CHAPTER 2 BASICS OF CLOUD COMPUTING

Similar documents
Cloud Computing. Grace A. Lewis Research, Technology and Systems Solutions (RTSS) Program System of Systems Practice (SoSP) Initiative

Architectural Implications of Cloud Computing

Cloud Computing. Grace A. Lewis Research, Technology and Systems Solutions (RTSS) Program System of Systems Practice (SoSP) Initiative

Cloud Computing Briefing Presentation. DANU

Chapter 4. Fundamental Concepts and Models

Introduction to Cloud Computing. [thoughtsoncloud.com] 1

CLOUD COMPUTING. Lecture 4: Introductory lecture for cloud computing. By: Latifa ALrashed. Networks and Communication Department

Cloud Computing Overview. The Business and Technology Impact. October 2013

Introduction To Cloud Computing

Cloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015

Cloud Computing. What is cloud computing. CS 537 Fall 2017

INFS 214: Introduction to Computing

In this unit we are going to look at cloud computing. Cloud computing, also known as 'on-demand computing', is a kind of Internet-based computing,

Mitigating Risks with Cloud Computing Dan Reis

COMPTIA CLO-001 EXAM QUESTIONS & ANSWERS

Introduction to Cloud Computing

Introduction to Cloud Computing

CHEM-E Process Automation and Information Systems: Applications

Programowanie w chmurze na platformie Java EE Wykład 1 - dr inż. Piotr Zając

Multi Packed Security Addressing Challenges in Cloud Computing

Cloud Infrastructure and Operations Chapter 2B/8 Page Main concept from which Cloud Computing developed

Cloud Computing Lecture 4

Part III: Evaluating the Business Value of the Hybrid Cloud

3. What do you mean by virtualization? What is the role of virtualization in cloud computing?

Cloud Computing introduction

Cloud Computing Concepts, Models, and Terminology

Building a Secure and Compliant Cloud Infrastructure. Ben Goodman Principal Strategist, Identity, Compliance and Security Novell, Inc.

Cloud Computing: Making the Right Choice for Your Organization

CLOUD COMPUTING ABSTRACT

Cloud Essentials for Architects using OpenStack

Cloud Computing. January 2012 CONTENT COMMUNITY CONVERSATION CONVERSION

Accelerate Your Enterprise Private Cloud Initiative

CORPORATE PERFORMANCE IMPROVEMENT DOES CLOUD MEAN THE PRIVATE DATA CENTER IS DEAD?

Third Party Cloud Services Its Adoption in the New Age

Cloud Computing Introduction & Offerings from IBM

Demystifying the Cloud With a Look at Hybrid Hosting and OpenStack

Copyright 2011 EMC Corporation. All rights reserved.

CLOUD COMPUTING. Rajesh Kumar. DevOps Architect.

Privacy hacking & Data Theft

Building Trust in the Era of Cloud Computing

Module Day Topic. 1 Definition of Cloud Computing and its Basics

Cloud Computing in the enterprise: Not if, but when and how?

Leveraging the Cloud for Law Enforcement. Richard A. Falkenrath, PhD Principal, The Chertoff Group

Cloud First Policy General Directorate of Governance and Operations Version April 2017

BRINGING CLARITY TO THE CLOUD

Fundamental Concepts and Models

Migration to Cloud Computing: Roadmap for Success

Cloud Computing An IT Paradigm Changer

HARNESSING THE HYBRID CLOUD TO DRIVE GREATER BUSINESS AGILITY

Cloud Computing 4/17/2016. Outline. Cloud Computing. Centralized versus Distributed Computing Some people argue that Cloud Computing. Cloud Computing.

How Public Cloud Services may cannibalize the traditional IT Outsourcing Market

Business Technology Briefing: Fear of Flying, And How You Can Overcome It

Choosing the Right Cloud Computing Model for Data Center Management

CLOUD COMPUTING-ISSUES AND CHALLENGES

White Paper. Platform9 ROI for Hybrid Clouds

Cloud Computing and Its Impact on Software Licensing

2010 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media,

Protecting your Data in the Cloud. Cyber Security Awareness Month Seminar Series

Getting Hybrid IT Right. A Softchoice Guide to Hybrid Cloud Adoption

CS 6393 Lecture 10. Cloud Computing. Prof. Ravi Sandhu Executive Director and Endowed Chair. April 12,

Cloud Computing An IT Paradigm Changer

EY Norwegian Cloud Maturity Survey Current and planned adoption of cloud services

ERP Solution to the Cloud

NATIONAL GUIDELINES ON CLOUD COMPUTING FOR GOVERNMENT, MINISTRIES, DEPARTMENTS AND AGENCIES

1-2-3 Webinar: Demystifying the Cloud

2-4 April 2019 Taets Art and Event Park, Amsterdam CLICK TO KNOW MORE

Cloud Computing. Vania Marangozova-Martin. ibd.forge.imag.fr

CLOUD COMPUTING IS IT RIGHT FOR OUR FIRM? SYCOM TECHNOLOGIES

ALI-ABA Topical Courses ESI Retention vs. Preservation, Privacy and the Cloud May 2, 2012 Video Webcast

2013 Cloud Computing Outlook: Private Cloud Expected to Grow at Twice the Rate of Public Cloud

Cloud Computing. Presentation to AGA April 20, Mike Teller Steve Wilson

Realities and Risks of Software-Defined Everything (SDx) John P. Morency Research Vice President

ECE Enterprise Storage Architecture. Fall ~* CLOUD *~. Tyler Bletsch Duke University

CLOUD COMPUTING WHAT HEALTH CARE INTERNAL AUDITORS NEED TO KNOW GABRIELA MERINO DIRECTOR BUSINESS ADVISORY SERVICES

CLOUD COMPUTING. A public cloud sells services to anyone on the Internet. The cloud infrastructure is made available to

Share of cloud computing activities

Choosing the Right Cloud. ebook

Flash in a Hybrid Cloud World. How Cloud Shift will affect flash in the Data Center Steve Knipple: Cloud Shift Advisors

CLOUD COMPUTING. Supporting Enterprises Enhance IT Capabilities and Business Agility.

Deploying to the Cloud: A Case study on the Development of EHNAC s Cloud Enabled Accreditation Program (CEAP)

HYBRID WAN. Proof of Value Journey. WAN Summit Michael Becerra Singapore, 12 September Global Business Services Excellence. Simply delivered.

Security Models for Cloud

Chapter. Securing the Cloud THE FOLLOWING COMPTIA SECURITY+ EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER:

Clouds in the Forecast. Factors to Consider for In-House vs. Cloud-Based Systems and Services

Reaping the Benefits of Multiple Hypervisors

Understanding Cloud Migration. Ruth Wilson, Data Center Services Executive

Future Shifts in Enterprise Architecture Evolution. IPMA Marlyn Zelkowitz, SAP Industry Business Solutions May 22 nd, 2013

Service Provider Consulting

6/17/2017. Cloud Computing. Presented By: Mark Jordan. Agenda. Definition Structures Examples Which is Better? Future

Transform Your Business To An Open Hybrid Cloud Architecture. Presenter Name Title Date

Cloud Computing, SaaS and Outsourcing

Analysis of Cloud Computing Delivery Architecture Models

Building your Castle in the Cloud for Flash Memory

Shaping the Cloud for the Healthcare Industry

EY Norwegian Cloud Maturity Survey 2018

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

Examining Public Cloud Platforms

Introduction to Cloud Computing

Cloud-Security: Show-Stopper or Enabling Technology?

10 Cloud Myths Demystified

Transcription:

69 CHAPTER 2 BASICS OF CLOUD COMPUTING 2.1 CLOUD COMPUTING Cloud computing is a distributed computing paradigm that focuses on providing a wide range of users with distributed access to scalable, virtualized hardware and/or software infrastructure over the internet. Despite this rather technical definition, cloud computing is in essence an economic model for a different way to acquire and man-age IT resources. An organization needs to weigh the cost, benefits, and risks of cloud computing in determining whether to adopt it as an IT strategy. A simple example of cloud computing is webmail. The webmail provider maintains the server space and provides access; the webmail user just plugs a web address into a browser and submits user information to access an account. There is growing interest in cloud computing from consumers and providers. For example, cloud service spending worldwide rose by over 20% in 2009 according to oncloudcomputing.com, in a year when overall IT spending dropped by about 4%. As of 2010, most cloud consumers are small enterprises, but large enterprises are exploring the paradigm. Input, the leading authority on government business, says that federal government spending on cloud computing will grow by a 27% compound annual growth rate between 2009 and 2014 (Deniece Peterson 2009). Overall, Gartner predicts that by 2012 one in five businesses will not own its own IT as-sets; one reason for this trend is the move towards cloud computing as a means to

70 reduce IT hardware costs (Irina Guseva 2010). More adopters will result in more people seeing savings and thus working to reduce barriers to adoption. The growth in cloud computing consumers will also spur a continuing increase in the number of providers. Some of the buzz about cloud computing, though, comes from vendor hype that makes it sound like the paradigm is more mature than it is. Gartner calculates that cloud computing is at the Peak of Inflated Expectations, anywhere from two to five years from being adopted in the mainstream. On the Gartner hype cycle, this technology still needs to pass through the Trough of Disillusionment to get to the Slope of Enlightenment or the Plateau of Productivity. The emergence of cloud computing and its promise to save money is making it imperative for organizations to examine whether cloud computing makes sense for them. To maneuver through the fog around cloud computing, these organizations first need to know the basics about the technology. 2.2 CORE CONCEPTS OF CLOUD COMPUTING In the cloud computing model, computing power, software, storage services, and platforms are delivered on demand to external customers over the internet as described by Foster et al (2008). The access that this technology provides to resources and services can be scaled up or down to meet demand. Cloud computing providers typically charge customers on a pay-per-use model. The types of cloud computing technology can be viewed from two perspectives: capability and access. There are three types based on capabilities (Service Models) provided and four based on who can access resources

71 (Deployment Models). The deployment models can still be broadly classified as private and public cloud. These types are depicted in Figure 2.1. Figure 2.1 Cloud Computing Types Based on Capability and Access 2.2.1 Service Models One type of cloud computing capability is called Software-as-a- Service (SaaS). SaaS focuses on providing users with business-specific capabilities, such as e-mail or customer management. In SaaS, organizations and developers can use the business-specific capabilities developed by third parties in the cloud. Some examples of SaaS providers are Google Apps: provides web-based office tools such as e-mail, calendar and document management. Salesforce.com: provides a full customer relationship management (CRM)6 application Zoho.com: provides a large suite of web-based applications, mostly for enterprise use

72 A second type of cloud computing capability is known as Infrastructure-as-a-Service (IaaS). This capability type provides mainly computational infrastructure available over the internet (e.g., compute cycles or storage). IaaS allows organizations and developers to extend their IT infrastructure on an on-demand basis. Some examples of IaaS providers are Amazon Elastic Compute Cloud (EC2): provides users with a special virtual machine (AMI) that can be deployed and run on the EC2 infra-structure Amazon Simple Storage Solution (S3): provides users with access to dynamically scalable storage resources GoGrid: provides users with access to dynamically scalable computing and storage resources, as well as dedicated servers IBM Computing on Demand (CoD): provides users with access to high-ly configurable servers plus value-added services such as data storage Microsoft Live Mesh: provides users with access to a distributed file system; targeted at individual use Rackspace Cloud: provides users with access to dynamically scalable computing and storage resources, as well as thirdparty cloud applications and tools The third and final type of cloud computing capability is Platformas-a-Service (PaaS). In this type, application development platforms allow users to leverage the resources of established organizations to create and host applications of a larger scale than an individual or small business would be able to handle.

73 Some PaaS examples include Akamai EdgePlatform: provides a large distributed computing platform on which organizations can deploy their web applications; has a large focus on analysis and monitoring Force.com: from salesforce.com (an SaaS provider), provides users with a platform to build and run applications and components bought from AppExchange6 or custom applications Google App Engine: provides users with a complete development stack and allows them to run their applications on Google s infrastructure Microsoft Azure Services Platform: provides users with ondemand compute and storage services as well as a development platform based on Windows Azure Yahoo! Open Strategy (Y!OS): provides users with a means of develop-ing web applications on top of the existing Yahoo! platform and in doing so leveraging a significant portion of the Yahoo! resources 2.2.2 Deployment Models The two perspectives of cloud computing based on who can access resources can be characterized as public and private. In public clouds, resources are offered as a service, usually over an internet connection, for a pay-per-usage fee. Users can scale their use on demand and do not need to purchase hardware to use the service. Public cloud providers manage the infrastructure and pool resources into the capacity required by its users.

74 In private clouds, resources are deployed inside a firewall and managed by the user organization. It is the user organization that owns the software and hardware infrastructure and that manages the cloud and controls access to its resources. Typically, those resources and services are not shared outside the organization. The National Institute of Standards and Technology (NIST) defines two additional types of cloud deployment models: Community clouds that are shared by multiple organizations and support specific needs and concerns of a community Hybrid clouds that are the combination of two or more public, private, and community clouds. However, both community and hybrid cloud are specialties of public and private clouds. 2.3 CLOUD COMPUTING DRIVERS Eight attributes of cloud computing can be seen as drivers for the adoption of cloud computing. The attributes are availability, collaboration, elasticity, lower infrastructure costs, mobility, risk reduction, scalability, and virtualization. Table 2.1 describes how these attributes can serve as drivers for cloud computing adoption.

75 Table 2.1 Drivers of Cloud Computing Attribute Availability Collaboration Elasticity Lower Infrastructure Costs Mobility Risk Reduction Scalability Virtualization Why it can draw an organization towards cloud computing Users have the ability to access their resources at any time through a standard internet connection. Users begin to see the cloud as a way to work simultaneously on common data and information. The provider transparently manages a user s resource utilization based on dynamically changing needs. The pay-per-usage model allows an organization to only pay for the resources they need with basically no investment in the physical resources available in the cloud. There are no infra-structure maintenance or upgrade costs. Users have the ability to access data and applications from around the globe. Organizations can use the cloud to test ideas and concepts before making major investments in technology. Users have access to a large amount of resources that scale based on their demand. Each user has a single view of the available resources, independently of how they are arranged in terms of physical devices. Therefore, there is potential from a provider perspective to serve a greater number of users with fewer physical resources. 2.4 CLOUD COMPUTING BARRIERS Some key organizational concerns can act as barriers to the adoption of cloud computing. These concerns are interoperability, latency, platform or language constraints, regulations, reliability, resource control, and security. The concerns are tabulated in Table 2.2.

76 Table 2.2 Barriers for Cloud Computing Concern Interoperability Latency Platform or Language Constraints Regulations Reliability Resource Control Security Why It Can Act as a Barrier to Cloud Computing Adoption A universal set of standards and/or interfaces have not yet been defined, resulting in a significant risk of vendor lock-in. All access to the cloud is done via the internet, introducing latency into every communication between the user and the provider. Some cloud providers support specific platforms and languages only. There are concerns in the cloud computing community over jurisdiction, data protection, fair information practices, and international data transfer mainly for organizations that manage sensitive data. Many existing cloud infrastructures leverage commodity hard-ware that is known to fail unexpectedly. The amount of control that the user has over the cloud provider and its resources varies greatly between providers. The main concern is data privacy: users do not have control or knowledge of where their data is being stored. 2.5 CLOUD COMPUTING Vs OTHER TECHNOLOGIES In this section, the relationship of cloud computing to two other prominent approaches for large-scale, distributed systems: Service-Oriented Architecture (SOA) and Grid Computing are discussed.

77 2.5.1 Cloud Computing and SOA While it might be tempting to view cloud computing as a substitute for Service-Oriented Architecture (SOA), the two technologies are distinct. SOA is a way of designing, developing, deploying, and managing systems characterized by coarse-grained services that represent reusable functionality. In SOA, service consumers compose applications or systems using the functionality provided by these services through standard interfaces. The services in a cloud can be defined as services in a SOA context. The two are distinct, then, but it is possible to use elements of SOA in cloud environments. Some cloud environments, for example, offer web service interfaces (one specific implementation of SOA) to their services. From an architecture perspective A cloud infrastructure could be built on an SOA infrastructure by adding a layer or virtualization and self-provisioning. A service layer could be added on top of cloud resources. 2.5.2 Cloud Computing and Grid Computing A grid is a system that uses open, general-purpose protocols to federate distributed resources and to deliver better-than-best-effort qualities of service. Al-though the distinction with cloud computing is not clear, one differentiator is that grid computing relates exclusively to infrastructure services. Foster et al (2002) describes that a grid infrastructure provides a set of abstractions and interfaces for access to, and management of, shared resources. Grid Computing is often confused with cloud computing, but they are quite different. Grid computing applies the resources of numerous

78 computers in a network to work on a single problem at the same time. This is usually done to address a scientific or technical problem. A well known example of this is the Search for Extraterrestrial Intelligence (SETI)@Home project. In this project, people all over the world allow the SETI project to share the unused cycles of their computers to search for signs of intelligence in thousands of hours recorded radio data. Another well used grid is the World Community Grid / Berkeley Open Infrastructure for Network Computing (BOINC). Here one can dedicate as much as little of your idle CPU processing power as you choose to help conduct protein/folding experiments in an effort to create better and more durable rice crops to feed the world s hunger. Grid computing necessitates the use of software that can divide and then send out pieces of program to thousands of computers. It can be done throughout the computers of an organization, or it can be done as a form of public collaboration. Sun Microsystems (now a part of Oracle) offers Grid Engine software that allows engineers at companies to pool the computer cycles on up to 80 workstations at a time. So, what do grid computing and cloud computing have to do with one another? Not Much directly, as they function in fundamentally different ways. In grid computing, a large project is divided among multiple computers to make use of their resources. Cloud computing does just the opposite. It allows multiple smaller applications to run at the same time.

79 2.6 SERVICE LEVEL AGREEMENTS As Cloud computing goes main stream, assessing the level of commitment from the Cloud vendor is a critical factor in the process of determining the overall fit of the solution. Service Level Agreements (SLA s) are an essential component for driving forward enterprise adoption of Cloud computing. Most applications do not have to be available 24/7 with 5 9 s uptime. In a perfect world we would like them to be available late at night, but the costs associated with providing 5 9 s availability remain prohibitive for companies with less than 300-500 employees. If the application has very high availability requirements, it is better to go with a larger cloud provider with a good track record of availability. SLAs are essentially comprised of the following components: Service guarantee Disaster recovery and Continuation of Operations Procedures (CooP) Outage Response Compensation terms Pricing Package Measurability Compliance Privacy Interoperability Application support and Exit / Migration strategy

80 2.7 MULTI TENANCY Although not an essential characteristic of Cloud Computing in NIST s (National Institute of Science and Technology) model, CSA (2009) has identified multi-tenancy as an important element of cloud. Multi-tenancy in cloud service models implies a need for policy-driven enforcement, segmentation, isolation, governance, service levels, and chargeback/billing models for different consumer constituencies. Consumers might utilize a public cloud provider s service offerings or actually be from the same organization, such as different business units rather than distinct organizational entities, but would still share infrastructure. From a provider s perspective, multi-tenancy suggests an architectural and design approach to enable economies of scale, availability, management, segmentation, isolation, and operational efficiency; leveraging shared infrastructure, data, metadata, services, and applications across many different consumers. Multi-tenancy in virtualized private and public cloud is shown in Figure 2.2 and Figure 2.3. Figure 2.2 Multi-tenancy in private cloud

81 Figure 2.3 Multi-tenancy in public cloud Multi-tenancy can also take on different definitions depending upon the cloud service model of the provider; inasmuch as it may entail enabling the capabilities described above at the infrastructure, database, or application levels. An example would be the difference between an IaaS and SaaS multitenant implementation. Cloud deployment models place different importance on multitenancy. However, even in the case of a private cloud, a single organization may have a multitude of third party consultants and contractors, as well as a desire for a high degree of logical separation between business units. Thus multi-tenancy concerns should always be considered. 2.8 SECURITY IN CLOUD COMPUTING Security controls in cloud computing are, for the most part, no different than security controls in any IT environment. However, because of the cloud service models employed, the operational models, and the technologies used to enable cloud services, cloud computing may present different risks to an organization than traditional IT solutions. Cloud

82 computing is about gracefully losing control while maintaining accountability even if the operational responsibility falls upon one or more third parties. An organization s security posture is characterized by the maturity, effectiveness, and completeness of the risk-adjusted security controls implemented. These controls are implemented in one or more layers ranging from the facilities (physical security), to the network infrastructure (network security), to the IT systems (system security), all the way to the information and applications (application security). Additionally controls are implemented at the people and process levels, such as separation of duties and change management, respectively. As described earlier in this document, the security responsibilities of both the provider and the consumer greatly differ between cloud service models. Amazon s AWS EC2 infrastructure as a service offering, as an example, includes vendor responsibility for security up to the hypervisor, meaning they can only address security controls such as physical security, environmental security, and virtualization security. The consumer, in turn, is responsible for security controls that relate to the IT system (instance) including the operating system, applications, and data. The inverse is true for Salesforce.com s customer resource management (CRM) SaaS offering. Because the entire stack is provided by Salesforce.com, the provider is not only responsible for the physical and environmental security controls, but it must also address the security controls on the infrastructure, the applications, and the data. This alleviates much of the consumer s direct operational responsibility. One of the attractions of cloud computing is the cost efficiencies afforded by economies of scale, reuse, and standardization. To bring these efficiencies to bear, cloud providers have to provide services that are flexible

83 enough to serve the largest customer base possible, maximizing their addressable market. Unfortunately, integrating security into these solutions is often perceived as making them more rigid. This rigidity often manifests in the inability to gain parity in security control deployment in cloud environments compared to traditional IT. This stems mostly from the abstraction of infrastructure, and the lack of visibility and capability to integrate many familiar security controls, especially at the network layer. In SaaS environments the security controls and their scope are negotiated into the contracts for service; service levels, privacy, and compliance are all issues to be dealt with legally in contracts. In an IaaS offering, while the responsibility for securing the underlying infrastructure and abstraction layers belongs to the provider, the remainder of the stack is the consumer s responsibility. PaaS offers a balance somewhere in between, where securing the platform itself falls onto the provider, but securing the applications developed against the platform and developing them securely, both belong to the consumer. Understanding the impact of these differences between service models and how they are deployed is critical to managing the risk posture of an organization.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback