Chapter 1 – Introduction to Cloud Computing - Copy.pptx

CYB 405
Cloud Computing Security
Chapter 1 – Introduction to Cloud Computing

Course Outline
 Chapter 1 – Introduction to Cloud Computing
 Chapter 2 – Virtualization
 Chapter 3 – Data Centre Networking
 Chapter 4 – Resource Management
 Chapter 5 – Security of Cloud Computing
 Chapter 6 – Cloud Standards, Organisations and Bodies

Todays lesson
 What is cloud computing?
 Cloud architecture
 Early models of cloud computing
 Characteristics of cloud computing
 Cloud service models
 Cloud deployment models
 Advantages of cloud computing
 Disadvantages of cloud computing
 Cloud ethics, privacy and vulnerabilities
 Cloud vendors

What is Cloud Computing?
 Wikipedia definition
‒ “…is an IT paradigm that enables ubiquitous access to shared pools of configurable
system resources and higher-level services that can be rapidly provisioned with
minimal management effort, often over the Internet. It relies on sharing of resources
to achieve coherence and economic of scale, similar to a public utility.”
 National Institute of Standards Technology definition
 “…is a model for enabling ubiquitous, convenient, on-demand network access to a
shared pool of configurable computing resources (e.g., networks, servers, storage,
applications, and services) that can be rapidly provisioned and released with
minimal management effort or service provider interaction.”
 Microsoft Azure definition
 “…is the delivery of computing services – servers, storage, databases, networking,
software, analytics and more – over the Internet (“the cloud”). Companies offering
these computing services are called cloud providers and typically charge for cloud
computing services based on usage, similar to how you’re billed for gas or electricity
at home.”

Cloud Computing Models, Resources and Characteristics

Early Models of Cloud Computing
 The basic reasoning for cloud computing was that information and data processing
can be done more efficiently on large farms of computing and storage systems
accessible via the Internet.
 Two early models
‒ Grid computing and Utility computing
 Grid computing
‒ is the collection of computer resources from multiple locations to reach a common goal.
The grid can be thought of as a distributed system with non-interactive workloads that
involve a large number of files
‒ Initiated by the National Labs in the early 1990s; targeted primarily at scientific
computing
 Utility computing
‒ is a service provisioning model in which a service provider makes computing resources
and infrastructure management available to the customer as needed, and charges them
for specific usage rather than a flat rate
‒ Initiated in 2005-2006 by IT companies and targeted at enterprise computing.

Characteristics of Cloud Computing
 Cloud computing has 5 essential characteristics as follows:
‒ Resource pooling, rapid elasticity, broad network access, measured service and on-
demand self-service
 Resource pooling
‒ a single instance of a software application is used to service many customers.
‒ Resource pooling feature of the cloud means that the computing resources of a
cloud provider are pooled together to serve several clients using the multi-tenancy
architecture model.
‒ Different physical and virtual resources of the cloud provider are dynamically
allocated and reallocated according to client’s demand

 Rapid elasticity
‒ Cloud resources are automatically provisioned
to rapidly scale in or scale out as demand
increases or decreases
‒ To the cloud user, these resources that are
available for provisioning sometimes appear as
though they are unlimited and can be acquired
in any quantity at any time
 Broad network access
‒ You can access cloud services over the network
and on portable devices like mobile phones,
tablets, laptops, and desktop computers
‒ A public cloud uses the internet; a private
cloud uses a local area network
‒ Latency and bandwidth both play a major role
in cloud computing and broad network access,
as they affect the quality of service

 Measured service
‒ In the cloud, a client only pays for what he uses.
‒ The provider and the client can measure the storage levels,
processing, bandwidth, and the number of user accounts in
order to bill and to be billed appropriately
‒ The resources used can be monitored and controlled from both
the client’s and the provider’s side
‒ The consumer can toggle this through a dedicated online control
panel. This provides transparency in transaction
 On-demand self-service
‒ With cloud computing, a client can individually facilitate the
usage of computing resources, such as server time and network
storage, as required automatically through an online control
panel, without requiring human collaboration with the service
providers
‒ Cloud customers can access their cloud accounts through a web
self-service portal to view their cloud services, monitor their
usage, and provision and de-provision services.

Cloud Service/Delivery Models
 There broadly 3 cloud delivery models, namely
‒ Infrastructure-as-a-Service (IaaS)
‒ Platform-as-a-Service (PaaS)
‒ Software-as-a-Service (SaaS)
 Anything-as-a-Service (XaaS)
‒ A concept of service that cloud providers can offer anything that you do in an
organization as a service in the cloud
‒ Example: Database-as-a-Service (DaaS), Security-as-a-Service (SECaaS)

Infrastructure-as-a-Service (IaaS)
 Infrastructure-as-a-Service
‒ Sometimes called Hardware-as-a-Service (HaaS)
‒ It allows customers to outsource their IT infrastructures such as servers,
networking, processing, storage, virtual machines, and other resources
‒ The main benefit of IaaS goes for the newly established companies who
are on a short-leash budget
‒ It eliminates the need for organizations to build and maintain the IT
infrastructure
‒ They can rent this fully outsourced infrastructure services and they will
be billed at a much cheaper rate than building their own IT
infrastructure from scratch.
‒ Drawback is that you are responsible for full administration (and
security) so high level of technicality needed.
‒ Usual clients of the service are system administrators and network
architects who will use it to build and setup the platform they want to
use
‒ Example of IaaS provider: Amazon Web Services (AWS), Rackspace

Platform-as-a-Service (PaaS)
 Platform-as-a-Service
‒ PaaS provider deploys the platform needed by customers to
create their own applications using programming languages and
tools supported by the provider
‒ The user does not manage or control the underlying cloud
infrastructure, but has total control of the
applications he deploys
‒ PaaS is one step less complex than IaaS and its main subscribers
are software developers who build and host applications
‒ A disadvantage to PaaS is that the provider can operate in a
lock-in to customers so that they are limited to only use the
tools (development languages, etc.) that the provider can only
provide.
‒ Another downside is that the flexibility of offerings in the
contract agreements may not meet the needs of some users
whose requirements evolve rapidly over time
‒ Example of PaaS providers: Google App Engine (Google GAE),
Microsoft Azure, SalesForce

Software-as-a-Service (SaaS)
 Software-as-a-Service
‒ SaaS solely depends on the layers beneath it (IaaS and
PaaS)
‒ Here, the cloud customer is provided with software and
applications which are hosted as a service by the providers
and can be accessed via the Internet through a thin client
interface like a web browser or a client program interface.
‒ The customer need not to worry about the resources the
applications will consume on his client device because all
the management of the cloud infrastructure and the
platform is done by the providers
‒ SaaS delivery model has the highest number of providers
and services rendered
‒ It is easy to buy and offers low maintenance to clients
‒ However, it is difficult to port to another provider
‒ Example of SaaS providers: Microsoft Office 365, Google
Apps (Drive, Docs, Gmail etc), Adobe Creative Cloud, etc.

Differences Between IaaS, PaaS, SaaS
Summarized differences between IaaS, PaaS and SaaS

Cloud Deployment Models
 With respect to the services delivered by the cloud and the
categories of its customers, the cloud is categorized into four
deployment models as depicted below
‒ Public cloud
‒ Private cloud
‒ Hybrid cloud
‒ Community cloud

Public Cloud
 Public cloud
‒ This is the deployment model that provides
infrastructure, computing resources and services to
the general public on a commercial basis over the
Internet
‒ This deployment model may be owned, managed, and
operated by one or more organizations, a third party,
or a combination of them
‒ In the Public cloud, the same storage is being used by
multiple users at the same time
‒ The main benefit of the public cloud provides is that it
is the easiest and cheapest to set up because the
hardware, application and other underlying
infrastructure cost are covered by the providers
‒ The main disadvantage of public cloud use is the issue
of data security, privacy and location
‒ Example of Public cloud offerings are: Dropbox, Sun
Cloud, etc.

Private Cloud
 Private cloud
‒ This cloud deployment model is owned, maintained and
operated by a single organization without the
restrictions of network bandwidth, security exposure
and legal requirements
‒ Also called Internal Cloud or Corporate Cloud
‒ A private cloud for an organization may either be onsite
– within the organization’s premises, or offsite, but still
under the organization’s control.
‒ An organization may employ a third-party provider to
host, manage and be responsible for their private cloud
‒ The main benefit is it gives the organisation more
security and control over their data
‒ The downside to it is that it is expensive to set up and
maintain.
‒ The cost of infrastructure and skilled staff have to be
hosted by the organization

Hybrid & Community Clouds
 Community cloud
‒ This is the model that is deployed and shared by two or
more organizations and supports a specific community
which has shared concerns such as the objectives of a
mission, security, privacy and compliant policies.
‒ This could be managed by the participating organizations or
a third-part, or a combination of them
‒ They were aimed to lower the implementation and
management cost of private cloud.
‒ The issue of security is not as safe as the security provided in
private clouds because of the expansion of trust boundaries.
 Hybrid cloud
‒ A hybrid cloud is the composition of public and private clouds. The advantage of this is
to reap the benefits of both flavours.
‒ An organization using a hybrid cloud may choose to deploy sensitive data and
applications within the control of their private cloud and deploy the less or non-
sensitive data to the public cloud

Advantages of Cloud Computing
 Data backup and recovery
‒ The entire process of data backup and recovery is much easier in the cloud than
other traditional methods of data storage because, your service provider will
replicate your data onto different racks and networks so as to survive a failure
situation
‒ Cloud providers are usually competent enough to handle recovery of information.
They have personnel who are experts in disaster recoveries
 Cost efficiency
‒ Cloud computing brought about a huge cost reduction in the cost and complexity of
owning and operating of computer and networks for companies and individuals
‒ The provider also benefits from the economies of scale. This means that the cost per
unit resource goes down with respect to the increase in the number of consumers
‒ Software licencing fees dropped massively.
‒ The benefit of cost reduction means that companies can now channel more of their
funds to focus on more critical areas of innovation and product development than
investing in setting up their IT infrastructure

 Unlimited storage capacity
‒ The cloud provides almost unlimited storage capacities for consumers and now they
need not worry about going out of storage space for their data
 Scalability
‒ As demand increases for a particular cloud resource let us say for a fixed period of
time, rather than for a provider to buy, install and configure new equipment, it will
prove much cheaper rent or buy additional processors or storage from another third-
party provider to carter for their customers’ needs.
‒ Once the demand becomes low again, the provider could terminate the third-party
provider’s services
 Excellent accessibility and mobility
‒ Cloud allows us to quickly and easily access stored information anywhere, anytime in
the whole world, using an internet connection.
‒ It increases organization productivity and efficiency by ensuring that our data is
always accessible, even through mobile devices

 Improved collaboration
‒ Cloud applications improve collaboration by allowing groups of people to quickly and
easily share information in the cloud via shared storage
 Software integration
‒ Cloud computing offers automatic software integration and a consumer does not
need to make any extra effort to customize and integrate applications specific to his
preferences
‒ Software updates and renewals and other software configurations are handled by
cloud providers at no extra cost to the consumer
 Data security
‒ For the information security ignorant, their data becomes much more secure when it
resides in the cloud than when it locally reside with them.
‒ In setting up a cloud service company, there are strict security standards that cloud
providers must adhere to before going into business. These companies are regularly
audited in order to ensure conformity to those standards
‒ Lastly, cloud offers many advanced features related to security and ensures that data
is securely stored and handled.

Disadvantages of Cloud Computing
 Vendor lock-in
‒ Cloud providers tie you in with their services and you will find the greatest challenge
when you need to port your services to another provider
‒ This is because most providers use proprietary platforms and applications so that the
processes and data you created might not be understood by another providers platform
 Limited control
‒ Cloud infrastructure is completely owned, managed, and monitored by the service
provider, so the cloud users have less control over the function and execution of
services within a cloud infrastructure
 Connectivity and availability of service
‒ All cloud data is accessed over the Internet. What happens when you don’t have
Internet connectivity?
‒ What happens when the service provider has network issues and cannot deliver?
 Security
‒ Confidentiality – major concern for sensitive applications and data. E.g. Healthcare
‒ Auditability is also a big issue

Ethical Issues of Cloud Computing
 Cloud computing is based on a paradigm shift with profound implications on
computing ethics. The main elements of this shift are
‒ The control is relinquished to third party services
‒ The data is stored on multiple sites administered by several organizations
‒ Multiple services interoperate across the network
 Unauthorized access, data corruption, infrastructure failure, and service
unavailability are some of the risks related to relinquishing the control to third
party services
 Whenever a problem occurs it is difficult to identify the source and the entity
causing it.
 Systems can span the boundaries of multiple organizations and cross the
security borders, a process called de-perimeterisation.
‒ not only the border of the organizations IT infrastructure blurs, also the border of
the accountability becomes less clear
‒ it difficult to determine who is responsible in case something undesirable happens

Cloud Privacy and Vulnerabilities
 Cloud service providers have already collected petabytes of sensitive personal
information stored in data centres around the world.
‒ The acceptance of cloud computing therefore will be determined by privacy issues addressed by
these companies and the countries where the data centres are located.
 Privacy is affected by cultural differences; some cultures favour privacy, others
emphasise community. This leads to an ambivalent attitude towards privacy in
the Internet which is a global system
 Clouds are affected by malicious attacks and failures of the infrastructure, e.g.,
power failures. Such events can affect the Internet domain name servers and
prevent access to a cloud or can directly affect the clouds
‒ in 2004 an attack at Akamai caused a domain name outage and a major blackout that
affected Google, Yahoo, and other sites.
‒ in 2009, Google was the target of a denial of service attack which took down Google
News and Gmail for several days;
‒ in 2012 lightning caused a prolonged down time at Amazon

Cloud Vendors – Amazon Web Services (AWS)
 Amazon is the first player in the cloud market with the start of AWS in 2006.
‒ As of today, they have over 1000 service offerings in IaaS, PaaS and SaaS
 Elastic Compute Cloud (EC2)
‒ The first IaaS offering that offers virtual machines and extra CPU cycles for a client
‒ This service is rented in units, which are called instances.
‒ Each instance represent a virtual server with varying CPU power, memory and hard
disk space and I/O performance
 Simple Storage Service (S3)
‒ Design to store large objects up to 5TB in size
‒ Supports a minimal set of functions: write, read, and delete
 Simple DB
‒ is a non-relational data store that allows developers to store and query data items via
web services requests
‒ It supports store and query functions traditionally provided only by relational
databases

Cloud Vendors – Google Cloud
 Google’s cloud effort is concentrated in mainly SaaS and PaaS
 Google AppEngine (GAE)
‒ is a platform for building and running web and mobile applications on Google servers.
‒ Initially, it supported only Python and support for Java was later added.
‒ The database for code development can be accessed with GQL (Google Query
Language) with a SQL-like syntax
 Google Drive
‒ an online service for data storage available since April 2012.
‒ It gives users 15 GB of free storage and charges $4/month for 20 GB.
‒ Organizations can purchase up to 16 TB of storage.
 Google Compute Engine
‒ An IaaS offering that lets users run their large-scale computing workloads on Linux
virtual machine which are hosted on Google’s servers.
‒ Similar to Amazon EC2

Cloud Vendors – Microsoft’s Windows Azure
 Microsoft is also a large player in cloud computing market
 Azure Service Platform
‒ This is like an operating system that allows organizations to run Windows applications
and store files and data using Microsoft’s datacentres.
‒ The Azure Service Platform (ASP) was made specifically to be a PaaS offering.
‒ The services offered in the ASP allows developers to create user identities, control
project workflows, synchronize data and execute other tasks as they develop
software programmes on Microsoft’s cloud computing environment
‒ The following are the main components of the Azure Service Platform
‒ SQL Azure: cloud based version of Microsoft SQL
‒ Windows Live Services: “Live” services like, Outlook, Bing Search, etc. are now also
offered in the Azure Service Platform. Users can share, store, and synchronize
documents and files across computing device, applications, and even websites
‒ Microsoft SharePoint Services and Dynamics CRM Services: A user can utilize the
functionalities of these services a for business content, collaboration and solution
development in the cloud

Chapter 1 – Introduction to Cloud Computing - Copy.pptx

More Related Content

Similar to Chapter 1 – Introduction to Cloud Computing - Copy.pptx

Recently uploaded

Chapter 1 – Introduction to Cloud Computing - Copy.pptx