Unit 1: Introduction

Cloud computing is everywhere (Ex: any tech magazine or visit almost any IT website or
blog).Typically, the Internet is represented in network diagrams as a cloud. The cloud icon
represents “all that other stuff” that makes the network work. Cloud computing allows to
access applications that actually reside at a location other than your computer or other
Internet-connected device; most often, this will be a distant datacenter.

Ex: For instance, think about the last time you bought Microsoft Word and installed it on
your organization’s computers. Either you ran around with a CD- or DVD-ROM and installed
it on all the computers, or you set up your software distribution servers to automatically
install the application on your machines. And every time Microsoft issued a service pack,
you had to go around and install that pack, or you had to set up your software distribution
servers to distribute it. Advantage of cloud computing, is that another company hosts your
application. They handle the costs of servers, they manage the software updates, and you
pay less for the service. By having someone else host the applications, you need not buy the
servers nor pay for the electricity to power and cool them. It’s also convenient for
telecommuters and traveling remote workers, who can simply log in and use their
applications wherever they are.
Weak Links

As with everything in IT, there are pros and cons. Cloud computing is not exempt.

While an Internet outage or problems with your Internet service provider (ISP),you may not
be able to access your applications and do your work. If you have the application on your
own local servers, then Internet outage wouldn’t affect your application. What if the site
you’re accessing has problems? In July 2008, Amazon’s S3 cloud storage service went down
for the second time that year. A lot of applications were hosted by the company and all
those services could not be accessed until techs could fix the problem. If you have sensitive
or proprietary information, your IT security group may mandate that you not store it on
someone else’s machines.
 Application Integration Issues: it’s more difficult to integrate your applications if they are
geographically dispersed. That is, it is easier to manage and access your data if it is nearby,
and not under someone else’s control. if you need two applications to exchange
information, it’s easier to do if they both reside in the same place. If you have one
application in-house and it has to contact another application on the cloud, it becomes far
more complicated, and more prone to failure.

Cloud Components

cloud computing solution is made up of several elements: clients, the datacenter, and
distributed servers. These components make up the 3 parts of a cloud computing solution.
Each element has a purpose and plays a specific role in delivering a functional cloud based
application.

Clients

Clients are, in a cloud computing architecture, the exact same things that they are in a plain,
old, everyday local area network (LAN). They are, typically, the computers that just sit on
your desk. But they might also be laptops, tablet computers, mobile phones, or PDAs—all
big drivers for cloud computing because of their mobility. Anyway, clients are the devices
that the end users interact with to manage their information on the cloud.

Clients generally fall into three categories:

1. Mobile: Mobile devices include PDAs or smart phones, like a Blackberry, Windows Mobile
Smartphone, or an iPhone.
 2. Thin Clients: are computers that do not have internal hard drives, but rather let the server
do all the work, but then display the information.

3. Thick Clients: This type of client is a regular computer, using a web browser like Firefox or
Internet Explorer to connect to the cloud.

Why Thin Clients?

Thin clients are becoming an increasingly popular solution, because of their price and effect on
the environment. Some benefits to using thin clients are:

1. Lower hardware costs: Thin clients are cheaper than thick clients because they do not
contain as much hardware. They also last longer before they need to be upgraded or
become obsolete.

2. Lower IT costs: Thin clients are managed at the server and there are fewer points of
failure.

3. Data security: Since data is stored on the server, there’s less chance for data to be lost if
the client computer crashes or is stolen.

4. Security: Since the processing takes place on the server and there is no hard drive, there’s
less chance of malware invading the device. Also, since thin clients don’t work without a
server, there’s less chance of them being physically stolen.

5. Less power consumption: Thin clients consume less power than thick clients. This means
you’ll pay less to power them, and you’ll also pay less to air-condition the office.

6. Ease of repair or replacement: If a thin client dies, it’s easy to replace. The box is simply
swapped out and the user’s desktop returns exactly as it were before the failure.

7.Less noise: Without a spinning hard drive, less heat is generated and quieter fans can be
used on the thin client.

Datacenter

The datacenter is the collection of servers where the application to which you subscribe is
housed. It could be a large room in the basement of your building or a room full of servers
on the other side of the world that you access via the Internet. A growing trend in the IT
world is virtualizing servers. That is, software can be installed allowing multiple instances of
virtual servers to be used. In this way, you can have half a dozen virtual servers running on
one physical server. The number of virtual servers that can exist on a physical server
depends on the size and speed of the physical server and what applications will be running
on the virtual server.

Distributed Servers

Servers don’t all have to be housed in the same location. Often, servers are in geographically
disparate locations. But to you, the cloud subscriber, these servers act as if they’re
humming away right next to each other. This gives the service provider more flexibility in
options and security. For instance, Amazon has their cloud solution in servers all over the
world. If something were to happen at one site, causing a failure, the service would still be
accessed through another site. Also, if the cloud needs more hardware, they need not
throw more servers in the safe room—they can add them at another site and simply make it
part of the cloud.

Infrastructure

In Cloud computing there are several different ways the infrastructure can be deployed. The
infrastructure will depend on the application and how the provider has chosen to build the
cloud solution. This is one of the key advantages for using the cloud. Your needs might be so
massive that the number of servers required far exceeds your desire or budget to run those
in-house. Alternatively, you may only need a sip of processing power, so you don’t want to
buy and run a dedicated server for the job. The cloud fits both needs.

Grid computing

Grid computing applies the resources of numerous computers in a network to work on a

single problem at the same time. This is usually done to address a scientific or technical
problem. A well-known example of this is the Search for Extraterrestrial Intelligence (SETI)
@Home project. In this project, people all over the world allow the SETI project to share the
unused cycles of their computers to search for signs of intelligence in thousands of hours of
recorded radio data.
 Another well-used grid is the World Community Grid—Berkeley Open Infrastructure for
Network Computing (BOINC). Here you can dedicate as much or as little of your idle CPU
processing power as you choose to help conduct protein-folding experiments in an effort to
create better and more durable rice crops to feed the world’s hungry. Grid computing
necessitates the use of software that can divide and then send out pieces of the program to
thousands of computers. It can be done throughout the computers of an organization, or it
can be done as a form of public collaboration. Sun Microsystems offers Grid Engine software
that allows engineers at companies to pool the computer cycles on up to 80 workstations at
a time.

Grid computing is appealing for several reasons:

1. It is a cost-effective way to use a given amount of computer resources.

2. It is a way to solve problems that need a tremendous amount of computing power.

3. The resources of several computers can be shared cooperatively, without one computer
managing the other.

In grid computing, a large project is divided among multiple computers to make use of their
resources. Cloud computing does just the opposite. It allows multiple smaller applications to
run at the same time.

Full Virtualization
Full virtualization is a technique in which a complete installation of one machine is run on
another. The result is a system in which all software running on the server is within a virtual
machine. In a fully virtualized deployment, the software running on the server is displayed
on the clients. This sort of deployment allows not only unique applications to run, but also
different operating systems. Virtualization is relevant to cloud computing because it is one of
the ways in which you will access services on the cloud. That is, the remote datacenter may
be delivering your services in a fully virtualized format.

Paravirtualization

Paravirtualization allows multiple operating systems to run on a single hardware device at

the same time by more efficiently using system resources, like processors and memory. In
full virtualization, the entire system is emulated (BIOS, drive, and so on), but in
paravirtualization, its management module operates with an operating system that has been
adjusted to work in a virtual machine. Paravirtualization typically runs better than the full
virtualization model, simply because in a fully virtualized deployment, all elements must be
emulated. In a paravirtualized deployment, many different operating systems can run
simultaneously.
Services

 The term services in cloud computing is the concept of being able to use reusable, fine
grained components across a vendor’s network. This is widely known as “as a service.”
1. Low barriers to entry, making them available to small businesses

2. Large scalability

3. Multitenancy, which allows resources to be shared by many users

4. Device independence, which allows users to access the systems on different hardware

1. Software as a Service(SaaS)

Software as a Service (SaaS) is the model in which an application is hosted as a service to

customers who access it via the Internet. When the software is hosted off-site, the
customer doesn’t have to maintain it or support it. On the other hand, it is out of the
customer’s hands when the hosting service decides to change it. The idea is that you use the
software out of the box as is and do not need to make a lot of changes or require integration
to other systems. The provider does all the patching and upgrades as well as keeping the
infrastructure running.

 Rather than pay for it once and be done with it, the more you use it, the more you’ll be
billed.
 On the other hand, in some cases you don’t have to pay as much up front and you are
only billed based on your use of the application.
 For vendors, SaaS has the appeal of providing stronger protection of their intellectual
property as well as creating a continuous stream of income.
 There are many types of software that lend themselves to the SaaS model.
 Typically, software that performs a simple task without much need to interact with other
systems makes them ideal candidates for SaaS.
 Customers who are not inclined to perform software development but have need of
high-powered applications can also benefit from SaaS.
 Some of thee applications include:
 Customer resource management (CRM)
 Video conferencing
 IT service management
 Accounting
 Web analytics
 Web content management
 SaaS applications differ from earlier distributed computing solutions in that SaaS was
developed specifically to use web tools, like the browser.
 This makes them web-native. It was also built with a multitenant back end in mind,
which enables multiple customers to use an application.
 SaaS provides network-based access to commercially available software.
 Since the software is managed at a central location, customers can access their
applications wherever they have web access.
 SaaS is often used in conjunction with other software. When used as a component of
another application, this is known as a mashup or a plugin.

Benefits

 One of the biggest benefits of SaaS is, costing less money than buying the application
outright.

 The service provider can offer cheaper, more reliable applications than organizations
can by themselves.

 Some other benefits include the following:

1. Familiarity with the World Wide Web: Most workers have access to a computer and
know how to use it on the World Wide Web. As such, the learning curve for using external
applications can be much smaller.

2. Smaller staff: IT systems require the overhead of salaries, benefits, insurance, and
building space. The ability to farm out applications reduces the need for as much IT staff.

3.Customization Older applications were difficult to customize and required tinkering with
the code. SaaS applications are much easier to customize and can give an organization
exactly what they want.

4.Better marketing A provider who had developed an application for a very narrow market
might have had problems marketing that application. However, with SaaS, the entire world
is open to the providers.
5.Web reliability We talked earlier about how the World Wide Web can be seen as a source
of failure. And while that is sporadically true, the fact of the matter is that the Web is
generally quite reliable.

6.Security Secure Sockets Layer (SSL) is widely used and trusted. This allows customers to
reach their applications securely without having to employ complex back-end
configurations, like virtual private networks (VPNs).

7.More bandwidth Bandwidth has increased greatly in recent months and quality of service
improvements are helping data flow. This will allow organizations to trust that they can
access their applications with low latencies and good speeds.

Obstacles

 An organization that has a very specific computational need might not be able to find
the application available through SaaS.(with unique needs may be able to find some of
the components in a SaaS.)

 There is also an element of “lock-in” with vendors. That is, the customer might pay a
provider to use an application, but once they do, they may be unable to port that
application to a new vendor Or, it might be possible to move to a new vendor, but the
old vendor might charge a hefty moving fee.

 SaaS also faces challenges from the availability of open source applications and cheaper
hardware.

2. Platform as a Service(PaaS)

Platform as a Service (PaaS) is another application delivery model. PaaS supplies all the
resources required to build applications and services completely from the Internet, without
having to download or install software. PaaS services include application design,
development, testing, deployment, and hosting. A downfall to PaaS is a lack of
interoperability and portability among providers. That is, if you create an application with
one cloud provider and decide to move to another provider, you may not be able to do so—
or you’ll have to pay a high price. Also, if the provider goes out of business, your applications
and your data will be lost.
  Because PaaS is expected to be used by many users simultaneously, it is designed with
that sort of use in mind, and generally provides automatic facilities for concurrency
management, scalability, failover, and security. PaaS also supports web development
interfaces such as Simple Object Access Protocol (SOAP) and Representational State
Transfer (REST), which allow the construction of multiple web services, sometimes called
mashups. The interfaces are also able to access databases and reuse services that are
within a private network.

 PaaS Options PaaS is found in one of three different types of systems:

1. Add-on development facilities These allow existing SaaS applications to be customized.

Often, PaaS developers and users are required to purchase subscriptions to the add-on SaaS
application.

2. Stand-alone environments These environments do not include licensing, technical, or

financial dependencies on specific SaaS applications and are us

3. Application delivery-only environments These environments support hosting level

services, like security and on-demand scalability. They do not include development,
debugging, and test capabilities.ed for general developments.

Trends Toward Adoption

PaaS faces the same sorts of factors in its adoption as SaaS, Some other factors influencing
adoption include
1. The ability of geographically isolated development teams to work together

2. The ability to merge web services from multiple sources

3. The ability to realize cost savings from using built-in infrastructure services for security,
scalability, and failover, rather than having to obtain and test them separately

4. The ability to realize cost savings from using higher-level programming abstractions

Hurdles

 Because vendors use proprietary services or development languages, some developers

are afraid of being locked into a single provider.

 The vendor may allow the application to be brought to a different provider; however, the
costs are typically higher as compared to moving applications between conventional
hosts.

3. Hardware as a Service(HaaS)

Hardware as a Service (HaaS) is the next form of service available in cloud computing.
Where SaaS and PaaS are providing applications to customers, HaaS doesn’t. It simply offers
the hardware so that your organization can put whatever they want onto it. Rather than
purchase servers, software, racks, and having to pay for the datacenter space for them, the
service provider rents those resources.

HaaS allows you to “rent” such resources as

• Server space

• Network equipment

• Memory

• CPU cycles

• Storage space
 Additionally, the infrastructure can be dynamically scaled up or down, based on the
application resource needs. Resources are typically billed based on a utility computing
basis, so providers charge by how many resources are consumed.

 HaaS involves several pieces:

1. Service level agreements This is an agreement between the provider and client,
guaranteeing a certain level of performance from the system.

2. Computer hardware These are the components whose resources will be rented out.
Service providers often have this set up as a grid for easier scalability.

3. 3. Network This includes hardware for firewalls, routers, load balancing, and so on.

4. 4. Internet connectivity This allows clients to access the hardware from their own
organizations.

5. 5. Platform virtualization environment This allows the clients to run the virtual
machines they want.

6. 6. Utility computing billing Typically set up to bill customers based on how many system
resources they use.

Applications

1. Storage

 Somewhat similar to HaaS, one of the uses for cloud computing is simply storage. If you
lease storage space from a vendor, you are not responsible to buy equipment, pay to run
it, and pay to cool it.
 2. Database

Are repositories for information with links within the information that help make the data
searchable. Distributed databases, like Amazon’s Simple DB, spread information among
physically dispersed hardware. But to the client, the information seems to be located in one
place.

Advantages

The advantages of such a database include the following:

1. Improved availability If there is a fault in one database system, it will only affect one
fragment of the information, not the entire database.

2. Improved performance Data is located near the site with the greatest demand and the
database systems are parallelized, which allows the load to be balanced among the
servers.

3. Price It is less expensive to create a network of smaller computers with the power of one
large one.

4. Flexibility Systems can be changed and modified without harm to the entire database.

Disadvantages

 Complexity Database administrators have extra work to do to maintain the system.

 Labor costs With that added complexity comes the need for more workers on the
payroll.

 Security Database fragments must be secured and so must the sites housing the
fragments.

 Integrity It may be difficult to maintain the integrity of the database if it is too complex
or changes too quickly.

 Standards There are currently no standards to convert a centralized database into a

cloud solution.

Synchronization

Synchronization, as with Microsoft’s Live Mesh or Apple’s MobileMe, allows content to

be refreshed across multiple devices. For instance, if you have a spreadsheet on your
 computer and then upload it to the storage service, the next time you check your PDA,
that file will be downloaded onto it.

Database Services (DaaS)

Another “as a service” offering that is becoming prevalent in the world of cloud computing is
Database as a Service (DaaS). The idea behind DaaS is to avoid the complexity and cost of
running your own database.

DaaS offers these benefits:

1. Ease of use There are no servers to provision and no redundant systems to worry about.
You don’t have to worry about buying, installing, and maintaining hardware for the
database.

2. Power The database isn’t housed locally, but that doesn’t mean that it is not functional
and effective. Depending on your vendor, you can get custom data validation to ensure
accurate information. You can create and manage the database with ease.

3. Integration The database can be integrated with your other services to provide more
value and power. For instance, you can tie it in with calendars, email, and people to make
your work more powerful.

4.Management With some DaaS offerings, management can be provided as part of the
service for much less expense. The provider will often use offshore labor pools to take
advantage of lower labor costs there. So it’s possible that you are using the service in
Chicago, the physical servers are in Washington state, and the database administrator is in
the Philippines.

Intranets and the Cloud

While your operation is not big as Amazon S3 cloud computing, you can use the same sorts of
principles within your organization to develop your IT infrastructure. By setting up thin clients to
run applications and services on a local server, rather than on their desktops, you ease the costs
of deployment and maintenance, as well as reducing power costs. Intranets are customarily
used within an organization and are not accessible publicly. That is, a web server is maintained
in-house and company information is maintained on it that others within the organization can
access. However, now intranets are being maintained on the cloud.To access the company’s
private, in-house information, users are having to log on to the intranet by going to a secure
public web site.

Components
There are two main components in client/server computing: servers and thin or light clients.
The servers house the applications your organization needs to run, and The thin clients—which
do not have hard drives—display the results.

Hypervisor Applications

Applications like VMware or Microsoft’s Hyper-V allow you to virtualize your servers so that
multiple virtual servers can run on one physical server. These sorts of solutions provide the tools
to supply a virtualized set of hardware to the guest os system. They also make it possible to
install different operating systems on the same machine. For example, you may need Windows
Vista to run one application, while another application requires Linux. It’s easy to set up the
server to run both os. Thin clients use an application program or a web browser to
communicate with an application server. Most of the processing is done down on the server,
and sent back to the client.

When You Can Use Cloud Computing

Whether or not you should use cloud computing depends on a number of factors, including

1. Cost/benefit ratio

2. Speed of delivery

3. How much capacity you will use

4. Whether your data is regulated

 5. Your organization’s corporate and IT structure

Scenarios

There are three different major implementations of cloud computing. How organizations are
using cloud computing is quite different at a granular level, but the uses generally fall into one
of these three solutions.

1. Compute Clouds

Compute clouds allow access to highly scalable, inexpensive, on-demand computing

resources that run the code that they’re given.

Three examples of compute clouds are

 Amazon’s EC2
 Google App Engine
 Berkeley Open Infrastructure for Network Computing (BOINC).

Compute clouds are the most flexible in their offerings and can be used for sundry purposes;
it simply depends on the application the user wants to access.

These applications are good for any size organization, but large organizations might be at a
disadvantage because these applications don’t offer the standard management, monitoring,
and governance capabilities that these organizations are used to. Amazon offers enterprise-class
support and there are emerging sets of cloud offerings like Terremark’s Enterprise Cloud, which
are meant for enterprise use.

2. Cloud Storage
 One of the first cloud offerings was cloud storage and it remains a popular solution. Cloud
storage is a big world. There are already in excess of 100 vendors offering cloud storage. This
is an ideal solution if you want to maintain files off-site. Security and cost are the top issues
in this field and vary greatly, depending on the vendor you choose. Currently, Amazon’s S3 is
the popular one.

3. Cloud Applications

Cloud applications differ from compute clouds in that they utilize software applications that
rely on cloud infrastructure. Cloud applications are versions of Software as a Service (SaaS)
and include such things as web applications that are delivered to users via a browser or
application like Microsoft Online Services. These applications offload hosting and IT
management to the cloud.

Cloud applications often eliminate the need to install and run the application on the customer’s own
computer, thus alleviating the burden of software maintenance, ongoing operation, and support.

Some cloud applications include

 Peer-to-peer computing (like BitTorrent and Skype)

 Web applications (like MySpace or YouTube)

  SaaS (like Google Apps)

 Software plus services (like Microsoft Online Services)

When not to Use Cloud Computing

1. Legislative Issues

An issue of more concern for the sensitivity of private data is that there are laws and policy that allow
the government freer access to data on a cloud than on a private server. For example, the Stored
Communications Act allows the FBI access to data without getting a warrant or the owner’s consent.

2. Geopolitical Concerns

It may simply be illegal to post your information on a cloud. If you are in Canada (for instance) and you
want to post your data on an American cloud, you’re out of luck. All it would take is for the U.S.
government to seize a server with foreign data on it.

3. Hardware Dependencies

If you have an application that requires specific hardware, chips, or drivers, a cloud solution might not be
a good fit for you.

4. Server Control

If your application demands complete control over everything that is running, a cloud solution may not
be right for you. If you need detailed control over the amount of memory, CPU, hard drive specs, or
interfaces, then the cloud isn’t an appropriate match for your application. After all, these are all things
managed by the service provider.

5.Cost
One of the big draws of cloud computing is cost. That is, it tends to be less expensive to run an
application on a cloud than to invest in the infrastructure, buy the application outright, and then manage
it day to day. However, over time, it may cost more to pay the cloud subscription than to have simply
bought the servers yourself

6.Lack of Need

Now, there are certainly cases where cloud computing is advantageous for you. And in those cases, by all
means use it.

7. Integration with Existing Applications

if you have two applications that need to integrate, it’s best for one not to be located on-site and a
second on the cloud. It creates problems with security, speed, and reliability. For instance, if you have
two databases—one with sensitive data housed locally, and one with non sensitive data on a cloud—the
chances that the sensitive data will find its way to the cloud are very good. Also, if you are trying to run a
high-speed application in-house and you rely on data from the cloud, the application will only run as fast
as the cloud will allow. This also leads to questionable reliability.

8. Latency Concerns

Since your data and application are located on a series of servers geographically disparate from your own
site, it is going to take some time for the data to reach you. This isn’t an issue of hours or days—or even
minutes. But if you require data instantaneously, the cloud might not be your best option. There’s still
travel time involved with your data.
9. Throughput Demands

Since cloud computing is generally billed in a utility format, you pay for what you use. That’s great and it
seems fair, until you deploy applications that use a lot of throughput and costs start to rise. For instance,
if you are streaming high-definition video over 100 sources, your costs are going to spike sharply. It’s best
to take into account what a server, power, and all other hardware will cost. Figure in the price of
management and associated IT personnel costs and then compare that with what a service provider will
charge you. If it’s cheaper to buy the server, it might be best to forget about the cloud for now.

Benefits of Cloud Computing

1. Scalability

If you are anticipating a huge upswing in computing need (or even if you are surprised by a sudden
demand), cloud computing can help you manage. Rather than having to buy, install, and configure
new equipment, you can buy additional CPU cycles or storage from a third party.
 Since your costs are based on consumption, you likely wouldn’t have to pay out as much as if you
had to buy the equipment. Once you have fulfilled your need for additional equipment, you just stop
using the cloud provider’s services, and you don’t have to deal with unneeded equipment. You
simply add or subtract based on your organization’s need.

2. Simplicity

Again, not having to buy and configure new equipment allows you and your IT staff to get right to your
business. The cloud solution makes it possible to get your application started immediately, and it costs a
fraction of what it would cost to implement an on-site solution.

3. Knowledgeable Vendors

Typically, when new technology becomes popular, there are plenty of vendors who pop up to offer their
version of that technology. This isn’t always good, because a lot of those vendors tend to offer less than
useful technology. By contrast, the first comers to the cloud computing party are actually very reputable
companies. Companies like Amazon, Google, Microsoft, IBM, and Yahoo! have been good vendors
because they have offered reliable service, plenty of capacity, and you get some brand familiarity with
these well-known names.

3. More Internal Resources

By shifting your non-mission-critical data needs to a third party, your IT department is freed up to
work on important, business-related tasks. You also don’t have to add more manpower and training
that stem from having to deal with these low-level tasks. Also, since network outages are a
nightmare for the IT staff, this burden is offloaded onto the service provider

4. Security
There are plenty of security risks when using a cloud vendor, but reputable companies strive to keep you
safe and secure.

Limitations of Cloud Computing

There are other cases when cloud computing is not the best solution for your computing needs.

1. Your Sensitive Information

Concern of storing sensitive information on the cloud, but it can’t be understated. Once data leaves
your hands and lands in the lap of a service provider, you’ve lost a layer of control. Let’s say a
financial planner is using Google Spreadsheets to maintain a list of employee social security
numbers. Now the financial planning company isn’t the only one who should protect the data from
hackers and internal data breaches. It has become much easier for the government to get
information from third parties than from a privately owned server.

Also, less scrupulous service providers might even share that data with a marketing firm. And other
providers may, by way of their agreement with you, be allowed to access and catalog your
information and use it in ways you never intended. What’s important is that you realize what the
provider’s policies are governing the management and maintenance of your data. For example,
Google’s policy states that the company will share data with the government if it has a “good faith
belief” that access is necessary to fulfill lawful requests.

Private data has certainly been released. In the media we regularly hear about retailers and others
losing credit card numbers. In 2007, the British government even misplaced 25 million taxpayer
records. The point is, if you have sensitive or proprietary data, the cloud might not be the safest
place for it.

2. Protect Your Data

That doesn’t mean you can’t maintain your data on a cloud; you just need to be safe. The best way is
to encrypt your data before you send it to a third party. Programs like PGP (www.pgp.com) or open-
source TrueCrypt (www.truecrypt.org) can encrypt the file so that only those with a password can
access it.
Encrypting your data before sending it out protects it. If someone does get your data, they need the
proper credentials or all they get is gibberish. Of course, that just applies to data you manipulate in-
house and then send to the cloud. If you use word-processing files or spreadsheets that are edited
online rather than just stored on the Web, then the data, when saved to the cloud, may not be
encrypted. In general, look for paid services, rather than those funded by advertising. Those are
most likely to rummage through your data looking to assemble user profiles that can be used for
marketing or other purposes. No company can provide you with free tangible goods or services and
stay in business for long.

2. Applications Not Ready

In some cases the applications themselves are not ready to be used on the cloud. They may have
little quirks that prevent them from being used to their fullest abilities, or they may not work
whatsoever. First, the application might require a lot of bandwidth to communicate with users.
Remember, since cloud computing is paid based on how much you use, it might turn out to be less
expensive in the long run to simply house the application locally until it can be rewritten or
otherwise modified to operate more efficiently.

The application might also take a lot of effort to integrate with your other applications. If you try to
relocate it to a cloud, you may find that the savings are erased by the additional effort required to
maintain the integration. In this case it may end up being more cost effective to continue to host it
locally. If the application has to talk with a database that you have onsite, it may be better to also
have the application hosted locally until you can move the entire infrastructure to the cloud. Some
applications may not be able to communicate securely across the Internet. If they cannot
communicate securely or through a tunnel, then your data is at risk. In the event the application
cannot communicate securely, you will need to host it locally. Also, since you are displaying the
application results on an interface like a web browser, you need to ensure that your application is
compatible with a variety of browsers and will operate properly using encryption.
 3. Developing your own Applications

Developing your own applications can certainly be a problem if you don’t know how to program, or if
you don’t have programmers on staff. In such a case, you’ll have to hire a software company (or
developer) or be left to use whatever applications the provider offers. If you have a database on the
cloud, you’ll need some sort of customized interface and some knowledge of (SQL) to access and
manage that data. At some point, your servers are going to have issues if there are too many users
trying to access them, and the inherent scalability of cloud-based resources can mitigate that risk.

LAMP is a stack of simple, powerful web technologies that power a lot of popular, smaller web sites.

 LAMP stands for the following popular items:

 Linux An open-source operating system

 Apache An open-source web server

 MySQL An open-source Structured Query Language (SQL) relational database for web servers.

 Perl A programming language

LAMP is widely used because it is very simple. Because of its ease of use, you can get an application up
and running very quickly. The first problem is one of scalability.

Scalability issues come from the number of threads and socket connections in the Apache web server. If
the server is not properly tuned and a load increases, it can cause problems. A larger scalability problem
comes from MySQL. Relational databases have a hard time growing beyond a certain capacity due to the
way they represent information. When you reach that limit, database management becomes more
difficult.

Security Concerns

As with so many other technical choices in the world of cloud computing—there are pros and there
are cons. In order to be successful, vendors will have to take data like this into consideration as they
offer up their clouds.

Privacy Concerns with a Third Party

The first and most obvious concern is for privacy considerations. That is, if another party is housing
all your data, how do you know that it’s safe and secure? You really don’t. Are They Doing Enough to
Secure It? In reality, even if providers are doing their best to secure data, it can still be hacked, and
then your sensitive information is at the mercy of whoever broke in.

IDC conducted a survey of 244 IT executives about cloud services. As Figure shows, security led the pack
of cloud concerns with 74.5 percent.
The best plan of attack is to not perform mission-critical work or work that is highly sensitive on a cloud
platform without extensive security controls managed by your organization.

Hackers

There’s a lot hackers can do if they’ve compromised your data. It ranges from selling your proprietary
information to your competition to encrypting your storage until you pay them off. Or they may just
erase everything to damage your business and justify the action based on their ideological beliefs. Either
way, hackers are a real concern for your data managed on a cloud

Bot Attackers

In a commonly recognized worst-case scenario, attackers use botnets to perform distributed denial
of service (DDOS) attacks. In order to get the hackers to stop attacking your network, you face
blackmail. In fact, in Japan, blackmail involving DDOS is on the rise. One major Tokyo firm had to pay
3 million yen (about U.S. $31,000) after the network was brought to a screeching halt by a botnet
attack. Because the attack was so dispersed, police have been unable to track down the attackers.

Security Benefits
  Centralized data: there are some good security traits that come with centralizing your data.

 Reduced data loss: It’s bad for companies who lose proprietary data or other mission-critical
information. By maintaining data on the cloud, employing strong access control, and limiting
employee downloading to only what they need to perform a task, cloud computing can limit the
amount of information that could potentially be lost.

 Monitoring: If your data is maintained on a cloud, it is easier to monitor security. Of course, the
chance that the cloud would be breached puts all the data at risk.

 Instant Swapover: If your data is compromised, while you are conducting your investigation to
find the culprits, you can instantly move your data to another machine. You don’t have to spend
hours trying to replicate the data or fix the breach. Abstracting the hardware allows you to do it
instantly.

 Logging: In the cloud, logging is improved. On a cloud, you don’t need to guess how much
storage you’ll need and you will likely maintain logs from the get-go. Also, you can use more
advanced logging techniques. For instance, a C2 audit trail can be employed.

 Secure Builds: When you developed your own network, you had to buy third-party security
software to get the level of protection you want. With a cloud solution, those tools can be
bundled in and available to you and you can develop your system with whatever level of security
you desire. Also, you can perform your patches and upgrades offline.

 Improved Software Security: Vendors are likely to develop more efficient security software. Since
you’re charged for your CPU cycles, you’re going to notice and squawk if the price is too high.

 Security Testing: SaaS providers don’t bill you for all of the security testing they do. It’s shared
among the cloud users. The end result is that because you are in a pool with others (you never
see them, but they are there), you get to realize lower costs for security testing.

Regulatory Issues

In the case of cloud computing, regulation might be exactly what we need. Without some rules in
place, it’s too easy for service providers to be unsecure your data.

 No Existing Regulation
 Government to the Rescue?

if government can figure out a way to safeguard data—either from loss or theft—any company facing
such a loss would applaud the regulation.

 Who Owns the Data?

A big problem is that people using cloud services don’t understand the privacy and security
implications of their online email accounts, their LinkedIn account, their MySpace page, and so forth.
  Government Procurement

Procurement regulations will have to change for government agencies to be keen on jumping on the
cloud.