1. What are the various Cloud Service Models?

There are the following three types of cloud service models -

1. Infrastructure as a Service (IaaS)

2. Platform as a Service (PaaS)
3. Software as a Service (SaaS)

-----------------------------------------------------------------------------------------

2. What is Infrastructure as a Service (IaaS)?

IaaS is also known as Hardware as a Service (HaaS). It is a computing

infrastructure managed over the internet. The main advantage of using
IaaS is that it helps users to avoid the cost and complexity of purchasing
and managing the physical servers.

Characteristics of IaaS

There are the following characteristics of IaaS -

 o Resources are available as a service
o Services are highly scalable
o Dynamic and flexible
o GUI and API-based access
o Automated administrative tasks

Example: DigitalOcean, Linode, Amazon Web Services (AWS),

Microsoft Azure, Google Compute Engine (GCE), Rackspace, and Cisco
Metacloud.

3. What is Platform as a Service (PaaS)?

PaaS cloud computing platform is created for the programmer to develop,

test, run, and manage the applications.

Characteristics of PaaS

There are the following characteristics of PaaS -

o Accessible to various users via the same development application.

o Integrates with web services and databases.
o Builds on virtualization technology, so resources can easily be
scaled up or down as per the organization's need.
o Support multiple languages and frameworks.
o Provides an ability to "Auto-scale".

Example: AWS Elastic Beanstalk, Windows Azure, Heroku, Force.com,

Google App Engine, Apache Stratos, Magento Commerce Cloud, and
OpenShift.

4. What is Software as a Service (SaaS)?

SaaS is also known as "on-demand software". It is a software in which

the applications are hosted by a cloud service provider. Users can access
these applications with the help of internet connection and web browser.

Characteristics of SaaS

There are the following characteristics of SaaS -

 o Managed from a central location
o Hosted on a remote server
o Accessible over the internet
o Users are not responsible for hardware and software updates.
Updates are applied automatically.
o The services are purchased on the pay-as-per-use basis

Example: BigCommerce, Google Apps, Salesforce, Dropbox, ZenDesk,

Cisco WebEx, ZenDesk, Slack, and GoToMeeting.

-----------------------------------------------------------------------------------------

5. Comparison between IaaS, PaaS, and SaaS

The below table shows the difference between IaaS, PaaS, and SaaS -

IaaS Paas SaaS

It provides a It provides virtual It provides web
virtual data platforms and tools to software and apps to
center to create, test, and complete business
store deploy apps. tasks.
information
and create
platforms
for app
development
, testing, and
deployment.
It provides It provides runtime It provides software
access to environments and as a service to the
resources deployment tools for end-users.
such as applications.
virtual
machines,
virtual
storage, etc.
It is used by It is used by It is used by end
network developers. users.
architects.
IaaS PaaS provides SaaS provides
provides Infrastructure+Platfor Infrastructure+Platfor
only m. m +Software.
Infrastructur
e.

----------------------------------------------------------------------------------

6. Cloud Computing Applications

Cloud service providers provide various applications in the field of art,

business, data storage and backup services, education, entertainment,
management, social networking, etc.

The most widely used cloud computing applications are given below -
7. What are the Security Risks of Cloud Computing

Cloud computing provides various advantages, such as improved

collaboration, excellent accessibility, Mobility, Storage capacity, etc. But
there are also security risks in cloud computing.

Some most common Security Risks of Cloud Computing are given

below-

Data Loss

Data loss is the most common cloud security risks of cloud computing. It
is also known as data leakage. Data loss is the process in which data is
being deleted, corrupted, and unreadable by a user, software, or
application. In a cloud computing environment, data loss occurs when our
sensitive data is somebody else's hands, one or more data elements can
not be utilized by the data owner, hard disk is not working properly, and
software is not updated.

Hacked Interfaces and Insecure APIs

As we all know, cloud computing is completely depends on Internet, so it

is compulsory to protect interfaces and APIs that are used by external
users. APIs are the easiest way to communicate with most of the cloud
services. In cloud computing, few services are available in the public
domain. These services can be accessed by third parties, so there may be
a chance that these services easily harmed and hacked by hackers.

Data Breach

Data Breach is the process in which the confidential data is viewed,

accessed, or stolen by the third party without any authorization, so
organization's data is hacked by the hackers.

Vendor lock-in

Vendor lock-in is the of the biggest security risks in cloud computing.

Organizations may face problems when transferring their services from
one vendor to another. As different vendors provide different platforms,
that can cause difficulty moving one cloud to another.

Increased complexity strains IT staff

Migrating, integrating, and operating the cloud services is complex for
the IT staff. IT staff must require the extra capability and skills to
manage, integrate, and maintain the data to the cloud.

Spectre & Meltdown

Spectre & Meltdown allows programs to view and steal data which is
currently processed on computer. It can run on personal computers,
mobile devices, and in the cloud. It can store the password, your personal
information such as images, emails, and business documents in the
memory of other running programs.

Denial of Service (DoS) attacks

Denial of service (DoS) attacks occur when the system receives too much
traffic to buffer the server. Mostly, DoS attackers target web servers of
large organizations such as banking sectors, media companies, and
government organizations. To recover the lost data, DoS attackers charge
a great deal of time and money to handle the data.

Account hijacking

Account hijacking is a serious security risk in cloud computing. It is the

process in which individual user's or organization's cloud account (bank
account, e-mail account, and social media account) is stolen by hackers.
The hackers use the stolen account to perform unauthorized activities.