Unit 1 Definition: Cloud computing is the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as 2 utility over a network (Internet). Cloud Computing definition from National Institute of Standards and Technology(NIST), “Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) ‘that can be rapidly provisioned and released with minimal management effort or service provider interaction”. Cloud Component Client Computers, Distributed Servers and Data Centers are the three components of Cloud Computing, 1. Client Computers: ‘The following are different types of Clients in Cloud Computing. + Mobile Mobile devices include PDAs or smartphones, like a Blackberry, Windows Mobile Smartphone, or an iPhone. = Thin Clients are computers that do not have internal hard drives, but rather let the server do all the work, but then display the information. ‘* Thick This type of client is a regular computer, using a web browser like Firefox or Internet Explorer to connect to the cloud. ‘The advantages of Thin Clients are BV RAUU College - MCA1) Lower hardware costs 2) Lower IT costs 3) Security 4) Data security 5) Less power consumption, 2. Data Center: The datacenter is the collection of servers where the application to which you subscribe is housed, It could be a large room in the basement of your building or a room full of servers on the other side of the world that you access via the Internet. ‘A growing trend in the IT world is vitalizing servers. That is, software can be installed allowing multiple instances of virtual servers to be used. In this way, you can have half a dozen virtual servers running on one physical server. 3. Distributed Servers: But the servers don’t all have to be housed in the same location. Often, servers are in geographically disparate locations. But to you, the cloud subscriber, these servers act as if they're humming away right next to each other. This gives the service provider more flexibility in options and security. For instance, Amazon has their cloud solution in servers all over the world. If something were to happen at one site, causing a failure, the service would still be accessed through another site. Virtualization: Virtualization enables multiple operating systems and applications to run concurrently and in isolation on a single physical host machine, and multiple virtual machines to share in the resources of the physical host machine ensuring better utilization, optimization and resource efficiency. VMware defines a virtual machine as ” a representation of a real machine using software that provides an operating environment which can run or host a guest operating system”, In the context of hardware virtualization, the software abstraction that separates the operating system from the hardware is called the hypervisor (or virtual machine monitor). The hypervisor creates a virtual platform onto which operating system instances may be executed. This allows the hardware platform to be shared by multiple operating systems and application sets, making it more cost effective BV RAJU COLLEGE -MCAHost Machine is a “physical machine running the virtualization software”. The virtual machines utilize the physical resources (i.e. memory, hard disk space and CPU) and other resources (i.e. network access) implemented on the host machine, The host machine is therefore the physical machine (server), containing the physical resources (hardware), on which the virtual machine(s) reside. Guest Operating System is “an operating system running in a virtual machine environment that would otherwise run directly on a separate physical system”. The guest operating system therefore resides within the virtual environment utilising the host operating system resources. The host operating system is the operating system software installed on the physical host machine. The virtualization service runs on top of the standard operating system (host). The host operating system is the layer on top of the physical infrastructure layer. VMware Inc. defines VMM as “software that runs in a layer between a hypervisor or host operating system and one or more virtual machines that provides the virtual machine abstraction to the guest operating systems. With full virtualization, the virtual machine monitor exports a virtual machine abstraction identical to a physical machine, so that standard operating systems (e.g. Windows 2000, ‘Windows Server 2003, Linux, etc.) can run just as they would on physical hardware”. A virtual machine monitor is the software solution that implements virtualization to run in conjunction with the host operating system. The virtual machine monitor virtualizes certain hardware resources, such as the CPU, memory and physical disk, and creates emulated devices for virtual machines running on the host machine. Hypervisor runs directly on the hardware without any intervening help from the host operating system to provide access to hardware resources. The hypervisor is directly responsible for hosting and managing, VMware Inc. defines the hypervisor as a thin layer of software, running directly on the hardware but underneath the higher-level virtualization service, and provides virtual partitioning capabilities and is sometimes referred to as a ‘bare metal’ approach. BV RAJU COLLEGE -MCAThe above diagram depicts Structure of Native Hypervisor and Hosted Hypervisor, in native hypervisor VM are running on Type 1 Hypervisor and its intern run on Hardware Platform. In Hosted Hypervisor Host Operating System is in between Hypervisor and Hardware Platform. In broad way the following figure shows the structure of VM execution and its underlying support from Hypervisor or Host Operating System. HOSTMACHINE Virtwalmachine2 “Host OS Physicalinfrastracure a i Para Virtualization: VMware Inc. defines para-virtualization as “a virtualization approach that exports a modified hardware abstraction which requires operating systems to be explicitly modified and ported to run”. Para-virtualization uses hypercalls to communicate directly with the virtualization layer hypervisor and therefore requires the host and guest operating systems to be modified and recompiled. BV RAJU COLLEGE - MCAFull Virtualization: Full Virtualization is a combination of binary translation and direct execution. The guest operating system 1s not aware it is being virtualized and requires no modification, Full: virtualization is the only option that requires no hardware assist or operating system assist to virtualize sensitive and privileged instructions. Full irtualization makes use of binary translation and direct execution, and does not require any operating system modifications. The following table shows the comparison of Virtualization overhead and System Processing requirement between Full Virtualization and Para Virtualization. ‘Guest ‘Virtualization Mirtualtzation Type Instances _| Overhead Full Virtualization _S__ 40% (60% total) Paravirtualization 8 2 (46% totay Processor Power Used in Fal Virtualization and Paravirtualization Services : ‘The term services in cloud computing is the concept of being able to use reusable, fine grained components across a vendor's network. This is widely known as “as a service.” Offerings with as a service as a suffix include traits like the followin ‘+ Low barriers to entry, making them available to small businesses © Large scalability ‘* Multitenancy, which allows resources to be shared by many users * Device independence, which allows users to access the systems on different hardware NIST (National Institute of Standards and Technology) broadly divided cloud services into three categories or service models. = Infrastructure-as-a-Service (laa: Includes the entire infrastructure stack i.e. servers, software, datacentre space, virtualization platforms and network equipment. = Platform-as-a-Service (PaaS): Sits on top of laaS and adds an additional layer with application development capabilities, and programming languages and tools supporting the complete lifecycle of building and delivering applications and services over a cloud infrastructure. 5B VRAJU COLLEGE - MCA= Software-as-a-Service (SaaS): Builds upon aa and PaaS and provides a self-contained operating environment delivering presentation, application and management capabilites. Software as a Service: Software as a Service (SaaS) is the model in which an application is hosted as a service to customers who access it via the Internet. The provider does all the patching and upgrades as well as keeping the infrastructure running. Costs can be sort of a double-edged sword. On the one hand, costs for accessing the software can be an ongoing thing. Rather than pay for it once and be done with it, the more you use it, the more you'll be billed. On the other hand, in some cases you don’t have to pay as much up front and you are only billed based on your use of the applic tion. There are many types of software that lend themselves to the SaaS_ model. Typically, software that, performs a simple task without much need to interact with other systems makes them ideal candidates for Saas. There are many types of software that lend themselves to the SaaS model. Typically, software that performs a simple task without much need te interact with other systems makes them ideal candidates for SaaS. Customers who are not inclined to perform software development but have need of high-powered applications can also benefit from SaaS. Some of these applications include, > Customer resource management (CRM) Video conferencing IT service management ‘Accounting Web analytics vvvvy Web content management Benefits of SaaS: BV RAJU COLLEGE - McA,One of the biggest benefits of SaaS is, of course, costing less money than buying the application outright. The service provider can offer cheaper, more reliable applications than organizations can by themselves. Some other benefits include the following: ‘Familiarity with the World Wide Web Most workers have access to a computer and know how to use it on the World le Web. As such, the learning curve for using external applications can be much smaller. ‘Smaller staff IT systems require the overhead of salaries, benefits, insurance, and building space. The ability to farm out applications reduces the need for as much IT staff. * Customization Older applications were difficult to customize and required tinkering with ‘the code. SaaS applications are much easier to customize and can give an organization exactly What they want. * Better marketing A provider who had developed an application for a very narrow market might have had problems marketing that application. However, with SaaS, the entire world is open to the providers. + Web reliability We talked earlier about how the World Wide Web can be seen as a source of failure, And while that is sporadically true, the fact of the matter is that the Web is generally quite reliable. Platform as a Service (Paas): PaaS is another application delivery model. PaaS supplies all the resources required to build applications and services completely from the Internet, without having to download or install software. PaaS is also known as cloudware. Service provider ollering PaaS PaaS allows cients to acess a computing, platform over a cloud computing sation. BV RAIUCOLLEGE-MCAPaaS, services include application design, development, testing, deployment, and hosting. Other services inckide team collaboration, web service integration, database integration, security, scalability, storage, state management, and versioning. PaaS generally offers some support to help the creation of user interfaces, and is normally based on HTML or JavaScript. Because PaaS is expected to be used by many users simultaneously, itis designed with that sort of use in mind, and generally provides automatic. faclities for concurrency management, scalability, failover, and security. PaaS also supports web development interfaces such as Simple Object Access Protocol (SOAP) and Representational State Transfer (REST), which allow the construction of multiple web services, sometimes called mashups. PaaS Options PaaS is found in one of three different types of systems: © Add-on development facilities These allow existing SaaS applications to be customized. Often, Paas developers and users are required to purchase subscriptions to the add-on SaaS application. * Stand-alone environments These environments do not include licensing, technical, or financial dependencies on specific SaaS applications and are used for general developments. ‘* Application delivery-only environments These environments support hostinglevel services, like security and on-demand scalability. They do not include development, debugging, and test capabil BV RAJU COLLEGE - MCAInfrastructure as a Service (laaS) or Hardware as a Service (Haas): Hardware as a Service (Haas) is the next form of service available in cloud computing. Where SaaS and PaaS are providing applications to customers, HaaS doesn't. It simply offers the hardware so that your organization can put whatever they want onto it. HaaS allows you to “rent” such resources as * Server space + Network equipment «Memory CPU cycles «Storage space Additionally, the infrastructure can be dynamically scaled up or down, based on the application resource needs. Further, multiple tenants can be on the equipment at the same 1e. Resources are typically billed based on a utility computing basis, so providers charge by how many resources are consumed, HaaS involves several pieces: ‘ Service level agreements This is an agreement between the provider and client, guaranteeing a certain level of performance from the system. * Computer hardware These are the components whose resources will be rented out. Service providers often have this set up as a grid for easier scalability. ‘+ Network This includes hardware for firewalls, routers, load balancing, and so on. + Internet connectivity This alfows clients to access the hardware from their own organizations. + Platform virtualization environment This allows the clients to run the virtual machines they want. * Utility computing billing Typically set up to bill customers based on how many system resources they use. 8 V RAJU COLLEGE -MCAService level agreement: This is an agreement between the provider and client, guaranteeing a certain Jevel of performance from the system, ‘Cloud Computing Applications: ‘The most common cloud computing application are Storage and Database. Storage Somewhat similar to HaaS, one of the uses for cloud computing is simply storage, The benefits are in line with the general benefits of cloud computing. Database Distributed databases, like Amazon's Simple DB, spread information among physically dispersed hardware, But to the client, the information seems ta be focated in one place. The advantages of such a database include the following: * Improved availabilty If there is a fault in one database system, it will only affect one fragment of the information, not the entire database. * Improved performance Data is located near the site with the greatest demand and the database systems are parallelized, which allows the load to be balanced among the servers. * Price It is less expensive to create a network of smaller computers with the power of one large one. + Flexibility Systems can be changed and modified without harm to the entire database. Database Services Another “as a service” offering that is becoming prevalent in the world of cloud computing, 1s Database as a Service (DaaS}. The idea behind DaaS is to avoid the complexity and cost of running your own database. Daas offers these benefits: ‘Ease of use: There are no servers to provision and no redundant systems to worry about. User don’t have to worry about buying, installing, and maintaining hardware for the database. + Power: The database isn’t housed locally, but that doesn’t mean that it is not functional and effective. Depending on vendor, user can get custom data validation to ensure accurate information. BV RAJU COLLEGE - MGA,‘+ Integration: The database can be integrated with end user and other services to provide more value and power. For instance, you can tie it in with calendars, email, and people to make your work more powerful. ‘+ Management: Because large databases benefit from constant pruning and optimization, some Daas offerings, this typically there are expensive resources dedicated to this task. management can be provided as part of the service for much less expense. Intranets and the Cloud: Some organizations use cloud computing to deliver their corporate intranet. Intranets are customarily used within an organization and are not accessible publicly. That is, a web server is maintained in-house and company information is maintained on it that others within the organization can access. However, now intranets are being maintained on the cloud. To access the company’s private, in-house information, users have to log on to the intranet by going to a secure public web site. There are two main components in client/server computing: servers and thin or light clients, The servers house the applications your organization needs to run, and the thin clients (which do not have hard drives} display the results. The following diagram shows client/server computing deployment o / g Thin clients use an application program to communicate with an application server, Most of the processing is done down on the server, and sent back to the client. Some thin clients require an application program or a web browser to communicate with the server. However, others require no add-on applications at al BV RAJU COLLEGE - MCA,First Movers in the Cloud ‘There are scores of vendors who offer cloud services. Amazon ‘Amazon was one of the first companies to offer cloud services to the public, and they are very sophisticated, Amazon offers a number of cloud services, including * Elastic Compute Cloud (EC2) Offers virtual machines and extra CPU cycles for your organization. « Simple Storage Service (53) Allows you to store items up to SGB in size in Amazon’s virtuat storage service. * Simple Queue Service (SOS) Allows your machines to talk to each other using this message- passing API. « SimpleDB A web service for running queries on structured data in real time. This service works in close conjunction with Amazon Simple Storage Service (Amazon $3) and Amazon Elastic Compute Cloud (Amazon £C2), collectively providing the ability to store, process, and query data sets in the cloud. Google In stark contrast to Amazon’s offerings is Google's App Engine. Google offers online documents and spreadsheets, and encourages developers to build features for those and other online software, using its Google App Engine. Google reduced the web applications to a core set of, features, and built a good framework for delivering them. Google also offers handy debugging features. Microsoft Microsoft's cloud computing solution is called Windows Azure, an operating system that allows organizations to run Windows applications and store files and data using rosoft’s datacenters. It's also offering its Azure Services Platform, which are services that allow developers to establish user identities, manage workflows, synchronize data, and perform other functions as they build software programs on Microsoft's online computing platform. Key components of Azure Services Platform include BV RAJU COLLEGE-MCA* Windows Azure Provides service hosting and management and low-level scalable storage, computation, and networking * Microsoft SQL Services Provides database services and reporting, * Microsoft .NET Services Provides service-based implementations of NET Framework concepts such as workflow. * Live Services Used to share, store, and synchronize documents, photos, and files across PCs, phones, PC applications, and web sites. * Microsoft SharePoint Services and Microsoft Dynamics CRM Services Used for business content, collaboration, and solution development in the cloud. BV RAJU COLLEGE -MCAWhen You Can Use Cloud Computing The following factors are considered to take decision to use cloud computing oF nat. © Cosvbenetit ratio © Speed of delivery ‘© How much capacity will use ‘© Whether data is regulated ‘© Organization's corporate and IT structure ‘The following are three solutions are used generally based on the user requirements Compute Clouds Compute clouds allow access to highly scalable, inexpensive, on-demand computing resources that run the code that they're given. ‘Three examples of compute clouds are + Amazon's EC2 “Google App Engine + Berkeley Open Infrastructure for Network Computing (BOINC) Compute ud allow you to cces applications ‘aintaned ona provider’ equlpment. ‘These applications are good for any size organization, but large organizations might be ata disadvantage because these applications don't offerte standard management, monitoring. and governance capabilities that these organizations are used to. Enterprises aren't shut out, however ‘Amazon offers enterprise-class support and there are emerging sets of cloud offerings like Terremark’s Enterprise Cloud, which are meant for enterprise use. Cloud Storag One of the frst cloud offerings was cloud storage and it remains a popular solution, Cloud storage isa big world. There are already in excess of 100 vendors offering cloud storage, This isan ideal solution if you want to maintain files off-site, Sceurity and sax are the ‘op issues in this field and vary greatly, depending on the vendor you choose. Currently, Amazon's 83 is the top vendor. BVRAJU COLLEGE - MCACloud Applications Cloud applications differ ftom compute clouds in that they utilize software applications that rely on cloud infrastructure, Cloud applications are versions of Software as a Service (SaaS) and include such things as web applications that are delivered to users via a browser of application like Microsoft Online Services. These applications offload hosting and IT management to the cloud. ‘Some cloud applications include + Peer-to-peer computing (like BitTorrent and Skype) + Web applications (like MySpace or YouTube) SaaS (like Google Apps) + Software plus services (like Microsoft Online Services) omtgacamic rian Benefit ‘The following are the benefits of using cloud computing. If we are anticipating a huge upswing in computing need, cloud computing can help us to manage. Rather than having to buy, insta, and configure new equipment, we can buy additional CPU cycles or storage from a third party. Since our costs are based on Siar clit elation ay omrmch Sasi oven i Burl — LL, 3 oP ‘convnahe slab much spl than ty BVRAIJUCOLLEGE- MCASimplicity: Using cloud computing we no need to buy and configure new equipment allows us and our IT staff to get right to our business. The cloud solution makes it possible to get our application started immediately. and it costs a fraction of what it would cost to implement sn onsite solution. Knowledgeable Vendors: ‘The first comers to the cloud computing party are actually very reputable companies. Companies like Amazon, Google, IBM, and Yahoo! have been good vendors because they have offered reliable serviee, plenty of capacity Security: ‘There are plenty of security risks when using a cloud vendor, but reputable companies strive to keep us safe and secure. Vendors have strict privacy policies and employ stringent security messures, like proven cryptographic methods to authenticate users. Further, we ‘ar.always encrypt our data before storing it on a provider's cloud. In some cases, between our encryption and the vendor's security measures, our data may be more secure than ifit were stored i house. Itis often said that this generation of web services go its start from LAMP. LAMP isa stack of simple, powerful web technologies that power alot of papular, smaller web sites. LAMP stands for the following popular items: + Linux An open-source operating system + Apache An open-source web server «MySQL An open-source Structured Query Language (SQL) relational database for web servers + Perl A programming language LAMP is widely used because itis very simple. Because ofits ease of use, you can get an application up and running very quickly. Limitations Some cases are thee where cloud computing does not sui for our organization. Sensitive Information Consider an example that fnaneal planners using Google Spreadsheets o maintain a list of employee socal security numbers. Now the financial planning company isn’t the only one who should protect the data fom hackers and internal data breaches. Ina techincal sense, i also becomes Google’s problem. However, Google may absolve itself of responsibility in its agreement with you. So, it’s no less complicated a task to sort out how sensitive information is genuinely secured. ‘The best way ist encrypt your data before you send it toa third party. Programs like PGP (vrww.pgp.com) or open-source TrueCrypt (oww-trucerypt.org) can encrypt the file so that only those with a password can aocess it. Encrypting your data before sending it out protects it, If someone does get your data they need the proper eredentials or all they get is gibberish User-encrypted data Service provider Encrypting your data before itis sent tothe service provider ensures that if the provider's security measures are breached, your data is still secure. Applications Not Ready Jn some cases the applications themselves are not ready o be used on the cloud They may have lite quik that prevent them fom being used to thei fullest abilities or they may ot work whatsoever. Firs, the application might require alot of bandwidth 0 BV RAJU COLLEGE - MCAcommunicate with users, Remember, since cloud computing is paid based on how much you us, it might turn out to be less expensive inthe long tun to simply house the application locally until it ean be rewritten or otherwise modified to operate more efficiently. Security Concems, Regulatory Issues ‘As with so many other technical choices, security isa two-sided coin inthe world of cloud computing. Privacy Concerms with a Third Party ‘The frst and most obvious concem is for privacy considerations. That is, if another party is housing all our data, how do we know that it's safe and secure? we really don't, Asa starting point, assume that anything we put on the cloud ean be accessed by anyone. There are also concems because law enforcement has been better able to get at data maintained on a cloud, more so than they are from an ‘organization's servers. (Cloud providers should take care ofthe following persons for security concerns. 1. Hackers 2. Bot Attackers Service provider te overwhelmed by the attack. Hackers set up ayntems to nend out distributed denial of service attacks, ‘Bringing the service provider to its kes. Cloud Providers are taking more care of security concerns toward the data and its security for end users. The security Benefits are 1. Centralized Data ‘There are some good security traits that come with centralizing your data. 2. Reduced Data Loss: “More than 12,000 laptops are Jost in American airports every year. I's bad enough to lose your data, but it's especially bad for companies wip lose proprietary data or other mission-crtial information. Also, how many laptops employ really strong security measures, like whole-disk data encryption? Ise laptop can be effectively compromised, the information wil bein the hands ofthe BV RAJU COLLEGE - MCAthief. By maintaining data on the cloud, employing strong access control, and limiting employee downloading to only what they need to perform a task, cloud computing can limit the amount of information that could poten ly be los. 3.Monitoring If your data is maintained on a cloud, itis e servers and clients 4. Logging In the cloud, logging is improved. Logging is usually thought of late in the game, and issues develop with storage space. For instance, C2 audit tail can be employed. This is generally rarely used because of the performance hit your network would take. However, in the eloud, you can reach that evel of granularity ie to monitor security than have to worry about the security of numerous Regulatory Issues In the case of cloud computing, however, regulation might be exactly what we need, Without some rules in place, it's too easy for service providers to be unsecure or even shifty enough to make off with our data, Currently there is no existing regulation, but there should be. In September 2008, the United States government took control of Washington Mutual. It was viewed as the greatest bank fallure in American history to date. It reminds us that rho matter how huge @ company is, it can stil come tumbling down. Look at a company like Google, for instance. It's a big cone and recently valued at $107 billion. That size and value would seem to make them bulletproof. But WaMu was worth $307 billion when it failed. There are also questions about whether government agencies will store their data on the cloud. Procurement regulations will have to change for government agencies to be keen on jumping on the cloud. The General Services ‘Administration is making a push toward cloud computing, in an effert to reduce the amount of energy their computers ‘consume. Hewlett-Packard and Intel produced a study that shows the federal government spends $480 million per year on electricity to run its computers. Cloud Computing with the Titans Google is one of the big cloud vendor. 1. GoogleAppengine Google App Engine enables developers to build their web apps on the same infrastructure that powers Google's own applications. Features Leveraging Google App Engine, developers can accomplish the following tasks: + Write code once and deploy Provisioning and configuring multiple machines for web serving and data storage can be expensive and time-consuming. Google App Engine makes it easier to deploy web applications by dynamically providing computing resources as they are needed, Developers write the code, and Google App Engine takes care ofthe rest. + Absorb spikes in traffic When a web app surges in popularity, the sudden increase in traffic can be overwhelming for applications of all sizes, from startups to large companies that find themselves re-architecting their databases and entire systems several times a year. With automatic replication and load balancing, Google App Engine makes it easier to scale from one user to one milion by taking advantage of Bigtable and other components of Google's scalable + Easily integrate with other Google services It's unnecessary and inefficient for developers to write components like authentication and email from scratch for each new application. Developers using Google App Engine can make use of rastructure, BV RAJU COLLEGE MCAbuilt-in components and Google's broader library of APIs that provide plug-anc-play functionality for simple but important features. Cost Google enticed developers by offering the App Engine for free, when it launched, but after a few months slapped on some fees. As of this writing, developers using Google App Engine can expect to pay: 2.EMC EMC Corporation is the world leader in products, services, and solutions for Information storage and management that help organizations extract value from their information. They have their fingers in all sorts of diferent cloud computing and virtualization pies. Technologies But EMC's reach goes far beyond virtualized datacenter management. Their other fields of expertise include + Archiving Creating accessible online archives that offer a reduced operational cost by shrinking backup windows and making restores faster. * Backup and recovery Different tools combine EMC's recovery management offerings, backup technologies, and ‘management strategies to ensure that you have a solid backup and recovery practice, * Enterprise content management Content enabled solutions help mitigate risk without imposing averly complex technologies on your organization. + Intelligent information management Using various technologies allows organizations to discover, store, and act on information in intelligent ways. + IT management IT management is simplified and its cost reduced through automation, virtualization, and process efficiencies + Replication Data protection and remote replication technologies provide disaster recovery options. + Security Organizations can deploy products with capabilities for access control, data protection, and auditing 3.NetApp NetApp is an organization that creates storage and data management solutions for their customers. Their goal is to deliver cost efficiency and accelerate business breakthroughs. In 1992 they introduced the world’s first networked storage device. The company continues to introduce new technotogies that reduce the costs of IT. NetApp claims they can cut your IT costs in half, use up to 80 percent less storage, hold off on datacenter expansion, and speed up your time to market, Offerings NetApp was one of the first companies in the cloud, offering datacenter consolidation and storage services, as well as Virtualization. Their products include a platform OS, storage services, storage security, software management, and protection software. Their solutions run the gamut from Microsoft SQL Server and SharePoint Services to seismic processing and reservoir development to desktop and server virtualization. Microsoft Microsoft offers a number of cloud services for organizations of any size—from enterprises all the way down to mom- and-pop shops or individuals. A good portion of Microsoft's cloud offerings are cloud variants of products that people already use, so cloud versions aren't that difficult to use. ‘Azure Services Platform: The cornerstone of Microsoft's offerings is the Azure Services Platform. The Azure Services Platform is a cloud computing and services platform hosted in Microsoft datacenters, The Azure Services Platforin supplies a broad range of functionality to build applications to serve individuals or large enterprises, and everyone in between. The platform offers a cloud operating system and developer tools. Applications can be developed with BV RAJU COLLEGE - MCAindustry standard protocols like REST and SOAP. Azure services can be used individually or in conjunction with one another to build new applications or to enhance existing ones. Let's take a closer look at the Azure Services Platform components. WindowsAzure Windows Azure is a cloud-based operating system that enables the development, hosting, and service management environment for the Azure Services Platforrn, Windows Azure gives developers an on-demand compute and storage environment that they can use to host, scale, and manage web applications through Microsoft datacenters. To build applications and services, developers can use the Visual Studio skills they already have. Further, Azure supports existing standards like SOAP, REST, and XML. ‘Windows Azure can be used to ‘+ Add web service capabilities to existing applications * Build and modify applications and then move them onto the Web + Make, test, debug, and distribute web services efficiently and inexpensively + Reduce the costs of IT management SQL Services Microsoft SOL. Services extends SQL Server capabilities to the cloud as web-based services. This allows the storage of structured, semi-structured, and unstructured data, SQL Services delivers a set of integrated services that allow relational queries, search, reporting, analytics, integration, and synchronization of data. This can be done by mobile users, remote offices, or businesspartners, .NET Services Microsoft .NET Services are a set of Microsoft-hosted, developer-oriented services that provide the components required by many cloud-based and cloud-aware applications. .NET Services are similar to the NET Framework, providing high-level class libraries that make development much more robust. .NET Services can help developers focus more on their end product than on building and deploying thelr own cloud-based infrastructure, .NET Services are also available to other development technologies through the use of industry-standard protocols ike REST, SOAP, and HTTP. Windows-Live ‘Windows Live is an integrated set of online services that makes it easier and more fun for consumers to communicate and share with others. The new generation of Windows Live includes updated experiences for photo sharing, emall, and instant messaging, as well as integration with multiple third-party sites. 4,Amazon ‘Amazon may be the most widely known cloud vendor. They offer services on many different fronts, from storage to platform to databases. Amazon seems to have their finger in a number of cloud technologies. ‘Amazon Elastic Compute Cloud (Amazon EC2) ‘Amazon Elastic Compute Cloud (Amazon EC2) is a web service that offers resizable compute capacity in the cloud and is designed to make web scaling easier for developers. Amazon EC2 provides a simple web interface that allows you to obtain and configure capacity with little difficulty. It allows you control of your computing resources. Amazon EC2 cuts the time it takes to obtain and boot new server instances to a few minutes, allowing you to change scale as your needs change. For instance, Amazon EC2 can run Microsoft Windows Server 2003 and is a way to deploy applications using the Microsoft Web Platform, including ASP.NET, ASP.NET AJAX, Silverlight, and Internet Information Server (HS) BV RAJU COLLEGE - MCAFor database services, Amazon offers its Amazon SimpleDB, It provides core database functions of data indexing and querying. This service works closely with Amazon Simple Starage Service (Amazon $3) and Amazon EC2. This provides the ability to store, process, and query data sets in the cloud, ‘Amazon Simple Storage Service (Amazon $3) ‘Amazon Simple Storage Service (Amazon $3) is Amazon's storage solution for the Internet. tis designed to make web- stale computing easier for developers. Amazon $3 utilizes a simple web services interface that can be used to store and retrieve any amount of data from anywhere on the Web. It gives developers access to the same data storage infrastructure that Amazon uses to run its own retall empire. ‘AmazonCloudFront ‘Amazon CloudFront is @ web service for content delivery. It works in conjunction with other Amazon Web Services to give developers and businesses an easy way to distribute content to clients. Amazon promises low latency, high data transfer speeds, and no commitments, ‘Amazon Simple Queue Service (Amazon SQS) ‘Amazon Simple Queue Service (Amazon SOS} offers a scalable, hosted queue for storing messages as they travel between computers. Developers can move data between distributed components oftheir applications that perform different tasks, without losing messages or requiring each component to be always available. Amazon SOS atfows an automated worifiow to be created and works closely with Amazon EC2 and other Amazon Web Services 5. Salesforce.com Salesforce.com made its name with the success of its flagship Salesforce.com automation application. Today, the company has three primary areas of focus: «The Sales Cloud The popular cloud computing sales application «The Service Cloud The platform for customer service that lets companies tap into the power of customer conversations no matter where they take place + Your Cloud Powerful capabilities to develop custom applications on its cloud computing platform, Force.com ‘The company has made its platform available to other companies asa place to build and deploy their software services. Force.com offers + Arelational database + User interface options + Business logic + Apex, an integrated development environment + Workflow and approvals engine + Programmable interface + Automatic mobile device deployment + Web services integration + Reporting and analytics Using Apex, programmets can test their applications in Force.com’s Sandboxes and then offer the finalized code on Salesforce.com’s site. Developers initially used Force.com to create add-ons to the Salesforce CRM, but now it is possible to develop applications that are unrelated to Salesforce.com’s offerings. Salesforce.com is into other cloud services, as well. In April 2007 it moved into enterprise content management with Salesforce.com Content. This makes it possible to store, classify, and share information in a manner similar to Microsoft SharePoint. BVRAJU COLLEGE - MCAForce.com Force.com is Salesforce.com’s on-demand cloud computing platform —billed by Salesforce.com as the world’s first PaaS, Force.com features Visualforce, a technology that makes it much simpler for end customers, developers, and independent software vendors (ISVs) to design almost any type of cloud application for a wide range of uses. The Force.com platform offers global infrastructure and services for database, logic, workflow, integration, user interface, and application exchange. Paas Force.com delivers PaaS, a way to create and deploy business apps that allows companies and developers to focus on what their applications do, rather than the software and infrastructure to run them, Visualforce As part ofthe Force.com platform, Visualforce provides the ability to design application user interfaces for practically any experience on any screen, Visualforce uses HTML, AJAX, and Flex, for business applications. Visualforce provides a age-based model, bul on standard HTML and web presentation technologies, and is complemented with both a ‘component library for implementing common user interface elements, and a controller model for creating new interactions between those elements. Visualforce features and capabilities include + Pages Enables the design definition of an application's user interface. + Components Provides the ability to create new applications that automatically match the look and feel of Salesforce.com applications or easly customize and extend the Salesforce.com user interface to specific requirements. + Logie Controllers The controller enables customers to build any user interface behavior. Salesforce.com CRM. Salesforce.com is a leader in cloud coftputing customer relationship management (CRM) applications. Its CRM offering consists ofthe Sales Cloud and the Service Cloud and can be broken down into five core applications: + Sales Easily the most popular cloud computing sales application, Salesforce.com says that CRM Sales is used by more than 1.1 million customers around the world, Its claim to fare is that itis comprehensive and easy to customize. Its value proposition is that it empowers companies to manage people and processes more effectively, so reps can spend more time selling and less time on administrative tasks. «+ Marketing With Salesforce.com CRM Marketing, marketers can put the latest web technologies to work building pipeline while collaborating seamlessly with their sales organization. The application empowers customers to manage multichannel campaigns and provide up-to-date messaging to sales. And since the application is integrated with the Salesforce.com CRM Sales application, the handoff of leads is automated, + Service The Service Cloud is the new platform for customer service. Companies can tap into the power of customer conversations no matter where they take place, Because its on the Web, the Service Cloud allows companies to instantly connect to collaborate in real time, share sales information, and follow joint processes. Connecting with partners is made to be as easy as connecting with people on Linkedin: companies instantly share leads, opportunities, accounts, contacts, and tasks with their partners. + Collaboration Salesforce.com CRM can help an organization work more efficiently with customers, partners, and employees by allowing them to collaborate among themselves in the cloud. Some of the capabilities include * Create and share content in real time using Google Apps and Salesforce.com + Track and deliver presentations using Content Library * Give your community a voice using Ideas and Facebook ‘Tap into the collective wisdom of the sales team with Genius BV RAJUCOLLEGE- MCA+ Analytics Force.com offers real-time reporting, calculations, and dashboards so a business is better able to optimize performance, decision making, and resource allocation, * Custom Applications Custom applications can be quickly created by leveraging one data model, one sharing model, and one user interface. 618M IBM offers cloud computing services to help businesses of all sizes take advantage of this increasingly attractive computing model. 18M is applying is industry-specfic consulting expertise and established technology record to offer secure services to companies in public, private, and hybrid cloud models Some of their features include * Industry-specific business consulting services for cloud computing IBM Global Business Services uses an economic ‘model for assessing the total cost of ownership for building private clouds, and/or moving data and applications offsite ina public or hybrid cloud model. + Technology consulting, design, and implementation services IBM Global Technology Services offers services to help ents install, configure, and deliver cloud computing inside the datacenter. * Cloud security Spanning IBM Systems, Software, Services and IBM's Research and X-Force arms, this effort is aimed at re-architecting and redesigning technologies and processes, to infuse security and shield against threats and vulnerabilities in the cloud. BV RAJU COLLEGE - MCAHardware and Infrastructure Glients: The clients are the end users who interact with the cloud providers to get their services There are different types of clients that can link to the cloud, and each one offers a different way for the user to interact with users data and applications. Depending on the organization and its needs, lend users are using any combination of these devices. 4, Mobiles: Mobile clients run the gamut from laptops to PDAs and smartphones, like an iPhone or BlackBerry. Mobile clients, of course, have security and speed concerns. 2. Thin Clients ‘Thin clients are dient computers that have no hard drives, no DVD-ROM drives, and simply display what's on the server.. There's also a high level of security, because no data is stored on the thin client. ll the data resides in our datacenter or on the cloud, so the risk of a physical breach is small. 3. Thick Clients: Thick clients are the clients already use and are likely to use to connect to applications in the cloud, ‘and likely already have applications installed on end users’ machines. These machines can certainly still connect to a virtualized server, and if we don't want to spend any mare money for clents, just Use the machines that we already have. Thick clients are good choices if users need to maintain files, fn their own machines or run programs that don't exist on the cloud, Security-wise, thick clients are more vulnerable to attack than _— thins. Since data. is stored ‘on the machine's hard dive, f the machine is stolen then the data could be compromised. There's also an issue of reliability Securit Security is very important in Cloud computing because third party is storing the data on Cloud, Data Leakage ‘The biggest benefit is the centralization of data, Organizations have an issue with asset protection, in ro small part because of data being stored in numerous places, lke laptops and the desktop. Thick clients are apt to download files and maintain them on the hard drive, and there are plenty of laptops out there with non encrypted files. Using thin clients creates a better chance for centralized data storage. As such, there's less chance for data leakage. BV RAJU COLLEGE - MCA=—9 Server ‘Data store on local server with clients that stove ats ‘has more opportunity for data leakage than Chants ‘hat maintain no permanent storage Logging Logging is also improved. It's something that, in-house, usually gets the short end of the sick. But in the virtualized world of cloud computing, logelne. roviders can add as much memory as they need to extend Forensies If there is a breach, the cloud provider can respond to the incident with less downtime than if we had to investigate the breach locally. It is easy to bul nothing until it eomes into use. If there is @ problem, the virtual machine can be cloned for easy a forensic server online, and it costs almost offline analysis. Auditing ‘As an IT professional, we already know the headache of securing our own local network. But when ‘we send our data to the cloud, a whole new set of issues arise. Ths is largely because our data is. being stored on someone else’s equipment, VPNs With applications being moved to the coud, it makes it possible for each and every worker to be a telecommuter. Key Management: With cloud sisraye, be sue to protect it exyplographcally as well, This includes encrypting the data we store and ensuring thet data is set up to be destoyed when the storage Key is destroyed. BV RAJU COLLEGE -MCA‘The above diagram shows the key management in cloud computing. With cloud storage, be sure to protect it cryptographically as well. This includes encrypting the data we store and ensuring that, data is st up to be destroyed when the storage key is destroyed. Keys on the server include Transport keys + Authentication keys + Authorization tokens + File encryption keys + Hardware storage keys + Revocation keys « Certificates Network: Basic Public Internet: The first option is the pipe most of us have coming into our office or homes ‘The public Internet is the most basic choice for cloud connectivity. This isthe type of access that we buy from an internet service provider (ISP) and connect with via broadband or dial-up, based on our location. This model has the following advantages: + There's a large audience. Anyone with Internet access can use ths solution. It’s highly fault tolerant. ‘+ Many provider options are available. + Secure Sockets Layer (SSL}-based, Hypertext Transport Protocol Over Secure Sockets Layer (HTTPS), encrypted access provides confidentiality It’s cost-effective. BV RAJU COLLEGE-MCAOptimized internet Overlay ‘An optimized Internet overlay approach allows customers to access the cloud via the public Internet, but enhancement occurs on the provider's cloud, Enhancements at these points of presence (POP) Include * Optimized real-time routing. This helps avoid slowdowns, helping to make StAS easier to attain. + An SSL session can be stopped so that protocols and payioad can be optimized and re-encrypted. * Some of the application logic can reside on the POP. This allows for better scalability, fault tolerance, and response time, usually in excess of 80 percent. + Content that is frequently accessed ‘can be detivered from local caches. ‘Connection Method | Description [examples of eo Basie public intemet | Anyone con use it ‘Consumer applications | Faut tolerant Advertsing supported services || Mutiple providers ‘Agplications where “best Costettectve | effort” serves is sufficient Performance Issues for globally | ‘Best for cost-sensitve Service where improved response times | on provider and ISP configuration | and bandwidth are necessary Low cost Consistent performance ‘Business-ritical appl one Ability to have strong SLAs that require SLAS delivering Expensive | promised response times and Limited provider options | bandwiath ae Provider risk ee Sitoto-ite VPN ‘Ability to have strong SLAS Businesses applications, | Site-speciic delivery | incluaing servertoserver vate | Consistent performance | Lowest latency | Limited reach SERVICES. ‘They are different types of services provided by cloud vendors, Identity: No matter where an application runs(in-house or on the clouel, it needs to know about its users. To ‘accomplish this, the application asks for a digital identity—a set of bytes—te describe the user. Based on this information, the application can determine who the user is and what he or she is allowed to do. In-house applications rely on services lke Active Directory to provide this information. Clouds, however, have to use their own identity services. For instance, if we sign on to Amazon cloud services, we have to sign or using an Amazon-defined identity. Google's App Engine requires @ Google account, and Windows uses Windows Live ID for use with Microsoft's cloud applications. BV RAJU COLLEGE-MCAOpentO authentication is used by many organizations, including: + Google 10M ‘Microsoft + Yahoo Integration Applications talking among themselves have become highly common. Vendors come up with all sorts of on-premises infrastructure services to accomplish it. These range from technologies like message ‘queves to complex integration servers. Integration Is also on the cloud and technologies are being ‘developed for that use, as well. For example, Amazon's Simple Queue Service (SOS) provides a way {or applications to exchange messages Via queues In the cloud. Mapping ‘Maps are becoming more and more popular in web applications. For instance, hotel and restaurant web sites show thelr locations on their web sites and allow visitors to enter their addresses to get customized directions. Payments Another cloud service that yau might want to plan for and configure your hardware appropriately for is payments. Depending on your organization, you may or may not want to accept online payments from customers. Luckily, there is no lack of ways to get paid ontine. Search The ability to embed search options in a web site Is certainly nothing new, but itis a rich feature that you might want to employ in your own web or application development. Microsofts Live Search allows on-site and cloud applications to submit searches and then get the results back BV RAJU COLLEGE -MCACloud Storage: Cloud storage is nothing but storing our data with a cloud service provider rather than on a local system, as with other cloud services, we can access the data stored on the cloud via an Internet link, Cloud storage has a number of advantages over traditional data storage. If we store our data on a cloud, we can get at it from any location that has Internet access. At the most rudimentary level, a cloud storage system just needs one data server connected to the Internet. A subscriber copies files to the server over the Internet, which then records the data. When a client wants to retrieve the data, he or she accesses the data server with a web- based interface, and the server then either sends the files back to the client or allows the client to access and manipulate the data itself. A oud service provider ci simply ade more commodity Tard dewes to merase the organization’s capac. Cloud storage systems utilize dozens or hundreds of data servers. Because servers require maintenance or repair, it is necessary to store the saved data on multiple machines, providing redundancy. Without that redundancy, cloud storage systems couldn't assure clients that they could access their information at any given time. Most systems store the same data on servers Using different power supplies. That way, clients can still access their data even if a power supply fails, Storage as a Service The term Storage as a Service (another Software as a Service, or SaaS, acronym) means that a third-party provider rents space on their storage to end users who lack the budget or capital budget to pay for it on their own. It is also ideal when technical personnel are not available or have inadequate knowledge to implement and maintain that storage infrastructure. Storage service providers are nothing new, but given the complexity of current backup, replication, and disaster recovery needs, the service has become popular, especially among BV RAJU COLLEGE - MCA‘small and medium-sized businesses. Storage is rented from the provider using a cost-per- elgabyte-stored or cost-per-data-transferred model. The end user doesn’t have to pay for infrastructure; they simply pay for how much they transfer and save on the provider's servers. io ( \ Clients rent storage capacity from cloud storage Vendors. A customer uses client software to specify the backup set and then transfers data across a WAN. When data loss occurs, the customer can retrieve the lost data from the service provider. Providers They are hundreds of cloud storage providers on the Web, and more seem to be added each day. Not only are there general-purpose storage providers, but there are some that are very specialized in what they store. * Google Docs allows users to upload documents, spreadsheets and presentations to Google’s data servers. Those files can then be edited using a Google application. + Web email providers like Gmail, Hotmail, and Yahoo! Mail store email messages on their own servers, Users can access their email from computers and other devices connected to the Internet. + Flickr and Picasa host millions of digital photographs. Users can create their own online photo albums, + YouTube hosts millions of user-uploaded video files. + Hostmonster and GoDaddy store files and dats for many client web sites. + Facebook and MySpace are social networking sites and allow members to post pictures and other content. That content is stored on the company’s servers. ‘+ MediaMax and Strongspace offer storage space for any kind of digital data.Security: To secure data, most systems use a combination of technique: + Encryption A complex algorithm is used to encode information, To decode the encrypted files, user needs the encryption key. While it’s possible to crack encrypted information, it’s very difficult and most hackers don’t have access to the amount of computer processing power they would need to crack the code. + Authentication processes This requires a user to create a name and password. + Authorization practices The client lists the people who are authorized to acces: stored on the cloud system. Many corporations have multiple levels of authorization. For example, a front-tine employee might have limited access to data stored on the cloud and the head of the IT department might have complete and free access to everything. formation Internet Encryption and authentication are hwo security measures ‘you can use to keep your data safe on a cloud storage provider. vy Most cloud storage providers try to address the reliability concern through redundancy, but the Possibility still exists that the system could crash and leave clients with no way to access their saved data. Advantages Cloud storage is becoming an increasingly attractive solution for organizations. That's because with cloud storage, data resides on the Web, located across storage systems rather than at a designated corporate hosting site. Cloud storage providers balance server loads and move data among various datacenters, ensuring that information is stored close to where itis used. Storing data on the cloud is advantageous, because it allows us to protect our data in case there’s a disaster. we may have backup files of our critical information, but if there is @ fire or a hurricane wipes out our organization, having the backups stored locally doesn’t help. ‘Amazon $3 is the best-known storage solution, but other vendors might be better for large‘enterprises. For instance, those who offer service level agreements and direct access to customer support are critical for a business moving storage to a service provider. Anternet theresa catastrophe at your organization having your files backed up ata cloud storage provider means you wan't have lost all your data Alot of companies take the “appetizer” approach, testing one or two services to see how well they mesh with their existing IT systems. It’s important to make sure the services will provide ‘what we need before we commit too much to the cloud, Cloud Storage Provider “Many cenpanies tet out a cloud storage vendor with ‘one tw nervices before committing too much to ther. “This “appetizer” approach ensures the provider can give you what you want, Cloud Storage Providers ‘Amazon and Nirvanix are the current industry top storage providers. Amazon Simple Storage Service ($3) The best-known cloud storage service is Amazon's Simple Storage Service ($3), which launched in 2006, ‘Amazon $3 is designed to make web-scale computing easier for developers. Amazon $3 provides a simple web services interface that can be used to store and retrieve any amount of data, at any time, from anywhere on the Web. It gives any developer access to the same highly scalable data storage infrastructure that Amazon uses to run its own global network of websites. The service aims to maximize benefits of scale and to pass those benefits on to developers. Amazon $3 is intentionally built with a minimal feature set that includes the following functionality: * Write, read, and delete objects containing from 1 byte to 5 gigabytes of data each. The number of objects that can be stored is unlimited. + Each object is stored and retrieved via a unique developer-assigned key. * Objects can be made private or public, and rights can be assigned to specific users. * Uses standards-based REST and SOAP interfaces designed to work with any Internet- development toolkit Design Requirements ‘Amazon built $3 to fulfill the following design requirements: * Scalable Amazon S3 can scale in terms of storage, request rate, and users to support an unlimited number of web-scale applications. * Reliable Store data durably, with 99.99 percent availability. Amazon says it does not allow any downtime. ‘+ Fast Amazon $3 was designed to be fast enough to support high-performance applications. Server-side latency must be insignificant relative to Internet latency. Any performance bottlenecks can be fixed by simply adding nodes to the system, * Inexpensive Amazon $3 is built from inexpensive commodity hardware components. As a result, frequent node failure is the norm and must not affect the overall system. It must be hardware-agnostic, so that savings can be captured as Amazon continues to drive down infrastructure costs + Simple Building highly scalable, reliable, fast, and inexpensive storage is difficult. Doing so ina way that makes it easy to use for any application anywhere is more difficult, Amazon S3 must do both Design Principles ‘Amazon used the following principles of distributed system design to meet Amazon $3. requirements: * Decentralization It uses fully decentralized techniques to remove scaling bottlenecks and single points of failure. + Autonomy The system is designed such that individual components can make decisions based ‘on local information. * Local responsibility Each individual component is responsible for achieving its consistency; this is never the burden of its peers. + Controlled concurrency Operations are designed such that no or limited concurrency controlis required. « Failure toleration The system considers the fallure of components to be a normal mode of operation and continues operation with no or minimal interruption, + Controlled parallelism Abstractions used in the system are of such granularity that parallelism can be used to improve performance and robustness of recovery or the introduction of new nodes. * Small, well-understood building blocks Do not try to provide a single service that does everything for everyone, but instead build small components that can be used as building. blocks for other services. + Symmetry Nodes in the system are identical in terms of functionality, and require no or minimal node-specific configuration to function. ‘Simplicity The system should be made as simple as possible, but no simpler. How $3 Works S3 stores arbitrary objects at up to SGB in size, and each is accompanied by up to 2KB of metadata, Objects are organized by buckets. Each bucket is owned by an AWS account and the buckets are identified by a unique, user-assigned key.