Department of CSE & IT

UNIT III CLOUD ARCHITECTURE, SERVICES AND STORAGE

Layered Cloud Architecture Design – NIST Cloud Computing Reference Architecture – Public,
Private and Hybrid Clouds - laaS – PaaS – SaaS – Architectural Design Challenges – Cloud Storage –
Storage-as-a-Service – Advantages of Cloud Storage – Cloud Storage Providers – S3.

Layered Cloud Architecture Design:

As we know, cloud computing technology is used by both small and large organizations
to store the information in cloud and access it from anywhere at anytime using the internet
connection.

Cloud computing architecture is a combination of service-oriented architecture and event-

driven architecture.

Cloud computing architecture is divided into the following two parts -

o Front End
o Back End

The below diagram shows the architecture of cloud computing -

Prepared by Suresh C AP/IT

 Department of CSE & IT

Front End

The front end is used by the client. It contains client-side interfaces and applications that are
required to access the cloud computing platforms. The front end includes web servers
(including Chrome, Firefox, internet explorer, etc.), thin & fat clients, tablets, and mobile
devices.

Back End

The back end is used by the service provider. It manages all the resources that are required to
provide cloud computing services. It includes a huge amount of data storage, security
mechanism, virtual machines, deploying models, servers, traffic control mechanisms, etc.

Note: Both front end and back end are connected to others through a network, generally
using the internet connection.

Components of Cloud Computing Architecture

There are the following components of cloud computing architecture -

1. Client Infrastructure

Client Infrastructure is a Front end component. It provides GUI (Graphical User Interface)  to
interact with the cloud.

2. Application

The application may be any software or platform that a client wants to access.

3. Service

A Cloud Services manages that which type of service you access according to the client’s
requirement.

Cloud computing offers the following three type of services:

i. Software as a Service (SaaS) – It is also known as cloud application services. Mostly,
SaaS applications run directly through the web browser means we do not require to download
and install these applications. Some important example of SaaS is given below –

Example: Google Apps, Salesforce Dropbox, Slack, Hubspot, Cisco WebEx.

ii. Platform as a Service (PaaS) – It is also known as cloud platform services. It is quite
similar to SaaS, but the difference is that PaaS provides a platform for software creation, but
using SaaS, we can access software over the internet without the need of any platform.

Example: Windows Azure, Force.com, Magento Commerce Cloud, OpenShift.

Prepared by Suresh C AP/IT

 Department of CSE & IT

iii. Infrastructure as a Service (IaaS) – It is also known as cloud infrastructure services.
It is responsible for managing applications data, middleware, and runtime environments.

Example: Amazon Web Services (AWS) EC2, Google Compute Engine (GCE), Cisco
Metapod.

4. Runtime Cloud

Runtime Cloud provides the execution and runtime environment to the virtual machines.

5. Storage

Storage is one of the most important components of cloud computing. It provides a huge
amount of storage capacity in the cloud to store and manage data.

6. Infrastructure

It provides services on the host level, application level, and network level. Cloud

infrastructure includes hardware and software components such as servers, storage, network
devices, virtualization software, and other storage resources that are needed to support the
cloud computing model.

7. Management

Management is used to manage components such as application, service, runtime cloud,

storage, infrastructure, and other security issues in the backend and establish coordination
between them.

8. Security

Security is an in-built back end component of cloud computing. It implements a security

mechanism in the back end.

9. Internet

The Internet is medium through which front end and back end can interact and communicate
with each other.

NIST Cloud Computing Reference Architecture:

The Conceptual Reference Model

Figure 1 presents an overview of the NIST cloud computing reference architecture, which
identifies the major actors, their activities and functions in cloud computing. The diagram
depicts a generic high-level architecture and is intended to facilitate the understanding of the
requirements, uses, characteristics and standards of cloud computing.

Prepared by Suresh C AP/IT

 Department of CSE & IT

As shown in Figure 1, the NIST cloud computing reference architecture defines five major
actors: cloud consumer, cloud provider, cloud carrier, cloud auditor and cloud broker. Each
actor is an entity (a person or an organization) that participates in a transaction or process
and/or performs tasks in cloud computing. Table 1 briefly lists the actors defined in the NIST
cloud computing reference architecture.

Figure 2 illustrates the interactions among the actors. A cloud consumer may request cloud
services from a cloud provider directly or via a cloud broker. A cloud auditor conducts
independent audits and may contact the others to collect necessary information. The details
will be discussed in the following sections and presented in increasing level of details in
successive diagrams.

Prepared by Suresh C AP/IT

 Department of CSE & IT

Example Usage Scenario 1: A cloud consumer may request service from a cloud broker
instead of contacting a cloud provider directly. The cloud broker may create a new service by
combining multiple services or by enhancing an existing service. In this example, the actual
cloud providers are invisible to the cloud consumer and the cloud consumer interacts directly
with the cloud broker.

Example Usage Scenario 2: Cloud carriers provide the connectivity and transport of cloud
services from cloud providers to cloud consumers. As illustrated in Figure 4, a cloud provider
participates in and arranges for two unique service level agreements (SLAs), one with a cloud
carrier (e.g. SLA2) and one with a cloud consumer (e.g. SLA1).

Prepared by Suresh C AP/IT

 Department of CSE & IT

Example Usage Scenario 3: For a cloud service, a cloud auditor conducts independent
assessments of the operation and security of the cloud service implementation. The audit may
involve interactions with both the Cloud Consumer and the Cloud Provider.

Service Orchestration
Service Orchestration refers to the composition of system components to support the Cloud
Providers activities in arrangement, coordination and management of computing resources in
order to provide cloud services to Cloud Consumers.

In the model shown in Figure 15, the top is the service layer, this is where Cloud Providers
define interfaces for Cloud Consumers to access the computing services.

The middle layer in the model is the resource abstraction and control layer. This layer
contains the system components that Cloud Providers use to provide and manage access to
the physical computing resources through software abstraction. Examples of resource
abstraction components include software elements such as hypervisors, virtual machines,
virtual data storage, and other computing resource abstractions. The resource abstraction
needs to ensure efficient, secure, and reliable usage of the underlying physical resources.

Cloud Service Management

Cloud Service Management includes all of the service-related functions that are necessary for
the management and operation of those services required by or proposed to cloud consumers.
As illustrated in Figure 16, cloud service management can be described from the perspective
of business support, provisioning and configuration, and from the perspective of portability
and interoperability requirements.

Prepared by Suresh C AP/IT

 Department of CSE & IT

Public Cloud

A public cloud is one in which the cloud infrastructure and computing resources are made
available to the general public over a public network. A public cloud is owned by an
organization selling cloud services, and serves a diverse pool of clients. Figure 9 presents a
simple view of a public cloud and its customers.

Private Cloud

A private cloud gives a single Cloud Consumer‟s organization the exclusive access to and
usage of the infrastructure and computational resources. It may be managed either by the
Cloud Consumer organization or by a third party, and may be hosted on the organization‟s
premises (i.e. on-site private clouds) or outsourced to a hosting company (i.e. outsourced
private clouds). Figure 10 and Figure 11 present an on-site private cloud and an outsourced
private cloud, respectively.

Prepared by Suresh C AP/IT

 Department of CSE & IT

Prepared by Suresh C AP/IT

 Department of CSE & IT

Community Cloud:

A community cloud serves a group of Cloud Consumers which have shared concerns such as
mission objectives, security, privacy and compliance policy, rather than serving a single
organization as does a private cloud. Similar to private clouds, a community cloud may be
managed by the organizations or by a third party, and may be implemented on customer
premise (i.e. on-site community cloud) or outsourced to a hosting company (i.e. outsourced
community cloud). Figure 12 depicts an on-site community cloud comprised of a number of
participant organizations. A cloud consumer can access the local cloud resources, and also
the resources of other participating organizations through the connections between the
associated organizations. Figure 13 shows an outsourced community cloud, where the server
side is outsourced to a hosting company. In this case, an outsourced community cloud builds
its infrastructure off premise, and serves a set of organizations that request and consume
cloud services.

Prepared by Suresh C AP/IT

 Department of CSE & IT

Hybrid Cloud:

A hybrid cloud is a composition of two or more clouds (on-site private, on-site community,
off-site private, off-site community or public) that remain as distinct entities but are bound
together by standardized or proprietary technology that enables data and application
portability.

Prepared by Suresh C AP/IT

 Department of CSE & IT

Service Models:

Software as a Service (SaaS). The capability provided to the consumer is to use the
provider’s applications running on a cloud infrastructure2. The applications are accessible
from various client devices through either a thin client interface, such as a web browser (e.g.,
web-based email), or a program interface. The consumer does not manage or control the
underlying cloud infrastructure including network, servers, operating systems, storage, or
even individual application capabilities, with the possible exception of limited user-specific
application configuration settings.

Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the
cloud infrastructure consumer-created or acquired applications created using
programminglanguages, libraries, services, and tools supported by the provider.3 The
consumer does not manage or control the underlying cloud infrastructure including network,
servers, operating systems, or storage, but has control over the deployed applications and
possibly configuration settings for the application-hosting environment.

Infrastructure as a Service (IaaS). The capability provided to the consumer is to provision

processing, storage, networks, and other fundamental computing resources where the
consumer is able to deploy and run arbitrary software, which can include operating systems
and applications. The consumer does not manage or control the underlying cloud
infrastructure but has control over operating systems, storage, and deployed applications; and
possibly limited control of select networking components (e.g., host firewalls).

Prepared by Suresh C AP/IT

 Department of CSE & IT

Architectural Design Challenges in Cloud Computing:

Auto-scaling

High performance

Fail over

Data portability

Pay-as-you-go

Auto-scaling:

Autoscaling (sometimes spelled auto scaling or auto-scaling) is the process

of automatically increasing or decreasing the computational resources delivered to
a cloud workload based on need.

High performance

The capacity and capability of a technical service provider are as important as price. The
service provider must be available when you need them. The main concern should be the
service provider’s sustainability and reputation. Make sure you comprehend the techniques
via which a provider observes its services and defends dependability claims.

Prepared by Suresh C AP/IT

 Department of CSE & IT

Fail over:

Failover is switching to a redundant or standby computer server, system, hardware

component or network upon the failure or abnormal termination of the previously active
application, server, system, hardware component, or network.

Data portability:

Data portability is the ability to easily transfer data from one cloud service to another cloud
service or between a cloud service customer’s system and a cloud service, in a commonly
used electronic format. It is the ease of moving the data that is the essence here. This might
be achieved by the source service supplying the data in exactly the format that is accepted by
the target service. But even if the formats do not match, the transformation between them
may be simple and straightforward to achieve with commonly available tools.

Pay-as-you-go:

In cloud computing, the user has to pay only for the service or the space they have utilized.
There is no hidden or extra charge which is to be paid. The service is economical and most of
the time some space is allotted for free.

Cloud Storage:

Cloud storage is a cloud computing model that stores data on the Internet through a cloud
computing provider who manages and operates data storage as a service. It’s delivered on
demand with just-in-time capacity and costs, and eliminates buying and managing your own
data storage infrastructure. This gives you agility, global scale and durability, with “anytime,
anywhere” data access.

How Does Cloud Storage Work?

Cloud storage is purchased from a third party cloud vendor who owns and operates data
storage capacity and delivers it over the Internet in a pay-as-you-go model. These cloud
storage vendors manage capacity, security and durability to make data accessible to your
applications all around the world.
Applications access cloud storage through traditional storage protocols or directly via an API.
Many vendors offer complementary services designed to help collect, manage, secure and
analyze data at massive scale.

Prepared by Suresh C AP/IT

 Department of CSE & IT

Storage as a service (SaaS):

Storage as a service (SaaS) is a cloud business model in which a company leases or rents
its storage infrastructure to another company or individuals to store data.

Small companies and individuals often find this to be a convenient methodology for
managing backups, and providing cost savings in personnel, hardware and physical
space.

As an alternative to storing magnetic tapes offsite in a vault, IT administrators are

meeting their storage and backup needs by service level agreements (SLAs) with an SaaS
provider, usually on a cost-per-gigabyte-stored and cost-per-data-transferred basis. The
client transfers the data meant for storage to the service provider on a set schedule over
the SaaS provider’s wide area network or over the Internet.

The storage provider provides the client with the software required to access their stored
data. Clients use the software to perform standard tasks associated with storage,
including data transfers and data backups. Corrupted or lost company data can easily be
restored.

Storage as a service is prevalent among small to mid-sized businesses, as no initial

budget is required to set up hard drives, servers and IT staff. SaaS is also marketed as an

Prepared by Suresh C AP/IT

 Department of CSE & IT

excellent technique to mitigate risks in disaster recovery by providing long-term data

storage and enhancing business stability.

Storage as a service is fast becoming the method of choice to all small and medium scale
businesses. This is because storing files remotely rather than locally boasts an array of
advantages for professional users.

Advantage of Cloud Storage:

1. Cost– factually speaking, backing up data isn’t always cheap, especially when take the
cost of equipment into account. Additionally, there is the cost of the time it takes to
manually complete routine backups. Storage as a service reduces much of the cost
associated with traditional backup methods, providing ample storage space in the
cloud for a low monthly fee.
2. Invisibility – Storage as a service is invisible, as no physical presence of it is seen in
its deployment and so it doesn’t take up valuable office space.
3. Security – In this service type, data is encrypted both during transmission and while at
rest, ensuring no unauthorized user access to files.
4. Automation – Storage as a service makes the tedious process of backing up easy to
accomplish through automation. Users can simply select what and when they want to
backup, and the service does all the rest.
5. Accessibility – By going for storage as a service, users can access data from smart
phones, netbooks to desktops and so on.
6. Syncing – Syncing ensures your files are automatically updated across all of your
devices. This way, the latest version of a file a user saved on their desktop is available
on your smart phone.
7. Sharing – Online storage services allow the users to easily share data with just a few
clicks
8. Collaboration – Cloud storage services are also ideal for collaboration purposes. They
allow multiple people to edit and collaborate on a single file or document. Thus, with
this feature users need not worry about tracking the latest version or who has made
what changes.
9. Data Protection – By storing data on cloud storage services, data is well protected by
all kind of catastrophes such as floods, earthquakes and human errors.
10. Disaster Recovery – as said earlier, data stored in cloud is not only protected from
catastrophes by having the same copy at several places, but can also favor disaster
recovery to ensure business continuity.

Prepared by Suresh C AP/IT

 Department of CSE & IT

Cloud storage Providers:

A cloud storage provider, also known as a managed service provider (MSP), is a company
that offers organizations and individuals the ability to place and retain data in an off-
site storage system. Customers can lease cloud storage capacity per month or on demand.

Amazon S3 is data storage for Internet applications. It provides simple web services to store
and retrieve data from anywhere at any time via the web. S3 keeps fundamental entities,
“objects,” which are named pieces of data accompanied by some metadata to be stored in
containers called “buckets,” each identified by a unique key. Buckets serve several purposes:
They organize the Amazon S3 namespace at the highest level, identify the account
responsible for storage and data transfer charges, play a role in access control, and serve as
the unit of aggregation for usage reporting. Amazon S3 provides three types of resources: a
list of user buckets, a particular bucket, and a particular S3 object, accessible through
https://s3.amazonaws.com/{name-of-bucket}/{name-of-object}.\

These resources are retrieved, created, or manipulated by basic HTTP standard operations:
GET, HEAD, PUT, and DELETE. GET can be used to list buckets created by the user,
objects kept inside a bucket, or an object’s value and its related metadata. PUT can be used
for creating a bucket or setting an object’s value or metadata, DELETE for removing a
particular bucket or object, and HEAD for getting a specific object’s metadata. The Amazon
S3 API supports the ability to find buckets, objects, and their related metadata; create new
buckets; upload objects; and delete existing buckets and objects for the aforementioned
operations.

Amazon S3 REST operations are HTTP requests to create, fetch, and delete buckets
and objects. A typical REST operation consists of sending a single HTTP request to
Amazon S3, followed by waiting for an HTTP response. Like any HTTP request, a
request to Amazon S3 contains a request method, a URI, request headers which contain
basic information about the request, and sometimes a query string and request body. The
response contains a status code, response headers, and sometimes a response body.

Prepared by Suresh C AP/IT

 Department of CSE & IT

The request consists of a PUT command followed by the bucket name created on S3.
The Amazon S3 REST API uses the standard HTTP header to pass authentication
information. The authorization header consists of an AWS Access Key ID and AWS
SecretAccess Key, issued by the developers when they register to S3 Web Services,
followed by a signature. To authenticate, the AWSAccessKeyId element identifies the
secret key to compute the signature upon request from the developer. If the request
signature matches the signature included, the requester is authorized and subsequently,
the request is processed.

Prepared by Suresh C AP/IT