to build and integrate applications.
 User and Application Management: Handles user access, application lifecycle, and deployment.
 QoS/SLA Management & Billing: Ensures performance and tracks usage costs.

Software as a Service (SaaS)

Software as a Service (SaaS) is a cloud computing model where software applications are delivered over
the internet instead of being installed locally on user devices. In SaaS, users can access applications via a
web browser, and the software is hosted, maintained, and updated by the provider. Users typically pay a
subscription fee, which allows them to use the software without having to deal with installation,
maintenance, or infrastructure.

Here are the main points about SaaS:

1. Access through the Web: Users access SaaS applications via a web browser, so they don't need to
install the software on their own devices or servers.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

2. Multi-tenancy: SaaS applications are shared by multiple customers (tenants), which helps reduce
costs for both the provider and the users. This is different from traditional software where each user
or organization would need its own installation.
3. Customizability: While the core features of the application are standard, SaaS solutions are often
customizable to meet the specific needs of users, for instance through settings or additional plugins.
4. No Maintenance: The SaaS provider takes care of the infrastructure, software updates, security
patches, and maintenance. Users don't have to worry about managing or updating the software
themselves.
5. Pay-per-Use: Typically, SaaS providers operate on a subscription or pay-per-use pricing model,
making it more affordable and flexible compared to traditional software purchases that require large
upfront costs.
Examples of SaaS:
 Salesforce: A cloud-based CRM (Customer Relationship Management) system that helps
businesses manage interactions with customers.
 Google Docs: A cloud-based office suite for document, spreadsheet, and presentation creation and
collaboration.
 LinkedIn: A professional networking site that allows users to connect with others, share content,
and access job opportunities.
SaaS Evolution: SaaS 2.0
SaaS 2.0 is a newer evolution of the SaaS model, which focuses on integration with other services. Instead
of standalone applications, SaaS 2.0 allows users to integrate third-party applications, creating a more
customizable and scalable system. This shift supports a more business-centric approach, where users can
build applications by connecting different services and components to meet specific business goals.
In summary, SaaS makes it easier and more cost-effective for users to access software, offering flexibility,
scalability, and minimal management responsibilities. It has become popular for business applications
(CRM, ERP), office tools, and social networking platforms.

Types of Clouds
Public Clouds
Public Cloud are the most common and widely known form of cloud computing. They are characterized by
offering services over the internet, where anyone can access and use them. Here are the key points about
public clouds:
1. Structure: Public clouds are distributed systems, often built across multiple data centers, to deliver
various services to customers. These data centers are interconnected and serve as the backbone for
the cloud services offered.
2. Accessibility: Public clouds are available to anyone who subscribes to the service. Customers can
sign in with their credentials, enter payment details, and begin using cloud services. This ease of
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

access makes public clouds ideal for businesses that need scalable and flexible IT solutions without
significant upfront investment.
3. Multitenancy: Public clouds are designed to serve multiple customers simultaneously, which
means the infrastructure is shared. However, each customer is provided with a virtualized
environment that is isolated from others. This ensures performance and security for each user while
supporting a large number of customers.
4. Scalability: One of the main benefits of public clouds is their ability to scale dynamically.
Businesses can increase or decrease their resource usage as needed, such as adding more computing
power during peak loads or reducing it when demand is low.
5. Service Types: Public clouds offer various service models:
o IaaS (Infrastructure as a Service): Provides virtualized computing resources like
Amazon EC2.
o PaaS (Platform as a Service): Offers platforms for application development, like Google
AppEngine.
o SaaS (Software as a Service): Provides ready-to-use software applications, such as
SalesForce.com.
6. Global Reach: Public clouds often have data centers spread across multiple geographical regions.
This global infrastructure helps provide redundancy, better performance, and lower latency by
serving customers from the nearest data center.
7. Cost Efficiency: Public clouds reduce IT costs by eliminating the need for organizations to
purchase and maintain their own hardware and software. Instead, customers pay only for the
services they use, based on a subscription or usage-based pricing model.
8. Management & Accountability: Public cloud providers invest in software infrastructure to
monitor resources, manage performance, and ensure quality of service (QoS). They also track usage
and billing, ensuring transparent and accurate service delivery.
Private Clouds
Public cloud are a cloud computing model that is designed for a specific organization or institution, offering
a controlled environment where the IT infrastructure is provisioned within the organization's premises.
These clouds address concerns related to security, compliance, and control that are often associated with
public clouds. Here are the key aspects of private clouds:
1. Security & Control: Private clouds are especially appealing for organizations that need to keep
sensitive data and critical systems in-house due to security, compliance, or regulatory concerns. For
example, government and military agencies, as well as enterprises with sensitive data, prefer private
clouds because they avoid the risks associated with hosting data on public cloud providers'
infrastructure.
2. Customization: Unlike public clouds, which follow a pay-as-you-go model, private clouds allow
organizations to tailor their resource allocation and pricing models based on internal usage. This
flexibility can include charging internal departments or units based on their cloud consumption.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

3. In-house IT Infrastructure: Private clouds rely on an organization's existing IT infrastructure,

which may include data centers, clusters, or desktop grids. This reduces the need for capital
investment and optimizes the usage of current resources.
4. Compliance and SLAs: Private clouds are ideal for organizations that must adhere to strict
compliance requirements. They can provide the infrastructure necessary to meet regulatory
standards and service-level agreements (SLAs) for uptime, security, and disaster recovery, which
may not always be available with public clouds.
5. Cost Efficiency: While private clouds require an initial investment in hardware and software, they
can lead to long-term cost savings by optimizing the use of existing IT resources and ensuring that
the infrastructure is aligned with organizational needs.
6. Architecture & Software Stack:
o Virtualization Technologies: Private clouds often utilize virtualization platforms such as
Xen, KVM, and VMware to create and manage virtual machines (VMs).
o Infrastructure Management: Tools like VMware vCloud, Eucalyptus, and OpenNebula
manage the virtual infrastructure, providing an Infrastructure-as-a-Service (IaaS) solution.
o Platform-as-a-Service (PaaS): For advanced cloud functionalities, PaaS solutions like
DataSynapse, Zimory Pools, and Aneka can be used to deploy and manage distributed
applications.
7. Limited Scalability: Compared to public clouds, private clouds generally have more limited
scalability due to their reliance on on-premise infrastructure. While they can scale within the
organization's own resources, they lack the ability to elastically scale on demand like public clouds.
8. Use Cases: Private clouds are ideal for organizations with specific needs for control, privacy, and
compliance. They are widely used in industries such as healthcare, finance, and government, where
data security and regulatory compliance are critical.

The figure you referred to provides a breakdown of the hardware and software stack involved in the
deployment of private clouds. It outlines the layers of technology that make up the infrastructure:
1. Physical Infrastructure: This includes datacenters, clusters, or desktop grids on which the private
cloud runs.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

2. Virtual Machine Technology: The foundational technologies for virtualization are platforms like
Xen, KVM, and VMware.
3. Infrastructure Management Software: This includes tools such as VMware vCloud, Eucalyptus,
and OpenNebula that manage the virtual infrastructure and provide IaaS solutions.
4. PaaS Solutions: These provide higher-level services, including DataSynapse, Zimory Pools, and
Aneka, which support the deployment of distributed applications and complex cloud environments.
Hybrid Clouds
Hybrid cloud combine elements of both public and private clouds, allowing organizations to maintain
control over sensitive data while leveraging the scalability and flexibility of public cloud resources when
needed. Hybrid clouds provide a solution that addresses the limitations of private clouds, particularly
around scalability and handling peak loads. Below are key characteristics and details about hybrid clouds:
1. Integration of Public and Private Clouds: A hybrid cloud consists of a private cloud that
integrates additional resources from one or more public clouds. This setup allows organizations to
use private cloud infrastructure for sensitive workloads while accessing public cloud resources to
scale their infrastructure during high-demand periods.
2. Scalability and Dynamic Provisioning: One of the key advantages of hybrid clouds is the ability
to scale on demand. This is achieved through dynamic provisioning, where resources from the
public cloud can be temporarily leased when the private cloud's capacity is exceeded. This practice
is known as cloudbursting. When the demand decreases, the public cloud resources can be
released, ensuring cost efficiency.
3. Security and Control: In hybrid clouds, security concerns are primarily limited to the public cloud
portion, where less sensitive operations can be performed. The private cloud remains in full control
of the organization, ensuring sensitive data and critical workloads are handled internally.
4. Optimized Use of Resources: Hybrid clouds allow organizations to use their existing infrastructure
while still having the flexibility to leverage external public cloud resources when necessary. This
ensures that the organization can handle fluctuating workloads without needing to over-provision
hardware or maintain excessive IT infrastructure.
5. Infrastructure and Platform Management:
o IaaS (Infrastructure as a Service) and PaaS (Platform as a Service) solutions are
integral to hybrid cloud setups. These services enable dynamic provisioning, which ensures
that additional resources are added and removed seamlessly based on demand.
o Infrastructure management tools like OpenNebula, which integrates with public cloud
resources (e.g., Amazon EC2), and scheduling tools like Haizea (for cost-based
scheduling) are essential for managing hybrid clouds.
o InterGrid is another tool that facilitates hybrid cloud management by enabling distributed
scheduling across various networks, including both private and public clouds.
6. Cost Management and Scheduling: One of the challenges of hybrid clouds is managing costs
effectively. Scheduling algorithms are used to optimize the allocation of resources, taking into
account the organization's budget and resource availability. For instance, advanced scheduling
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

engines like Haizea help ensure that public cloud resources are used cost-effectively, by
determining when and how to scale out.
7. PaaS Solutions for Hybrid Clouds: PaaS solutions, like Aneka, enable hybrid cloud setups by
providing provisioning services that allow applications to scale dynamically across private and
public cloud infrastructures. These platforms often include features like budget-based resource
allocation to guarantee that applications meet the required quality of service (QoS).
8. Use Cases: Hybrid clouds are suitable for organizations that:
o Need to balance control and security with flexibility.
o Require scalability during peak usage times without investing in expensive on-premises
infrastructure.
o Want to maintain compliance and security for sensitive data while still benefiting from the
cost-effectiveness and scalability of public clouds.
hybrid clouds offer the flexibility to maintain sensitive data and operations within private infrastructure
while utilizing the public cloud's vast resources for scalability and cost efficiency when needed. This blend
of private and public resources makes hybrid clouds an attractive option for businesses with fluctuating IT
demands.

Figure 4.5 illustrates a hybrid cloud architecture, which combines private cloud infrastructure with
resources from public clouds. The diagram shows:
 Private Cloud: The internal infrastructure of an organization, such as datacenters or clusters,
providing secure, in-house resources.
 Public Cloud: External cloud services, such as Amazon EC2, that offer additional resources to
handle peak loads.
 Dynamic Provisioning: The process of adding or releasing public cloud resources as demand
fluctuates, enabling scalability.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

 Hybrid Cloud Overview: A distributed system where the private cloud integrates resources from
public clouds to meet capacity demands, known as cloudbursting.
Community Clouds
Community clouds are distributed systems designed to meet the specific needs of a particular industry,
community, or business sector by integrating resources from multiple organizations. They are typically used
by groups with shared concerns, such as security requirements, policies, and compliance considerations.
According to the National Institute of Standards and Technology (NIST), community clouds are
characterized by shared infrastructure that serves a specific community, and can be managed either by the
community members or a third party, and may exist on-premise or off-premise.
Here are key characteristics of community clouds:
1. Shared Infrastructure and Collaboration:
 Community clouds are built on resources contributed by different organizations, such as
government bodies, private enterprises, or public infrastructure providers.
 They focus on collaboration among users who have common goals or concerns, such as security,
compliance, or operational needs.
 Unlike public clouds, which serve a broad user base with varied needs, community clouds serve
specific groups with similar interests.
2. Industries and Use Cases:
 Media Industry: Community clouds provide a collaborative environment for media companies
that require high computational power, bandwidth, and storage. These clouds help facilitate the
creation and sharing of digital content, particularly in media production processes that involve large
data movements and compute-intensive rendering tasks.
 Healthcare Industry: Community clouds can store non-sensitive information in the shared
infrastructure while keeping sensitive patient data within private clouds. They also provide a
platform for collaboration across hospitals, research institutions, and healthcare providers while
respecting privacy and regulatory concerns.
 Energy and Core Industries: These sectors benefit from community clouds that integrate
resources from various providers to manage operations and services, creating a fair and open market
for energy distribution, management, and coordination.
 Public Sector: Legal and administrative processes within government bodies can be streamlined
using community clouds, providing a distributed platform for communication and collaboration
across agencies and departments.
 Scientific Research: Community clouds are used in scientific computing, where research
organizations collaborate by sharing large, distributed infrastructures to support computational
tasks and data analysis.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

3. Vendor Independence and Openness:

 Community clouds reduce reliance on single cloud vendors by enabling a collective, open system.
This openness allows fair competition between different providers and solutions, and the
infrastructure can grow by expanding the user base.
 Openness: Community clouds are designed to be open, reducing dependency on specific vendors
or solutions and allowing for more flexibility and choice.
 Community Ownership: Decisions about the cloud's operation are made collectively by the
community, providing both control and convenience for members.
4. Key Benefits:
 Graceful Failures: With no single provider in charge, community clouds are less vulnerable to a
single point of failure, as the system is distributed across multiple contributors.
 Environmental Sustainability: Community clouds tend to have a lower carbon footprint because
they leverage underutilized resources and grow organically as the demand of the community
evolves.
 Convenience and Control: Community clouds strike a balance between convenience and control,
as the infrastructure is shared and owned by the community, with decisions made democratically.
 Scalability: The infrastructure can scale effectively by expanding the user base and resources
contributed by the community members.
5. Social and Ecological Aspect:
 A more specific vision of community clouds views them as aggregations of resources from
community members, focusing on their social and ecological benefits. They are sustainable and
adapt to the community's needs, growing or shrinking as necessary to support the collective
demand.
 Environmental Sustainability: These clouds utilize underutilized resources, helping reduce waste
and contribute to more sustainable cloud infrastructure management.
In conclusion, community clouds are a powerful solution for industries and sectors with shared needs,
offering both flexibility and control to users while promoting sustainability and collaboration. They provide
a balance between the security and privacy of private clouds and the scalability and cost-efficiency of public
clouds.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

Figure 4.6 provides an overview of different types of clouds, including Community Cloud, Private Cloud,
and Public Cloud. It illustrates how these cloud models cater to various sectors and user groups:
 Community Cloud: A cloud model formed by integrating the services of multiple clouds to serve
the needs of a specific industry, community, or business sector. The resources are shared by
organizations with common concerns, such as industries or government bodies.
 Private Cloud: A cloud infrastructure dedicated to a single organization, such as enterprises or
federal and government bodies, ensuring control over security and operations.
 Public Cloud: A cloud infrastructure available to the general public, providing services to various
users like public services, users, and development platforms.

Economics of Cloud Computing

Cloud computing fundamentally shifts the way organizations manage IT infrastructure and software
services, primarily by leveraging economies of scale and simplifying software delivery. The most
significant economic advantage of cloud computing is its pay-as-you-go model, which offers several
financial benefits:
1. Cost Reduction:
 Capital Costs: Cloud computing reduces the capital expenses associated with purchasing IT
infrastructure and software. Rather than investing in physical hardware and software licenses
upfront, businesses can rent resources and pay for software on a subscription basis.
 Depreciation Costs: Capital assets like hardware and software depreciate over time. In traditional
models, this depreciation reduces profits as businesses need to replace aging technology. With cloud
computing, these depreciation costs are eliminated because the infrastructure is leased, not owned.
 Operational and Administrative Costs: The cloud minimizes the operational costs related to
maintaining IT infrastructure, such as electricity, cooling, and hardware upgrades. The need for IT
support staff is also reduced because cloud providers handle much of the maintenance and support.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

2. Financial Impact for Different Business Sizes:

 Startups: For small or new businesses, cloud computing can entirely eliminate the need for initial
capital investment in IT infrastructure. This allows startups to focus on growth without having to
manage expensive and depreciating IT assets. They can use cloud services for a variety of business
operations, such as software development, CRM, ERP, and more, converting capital costs into
manageable operational expenses.
 Established Enterprises: Larger enterprises with existing IT assets can still benefit from cloud
computing, particularly through IaaS (Infrastructure as a Service). Cloud solutions allow businesses
to manage unplanned capital costs, such as those caused by fluctuating demand, by leasing
additional resources when needed and releasing them when demand decreases. This offers
flexibility without the need for significant upfront investments.
3. Indirect Cost Savings:
 Software Licensing: Cloud computing often replaces traditional software licensing fees with
subscription-based models, where businesses pay only for what they use rather than purchasing
perpetual licenses.
 Carbon Footprint Reduction: Cloud services can help reduce a company's carbon footprint by
consolidating IT infrastructure into centralized data centers that use energy more efficiently. This
can be especially advantageous in countries where carbon emissions are taxed, as businesses can
lower their tax burden by reducing emissions.
4. Cloud Pricing Models:
 Tiered Pricing: Services are offered at various pricing tiers based on fixed specifications and
service level agreements (SLAs). For instance, Amazon EC2 uses tiered pricing where users pay
based on server configurations, such as CPU type and memory capacity, on a per-hour basis.
 Per-Unit Pricing: In this model, customers pay for specific resources used, such as data transfer,
memory allocation, or storage. This approach offers flexibility in configuring systems based on
actual application needs. For example, GoGrid uses per-unit pricing based on RAM usage per hour.
 Subscription-Based Pricing: Typically used by SaaS (Software as a Service) providers, this model
charges customers a recurring subscription fee for access to software services or specific
components integrated into applications.
5. Financial Flexibility:
 Cloud computing enables businesses to convert capital expenditures (CapEx) into operational
expenditures (OpEx). Instead of committing large sums of capital to purchase hardware and
software, businesses can lease these resources, paying only for what they use, which helps optimize
costs and aligns better with business growth.
In summary, cloud computing offers substantial economic benefits by reducing capital expenditures,
eliminating depreciation and licensing fees, and lowering administrative and operational costs. Through
flexible pricing models and the ability to scale resources up or down, cloud services can be tailored to the
specific financial needs of businesses, making it a cost-effective solution for both startups and established
enterprises.
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

Open Challenges in Cloud Computing

While cloud computing continues to evolve, it presents several challenges that need to be addressed by both
industry and academia. These challenges impact cloud adoption, interoperability, security, scalability, and
organizational dynamics. Below are the key open challenges:
1. Cloud Definition:
 The definition of cloud computing remains fluid, with various organizations offering differing
characterizations. The NIST definition is one of the most widely accepted, emphasizing on-
demand self-service, resource pooling, elasticity, and measured service. However, there are other
taxonomies, such as David Linthicum’s detailed classification and UCSB’s ontology approach,
which attempt to further refine cloud computing's structure.
 These definitions are still evolving as cloud computing is a relatively young phenomenon and will
continue to be refined to adapt to new developments.
2. Cloud Interoperability and Standards:
 Vendor lock-in remains a significant obstacle for enterprises. Without standardization, businesses
are at risk of being unable to switch cloud vendors easily, leading to high conversion costs and
limited flexibility.
 Efforts are being made to establish standards for cloud interoperability, such as the Open
Virtualization Format (OVF) for virtual machines and initiatives by organizations like the Cloud
Computing Interoperability Forum and the Open Cloud Consortium. The goal is to allow
seamless migration between different cloud vendors and the ability to integrate services across
multiple platforms.
 One key challenge is creating universal APIs that work across various cloud services, as currently,
each cloud provider typically uses its own API, which hampers interoperability.
3. Scalability and Fault Tolerance:
 The cloud's ability to scale on-demand is a significant advantage. However, it requires scalable
cloud middleware that can handle large numbers of users and resources efficiently. Designing
systems that can scale well while maintaining performance under varying loads is a complex
challenge.
 Fault tolerance is equally important—cloud systems need to be able to withstand failures without
impacting service availability. This requires advanced systems engineering to ensure that cloud
environments can recover from failures quickly and efficiently.
4. Security, Trust, and Privacy:
 Security in the cloud involves ensuring that sensitive data is protected through encryption and
secure access protocols. However, the increased use of virtualization technologies creates new
security vulnerabilities. For example, data stored in a cloud may be safe from unauthorized access,
but when processed in memory, it could be exposed to the virtual machine manager.
 Trust and privacy concerns also arise because users must place trust in cloud providers, which
may not offer full control over where data is stored or how it is processed. Additionally, when cloud
 @VTUpadhai – Cloud Computing (21CS72) – Module 3 Notes

services rely on multiple third-party services, it becomes difficult to pinpoint liability if privacy
violations or breaches occur.
 There is a need for legal and technical solutions to address these challenges, ensuring that cloud
services adhere to regulations and provide transparent accountability.
5. Organizational Aspects:
 Cloud computing transforms how businesses manage IT services, leading to new organizational
and cultural shifts. One of the most significant changes is how IT departments function when much
of the infrastructure is outsourced to the cloud.
 Important questions include:
o What is the role of the IT department in organizations that rely heavily on the cloud?
o How will compliance and regulatory frameworks adapt to the cloud environment,
especially in areas where businesses lose control over workflows?
 Organizationally, moving to the cloud reduces local IT maintenance and support costs but also
requires employees to have new competencies. IT staff may need fewer technical skills in
infrastructure management, but they must adapt to cloud-specific management tools and services.
This can lead to a reshaping of team structures and responsibilities.
6. Implications for Businesses:
 Moving IT services to the cloud introduces several political, legal, and operational considerations.
Organizations may lose control over some aspects of their IT infrastructure, which could have
broader implications for their governance and regulatory compliance.
 Additionally, as businesses increasingly rely on cloud services, their internal processes and the role
of IT departments will evolve, requiring new strategies for managing risk, ensuring security, and
maintaining user trust.
While cloud computing offers significant benefits in flexibility, cost efficiency, and scalability, it is still in
its developmental phase, with many challenges that need to be addressed. These include refining cloud
definitions, ensuring interoperability through standards, improving scalability and fault tolerance,
addressing security and privacy issues, and transforming organizational structures to accommodate cloud
adoption. Continued research and collaboration between industry and academia will be crucial in resolving
these challenges and enabling more seamless and secure cloud adoption across various sectors.
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

Module 4 - Cloud Security: Risks, Top concern for cloud users, privacy impact assessment, trust, OS
security, VM Security, Security Risks posed by shared images and management OS.
Cloud Security Risks
Cloud computing security faces several risks that both users and providers must address. These include
traditional security threats, risks associated with system availability, and concerns around third-party
control of data.
Traditional Security Threats:
 User-side threats: Users must secure their devices and infrastructure, which can be more
challenging when some components are outside their control.
 Authentication and Authorization: Proper access control is crucial, with different access levels
for individuals within an organization. It’s also hard to integrate internal security policies with
those of the cloud provider.
 Cloud-side threats: Cloud services are vulnerable to traditional attacks like DDoS, phishing,
SQL injection, and cross-site scripting. Virtualization also adds complexity, as shared resources
could be exploited by malicious users.
Availability Risks:
 System Failures: Cloud services can face downtimes due to power outages or system failures.
Data lock-in can also affect business continuity if a provider fails.
 Third-Party Control: Cloud providers may subcontract resources, and the risks of data loss or
breaches increase if those third parties are not trustworthy.
Cloud-Specific Threats:
 Abuse of Cloud Resources: Criminals could misuse cloud resources for malicious activities like
launching DDoS attacks, sending malware, or distributing spam.
 Shared Technology Risks: Issues in virtualization technologies could lead to vulnerabilities that
affect multiple users sharing the same resources.
 Insecure APIs: Cloud service APIs might not provide adequate security for tasks like
authentication and monitoring.
 Insider Threats: Cloud providers might have malicious insiders with access to sensitive
information or systems.
 Data Loss or Leakage: There is a risk of losing critical data due to failures in replication or
storage media. This can be catastrophic, especially if there is no backup.
 Account Hijacking: Cloud users face threats of credentials theft, which can lead to unauthorized
access to cloud services.
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

Mitigation Efforts:
The Cloud Security Alliance (CSA) has identified key threats like malicious insiders, data loss, insecure
APIs, and account hijacking. Their Security Guidance for Cloud Computing offers advice on how to
minimize these risks.
To address these security concerns, it's important to establish robust security protocols, ensure
transparency in provider operations, and be aware of new attack vectors unique to cloud computing, such
as multitenancy risks and data control challenges.

Figure 9.1 depicts the surfaces of attacks in a cloud computing environment. It shows the interactions
between three key actors: the User, the Service, and the Cloud Infrastructure.
 User-Cloud: The user requests resources from the cloud, and potential attacks can occur during
this interaction.
 Service-User: The service interacts with the user, and attacks may target the service from the user
side, such as phishing or SSL certificate spoofing.
 Cloud-User: The cloud infrastructure can also be a source of attacks on the user, such as attacks
from compromised cloud resources.
 Service-Cloud: The service interacts with the cloud infrastructure to manage and request
resources, and attacks can originate here, such as privilege escalation or data distortion.
 Cloud-Service: Cloud infrastructure can attack the service, for example, through privilege-related
attacks or data injection.

Security- Top concern for cloud users

Security remains the top concern for cloud users, as they are accustomed to having full control over their
sensitive data within a secure perimeter, protected by corporate firewalls. However, in the cloud, they
must extend trust to cloud service providers (CSPs), which presents a significant shift in responsibility.
Major security concerns include unauthorized access, data theft, and loss of control over the data
lifecycle.
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

Key User Concerns:

1. Unauthorized Access & Data Theft:
o Data stored in the cloud is more vulnerable than during processing, and cloud storage
servers need robust security to prevent unauthorized access.
o Rogue employees or insiders at the CSP, whose security screening and hiring processes
are often opaque to users, present a significant risk.
2. Data Lifecycle Control:
o Users often cannot confirm whether their data has been fully deleted after termination of
the service. Backups performed without user consent can create a situation where data is
lost, accessed by unauthorized parties, or exposed.
3. Lack of Standardization:
o Interoperability is a major issue. Users face challenges such as how to retrieve data if the
CSP goes offline, how to manage price hikes by the CSP, and what the costs are for
migrating to another provider.
4. Auditing and Compliance:
o Full audit trails are challenging in cloud environments, and compliance with laws such as
privacy and security regulations is complicated. Existing frameworks like FIPS and
FISMA do not easily extend to cloud services.
5. Autonomic Computing Risks:
o New technologies like autonomic computing, which allows systems to self-organize, self-
optimize, and self-repair, could introduce new security risks, making it even harder to
trace actions or identify vulnerabilities.
6. Multitenancy:
o While multitenancy reduces costs, it also introduces risks as many users share the same
server. Compromise of a server can affect multiple users, and threats to data during
processing time cannot be overlooked.
7. Legal and Privacy Concerns:
o Cloud computing operates in a complex legal environment, with data potentially crossing
multiple jurisdictions. The question of which laws apply, especially when data is
outsourced or shared with law enforcement, is a major concern for users.
User Actions to Minimize Risks:
 Evaluate CSP Security Policies: Users should review the CSP's security measures and their
compliance with privacy laws.
 Analyze Stored Data: Users should assess the types of data stored and processed on the cloud,
especially for sensitive information.
 Clear Contractual Obligations: Contracts with CSPs should define the following:
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

1. CSP's obligations to handle sensitive information securely.

2. CSP's liability for mishandling or losing data.
3. Rules on data ownership and geographical storage of data and backups.
Solutions for Data Protection:
 Avoid Cloud Processing for Sensitive Data: When possible, users should avoid processing
highly sensitive data in the cloud, though this isn't feasible for all applications.
 Encryption: Users should encrypt sensitive data when stored on public or hybrid clouds.
However, encryption can complicate data indexing and searching, and fully homomorphic
encryption or secure two-party computations are potential solutions, though they are currently
inefficient.
In summary, while the cloud offers cost savings and flexibility, it requires careful attention to security and
privacy. Users must actively assess risks, negotiate clear contracts, and implement additional protective
measures like encryption to minimize potential threats.
Privacy and privacy impact assessment
Privacy refers to the right of individuals or organizations to control and protect their personal or
proprietary information from being disclosed without their consent. Privacy is recognized as a basic
human right by many nations, with various laws and regulations in place to protect it, though these rights
are limited by other laws and can conflict with other rights, like freedom of speech. As technology
advances, new privacy threats have emerged, particularly in the digital age, with identity theft being a
common risk due to stolen or misused personal information.
Key Privacy Concerns in Cloud Computing:
1. Loss of Control:
o Once data is stored on a CSP's servers, users lose control over the exact location and
duration of data storage. For example, with services like Gmail, users cannot control
where their data is stored or how long emails are retained in server backups.
2. Unauthorized Secondary Use:
o CSPs may use data for purposes beyond the original intent, such as targeted advertising.
This secondary use is often not preventable, as there are no technological solutions to
stop it.
3. Dynamic Provisioning and Outsourcing:
o CSPs often outsource services, which introduces issues such as the lack of transparency
about subcontractors' rights to data. Questions also arise about how data rights change
during events like mergers or bankruptcy.
4. Legal and Legislative Framework:
o Different countries have varying privacy laws, with some more aggressive than others in
protecting personal data. The European Union, for example, enforces strict regulations,
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

including the "right to be forgotten," which allows individuals to have their data erased
from the internet.
Privacy Impact Assessment (PIA):
A Privacy Impact Assessment (PIA) is a tool for identifying privacy risks in information systems. PIAs
are critical for ensuring privacy is built into systems from the start rather than retrofitted. A PIA process
typically involves the following:
 Notice: Organizations must provide clear information about what data they collect, how it’s used,
and if it's shared with third parties.
 Choice: Users should have the ability to choose how their data is used, especially for secondary
purposes like marketing or sharing with external entities.
 Access: Users should be able to review the data collected about them and correct inaccuracies or
delete information if necessary.
 Security: Organizations must take reasonable steps to protect user data from unauthorized access
or breaches.
Proposed Tools for Privacy Management:
There is a call for tools to proactively address privacy concerns in systems. One proposed tool is a web-
based Privacy Impact Assessment (PIA) tool that helps organizations evaluate and mitigate privacy risks.
This tool would take inputs from project information, risk assessments, and stakeholder details to
generate a comprehensive PIA report, covering areas like transparency, security, and cross-border data
flows.
The PIA tool would be supported by a knowledge base created by domain experts, which would use a
rule-based system to evaluate privacy risks and generate necessary actions based on specific legal and
regulatory frameworks. This proactive approach ensures privacy concerns are addressed before systems
are fully deployed, reducing the need for costly changes later.
Privacy remains a critical concern in cloud computing, particularly as personal data is stored on third-
party servers, and users often lose control over their information. Strong legislation, transparent privacy
policies, and tools like PIAs are essential to managing these risks and ensuring that privacy rights are
respected in the digital age.

Trust in Cloud Computing

Trust is a crucial factor in cloud computing, similar to its role in other online activities. It is based on the
reliance individuals or organizations place on the character, ability, strength, or truth of others. Trust
facilitates cooperation, reduces conflict, decreases transaction costs, and fosters adaptive organizational
forms.
Key Aspects of Trust:
1. Risk: Trust is built on the perception of risk, where uncertainty about potential losses makes trust
necessary. Without risk, there would be no need for trust.
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

2. Interdependence: Trust also depends on interdependence, where one entity's success relies on
the actions of another. This relationship is key in cloud services, where a user depends on the CSP
for data storage, security, and availability.
Phases of Trust:
1. Building Phase: Trust is initially formed based on initial interactions or promises.
2. Stability Phase: Trust becomes stable and established over time.
3. Dissolution Phase: Trust declines due to breaches or failures.
Types of Trust:
 Deterrence-based Trust: Trust based on the belief that the penalties for breaching trust outweigh
any potential benefits from dishonest behavior.
 Calculus-based Trust: Trust based on the belief that cooperation benefits both parties.
 Relational Trust: Develops over time through repeated positive interactions, based on
dependability and reliability.
Trust in Online Environments:
Trust in online environments, especially on the internet, faces unique challenges. Anonymity and lack of
identity transparency reduce trust, as it becomes difficult to assess the true nature of an entity. Without
identifiable characteristics or accountability, the ability to trust becomes compromised.
Addressing Trust Issues:
1. Access Control: Mechanisms are needed to prevent unauthorized access and protect data.
2. Identity Transparency: Ensuring that the identities of parties involved in transactions are
verified and transparent. This can be achieved through biometric identification, digital signatures,
and certificates.
3. Surveillance: Ongoing monitoring of systems through intrusion detection or logging and auditing
ensures actions can be traced and reviewed, thus fostering accountability.
Mechanisms for Building Trust:
1. Credentials: Digital credentials, like digital signatures, serve as proof of identity and
competence. For example, a doctor’s diploma certifies their qualifications, just as a digital
certificate verifies the identity of a user or organization online.
2. Policies: Trust policies outline conditions under which trust is granted and specify actions to take
when conditions are met or violated. These often require the verification of credentials.
3. Reputation: Reputation is built over time based on interactions with an entity. Positive or
negative history influences trust decisions. Recommendations or reviews from other trusted
parties also contribute to reputation-building.
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

Trust in Cloud Services:

In cloud computing, trust is often assessed based on the service provider’s reliability and how well they
meet specified requirements. A “trust of party A to party B for a service X” is based on A’s belief that B
will reliably perform X within a given context. Trust in cloud computing thus depends on transparency,
security, the performance of the provider, and historical interactions.
Building and maintaining trust in cloud computing involves creating transparent, secure systems that
provide clear identity verification, enforce access control, and allow for monitoring of actions. Trust is
also shaped by long-term relationships, reputation, and adherence to established policies. As cloud
services become integral to business operations, ensuring trust remains a core element of cloud security
strategies.

Operating System Security in Cloud Computing

Operating systems (OS) play a critical role in securing the hardware resources and applications that share
those resources in a computing environment. In cloud computing, OS security is essential for maintaining
data integrity, confidentiality, and the protection of applications from malicious attacks. The threats to OS
security have expanded with the growing sophistication of attacks targeting even personal devices like
computers, tablets, and smartphones.
Key Aspects of OS Security:
1. Access Control: The OS controls access to system objects, ensuring that only authorized users or
applications can access critical resources.
2. Authentication: The OS uses authentication mechanisms to verify the identity of users and
applications before granting access to resources.
3. Cryptographic Policies: The OS defines cryptographic policies to protect data confidentiality,
ensuring that sensitive information is encrypted and secure.
Mandatory vs. Discretionary Security:
 Mandatory Security: Involves strict control of policies by the system administrator. These
policies define how security attributes are assigned to users and applications. Trusted applications
are confined to specific security domains and can only access the resources necessary for their
function.
 Discretionary Security: Places the burden of security on individual users, potentially leading to
security breaches due to negligence or lack of knowledge. Discretionary mechanisms allow
applications to alter security policies, which may inadvertently compromise the system.
Trusted Applications and Privileges:
Applications that perform critical security functions are designated as trusted applications. These
applications must be restricted to the minimum privileges necessary for their operation to prevent abuse
or exploitation. For example, type enforcement is a security measure that limits the privileges of trusted
applications to protect against unauthorized access.
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

Trusted Paths and Security Mechanisms:

A trusted path is essential for ensuring secure interactions between users and trusted software. Without
such a path, malicious software could impersonate trusted software, undermining system security.
Mechanisms like trusted paths allow for secure login authentication and password changes. Enforcer
and decider components in access control mechanisms ensure that security policies are enforced
accurately by gathering necessary information and making security decisions based on predefined
policies.
Mobile Code and Security:
Mobile code, such as Java applets, introduces significant security risks by executing code that may
attempt to access restricted data or resources. While the Java Security Manager provides some
protection by running applications in a sandbox environment, it is still vulnerable to certain forms of
tampering. The OS must prevent mobile code from altering data or violating security policies, especially
when executed in environments that cannot fully protect themselves.
Challenges of Commodity Operating Systems:
Commodity operating systems (like Windows or Linux) are complex and contain millions of lines of
code, making them susceptible to vulnerabilities and attacks. These systems often fail to adequately
isolate applications from each other, meaning that if one application is compromised, all other
applications on the same platform could also be at risk. OSes also provide weak mechanisms for ensuring
that applications can authenticate each other securely and lack trusted paths for secure communication
between users and applications.
Specialized Platforms:
For high-security applications, specialized platforms (such as those used in cellular phones, game
consoles, and ATMs) may include embedded cryptographic keys. These platforms can verify their identity
to remote systems and authenticate the software running on them, making them more secure than general-
purpose operating systems. These features are not available in traditional commodity systems, which are
more vulnerable to malicious attacks.
While an OS is a critical component for securing the platform on which applications run, it alone cannot
provide sufficient protection against modern security threats. Application-specific security mechanisms,
such as digital signatures in electronic commerce transactions, are essential to bolster the security offered
by the OS. Commodity operating systems offer low assurance due to their complexity, lack of adequate
isolation, and weak authentication mechanisms. These weaknesses are particularly challenging in a
distributed computing environment, where applications may interact with unknown or potentially
malicious entities. Therefore, OS security must be supplemented with additional measures to ensure
comprehensive protection.

Virtual Machine Security

 VM Technology: Virtual machine (VM) security is key in cloud environments, offering benefits
like better isolation between VMs, but also presenting unique vulnerabilities.
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

 VM Security Models:
o In the Traditional System VM Model, the Virtual Machine Monitor (VMM) enforces
security by controlling access to hardware and isolating VMs from each other.
o Hybrid and Hosted VM Models are less secure because the entire system’s security
depends on the host OS.
o Virtual Security Services: VMs can have their security managed either by the VMM
(Figure 9.2a) or a dedicated security VM (Figure 9.2b). A Trusted Computing Base
(TCB) is critical for maintaining security in virtualized environments.
Isolation and Control
 VMM Isolation: The VMM ensures stricter isolation of VMs than traditional OS processes,
protecting VMs from malicious actions by other VMs.
 Challenges: The VMM primarily manages lower-level system functions, while higher-level
security services are more abstract and difficult to enforce through the VMM.
Security Features of Virtualization
 VM Cloning and Replication: The ability to clone or replicate VMs enhances security, as it
allows for the testing of suspicious applications in a controlled, isolated environment.
 Communication and Isolation: Inter-VM communication is faster than between physical
machines, which can be used to enhance security by isolating sensitive processes.
Threats and Attacks
 Sophisticated Attacks: Attackers may attempt to avoid VM honeypots, or access VM logs to
steal sensitive data like cryptographic keys. Log files must be carefully protected.
 Security Trade-offs: Virtualization provides enhanced security but incurs higher hardware costs
and development overhead. The Virtual Machine Monitor (VMM) introduces overhead due to
its involvement in privileged operations.
VM-based Intrusion Detection and Prevention
 VM-based intrusion detection systems (IDS), such as Livewire and Siren, use VM isolation,
inspection, and interposition to detect attacks. VMs also support intrusion prevention systems
like SVFS and NetTop, focusing on protecting against threats before they impact the system.
VMM and VM-Based Threats
1. VMM-based Threats:
o Resource Starvation: Rogue VMs can bypass resource limits, starving other VMs.
o Side-Channel Attacks: Poor isolation between VMs can allow malicious VMs to attack
others.
o Buffer Overflow: Vulnerabilities within the VMM can be exploited by attackers.
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

2. VM-based Threats:
o Rogue VMs: Unauthorized VMs can be created and launched with insecure settings.
o Tampered VM Images: VMs may use insecure or compromised images, leading to
security risks.

Figure 9.2(a): This diagram illustrates a system where Virtual Security Services are provided by the
Virtual Machine Monitor (VMM). The VMM controls the entire hardware access and manages the
interactions of the guest VMs, while also providing security services to ensure the integrity and isolation
of the VMs.
Figure 9.2(b): This figure shows an alternative architecture where a dedicated Security Services VM
handles security tasks. In this setup, the security functions are separated from the VMM and run in their
own isolated VM. This additional layer enhances security, especially for managing sensitive data and
policies.
VM technology offers strong isolation and security features, but it is not without its challenges. It requires
careful management, especially regarding resource allocation, image integrity, and monitoring for threats.
While the benefits of virtualization, like better isolation and flexibility, enhance security, it requires
additional overhead, including higher hardware costs and development efforts.

Security Risks Posed by Shared Images in Cloud Environments

When using cloud services like Amazon Web Services (AWS), image sharing—particularly through
resources like Amazon Machine Images (AMIs)—can expose users to various security vulnerabilities,
even if the cloud provider is trusted. Shared AMIs, often tempting for less experienced users, can harbor
significant security risks, especially if they come from untrusted or malicious sources.
Image Creation Process
Creating an AMI involves bundling the contents of a running system (or another image) into an S3
bucket. The process includes:
1. Creating the Image: Starting from a running system, another AMI, or a VM image.
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

2. Bundling: The image is compressed, encrypted, and split into segments to be uploaded.
3. User Instantiation: The user specifies resources, credentials, firewall configuration, and region
settings to instantiate the AMI.
The process of sharing images can introduce various security risks because of leftover sensitive data or
improper configurations.
Key Findings from AMI Security Audits
A security audit of 5,303 AMIs revealed several critical security risks:
1. Vulnerabilities:
o 98% of Windows AMIs and 58% of Linux AMIs had critical vulnerabilities, including
remote code execution risks.
o These vulnerabilities were often outdated, with many images being several years old, and
sometimes lacking necessary patches.
2. Backdoors and Credentials:
o Many Linux AMIs had left-over credentials (e.g., ssh keys and passwords), allowing
unauthorized users to log into running instances.
o Some AMIs retained the original creator's ssh keys, allowing them to access instances
remotely without detection.
o Password hashes in AMIs could be cracked using tools like John the Ripper, opening
further access for attackers.
3. Omitted Security Configurations:
o Cloud-init scripts, meant to regenerate ssh host keys on boot, were sometimes omitted.
This allowed attackers to conduct man-in-the-middle attacks by exploiting shared ssh
keys across instances.
4. Unsolicited Connections:
o Some AMIs were configured to send information to external agents (e.g., syslog logs and
IP addresses), potentially leaking sensitive data to malicious actors.
o These connections could be disguised as legitimate, making it difficult for users to detect
unauthorized data exfiltration.
5. Malware:
o Malware, including Trojans, was discovered in some Windows AMIs. These Trojans
could facilitate keylogging, data theft, and process monitoring, compromising the privacy
and security of users.
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

Privacy Risks for Image Creators

Creators of shared AMIs risk exposing:
 Private keys, IP addresses, browser history, and shell history.
 Malicious actors can extract sensitive data such as API keys, leading to unauthorized cloud
service usage, or access SSH keys that lack passphrase protection, allowing further compromise.
 Deleted files in AMIs can often be recovered using standard utilities, revealing sensitive
information if proper sanitization was not performed.
Key Recommendations
1. Secure Image Creation:
o Use tools like shred, scrub, or wipe to ensure sensitive data is securely deleted before
creating an image.
o Avoid leaving private keys, IP addresses, or other sensitive information in the image files.
o Ensure that cloud-init scripts are correctly configured to prevent shared SSH keys and
mitigate man-in-the-middle risks.
2. Vulnerability Management:
o Regularly update and patch AMIs, especially critical security vulnerabilities related to
system services.
o Perform vulnerability audits on AMIs before using them to ensure they don't expose the
system to known exploits.
3. Image Auditing:
o Users should audit shared AMIs to ensure no backdoors (e.g., unwanted ssh keys,
passwords) remain.
o Use security tools to inspect AMIs for malware and unexpected outgoing connections.
4. Control Access to AMI Repositories:
o Restrict access to image repositories and ensure that only authorized users can create,
modify, or share AMIs.
Shared images in cloud environments pose significant security and privacy risks, especially when the
images are not properly sanitized or maintained. Users and image creators must be aware of the potential
vulnerabilities, including leftover credentials, unpatched software, malware, and recovery of deleted files.
By following best practices for image creation and auditing, these risks can be minimized, enhancing the
overall security of cloud infrastructure.
Security risks posed by a management OS
The security risks posed by a management OS in virtualized environments, especially those relying on
hypervisors like Xen, are significant, despite the small footprint of the hypervisor itself. Here’s a
summary of the key risks and concerns:
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

1. Trusted Computing Base (TCB): In a virtualized environment, the TCB includes the hardware,
hypervisor, and management OS (running in Dom0). While the hypervisor provides isolation
between VMs, the management OS is a critical component and can introduce vulnerabilities. In
Xen, Dom0 manages VM creation, I/O device emulation, and other administrative tasks.
2. Vulnerabilities in the Management OS: A study of Xen found that most attacks targeted the
service components of the management OS, not the hypervisor itself. For instance, vulnerabilities
could allow for buffer overflows, denial-of-service (DoS) attacks, or even the modification of the
guest OS kernel to allow malicious control.
3. Potential Malicious Actions by Dom0: A compromised Dom0 could perform several harmful
actions:
o Prevent a VM from starting (denial-of-service).
o Alter the kernel of a guest OS to monitor or control applications.
o Manipulate memory mappings and virtual CPU states, undermining VM integrity.
4. Communication Risks: During runtime, Dom0 facilitates communication between guest OSes
(DomUs) and external systems via shared device drivers. This communication is typically
unsecured, and while TLS encryption can be used, it doesn’t prevent Dom0 from potentially
extracting sensitive information, such as cryptographic keys, from memory.
5. Critical Role of XenStore: XenStore, a critical component for maintaining the state of the
system, can be targeted by malicious VMs to deny access to other VMs or even gain unauthorized
access to memory.
6. Protection Requirements for Dom0:
o Memory Sharing: Dom0 should be restricted from accessing the memory of DomUs
unless initiated by a hypercall from Dom0 and the memory is encrypted.
o Hypercall Restrictions: Security-critical hypercalls should be tightly controlled. Certain
hypercalls that can harm a DomU, like foreign mapping or debugging hypercalls, should
be monitored and possibly restricted.
o Ensuring Confidentiality and Integrity: Virtual CPU registers and memory should be
encrypted during save and restore operations. The hypervisor should also perform
integrity checks.
7. Performance Overhead: Increased security measures, such as encrypted memory and encrypted
virtual CPU states, can lead to significant overhead. Performance measurements show that the
overhead can increase domain build times, save times, and restore times by up to 2.3 times.
 @VTUpadhai – Cloud Computing (21CS72) – Module 4 Notes

Figure 9.3 shows the architecture of a Xen-based virtualized environment.

 Hardware: The physical machines at the bottom.
 Xen (Hypervisor): A lightweight layer that virtualizes the hardware and manages guest VMs
(DomUs).
 Dom0 (Management OS): The privileged management OS that controls VM creation, resource
allocation, and device management. It communicates between DomUs and hardware.
 DomU (Guest OS): Virtual machines running on top of Xen with their own OS and applications,
isolated from each other by the hypervisor.
The security of the entire virtualized environment is thus dependent not only on the hypervisor but also on
securing the management OS (Dom0) and the communications between Dom0 and DomUs.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

Module 5
Part 1- Cloud Platforms in Industry Amazon web services: - Compute services, Storage services,
Communication services, Additional services. Google AppEngine: - Architecture and core concepts,
Application life cycle, Cost model, Observations.
Part 2- Cloud Applications: Scientific applications: - HealthCare: ECG analysis in the cloud, Biology:
gene expression data analysis for cancer diagnosis, Geoscience: satellite image processing. Business
and consumer applications: CRM and ERP, Social networking, media applications.

Amazon Web Services (AWS)

It offers a variety of cloud computing solutions, from elastic infrastructure scalability to messaging and
data storage, allowing developers to build flexible applications. Some of the core services include:
 Amazon EC2 (Elastic Compute Cloud): Offers IaaS (Infrastructure as a Service), allowing
users to deploy virtual servers (instances) based on predefined images (AMIs). EC2 provides
several instance types, including standard, micro, high-memory, high-CPU, and cluster instances.
Instances are priced hourly, with spot instances offering dynamic pricing based on availability.
 Amazon S3 (Simple Storage Service): Provides scalable storage solutions for storing data in the
cloud.
 Amazon RDS (Relational Database Service) and Amazon ElastiCache: Offer managed
database and caching services, making it easier to handle structured data.
 AWS Elastic Beanstalk: A PaaS (Platform as a Service) solution that simplifies the process of
deploying and managing web applications, especially those built using Java and other
technologies.
 AWS CloudFormation: Allows users to create and manage AWS resources with templates,
automating complex infrastructure setups.
 Amazon Elastic MapReduce (EMR): A cloud platform for processing large amounts of data
using Hadoop and related tools, providing elastic scaling to handle data-intensive applications.
 Amazon VPC (Virtual Private Cloud) and Elastic Load Balancing: Provide networking
services, enabling secure communication and distribution of traffic across instances.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

AWS provides flexible services for various applications, such as cloud storage, computing, and database
management, with advanced offerings like MapReduce, AutoScaling, and CloudFormation for creating
dynamic and scalable systems.
9.1.1 Compute Services:
9.1.1 Compute Services
Amazon EC2 (Elastic Compute Cloud) is a core offering in AWS's Infrastructure as a Service (IaaS)
model. EC2 allows users to deploy virtual machines (VMs) based on pre-configured Amazon Machine
Images (AMIs). These VMs, known as EC2 instances, can be tailored to specific needs in terms of
computing power, storage, and memory. Below are the detailed concepts surrounding Amazon EC2 and
its related services:

9.1.1.1 Amazon Machine Images (AMIs)

 What are AMIs?
AMIs are templates used to create EC2 instances. These templates consist of an operating system
(OS) and pre-installed software that can be configured to meet specific application requirements.
AMIs help streamline the process of deploying instances by serving as a starting point.
 Storage & Identification
AMIs are stored in Amazon S3 and are identified by unique IDs. These images may include
custom configurations such as kernel settings or system-level adjustments, making them
adaptable for various use cases.
 Creating and Managing AMIs
Users can create AMIs from scratch or by bundling existing EC2 instances. Once created, AMIs
can be shared publicly, privately, or monetized by associating product codes with them. This
allows for easy reuse or distribution.

9.1.1.2 EC2 Instances

 What are EC2 Instances?
EC2 instances are virtual machines (VMs) created from AMIs. These instances represent the
computing resources (CPU, memory, storage) needed to run applications.
 Configuration & Types
EC2 instances can be configured to match specific requirements such as memory, CPU, and
storage capacity. AWS defines instance types based on computing power needs:
o Standard Instances: For general-purpose use.
o Micro Instances: For lightweight workloads with minimal resource requirements.
o High-Memory Instances: For memory-intensive applications.
o High-CPU Instances: For compute-intensive tasks.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

o Cluster Compute and GPU Instances: For specialized needs like high-performance
computing (HPC) and graphic processing.
 Pricing
EC2 instances are generally billed on an hourly basis, but spot instances are also available. Spot
instances allow users to bid for unused capacity at lower rates, with pricing varying depending on
demand and availability.

9.1.1.3 EC2 Environment

 Virtual Environment
EC2 instances operate within a virtualized environment, which abstracts away the underlying
hardware and allows users to focus on configuring their software stack. This environment handles
crucial aspects like networking, storage, and security.
 IP Addressing
By default, EC2 instances are assigned internal IPs for internal communication. However, an
Elastic IP (EIP) can be associated with instances to provide public IP addresses that can be
reassigned to other instances as necessary. This gives more flexibility in managing publicly
accessible services.
 Availability Zones
AWS has multiple availability zones (e.g., Virginia, California, Ireland, Singapore, Tokyo) for
distributing instances across geographic regions. Pricing may differ across these zones.
 Security and Firewalls
EC2 instances are secured by security groups and firewall rules that control access and
communication. While basic network security is handled by these groups, further security
measures must be implemented within the instance, such as OS-level security configurations.

9.1.1.4 Advanced Compute Services

Beyond basic EC2 instances, AWS offers advanced compute services that simplify deployment,
management, and execution of complex tasks. These services help users manage their infrastructure more
efficiently.
1. AWS CloudFormation
o What is CloudFormation?
AWS CloudFormation allows users to define and manage AWS resources (like EC2, S3,
SimpleDB, etc.) using templates. These templates are JSON files that describe the
desired architecture, dependencies, and configurations of the resources.
o How it Helps?
CloudFormation abstracts the infrastructure management, making it easier to deploy
complex systems by specifying the resources and their relationships in a declarative
manner. It handles provisioning and updates automatically.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

2. AWS Elastic Beanstalk

o What is Elastic Beanstalk?
AWS Elastic Beanstalk simplifies the deployment of web applications by abstracting the
underlying infrastructure (e.g., EC2 instances, load balancers, etc.). Developers can
upload their application code (e.g., WAR files for Java) and Elastic Beanstalk
automatically handles the deployment, scaling, and load balancing.
o How it Works?
With Elastic Beanstalk, developers don’t need to manage EC2 instances manually. The
service automatically handles infrastructure tasks such as provisioning, load balancing,
and scaling based on traffic.
3. Amazon Elastic MapReduce (EMR)
o What is EMR?
Amazon EMR provides a cloud platform to run MapReduce applications using
Hadoop. This platform helps users process large datasets by distributing the processing
workload across multiple EC2 instances.
o Dynamic Scaling
EMR allows users to dynamically adjust the size of their Hadoop clusters, scaling the
compute power as required for processing. Different types of EC2 instances (like Small,
High-Memory, or GPU instances) can be selected based on the specific processing task to
optimize cost and performance.

9.1.2 Storage Services

Storage Services - Amazon S3
Amazon S3 (Simple Storage Service) is one of the most widely used storage solutions offered by AWS. It
provides a scalable, durable, and highly available distributed object storage service. Here’s a detailed
breakdown of key concepts related to Amazon S3, which forms the core of AWS's storage offerings:
9.1.2.1 S3 Key Concepts
1. Buckets
 Definition: Buckets in Amazon S3 are virtual containers used for storing objects (data). Each
bucket is created within a specific geographic region, and objects within a bucket are logically
grouped under that bucket.
 Characteristics:
o Buckets are top-level containers, and once created, they cannot be moved or renamed.
o Each bucket has a globally unique name across all AWS accounts and regions.
o Buckets are region-specific to help minimize latency and ensure data residency
compliance.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

 Use Case: Buckets are often used to organize and separate data, such as logs, backups, and media
files, and control access permissions through S3 Access Control Policies (ACPs).
2. Objects
 Definition: Objects are the actual files or data stored in Amazon S3. Each object consists of the
data itself, metadata, and a unique identifier (the object key).
 Characteristics:
o Objects are immutable once uploaded; they cannot be modified, renamed, or partially
updated.
o However, objects can be replaced or deleted, and new objects can be added.
o Objects can store up to 5TB of data, but the default upload limit is 5GB for a single
upload request.
o Each object can be associated with metadata, which provides additional information such
as file type, size, or custom metadata.
 Immutability: This feature ensures that once an object is uploaded to S3, it cannot be altered. If
you need to make changes, you must upload a new object with a different key or version.
3. Immutability
 Definition: Immutability in S3 refers to the fact that once an object is stored in a bucket, it cannot
be renamed or changed. If changes are needed, a new object version must be uploaded with a new
name.
 Significance:
o This ensures data integrity and prevents unauthorized modifications, making it
particularly important for regulatory compliance and secure data storage.
o S3's immutable nature is commonly used for storing backup data, log files, and critical
application data.
4. Eventual Consistency
 Definition: Eventual consistency means that changes made to objects in S3, such as updates or
deletions, might not be immediately reflected across all AWS regions or even within the same
region. This delay happens because of S3’s replication process across its global infrastructure.
 Characteristics:
o While changes like object creation are immediately visible, deletions or modifications
may take time to propagate fully.
o S3 ensures that eventually, all copies of the object will be updated, but there may be a
brief inconsistency period.
 Use Case: This model is suitable for many use cases where slight delays in consistency are
acceptable (e.g., media files, backups).
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

5. Access Methods
 Definition: S3 allows interaction with its storage through standard HTTP methods, following
RESTful web services principles.
 Methods:
o GET: To retrieve objects from the S3 bucket.
o PUT: To upload new objects or replace existing ones.
o DELETE: To remove objects from S3.
 How it Works: Applications can use these HTTP methods to directly interface with S3 via REST
API calls, making S3 highly adaptable and programmatically accessible.

S3 Resource Naming and Access

1. Bucket Access Methods
 S3 allows different formats for accessing buckets and objects. The method chosen depends on
how the user configures their S3 service.
 Canonical Form:
http://s3.amazonaws.com/bucket_name/
This is the simplest URL format, where bucket_name is the name of the S3 bucket, and it follows
the base AWS endpoint URL.
 Subdomain Form:
http://bucket-name.s3.amazonaws.com/
In this format, the bucket name is used as a subdomain for S3’s service endpoint. This is
commonly used for publicly accessible content.
 Virtual Hosting Form:
http://bucket-name.com/
Virtual hosting allows the use of domain names to access the bucket. It provides flexibility for
branding or integrating with custom domain names, enhancing security and performance.
2. Buckets and Objects
 Bucket Characteristics:
o Buckets reside in specific geographic regions, which helps minimize latency for end
users and ensures compliance with regional data storage regulations.
o Objects within a bucket are organized by their unique keys, which serve as the object
identifier.
 Object Metadata:
o Metadata is information stored with an object, such as file type, date, or custom key-
value pairs for application-specific usage.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

o S3 supports automatic metadata generation like content-type (e.g., text/plain) and custom
tags for efficient searching and categorization.

Access Control Policies (ACPs)

Access Control Policies are used to manage permissions for who can access and perform actions on S3
buckets and objects. These policies are essential for securing data and controlling who can read, write, or
modify stored files.
1. READ:
o Grants permission to read the content of an object, such as downloading the file or
reading its metadata.
2. WRITE:
o Grants permission to add, modify, or delete objects within the bucket. This is useful for
managing dynamic content that frequently changes, such as logs or backups.
3. FULL_CONTROL:
o Grants the user or group full access to both the objects and the bucket itself, including

Advanced Features of S3
1. Server Access Logging
 Definition: This feature enables the logging of access requests to your S3 buckets. Server access
logs record requests made to the S3 service and store them in a specified S3 bucket.
 Use Case:
o Useful for auditing and monitoring who is accessing the data.
o Helps in tracking usage, troubleshooting, and identifying potential security issues.
o The logs can be analyzed using AWS services like Amazon Athena or QuickSight.
2. BitTorrent Integration
 Definition: S3 supports integration with the BitTorrent protocol, allowing users to distribute their
objects via the BitTorrent network.
 Use Case:
o Ideal for distributing large files (like software updates, media files) in a peer-to-peer
network, reducing bandwidth costs by leveraging distributed download.
o Popular in use cases like software distribution, multimedia content delivery, and public
file sharing.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

9.1.2.2 Amazon Elastic Block Store (EBS)

 Purpose: Amazon EBS provides persistent block-level storage for EC2 instances, enabling the
storage of data that remains intact across EC2 instance life cycles.
 Key Features:
o Volume Sizes: EBS volumes can accommodate up to 1 TB of data.
o Persistence: The content on EBS volumes survives the instance lifecycle and is stored in
Amazon S3.
o Flexible File Systems: Volumes can be formatted as raw storage, with a file system, or
according to specific needs.
o Snapshots: Incremental snapshots allow users to back up volumes, storing only the
changes (deltas) since the last snapshot, which is more storage-efficient.
o High Availability: Volumes are typically stored in the same availability zone as the EC2
instances they are attached to, ensuring low latency and high I/O performance.
o Cross-Zone Access: Volumes can be attached across availability zones, although it’s
recommended to keep them in the same zone for optimal performance.
o Lazy Loading: Data is loaded lazily in the background based on OS requests, reducing
I/O traffic.
o Multiple Volume Attachments: Multiple volumes can be attached to a single instance,
and instances can use multiple volumes.
 Cost: Storage: $0.10 per GB per month and I/O Requests: $0.10 per 1 million requests.

9.1.2.3 Amazon ElastiCache

 Purpose: ElastiCache provides in-memory data caching for EC2 instances, improving the
performance of data-intensive applications by reducing the need to retrieve data from slower disk
storage.
 Key Features:
o Caching: Built on Memcached and Redis, two popular in-memory caching protocols.
o Elasticity: The cache cluster can scale up or down based on demand, adapting to
changing application needs.
o Managed Service: AWS manages the patching, failure recovery, and scaling, freeing
users from administrative tasks.
o Compatibility: Applications that use Memcached can be migrated seamlessly to
ElastiCache without needing to modify code.
 Cost: Pricing is based on EC2 instance pricing with an additional small premium for the caching
service, depending on the instance type selected.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

9.1.2.4 Structured Storage Solutions

 Purpose: These services help manage structured data, typically for enterprise applications, and
include a variety of database solutions that are more efficient for handling complex queries,
indexing, and analytics.
A. Preconfigured EC2 AMIs
 Purpose: Preconfigured EC2 AMIs are ready-to-use Amazon Machine Images that come with
database management systems (DBMS) pre-installed.
 Key Features:
o Variety: Includes databases like MySQL, Oracle, IBM DB2, PostgreSQL, and others.
o Flexibility: Users can choose from a variety of DBMS options, but they are responsible
for configuring and maintaining the database system.
o Management: Full administrative control over the database configuration, performance
tuning, and backups.
 Cost: Charged based on EC2 instance pricing. Additional costs may arise from the required EBS
storage for persistence.

B. Amazon RDS (Relational Database Service)

 Purpose: Amazon RDS is a fully managed relational database service for MySQL and Oracle
databases that reduces administrative overhead.
 Key Features:
o Automated Management: AWS handles backups, patching, failover, and recovery
processes automatically.
o Multi-AZ Deployment: Provides high availability by maintaining standby copies of
databases in different availability zones that can take over if the primary instance fails.
o Read Replicas: Allows for performance improvement in read-heavy applications by
creating read-only copies of the database instance.
o Security and Backup: Automatic backups, point-in-time recovery, and snapshot
capabilities.
 Cost: On-Demand Instances: Priced hourly based on the instance type. Reserved Instances:
Can be purchased for one to three years at a discount with up-front payment.

C. Amazon SimpleDB
 Purpose: A flexible, scalable NoSQL database service designed for applications that do not need
full relational capabilities.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

 Key Features:
o Domains: Data is organized in domains, which are somewhat like tables but without
strict schema enforcement. Items in domains are stored as key-value pairs.
o Eventual Consistency: SimpleDB offers eventual consistency, meaning that after an
update, there might be a temporary discrepancy across different copies of data.
o Conditional Operations: Allows conditional insertions or deletions to ensure data
consistency in scenarios with multiple writers.
o Scalability: Can scale to handle large volumes of data, with domains limited to 10 GB of
data.
 Cost: Data Transfer and Storage: Users are charged for the data transferred in and out of the
AWS network, and the storage used.
 Machine Usage: The first 25 instances per month are free; beyond that, each instance incurs an
hourly charge of $0.140 in the U.S. East region.

9.1.2.5 Amazon CloudFront

 Purpose: Amazon CloudFront is a Content Delivery Network (CDN) designed to distribute
content globally, reducing latency by caching content on edge servers closest to users.
 Key Features:
o Global Edge Network: CloudFront has edge servers worldwide, allowing for the faster
delivery of content.
o Content Types: Supports both static content (e.g., images, JavaScript) and streaming
media (e.g., video).
o Origin Servers: Content can be served from Amazon S3 buckets, EC2 instances, or
external servers.
o Access Control: Users can control access through signed URLs and geo-blocking.
o Invalidation: Content can be invalidated or forced to refresh at edge locations before
expiration.
 Cost:
o Requests:
 HTTP: $0.0075 per 10,000 requests.
 HTTPS: $0.0100 per 10,000 requests.
o Data Transfer:
 First 10 TB: $0.120 per GB.
 Next 40 TB: $0.080 per GB.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

 Pricing decreases with higher volumes, down to $0.020 per GB for over 524 TB
per month.
9.2 Google AppEngine
Google AppEngine is a Platform-as-a-Service (PaaS) that allows developers to build and deploy
scalable web applications without managing underlying infrastructure. It leverages Google’s vast cloud
infrastructure to provide automatic scaling, load balancing, and resource management, which enables
applications to handle varying traffic loads without manual intervention.
Key Concepts and Architecture
1. Infrastructure:
o AppEngine runs on Google’s data centers spread across the world. These data centers
host the applications and ensure high availability and performance by using a global
network of servers.
o Automatic Traffic Distribution: AppEngine intelligently distributes incoming user
traffic across available servers. This distribution is designed to optimize performance,
ensuring minimal latency by directing traffic to the nearest data center or server.
o Scalability: AppEngine can automatically scale applications up or down based on the
number of incoming requests, ensuring efficient use of resources. For instance, if a web
application suddenly experiences high traffic, AppEngine can provision additional
resources (servers, computing power) to handle the load and scale back when the traffic
decreases.

 Google AppEngine Infrastructure: The distributed data centers that host and manage the apps.
 Sandboxed Runtime Environment: Isolates apps for security and stability.
 Runtime (e.g., Python SDK, Local Machine): Tools for local app development and testing.
 Web App: The deployed web application running on AppEngine.
 Datastore: Scalable NoSQL database for storing app data.
 URL Fetch: Service to send HTTP requests to external resources.
 Image Manipulation: Built-in tools for processing and editing images.
 Task Queue: Manages background tasks to avoid blocking main app flow.
 Cron Jobs: Schedules tasks to run at specific intervals.
2. Runtime Environment:
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

o The runtime environment is where the actual web application runs. This environment
includes:
 Sandboxing: A security feature that isolates applications, ensuring that they
cannot interfere with one another. This is important for multi-tenant
environments where several applications run on the same infrastructure.
 Language Restrictions: AppEngine restricts certain features of supported
programming languages to maintain security and reliability. For example, file
system access is restricted, and processes like background tasks have constraints.
 Managed Environment: AppEngine abstracts away most of the underlying
infrastructure management, allowing developers to focus on application
development instead of dealing with server management, scaling issues, and
hardware failures.

3. Supported Runtimes:
o AppEngine supports multiple programming languages, allowing developers to use their
preferred languages:
 Java: Supports Java 6 with libraries and tools specifically designed for
AppEngine. Java developers can use the AppEngine SDK to develop and test
applications locally before deploying them.
 Python: Initially optimized for Python 2.5.2, AppEngine now supports Python 3.
Developers can use AppEngine’s Python libraries to interact with Google
services such as Datastore and Cloud Storage, and they can also use web
frameworks like Django for web development.
 Go: Google Go (Golang) is another language supported by AppEngine. Go’s
simple, fast execution makes it an excellent choice for scalable cloud
applications. Developers can use Go's libraries and tools integrated with
AppEngine for building highly performant services.
o Additionally, developers can also run custom runtimes using Docker containers (Custom
Environment), enabling support for other languages, libraries, and frameworks not
natively supported.
4. Storage: AppEngine provides different types of storage systems to handle various kinds of data
needs:
o Static File Servers: Used for serving static content such as images, HTML files, CSS,
and JavaScript files. These are simple, unchanging files that don’t require processing on
the server side.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

o DataStore: A scalable, NoSQL data storage system built on top of Google Bigtable.
DataStore is designed for storing semi-structured data and provides fast, efficient access
to large volumes of data without complex schema requirements. It allows developers to
store and query data based on keys.
o MemCache: This is an in-memory cache that provides extremely fast access to data that
needs to be accessed frequently. It’s particularly useful for reducing load on Datastore by
storing frequently queried data in memory.
5. DataStore:
o Overview: DataStore is a distributed, NoSQL database designed to store and manage
semi-structured data. It automatically scales to handle large datasets and high throughput.
o Data Structure: Data in DataStore is stored as entities, and each entity has a unique key
and a set of properties. These properties can store various data types, including strings,
numbers, and lists.
o NoSQL Design: Unlike traditional relational databases, DataStore doesn’t use SQL or
enforce relational constraints. Instead, it uses key-value pairs for storing and querying
data, which allows for greater flexibility and scalability.
o Transactions: AppEngine supports atomic transactions within DataStore. You can make
atomic updates to single entities or multiple entities that belong to the same entity group.
An entity group is a collection of related entities that can be updated together in a single
transaction, ensuring consistency.
 Entity Groups: This feature ensures consistency by preventing partial updates
when the data is spread across different servers. Only entities within the same
group can be updated in an atomic operation.
6. Application Services: AppEngine provides several built-in services that simplify common web
application tasks:
o Account Management: AppEngine can integrate with Google Accounts for user
authentication and management. This allows developers to easily manage user profiles,
handle sign-ins, and maintain user-specific data.
o Messaging and Email: AppEngine has built-in support for sending emails and real-time
messaging using XMPP (Extensible Messaging and Presence Protocol). This is useful
for features like email notifications or real-time chat applications.
o Image Manipulation: AppEngine provides an image manipulation service that enables
you to resize, rotate, and process images programmatically. This is useful for generating
thumbnails or applying filters to user-uploaded images.
o Task Queues: For long-running tasks, AppEngine provides task queues that allow you to
enqueue jobs (such as background processing tasks) and run them asynchronously,
without blocking the main request-response cycle.
o Cron Jobs: AppEngine allows you to set up cron jobs to schedule tasks that need to be
executed at regular intervals (e.g., nightly data backups or daily notifications).
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

In summary, Google AppEngine offers a highly scalable, easy-to-use platform for developing and
hosting web applications. It abstracts away infrastructure management, providing developers with the
tools and services necessary to focus on building their applications rather than managing servers or
scaling issues. Key features include:
 Automatic scaling and load balancing.
 Support for multiple programming languages (Java, Python, Go, and custom runtimes).
 Integrated storage systems (Datastore, MemCache, and static file servers).
 Application services (user authentication, messaging, image manipulation, task queues, cron
jobs).
 Ease of use and rapid development, with built-in SDKs and integration with Google’s
ecosystem of services.
Google AppEngine is designed to handle everything from small, low-traffic applications to large, high-
traffic services, making it an ideal choice for developers looking for a managed, scalable environment for
their web applications.

Google AppEngine and its services-

1. UrlFetch Service
 Purpose: The UrlFetch service allows web applications to make HTTP or HTTPS requests to
remote resources that may not reside within the same domain as the application itself. This is
crucial for integrating resources from different servers or web services, especially in modern
"composite" web applications where data is pulled from multiple sources.
 Usage:
o Synchronous: The application waits for the response from the remote server before
continuing with the process.
o Asynchronous: The application sends the request and continues executing its logic while
waiting for the response in the background. This is particularly useful for non-blocking
operations.
 Key Features:
o Deadlines: You can set a timeout or deadline for each request. If the request is not
completed within the specified time, it is aborted.
o Integration: UrlFetch is typically used to fetch resources (such as HTML fragments,
JSON data, or XML) from external services or servers. This data can then be processed or
incorporated into the application’s user interface.
o Cross-domain: Since the request may be to a resource outside the application's
administrative domain, this feature enables the integration of external resources like APIs
or third-party services.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

2. MemCache
 Purpose: MemCache is a distributed in-memory caching service provided by AppEngine to store
frequently accessed data in memory. Caching improves the performance of web applications by
reducing the need to repeatedly fetch the same data from slower storage systems (like the
DataStore).
 How it works:
o When data is frequently accessed, it is stored in the cache, which is fast and temporarily
stores the data.
o On subsequent requests, the application first checks the cache. If the data is found, it is
returned immediately (cache hit). If not found (cache miss), it retrieves the data from a
persistent storage (like the DataStore) and places it in the cache for future use.
 Cache Eviction: MemCache automatically removes objects that are rarely accessed, ensuring that
the most frequently accessed data stays in memory, and memory usage is optimized.
3. Mail and Instant Messaging
 Mail: AppEngine allows developers to send email messages on behalf of their application. This
can be used for:
o Notifying users of application events (e.g., new messages, updates, or actions).
o Triggering operations based on user input (e.g., confirming an action via email).
o Sending attachments and targeting multiple recipients.
 XMPP (Extensible Messaging and Presence Protocol): AppEngine also supports real-time
communication using XMPP, a protocol for messaging and presence information. This allows the
application to send and receive chat messages to and from services that support XMPP, such as
Google Talk.
o Use Cases: This can be particularly useful for building chatbots, implementing
administrative dashboards, or integrating real-time messaging into the application for
interactive features.
4. Account Management
 Google Accounts Integration: AppEngine simplifies user account management by integrating
with Google Accounts, allowing the application to leverage Google's authentication system.
o Profile Storage: You can store user preferences or settings as key-value pairs and attach
them to a specific Google account. This means you don’t have to build and manage your
own authentication system.
o Advantages:
 Ease of Use: No need for custom authentication systems.
 Google Ecosystem: If users are already using Google services (like Gmail), they
can authenticate with their existing accounts.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

o Corporate Usage: In organizations that use Google Apps (G Suite), the integration
allows for seamless access to Google services and user profiles.
5. Image Manipulation
 Purpose: AppEngine provides an image manipulation service that allows you to perform
lightweight image processing tasks. This can include:
o Resizing: Changing the size of images to fit the needs of your web page.
o Rotation: Rotating images based on user input or application requirements.
o Mirroring: Creating a reflected version of the image.
o Enhancement: Adjusting the image's brightness, contrast, or applying filters.
 Optimization: The service is optimized for speed and designed for basic tasks like generating
thumbnails or applying watermarks, rather than heavy image processing.

6. Compute Services
 Web applications often rely on computations to handle user input and generate responses.
Sometimes these computations can take too long for a user to wait for, or they may need to be
scheduled or delayed.
 Task Queues:
o Task Queues allow you to queue tasks (such as long computations) for deferred
execution.
o Usage: If a task is too time-consuming for a synchronous HTTP request, you can enqueue
it to run later, without holding up the user request.
o Automatic Retries: If a task fails due to temporary issues (e.g., a network failure), the
system automatically retries the task.
 Cron Jobs:
o Cron Jobs allow you to schedule tasks that need to run at specific times (e.g., nightly
backups, daily reports, or sending reminders).
o Use Case: Perfect for tasks that need to run periodically, like maintenance or
notifications, without waiting for a user request.
7. Application Lifecycle Management
 Development and Testing:
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

o Developers can create and test applications locally using a local development server.
This server mimics the AppEngine environment and helps in testing without uploading
the code to the cloud.
o The server provides mock implementations of AppEngine services (like DataStore and
MemCache) and includes tools for profiling and debugging.
 SDKs:
o Java SDK: Provides tools and libraries to develop and test Java applications. It can be
integrated into Eclipse IDE using the Google AppEngine plug-in.
o Python SDK: Allows development of Python-based applications and provides tools like
the GoogleAppEngineLauncher to manage, test, and deploy applications.
 Deployment: Once an application is ready, it can be deployed to AppEngine. Developers need to
choose a unique application identifier (which forms part of the web address) to access the
application. AppEngine handles scaling, load balancing, and other operational aspects once the
app is deployed.

8. Cost Model
 Free Service and Billing:
o Free Quotas: AppEngine provides a free tier with limited resources, such as CPU time,
bandwidth, and storage. This free tier is reset daily.
o Billing: After testing, developers can set up a billing account for more resources, and they
are charged based on usage. The service is billed on a pay-per-use basis.
 Quota Types:
o Billable Quotas: These are quotas that you define based on your budget and usage. Once
the quota is used up, the application may stop working until it is replenished.
o Fixed Quotas: AppEngine also enforces internal quotas to ensure that applications don’t
overload the system, which could affect other users.
o Per-Minute Quotas: To prevent excessive consumption of resources in short bursts,
AppEngine enforces limits on resource usage per minute.
 Error Handling: When a resource quota is exceeded, the application will return an error (e.g.,
"HTTP 403 Forbidden" for HTTP requests) until the quota is reset or replenished.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

PART 2
10.1 Scientific Applications in Cloud Computing
Cloud computing has gained significant traction in scientific research, offering scalable and cost-effective
solutions for various applications, such as high-performance computing (HPC), high-throughput
computing (HTC), and data-intensive tasks. Cloud computing provides researchers with virtually
unlimited resources at lower costs compared to traditional in-house systems. The ability to leverage cloud
resources with minimal changes to existing applications is a key benefit.
Cloud platforms such as IaaS (Infrastructure as a Service) offer the best environment for scientific
applications that run bag-of-tasks applications and workflows. Virtual machine instances can be
customized to meet specific software stack requirements, and distributed computing middleware ensures
seamless operation in cloud infrastructures. Additionally, PaaS (Platform as a Service) allows researchers
to explore new programming models to tackle complex computational problems, such as the MapReduce
model, which is particularly suited for large data processing in scientific domains.

10.1.1 Healthcare: ECG Analysis in the Cloud -

The use of cloud computing in healthcare, specifically for ECG (Electrocardiogram) data analysis,
exemplifies how cloud technologies can enhance the diagnosis and monitoring of heart diseases. ECG
analysis involves detecting heart conditions such as arrhythmias based on the waveform patterns of a
patient's heartbeat. Cloud computing enables continuous monitoring, rapid data analysis, and immediate
notifications for medical personnel, all while offering scalability, flexibility, and cost-efficiency.
ECG Analysis Process in the Cloud
1. Wearable Devices with ECG Sensors:
The patient wears a device equipped with ECG sensors that continuously monitor the electrical
signals produced by their heart. These devices capture the patient's heartbeat data in real-time.
2. Data Transmission to Mobile Devices:
The ECG data collected by the wearable sensor is transmitted to the patient's mobile device. This
data can be sent using wireless technologies such as Bluetooth or Wi-Fi.
3. Cloud-Based Web Service for Data Analysis:
Once the data reaches the mobile device, it is forwarded to a cloud-hosted web service. The web
service acts as a SaaS (Software as a Service) application, responsible for handling and
processing the ECG data.
o The web service stores the ECG data in cloud storage (e.g., Amazon S3) for safekeeping.
o After storage, the service sends the data to a cloud-based processing platform for
analysis.
4. Cloud Infrastructure for Data Processing:
o The cloud infrastructure uses IaaS (Infrastructure as a Service) resources, specifically
EC2 instances, to handle the actual computation and analysis of the ECG data.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

o The Aneka workflow engine coordinates the computational tasks required for processing
the ECG data. These tasks include:
 Waveform extraction: Identifying the specific shape of the ECG waveform.
 Waveform comparison: Comparing the extracted waveform to a reference
waveform to detect any anomalies such as irregular heartbeats.
o The cloud platform dynamically adjusts the number of EC2 instances based on the
workload, scaling up or down to handle varying demands for processing power (this is
called elasticity).
5. Anomaly Detection and Alerts:
Once the waveform analysis is complete, the cloud platform checks for any anomalies in the
ECG data. If abnormal heart patterns are detected (e.g., irregularities in the heartbeat), the system
immediately alerts medical personnel, including doctors and first-aid responders, so they can
take necessary actions.
o Alerts are sent via mobile notifications, emails, or other communication methods.
6. Advantages of Cloud-Based ECG Analysis:
o Elasticity and Scalability: The cloud infrastructure can scale according to the processing
requirements, meaning resources can expand or contract as needed based on the volume
of ECG data or the complexity of the analysis. This allows for efficient use of computing
resources without requiring hospitals to invest in large in-house infrastructure.
o Ubiquity and Accessibility: Cloud services are available anywhere with internet access,
making it possible for doctors to monitor patients remotely and access data from any
device. This level of accessibility is essential for emergency care and continuous
monitoring.
o Cost Efficiency: Cloud services operate on a pay-per-use basis, so hospitals only pay for
the resources they actually use, rather than paying for large, fixed infrastructure costs.
This is especially beneficial for small to medium-sized hospitals or remote health centers.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

Key Benefits of Cloud for ECG Analysis:

 Elasticity: The system can dynamically scale to handle high volumes of data or varying demands.
 Ubiquity: Accessible from any device, anywhere, allowing healthcare professionals to monitor
patients in real-time.
 Cost-Effective: Pay-per-use pricing ensures hospitals only pay for the computing resources used,
reducing capital expenses.
10.1.2 Biology: Protein Structure Prediction
Protein structure prediction is a critical area in computational biology with vast applications in drug
design, disease treatment, and understanding biological functions. The geometric structure of proteins
plays a pivotal role in their function, and predicting this structure based on the amino acid sequence is a
complex computational task that traditionally required supercomputing resources. However, cloud
computing offers an attractive solution by providing scalable and on-demand computing resources.
Understanding Protein Structure Prediction:
 Protein Folding Problem: The primary goal in protein structure prediction is to predict the 3D
structure of a protein from its linear amino acid sequence. This problem is computationally
intensive because the number of possible protein conformations grows exponentially, requiring
substantial computational resources to simulate and identify the most stable structure (i.e., the one
with the lowest energy configuration).
 Machine Learning for Classification: In modern approaches, machine learning techniques,
especially support vector machines (SVMs), are used to predict secondary structures (e.g.,
alpha-helices, beta-sheets) of proteins. The SVM approach involves transforming the problem
into pattern recognition, where the sequence of amino acids is classified into discrete categories
based on learned patterns.
Jeeva Portal for Protein Structure Prediction:
The Jeeva project is an example of a system that uses cloud computing to facilitate protein structure
prediction. The system integrates a web portal that allows researchers to offload computational tasks to
the cloud, utilizing Aneka, a cloud computing middleware.
1. Task Graph:
o The protein structure prediction task is broken down into a task graph that includes
several phases: Initialization, Classification, and Final Prediction.
o Each phase involves different processes like sequence alignment, feature extraction, and
structure prediction.
2. Phases in Prediction:
o Initialization Phase: Involves setting up the necessary data for processing.
o Classification Phase: Multiple classifiers (such as SVM classifiers) are used to process
different parts of the protein sequence in parallel, significantly reducing the computation
time.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

o Final Phase: Involves generating the final predicted structure based on the processed
data.
3. Cloud Scalability:
o Aneka Middleware: Allows the dynamic scaling of resources. The cloud infrastructure
can grow or shrink based on demand, meaning resources can be added when computation
requirements are high and reduced during less busy periods.
o Task Execution in Parallel: The classification phase, which can be parallelized, involves
executing multiple classifiers concurrently to reduce overall computation time.
4. Advantages of Cloud over Traditional Grid Computing:
o Elasticity: Cloud computing offers scalable infrastructure that can be adjusted on-
demand, providing better flexibility than static grid computing.
o Pay-Per-Use: Researchers only pay for the computing resources they use, making it more
cost-effective than maintaining expensive supercomputing clusters.
o Accessibility: Cloud technologies enable scientists to access large-scale computing
resources without the need for owning or managing the hardware.

Task Graph for Protein Structure Prediction (Figure 10.2):

 The figure represents the task graph of the protein structure prediction process within the Jeeva
Portal.
o Nodes A to I represent different tasks and stages in the workflow. For instance, A
represents BLAST, a sequence alignment tool, and I represents the final prediction of the
secondary structure of the protein.
o These tasks are executed in sequence, but the classification phase (B to H) can be
parallelized, where multiple classifiers work concurrently to process different aspects of
the protein structure.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

10.1.3 Biology: Gene Expression Data Analysis for Cancer Diagnosis

Gene expression profiling measures the activity of thousands of genes simultaneously to understand the
underlying biological processes and their impact on diseases like cancer. The data generated is high-
dimensional, with several thousand genes and relatively few samples, posing a challenge for traditional
machine learning algorithms. Cloud computing provides a solution by enabling parallel processing of
large datasets for accurate cancer diagnosis.
Challenges in Gene Expression Data:
 High Dimensionality: Gene expression datasets often have thousands of features (genes) and
relatively few samples, making them difficult to analyze using conventional methods.
 Classification of Tumors: The goal is to classify tumors into distinct categories (e.g., benign,
malignant) based on gene expression profiles. Traditional methods may struggle due to the high
dimensionality of the data.
CoXCS and Cloud Computing for Gene Expression:
The CoXCS algorithm is an extension of the eXtended Classifier System (XCS), used for solving high-
dimensional classification problems. The cloud-based implementation, Cloud-CoXCS, leverages the
Aneka platform to parallelize the classification process and divide the dataset into manageable
subdomains.
1. CoXCS Algorithm:
o Subdomain Decomposition: The dataset is divided into smaller subdomains, and each
subdomain is processed concurrently using the XCS algorithm.
o Parallelization: The classification tasks for each subdomain are executed in parallel,
reducing the overall computation time.
2. Cloud Computing Advantage:
o Scalability: Aneka’s scalable infrastructure can grow or shrink depending on the demand,
ensuring that resources are used efficiently.
o Efficiency: The parallelization of tasks in the cloud enables faster classification of high-
dimensional gene expression data, leading to more accurate and timely cancer diagnoses.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

Cloud-CoXCS Architecture (Figure 10.3):

 The figure illustrates the architecture of Cloud-CoXCS, showing how gene expression data is
processed using Aneka and cloud infrastructure.
o Cloud-CoXCS: This environment orchestrates the classification tasks for gene
expression data. The Elastic Sizing of cloud resources is managed dynamically by the
platform, adapting to the computational needs at any given time.

10.1.4 Geoscience: Satellite Image Processing

Geoscience applications, particularly satellite image processing, require significant computational power
to analyze massive datasets. Cloud computing provides an ideal solution for these types of applications,
enabling efficient processing and analysis of satellite imagery for geographic information systems (GIS).
Challenges in Satellite Image Processing:
 Large Data Volumes: Satellite images can reach hundreds of gigabytes, requiring substantial
storage and computational resources.
 Complex Image Processing: Processing involves several transformations, corrections, and
analyses to extract meaningful geospatial data.
Cloud-Based Satellite Image Processing:
The Department of Space, Government of India, developed a cloud-based solution for satellite image
processing that leverages Aneka for managing the computational tasks.
1. SaaS for Data Visualization:
o A Software as a Service (SaaS) application provides services for tasks like geocode
generation and the visualization of satellite image data.
2. Aneka for Task Execution:
o At the Platform as a Service (PaaS) level, Aneka orchestrates the importing of satellite
images and the execution of image processing tasks.
3. Elastic Scaling:
o The platform leverages a private Xen cloud to dynamically provision the necessary
resources, scaling up when the workload increases and scaling down when it decreases.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

Cloud-Based Satellite Image Processing Architecture (Figure 10.4):

 The figure shows the cloud-based architecture for satellite image processing. The system
integrates SaaS and PaaS to support geospatial data analysis, with Aneka controlling the
dynamic provisioning of cloud resources based on demand. This allows for efficient processing of
large satellite images and data integration for GIS applications.

Certainly! Here's a detailed explanation of each of the topics you mentioned:

10.2 Business and Consumer Applications

Cloud computing has dramatically transformed both business operations and consumer experiences by
providing scalable, cost-effective solutions. This section will discuss several key business applications
such as Customer Relationship Management (CRM) and Enterprise Resource Planning (ERP) systems,
along with productivity tools and social networking services.

1. CRM and ERP in the Cloud

CRM (Customer Relationship Management) and ERP (Enterprise Resource Planning) systems are
integral to business operations, enabling companies to streamline and manage customer interactions and
internal processes. Cloud computing has enabled these systems to become more accessible, scalable, and
affordable.
CRM in the Cloud:
CRM systems help businesses manage and analyze customer interactions and data, aiming to improve
relationships, customer retention, and sales. Traditionally, CRM systems were installed on-premise,
requiring significant upfront investment in hardware and software. However, with cloud-based CRM
solutions, businesses can now access these systems over the internet, with subscription-based pricing
models that reduce costs and improve scalability.
 Salesforce.com is one of the most popular cloud-based CRM solutions. It provides a platform
where businesses can manage customer interactions, track sales, and analyze customer data.
Salesforce is built on the Force.com platform, which allows developers to create custom
applications that can work alongside CRM features. The platform’s architecture, based on
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

metadata, ensures that all the data and applications are scalable and adaptable to the company’s
changing needs.

 Key Advantages of Cloud-based CRM:

o Cost-Effective: No need for expensive infrastructure or IT maintenance.
o Scalability: Services can be easily adjusted based on business needs.
o Real-Time Access: Teams can access the data and collaborate from anywhere.
ERP in the Cloud:
ERP systems integrate various functions like finance, HR, supply chain, and manufacturing into a unified
system. Moving ERP systems to the cloud offers the same benefits as CRM but is more complex due to
the size and scope of ERP systems.
 Challenges in Cloud ERP:
o Legacy Systems: Many businesses already have on-premise ERP systems, making the
transition to the cloud difficult.
o Cost: While cloud ERP can save money in the long term, the initial migration and
training may involve considerable costs.
o Security: Concerns over storing sensitive data on the cloud are often cited as a barrier to
adoption.
 Key Cloud-based ERP Providers: Companies like Microsoft Dynamics CRM and NetSuite
provide ERP systems in the cloud, allowing businesses to centralize their operations without
maintaining on-premise infrastructure.

2. Productivity Tools
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

Cloud-based productivity tools have revolutionized the way individuals and businesses collaborate,
manage projects, and store documents. These tools are accessible from any device with an internet
connection, allowing for increased productivity, flexibility, and ease of collaboration.
Dropbox and iCloud:
Both Dropbox and iCloud are cloud storage services that allow users to store files online and access
them from multiple devices.
 Dropbox:
o Dropbox is a cloud storage platform that enables users to save files and synchronize them
across various devices.
o Users can upload documents, photos, and videos to a central cloud storage space and
access them from desktops, laptops, tablets, and smartphones.
o Key Features: File sharing, version history, and automatic syncing across devices.
o Dropbox is especially popular for collaborative work, as it allows teams to easily share
and access files.

 iCloud:
o iCloud is Apple’s cloud service, designed primarily for iOS and macOS users. It offers
similar functionalities as Dropbox, but it is tightly integrated with Apple devices.
o Key Features: Automatic syncing of photos, music, documents, and even settings
between Apple devices. iCloud is ideal for users within the Apple ecosystem.
o Limitations: While iCloud works best within the Apple ecosystem, it’s less versatile
compared to Dropbox when working with non-Apple devices.
Google Docs:
Google Docs is a cloud-based word processing tool that allows users to create, edit, and share documents
in real time.
 Collaboration: Google Docs enables multiple users to work on the same document
simultaneously. Edits are visible in real-time, and users can leave comments and suggestions.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

 Offline Mode: Users can also work offline, with changes automatically syncing when an internet
connection is restored.
 Compatibility: Google Docs supports various file formats, making it easy to import and export
documents created in other office suites like Microsoft Office.
 Key Features:
o Real-time collaboration
o Version history
o Cloud-based storage
o Cross-platform support
Google Docs has become one of the most popular cloud-based productivity tools, especially for
businesses and educational institutions that require easy collaboration.
Cloud Desktops: EyeOS and XIOS/3:
Cloud desktops, like EyeOS and XIOS/3, allow users to run desktop environments entirely in the cloud,
without relying on local hardware resources.
 EyeOS: EyeOS is an open-source cloud desktop that provides users with a fully functional
desktop environment through a web browser. It allows businesses and individuals to run
applications and store files online, making it accessible from any device with an internet
connection.
o Key Features: File management, web-based office suite, and collaborative tools.
o EyeOS is designed for organizations that want to centralize their IT infrastructure in the
cloud while providing employees with a consistent and accessible work environment.
 XIOS/3: XIOS/3 is a cloud-based desktop system that uses XML as the primary language for its
architecture. It is designed to provide businesses with a customizable virtual desktop
environment. It offers file storage, collaboration tools, and the ability to create custom
applications in the cloud.
o Key Features: Customizability, service integration, and XML-based development.
o XIOS/3 is primarily used by organizations that need more flexibility and control over
their virtual desktop environments.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

3. Social Networking in the Cloud

Social networking services such as Facebook and Twitter are also heavily reliant on cloud computing to
manage their vast user bases and data. The cloud enables these services to scale and deliver consistent
performance as millions of users interact with the platform simultaneously.
Facebook:
Facebook is one of the largest social networking platforms globally, with billions of active users. The
platform relies on cloud computing to scale its operations, store user data, and provide a seamless
experience.
 Infrastructure: Facebook uses a distributed system of LAMP (Linux, Apache, MySQL, and
PHP) to deliver content efficiently. The company uses various cloud providers to scale its services
on-demand, ensuring that resources are available when needed.
 Big Data: Facebook processes large amounts of data using technologies like Hadoop, which
enables it to manage and analyze user data for personalized recommendations, advertisements,
and insights.
 Social Graph: Facebook’s Social Graph maps the relationships between users, providing a
dynamic and engaging user experience. This graph is central to the platform's functionality, as it
helps users discover content and interact with friends.
Twitter:
Twitter, with its fast-paced stream of updates, relies on cloud computing to ensure high availability and
low latency for its millions of users.
 Scalability: Twitter scales its infrastructure dynamically to handle large spikes in traffic,
particularly during major events or breaking news.
 Amazon Web Services (AWS): Twitter uses AWS for its infrastructure, leveraging cloud services
to meet the growing demand for more storage and computing power.
 Technologies: Twitter uses Storm and Hadoop for processing large streams of real-time data,
allowing it to quickly respond to events and provide updates to users.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

Media Applications in Cloud Computing

Cloud computing has significantly transformed media applications by providing scalable, cost-efficient
solutions for computationally intensive tasks, such as video encoding, transcoding, rendering, and more.
Media applications leverage cloud technologies to improve performance, scalability, and flexibility.
Below, we explore some key examples of media applications that benefit from cloud computing.

1. Animoto: Cloud-based Video Creation

Animoto is a cloud-based platform that allows users to create professional-looking videos from photos,
videos, and music. The service is designed to simplify video creation, making it accessible to users with
minimal technical skills. Users can upload their media, select a theme, and define the video sequence. The
cloud platform automates the rendering process, producing a video with stunning effects driven by AI.
 AI-driven Rendering: Animoto utilizes artificial intelligence to select appropriate transitions and
animation effects based on the images and music. This automation reduces the need for manual
editing, making it possible for anyone to create visually appealing videos without the intervention
of professional video editors.
 Scalable Infrastructure: The backend infrastructure of Animoto is built on Amazon Web
Services (AWS). It uses:
o Amazon EC2: For handling the web front-end and worker nodes.
o Amazon S3: To store media files such as pictures, music, and videos.
o Amazon SQS: For handling task queues and ensuring proper communication between
components.
 Auto-Scaling: Animoto’s system is highly scalable, using Rightscale to monitor and manage the
creation of new worker instances based on the demand. This ensures that the service can handle
large workloads, especially during peak times, without dropping any requests.
 Benefits:
o Easy to use: No need for specialized skills in video production.
o Quick video creation: Render videos in a few minutes, and users are notified when the
process is complete.
o Scalability: The cloud-based infrastructure can scale up to 4,000 EC2 instances during
high-demand periods.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

2. Maya Rendering with Aneka

Maya is a well-known 3D modeling and rendering software widely used in industries such as engineering
and film production. Rendering, the process of generating a 2D image from 3D models, is
computationally intensive and requires significant processing power, which can be efficiently provided by
cloud computing.
Aneka is a cloud management platform used to orchestrate the rendering tasks for 3D modeling, enabling
faster processing by distributing the load across a cloud infrastructure.
 Private Cloud for Rendering: The engineering department of GoFront Group (China Southern
Railway) implemented a private cloud using Aneka to manage 3D rendering tasks. This cloud
utilizes the department’s network of desktops, transforming them into a private cloud that can be
utilized when these desktops are not in use (e.g., overnight).
 Efficiency Gains: By distributing rendering tasks across a network of machines, the time
required for rendering 3D models, such as train designs, was significantly reduced from days to
hours. This is particularly important in the iterative design process, where engineers require quick
feedback to refine their designs.
 Task Distribution: Aneka manages the cloud resources and distributes rendering tasks, ensuring
that each task is assigned to an appropriate machine. The rendering process is managed in
batches, where each frame of the 3D model is rendered, then retrieved and put together to form
the final image.
 Benefits:
o Faster Rendering: Cloud resources can quickly handle large-scale rendering tasks,
speeding up the design cycle.
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

o Cost-Effective: The use of idle desktop resources in a private cloud reduces the need for
additional hardware investments.
o Scalability: Cloud computing offers the flexibility to scale resources based on the
rendering demand.

3. Video Encoding on the Cloud: Encoding.com

Encoding.com provides cloud-based video transcoding services, enabling users to convert video files into
different formats. Video encoding and transcoding are resource-intensive operations, which benefit from
the scalability of cloud infrastructure. The service simplifies the process of encoding videos for playback
on different devices, helping users handle a variety of formats without needing expensive hardware or
software.
 Video Transcoding: Encoding.com allows users to upload video files, select the target format,
and specify the destination. The service takes care of the computationally demanding task of
transcoding the video into the appropriate format, such as MP4, WebM, or others.
 Cloud Integration: The platform integrates with cloud services such as Amazon Web Services
(AWS) and Rackspace to provide the necessary computational power and storage. It uses:
o Amazon EC2: For processing video transcoding tasks.
o Amazon S3: For storing video files.
o Amazon CloudFront: For delivering videos to users via a content delivery network
(CDN).
 Flexible Interfaces: Users can interact with Encoding.com via multiple interfaces, including:
o Web-based applications
o Desktop applications
o Web service APIs
 @VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes

 Additional Features: In addition to transcoding, Encoding.com offers features such as adding

thumbnails, watermarks, and logos to videos. It also supports audio and image conversion,
making it a comprehensive media processing platform.
 Benefits:
o Scalable: The cloud infrastructure can handle large volumes of video files and transcode
them quickly.
o Cost-Effective: The service provides pay-as-you-go pricing, making it accessible for
businesses of all sizes.
o Wide Device Support: Encoding.com can convert videos to formats compatible with a
wide range of devices, from mobile phones to desktops.

4. Multiplayer Online Gaming and Cloud Computing

Multiplayer online gaming requires robust infrastructure to handle millions of players interacting in
real-time. Cloud computing offers the necessary elasticity to scale gaming servers and log processing,
ensuring seamless gameplay experiences for players worldwide.
 Game Log Processing: In online multiplayer games, players' actions are recorded as logs. These
logs are processed by game servers and shared with all players in real-time. The challenge lies in
the scalability of log processing, especially when hundreds or thousands of players are online
simultaneously.
 Titan Inc. (Xfire): Titan Inc., a gaming company based in California, leveraged cloud computing
to scale the processing of game logs. The company used Aneka Cloud to offload the processing
tasks, ensuring that the gaming portal could handle a larger number of users without performance
degradation.
 Game Server Architecture: The game server hosts the game session, integrates players' actions
into a log, and makes the log available to all players through a TCP connection. This process
requires substantial computing power, especially when the number of concurrent players
increases.
 Scalable Processing with Aneka: Using Aneka Cloud, Titan Inc. was able to process multiple
game logs concurrently, supporting a larger number of players. The system could scale
dynamically to accommodate spikes in traffic, ensuring that the game portal remained responsive
even during peak times.
 Benefits:
o Elasticity: Cloud computing provides the flexibility to scale server resources according
to player demand, ensuring high availability and performance.
o Cost Efficiency: By utilizing cloud resources only when needed, gaming companies can
save on infrastructure costs.
o Improved User Experience: Seamless log processing ensures that players experience
minimal delays during gameplay.
@VTUpadhai – Cloud Computing (21CS72) – Module 5 Notes