Cloud Computing

S
IM
M
N
 COURSE DESIGN COMMITTEE

Chief Academic Officer Content Reviewer

Dr. Sanjeev Chaturvedi Mr. Shrikant Mulik
NMIMS Global Access – Visiting Faculty, NMIMS Global
School for Continuing Education Access - School for Continuing Education
Specialization: Business Technology
Management

TOC Reviewer TOC Reviewer

Ms. Brinda Sampat Kali Charan Sabat
Assistant Professor, NMIMS Global Visiting Faculty, NMIMS Global
Access - School for Continuing Education Access - School for Continuing Education
Specialization: Information Technology Specialization: Operations Management

S
IM
Author: Charu Verma
M

Reviewed By: Shrikant Mulik

N

Copyright:
2017 Publisher
ISBN:
978-93-86052-11-7
Address:
4435/7, Ansari Road, Daryaganj, New Delhi–110002
Only for
NMIMS Global Access - School for Continuing Education School Address
V. L. Mehta Road, Vile Parle (W), Mumbai – 400 056, India.

NMIMS Global Access - School for Continuing Education

 C ONT E NT S

CHAPTER NO. CHAPTER NAME PAGE NO.

1 Introduction to Cloud Computing 1

2 Cloud Computing Service Models 27

3 Cloud Deployment Models 49

S
4 Technology Platforms for Cloud Computing 77

5 Challenges in Adoption of Cloud in Business 93

IM
6 Virtualisation 125

7 Cloud Computing and Business Value 149

M

8 Cloud Architectures 169

N

9 Securing the Cloud 191

10 Mobile Cloud-Computing 229

11 Case Studies 251

NMIMS Global Access - School for Continuing Education

 C l ou d Co m pu t i n g

c u rr i c u l u m

Introduction to Cloud Computing: Introduction; Cloud Service Models; Cloud Deployment Models;
Exploring the uses of cloud; Cloud computing Features; Cloud Characteristics (On-demand usage ,
Ubiquitous Access, Resource pooling, Elasticity, Measured usage, Resiliency) ; Common use cases of
cloud Computing

Cloud Service Models: Infrastructure as a service (IaaS); Platform as a service (PaaS); Software as a
service (SaaS), Everything as a Service (XaaS)

Cloud Deployment Models: Public, Private, Hybrid, Community

S
Technology platforms for Cloud Computing: AWS, Azure, Google App Engine, Blue Cloud, Force.com
etc.
IM
Challenges of Cloud Adoption: Performance; Reliability; Security and Privacy; Bandwidth costs

Virtualization: Introduction & benefit of Virtualization; Implementation Levels of Virtualization; VMM

M

Design Requirements and Providers; Virtualization at OS level; Middleware support for Virtualization

Cloud Computing Key Business Drivers: Cloud computing and out-sourcing; Scalability: Types of
Scalability; time to Market Benefits; Distribution over Internet
N

Fundamental Cloud Architectures: Workload Distribution Architecture; Resource Pooling Architec-

ture; Dynamic Scalability Architecture; Elastic Resource Capacity Architecture; Service Load Bal-
ancing Architecture; Cloud Bursting Architecture; Elastic Disk Provisioning Architecture; Redundant
Storage Architecture

Securing the Cloud: Basic Terms and Concepts, Confidentiality, Integrity, Authenticity, Availability,
Threat, Vulnerability, Risk, Security Controls, Security Mechanisms, Security Policies, Threat Agents
, Anonymous Attacker, Malicious Service Agent, Trusted Attacker , Malicious Insider ,Cloud Security:
Threats , Traffic Eavesdropping, Malicious Intermediary, Denial of Service, Insufficient Authorization,
Virtualization Attack, Overlapping Trust Boundaries

Mobile Cloud Introduction: Definition; Architecture; Benefits; challenges; Computing in mobile and
at cloud shield

NMIMS Global Access - School for Continuing Education

 C h a
1 p t e r

Introduction to Cloud Computing

CONTENTS

S
1.1 Introduction
1.2 Cloud
IM
1.2.1 Cloud and Other Similar Configurations
1.2.2 Cloud Characteristics
1.2.3 Exploring the Uses of Cloud
Self Assessment Questions
Activity
1.3 Cloud Service Models
M

Self Assessment Questions

Activity
1.4 Cloud Deployment Models
Self Assessment Questions
N

Activity
1.5 Cloud Computing
1.5.1 Cloud computing Features
1.5.2 Components of Cloud Computing
1.5.3 Common Use Cases of Cloud Computing
1.5.4 Myths and Truths of Cloud Computing
Self Assessment Questions
Activity
1.6 Impact of Cloud Computing on Businesses
Self Assessment Questions
Activity
1.7 Summary
1.8 Descriptive Questions
1.9 Answers and Hints
1.10 Suggested Readings & References

NMIMS Global Access - School for Continuing Education

2 Cloud Computing

Introductory Caselet
n o t e s

Narayana Hrudayalaya Prescribed Cloud to

Deliver Better Healthcare Services

Narayan Hrudayalaya (NH) is a chain of hospitals, headquatered

in Bengaluru, India. Founded in 2000, this hospital chain special-
ises in treating patients with severe heart problems at affordable
costs. These hospitals also help poor children afflicted with heart
problems. They have created a world record by performing ap-
proximately 15000 surgeries on patients across 25 countries and
reported higher profit margins than other American hospitals.

In 2010, Narayan Hrudayalaya decided to expand its bed strength

from 5000 to 30000. In view of the proposed expansion, Srikanth
Raman, CIO at Narayana Hrudayalaya, had to determine ways

S
to build IT infrastructure, which was required for administrative
tasks as well as for performing intricate surgeries. Therefore, the
IT infrastructure had to be scalable and robust to achieve better
results and provide satisfactory treatment to patients.
IM
However, the hospital was not specialised in setting up the IT in-
frastructure that could support surgeries and other regular func-
tionalities in the hospital. Besides, Narayana Hrudayalaya was
not interested in hiring and retaining IT-skilled people who could
build the required infrastructure. Raman was also concerned that
M

after creating the IT infrastructure, a data centre would also be

required to manage the large amount of data related to patients.
This would necessitate buying additional space for setting up
the data centre. The cost and effort, required for setting up such
a large infrastructure, was huge. Faced with these challenges,
N

Narayana Hrudayalaya was looking for an alternate solution that

would take the burden off the shoulders of its administrators who
would be able to better focus on the field of healthcare.

As an alternate solution, Raman decided to use the data hosting

services offered by the cloud. Shifting its database to the cloud
helped Narayana Hrudayalaya save Rs. 20-25 crore. The cloud also
helped the hospital in raising its healthcare standards. Since the
database of Narayana Hrudayalaya resides on the cloud, there-
fore patients can be referred across different branches of hospital.
The patients need not carry their reports of ongoing treatment,
which can be easily accessed by the doctors from the centralised
database of Narayana Hrudayalaya on the cloud. Another major
advantage of the cloud is the high level of security it provides to
the database of Narayana Hrudayalaya.

NMIMS Global Access - School for Continuing Education

 Introduction to Cloud Computing  3

n o t e s

learning objectives

After studying this chapter, you will be able to:

>> Discuss cloud and its characteristics
>> Explain cloud service models
>> Describe cloud deployment models
>> Explain the concept of cloud computing
>> Describe the impact of cloud computing on businesses

1.1 INTRODUCTION
The present-day business environment provides numerous challeng-

S
es related to the use of IT hardware and software resources by an or-
ganization. For example, if a small-sized organisation needs to expand
its employee base, then it would require additional hardware and soft-
ware resources for the new employees.
IM
Ensuring that these new hardware and software resources are com-
patible with the requirements of the employees as well as cost-efficient
often proves to be a challenge for the organisation. During the course
of its expansion, the organisation may be required to purchase costly
hardware and software resources, which, when used in isolation, may
not fulfill all the requirements. In such cases, the organisation might
M

be compelled to purchase some supplementary hardware or software

resources that may be expensive, further adding to the cost of the or-
ganisation. However, the organisation may not use all the features of
the new hardware or software resources, which would lead to non-op-
N

timal use of these resources.

Similarly, when the organisation expands, it needs to increase its data

storage as well as security capacity. Maintenance of the new data stor-
age resources is also a challenge for the organisation. Further, the need
to ensure effective backup and restore policies and disaster manage-
ment strategies also increases as the organisation expands and enters
into new avenues of business. This would, in turn, mean incurring
further costs in installation of additional servers and related hardware
resources. Moreover, if the existing resources of the organisation are
not compatible with the newly acquired resources, it would also cre-
ate problems and lead to further costs. Practically, the organisation
would invest in these resources whenever it would decide to expand!

Now consider a situation where the organisation while going for ex-
pansion, has the option of a dynamically scalable and virtual comput-
ing environment provided over the Internet. Such a virtual computing
environment would not only be scalable to accommodate increased
requirements, but would also cost less (only once, perhaps) even when
the organisation decides to expand multiple times. This is exactly what
the concept of cloud computing offers.

NMIMS Global Access - School for Continuing Education

4 Cloud Computing

n o t e s

This chapter begins with a discussion on cloud and its characteristics.

Next, the chapter discusses cloud service and cloud deployment mod-
els. Further, the chapter discusses various aspects of cloud computing
and the impact of cloud computing on businesses.

1.2 Cloud
A cloud is defined as an integration of hardware, networks, storage,
services, and interfaces that enables you to deliver and access com-
puting as a service. The three main users of cloud computing are
end-user, business management user, and cloud service provider. The
end-user utilizes the cloud services. The business management user
takes the responsibility of the cloud data and services. The cloud ser-
vice provider is responsible for the maintenance of the cloud’s IT as-
sets.

S
The cloud acts as a common location which is capable of fulfilling the
computing needs of organisations and the users linked to it. The best
IM
feature of the cloud is that it is scalable, which means it can easily ex-
pand and contract. The scalability allows provision of additional cloud
resources to the user whenever needed and releasing or reverting
the resources when they are no longer needed by the user. The cloud
expands to fulfill the demand for additional resources and contracts
when the additional resources are released.
M

The cloud is helpful to both type of companies – the provider company,

which provides the cloud services, and the client company, which uses
these services. The provider companies integrate the services provid-
ed by the application software and deploy it on the cloud. The client
utilises the software as a service on rental basis. The cloud helps the
N

provider company to know the extent of the usage of the service and
also saves cost for the company, as it has to spend less for advertising
the software. To the client company, the cloud saves new expenditure
which they would incur on purchasing the new software whenever
their requirement changes. They can utilise the other services that are
based on the changed requirements using the billing model feature.
This billing model helps in calculating the cost of the usage of the ser-
vice by a particular client.

The cloud offers the services that execute in the cloud environment
and fulfill the needs of HR management, financial analysis, invento-
ry management, and risk management for the clients. It has now be-
come a popular way of selling the software as service. To understand
this, let’s reconsider the case of Narayana Hrudayalaya hospital again,
which aiming to help poor children afflicted with heart problems. In
2010, the hospital decided to increase the number of beds from 5000
to 30000 in coming five years for patient treatments. They required
finding a way to create IT infrastructure, which had to be scalable and
robust to achieve better results and provide satisfactory treatment to
patients. Therefore, they decided to use the data hosting services of-

NMIMS Global Access - School for Continuing Education

 Introduction to Cloud Computing  5

n o t e s

fered by the cloud. Using cloud has raised the healthcare standards
in the hospital. Now, the database of Narayana Hrudayalaya resides
on the cloud, which can be referred by patients easily across different
branches of hospital. In addition, cloud has provided is the high level
of security to the database of Narayana Hrudayalaya.

1.2.1  Cloud and other Similar Configurations

There are several multi-tenant implementations that are similar to the

cloud. A clear understanding of the following terms will help you in
distinguishing these from the cloud:
‰‰ Application Service Provider (ASP): Jostein Eikeland, the
founder of Tele-computing, coined the term ASP in 1996. An ASP
is defined as an organisation that hosts and manages one or more
applications and their underlying infrastructure. Customers could

S
use these applications over the Internet and would be billed for
the amount of utilisation.
‰‰ Autonomic computing: It is a group of self-managing features of
IM
distributed computing resources that can function on the basis of
a group of pre-defined policies. This type of computing is capa-
ble of self-healing (that is, discovering and correcting their faults),
self-configuration of their components, self-optimisation of their
resources, and self-protection from malware and attacks.
‰‰ Cluster: It is a group of networked systems sharing the same set of
M

resources, where all the nodes are actively working or some nodes
are in the standby mode, waiting to take over after the failure of
an active node.
‰‰ Distributed computing: This is an implementation technique
N

in which different roles or tasks are distributed among separate

nodes in the network. Grid computing, peer-to-peer architecture,
and client–server architecture are some forms of distributed com-
puting.
‰‰ High Performance Computing (HPC): This technique divides a
task into pieces and uses parallel processing algorithms to execute
each piece on different processors on the same node or multiple
nodes in the network.
‰‰ Utility computing: It started in the early days of mainframes in
the 1960s. Mainframes were very expensive even for large, prof-
itable companies. Hence, mainframe manufacturers provided a
form of utility computing called time-sharing, where they offered
database storage and compute power to banks and other large or-
ganisations for a fee.

In the 1990s, telephone companies came up with Virtual Private Net-

work (VPN) services that were offered over dedicated point-to-point
connections. They kept the price low, as they were able to switch traf-
fic so as to balance bandwidth utilisations and use the available band-

NMIMS Global Access - School for Continuing Education

6 Cloud Computing

n o t e s

width more effectively. At that time, they used the cloud symbol to
demarcate the points between the networks that were the responsi-
bility of the provider and the points that were the responsibility of the
consumer.

Utility computing allows the use of resources; keeps an account of all

utilised resources, such as CPU cycles, storage in GBs, and network
data transfer in GBs; and bills the consumers in a manner that is simi-
lar to the billing process of other utilities, such as telephone and water
services. Utility computing often needs a cloud-like infrastructure, as
it emphasises the business model through which computing services
are provided.

Peer-to-Peer Architecture

S
A peer-to-peer architecture is a network of hosts in which sharing of
resources, processing, and communications control are fully decen-
tralised. Each host acts as a server or provider of certain services.
However, it relies on other hosts within the network for other services.
IM
Each client present on the network is considered equal in terms of
using resources, and users are verified by each individual machine.
Figure 1.1 shows the peer-to–peer architecture:

Peer 2
Peer 1
M

Peer 3
N

Figure 1.1: The Peer-to-Peer Architecture

There are important benefit-related dissimilarities between cloud and

peer-to-peer deployments. Distinctive benefits of the cloud environ-
ment are that it can be easily scaled to meet growth demands and
enable access to any type of hosted applications. It does not burden
user-end devices but it needs to be configured with the highest level of
security. On the other hand, peer-to-peer deployments are relatively
inexpensive and simple to set up and manage.

The shortcomings with cloud implementation include high initial cap-

ital investment and good technology expertise to establish and man-
age it. The downside of peer-to-peer architecture is that it is limited in
extensibility, tends to overburden user workstations by making them
work as servers for other users, has lax security, and is typically unable
to provide any type of system-wide service. But, these shortcomings

NMIMS Global Access - School for Continuing Education

 Introduction to Cloud Computing  7

n o t e s

of peer-to-peer implementation can be overcome by using servers that

are dedicated for computing, storage, management, and monitoring.

Client–Server Architecture

A client–server architecture is a form of distributed computing where

requesters (clients) depend on a number of providers (servers) for
various services or resources such as database, applications, securi-
ty, printing, and backups. Typically, there is at least one server that
provides central authentication services. These servers also provide
access to shared files, printers, hardware storage, and applications.

When a user runs an application from the cloud, it is part of a client–

server application. However, the cloud can provide increased perfor-
mance, flexibility, and significant cost savings because the application

S
hosting and support is the responsibility of the cloud service provider,
and the amount of available resources appears to be infinite to the
consumer. Figure 1.2 shows the client-server architecture:
IM
File Server
Databse Server
M

Tape Server Client 1 Client 2

Print Server
N

Application Server Web Server

Figure 1.2: The Client-Server Architecture

Grid Computing

In the early 1990s, Carl Kesselman and Ian Foster formulated the
concept of grid computing as a cluster of computer systems that were
geographically distributed but worked together to perform a common
task. In a grid, a cluster of loosely coupled computers work together
to solve a single problem that involves massive amounts of numerical
calculation and compute cycles. Grid computing uses grid-controlling
software that splits the work into smaller fragments and allocates each
fragment to a collection of thousands of computers. The controlling
unit later assembles the results to build the output. Grids are usually
used to harness idle computer power.

NMIMS Global Access - School for Continuing Education

8 Cloud Computing

n o t e s

The cloud harnesses idle computer power over a network connection.

Users have a metered utility service to keep track of the amount of
utilisation and generate a periodic bill. Like an electric or computer
grid, the cloud has no upfront, implementation, or capital expenses
for the user. The user only pays for the amount used. Figure 1.3 shows
the architecture of grid computing:

Grid
Control
Server
Client 1
Task 1

S
Task 2
Cluster of Grid Nodes
Client 2
IM
Figure 1.3: The Grid Computing Architecture

1.2.2  Cloud Characteristics

As stated earlier, the cloud is a model where users have a convenient,

M

on-demand access to a shared pool of resources, such as servers, stor-

age, and applications, over the Internet. Users don’t have a control
of the hardware infrastructure underlying the cloud, which is owned
and managed by the provider. They access the services or allocated
resources using a Web browser. The significant characteristics of the
N

cloud are as follows:

‰‰ On-demand usage: A consumer can set up the required comput-
ing capabilities, such as server time and storage on the network,
automatically without having any direct communication with the
cloud service provider.
‰‰ Ubiquitous access: Capabilities that are present over the network
employ normal methods used by various devices such as mobile
phones, tablets, laptops, or workstations.
‰‰ Resource pooling: The cloud provider’s computing resources,
such as storage, processing, memory, and network bandwidth col-
lectively serve various consumers with the help of a multi-tenant
model. On the basis of the consumer’s demand, various physical
and virtual resources are systematically allocated and re-allocat-
ed. There is a sense of location abstraction, as the client does not
have knowledge of the exact location of the allocated resources
but may well be capable of mentioning the location at a higher lev-
el of abstraction, for example, country, state, or data center.

NMIMS Global Access - School for Continuing Education

 Introduction to Cloud Computing  9

n o t e s

‰‰ Elasticity: Cloud computing capabilities can be systematically

provisioned to meet demand and load requirements. These capa-
bilities can be increased or decreased in any quantity and at any
time as per the client’s requirement.
‰‰ Measured usage: Cloud systems are automatically controlled and
they optimise the usage of resources by implementing a metering
capability on the basis of the type of service (e.g. storage, process-
ing, bandwidth, and active user accounts) used by the client. In
cloud computing, the monitoring, controlling and reporting of re-
source usage can be done by both the provider and the consumer,
which helps in ensuring the transparency of both.
‰‰ Resiliency: In the cloud environment, the resiliency feature spec-
ifies the ability of a server, network or a data center in recovering
and continuing its operations in case of failure of equipment, pow-

S
er or other disruption.

1.2.3 Exploring the Uses of Cloud

IM
As discussed earlier, cloud has huge benefits for both corporate users
and individual users. Both these users use cloud for some specific pur-
poses or according to their need. Some important uses of cloud are as
follows:
1. File storage and sharing: Sending/receiving large files through
e-mail has often been a time consuming process. This problem
M

can be overcome by using the cloud, as you can store large files
on the cloud and can share them by downloading at any location,
whenever required.
2. Data management: Data is of prime importance for any
N

organisation; therefore, proper management of data is essential

for the business of the organisation. The organisation has various
types of data such as emails, contracts, images, and blogs.
This data goes into the cloud when the organisation becomes
associated with the cloud. Therefore, security and privacy of the
data is a very big concern. The cloud secures the data using a
firewall and it can be used for any number of applications and
processes.
3. Web hosting: Companies can host their small or large Web
applications on the cloud. The cloud is capable of handling
the incoming traffic of these Web applications. The cloud also
provides storage space that can be increased with the increasing
user database on Web-based applications.
4. File backup: Organisations and users can take backup of their
important applications or data on the cloud database. In case
of any kind of failure of their devices, the data can be recovered
from the cloud database using another system.

NMIMS Global Access - School for Continuing Education

10 Cloud Computing

n o t e s

5. Load balancing: The cloud allows you to balance heavy traffic

of your websites by deploying additional servers at different
locations. Load balancing is highly useful for e-commerce
websites like Amazon, Flipkart, Snapdeal, etc. as they have to
manage large chunks of requests from millions of their users.
These websites can also efficiently handle the large database of
images of products and videos with the help of the cloud.
6. Mobility: The cloud provides mobility by allowing users to access
their documents at any place. For example, cloud services, like
Google Docs, allow you to access your important documents in
your office or at your home. Your documents no longer need to
be system-specific.

self assessment Questions

S
1. The cloud service provider is responsible for maintaining the
IT assets of the cloud. (True/False)
2. HPC stands for _______ Performance __________.
IM
3. The __________ allows provision of additional cloud resources
to the user whenever needed and releasing or reverting these
resources when they are no longer needed by the user.
M

Activity

With the help of the Internet, search the basic architecture of the
cloud.
N

1.3 Cloud Service Models

There are three high-level cloud models depending on what resources
you use and the benefits you get from the cloud. These are described
as follows:
‰‰ Infrastructure-as-a-Service (IaaS): In this model, you can either
use servers or storage in the cloud. In this model, you do not have
to purchase and maintain your own IT hardware. However, you
need to install your applications on your cloud-based hardware
resources.
‰‰ Platform-as-a-Service (PaaS): In this model, you can use the
cloud as a platform to develop and sell software applications.
‰‰ Software-as-a-Service (SaaS): In this model, you can use various
software applications, such as CRM and ERP, and collaboration
tools on the Web. You save by not having to buy or maintain IT
hardware or applications.

NMIMS Global Access - School for Continuing Education

 Introduction to Cloud Computing  11

n o t e s

For all the cloud service models described above, you pay a monthly
fee to the cloud provider for the hardware or applications you use.
Figure 1.4 shows the projected global market size for the public cloud
by the end of this decade:

S
IM
Figure 1.4: Global Public Cloud Market Size, 2011–2020
Source: Forest Research Inc.

In a research report by International Data Corporation (IDC) titled

“Worldwide Software as a Service 2010-2014 Forecast: Software Will
M

Never Be the Same,” it was said that the SaaS revenue will grow by
Compound Annual Growth Rate (CAGR) of around 26% up to 2014.
Traditional ERP projects and sales would be, in particular, badly hit
with traditional ERP upgrades being delayed or cancelled and would
grow at a CAGR of just 5%.
N

It was also said that software vendors will be looking at new routes to
market their products and services. The IDC survey found that most
SaaS was being delivered to US companies (they currently had 71% of
the market), but by 2014 it would become more global.

The PaaS market size was expected to grow at a CAGR of 26% and
grow from US$ 810 million in 2010 to US$ 1.8 billion by 2015 and
evolve into a strong alternative to traditional internal development
platforms. Many Independent Software Developers (ISVs) have been
using PaaS since 2010; however, corporate software developers and
service providers have started engaging more with PaaS from 2012
only.

For SaaS, the volume is more than that for IaaS or PaaS. Total revenue
for 2011 was close to US$ 21 billion. Forrester Research had predicted
that SaaS revenues would reach US$ 92 billion by 2016 and account
for 26% of the software market. This would create some saturation,
and growth would likely to be slow between 2016 and 2020.

NMIMS Global Access - School for Continuing Education

12 Cloud Computing

n o t e s

self assessment Questions

4. In Platform-as-a-Service model, you can either use servers or

storage in the cloud. (True/False)
5. In the_______ model, you can use various software applications,
such as CRM and ERP, and collaboration tools on the Web.

Activity

Network-as-a-Service enables users to access network infrastruc-

ture securely, easily and directly. Search and report more about
Network-as-a-Service.

S
1.4 Cloud Deployment Models
Generally, cloud deployment models can be classified on the basis of
IM
either location or the type of service being provided. On the basis of
location, cloud deployment models can be classified as public cloud,
private cloud, hybrid cloud, and community cloud. Let’s learn about
each model in detail:
‰‰ Public clouds: These type of clouds are accessed or used by gen-
eral masses. Public clouds are hosted, maintained as well as man-
M

aged by cloud service providers such as Amazon, Google, and Mi-

crosoft. In this type of cloud, service providers charge the cloud
users according to their usage. Generally, small organisations
can start using cloud services with current requirement and then
can increase their usage by acquiring more resources according
N

to their requirements. During expansion, there is no need for an

organisation to invest in the infrastructure and it can pay just ac-
cording to what is being used. In the public cloud, there is no need
for organisations (customers) to control or manage the resources;
instead, they are being administered by a third party. Some exam-
ples of public cloud providers are Savvis, Verizon, Amazon Web
Services, and Rackspace. Remember that in the case of a public
cloud, resources are owned or hosted by the cloud service pro-
vider (a company) and the services are sold to other companies.
Figure 1.5 demonstrates the use of a public cloud:

Company X
Cloud
Services
Public Cloud (IaaS/ Company Y
PaaS/
SaaS)
Company Z

Figure 1.5: The Level of Accessibility in a Public Cloud

NMIMS Global Access - School for Continuing Education

 Introduction to Cloud Computing  13

n o t e s

‰‰ Private clouds: In a private cloud, the cloud computing infrastruc-

ture is solely designed for a single organisation and it cannot be
accessed by or shared with other organisations. As compared to
public clouds, private clouds are more costly and more secure.
A private cloud can be either on-premise or hosted externally. In
the case of on-premise private clouds, the service is exclusively
used and hosted by a single organisation. However, private clouds,
which are hosted externally, are used by a single organisation and
are not shared with other organisations. In these cases, cloud ser-
vices are hosted by a third party that specialises in cloud infra-
structure. In the case of a private cloud, security is kept in mind at
every level of the cloud design. The general objective of a private
cloud is not to sell cloud services (IaaS/PaaS/SaaS) to external or-
ganisations, but to get the advantages of cloud architecture. Fig-
ure 1.6 demonstrates the accessibility of a private cloud:

S
Cloud
Private
IM
Services
Cloud (IaaS/PaaS/
SaaS)

Figure 1.6: The Level of Accessibility in a Private Cloud

M

‰‰ Community clouds: A community cloud is a type of cloud that is

shared among various organisations with a common tie. This type
of cloud is generally managed by a third party offering the cloud
service and can be made available on- or off-premise. To under-
stand the concept of a community cloud and the need for design-
N

ing a community cloud, let’s take an example. In any state or coun-

try, say England, a community cloud can be provided to enable all
government organisations to share their resources on the cloud.
Due to the sharing of resources on the community cloud, the data
of all citizens of that state can be easily managed by government
organisations. Figure 1.7 shows the level of accessibility in a com-
munity cloud:

Community Community
Cloud for Level A Cloud for Level B

Cloud Services Cloud Services

(IaaS/PaaS/SaaS) (IaaS/PaaS/SaaS)

Organisations having common tie to Organisations having common tie to

share resources share resources

Figure 1.7: The Level of Accessibility in a Community Cloud

NMIMS Global Access - School for Continuing Education

14 Cloud Computing

n o t e s

‰‰ Hybrid cloud: The cloud environment in which various internal

or external service providers provide services to many organisa-
tions is known as hybrid cloud. Generally, it is observed that an
organisation hosts applications, which require high-level security
and are critical, on a private cloud. It is also possible that the ap-
plications requiring less concern can be hosted on a public cloud.
In hybrid clouds, an organisation can use both types of cloud, i.e.,
public and private, together. A hybrid cloud is generally used in
situations such as cloud bursting in which applications running
in private cloud shift itself towards public cloud when there is an
increase in requirement of resources. In the case of cloud bursting,
an organisation generally uses its own computing infrastructure;
however, in high load requirements, the organisation can access
clouds. In other words, the organisation using a hybrid cloud can
manage an internal private cloud for general usage and migrate

S
the entire or a part of an application to a public cloud during peak
periods. Figure 1.8 shows the implementation of a hybrid cloud:
IM
Public Cloud

Migrated Application
M

Private
Cloud

Organisation X Organisation Y
N

Cloud Services
(IaaS/PaaS/SaaS)

Figure 1.8: The Implementation of a Hybrid Cloud

self assessment Questions

6. _______ clouds are accessed or used by the general masses and

are hosted, maintained as well as managed by cloud service
providers.
7. In which of the following types of cloud, the cloud computing
infrastructure is solely designed for a single organisation and
cannot be accessed by or shared with other organisations?
a. Private b. Public
c. Community d. None of these

NMIMS Global Access - School for Continuing Education

 Introduction to Cloud Computing  15

n o t e s

Activity

Search and enlist the implications while implementing the cloud

deployment model in an organisation.

Exhibit

Limitations of cloud

Despite all the merits, there are numerous limitations linked to

cloud computing. Most enterprises are not prepared for the unique
challenges they will face when they migrate their data into the
cloud. Some of the limitations of cloud computing are as follows:
‰‰ Security issues: Before adopting this technology, you should

S
know that you will be surrendering all your company’s pri-
vate and confidential data to a third-party cloud service pro-
vider. This could potentially put your company to greatest risk.
Therefore, you must select the most reliable service provider,
IM
who could keep your information totally secure.
‰‰ Prone to attack: Storing information in the cloud could make
your company’s vulnerable for external hacking attacks and
threats. As there is nothing on the Internet is completely secure,
so there is always a possibility of stealing of confidential data.
M

‰‰ Network connection: You will always require a very good Inter-

net connection to be logged onto the server at all times. If there
are problems of network connectivity, accessing the cloud also
becomes a problem.
N

‰‰ Downtime: A cloud service providers has to serve multiple cli-

ents each day, so there can be a time when the main server gets
down or your internet connection is offline. In such cases, you
will not be able to access any of your applications, or data from
the cloud.
‰‰ Vendor incompatibility: Many times hosting and integrating
the cloud applications created on different platform throw in-
teroperability and support issues. For instance, applications de-
veloped by Microsoft, such as .Net, might not work properly on
the Linux platform
‰‰ Additional costs: Although cloud computing provides cost ben-
efits, but it impose some hidden or additional costs as well. For
instance, you might have to pay extra charges for data transfer
or other services.
‰‰ Peripherals access: Many times peripheral devices like printers
or scanners might not work with cloud. You will have to require
software to be installed locally in order to access such devices.

NMIMS Global Access - School for Continuing Education

16 Cloud Computing

n o t e s

1.5 Cloud Computing

Cloud computing is completely based on the Internet and is consid-
ered as the next phase in the development of the Internet. Cloud com-
puting utilises the cloud that provides the mechanism to offer services
as per the user’s needs at any location and anytime. Organisations
use cloud computing to fulfill the requirements of their clients and
partners. The three major contributors in cloud computing are ven-
dors, partners, and business leaders. The vendors provide applica-
tions and their associated technology, infrastructure, hardware, and
integration. The partners provide cloud services on demand and offer
support service to their clients. Business leaders utilise and evaluate
cloud services offered by their partners. Cloud computing allows or-
ganisations to treat their resources as a pool and not as independent
resources. Figure 1.9 illustrates the various aspects of cloud comput-

S
ing, which include features, types, modes, benefits, comparisons, and
stakeholders:
IM
Various Aspects of Cloud Computing
M

Cloud
N

Systems

Figure 1.9: Various Aspects of Cloud Computing

Let’s understand the need for cloud computing in a business organi-

sation through an example. Following the recruitment of an employ-
ee in a company, the employee has to be provided various hardware
and software required to perform his/her job. The company also has
to ensure about licenses of software provided and the hardware ar-
rangement for employee. This traditional way of providing software
and hardware to employee causes additional expense for the compa-
ny. However, with cloud computing, the company has to load a single

NMIMS Global Access - School for Continuing Education

 Introduction to Cloud Computing  17

n o t e s

application which provides the interface to use the various software

needed by an employee. In other words, cloud computing handles
the workload efficiently. It decreases the workload of local computers
during the execution of an application. Cloud computing handles the
workload instead of local computers and also decreases the demand
from the user’s end. The only software required by the user’s system
is the interface software which acts as a Web browser, and the rest of
computing is handled by the cloud.

1.5.1  Cloud Computing Features

Cloud computing system must satisfy the economic considerations in

order to achieve business oriented goals and be useful in real life sce-
narios. To exist in today’s business environment, economical issues
are the most important thing to consider. If anything is not economi-

S
cally feasible in context of its use, it will definitely decay within a small
time period. So in developing cloud applications or data centers, eco-
nomic feasibility must be considered.
IM
Besides economic feasibility, some more important features that are
considered in cloud computing are as follows:
‰‰ Quality of service: In cloud computing, the Quality of Services
(QoS) at the resources level guarantees the basic quality of ser-
vices. Cisco, Amazon EC2 and Amazon S3 are the example of such
kind of system.
M

‰‰ Agility and adaptability: It refers to quick reaction according to

the size and service requirements as well as adaptation according-
ly. With elasticity and horizontal scaling, agility and adaptability is
achieved by cloud environments. Examples of such environments
N

are RightScale and FlexNet.

‰‰ Availability: Current cloud systems possess high data availability
in all three cloud types as IaaS, PaaS and SaaS that make them
more flexible and usable. MS Azure and Amazon S3 are the most
prominent examples of such kinds of systems.
‰‰ Cost reduction: A significant cost reduction has been achieved
by cloud investors developing cloud environments with simplified
service provisioning and resource management. It generally refers
to resource management and scaling. This aspect mainly reduces
cost on the users’ side of cloud environments like outsourcing, re-
ducing management overhead and scalability. Google App Engine
through horizontal scaling is a prominent example such type of
cloud environment.
‰‰ Pay per use: Pay per use is a widely accepted billing model of
cloud services that allows users to only for what they used. IaaS,
PaaS and SaaS all types of cloud support pay per use static billing
model. On the users end, it is considered as the automatic billing.
PayPal and HP PPU support the pay per use billing model.

NMIMS Global Access - School for Continuing Education

18 Cloud Computing

n o t e s

‰‰ Improved time to market: Only applies for cloud resellers, aggre-

gators and consumers. With simplified service provisioning and
management, cloud computing environment provides more time
to market and sell services to consumers. It reduces the overhead
of managing resources and developing applications and services
that allow cloud consumers to invest more time in promoting their
end users services and products.
‰‰ Return of investment: Cloud environment allows cloud consum-
ers to reduce workload by using cloud resources and services. It
can be also referred as the outsourcing and work offloading. In
most cases, it applies to cloud consumers only.
‰‰ CAPEX to OPEX: CAPEX refers to capital expenditure in setting
up whole infrastructure while OPEX refers with operational ex-
penditure that an organisation bears in achieving required capa-

S
bilities. With advent of cloud systems, a company can convert their
CAPEX to OPEX by using cloud resources and applications.
‰‰ Multi-tenancy: It is regarded as one of the essential attribute in
IM
cloud computing concept which allows multiple users from differ-
ent domains to access single resource or service of their images si-
multaneously. In a multitenant architecture, a service or resource
is implemented as virtually partitioned and each user can access
an instance of a customised virtual application. Multi-tenancy also
supports image separation, general data management, and instan-
tiation that improve overall availability of resources to users.
M

‰‰ Security and compliance: Enough security policies are implement-

ed in cloud computing environment to make it safe and reliable
for users. Encryption, identification, authentication & authorisa-
tion and data rights management are the key points considered
N

in developing a secure cloud environment. Various technologies

support these features. The concept of data rights management
and legislative regulation is introduced for compliance. These se-
curity mechanism and compliance make resources easily available
and catered by the providers. Almost cloud systems support these
features.
‰‰ Data management: Cloud computing addresses issues of data
management to ensure data availability everywhere. Distributed
data management, conversion, and versioning are the important
features data management. Mesh, AmazonDynamo, and Web-
Sphere are the cloud environments support these features.

1.5.2  Components of Cloud Computing

Cloud computing comprises a virtualised pool of infrastructure re-

sources with applications and services that can be used directly
through a self-service portal. For the end user, cloud computing con-
sists of the following:

NMIMS Global Access - School for Continuing Education

 Introduction to Cloud Computing  19

n o t e s

‰‰ Client: A client is an access device or software interface that a user

can use to access cloud services. There are different types of clients
in terms of hardware and application software. However, all types
of cloud clients are divided into three broad categories, namely:
 Mobile clients
 Thin clients
 Thick clients
Client types can include computers, mobiles, smart phones, tab-
lets, and servers. The client device communicates with cloud ser-
vices by using cloud APIs and browsers.
‰‰ Cloud network: A network is the connecting link between the user
and cloud services. The Internet is the most straightforward and
common choice for accessing the cloud. Employing advanced net-

S
work services, such as encryption and compression, during transit
will benefit both the service provider and the user.
‰‰ Cloud Application Programming Interface (API): A cloud API is
IM
a set of programming instruction and tool that provides abstrac-
tions over a specific provider cloud. It includes a custom or unique
provider call that can be used to enhance the amount of control
over a cloud implementation. These calls can be used to build ap-
plications for accessing and communicating with the cloud ser-
vices. APIs help programmers to have a common mechanism for
M

connecting to a particular cloud service.

1.5.3  Common Use Cases of Cloud Computing

Cloud computing is used in businesses to achieve business goals. The

N

type of cloud service that business organisations want to use totally

depends upon the kind of requirement and the nature of their busi-
ness. Public clouds have been popular with Small and Medium Busi-
nesses (SMBs) because of the cloud economics and expense pattern.
Other companies that would benefit from the cloud are those who
have unpredictable demands, sharp load spikes, seasonal demands,
or need for massive compute resources for short time periods. Busi-
nesses that are unwilling to spend on capital expenses for purchasing
new IT hardware and software will also prefer public clouds.

The benefit applies for all business verticals, be it technical or non-tech-

nical. Large organisations that want to start businesses worldwide and
enter global markets will benefit from public clouds. However, the de-
gree of control in public clouds is less than what is possible in private
clouds. On the other hand, a private cloud will benefit businesses with
high security, privacy, and compliance requirements. It is also suitable
for businesses that are more vertically integrated, and want to control
the supply chain, distribution, and access for vendors and partners.

NMIMS Global Access - School for Continuing Education

20 Cloud Computing

n o t e s

Many businesses are opting for private cloud over public cloud. It is a
cloud like environment, where virtualised resources are available in a
pool with pay-per-use billing for internal business units. The applica-
tion, data, and underlying infrastructure are usually housed within the
enterprise and protected by the corporate firewalls. Data safety, pro-
cess compliance, and service availability remain in full control of the
internal IT staff. However, the private cloud takes away the real benefit
of a cloud, where you do not have to pay for the capital expenses for
the hardware and software and do not have to spend on configura-
tion maintenance. With a private cloud, these benefits go away. You are
burdened with the procurement expenses and recurring maintenance.
This again robs a business manager of peace of mind. As such, it is
important to keep a tab on the expenses related to a private cloud. To
partially offset the expenses of a private cloud, owners can take advan-
tage of a virtual private or hybrid cloud, where a public cloud provider

S
uses its public resources to create a private cloud for the enterprise.

Nirvanix, based in San Diego, California, offers multi-site hybrid

cloud storage, where storage in a private cloud can be expanded to
IM
use storage resources at data centers within the enterprise or outside
at Nirvanix’s datacenters (located in Texas, California, New Jersey
of USA, Germany, and Japan). The customer provides the datacen-
ter space, power, cooling, and Internet connection. Nirvanix provides
and manages the storage at the customer datacenters with a secure
connection to its own datacenters, which can be used during peak re-
quirements or for non-critical data. Figure 1.10 shows a clear picture
M

as to how a virtual private cloud can be configured by a public cloud

provider as per the need of the user:

Cloud Provided Datacenter X

N

Customer Datacenter A

Private Cloud

VPN links
Cloud Provided Datacenter Y

Internet
Customer Datacenter B
Secure bridge
Private Cloud between Customer
and provider’s Cloud Provided Datacenter Z
datacenters

Figure 1.10: Virtual Private Cloud Configured by a Public Cloud

Provider

1.5.4 Myths and Truths of Cloud Computing

There are several apprehensions of the impact of the cloud and how
this disruptive technology will impact individuals, corporate IT teams,

NMIMS Global Access - School for Continuing Education

 Introduction to Cloud Computing  21

n o t e s

Independent Software Developers (ISVs), IT service providers, and

product organisations. Some of the apprehensions are baseless.
Table 1.1 lists a few public cloud myths and reality:

Table 1.1: Public Cloud Myths and Reality

S. Public Cloud Reality
No. Myth
1. If my organisa- The role will still be required, but the scope will
tion moves IT change. Some services will move to the public
services to the cloud but several will remain for corporate IT man-
cloud, my role agers. They will still have to manage security, user
as an IT manag- accounts, OS, and applications. There will be sever-
er becomes less al new tasks, such as integrating corporate servic-
technical and es with cloud services, keeping a backup of cloud
redundant. storage, ensuring secure communications between
cloud and corporate LAN, maintaining Service

S
Level Agreement (SLA) with the Cloud Service
Provider (CSP), and working on escalations to the
CSP.
2. My organisation
IM
You will still be responsible for the integrity, secu-
will lose control rity, and backups, regardless of whether the user
over the user data is on-premise or off-premise. The most suc-
data. cessful cloud deployment is a hybrid cloud, where
you can keep critical data on-premise and use the
cloud during the peak-load period and for less crit-
ical applications.
M

3. Only small Compliance is a key factor. Large organisations use

businesses can the public cloud for applications that are not regu-
benefit from the lated and required by the government to be hosted
public cloud. within an internal datacenter. Backups, DR, appli-
cation development, compute-intensive applica-
N

tions whose resource requirements vary drastically

over time are the reasons why the cloud is used by
large organisations.
4. To fully take ad- It is recommended that you keep some applications
vantage of cloud internal and move a few to the cloud. Apps with
computing, you fluctuating loads are good candidates for the cloud.
will ultimately Apps with sensitive, financial, or critical data are
have to move all ideally hosted on-premise.
services to the
cloud.

self assessment Questions

8. CAPEX refers to __________ in setting up whole infrastructure

while OPEX refers to ___________.
9. In a multitenant architecture, a service or resource is
implemented as virtually partitioned and each user can access
an instance of a customised virtual application. (True/False)

NMIMS Global Access - School for Continuing Education

22 Cloud Computing

n o t e s

Activity

Organisations are investing in cloud computing in almost every

country for better customer experience. Find out the budget allo-
cated by organisations of different countries to get the benefits of
cloud computing.

Impact of Cloud Computing on

1.6
Businesses
Cloud Computing has become a disrupting technology that is replac-
ing the IT infrastructure used by small and large enterprises. By using
cloud computing, enterprises can do away with many captive datacen-
ters and server-storage infrastructure owned and managed by them.

S
In any case, IT managers around the world are excited by the poten-
tial of cloud computing, but at the same time, are apprehensive of the
IM
security and compliance concerns around it. Despite this, senior man-
agement and business owners want to go for cloud, as it allows them
to get rid of the IT infrastructure and focus on expanding their core
competencies and revenue verticals. They look forward to pay-per-
use invoices and on-demand resource provisioning for meeting peak
loads, without having to buy and manage resources for use during
temporary peak-load periods.
M

However, there is no denying the fact that IT managers are worried

about the loss of control over managing their computing resources
and data storage systems, about having to share the same comput-
ing platform with other unknown tenants, and about not knowing the
N

insiders who manage their hardware platform. All these factors are
expected to have an impact on the availability and quality of services
provided by IT managers to corporate users, for which the IT manag-
ers are ultimately liable and answerable. As such, cloud service should
not be considered similar to traditional hosting. A cloud service has a
few salient features that distinguish it from hosting services. These
features are given as follows:
‰‰ Cloud services are sold on demand, typically by the minute, hour,
or month.
‰‰ You as a user can use as much or as little of a service as you want
at any time.
‰‰ The service can be an application or even hardware resources,
such as storage capacity or compute power.
‰‰ The service and underlying infrastructure is fully managed by the
provider. All you need is a Web browser and an Internet connec-
tion.

NMIMS Global Access - School for Continuing Education

 Introduction to Cloud Computing  23

n o t e s

Using cloud, instead of running applications on an in-house IT hard-

ware and datacenter, you run them on machines owned and managed
by the cloud provider. You access the applications over the Internet.
The machines, applications, and your data are held outside of your en-
terprise, at the provider’s or someone else’s datacenter that has been
chosen for use.

A cloud service can be public, private, or a hybrid of the two. A public

cloud offers services to anyone on the Internet. Amazon Web Services,
Google, and Salesforce.com are some of the leading public cloud pro-
viders. A private cloud is an internal IT infrastructure, usually located
within the user’s datacenter. It offers application services to a limited
number of users within one or a few related organisations. Like a pub-
lic cloud, the infrastructure is shared by multiple users and each user
gets resources as and when he/she requires.

S
self assessment Questions

10. By using Cloud Computing, enterprises can do away with

IM
many captive datacenters and server-storage infrastructure
owned and managed by them.(True/False)
11. The _______ can be an application or even hardware resources,
such as storage capacity or compute power.
M

Activity

Determine the impact of cloud computing in banking sector of the

world.
N

1.7 SUMMARY
‰‰ The cloud can be defined as an integration of hardware, networks,
storage, services, and interfaces that allows in offering the com-
puting as service.
‰‰ The cloud is helpful to both the provider company, which provides
the cloud services, and the client company, which uses the services
on the cloud.
‰‰ In the private cloud, the cloud computing infrastructure is sole-
ly designed for a single organisation and cannot be accessed or
shared with other organisations.
‰‰ The cloud environment in which various internal or external ser-
vice providers provide services to many organisations is known as
hybrid cloud.
‰‰ The cloud computing is fully based on the Internet.

NMIMS Global Access - School for Continuing Education

24 Cloud Computing

n o t e s

‰‰ The cloud computing uses the cloud which provides the mecha-
nism to provide the services as per the needs of the client at any
location and time.
‰‰ The cloud computing allows the organisations to treat their re-
sources as a pool, and not independently.

key words

‰‰ Autonomic Computing: It is a group of self-managing features

of distributed computing resources that can function on the ba-
sis of a group of pre-defined policies.
‰‰ Public Cloud: A type of cloud that is accessed or used by gen-
eral masses and hosted, are maintained as well as managed by
cloud service providers.

S
‰‰ Community Cloud: A type of cloud that is shared among vari-
ous organisations with a common tie.
‰‰ Cloud Computing: A kind of computing which makes the organ-
IM
isations treat their resources as a pool, and not independently.

1.8 DESCRIPTIVE QUESTIONS

1. What do you understand by a cloud? What are different
characteristics of a cloud?
M

2. Describe the different types of cloud service models in detail.

3. Explain different types of cloud deployment models.
4. Discuss the need and features of cloud computing.
N

5. Describe the impact of cloud computing on businesses.

1.9 ANSWERS AND HINTS

ANSWERS FOR SELF ASSESSMENT QUESTIONS

Topic Q. No. Answers

Cloud 1. True
2. High Performance Computing
3. Scalability
Cloud Service Models 4. False
5. Software-as-a-Service or Saas
Cloud Deployment Models 6. Public
7. a. Private

NMIMS Global Access - School for Continuing Education

 Introduction to Cloud Computing  25

n o t e s

Topic Q. No. Answers

Cloud Computing 8. Capital expenditure, operational
expenditure
9. True
Impact of Cloud Comput- 10. True
ing on Businesses
11. Cloud service

HINTS FOR DESCRIPTIVE QUESTIONS

1. A cloud is defined as an integration of hardware, networks,
storage, services, and interfaces that enables you to deliver and
access computing as a service. Refer to Section 1.2 Cloud.
2. There are three high-level cloud models depending on what

S
resources you use and the benefits you get from the cloud. Refer
to Section 1.3 Cloud Service Models.
3. Generally, cloud deployment models can be classified either on
IM
the basis of location or the type of service being provided. Refer
to Section 1.4 Cloud Deployment Models.
4. Cloud computing is completely based on the Internet and is
considered as the next phase in the development of the Internet.
Refer to Section 1.5 Cloud Computing.
M

5. Cloud Computing has become a disrupting technology that

is replacing the IT infrastructure used by small and large
enterprises. Refer to Section 1.6 Impact of Cloud Computing on
Businesses.
N

1.10 Suggested Readings & References

SUGGESTED READINGS
‰‰ Murugesan, S., & Bojanova, I. (2016). Encyclopedia of Cloud Com-
puting. Chichester, West Sussex: John Wiley & Sons.
‰‰ Hurwitz, J. (2010). Cloud Computing for Dummies. Hoboken, NJ:
Wiley.

E-REFERENCES
‰‰ (n.d.).Internet and Technology. Retrieved February 21, 2017, from
https://www.ibm.com/developerworks/community/blogs/722f6200-
f4ca-4eb3-9d64-8d2b58b2d4e8/entry/4_Types_of_Cloud_Comput-
ing_Deployment_Model_You_Need_to_Know1?lang=en
‰‰ How the cloud is improving healthcare in remote populations.
(n.d.). Retrieved February 21, 2017, from http://www.cloudcom-
puting-news.net/news/2017/jan/16/how-cloud-improving-health-
care-remote-populations/

NMIMS Global Access - School for Continuing Education

N
M
IM
S
 C h a
2 p t e r

Cloud Computing Service Models

CONTENTS

S
2.1 Introduction
2.2 Infrastructure as a Service (IaaS)
IM
Self Assessment Questions
Activity
2.3 Platform as a Service (PaaS)
2.3.1 Leveraging PaaS for Productivity
2.3.2 Guidelines for Selecting a PaaS Provider
2.3.3 Concerns with PaaS
M

2.3.4 Language and PaaS

Self Assessment Questions
Activity
2.4 Software as a Service (SaaS)
N

Self Assessment Questions

Activity
2.5 Database as a Service (DBaaS)
Self Assessment Questions
Activity
2.6 Everything as a Service (XaaS)
Self Assessment Questions
Activity
2.7 Specialised Cloud Services
Self Assessment Questions
Activity
2.8 Summary
2.9 Descriptive Questions
2.10 Answers and Hints
2.11 Suggested Readings & References

NMIMS Global Access - School for Continuing Education

28  Cloud Computing

Introductory Caselet
n o t e s

Groupon Improved its Customer Handling

Using SaaS

Groupon, founded in 2008, offers deals on stuffs related to cus-

tomer’s daily needs. Thousands of employees work for the compa-
ny in its different offices across Europe, America, Asia, and Africa.
The company only offers products and services of high standards,
deals with its customers with full honesty and provides excellent
services.
After a few months of company’s launch, it started gaining popu-
larity and the customer’s database increased tremendously. The
company initially appointed a single person to handle customers’
query, but it soon realised that a real time ticketing system would
be required to handle the large number of customers.

S
Joe Harrow, Director of Customer Service of Groupon decided
to find some Web-based solution to this problem, and for this he
chose to take the services of Zendesk, a company providing en-
IM
terprise level software solutions.
Zendesk support is a customer service platform, based on the
Software As A Service (SaaS) cloud service model, which pro-
vides help desk solutions to the companies from small size to me-
dium size. As a customer, you do not need to install it, because it
is available on one easy monthly subscription.
M

Zendesk basically uses the concept of tickets in their working

structure. A ticket is generated by a client call, which can be up-
dated, tagged, searched or resolved all through a Web interface.
Some features of Zendesk support are as follows:
N

‰‰ Tickets are completely customisable

‰‰ RSS feeds feature is available with both tickets and views
‰‰ Self-service portal for help desk users
‰‰ Tickets are associated with clients’ emails
‰‰ When tickets are resolved, they automatically converted into
solutions and also added to the solution database
The macro feature of Zendesk is helpful in answering the ques-
tions asked frequently by customers. Groupon is handling 15000
tickets per day with the help of 150 customer support agents and
Zendesk. The predefined macros in Zendesk helped agents in
providing one touch resolution of their queries.
The Zendesk solutions can also be integrated with other solutions
easily. Groupon integrated Zendesk with Gooddata software solu-
tion that enhanced the reporting capabilities of Groupon. With
this integration, Groupon overcame the limitations of convention-
al spreadsheets.

NMIMS Global Access - School for Continuing Education

 Cloud Computing Service Models  29

n o t e s

learning objectives

After studying this chapter, you will be able to:

>> Explain Infrastructure as a Service (IaaS)
>> Describe Platform as a Service (PaaS)
>> Discuss Software as a Service (SaaS)
>> Explain Everything as a Service (XaaS)
>> Describe Specialised Cloud Services

2.1 INTRODUCTION
In the previous chapter, we have discussed various cloud-based ser-

S
vices briefly. You have seen that these end-services are at least, to
some extent, similar to what IT managers offer from internally-host-
ed, traditional infrastructure. Both cloud-based services and the ser-
vices provided by IT managers offer computing power and storage, an
IM
application-development and hosting platform, which users can use
with little or no customisation.

But the services offered by the cloud are more beneficial in compari-
son to services provided by IT managers. For example, the virtualised
(and usually vast) resource pooling and self-service characteristics are
fundamental aspects of the services offered by the cloud. In a public
M

cloud, the infrastructure is multi-tenant. Most public clouds have hun-

dreds or thousands of servers spread across the country or the world.
A user can set up the cloud environment easily using the self-service
portal. There is often no initial expense. The user is charged on a
N

monthly basis (or whatever the billing period is) for the actual amount
of resources used for that month. It is just like a utility bill that a user
might get at home for phone or electricity usage.

Cloud makes it convenient to set up a new environment. It takes a

short time (for example, a few hours) to set up servers with required
storage, OS, database, and development tools in a cloud. On the other
hand, to set up an internal, non-cloud server and storage system for a
new development project or application, the roll-out will take weeks
or months. In order to set up a new environment, you will have to go
through various phases, namely, architecture, approval, negotiation,
procurement, setup, installation, testing, and go-live. Each of these
phases can take several weeks to complete.

The cloud services have been in use for years before the term “cloud
computing” was coined. In fact, all services available in the cloud have
been available since the dawn of computing. But now, the cost of set-
ting up cloud infrastructure has become cheaper, the cloud delivery
mechanisms have become more convenient to use, and the related
bandwidth has become more widespread and affordable.

NMIMS Global Access - School for Continuing Education

30  Cloud Computing

n o t e s

For larger businesses, several of their internal business units will move
towards the cloud, unless compelled by government regulations to
keep the data and applications within their internal premises. There
are three key types of cloud-based service mechanisms:
‰‰ Infrastructure as a Service (IaaS)
‰‰ Platform as a Service (PaaS)
‰‰ Software as a Service (SaaS)

In this chapter, you will first learn about Infrastructure as a Service

(IaaS). Then this chapter will describe Platform as a Service (PaaS).
Next, this chapter will discuss Software as a service (SaaS) and Ev-
erything as a Service (XaaS). Finally, this chapter will discuss about
specialised cloud services.

S
2.2 INFRASTRUCTURE AS A SERVICE (IAAS)
IaaS is a model in which you, as a customer, pay for the resources
(such as computing power, memory, storage, bandwidth, security de-
IM
vices, load balancers, etc.) kept at the provider’s facility or wherever
the provider keeps its hardware. The provider owns the equipment
and maintains it at a level specified in the previously-agreed upon
Service Level Agreement (SLA). As a customer, all you need to do
is to pay for the part of the resources dedicated permanently to your
account or resources that you acquire temporarily to meet the short-
M

term needs. The customer can install OS, applications, libraries, and
other software within the virtual machine and has limited control on
networking and security equipment, such as host firewalls.

Consider the case of a cable TV operator who is planning to expand

N

its services to offer on-demand movies to users over an Internet Pro-

tocol (IP) network. The users should be able to stream movies to their
laptops, desktops or IP-enabled TVs over a DSL or broadband. The
problem is that the datacenter location is far from the customer base.
The operator does not have high-speed IP access to all its users. The
movies are very large and must be available on-demand. The operator
decides to host the movies on the public cloud. It will allow the opera-
tor to manage massive data files and bandwidth demands without in-
creasing physical resources or link speeds. The operator will pay only
for storage space and bandwidth consumed to stream videos to the
paying users. The cloud provider has user authentication and Role-
Based Access Control (RBAC) to control administrators from the TV
operator company who are authorised to change the movie database.
In this way, the cable operator got the benefit of IaaS.

Since the early 1980s, various offerings such as mainframes and thin
computing (which are similar to today’s IaaS and private clouds) have
been built. One of the innovations of IaaS was a storage provider
known as Storage Networks, which was built in late 90s in Waltham,
Massachusetts. They offered storage-as-a-utility along with pay-per-

NMIMS Global Access - School for Continuing Education

 Cloud Computing Service Models  31

n o t e s

use billing model. They provided a list of services, for example, data
archiving, backups, and replication. The user community was, howev-
er, not ready for the services and they were unfortunately far ahead of
their times to be commercially successful.

In July 2003, its Board of Directors announced the closure of the busi-
ness and approved a plan to liquidate the company. The company re-
tained only a small transition team to oversee the wind down of the
business and terminated rest of the employees working in the com-
pany.

In December 2003, a company called Rocket Software (http://www.

rocketsoftware.com/) of Newton, Massachusetts bought some of the
technical assets of the company. That was in early 2000s, when server
virtualisation or pay-per-use for hardware resources was uncommon
as a marketable utility. Even the term cloud computing had not been

S
coined. However, today, with robust virtualisation technologies (such
as Xen from Citrix, Hyper-V from Microsoft, vSphere from VMware
and open source software), high-speed broadband, and shrinking cor-
IM
porate budgets for IT, businesses are looking to buy or rent only what
they need for the day. IaaS is the solution for them. To be commercial-
ly successful, the IaaS service must include the following:
‰‰ Utility-style computing service with pay-per-use billing
‰‰ Superior, world-class IT infrastructure and support
M

‰‰ Virtualised servers, storage, and network to create a shared clus-

ter of resources
‰‰ Dynamic scalability of memory, bandwidth, storage, and servers
(usually to thousands of servers) to meet user needs in real-time
N

‰‰ Flexibility for clients to enhance or reduce the assigned resources

‰‰ Automation of administrative tasks
‰‰ Ability to view and manage resource utilisation

As a user, you need to be sure that your IaaS provider has the
above-mentioned attributes. Here is a list of questions to ask your
provider:
1. What does the provider have in place to protect non-IT
infrastructure, such as its datacenter, UPS, diesel generator,
racks, and air-conditioners, and IT infrastructure, such as
servers and storage?
2. How does it configure the security of the virtual machines?
3. How does the provider validate the integrity of the Virtual
Machine Images (VMIs)?
4. How does it protect customer data, applications, and
infrastructure from attacks by other tenants in the same cloud?
5. What tools does the provider use to detect security flaws?

NMIMS Global Access - School for Continuing Education

32  Cloud Computing

n o t e s

6. What are the physical locations where data will be stored? This
is required for compliance with certain regulations that need
data to be in the same country.
7. How and at what frequency are the backups provided? Is backup
data encrypted?
8. What are the DR and BCP plans?

self assessment Questions

1. IaaS is a model in which you, as a customer, pay for the

resources such as computing power, memory, storage, etc.
kept at the provider’s facility or wherever the provider keeps
its hardware. (True/False)
2. SLA stands for

S
a. Service Level Agreement b. Server Level Agreement
c. Service Less Agreement d. Services Level Agreements
IM
3. One of the innovations of IaaS was a storage provider known
as _______.
4. Xen from Citrix, Hyper-V from Microsoft and vSphere from
VMware are _______ technologies.
M

Activity

Find out about three types of IaaS cloud offerings and discuss with
your friends.
N

2.3 PLATFORM AS A SERVICE (PAAS)

PaaS is a cloud service where a client gets a set of application and
product development tool hosted on the provider’s infrastructure.
The client can deploy acquired applications or those developed by us-
ing programming languages and tools which the provider supports.
The consumer does not control, own or manage the underlying cloud
infrastructure, including servers, OS, storage, security devices, net-
work, but has a control over the deployed applications and possibly
also over the configurations of the hosting environment.

Developers on the PaaS platform develop applications on the cloud

platform with the help of APIs, website portals or gateway software
deployed on the cloud servers. Force.com (a part of Salesforce.com),
Microsoft Azure and Google AppEngine are a few leading PaaS pro-
viders.

Despite the advancement in this area, PaaS suffers from absence of

widely-adopted standards for application portability between clouds.

NMIMS Global Access - School for Continuing Education

 Cloud Computing Service Models  33

n o t e s

Table 2.1 shows a comparison between a traditional development en-

vironment and PaaS on the basis of the features offered:

Table 2.1: Features of an Internal Traditional

Development Environment and PaaS
Feature In-House Application De-
velopment
Multi-Tenancy Intended for a single or a
small group of users.
User End-Points Application-based tools,
browsers.
PaaS for Application
Development
Supports hundreds to
thousands of users, each
with multiple active
projects. Partition of data
is must to protect several
users.
Web browser-based tools.

S
Deployment Deployment and scalability Scalability, failover, and
are left for installation and load-balancing are the
go-live phases. basic building blocks.
Runtime Moni-
IM
Development solutions are Built-in monitoring avail-
toring usually not related with able with the develop-
runtime monitoring. ment platform.
Virtual Ma- Multiple options are availa- Need to work with the
chines, Servers, ble and can be customised infrastructure offered by
Storage, Data- to meet any user require- PaaS providers.
bases ment.
M

Integrated De- May have separate environ- Same environment for

velopment Envi- ment and infrastructure for all phases.
ronment (IDE) development, test, debug-
ging, and production.
N

Table 2.2 shows the list of various categories of PaaS:

Table 2.2: PaaS Categories and Examples

Category Description Examples
I These are PaaS offerings where Force.com, Google, Long-
software developers can use Jump, Magic Software,
current tools, which they prefer Microsoft, NetSuite, TIBCO,
to locally develop the software. and Wavemaker.
Once they compile and test the
application, they can upload it
on the cloud.
II The PaaS vendors provide Force.com, Intuit, Trackvia,
a cloud-based development and Wolf Frameworks
environment, which includes
stages, such as design, coding,
debugging, testing, staging, and
deployment. All phases provide
browser-based access. The de-
velopers build and test applica-
tions at the PaaS provider’s site.

NMIMS Global Access - School for Continuing Education

34  Cloud Computing

n o t e s

Table 2.2: PaaS Categories and Examples

Category Description Examples
III These PaaS vendors target Caspio, Cordys, Mendix,
business experts, not coders or WorkXpress, and Zoho.
developers. The vendors pro-
vide tools, templates that can
be easily customised to build
applications. There is no need to
write original code, it speeds up
application delivery timeline.
IV These PaaS vendors enable de- Amazon, CloudBees, En-
velopers to use tools for building gine Yard, Gigaspaces, IBM,
the applications, either locally or Joyent, Microsoft, Red Hat,
in the cloud. The developers can Standing Cloud, and Cloud
use the cloud to stage, deploy, Foundry (VMWae).

S
scale, and manage the applica-
tions.

Despite the availability of various PaaS vendors, consumers need to be

IM
cautious. Small, start-up vendors may not be in business a few years
down the line and large established PaaS vendors may be slow to keep
up with new offerings and attempt to sell their traditional products.
There are a few well-established PaaS providers, such as Force.com,
Google, and Microsoft.

The existing development user community must be familiar with the

M

technologies and offerings within the selected PaaS service.

2.3.1 LEVERAGING PaaS FOR PRODUCTIVITY

The following key features will increase a developer’s productivity if

N

they are effectively implemented on a PaaS site:

‰‰ Ubiquitous access and quick deployment: This is particularly
important for organisations whose developers are geographically
spread out, mobile, and always changing in number. PaaS enables
rapid implementation, scalability, and collaboration.
‰‰ Caching: The PaaS environment that supports caching for cloud
resources will boost application performance. Developers would
need an API to put an object or resource in the cache and to flush
the cache.
‰‰ Integrated Development Environment (IDE): The PaaS environ-
ment must have a browser-based development studio with an IDE
for development, test, and debugging of applications. PaaS must
provide the same development and production environment and
the capability to build apps in various languages, such as Java,
Python, C#, Ruby, or PHP.
‰‰ Database: Each PaaS must provide a database for developers to
store and access data. For example, for PaaS cloud, Force.com

NMIMS Global Access - School for Continuing Education

 Cloud Computing Service Models  35

n o t e s

has a service called database.com that enables you to build ta-

bles, fields, and relationships. It includes file storage, user man-
agement, authentication and development tools that make it easy
to build applications. The database and APIs must support open
standards, such as REST, OAuth, SAML, and SOAP.
‰‰ Integration: Integration with external databases and Web services
and their compatibility is ensured with leading cloud providers,
such as Google AppEngine, Microsoft Azure, Amazon or Force.
com.
‰‰ Logging: Log creation is a common requirement for all developers,
regardless of the application they are developing. The PaaS envi-
ronment must have APIs to open and close log files, write event
logs, examine entries, and send alerts for certain events detected
in the log files.

S
‰‰ Identity management: Developers in a PaaS or traditional envi-
ronment need to authenticate and manage users within their ap-
plications. Each user has a set of privileges managed by a role-
IM
based access mechanism. The PaaS cloud must support federated
identity management system where a user, once authenticated, is
given credentials to access services within the application as well
as on other clouds. APIs with the PaaS should cache, use, and de-
lete credentials as needed.
‰‰ Messaging: PaaS cloud must provide ability to APIs to manage
M

messages, such as the ability to post messages to any queue, con-

sume messages, and examine message content without consuming
them. It must support a highly-secured and on-demand collabora-
tion throughout the Software Development Life Cycle (SDLC) with
phases, such as design, development, testing, deployment, produc-
N

tion, and support.

‰‰ Job processing: PaaS must provide the capability to APIs to en-
able developers to start, monitor, pause, and stop jobs that require
large processing, such as Hadoop style data mining. Hadoop is
a software framework that enables applications to conveniently
work with thousands of nodes and petabytes of data and is based
on Java programming language.
‰‰ Session management: PaaS must provide the ability to view ac-
cess or change user sessions. When a user session migrates from
one node to another in the cloud (say to server failure, for exam-
ple) the PaaS environment must maintain the user session.
‰‰ Service discovery: PaaS platform must give developers a conve-
nient way to discover available services and the ability to search
the cloud by service types. It must provide a range of search crite-
ria for different service categories offered by the provider.

Besides the above-mentioned features, you must make sure that the
PaaS environment meets your specific programming needs.

NMIMS Global Access - School for Continuing Education

36  Cloud Computing

n o t e s

Here is a list of questions you need to ask a potential PaaS provider:

‰‰ What development environments does the vendor provide?
‰‰ Can your existing and read-for-market applications be hosted from
the PaaS cloud? This will prove the readiness of the provider.
‰‰ What is the security responsibility (for user authentication, data,
etc.) of the provider and the consumer?
‰‰ Does the provider have the expertise and willingness to work di-
rectly with you for porting, customisation, and deployment, as of-
ten as required?
‰‰ What facilities are there for logging of security events and user ac-
tivity? Do they use log servers, independent of the PaaS platform?
‰‰ What tools are available to detect security flaws in applications?

S
Does the provider have sound intrusion detection or prevention
systems?
‰‰ What about change management? Does the provider have a ro-
IMbust, centralised mechanism for maintenance without incurring
downtime or performance degradations?
‰‰ What are the provisions for backups and DR?
‰‰ How does the cloud vendor ensure that application flaws of one
customer do not impact the shared infrastructure or someone
else’s data?
M

‰‰ Can the public PaaS provider offer the services within a hybrid
cloud model? This will assure enhanced security and flexibility.

Out of all the applications you have to develop, some will not be suit-
N

able for PaaS. For example, if you need to develop and test on a main-
frame or Unix system, that is not offered by PaaS provider, you will
need to set up and use an internal environment. For other applica-
tions, you can use environments offered by PaaS providers.

2.3.2 GUIDELINES FOR SELECTING A PaaS

PROVIDER

Some guidelines for choosing a suitable PaaS provider are as follows:

‰‰ Compatibility with other clouds: PaaS providers generally claim
portability to all other clouds. This cannot be true as the cloud en-
vironments are unique and standards are still evolving. However,
you need to be aware of providers who claim they have everything
for everyone.
‰‰ Target customers: PaaS providers have certain target customers
and architect their environment to appeal to a particular group of
users. For example, Microsoft focuses on .NET and PHP develop-
ers. Oracle focusses on Java developers. Make sure that the PaaS

NMIMS Global Access - School for Continuing Education

 Cloud Computing Service Models  37

n o t e s

provider you select offers and supports the application develop-

ment environment you need.
‰‰ Avoid vendor lock-in: You must select a provider who facilitates
cloud interoperability for your application. It must be easily ported
to another public or hybrid cloud or even to a non-virtualised in-
ternal infrastructure. For this reason, the provider must abstract
application runtime, data handling, and middleware from the un-
derlying infrastructure.
‰‰ Platform management: Make sure that the PaaS provider can
manage and maintain the environment. Many PaaS platforms are
built using open-source projects and applications for which the
provider may not have skills or control.
‰‰ The test of time: Make sure that the cloud vendor will be in busi-
ness in the times to come.

S
With the ephemeral nature of cloud businesses, make sure that the
provider has a reliable set of partners, satisfied customers, and a
IM
sound financial base and can continue to survive even in harsh times.

2.3.3  CONCERNS WITH PaaS

The convenience attained with PaaS (as per the above points) leads to
a great loss of control over the environment and security. The follow-
ing are the drawbacks of using PaaS:
M

‰‰ Lack of visibility: It is difficult to know if you are running in a

secure, robust environment. There is no standard way to deter-
mine the patch levels, view, and analyse the activity logs, or per-
form a vulnerability audit on the platform. Remote tests are usu-
N

ally banned.
‰‰ Portability/Interoperability with applications on another cloud:
Unlike IaaS, where OS images can be moved between clouds, ap-
plications developed on a PaaS involve cloud-provider’s APIs and
customised language extensions. This makes porting of applica-
tions difficult.
‰‰ Security: Some PaaS providers include built-in security services,
but the end-user has no information on the implemented security
mechanisms. The customers cannot install host-level security ap-
plications for antivirus, WAF (python-based framework for config-
uring, compiling, and installing applications), host-based firewalls
or disable services or ports.
‰‰ Security for development code: Since the development code re-
sides on a third-party, shared infrastructure, the customers are
wary of security and privacy of the code, which is the prime In-
tellectual Property (IP) for the Independent Software Vendors
(ISVs).

NMIMS Global Access - School for Continuing Education

38  Cloud Computing

n o t e s

2.3.4 LANGUAGE AND PaaS

Select a PaaS provider with the right type of orientation and support
for various software languages that will help to build a flexible and
portable application:
‰‰ Programming-language specific PaaS: These were common in
the early 2000s but are now less in number. They support one
language, be it Java, Ruby on Rails, Python or .NET or any an-
other language. The advantages they provide are the use of lan-
guage-specific tools, customised support, extensive libraries, and
specific code to run computing-intensive tasks in the clouds. It
allows scientists and analysts to access extensive computing re-
quirements they are comfortable with and need from, within a de-
velopment and test environment.

S
‰‰ Language-agnostic providers: They were designed for developers
working with multiple programming languages, databases, and
frameworks. For example, they offer support for various languag-
es, such as Python, Java, .NET, and Ruby, and databases, such as
IM
MS SQL, MySQL, Postgres, and MongoDB. Potential drawbacks
are that you may not find the same degree of language-specific
customisations or libraries to distribute your code to several other
clouds.
‰‰ Hybrid PaaS: It is a cloud service that gives you the freedom to
work with a complex mix of off-premises and on-premises applica-
M

tions and data. They abstract the infrastructure layer and on-prem-
ise resources. For example, if you have a large, on-premise Oracle
database that you do not want to replicate to a public cloud for its
size, security or cost reasons, you can access it from applications
in a hybrid PaaS. However, a potential drawback of hybrid PaaS
N

is the need to set up and manage the hardware abstraction layer,

which requires in-house expertise and management efforts.

The PaaS market is fast maturing with several commercial PaaS pro-
viders. Your selection would depend on your need for a single lan-
guage, mix of stack component and several languages or a PaaS that
would allow you to access in-house data or applications.

self assessment Questions

5. _________ is a cloud service where the customer gets a set

of application and product development tool hosted on the
provider’s infrastructure.
6. A PaaS environment that supports caching for cloud resources
will boost application performance. (True/False)
7. _____ PaaS is a cloud service that gives you the freedom to
work with a complex mix of off-premises and on-premises
applications and data.

NMIMS Global Access - School for Continuing Education

 Cloud Computing Service Models  39

n o t e s

Activity

Enlist some benefits offered by PaaS to application developers.

2.4 SOFTWARE AS A SERVICE (SaaS)

SaaS allows consumers to access and use provider’s applications run-
ning on the cloud infrastructure. The applications can be accessed
from different kinds of client devices using a Web browser. As in the
case of PaaS, the customer does not manage or control the underlying
cloud infrastructure (servers, storage, OS, network) or the application
features. The customer can, however, configure user-specific applica-
tion parameters and settings.

S
SaaS provides several benefits. Users get to use the application over
the Internet without the onus of buying, implementing or managing
the software. Similar to IaaS and PaaS, the fee is charged according to
IM
the usage-basis, whereby customers purchase rights to use some or all
modules as needed. Although SaaS and ASP may seem similar, they
are different in many ways.

Table 2.3 lists the differences between ASP and SaaS:

Table 2.3: Differences between Application

M

Service Provider (ASP) and SaaS

Feature ASP SaaS
Owner- ASP applications are usually Multi-tenant, application
ship single-tenant with client-serv- hosted by the application
N

er architecture hosted by a developer, with regular

third-party with an HTML-
front end to make it easy for
remote use.
Infra- May be a non-virtualised
structure environment with direct
attached storage with server
and storage dedicated to the
application.
Web- Not originally written to be
based Web-based and used over the
Internet; hence, there is per-
formance degradation.
updates directly from the
developer.
Shared, virtualised serv-
ers, network and storage
systems form a resource
pool; server and storage are
shared with other services.
Built to be Web-based and
used over the public Inter-
net.

There are a large number of SaaS providers, such as Microsoft

LiveCRM, Google Apps, Trend Micro, Symantec, and Zoho. In Sep-
tember 2007, SAP launched Business ByDesign – an online version of
ERP service targeted at small and medium-sized businesses who do
not want to invest in a large IT deployment. It enables a preconfigured
suite for managing financials, customer relationships, HR, projects,
procurement and supply chain. About a year later, in October 2008,

NMIMS Global Access - School for Continuing Education

40  Cloud Computing

n o t e s

Infor (based in Alpharetta, Georgia) entered the cloud market with

the launch of a SaaS version of ERP SyteLine, a very unique offering
that allows the user to move seamlessly between on-premises deploy-
ment and public cloud-based SaaS or vice-versa.

In 2007, Microsoft Dynamics entered in the SaaS market by introduc-

ing CRMLive, which is executed at Microsoft datacenters around the
world, along with all the other “Live” products, such as Live Small
Business Office. Software-plus-services for Microsoft Dynamics ERP
is the new capability being offered. It enables the client to implement
the Microsoft Dynamics application as a wholly-owned on-site solu-
tion, or through Microsoft online services, or as a combination. In
2009, Oracle entered in the market by introducing services comprise
of Oracle Sourcing and Oracle Sourcing Optimisation products. In ad-
dition, Oracle also offers CRMOnDemand, a CRM as a SaaS.

S
But SaaS needs cautious thinking and a well-planned deployment.
There must be a tested confidence that organisational data is secure
in the remote site. The issue of confidentiality, integrity, and service
IM
availability has to be addressed by the provider. Authentication to the
application needs to be tightly protected using tested Identity Access
Management (IdAM) applications. Here is a list of questions you need
to ask your SaaS provider:
‰‰ How does the provider make sure that the users who sign up are
not fraudsters and will not start malicious activity?
M

‰‰ How and to what extent is security integrated with the SDLC at

different phases, such as architecture, coding, testing, and deploy-
ment?
‰‰ What are the design and coding standards?
N

‰‰ What Web security standards are being followed?

‰‰ How is customers’ data protected from attacks by other tenants?
‰‰ How is data at-rest and in-motion protected from other application
users in the cloud?

Software as a Service (SaaS), a cloud computing service model, makes

available a software on-demand as a Web-based service. This type of
software service does not require any type of physical installation of
the software at the client’s end, but the service is purchased with a
monthly fee and can be used till the client pay for it. SaaS is available
to its users in two varieties:
‰‰ Vertical SaaS: This type of software service actually targets the
needs of a specific industry, such as software for the healthcare,
agriculture, real estate, or finance industries.
‰‰ Horizontal SaaS: This type of software service focuses on software
categories, such as for marketing purpose, sales, developer tools,
or for HR management.

NMIMS Global Access - School for Continuing Education

 Cloud Computing Service Models  41

n o t e s

Some common characteristics of SaaS applications are as follows:

‰‰ Configuration and customization: SaaS applications are custom-
isable by customers in terms of look and feel and functionality. A
customer can have its own parameter settings for the configura-
tion options. For example, he or she can customize a logo, can use
a set of custom colors, but cannot change the page layout unless
such an option was designed for the change.
‰‰ Frequent updates: SaaS applications are easily and frequently up-
dated than traditional software, in fact in many cases on a weekly
or monthly basis. This is because the application is hosted central-
ly, and updated and executed at the provider’s end.
‰‰ Open integration protocols: SaaS applications offer integration
protocols and application programming interfaces (APIs), which
covers a wider area of network. Generally, these protocols are

S
based on HTTP (Hyper Text Transfer Protocol), REST (Represen-
tational State Transfer) and SOAP (Simple Object Access Proto-
col).
IM
‰‰ Collaborative functionality: SaaS applications are inspired by web
2.0 functionality and the success of online social networks, so that
these applications allow its users to collaborate and share infor-
mation.

self assessment Questions

M

8. In SaaS, users can only get to use the application over the
Internet after buying, implementing or managing the software.
(True/False)
N

9. IdAM stands for:

a. Identify Access Management
b. Identity Access Management
c. Identity Excess Management
d. Identity Access Manager

Activity

Do SaaS providers also exist in India? If yes, find out some of them.

2.5 DATABASE AS A SERVICE (DBaaS)

Database is an essential component of all enterprise applications.
Database services for on-premise applications are configured using
internal, purchased servers and database. Large organisations have
a shared infrastructure for internal teams, where the database may
be a shared service and used for different applications. Thus, several

NMIMS Global Access - School for Continuing Education

42  Cloud Computing

n o t e s

applications can simultaneously access a single database running on

clustered servers and centralised SAN or NAS storage. The applica-
tions are, however, isolated from each other. Organisations can use a
shared database on a private or public cloud. In either case, the data
for each application is explicitly protected by the centralised service
called Database-as-a-Service (DBaaS).

Cloud providers, especially PaaS, offer a database based on commer-

cial products, such as PostgreSQL, MySQL, Oracle or Microsoft
SQL. Nowadays, there are several available database service provid-
ers. Here are a few factors to consider before selecting one for your
requirement:
‰‰ Research: Find the available options and scrutinize the SLA, the
offered services, commitments and support.

S
‰‰ Estimate your needs: Calculate what you will really need. It is ex-
pensive to add resources incrementally in real-time to meet load
spikes.
IM
‰‰ Vendor and community support: Ask the cloud provider for refer-
ences and take time to speak with them. Check if the provider has
a capable team, which is willing to help you with technical issues
on a 24/7 basis. Make sure that the database has support from an
active user community and user forums.
‰‰ API support for databases: Make sure that your provider supports
M

and that you use APIs that will work on other clouds. This lets you
focus on your application without worrying about infrastructure
and compatibility.
‰‰ Price: Cost for cloud databases run from free versions to variable
pay-per-use to fixed monthly fee option. Open-source solutions are
N

inexpensive (and have good community support).

‰‰ Tuned for the cloud: Make sure that the database configuration,
scalability, reliability, and performance are all tuned to work in a
cloud environment where it may be subjected to immense load
spikes and large number of concurrent users.
‰‰ Compatibility with on-premise databases: Vendors offer pub-
lic cloud database that is different from their on-premise edition.
Understand the differences and try to use features that are sup-
ported on-premise to ease your migration to a hybrid cloud when
required.

Sharding a database helps in improving performance. It is a process

of breaking a large database into a number of smaller databases that
are located on one or more servers.

The goal of database profiling is to highlight any predictable issues

that may arise. This helps in avoiding any unpredictable problems
that may come up during implementation or run-time.

NMIMS Global Access - School for Continuing Education

 Cloud Computing Service Models  43

n o t e s

self assessment Questions

10. Large organisations have a shared infrastructure for internal

teams, where the database may be a shared service and used
for different applications. (True/False)
11. _______ a database is a process of breaking a large database
into a number of smaller databases that are located on one or
more servers.

Activity

Enlist the benefits of Tesora Database as a Service (DBaaS).

S
2.6 EVERYTHING AS A SERVICE (XaaS)
XaaS refers to everything as a service or anything as a service. It makes
IM
use of three services IaaS, PaaS and SaaS to facilitate the user under
a single package according to his/her requirements. A most common
and popular example of XaaS service is Desktop as a Service (DaaS).

With the rise of Internet based services, different service providers are
expected to grow in large numbers. As per the demand, the compo-
sition of these providers needs to be changed dynamically. Moreover,
M

a single service of XaaS services is inadequate to meet the demand

of companies. Therefore, these different services are packaged under
one umbrella XaaS for using the XaaS services in a better way along
with better security of data and applications.
N

The three important properties of XaaS service are:

‰‰ Self-service: XaaS services are provided to companies using
self-service portals. A company can process order and configure
the services on its own as per the requirement. There is no need of
specialised IT people for this configuring the services.
‰‰ Only OPEX and No CAPEX: Most services in XaaS requires only
a limited amount of investment or one-time payment. Therefore,
only operational expenditure is involved and no capital expendi-
ture is required.
‰‰ Low cost per unit: The cost per unit calculated in XaaS services
is low in comparison to companies setting their own infrastructure
for services.

The two popular vendors of XaaS are Citrix and CloudFX. Citrix pro-
vides Cloud Portal Business Manager solution and CloudFX provides
CloudConsult, Cloud Select, CloudData &Analytics.

NMIMS Global Access - School for Continuing Education

44  Cloud Computing

n o t e s

self assessment Questions

12. Desktop as a Service (DaaS) is an example of XaaS. (True/

False)
13. In XaaS, only operational expenditure is involved and no
_____ expenditure is required.

Activity

Determine some more examples of XaaS other than DaaS. Also,

enlist the companies that offer XaaS service.

2.7 SPECIALISED CLOUD SERVICES

S
Besides popular cloud services like SaaS, PaaS and IaaS, there are
other specialised cloud services, such as Distributed Computing as a
IM
Service and Parallelism as a Service. Distributed Computing as a Ser-
vice is a method of performing a single, common job by engaging vari-
ous geographically-dispersed resources. It is a Web-based service that
makes it easy and convenient to process massive amounts of data and
perform computing-intensive tasks. The service check for available
resources across the network splits a job to run on different servers
and later collects and assembles the results. It helps reduce process-
M

ing time, improves the performance of the system, allows use of mul-
tiple resources and reduces the cost of computation.

In distributed computing environment, each processor or server has its

own individual memory to perform its task. Information is exchanged
N

by passing messages between the processors. Examples include wire-

less-sensor network, telephone networks, network file systems, dis-
tributed databases, etc. On the other hand, in Parallelism as a Service,
all systems and user processors have access to a shared memory space
to enable efficient inter-process communication. It improves perfor-
mance by eliminating or reducing communication. Examples include
cluster computing and volunteer computing.

Parallelism as a Service enables multiple tasks or actions to be per-

formed simultaneously. A cloud is a convenient platform for Parallel-
ism as a Service, as it made up of various virtual resources that can
do multiple actions or run multiple applications in parallel. In a cloud,
you can leverage its multiple resources to execute and process mul-
tiple tasks simultaneously, without any variation, instability or inter-
ruption in the speed or quality of the service.

self assessment Questions

14. ________ is a method of performing a single, common job by

engaging various geographically-dispersed resources.

NMIMS Global Access - School for Continuing Education

 Cloud Computing Service Models  45

n o t e s

Activity

Search information about special services like DCaaS and CaaS.

Enlist the advantages of using these special services.

2.8 SUMMARY
‰‰ In the cloud, it takes a short time (for example, a few hours) to set
up servers with required storage, OS, database, and development
tools that you want to use.
‰‰ IaaS is a model in which you, as a customer, pay for the resources
(such as computing power, memory, storage, bandwidth, security
devices, load balancers, etc.) kept at the provider’s facility or wher-
ever the provider keeps its hardware.

S
‰‰ PaaS is a cloud service where a client gets a set of applications and
product development tool hosted on the provider’s infrastructure.
‰‰ Developers
IM
on the PaaS platform develop applications on the
cloud platform with the help of APIs, website portals or gateway
software deployed on the cloud servers.
‰‰ SaaS provides the capability to utilise the provider’s applications
executing on a cloud infrastructure.
‰‰ Cloud Backup Services replicate its data to a provider’s datacen-
M

ter and configure servers for use in the event of a disaster.

‰‰ Severalapplications can simultaneously access a single database
running on clustered servers and centralised SAN or NAS storage.
‰‰ Distributed Computing as a Service is a method of performing a
N

single, common job by engaging various geographically-dispersed

resources.

key words

‰‰ Distributed computing as a service: It is a method of perform-

ing a single, common job by engaging various geographical-
ly-dispersed resources.
‰‰ Hybrid PaaS: It is a cloud service that gives you the freedom
to work with a complex mix of off-premises and on-premises
applications and data.
‰‰ Parallelism as a service: It enables multiple tasks or actions to
be performed simultaneously.
‰‰ Sharding: It is a process of breaking a large database into a
number of smaller databases that are located on one or more
servers.

NMIMS Global Access - School for Continuing Education

46  Cloud Computing

n o t e s

‰‰ XaaS: It refers to everything as a service which makes use of

three services IaaS, PaaS and SaaS to facilitate user under a
single package.

2.9 DESCRIPTIVE QUESTIONS

1. What do you understnd by Infrastructure as a service? Explain
with a suitable example.
2. Explain Platform as a service. What are its various features?
3. Discuss the guidelines of selecting a PaaS provider.
4. Describe SaaS along with its features.
5. Explain DBaaS. Enlist the factors that need to be considered

S
while selecting a DBaaS provider.
6. Discuss different types of specialised cloud services.
IM
2.10 ANSWERS AND HINTS

ANSWERS FOR SELF ASSESSMENT QUESTIONS

Topic Q. No. Answers

M

Infrastructure as a Service 1. True

(IaaS)
2. a.  Service Level Agreement
3. Storage networks
N

4. Virtualisation
Platform as a Service 5. PaaS
(PaaS)
6. True
7. Hybrid
Software as a Service 8. False
(SaaS)
9. b. Identity Access Management
Database as a Service 10. True
(DBaaS)
11. Sharding
Everything as a Service 12. True
(XaaS)
13. Capital
Specialised Cloud Services 14. Distributed Computing as a Ser-
vice (DCaaS)

NMIMS Global Access - School for Continuing Education

 Cloud Computing Service Models  47

n o t e s

HINTS FOR DESCRIPTIVE QUESTIONS

1. IaaS is a model in which you, as a customer, pay for the resources
(such as computing power, memory, storage, bandwidth, security
devices, load balancers, etc.) kept at the provider’s facility or
wherever the provider keeps its hardware. Refer to Section
2.2 Infrastructure as a Service (IaaS).
2. PaaS is a cloud service where the customer gets a set of
applications and product development tool hosted on the
provider’s infrastructure. Refer to Section 2.3 Platform as a
Service (PaaS).
3. There are two categories of PaaS providers. The first are large IT
operating system and software vendors, who offer PaaS because
it is a natural extension of what they have traditionally sold. The
second are small, independent vendors for whom PaaS is the

S
sole or key offering. Refer to Section 2.3 Platform as a Service
(PaaS).
4. SaaS is the capability to use the provider’s applications running
IM
on a cloud infrastructure. Refer to Section 2.4 Software as a
Service (SaaS).
5. Database is an essential component for all enterprise applications.
Database services for on-premise applications are configured
using internal, purchased servers and database. Refer to Section
2.5 Database as a Service (DBaaS).
M

6. There are other specialised cloud services, such as Distributed

Computing as a Service and Parallelism as a Service. Refer to
Section 2.7 Specialised Cloud Services.
N

2.11 SUGGESTED READINGS & REFERENCES

SUGGESTED READINGS
‰‰ Salam, A., Gilani, Z., & Haq, S. U. (2015). Deploying and managing
a cloud infrastructure: real world skills for the CompTIA Cloud
certification and beyond. Indianapolis: John Wiley.
‰‰ Technological innovation for cyber-physical systems: 7th ifip wg 5.
(2016). Place of publication not identified: Springer.

E-REFERENCES
‰‰ IaaS, PaaS, SaaS (Explained and Compared). (n.d.). Retrieved
February 27, 2017, from https://apprenda.com/library/paas/iaas-
paas-saas-explained-compared/
‰‰ XaaS - Everything as a service. (2016, December 02). Retrieved
February 27, 2017, from https://networks.nokia.com/services/
xaas-everything-service

NMIMS Global Access - School for Continuing Education

48  Cloud Computing

n o t e s

‰‰ Distributed systems grid and cloud - Essential Guide. (n.d.). Re-

trieved February 27, 2017, from http://www.computerweekly.com/
feature/Distributed-systems-grid-and-cloud-Essential-Guide

S
IM
M
N

NMIMS Global Access - School for Continuing Education

 C h a
3 p t e r

Cloud Deployment Models

CONTENTS

S
3.1 Introduction
3.2 Private Cloud
IM
3.2.1 Components of a Private Cloud
3.2.2 Implementation Phases of a Private Cloud
3.2.3 Hardening a Private Cloud
3.2.4 What is Not a Private Cloud
3.2.5 Use Cases of a Private Cloud
Self Assessment Questions
M

Activity
3.3 Public Cloud
3.3.1 When to Avoid Public Clouds
3.3.2 Cloud APIs
N

Self Assessment Questions

Activity
3.4 Community Cloud
3.4.1 Community versus Public Cloud
Self Assessment Questions
Activity
3.5 Hybrid Clouds
3.5.1 Private versus Hybrid Cloud
Self Assessment Questions
Activity
3.6 Summary
3.7 Descriptive Questions
3.8 Answers and Hints
3.9 Suggested Readings & References

NMIMS Global Access - School for Continuing Education

50  Cloud Computing

Introductory Caselet
n o t e s

Private Cloud for College to Create a Virtual

Computing Lab

North Carolina State University needed to create a Virtual Com-

puting Lab (VCL) so that researchers and students of the univer-
sity could have access to the computers and various lab facilities
from anywhere any time. The university required a private cloud
for creating the VCL because of the integrity, privacy, and other
security concerns regarding the internal operations of the univer-
sity.

In 2004, the university launched its VCL, which was based on

a private IaaS cloud. Researchers and students can now access
computers and other lab facilities without having to visit the uni-

S
versity physically. VCL allows the Information Technology (IT)
staff of the lab to simplify IT-support operations and reduce costs
by consolidating computer labs through the private IaaS cloud. At
present, there are 2000 IBM blade servers, VMware, open-source
IM
KVM software, and storage hardware components in the univer-
sity’s VCL.

The cloud software developed by the university includes three

components, namely, a Web application that combines a Web in-
terface and scheduler, a database, and a management node. The
M

Web interface and scheduler permit computer time and self-provi-

sion services to be reserved by users for themselves. The database
is used to store all kinds of information that users want to save,
and the management node is used for processing and controlling
the operations.
N

The Web interface is used by students to launch a virtual com-

puter on their own systems or devices. They can utilise all the
services they need through the virtual computer. Using the Web
interface, students can also develop and/or test their applications
on virtual servers. In addition, they have the facility to delete, re-
fresh, and reload Virtual Machine Images (VMIs), in case some-
thing goes wrong.

When it comes to the use of the Web interface by researchers, they

use it to provide and manage the physical servers in a cluster. The
cluster of servers helps in offering high-performance computing
services through which the researchers can perform simulations
and analyses rapidly and at large scales.

The management of computer resources has become simple and

less time consuming with the VCL. In addition, VCL also allows
the university to cut infrastructure costs incurred on availing
seats in computer labs and lots of other resources for students
and researchers.

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  51

n o t e s

learning objectives

After studying this chapter, you will be able to:

>> Explain various characteristics of a private cloud
>> Discuss the benefits of using a public cloud
>> Describe the advantages of a community cloud over other
cloud types
>> Elucidate the need of using a hybrid cloud

3.1 INTRODUCTION
In the previous chapter, you have learned about different types of ser-
vices offered in cloud computing. Now, let us move forward and ac-

S
quaint ourselves with the different types of cloud computing models.

Cloud computing is a phenomenon that became popular across indus-

IM
try verticals in a very short span of time. Many Information Technol-
ogy (IT) and business leaders acknowledge the importance of cloud
computing and have either implemented it or plan to do so. With ref-
erences and advertisements now displaying in mainstream media, the
term ‘cloud computing’ is now trending among general masses and
with good reasons.
M

The adoption and use of cloud computing are evolutionary. The initial
goal can be to provide a few services using cloud computing. Later,
when users become more comfortable, more services can be provided
using cloud computing. The advantages of cost, convenience, avail-
ability, and scalability depend on the type of cloud users plan to deploy.
N

This chapter first discusses private cloud, its components, and its use
cases. The chapter next explains public cloud, and finally it discusses
community and hybrid clouds.

3.2 PRIVATE CLOUD

A private cloud is usually located on-premises, is dedicated to, and is
used solely for a single organisation. It may be managed by the organ-
isation itself or a third party. It could be physically located within the
corporate premises or off-premises. The users of a private cloud are
the internal business units or divisions.

A private cloud is built on corporate-owned or leased servers and stor-

age systems that are hosted within an internal or at a space provider’s
data center. However, the owner or the corporation has the responsi-
bility of managing various run-time aspects of the private cloud such
as monitoring, security, load-balancing, backups, on-demand resource
allocation, self-service, application hosting, customer elasticity, meter-
ing, and billing.

NMIMS Global Access - School for Continuing Education

52  Cloud Computing

n o t e s

The end-users are business units within the corporation, who get a
report of the resource utilisation and the associated bill. The following
are the benefits of a private cloud:
‰‰ Allows more control to the organisation
‰‰ Enables virtualisation advantages, such as high availability, power
savings, and dynamic resource scheduling, to meet peak require-
ments and higher resource utilisation
‰‰ Provides convenient pay-per-use billing for internal business units

Private cloud solutions deliver similar benefits as the public cloud.

It includes reduction in the existing cost, business agility, and better
innovation. The main difference is that the organisation maintains full
control over the cloud and is responsible for the cloud. As mentioned
earlier, a private cloud can be located within an organisation’s prem-

S
ise (a data center or a server room) or at a hosting or space provider’s
premises. However, the latter may not satisfy the government or reg-
ulatory requirements. The factors to consider when co-locating the
IM
private cloud at a hosting or space provider’s premises can be in the
form of the following questions:
‰‰ Is the corporate network connected to the space provider’s net-
work over a private or public network?
‰‰ Will the space provider be held responsible if Service Level Agree-
ments (SLA) are not met?
M

‰‰ Who manages the applications and operating systems?

‰‰ Who owns and pays for the maintenance of the underlying hard-
ware? Are other clients of the space provider also sharing the
hardware?
N

‰‰ Who owns and controls the server, network, and security infra-
structure?

Despite the lack of a definition, private clouds are being accepted in

the market. Today, there are several organisations offering private
cloud services in the market such as IBM, Platform Computing Cor-
poration, and VMware. They are currently being tested and cautious-
ly deployed by several organisations around the world. Also, note that
private clouds are not a threat to corporate IT teams, because they do
not replace the internal IT systems.

Although a private cloud does not free you from the onus of procuring
and administering IT resources, there are many reasons why enter-
prises need a private cloud rather than a public one. Some of them are
the following:
‰‰ Need for capabilities not available in a public cloud: You may
have a need for a specific application or vendor product, or you
might need uptime guarantees not offered by public cloud provid-
ers.

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  53

n o t e s

‰‰ Need for tighter security and compliance requirements: Depend-

ing on your business vertical, your business and technical process-
es may need more stringent oversight than is typically maintained
by public cloud providers. These oversights can be with respect to
how and where data is stored, how security is assured, and how
activity is recorded.
‰‰ Need to leverage existing it hardware: If you have invested in a
large IT infrastructure, you might simply want to optimise the use
of those resources rather than having to pay a public cloud provid-
er. Enterprises that have no existing hardware sometimes find it fi-
nancially compelling to buy and use the resources rather than pay-
ing a monthly fee to the cloud provider. This is similar to renting a
home or leasing a car. In the long term, it is more expensive than
buying one (with the caveat that maintaining IT resources and ap-
plications has more operational expenses than a car or home).

S
Private cloud implementations merely supplement the internal hard-
ware. At best, it is a mechanism that provides load-optimised and us-
IM
er-initiated service. When a business unit needs more computing re-
sources, it can easily take more from the internal resource pool. For
example, the accounting department of a company may need more
resources during tax filing, or the online store division of a website
may need more resources to accommodate load spikes before Christ-
mas or Thanksgiving.
M

3.2.1  COMPONENTS OF A PRIVATE CLOUD

A private cloud is attractive, because it allows business units to quickly

access hosted resources and applications. It is able to meet workload
demands in real-time, and its charges are based on actual resources
N

utilised. This helps to avoid the complexities and time associated with
purchase, implementation, and the go-live scenario of a traditional
physical infrastructure. However, a private cloud implementation also
includes the challenges of integrating components of complex hard-
ware and software obtained from several vendors. Unless properly
planned, a private cloud can be expensive and difficult to implement
and manage, thus, minimising the original goals.

As a first step, it is important to understand the key components with-

in a cloud. A successful architecture and deployment forms the ba-
sis for growth for years to come. The key expectations of a cloud are
on-demand resources from a virtualised pool, self-service for clients,
high performance and pay-per-use billing.

To provide these features, the building blocks required for a private

cloud are the following:
‰‰ Support for heterogeneous systems: The cloud should support a
wide range of products and vendors such as open systems, com-
modity hardware, the latest hardware, software, and virtualisation

NMIMS Global Access - School for Continuing Education

54  Cloud Computing

n o t e s

solutions, existing infrastructure in a data center, and proprietary

IT resources that an organisation may have. The cloud manage-
ment product you select must support all leading Original Equip-
ment Manufacturers (OEM) and their products. This is required to
meet future growth and gives you the flexibility needed to install
new products and applications as cloud resources.
‰‰ Virtualisation: This is the foundation of any cloud. A hypervisor
is used to group the resources (CPU, storage, network ports, mem-
ory) of all the servers, storage, and other devices into a common
pool. A hypervisor can be software, hardware, or firmware that is
used to create and run virtual machines. The hardware resources,
including the identity and number of individual physical servers,
are virtualised to form a pool of Virtual Machines (VM). These VMs
can take more or fewer resources on-demand from the pool with
rapid elasticity. Note that organisations have been using virtualisa-

S
tion since the days of mainframes in the 1970s and 1980s. Howev-
er, VMs in a cloud offer more convenience, options, features, and
control to the end-users to match workloads and their application
IM
needs than what was possible during the mainframe era.
‰‰ Service catalog: A cloud service catalog is a menu of applications
or resources that customers can choose from. It helps to stan-
dardise the offerings, so that meeting each user requirement does
not become an expensive, time-consuming, one-off project for the
cloud administrator or the user.
M

‰‰ Self-service portal: Associated with the service catalog is a

self-service portal that offers an intuitive, easy-to-use interface
for customers to select and start using services from within the
offered set. Other information available in the portal are related
N

to metering rules, uptime guarantees, and billing procedures. The

offered services and resources should be easy for the end-users
to configure and manage. Within the self-service portal, the users
must be able to perform the following:
 Create and manage their own virtual data center
 Manage their own virtual servers and storage systems
 Modify OS images, and create and launch OS templates to
have their services up and running quickly
 Operate a single-pane view with respect to all resources, vir-
tual machine images, templates, service offerings, and cloud
users

In addition, developers and third-party vendors in a private cloud must

have the ability to use Application Programming Interfaces (APIs) to
customise the portal offerings, as listed in the following points:
‰‰ Resource and workload manager: The cloud must have a resource
manager that allows it to easily meet varying workloads, maintain
service availability by moving applications to healthy hardware in

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  55

n o t e s

the event of failure of servers, and network links or other resourc-

es. This enables the cloud to be truly on-demand, elastic, efficient,
and always available. It also helps the cloud to meet application
priorities and SLAs, even as the users and workload systems hit
demands.
‰‰ Metering software and pay-per-use billing: The cloud must have
metering software to track utilisation of licenses, applications,
bandwidth, and hardware resources. This is used periodically, for
example, at the end of each month, to create a bill for each custom-
er. The user must be able to view his utilisation and projected bill
in real time. The metering software must offer transparent visibili-
ty and strong reporting capabilities to ensure compliance, security,
and accurate billing.

After you have calculated the requirements and components, you can

S
plan the deployment phases of your internal cloud.

3.2.2 IMPLEMENTATION PHASES OF A PRIVATE CLOUD

IM
According to Gartner, a private cloud is one of the topmost interest
areas among all cloud computing areas. 75% of people in Gartner polls
accepted that they are planning to move on private cloud testing and
adoption by 2014. There are several phases involved in deployment of
a private cloud, as shown in Figure 3.1:
M

Phase 1
Document Expectations Requirements of
Private Cloud

Phase 2
N

Virtualisation of Physical IT Infrastructure

into a logical resource pool

Phase 3

Self-Service Portal Implementation

Phase 4

Automated Provisioning

Phase 5

Accounting for Resource Utilisation

Phase 6

Online Billing

Figure 3.1: Phases in a Private Cloud Deployment and Go-live

NMIMS Global Access - School for Continuing Education

56  Cloud Computing

n o t e s

Let us discuss these phases in brief through the following points:

‰‰ Phase 1 - Document business requirements: In this phase, it is
important to work with all the internal, external, and interested
stakeholders to understand their needs from the private cloud.
Study the existing IT configuration, services, and processes to see
if the need is to move the existing service to the private cloud or
deploy new services. Note the impact on existing users and wheth-
er any part of the user or IT support staff needs training.
‰‰ Phase 2 - Virtualise the IT infrastructure: In this phase,
it is important that servers, networks, and storage sys-
tems need to be virtualised to form a centralised resource
pool, available for any user or application. Common virtu-
alisation products are available from Microsoft, VMware,
and Citrix.

S
‰‰ Phase 3 - Implement a self-service-portal: In this phase, the por-
tal helps users to find a list of standard offerings within the private
cloud. It should be an easy-to-use interface with a list of your offer-
IM
ings, prices, online ordering, and billing. It should have details on
pricing options and SLAs for the hosted services.
‰‰ Phase 4 - Automated provisioning: This is a continuing exercise.
You can start by automating a few services and offerings, adding
more later. You can initially offer one or two services and offer
more after the user is comfortable. As much as possible, the user’s
M

needs should be offered automatically from the catalog.

‰‰ Phase 5 - Accounting for resource utilisation: The completion
of this phase ensures that you have a system to automatically re-
cord the utilisation of cloud resources such as CPU, memory, band-
N

width, licenses, storage, etc.

‰‰ Phase 6 - Online billing: In this phase, the providers should con-
vert the consumption to a bill. However, providers should explain
each line item in the bill. Also, providers should offer real-time re-
source utilisation, so that users are aware of the consumption and
expenses without waiting till the end of the billing cycle (typically
a month).

In many organisations, pilots, tests, and production implementations

are in-progress. The prime motivation is to evaluate and take advan-
tage of the virtualisation-based benefits within a private cloud.

3.2.3 HARDENING A PRIVATE CLOUD

The key reason stated by users for preferring a private cloud over a
public cloud is security or the need for compliance with regulations
that require data to be kept within the corporate premises. However,
security is not a crucial part in the private cloud checklist, especially

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  57

n o t e s

for those organisations that are not subjected to regulatory compli-

ances such as Payment Card Industry Data Security Standard (PCI
DSS), HIPAA, or Federal Information Security Management Act (FIS-
MA). The following are a few guidelines to enforce data privacy and
security within private clouds:
‰‰ Risk assessment: To assess the risks in adopting a private cloud a
provider should:
 Identify the tolerable or intolerable risks in the business
 List all compliance requirements
 Define in detail all required security initiatives and risk man-
agement policies that must be implemented
‰‰ Data classification: All cloud data does not require the same level
of security. Data could be classified as being:

S
 Public

 Confidential
IM
 Private

A dataset can belong to one or two classes. For example, payroll

data is private and confidential to an organisation, so that only se-
nior Human Resource (HR) and senior management have access
to it.
‰‰ Data ownership: The security ownership should be documented
M

for each dataset. A contact should be identified to be in charge of

and answerable for issues such as data integrity, security, and ser-
vice availability. Ambiguity should be avoided. The owner’s role
should be clear and he/she should have the rights to decide the
N

data classification and disapprove or approve requests for data ac-

cess or changes.
‰‰ Data auditing and monitoring: The private cloud data must be
closely monitored using well-tested procedures such as the Secu-
rity Incident and Event Monitoring (SIEM) system that tracks and
records logins, access, data utilisation, configuration changes, user
activities, etc. This log data can be used to proactively predict im-
minent issues and reactively reconstruct events that led to breach.
‰‰ Reaction plan for remediating breaches: For a private cloud, sim-
ilar to other IT infrastructure, a procedure needs to be setup to
swiftly remediate security breaches and prevent such recurrenc-
es. The stronger the remediation and controls applied within the
cloud, the less is the possibility of security breach.

A security implementation needs to be detailed and disciplined and

must have all the above components.

NMIMS Global Access - School for Continuing Education

58  Cloud Computing

n o t e s

3.2.4  WHAT IS NOT A PRIVATE CLOUD

Although private clouds are our new-era solution for all IT problems,
there are several factors that they do not include. They are the follow-
ing:
1. Private cloud is not just virtualisation: As described earlier,
virtualisation is a building block for private clouds. These
include:
 Hardware abstraction for server, network, and storage
 OS abstraction for grid computing and horizontal scaling
 Middleware and application virtualisation
Besides self-service portal, scalability, and multi-tenancy are key
components.

S
2. Private cloud is about increased expenses: A private cloud
can improve resource utilisation by judiciously distributing
virtualised resources to workloads that need more of those.
IM However, it requires significant upfront expenses for hardware,
software, cloud software, and for the ongoing management.
3. Private cloud is not always on-premise: A private cloud is not
about location, management, or ownership responsibility. While
most private clouds are on-premise, a growing percentage is
hosted at a data center provider’s premises. Such private clouds
M

can share hardware resources with another customer but can

become isolated by a customer Virtual Private Network (VPN).
4. Private cloud will not remain private: With the progress of time,
public clouds will become more trusted, secure, and compliant. It
will then be easier for organisations to reach out to public clouds
N

for resources, especially to meet peak user loads. Services on a

private cloud will be extended to public clouds to make hybrid
clouds.
5. Private cloud is not just hardware provisioning: Nowadays,
private clouds are about hardware resource sharing and
management. However, a private cloud could be used for PaaS
with regards to development and test services or for a certain
SaaS application.

Eventually, a private cloud-based service can transition to hybrid or a

pure public cloud. In any case, corporate IT teams can retain owner-
ship of the end user and self-service portal to access private or public
clouds. This way, they will be a part of the future “hybrid IT” vision.

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  59

n o t e s

Exhibit

Features of Private Cloud compared with Public Cloud

According to the Forrester Research survey in 2013, about 70%

of what IT administrators claim to be private clouds, are not so
in reality. This is called cloud-washing and it leads to confusion,
raised expectations, and disappointments for end-users. There is
a difference between a highly-automated, efficient, and virtualised
platform and a private cloud. If you do not have the five cloud char-
acteristics listed by the National Institute of Standards and Tech-
nology (NIST), your users will notice the missing features com-
pared to public clouds. The five features are the following:
‰‰ On-demand self-service for users

S
‰‰ Broad network access
‰‰ Shared resource pool
‰‰ Ability to elastically scale resources
IM
‰‰ Metered services and resource utilisation

3.2.5 USE CASES OF A PRIVATE CLOUD

Private clouds can be used in several ways. The following are a few
M

use cases:
‰‰ Marketing teams: When marketing teams need to launch a new
marketing campaign, they need a few servers such as a Web server,
a collaboration server, a content management server, and a Cus-
N

tomer Relationship Management (CRM) application server. These

can be easily deployed through a private cloud.
‰‰ Application development: A private cloud can be used to form a
dedicated development environment to support a new application
project. The environment can comprise a Web server, database
server, development server, staging server, testing server, and ver-
sion control server.
‰‰ Workgroup applications: A private cloud can be used to host
workgroup applications such as collaboration, e-mails, instant
messaging, blog servers, etc.
‰‰ Enterprise applications: A private cloud can be used for CRM,
HR, or Enterprise Resource Planning (ERP) applications.
‰‰ Engineering applications: A private cloud can be used for engi-
neering applications such as finite element analysis, batch pro-
cessing, and compute-intensive applications. The availability of
a large pool of server resources makes it ideal for off-hour batch
jobs.

NMIMS Global Access - School for Continuing Education

60  Cloud Computing

n o t e s

Although private clouds have all these benefits, they attract criticism.
This is because the organisation has to buy, build, and manage the in-
frastructure. The capital expenses to procure non-IT components for
the data center and IT hardware and software are often prohibitive,
especially for Small and Medium Enterprises (SMEs).

The organisations that operate on private clouds have to pay the An-
nual Maintenance Contracts (AMCs) to the manufacturers. With a pri-
vate cloud, there is less opportunity to enjoy the economies of scale
and cost savings offered by a large, highly-automated public cloud
provider. There are several providers of private cloud software. They
are the following:
‰‰ Eucalyptus (http://www.eucalyptus.com/): Offers the product Eu-
calyptus Enterprise Edition, which allows you to build and man-
age a private cloud.

S
‰‰ VMware: Offers the product, vCloud Director, that is built
on the well-tested, industry leading vSphere and is com-
patible with several applications. It uses the Open Virtual-
IM
isation Format (OVF) standard, which is a platform-inde-
pendent, efficient, extensible, and open packaging format
for VMs.
‰‰ IBM: Offers a well-tested product, IBM CloudBurst, which allows
providers to create service platforms that are integrated, flexible,
and optimised for production use.
M

‰‰ BMC: Offers the product, BSM for Cloud Computing, works with
VMware, Microsoft, and Citrix, and helps you build a private or
hybrid cloud. It enables secure multi-tenancy in the cloud environ-
ment through an integrated network container provisioning and
N

management.

self assessment Questions

1. A private cloud is built on corporate-owned or leased servers

and storage systems that are hosted within an internal or at a
space provider’s data center. (True/False)
2. The hardware resources, including the identity and number
of individual physical servers are virtualised to form a pool of
_________.
3. OVF stands for
a. Open Virtualised Format b. Open Virtualisation Farm
c. Open Virtual Format d. Open Virtualisation Format

Activity

Search information about some popular private cloud provider.

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  61

n o t e s

3.3 PUBLIC CLOUD

A public cloud is an infrastructure that is owned and managed by an
organisation selling cloud services and is made available to the gen-
eral public. The physical and IT infrastructure and applications exist
at the provider’s location. Public clouds are attractive to organisations
that do not want to build or manage their own data centers, server
rooms, IT infrastructure, or applications and providers, and do not
want to spend capital on recurring operating expenses. According to
document, SP800-145, from NIST, “A public cloud infrastructure is pro-
visioned for open use by the general public, which may be owned, man-
aged, and operated by a commercial business, academic or government
organisation, or some combination of them and exists on the premises of
the cloud provider.”

S
Figure 3.2 depicts the public clouds used within an organisation by
individual devices:
IM
Amazon
Zoho AWS
M

Vmware
vCloud Saleforce
Express
GoGrid
Google
N

Users in an AppEngine
Organization

Figure 3.2: Public Clouds Used Within Organisations by Individual

Devices

The palpable excitement, popularity, and optimistic forecasts of pub-

lic clouds are based on their numerous benefits, which include the
following:
‰‰ Resources on a public cloud are offered for free or on a pay-per-
use model as a self-service feature.
‰‰ Resources are resident at a service provider’s data center and ac-
cessed by users over the Internet.
‰‰ No capital expenses are required to procure non-IT components
for the server room or data center such as generator sets, UPS,
air-conditioners, racks, cabling, etc.

NMIMS Global Access - School for Continuing Education

62  Cloud Computing

n o t e s

‰‰ No capital expenses are required for applications or underlying IT

hardware such as servers, storage, network, or security devices.
‰‰ No annual maintenance is required for applications or equipment.

‰‰ Reduced costs of IT support staff, backups, DR, patching, and se-

curity updates, are all taken care of by the provider.
‰‰ Self-service features and on-demand allocation of compute re-
sources help customers quickly deploy an IT environment or ser-
vices as per their business needs.
‰‰ Dynamic resources allocation of resources is deployed to meet
user or load spikes.
‰‰ Pay-per use model is adopted, where the user bill is proportion-
al to the utilisation. The cost is low, because the infrastructure is
shared by several customers around the world.

S
‰‰ It provides easy, Web-based, anytime-anywhere access to services
and improved employee productivity.
IM
‰‰ Energy savings as sharing and higher utilisation percentage lead
to lower power and cooling requirements (when compared to each
customer having its own dedicated server rooms).

Figure 3.3 shows an example of the infrastructure within a public

cloud:
M

Example Public Cloud Infrastructure

Private Cloud Routers

VPN to Public Cloud

N

Load
Balancers

Firewalls
LAN
Switches

Servers (Web, DB, Storage Tape

Application, etc.) Library

Figure 3.3: Example of Schematic Layout within a Public Cloud

As you can see in Figure 3.3, a public cloud is similar to a well-protect-

ed and highly-available enterprise network. However, the number of
servers, storage, network, and security devices are more than most
enterprises own. There are several commercially successful public
clouds, as shown in Figure 3.4:

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  63

n o t e s

IaaS

PaaS

S
IM
SaaS
M

Figure 3.4: List of Popular IaaS, PaaS, and SaaS Providers

To be successful, a public cloud must perform the following:

N

‰‰ Provide a robust, multi-tenant architecture with the highest possi-

ble levels of security for network, applications, and physical access
‰‰ Provide users with high-performance consistently, at all times
‰‰ Be highly scalable and capable of supporting hundreds of thou-
sands of users from any country with the ability to quickly add
systems and storage to meet growing demands
‰‰ Configure high-availability at each layer and aim to provide up to
five-9s (99.999%) uptime for its services
‰‰ Provide transparent, daily, and detailed data on transaction per-
formance, average page response times, service availability, and
scheduled maintenance activities
‰‰ Provide a simple portal for users to select services and get a history
of resource utilisation and associated cost
‰‰ Provide customer support that quickly responds to each custom-
er’s needs with all relevant and accurate data
‰‰ Protect customer data using secure and encrypted backups

NMIMS Global Access - School for Continuing Education

64  Cloud Computing

n o t e s

‰‰ Provide archiving and replication facility to geographically-dis-

persed data centers with instant failover capabilities (they must
have a multi-level disk-to-disk-to-tape backup strategy, where the
copy on tape serves as a secondary backup level)
‰‰ Provide facilities with reliable power sources and cooling and net-
work infrastructure with N+1 redundancy

3.3.1  WHEN TO AVOID PUBLIC CLOUDS

Despite all these advantages, users may not want to put sensitive and
highly-confidential data on a public cloud, until they have tested and
are sure of the security features implemented by the cloud provider.
Another concern users might have is compliance. Government regu-
lations and agreements with clients may impose a set of requirements
that are not met by the public cloud infrastructure. These requirements

S
include Payment Card Industry Data Security Standards (PCI DSS,
https://www.pcisecuritystandards.org/security_standards/pci_dss.sht-
ml), the Sarbanes-Oxley Act (http://www.soxlaw.com/), etc. There are
IM
various risks associated with public cloud. There could be several situ-
ations where you cannot use a public cloud, such as the following:
‰‰ Lack of interoperability: Each cloud provider has a set of propri-
etary technologies. This is due to a lack of standards commonly
adopted by providers. If you have two applications or databases
that communicate with each other, you cannot put one in the cloud
M

and the other in-house. Technically it is possible, but you will face
latency, user access, and security issues.
‰‰ Portability problems: If you need to move from one provider to
another, it is better to stay in-house. Switching between providers
N

is onerous, complex, and expensive. As of now, standards are yet

to be established and implemented by providers.
‰‰ Issues with shared infrastructure: The key component of private
and public clouds is hypervisor-based hardware virtualisation
(CPUs, memory, network ports, etc.), which in turn are shared by
several tenants or users. The resources are not physically isolated
but are separated by software. This logical separation is prone to
programming flaws, vulnerabilities, and cyber threats. For exam-
ple, there have been cases, where a user on a guest virtual ma-
chine was able to break out and attack the underlying host system.
Getting an account on a public cloud is quick and easy, and the
entry fees is also low. Most providers offer free services for a limit-
ed period or forever for low-end users. Spammers, malicious code
developers, and online criminals find the shared, multi-tenant
environment a convenient platform for denial-of-service attacks,
password cracking, botnet command, and control viruses. A grav-
er threat exists from corporate insiders, because they have easier
access to confidential data in the cloud. The harm they can cause
to cloud data is greater than if the data is resident internally. IT

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  65

n o t e s

managers need to be cautious about threats stemming from within

their enterprise. Another serious threat, over which tenants have
almost no control, is from employees who work for the cloud ser-
vice provider.
‰‰ Cost:The cost with internal applications is expensive for the pur-
chase and maintenance of hardware and applications plus the cost
of administrative staff. The cost of cloud is as per your use of the
provider’s compute power, storage, applications, and bandwidth,
which are less expensive in most cases.
If you stream video-traffic from the cloud to thousands of users,
your bandwidth costs will spike sharply.
‰‰ Issues with compliance: Organisations must meet regulatory re-
quirements applicable to their industry vertical. Compliance and
auditing require transparency of the underlying IT infrastructure

S
and processes. This is inherently at odds with a public cloud, which
is supposed to be a ‘black box’ of IT resources accessible through
APIs offered by the cloud provider.
IM
‰‰ Geo-political concerns: Some industry regulations require that
data should be resident within the geographical boundaries of the
country. In such a case, a cloud user in Canada, for example, can-
not put his/her data on a service provider’s data center that has no
presence in Canada.
‰‰ Unsafe APIs and interfaces: The cloud provider gives a set of APIs
M

for customers to efficiently manage their cloud resources. These

are available to all the users, but vulnerabilities in the code can be
used to gain unauthorised access to resources belonging to other
cloud tenants. Customers and third parties can then build applica-
N

tions on top of the unsafe APIs, further exacerbating security.

‰‰ Clear-text messaging: Passwords and content transmitted in clear
text by some cloud providers offer a convenient way to attackers to
gain access to accounts and sensitive data.
‰‰ Possibility of data loss: There are several ways to lose cloud data.
Corrupted metadata and the ability of others to gain unauthorised
access can cause data loss. Key-based encryption is common and
necessary. However, if the keys are inadvertently lost, the fallout is
similar to losing the cloud data.
‰‰ Service or account hijacking: This has traditionally been a com-
mon risk, and it has a greater probability of occurring in the cloud.
The attackers can use phishing and code vulnerabilities to steal
user credentials, intercept passwords, and eavesdrop on activities.
They can use the stolen accounts to launch attacks, change data,
and redirect incoming requests to other sites.
‰‰ Latency: Some users may lower the encryption levels, because
encryption slows the response time. Users need to classify data
into sets (based on criticality and privacy) and specify compulsory

NMIMS Global Access - School for Continuing Education

66  Cloud Computing

n o t e s

encryption levels for each set. In addition, there would be a laten-

cy compared to using applications hosted within the enterprise,
because the access is over the Wide Area Network (WAN) and the
Internet.

Note that all the above risks are common within traditional and inter-
nal networks as well, however, their resolution and control are more
crucial within a shared cloud. Some of the risks mentioned above can
be addressed by tightening network and host and application securi-
ty. However, the other risks, such as lost encryption keys, corrupted
backups, and weak passwords, can be mitigated if cloud users adopt
and maintain higher security practices than they would for internally
hosted infrastructure or applications. When migrating from internal-
ly-hosted applications to an external cloud, users must plan to transi-
tion one application at a time to a public cloud. This allows users and

S
providers to assess the security in the provider’s infrastructure.

Data on public clouds can be secured. However, it requires implement-

ing tight and relevant controls, using widely-adopted practices such as
IM
IT Infrastructure Library (ITIL) and Authentication, Authorisation and
Accounting (AAA). Several measures have to be adopted by the client
to track configuration changes, probe for vulnerabilities, detect com-
promises in security, and ensure that standards are being adhered to.

3.3.2  CLOUD APIs

M

Public cloud providers offer a set of Application Programming Inter-

faces (APIs) for customers. APIs allow you to get information about
the applications, services, and underlying platform. They provide an
interface to enable you to build solutions. They expose the interface
N

as Representational State Transfer (REST) or Simple Object Access

Protocol (SOAP). REST is a software architecture style used to man-
age the interaction between Web servers, clients, proxies, and gate-
ways. SOAP is an XML-based protocol for exchanging information
using Remote Procedure Call (RPC) and Hypertext Transfer Protocol
(HTTP) between web servers and clients. Based on portability, there
are the following two types of cloud APIs:
‰‰ Cloud provider APIs: These provide an abstraction to the cloud
provider’s infrastructure. They give you more control over the
cloud resources assigned to you. They support HTTP and HTTP
Secure (HTTPS) based protocols. They usually have an ID or Au-
thentication Key to reject an attempt to execute non-supported
APIs and thus enhance security.
‰‰ Cross platform cloud APIs: These APIs provide a higher level of
abstraction in comparison to cloud provider APIs. They abstract
the details of various cloud providers and enable access to, and
leveraging of, resources from various cloud providers. An appli-
cation developer using these APIs can get a successful response
regardless of the back-end cloud provider.

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  67

n o t e s

There are several organisations, such as Simple Cloud API from

Zend Technologies (http://www.zend.com/) and Cloud Comput-
ing Interoperability Forum (CCIF at http://www.cloudforum.org/),
which are trying to bring uniformity and some degree of standard-
isation between the APIs from different providers. In Septem-
ber 2009, Zend, IBM, Microsoft, and Rackspace launched the first
version of Simple API for Cloud Application Services to facilitate
development of cloud applications that can be used on all major
public clouds.

Based on the information you need, the following three API categories
exist:
‰‰ Infrastructure cloud APIs: These provide a way to manage VM
images and infrastructure details. They can be used, for example,
to create, upload, reboot, copy, or delete virtual machines. They are

S
also used to configure attributes of the architecture, change CPU
or memory allocation, set up network parameters, or modify stor-
age settings. These APIs are used to develop programs to automate
IM
the interaction between infrastructure resources, for example, be-
tween VMs and memory or between storage units and network
ports They are commonly used by systems, storage, or network ad-
ministrators who work for the customer, and they are also used by
cloud providers to deploy and maintain the cloud infrastructure.
‰‰ Platform cloud APIs: These provide an interface into specific ap-
M

plication capabilities such as Web portals, storage, databases, and

messaging. These APIs are used to program in various languages
such as C#, Java, or Python. They also include mechanisms to de-
velop cloud-specific or traditional packages, which are commonly
used to develop, test, package, deploy, and maintain programs.
N

‰‰ Application cloud APIs: These provide an interface to connect to

and extend cloud applications. These APIs can be service-specif-
ic (customised to a provider) or service-neutral (compatible with
multiple cloud providers). Each API is relevant to a particular ap-
plication or service such as cloud storage service, database service,
or messaging.

There are four levels of APIs that can be used by a developer, men-
tioned as follows:
‰‰ Wire-level APIs: These allow a developer to write directly to the
wire format of the service request. Most services are REST or
SOAP-based. REST-based services are relatively straight forward,
and, hence, the APIs enable development of efficient code. The
developer creates the required HTTP headers and payload for the
request. In response to the HTTP connection, the REST-based ser-
vice returns a response code. For SOAP-based services, the devel-
oper creates the proper SOAP envelope, SOAP headers, and data
payload. The service responds with a SOAP envelope containing
the results of the request.

NMIMS Global Access - School for Continuing Education

68  Cloud Computing

n o t e s

‰‰ Language-specific APIs: These allow developers a higher level of

control over REST or SOAP requests. Several low-level details,
such as calculating signatures and managing response codes, are
taken care of by the API.
‰‰ Service-specific APIs: These enable a higher level of interaction,
where a developer can focus on business objects and processes. It im-
proves productivity, because the developer, instead of worrying about
wire-level protocol, can concentrate on organisational processes and
related data.
‰‰ Service-neutral APIs: Service-neutral APIs are the highest level
of APIs. The developer uses a common interface compatible with
several cloud providers. The program works on multiple cloud
platforms with a few or no modifications.

S
Although the developer focuses on business processes and objects, as
in the case of service-specific APIs, he or she does not have to consid-
er where the program will be used. These levels require the developer
to concentrate on different tasks and data structures.
IM
self assessment Questions

4. SOAP is an XML-based protocol for exchanging information

using Remote Procedure Call (RPC) and Hypertext Transfer
Protocol (HTTP) between Web servers and clients. (True/False)
M

5. Some users may lower the encryption levels, because

encryption _______ the response time.
6. _____ is a software architecture style used to manage the
interaction between Web servers, clients, proxies, and
N

gateways.

Activity

Enlist the differences between private and public cloud.

3.4 COMMUNITY CLOUD

A community cloud is an infrastructure used by a specific community
of users or organisations. They are either working on a common proj-
ect or have a set of requirements such as security or compliance. The
NIST, in its document number SP800-145, defines a community cloud
as “a cloud infrastructure provisioned for exclusive use by a specific
community of consumers from organisations that have shared concerns
(for example, mission, security requirements, policy, and compliance
considerations). It may be owned, managed, and operated by one or more
of the organisations in the community, a third party, or a combination of
some of them, and it may exist on or off premises.”

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  69

n o t e s

A community cloud may contain the following features:

‰‰ Like a private cloud, it may be managed by the users or by a third
party.
‰‰ Itmay be located within the premises of a user organisation or at
a hosting or space provider’s site.
‰‰ Itis more expensive than a public cloud, because the infrastruc-
ture and cost are shared by a few users or organisations.
‰‰ Itoffers a higher level of compliance, security, and privacy to the
user group.
‰‰ Its service is created around a specific group of contextual restric-
tions for the purpose of supporting a particular user base. Those
contextual restrictions are most often related to physical and log-
ical security needs, compliance validation, audit needs, and certi-

S
fication.

Some fields that are greatly impacted by the community cloud strat-
egy are:
IM
‰‰ Healthcare
‰‰ The federal government
‰‰ Financial services
‰‰ Interaction-heavy use cases
M

3.4.1  COMMUNITY VERSUS PUBLIC CLOUD

There are differences between public and community clouds. Any user
can sign up and start using a public cloud. The services are paid for
N

whatever is used. Table 3.1 shows the key differences between the two:

Table 3.1: Public and Community Clouds

Feature Public Cloud Community Cloud
User Anyone who signs Users within a particular industry
up can use a public segment or group are eligible to use
cloud. it. Users from organisations with
common objectives, specific security
policies, and compliance factors, opt
for community cloud services.
Payment It uses a pay-per-use It is more expensive, and the site is
model, which is usual- customised for use by an industry
ly less expensive. group or community.
Security It is less secure. Security is tighter as only a few users
can have accounts, and users are
screened.
Compli- Compliance to regu- Compliance is targeted to an indus-
ance lations is not targeted try vertical.
for an industry.

NMIMS Global Access - School for Continuing Education

70  Cloud Computing

n o t e s

Feature Public Cloud Community Cloud

Provider The provider is usu- The provider is usually known to the
Presence ally away from the consumer.
consumer and often in
a different country.

Exhibit

Weather Forecasting using a Public Cloud

Weather forecasting requires massive computations. It is similar
to CAE and FEA-mechanical computations for stress or thermal
analysis but is more compute-intensive. Numerical Weather Pre-
diction (NWP) models use real-time weather conditions sourced
from satellites and weather stations as input for their mathematical

S
models to predict the weather. The underlying idea of NWP is to
take a sample of the atmospheric thermal and fluid state at a given
instant and use thermo-dynamics and fluid dynamics to estimate
their state at some time in the future. NWP algorithms produce an
IM
enormous number of datasets, which require hours or days of high-
ly-intensive mathematical analysis to arrive at near and long-term
predictions of weather.
Weather forecasting institutions can use public clouds. The elas-
ticity and the pay-for-what-you-use model provide more benefits
to them than to commercial organisations such as banks, Indepen-
M

dent Software Vendors (ISV), etc. The two key requirements for
them are:
‰‰ Need for large compute resources: They require the availabil-
ity of hundreds to thousands of high-memory, high-CPU VMs.
N

‰‰ Need for high bandwidth: Theoretically, they need Infini-

Band-enabled public clouds. Several high-performance solu-
tions and connectivity providers have products that enable up
to 40 Gbps of fabric speed. For example, Mellanox Technologies
(based in Sunnyvale, California) provides switches and gate-
ways to enable 40 Gbps throughput, one micro-second appli-
cation latency, and an efficient Remote Direct Memory Access
(RDMA) between servers and storage systems. The RDMA is
used to enhance the performance of servers by off-loading com-
putations from the server CPU or the OS to the hardware switch
or gateway. Products by Mellanox Technologies can integrate
with a public cloud with fast GbE bandwidth and throughput
of more than 10 Gbps. They can use cloud-based storage and
extra-large VMs with high CPU and memory.
The customer had an option to use the cloud service provider’s da-
tabase-as-a-service, but it opted to use its own relational database,
running on VMs with attached persistent storage.

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  71

n o t e s

self assessment Questions

7. A ____ cloud is an infrastructure used by a specific group of

users or organisations.
8. A community cloud cannot be managed by a third party. (True/
False)
9. A community cloud may be more ______ than a public cloud,
because the infrastructure and cost are shared by a few users
or organisations.

Activity

Search information about online community software.

S
3.5 HYBRID CLOUDS
IM
A hybrid cloud comprises two or more clouds, private, community,
and public. Each cloud retains its features but can share data, if re-
quired. Several organisations choose to use a hybrid cloud, consisting
of a set of private and public clouds, as shown in Figure 3.5. The pri-
vate cloud is used for applications and data that require a high degree
of compliance and security such as enterprise HR, CRM, financial,
M

and payroll-related applications. The public cloud is used for less-sen-

sitive data and provides benefits such as scalability, pay-per-use bill-
ing, and lower expenses. Ideal use of the public cloud is for backups,
e-mails, disaster recovery, and storage of data that need not be shared
with remote employees or partners.
N

If an organisation chooses the private cloud for a primary application

deployment, then the capacity planning and modeling are required
for long-term sustainability and customer satisfaction. An approach
adopted by many forward thinking organisations is to manage the
rise in demand by architecting private clouds to rapidly capture the
increased computing resources from contracted service providers by
bursting into the public cloud. Generally, cloud bursting is woven into
an organisation’s technical operations as a temporary approach pri-
marily restricted to non-critical applications that are used to manage
less sensitive information.

Cloud bursting ultimately enables an organisation to minimise risks

associated with peak load performance or service degradation while
providing a seamless expansion that frees up internal hardware re-
sources to provide infrastructure for mission-critical applications.

In future, hybrid clouds will become more important, because they

provide the security and privacy benefits of a private cloud and the
cost-savings and on-demand provisioning of a public cloud. In time

NMIMS Global Access - School for Continuing Education

72  Cloud Computing

n o t e s

of peak load, an application on a private cloud can be temporarily ex-

tended to use public cloud resources. However, there are some issues,
where API compatibility becomes critical.

The OS images used internally (on hypervisors such as Xen, Hyper-V,

KVM, vSphere) need to be compatible with the public OS images
such as Amazon Machine Images (AMIs). Eucalyptus (http://www.eu-
calyptus.com/) provides compatibility of its private cloud images with
Amazon AWS.

A few public cloud providers, such as Terremark and Savvis, have de-
ployed WMwarevCloud Express (from VMware) in their data centers,
enabling organisations using VMware’s hypervisor to easily extend
internal private clouds to their data centers.

Figure 3.5 shows a hybrid cloud. The private cloud can extend to use

S
parts of a public cloud, either temporarily during times of peak load or
permanently for certain services:
IM
Hybrid Cloud
Public
Public
Private Cloud Cloud A
Cloud B
M

Public Public
Cloud C Cloud D

Users in an
N

Organization

Figure 3.5: Hybrid Cloud with Public and Private Clouds Being Used
for Different Applications

3.5.1 PRIVATE VERSUS HYBRID CLOUD

Enterprises usually take steps towards cloud computing with a pri-

vate cloud. They maintain their own data centers or obtain the hosting
services from a third party vendor. They invest to procure, setup, and
manage the private cloud. However, resources may prove to be inade-
quate to meet demands during peak loads, leading to the requirement
for a hybrid model.

A hybrid cloud is a combination of a public cloud and a private cloud,

wherein organisations can maintain vital information in the private
cloud and migrate less critical information to the public cloud. Data
portability must be a guaranteed factor when moving between public
and private infrastructure.

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  73

n o t e s

Table 3.2 lists the differences between private cloud and hybrid cloud:

Table 3.2: Private Versus Hybrid Clouds

Feature Private Cloud H ybrid Clouds
Ownership It is entirely procured, It uses the resources of a pub-
set up, and managed by lic provider on a pay-per-use
the organisation. model.
Constraints Its performance is con- It is more scalable and elastic,
During Peak strained. because it can use public re-
Load sources to meet load spikes.

Service Deploy- It is less flexible. It is more flexible and can

ment develop and test services on a
public cloud and later deploy
them on a private cloud.

S
Capital Ex- It is as expensive as an It is less expensive.
pense internal IT infrastruc-
ture.
IM
self assessment Questions

10. Which of the following cloud comprises private, community,

or public clouds?
a. Private
M

b. Public
c. Community
d. Hybrid cloud
N

11. Cloud _____ ultimately enables an organisation to minimise

risks associated with peak load performance or service
degradation.

Activity

Enlist the points when a cloud is not considered as hybrid.

3.6 SUMMARY
‰‰ Clouds are broadly grouped as private, community, public, or hy-
brid clouds.
‰‰ A private cloud is a proprietary network within a corporate data
center that supplies hosted services to a limited set of users such
as employees, customers, vendors, and partners.
‰‰ A private cloud has a virtualised hardware resource pool (from a
set of existing or new heterogeneous servers, storage, and network

NMIMS Global Access - School for Continuing Education

74  Cloud Computing

n o t e s

equipment), service catalog, self-service portal, workload manag-

er, utilisation tracking software, and pay-per-use billing.
‰‰ A private cloud needs a set of security mechanisms such as:
 Hardened OS
 Regular vulnerability scanning
 Role-based access for users
 Data classification based on required security
 Data ownership
 Swift reaction plan to resolve breaches
‰‰ A community cloud is a cloud infrastructure shared and used by
user groups from a specific community or organisations with com-

S
mon concerns such as security, compliance, jurisdiction, and stan-
dards.
‰‰ The cost for implementing and managing a community cloud is
IMspread over fewer users than for a public cloud and, therefore, has
less economy of scale than a public cloud.
‰‰ In a public cloud, services are sold to anyone on the Internet.
‰‰ A public cloud has advantages such as convenience, significant
cost savings from economies of scale, no upfront expenses, on-de-
mand allocation of resources to meet varying workloads, and utili-
M

ty-like pay-per-use billing.

‰‰ Public clouds have various limitations such as security, latency,
privacy, and compliance with regulations.
‰‰ It is becoming common for organisations to use a hybrid cloud,
N

where they can leverage their private cloud for sensitive, criti-
cal applications, and use one or more public clouds temporarily
during periods of peak demand or permanently for backups, DR,
e-mail archiving, etc.

key words

‰‰ Hybrid cloud: It is a combination of two or more clouds con-

taining the features of all its components.
‰‰ Hypervisor: It is a software, hardware, or firmware that is used
to create and run virtual machines. It is used to group the re-
sources (CPU, storage, network ports, memory) of all the serv-
ers, storage, and other devices into a common pool.
‰‰ Self-service portal: It offers an intuitive, easy-to-use interface
for customers to select and start using services from within the
offered set.

NMIMS Global Access - School for Continuing Education

 Cloud Deployment Models  75

n o t e s

3.7 DESCRIPTIVE QUESTIONS

1. Define private cloud. What are the benefits and components of a
private cloud?
2. What do you understand by hardening a private cloud?
3. What is a public cloud? Discuss the benefits of using a public
cloud.
4. What is the purpose of creating a community cloud? How is it
different from public cloud?
5. Explain the concept of hybrid cloud.

3.8 ANSWERS AND HINTS

S
ANSWERS TO SELF ASSESSMENT QUESTIONS

Topic Q. No.
IM Answers
Private Cloud 1. True
2. Virtual Machines
3. Open Virtualisation Format
Public Cloud 4. True
M

5. Slows
6. REST
Community Cloud 7. community
N

8. False
9. expensive
Hybrid Clouds 10. d.  Hybrid cloud
11. bursting

HINTS FOR DESCRIPTIVE QUESTIONS

1. A private cloud is usually located on-premises, is dedicated to,
and is used solely for a single organisation. Refer to Section
3.2 Private Cloud.
2. The key reason stated by users for preferring a private cloud
over a public cloud is security or the need for compliance with
regulations that require data to be kept within the corporate
premises. Refer to Section 3.2 Private Cloud.
3. A public cloud is an infrastructure that is owned and managed
by an organisation selling cloud services and is made available to
the general public. Refer to Section 3.3 Public Cloud.

NMIMS Global Access - School for Continuing Education

76  Cloud Computing

n o t e s

4. A community cloud is an infrastructure used by a specific

community of users or organisations. Refer to Section
3.4 Community Cloud.
5. A hybrid cloud comprises two or more clouds, private, community,
or public. Each cloud retains its features but can share data, if
required. Refer to section 3.5 Hybrid Clouds.

3.9 SUGGESTED READINGS & REFERENCES

SUGGESTED READINGS
‰‰ Smoot, S. R., & Tan, N. K. (2012). Private cloud computing: con-
solidation, virtualization, and service-oriented infrastructure.
Waltham, MA: Morgan Kaufmann.

S
‰‰ Hurwitz, J., Kaufman, M., Halper, F., & Kirsch, D. (2012). Hybrid
cloud for dummies. Hoboken, NJ: John Wiley & Sons, Inc.

E-REFERENCES
IM
‰‰ Financial Times. (n.d.). Retrieved March 01, 2017, from https://
www.ft.com/content/9d547d7c-95dc-11e1-9d9d-00144feab49a
‰‰ What is a Private Cloud? (n.d.). Retrieved March 01, 2017, from
http://www.interoute.com/cloud-article/what-private-cloud
‰‰ Maguire, J. (2016, August 08). What is Private Cloud? Retrieved
M

March 01, 2017, from http://www.datamation.com/cloud-comput-

ing/what-is-private-cloud.html#Private_Clouds_and_Hybrid_
Clouds
N

NMIMS Global Access - School for Continuing Education

 C h a
4 p t e r

TECHNOLOGY PLATFORMS FOR CLOUD COMPUTING

CONTENTS

S
4.1 Introduction
4.2 AWS
IM
Self Assessment Questions
Activity
4.3 Azure
Self Assessment Questions
Activity
4.4 Google App Engine
M

Self Assessment Questions

Activity
4.5 Blue Cloud
Self Assessment Questions
N

Activity
4.6 Force.com
Self Assessment Questions
Activity
4.7 Summary
4.8 Descriptive Questions
4.9 Answers and Hints
4.10 Suggested Readings & References

NMIMS Global Access - School for Continuing Education

78  Cloud Computing

Introductory Caselet
n o t e s

CENIQUE REDUCED OPERATIONAL EXPENDITURE AND

ENHANCED SECURITY WITH AWS ARCHITECTURE

Cenique, established in 2012, is an analytics company of Hong

Kong that provides a cost-effective way to harness mobile and
big data technology for in-store advertising and audience mea-
surement. The company offers IntelliSense Audience Measure-
ment tool, which uses an in-store webcam connected to an An-
droid-based media box to collect anonymous customer data on
the basis of nine key metrics, such as age, gender, and time of day
in the store. Clients can use browser-based dashboard to view lo-
cation-specific metrics and can adjust automatically their digital
signage content on the basis of the gender or age of shoppers. In
2013, Cenique has won the Hong Kong ICT Best Business Product

S
Award and in 2015, it received the Hong Kong ICT Gold Award for
Best Smart HK – Big Data Application. Now, the company op-
erates in 16 countries, and has headquarters in Hong Kong and
IM
additional offices in the United States and India.
In 2012, Cenique started its expansion in Asia and United States
and faced a major problem of interruption as well as of slow con-
nection speed while providing Internet-based services to its cli-
ents. Cenique was trying to compete in the new field of real-time
analytics. Therefore, the slow connection speed and service delay
M

would have restricted the growth of Cenique and created dissatis-

faction among customers.
With the help of existing IntelliSense Audience Measurement
tool, the information generated from the media box of customer
N

can be securely transferred to the remote servers. The informa-

tion is then analysed thoroughly and converted into informational
graphs. These informational graphs will be then made available
to the clients through dashboard.
“It’s a complicated process and every fraction of a second counts,”
says Shylesh, cofounder and CEO of Cenique. The company was
committed to find a provider that could offer proper speed and
security, and a cost-effective solution that could match with the
company’s budget.
“Additionally, we needed a solution that would allow us to grow
without worrying that our success would outstrip our infrastructur-
al capabilities,” explains Shylesh.

The benefits of choosing the solution are as follows:

‰‰ Offers a larger range of data analysis tools
‰‰ Provides better availability
‰‰ Allows superior integration with our native Linux environ-
ment.

NMIMS Global Access - School for Continuing Education

 TECHNOLOGY PLATFORMS FOR CLOUD COMPUTING  79

Introductory Caselet
n o t e s

‰‰ Allows running of analytics on AWS far quicker in comparison

to running it on company’s on-site servers
‰‰ Allows distribution of incoming traffic on Cenique’s network
evenly by its elastic load-balancing and auto-scaling properties.

Moreover, the IT staff at Cenique deployed its new analytics solu-

tion on AWS in just one month without any help from Amazon or
third-party partners. Cenique uses two techniques for monitoring
and controlling the network, which are AWS management console
and Amazon CloudWatch. The original network of Cenique was
built with Linux and Java. AWS architecture allowed Cenique to
preserve its original network and also provided a large data ware-
house. The following figure shows Cenique IntelliSense architec-
ture on AWS:

S
IM
M

Source: https://aws.amazon.com/solutions/case-studies/cenique/)

The benefits after implementing AWS for Cenique are as follows:

‰‰ Versatile in nature
N

‰‰ Integrated easily with existing company’s program

‰‰ Prevented the company from restructuring the existing net-
work
‰‰ Saved lot of time which might get wasted in restructuring the
network
‰‰ Freedcompany from expenditure required in maintenance of
network
‰‰ Saved the operational expenditure of the company by 60 percent

Savings in operational costs allowed Cenique to spend more

time and money into their core operation which ultimately helps
them to expand their business. Apart from that, AWS also helped
Cenique to get freed from the problem of delayed data processing.
After implementing AWS, Cenique was able to get 100% uptime.
The use of AWS auto-scaling feature had made it possible for
Cenique to run its analytics 40% faster than before. In addition,
AWS also helps Cenique in enhancing the security of its network.
It can now store data more securely than ever before.

NMIMS Global Access - School for Continuing Education

80  Cloud Computing

n o t e s

learning objectives

After studying this chapter, you will be able to:

>> Explain the services of AWS
>> Discuss the key products of Microsoft Azure
>> Describe features of Google App Engine (GAE)
>> Explain computing technologies of the blue cloud
>> Discuss the significance of force.com

4.1 INTRODUCTION
The advent of the cloud-computing platform has lead to major chang-

S
es both within and across enterprises. The cloud-computing platform
has enabled the developers to code the application programs which
can run in the cloud environment. In other words, cloud-computing
platform is a virtual system on which various applications can be de-
IM
veloped or run. Some key cloud platforms are Amazon Web Service
(AWS), Microsoft’s Azure, Google App Engine (GAE), IBM’s blue
cloud and force.com. Amazon Web Service (AWS) is a generalised
cloud-computing platform that offers many cloud-computing services.
Microsoft Azure is a platform that can support public as well as private
clouds. Google App Engine (GAE) is usually developed for Web appli-
M

cation developers. IBM’s blue cloud is a highly focussed cloud-com-

puting environment that can perform tasks on distributed computing
architecture with data centres. Force.com is integrated with various
application tools of salesforce.com. It is very important to choose the
right cloud-computing platform because the wrong choice can have a
N

negative impact.

This chapter familiarises you with Amazon Web Service (AWS) and
Microsoft Azure. You will also study about the feature of Google App
Engine (GAE) and blue cloud. Towards the end of the chapter, you will
study about force.com platform.

4.2 AWS
Amazon Web Service (AWS) is a cloud-service platform that is ex-
tremely secure and offers database storage, content delivery and oth-
er functions. It is provided by Amazon.com. It was first launched in
2006 in order to provide online services for websites and client-side
applications.

AWS is operated from 16 geographical locations across the world.

These locations are eastern and western USA, Canada, South Amer-
ica, Brazil, Ireland, Germany, United Kingdom, Israel, Singapore,
South Africa, Dubai, Japan, South Korea, India, China and Australia.
Each of these regions has multiple availability zones. AWS is distrib-

NMIMS Global Access - School for Continuing Education

 TECHNOLOGY PLATFORMS FOR CLOUD COMPUTING  81

n o t e s

uted in these geographical locations to ensure the robustness of the

system. Moreover, it also helps to minimise the impact of disruption.
The various services of AWS are described as follows:
‰‰ CloudDrive: It is a magnificent service with the help of which the
user can upload as well as access any music, images, videos, docu-
ments from any device that is connected to the Web. It allows the
user to stream music to the device.
‰‰ CloudSearch: It is a service which is generally used to integrate
the capabilities of customised searching into some other applica-
tions.
‰‰ Dynamo database: It is a fully-managed NoSQL database. It is
also known as Dynamo DB or DDB. It is scalable with low latency.
‰‰ Elasticcompute cloud: It allows the users to run application pro-

S
grams and serves as an unlimited set of Virtual Machine (VM).
‰‰ Mechanical turk: It is an Application Program Interface (API).
The function of this API is to integrate human intelligence into
Remote Procedure Calls (RPCs).
IM
‰‰ RedShift: It is a data warehouse service which is basically de-
signed for analytical workloads. It is also connected to standard
SQL-based client as well as various business intelligence tools.
‰‰ Simple Storage Service (S3): It is a service that is highly scalable,
has high speed and involves less cost. It is basically designed to
M

keep the online backup and archive the data and application pro-
grams.

AWS includes several services spanning a wide range including com-

pute, storage, networking, database, analytics, application services,
N

deployment, management, mobile, developer tools, and tools for the

Internet of Things. Two most popular services of AWS are Amazon
Elastic Compute Cloud (aka “EC2”) and Amazon Simple Storage Ser-
vice (aka “S3”). Generally, AWS services are not exposed directly to
end users, but instead offer functionality through APIs that are used
by developers to use in their applications.

self assessment Questions

1. Which of the following services of AWS allows a user to upload

as well as access any music, images, videos, documents from
any device that is connected to the Web?
a. Simple Storage Service (S3) b. Dynamo Database
c. CloudSearch d. CloudDrive
2. AWS is operated from 16 geographical locations across the
world. (True/False)
3. AWS was first launched in __________.

NMIMS Global Access - School for Continuing Education

82  Cloud Computing

n o t e s

Activity

Suppose you are using AWS. What should you do to access a video
from any device that is connected to the Web?

4.3 AZURE
Azure is a cloud-computing service which was created by Microsoft
and released on 1st February, 2010. Initially, it was called Windows
Azure, but it was renamed as Microsoft Azure on 25th March, 2014.
Microsoft Azure was mainly developed for creating, setting and man-
aging applications through its data centres. It provides many software
applications, platforms, infrastructures and is compatible with many
programming languages, tools and frameworks.

S
It is basically known for its Platform as a Service (PaaS) and Infra-
structure as a Service (IaaS). The following are the key products of
Microsoft Azure:
IM
‰‰ Compute: It is a service that provides Virtual Machine (VM), In-
frastructure as a Service (IaaS). It also offers batch-processing and
access to remote application.
‰‰ Web and mobile: It is a service that allows the development and
deployment of Web and mobile applications. It also provides fea-
tures that are helpful in API management, notification and report-
M

ing.
‰‰ Data storage: It is a service that includes Database as a Service
(DaaS). It supports NoSQL, SQL, unstructured and cached cloud
storage.
N

‰‰ Analytics: It is a service that provides distributed analytics and

storage. It also offers big data analytics, real-time analytics, data
lakes as well as data warehouses.
‰‰ Networking: It provides virtual networks, dedicated connections
as well as gateways. It also offers services for traffic management,
Domain Name System (DNS)-hosting and load-balancing.
‰‰ Media and Content Delivery Network (CDN): It is a service that
offers on-demand streaming, encoding and indexing.
‰‰ Hybrid integration: It is a service that is used to create and save
the backup of the server. It is also used in recovering a site and
connecting to public and private clouds.
‰‰ Identity and Access Management (IAM): It is a service that en-
sures that no unauthorised user can access the Azure service. It
helps in protecting encryption keys and other confidential infor-
mation.
‰‰ Internet of Things (IoT): It is a service for capturing, monitoring
as well as analysing data from many sensor devices.

NMIMS Global Access - School for Continuing Education

 TECHNOLOGY PLATFORMS FOR CLOUD COMPUTING  83

n o t e s

‰‰ Development: It is a service that shares code with developers. It

can also test the application and track any type of issues in the
program. Programming languages like JavaScript, Python, .NET,
etc. can be run on Azure.

A live example of using Microsoft Azure platform is AccuWeather. It

is a global weather company that uses Microsoft Azure along with
Microsoft Dynamics 365 to gain real-time information of weather and
business patterns. The company handles 17 billion requests for data
each day.

self assessment Questions

4. Initially, Azure was called Microsoft Azure but now it is

renamed as Window’s Azure. (True/False)

S
5. Microsoft Azure is basically known for its _________ and
______________.
6. Which of the following products of Azure are helpful in API
IM
management, notification and reporting?
a. Compute b. Web and Mobile
c. Data Storage d. Analytics
M

Activity

You are a Java application developer. You want to share the code of
your program with another developer. How will you use Microsoft
Azure to perform the task?
N

4.4 GOOGLE APP ENGINE

Google App Engine (GAE) is a platform with the help of which Web
applications can be developed and hosted in the data centre of Google.
It is a standard and flexible cloud environment that supports a host of
programming languages, like Python, Java, PHP, Ruby, etc.

One unique feature of Google App Engine is that it offers automatic

scaling for Web application. This means that it allocates limited re-
sources for a Web application but when the number of requests in-
creases, it can automatically allocate more resources so that the Web
application can handle the additional demand. GAE also does not
charge any fees up to a certain level of resource. It only charges for
additional resources, bandwidth or storage capacity.

The following are some features of GAE:

‰‰ Itallows users to sign in with the existing Google account but it
addresses the user with new and unique identifiers.

NMIMS Global Access - School for Continuing Education

84  Cloud Computing

n o t e s

‰‰ It provides schema-less object data storage, which is highly scal-

able. It provides rich data modelling API and supports SQL.
‰‰ It allows to create, configure and use relational databases that re-
side in Google cloud.
‰‰ Ithas a memory data cache that is used for improving the perfor-
mance of applications.
‰‰ It provides security scanner that can detect the security vulnera-
bilities of Web applications.

Google App Engine (GAE) can be run in the two following environ-
ments:
‰‰ Flexible environment: Flexible environment is best suited for the
application whose source code is written in any version of Java,
Python, Go, Node.js and Ruby. Applications that can run in flexi-

S
ble environment can access all the resources or services of cloud
platform.
‰‰ Standard environment: Standard environment should be pre-
IMferred for the applications that require faster scale-up times. In
this environment, applications run in a specialised sandbox. Stan-
dard applications are best suited for the applications whose source
codes are written in Java 7, PHP 5.5, Python 2.7, Go 1.7.

Exhibit
M

Differences between flexible and standard environment of

Google App Engine (gae)

The differences between the flexible and standard environment of

Google App Engine (GAE) are shown in the following table:
N

Feature Standard Environment Flexible Environment

Background threads Has background threads, Has background threads
but with restrictions without any restrictions
Background process No background process Has background process
SSH debugging Not available Available
Scaling Scaling is manual, basic Scaling is only manual
as well as automatic and automatic
Writing to local disk Not possible Possible
Customizable serving Not possible Possible
stack
Network access Has network access only Has network access
through Google App without any restrictions
Engine (GAE)
Supports installing Has no support in Has support in installing
third-party binaries installing third-party third-party binaries
binaries
Location Present in North Ameri- Present in North Amer-
ca, Asia-Pacific as well as ica and Asia-Pacific but
Europe not in Europe

NMIMS Global Access - School for Continuing Education

 TECHNOLOGY PLATFORMS FOR CLOUD COMPUTING  85

n o t e s

Feature Standard Environment Flexible Environment

Pricing Pricing is based on the
time it is used for
Use Optimal for applications,
which are created by
using Python 2.7, Java
7, PHP 5.5, or Go 1.6
programming language.
Such applications are
executed for free or
at very low cost. For
example, an application
can scale to 0 instances
if there is no traffic. This
type of environment is
Pricing is based on the
usage of virtual CPU,
memory and the persis-
tent disks.
Optimal for applica-
tions, which are created
by using any version of
the Python, Java, Node.
js, Go, Ruby, PHP, or
.NET programming
language. Such appli-
cations are executed
in a Docker container
that includes a custom
runtime or source code
written in other pro-

preferred when applica-
tions can have sudden
and extreme spikes of
traffic and require im-
IM
mediate scaling.
M
S
gramming languages.
These type of applica-
tions also depend upon
other software, includ-
ing operating system
packages. In addition,
such applications can
access the resources or
services of a Cloud Plat-
form project containing
in the Compute Engine
network.

Source: cloud.google.com

A common utilisation of GAE is the deployment of real time sensor

dashboards applications.
N

self assessment Questions

7. Google App Engine (GAE) does not offer automatic scaling for
Web applications. (True/False)
8. Google App Engine (GAE) allows users to sign in with the
existing Google account but it addresses users with a new and
unique ____________.
9. The application whose source code is written in any version of
Java, Python, Go, Node.js and Ruby is suited for ___________
environment.

10. __________ environment should be preferred for the
applications that require faster scale-up times.

Activity

You have developed a Web application and its source code is writ-
ten in Java 7. Now you want to host it in Google App Engine (GAE).
How can you perform the task?

NMIMS Global Access - School for Continuing Education

86  Cloud Computing

n o t e s

4.5 BLUE CLOUD

Blue cloud is developed by IBM. The primary aim of a blue cloud is
offering service that can automate all the fluctuating demands for IT
resources. Blue cloud is mainly used to perform tasks on distributed
computing with data centres. It does not prefer to perform tasks on
remote or individual servers.

Blue cloud is based on Hadoop, which is an open source platform that

can manage all the computing resources across a large cluster of com-
puters. Hadoop consists of MapReduce for distributing computing
tasks across its entire server in the whole world. MapReduce is used
for processing as well as generating big data with the help of parallel
and distributed algorithm.

Virtual Linux images are used by blue cloud and the most remarkable

S
thing is that it can schedule parallel workloads. Hundreds of devel-
opers supported the concept of Blue cloud all over the world and it
employs a lot of open source software and standard technologies.
IM
Blue cloud is a ready-to-use cloud computing that consists of the fol-
lowing leading massive computing technologies:
‰‰ Parallel sysplex: It is a cluster of IBM mainframe systems that
work together as a single system in order to share the workload for
high performance and availability.
M

‰‰ Blue gene: It is a network of some powerful supercomputers.

It has an operating speed of Petaflop. Petaflop is used to measure
the speed of a computer. 1 Petaflop is equal to thousand trillion
floating points per second. There are three generations of Blue
Gene – Blue Gene/L, Blue Gene/P and Blue Gene/Q.
N

‰‰ Grid computing: It is a distributed architecture used for virtuali-

sation. It can reduce the computational and analysis time.

Blue cloud is used in various types of services that are used by health-
care professionals, healthcare organizations, research site organiza-
tions, and etc. Some examples of such services are:
‰‰ BlueCloud Directories
‰‰ BlueCloud Education Network
‰‰ BlueCloud Staff Learning System
‰‰ BlueCloud Purchasing Club
‰‰ BlueCloud Surveys
‰‰ BlueCloud CME Management System (For Accrediting Vendors)
‰‰ BlueCloud e-Commerce Management System

NMIMS Global Access - School for Continuing Education

 TECHNOLOGY PLATFORMS FOR CLOUD COMPUTING  87

n o t e s

self assessment Questions

11. Blue cloud is developed by___________.

12. The three generations of Blue Gene are ___________, _________
and __________.
13. Blue cloud does not prefer to perform tasks on remote or
individual servers. (True/False)
14. Blue Gene is a network of some powerful ____________.

Activity

Suppose you are an employee of IBM and you do not want to per-
form your task on remote or individual servers. What will you do to

S
perform your task on distributed computing?
IM
4.6 FORCE.COM
Force.com is a platform that helps the user to create and deploy a
secure and scalable cloud application. In the force.com platform, de-
velopers do not need to buy any software or server, rather they can
mainly concentrate on building apps that will include built-in mobile
functionality. Once the app is built, it can be run on a secure platform
M

of force.com that will scale, tune as well as keep the backup of data
automatically.

Force.com also provides some essential tools and services that are re-
quired to automate the business process and integrate with external
N

applications. With the help of force.com, a developer can build an en-

terprise app even without writing a single line of code. Force.com also
has some security controls that help to authenticate the users. It can
specify which user can view, edit, create or delete a record in the app.
The two types of apps that can be built on force.com platform are:
‰‰ Data-centric: Data-centric apps are structured and have consis-
tent information. These types of data-centric apps can be found in
databases like MS Access or FileMaker. The advantage of a data
centric app is that it is easy to control, access and manage data in
a data-centric app. In a data-centric app, we can get a complex re-
sult just by issuing a single query. For example, if we want to find
the total sales report for a month from a set of MS Word file, we
have to open all the related MS Word files, find the contract total,
and then add them together to find the result. But the same result
can be found just by issuing a simple query if we had kept all the
contracts in a simple database. Thus data-centric apps will always
be required to make fast business decisions.

NMIMS Global Access - School for Continuing Education

88  Cloud Computing

n o t e s

‰‰ Collaborative: Collaborative apps can be shared by multiple users

in multiple locations. The traditional software was usually stored
on a single machine and it was very difficult to access the software
from remote places. Collaborative apps have come up with an in-
novative way of installing software which can be accessed from
anywhere in the world just with the help of a Web browser. These
have helped a lot in performing many activities, like selling a prod-
uct, managing a project as well as hiring an employee. Apart from
that, the collaborative app also has some built-in platform-produc-
tive group collaboration such as it can control user’s access to dif-
ferent data by using security and sharing model of the platform. It
can also assign tasks automatically, update any data or can send
e-mail automatically in case of certain business events by using
the predefined rules of workflow. The built-in features of collabo-
rative app offers a framework to share apps to any group, division

S
or the entire organisation without surrendering administrative
control over the sensitive data.

The following are some technologies that play a big role behind force.
IM
com platform:
‰‰ Multitenant architecture: It is a type of architecture with the help
of which the same infrastructure and same version of force.com
platform can be used by all users. It allows the upgradation au-
tomatically and simultaneously for all users. Thus, in this archi-
tecture, the latest patch is always installed in the application. The
M

applications that use this type of architecture are eBay, Google

Gmail, My Yahoo!, etc.
‰‰ Metadata-driven development model: It is a model used in force.
com that helps the developer to become more productive, defining
N

the basic functionality of app in a database as a metadata rather

than using code. Thus, if a user accesses an app through the plat-
form of force.com, he/she can actually enter the metadata of the
app into his interface. Thus, due to this facility, the app developer
of force.com is able to work at a higher level of data abstraction.
‰‰ API: Force.com has a lot of APIs like SOAP API, REST API, Bulk
API, Streaming API, Metadata API, etc., which can be called from
many client-side languages. In force.com, toolkits are also avail-
able for developers that help to ease the integration. The APIs of
force.com are straightforward and powerful. They can be accessed
or manipulated from any server location by using any program-
ming language that supports the Web service.
‰‰ Apex: Apex is a cloud-programming language introduced by sales-
force.com. Apex is the most popular and widely used language for
Web pages that can run on force.com platform. The syntax of Apex
is similar to Java but is designed especially for building business
applications that can manage and process data within the context
of force.com platform.

NMIMS Global Access - School for Continuing Education

 TECHNOLOGY PLATFORMS FOR CLOUD COMPUTING  89

n o t e s

Force.com is used in various types of applications, such as employee

directory, time-off management applications, departmental or group
applications for recruiting, bug tracking, and asset management, and
etc. A live example of the use of Force.com platform is Electronic Arts
(EA), which is the world’s leading interactive entertainment software
company. This company has selected Force.com to create a recruiting
application to manage its mission-critical talent acquisition.

self assessment Questions

15. Which of the following types of apps can be built on force.com

platform?
a. Multitenant b.  Collaborative
c. Apex d.  Metadata-centric

S
16. __________ is a type of architecture with the help of which the
same infrastructure and same version of force.com platform
can be used by all users.
IM
17. Apex is a cloud-programming language introduced by
salesforce.com. (True/False)

Activity
M

You are an app developer. You want to make an app where you can
get an advance result just by issuing a single query. How can you
perform the task by using force.com platform?
N

4.7 SUMMARY
‰‰ Amazon Web Service (AWS) is a cloud service platform that is ex-
tremely secure and offers database storage, content delivery and
other functions.
‰‰ AWS is operated from 16 geographical locations across the world.
These locations are eastern and western USA, Canada, South
America, Brazil, Ireland, Germany, United Kingdom, Israel, Sin-
gapore, South Africa, Dubai, Japan, South Korea, India, China
and Australia.
‰‰ Azure is a cloud-computing service which was created by Micro-
soft and released on 1st February, 2010.
‰‰ Microsoft Azure was mainly created for creating, setting and man-
aging applications through its data centres.
‰‰ Azure is basically known for its Platform as a Service (PaaS) and
Infrastructure as a Service (IaaS).

NMIMS Global Access - School for Continuing Education

90  Cloud Computing

n o t e s

‰‰ Google App Engine (GAE) is a platform with the help of which

Web applications can be developed and hosted in the data centre
of Google.
‰‰ Applications that can run in flexible environment can access all
the resources or services of cloud platform.
‰‰ Standard environment of Google App Engine (GAE) should be
preferred for the applications that require faster scale-up times.
‰‰ Blue Cloud is developed by IBM and the primary aim of blue cloud
is offering service that can automate all the fluctuating demands
for IT resources.
‰‰ Force.com is a platform that helps the user to create and deploy a
secure and scalable cloud application.
‰‰ Data-centric apps are those types of app that are structured and

S
have consistent information. These types of data-centric apps can
be found in databases like MS Access or FileMaker.
‰‰ Apex is a cloud-programming language introduced by salesforce.
IM
com. It is the most popular and widely used language for Web pag-
es that can run on force.com platform.

key words

‰‰ CloudDrive: It is a magnificent service with the help of which

M

the users can upload as well as access any music, images, vid-
eos, documents from any device that is connected to Web.
‰‰ Collaborative app: It refers to the type of app that can be shared
by multiple users in multiple locations.
N

‰‰ Data-centric app: It refers to the types of apps that are struc-

tured and have consistent information.
‰‰ Hybrid integration: It is a service that is used to create and
save the backup of the server.
‰‰ Mechanical turk: It is an Application Program Interface (API).
The function of this API is to integrate human intelligence into
Remote Procedure Calls (RPCs).
‰‰ RedShift: It is a data warehouse service which is basically de-
signed for analytical workloads.

4.8 DESCRIPTIVE QUESTIONS

1. Discuss the various services of AWS.
2. Explain the key products of Microsoft Azure.
3. Describe some features of Google App Engine (GAE).
4. Discuss the two types of environments on which Google App
Engine (GAE) can be run.

NMIMS Global Access - School for Continuing Education

 TECHNOLOGY PLATFORMS FOR CLOUD COMPUTING  91

n o t e s

5. Describe three technologies that can be found in a blue cloud.

6. Explain two types of apps that can be built on force.com platform.
7. Discuss some technologies that play a big role behind force.com
platform.

4.9 ANSWERS AND HINTS

ANSWERS FOR SELF ASSESSMENT QUESTIONS

Topic Q. No. Answers

AWS 1. d. CloudDrive
2. True
3 2006

S
Azure 4. False
5. Platform as a Service (PaaS), Infra-
IM
structure as a Service (IaaS)
6. Web and Mobile
Google App Engine 7. False
8. identifier
9. flexible
M

10. Standard
Blue Cloud 11. IBM
12. Blue Gene/L, Blue Gene/P and
Blue Gene/Q
N

13. True
14. supercomputers
Force.com 15. b. Collaborative
16. Multitenant architecture
17. True

HINTS FOR DESCRIPTIVE QUESTIONS

1. The various services of AWS are described as follows:
 CloudDrive: It is a magnificent service with the help of which
the user can upload as well as access any music, images, vid-
eos, documents from any device that is connected to Web.
Refer to Section 4.2 AWS.
 One of the key products of Microsoft Azure is Compute,
which is a service that provides Virtual Machine (VM), Infra-
structure as a Service (IaaS). Refer to Section 4.3 Azure.

NMIMS Global Access - School for Continuing Education

92  Cloud Computing

n o t e s

3. GAE allows users to sign-in with the existing Google account but
it addresses the user with new and unique identifiers. Refer to
Section 4.4 Google App Engine.
4. Google App Engine (GAE) can be run in the following two
environments, i.e. in flexible environment and standard
environment. Refer to Section 4.4 Google App Engine.
5. Blue cloud is a ready-to-use cloud computing that consists of
some leading massive computing technologies. Refer to Section
4.5 Blue Cloud.
6. Data-centric is one of the apps that can be built on force.com
platform. Refer to Section 4.6 Force.com.
7. Multitenant architecture is a type of architecture with the help
of which the same infrastructure and same version of force.com

S
platform can be used by all users. Refer to Section 4.6 Force.
com.

4.10 SUGGESTED READINGS & REFERENCES

IM
SUGGESTED READINGS
‰‰ Bahga, A., & Madisetti, V. K. (2014). Cloud Computing: A Hands-on
Approach.
‰‰ Golden, B. (2015). Amazon Web Services for Dummies. Hoboken,
M

NJ: John Wiley & Sons Inc.

‰‰ Rhoton, J., Clercq, J. D., & Graves, D. (2013). Cloud Computing Pro-
tected. Tunbridge Wells, Kent: Recursive Press.
‰‰ Yeluri, R., & Castro-Leon, E. (2014). Building the Infrastructure for
N

Cloud Security a Solutions View. Berkeley, CA: Apress.

E-REFERENCES
‰‰ Amazon Web Services. (2017, March 01). Retrieved March 03, 2017,
from https://en.wikipedia.org/wiki/Amazon_Web_Services
‰‰ Microsoft Azure. (2017, March 01). Retrieved March 03, 2017, from
https://en.wikipedia.org/wiki/Microsoft_Azure
‰‰ BlueCloud Technologies. (n.d.). Retrieved March 03, 2017, from
http://www.bluecloudcorp.com/
‰‰ Google App Engine. (2017, March 01). Retrieved March 03, 2017,
from https://en.wikipedia.org/wiki/Google_App_Engine
‰‰ Force.com - Create Mobile Apps for Your Business – Salesforce
Europe. (n.d.). Retrieved March 03, 2017, from https://www.sales-
force.com/eu/platform/products/force/

NMIMS Global Access - School for Continuing Education

 C h a
5 p t e r

Challenges in Adoption of Cloud in Business

CONTENTS

S
5.1 Introduction
5.2 Challenges of Cloud Adoption
IM
5.2.1 Performance
5.2.2 Reliability
5.2.3 Security and Privacy
5.2.4 Bandwidth
Self Assessment Questions
Activity
M

5.3 Technical and Economic Challenges in Cloud Adoption

Self Assessment Questions
Activity
5.4 Challenges and Pace of Adoption of Public Cloud by SMBs
N

Self Assessment Questions

Activity
5.5 Public Cloud Benefits for SMBs
Self Assessment Questions
Activity
5.6 Public Cloud Adoption Phases for SMBs
Self Assessment Questions
Activity
5.7 Cloud Vendor Responsibilities in Encountering Challenges
Self Assessment Questions
Activity
5.8 Success Factors for Cloud Consumers
Self Assessment Questions
Activity
5.9 Summary
5.10 Descriptive Questions
5.11 Answers and Hints
5.12 Suggested Readings & References

NMIMS Global Access - School for Continuing Education

94  Cloud Computing

Introductory Caselet
n o t e s

Cloud Adoption Accelerates, but Challenges

Remain

These days, Chief Information Officers (CIOs) of almost all the

organizations are leading their organisations towards the path of
digital transformation. According to Gartner research, the pub-
lic cloud service market has grown to $204 billion in comparison
to $175 billion in 2015. It shows the huge shift of organisations
towards the adoption of cloud-based services from traditional IT
services.

According to Nash/KPMG CIO survey conducted in 2016, it has

been found that around 40 percent of IT leaders use cloud tech-
nology in order to enhance their responsiveness and resiliency.

S
Around 33 percent of IT leaders use the cloud for cost effective-
ness by reducing the unnecessary expenses. The companies also
adopt cloud to accelerate product innovation.
IM
“We see the demand for cloud adoption growing rapidly. The CIO
sees pressure from the CFO to optimise the legacy IT, while IT also
needs to support the rapid pace of the business and implement new
capabilities at the right cost”, says Pierre Champigneulle, a princi-
pal in KPMG’s Advisory Services practice.

According to the survey report, organisations are investing in

M

Software as a Service (SaaS) as almost 3 in 10 IT leaders are plan-

ning to invest significantly in this area as compared to around
25 percent of leaders who are planning to make similar type of
investments in Infrastructure as a Service (IaaS) and only 20 per-
cent to invest in Platform as a Service (PaaS) solutions. With the
N

availability of so many easier options of deploying applications to

SaaS, the shifting of applications on cloud by the companies does
not impact the large stack of applications on cloud. The survey
also revealed that these three types of services, SaaS, IaaS and
PaaS, will continue to grow for the next three years.

Despite such huge acceleration in cloud adoption, around 49 per-

cent of CIOs, according to the survey, reported loss of data and
privacy risk as the biggest security challenge in the adoption of
cloud or cloud technology by the organisations. Almost similar
number of CIOs, around 47 percent, was concerned about the in-
tegration of cloud technology with their existing structure.

“The survey response regarding security in the cloud reflects in-

experience with cloud implementation in a lot of organisations.
Security teams are inherently (and rightly) cautious, yet they may
not have a full appreciation for the sophistication and resilience of
leading Public cloud providers – typically well in excess of those

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  95

Introductory Caselet
n o t e s

found within internal environments”, says David Conroy, a man-

aging director in KPMG’s CIO Advisory practice.

Moreover, according to him, “The bottom line is that most organi-

sations remain in transition when it comes to the cloud, noting that
they need to get comfortable with how they bridge those types of pol-
icies and controls in a cloud environment. Even though it might be
more secure in the cloud than internally, it’s critical to have end-to-
end policies and controls.”

S
IM
M
N

NMIMS Global Access - School for Continuing Education

96  Cloud Computing

n o t e s

learning objectives

After studying this chapter, you will be able to:

>> Discuss the challenges of cloud adoption
>> Describe technical and economic challenges in cloud adop-
tion
>> Explain challenges and pace of adoption of public cloud by
SMBs
>> Describe public cloud benefits for SMBs
>> Explain public cloud adoption phases for SMBs
>> Elucidate cloud vendor responsibilities in encountering
challenges
>> Describe success factors for cloud consumers

S
5.1 INTRODUCTION
IM
In the previous chapter, you studied about technology platforms for
cloud computing. Now, let us move forward and acquaint ourselves
with challenges related to the adoption of cloud in small and medium
business organisations.

Small and Medium Business (SMB) typically have 1 to 1,000 employ-

M

ees. Most business owners are adopting cloud computing for its econ-
omies of scale, ease of use, and low cost. They find the cloud to be a
great business-enabler but still have doubts and questions about its
use. Some of the challenges being faced by SMBs regarding the adop-
tion of cloud computing are:
N

1. Is cloud computing the right way to go?

2. Can I trust the cloud provider with all my sensitive corporate
information?
3. Will the data get into the hands of my competitors?
4. How will cloud computing really benefit me?
5. Is there something about the cloud that I am unaware of that
may later hurt me?

Despite these apprehensions, the adoption of cloud amongst SMBs

has been nothing less than stunning. The market research firm In-
ternational Data Corporation (IDC) projects that the market for cloud
computing will grow from US$ 11 billion in 2009 to US$ 246.8 billion
by 2017. The reason for this growth in cloud computing business is
its convenience, the pay-for-what-you-use model, and low overall ex-
penses due to resource sharing.

Most SMBs have been early implementers of cloud computing, eager

to harvest the competitive advantages of scalability and the pay-per-

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  97

n o t e s

use model. SMBs are poised to benefit most from cloud computing, as
compared to large enterprises. Many SMBs have been on the leading
edge of public cloud advocacy and adoption. A survey by Dell of more
than 400 small and mid-sized businesses with less than 999 employees
showed that 69% of the business owners and leaders wanted to pur-
chase and adopt cloud applications. Also, most of them showed a pref-
erence for applications from a single trusted cloud vendor. The survey
also showed that SMBs using the cloud planned to add an average of
three more cloud services in the near future.

In this chapter, you will first learn about challenges related to cloud
adoption. Further, the chapter will discuss about the pace of adoption
of public cloud by SMBs. The chapter will also discuss about cloud
vendor responsibilities in encountering challenges related to adoption
of cloud. In the end, the chapter discusses about success factors for

S
cloud consumers.

5.2 CHALLENGES OF CLOUD ADOPTION

IM
There are different types of clouds commercially available with their
own capabilities and enhanced services. However, the current cloud
environment is suffering from a number of snags and unavailability of
proper infrastructure. Data management, resource control, virtualisa-
tion, and security are some key areas that must be addressed in near
future with respect to the cloud computing.
M

It gets difficult to change the existing system over newly emerging

technologies and concepts. It needs a long term interoperability and
standardisation approach. There are other issues related with mod-
eling policies, dynamic data management, and non-technical aspects
N

like restrictions due to legislation and policies in different countries,

which also hinder cloud adoption. Economic feasibility is another im-
portant issue related to cloud computing. Moving on cloud infrastruc-
ture from the existing system is economical feasible or not will be re-
ally a big issue for all cloud providers and customers.

Different types of applications and tools were developed in the past to

serve a particular company’s requirements. These help in resolving
issues related to migration on cloud systems. Integrating these appli-
cations and tools in a cloud environment is a difficult task for cloud
providers.

To setup an open cloud system, cloud vendors will also have to solve
issues related to vendors that offer organisation specific services.
They can refuse to stop developing requirement specific services due
to commercial gains and be competitive. However, many companies
also signed Open Cloud Manifesto (OCM). The most important issue
that has to be solved in developing open cloud system is interopera-
bility, but it cannot be easily solved using common interfaces. It af-
fects different technologies like interfaces for IaaS, PaaS, and SaaS.

NMIMS Global Access - School for Continuing Education

98  Cloud Computing

n o t e s

Thus, it is still doubtful whether these approaches of standardisation

and open cloud system can solve existing problems.

There is no final list of challenges in cloud adoption by companies;

however, some challenges that are encountered most often are related
to performance, reliability, security, privacy, bandwidth, etc.

5.2.1 PERFORMANCE

Cloud performance refers to the performance of cloud applications

and servers, as well as access speeds of network and storage I/O. It is
measured primarily by the round-trip response time, which is the time
interval between a user-issued command and the receipt of the result
from the cloud. Performance (besides service uptime) is an important
part of the cloud service level agreement (SLA). It can be quantified

S
in terms of the maximum response time experienced by the end user.
This must be a key metric for the performance of applications and an
important SLA criterion.
IM
Another performance impact is from the number of hops. Within a
cloud datacenter, resources need to communicate and the number
of network hops between the resources and applications add signifi-
cantly to response delays. Cloud performance must be monitored.
A robust performance monitoring system provides benefits such as
tracking work load patterns, identifying peak resource utilisation, and
isolating potential problems and their causes.
M

The performance of virtual machines is difficult to track since the re-

sources are dynamic and based on the work load. All cloud aspects
are not in the control of a particular organisation. The division of con-
N

trol depends on the cloud service offered. For PaaS, for example, the
provider controls the hardware, network, security, servers, operating
system, patches, development environment, database configuration,
and compilers.

The consumer controls the applications, use of resources, database in-

stances, application-level security and authentication for users. There
are also problems with selecting the right performance management
tool. Any selected tool needs to be customised and configured, to a
large extent, to suit the cloud environment.

5.2.2 RELIABILITY

The reliability issue is an important factor in cloud computing. It is

generally related to application, services, infrastructure, network,
data, etc. provided to organisation as per their requirement. The cloud
offers various types of services which are considered reliable if they
are performing as per the need of an organisation securely. The hard-
ware reliability is related to the infrastructure of the cloud datacenter.
The hardware is considered reliable if it is allowing users to perform

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  99

n o t e s

its task without failure. The network reliability ensures accessibility

of the network on 24 x 7 basis. The user can access the resource from
any location using the cloud provider’s network. The occurrence of
persistent issues in the network also prevents organisations to adopt
cloud.

The data reliability is a major challenge in cloud computing. Organsa-

tions often remain in doubt whether storing data on cloud is reliable
or not. If there is any technical snag, the data of an organisation can be
accessible to other users or hackers. Therefore, before moving data on
the cloud, organisations must assess the risk involved in it. Moreover,
the good backup strategy is also required to have reliable access of
resources.

5.2.3 SECURITY AND PRIVACY

S
Any organisation, who wants to implement the cloud computing must
think about the security of the data first irrespective of the nature of
the cloud. Without securing the data in the cloud environment, no or-
IM
ganisation can dare to implement the cloud. Even if the organisation
has well defined security of the data, different issues occur with cloud
computing while managing the data. The organisation must make
sure that the IT security strategy should be lined up with cloud data
security strategy and also ensures the right balance of protection, pri-
vacy, governance, and accessibility to its key resources in the cloud
M

environment. Security risks, threats, and breaches related to data can

come in so many forms and from so many places.

Many times, even insiders of a company help hackers to steal data

from the cloud datacenter. It is very difficult to catch the insider em-
N

ployees because the data in the cloud is managed by them in the da-
tacenter of the cloud. The cloud provider company and clients must
implement some plan to deal with inside as well as outside threats to
save the data.

Data is of prime importance for any organisation; therefore, the prop-

er management of data is of high importance for the business of an
organisation. The data generally goes through five operations in an
organisation, such as creation, modification, security, storage and de-
stroyed. These operations of data are the normal operations in the
cloud datacenter. The organisation has various types of data, such as
emails, contracts, images, and blogs. The cloud contains such diverse
kind of data of an organisation. Therefore, security and privacy of the
data is a very big concern. The major areas that are related to security
and privacy of data are given as follows:
‰‰ Location of the data in the cloud
‰‰ Control over the data in the cloud
‰‰ Secure transfer of data across the applications in the cloud

NMIMS Global Access - School for Continuing Education

100  Cloud Computing

n o t e s

‰‰ Cost associated with management of data in the cloud

‰‰ Co-mingling of the data in the cloud
‰‰ Verification of the customers accessing the data on the network
‰‰ Verification of all software applications before allowing them to ac-
cess data present in the cloud
‰‰ Encryption of data in the cloud
‰‰ Scanning of the various applications running on the cloud

Cloud secures the data using firewall which can also be used to secure
any number of applications and processes. The data security and pri-
vacy is a big issue for companies; therefore, they test data on public
cloud environments with smaller and constrained implementations.
Different types of validations are made to ensure the completeness

S
and accuracy of the data that is either entered, retrieved or processed.
The input validation ensures that the input data to the application
must be complete, accurate and reasonable.
IM
The output validation allows the access of data to the authorised users
and the change management ensures the modification of data only by
the authenticated users. Backup and recovery measures create the
copy of data to recover the data in case of data loss. The data destruc-
tion validation ensures deletion of data from everywhere on the phys-
ical storage medium in case of permanent deletion of data from the
M

database. The security of data during its transfer from one location to
another location is very important and is managed by using VPN by
changing the public network of organisation as private network. The
VPN encrypts the sensitive data of the organisation while transferring
it by using the firewall that acts as a barrier between the public Inter-
N

net and the private network.

5.2.4 BANDWIDTH

Bandwidth is one of the several important factors that need to be

considered wisely while migrating the cloud. The bandwidth is very
important as it decides the user’s experience after implementation of
cloud. The bandwidth is required for the following purposes:
‰‰ Emailing

‰‰ Web Browsing
‰‰ Voice Calling
‰‰ File Transferring
‰‰ Processing Credit Cards/e-Commerce
‰‰ Accessing Cloud Applications
‰‰ Social Media
‰‰ Video Conferencing

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  101

n o t e s

Careful selection of bandwidth makes the client’s experience better

and helps in easier migration to cloud. Most of the time, cloud pro-
vider organisations do not give much attention in selecting the band-
width which may prove fatal to these organisations in terms of client’s
experience. The bandwidth must be capable to support the ongoing
organisation’s operations and processes. The persistent connectivity
is of utmost importance in cloud computing which can be achieved
through careful selection of bandwidth. Organisations must select
bandwidth according to the current client base and the number of
clients increasing day by day.

A large number of clients accessing the same bandwidth may lead to

slowing down of the network, leading to a long time in downloading
and uploading of documents or files. This kind of failure affects the
productivity, profit margins and brand value of the provider organisa-

S
tion. Selecting the appropriate bandwidth and bearing cost for a high-
er bandwidth are some challenges faced by both client and provider
organisations.
IM
self assessment Questions

1. OCM stands for:

a. Opened Cloud Manifesto
b. Open Computing Manifesto
M

c. Open Cloud Manifesto

d. Open Cloud Management
2. Performance is an important part of the cloud service level
agreement (SLA) besides service uptime. (True/False)
N

Activity

Search how service quality is a challenge for organisations wanting

to move to the cloud.

Exhibit

Impact of memory on cloud performance

In cloud computing, memory performance and utilisation is fun-

damental for overall performance. Large database transactions
require massive amounts of memory to meet the various expect-
ed performance levels. Moreover, multi-tenancy and simultane-
ous user tasks put a lot of demand on memory. The coordination
between different cloud services to meet a particular demand re-
quires in-memory tasks. Jobs need to be split and assembled after
processing, which increases overhead cost.

NMIMS Global Access - School for Continuing Education

102  Cloud Computing

n o t e s

Another problem in cloud relates to memory leaks. It is a situation

where a user job, database, or application does not return back the
temporarily-allocated memory to the operating system even after
it has been cleaned up and is no longer in use. This can be due to
a bug, malware, or a deliberate user job that wants to consume all
memory.

Memory leaks with cloud VMs can lead to a gradual loss of avail-
able, free memory and eventually make the virtual machine unable
to function. As such, the cloud provider must implement robust
memory-leak detection mechanisms within the operating system
and continuously monitor such problems.

TECHNICAL AND ECONOMIC

5.3

S
CHALLENGES IN CLOUD ADOPTION
Cloud computing environment includes many technical challenges in
order to implement cloud systems safely and globally. Some import-
IM
ant technical issues in developing, implementing and adopting cloud
applications are as follows:
‰‰ Challenges with virtualisation: It is the most important feature
of any cloud system that hides the technical complexities like rout-
ing, data, aggregation and translation of the system from the end
users. Virtualisation also enhances the flexibility of cloud systems.
M

It includes management and configuration of the system, imple-

menting interoperability by making system code independent,
and creating a virtual execution environment that must be loca-
tion independent. Challenges arise with the improvement in vir-
N

tualisation techniques like scaling of the system horizontally and

vertically, interoperability, and managing and monitoring resourc-
es. To manage them, alteration in data and service behavior must
be reflected by the original resources. In addition, changes in in-
frastructure need to be accepted by the cloud virtual environment
without impairing its original strengths.
‰‰ Multi-tenancy issues: It ensures that the same resources like
code, data, applications, and services are available to different
users at the same time; whereas, the location of resources must
remain unknown for users. These issues pose a vital challenge in
developing and implementing cloud systems. It can be resolved by
hosting all information on shared resources and made available in
numbers of isolated places. More complications might occur when
the shared information is changed by different users at the same
time. Thus, multi-tenancy includes many challenging issues like
making information available to different users in an isolated en-
vironment, accuracy of information and security.
‰‰ Data management issues: It is an integral part of storage clouds
to ensure that data is distributed across multiple resources and

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  103

n o t e s

made available to users. Data management includes data consis-

tency over a distributed environment of replicated data. It also in-
cludes making system aware of data location at the time of repli-
cating data from one location to another, considering changes and
handling workloads. Other important issues that must be consid-
ered in data management are consistency, transactional isolation
and atomicity.
‰‰ Programming models: Cloud systems are developed for enhanced
capabilities including virtualisation, dynamic scalability of appli-
cations and data, multi-tenancy, availability of resources through
images, etc. To completely utilise these advanced features in devel-
oping cloud applications and services, simple APIs and interfaces
must be available to the users. In addition, interfaces and APIs are
also capable to provide more advanced features for better control
and execution of applications. In order to develop these enhanced

S
APIs and interfaces, we need to follow a more advanced approach
to manage resources, advanced infrastructure and prospective
quality of services. The future cloud model should be developed
IM
on more advanced programming models instead of existing typical
programing models. The new programming model for cloud sys-
tem must be compatible with movability of applications through
networks to provide more reliable distributed execution and com-
munication model within and between the applications.
‰‰ Going green: The feature is important in reducing the additional
M

costs of energy consumption as well as reducing carbon emission

in surroundings. Cloud environment empowers business organ-
isations in decreasing the use of unused resources that refers to
down-scaling. Up-scaling of the system also balanced quite care-
fully in order to make system economically feasible as well as fix-
N

ing nature related problems like carbon emission. Apart from soft-
ware services, there are a number of issues that are considered in
achieving Green IT at the hardware level of development.
‰‰ Interoperability between clouds: Without interoperable features
and the ability to exchange data, the use of cloud services would be
significantly reduced. Therefore, the goal of the various standards
is to facilitate interoperability. One way to do this is to create and
provide an orchestration layer. This layer will help to enhance the
usage of various clouds by forming a federated cloud environment.
The cloud orchestration mechanism was initiated by various cloud
service providers to form a single management platform, where
the services of a federated cloud can be centrally assembled and
managed. The interoperability features can resolve the problem of
vendor lock-in, and accelerate the integration amongst cloud ser-
vice providers. The end result is a set of integrated cloud services
where data can be easily interchanged. However, the service pro-
viders need to implement standards in their services.

NMIMS Global Access - School for Continuing Education

104  Cloud Computing

n o t e s

Cloud providers have created a common forum called Cloud

Computing Interoperability Forum (CCIF). CCIF is an open, ven-
dor-neutral group of technology advocates and consumers in-
clined towards increasing the adoption of cloud services. It focuses
on standardisation of cloud computing by building consensus, and
advocating best practices and reference architectures. Its goal is
to enable organisations to seamlessly work together for a wider
adoption of the cloud technology and services. The focus is also
on creating a common agreed upon framework to enable multiple
cloud platforms to interchange information in a unified way. CCIF
is planning to launch a set of unified cloud interface with the ob-
jective of:
 Merging all cloud APIs together and project them behind a
standardised cloud interface

S
 Providing a unified interface for the infrastructure stack, and
merging cloud centric technologies
 Serving as a common interface for interactions between net-
IM
work, applications, servers, systems, identity, and data
‰‰ Successful cloud deployment: Several problems can surface
during the deployment of a cloud which poses a challenge for or-
ganisation in adopting cloud services. The cloud service provider
must work with the user organisation to understand the root cause
of these problems and implement ways to mitigate their impact.
M

Some of the problems are as follows:

 Network-node latency: The reduction of latency between net-
work nodes is critical to improve the cloud performance. Using
an optimised network fabric for the cloud will serve to mini-
N

mise transport latency and delays.

 Transport-protocol latency: To mitigate the impact of Trans-
mission Control Protocol (TCP) latency, reduce congestion and
data loss and improve performance. It is best to design and
deploy an optimised Ethernet fabric for the cloud.
 Number-of-nodes traversed: In traditional three-tier archi-
tecture (Web front-end, application, and database), multiple
hops are needed for data to traverse between servers and the
end-users. Cloud providers must reduce the latency between
nodes within a multi-tier topology so that data packets traverse
shorter distances.
 TCP congestion: TCP is normally used for transmission of
data packets on the Internet. During network congestion or
packet transmission errors, TCP uses smaller windows, which
negatively impacts throughput rates and reliability. The work-
around is to design and implement a congestion-free network
fabric. This, in turn, enables TCP to use larger windows, thus
enabling a higher throughput.

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  105

n o t e s

Economic Challenges in Clouds Adoption

Besides this, cloud computing system must satisfy the economic con-
siderations in order to achieve business oriented goals in real life sce-
narios. To exist in today’s business environment, economical issues
are the most important thing to consider. If anything is not economi-
cally feasible in context of its use, it will definitely decay within a small
time period. So, in developing cloud applications or datacenters, eco-
nomic feasibility must be considered.

Some important economic issues in developing, implementing and

adopting cloud applications are as follows:
‰‰ Cost reduction: This is the foremost issue in adopting cloud sys-
tems. A cloud system must be implemented as it can accustom
changes of customer types as well as reduce the overall cost of the

S
infrastructure maintenance. Cost reduction includes scalability of
the system and pay per use billing model for services or informa-
tion. In addition, developing and implementing a cloud system in-
volves additional cost in integrating the business logic on the cloud
IM
host interfaces or improving the local infrastructure to effectively
use the hosted cloud service or data.
‰‰ Effective billing model: In a cloud environment, variety of data
and applications are available for different types of users. Thus,
need of an effective billing model is necessary to make cloud envi-
ronment economically feasible for consumers. Pay per use is the
M

most effective and widely accepted billing model in cloud services

scenario. This is one of the major economic considerations in cur-
rent cloud computing business model that allows cloud users to
migrate from investing in the capital upfront to only taking care of
N

the operational expenses.

‰‰ Delay in services: For SMEs (Small and Medium Enterprises) as
well as large scale organisations, it is necessary to sell their ser-
vices without any delay or hindrance. In many cases, delay in sell-
ing services is caused due to the time taken in setting up proper
infrastructure. In this situation, cloud environment can support
business organisations by offering proper infrastructure and capa-
bilities to market and sell services without any delay or difficulty.
‰‰ Return of investment: It is an important thing to consider in de-
veloping or adopting cloud systems for all investors to make the
system commercially feasible. However, it cannot be guaranteed.
In some cases, cloud systems fail to achieve this imperative con-
sideration. Thus, outsourcing the resources against increasing the
local infrastructure and identifying the cut-off points is needed.
‰‰ Converting capital expenditure into operational expenditure:
It is one of the most argued features of any cloud system because
the ROI (Return on Investment) is not always known. Capital ex-
penditure refers to expending the total cost in building a local in-

NMIMS Global Access - School for Continuing Education

106  Cloud Computing

n o t e s

frastructure. Using cloud system infrastructure, an organisation

only spends over the operational cost according to its require-
ments. An organisation can acquire and use resources as per its
operational needs in cloud environment to convert capital expen-
diture into the operational expenditure.
‰‰ Legislation and compliance issues: With economic feasibility, leg-
islation and compliance of services are also important factors in
any cloud system as they include a variety of data, applications
and services on different locations worldwide. Thus, the cloud sys-
tem must follow the rules and legislations of countries where the
resources of a particular system are physically stored. More issues
can occur when different laws are applied from different coun-
tries with respect to legislation and compliance of cloud system’s
resources, data, applications and services. To solve these issues,
governance of cloud systems should be more flexible and open to

S
users to ensure features like privacy, security, and compliance in a
cloud environment.
IM
self assessment Questions

3. Which of the following statements is false about virtualisation?

a. Hides the technical complexities
b. Enhances the flexibility of cloud systems
M

c. Includes management and configuration of the system

d. Unable to Implement interoperability
4. ______ are capable to provide more advanced features for
better control and execution of applications.
N

Activity

Search how lack of in-house IT expertise and resources is a chal-

lenge for organisations planning to migrate on cloud.

CHALLENGES AND PACE OF ADOPTION

5.4
OF PUBLIC CLOUD BY SMBs
SMBs that are using public clouds often come across several concerns
during their use. These concerns may be related to security, priva-
cy of data, 24/7 availability of services, potential slow performance
during peak usage, attacks by other cloud tenants, technical support
and compliance, regulations and unauthorised access to services.
These issues are shared by enterprises as well. The use of the same
infrastructure by others including competitors is an untried concept
for all.

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  107

n o t e s

With SaaS, customers have almost no visibility to the implemented

security policies and patches, hypervisor settings, and underlying
hardware and software configurations. Every time, an SMB tries to
use a cloud service, it must do a rigorous market research, negotiate
operating expenses, and go over the SLA terms. Keeping track of SLA
breaches and asking for penalty payments is a pain. The cloud vendor
must initiate penalty payments, but the onus of initiating the adjust-
ment is often left to the customer.

Another concern is the limitation of the APIs provided by the cloud

vendor. In many cases, it is found that the APIs are unable to integrate
the cloud with various internal applications or other external clouds.
All these are keeping the SMBs on their toes although they have the
early adopters of the cloud.

Research indicates that SMBs in the US will be spending around US$

S
7 billion on Managed Services between 2001 and 2012, and this figure
will continue to grow in double digits for next several years. The re-
searchers had also predicted that SMBs globally will be spending US$
IM
11 billion on cloud computing in 2011, and this is expected to grow
annually at a rate of 12% till 2015.

It is estimated that around 138 million SMB employees were using

some form of cloud by start of 2012, with mature markets like the US
adopting it at a rate of 1 in 4. Amongst various cloud categories, IaaS/
PaaS have shown the fastest growth rate of over 26%, followed by
M

Business Productivity applications, at 24%.

SMBs have proven to be the most dynamic segment in this context

and their cloud adoption rate is currently nearly double that of large
enterprises. This amounts to a two-thirds share of the total public
N

cloud market and growth of 25 to 35% per year, outpacing the growth
of large enterprises in this area. McKinsey’s research states that by
2018, SMB cloud computing is expected to represent a global market
of more than US$ 40 billion.

self assessment Questions

5. With _____, customers have almost no visibility to the

implemented security policies and patches, hypervisor settings,
and underlying hardware and software configurations.
6. SMBs that are using public clouds have come across several
concerns during their use. (True/False)

Activity

Search and explain how cost of aging infrastructure is critical for

both client and provider.

NMIMS Global Access - School for Continuing Education

108  Cloud Computing

n o t e s

5.5 PUBLIC CLOUD BENEFITS FOR SMBs

The acute need to grow with limited budget has resulted in SMBs fac-
ing a lot many challenges in their businesses. They have faced:
‰‰ Difficulty in scaling up, which means the SMBs are unable to en-
joy the fruits of large-scale operations.
‰‰ Difficultyin predicting demands and business growth. As such,
the SMBs are unable to plan for accurate size for IT equipment
and software requirement.
‰‰ Difficulty in paying lump-sum for upfront capital expenses.
‰‰ Difficulty from having limited in-house IT talent and infrastruc-
ture.

S
To overcome the above handicaps, SMBs have made cloud as their first
or default choice for IT services or infrastructure. Another distinct ad-
vantage is the availability of applications that were earlier expensive
to buy and install in-house. These include CRM and Enterprise Re-
IM
source Planning (ERP) applications, which are now available on pub-
lic clouds as a pay-per-use model. Several efficient SaaS services have
been made available for the SMBs. The prominent applications are
as follows:
‰‰ Google apps for email, collaboration, video conferencing, etc.
M

‰‰ Microsoft Office385 for email, SharePoint, and instant messaging

‰‰ Zoho applications for emails, recruitment, invoices, CRM, etc.
‰‰ Salesforce.com for CRM
‰‰ RescueTimes to automatically record desktop or laptop time spent
N

on various tasks and projects by an individual or team

‰‰ SugarCRM for sales, customer service, and marketing automation

‰‰ Box.net for file and document sharing on the cloud

SMBs see a clear benefit from improved operational efficiency and the
pay-per-use commercial model. These benefits include automation
of tasks and processes, easy availability of information and reduced
manual processes. Besides the ease of anytime-anywhere access, abil-
ity to collaborate and view updated data in real-time provides SMBs a
level playing field with enterprises.
For SMBs, the public cloud provides the following benefits:
‰‰ Better resource utilisation: With in-house IT infrastructure, the
mean utilisation of resources is only 20 – 30%, because capacity
planning must be provided enough to meet peak loads. But with
real-time scalability of public clouds, you get to use and pay for
what you need at any time. Figure 5.1 shows allotted resources and
required resources to meet user loads:

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  109

n o t e s

140

120
Alloted Resources
100

80

60

40

20 Required Resources
to meet user loads
0

S
Figure 5.1: Allotted Resources and Required Resources
to Meet User Loads
‰‰ Converting CapEx to OpEx (Capital Expense to Operating Ex-
IM
pense): SMBs do not need to buy or manage hardware and soft-
ware. Instead, they pay a predictable, monthly fee to the cloud pro-
vider. Figure 5.2 shows two scenarios for in-house IT expenses and
Public Cloud expense.
M
N

Figure 5.2: Example of Expenses for an In-House

IT Infrastructure and Use of Public Cloud Services
‰‰ Scalability: SMBs are not sure of how their customer require-
ments will move up or down. With limited financial outlay, they
need to make sure that the available capacity can be scaled down
or up without having to spend on IT hardware, software, or admin-
istrative expenses. In a public cloud, the customers can remove
or add servers, store data, and compute power to optimally meet
their needs.
‰‰ Backups: Cloud storage provides an ideal way to backup data
on servers and user end-devices. Cloud-based backup is one of

NMIMS Global Access - School for Continuing Education

110  Cloud Computing

n o t e s

most-deployed use cases for public clouds. This helps SMBs that
do not have CapEx for best backup hardware and software.
‰‰ Business continuity for SMBs: Unexpected downtime or lost cus-
tomer data can shutdown emerging businesses or start-ups. How-
ever, cloud data is replicated to datacenters in different parts of
the country and world, thus providing easy access to online data
from multiple sources, even if a certain site or datacenter is inac-
cessible.
‰‰ Level playing field with the enterprises: With cloud, smaller or-
ganisations can take on global enterprises. The cloud provides
SMBs with the ability to deliver services to customers anywhere in
the world and the agility to compete with global establishments. It
saves SMBs from large up-front procurement costs and from man-
aging hardware, databases, and applications. If a business grows,

S
SMBs can expand their infrastructure quickly with low, additional
OpEx. The adoption rate of cloud amongst SMBs is estimated to
be twice that of large enterprises.
IM
‰‰ Use of mobile computing: With the steadily increasing use of mo-
bile devices (smart-phones, iPads, tablets, etc.) by employees and
customers to access data, on-premise data, and applications; large
organisations have a sharply shrinking audience. On the other
hand, SMBs can get 24/7 access to their cloud-based applications
from any device or location. This allows them to easily increase
their customer reach and revenues.
M

self assessment Questions

7. ERP stands for:

N

a. Enterprise Risk Planning

b. Enterprise Resource Planning
c. Enterprise Recovery Planning
d. Enterprise Resource Planner
8. Which of the following applications is not used for handling
e-mails?
a. Google Apps
b. Microsoft Office385
c. Zoho applications
d. Box.net

Activity

Find out the data about SMBs that are moving to cloud due to data
storage facility.

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  111

n o t e s

PUBLIC CLOUD ADOPTION PHASES FOR

5.6
SMBs
The risk in not using the cloud is that you may miss out on several
competitive advantages that the cloud has to offer. Many businesses
are moving aggressively towards the cloud. But you must transition to
cloud in a planned manner.
A survey in 2016 by McKinsey & Company shows that two-thirds of
the cloud purchases made by SMBs are meant to replace an existing
application or solution. This positions the cloud as an alternative to
“on-premise” IT solution. The remaining one-third is geared towards
market expansion, reflecting the desire of SMBs to access applica-
tions they could not afford in-house.
When asked in which application areas they could see cloud solutions

S
being used within their organisations, survey respondents expressed
the greatest need for storage space and data backup/resiliency. Over-
all, the respondents were willing to consider purchasing cloud solu-
IM
tions for a broad range of IT infrastructure and business application
needs; however, actual consideration levels remain just over 50%.
The following are a few guidelines for SMBs to ensure that they get
the most out of their cloud:
‰‰ Start small: Provide time for your employees to familiarise them-
selves with the services provided by the cloud. Start with one ap-
M

plication at a time and give some weeks for employees to get accus-
tomed to the environment. Once they are at ease, add more cloud
services. Keep the old system available for use as a backup in case
you encounter a show-stopper impediment.
N

‰‰ But think big: Make sure that the cloud service you adopt can be
scaled up to a desired level across time zones, types of services,
and can serve employees and customers alike.
‰‰ Ability to export your data in standard formats: You may want to
export your data to common applications such as Microsoft Word/
Excel or database files for Oracle, MS SQL, or MySQL. This will
allow you to have backup of your data and move to another cloud,
if required.
‰‰ SLA: The Service Level Agreement (SLA) describes the refund
for service outage, termination procedures, fees, Disaster Recov-
ery (DR), backup and Business Continuity Planning (BCP) that
will be provided by the vendor. You must read and understand the
terms and know how it impacts your business.
‰‰ Look for free or inexpensive cloud options: Several free cloud
computing options exist for emails, document management, and
even CRM and ERP. You need to pay only if you exceed a number
of user counts or storage space. There are free trial periods. Make
sure you review the services before deciding to buy.

NMIMS Global Access - School for Continuing Education

112  Cloud Computing

n o t e s

For SMBs, cost and convenience are driving motivators to consider

the cloud for various applications such as DR, and for taking backups
and sharing documents.

Figure 5.3 shows the phases that one has to go through while selecting
and transitioning the services to the cloud. Throughout the adoption
process, you need to focus on the areas of trust, security, legal compli-
ance, and organisational issues.

Identify possible cloud application candidates; the

Analysis
Phase 1:
impact of migrating to the cloud; and do an analysis
of the existing systems, application and business
processes

Sets the direction and objectives for adopting cloud

Planning
Phase 2:

S
computing. The management team choose the
platforms for deployment and the infrastructure
finance, plans, security and legal issue
IM Adoption

Work on application integration with cloud platforms

Phase 3:

and infrastructure, outsourcing strategies, SLAs,

security policies and legal compliance management.
This phase sets the stage for migration of the selected
application & systems to the cloud

Helps with migration of user data and application

Migration
Phase 4:

to the cloud. The users start the cloud services. The

M

management must ensure adequate technical and

user support during the migration process.
Management

Identify, document and evangelize best practices.

Phase 5:
N

The cloud platform and services must be adequately

maintained. Local and remote support and
monitoring teams must be put in place.

Figure 5.3: Cloud Adoption Phases by SMBs

Exhibit

Service Level Agreement (SLA)

An SLA is a contract between the user and the cloud service provid-
er. It defines the terms of responsibility of the cloud service provid-
er and the service credits (penalty or fee-reduction) if the provider
is unable to meet the terms. The SLA document between the user
and the cloud service provider is critical, because after the user
starts using the public cloud, data security, privacy, and application
availability are usually beyond the user’s control.

However, you, as a user who has outsourced the services and data
to an external provider, continue to be answerable for service

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  113

n o t e s

availability and privacy. The cloud service provider controls the us-
erdata and services, thus, in case the cloud service provider does
not perform according to an agreement, you can use the previous-
ly-agreed-upon SLA to hold the provider liable for breaches.

Cloud service delivers great value in terms of economics, but that

should not diminish the value of an SLA. Cloud service providers
sometimes claim that customers over-emphasize the significance of
an SLA and fret over the potential outages than on how the tech-
nology is applied to benefit the business. However, the SLA and a
close scrutiny of each term are necessary to set the base-level ex-
pectations.

A cloud-service SLA is a document defining the agreement or inter-

action between the customer (organization or individual consumer)

S
and the cloud service provider. An SLA must contain the following:
‰‰ List of services the provider offered to you along with a defini-
tion of each service
IM
‰‰ Easy-to-understand metrics to evaluate if the provider is deliv-
ering the service at the promised levels
‰‰ Mechanism to monitor the service
‰‰ Customer responsibilities such as using licensed and tested
applications on IaaS Virtual Machines (VM), storing legitimate
M

and virus-free data, not attempting to break-in to other tenants’

VMs or accounts
‰‰ Remedies or credits to be given if the terms of the SLA are not
met
N

‰‰ Expected changes in the SLA over time

Cloud providers offer the following types of SLA:

‰‰ Off-the-shelf SLAs: You can find this on their website. They of-
fer credits toward the monthly bill for SLA violations. These are
non-negotiable and usually unacceptable to enterprises want-
ing to host critical services on the cloud. Examples for these are
included later in this chapter.
‰‰ Negotiable SLAs: These are more expensive, because they are
customized for the client.

The SLA document contains Service Level Objectives (SLOs) and

business level objectives. An SLO defines the characteristic of a
service in specific and quantifiable terms. Following are a few spe-
cific SLO examples:
‰‰ The application must not have more than 15 pending requests
at any instant.
‰‰ Response for a read request should initiate within 3 seconds.

NMIMS Global Access - School for Continuing Education

114  Cloud Computing

n o t e s

‰‰ Data must be stored within the Arlington and Singapore data

centers.

The SLOs you need depend on your applications and your use of
the cloud. This is an internal, enterprise document with business
goals such as operational cost savings, ongoing control over IT in-
frastructure, budget changes, and move decision making from IT
teams to individual Business Units (BUs). These internal goals
form the basis for the SLA with the cloud service provider.

There are various considerations that must be specified within an

SLA. Some of the key elements that help make a compact SLA are
described below:
‰‰ Service availability: The SLA document must have informa-
tion about the service uptime. The promised uptime ought to be

S
99.5% or higher. For mission-critical services, the uptime must
be 99.9%. Credits are given to you only if the actual uptime is
lower than the one in the SLA. Following are the few areas that
IM need careful perusing:
 Specify how the provider will inform you about the uptime.
Ideally, it should be for each billing period, which is usually
monthly.
 Specify the minimum outage duration to qualify as down-
time. For example, 5 minutes, 10 minutes, 20 minutes, or
M

more. These must be specified in the SLA.

 Note that some cloud providers average their SLA down-
time over the entire year. That means your service could be
down for longer periods in some weeks.
N

 Note that the downtime should be for user service or data

and not for a component such as server, storage, connectivi-
ty, database, or application.
‰‰ Data locations: The SLA must specify the data locations. Many
countries prohibit personal data of citizens to be stored outside
the border. For example, there are regulations that force sen-
sitive data, such as healthcare and finance, to be located with-
in certain geographical boundaries. The SLA must specify the
locations and data centers where your information will reside.
You should have the right to visit and audit the attributes of the
data center such as physical and network security, Disaster Re-
covery (DR) strategies, maintenance processes, electrical and
cooling redundancy, etc.
‰‰ Availability zones: Some public cloud providers have data rep-
licated to different Availability Zones (AZs), which are its data
centers for replication. In some cases, the SLA penalty and out-
age are applicable only if all AZs are down. If the cloud provid-
er adds an AZ, you need to access storage at the new AZ and

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  115

n o t e s

replicate data to the new AZ. If not, even if all your AZs and data
are down, you will be not be eligible for credits.
‰‰ Downtime credits: The provider may put a cap on the percent-
age (for example, 20%) of a customer’s bill that can be reduced
for downtime credits. The credits, if capped, are usually meager
and less than the hard and soft losses such as lost sales opportu-
nity, goodwill, brand image, morale, or productivity.
‰‰ Credit initiation: Note who has the burden of initiating a credit.
Most providers put the onus on the user. This is a problem with
SLAs. Besides, the SLA may require you to initiate the credit
request within a specific time, for example, within 30 days of
the outage or 10 days of receiving a bill. Also, note the credit
processing time in the SLA. Determine if the credit will show on
your next month’s bill or after 6 months.

S
‰‰ Mean time to repair: Some SLAs may give you a Mean Time To
Repair (MTTR) for issues. Insist that your provider give you an
MTTR in the SLA. If the time taken is more than the MTTR, the
IM
provider must issue you credits for the extra time taken.
‰‰ Data protection: The SLA should specify details for your data
backups such as frequency, storing tapes offsite, etc. It should
also specify if the data is replicated to remote sites for DR.
‰‰ Data encryption: SLA must specify if the data-at-rest and
M

in-motion will be encrypted or not. Details of encryption proce-

dures and access policies must be specified.
‰‰ Regulatory requirements: If your enterprise needs to comply
with certain regulatory requirements, such as data retention,
N

encryption, data privacy, authentication, and authorization pol-

icies, etc.; you must outline all such requirements in your SLA.
Besides, they must be transparent to you and help you during
your compliance audits.
‰‰ Certifications: The SLA must specify that the provider has
and will maintain certain certifications such as Payment Card
Industry Data Security Standard (PCIDSS), Health Insurance
Portability and Accountability Act (HIPAA), etc. These are im-
portant for compliance.
‰‰ Advance notification: The SLA must require the cloud service
provider to notify you in advance of any scheduled maintenance
or downtime. They may be reluctant to post information about
unscheduled outages publicly on their website to avoid bad
publicity, but they must at least inform you by e-mail or phone
and help you file credit requests. After an issue is discovered,
providers must share information about security breaches, re-
gardless of whether the breach impacted your data or service.
Your data is subject to the same risk. Thus, you need to be aware

NMIMS Global Access - School for Continuing Education

116  Cloud Computing

n o t e s

of what is happening, so that you can implement measures to

secure your data.
‰‰ Scheduled maintenance periods: The SLA must specify if the
services will be available during scheduled maintenance peri-
ods. If yes, the SLA uptime during the maintenance windows
should be specified along with the information about replication
and Business Continuity Planning (BCP) work during sched-
uled maintenance or when the primary data copy is down.
‰‰ Closure notice period: Many cloud providers have gone out-of-
business. The SLA must outline the closure notice period, for
example, 3 months or 1 week, for you to migrate your data and
service to another site, if the provider were to shut down its op-
erations. In case Law Enforcement Agencies (LEAs) seize the
property of the provider, the process of accessing and backing

S
up of your data must also be specified.
‰‰ Hidden costs: Read the SLA for hidden costs. Your SLA may
have a clause that if a reported problem is found to be due to
IM
the consumer’s fault, the consumer can be billed for the time
and material used to investigate the issue. In such a case, there
might be no upper limit on the bill amount or any statement on
how to decide if the reported problem is due to a consumer’s
fault.
‰‰ Floating terms: Normally, SLAs are paper documents signed by
M

both parties, however, they may refer to policies and terms that
are published on a website. That should be considered an area
for concern. The files on the websites can change. The cloud
provider may not be required to inform customers of changes to
the terms. Sometimes, cloud providers may need the flexibility
N

to change some SLA terms. However, they must specify what

can or cannot be changed, and the new terms should be appli-
cable to all the customers. They must inform customers before
the change. The SLA must have an easy exit clause, if the new
terms are unacceptable.

You should be aware of the local laws where the data center and the
cloud provider are located. If law enforcement agencies seize the
cloud provider’s equipment or the cloud provider goes bankrupt,
they should give you enough notice to save or migrate your data
to your enterprise or to another cloud provider. Moreover, there
are certain important aspects that cannot be specified in an SLA.
For example, will the cloud provider be in business in three or five
years from now? You need to be comfortable with the financial sta-
bility of the cloud provider.

With so many cloud providers available at low cost, cloud providers

can have cash-flow problems and wind up. You need to have infor-
mation in advance to prepare your migration to another provider
or to an internal infrastructure.

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  117

n o t e s

self assessment Questions

9. Which of the following guidelines should SMBs follow to get

the most out of their cloud?
a. Start Small
b. Export Your Data in Standard Formats
c. Look for Free or Inexpensive Cloud Options
d. All of these
10. The conditions described in the Service Level Agreement
(SLA) do not need to be read carefully as they do not impact
business. (True/False)

S
Activity

Find out how content filtering is beneficial for SMBs in cloud adoption.
IM
CLOUD VENDOR RESPONSIBILITIES IN
5.7
ENCOUNTERING CHALLENGES
Both the consumer and the provider need to know the overall business
environment. Providers must appreciate the need of the consumers,
M

and also customers must be aware of the limitations that the providers
work under. The key requirements of the consumers are:
‰‰ Security to save cloud data and applications and denial of access
to unauthorised users
N

‰‰ Use of standards-based APIs, languages, and platforms

‰‰ Environment that users can customise to improve efficiency
‰‰ Internationalisation and use of local languages if possible
‰‰ Ease of access to cloud and high uptime

Providers, on the other hand, work to provide the best features and
conveniences to their customers to encourage them to use cloud ser-
vices which includes:
‰‰ Offering the most competitive prices
‰‰ Scalability and elasticity
‰‰ Self-service portal for users to automate the provision of resources

‰‰ Data storage with regular backups

‰‰ Provision for DR from a different data center

The cloud vendor has extensive responsibilities due to the nature and
requirement of shared infrastructure. The responsibilities, the extent

NMIMS Global Access - School for Continuing Education

118  Cloud Computing

n o t e s

of responsibilities, and the penalty for not meeting the responsibilities

need to be clearly specified in the SLA.

As such, the cloud vendor is responsible for the following:

‰‰ Specifying the services that are included in the standard cost and
those that are not (such as backup, DR, monitoring, database ad-
ministration, network settings) and would therefore be chargeable.
‰‰ Planned maintenance, advance notification for downtime, and pro-
viding alternate service mechanisms during planned downtime.
‰‰ Data security, vendors are liable to make sure that access is con-
trolled, data is encrypted and all security breaches are immediate-
ly identified and resolved.
‰‰ Providing customer data isolation in a multi-tenant environment.

S
Cloud vendors must regularly upgrade their systems and keep up with
the latest security versions and anti-malware patches. They must in-
form cloud users and application developers about software installa-
IM
tion and upgrade plans. The vendor must provide a test environment
with the new software, where the developers can test their applica-
tions. Later when the cloud production environment is upgraded, the
developers must, in turn, update their software for their customers.

self assessment Questions

M

11. It is required that the consumer and the provider must know
the overall business environment to get the maximum benefits
of cloud. (True/False)
12. Cloud _____ must regularly upgrade their systems and keep
N

up with the latest security versions and anti-malware patches.

Activity

Find out the type of questions that a cloud vendor must ask before
providing services to a client for better experience.

Exhibit

Careful vendor selection avoid future challenges in cloud

The selection process of a cloud provider is not much different from

the process that you would follow in making any technology pur-
chase decision. A vital part of using cloud computing is selecting
the right kind of service provider for your cloud needs. The experi-
ence of your user group and the progress of your business or project
depends on the quality of service you get from your cloud vendor.

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  119

n o t e s

There are various criteria to evaluate a provider, such as:

‰‰ Redundancy and degree of fault-tolerance in the cloud infra-
structure and for the datacenter in terms of power, physical se-
curity, cooling, and Internet connectivity.
‰‰ The SLA terms that the provider can give.
‰‰ Historical performance levels the providers have offered.
‰‰ Elasticity in real-time provisioning and capacity of the infra-
structure.
‰‰ The experience and ability to meet business needs.
‰‰ Ease of setup, maintenance, and use of cloud services.
‰‰ Use of standards, portability, and integration with other cloud

S
platforms.
‰‰ Data security, privacy, and history of security breaches.
‰‰ Compliance with legal and regulatory requirements.
IM
‰‰ Historical performance of service uptime, security, and IT reli-
ability.
‰‰ Quality of infrastructure, security monitoring and Network Op-
erating Center (NOC) operations.
‰‰ Performance of the IT and datacenter infrastructure.
M

SUCCESS FACTORS FOR CLOUD

5.8
CONSUMERS
N

Although cloud adoption is at an all-time high, there are also many

customers who go back to traditional, internally-hosted applications.
The key guidelines for their success are as follows:
‰‰ Have a small user group to test the proposed cloud service.
‰‰ Select a cloud vendor that has battle-tested services and a respon-
sive support team.
‰‰ Build a list of shortcomings and work-around the identified prob-
lems.
‰‰ Build a phased, go-live plan.
‰‰ Review on-premise and public cloud security, identify security
risks, and implement mitigation measures.
‰‰ Build an SLA that meets your requirements and make sure the
provider is comfortable with and has the resources and skills to
meet the SLA terms.
‰‰ Keep improving the way you use the cloud and make sure you cus-
tomise the service (as far as possible) to make it easier, more effi-
cient, and more productive for the users.

NMIMS Global Access - School for Continuing Education

120  Cloud Computing

n o t e s

Cloud adoption will provide some economic and ease-of-use benefits.

Beyond that, you need to think innovatively to get more benefits from
cloud services.

self assessment Questions

13. A cloud vendor needs to be selected that has battle-tested

services and a responsive _______ team.
14. You can customise the service to make it easier, more efficient,
and more productive for the users. (True/False)

Activity

Find out whether the success of cloud consumers depends on the

S
selection of a cloud partner.
IM
Exhibit

Improving Cloud Database Performance

Cloud databases offer noteworthy benefits over traditionally-host-

ed internal databases. Moreover, cloud vendors continue to add
and improve their database offerings to make it a convincing option
M

for enterprises. Cloud databases have higher ease of accessibility,

better replication to remote datacenters alongside automation and
better elasticity.

Sharding a cloud database is another technique to improve perfor-

N

mance. It is a process of splitting a large database into a number of

smaller databases, each being hosted on a separate server. It helps
to boost the performance of applications that require frequent and
large database transactions.

Sharding also helps reduce the size of the database index, thus de-
creasing the time needed for searches within the database. To fur-
ther improve performance and availability, providers offer a hori-
zontally-scaled server environment, where it is quick and easy to
bring up more virtual machines to meet higher workloads. Besides
performance, providers focus upon improving database integrity
by using database profilers.

Sharding analyses the source database for inconsistencies in index,

table relationships, or data structure. By examining the data qual-
ity and utilisation pattern, it is able to point out the potential prob-
lems, if any, within a database. This improves the performance of
the database.

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  121

n o t e s

5.9 SUMMARY
‰‰ A Small and Medium Business (SMB) typically has 1 to 1,000 em-
ployees.
‰‰ Data management, resource control, virtualisation, and security
are the some key areas that must be addressed in near future with
respect to the cloud computing.
‰‰ Itis a big issue for all cloud providers to decide whether moving
on cloud infrastructure from the existing system is economically
feasible or not.
‰‰ A robust performance monitoring system provides benefits such
as tracking work load patterns, identifying peak resource utilisa-
tion, and isolating potential problems and their causes.

S
‰‰ Data management includes data consistency over a distributed en-
vironment of replicated data.
‰‰ Ina cloud environment, variety of data and applications are avail-
IM
able to different types of users.
‰‰ Up-scaling of the system also balanced quite carefully in order to
make system economically feasible as well as fixing nature related
problems like carbon emission.

key words
M

‰‰ Cloud Computing Interoperability Forum (CCIF): It is an

open, vendor-neutral community of technology advocates and
consumers dedicated to increasing the adoption of cloud ser-
vices.
N

‰‰ Service Level Agreement (SLA): It describes the refund for

service outage, termination procedures, fees, Disaster Recovery
(DR) etc.
‰‰ Scalability: It provides the ability to customers to remove or
add servers, store data, and compute power to optimally meet
their needs.
‰‰ Transmission Control Protocol (TCP): It is used for transmis-
sion of data packets on the Internet.
‰‰ Virtualisation: It hides the technical complexities like routing,
data, aggregation and translation of the system from the end
users.

5.10 DESCRIPTIVE QUESTIONS

1. How data security and privacy pose a challenge in cloud
adoption?

NMIMS Global Access - School for Continuing Education

122  Cloud Computing

n o t e s

2. Why interoperability between clouds is important? What are the

challenges faced while implementing it?
3. Discuss the challenges and pace of adoption of public cloud by
SMBs.
4. Discuss the benefits of public cloud for SMBs.
5. Discuss the adoption phases of public cloud for SMBs.
6. Discuss the responsibilities of a cloud vendor to make cloud
adoption feasible for the organisations.

5.11 ANSWERS AND HINTS

ANSWERS for SELF ASSESSMENT QUESTIONS

S
Topic Q.No. Answers
Challenges of Cloud Adoption 1. c. Open Cloud Manifesto
IM
2. True
Technical and Economic Chal- 3. d. Unable to Implement
lenges In Cloud Adoption interoperability
4. Cloud APIs
Challenges and Pace of Adoption 5. SaaS
of Public Cloud by SMBs
M

6. True
Public Cloud Benefits for SMBs 7. b. Enterprise Resource
Planning
8. d. Box.net
N

Public Cloud Adoption Phases 9. d. All of these

for SMBs
10. False
Cloud Vendor Responsibilities in 11. True
Encountering Challenges
12. vendors
Success Factors for Cloud Con- 13. support
sumers
14. True

HINTS FOR DESCRIPTIVE QUESTIONS:

1. Any organisation that wants to implement cloud computing
thinks about the security of the data first irrespective of the
nature of the cloud. Refer to Section 5.2 Challenges of Cloud
Adoption.

NMIMS Global Access - School for Continuing Education

 Challenges in Adoption of Cloud in Business  123

n o t e s

2. Without interoperable features and the ability to exchange data,

the use of cloud services would be significantly reduced. Refer
to Section 5.3 Technical and Economic Challenges in Cloud
Adoption.
3. SMBs that are using public clouds often come across several
concerns during their use. Refer to Section 5.4 Challenges and
Pace of Adoption of Public Cloud by SMBs.
4. The acute need to grow with limited budget has resulted in SMBs
facing a lot many challenges in their businesses. Refer to section
5.5 Public Cloud Benefits for SMBs.
5. The risk in not using the cloud is that you may miss out on
several competitive advantages that the cloud has to offer. Refer
to Section 5.6 Public Cloud Adoption Phases for SMBs.

S
6. Providers must appreciate the need of the consumers, and also
customers must be aware of the limitations that the providers
work under. Refer to Section 5.7 Cloud Vendor Responsibilities
in Encountering Challenges.
IM
5.12 SUGGESTED READINGS & REFERENCES

SUGGESTED READINGS
‰‰ Murugesan, S., & Bojanova, I. (2016). Encyclopedia of Cloud Com-
M

puting. Chichester, West Sussex: John Wiley & Sons.

‰‰ Chang, V., Walters, R. J., & Wills, G. (2015). Delivery and adoption
of cloud computing services in contemporary organisations. Her-
shey: Information Science Reference.
N

E-REFERENCES
‰‰ Novikoff, E. (n.d.). Articles. Retrieved March 03, 2017, from http://
enki.co/blog/reliability-and-cloud-computing.html
‰‰ Sabahi, F. (2012, September 21). International Journal on Advanc-
es in ICT for Emerging Regions (ICTer). Retrieved March 03, 2017,
from http://icter.sljol.info/articles/abstract/10.4038/icter.v4i2.4673/
‰‰ Stability and Reliability of Public Cloud Storage. (2014, April 03).
Retrieved March 03, 2017, from http://www.cloudcomputingadmin.
com/articles-tutorials/public-cloud/stability-and-reliability-pub-
lic-cloud-storage.html
‰‰ OpenStack cloud adoption continues to rise but challenges remain.
(n.d.). Retrieved March 03, 2017, from http://www.cloudcomput-
ing-news.net/news/2016/mar/10/openstack-cloud-adoption-contin-
ues-rise-challenges-remain/

NMIMS Global Access - School for Continuing Education

N
M
IM
S
 C h a
6 p t e r

VIRTUALISATION

CONTENTS

S
6.1 Introduction
6.2 Benefits of Virtualilsation
IM
Self Assessment Questions
Activity
6.3 Implementation Levels of Virtualisation
6.3.1 Comparison between the Implementation Levels of Virtualisation
6.3.2 Virtualisation Design Requirements
6.3.3 Virtualisation Providers
M

Self Assessment Questions

Activity
6.4 Virtualisation at the OS Level
Self Assessment Questions
N

Activity
6.5 Middleware Support for Virtualisation
Self Assessment Questions
Activity
6.6 Virtualisation Mechanisms
Self Assessment Questions
Activity
6.7 Summary
6.8 Descriptive Questions
6.9 Answers and Hints
6.10 Suggested Readings & References

NMIMS Global Access - School for Continuing Education

126  Cloud Computing

Introductory Caselet
n o t e s

iTRICITY COMBINES FIVE PHYSICAL SERVERS INTO A SINGLE

VIRTUAL NETWORK

iTricity is a Netherlands based data center service provider, es-

tablished in 2008. In addition to data center services, iTricity also
provides Web hosting services. Recently, it has opened a hosting
center for cloud computing in Belgium in association with IBM
Blue cloud.

iTricity has five huge physical data centers. The company wanted
to combine these data centers into one virtual network that would
provide its customers greater speed. The chief executive officer
of iTricity, Robert Rosier, says “Our vision was to create a comput-
ing cloud whose virtualised services meant that we would be able

S
to meet customers’ needs for services ‘on demand’. To do this, we
needed to move away from traditional silo infrastructures to create
a very flexible and secure environment, where increasing levels of
service automation will eventually see customers themselves initi-
IM
ate the services they need.”

iTricity wanted to provide a complete solution to encompass serv-

er, storage or network capacity. It opened new cloud computing
hosting center with the key technologies from Cisco and IBM. In
the iTricity cloud, there were five data centers. These five data
M

centers were connected through Cisco Coarse Wavelength Divi-

sion Multiplexing (CWDM). These networks provide huge bene-
fits to iTricity, such enabling it to get better resources, reducing
complexity, simplifying all the management tasks, and lessening
the cost of operations.
N

The senior systems architect of iTricity, Stefan Baltus, says, “The

old CWDM/Layer 2 network helped us to create a consolidated
platform, but while it enabled us to share resources it had limita-
tions. For example, while it was possible to create Virtual Private
Local Area Networks (VLANs), this had to be done manually and
it was virtually impossible to scale to support the multi-tenant, ser-
vices-on-demand environment that we wanted to create”.

Cisco Application Control Engine (ACE) Module and Cisco’s Vir-

tual Switching System (VSS) was combined with Cisco MultiPro-
tocol Label Switching (MPLS) network to provide high flexibility
in resource allocation. Cisco MPLS and service modules in the
Cisco Catalyst 6500 series were switched into two frameworks.
This virtualised architecture allows iTricity to simplify the man-
agement of the resources, increase the availability of applications,
speed up the performance of server and reduce the space and
cooling requirements of the server. Thus, it has enabled iTricity
to reduce the operational costs.

NMIMS Global Access - School for Continuing Education

 VIRTUALISATION 127

Introductory Caselet
n o t e s

Baltus says, “Imagine the network as a series of horizontal layers,

starting with the optical transport through to, eventually, a custom-
er selfservice provisional layer. Virtualisation means that we can
share all of these resources and give each customer their own verti-
cal slice, configured to meet their needs.”

S
IM
M
N

NMIMS Global Access - School for Continuing Education

128  Cloud Computing

n o t e s

learning objectives

After studying this chapter, you will be able to:

>> Explain the benefits of virtualisation
>> Discuss the implementation levels of virtualisation
>> Describe the virtualisation at the OS level
>> Explain middleware support for virtualisation
>> Discuss virtualisation mechanisms

6.1 INTRODUCTION
Virtualisation has added a new dimension to the field of Information

S
Technology (IT). You can implement, test, and run various large-sized
applications with virtualisation, which is not possible to implement
on physical hardware alone. Virtualisation technology, in computing
terms, allows the creation of virtual versions of hardware platforms,
IM
Operating Systems (OSs), networking resources, or storage devices.
It supports multiple-guest OSs to be run on a single physical machine,
called the host machine and multiple guest applications on a single
server, called the host server.

Virtualisation changes the way businesses make their payments for

using certain services, while risks associated with costs and payments
M

for businesses are also well handled by it. It helps organisations save
by removing the physical infrastructure to a large extent, taking care
of capital costs that need to be invested in availing and maintaining
the infrastructure. Moreover, other costs, such as maintenance and
N

support, are adjusted into an on-demand service-based payment.

Thus, it cuts much of the cost for businesses.

In this chapter, you will study about virtualisation and its benefits.
In addition, you will also study about the implementation levels of vir-
tualisation. You will also study about the virtualisation at OS level and
middleware support for virtualisation. Towards the end of the chapter,
you will study about virtualisation mechanisms.

6.2 BENEFITS OF VIRTUALISATION

Virtualisation technology separates the primary functions of comput-
ers, i.e., computing and technology implementation, from the physical
infrastructure and the hardware resources with the help of a technol-
ogy called Virtual Machine Monitor (VMM). A typical virtualisation
structure is shown in Figure 6.1:

NMIMS Global Access - School for Continuing Education

 VIRTUALISATION 129

n o t e s

Virtualisation

Application Application Application

Virtual Machine 1 Virtual Machine 2 Virtual Machine 3

Virtual Machine Monitor (VMM)

S
Figure 6.1: A Typical Virtualisation Structure

The VMM in virtualisation helps an organisation to save money as

the organisation only needs to spend the costs only for the service it
IM
uses. Some other benefits associated with virtualisation can be listed
as follows:
‰‰ Maximising resources: The pay-as-you-go facility of virtualisation
helps organisations utilise the maximum amount of required re-
sources. The concern about resource management or infrastruc-
ture maintenance is also reduced to a minimum level, thus provid-
M

ing a way for maximising resources.

‰‰ Reducing hardware costs: When you have no requirements for in-
frastructure maintenance, the cost for hardware reduces automat-
ically. You do not require installing large servers, huge disk space,
N

or expensive databases, because you can avail these services vir-

tually, anytime. Thus, you can avoid costs that incur in case you do
not have virtualisation services.
‰‰ Minimising maintenance requirements: The lesser is the hard-
ware with you, the lesser is the requirement for maintenance.
Virtualisation helps you run multiple OSs on a single hardware,
which reduces the hardware cost, as well as the need for maintain-
ing hardware.
‰‰ Enjoying benefits of OS services: Virtualisation helps you take
advantage of the facilities offered by different OSs. For example,
if you run an OS on your Personal Computer (PC), but you need a
certain kind of service from another OS, you can avail that service
through virtualisation.
‰‰ Using multiple systems: Use of multiple systems is made easy
with the help of virtualisation. The VMM provides platform for
more than one OSs to work in a way that you enjoy the benefits of
multiple computers through one.

NMIMS Global Access - School for Continuing Education

130  Cloud Computing

n o t e s

‰‰ Testing beta software and maintaining legacy applications: Vir-

tualisation allows you to install more than one OS side-by-side.
This way, you can test a new release of software without requiring
separate, dedicated systems for testing. If the OS you use for test-
ing software releases gets corrupted, you can still continue your
work uninterrupted with the other system running on the same
machine.
Likewise, if you have a legacy system on which certain applica-
tions are run and supported, you can continue with that without
requiring to port programs to a different OS.
‰‰ Increasing system security: You can increase the security of your
systems through virtualisation. Individual systems that are run
on virtual machines can be separated from each other. This helps
avoid the requirement for different computers to be run on differ-

S
ent levels of security without being utilised to their full capacity.

self assessment Questions

IM
1. VMM stands for ______________.
a. Virtual Mechanics of Memory
b. Virtual Missionary Movement
c. Veterans Machine Monitor
M

d. Virtual Machine Monitor

2. Virtualisation helps you run multiple OSs on a single
hardware, which reduces the hardware cost, as well as the
need for maintaining the hardware. (True/False)
N

Activity

Suppose you are the owner of a company. How can you reduce the
hardware costs of your company by implementing virtualisation?

IMPLEMENTATION LEVELS OF
6.3
VIRTUALISATION
Virtualisation is implemented at various levels by emulating specific
structures into corresponding software that appears to be working the
same way as a physical structure does. The levels at which virtualisa-
tion is implemented are shown in Figure 6.2:

NMIMS Global Access - School for Continuing Education

 VIRTUALISATION 131

n o t e s

Application level

JVM/.NET CLR/Panot

Library (user-level API) Level

WINE/WABI/LXrUN/Visual MainWin/vCUDA

Operation system Level

Jail/Virtual Environment/Ensim’s VPS/FVM

Hardware abstraction layer (HAL) Level

Vmware/Virtual PC/Denali/Xen/L4? Plex 84/User
mode Linx/Cooperative Linux

S
Instruction set architecture (ISA) Level

Bochs/Crusoe/QEMU/BIRD/Dynamo
IM
Figure 6.2: Implementation Levels of Virtualisation

The different levels of implementing virtualisation are explained as

follows:
1. Virtualisation at the Instruction Set Architecture (ISA)
M

Level: Virtualisation is implemented at the level of instruction

set architecture by transforming the physical architecture of
the system’s instruction set completely into software. The host
machine is a physical platform comprising various components,
including memory, process, Input/Output (I/O) devices, buses,
N

etc. On this machine, the VMM installs guest systems. These

guest systems issue instructions for the emulator to process and
execute.
The instructions are received by the emulator, which transforms
them into a native instruction set. These native instructions are
run on the host machine’s hardware. The instructions include
both the processor-oriented instructions and the I/O-specific
ones. For an emulator to be successful, it needs to emulate all the
tasks that a real computer can perform.
The working of virtualisation at the level of instruction set
architecture is fine, but the emulation of this type has its own set
of positives and negatives, which are as follows:
 Positives: It is a very simple and robust kind of transforma-
tion into virtual architecture. This architecture makes it easy
to implement multiple systems on a single physical structure.
The instructions issued by the guest system are translated
into the instructions of the host system. This architecture en-
ables the host system to adjust to a change in the architecture

NMIMS Global Access - School for Continuing Education

132  Cloud Computing

n o t e s

of the guest system, if accomplishing a task can be possible

through the instructions that are available with the host sys-
tem. The binding between the host and the guest systems is
not very stringent, rather it is quite flexible. The infrastruc-
ture provided by the virtualisation of this kind can be used
for creating virtual machines on a platform, for example, x86
on any platform such as x86, Sparc, or Alpha, etc.
 Negatives: The instructions need to be interpreted before be-
ing executed; therefore, the system with the virtualisation of
instruction set architecture level shows a poor performance.
2. Virtualisation at the Hardware Abstraction Layer (HAL):
In virtualisation at HAL, the time spent in interpreting the
instructions issued by the guest platform into the instructions
of the host platform is reduced by taking advantage of the

S
similarities that exist between the architectures of the systems.
Virtualisation utilises the native hardware for all its computation
and processing by mapping the virtual resources into physical
resources. Virtualisation at HAL is the most common technique
IM
used in computers on x86 platforms, which increases the
efficiency of the virtual machine in handling various tasks. Using
this architecture becomes relatively economical and practically
useful. In case emulator communication with critical processes
is required, the simulator assumes the tasks and performs
appropriate multiplexing.
M

Successful working of this virtualisation technique needs

trapping the execution of privileged instructions by the virtual
machine, which must pass these instructions to the VMM for
being handled properly. This is required because of the possible
N

existence of multiple virtual machines, each having its own OS

that might issue separate privileged instructions. Execution of
privileged instructions needs full attention of the CPU. These,
if not managed properly by the VMM, will raise an exception
resulting into system crash. Trapping and forwarding the
privileged instructions to the VMM helps in managing a system
properly, thereby avoiding various risks and keeping individual
virtual machines isolated. After that, the VMM performs either
of the following two activities:
 Execution of the privileged instructions on the processes
 Emulation of the privileged instructions and then returning
results to the virtual machine
Here, note that you cannot fully virtualise all the platforms
through this technique. Even in the popular x 86 platforms,
it is observed that some privileged instructions fail silently
without being trapped, because their execution is not privileged
sufficiently. Such instances need some workaround in the
virtualisation technique to pass control of the execution of the
faulting instructions to the VMM that will handle them properly.

NMIMS Global Access - School for Continuing Education

 VIRTUALISATION 133

n o t e s

Among the examples of the techniques to enable the VMM to

have execution control of faulting privileged instructions are
code scanning and dynamic instruction rewriting. Virtualisation
at HAL is shown in Figure 6.3:

Application Application

Operation System Operation System

Virtual machine Virtual machine

Virtual Machine Monitor

S
PC Hardware
Stand Alone Virtual Machine
IM
Figure 6.3: Virtualisation at HAL
3. Virtualisation at the OS level: Virtualisation at the level of HAL
is laced with various noticeable properties. It supports multiple
OSs and applications to be run simultaneously, which require
no system reboot or dual-boot setup. It gives the appearance of
having multiple separate machines, each of which can be used as
M

a normal system. The degree of isolation is also high, whereas the

implementation is less risky and maintenance is easy. However,
this virtualisation technique permits you to have access to a
raw computer, which requires a lot of time to be spent in the
installation and administration of the virtual system before you
N

can think of testing or running applications. The whole process

involves installation of OS, application suites, networking
systems, etc. In case physical and virtual OSs are same, this
kind of virtualisation results in duplication of your efforts, which
should be avoided for an efficient use of the system.
To overcome the issues of redundancy and time consumption,
we implement virtualisation at a higher level, i.e., virtualisation
at the level of the OS. This technique includes sharing of both
the hardware and the OS. The physical machine is separated
from the logical structure (or the virtual system) by a separate
virtualisation layer that can be compared with VMMs in
functioning. This layer is built on top of the base OS to enable
the user to have access to multiple machines, each being isolated
from others and running independently.
The virtualisation technique at the level of the OS keeps the
environment required for proper running of applications intact.
It keeps the OS, the application-specific data structures, the user-
level libraries, the environmental settings, and other requisites,
separately. Thus, the application is unable to distinguish

NMIMS Global Access - School for Continuing Education

134  Cloud Computing

n o t e s

between the real and Virtual Environments (VEs). The key idea
behind implementing OS-level virtualisation is that the VE
remains indistinguishable from the real one. The virtualisation
layer replicates the operating environment, which is established
on the physical machine to provide a VE for the application
by creating partitions for each virtual system, whenever
demanded. A systematic and properly managed partitioning and
multiplexing technique enables you to export complete operating
environments that are separated from the physical machine, as
well as from each other.
4. Virtualisation at the programming language level or library
level: Programming the applications in most systems requires
an extensive list of Application Program Interfaces (APIs) to be
exported by implementing various libraries at the user-level.
These APIs are used to save users from the minute details

S
entailed with programming related to the OS and enable
programmers to write programs easily. This, however, is taken
as a new opportunity by the virtualisation community. At the
IM
user-level library implementation, a different VE is provided
in this kind of abstraction. This VE is created above the OS
layer, which can expose a different class of binary interfaces
altogether. This type of virtualisation may, otherwise, be defined
as an implementation of a different set of Application Binary
Interfaces (ABIs) and/or APIs being implemented through the
base system and performing the function of ABI/API emulation.
M

5. Virtualisation at the application level: As we have studied

earlier, traditional machines execute instructions as per the
definition of their ISA. In this abstraction technique, the user-
level programs and OSs are executed on applications that
N

behave like real machines. I/O mapped input/output processing

(in which special I/O instructions are issued for hardware
manipulation) or a memory mapped input/output processing
technique (in which a small part of memory is mapped to the
I/O and then the memory is manipulated) is used to deal with
the hardware. Thus, an application may be taken simply as a
block of instructions being executed on a machine. The arrival
of the Java Virtual Machine (JVM) brought a new dimension to
virtualisation, which is known as application-level virtualisation.
The core concept behind this type of virtualisation is to create
a virtual machine that works separately at the application level
and operates in a manner similar as a normal machine does to a
set of applications.
The set of instructions for an application is defined by the
machine specifically for itself. You can run your applications on
these virtual machines as if you are running your applications on
a physical machine, while you face little threat to the security of
your system. However, these machines must have an operating
environment provided to the applications in the form of a hosted

NMIMS Global Access - School for Continuing Education

 VIRTUALISATION 135

n o t e s

OS or in the form of a separate environment of their own. The

usual structure of application-level virtualisation is shown in
Figure 6.4:

Applications

Independent Root/User/Groups
Independent Network/Processes/Files

Ensim Virtualization Technology

Operating System
Hardware

Figure 6.4: Application-level Virtualisation

S
6.3.1 COMPARISON BETWEEN THE IMPLEMENTATION
LEVELS OF VIRTUALISATION
IM
Various implementation levels of virtualisation carry their own set of
merits and demerits. For example, ISA-level virtualisation provides
high flexibility for applications, but its performance is a matter of great
concern. Likewise, other levels of virtualisation (HAL-level, OS-level,
library-level, and application-level) also carry both positives and neg-
atives. HAL-level and OS-level virtualisations are best on the perfor-
M

mance front, but their implementations are complex and application

flexibility is not very good either. Application-level implementation of-
fers the great application isolation feature, but poor performance, high
implementation complexity, and low flexibility make it less preferable.
Library-level virtualisation has medium complexity and medium per-
N

formance as its plus points, but low flexibility and poor isolation fea-
tures are its negatives. The relative merits and demerits of different
levels of virtualisation implementation are summarised in Table 6.1:
TABLE 6.1: RELATIVE MERITS AND DEMERITS OF DIF-
FERENT LEVELS OF VIRTUALISATION IMPLEMENTATION
Imple- Performance Applica- Implementa- Applica-
mentation tion Flexi- tion Complex- tion Isola-
Level bility ity tion
ISA Very Poor Per- Excellent Medium Medium
formance
HAL Excellent Per- Medium High Very Good
formance
OS-Level Excellent Per- Low Medium Very Poor
formance
Library Medium Perfor- Low Low Very Poor
Level mance
Application Poor Perfor- Low High Excellent
Level mance

NMIMS Global Access - School for Continuing Education

136  Cloud Computing

n o t e s

6.3.2  VIRTUALISATION DESIGN REQUIREMENTS

The design of virtual systems sometimes becomes indistinguishable

with the OSs that have functionalities similar to the virtual systems. In
such a case, we need to have certain distinctions in the design of virtu-
alised systems. The virtualisation design requirements can be broadly
viewed as follows:
‰‰ Equivalence requirement: A machine that is developed through
virtualisation must have a logical equivalence with the real ma-
chines. The emulator needs to match the capabilities of the phys-
ical system in its computational performance. The emulated sys-
tem must be able to execute all the applications and programs that
are designed to execute on the real machines with the only consid-
erable exception of timing.

S
‰‰ Efficiency requirement: While taking the route of virtualisation,
the virtual machine must be as efficient in its performance as a
real system. Virtualisation is primarily done with a purpose of get-
ting efficient software without the physical hardware.
IM
‰‰ Resource control requirement: A typical computer system is a
combination of various resources, including processors, memory,
and I/O devices. All these resources must be managed and con-
trolled effectively by the VMM. The VMM must be in a state of
enforcing isolation between the virtualised systems. The virtual
machines or VMMs should not face any interference in their oper-
M

ations due to other machines in any manner, barring a case where

interference is entitled to the requirements for efficiency.

6.3.3  VIRTUALISATION PROVIDERS

N

Providers of virtualisation service are some reputed technology ven-

dors, including Microsoft, VMware, and Sun Microsystems. Let us
now explore some of the virtualisation providers and the platforms
they provide:
‰‰ Microsoft: Microsoft has lately been considered one of the front-
runners in the domain of software and IT services. In the context
of virtualisation service, Microsoft provides numerous options, in-
cluding Virtual PC, Virtual Server 2005, and Hyper-V, which are
discussed as follows:
 Virtual PC: The services offered by Microsoft Virtual PC are
only for Windows users. The guest systems may have Linux or
any OS other than Windows, but the host must be a Windows
computer. However, compatibility issues may be noted while
running a different OS than Windows. Virtual PC does not pro-
vide native support to run Linux or other OSs, and it does not
provide integration facilities for the 64-bit guest systems, ei-
ther. So, you may face issues while testing a 64-bit software on
Microsoft’s Virtual PC.

NMIMS Global Access - School for Continuing Education

 VIRTUALISATION 137

n o t e s

 Virtual server 2005: Microsoft started providing virtualisation

services for enterprises by bringing in Virtual Server 2005,
which has responded well for simple virtualisation tasks. It is
available for free download on the Microsoft website. Virtual
Server 2005, however, has very less provision for all kinds of
virtualisation. It does not provide a native management con-
sole, which is a feature of Virtual PC, and it can run only on
a Web-based console, hosted inside the Internet Information
Service (IIS). You need to install ActiveX plugin if you want to
run guest management from remote clients. The support for
Linux as a guest machine runs according to the specifications
provided by Microsoft.
 Hyper-V: Microsoft’s Hyper-V is a virtualisation platform that
overcomes many limitations of Virtual PC and Virtual Server
platforms.

S
‰‰ VMware: VMware has, over the years, been synonymous to virtuali-
sation. Such is the popularity of this system that, today, any mention
about virtualisation instantly brings VMware’s name to the mind.
IM
The commoditisation of virtualisation enabled organisations to
think that virtualisation can help them avoid various risks and costs
associated with physical infrastructure, reduce complexity, and im-
prove resource availability. The following are the VMware products:
 VMware workstation: VMware released a virtualisation plat-
form, VMware Workstation, in the year 1999. Its features, such
M

as robustness, timeliness, all-platform support, and support for

guest machines of any kind, make it the most utilised virtualisa-
tion platform across the world. Also, the support facilities are ex-
cellent, because it has extended support for 64-bit guest systems
N

as well. A limitation of VMware Workstation is that you cannot

avail it for free. The price, however, is worth paying, as you can
test almost all kinds of applications virtually without facing any
specific issue. It also had the added facilities of monitor span sup-
port. The possibility of testing Universal Serial Bus (USB) devic-
es by using VMware Workstation increases its value further.
 VMware server: VMware Server is a free server-virtualiza-
tion software, which allows the companies to partition a sin-
gle physical server into multiple virtual machines. It requires a
host OS, which is either Windows or Linux, on top of which the
platform will be installed. VMware Server provides almost all
the facilities available with the VMware Workstation, including
support for USB and 64-bit guest machine. An exciting addi-
tion to VMware is the availability of a flexible, hybrid console
with the virtual machine.
‰‰ Oracle: Among the specifications brought by Oracle to the field of
IT is the virtual platform known as Oracle VM VirtualBox, which
was originally developed by Innotek by the VirtualBox. Virtual-
Box platform was taken over by Sun Microsystems from Innotek,

NMIMS Global Access - School for Continuing Education

138  Cloud Computing

n o t e s

who developed it to provide virtualisation service to OSs. Later,

when Oracle acquired Sun Microsystems, the name of VirtualBox
changed to Oracle VM VirtualBox. Many of the features of Oracle
VM VirtualBox are the same as that of the VMware Workstation,
for example, a rich support for Windows/Linux host/guest support
and USB pass-through. It has an enhanced feature of a planned
support for Mac OS X, and it is free for non-commercial use. The
host environment, which is either a 32-bit or a 64-bit system, in-
tegrates the guest application windows seamlessly (only a 32-bit
system) with the support provided by Oracle VM VirtualBox.

Apart from these renowned vendors and platforms, Parallels and Xen
are two of the most used platforms that provide virtualisation support
for systems.

S
self assessment Questions

3. VirtualBox platform was taken over by ____________

from__________________, who developed it to provide
IM
virtualisation service to OSs.
4. Library-level virtualisation has medium complexity, medium
performance, low flexibility and poor isolation features. (True/
False)
M

Activity

You have 1000 computer systems is a combination of various re-

sources, including processors, memory, and I/O devices. How will
you manage and control all these effectively by the VMM?
N

6.4 VIRTUALISATION AT THE OS LEVEL

Virtualisation at the OS level is a technique in which physical operat-
ing environments are separated from their virtual counterparts by a
separation layer, known as virtualisation layer. This layer replicates
physical environments into VEs on demand. However, the applica-
tions for which the VEs are created are not able to distinguish be-
tween the physical and virtual environments.

There are two open-source technologies that provide virtualisation

support for operating system. They are:
‰‰ Kernel-based Virtual Machine (KVM): KVM provides virtual-
isation support for Operating Systems (OSs) that are based on
x86 hardware coupled with virtualisation extensions, for exam-
ple, Intel VT and AMD-V. KVM constitutes two modules. One is a
loadable kernel (kvm.ko) and the other is specific to the processor
(kvm-intel.co for Intel VT and kvm-amd.co for AMD-V). The infra-

NMIMS Global Access - School for Continuing Education

 VIRTUALISATION 139

n o t e s

structure for virtualisation, which provided by the kernel module

in KVM technology, requires a modified Quick EMUlator (QEMU)
for the implementation of virtualisation. However, researchers are
trying to find ways so that the required changes are incorporated
upstream.
KVM is used to host multiple VMs that run Linux OS images or
Windows OS images without modification. Each of the VMs has
been provided with its own set of virtualised hardware compo-
nents that include a network card, disk, graphic adapter, etc.
Some of the important features of KVM include the following:
 QEMU Monitor Protocol (QMP)
 Kernel Samepage Merging (KSM)
 Kvm Paravirtual Clock

S
 CPU Hotplug Support
 PCI Hotplug Support
 vmchannel
IM
 Migration
 vhost
 SCSI Disk Emulation
 Virtio Devices
M

 CPU Clustering
‰‰ Xen: Xen hypervisor is the only bare-metal hypervisor available
as open source. Through Xen, a VM (or a host) can run a num-
ber of OS images or multiple different OSs in parallel. Various
N

applications, whether open source or commercial, are based on

the Xen hypervisor, which provides different virtualisation solu-
tions for them. For example, the Xen hypervisor provides server
virtualisation, desktop virtualisation, security applications, IaaS,
and embedded and hardware appliances. The Xen hypervisor is
the most widely used virtualisation technique in the production
environment at present. The key features of the Xen hypervisor
include the following:
 Robustness and security: The technique follows the microker-
nel design approach, offering a higher level of robustness and
security to the applications than other hypervisors.
 Scope for other operating systems: Not only can the Xen hy-
pervisor be run on the Linux OS working as the main control
stack but it can also be adjusted to other systems as well.
 Isolation of drivers from the rest of the system: The main de-
vice drivers can be allowed by the Xen hypervisor to run inside
a VM, and in case the driver suffers a crash or is compromised,
it can be restarted by rebooting the VM that contains the driver
without causing any effect on the other parts of the system.

NMIMS Global Access - School for Continuing Education

140  Cloud Computing

n o t e s

 Support for paravirtualisation: The Xen hypervisor provides

optimisation support for paravirtualised guests so that they
can be run as VMs. This feature helps guests run faster than
the hypervisors providing the hardware extension. Hardware
having no support for virtualisation extension can also be used
with the Xen hypervisor.

self assessment Questions

5. Which of the following is not a feature of KVM?

a. CPU Clustering b. CPU Hotplug Support
c. Paravirtualisation d. QEMU Monitor Protocol
(QMP)
6. ____________ is used to host multiple VMs that run Linux OS

S
images or Windows OS images without modification.
IM
Activity

Suppose you use Linux operating system in your office. How will
you provide virtualisation at the OS level with open-source tech-
nologies?
M

MIDDLEWARE SUPPORT FOR

6.5
VIRTUALISATION
The OS that gets support from the virtualisation layer is known as
N

middleware support for virtualisation. A few techniques that imple-

ment middleware support for virtualisation are discussed as follows:
‰‰ Jail: The jail, being free BSD-based software, is capable of parti-
tioning the OS environment, while the simple root structure of the
UNIX system is maintained. In this implementation, the request is
limited to the jail itself. It permits the system administrator to del-
egate the management capabilities to the entire virtual machine.
The process that runs in a partition is called “in-jail process.” No
process would be an in-jail process on a system boot after installing
a system afresh. However, a process and all its descendants would
be “in jail” after you place the process in jail. More than one jail
does not access the same process. A privileged process creates the
jail by invoking a special system called “jail (2).” A new jail would
be created on every system call to jail(2); a new process could en-
ter the jail by only one process, that is, to have another process in
the jail for inheriting access to the jail. The jail can never be left by
processes that create the jail or that are created in a jail.
‰‰ Linux kernel-mode virtualisation: A technique similar to jail is
the Linux VE system. The aim of this system is allowing a computer

NMIMS Global Access - School for Continuing Education

 VIRTUALISATION 141

n o t e s

to have multiple independent application environments run by the

administrators, while proper boundaries are maintained within the
environments. This virtualisation technique also aims to improve
the security of the system and enables application hosting. Isolated
processes are constituted in a group with its own file system root,
init, and startup scripts, etc. The administration of the environment
from the inside is also permitted by this virtualisation technique,
while restricting the changes to be kept within the VE. More sophis-
ticated measures for controlling the access is provided in this tech-
nique. The unnatural and not-so-suitable relationships between the
file system roots and IP addresses, which are part of the jail imple-
mentation, are also avoided in Linux kernel-mode virtualisation.
‰‰ Ensim: To consolidate servers, reduce costs, and increase efficien-
cy in managing and selling websites, a similar type of technique is
used by the Ensim Virtual Private Server (VPS). The native OS of

S
a server is virtualised by the Ensim VPS with the objective of par-
titioning the OS into separate environments that can be used for
computational purposes. These separate environments are known
IM
as virtual private servers, and the independent operation of these
servers makes the complete Ensim VPS. The OS views the VPS
as an application, whereas the applications view the VPS as the
native OS resulting into the VPS, appearing and operating in the
form of a physical server for the users.

The Ensim VPS is implemented rather strongly than the other two vir-
M

tualisation techniques we studied previously, because the VPS lets the

administrator allocate the hardware resources as desired. The resources
can also be adjusted, and in case of a requirement, the VPS can transpar-
ently be moved to another physical machine. A seamless cross-machine
N

transfer can be accomplished by a centralised Ensim ServerXchange.

self assessment Questions

7. The OS that gets support from the virtualisation layer is

known as ____________ for virtualisation.
8. In which of the following middleware support technique for
virtualization, a simple root structure of the UNIX system is
maintained?
a. Jail
b. Linux Kernel-Mode virtualisation
c. Ensim
d. None of the above

Activity

Suppose you are using Linux operating system in your office. What
techniques will you use to implement middleware support for vir-
tualisation?

NMIMS Global Access - School for Continuing Education

142  Cloud Computing

n o t e s

6.6 VIRTUALISATION MECHANISMS

There are primarily three mechanisms used for virtualisation of sys-
tems, which are as follows:
‰‰ Binary translation: Virtual machines issue privileged instruc-
tions, contained within their compiled code, for the VMMs to han-
dle. The VMM takes control on these instructions and changes the
code, which is under execution appropriately, so that any impact
on the state of the system can be avoided. The binary translation
method is used by the VMM that directs I/O requests to the ap-
propriate system thereby preventing individual virtual machines
from causing any conflicts. Binary translation is mainly used with
a hosted virtualisation structure for which the most appropriate
example is the VMware Workstation.

S
Switching the control between virtual machines and VMMs results
in a degradation in the performance. To overcome this, the virtual-
isation software processes a group of instructions simultaneously.
The impact on the performance of the system can be reduced by
IM
reducing the number of times (and/or the duration of it) the VMM
interferes with the virtual machine execution.
Binary translation in combination with the direct execution tech-
nique can be used by VMware to virtualise seemingly any OS on
x86 platforms. In this approach, as shown in Figure 6.5, non-virtu-
alised instructions are replaced by translating the kernel code into
M

a new set of instructions, which could be used to affect the virtual

hardware as intended by the programmer:

Direct
N

Ring 3 User Apps

Execution of
User Requests
Ring 2

Ring 1 Guest OS Binary

Translation of
OS Requests
Ring 0 VMM

Host Computer System

Hardware

Figure 6.5: Binary Translation with Full Virtualisation

Source: https://www.slideshare.net/mahbubnoor/virtualization-and-cloud-computing-34998595

Meanwhile, we directly execute the user-level instructions on the

processor for getting high-performance virtualisation. Every vir-
tual machine is provided by each VMM with the physical system’s
services. These include virtualised memory management, virtual
devices, and virtual BIOS.

NMIMS Global Access - School for Continuing Education

 VIRTUALISATION 143

n o t e s

A full virtualisation is provided by the combination, because the

virtualisation layer fully abstracts the guest OS from the hardware
on which the base OS is installed. Here, no modification of the
guest OS is required, because the OS has no awareness of being
virtualised. Also, in full virtualisation, there is no requirement for
operating system or any hardware for virtualising the instructions.
All the instructions issued by the guest OS are translated by the
hypervisor instantly, and the results are cached for future use. The
instructions at the user level are run at a native speed without be-
ing modified.
The virtualisation products of VMware and the Virtual Server of
Microsoft are two examples that are utilising full virtualisation
solutions.
‰‰ Hardware assist: The binary-translation approach uses dynamic

S
modification in the VM code during its execution, which causes
the performance of the system being degraded. To improve on that
aspect, a new virtualisation approach, which is known as the hard-
ware assist technique, is followed. This is a new processor tech-
IM
nology that avoids change in the system state and calls the VMM
directly, as and when required. Two of the most popular processor
development companies, namely Intel and AMD, use this technolo-
gy to develop processors, called Intel-VT and AMD-V, respectively.
But the VMM interrupts the execution of the VM code every time
it finds a privileged instruction and hence causes severe impacts
M

on the performance. The hardware-assisted VMMs interrupt the

execution of the VM code only when the interruption is extremely
necessary or cannot be avoided. Virtualisation is being accepted at
a fast pace by hardware vendors, and new features are added by
N

them, so that virtualisation techniques can be simplified. Figure

6.6 shows the CPU virtualisation with hardware assist technique:

Ring 3 User Apps

Direct
Non-root Ring 2 Execution of
Mode
User Requests
Privilege
Levels Ring 1

OS Requests Trap
Ring 0 Guest OS
to VMM without
Binary Translation or
Root Mode
VMM Paravirtualisation
Privilege Levels

Host Computer System

Hardware

Figure 6.6: CPU Virtualisation with Hardware Assist

Source: https://thecustomizewindows.com/wp-content/uploads/2014/09/Hardware-Assisted-Vir-
tualization.jpg

NMIMS Global Access - School for Continuing Education

144  Cloud Computing

n o t e s

‰‰ Paravirtualisation: Another technique that is used for virtualisa-

tion is known as paravirtualisation, which makes the OS aware
that it is being virtualised. To do so, an explicit modification of the
OS is done in this technique. Hence, it becomes possible for the
OS to call the underlying VMM automatically, as and when the call
is necessary. Calling the hypervisors by the OS is known as hyper-
calls. The modification in the OS source code improves the virtual
system performance greatly. However, this procedure requires ac-
cessing the OS source code to bring in the requisite modifications.
Paravirtualisation is a technique in which the hypervisor commu-
nicates with the guest OS for improving the performance and effi-
ciency of virtual systems. The changes that are done in the kernel
of the OS through paravirtualisation are replaced with the non-vir-
tualisation instructions, as shown in Figure 6.7:

S
Ring 3 User Apps

Direct
IM
Ring 2 Execution of
User Requests

Ring 1

Paravirtualised
Ring 0
Guest OS ‘Hypercalls’ to
M

the Virtualisation
Layer replace Non-
Virtualisation Layer
virtualisable OS
Instructions
Host Computer System
Hardware
N

Figure 6.7: Paravirtualisation with Compiler Support

Source: https://www.slideshare.net/mahbubnoor/virtualization-and-cloud-computing-34998595

In order to communicate with the virtualisation layer hypervisor, it

uses hypercalls. Hypervisor also provides the hypercall interfaces
for other analytical operations that are performed by the kernel.
These critical operations may include managing memory, han-
dling interrupts, etc.
Full virtualisation and paravirtualisation are two different tech-
niques. In a full virtualisation technique, the OS has no awareness
of being virtualised, whereas paravirtualisation involves making
the OS aware of the virtualisation being applied on it. In the full
virtualisation technique, binary translation traps the sensitive OS
calls. The propagation value of paravirtualisation is in the lower
overhead of virtualisation. The advantages of paravirtualisation
technique’s is mainly determined by the workload. On the point
of compatibility and portability, paravirtualisation proves far from
preferable because of no support for unmodified OS kernel.

NMIMS Global Access - School for Continuing Education

 VIRTUALISATION 145

n o t e s

In addition to portability and compatibility concerns, paravirtu-

alisation involves significant issues regarding support and main-
tainability. The reason for the issues is the requirement for deep
modifications in the kernel of an OS. A modified Linux kernel
used by the Xen project stands as a good example of paravirtuali-
sation. The processor and memory are utilised in Xen-architecture
through Linux kernel, whereas virtualisation of the I/O devices
uses guest OS device drivers that are customised.
Paravirtualisation by the way of modified OS is easier than build-
ing the sophisticated binary translation support for full virtuali-
sation. The paravirtualisation technique is being used for many
years by VMware in all its products that take the form of VMware
tools and virtual device drivers with optimisation.

S
self assessment Questions

9. Which of the following mechanisms is not used for virtualisation

of systems?
IM
a. Paravirtualisation
b. Hardware Assist
c. VMware
d. Binary Translation
M

10. Every virtual machine is provided by each ___________with

the physical system’s services.
11. The binary-translation approach uses dynamic modification
in the VM code during its execution, which causes degradation
N

in the performance of the system. (True/False)

Activity

How can you improve the performance and efficiency of virtual sys-
tems? Discuss in your class.

6.7 SUMMARY
‰‰ Virtualisationtechnology, in computing terms, allows the creation
of virtual versions of hardware platforms, Operating Systems
(OSs), networking resources, or storage devices.
‰‰ Virtualisation technology separates the primary functions of com-
puters, i.e., computing and technology implementation, from the
physical infrastructure and hardware resources with the help of a
technology called Virtual Machine Monitor (VMM).

NMIMS Global Access - School for Continuing Education

146  Cloud Computing

n o t e s

‰‰ Virtualisation is implemented at various levels by emulating spe-

cific structures into corresponding software that appears to be
working the same way as a physical structure does.
‰‰ Virtualisation is implemented at the level of instruction set archi-
tecture by transforming the physical architecture of the system’s
instruction set completely into software.
‰‰ Virtualisationutilises the native hardware for all its computation
and processing by mapping the virtual resources into physical re-
sources.
‰‰ The virtualisation technique at the level of the OS keeps the en-
vironment required for proper running of applications intact. It
keeps the OS, the application-specific data structures, the us-
er-level libraries, the environmental settings, and other requisites,
separately.

S
‰‰ Virtualisation at the OS level is a technique in which physical oper-
ating environments are separated from their virtual counterparts
by a separation layer known as the virtualisation layer.
IM
‰‰ The binary translation method is used by the VMM that directs I/O
requests to the appropriate system thereby preventing individual
virtual machines from causing any conflicts.
‰‰ In a full virtualisation technique, the OS has no awareness of being
virtualised; whereas, paravirtualisation involves making the OS
M

aware of the virtualisation being applied on it.

key words

‰‰ Jail: It refers to the free BSD-based software that is capable of

N

partitioning the OS environment, while the simple root struc-

ture of the UNIX system is maintained.
‰‰ KVM: It refers to the open-source technology that provides vir-
tualisation support for Operating Systems (OSs) that are based
on x86 hardware coupled with virtualisation extensions.
‰‰ Paravirtualisation: It refers to the technique that is used for
virtualisation in which the OS is aware that it is being virtual-
ised.
‰‰ VMware server: It refers to the VMware product that provides
almost all the facilities available with the VMware Workstation.
‰‰ Xen: It refers to the only bare-metal hypervisor through which
a VM (or a host) can run a number of OS images or multiple
different OSs in parallel.

NMIMS Global Access - School for Continuing Education

 VIRTUALISATION 147

n o t e s

6.8 DESCRIPTIVE QUESTIONS

1. Discuss some benefits of virtualisation.
2. Describe the various implementation levels of virtualisation.
3. Discuss the platform provided by Microsoft virtualisation
providers.
4. Describe some important features of Xen hypervisor.
5. Discuss how Jail implements middleware support for
virtualisation.

6.9 ANSWERS AND HINTS

ANSWERS FOR SELF ASSESSMENT QUESTIONS

S
Topic Q. No. Answers
Benefits of Virtualilsation 1. d.  Virtual Machine Monitor
IM
2. True
Implementation Levels of 3 Sun Microsystems, Innotek
Virtualisation
4. True
Virtualisation at the OS 5. c. Paravirtualisation
M

Level
6. Kernel-based Virtual Machine
(KVM)
Middleware Support for 7. middleware support
N

Virtualisation
8. a. Jail
Virtualisation Mechanisms 9. c. VMware
10. VMM
11. True

HINTS FOR DESCRIPTIVE QUESTIONS

1. One of the benefits associated with virtualisation is maximising
resources in which the pay-as-you-go facility of virtualisation
helps organisations to utilise the maximum amount of required
resources. Refer to Section 6.2 Benefits of Virtualilsation.
2. Virtualisation is implemented at the level of instruction set
architecture by transforming the physical architecture of the
system’s instruction set completely into software. Refer to
Section 6.3 Implementation Levels of Virtualisation.

NMIMS Global Access - School for Continuing Education

148  Cloud Computing

n o t e s

3. Microsoft has lately been considered one of the frontrunners

in the domain of software and IT services. Refer to Section
6.3 Implementation Levels of Virtualisation.
4. Key features of the Xen hypervisor include robustness and
security. Refer to Section 6.4 Virtualisation at the OS Level.
5. The jail, being free BSD-based software, is capable of partitioning
the OS environment, while the simple root structure of the UNIX
system is maintained. Refer to Section 6.5 Middleware Support
for Virtualisation.

6.10 SUGGESTED READINGS & REFERENCES

SUGGESTED READINGS

S
‰‰ Dhamdhere, S. N. (2014). Cloud Computing and Virtualization Tech-
nologies in Libraries. Hershey, PA: Information Science Reference.
‰‰ Josyula, V., Orr, M., & Page, G. (2012). Cloud Computing: Automat-
IM
ing the Virtualized Data Center. Indianapolis, IN: Cisco.
‰‰ Jamsa, K. A. (2013). Cloud Computing. Burlington, MA: Jones &
Bartlett Learning.

E-REFERENCES
M

‰‰ The benefits of virtualization and cloud computing. (n.d.). Re-

trieved March 06, 2017, from http://virtualization.sys-con.com/
node/870217
‰‰ Understanding application containers and OS-level virtualiza-
N

tion. Retrieved March 06, 2017, from http://www.datacenterknowl-

edge.com/archives/2015/01/05/understanding-application-contain-
ers-and-os-level-virtualization/
‰‰ The missing piece in cloud computing: Middleware virtualization.
(n.d.). Retrieved March 06, 2017, from http://natishalom.typepad.
com/nati_shaloms_blog/2007/12/middleware-virt.html
‰‰ Cloud computing design patterns. (n.d.). Retrieved March 06, 2017,
from http://cloudpatterns.org/mechanisms/virtualization_monitor

NMIMS Global Access - School for Continuing Education

 C h a
7 p t e r

Cloud Computing and Business Value

CONTENTS

S
7.1 Introduction
7.2 Key Drivers for Cloud Computing
IM
Self Assessment Questions
Activity
7.3 Cloud Computing and Outsourcing
Self Assessment Questions
Activity
7.4 Types of Scalability
M

Self Assessment Questions

Activity
7.5 Use of Load Balancers to Enhance Scalability
Self Assessment Questions
N

Activity
7.6 Variable Operating Costs using Cloud Computing
Self Assessment Questions
Activity
7.7 Time-to-market Benefits of Cloud Computing
Self Assessment Questions
Activity
7.8 Distribution over the Internet
Self Assessment Questions
Activity
7.9 Levels of Business Value from Cloud Computing
Self Assessment Questions
Activity
7.10 Summary
7.11 Descriptive Questions
7.12 Answers and Hints
7.13 Suggested Readings & References

NMIMS Global Access - School for Continuing Education

150  Cloud Computing

Introductory Caselet
n o t e s

ProSent MOVED TO HIGHLY SCALABLE SYSTEM

ProSent mobile is an e-commerce organisation which also deals

in mobile marketing. The company is popular for its app, VIZL,
which provides a shopping platform to users. The app integrates
computer vision, social media and augment reality to give a plat-
form which makes shopping fun for online shoppers and also give
them the experience of interactive shopping whether they are in
store or online.

VIZL allows retailers and different brands to embed their shop-

ping technology into mobile apps. The VIZL app enables shop-
pers to try accessories and clothes on themselves digitally. The
shoppers can then send or share pictures of their digital looks

S
with their friends to get instant feedback from them. The app has
now become shoppers’ best companion as it allowed them to shop
from any place and at any time.
IM
The VIZL app uses the visualiser technology which provides a
digital dressing room to shoppers where they can try apparel,
jewellery on the pictures of their own, friends or family members.
Moreover, the app also provides colour search and digital clos-
et which enables the camera of the shopper’s smartphone to be
converted in a digital stylist. The related pictures of new fashion
discoveries in store or by shopper’s friends are shared with shop-
M

pers.

Besides, so many advantages of this app, it is not able to perform

as per the expectations. Therefore, ProSent mobile is looking for
N

a solution which is cost-effective, provides high reliability and a

flexible server hosting environment which provides high scalabil-
ity on requirement.

The 3D modeling which the VIZL provides to shoppers needs a

system having the features like backing up data, robust comput-
ing ability and low network latency. The VIZL app was built on
Oracle and running on Tomcat server which is executing on the
Windows Server 2008 operating system. But, the existing configu-
ration on which the app is running does not have the scale as per
the need of the user. The app was also running on the dedicat-
ed server environment. Therefore, ProSent mobile is looking for
solutions in cloud computing to handle scalability issues.

When a partner of ProSent’s company launched a marketing

campaign for the VIZL app, the server usage got spiked very
quickly due to increased number of downloads. ProSent mobile
has selected the cloud provider, ProfitBricks, for fulfilling their
scalability needs. By using the ProfitBricks services, enhancing

NMIMS Global Access - School for Continuing Education

 Cloud Computing and Business Value  151

Introductory Caselet
n o t e s

the server resources became easier. The resources such as CPU

cores, memory, and disk space can be made available in just a few
clicks or seconds. The resource scaling has now become a drag
and drop experience instead of increasing physical servers.

In addition to this, the operations team at ProfitBricks monitors

the loading and utilisation rates to provide better customer ex-
perience. ProfitBricks services are not expensive to use and does
not require highly skilled IT professional to configure ProSent’s
servers or to manage configuration scripts which are in execu-
tion. Due to the presence of scaling ability, security, and reliability
provided by ProfitBricks for VIZL, the clients got added to VIZL
platform.

S
IM
M
N

NMIMS Global Access - School for Continuing Education

152  Cloud Computing

n o t e s

learning objectives

After studying this chapter, you will be able to:

>> Describe key drivers for cloud computing
>> Explain cloud computing and outsourcing
>> Describe types of scalability
>> Discuss the use of load balancers to enhance scalability
>> Describe variable operating costs using cloud computing
>> Explain time-to-market benefits of cloud computing
>> Describe distribution over the Internet
>> Explain the levels of business value from cloud computing

S
7.1 INTRODUCTION
The previous chapter discusses the concept of virtualisation in cloud
IM
computing. Now, let us move forward and acquaint ourselves with
cloud computing and business value.

Today’s business environment and competitive pressure necessitate

that organisations improve their efficiency and reduce costs. Cloud
computing provides better Return on Investment (ROI) to use, main-
tain, and upgrade business. It provides flexible computing resources,
M

regardless of corporate capital expenses, in-house technical skills, and

geographic locations. The Information Technology (IT) industry uses
cloud computing to provide services such as Software as a Service
(SaaS), Infrastructure as a Service (IaaS), and Platform as a Service
(PaaS). Construction companies use cloud computing to access bills,
N

invoices, financial reports, process payrolls, and logistics. Thus, cloud

computing can stimulate business value in any industry.

In this chapter, you will first study about key drivers for cloud com-
puting. Next the chapter will discuss about cloud computing and out-
sourcing. The chapter will further discuss about different types of
scalability that exists in cloud computing. Further, the chapter also
discusses about the usage of load balancers to enhance scalability. You
next learn about the variable operating costs using cloud computing.
Finally, you will study about time-to market benefits of cloud comput-
ing and its distribution over the Internet.

7.2 KEY DRIVERS FOR CLOUD COMPUTING

Several organisations are proactively looking at various disruptive
technologies to ensure that the IT services they offer are flexible
enough to meet the demands of growth in business. Cloud models are
able to provide this flexibility and thus feature high in the list of such
desired technologies. The cloud market is growing fast and witness-
ing many new entrants, which have large amounts of capital to invest.

NMIMS Global Access - School for Continuing Education

 Cloud Computing and Business Value  153

n o t e s

They are expected to offer a broad range of solutions and play key
roles in the cloud market.

In the case of cloud computing, in addition to economics, there are

various other reasons for its rapid adoption. The key benefits that lead
to the adoption of cloud computing are listed in Table 7.1:

Table 7.1: Benefits of Cloud Adoption among Us-

ers and Providers
Benefits to Cloud Users Benefits to Cloud Providers
Anytime-anywhere access to cloud- Easier for service providers to reach
based applications and data new clients
No upfront capital expenses for data Low cost of delivering and support-
centers, servers, storage, security ing applications
appliances, etc.

No ongoing onsite IT personnel,
power, and other data centerrelated
expenses
Flexibility and on-demand provi-
sioning of computing and storage
resources
Pay-per-use model where payment
is made only for the time of use
S
Opportunity to use low-cost com-
modity servers, storage, etc. to form
redundant IT infrastructure
IM
Ability to provide multiple services
from a single IT infrastructure
Increased resource utilisation due
to a multi-tenant model

Large corporations use public clouds for less critical applications such
M

as Disaster Recovery (DR) and backups. However, now, they are eval-
uating or using cloud computing for mission-critical services such as
Customer-Relationship Management (CRM) and Enterprise Resource
Planning (ERP). They are also motivated by the cloud’s large-scale,
on-demand resource availability and ease of use. The key benefits for
N

SMBs and enterprises are as follows:

‰‰ Scalability:It is the ability of the cloud service or application to
grow or diminish the resources (CPU, RAM, bandwidth, storage)
based on need. This is often done without human intervention.
‰‰ Ease of use: A self-service portal makes it easy to configure and
use cloud resources. If a new virtual machine is required for test,
development, or production, it can be quickly setup and put to use
in a matter of minutes, compared to on-premise procurement and
configuration, which takes more than a week.
‰‰ Risk reduction: SMBs and enterprises can use the cloud to build
IT configurations to experiment with new business ideas, technol-
ogies, and models, before making large-scale investments.
‰‰ Reduced Capital Expenses (CapEx): There is no upfront capital
investment in the physical resource procurement, maintenance,
upgrade, or administrative costs.
‰‰ Pay-for-what-you-use: The organisation is billed for what they
have used during the month.

NMIMS Global Access - School for Continuing Education

154  Cloud Computing

n o t e s

‰‰ Lower Operating Expenses (OpEx): The cost for cloud resources

and supporting manpower is shared by many consumers and the
utilisation percentage is high. Thus, the consequential economies
of scale help lower the cost for consumers.
‰‰ Flexibility to hire talent: A business can have employees spread
across the world and have them work on a common cloud-based
platform. This enables an organisation to use the best talent avail-
able at the lowest cost.
‰‰ Collaboration: Anytime-anywhere access enables employees and
partners to work concurrently on common projects.
‰‰ Assurance with Service Level Agreements (SLAs): The consum-
er or business has an agreement with the provider for a certain
level of uptime, performance and problem response, and resolu-
tion time.

S
Exhibit
IM
Cloud makes for a green earth

Cloud computing is a part of the Green IT initiative. By sharing re-

sources at a service provider’s location, you reduce the number of
IT equipment and energy consumption. Technically, you can virtu-
alise and consolidate your IT hardware and deploy power manager
to automatically power off idle servers. However, cloud providers
M

contribute more due to their unique positioning. They host several

customers (multi-tenancy) and enable elasticity (give more resourc-
es to those who need it and only when they need it). Although there
is very little hard data from cloud service providers on their energy
N

efficiency, they have forced enterprises of all sizes to consolidate,

improve utilisation, and contribute toward Green IT.

self assessment Questions

1. CRM stands for:

a. Customer Related Management
b. Customer Relationship Management
c. Customised Relationship Management
d. None of these
2. Which of the following abilities allows cloud computing
resources to add or release resources?
a. Scalability b. Agility
c. CapEx d. None of these
3. Enterprises can use cloud to build IT configurations to
experiment with new business ideas, technologies, and
models, before making large-scale investments. (True/False)

NMIMS Global Access - School for Continuing Education

 Cloud Computing and Business Value  155

n o t e s

Activity

Find out whether business agility is a key behind adoption of cloud

among enterprises.

7.3 CLOUD COMPUTING AND OUTSOURCING

The justification for IT outsourcing and cloud computing has been in-
strumental in lowering of costs. Contracting a business or IT function
to another organisation characterises outsourcing. Cloud-sourcing is
about leveraging of services hosted at a third-party site for computing
resource or applications. It replaces the need for dedicated IT capabil-
ities and staff, which are usually more expensive.

S
Cloud-sourcing can provide substantial economic benefits, but it also
has some disadvantages such as security, loss of control, and perfor-
mance. However, it is important to understand the similarities and
differences between the two, as shown in Table 7.2:
IM
Table 7.2: Comparison of IT Outsourcing and
Cloud Computing
S. Criteria IT Outsourcing Cloud Computing
No.
1. Vendor Lock-in Yes and transition to anoth- Yes, however, with
M

er vendor is expensive and adoption of stand-

arduous and may lock into ards, it is easier to
an inflexible contract transition to another
vendor
2. Utility Model Yes for manpower hiring Has a utility-like
N

Billing and no for project-based billing for actual

outsourcing resource utilisation
3. Commitment Long term, usually for a year Short-term, could be
or more terminated within a
month’s time
4. SLA-based Yes Yes
Relationship
5. Customised Can be customised for large No, most of the
Services Devel- outsourcing projects, and work is done on
opment work can be done using Windows and Linux
Windows, Linux, or vendor servers
Unix operating systems such
as HPUX, Sun Solaris, main-
frames, or IBM AIX
6. Loss of Control Yes Yes for public clouds
7. Involves Work- Yes Yes
ing with Staff of
Vendor Compa-
nies

NMIMS Global Access - School for Continuing Education

156  Cloud Computing

n o t e s

Criteria IT Outsourcing Cloud Computing

8. Faster Develop- No Yes
ment Cycle
9. Costs Reduced capital expendi- No capital expenses;
ture; usually it has a fixed variable component
and variable component of only
cost
10. Scalability and Limited Highly scalable
Elasticity especially for large
public clouds
11. Location of Known Can be known for
Data primary data copy,
but not known for
backup and DR
copies

S
It is important to realise that there are compliance and government
regulations for location of data, and it applies to both cloud computing
and outsourcing.
IM
Some other concerns related to cloud computing and outsourcing are:
‰‰ Security at a vendor site
‰‰ Loss of control
‰‰ Latency of using an application at a remote site
M

The closest alternative to IT outsourcing is IaaS. In both IT outsourc-

ing and IaaS, all data center functions are provided by a third party.
However, with IaaS, the lock-in period is shorter, moving to another
vendor is easier, and current standards are making it easier to use
N

multiple cloud providers concurrently. IaaS costs are also decreasing.

The costs of outsourcing are unlikely to decrease, lock-in periods are
longer, and there is more loss of control. There are many vendors who
can provide both IT outsourcing and cloud-sourcing. Both of these are
appealing from an economic point of view, but they raise issues such
as security and loss.

Another form of outsourcing is to use Data Center as a Service (DCaaS).

It is the same as co-location services, where a consumer rents a part of
a rack, a whole rack, or multiple racks, to put its own servers and stor-
age and pays a fee each month for the use of the facility, power, cool-
ing, bandwidth, and network-level security. IaaS, on the other hand,
provides all the DCaaS services and also provides compute resources
(servers), storage, and network-related services such as load-balanc-
ing. IaaS has a comprehensive menu of value-added services, such as
monitoring, backups, and DR, for customers. Customers need to bring
in the server operating system and applications to start using IaaS-
based services.

NMIMS Global Access - School for Continuing Education

 Cloud Computing and Business Value  157

n o t e s

self assessment Questions

4. ________ involves long term commitment whereas _______

involves short term commitment.
5. DCaaS stands for:
a. Data as a Service
b. Data Center as a Server
c. Data Center as a Service
d. None of these
6. In both IT outsourcing and IaaS, all data center functions are
provided by a third party. (True/False)

S
Activity

Find out the similarities and differences between SaaS and Busi-

IM
ness Process Outsourcing.

7.4 TYPES OF SCALABILITY

The main advantage of cloud computing is that it can scale services
and applications quickly as per the requirement of the customers.
M

This scaling of applications and services is achieved through scalable

architecture in which every component is different from one another.
For example, consider a service that provides information about cus-
tomers. The service must be independent of other services or applica-
N

tions and must not bother about the location of data it requires. The
service also does not bother about the programming functionality re-
quired to retrieve the data from the database and the server on which
it is executing. Whatever the kind of data is required, the message is
passed to the service and service passes this information to the appro-
priate database server to fetch the required data.

This kind of service oriented design in which every component per-

forms its functionality independent of another is termed as loosely cou-
pled. The loosely coupled architecture allows the architects involved
in cloud computing to implement the scalability among resources at
extraordinary levels. Sometimes, this type of design is also called as
distributed architecture as the work units are distributed across the
system independently among several computer resources. You can
scale the distributed architecture in several ways which means you
can add or remove resources, as and when required, by applying vari-
ous strategies related to the database, caching, XML acceleration, etc.
There are several innovative solutions that can be used for scaling the
components of a system independently. The scalability of changing

NMIMS Global Access - School for Continuing Education

158  Cloud Computing

n o t e s

resources allocated to a cloud service can be implemented in various

ways. The main techniques are:
‰‰ Vertical scalability or scaling up: In this case, you add resources,
such as CPU, memory, and storage space, to a server. This helps
improve performance and capacity. On the other hand, you can
also add non-IT components, such as power supplies, NICs, and
HBAs, to a server, which helps improve fault tolerance. For exam-
ple, sometimes, the server in the data center gets underperformed
which means it is unable to fulfill the requirements of the clients or
manage traffic. In this case, the vertical scaling can be applied by
modifying the configuration of the existing server. By enhancing
the configuration of the server, you can make the server capable of
handling more number of requests from the clients or users. Fig-
ure 7.1 shows the concept of vertical scaling:

S
B 4 CPUs
IM
A 2 CPUs

Figure 7.1: Vertical Scaling of Servers

M

‰‰ Horizontal scalability or scaling out: In this case, instead of add-

ing resources within a server or device, you add more servers or
nodes to improve performance, capacity, and redundancy. For ex-
ample, suppose you have four Web servers that are balancing load
and share the network traffic coming to your website. In cloud
N

computing, when the allocated servers for handling the clients

reach to their threshold value, the new servers are automatically
added to manage the load of incoming traffic. In case the traffic
gets back to normal condition, the servers get scaled down. In the
horizontal scaling, the configuration of servers does not increase;
instead, the number of servers increases or decreases. Figure 7.2
shows the concept of horizontal scaling:

pooled
physical
servers

virtual demand demand

servers
A A B A B C
horizontal scaling

Figure 7.2: Concept of Horizontal Scaling

NMIMS Global Access - School for Continuing Education

 Cloud Computing and Business Value  159

n o t e s

self assessment Questions

7. In the ______ scaling, the configuration of servers does

not increase; instead, the number of servers increases or
decreases.
8. In cloud computing, when the allocated servers for handling
the clients reach to their ________, the new servers are
automatically added to manage the load of incoming traffic.

Activity

Enlist the various dimensions of measuring scalability.

S
USE OF LOAD BALANCERS TO ENHANCE
7.5
SCALABILITY
IM
Load balancers can be used to efficiently manage and spread incom-
ing user traffic among multiple servers. A load balancer monitors the
traffic and available servers, and uses a round-robin algorithm where
the idlest server is allocated the load. It improves performance for the
user. It also protects against server failure. If a server fails, the other
M

servers continue to provide the services, although the performance

may be slower. On a larger scale, a load balancer can distribute traffic
to servers in different regions of the world.

Load balancers are commonly used for services such as Domain Name
N

System (DNS), Hypertext Transfer Protocol (HTTP), File Transfer

Protocol (FTP), etc. They are suitable for use in applications where
the incoming load can vary greatly. They are also suitable where the
connections are intelligent and must be tuned for performance, secu-
rity, or other parameters. Load balancers help by enabling an intelli-
gent management interface to application services.

In an architecture, which commonly uses server load balancing, the

incoming request is navigated to the server load balancer dedicat-
edly allocated for a client. This load balancer then forwards this re-
quest to the appropriate server on the basis of the certain parameters
such as availability of the server, or on the basis of load of the server.
Besides, forwarding the request, the load balancer also checks the
server’s health and verifies whether the particular server will be able
to provide the response to the incoming traffic or not.

NMIMS Global Access - School for Continuing Education

160  Cloud Computing

n o t e s

Figure 7.3 shows a classic load balancer architecture:

server availability
load Server
service
1
request
service
Client Load request
balancer
Server
server availability n
load

Figure 7.3: The Classic Load Balancing Architecture (or Load Dis-
patcher)

S
Source: http://www.javaworld.com/article/2077921/architecture-scalability/server-load-balanc-
ing-architectures--part-1--transport-level-load-balancing.html

You can decide the best load balancer architecture (Figure 7.3) by con-
sidering two terms, availability and scalability. The availability of a
IM
server can be defined by uptime which is the time between failures.
During the uptime, the system must provide response to each request
within a well-defined and predetermined time. If the time gets in-
creased then the client judges it as the malfunctioning of the server.
High availability is achieved when one server fails and another server
takes its place and therefore, the failure of the server remains hidden
M

from the client.

On the other hand, scalability means that the system can handle a
single client as well as thousands of clients simultaneously by meeting
quality-of-service needs like response time. When the load of the net-
N

work traffic is high, the scalable system can increase the throughput
by adding hardware resources. In Figure 7.3, you can see that the high
scalability can be achieved by passing the incoming request to serv-
ers. When the load is high, more servers can be added as long as the
load balancer does not get locked. The load balancer must verify the
server status to avoid forwarding the incoming request to dead serv-
ers or to the overloaded servers.

self assessment Questions

9. Load balancers are commonly used for services such as

a. Domain Name System (DNS)
b. Hypertext Transfer Protocol (HTTP)
c. File Transfer Protocol (FTP)
d. All of these
10. Load balancers help by enabling an intelligent management
interface to application services. (True/False)

NMIMS Global Access - School for Continuing Education

 Cloud Computing and Business Value  161

n o t e s

Activity

Find out the features of NGINX Plus as your load balancing soft-
ware.

VARIABLE OPERATING COSTS USING

7.6
CLOUD COMPUTING
The variable operating cost model of cloud computing is an undeni-
able motivator for SMBs and enterprises. It avoids the risk of invest-
ing upfront on IT equipment or talent. It also helps organisations to
protect their cash flow from operations, during times when more IT
infrastructure is required to meet grown business needs and when
less IT infrastructure is needed as business volumes decline.

S
Organisations can experiment with technical ideas and create proof of
business concepts using cloud resources. If a business idea does not
IM
seem feasible to continue, it can be quickly be withdrawn from the
cloud. The cloud provides an agile platform on a pay-per-use basis. It
is responsive to changing market needs. The enhanced utilisation of
cloud resources helps reduce the cost per user. Smart, power-saving
technologies turn off resources during periods of low-load, thus, sav-
ing on power-related costs.
M

self assessment Questions

11. The ________ operating cost model of cloud computing avoids

the risk of investing upfront on IT equipment or talent.
N

12. If a business idea does not seem feasible to continue, it cannot

be quickly be withdrawn from the cloud. (True/False)

Activity

Enlist the differences between fixed cost model and variable cost
model.

TIME-TO-MARKET BENEFITS OF CLOUD

7.7
COMPUTING
Cloud services enable an organisation to develop new services and
release them in the market in a shorter time span. The cloud provides
quick and easy access to vast amounts of resources. Organisations can
use it to rapidly develop, test, deploy, and manage applications. Ap-
plication vendors, for example, can be used to integrate with other
cloud-based services such as storage, database, user authentication,
or security.

NMIMS Global Access - School for Continuing Education

162  Cloud Computing

n o t e s

Vendors get quick access to services on a pay-per-use model. Cloud,

thus, helps to reduce engineering time to create and deploy new ser-
vices. Without the use of cloud, application development is an expen-
sive and time-consuming process. The key factors that favor cloud-
based application development are:
1. It can add or remove resources easily, using a self-service portal.
2. It has pay-per-use billing for development and production.
3. It has support for three-tier or multi-tier application architecture.
4. It has an easy mechanism to migrate existing virtual server
images to the cloud.

self assessment Questions

S
13. Cloud helps in _____ engineering time to create and deploy
new services.
14. Cloud provides pay-per-use billing for development and
IM production. (True/False)

Activity

Determine the advantages of cloud computing for capital market

industry.
M

7.8 DISTRIBUTION OVER THE INTERNET

Access to cloud computing is done over the Internet. This makes it
N

easier for users anywhere to connect to cloud services at any point in

time. When cloud providers select a site for building a new data cen-
ter, the key factors they consider are as follows:
‰‰ Availability of low-cost and renewable sources of power
‰‰ Access to inexpensive IT talent in the area for IT administration
‰‰ High-speed Internet connectivity from multiple Internet service
providers
‰‰ Low cost of land and green-field sites
‰‰ Obtaining tax breaks from the local and state government
‰‰ Abundance of water supply throughout the year
‰‰ Earthquake-free or low seismic zone

Most cloud providers have multiple data centers for DR and better per-
formance, and provide the most reliable user experience. Optimising
the above factors yield the highest ROI on data center costs for cloud
providers. Greenfield sites are preferred, because they save money on
land acquisition costs and are usually eligible for tax rebates.

NMIMS Global Access - School for Continuing Education

 Cloud Computing and Business Value  163

n o t e s

A small-scale cloud provider with a smaller profit margin may not be

a judicious choice, because they may neither have the requisite hard-
ware resources to meet user peak load demands nor have multiple
data centers to save them from a probable disaster.

self assessment Questions

15. Which of the following is considered while selecting a site for

building a new data center?
a. Availability of low-cost and renewable sources of power
b. Access to inexpensive IT talent in the area for IT adminis-
tration
c. High-speed Internet connectivity from multiple Internet
service providers

S
d. All of these
16. The data center must be earthquake-free or built on low
seismic zone. (True/False)
IM
Activity

Find out how cloud computing is related with Internet of Things

(IoT).
M

LEVELS OF BUSINESS VALUE FROM

7.9
CLOUD COMPUTING
N

In general, business owners, profit-center heads, and Chief Financial

Officers (CFOs) prefer the concept of cloud computing due to its eco-
nomic savings, pay-per-use billing, and absence of fixed costs. How-
ever, a disadvantage of cloud computing is that the cloud costs are
variable and do not linearly increase or decrease with change in the
utilisation pattern, making it difficult to forecast the billing amount
each month. From a business viewpoint, cloud computing offers val-
ue to an organisation at three different levels. These are described in
Table 7.3:
Table 7.3: Different Levels of Value for Cloud
Consumer Organisations
S. Level of Value from Description
No. Using the Cloud
1. Basic Level Consumer organisations benefit from fun-
(Utility Level Value) damental features of cloud such as lower
IT costs, higher service levels, scalability to
meet peak loads, absence of fixed or capital
expenses, and pay-per-use billing. Focus is
on labor, IT resources, and power.

NMIMS Global Access - School for Continuing Education

164  Cloud Computing

n o t e s

Level of Value from Description

Using the Cloud
2. Intermediate Level Enterprises find it difficult to improve
(Process Transforma- business processes, because they are usu-
tion Level Value) ally ineffectively supported by traditional
in-house IT infrastructure and teams. A
cloud, on the other hand, allows business
units to regulate to meet their specific
requirements.
For example, sales teams can use cloud-
based CRM to improve sales tracking and
customer relations. Human Resource (HR)
departments can use cloud-based human
capital management applications. Cloud
users can introduce new processes by
taking advantage of pooled and scalable

S
resources in the cloud. It facilitates better
collaboration between geographically-dis-
persed teams and users with mobile and
IM remote access.
3. Advanced Level (Busi- The business innovation level aims to
ness Innovation Level create new value chains between organisa-
Value) tions and customers and novel and pio-
neering business models. This is achieved
by rewiring the way organisations can op-
erate using cloud resources, making choic-
M

es of competitive advantage, and deriving

new values from cloud-based services. It
can be used to collaborate between users,
customers, and partners. Cloud resources
can be combined to create entirely new
N

business eco-systems.

self assessment Questions

17. Sales teams can use cloud-based CRM to improve sales

tracking and customer relations. (True/False)

Activity

Find out how cloud computing is helpful even for a small organisa-
tion.

NMIMS Global Access - School for Continuing Education

 Cloud Computing and Business Value  165

n o t e s

7.10 SUMMARY
‰‰ Cloud computing offers organisations a creative way to address
how they utilise IT, which in turn allows them to focus on their
business objectives.
‰‰ The cost and convenience benefits have prompted organisations
of all sizes to consider adopting cloud computing.
‰‰ The hype about cloud computing has created unrealistic expecta-
tions about what cloud computing can deliver, making improbable
promises such as high ROI, reduced overall costs, and improved
revenue.
‰‰ While the immediate cloud benefits of not having to deal with buy-
ing and managing your own infrastructure and data center is ap-
pealing, the Total Cost of Ownership (TCO) of renting for a long-

S
term is almost the same as owning.
‰‰ Although using public clouds is similar to outsourcing IT services,
there are notable differences in terms of ease of entering into and
IM
exiting from contracts, scaling up or down, and location of data
and services.
‰‰ Clouds have vertical (add more resources to an existing server),
horizontal (add more servers), or diagonal (do both) scalability.
‰‰ Use of load balancers improves performance and availability for
M

cloud services.
‰‰ Use of cloud to develop, test, and deploy applications helps in fast-
er time to market e-services.
‰‰ There are three distinct levels of value derived from using cloud:
N

 Basic level or utility-level value

 Intermediate level or process transformation value
 Advanced level or business innovation value

key words

‰‰ Cloud-sourcing: It is about leveraging of services hosted at a

third-party site for computing resource or applications.
‰‰ Horizontal scalability: It allows you to add more servers or
nodes to improve performance, capacity, and redundancy.
‰‰ Load balancers: These are used to efficiently manage and
spread incoming user traffic among multiple servers.
‰‰ Scalability: It is the ability of the cloud service or application to
grow or diminish the resources based on requirement.
‰‰ Vertical scalability: It allows you to add resources, such as CPU,
memory, and storage space, to a server.

NMIMS Global Access - School for Continuing Education

166  Cloud Computing

n o t e s

7.11 DESCRIPTIVE QUESTIONS

1. Enlist the benefits of cloud adoption to users and providers.
2. What are the key benefits to SMBs and enterprises of cloud
adoption?
3. Compare the IT outsourcing and cloud computing on different
criteria.
4. Discuss vertical and horizontal scaling with the help of a diagram.
5. What is the purpose of using load balancers in cloud computing?
6. Explain the concepts of variable operating cost and time-to-
market benefits in cloud computing.
7. Discuss the various levels of business value from cloud computing.

S
7.12 ANSWERS AND HINTS
IM
ANSWERS FOR SELF ASSESSMENT QUESTIONS

Topic Q. No. Answers

Key Drivers for Cloud 1. b. Customer Relationship Man-
Computing agement
2. a. Scalability
M

3. True
Cloud Computing and Out- 4. IT Outsourcing, Cloud Computing
sourcing
5. c. Data Center as a Service
N

6. True
Types of Scalability 7. horizontal
8. threshold value
Use of Load Balancers to 9. d. All of these
Enhance Scalability
10. True
Variable Operating Costs 11. variable
using Cloud Computing
12. False
Time-to-market Benefits 13. reducing
of Cloud Computing
14. True
Distribution over the 15. d. All of these
Internet

NMIMS Global Access - School for Continuing Education

 Cloud Computing and Business Value  167

n o t e s

Topic Q. No. Answers

16. True
Levels of Business Value 17. True
from Cloud Computing

HINTS FOR DESCRIPTIVE QUESTIONS

1. The cloud market is growing fast and witnessing many new
entrants, which have large amounts of capital to invest. They are
expected to offer a broad range of solutions and play key roles
in the cloud market. Refer to Section 7.2 Key Drivers for Cloud
Computing.
2. Large corporations use public clouds for less critical applications
such as Disaster Recovery (DR) and backups. Refer to Section

S
7.2 Key Drivers for Cloud Computing.
3. The justification for IT outsourcing and cloud computing
has been instrumental in lowering of costs. Refer to Section
IM
7.3 Cloud Computing and Outsourcing.
4. The main advantage of cloud computing is that it can scale
services and applications quickly as per the requirement of
customer. Refer to Section 7.4 Types of Scalability.
5. Load balancers can be used to efficiently manage and spread
incoming user traffic among multiple servers. Refer to Section
M

7.5 Use of Load Balancers to Enhance Scalability.

6. The variable operating cost model of cloud computing is an
undeniable motivator for SMBs and enterprises. Refer to
Section 7.6 Variable Operating Costs Using Cloud Computing
N

and Section 7.7 Time-to-market Benefits of Cloud Computing.

7. In general, business owners, profit-center heads, and Chief
Financial Officers (CFOs) prefer the concept of cloud computing
due to its economic savings, pay-per-use billing, and absence of
fixed costs. Refer to Section 7.9 Levels of Business Value from
Cloud Computing.

7.13 SUGGESTED READINGS & REFERENCES

SUGGESTED READINGS
‰‰ Weinman, J. (2012). Cloudonomics: The Business Value of Cloud
Computing. Hoboken, NJ: Wiley.
‰‰ Harding, C., Isom, P., & Skilton, M. (2011). Cloud Computing for
Business: The Open Group Guide. Zaltbommel: Van Haren Publish-
ing.

NMIMS Global Access - School for Continuing Education

168  Cloud Computing

n o t e s

E-REFERENCES
‰‰ Twitter as a scalability case study. (n.d.). Retrieved March 08, 2017,
from http://natishalom.typepad.com/nati_shaloms_blog/2008/05/
twitter-as-an-e.html
‰‰ Cloud - Re-Platforming to AWS Cloud for Increased Scalabil-
ity, Availability and Manageability. (n.d.). Retrieved March
08, 2017, from http://www.ust-global.com/cloud-re-platform-
ing-aws-cloud-increased-scalability-availability-and-manageabili-
ty
‰‰ Cisco Services Follow. (2011, December 02). The Business Value
of Cloud Computing. Retrieved March 08, 2017, from https://www.
slideshare.net/CiscoIBSG/why-cloud-why-now-10440473

S
IM
M
N

NMIMS Global Access - School for Continuing Education

 C h a
8 p t e r

CLOUD ARCHITECTURES

CONTENTS

S
8.1 Introduction
8.2 Workload Distribution Architecture
IM
Self Assessment Questions
Activity
8.3 Resource Pooling Architecture
Self Assessment Questions
Activity
8.4 Dynamic Scalability Architecture
M

Self Assessment Questions

Activity
8.5 Elastic Resource Capacity Architecture
Self Assessment Questions
N

Activity
8.6 Service Load Balancing Architecture
Self Assessment Questions
Activity
8.7 Cloud Bursting Architecture
Self Assessment Questions
Activity
8.8 Elastic Disk Provisioning Architecture
Self Assessment Questions
Activity
8.9 Redundant Storage Architecture
Self Assessment Questions
Activity
8.10 Summary
8.11 Descriptive Questions
8.12 Answers and Hints
8.13 Suggested Readings & References

NMIMS Global Access - School for Continuing Education

170  Cloud Computing

Introductory Caselet
n o t e s

SERVER REQUIREMENT REDUCED BY USING

NETMAGIC’S CLOUD COMPUTING SERVICE

Company Profile

India Infoline (IIFL) is a leading financial service company in In-

dia. Headquartered in Mumbai, the company provides and offers
advices on various financial services like equities and derivatives,
wealth management, fixed deposits, loans, investment bank-
ing, etc. The company also conducts research on Indian econo-
my, businesses and corporates. Today, the company is present in
eight countries: Singapore, Dubai, United States, UK, Switzer-
land, Hong Kong, Mauritius and Sri Lanka. IIFL in now divid-
ed into 11 companies: India Infoline Ltd., India Infoline Finance

S
Limited, India infoline Insurance brokers Ltd., India Infoline
Commodities Ltd., IIFL Assets Management Company & IIFL
MF, IIFL Private Wealth Management Ltd., IIFL (Asia) Pte Ltd.,
IIFL Inc. (US) investment Advisors Ltd., IIFL (UK), IIFL Multi
IM
National Company, 5Paisa Capital Ltd.

Problem

As the company started growing, it felt the requirement of robust

and scalable IT infrastructure. India Infoline didn’t want to spend
its time on the work of managing, running and upgrading the IT
M

operations as it just wanted to focus on its core business. So the

managers decided to outsource the work of managing, running
and upgrading the IT operations to an IT hosting service provider.
They wanted the IT hosting service provider to scale and stream-
N

line their existing IT infrastructure in order to ensure that they

were being used optimally. They also wanted the centralized man-
agement for all their IT infrastructure.

Solution

India Infoline outsourced the work to Netmagic Solutions, a well-

known cloud service provider. Netmagic streamlined all the IT
infrastructure of India Infoline and provided a turnkey solution
for automated centralization of all the major client application of
India Infoline. This includes all IT managing work like managing
database, network, server, security, trading application as well as
managing project and vendors.

India Infoline took Netmagic’s support to move its broadcast serv-

er to cloud that runs at its peak at the time of its business hours.

“For the success of cloud computing in our enterprise environment,

it was essential to ensure that both the versions of our trading appli-

NMIMS Global Access - School for Continuing Education

 CLOUD ARCHITECTURES  171

Introductory Caselet
n o t e s

cation ran fine during migration. It was a tough call when it came
to procuring 70 more servers to run the new application in parallel,”
says Sankarson Banerjee, Chief Information Officer, IIFL Ltd.

Mr. Banerjee settled on using the cloud computing service of Net-

magic Solution as it was not possible to buy 70 more additional
servers. The project then started by migrating only two servers.
However, there were many doubts on the performance of Netmag-
ic’s cloud. There were also concern on the scalability, security, and
backup of data issues on the cloud. But all the concerns of India
Infoline were alleviated by the engineers of Netmagic Solution.

With the cloud computing architecture, India Infoline only re-

quired 54 physical servers instead of 70 servers. It required 10
days for Netmagic Solution to migrate around 54 servers to cloud.

S
Thus, Netmagic Solution makes it possible for India Infoline to
bring down its physical server requirement to a mere 30%. Net-
magic automated all the IT environment of India Infoline seam-
IM
lessly. With the help of Netmagic Solution, India Infoline now gets
more time to focus on its core business processes, application de-
velopment and innovation.

“With Netmagic’s support we have been able to expand very fast,

much faster than if we had to manage our own servers. We have
M

been able to get scalability on-demand on fairly short notices. We

have been able to experiment with technologies like Cloud, which
we would not have been able to as in-house skills would have been a
problem. We have been able to keep our costs under control because
of Netmagic. With Netmagic as our partner, we have been able to
N

gain reliability in business, which would have been difficult to man-

age internally,” says Sankarson Banerjee, Chief Information Offi-
cer, IIFL Ltd.

NMIMS Global Access - School for Continuing Education

172  Cloud Computing

n o t e s

learning objectives

After studying this chapter, you will be able to:

>> Explain the workload distribution architecture
>> Discuss resource pooling architecture
>> Describe dynamic scalability architecture
>> Explain elastic resource capacity architecture
>> Discuss service load balancing architecture
>> Describe cloud bursting architecture
>> Explain elastic disk provisioning architecture
>> Discuss redundant storage architecture
>> Explain open-source eucalyptus cloud architecture

S
>> Describe open-source OpenStack cloud architecture

8.1 INTRODUCTION
IM
Cloud computing architecture is the structure of the cloud system.
Cloud computing architecture is generally composed of the various
components and subcomponents that are needed for cloud comput-
ing. These components may be at the front end or back end platform.
It can also be a network. The front end of cloud computing architec-
ture is called as cloud clients or simply clients. The main function of
M

the client is to interact with cloud data storage with the help of ap-
plication, browser or virtual session. The various types of clients are
fat client, thin client zero client, tablet and mobiles. Cloud computing
architecture also consists of cloud resource, middleware and software
N

components.

In this chapter, you will study the concept of workload distribution

architecture. In addition, you will also study resource pooling archi-
tecture, dynamic scalability architecture, elastic resource capacity
architecture and service load balancing architecture. You will also
study about cloud bursting architecture, elastic disk provisioning ar-
chitecture and redundant storage architecture. Towards the end of
the chapter, you will study about open-source eucalyptus cloud archi-
tectur and open-source OpenStack cloud architecture.

WORKLOAD DISTRIBUTION
8.2
ARCHITECTURE
In workload distribution architecture, there is a load balancer and vir-
tual server. The load balancer distributes the workload consistently
among the IT resources that are available. Then the over utilization
and underutilization of IT resources can be reduced to some extent.
However, this reduction totally depends on load balancing algorithm
as well as runtime logic.

NMIMS Global Access - School for Continuing Education

 CLOUD ARCHITECTURES  173

n o t e s

Figure 8.1 shows workload distribution architecture:

load
Cloud Virtual
balancer
Service Server
A A

Cloud Virtual
cloud service Service Server
consumers A A

Figure 8.1: Workload Distribution Architecture

S
Source: http://www.informit.com/articles/article.aspx?p=2093407

In Figure 8.1, it is seen that a duplicate copy of Cloud Service A is

applied on Virtual Server B. The request of cloud service consumers
IM
is intercepted by the load balancer which are directed to both Virtual
Servers A and B. The function of the load balancer is to ensure that
the workloads should be distributed between Virtual server A and B
uniformly.

Workload distribution can be carried out in distributed virtual serv-

ers, cloud storage devices and cloud services. Various mechanisms
M

such as audit monitor, cloud usage monitor, hypervisor, logical net-

work perimeter, resource cluster and resource replication can be a
part of workload distribution architecture.
N

self assessment Questions

1. In workload distribution architecture, the _____________

ensures that the workloads are distributed uniformly.
2. Workload distribution can be carried out in______________,
____________and __________.

Activity

Search information about various mechanisms used in workload

distribution architecture and discuss with your friends.

8.3 RESOURCE POOLING ARCHITECTURE

The resource pooling architecture depends on how other resource
pools are being used. In this architecture, similar resources are
grouped together and are maintained by a system. This system will
automatically make sure that the resources are synchronized.

NMIMS Global Access - School for Continuing Education

174  Cloud Computing

n o t e s

The following are some common resource pools:

‰‰ Physical server pool: It is composed of network servers. These
network servers are installed with programs, applications and op-
erating system and these network servers are ready for instant use.
‰‰ Virtual server pool: It is generally configured by any of the avail-
able templates which are determined by cloud consumer at the
time of provisioning.
‰‰ Storage pool: It consists of file-based or block-based storage struc-
ture. It contains empty or filled cloud storage device.
‰‰ Network pool: It is composed of various network connectivity de-
vices that are already configured.
‰‰ CPU pool: It can be allocated to virtual servers. It can also be bro-
ken up into individual processing cores.
‰‰ Memory pool: It is a pool of RAM. It can be used in new provi-

S
sioned physical servers.

Figure 8.2 shows a sample resource pool that is composed of four sub-
pools – CPU pool, memory pool, storage pool and network pool:
IM
CPU pool memory pool storage pool network pool
M

Figure 8.2: A sample resource pool

Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=2

In resource pooling architecture, we can create a hierarchical structure.

N

The hierarchical structure can form parent, sibling or nested pools that
can help an organization to get the various needs of resource pooling.
The hierarchical resource pooling architecture is shown in Figure 8.3:
Pool A

virtual server pool CPU pool memory pool network pool

Pool B

virtual server pool CPU pool memory pool

Pool C

CPU pool memory pool network pool

Figure 8.3: Hierarchical resource pooling architecture

Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=2

NMIMS Global Access - School for Continuing Education

 CLOUD ARCHITECTURES  175

n o t e s

In Figure 8.3, Pool A is a parent pool. Pool B and Pool C are two sibling
pools that are taken from the parent pool, Pool A. Sibling resource
pools are generally taken from a group of physical IT resources that
are always kept isolated from each other.

A nested pool is a model in which a larger pool is divided into some

smaller pools. These smaller pools can individually group the same
type of IT resources. Figure 8.4 shows a nested pool:

Pool A

virtual server pool CPU pool memory pool

Pool B

S
virtual server pool CPU pool memory pool
IM
Pool C

virtual server pool CPU pool memory pool

M

Figure 8.4: Nested Pool

Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=2

In Figure 8.4, Pool A.1 and Pool A.2 are nested pools, which contains
the same type of IT resources as that of Pool A but in varying quanti-
N

ties.

self assessment Questions

3. In resource pooling architecture, we cannot create a

hierarchical structure. (True/False)
4. Which of the following pools can also be broken into individual
processing cores?

a.
Storage pool b. 
CPU pool
c. Network pool d. Memory pool

Activity

You are given a sample of a resource pool that consists of CPU pool,
memory poll, network pool and storage pool. Divide the resource
pool into three smaller pools. All the pools should consist of same
resources that may differ in quantities.

NMIMS Global Access - School for Continuing Education

176  Cloud Computing

n o t e s

8.4 DYNAMIC SCALABILITY ARCHITECTURE

It is an architectural model in which we can allocate resources from
the resource pool dynamically. In this architecture there is an auto-
matic scaling listener. This automatic scaling listener has workload
thresholds which will indicate when a new resource will be required
to add in the workload process. It works on the logic that how many
IT resources can be provided dynamically on the basis of the contract
of cloud consumers.

The following are two types of commonly used dynamic scaling:

‰‰ Dynamic horizontal scaling: In this type of scaling, the resources
are scaled in and out in order to handle the fluctuating workloads.
There is an automatic scaling listener which monitors request of

S
resources and provide the resources based on the requirements
and permissions.
‰‰ Dynamic vertical scaling: In this type of scaling, the resources are
IMscaled up and down at the time when it is required to adjust the
processing capacity of a single resource.

The dynamic scalability architecture can be applied to both virtual as

well as cloud storage devices. Figure 8.5 shows the process of dynamic
horizontal scaling:
M

cloud
service
instances
N

virtual
server
automated host
cloud service scaling
consumers listener

Figure 8.5: Process of dynamic horizontal scaling

Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=3

In Figure 8.5, it is seen that the consumers of cloud service are send-
ing request to a cloud service and the automated scaling listener mon-
itors the cloud service in order to determine whether the capacity of
predefined thresholds are being exceeded or not.

If the capacity of the predefined threshold exceeds its limit, the auto-
mated scaling listener will go for the next course of action on the basis
of the predefined scaling policy, as shown in Figure 8.6:

NMIMS Global Access - School for Continuing Education

 CLOUD ARCHITECTURES  177

n o t e s

cloud
service
instances

virtual
server
automated host
cloud service scaling
consumers listener

automated scaling listener notices cloud

service instances overloaded with requests

S
Figure 8.6: Cloud server overloaded with request
Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=3

When the cloud server is overloaded with request, a signal will be sent
IM
to resource replication mechanism by the automated scaling listener.
The resource replication mechanism will create more instances of the
cloud services as shown in Figure 8.7:

virtual
M

automated cloud server

scaling service host
listener instances
N

cloud service
consumers
resource
replication

Figure 8.7: Creating more instances of cloud service

Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=3

The increased workload will then be accommodated and the automat-

ed scaling listener will continue to monitor the workload.

self assessment Questions

5. In dynamic scalability architecture, there is an automatic

scaling listener. (True/False)
6. In ________ scaling, the resources are scaled in and out in
order to handle the fluctuating workloads.

NMIMS Global Access - School for Continuing Education

178  Cloud Computing

n o t e s

Activity

Besides the core automated scaling listener and resource replica-

tion mechanisms, determine and enlist some more mechanisms
available in the dynamic scalability architecture.

ELASTIC RESOURCE CAPACITY

8.5
ARCHITECTURE
It is an architectural model that is mainly related to dynamic provision
of virtual servers. It uses a system which can allocate and reclaim CPU
and RAM when there is a requirement of resources.

The scaling technology uses resource pool which can interact with hy-

S
pervisor or Virtualized Infrastructure Management (VIM) in order to
retrieve and return the resources of CPU and RAM at runtime. In or-
der to leverage the additional processing power of virtual server from
the resource pool dynamically, it is required to monitor the processing
IM
of the virtual server. Then the virtual server, its hosted applications
and resources will be scaled.

This type of architecture is designed to send scaling requests through

VIM. The scaling request is sent with the help of intelligent automa-
tion engine. It may require rebooting of the virtual server during the
scaling process to allocate the resource dynamically.
M

Figure 8.8 shows the process of elastic resource capacity architecture:

automated scaling resource pool

listener with memory
N

and CPU
sub-pools
cloud
service

cloud service
consumers

hypervisor

intelligent
automation engine

Figure 8.8: Elastic resource capacity architecture

Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=4

NMIMS Global Access - School for Continuing Education

 CLOUD ARCHITECTURES  179

n o t e s

In Figure 8.8, it is seen that requests are sent actively to a cloud ser-
vice and are being monitored by an automated scaling listener. An in-
telligent automated engine has been deployed with the workflow logic
which will notify about the resource pool.

In elastic resource capacity architecture, there is an automated scal-

ing listener. In case of any increase in cloud consumer request, the
automated scaling listener alerts the intelligent automation engine
that it is time to execute the script. Then the intelligent automation
engine will allocate more resources from the resource pool as shown
in Figure 8.9:

automated scaling
listener resource pool
with memory
and CPU

S
cloud
sub-pools
service

cloud service
IM
consumers

hypervisor
M
N

intelligent
automation engine

Figure 8.9: Allocating more resource by intelligent

automation engine
Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=4

Then the additional CPU and RAM will be allocated to the virtual serv-
er. It will enable the architecture to handle the increased workload.

self assessment Questions

7. An intelligent automated engine has been deployed with the

________ logic.
8. Elastic resource capacity architecture is designed to send
scaling request through VIM. (True/ False) 

NMIMS Global Access - School for Continuing Education

180  Cloud Computing

n o t e s

Activity

Search and enlist reasons behind the creation of the elastic re-
source capacity architecture.

SERVICE LOAD BALANCING

8.6
ARCHITECTURE
It is a specialized workload distribution architecture used for scaling
the implementation of cloud service. In this architecture, the dupli-
cate deployment of cloud services are created with the help of load
balancing system in order to distribute the workload dynamically.

In this architecture, the load balancer can be positioned independent-

S
ly of the cloud services and host servers as shown in Figure 8.10:

cloud service consumers

IM
M

load
balancer
N

Cloud Cloud Cloud

Service Service Service
A A A

Virtual Virtual Virtual

Server A Server B Server C

Figure 8.10: Service load balancing architecture

Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=5

In Figure 8.10, it is seen that the messages sent by the cloud server
consumers are intercepted by the load balancer. The load balancer

NMIMS Global Access - School for Continuing Education

 CLOUD ARCHITECTURES  181

n o t e s

then forwards the message to the virtual server in order to process the
workload horizontally.

In service load balancing architecture, there can be communication

between the primary server and neighboring server in order to bal-
ance the workload as shown in Figure 8.11:

cloud service consumers

S
IM
Cloud Cloud Cloud
Service Service Service
A A A
Virtual
Virtual Server C
Virtual
M

Server B
Server A
N

Figure 8.11: Balancing the workload between the primary

server and its neighbor
Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=5

In Figure 8.11, it is seen that the request of cloud service consumer

is sent to cloud service A on virtual server A. There is a built-in load
balancing logic in the cloud service. The function of the load balancing
logic is to distribute all the requests of cloud service consumers to its
neighboring cloud service A.

self assessment Questions

9. In service load balancing architecture, there can never be any

communication between the primary server and neighboring
servers in order to balance the workload. (True/False)

10. In service load balancing architecture, the duplicate
deployment of cloud services are created with the help of
__________in order to distribute the workload dynamically.

NMIMS Global Access - School for Continuing Education

182  Cloud Computing

n o t e s

Activity

Using the Internet, collect the information about cloud usage mon-
itor and resource cluster mechanisms of the service load balancing
architecture and discuss in your class.

8.7 CLOUD BURSTING ARCHITECTURE

The cloud bursting architecture is a special dynamic scaling architec-
ture, which scales or “bursts out” the IT resources into a cloud when
the resources exceed the predefined capacity. Sometimes, the cloud
based resources are unnecessarily pre deployed but remain inactive
until the occurrence of the cloud burst. When resources are no longer
required, all the cloud based resources release. It is a flexible scaling

S
architecture. It provides the option of using the cloud based resources
only when the usage demand is high.

Figure 8.12 shows the mechanism of cloud bursting architecture:

IM
M
N

Figure 8.12: Mechanism of cloud bursting architecture

Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=6

In Figure 8.12, there is an automated scaling listener. This automated

scaling listener continuously monitors the usage of Service A. When
there is a request from Service consumer C and the automated scaling
listener found that the threshold capacity of Service A has exceeded,
it redirects the request to the duplicate implementation of Service A,
i.e., Cloud service A. It has also used resource replication system in
order to synchronize the state management databases.

self assessment Questions

11. Cloud bursting architecture provides the option of using the

cloud based resources only when the usage demand is very
low. (True/False)

NMIMS Global Access - School for Continuing Education

 CLOUD ARCHITECTURES  183

n o t e s

Activity

Enlist some differences between cloud bursting and cloud washing.

Discuss these differences with your friends.

ELASTIC DISK PROVISIONING

8.8
ARCHITECTURE
In this architecture, cloud consumers are charged for the whole disk
storage allocation and not for the actual data storage consumption.
Figure 8.13 demonstrates the mechanism of elastic disk provisioning
architecture:

S
IM
M
N

Figure 8.13: Mechanism of elastic disk provisioning architecture

Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=7

In Figure 8.13, it is seen that the cloud consumer request for a virtual
server that has three 50 GB hard drives. Thus the virtual server will
have a total disk space of 150 GB. It is seen that the used space is cur-
rently 0. This is because the cloud consumer has not installed any soft-
ware till now. But the cloud consumer will be charged for all the three
hard drives, i.e., for 150 GB even if he needs only 20 GB storage space.

A software called as thin provisioning software is installed in the vir-

tual server for allocating the storage capacity dynamically through hy-
pervisor, as shown in Figure 8.14:

NMIMS Global Access - School for Continuing Education

184  Cloud Computing

n o t e s

thin provisioning
program

hypervisor

cloud pay-per-use
consumer monitor

S
Figure 8.14: Allocating the storage capacity
IM Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=7

In Figure 8.14, it is seen that the virtual server receives a request from
the cloud consumer. The virtual server then starts the provisioning
process. There is a hypervisor in the architecture. The hypervisor cre-
ates thin disks for the virtual server by calling the dynamic disk allo-
cation component. The virtual server disks are created with the help
M

of the thin provisioning program. The virtual server disks are saved
in a folder whose size is almost zero. But the size of the disk increases
gradually as operating applications and files are copied on to the vir-
tual server.
N

self assessment Questions

12. In which of the following architectures, the cloud consumers

are charged for the whole disk storage allocation and not for
the actual data storage consumption?
a. Cloud Bursting Architecture
b. Elastic Disk Provisioning Architecture
c. Service Load Balancing Architecture
d. None of these
13. In elastic disk provisioning architecture, the cloud consumers
are charged for the whole disk storage allocation and not for
the actual data storage consumption. (True/False)

Activity

Enlist and explain various mechanisms present in the workload

distribution architecture with the help of the Internet.

NMIMS Global Access - School for Continuing Education

 CLOUD ARCHITECTURES  185

n o t e s

8.9 REDUNDANT STORAGE ARCHITECTURE

Redundant storage architecture is a unique architectural model that
has a duplicate cloud storage device. In case of failure of the primary
storage device, this architecture uses the secondary duplicate cloud
storage device by synchronizing its data with the primary cloud stor-
age device. In this architecture, there is a storage service gateway
which will direct the request of the cloud consumers to the secondary
device at the time of the failure of the primary device.

Figure 8.15 shows the redundant storage architecture:

S
primary
storage
device
secondary storage
IM device

storage
service
gateway
M

Figure 8.15: Mechanism of redundant storage architecture

Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=8

In Figure 8.15, it is seen that data of the primary storage device is reg-
N

ularly replicated to the secondary storage device. In case the primary

storage fails, the requests of the cloud consumers are forwarded to the
secondary storage device, as shown in Figure 8.16:

secondary
storage
device
primary storage
device

storage
service
gateway

Figure 8.16: Failure of the primary storage device

Source: http://www.informit.com/articles/article.aspx?p=2093407&seqNum=8

NMIMS Global Access - School for Continuing Education

186  Cloud Computing

n o t e s

Since the secondary storage device has all the data of the primary
storage device, it can allow the cloud consumers to access the data.

self assessment Questions

14. In redundant storage architecture, if the primary storage

device fails, the users can still access their data stored on
secondary storage device. (True/False)
15. _________ architecture is a unique architectural model that
has a duplicate cloud storage device.
16. Which of the architecture uses the secondary duplicate cloud
storage device by synchronizing its data with the primary
cloud storage device?
a. Elastic disk provisioning architecture

S
b. Redundant storage architecture
c. Cloud bursting architecture
IM
d. Service load balancing architecture
17. In redundant storage architecture, there is a ________ which
will direct the request of the cloud consumers to the secondary
device at the time of the failure of the primary device.
M

Activity

Prepare a report on the concept of storage replication.

N

8.10 SUMMARY
‰‰ Cloud computing architecture is the structure of the cloud system.
It is generally composed of the various components and subcom-
ponents that are needed for cloud computing.
‰‰ In workload distribution architecture, workload distribution can
be carried out in distributed virtual servers, cloud storage devices
and cloud services.
‰‰ A storage pool consists of file-based or block-based storage struc-
ture. It contains an empty or filled cloud storage device.
‰‰ A network pool is composed of various network connectivity de-
vices that are already configured.
‰‰ Dynamic scalability architecture is an architectural model in which
we can allocate resources from the resource pool dynamically. In
this architecture there is an automatic scaling listener.
‰‰ Elastic resource capacity architecture is an architectural model
which is mainly related dynamic provision of virtual servers. It

NMIMS Global Access - School for Continuing Education

 CLOUD ARCHITECTURES  187

n o t e s

uses a system which can allocate and reclaim CPU and RAM when
there is a requirement of resources.
‰‰ Service load balancing architecture is specialized workload distri-
bution architecture used for scaling the implementation of cloud
service.
‰‰ Inelastic disk provisioning architecture, the cloud consumers are
charged for the whole disk storage allocation and not for the actual
data storage consumption.
‰‰ Redundant storage architecture is a unique architectural model
that has a duplicate cloud storage device.

key words

‰‰ Network pool: It refers to the resource pool that is composed

S
of various network connectivity devices that are already config-
ured.
‰‰ CPU pool: It refers to the resource pool that can be allocated to
IM
virtual servers and can also be broken into individual process-
ing cores.
‰‰ Dynamic horizontal scaling: It refers to the dynamic scaling in
which the resources are scaled in and out in order to handle the
fluctuating workloads.
M

‰‰ Dynamic vertical scaling: It refers to the dynamic scaling in

which the resources are scaled up and down at the time when
it is required to adjust the processing capacity of a single re-
source.
N

‰‰ Thin provisioning program: A software called as thin provi-

sioning program, when it is installed in the virtual server to al-
locate the storage capacity dynamically through hypervisor.

8.11 DESCRIPTIVE QUESTIONS

1. Discuss how the workloads are distributed in workload
distribution architecture.
2. Explain the various resource pools of resource pooling
architecture.
3. Describe two common types of dynamic scaling.
4. Discuss the working of elastic resource capacity architecture.
5. Explain how communication takes place between the primary
server and the neighboring servers in service load balancing
architecture.
6. Why cloud bursting architecture is considered as a flexible
scaling architecture?

NMIMS Global Access - School for Continuing Education

188  Cloud Computing

n o t e s

7. Explain how redundant storage architecture use secondary

storage device in case of failure of primary storage device.

8.12 ANSWERS AND HINTS

ANSWERS FOR SELF ASSESSMENT QUESTIONS

Topic Q. No. Answers

Workload Distribution Architecture 1. Load balancer
2. Distributed virtual serv-
ers, cloud storage devices,
cloud services
Resource Pooling Architecture 3. False

S
4. b.  CPU pool
Dynamic Scalability Architecture 5. True
6. Dynamic horizontal
IM
Elastic Resource Capacity 7. Workflow
Architecture
8. True
Service Load Balancing 9. False
Architecture
10. Load balancing system
M

Cloud Bursting Architecture 11. False

Elastic Disk Provisioning 12. b. Elastic Disk Provision-
Architecture ing Architecture
13. True
N

Redundant Storage Architecture 14. True

15. Redundant storage
16. b. Redundant storage
architecture
17. storage service gateway

HINTS FOR DESCRIPTIVE QUESTIONS

1. In workload distribution architecture, there is a load balancer
and virtual server. The load balancer distributes the workload
consistently among the available IT resources. Refer to Section
8.2 Workload Distribution Architecture.
2. A common resource pool is the physical server pool that is
composed of network servers. Refer to Section 8.3 Resource
Pooling Architecture.
3. Two types of commonly used dynamic scaling are dynamic
horizontal scaling and dynamic vertical scaling. Refer to Section
8.4 Dynamic Scalability Architecture.

NMIMS Global Access - School for Continuing Education

 CLOUD ARCHITECTURES  189

n o t e s

4. Elastic resource capacity architecture is an architectural model

which is mainly related to the dynamic provision of virtual
servers. It uses a system which can allocate and reclaim CPU
and RAM when there is a requirement of resources. Refer to
Section 8.5 Elastic Resource Capacity Architecture.
5. In service load balancing architecture, there can be
communication between the primary server and neighbouring
servers in order to balance the workload. Refer to Section
8.6 Service Load Balancing Architecture.
6. The cloud bursting architecture is a special dynamic scaling
architecture, which scales or “bursts out” the IT resources into a
cloud when the resources exceed the predefined capacity. Refer
to section 8.7 Cloud Bursting Architecture.
7. It is observed very often that due to network connectivity

S
issues, hardware failure, security breaches and for many other
reasons, cloud storage devices fail or disrupt. Refer to Section
8.9 Redundant Storage Architecture.
IM
8.13 SUGGESTED READINGS & REFERENCES

SUGGESTED READINGS
‰‰ Reese, G. (2009). Cloud Application Architectures: Sebastopol (Cal-
M

ifornia): O’Reilly Media, Inc.

‰‰ Buyya, R., Vecchiola, C., & Selvi, S. T. (2013). Mastering Cloud
Computing: Foundations and Applications Programming. Waltham
(Ma.): Morgan Kaufmann.
N

‰‰ Toby Velte. Anthony Velte. Robert Elsenpeter. (2010). Cloud Com-

puting: A Practical Approach. McGraw-Hill.

E-REFERENCES
‰‰ Cloud computing architecture. (2017, February 05). Retrieved Feb-
ruary 25, 2017, from https://en.wikipedia.org/wiki/Cloud_comput-
ing_architecture.
‰‰ Seshachala, S. (2016, October 31). Cloud Computing Architecture:
an overview. Retrieved February 25, 2017, from http://cloudacade-
my.com/blog/cloud-computing-architecture-an-overview/.
‰‰ How Cloud Computing Works. (2008, April 08). Retrieved February
25, 2017, from http://computer.howstuffworks.com/cloud-comput-
ing/cloud-computing1.htm.
‰‰ Kenzie, A. (n.d.). Components on Cloud Computing Architecture.
Retrieved February 25, 2017, from http://cloud-computing-wiki.
blogspot.in/2015/06/components-on-cloud-computing.html.

NMIMS Global Access - School for Continuing Education

N
M
IM
S
 C h a
9 p t e r

Securing the Cloud

CONTENTS

S
9.1 Introduction
9.2 Basic Terms and Concepts
IM
Self Assessment Questions
Activity
9.3 Threats in Cloud Security
9.3.1 Traffic Eavesdropping
9.3.2 Malicious Intermediary
9.3.3 Denial of Service
M

9.3.4 Insufficient Authorisation

9.3.5 Virtualisation Attack
9.3.6 Overlapping Trust Boundaries
Self Assessment Questions
N

Activity
9.4 Challenges with Cloud Data
Self Assessment Questions
Activity
9.5 Challenges with Data Security
Self Assessment Questions
Activity
9.6 Data Confidentiality and Encryption
Self Assessment Questions
Activity
9.7 Data Availability
Self Assessment Questions
Activity
9.8 Data Integrity
Self Assessment Questions
Activity
9.9 Cloud Data Management Interface

NMIMS Global Access - School for Continuing Education

192 Cloud Computing

CONTENTS

Self Assessment Questions

Activity
9.10 Cloud Storage Gateways (CSGs)
Self Assessment Questions
Activity
9.11 Cloud Firewall
Self Assessment Questions
Activity
9.12 Virtual Firewall
Self Assessment Questions
Activity
9.13 Application Security in the Cloud

S
9.13.1 Security Controls
9.13.2 Security Mechanisms
9.13.3 Security Policies
IM
Self Assessment Questions
Activity
9.14 Summary
9.15 Descriptive Questions
9.16 Answers and Hints
9.17 Suggested Readings & References
M
N

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  193

Introductory Caselet
n o t e s

Cyberoam – Extending Security Cover to Dootall’s

Data CentRE & Cloud-based Network

Dootall is an ICANN-accredited company, which deals in domain

registration and provides shared and hosting services. It has more
than 15,000 satisfied customers. The company provides server
space to customers and Internet connectivity in data centres. The
Internet-hosting package provided by the company helps client
organisations and individuals to get high-speed website-hosting
solution at low costs.

The company’s key strength exists in providing quality ser-

vices to its customers and maximum uptime of network to them.
A hosting provider company like Dootall needs to make sure of the
safety and security of customer’s data stored in Dootall’s servers

S
by taking necessary security measures. Internet is the backbone
of Dootall as most of the activities of the company are managed
through it. Therefore, ensuring security of the Internet is also im-
IM
portant for Dootall.

Moreover, the Dootall network comprises cloud stack, platform

and applications. The company uses software as a service (SaaS)
delivery model for providing different types of computing and
Web applications services. The IT manager of the company, Mr.
Brat said, “We have a cloud-based network which ensures availabil-
M

ity of diversified applications anywhere and anytime. In case a sys-

tem becomes unavailable due to some reason, the smooth operations
of clients may get impaired or come to a grinding halt. The clients
face huge problems if their operational site is down as it results in
loss in their revenue. Consequently, security of clients’ applications
N

and confidential data which is stored in the cloud has always been
a high priority to us.”

However, the company was facing challenges in keeping the ac-

cumulated data safe and secure. Dootall’s enterprise data centres
comprise a large number of client applications and data that can
be stolen by attacks from external sources like hackers or crack-
ers. Therefore, the organisation required a gateway firewall for
regulating authentication of user and controlling access of re-
sources by users.

The number of intrusion attacks and their complexity is so high

that it is not easy to determine new threats and vulnerabilities.
More security resources need to be allocated to ensure that at-
tacks should be dealt seriously and as early as possible before
they damage data and hardware resources. The company’s data
centre has a large number of Web and e-mail servers and they
remain under continuous threats from spyware, hacking, Deni-
al-of-Service (DoS) attacks, etc.

NMIMS Global Access - School for Continuing Education

194 Cloud Computing

Introductory Caselet
n o t e s

Unexpected and frequent network interruptions, security breach-

es and computer virus attacks were significantly affecting Doot-
all’s revenues, reputation and capability of attracting and retain-
ing users. The threats posed by hybrid network attacks comprise
application vulnerability, information theft, authentication de-
feat, malware spread, network anomalies, application or network
downtime, etc.

“If we fail to maintain satisfactory performance, reliability, securi-

ty and availability of our network infrastructure, our business, rep-
utation and ability to attract and retain users could be significantly
harmed,” Mr. Bratt said. So, the company was in search of an
Intrusion Prevention System (IPS) tool to minimise these threats.

Dootall had installed Sonicwall appliance to address the challeng-

S
es and attacks it was facing in managing the client’s data. Soon,
Dootall realised that these appliances were not providing the
types of security that the company is looking for. They failed to
IM
block the Gumblar and Conficker threats effectively because of
limited IPS and anti-virus definition. The search of the compa-
ny again started for new security appliances that can have bet-
ter IPS and antivirus definitions. Moreover, the security solution
should be cost-effective, which means they are capable of offering
more features in the same price. The company then replaced the
Sonicwall devices with Cyberoam 1500i UTM appliances because
M

these appliances provide firewall protection, anti-virus protection

and IPS which can detect and stop malicious attacks and keep its
network and data centre servers protected at all times.
N

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  195

n o t e s

learning objectives

After studying this chapter, you will be able to:

>> Describe basic terms and concepts related to threats and
security
>> Explain threats in cloud security
>> Describe challenges with cloud data
>> Elucidate challenges with data security
>> Explain data confidentiality and encryption
>> Describe data availability
>> Elucidate data integrity
>> Explain cloud data management interface

S
>> Describe cloud storage gateways (CSGs)
>> Explain cloud firewall
>> Elucidate virtual firewall
IM
>> Describe application security in the cloud

9.1 INTRODUCTION
In the previous chapter, you have studied about different types of
architectures of cloud. Security in cloud is of utmost importance ir-
M

respective of the cloud architecture being used by organisations. An

organisation must ensure the protection, privacy, governance, and ac-
cessibility of all its important resources, whether they are using the
private or public cloud. The organisation takes security measures for
N

monitoring access control and identity management. The network

needs to be maintained in a consistent way in the cloud data centre and
hybrid environments. Several companies emphasise on high priority
on the testing and monitoring of threats to the data centre. They also
use various technologies to track users’ identity to determine whether
the user is employed in the company or an external user. The organi-
sation includes various built-in applications and data level protections
in their software application and must consider security services for
both the application and the infrastructure. There are many situations
when the security measures are not enough. One such situation arises
when the security is breached by the people who worked for the com-
pany and it is not easy to track the insiders. Therefore, before using
cloud services, the organisation should have a well-versed plan to deal
with inside or outside threats.

There are some steps that should be followed to reduce the security
breaches, which are given as follows:
‰‰ Authenticate all the users before giving them access to the network

NMIMS Global Access - School for Continuing Education

196 Cloud Computing

n o t e s

‰‰ Store all the access permissions so that the user can have access
only to that data and applications for which they have granted ac-
cess permission
‰‰ Authenticate all software executing on any system and all the mod-
ifications to the software
‰‰ Formalise the process of requesting permissions to access data or
applications
‰‰ Create a log of all the unusual activities by monitoring the network

‰‰ Create a log of user and program activities and analyse any unex-
pected behavior
‰‰ Encrypt the important data that needs additional protection
‰‰ Check the modifications in the software exposed to any external

S
users on the Internet regularly
‰‰ Monitor all IT assets related to cloud regularly
‰‰ Manage the licenses of the services
IM
‰‰ Create administration of new resources allocated to customers
‰‰ Establish a software for tracking the devices on the network

A well-known IT company, Google provides an application status dash-

board called Google Apps Status Dashboard. Customers or clients can
use this Status Dashboard to check on current Google services, such
M

as email, calendar, chat functions, word-processing, spreadsheets and

presentation software, and video. The dashboard shows the status of
each of these applications everyday. Whenever a problem occurs, the
information about that problem is displayed on the dashboard. The
N

company also implements the identity management for the security

of the data centre. They implement the identity management in every
important area of the data centre of the cloud. It is very important
for the protection of the cloud environment because the cloud shares
and virtualises the physical resources across many internal and ex-
ternal clients. The provider must know who has access to what ser-
vices. Identity management’s main goal is to manage the information
about personal identity so that accessibility to computer resources,
services, applications and data can be controlled efficiently. It can also
be considered as the security area that helps in reducing the security
breaches and keeps the financial data safe from unauthorised access.
The main benefits of the identity management are given as follows:
‰‰ Improved user productivity
‰‰ Improved customer and partner service
‰‰ Reduced help-desk costs
‰‰ Reduced IT costs

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  197

n o t e s

Cloud security is a big concern; and, therefore, standards and organi-

sations have been developed to make sure that the right controls, pro-
cedures, and technology are in place to protect the corporate assets.
The standards of Cloud security are a collection of processes, policies
and best methodologies for ensuring that the proper controls must
be implemented over an environment for preventing occurrence of
challenges related to application, information, identity, and accessi-
bility. The Open Cloud Consortium (OCC) was formed in 2008 for the
purpose of cloud security. One of its objectives is supporting the cre-
ation of standards for cloud-computing and frameworks to provide in-
teroperability between clouds. The OCC has the following two major
working groups to deal with the cloud standards:
‰‰ Working group on standards and interoperability for clouds that
provide on-demand computing capacity: Develops standards for
the interoperability between the storage and the computer clouds.

S
‰‰ Working group on information-sharing, security, and clouds:
Focuses on standards and standards-based architecture to share
the information between clouds. It emphasises on clouds which
IM
belong to various organisations and is subject to various policies.
The group also verifies security in the cloud.

The Cloud Security Alliance (CSA) is formed in late 2008. The CSA
promotes a set of best methodologies for providing security assurance
in cloud computing. Some objectives of CSA are as follows:
M

‰‰ Promote understanding between cloud providers and users re-

garding the need of security
‰‰ Research about the best methods or techniques of implementing
cloud security
N

‰‰ Run awareness campaigns related to cloud security solutions

‰‰ Create consensus lists of challenges and guidance for ensuring
cloud security

9.2 BASIC TERMS AND CONCEPTS

The technology is evolving day by day and so is the need for securi-
ty. The products, nowadays, are focussed more on ease of use, which
often results in overlooking the security aspect of the products. Most
of the time, the vulnerabilities in a network are overlooked by system
designers till the time the system is deployed. Computers are more
focussed on performing routine activities, thereby, making it difficult
for system administrators to explicitly allocate resources for securing
systems. For example, in case of large networks like clouds that are
spread over a wide area, it becomes difficult for the system adminis-
trator to check all the log files generated by all the systems, identify
vulnerabilities of each and every system, and apply security patches
to individual systems. In addition, the easy availability of a lot of free

NMIMS Global Access - School for Continuing Education

198 Cloud Computing

n o t e s

automated tools and code for hacking a system on the Internet has
also increased the need to secure a system against potential threats.
Some common terminologies related to security of data or computer
are as follows:
‰‰ Threat: Refers to an action that might cause harm to the security
of networks or information systems. A threat is a potential breach
of security. Malicious hackers and their hacking techniques pose
threat to information system security
‰‰ Vulnerability: Refers to a weakness or implementation error in
an information system. It can also refer to the insufficient mea-
sures taken to safeguard the information systems against possible
threats. The vulnerabilities can be found in hardware, operating
systems, and applications.
‰‰ Risk: Refers to the probable chances of loss or harm to informa-

S
tion system or network.
‰‰ Target of Evaluation (TOE): Represents an IT element, product,
or system that is identified to have a security evaluation or attack.
IM
‰‰ Attack: Refers to an action that violates the information system
security policies usually resulting from a threat realised.
‰‰ Exploit: Refers to a way of manipulating the vulnerability or weak-
ness of an IT system to violate its security or integrity.
‰‰ Confidentiality: Refers to hiding system information or resources
M

from unauthorised users.

‰‰ Authenticity: Refers to identification of the origin of information.
‰‰ Integrity: Refers to ensuring the reliability of data or resources
while preventing irrelevant and unauthorised changes to data.
N

‰‰ Availability: Refers to enabling a user to have continuous access

to information and resources.
‰‰ Hacker: Refers to a computer expert who enjoys exploring the de-
tails of computer systems as compared to other users who choose
to learn just the minimum required.
‰‰ Cracker: Refers to a computer expert who uses his/her comput-
er skills to exploit the security system of a computer for personal
gains and harmful purposes.
‰‰ Reconnaissance: Refers to the preparatory phase in which an
attacker tries to gather as much information as possible about a
TOE. It involves scanning a network both from inside or outside
without having a proper authority. This phase is considered as an
early attempt to gather information about network and informa-
tion systems.

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  199

n o t e s

‰‰ Biometric systems: Refers to a system that involves the use of

unique human characteristics, such as fingerprints, retinal pat-
terns, or voice recognition for their authorisation.
‰‰ Firewall: Refers to a system that is designed for preventing unau-
thorised access of private networks.
‰‰ Virus: Refers to a malicious program, which can replicate itself
and damage the data and executable files (files with a .exe exten-
sion) on your computer.
‰‰ Trojan horse: Refers to a malicious code disguised inside normal
applications, such as games.
‰‰ Worm: Refers to a malicious program that can replicate itself and
use networks to send its replicated copies to other computers.
‰‰ Threat agents: Refers to an individual or group that can be proved

S
as a threat. They may exploit the assets of an organisation or use
them against the organisation. The threat agents may perform dif-
ferent actions, which include unuthorised access, misuse, disclo-
IM
sure of sensitive information, unauthorised changes to asset and
denial of access of resources.
‰‰ Anonymous attacker: Refers to the attackers that have no access
permissions of cloud-based resources. These generally exist as
a software program and can attack virtual servers by using the
public network. They have very little knowledge about the securi-
M

ty policies of the Internet service provider so they penetrate into

cloud-computing infrastructure by hacking the accounts of clients
or users.
‰‰ Malicious service agent: Refers to threat agents that exists as a
N

software program within the cloud-computing infrastructure and

has the capability to intercept the network traffic.
‰‰ Trusted attacker: Refers to the type of attacker that has very
detailed knowledge of the internal functioning of the cloud. The
attackers can launch their attack by using a user’s login creden-
tials. The main threat from these types of attackers is their prior
knowledge of cloud-computing infrastructure which they can use
to damage any type of virtual server deployed in the cloud-com-
puting environment.
‰‰ Malicious insider: Refers to a threat in which the insiders of an
organisation, such as employees, former employees or former
third-party vendors, harm the organisation for financial gain, per-
sonal interest or revenge. They can harm the organisation by in-
fecting the system or network with malware, selling confidential
data to the competitors of organisation or stealing organisation’s
resources.

NMIMS Global Access - School for Continuing Education

200 Cloud Computing

n o t e s

self assessment Questions

1. Which of the following terms can be used for the technique that
is used for the authorisation of unique human characteristics?
a. Reconnaissance b. Biometric systems
c. Firewall d. Availability
2. _____ refers to a computer expert who uses his/her computer
skills to exploit the security system of a computer for personal
gains and harmful purposes.

Activity

Search and enlist some concepts related to cloud security other

S
than those discussed in the chapter.
IM
9.3 THREATS IN CLOUD SECURITY
A threat is an illegal activity that can cause damages, such as loss of
information and data corruption to the cloud-provider organisation.
Broadly, there are two basic types of threats—accidental threat and
intentional threat. Accidental threat is an activity that occurs acciden-
tally and its occurrence is not dependent on any entity. It can occur
M

due to exposure of confidential information and unauthorised mod-

ification in information. On the other hand, intentional threat is an
activity that is performed by an entity to violate security of the com-
puter system and network. Some more threats in cloud security will
be discussed in the next sections.
N

9.3.1 TRAFFIC EAVESDROPPING

Traffic eavesdropping is a process of listening or overhearing the

entire or parts of a data by unauthorised gathering process of infor-
mation while it is being transferred within or across clouds. It is re-
ferred to as an attack on a cloud network that is used to capture data
packets from the network to read the data content in search of sensi-
tive information, such as passwords, etc. The attack could be done by
using tools called network sniffers. These tools collect data packets
from the network and analyse the data contained in them. In other
words, traffic eavesdropping is the process in which information is
gathered from a network by interfering on transmitted data. When
anyone overhears a private conversation secretly in an illegal way, it
is considered eavesdropping. The information stays intact, but its pri-
vacy is compromised.

Figure 9.1 shows information of traffic eavesdropping:

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  201

n o t e s

Traffic
Cloud eavesdropper
consumer
cloud
Service

Copied message

Figure 9.1: Displaying the process of traffic eavesdropping

Source: http://fac.ksu.edu.sa/sites/default/files/chapter_6._fundamental_cloud_security.pdf

S
In Figure 9.1, you can see that an external malicious service agent
carries out a traffic eavesdropping attack by intercepting data sent
to the cloud service by its consumer. The service agent can create an
IM
unauthorised copy of the data or information before sending it to its
original path towards the cloud service.

9.3.2 MALICIOUS INTERMEDIARY

The malicious intermediary threat occurs when information is inter-

cepted and modified by a malicious service agent, thereby compro-
M

mising confidentiality and/or integrity of the information. It may also

add harmful data into the information or message before sending the
message to its destination. Figure 9.2 shows a common example of the
malicious intermediary attack:
N

Original Altered message

message data with harmful data 
Virtual server
is compromised

Malicious
Cloud service
intermediary
consumer

Figure 9.2: Displaying the process of malicious intermediary attack

Source: http://fac.ksu.edu.sa/sites/default/files/chapter_6._fundamental_cloud_security.pdf

In Figure 9.2, the malicious service agent has intercepted and modified
a message sent to the cloud service by the consumer of a cloud service
being hosted on a virtual server. Because malicious data is embedded
into the message, the virtual server’s security gets compromised.

NMIMS Global Access - School for Continuing Education

202 Cloud Computing

n o t e s

9.3.3 DENIAL OF SERVICE

The aim of the denial of service (DoS) attack is overloading of IT re-

sources to such a limit that they are not able to function properly. This
form of attack can take place in either of the following ways:
‰‰ The workload on cloud services can be increased by sending re-
petitive messages or repeated communication requests.
‰‰ The network can be overloaded with traffic for reducing its reac-
tion and crippling its performance.
‰‰ Multiple cloud service requests can be sent and are designed in
such a way that they can consume excessive memory and process-
ing resources.

The successful DoS attacks may lead to server degradation and/or fail-

S
ure, as shown in Figure 9.3:

Cloud service
IM Consumer A
(attacker)

Overload

A
M

Cloud service
N

Consumer B

Figure 9.3: Displaying DoS attacks

Source: http://fac.ksu.edu.sa/sites/default/files/chapter_6._fundamental_cloud_security.pdf

In Figure 9.3, you can see that cloud service consumer A is sending
numerous messages to a cloud service which is being hosted on Vir-
tual Server A. This leads to overloading of the capacity of the primary
physical server, which leads to outages with Virtual Servers A and B.
Due to this, authorised cloud service consumers, like cloud service
consumer B, unable to interact with any cloud services present on
Virtual Servers A and B.

9.3.4 INSUFFICIENT AUTHORISATION

When permission of accessing IT resources is granted to an attacker

erroneously that needs to be protected, the insufficient authorisation
attack occurs. As a result, the attacker gains access of those resources
that were only accessible to the trusted consumer programs, as shown
in Figure 9.4:

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  203

n o t e s

Cloud Service
Consumer B

Cloud Service
Consumer A
(attacker)

S
Figure 9.4: Displaying an example of insufficient
authorisation attack
Source: http://fac.ksu.edu.sa/sites/default/files/chapter_6._fundamental_cloud_security.pdf
IM
In Figure 9.4, you can see that cloud service consumer A gets accessi-
bility of the database that was presumed to be only accessed by using
a Web service with a published service contract based on cloud service
consumer B.

9.3.5 VIRTUALISATION ATTACK
M

Virtualisation provides accessibility of IT resources to multiple cloud

consumers that share essential hardware but are logically separated
from each other. Providing administrative access of virtualised IT re-
sources like virtual servers to cloud consumers by cloud providers in-
N

creases the risk of attack by the cloud consumers on IT resources. A

virtualisation attack opens weaknesses in the implementation of vir-
tualisation platform which might risk its confidentiality, integrity and
availability. Figure 9.5 shows an example of a virtualisation attack:

Trusted cloud
service consumer
(attacker)

Figure 9.5: Displaying an example of attacker

Source: http://fac.ksu.edu.sa/sites/default/files/chapter_6._fundamental_cloud_security.pdf

NMIMS Global Access - School for Continuing Education

204 Cloud Computing

n o t e s

In Figure 9.5, a trusted attacker is successfully accessing a virtual serv-

er to attack its physical server or hardware. In case of a public cloud,
where a single physical IT resource acts as a virtualised IT resource
for multiple cloud consumers, this type of attack can have significant
consequences.

9.3.6 OVERLAPPING TRUST BOUNDARIES

A trust boundary is a logical boundary that mainly expands beyond

physical boundaries for specifying the extent to which IT resources
can be trusted. In case of physical IT resources shared by multiple
cloud service consumers, these consumers of cloud services have
overlapping trust boundaries. The malicious cloud service users can
attack these shared IT resources with the intention of exploiting cloud
consumers or IT resources that share the same trust boundary. The

S
result of this attack can impact some cloud service consumers or all.
Moreover, the attackers can use the IT resources for harming other
cloud service consumers that are sharing the same trust boundary.
Figure 9.6 shows an example in which two cloud service consumers
IM
share virtual servers hosted by the same physical server and, as a re-
sult, their individual trust boundaries overlap:

Cloud Service
Consumer A
M

(attacker)
N

Cloud Service
Consumer B

Figure 9.6: Displaying an example of overlapping trust boundaries

Source: http://fac.ksu.edu.sa/sites/default/files/chapter_6._fundamental_cloud_security.pdf

In Figure 9.6, cloud service consumer A is considered reliable by the

cloud and, therefore, gained access of a virtual server, which the con-
sumer A attacks with the objective of attacking the underlying phys-
ical server and the virtual server that is being used by cloud service
consumer B.

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  205

n o t e s

self assessment Questions

3. When anyone overhears a private conversation secretly in an

illegal way, it is considered as __________.
4. The aim of the __________ attack is overloading of IT resources
to such a limit that they are not able to function properly.

Activity

Research and prepare a report on different types of spoofing.

9.4 CHALLENGES WITH CLOUD DATA

S
The different types of data-related challenges in the cloud and effec-
tive mitigation measures are as follows:
‰‰ Challenges with data redundancy: The multiple copies of data
IM
must be stored at various locations and replicated in synchro-
nous (for data sets that are geographically closer) or asynchronous
modes (for data sets located across the country or in different con-
tinents). When replicating across data centres, the system must
be aware of the data location, latency, user workload, and activi-
ty such as backup, report generation, application testing, etc. To
M

check data redundancy, the following requirements must be met:

 Different strategies must be set up to improve replication and
data access.
 Load-balancing of incoming data requests must be configured,
N

so that users have ready access to data sets that are geograph-
ically closest.
 Data consistency must be maintained implicitly over a wide
distribution of replicated data sources.
 Each data set must have internal redundancy, which enables
the system to rebuild the entire data set even if some compo-
nents are temporarily damaged, unavailable, powered off, or
inaccessible due to connectivity problems.
‰‰ Challenges with disaster recovery: Disaster Recovery (DR) in
cloud computing is one of the most vital selection criteria when
evaluating cloud providers. On the one hand, DR with cloud com-
puting has several benefits, such as cost-effectiveness, ease of
implementation, scalability, and quick provisioning; on the other
hand, there are numerous issues with cloud-based DR, which are
as follows:
 Initial data copy for existing data: For large sets (TBs or many
GBs), it is not possible to make the initial data copy over the

NMIMS Global Access - School for Continuing Education

206 Cloud Computing

n o t e s

Wide Area Network (WAN) by the cloud consumer to the cloud

provider. Hence, a manual process, such as copying data to a
tape or hard disk and shipping the device to the cloud provider
data centre, takes time.
 Limited or no support for some operating systems: Most pub-
lic cloud DR providers support common operating environ-
ments such as MS Windows or Linux. There is no support for
older, non-Web-based, or less common operating systems such
as Solaris™, HPUX, or AIX.
 Insufficient bandwidth: Most DR providers prefer to create
backup with incremental updates instead of taking a full copy.
 Financial considerations: It is financially feasible for small
and mid-sized organisations that have less data to use cloud
for DR. However, for organisations that have vast amounts of

S
data, owned DR site is more cost-effective.
 Supplier issues: Some cloud providers do not put in the re-
quired effort and time to understand customer-specific needs.
IM
They, therefore, cannot justifiably meet all the DR require-
ments of the customer.
‰‰ Challenges with data backup: There are several problems related
to backing up of cloud data. The following are some of them:
 If you download cloud data to your in-house hard disk or tape,
M

you need to pay for the bandwidth.

 You need a safe place to store the data and frequently check
the media integrity of the backup device.
 If you keep the backup data in a cloud, you need to harden
N

the security around it to protect it from hackers and malware

attacks.
 Data recovery to a cloud-based service site is tough, slow, and
prone to transfer interruptions. This is more pronounced if you
need to upload a large amount of data to the cloud over a WAN
connection.
‰‰ Challenges with data replication: Data replication is the process
of creating copies of user data and application to use in case the
data at the primary service site is corrupted, deleted, or unavail-
able. The problem with replication is that the location of the data
copies is dynamic.
There are two types of replication, each having its own issue in the
cloud:
 Synchronous replication: In this type of replication, replicat-
ed copies are always in sync with the primary site. This is used
to replicate within distances of 100 kms, where latency is not
expected to impact performance. This type of replication is not

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  207

n o t e s

preferred in the cloud, because data is copied over the WAN,

and its performance can impact many customers.
 Asynchronous replication: In this type of replication, the rep-
licated data lags behind the primary data by a time period of
10 minutes to a few hours. This is common in the cloud, but it
impacts performance. It is inconvenient and difficult to freeze
a database, even momentarily, to get a snapshot.
‰‰ Challenges with data residency or location: In the cloud, the lo-
cation of data can pose a compliance or legal problem. For your
data, you need to know which legal requirements you must comply
with. Certain governments restrict the access of data according to
the local or country laws. For certain data types, you must keep the
data within the region or the country.
‰‰ Challenges with data reliability: Service reliability in the cloud is

S
a concern because of several reasons. Some of them are as follows:
 Heterogeneous hardware and software components
 Connectivity
IM
over multi-vendor WAN
 Massive user-base sharing the same resource pool
 Ease of access for users
‰‰ Challenges with data fragmentation: With numerous users simul-
taneously working on different datasets in the cloud, the user data
M

is split or fragmented into many pieces and stored in various stor-

age locations. The spread of data and overhead of keeping tracks
of where different parts of a file are located leads to inefficiency
and degrades read-write performance. The provider must adopt
comprehensive data-management techniques to reduce user-data
N

fragmentation.
‰‰ Challenges with data integration: Various factors lead to chal-
lenges in cloud data integration, such as the following:
 Content distribution: Contents of a file reside in different data
centers and various storage subsystems in the same data cen-
tre.
 Exchange of data: The cloud data interacts with applications
residing on other public or private clouds. This exchange of
data between cloud applications presents the challenge of hav-
ing a compatible data format and application interfaces.
 Speed of change: There are innumerable changes in the data
per second and keeping track of the data poses a tough chal-
lenge for its integration.
 Distributed control: The control over data is shared between
the cloud provider and the consumer. This increases the inte-
gration challenges.

NMIMS Global Access - School for Continuing Education

208 Cloud Computing

n o t e s

 Connectivity: Cloud data can be accessed only when the user

and the services are online. The integration and work done
require bandwidth, which, in turn, depends on the amount of
transaction and work-at-hand.
‰‰ Challenges with data transformation: In the cloud, various appli-
cations may need to use the same data. The data format needs to
be converted to a format that can be used by other cloud applica-
tions. This is data transformation and allows use of data by several
cloud applications. This creates the following challenges:
 Run-time issues: There are several run-time environments in
the cloud, and the new transformed data may not be compati-
ble with many environments.
 Redundancy issues: Data transformation creates multiple cop-
ies. Keeping track of location and changes of data in the vari-

S
ous sets is a challenge.
 Implementation issues: Data transformation can be expen-
sive. To make it affordable and convenient, the transformation
IM
and tracking of various sets must be automated.
‰‰ Challenges with data migration: After you decide to roll out a
cloud service within your organisation, you need to migrate some
user login, profile details, user data, and corporate information to
the cloud. Cloud providers must have templates and procedures to
conveniently migrate in-house data to public clouds. However, you
M

must be aware of inherent challenges during and after migration,

which are as follows:
 Liability concerns: Cloud providers have a maximum data
value for damage claims in the SLA. This value may be much
N

lesser than the data value or the efforts needed to fix data loss
or integrity problems.
 Compliance concerns: The cloud provider must comply with
various regulatory and legal requirements, such as the Feder-
al Information Security Management Act (FISMA), the Health
Insurance Portability and Accountability Act (HIPAA), and the
International Organisation for Standardisation (ISO), mandat-
ed by your business vertical for data protection and privacy.
 Connectivity concerns: There can be several faults in the WAN
links between the consumer and the provider. It is supported
by various connectivity providers and is outside the control of
the consumer or the provider.

Despite these challenges, cloud data and traffic are rising rapidly and
are expected to grow at a Compound Annual Growth Rate (CAGR) of
31% between 2011 and 2016.

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  209

n o t e s

self assessment Questions

5. With numerous users simultaneously working on different

datasets in the cloud, the user data is split or fragmented into
many pieces and stored in various storage locations. (True/
False)
6. __________ in cloud-computing is one of the most vital selection
criteria when evaluating cloud providers.

Activity

Search and enlist the advantages of creating backup of cloud data.

S
9.5 CHALLENGES WITH DATA SECURITY
Due to inherent multi-tenancy and ease of access within a cloud, the
IM
data is subjected to various security risks, which continues to be a se-
rious concern. The major problems are as follows:
‰‰ Snooping: The access of each tenant should be limited to his/her
own data. A tenant in the cloud should not gain access to another
tenant’s data. Any mechanism to connect to another tenant’s data,
such as mounts, shares, and symbolic links, should be limited to
M

their own dataset.

‰‰ Unauthorised discovery: Data should be invisible to all tenants
except the owner.
‰‰ Spoofing: Authentication mechanisms must be applied for ensur-
N

ing that no cloud tenant can adopt the identity of another tenant.
‰‰ Accidental or malicious deletion: No user (except the data owner)
should be able to delete the data belonging to another tenant.
‰‰ Denial-of-service attacks: Other cloud users should not be able to
launch denial of service attacks on the shared storage volumes of
another customer’s data. Normal or abnormal application errors
of one user should not cause an I/O storm on the shared volume of
another customer’s storage.

Another concern with the data security in cloud is the quality of ser-
vice provided to consumers. Apprehensions about performance, long
response time, and WAN-induced latency inhibit many potential cus-
tomers from readily accepting cloud services. The cloud provider must
be able to ensure that response time and performance do not pose any
impediment to cloud adoption. There are several other challenges in
implementing high levels of service uptime and security, which are as
follows:

NMIMS Global Access - School for Continuing Education

210 Cloud Computing

n o t e s

 The internal functions of cloud services are not visible to users,

which makes it hard to track problems and enforce security
controls.
 The cloud consumers are left with a loss of control, because
security is primarily managed by the cloud-provider.
 The real-time changes in resource allocation from a virtualised
pool make it difficult to track the location or use of cloud re-
sources and enforce security policies.
 The sharing of resources amongst many customers has serious
risks. A security breach or loophole created by one customer
impacts the other customers.

self assessment Questions

S
7. When the cloud tenant assumes the identity of another tenant,
it is known as ________.
8. Data should be invisible to all tenants except the owner. (True/
IM
False)

Activity

Search and find out the information about the concept of data loss
M

prevention (DLP).

DATA CONFIDENTIALITY AND

9.6
ENCRYPTION
N

Data confidentiality in the cloud is a way to protect data or messag-

es from being understood or used by unintended users or tenants of
the cloud. A common way to achieve data confidentiality is to encrypt
data. Even if an unauthorised party accesses the data, he or she can-
not use it. Cloud data is encrypted with an algorithm and a key. The
encrypted data is called ‘ciphertext’.

There are two phases in the process, which are as follows:

1. In the first phase, a mathematical function is used to convert
the plain text to encrypted cipher. This is the simpler of the two
phases, but the mathematical function must be complex and
sound enough to give a high degree of protection. The encryption
should protect against those who may access the cipher text and
try to figure out a pattern and understand it.
2. The second phase is to enable the authorised recipients to
decipher the ciphertext with ease.

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  211

n o t e s

There are two common ways to encrypt data. They are as follows:
‰‰ Asymmetric encryption: In asymmetric encryption, different keys
are used for encrypting and decrypting, such as a public and a pri-
vate key, as shown in Figure 9.7:

Sender Recipient

Internet

$$#@][!_
+<.IBzANB? $$#@][!_
Plain text + *&%@ + +<.IBzANB? = Plain text
document *&%@ document
Encrypted
message
Public key Public key
Sender uses Recipient uses its own
recipient’s public private key to

S
key to encrypt message decrypt message

Figure 9.7: Asymmetric encryption using public key to encrypt and

IM
private keys to decrypt cloud documents

The public key can be freely available to others within and outside
the cloud. It is used by anyone who wants to encrypt documents be-
fore transmitting the encrypted documents to the user. The user must
keep the private key a secret and use it to decrypt the encrypted doc-
uments. However, a limitation of the asymmetric encryption is that it
M

is slow and takes too much computing resources. It is, therefore, not
commonly used within a cloud, wherein users pay for data processing
and bandwidth.
‰‰ Symmetric encryption: This is an old and tested technique,
N

which can be used for at-rest and in-transit cloud data. It uses a
shared secret key to encrypt as well as decrypt data, as shown in
Figure 9.8:

Sender Recipient

Internet

$$#@][!_
Plain text +<.IBzAN Plain text
B?*&%@[]
document document
Encrypted
Sender uses Message Recipient uses
shared secret shared secret
key to key to
encrypt message decrypt message

Shared secret key

Figure 9.8: Symmetric encryption using a shared secret key to en-

crypt and decrypt documents or messages in the cloud

NMIMS Global Access - School for Continuing Education

212 Cloud Computing

n o t e s

Exhibit

Algorithms for cloud data encryption

Many cloud providers use encryption standards, such as Advanced

Encryption Standards (AES) and 3-Data Encryption Standards
(3DES), to ensure that data protection is the highest priority in
rendering cloud services. There are several algorithms that can be
used for cloud data encryption: such as the following:
‰‰ RSA algorithm: This was developed in 1977 by three mathe-
maticians, namely Ron Rivest, Adi Shamir, and Len Adleman,
and named after the three inventors. The algorithm selects two
large prime numbers and uses their product to form the re-
quired keys to encrypt the data. It is widely used, especially for

S
digital signatures.
‰‰ DES/3DES: The Data Encryption Standard (DES) was devel-
oped by the US government in 1977. The new version 3DES
IM encrypts the data three times, using a different, unique key at
least in one of the three passes.
‰‰ IDEA: International Data Encryption Algorithm (IDEA) was
developed in the early 1990s by Dr. X. Lai and Prof. J. Massey in
Switzerland, initially to replace the DES algorithm. It uses the
same secret key for encryption and decryption. It uses a 128-bit
M

key. It is fast and can be used for cloud data. It operates on 64-bit
blocks at a time.
‰‰ Blowfish: Blowfish is another symmetric block-cipher algo-
rithm (like DES and IDEA) developed by Bruce Schneier in
N

1993 as a free algorithm. It is designed to use keys of length from

32 to 448 bits. It is a strong and fast algorithm and, therefore,
suitable for use in the cloud.
‰‰ RC4: RC4 was invented by Ron Rivest, one of the co-inventors
of the RSA Algorithm. It is fast, strong, and can use keys of up
to 2,048 bits. It works by creating a stream of random bytes and
XORing those bytes with the text. It is useful if you need a new
key for each message.
‰‰ SEAL: Software-Optimised Encryption Algorithm (SEAL) is a
stream-cipher algorithm in which data is continuously encrypt-
ed. It is much faster than block-cipher algorithms, such as DES,
IDEA, and Blowfish. It uses a 160-bit key for encryption and is
safe. However, it has a longer initialisation phase during which
it uses Secure Hash Algorithm to create an enormous set of ta-
bles.

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  213

n o t e s

self assessment Questions

9. Cloud data is encrypted with an algorithm and a key. This

encrypted data is called ________.
10. In symmetric encryption, different keys are used for
encrypting and decrypting, such as a public and a private key.
(True/False)

Activity

Prepare a report on the latest key technology that simplifies data

encryption in the cloud.

S
9.7 DATA AVAILABILITY
After security and quality of service, another big concern is data avail-
IM
ability. After a customer starts using cloud services and data, there are
chances of unexpected downtime. There have been several outages at
cloud providers despite their redundancy and replication.

The most important lesson learnt from the history of outages at the
world’s leading data centres is that there is no single-server data cen-
tre or Business Continuity Planning (BCP) process that guarantees a
M

100% uptime. As a provider, if you expect to offer 100% availability of

your cloud services, you can have problems maintaining the SLA with
your users.

If the user keeps the data confidential and secure, it must also remain
N

available to them whenever they need it. The SLAs with your cloud-
provider must have data uptime agreements. Data or service avail-
ability can be specified as a percentage of uptime in a given year or
month.

Table 9.1 shows the downtime that is allowed for any given percentage
of availability:

Table 9.1: Allowed Downtime for Each

Availability Level
Availability % Downtime per month Downtime per
(assuming 30-day month) year
99% (“two nines”) 7.20 hours 3.65 days
99.5% 3.60 hours 1.83 days
99.9% (“three nines”) 43.2 minutes 8.76 hours
99.99% (“four nines”) 4.32 minutes 52.56 minutes
99.999% (“five nines”) 25.9 seconds 5.26 minutes
99.9999% (“six nines”) 2.59 seconds 31.5 seconds

NMIMS Global Access - School for Continuing Education

214 Cloud Computing

n o t e s

The SLA with the cloud service provider must refer to monthly al-
lowed downtime. If the downtime is more on a monthly or annual ba-
sis, the SLA must specify how much of the extra downtime is convert-
ed to service credits and how it is converted.

The user expects a commitment of 4-nines (with 52 minutes of outage

per year). Getting 5 nines (5 minutes of outage per year) from a cloud
service-provider is rare, but a few providers do claim 5 nines of up-
time. However, most cloud providers promise only 3 nines (8 hours
and 45 minutes of outage per year). Given the 24/7 uptime expectation,
internal or external customers may find 3 nines unacceptable.

If the data in the cloud is not accessible, the services are down. Down-
time leads to soft and hard costs, which are explained as follows:
‰‰ Soft cost: Loss in customer confidence and employee morale.

S
‰‰ Hard cost: Loss due to employee productivity and customer reve-
nue during the outage window.

Table 9.2 shows an estimate of a hard loss of US$ 30,646 due to service
IM
outage for a cloud-based mid-sized organisation with an annual on-
line revenue of US$ 100 million and employee salary of US$ 50 million:

Table 9.2: Estimated Loss Per Hour Due to Outage

of Cloud-based Data and Services
M

Loss Type Value

Revenue loss Online sales per year
Online sales per hour
(assuming 24/7 operations)
N
US$ 100 million per
year
US$ 11,415 per hour

Employee pro- Employee salary per year US$ 50 million USD

ductivity loss per year
Employee salary per hour US$ 24,038 per hour
(assuming 5 days a week and
8 hours per day)
Assuming 80% of the US$ 19,230 per hour
employees lose work due to
cloud outage
Total loss Revenue + Productivity US$ 30,646 per hour
losses

When financial losses due to service outage are high, the user must
have an SLA of a few minutes of downtime per year. This requires
that the SLAs have 4-5-nines of availability. Figure 9.9 shows common
reasons for service outages:

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  215

n o t e s

Client
software Server
Network 5% software
software 5% 30%
Hardware
10%
5% Environment
15%
People 30%

Planned
downtime

Figure 9.9: Causes of downtime for a typical organisation

Source: IDC

S
Cloud service providers must make sure that the data is accessible
at all times. Besides uptime, you need to consider if the cloud service
provider will remain in business in future. What is their business via-
IM
bility? Given the competition and low margins, many cloud-providers
have gone out of business. Many service providers may or may not
send a notice to clients to retrieve and save their data before shutting
down the services.

Another factor for selecting a cloud service-provider is whether the

provider backs up the data or not. Some providers offer backups and
M

DR as additional fee-based service.

self assessment Questions

N

11. Data or service _________is expressed as a percentage of

uptime in a given year or month.

Activity

Research about the popular approaches used for providing data

availability such as storage area network (SAN), network-attached
storage (NAS), etc.

9.8 DATA INTEGRITY

Data confidentiality makes sure that the data in the cloud cannot be
read or understood by unauthorised parties. Data availability makes
sure that users can access data whenever they want to. However, the
encrypted data in the cloud must not be intercepted or modified by
unauthorised parties while it is in transit or at rest. If it gets modified,
users are unable to trust the content. In other words, the data is invalid
and lacks integrity. The user needs to reactively detect if the data has
been modified and prevent such occurrences from happening again.

NMIMS Global Access - School for Continuing Education

216 Cloud Computing

n o t e s

For securing the cloud data, the user needs to ask the provider the
following questions:
‰‰ Are there known loopholes to comprise data integrity?
‰‰ What processes does the provider follow to assure data integrity?
‰‰ How does the provider report the success or failure of data integ-
rity?
‰‰ What is the maximum loss that can occur to a user if the data in the
cloud lacks integrity?

To detect if the data has been modified or tampered with, users need
to have data origin authentication. According to this method, the data
bits are replaced during transit within the cloud. In such a case, the
receiver decrypts the message, but the data is different from the orig-
inal data. Without data origin authentication, the recipient does not

S
become aware that the received data is different. That is why, regular
backups are important to reactively replace tampered data. There are
many proactive measures that the cloud provider can take to ensure
IM
data integrity, such as the following:
‰‰ They must control the access to data using mechanisms, such as
Role-Based Access Control (RBAC).
‰‰ They must design and implement user interfaces that prevent in-
put of invalid data.
M

‰‰ They must use error detection and correction software when

transmitting data within or outside the cloud.
‰‰ They must make sure that the data storage is protected using tech-
niques, such as new Data Integrity Field (DIF), which can provide
N

end-to-end data integrity. For data in the private or the public

cloud, it is important that users have the cloud data on disks and
arrays that implement the DIF function. As a cloud user, it is bet-
ter to ask the cloud-provider if they implement DIF. The cloud ap-
plications should have DIF built in to further ensure integrity. It
makes sure that the data is protected and the I/O locations are cor-
rect. This ensures that the right data is not available at the wrong
location.

self assessment Questions

12. The cloud provider can provide the access to data using
mechanisms such as _______-based access control.

Activity

Find out the role of Third Party Auditor (TPA) that carries out all
auditing processes in cloud-computing.

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  217

n o t e s

CLOUD DATA MANAGEMENT

9.9
INTERFACE
A new standard to protect data is the Cloud Data Management Inter-
face (CDMI) from Storage Networking Industry Association (SNIA).
CDMI allows users to tag the data with special metadata. The metada-
ta can be used to code services that must be provided, such as encryp-
tion, backup, de-duplication, replication, compression, archiving, etc.
These services increase the value of user data existing in the cloud.

CDMI is the first industry-developed open standard for cloud data.

It enables interoperable cloud storage implementations from various
cloud service-providers and storage vendors. The standard was creat-
ed by the SNIA Cloud Storage Technical Work Group (TWG), which
consists of more than 180 members from more than 60 organisations

S
around the globe.

Figure 9.10 shows the basic data flow between clients and cloud stor-
age with the implementation of SNIA’s CDMI standards:
IM
CDMI Client issues requests

CDMI Datapath HTTP: PUT, GET, HEAD,

client DELETE (Dataobject,
container, queue, account, capability Cloud
M

storage
with CDMI
implementation
CDMI Implementation issue responses

HTTP STTAUS
(200 OK, 201 Created, etc.)
N

Figure 9.10: Implementation of SNIA’S CDMI standards

self assessment Questions

13. CDMI is the first industry-developed open standard for cloud

data. (True/False)

Activity

Prepare a report on the different versions of CDMI.

9.10 CLOUD STORAGE GATEWAYS (CSGs)

To address the performance and security issues in public clouds, con-
sumer organisations can use CSGs. CSG is an appliance residing in
the customers’ premises and provides data protection by encrypt-

NMIMS Global Access - School for Continuing Education

218 Cloud Computing

n o t e s

ing, compressing, and archiving data sets before moving the data to
a cloud.

A CSG could be in the form of a hardware appliance with a cache that

can be installed within your corporate office or data centre, as shown
in Figure 9.11:

Cloud storage
provider A
Read-ahead
CSG VPN to
data and
Vendor public cloud
metadata
Initial
configuration
credentials
Deduplicated
Call-home compressed,

S
Billing encrypted,
incremental updates Cloud storage
CSG with provider A
cache Corporate
IM
office

Cloud users

Figure 9.11: The CSG

A CSG at the corporate office intercepts and manages all the I/O be-
M

tween the users and the cloud storage providers. A CSG could also be
a downloadable software program that can be installed on a server
at the customer location. CSGs have a local cache to store data tem-
porarily. Users can download the CSG software and configure a local
storage device as the cache. CSGs eliminate the issue of vendor lock-
N

in, because they support various formats and facilitate data backup.

In Figure 9.11, CSG is located in the customer premises. It may con-

tact the CSG vendor to get credentials for each cloud provider a user
makes use of and for the call-home features (if enabled). The call-
home features allow the CSG to automatically report issues, status,
problems, and diagnostic reports to the CSG vendor to enable preven-
tive maintenance or accelerate problem resolution. It should be able
to send data via e-mail, SMS, or by posting them on the user interface
of the monitoring application. CSG provides data protection in the
following four steps:
‰‰ The CSG cache accelerates I/O rates and enables a convenient
replication procedure.
‰‰ Files that are to be copied to the cloud are first stored in the CSG
cache.
‰‰ After a certain pre-set time interval, the cache data is pushed to
the cloud.
‰‰ Data that is read from the cloud is copied to the cache.

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  219

n o t e s

To improve performance, CSG caches data as well as metadata. The

CSG you select must provide the following features or benefits:
‰‰ Caching algorithms: The cache in a CSG provides a buffer of vital
data to speed access and reads, instead of having to reach out to
the original servers to read data each time it is required. CSG must
use certain algorithms, such as the Least-Recently Used (LRU) al-
gorithm to enhance the cache hit rate. Using LRU, the CSG keeps
a list of all recently used data in its cache. Data that is not used
for a certain period of time is removed from the cache. If they are
referenced later, CSG retrieves the data from the cloud and re-in-
stantiates it in the cache. If the requested file is large, a piece of
the file is requested from the cloud and provided to the user. In the
meantime, the remaining pieces of the file are requested from the
cloud. The advantage is that the user is able to access parts of the
file in less time and does not have to wait for the time required to

S
pull the entire file. After the entire file is retrieved, it is stored in
the cache and the user has the advantage of wire-speed I/O rates.
‰‰ Intelligent pre-fetching algorithms: CSG must monitor read pat-
IM
terns and intelligently pre-fetch data from the cloud to the cache
before the user requests the data. It must use the read history to
establish a pattern to predict what the user may request next and
proactively fetch the data into the cache. CSG must measure its
success rate and regulate its algorithm in real-time to improve
cache hit rates.
M

‰‰ Caching time periods: Some CSGs allow users to set up a cach-

ing time duration. In other cases, it must be aggressive in remov-
ing old-cached data in preference to newly cached data. Smaller
cache-time-period provides enough space to store all the newly
N

written data and read-ahead content and metadata.

‰‰ Synchronous snapshots: CSG must take a synchronous snapshot
of the user file tree and data. This is an instantaneous, sub-second
picture of the customer’s file system at a particular instant. It al-
lows the CSG to identify new and modified data, which are tagged
as dirty and moved to the cloud.
‰‰ Data replication process: CSG must have an efficient data trans-
fer mechanism. Ideally, it must split files into chunks, as shown in
Figure 9.12:

Original
data
Chunked Deduplicated Compressed Encrypteded
data

CSG with cache

Figure 9.12: Use of CSG to copy and save data in a cloud

NMIMS Global Access - School for Continuing Education

220 Cloud Computing

n o t e s

The data must be de-duplicated, compressed, and encrypted before

sending it to the cloud. De-duplication reduces the amount of data
that must be copied to the cloud. Compression reduces storage and
bandwidth utilisation, and hence the fees to the cloud provider.
‰‰ End-to-end encryption: This protects data from being read by
unauthorised users and hackers. The CSG must use strong data
encryption for the content as well as the metadata. The encryption
algorithm must use random keys to avoid anyone from intercept-
ing a series of encrypted data and reverse-engineering the keys.
Someone intercepting any data should not be able to decipher any
content or metadata.
‰‰ Secure channels: Ideally, the data in transit between the CSG and
the cloud is double encrypted; it is encrypted before it is transmit-
ted and also when it is sent over a Virtual Private Network (VPN)

S
tunnel to the cloud. At the other end of the VPN tunnel, the cloud
provider’s employees cannot decipher the data, because it is en-
crypted.
IM
‰‰ Data compression: It helps reduce bandwidth and storage space
utilisation.
‰‰ CSG tuning parameters: The CSG must allow its administrator to
tune certain parameters such as maximum bandwidth utilisation
during certain time periods and cache push intervals. For example,
if the cloud bandwidth utilisation is high from 10 a.m. to 12 a.m.,
M

the CSG can be regulated to use a maximum of 10 kbps during

that time interval. A CSG can be tuned to create new instances of
virtual machines and data copies to meet peak loads in real-time.
N

self assessment Questions

14. A CSG could be in the form of a hardware appliance with a

________ that can be installed within your corporate office or
data centre.

Activity

Research and enlist the benefits of using the CTERA cloud storage
gateways.

9.11 CLOUD FIREWALL

A cloud firewall is a network firewall appliance, explicitly built to work
with other cloud-based security solutions. It serves the same purposes
as traditional firewalls, but it is different from a traditional firewall in
the following three aspects:

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  221

n o t e s

‰‰ Scalability:Cloud firewalls can scale with the increase in the cus-

tomer’s bandwidth. If any configuration changes are done in hard-
ware, they have to be made transparent to the customers.
‰‰ Availability: Cloud firewall providers provide extremely high
availability of cloud services using an infrastructure having back-
up plans in case of a site failure.
‰‰ Extensibility: Cloud firewalls are available in locations from where
the network manager can offer a secure communications path.

self assessment Questions

15. A cloud firewall is a _______ firewall appliance, explicitly built

to work with other cloud-based security solutions.

S
Activity

Enlist the points that help you to replace your traditional firewall
IM
with a cloud firewall.

9.12 VIRTUAL FIREWALL

A VF is a network firewall service executing completely inside a vir-
tualised environment. It provides the usual packet filtering and mon-
M

itoring processes like a physical firewall. Virtual firewalls provide an

easy way to decrease investment expenses by consolidating multiple
logical firewalls onto a single platform. Depending on the point of de-
ployment, virtual firewalls can operate in two different modes, namely
N

bridge mode and hypervisor mode.

In the bridge mode, the firewall acts like a physical firewall that works
with a physical or virtual switch to intercept network traffic destined
for other network segments.

In the hypervisor mode, the firewall service resides in the virtualisa-

tion hypervisor, where it can capture, monitor, and filter all the activi-
ties of all the virtual machines and logical resources.

self assessment Questions

16. Virtual firewalls provide an easy way to decrease investment

expenses by consolidating multiple logical firewalls onto
a single platform. (True/False)

Activity

Determine the information about virtual firewall appliance and

prepare a report on it.

NMIMS Global Access - School for Continuing Education

222 Cloud Computing

n o t e s

9.13 APPLICATION SECURITY IN THE CLOUD

The delivery models, such as IaaS, PaaS or SaaS (IPS) brought se-
curity threats that the applications have never faced when they were
hosted within an organisation’s Intranet. The openness, multi-tenan-
cy, easy access to public, and flexibility of the cloud bring in a new
set of threats and challenges. An example is data confidentiality. An
application that lies within the corporate firewall and is accessible to
a limited number of users may not require encryption between the
storage systems, servers, and user clients.

However, in a cloud, strong encryption is required for data at rest and

in transit. There are two key flaws that lead to application security
problems, which are as follows:
‰‰ Flaws in cloud APIs and development tools: Cloud providers of-

S
fer a set of APIs for customers. These tools help them integrate
cloud applications to their internal services and processes. For ex-
ample, they can be used to configure login for all cloud activities
IM
and extend and use their internal identity user authentication pro-
cesses for cloud applications. The security mechanism for cloud
applications must be flexible and easy to manage. It should be eas-
ily scalable to accommodate more applications and users.
A Web Application Firewall (WAF) is typically used to protect and
secure Web applications. A WAF is a hardware appliance or a soft-
M

ware program that applies a set of rules to data transfer for Web
applications. It protects against common attacks, such as Cross-
Site Scripting (XSS) and Structured Query Language (SQL) injec-
tion. The rules can be customised to protect against more threats.
It should not be limited by hardware boundaries but readily scale
N

across CPUs, computers, server racks, and data centres. It must

also be customisable to meet the needs of different cloud users and
customers. Such an implementation of WAF is called distributed
WAF (dWAF).
It must meet other cloud requirements, such as the ability to pro-
tect a mixed environment of virtual and physical machines, inte-
grate with the cloud services that have minimal disruption, and be
compatible with a wide range of IT platforms and environment.
‰‰ Flaws in application architecture: Within a cloud, applications
have a greater dependency on other systems, such as the Identi-
ty Management (IdM) system, databases, and encryption system.
The dependency is due to the multi-tenancy where the IT infra-
structure is shared with other applications, users, and customers.
The various applications hosted on the cloud belong to the cloud
provider (in case of SaaS) or to the customers (in IaaS and PaaS
environment). This is different from a dedicated infrastructure or
one-server-per-application model, common in traditional infra-

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  223

n o t e s

structure. For example, in a cloud, all storage resources are sep-

arate from servers. While this improves storage management and
scalability, applications need to consider that all executable config-
urations and log files need to be stored remotely. They need to en-
crypt all the data because the data path and resources are shared.

9.13.1  SECURITY CONTROLS

Security controls can be defined as counter-measures used for pre-

venting or responding to security threats and reducing or avoiding
risk. The details of using these security controls are contained in the
security policy, which comprises the set of rules and practices stating
the ways of implementing a system, service or security plan for pro-
tecting significant and sensitive IT resources. There are many types
of security controls that exist in cloud architecture. Some of these are

S
as follows:
‰‰ Deterrent controls: Refer to controls that are used for reducing
the attacks on cloud system. These controls acts a warning sign,
IM
which means they reduce the level of threat by providing warning
to the potential attackers that they may face adverse consequences
if they continue to proceed.
‰‰ Preventive controls: Refer to controls which are used to enhance
the strength of the cloud system against incidents not by com-
pletely eliminating the vulnerabilities but by reducing them. Im-
M

plementing strong authentication to cloud users makes it difficult

for unauthorised users to access cloud systems and identify cloud
users.
‰‰ Detective controls: Refer to controls for detecting and reacting
N

properly to any incidents that may occur in future. In case of an

attack, the detective control sends signals to the preventative or
corrective controls for addressing the issue. Monitoring of systems
and network security, which includes intrusion detection and pre-
vention measures, can detect occurrence of attacks on cloud sys-
tems and support communication set-up.
‰‰ Corrective control: Refer to controls that are used for reducing
the impact of an incident, generally by controlling the damage.
These controls often play their role during or after an incident.
Restoring system backups for rebuilding an attacked system is an
instance of a corrective control.

9.13.2  SECURITY MECHANISMS

As discussed earlier, the counter-measures are generally stated in

terms of security mechanisms. These mechanisms comprise a defen-
sive framework, which is used for protecting IT resources, data or
services. There exist different types of security mechanisms used in
cloud security, some of which are as follows:

NMIMS Global Access - School for Continuing Education

224 Cloud Computing

n o t e s

‰‰ Encryption: Refers to the mechanism of converting plain text into

a format that cannot be read easily if intercepted during transmis-
sion. When data is transmitted over the cloud network, it can be
accessed and read by the attackers. Therefore, encryption mecha-
nism is used to convert the data before transmitting it on the net-
work from source in the encrypted format and converts it into the
plain text again at the destination.
‰‰ Hashing: Refers to the one-way mechanism which is used when
one-way and non-reversible form of data is needed. When the
hashing mechanism is applied on a message, it gets locked and no
key is given to unlock the message. Hashing technique is generally
used for storing passwords.
‰‰ Digital signature: Refers to the mechanism used for providing
authenticity and integrity of data. A digital signature has been as-

S
signed to a message which is being transmitted and considered in-
valid if the message is modified or altered during the transmission.
‰‰ Public Key Infrastructure (PKI): Refers to a mechanism which
IM
exists as a set of rules, protocols, data formats and practices en-
abling the large-scale systems to use the public key cryptography
securely. This mechanism relies mainly on using the digital certif-
icates that can be defined as the digitally signed data structures
used for binding the public keys with identities of certificate own-
er and associated information like validity periods.
M

‰‰ Single Sign-On (SSO): Refers to a mechanism in which the au-

thentication of the user is done at a single instance whenever he/
she enters login information to access a cloud service. This infor-
mation is further used for authenticating the same consumer when
he wants to use other cloud services on the cloud. This mechanism
N

removes the need of entering the login information of the same

consumer again and again whenever the consumer wants to ac-
cess the different services on the cloud.

9.13.3  SECURITY POLICIES

A security policy is used for establishing a set of rules and regulations

related to security of application or services. Moreover, security pol-
icies also further outline about the implementation and enforcement
of these rules and regulations. For instance, the determination of po-
sitioning and utilisation of security controls and mechanisms is done
by security policies.

A carefully created security policy for cloud consumers and providers

helps them in identifying the actions which they can perform while
using the applications or services in cloud. A well-drafted security pol-
icy also saves time of cloud providers spent in managing the cloud.
Generally, the security policy for cloud should contain the following
points:

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  225

n o t e s

‰‰ Itshould contain the information about the service providers

whether it can host Software as a Service (SaaS), Platform as a
Service (PaaS), or Infrastructure as a Service (IaaS).
‰‰ It should tell whether the cloud is public or private.
‰‰ It
should describe how much control the consumer has over hard-
ware, software and operating systems.
‰‰ Itshould describe how threshold policies requested by the user,
resource and data can be applied to each type of cloud service.

In order to satisfy demand of consumer, all providers must provide the

copy of the policies. The consumers must be encouraged by the cloud
service-providers for sending questions related to security that must
be resolved or negotiated at the end of cloud provider before the con-
sumer subscribes or rent the particular type of cloud service.

S
self assessment Questions
IM
17. ________ controls are used for reducing the impact of an
incident, generally by controlling the damage.

Activity

Research and enlist the security aspects for applications developed

M

in an IaaS environment.

9.14 SUMMARY
N

‰‰ An organisation must ensure the protection, privacy, governance,

and accessibility of all its important resources whether they are
using the private or public cloud.
‰‰ The organisation includes various built-in applications and data
level protections in their software application and must consider
security services for both the application and the infrastructure.
‰‰ Cloud security is a big concern, and, therefore, the standards and
organisations have been developed to make sure that the right
controls, procedures, and technologies are in place to protect the
corporate assets.
‰‰ Threatrefers to an action that might cause harm to the security of
networks or information systems.
‰‰ Traffic eavesdropping is a process of listening or overhearing the
entire or parts of a data by unauthorised gathering process of in-
formation while it is being transferred within or across clouds.

NMIMS Global Access - School for Continuing Education

226 Cloud Computing

n o t e s

key words

‰‰ Ciphertext: Refers to the encrypted data in cloud by using an

algorithm and a key.
‰‰ Cloud firewall: Refers to a network firewall appliance, explicit-
ly built to work with other cloud-based security solutions.
‰‰ Symmetric encryption: Refers to encryption technique that
uses a shared secret key to encrypt as well as decrypt data.
‰‰ Trusted attacker: Refers to a type of attacker that has a de-
tailed knowledge of internal functioning of the cloud.
‰‰ Threat: Refers to the illegal activity that can cause damages,
such as loss of information and data corruption to the cloud pro-
vider organisation.

S
9.15 DESCRIPTIVE QUESTIONS
IM
1. What do you understand by a threat? Discuss different types of
threats that exist in cloud.
2. List and explain different types of challenges related to cloud
data.
3. Describe the challenges related with data security in cloud.
4. Explain the concept of data confidentiality and encryption in
M

detail. Also discuss the different types of encryption techniques.

5. Explain data availability in the cloud.
6. Describe data integrity in cloud computing.
N

7. Discuss how cloud firewall is different from traditional firewall.

9.16 ANSWERS AND HINTS

ANSWERS FOR SELF ASSESSMENT QUESTIONS

Topic S. No. Answers

Basic terms and concepts 1 b.  Biometric systems
2. Cracker
Threats in cloud security 3. Eavesdropping
4. Denial of Service (DoS)
Challenges with cloud data 5. True
6. Disaster Recovery
Challenges with data security 7. Spoofing
8. True
Data confidentiality and encryption 9. ciphertext

NMIMS Global Access - School for Continuing Education

 Securing the Cloud  227

n o t e s

Topic S. No. Answers

10. False
Data availability 11. availability
Data integrity 12. Role
Cloud data management interface 13. True
Cloud storage gateways (CSGs) 14. cache
Cloud firewall 15. network
Virtual firewall 16. True
Application security in the cloud 17. Corrective

HINTS FOR DESCRIPTIVE QUESTIONS

1. A threat is an illegal activity that can cause damages, such as
loss of information and data corruption to the cloud provider

S
organisation. Refer to Section 9.3 Threats in Cloud Security.
2. The different types of data-related challenges are Data
Redundancy, Disaster Recovery, etc. Refer to Section
IM
9.4 Challenges with Cloud Data.
3. Due to inherent multi-tenancy and ease of access within a cloud,
the data is subjected to various security risks, which continues to
be a serious concern. Refer to Section 9.5 Challenges with Data
Security.
M

4. Data confidentiality in the cloud is a way to protect data or

messages from being understood or used by unintended users or
tenants of the cloud. Refer to Section 9.6 Data Confidentiality
and Encryption.
N

5. After security and quality of service, another big concern is data

availability. Refer to Section 9.7 Data Availability.
6. The encrypted data in the cloud must not be intercepted or
modified by unauthorised parties while it is in transit or at rest.
If it gets modified, users are unable to trust the content. In other
words, the data is invalid and lacks integrity. Refer to Section
9.8 Data Integrity.
7. A cloud firewall is a network firewall appliance, explicitly built to
work with other cloud-based security solutions. Refer to Section
9.11 Cloud Firewall.

9.17 SUGGESTED READING & REFERENCES

SUGGESTED READING
‰‰ Deka, G. C., & Bakshi, S. (2015). Handbook of research on securing
cloud-based databases with biometric applications. Hershey, PA:
Information, Science, Reference.

NMIMS Global Access - School for Continuing Education

228 Cloud Computing

n o t e s

‰‰ Das, S.K., Kant, K., & Zhang, N. (2012). Handbook on securing

cyber-physical critical infrastructure: foundation and challenges.
Waltham, MA: Morgan Kaufmann.

E-REFERENCES
‰‰ Velazquez, M. (n.d.). Securing the Cloud. Retrieved March 27, 2017,
from https://f5.com/resources/white-papers/securing-the-cloud
‰‰ How to Secure Cloud Computing – Information Security Maga-
zine. (n.d.). Retrieved March 27, 2017, from http://searchsecurity.
techtarget.com/magazineContent/How-to-Secure-Cloud-Comput-
ing
‰‰ Henry, A. (2014, September 10). The Start-to-Finish Guide to Se-
curing Your Cloud Storage. Retrieved March 27, 2017, from http://
lifehacker.com/the-start-to-finish-guide-to-securing-your-cloud-

S
IMstorag-1632901910
M
N

NMIMS Global Access - School for Continuing Education

 C h
10 a p t e r

MOBILE CLOUD-COMPUTING

CONTENTS

S
10.1 Introduction
10.2 Definition of Mobile Cloud Computing
IM
Self Assessment Questions
Activity
10.3 Architecture of Mobile Cloud Computing
Self Assessment Questions
Activity
10.4 Benefits of Mobile Cloud Computing
M

10.4.1 Extended Lifetime of the Battery

10.4.2 Improved Data Storage Capacity and Processing Power
10.4.3 Improved Reliability
Self Assessment Questions
N

Activity
10.5 Mobile Cloud Computing Challenges
10.5.1 Challenges at Cloud End
Self Assessment Questions
Activity
10.6 Computing in Mobile and at Cloud Shield
Self Assessment Questions
Activity
10.7 Summary
10.8 Descriptive Questions
10.9 Answers and Hints
10.10 Suggested Readings & References

NMIMS Global Access - School for Continuing Education

230  Cloud Computing

Introductory Caselet
n o t e s

NETMAGIC SOLVED THE WEB SECURITY AND MONITORING

CONCERN OF STAR HEALTH AND ALLIED INSURANCE
COMPANY LIMITED

Star Health and Allied Insurance Company Limited is a world-

class healthcare insurance service provider. It offers unique
health, accident and travel insurance all over India. It was found-
ed in 2006 with an aim to provide exceptional health insurance,
oversee the Mediclaim policy and accident claims. It provides var-
ious health insurance products that are affordable to its custom-
ers.

The company used to provide the data card to its insurance agents
to access Internet for the business purposes. The data card usage
for accessing Internet was quite high and, therefore, the compa-

S
ny had to pay huge bills of Internet of their agents. Because of
this, the company felt the need of monitoring the Internet usage of
their agents. Although the data card provider company had pro-
IM
vided Unified Threat Management (UTM) box for filtering and
monitoring the data accessed by the agents, but it was working
as per the expectation of the company. In fact, the company also
wanted to monitor how much time their agent spends on the In-
ternet for official work and their personal work.

Apart from that, the company was also concerned about the secu-
M

rity issues while accessing the Internet. Moreover, another issue

that company was facing is that it would not be able to monitor
the sites which its agents were accessing. The company also want-
ed that its agents would not be able to access or download those
N

contents which are prohibited under the Indian Law. For this pur-
pose, the company had blocked a few sites over its LAN, but there
was no way to control agents accessing Internet using the data
card. In other words, it was very difficult for the management to
monitor and control the usage patterns of the data card. Finally,
the company decided to outsource the monitoring, security and
usage of the Internet to the leading IT security service provider
called Netmagic.

Netmagic provided the SaaS model of cloud computing called

Webcontrol to the Star Health and Allied Insurance. Webcontrol
enhanced the monitoring and reporting facility related to the In-
ternet. It also provided a scalable and flexible solution to the com-
pany. The insurance company now monitors the Internet usage of
its agent through Webcontrol that leads to significant cost saving.
Webcontrol has also increased the visibility on the data card us-
age pattern of agents which leads to improvement in their pro-
ductivity and efficiency. Webcontrol has also helped the company
in curtailing its costs and enforcing content-filtering policy for all
departments and locations of the company.

NMIMS Global Access - School for Continuing Education

 MOBILE CLOUD-COMPUTING  231

Introductory Caselet
n o t e s

The insurance company is now able to concentrate on its core

business as it does not have to worry about the legal issues that
could have arisen due to the access of some unauthorised web-
sites by its agents.

S
IM
M
N

NMIMS Global Access - School for Continuing Education

232  Cloud Computing

n o t e s

learning objectives

After studying this chapter, you will be able to:

>> Explain mobile cloud computing
>> Discuss the architecture of mobile cloud computing
>> Describe the benefits of mobile cloud computing
>> Explain the challenges of mobile cloud computing
>> Discuss computing in mobile and at cloud shield

10.1 INTRODUCTION
Mobile devices, such as cell phones, tablets, and laptops have become
an integral part of human life over the years. These devices offer

S
various advantages and are proving to be an excellent platform for
communication, learning, and research. They also erase the barriers
of time and distance by allowing people to connect with one another
IM
anytime and anywhere, effortlessly.

Mobile computing refers to the use of small-sized handheld mobile

devices for running or accessing standalone or remote applications
through a wireless network. Mobile computing has resulted in the
development of smart features and mobile applications that greatly
M

enrich user experience. However, it suffers from some notable lim-

itations, such as bandwidth, security, memory, and battery life. These
limitations need to be removed to make mobile computing a truly ef-
fective means of communication.
N

The emergence of cloud-computing technologies has provided a great

boost to the infrastructure of the next generation of computing. In re-
cent years, cloud computing has been providing excellent services in
terms of software, infrastructure, computing platforms, and resources.
These services are convenient and economical since the user needs to
pay only for the services he/she has actually used. This arrangement
also minimises the role of the service provider. Another benefit of the
cloud is that you do not need to worry about managing resources or
applications. You can upload your applications quickly with the help
of cloud computing for users to install and run them on their mobile
devices.

The association of mobile-computing technology with cloud-comput-

ing services has given birth to a term that is now well known as Mobile
Cloud Computing (MCC). While mobile devices and applications have
become an integral part of our lives, cloud services have helped mo-

NMIMS Global Access - School for Continuing Education

 MOBILE CLOUD-COMPUTING  233

n o t e s

bile-computing technology to evolve further. In simple terms, MCC is

the integration of the mobile-computing environment with the cloud-
computing services. This integration provides the full advantage of
cloud-computing technology to mobile users. As a result, new types of
services and facilities are now accessible to mobile users.

In this chapter, you will study about mobile cloud computing. You will
also learn about the architecture of mobile cloud computing. In addi-
tion, you will also study about the benefits of mobile cloud computing.
You will also study about the challenges of mobile cloud computing.
Towards the end of the chapter, you will study about computing in
mobile and at cloud shield.

DEFINITION OF MOBILE CLOUD

10.2
COMPUTING

S
With the development of cloud computing, the use of the technology
in MCC was inevitable. MCC has attracted the attention of entrepre-
IM
neurs, mobile users, and researchers alike. While business organisa-
tions find MCC profitable since it cuts down the cost of developing
and running mobile applications, mobile users find MCC attractive as
it provides them an economical way of accessing various mobile ser-
vices. For researchers, MCC is a source through which powerful and
promising green IT solutions can be obtained.
M

MCC has found different applications across diverse fields. This has
led to MCC being defined in different ways by different people and
organisations.
N

According to Mobile Cloud Computing Forum, MCC “refers, at its sim-

plest, to an infrastructure where both the data storage and the data pro-
cessing happen outside of the mobile device. Mobile cloud applications
move the computing power and data storage away from mobile phones
and into the cloud, bringing applications and mobile computing to not
just smartphone users but a much broader range of mobile subscribers”.

Another definition, this time by National Institute of Standards and

Technology (NIST), describes MCC as “a model for enabling conve-
nient, on-demand network access to a shared pool of configurable com-
puting resources (e.g. networks, servers, storage, applications, and
services) that can be rapidly provisioned and released with minimal
management effort or service provider interaction”.

A typical MCC environment is shown in Figure 10.1:

NMIMS Global Access - School for Continuing Education

234  Cloud Computing

n o t e s

Servers and
VMs

Internet (Cloud)

Wireless Access Point

radio tower

Mobile
devices

Figure 10.1: Mobile Cloud Computing Environment

S
As you can see in Figure 10.1, Virtual Machines (VMs) are provided on
the cloud and they can be accessed by mobile devices through wire-
less access points.
IM
MCC, in general terms, can be treated as a new paradigm for mobile
application users. They can now access the powerful cloud platform,
which makes use of centralised remote servers and other physical re-
sources. Once in the cloud, mobile users can use their devices to ac-
cess applications developed and deployed at a centralised location, by
using Web browsers or through a native thin client connected in the
M

wireless mode.

MCC combines the two most powerful technologies, mobile Web com-
puting and cloud-computing services. MCC is a technology that pro-
vides access to the best resources and applications by using mobile
N

devices without requiring powerful configurations. Cloud-computing

services are able to handle complicated modules efficiently, allowing
users increased storage space and processing power.

self assessment Questions

1. MCC is the integration of the mobile-computing environment

with the cloud-computing services. (True/False)
2. ___________ is a source through which powerful and promising
green IT solutions can be obtained.

Activity

Explore the Internet and find out how cloud computing can be used
to access the applications and services available on the Internet.

NMIMS Global Access - School for Continuing Education

 MOBILE CLOUD-COMPUTING  235

n o t e s

ARCHITECTURE OF MOBILE CLOUD

10.3
COMPUTING
Mobile computing, together with cloud computing, offers various op-
portunities for cloud-service providers, mobile users, application de-
velopers, and other stakeholders. The architecture of MCC can be ex-
plained from the concept discussed in the previous section. A simple
MCC architecture is shown in Figure 10.2:

Mobile network A

Mobile Network
Service Data centre owners or
Satellite cloud service providers

Database

HA

S
Access Servers
Point AAA
Central
Processors Cloud Computing

BTS
Mobile
devices
IM
Internet

Cloud Cloud
controller controller
Mobile network B Data centre
Data centre
Mobile Network Cloud A Cloud B
Service
Satellite

Database

HA
Access
M

Servers
Point AAA
Central
Processors

BTS
Mobile Application
devices servers

Internet service
N

Mobile users Network operators providers (ISPs) Application service providers

Figure 10.2: Mobile Cloud Computing Architecture

As you can see in Figure 10.2, base stations connect mobile devices to
network services used by mobile devices. These base stations can be
Base Transceiver Stations (BTs), access points, or satellites. They are
used for establishing and controlling the connectivity and functional
interfaces required for communicating between the mobile devices
and the networking services.

Central processors connected to mobile network servers receive in-

formation as well as requests made by mobile device users. Services
can be provided to the users by network operators in the form of AAA
(that is, Authentication, Authorisation, and Accounting). Home Agent
(HA) and subscriber data are the basis of the mobile network services
provided by the operators.

A cloud receives the requests from subscribers over the Internet. The
requests made by mobile users are processed by the cloud controllers

NMIMS Global Access - School for Continuing Education

236  Cloud Computing

n o t e s

who then provide them the requested cloud services. Utility comput-
ing, virtualisation, and service-oriented architecture form the basis
for the development of cloud services.

When it comes to the architecture of cloud computing, it may vary

according to the context. For example, we can compare cloud com-
puting and grid computing by using a four-layer cloud architecture.
Another example of cloud-computing architecture is the service-ori-
ented architecture called Aneka, which is used in developing .NET
applications. Various Application Programming Interfaces (APIs) and
models are available for developing applications with service-oriented
architecture.

There is also an architecture that is used for market-oriented cloud

creation or for the services delivered through the Web for organisa-
tions. A typical cloud-computing-layered architecture is shown in Fig-

S
ure 10.3:
IM
SaaS : Software as a Service

PaaS : Platform as a Service

IaaS : Infrastructure as a Service

M

Data Centres
N

Figure 10.3: Layered Architecture for Cloud Computing

Generally, a cloud can be described as a large-scale network consist-

ing of distributed systems. The distributed systems are based on var-
ious servers that are connected to data centres. The classification of
the services offered in the cloud-computing paradigm is done on the
basis of layers (Figure 10.3). The lowest layer is the data centre and the
layers above this layer are Infrastructure as a Service (IaaS), Platform
as a Service (PaaS), and Software as a Service (SaaS), respectively.

The various layers of the cloud-computing architecture shown in Fig-

ure 10.3 can be described as follows:
‰‰ Data centre: Refers to the layer that provides the infrastructure
and hardware facilities to the cloud. A high-speed network links
many servers together to the data centre layer so that the user is
provided the required services without any delay or interruption.
Locations that are not prone to disasters and provide stable power
supply are ideal locations for data centres.

NMIMS Global Access - School for Continuing Education

 MOBILE CLOUD-COMPUTING  237

n o t e s

‰‰ IaaS: Refers to the layer on top of the data centre layer. This layer
facilitates the clients to store servers and hardware components.
You need to pay for only the services you use. Also, you can expand
or shrink the infrastructure dynamically. This is particularly use-
ful when your requirements change with time. Amazon’s Simple
Storage Service (S3) and Economic Compute Cloud (EC2) are two
examples of IaaS.
‰‰ PaaS: Refers to an advanced environment that enables you to
build, test, and deploy custom applications. This environment
provides integration facilities, especially during the development
stage. Some examples of PaaS include Azure from Microsoft, Goo-
gle Apps Engine from Google, and MapReduce/S3 from Amazon.
‰‰ SaaS: Refers to the layer that supports the software applications
that have specific requirements of their own. Users use the Inter-

S
net to access applications available on this layer from remote lo-
cations. Similar to IaaS, the users need to pay according to their
usage. Examples of SaaS include Microsoft’s Live Mesh and Sales-
force.
IM
The division of cloud computing into the four layers as discussed
above is only a simple abstraction of the vast cloud-computing con-
cept. Therefore, it does not mean that the top layer has to be built
directly on the layer beneath it. For example, you can deploy your
SaaS applications on IaaS straightaway without PaaS coming into the
M

picture. In addition, some of the services can be a part of more than

one layer. Storing data as a service, for example, can be a part of IaaS
and PaaS. The layered model of the cloud-computing architecture ex-
plains the flexibility and efficiency that users can experience in using
cloud services.
N

self assessment Questions

3. Which of the following layers provides the infrastructure and

hardware facilities to the cloud?
a. Data centre
b. PaaS
c. SaaS
d. IaaS
4. Services can be provided to users by network operators in the
form of ___________.

Activity

Explore the Internet and find out which architecture is used for
market-oriented cloud creation or for the services delivered through
the Web for organisations.

NMIMS Global Access - School for Continuing Education

238  Cloud Computing

n o t e s

BENEFITS OF MOBILE CLOUD

10.4
COMPUTING
Mobile computing has been benefitted immensely by the cloud-
computing services. The benefits of MCC are:
‰‰ Extended lifetime of the battery
‰‰ Improved data storage capacity and processing power
‰‰ Improved reliability

10.4.1 EXTENDED LIFETIME OF THE BATTERY

One of the biggest concerns about mobile computing is the battery life
of mobile devices. Cloud services are used with the mobile environ-

S
ment in order to reduce power consumption significantly. The cloud
helps in this aspect by providing intelligently developed solutions to
enhance the performance of the Central Processing Unit (CPU), man-
age disk storage, and adjust the size of the screen. These solutions,
IM
however, require some changes to be made in the structure of mobile
devices or inclusion of new hardware components into the devices.
This may incur some cost and may also not be feasible for all devices.
One way of reducing power consumption is through the use of the
computation offloading technique. In this technique, the computa-
tional tasks are migrated from devices with limitation of resources to
M

the systems having sufficient resources.

Several experiments have been conducted to check the effectiveness

of remote application execution. It has been observed that large com-
putations involving numbers may save up to 45% of energy, if run re-
N

motely. Various applications running on mobile devices can benefit by

using remote execution.

10.4.2 IMPROVED DATA STORAGE CAPACITY AND

PROCESSING POWER

Mobile devices can store a limited amount of data. Unfortunately, this

is also one of the major limitations of these devices. With the help of
MCC, however, this limitation is no longer an issue. MCC allows you
to store huge data on the cloud with the help of wireless networking.
For example, Amazon’s S3 allows you to store large files online. Im-
age Exchange is another example where mobile users make use of the
storage space provided by the cloud. Users can use Image Exchange
to share photos instantly through the cloud. This allows the users to
save a lot of battery power and storage space in their devices. Flickr,
ShoZu, and Facebook are some popular and successful mobile appli-
cations that use cloud for sharing photos.

NMIMS Global Access - School for Continuing Education

 MOBILE CLOUD-COMPUTING  239

n o t e s

Running applications involving intensive computations on mobile de-

vices take a long time and energy, which may increase the cost to run
these applications. You can cut down on this cost by using MCC. Cloud
computing provides an efficient way to manage and synchronise mul-
tiple documents online. Therefore, cloud computing can manage
different data warehousing tasks simultaneously. Some examples of
the data-warehousing tasks are using cloud for transcoding, playing
chess, or broadcasting multimedia services to mobile devices. In such
cases, complex calculations are processed quickly. While it could take
a long time for mobiles to perform these calculations, cloud does them
quickly. In addition, using the cloud in such cases also solves the stor-
age issue because all the data is stored on the cloud instead of the
mobile devices.

10.4.3  IMPROVED RELIABILITY

S
MCC allows vast amounts of data from mobile devices to be stored on
the cloud. In addition, you can run various applications on the cloud.
This invariably helps in improving the reliability of the mobile devic-
IM
es. For example, to avoid any chances of data or application loss, nu-
merous distributed computers are used for backing up the data.

Apart from reliability, the MCC model provides data security to ser-
vice providers and users. An example of data security on the cloud is
the protection of digital content with a copyright against unauthorised
M

distribution. This content may be in the form of images, videos, or au-

dio files. Scanning for viruses, detecting malicious code, and authen-
ticating users are services that can be provided to the users of mobile
devices remotely in the cloud.
N

The following are some additional advantages of MCC for mobile ser-
vices:
a. Dynamic provisioning: Resources are provided dynamically,
whenever required. Therefore, service providers and users do
not need to book them beforehand.
b. Scalability: The flexible provision of resources helps developers
to deploy and scale mobile applications for meeting the
unpredictable demands of the users. Service providers have
the facility to add and expand applications and services easily
without resource-usage constraints.
c. Multi-tenancy: Sharing of cost among multiple service providers
helps to provide various applications to a large number of users.
d. Ease of integration: MCC permits easy integration of multiple
services from different cloud service providers through the cloud
and the Internet services. In this way, MCC is able to meet the
demands of the mobile and cloud users.

NMIMS Global Access - School for Continuing Education

240  Cloud Computing

n o t e s

self assessment Questions

5. Cloud computing cannot manage different data warehousing

tasks simultaneously. (True/False)
6. MCC permits easy integration of multiple services from
different cloud service providers through the cloud and the
Internet services. (True/False)

Activity

Explore the Internet and find out the various options to share pho-
tos instantly through the cloud.

MOBILE CLOUD COMPUTING

S
10.5
CHALLENGES
As stated earlier, mobile cloud computing is the integration of the mo-
IM
bile computing environment with cloud computing services. As such,
there are challenges at both the mobile end and the cloud end.

10.5.1  CHALLENGES AT MOBILE END

The challenges associated with MCC at the mobile end are as follows:
M

‰‰ Network latency and limited bandwidth: Bandwidth limitation

is one of the main issues with MCC. This is because there are few-
er radio networks than wired networks. Bandwidth limitation can
be overcome by sharing the bandwidth. Mobile device users liv-
ing in a particular location and using the same content can share
N

the bandwidth among themselves. Another solution for overcom-

ing the bandwidth issue is to distribute data. This allows users to
determine the time and portion of bandwidth they want to share
from particular networks.
‰‰ Service availability: The availability of services is a big issue for
cloud computing on mobile devices through wireless networks
rather than on other computing devices through wired networks.
Traffic congestion, failure of networks, and no signal on mobile
devices play a part in preventing mobile users from using cloud
resources. You can overcome the issue of unavailability by finding
stable neighbouring nodes through the discovery method, which
allows you to remain connected to a network. The neighbour node
would help you to connect to the cloud without being directly asso-
ciated with it. This, however, ignores the points of mobility, neigh-
bouring devices’ privacy, and device compatibility.
A different solution for overcoming the issue of unavailability is
creating a multi-hop networking system with the help of Wi-Fi and
a protocol for distributed sharing of content. In a multi-hop net-

NMIMS Global Access - School for Continuing Education

 MOBILE CLOUD-COMPUTING  241

n o t e s

working system, the mobility of the nodes in the vicinity of the

user is taken into consideration. The status of each node is known
to all other nodes due to the periodic broadcasting of the status in-
formation by every node through messages. The messages suggest
that a list of neighbouring nodes and a list of contents should be
maintained by each of the nodes. The nodes estimate the role lev-
els of other nodes on the basis of disk space, bandwidth, and power
supply. After estimating the role levels, the nodes with the shortest
path of the hop length and the highest role level are chosen as the
immediate nodes for receiving content.
The security issues for the clients using mobile devices are also
considered in this solution. Sharing of information requires use
of the account key for authentication and encryption of content,
friend key for securing the channel between two friend nodes, and
content key for protecting access control.

S
‰‰ Heterogeneity of platforms, devices, and service providers: An-
other issue at the mobile end of MCC is heterogeneity. There are
so many platforms, types of mobile devices, and service providers
IM
that are offering wireless networking services. Therefore, han-
dling the issue of heterogeneity is very crucial and extremely chal-
lenging in MCC.

Several solutions to overcome the issue of heterogeneity have been

proposed. One popular solution is to use Context Management Ar-
M

chitecture (CMA) for which Intelligent Radio Network Access (IRNA)

forms the base. A typical architecture based on IRNA is displayed in
Figure 10.4:
N

Synchronous
communication
Context Context
customer provider

Synchronous and
asynchronous Synchronous
communication communication

Context Broker Context

Requirements for History
context quality Context
Context
Quality
Caches
Enabler

Figure 10.4: Context Management Architecture based on IRNA

The problem regarding heterogeneous networks available for access

is effectively dealt by using the IRNA model. CMA is used for applying
IRNA in the MCC environment. The objective of this is the acquisi-
tion, management, and distribution of information.

NMIMS Global Access - School for Continuing Education

242  Cloud Computing

n o t e s

As shown in Figure 10.4, there are three main components of the CMA
architecture: context provider, context broker, and context consumer.
This architecture needs a context quality enabler so that the opera-
tions of other components can be facilitated.

In this architecture, whenever a user wants to communicate with the

context provider, the user will request for the context provider’s Uni-
form Resource Identifier (URI) through the context broker. This URI
will be used by the user to establish direct communication with the
context provider and to request for context data. This speeds up the
delivery of the context data.

After receiving the request for the context from a user, the context
quality enabler filters out the URIs of the context providers that do
not suit the required level of quality. Therefore, the CMA architecture
provides control over the quality of the context on the basis of the re-

S
quirements of a user.

10.5.2  CHALLENGES AT CLOUD END

IM
As stated earlier, mobile cloud computing involves challenges at both
the cloud end and the mobile end. The primary issues at the cloud
end include security, efficiency, and offloading the computation. The
computational task is migrated from resource-limited devices to re-
source-rich systems through the offloading. However, doing this has
its own limitations. Security is always a concern in the cloud. So,
M

maintaining data integrity and confidentiality are big issues in MCC.

Some of these issues at the cloud end are as follows:
‰‰ Computing offload: The technique of offloading computational
tasks from mobile devices to efficient remote servers saves com-
N

putational effort and energy of mobile devices. However, there are

challenges associated with the offloading technique on the cloud.
These challenges can be grouped into two categories, as follows:
a. Offloading in static environment: Various experiments have
shown that offloading of computational processes is not always
energy-saving. Small codes either consume more energy or are
costly in execution on remote servers compared to their execu-
tion on local mobile devices. Therefore, you need to determine
whether a computing task should be migrated or remain on the
local system.
Program partitioning strategies are derived to determine if
the migration is appropriate, but the strategies need addition-
al calculations to reach the optimal decision. The size of data
and the time required to execute the computational task are
taken into consideration to determine the appropriate decision
in almost all partitioning strategies. An effective strategy for
determining the decision is known as Automatic Distributed
Partitioning System (ADPS), also called Coign. This strategy

NMIMS Global Access - School for Continuing Education

 MOBILE CLOUD-COMPUTING  243

n o t e s

divides programs into distributed tasks automatically with-

out accessing the source code. A typical structure of ADPS is
shown in Figure 10.5:

Application
binary

Application Binary
binary rewriter

Profiling Instrumented Abstract ICC Network

scenarios binary data profiler

S
Profile Network
analysis data
IM
Binary Best
rewriter distribution

Distributed
application
M

Figure 10.5: ADPS Strategy for Program Partitioning

In Figure 10.5, you can see that an application converts to
a distributed application by adding the ADPS runtime, profil-
N

ing the instrumented application, and analysing the profiles

for cutting the network-based graph.
In most partitioning algorithms, the assumption is made that
all information regarding the execution of a program is known
beforehand, but in reality, it is difficult to accurately determine
the runtime for any computational execution.
b. Offloading in dynamic environment: Mobile devices and net-
works are associated with a number of continuous changes in
the environment. The changes in the environment and their
priority level for mobile computing are described in Table 10.1:

Table 10.1: Changes in the environment and

their priority level for mobile computing
Changes Priority Description
Level
Power level on 1 Depending on specific situations,
the client side power level can be set as sufficient or
insufficient.

NMIMS Global Access - School for Continuing Education

244  Cloud Computing

n o t e s

Changes Priority Description

Level
Status of the 2 The status of a mobile network can be
connection disconnected, re-connected, or faded.
Connection 3 Variation in bandwidth occurs at vary-
bandwidth ing times. Several factors are responsi-
ble for this variation.
The dynamic division of an application into a distributed ap-
plication can be done in three steps. These steps consider dif-
ferent requirements for dividing the given application. These
requirements are related to the structure of application, choice
of partitioning, and security.
The first step transforms the application to be executed on the
mobile device and cloud seamlessly and dynamically. For this,

S
the entire application needs to be available on both the mobile
side and the cloud side. During execution of the application, the
servicer decides which part of the code (after it is divided) is to
be executed on the client side and which on the cloud side. The
IM
next step involves selecting a partitioning choice that suitably
fits the situation and minimises the consumption of energy. In
the last step, the modules involving sensitive data are executed
locally, so that security issues can be sorted out. Considering
both the security and partitioning issues, this technique proves
fruitful in various cases, but the lack of accuracy makes it less
M

preferable.
Other efficient models have also been proposed to overcome
the concerns related to dynamic offloading, but this issue still
remains a challenge for MCC.
N

‰‰ Security: The security issues related to MCC involve various as-

pects for data and mobile users. These can be explained as follows:
a. Security for mobile users: Mobile users face challenges in-
volving application security and privacy of their data. Running
antivirus applications can help them avoid their applications
from getting corrupt, but the limitations of capacity and pro-
cessing power of a system are serious issues resulting in se-
curity threats. CloudAV proves to be a solution to overcome
security issues for applications.
In addition, the location-based services running through the
Global Positioning System (GPS) pose a security threat. This
issue can be addressed by the application called Location
Trusted Service (LTS), which does not involve private infor-
mation about the users.
b. Security of data on the cloud: Privacy is also a major issue
with mobile users. Issues related to integrity, authentication,
and management of digital rights come under data security on
the cloud. The key-based system and encryption techniques ef-
ficiently provide security to client data.

NMIMS Global Access - School for Continuing Education

 MOBILE CLOUD-COMPUTING  245

n o t e s

‰‰ Enhancing the efficiency of data access: With an increase in the

number of cloud services, the demand for accessing more and
more data resources also increase on the cloud. With the increased
pressure on data access services, it is important for cloud service
providers to derive new and efficient ways to provide faster and
enhanced access to data resources. E-Recall and Pocket Cloudlet
are some examples of the techniques developed for this. Another
example is the Random File System (RFS) architecture.
‰‰ Context aware mobile cloud services: The cloud is an efficient
way to access distributed content. However, users do not want to
waste time in searching for and accessing the resources they need.
In such cases, service providers must think about fulfilling the ex-
pectations of the mobile users by instantly providing them the ser-
vices they require. This will increase the satisfaction level of the
users and, as a result, the brand image of the service providers will

S
also improve. This is a big challenge for service providers.

Apart from the specific issues at the mobile end and cloud end, there
are several open issues also. Some of the open issues are listed as fol-
IM
lows:
1. Issue of seamless integration of the mobile and cloud computing
technologies
2. Issue of low bandwidth, which involves user mobility and the
increasing demands of mobile users.
M

3. Issue of handover in MCC

4. Issue of pricing mechanisms
5. Issue of standard interface
6. Issue of convergence of  services
N

self assessment Questions

7. The primary issues at the cloud end include security, efficiency,

and offloading the computation. (True/False)
8. Bandwidth limitation is one of the main issues with
___________.
9. Full form of RFS is ___________________.
10. The size of data and the time required to execute the
computational task are not taken into consideration to
determine the appropriate decision in almost all partitioning
strategies. (True/False)

Activity

Explore the Internet and find out how the issue of handover in
MCC can be solved.

NMIMS Global Access - School for Continuing Education

246  Cloud Computing

n o t e s

COMPUTING IN MOBILE AND AT CLOUD

10.6
SHIELD
Cloud shield offers a remote private network in mobile-computing
technology which can prevent infiltration by an infiltrator. In mobile
computing technology, cloud shield offers a secure IPsec tunneling to
offsite systems.

A layer of private routing table is provided by cloud shield that can ob-
scure traffic on the Internet. Cloud shield allows only that traffic that
is approved to pass through the accurate service port on the public
interface. With the help of platform-as-a-service, cloud shield offers
the benefits of a private network in cloud computing.

Cloud shield is recommended for the following reasons:

S
‰‰ Multi-tier Web services: There are many persons who need to
keep sensitive data in their mobile. Cloud shield provides packet
filtering in which the access of private systems is totally prevented.
IM
‰‰ Datacentre to Web connection: Cloud shield uses both private
and public subnets. Thus, it can route the traffic to the systems in
remote locations through VPN. It can offer a secure pipe for using
data in large transactional processing system.
‰‰ Content repositories: Sometimes customer wants to connect the
website to the central content repository or backend data store.
M

In such cases, cloud shield can provide security and network level
isolation.

self assessment Questions

N

11. Cloud shield provides packet filtering in which the access of

private systems is totally prevented. (True/False)

Activity

Explore the Internet and find out how sensitive data in mobile can
be protected with the help of cloud shield.

10.7 SUMMARY
‰‰ Mobile computing refers to the use of small-sized handheld mo-
bile devices for running or accessing standalone or remote appli-
cations through a wireless network.
‰‰ MCC, in general terms, can be treated as a new paradigm for mo-
bile application users. They can now access the powerful cloud
platform, which makes use of centralised remote servers and other
physical resources.

NMIMS Global Access - School for Continuing Education

 MOBILE CLOUD-COMPUTING  247

n o t e s

‰‰ MCC is a technology that provides access to the best resources and

applications by using mobile devices without requiring powerful
configurations.
‰‰ Services can be provided to the users by network operators in the
form of AAA (that is, Authentication, Authorisation, and Account-
ing). Home Agent (HA) and subscriber data are the basis of the
mobile network services provided by the operators.
‰‰ The cloud helps in this aspect by providing intelligently developed
solutions to enhance the performance of the Central Processing
Unit (CPU), manage disk storage, and adjust the size of the screen.
‰‰ Cloud computing provides an efficient way to manage and syn-
chronise multiple documents online. Therefore, cloud computing
can manage different data warehousing tasks simultaneously.
‰‰ The primary issues at the cloud end include security, efficiency,

S
and offloading the computation. The computational task is migrat-
ed from resource-limited devices to resource-rich systems through
the offloading.
IM
‰‰ Mobile users face challenges involving application security and
privacy of their data. Running antivirus applications can help
them avoid their applications from getting corrupt, but the lim-
itations of capacity and processing power of a system are serious
issues resulting in security threats.
‰‰ The location-based services running through the Global Position-
M

ing System (GPS) pose a security threat. This issue can be ad-
dressed by the application called Location Trusted Service (LTS),
which does not involve private information about the users.
‰‰ Cloud shield offers a remote private network in mobile comput-
N

ing technology which can prevent infiltration by an infiltrator.

In mobile-computing technology, cloud shield offers a secure IP-
sec tunneling to offsite systems.

key words

‰‰ Computing offload: It refers to the technique of offloading com-

putational tasks from mobile devices to efficient remote servers.
‰‰ Data centre: It refers to the layer of the cloud-computing archi-
tecture that provides the infrastructure and hardware facilities
to the cloud.
‰‰ IaaS: It refers to the layer of the cloud-computing architecture
on top of the data centre layer.
‰‰ PaaS: It refers to an advanced environment that enables to
build, test, and deploy custom applications.
‰‰ SaaS: It refers to the layer of the cloud-computing architecture
that supports the software applications that have specific re-
quirements of their own.

NMIMS Global Access - School for Continuing Education

248  Cloud Computing

n o t e s

10.8 DESCRIPTIVE QUESTIONS

1. Discuss the various layers of the cloud-computing architecture.
2. Explain how MCC can extend the lifetime of a mobile battery.
3. Describe how MCC can improve the reliability of a mobile.
4. Discuss the various challenges associated with MCC at the
mobile end.
5. Explain the various challenges associated with MCC at the cloud
end.

10.9 ANSWERS AND HINTS

ANSWERS FOR SELF ASSESSMENT QUESTIONS

S
Topic Q. No. Answers
Definition of Mobile Cloud 1. True
IM
Computing
2. Mobile Cloud Computing (MCC)
Architecture of Mobile Cloud 3. a.  Data Centre
Computing
4. Authentication, Authorisation,
M

and Accounting (AAA)

Benefits of Mobile Cloud 5. False
Computing
6. True
N

Mobile Cloud Computing 7. True

Challenges
8. MCC
9. Random File System (RFS)
10. False
Computing in Mobile and at 11. True
Cloud Shield

HINTS FOR DESCRIPTIVE QUESTIONS

1. The various layers of the cloud computing architecture can be
described as follows:
 Data centre: Refers to the layer that provides the infrastruc-
ture and hardware facilities to the cloud. Refer to Section
10.3 Architecture of Mobile Cloud Computing.

NMIMS Global Access - School for Continuing Education

 MOBILE CLOUD-COMPUTING  249

n o t e s

2. One of the biggest concerns about mobile computing is the

battery life of mobile devices. Cloud services are used with the
mobile environment in order to reduce power consumption
significantly. Refer to Section 10.4 Benefits of Mobile Cloud
Computing.
3. MCC allows vast amounts of data from mobile devices to be
stored on the cloud. In addition, you can run various applications
on the cloud. Refer to Section 10.4 Benefits of Mobile Cloud
Computing.
4. The challenges associated with MCC at the mobile end are as
follows:
 Network latency and limited bandwidth: Bandwidth limita-
tion is one of the main issues with MCC. Refer to Section 10.5
Mobile Cloud Computing Challenges.

S
5. Some of these issues at the cloud end are as follows:
 Computing offload: The technique of offloading computa-
IM
tional tasks from mobile devices to efficient remote servers
saves computational effort and energy of mobile devices.
Refer to Section 10.5 Mobile Cloud Computing Challenges.

SUGGESTED READINGS &

10.10
REFERENCES
M

SUGGESTED READINGS
‰‰ Khanna, A. (2016). Mobile cloud computing. Place of publication
not identified: I K International Publisher.
N

‰‰ WU, H. (2017). Mobile cloud computing. S.I.: Morgan Kaufmann

Publisher.
‰‰ De,D. (2016). Mobile cloud computing architectures, algorithms and
applications. Boca Raton: CRC Press.

E-REFERENCES
‰‰ Mobile Cloud Computing - Washington University in St.
Louis. (n.d.). Retrieved March 20, 2017, from http://www.
bing.com/cr?IG=35D64B9475D74821854F7F58ECEEEB -
1C&CID=06747FEA6BC760453C3675A16AF661FB&rd=1&h
=90rz-w6lEddH1Dz5QWJHcVLXwLQ1xmLDRUWgN9-rYL-
w & v = 1 & r = h t t p % 3 a % 2 f % 2 f w w w. c s e . w u s t l . e d u % 2 f % 7 e -
jain%2fcse574-10%2fftp%2fcloud%2findex.html&p=DevEx,5064.1
‰‰ What is mobile cloud computing architecture? (2014, November
24). Retrieved March 20, 2017, from http://www.rmdstudio.com/
mobile-cloud-computing-architecture/

NMIMS Global Access - School for Continuing Education

250  Cloud Computing

n o t e s

‰‰ 5 top challenges in Mobile Cloud Computing. (2014, March 10).

Retrieved March 20, 2017 from https://aboutdigitalcertificate.
wordpress.com/2014/03/10/5-top-challenges-in-mobile-cloud-com-
puting-2/
‰‰ Mobile Cloud Computing Challenges. (2016, April 07). Retrieved
March 20, 2017 from https://insight.nokia.com/mobile-cloud-com-
puting-challenges

S
IM
M
N

NMIMS Global Access - School for Continuing Education

 C h
11 a p t e r

CASE STUDIES

S
CONTENTS

Case Study 1 Metro Bank Reduced its Production Time by using Rackspace-
Managed Cloud
IM
Case Study 2 SaaS Provider: Citrix Online
Case Study 3 Private Cloud for Central and State Governments
Case Study 4 Microsoft Azure Helps Shephertz Technology to Provide Back-End
Solutions for Apps
Case Study 5 Hr Information Systems in the Cloud
Case Study 6 Taiwan Taxi Ensures Smooth Operation by Introducing Cloud
M

Computing and Virtualization

Case Study 7 Scalable Wordpress Deployed with Elastisys Cloud Automation
Platform
Case Study 8 Using Cloud Computing Architecture for Run Time Load Balancing
of Virtual Machines
N

Case Study 9 A Secure Hybrid Cloud for All

Case Study 10 Fujitsu IaaS Cloud Computing Platform Meets the Challenges of
Heilongjiang Mobile
Case Study 11 91 App Maintains a Stable Online Payment Service due to Aws
Cloud Computing Architecture
Case Study 12 Microsoft Azure Helps Mobius Knowledge Services in Delivering Big
Data Trends and Competitive Intelligence to Retailers

NMIMS Global Access - School for Continuing Education

252  Cloud Computing

Case study 1
n o t e s

Metro Bank reduced its production time by

using Rackspace-managed cloud

This Case Study explains how Metro Bank has reduced its produc-
tion time by using the cloud services provided by Rackspace. It is
with respect to Chapter 1 of the book.

S
IM
Metro Bank, established in 2010, operates in the field of retail
banking in United Kingdom (UK). The bank is associated with
London Stock Exchange and FTSE 250 index. It has approxi-
mately 48 stores till the end of 2016 and provides services to both
individual and business customers. The bank is authorised by
M

Prudential Regulation Authority and regulated by two governing

bodies, such as Financial Conduct Authority and the Prudential
Regulation Authority. In addition to traditional banking services,
the bank offers non-traditional services, such as opening of ac-
N

counts in 15 minutes, pet-friendly services, coin-counting ma-

chines, etc.

With the growth in the number of customers and bank’s branch-

es, Metro Bank has decided to upgrade its IT infrastructure to
provide better services to users and to take advantage of the
available upgraded technology. The bank collaborated with Rack-
space, a company that provided and managed cloud services. Da-
vid Young, the CTO of Metro Bank, admitted that the bank has
started to look for vendors since 2014 to fulfill the requirement
related to banking services. Rackspace took the next 12 months
to complete the entire project. According to Young, “It was deliv-
ered on time, and on budget, and we were very happy with it.” He
also said, “We were with a different hosting solution, so that was
moved – all of the applications from one data centre provider over
to Rackspace.”

According to David Young, the previous partner which took care

of bank’s IT infrastructure failed in delivering the quality ser-

NMIMS Global Access - School for Continuing Education

 Case study 1: Metro Bank reduced its production time by using Rackspace
managed cloud  253

Case study 1
n o t e s

vices, scalability and flexibility to the bank. So, the bank decid-
ed to move to Rackspace which now hosts around 70 percent of
applications of Metro bank. Young said, “We also recognised that
there was quite significant benefit in new hardware. We were look-
ing for a partner – a hosting partner is such a critical component
of an IT operation, particularly one like ours, where we tend to use
partners more than some other institutions.”

Moving to cloud reduced the time taken by processes to complete

significantly. For example, the processes that usually took four
hours to complete now takes two hours to be completed. Earlier,
the financial modeling team of bank takes an hour to work with
certain financial applications, but now, it takes less than 20 min-
utes. Moreover, the log in speed in Web portals and mobile apps is
greatly improved. According to Young, “The developers in the bank

S
are happier than before with kind of support given by the Rack-
space. Rackspace also helped the bank in making changes in their
firewall by providing necessary services for it in order to improve
IM
the security.”

The bank is now deciding to launch its Internet banking services

and new mobile banking app to provide better services to custom-
ers in handling their transactions with the bank.
M

questions

1. Why Metro Bank has decided to use the cloud services?

(Hint: To increase profit margin, data security, etc.)
N

2. Why Metro Bank decided to launch the app-based service

for customers?
(Hint: For better customer satisfaction, to provide better
services.)

NMIMS Global Access - School for Continuing Education

254  Cloud Computing

Case study 2
n o t e s

SaaS provider: Citrix Online

This Case Study discusses how a SaaS provider overcame the chal-
lenges of an organisation. It is with respect to Chapter 2 of the book.

PC users often face difficulty related to their computer hardware

which are, sometimes, quite frustrating for them. The guarantee
provided with PCs offer some level of hardware or operating sys-
tem support. Moreover, the other kind of technical issues related
to printer, software, PC set-up, etc. also remain unsolved. To solve
the problems of PC users across the country, the DSG interna-
tional (DSGi), a UK-based enterprise, started offering technical
support to PC users. The company started offering a service with
the name ‘TechFriend’ which provides the following type of sup-

S
port:
‰‰ Round-the-clock accessibility of technical specialist for solv-
ing computing problems
IM
‰‰ Basic telephone support
‰‰ In-store Tech Clinics
‰‰ Home assistance

The customer only had to pay £89.99 a year to get the assistance
from DSG international related to their computing problems.
M

According to Jason Smith, the head of services development at

TechGuys, “TechFriend got a great success, rising in popularity
since its start up last year. With the success, the company is getting
huge number of calls from customers, which makes the staff to deal
N

with different kinds of difficulties and complexities in handling

those calls.”

The pressure on the staff is to rectify the problems of the custom-

ers in quick time and in an efficient manner. Sometimes, the staff
needs to get the control of customers’ PCs remotely to identify the
technical issue and fix it. Soon, the company started looking for
some enterprise level solution to handle the customers in a better
way. They have selected GoToAssist software solution provided
by Citrix Systems, Inc., an American multinational software com-
pany, provides software as a service, application, desktop virtual-
isation and other cloud-computing technologies. The benefits of
using the GoToAssist service for DSGi are as follows:
‰‰ Customers are now able to get assistance from the service
through e-mail or phone within a matter of seconds
‰‰ Customers can grant permission to the techical staff of DSGi
to provide access of their desktops or laptops on the Internet.

NMIMS Global Access - School for Continuing Education

 Case study 2: SaaS provider: Citrix Online  255

Case study 2
n o t e s

The technical staff can determine and rectify the problems se-
curely from a remote location.
‰‰ The GoToAssist service has reporting tools which displays re-
port of customer satisfaction instantly which enables DSGi
to get the accurate idea of its successes and highlight those
areas which requires a lot of improvement. This also helped
managers of DSGi to take prompt action on the services pro-
viding to customers and check whether the quality goals get-
ting achieved or not on the basis of the valuable feedback of
customers.
‰‰ GoToAssist is a hosted service, therefore, it provides flexibility
to scale up and down as per the need and demand of custom-
ers.

S
Assisting customers was a high priority at DSGi that was achieved
with the help of GoToAssist. This software-based service placed
TechFriend as a premium service and helped in ensuring its prop-
IM
er growth.

questions

1. What do you understand by SaaS? What were the chal-

lenges usually faced by an organisation without SaaS?
M

(Hint: SaaS stands for Software as a Service.)

2. What are the benefits of using SaaS for an organisation?
(Hint: Pay for what you use and predictable operating
N

costs, reliable, multi-location replication)

NMIMS Global Access - School for Continuing Education

256  Cloud Computing

Case study 3
n o t e s

Private Cloud for Central and State Governments

This Case Study explains the adoption of private cloud in Indian

government organisations. It is with respect to Chapter 3 of the book.

S
IM
The central government of India has several thousands of serv-
ers for various ministries such as power, defense, and telecom.
It has become a nightmare to maintain and upgrade each IT and
DC infrastructure for each application. While some environments
may be low on resources and must be upgraded, others may have
M

too many idle hardware resources. Due to privacy concerns, some

ministries always maintain their independent infrastructure but
others can be consolidated.

Likewise, the state governments have infrastructure islands that

N

are underutilised or in dire need of upgrades. There are many

other administrative problems, such as an excessive number of
user accounts, unutilised licenses, etc. Users, such as bureaucrats
and ministers, need to have secure communication between the
state and central governments to exchange data. The government
cannot put the data or use applications in a public cloud because
of privacy, security, and regulatory requirements, which makes it
mandatory to store financial and citizen-related data within the
borders of the country.

After deliberation, the central government of India decided to

have a private cloud built. Different ministries will use the re-
sources in the private cloud using a front-end service catalog.
They will use a server virtualisation technology, such as Ker-
nel-based Virtual Machine (KVM), VMware, Citrix XenServer,
or Microsoft Hyper-V, with a Storage Area Network (SAN) and
Network Attached Storage (NAS). Front-end applications, such
as vendor management and procurement, will be hosted on the

NMIMS Global Access - School for Continuing Education

 Case study 3: Private Cloud for Central and State Governments  257

Case study 3
n o t e s

private cloud. Back-end applications, such as accounting, payroll,

and productivity applications, will also be put on the private cloud
as well as citizen and financial data. The state governments will
also have a private cloud, shown in the following figure:

Central Government
Private Cloud

S
IM
State A Private Cloud State B Private Cloud

The local government of each state will use the services of a state
private cloud or use the available infrastructure to host its own
applications. Each state’s private cloud will have a VPN to the
M

central cloud. Single Sign-On (SSO) will enable some users at the
state level to automatically access and use the applications on the
central government cloud. This will help to lower Total Cost of
Ownership (TCO), save energy, and secure communication be-
tween the state and the central government.
N

questions

1. What are the reasons of using private cloud by organisa-

tions?
(Hint: Mutually exclusive, Data security, etc.)
2. Discuss the components of private cloud.
(Hint: Service Catalog, Self-Service portal)

NMIMS Global Access - School for Continuing Education

258  Cloud Computing

Case study 4
n o t e s

MICROSOFT AZURE HELPS SHEPHERTZ TECHNOLOGY

TO PROVIDE BACK-END SOLUTIONS FOR APPS

This case study discusses how ShepHertz Technologies providesd

back-end solutions to app developers with the help of Azure. It is
with respect to Chapter 4 of the book.

Company Background

ShepHertz Technologies, established in Delhi in 2010, is an access

channel and cloud-computing platform service provider compa-
ny that provides back-end solutions to over 31,000 apps across the
world over the Internet. They are powered by Microsoft Azure,
which is generally considered as a “one-stop shop” for mobile,

S
Web, social, SaaS, TV or gaming app developers to fulfil their
cloud service requirements related to their apps development. An
additional advantage of ShepHertz’s solution is that they are as-
IM
sociated with the Microsoft India datacentre.

According to Siddhartha Chandurkar, the founder and CEO of

ShepHertz Technologies, “With our flagship product, App42,
which was built by a developer, for a developer, ShepHertz is able
to provide complete back-end solutions for a small developer or
a large enterprise.”
M

Company Challenge

ShepHertz Technologies uses pre-built services to handle the

tasks at back-end. As a result, developers just need to have focus
N

on the User Interface (UI) at the front end, and the entire app
can be developed within 3 months approximately. This is one of
the essential requirements also to stay competitive in a market
of having around 2 million apps. Chandurkar says, “Our products
help developers go to market faster. Apps today are developed for the
omni-channel environment, whether it is for mobile, Facebook, etc.
There is a need for a platform that can support all channels.”

ShepHertz has partnership with Microsoft, who has helped

the company to grow their business exponentially in the past
2 months. Now, the company is providing solutions to bigger client
companies like ABP News, and one of the top airlines companies.

In these days, only a few apps retain their customers and are suc-
cessful in the market for a long time. Apps generally generate a
huge amount of data, which should be managed properly. For in-
stance, if an app has 2 million users all over the world, it might
generate a billion data points showing different user behaviours.
ShepHertz’s providing solutions like App42 can manage such type

NMIMS Global Access - School for Continuing Education

 Case study 4: MICROSOFT AZURE HELPS SHEPHERTZ TECHNOLOGY TO PROVIDE
BACK-END SOLUTIONS FOR APPS  259

Case study 4
n o t e s

of information and can turn it into actionable data. The analysis

of actionable data becomes difficult when a customer is directed
to change his or her buying items using different devices, as he
or she may browse on one device and buy from another. So, there
should be a continuous flow of information in the developed apps
for tracking user behaviours.

Solution

Microsoft’s India datacentre helped ShepHertz Technologies get-

ting the benefit of Microsoft’s India datacentre, as it makes devel-
opers developing apps more responsive and also resolve associ-
ated latency issues. Chandurkar has given angave an example to
explain this concept. He said, “If you type msn.com, you are re-di-

S
rected to msn.com/en-in. This means there is a replication and we
are routed to the closest server available due to latency. If the server
is not in India, the latency increases. If an app has maximum cus-
tomers in India, getting the data from an offshore server will not
IM
make sense for business.”

ShepHertz executes a map reducer bundle on Azure platform,

which provides the user data in real time and gives it to the mar-
keter. This type of actionable analytics enables developers to de-
cide what actions to take, to retain and even retrieve users. Simi-
larly, by using the feature of geo-tagging, a customer can be offered
M

services on the basis of his or her current location. In short, the

ShepHertz’s solution along with Azure platform at front-end pro-
vides all the infrastructure services to their customers.
N

Chandurkar also admits, “Microsoft’s platform complements our

solutions perfectly. The support from Microsoft has also been phe-
nomenal. From a business perspective, when any attention was re-
quired, we had a response in a day’s time. The right people are al-
ways deployed for a task. Microsoft sells through partners who have
been very supportive.”

Some benefits of the ShepHertz’s solution are as follows:

‰‰ Unparalleled support: ShepHertz is using Azure platform to
retrieve the user data in real time and gives it to the marke-
teer. In addition, Azure fulfils all the infrastructure needs and
service requirements of ShepHertz.
‰‰ Responsiveness: The launch of Microsoft’s India datacen-
tre resolves all latency issues related to apps faced by Shep-
Hertz’s customers.
‰‰ Business growth: The association of ShepHertz with the Mi-
crosoft brand has increased their business. in fact, their prod-
ucts’ exposure at the international level is also boosted as they

NMIMS Global Access - School for Continuing Education

260  Cloud Computing

Case study 4
n o t e s

get an opportunity to present their products at various Micro-

soft’s sales meets.

Moreover, Chandurkar says, “Partnering with Microsoft is not just

a transaction deal but a strategic move for ShepHertz.”

questions

1. Name the app used by ShepHertz to manage the be-

haviour of users on various devices.
(Hint: App42 )
2. List some benefits offered by ShepHertz’s Technologies to
its clients.

S
(Hints: Unparalleled support, responsiveness, and busi-
ness growth)
IM
M
N

NMIMS Global Access - School for Continuing Education

 Case study 5: HR INFORMATION SYSTEMS IN THE CLOUD  261

Case study 5
n o t e s

HR INFORMATION SYSTEMS IN THE CLOUD

This Case Study discusses about the need of a customer who wants
to put all the HR information in the cloud and know how it is done.
This case study is related to Chapter 5.

The customer wants to migrate all employee data and related HR

processing (such as payroll, tax calculations, vacation approvals,
and retirement contribution) to a public cloud service provider.
Earlier, the cloud customer used a distributed environment with
internal application servers, database servers with SQL database,
customised HR applications, and SAN-based storage. The imme-
diate requirement was for more computing and storage resourc-
es. Adding more hardware, backups and data replication requires

S
large upfront expenses.

The customer selects an IaaS provider and deploys Virtual Ma-

chines (VMs) and external storage. The newly deployed HR ap-
IM
plication uses three VMs and a running Linux operating system.
Applications are provided by an Independent Software Vendor
(ISV) that has been customised. The SQL database is hosted on a
fourth VM. The customer can also use database-as-a-service but
for that he would have to rewrite and deploy the application to the
cloud provider’s database. The HR data is kept on a cloud storage
device offered by the cloud service provider. Some of the essential
M

security requirements are:

‰‰ The company must make sure that the HR applications are
accessed by authorised users only. It must also implement
Role-Based Access Control (RBAC) so that users are limited
N

to certain privileges related to their business roles and re-

sponsibilities.
‰‰ The customer must ensure that if a VM is shut down or delet-
ed, it has the option to either move the data to another VM or
delete all the data related to the HR services on the VM.

The following figure shows the schematics of the HR applications

and database hosting on VMs at a public cloud provider’s data-
centre:

Identity management-as-a-
service provider
Public Cloud
Remote users
HR app HR app HR app HR app
VPN to public cloud VM1 OS VM1 OS VM1 OS VM1 OS
Corporate
network

Provider’s physical infrastructure

Corporate users Security-as-a-service provider

NMIMS Global Access - School for Continuing Education

262  Cloud Computing

Case study 5
n o t e s

The advantages of hosting HR applications and database on cloud

include scalability to increase the computing resources to meet
peak loads and reduce them during low-use periods so as to save
on operational expenses. The customisation of HR application in-
cludes subscribing to backup and DR services. This eliminates
the imminent and substantial capital expense for data replication
to a remote data centre. The customer creates a set of best prac-
tices for other pending projects that are planning to use a public
cloud:
‰‰ Determine which aspects of your business (backups, replica-
tions, infrastructure applications, ERP, emails, and software
development) could be moved to the cloud.
‰‰ Prepare a tender or Request For Proposal (RFP) and send

S
it to several cloud service providers. Compare the technical
strengths, offerings, and prices of the providers.
‰‰ Research the cloud market and compare the available options.
IMContact customer references as part of the research.
‰‰ Devise a cost-effective, non-disruptive, phased project plan to
migrate applications to the cloud.
‰‰ Negotiate and execute a primary contract, an SLA, and a
maintenance contract.
M

questions

1. What are the challenges for organisations to migrate data

on cloud?
N

(Hint: Breaches in data security and privacy, etc.)

2. What are the benefits of migrating data on to cloud?
(Hint: Scalability to increase the computing resources to
meet peak loads, etc.)

NMIMS Global Access - School for Continuing Education

 Case study 6: TAIWAN TAXI ENSURES SMOOTH OPERATION BY INTRODUCING CLOUD
COMPUTING AND VIRTUALIZATION  263

Case study 6
n o t e s

TAIWAN TAXI ENSURES SMOOTH OPERATION BY

INTRODUCING CLOUD COMPUTING AND VIRTUALIZATION

This Case Study discusses how Taiwan Taxi was able to ensure
smooth operation and brought efficiency in the IT framework by in-
troducing the concept of cloud computing and virtualization. It is
with respect to Chapter 6 of the book.

Taiwan Taxi provides cab services in Taiwan. It is a publicly listed

company which was established in the year 2002. The company
very much focussed on providing sound commuting environment
for both passengers and its drivers. Moreover, it also believes in
providing safe and comfortable commuting services to its drivers
and passengers. For this purpose, it keeps on introducing new IT

S
services to meet its daily needs.

Taiwan Taxi wanted to improve its brand name and decided to

enhance its services to passengers by offering them innovative IT
IM
services which include call services for taxis, as well as general
packet radio services (GPRS) taxi-monitoring services. Due to the
in-house development of different types of IT services for offering
better services to customers, the company’s IT framework is get-
ting expanded with the passage of time.

Thus, for maintaining smooth operations and efficiency of IT

M

framework, Taiwan Taxi needed to maintain its backend system

properly. Apart from that, all its supporting computer systems
need to be monitored every time. The company also wanted to
cut down its maintenance cost. The company has been able to roll
N

out new IT services, but the hardware was not capable enough to
support these IT services. Moreover, due to the limited manpow-
er, overcoming of these challenges was a big concern for Taiwan
Taxi. Due to the expansion of IT framework, Taiwan Taxi started
searching for new solutions which can overcome their challenges.
Since the company has been able to roll out new IT services, but
the hardware was not capable enough to support these IT ser-
vices.

The company found that cloud computing systems having Intel

Xenon processors are capable of ensuring the overall efficiency of
IT systems, and maintenance of systems in case of limited man-
power.

“Hardware is a very basic IT resource. Therefore, too much time

should not be spent on its maintenance. Stable equipment helps us
save a lot of time on troubleshooting and maintenance. The time
saved can be used to promote innovation, develop new service ap-
plications, or enhance existing systems to benefit the company’s

NMIMS Global Access - School for Continuing Education

264  Cloud Computing

Case study 6
n o t e s

operations. This, in fact, should be the most important task for IT

personnel in an enterprise,” says Nan Qiang, the IT department
manager of Taiwan taxi. According to Nan, in a working day, only
30% of time should be used in maintaining hardware and the rest
70% of time should be concentrated on innovation or some other
works.

Intel introduced the concept of virtualization and used cloud

computing techniques in Taiwan Taxi. Virtualization allows in
accommodating the large number of computer system of Taiwan
taxi into smaller ones. It has also allowed Taiwan Taxi to manage
its computers with a single interface. Thus, it helped Taiwan Taxi
to lessen the maintenance cost of its hardware.

Due to the advantages of cloud computing, Taiwan Taxi has mi-

S
grated all its systems onto the cloud platform. It has also start-
ed migration of its customer service systems, driver membership
management systems and the information systems to cloud plat-
IM
form. Moreover, it also helped Taiwan taxi to share its resources
on cloud. Customers of Taiwan taxi can now access any relevant
service from their mobile phones. Cloud computing and virtual-
ization have enabled Taiwan Taxi to get closer to their customers
and offer a high level of service to them.

Now, Taiwan Taxi is capable of providing a strong IT infrastruc-

M

ture and a platform for innovation that provides its customers an

excellent experience in the cab service.

Nan Qiang said, “Superior efficiency and excellent stability were

key reasons for choosing blade servers powered by Intel Xeon pro-
N

cessors for our cloud system. These features are essential in order to
provide the best services for our drivers and passengers.”

questions

1. What were the problems faced by the Taiwan Taxi in man-

aging its operations?
(Hint: Problem in managing continually expanding infra-
structure)
2. What are the advantages offered by cloud computing to
Taiwan taxi?
(Hints: Virtualization, security, etc.)

NMIMS Global Access - School for Continuing Education

Case study 7: Scalable WordPress deployed with Elastisys cloud automation
platform  265

Case study 7
n o t e s

Scalable WordPress deployed with Elastisys

cloud automation platform

The case study discusses the deployment of scalable WordPress con-

tent management system. This case study is related to Chapter 7 of
the book.

S
Delbart was established in the year 2014 with the aim of creating
rich and intriguing online content. The revenue will be obtained
through online advertising in the process of providing the online
IM
content. To fulfill the aim of providing content, Delbart chose the
WordPress content management system which was already man-
aging hundreds of websites. Initially, Delbart’s site was deployed
on a shared hosting environment. When the number of visitors
kept on increasing, the site failed to handle the load and provide
quick response to visitors of sites. In other words, the site faced
M

challenges of lagging response time.

In order to resolve the challenges faced by the site, Delbart kept

on increasing the size of its servers, that is, from normal to largest
size which could be offered by the associated cloud provider. The
N

load on the server at peak time was also a big issue. The verti-
cal scaling cannot be implemented here as the maximum size of
the server is already allocated to Delbart. Therefore, a permanent
and scalable solution is required to handle the issues faced by
Delbart. Delbart was looking for a provider which is proficient
in providing auto-scaling facility and has deep understanding of
WordPress deployment to get rid of the performance issues.

Delbart chose Elastisys for tackling these performance issues as

it had an expertise in providing scalable and highly responsive
IT services. The services provided by the company are also au-
to-scalable with multi-cloud abilities. Elastisys Scalable Word-
Press integrates the Elastisys Cloud automation platform with
the best set of software in order to deploy WordPress, configure
caching, load balancing, etc. as per the industrial standards. The
benefits of choosing Elastisys for Delbart are as follows:
‰‰ Highly responsive and scalable system
‰‰ Safe and secure

NMIMS Global Access - School for Continuing Education

266  Cloud Computing

Case study 7
n o t e s

‰‰ Capable of dealing at high-load situations

‰‰ Reduced the expenditure to 60%
‰‰ Capable of adding more number of servers whenever required

‰‰ Capable of reducing the number of servers when the demand

is not high
‰‰ Automated dynamic reconfiguration keeps the maintenance
of site low
‰‰ Scaling up and down of every instance of the deployed compo-
nents can be done when required
‰‰ Discovery and reconfiguration of service can be performed
automatically whenever the instances are added and removed

S
‰‰ Provided environment is highly dynamic and easier in scaling
as per any metric
‰‰ Cache-friendly system by removing the performance offend-
IM
ers
‰‰ Increased Page view performance
‰‰ Reducing the time to get the HTML page from the server by
a factor of 10
‰‰ New system can be scaled out to meet performance demands
M

in a few minutes
‰‰ Downtime and performance falls got reduced greatly due to
auto-scaling
‰‰ Predictive auto-scaling makes sure that adequate server ca-
N

pacity is assigned and executed when the requirements arise

Due to the inculcation of preceding features and benefits in Word-

Press, Delbart was able to focus on its main aim of generating the
interesting content for its viewers.

questions

1. How scalability is helpful for organisations when the num-

ber of users or requests becomes dynamic in nature?
(Hint: Number of servers can be scaled up or down)
2. How many types of scaling can be used by an organisation
to meet users’ demands?
(Hint: Either horizontal scaling or vertical scaling are
used in organisations to meet users’ demands.)

NMIMS Global Access - School for Continuing Education

Case study 8: Using Cloud Computing Architecture for Run time Load Balancing
of Virtual Machines  267

Case study 8
n o t e s

Using Cloud Computing Architecture for Run

time Load Balancing of Virtual Machines

In this case study, a system is proposed that is based on a cloud com-

puting architecture to allocate the resources dynamically, support
green computing, and optimise a number of servers. This case study
is with respect to Chapter 8 of the book.
In this case study, a system based on a cloud computing architec-
ture is proposed to a company to optimise its various processes.
The proposed system is the combination of the Citrix Xenserver
and the Aneka architecture. Citrix Xenserver is a server virtual-
ization platform that can run multiple operating systems simulta-
neously.  Aneka architecture is based on a cloud computing archi-

S
tecture that allows dynamic modification of resources.
The cloud environment provides three kinds of services: Infra-
structure as a Service (IaaS), Platform as a Service (PaaS), and
IM
Software as a Service (SaaS). A client needs to use a Web brows-
er or a mobile app to use these cloud services. Some examples
of software services provided by the cloud are CRM, Email, Vir-
tual Desktop, Communication and Games. An infrastructure of
a cloud includes virtual machines, servers, storage, load balanc-
ers, network, etc.
M

As already mentioned earlier, a client company was using Citrix

Xenserver and Aneka. Citrix Xen server is a server virtualisation
platform that can run multiple operating systems simultaneous-
ly. The following figure shows the architecture of Xenserver ar-
chitecture:
N

Storage External
network network
Storage VM
NIC NIC
iSCSI
Host
filer
SMAPI
Admin Admin
network XAPI
NIC
Control Virtual Virtual
domain machine machine

XenCenter Xen

Aneka is a platform and a framework that is used to develop dis-

tributed applications using cloud computing. It can manage mul-
tiple servers, CPU cycle in desktops, and data centres. It provides
many tools for monitoring and controlling the deployed infra-
structure of applications. Aneka can be used as a public cloud

NMIMS Global Access - School for Continuing Education

268  Cloud Computing

Case study 8
n o t e s

or private cloud. The following figure shows the architecture of

Aneka framework:

Management Kit
Application
Management Administration
Software Development Kit Studio Portal
Design SLa-Negotiation Management
APIs
Explorer Web Services Web Services

Container
Programming Models
Task Thread Map Reduce Other
Model Model Model Model

Persistence
Securitty
Foundation Services
Membership Reservation Storage License Accounting
Services Services Services Services Services
Fabric Services
Dynamic Resource Provisioning Services

S
Hardware Profile Services

Infrastructure
.NET @ Windows Mono @ Linux
Physical Machines/ Virtual Machines
IM Amazon
Private Cloud Microsoft Google
IBM

LAN network Data Centre

Source: https://image.slidesharecdn.com/5-virtualmachinesprovisioningandmigration-
services-131130041332-phpapp02/95/cloud-computing-principles-and-paradigms-5-virtu-
M

al-machines-provisioning-and-migration-services-25-638.jpg?cb=1385784873

The company used Aneka to dynamically modify resources

through resource virtualisation or multiple connected CPUs of
desktop machines. By doing so, the different types of work loads
N

were balanced and also improved the overall utilisation of serv-

er resources. As a result, the trace-driven simulation and exper-
iment results demonstrated that the company was able to save
both time and energy. The system used virtualisation technology
to allocate data centre resources dynamically on the basis of user
requirements and support green computing by optimising the
number of virtual machines in use. This system makes available
IaaS and SaaS to the client and also achieves the performance in
terms of CPU utilisation and memory utilisation.

questions

1. What is Aneka?
(Hint: Aneka is a platform and a framework that is used to
develop distributed applications using cloud computing.)
2. How can green computing be achieved in Aneka?
(Hint: By implementing the concept of master and slaves
nodes.)

NMIMS Global Access - School for Continuing Education

 Case study 9: A Secure Hybrid Cloud for All  269

Case study 9
n o t e s

A Secure Hybrid Cloud for All

This case study explains how a leading IT service provider compa-

ny benefits from implementing hybrid cloud for security of its data.
It is related to Chapter 9 of the book.

SCHMIEDER IT- solutions was founded in 1997 and is located at

Baden Württemberg, Germany. This leading IT service organisa-
tion provides various kind of IT services, such as infrastructure
management, network integration, data backup, servers, securi-
ty, etc. The clients of the company are mainly small and medi-
um businesses (SMBs), some of which are energy sector organi-
sations, public institutions, retail business organisations and the
like.

S
Security of data of its customers has always been considered as
a significant element in the service offerings by SCHMIEDER
IT-solutions.
IM
For security of their Web and e-mail services, the SCHMIEDER
IT-solutions depended upon the antivirus and anti-malware pro-
vided by the Trend Micro, which is a well-known security solution
provider.

SCHMIEDER IT-solutions wanted to provide better services to

M

its customers and fulfill their requirements more speedily. The

company knew the capabilities of their customers and convinced
them to get shifted to virtualisation due to its various benefits
such as faster server provisioning, increased uptime, etc. But,
there are certain security issues that exist in virtualisation that
N

cannot be handled with standard security solutions used by the

organisation presently.

In comparison to physical environments, the allocation of re-

sources in virtualised environments is not restricted to a single
user and the corporate network; therefore, there is no clear sepa-
ration between the company and the outside world.

To overcome the security challenges related to virtualisation,

SCHMIEDER IT-solutions was forced to use its existing IT in-
frastructure or technology. The company has deployed a sepa-
rate scan engine on every single server and kept it up-to-date,
which resulted in administrative burden. Due to these problems,
SCHMIEDER IT-solutions searched for some new security solu-
tion and found Trend Micro Deep Security solution.

After implementing and using the Trend Micro Deep Security

solution, the company realised that it is the optimal security solu-
tion for highly virtualised infrastructures. Deep Security guards

NMIMS Global Access - School for Continuing Education

270  Cloud Computing

Case study 9
n o t e s

physical, virtual and cloud-based systems with the help of an

agentless virtual appliance used for VMware environments or an
agent-based virtual appliance in the case of physical server secu-
rity.

The CEO of SCHMIEDER IT-solutions, Holger Schmieder said,

“Through the concept of the agentless virtual appliance, Deep Secu-
rity has simplified the security processes significantly and ensured
more efficient utilisation of resources, mainly in comparison to con-
ventional anti-malware solutions.” Better utilisation of resources
allowed SCHMIEDER IT-solutions to get higher virtual machine
(VM) density within their virtualised environment.

SCHMIEDER IT-solutions is now providing the benefits of vir-

tualisation to its clients who have shown an interest in using its

S
new cloud service BaWü-Cloud. Being a “vCloud Powered” cer-
tified service provider, it can now offer an extension of data cen-
tre, communication and cooperation, backup and recovery of
IM
data, and security on subscription basis. Some more benefits for
SCHMIEDER IT-solutions are as follows:
‰‰ Simplified security within virtualised environments
‰‰ More efficient utilisation of server resources
‰‰ Flexibility of integrating security into cloud services
M

‰‰ Optimised performance of VM with agentless scans

‰‰ Higher VM densities in comparison to traditional server se-
curity
N

“With its centralised approach, Deep Security is the only way for
us to offer our customers a truly secure environment that performs
well,” said Mr. Schmieder.

questions

1. Discuss the importance of cloud security for an organisa-

tion.
(Hint: The cloud security is required for securing data of
clients stored on the server, better utlisation of resources,
etc.)
2. What are the benefits of using Trend Micro Deep Security
solution?
(Hint: Simplified security within virtualised environ-
ments.)

NMIMS Global Access - School for Continuing Education

Case study 10: FUJITSU IaaS CLOUD COMPUTING PLATFORM MEETS THE CHALLENGES
OF HEILONGJIANG MOBILE  271

Case study 10
n o t e s

FUJITSU IaaS CLOUD COMPUTING PLATFORM MEETS

THE CHALLENGES OF HEILONGJIANG MOBILE

This case study discusses how Fujitsu’s IaaS cloud computing plat-
form helped in overcoming the challenges of Heilongjiang Mobile. It
is related to chapter 10 of the book.

Heilongjiang Mobile is a subsidiary of China Mobile Ltd. It is a

leading telecommunication company in China and provides full
communication services all over China. The company has more
than 6 million users all over the world.

The existing IT support system of Heilongjiang Mobile was not

being able to reduce the maintenance cost, which was resulting in

S
a huge wastage of resources. The existing IT resources consisted
of complex hardware and software models. It was getting difficult
for the company to manage its IT resources due to rapid increase
in the amount of users. Apart from that, it also needs a huge space
IM
for setting up a data centre. Thus, the company needed a new IT
support that can enhance its IT management, reduce the mainte-
nance cost, save energy and emit less carbon.

Heilongjiang Mobile approached Fujitsu, the IT support pro-

vider for solving their problem. Fujitsu implemented IaaS (In-
frastructure as a Service) cloud computing platform and intro-
M

duced virtualisation of hardware equipment. It also standardised

the versions of software, automate the system management and
integrate the service flow and process. Heilongjiang Mobile used
Fujitsu SPARC Enterprise M9000 servers as a core of their cloud
N

computing platform.

Fujitsu made IaaS as a base cloud computing platform for mak-

ing the required IT environment. It made the storage resource
dynamic and used virtualisation techniques. Implementation of
IaaS based cloud was based on virtual machines and it made the
operating system, hardware and application software more flex-
ible and speedy. Thus, a new IT support system was created on
Service Oriented Platform (SOP) and it led the new age of IT ser-
vice in Heilongjiang Mobile.

The maintenance cost of hardware and software of Heilongjiang

Mobile was reduced to 14% after the deployment of the cloud
computing platform. It also reduced the power consumption to
55%.

Thus, the deployment of IaaS cloud computing technology pro-

vided all solutions to the challenges faced by Heilongjiang Mobile.
It allowed them to manage their IT resources efficiently and save

NMIMS Global Access - School for Continuing Education

272  Cloud Computing

Case study 10
n o t e s

energy, reduce carbon emission, lowers their maintenance cost

and increase work efficiency.

questions

1. Enlist the problems that were being faced by Heilongjiang

Mobile.
(Hints: Huge Wastage of resources, high maintenance
cost of IT resources, etc.)
2. What are the benefits of IaaS cloud model provided by
Fujitsu?
(Hints: Better management of IT resources, save energy

S
saving, etc.)
IM
M
N

NMIMS Global Access - School for Continuing Education

 Case study 11: 91 APP MAINTAINS A STABLE ONLINE PAYMENT SERVICE DUE TO AWS
CLOUD COMPUTING ARCHITECTURE  273

Case study 11
n o t e s

91 APP MAINTAINS A STABLE ONLINE PAYMENT SERVICE

DUE TO AWS CLOUD COMPUTING ARCHITECTURE

This case study discusses how 91 App ensured a stable online pay-
ment service through AWS cloud computing architecture. It is with
respect to Chapter 4 of the book.

91 App is a commercial app-building company. It was founded in

2013 and is headquartered in Taiwan. It makes mobile commerce
applications and manages the inventory and content through its
website.

Problem

S
91 App wanted to conceptualise, plan and develop the ecom-
merce app in the cloud. For this, it needed a partner who can help
it to develop the app in the cloud. The chief product officer of
91 App said, “We felt applications provided a better user experience
IM
in the early days of the mobile internet, and drove higher customer
engagement and higher customer conversion rates. However, to re-
alise these benefits, we needed an infrastructure that could deliv-
er sustained, secure availability, and maintain performance at all
times regardless of how many users were browsing or checking out
from e-commerce services.” 91 App also required a cost-effective
M

infrastructure that will minimise the load and make the business
viable, flexible and easy to maintain.

Solution
N

91 App approached Amazon for Amazon Web Service (AWS). AWS

enabled 91 App to concentrate on their core business and the entire
responsibilities of maintaining the cloud infrastructure was taken by
AWS. AWS minimised the threat of stealing the sensitive informa-
tion. It also enabled 91 App to remove redundancy in their database
and enhanced their backup capabilities so that they could recover
quickly in case of service disruption. 91 App started to run a range of
systems and workload in AWS architecture.

91 App started to receive the reward of choosing their e-com-

merce application in AWS. “The challenges in mobile commerce are
different from those of traditional web commerce services accessed
on personal computers”, explains Lee. “Because a smartphone is so
often in users’ hands, any notification of a promotion will prompt
them to open the message and connect to our infrastructure. We ex-
perience peaks as soon as these emails, texts, or other messages are
sent out. Because we’re running on AWS, we can easily scale our
infrastructure to support surges in user requests, maintain a stable
online payment service, and complete orders.”

NMIMS Global Access - School for Continuing Education

274  Cloud Computing

Case study 11
n o t e s

AWS has reduced the time required to create digital marketing

campaigns. Generally, it requires several weeks of time but with
the help of AWS, 91 App was able to do it within 24 hours. Lee
said, “Using AWS has saved hundreds of hours in IT staff time and
enabled us to use our engineers’ time more strategically. We can de-
ploy our team members on more strategic, revenue-generating proj-
ects rather than configuring servers and undertaking backup and
maintenance activities.”

With the help of AWS architecture, 91 App ensured a stable online

payment service to its customers and expanded its business to
South-East Asia. “By using AWS, we can bring new environments
up as fast as we need to in order to support growth. AWS is crucial
to our success,” said Lee.

S
questions

1. Suppose you are a project manager and your task is to mi-

IM
nimise the threat of the theft of the sensitive information
of the company. Identify the key platform that can help
you save sensitive data. Support your answer with rea-
sons as to why this key platform has the potential to save
sensitive data.
(Hint: The IT infrastructure can be shifted to cloud plat-
M

form through which you can save the stealing of the sensi-
tive information of your company.)
2. What are the various ways to offer a stable online pay-
ment service to customers? Support your answer with
N

valid reasons.
(Hint: Cloud computing architecture can be used to offer
a stable online payment service to your customers.)

NMIMS Global Access - School for Continuing Education

Case study 12: Microsoft Azure helps Mobius Knowledge Services in delivering
Big Data trends and competitive intelligence to retailers  275

Case study 12
n o t e s

Microsoft Azure helps Mobius Knowledge Services

in delivering Big Data trends and competitive
intelligence to retailers

This case study discusses how Mobius Knowledge Service delivers

big data trends and competitive intelligence to retailers through
Microsoft Azure cloud computing architecture. It is with respect to
Chapter 4 of the book.
Mobius Knowledge Service is a leading data technology and solu-
tion company established in the year 2002. It enables its clients
to adjust their strategies by analysing the competitive informa-
tion, and uses innovative technology, Artificial intelligence, Neuro
Linguistic Programming (NLP), and machine learning to provide
data. For this, it requires a huge IT infrastructure.

S
Mobius Knowledge Service provides end-to-end data services to
many leading companies. Thus, automation plays a very import-
ant role in its business. Managing and maintaining the complex
IM
data is very crucial for the enterprise.
Mobius created a data acquisition product to make the processes
of data collection and presentation automated. The product ac-
quires data from public Internet data sources and puts the ac-
quired data into datasets for clients for analysing process.
M

Due to variations in the projects and clients’ requirements, the

company wanted that their platform should be able to configure
itself as per the needs of a particular customer and provide the
detailed description of a product listing. Moreover, the company
wanted to provide more options to its clients in the case of com-
N

petitive intelligence for retailers, explains Karthik Karunakaran,

the chief executive officer of Mobius Knowledge Service.
Earlier, the product developed by Mobius was executing on Mic-
rosoft SQL platform, where SQL queries were created to retrieve
intelligent information. But, at that point of time, the amount
of data was not too huge as the company was dealing with only
100-150 products. However, with the increase in the number of
customers, the amount of data also increased. The company soon
started dealing with thousands of clients. While collecting, ag-
gregating and providing data back to its clients, Mobius was pro-
cessing around 200–400 GB each day. Due to dealing with huge
amount of data, costs started increasing. “We acquire the data and
put it into a dataset for analysis purpose and then finally deliver in
the format the client wants,” says Karthik Karunakaran.
In order to fulfil both its business and technical needs, Mobius need-
ed to find a solution that could integrate with its current platform
easily. The company got to know about the advantages of high-per-
formance cloud computing and decided to take benefit of it.

NMIMS Global Access - School for Continuing Education

276  Cloud Computing

Case study 12
n o t e s

Mobius selected Microsoft Azure because it was suiting all its re-
quirements including cost benefits. In comparison to Microsoft
Azure, other services providers were not only costly but lacked
integration ability with their current platform.

By taking benefit of the Microsoft Azure platform, Mobius can

now retrieve new insights during data acquisition and its anal-
ysis. This highly scalable solution enables the company to work
with large amounts of data without any additional cost. The main
benefits of using Microsoft Azure are as follows:
‰‰ Quick Integration Accelerates Time-to-Market
‰‰ Reduces Costs by 28 Percent
‰‰ Increases Competitive Advantage

S
“Microsoft Azure made it easy to integrate with any platform. Earli-
er, it took two months to do this. Now, Microsoft Azure takes just one
week, giving us more time to enhance our core services,” according
IM
to Karthik Karunakaran.

“We no longer have to find U.S. $ 25,000 a month to pay to service

providers, which was outrageously expensive,” says Sankar. “Our
financial position has become much stronger. Overall, we have been
able to reduce our costs by 28 percent.”
M

“Today, we are able to scale to a large number of users and multi-

ple different scenarios. Hosting our application on Microsoft Azure
has helped us reduce the number of instances deployed as well as
our customer on boarding time. We are faster than any of our com-
petitors who offer similar services sans the application,” concludes
N

Raghu, Executive Vice President, Mobius Knowledge Service.

questions

1. What were the problems faced by Mobius before imple-

menting the Microsoft Azure platform?
(Hint: Problems in handling large amounts of data, cost
management, etc. )
2. What are the various procedures to manage and maintain
the complex data in an enterprise? Support your answer
with valid reasons which explain why it is effective and
efficient.
(Hint: Cloud computing architecture is required to man-
age and maintain the complex data in an enterprise.)

NMIMS Global Access - School for Continuing Education