Unit-ll

Cloud computing architecture

What is Cloud Computing Reference Model?
The cloud computing reference model is an abstract model that divides a cloud
computing environment into abstraction layers and cross-layer functions to
characterize and standardize its functions. This reference model divides cloud
computing activities and functions into three cross-layer functions and five
logical layers.

Each of these layers describes different things that might be present in a cloud
computing environment, such as computing systems, networking, storage
equipment, virtualization software, security measures, control and
management software, and so forth. It also explains the connections between
these organizations. The five layers are the Physical layer, virtual layer, control
layer, service orchestration layer, and service layer.

The Cloud Computing reference model is divided into 3 major service models:

1. Software as a Service (SaaS)

2. Platform as a Service (PaaS)
3. Infrastructure as a Service (IaaS)

Cloud Computing Reference Model Overview

IaaS, PaaS, and SaaS are the three most prevalent cloud delivery models, and
together, they have been widely adopted and formalized. A cloud delivery
service model is a specific, preconfigured combination of IT resources made
available by a cloud service provider. However, the functionality and degree of
administrative control each of these three delivery types offers cloud users
varies.

These abstraction layers can also be considered a tiered architecture, where

services from one layer can be combined with services from another, for
example, SaaS can supply infrastructure to create services from a higher layer.
Let us have a look at the layers of cloud computing reference model.

1. SaaS
Software as a Service (SaaS) is a form of application delivery that relieves users
of the burden of software maintenance while making development and testing
easier for service providers.
 The cloud delivery model's top layer is where applications are located. End
customers get access to the services this tier offers via web portals. Because
online software services provide the same functionality as locally installed
computer programs, consumers (users) are rapidly switching from them. Today,
ILMS and other application software can be accessed via the web as a service.

In terms of data access, collaboration, editing, storage, and document sharing,

SaaS is unquestionably a crucial service. Email service in a web browser is the
most well-known and widely used example of SaaS, but SaaS applications are
becoming more cooperative and advanced.

Features of SaaS are as follows:

 The cloud consumer has full control over all the cloud services.
 The provider has full control over software applications-based services.
 The cloud provider has partial control over the implementation of cloud
services.
 The consumer has limited control over the implementation of these cloud
services.
2. PaaS
Platform as a Service is a strategy that offers a high level of abstraction to
make a cloud readily programmable in addition to infrastructure-oriented
clouds that offer basic compute and storage capabilities (PaaS). Developers can
construct and deploy apps on a cloud platform without necessarily needing to
know how many processors or how much memory their applications would use.
A PaaS offering that provides a scalable environment for creating and hosting
web applications is Google App Engine, for instance.

Features of the PaaS layer are as follows:

 The cloud provider has entire rights or control over the provision of cloud
services to consumers.
 The cloud consumer has selective control based on the resources they need or
have opted for on the application server, database, or middleware.
 Consumers get environments in which they can develop their applications or
databases. These environments are usually very visual and very easy to use.
 Provides options for scalability and security of the user’s resources.
 Services to create workflows and websites.
 Services to connect users’ cloud platforms to other external platforms.
3. IaaS
Infrastructure as a Service (IaaS) offers storage and computer resources that
developers and IT organizations use to deliver custom/business solutions. IaaS
delivers computer hardware (servers, networking technology, storage, and data
center space) as a service. It may also include the delivery of OS and
 virtualization technology to manage the resources. Here, the more important
point is that IaaS customers rent computing resources instead of buying and
installing them in their data centers. The service is typically

paid for on a usage basis. The service may include dynamic scaling so that if
the customers need more resources than expected, they can get them
immediately.

The control of the IaaS layer is as follows:

 The consumer has full/partial control over the infrastructure of the cloud,
servers, and databases.
 The consumer has control over the implementation and maintenance of virtual
machines.
 The consumer has a choice of VM machines that have already been installed
with pre-installed operating systems.
 The cloud provider has full control over the data centers and the other
hardware involved in them.
 It has the ability to scale resources based on user usage.
 It can also copy data worldwide so that data can be accessed from anywhere in
the world as soon as possible.
You can learn in-depth about these layers when you go for the AWS certification
Cloud Practitioner course.
Types of Cloud Computing Reference Model
There is various type of cloud computing reference model used based on
different requirements of the consumers. The most important type of cloud
computing reference model is the cloud reference model in cloud computing.
The National Institute of Standards and Technology (NIST) is an organization
designed by the US government (USG) agency for the adoption and
development of cloud computing standards.

The principles of NIST Cloud computing reference architecture are:

1. Create a vendor-neutral architecture that adheres to the NIST standard.

2. Create a solution that does not inhibit innovation by establishing a required
technological solution.
3. The NIST Cloud computing reference architecture provides characteristics like
elasticity, self-service, and resource collaboration.
The service models involved in this architecture are:

1. Software as a Service (SaaS)

2. Platform as a Service (PaaS)
3. Infrastructure as a Service (IaaS)
NIST Cloud computing also has 4 deployment models, which are as follows:
 1. Public
This is the model where cloud infrastructure and resources are given to the
public via a public network. These models are generally owned by companies
that sell cloud services.

2. Private
This is the model where cloud infrastructure and resources are only accessible
by the cloud consumer. These models are generally owned by cloud consumers
themselves or a third party.

3. Community
This is the model where a group of cloud consumers might share their cloud
infrastructure and resources as they may have the same goal and policies to be
achieved. These models are owned by organizations or third-party.

4. Hybrid
This model consists of a mixture of different deployment models like public,
private, or community. This helps in the exchange of data or applications
between various models.

Examples of Cloud Computing Reference Model Apart From

NIST
1. IBM Architecture
2. Oracle Architecture
3. HP Architecture
4. Cisco Reference Architecture
CSA Cloud Reference Model
The CSA Cloud Reference Model provides a standardized framework for cloud
security, addressing critical components to ensure strong protection in cloud
environments.

The model includes guidelines for secure design and deployment across
infrastructure, platform, and application layers, forming the Cloud Architectural
Framework. Governance, Risk, and Compliance (GRC) policies and controls help
manage cloud security risks and ensure regulatory compliance. Cloud Security
Controls cover data protection, identity management, and incident response,
while Data Security and Privacy techniques like encryption and data masking
safeguard sensitive information. Application Security involves secure coding
practices and vulnerability assessments to protect cloud-based applications.
Operational Security includes monitoring, incident management, and disaster
recovery planning, ensuring continuous protection and quick recovery from
incidents.
 The OCCI Cloud Reference Model
The OCCI Cloud Reference Model provides a framework for managing cloud
services, ensuring interoperability and standardization across diverse
environments. Key components include a standardized Cloud Service Interface
for provisioning, monitoring, and managing cloud services, and Resource
Management for efficient allocation, monitoring, and utilization of cloud
resources like compute, storage, and network. Service Management focuses on
the lifecycle management of cloud services, ensuring consistency and
efficiency. The model also includes guidelines for Security and Compliance,
promoting robust security measures and regulatory adherence.

Major Actors of Cloud Computing Reference

Model
There are five major actors in NIST cloud computing reference architecture.
They are:

1. Cloud Consumer
2. Cloud Provider
3. Cloud Carrier
4. Cloud Auditor
5. Cloud Broker
The image below will explain the cloud computing reference model in a neat
diagram.

Each actor is an entity that participates in the process and/or completes duties
in cloud computing. This entity could be a person or an organization.

1. Cloud Consumer
The end user that the cloud computing service is designed to support is the
cloud consumer. An individual or corporation with a working relationship with a
cloud provider and utilizing its services is referred to as a cloud consumer. A
cloud customer peruses a cloud provider's service catalog, makes the proper
service request, enters into a service agreement with the cloud provider, and
then utilizes the service. The cloud customer may be charged for the service
provided, in which case payment arrangements must be made. They need to
have a cloud Service Level Agreement (SLA).

2. Cloud Provider
Any individual, group, or other entity in charge of making a service accessible
to cloud users is a cloud provider. A cloud provider creates the requested
software, platforms, and infrastructure services, manages the technical
infrastructure needed to supply the services, provisions the services at agreed-
upon service levels, and safeguards the services' security and privacy.
Through service interfaces and virtual network interfaces that aid in resource
abstraction, the cloud provider implements the cloud software to make
computing resources accessible to cloud consumers who use the infrastructure
as a service.

3. Cloud Carrier
A cloud carrier serves as an intermediary between cloud providers and
customers, facilitating connectivity and transport of cloud services. Customers
can access the cloud through the network, telecommunication, and other
access equipment provided by cloud carriers. Customers of cloud services, for
instance, can get them through network access devices, including laptops,
mobile phones, PCs, and mobile Internet devices (MIDs), among others.
Network and telecommunication carriers typically handle the distribution of
cloud services, while a transport agent is a company that arranges for the
physical delivery of storage devices like high-capacity hard drives.

Remember that a cloud provider will establish service level agreements (SLAs)
with a cloud carrier to provide services at a level consistent with the SLAs
offered to cloud consumers. The cloud provider may also demand that the
cloud carrier provide dedicated and encrypted connections between cloud
consumers and cloud providers.

4. Cloud Auditor
An unbiased evaluation of cloud services, information system operations,
performance, and the security of a cloud computing implementation can be
done by a cloud auditor. A cloud auditor can assess a cloud provider's services
in terms of performance, service level agreement compliance, privacy
implications, and security controls.

The management, operational, and technical precautions or countermeasures

used inside an organizational information system to ensure the privacy,
availability, and integrity of the system and its data are known as security
controls.

To do a security audit, a cloud auditor can evaluate the information system's

security controls to see how well they are being implemented, functioning as
intended, and achieving the required results in relation to the system's security
needs. Verifying compliance with law and security policy should be part of the
security audit.

5. Cloud Broker
An organization called a "Cloud Broker" controls how cloud services are used,
performed, and delivered and negotiates contracts between cloud providers
and cloud users. The integration of cloud services could become too difficult for
 cloud consumers to handle as cloud computing develops. Instead of contacting
a cloud provider directly in certain circumstances, a cloud consumer may
request cloud services through a cloud broker. A single point of access for
controlling numerous cloud services is offered by cloud brokers. The capacity to
offer a single consistent interface to numerous different providers, whether the
interface is for commercial or technical objectives, separates a cloud broker
from a cloud service provider. Cloud Brokers provide services in three
categories:

 Intermediation: By enhancing a certain feature and offering cloud consumers

value-added services, a cloud broker improves a given service. The
enhancement may take the shape of identity management, performance
reporting, improved security, etc.
 Aggregation: Several services are combined and integrated into one or more
new services by a cloud broker. The broker offers data and service integration,
guarantees secure data transfer between the cloud consumer and various
cloud providers, and provides these services.
 Arbitrage: Like service aggregation, service arbitrage differs in that the
services being integrated or aggregated are not fixed. Service arbitrage refers
to the freedom a Broker has to select services from various service Providers.

Types of Clouds in Cloud Computing

Cloud computing offers various types of cloud, each catering to different needs and preferences.

 Public cloud
 Private Cloud
 Hybrid Cloud
 Community Cloud

Types of Cloud
1. Public Cloud
 Public cloud services are provided by third-party providers over the Internet and are
available to the general public.
 Users share the same infrastructure, benefiting from cost savings and scalability.
 Public cloud services often operate on a pay-as-you-go model, allowing organizations to
avoid upfront infrastructure costs.
 Public cloud providers have data centers worldwide, ensuring that users can access services
from various geographic locations,
 Examples include Netflix, Dropbox and Google Cloud Platform.
2. Private Cloud
 Private cloud infrastructure is dedicated solely to a single organization.
 It can be hosted on-premises or by a third-party provider and offers enhanced control and
security.
 Private cloud infrastructure, whether on-premises or hosted by a third party, provides a
dedicated environment,
 Reducing the risk of unauthorized access and improving overall data security.
 Organizations using private clouds can implement tailored security policies and measures to
meet specific compliance requirements.
 Examples include private data centers or on-premises private clouds.

3. Hybrid Cloud
 A hybrid cloud combines elements of both public and private cloud models to meet specific
business requirements.
 Organizations can leverage on-premises infrastructure alongside public cloud services,
ensuring flexibility and data security.
 Hybrid clouds allow organizations to distribute workloads strategically,
 placing sensitive or critical workloads on the private cloud and leveraging the scalability
of the public cloud for less sensitive tasks.
 Examples include integrating on-premises databases with cloud-based analytics.

4. Community Cloud
 Community cloud involves shared infrastructure among several organizations with common
goals or concerns.
 It allows collaboration while maintaining a level of exclusivity among community
members.
 Examples include collaborative projects within specific industries, such as healthcare
organizations sharing a cloud platform.

Economics of the Cloud

Understanding the economic aspects of cloud computing involves examining the cost structures,
scalability benefits, and financial considerations associated with cloud services.

Cost Structures
Pay-as-You-Go Model
 Cloud providers typically follow a pay-as-you-go model, where users pay only for the
resources they consume.
  This allows for cost efficiency, as organizations are not required to invest in and maintain
expensive infrastructure upfront.

Example:
 A company running a seasonal online store experiences a spike in traffic during holidays.
 With the pay-as-you-go model, they only pay for the increased computing resources during
the busy period, avoiding unnecessary costs during slower times.

Scalability Benefits
On-Demand Scaling
Cloud computing enables on-demand scaling, allowing organizations to increase or decrease
resources based on demand.

Example:
 A gaming company launching a new online game may experience unpredictable spikes in
user activity.
 Cloud scalability allows them to seamlessly add more servers during peak times and scale
down when the demand decreases, optimizing costs and performance.

Computing Platforms and Technologies

 Cloud computing relies on various platforms and technologies to deliver services efficiently.
 These technologies include virtualization, containers, and serverless computing.

Cloud Computing Economics

The economics of cloud computing involve analyzing the overall cost-effectiveness, efficiency, and
strategic value of adopting cloud services.

Cost-Effectiveness
 Cloud services offer flexibility in scaling resources,
 allowing organizations to adapt to changing demands without overcommitting to fixed
infrastructure costs.
 Example: A startup launching a new application may start small with minimal resources.
 As the user base grows, they can easily scale up their cloud services to meet increased
demand without significant upfront costs.
Efficiency
 Cloud providers optimize resource utilization by pooling resources and dynamically
allocating them based on demand.
 Example: In a traditional data center, servers may operate at low capacity during off-peak
hours.
 Cloud computing dynamically allocates resources, ensuring efficient usage and reducing
idle times.

Strategic Value
 Cloud services enable organizations to focus on their core competencies while outsourcing
non-core activities such as infrastructure management.
 Example: A healthcare provider leveraging cloud services can concentrate on improving
patient care and medical services,
 leaving the complexities of IT infrastructure to cloud experts.

Cloud interoperability and standards:-

Cloud interoperability refers to the ability of customers to use the same
management tools, server images and other software with a variety of cloud
computing providers and platforms.
Standards are important in cloud computing for a variety of reasons.
Standards for interoperability and data and application portability can ensure
an open competitive market in cloud computing because customers are not
locked-in to cloud providers and can easily transfer data or applications
between cloud providers.