UNIT -3 Cloud Computing Architecture

Cloud computing is the latest emerging concept in which we provide the distribution of
computing resources as a service. Different types of clouds are available to us, such as
public, private, hybrid, etc. There are different cloud computing models like IaaS, PaaS,
SaaS, etc.

Types of Cloud Computing

Four different types of cloud deployment models exist. These deployment models
vary depending on how they are implemented, how they are hosted, and who has
access to them. Although all cloud deployment options are based on the same
virtualization idea (the separation of resources from bare metal infrastructure), they
vary in terms of location, storage capacity, accessibility, and other factors. One should
evaluate the various levels of security that Public, Private, Hybrid, and Community
Clouds offer and the level of management necessary depending on the type of data
you are working with.

Public Cloud

Public clouds are run by third parties (Cloud Service Providers, CSP in short) who offer
cloud services to the general public over the internet with pay-as-you-go invoicing
options. They provide ways to reduce the cost of IT infrastructure and develop it into a
viable choice for managing peak demands on local infrastructure. Small firms can
launch their operations without making significant initial investments by depending
solely on public infrastructure for their IT requirements, making public clouds the go-to
choice for these companies. Multitenancy is one of the essential properties of public
clouds. A public cloud is designed to service many users, not just one particular client.
A user needs a virtual computing environment that is distinct from other users and
most likely isolated. Examples include Microsoft, Google App Engine, IBM SmartCloud
Enterprise, Amazon elastic compute cloud (EC2), and Windows Azure Services
Platform.

Private Cloud

Private clouds are distributed systems that operate on private infrastructure and give
users access to computer resources that are dynamically allocated. Private cloud
users/organizations receive exclusive infrastructure that is not shared with any other
users/organizations. There may be additional plans that regulate cloud usage and
proportionally charge the various departments or areas of an organization in place of
the pay-as-you-go model used in private clouds. When using a private network, the
security and control levels are at their maximum. The costs are borne entirely by one
person or organization; they are not distributed among any other people or
organizations. The user is responsible for managing the Private Cloud, and the CSP
 UNIT -3 Cloud Computing Architecture
does not offer any cloud management services. HP Data Centers, Ubuntu, Elastic-
Private cloud, Microsoft, and other companies offer private clouds.

Private clouds are used to do specific tasks, including reliable clustering, data
replication, system monitoring and maintenance, disaster recovery, and other uptime
services. When deploying and running applications in accordance with third-party
compliance standards, specific procedures must be in place. Given the public cloud,
this is not feasible, but on the other side, it is completely possible to implement
an SLA in the case of a private cloud. There are also a few limitations in using private
clouds on a large scale. The private cloud is reachable only in a specific location. The
accessible range is thus minimal. Since client data and other sensitive information do
not transfer outside the private infrastructure, security issues in the private cloud are
reduced. Consequently, managing and running cloud services requires competent
personnel.

Hybrid Cloud

A hybrid cloud is created by merging the resources of the public cloud and the private
cloud. For the same reasons, it is also known as heterogeneous clouds. The inability
of private deployments to scale on demand and effectively handle peak loads is a
significant disadvantage. Thus public clouds are required in such cases. As a result, a
hybrid cloud utilizes the functionality of both public and private clouds. Because it is
created through a distributed system, it is less expensive than other clouds. It
minimizes the latency of the data transfer process while being effectively quick and
inexpensive. The most crucial factor is security. Because it uses a distributed system
network, hybrid clouds are completely safe and secure.

Community Cloud

Community clouds are distributed systems built by combining the capabilities of many
clouds to cater to the unique requirements of a particular industry, community, or
business sector. However, it is challenging for companies to split up their
responsibilities. Companies that share concerns or tasks in a community cloud pool
their infrastructure resources. A company or a third party may control the cloud.

Community cloud is economical because many different businesses/communities

share the same cloud. Organizations that desire a collaborative cloud with greater
security features than the public cloud should use a community cloud. Security-wise,
it surpasses that of the public cloud. It offers a setting that is cooperative and
distributive. Thanks to community clouds, we may share cloud resources,
infrastructure, and other capabilities between different enterprises.

There are a few limitations to using community clouds as well. Not all businesses
should choose community cloud. The private cloud has better security features as
compared to hybrid clouds. Additionally, using hybrid clouds could be difficult when
 UNIT -3 Cloud Computing Architecture
there is a lack of teamwork. All community members share a limited amount of data
storage and bandwidth.

Multi-cloud

Multi-cloud is a cloud deployment model in which a company distributes applications

and services across a number of different clouds. Two or more public clouds, two or
more private clouds, or a combination of public, private, and edge clouds may make up
these clouds.

Using a variety of cloud platforms and services, businesses are accelerating the next
stage of their digital transformation by accelerating the creation of new apps and app
transformation. Since multi-clouds best serve their business goals and application
requirements, companies are choosing to deploy apps on public, private, and edge
clouds. The use of multi-clouds ensures enterprise sovereignty and prevents vendor
lock-in. Concerns about total cloud spending, data sovereignty, vendor
dependence, and lock-in are growing. As a result, businesses will keep dispersing
their estate throughout various surroundings.

Applications need to be deployed to the edge, closer to physical objects and users, to
achieve the next generation of improvements in automation, efficiency, and improved
consumer experiences in the logistics, retail, and manufacturing sectors. Multi-clouds
encourage the growth of the distributed workforce because it is the new reality for
businesses. The emerging hybrid workforce problem is to secure, manage, and enable
workers and their devices to be productive wherever.

A Comparative Analysis of Different Types of Cloud Computing

Refer to the below table to study the important features of each of the models and see
an outline of what each one can achieve for you:

Feature Public
Private Cloud Community Cloud Hybrid Cloud
compared Cloud

Security and
Low High Comparatively Higher High
Privacy

Reliability Low High Comparatively Higher High

Control over
Very Less High High High
the data
 UNIT -3 Cloud Computing Architecture

Feature Public
Private Cloud Community Cloud Hybrid Cloud
compared Cloud

Ease of Requires Requires

Requires Prerequisite
setup and Easy Prerequisite Prerequisite
Knowledge
use Knowledge Knowledge

Cost is shared among Between private

Cost Cheapest Most expensive members of the and public
community clouds

Types of Cloud Services

The following are the types of cloud services that are available.

Infrastructure as a Service (IaaS)

Infrastructure as a service (IaaS) is a specific kind of cloud computing service that

provides basic computation, storage, and networking resources on demand. One
needs to pay on a go basis. IaaS is one of the four categories of cloud services:
serverless, platform as a service (PaaS), and software as a service (SaaS). In
Infrastructure as a Service, while we buy, install, configure, and manage our software,
including the operating systems, the middleware, and the applications, a cloud
computing service provider, for example, Azure is responsible for managing the
infrastructure of the system.

Platform as a Service (PaaS)

Platform as a Service (PaaS) is one of the cloud computing techniques in which

consumers receive hardware and software resources via the internet from a third-party
supplier. These tools are typically required for the creation of applications. The
hardware and software are hosted on the infrastructure of a PaaS provider. PaaS
relieves developers of the burden of setting up proprietary hardware and software to
create or run new applications. PaaS technologies are frequently praised for being
user-friendly and practical. Compared to on-premises alternatives, a company may
find the switch to PaaS cost-effective.

Software as a Service (SaaS)

Software as a service (SaaS) is another cloud computing model. One can avoid
complicated software and hardware maintenance by just accessing software over the
Internet rather than installing and maintaining it.
 UNIT -3 Cloud Computing Architecture
Anything-as-a-Service (XaaS)

Anything as a Service (XaaS) refers to a broad class of cloud computing and remote
access services. It acknowledges the enormous variety of modern services, tools, and
technologies that are offered to users online. In essence, every IT function may be
turned into a service for use by businesses. Instead of being paid for upfront or through
a license, the service is paid for using a flexible consumption approach.

Advantages and Disadvantages Cloud Computing

The following are the advantages of cloud computing:

• It is fast and easier to retrieve saved information from anywhere at any time.
• It is very expensive to buy and set up all hardware and software-related things to
perform a small operation. Thankfully cloud computing comes to the rescue and
helps in a lot of cost-cutting.
• It is easier to obtain a backup when using cloud computing.
• Database Security is one of the major benefits associated with using cloud
computing.

Although there are many positives in favor of using cloud computing, some factors,
such as good internet connection and dominance of the cloud operator, may act as
limiting factors when deciding to use cloud computing.

Risks, Costs, and Ethics in Cloud Computing

Even if the cloud computing model has numerous advantages, it is important to

identify several hazards, expenses, and moral dilemmas that need to be considered
before adopting this model and even while using it. All cloud users must consider some
of these challenges, whereas corporations and organizations that use the cloud to
store client data may find some of them more relevant:

• Security: Cloud resources may have more security flaws than traditional on-
premise data centers due to the usage of APIs, cloud-based credentials, and on-
demand services that make it simpler for attackers to gain unauthorized access.
• Costs: Although using the cloud might offer computing capabilities for a fraction
of the price of buying them outright, costs for cloud services can rise
dramatically as consumption increases. Always check the billing information
before signing up for a cloud service to understand how services are metered
and whether you may set caps or receive notifications when usage exceeds your
preferred limits. Additionally, since certain providers' billing practices are not
always clear, it is important to investigate how billing information is conveyed.
• Data persistence: Users of the cloud occasionally want to make sure that the
personal data they have provided to cloud service providers is deleted. However,
 UNIT -3 Cloud Computing Architecture
erasing data from cloud resources and verifying such erasure can be laborious,
challenging, or even impossible tasks.

Types of Cloud Computing Platforms Based on Proprietorship

Platforms for cloud computing can also modify their functionality according to
proprietorship. The set of problems and needs may vary depending on the
organization's size and type of work. Therefore, cloud computing platforms use their
scalability to adapt to specific circumstances. For instance, some companies don't
require a lot of discretion and favor a more unrestricted information flow. On the other
hand, other industries choose a more secure platform. The financial and national
security sectors are among these. Thus different cloud computing platforms based on
proprietorship have emerged to cater to these demands.

Cloud Computing Platforms in Public Cloud

In the public cloud model, everyone can use the cloud as per their requirements. This
model adopts the pay-per-usage model to store and access information through the
Internet. The cloud service provider manages and controls the computer resources
(CSP) in a public cloud. Examples include Microsoft, Google App Engine, IBM
SmartCloud Enterprise, Amazon elastic compute cloud (EC2), and Windows Azure
Services Platform. Owning a public cloud is much less expensive than doing so for a
private or hybrid cloud. While using a public cloud, one need not bother about
maintenance-related things because the cloud service provider takes care of the
public cloud. It is also a fact that integration is simpler with public clouds. Therefore, it
offers customers a superior level of flexibility. The public cloud is very scalable,
depending on the amount of processing power needed. There is no cap on the number
of users because it is open to everyone. Due to the internet-based nature of public
cloud services, they are location agnostic. But there are some limitations while using
the public cloud as well. For example, security might be a concern since resources are
shared publicly on public clouds, making them less secure. The performance also
depends on factors like the speed of the internet connection.

Cloud Computing Platforms in Private Cloud

Private clouds are also known as internal or corporate clouds. Organizations use
private clouds to operate their own data centers, either internally or through a third
party. Opensource tools like Eucalyptus and OpenStack can be used to deploy private
clouds. The National Institute of Standards and Technology (NIST) divides private
clouds into the following categories based on location and management : On-premise
private cloud and Outsourced private cloud. The users benefit from a high level of
security and privacy thanks to private clouds. Private clouds provide superior
performance with faster speeds and more storage space. It makes it possible for the IT
staff to rapidly assign and supply IT resources on demand. Because the organization
manages the cloud, it has total control over it. As a result, the organization doesn't
 UNIT -3 Cloud Computing Architecture
need to rely on anyone. It is appropriate for businesses focusing on data security and
needing a separate cloud for personal use. There are a few limitations to using private
clouds as well. Cloud service management and operation demand skilled personnel.
Only the organization can access the private cloud; thus, the operational area is
constrained. Private clouds are inappropriate for businesses with a large user base,
businesses without a ready-made infrastructure, and businesses without enough staff
to maintain and operate the cloud.

Cloud Computing Platforms in Hybrid Cloud

Hybrid clouds are a combination of public and private clouds. The security provided by
hybrid clouds lies somewhere between public and private clouds. This is because only
users within the business can access services running on a private cloud, while anyone
can access those running on a public cloud. Examples include Amazon Web Services,
Office 365 (MS Office on the Web and One Drive), and the Google Application Suite
(Google Apps like Google Drive and Gmail). Hybrid clouds are beneficial for
organizations that need more security than public clouds. It is easy and quick to
provide new goods and services with hybrid cloud technology. Thus hybrid clouds offer
a great way to lower the risk. A hybrid cloud provides secure resources thanks to the
private cloud and flexible resources thanks to the public cloud. But there are a few
limitations to using hybrid clouds as well. For example, the security features in hybrid
clouds are inferior to those in private clouds. The requirement for handling many
deployment models makes managing a hybrid cloud challenging. The reliability of the
service depends on the cloud service provider.

Cloud Platform Technologies

The following are the different types of cloud platform technologies that are available
to us.

AWS

One of the most well-liked cloud computing platforms for developing interactive web
solutions for your company is Amazon Web Services (AWS). AWS's architecture is so
flexible you may save costs by using only the services you need. AWS offers a variety of
extensive cloud IaaS services, ranging from whole computing stacks to virtual
computing, storage, and networking. Elastic Compute Cloud (EC2) and Simple
Storage Service (S3) are two of AWS's well-known computing offerings and on-
demand storage services. The end user can customize the virtual hardware they
receive from EC2 to serve as the foundational architecture for deploying computing
systems in the cloud. It will probably have access to various virtual hardware
configurations, such as GPU and cluster instances.

The EC2 instances are deployed using either the web services API, which is accessible
for many programming languages, or the AWS console, a comprehensive Web gateway
 UNIT -3 Cloud Computing Architecture
for accessing AWS services. The ability to save an explicit running instance as an image
is another feature of EC2 that enables users to design their system deployment
templates. These templates are kept in S3, which also provides on-demand persistent
storage. S3 is organized neatly into buckets that hold objects that can grow with
attributes and are saved in binary form. Users can store items of any size, from little
files to entire disc images. Accessing them from any location is also possible.
Additionally, various services, such as networking support, caching systems, DNS,
database support, and others, can be incorporated into virtual computing systems
using EC2 and S3.

Microsoft Azure

Microsoft Azure is a platform where users may create cloud-based applications and a
cloud operating system. Microsoft Azure has been a solid solution for businesses trying
to transform their operations since its initial release in 2010 digitally. Given Microsoft's
vast range of services, Azure has been recognized as one of the best cloud service
platforms available. Typically, a scalable runtime environment is offered for distributed
and web applications. Roles, which specify a distribution unit for applications and
express the application's logic, are the central organizing principle for the organization
of applications in Azure. In addition to supporting application execution, Azure offers
several other services, including networking, caching, content delivery, and storage
support. The wide range of services provided is adequate to suit the needs of any
business in any industry. Azure enables you to run services on the cloud or integrate
them with any of your current infrastructures.

Google Cloud and Google AppEngine

Google Cloud is a dependable, user-friendly, and security-focused cloud computing

service. Despite having a smaller portfolio of services than Azure, Google Cloud can
meet all of your IaaS and PaaS requirements. Security and usability are some of its key
features. Additionally, Google asserts that its services are more affordable and cost-
effective when compared to others. Another commonly used service offered by Google
is the Google AppEngine. Google AppEngine is a scalable runtime environment widely
used to run web apps. These use Google's extensive computing resources to scale
dynamically in response to demand. AppEngine provides a collection of tools that
make it easier to create scalable, high-performance web applications as well as a
secure execution environment. Using the AppEngine SDK, which stimulates the
production runtime environment and aids in testing and profiling apps, developers and
engineers can create and test applications on their computers. After the development
is complete, developers may quickly move their applications to AppEngine, set quotas
to control costs, and make the applications public.
 UNIT -3 Cloud Computing Architecture
Hadoop

Apache Hadoop, a free and open-source framework. It provides a way to process

massive volumes of data on inexpensive hardware. Apache Hadoop uses an
application programming model called MapReduce, which Google has developed.
Map and reduce are two fundamental data processing techniques included in this
paradigm. Apache Hadoop is sponsored by Yahoo, which has worked hard to turn it
into an enterprise-

ready cloud computing platform for data processing. The Yahoo Cloud architecture
relies heavily on Hadoop to handle several corporate business operations. Yahoo now
runs the biggest Hadoop cluster in the world and is accessible to academic
institutions.

Salesforce

The cloud computing platform Force.com allows users to create social enterprise
applications. The platform is the foundation for customer relationship management
Software as a Service (SaaS) known as Salesforce.com. With Force.com, you may
build applications by assembling ready-to-use blocks, and a full complement of
components covering all of an enterprise's operations is accessible. Force.com offers
assistance with everything from arranging the data to formulating business rules and
user interfaces. Through Web services technologies, this platform, which is hosted in
the Cloud, provides access to all of its capabilities, including those utilized in the
hosted apps.

Cloud Linux

Cloud Linux is the best option if you would rather create your own IT infrastructure
than rely on a third-party service. It's a cloud platform for setting up your internal
infrastructure; it's not a typical cloud services provider. It is a Linux-based operating
system, as is evident from the name. Even though working with Cloud Linux presents
many difficulties, it also offers several benefits and advantages, such as total control,
flexibility, security, and in-depth customization.

IBM Cloud

SaaS (Software as a Service), IaaS (Infrastructure as a Service), and PaaS (Platform as a

Service) are the three primary cloud computing services that IBM Cloud primarily
focuses on. It is one of the more cost-effective pricing models on the market, and the
fact that it is completely adjustable helps to reduce costs further. Utilizing their APIs
makes the process of creating an account on the IBM cloud simple.

Cloud Computing Architecture

 UNIT -3 Cloud Computing Architecture

Frontend

The front end serves as the user's gateway to cloud services. It comprises the user
interface, typically accessible through web browsers or specialized applications. This
interface allows users to interact with various cloud resources and services, such as
deploying virtual machines, managing storage, and accessing applications.

Backend

The backend of the cloud computing infrastructure consists of interconnected

components that form its core. This includes User Authentication and Authorization,
ensuring secure access to cloud services by validating user identities and managing
permissions. The frontend processor handles incoming user requests from the
frontend, directing them to the appropriate backend services. A virtualization layer
employs virtualization technologies to create and manage virtual instances of
computing resources, optimizing hardware utilization.

The resource pool comprises servers, storage devices, and networking equipment
collectively providing computing resources, while the networking infrastructure
facilitates efficient communication between various components. The storage
infrastructure offers scalable and redundant storage solutions for users to store and
retrieve data. Compute Nodes, whether physical or virtual servers are responsible for
executing applications and processing data.

Service Models:

1. Infrastructure as a Service (IaaS): Provides virtualized computing resources,

including virtual machines, storage, and networking.
 UNIT -3 Cloud Computing Architecture
2. Platform as a Service (PaaS): Offers a platform for application development,
removing the need for users to manage the underlying infrastructure.
3. Software as a Service (SaaS): It eliminates the need for installation and
maintenance by delivering fully working software applications over the Internet.

Components of Cloud Computing Architecture

Cloud computing architecture is comprised of several interconnected components,

where each one is essential to providing scalable, adaptable, and effective computing
services. Gaining an understanding of these elements is crucial to appreciating the
features and advantages of cloud-based solutions:

1. User Interface (Frontend): The user interface serves as the entry point for users
to interact with cloud services. It can be a web browser, command-line interface
(CLI), or application through which users access and manage various resources.
2. User Authentication and Authorization: Ensures secure access to cloud
resources by verifying user identities and managing permissions. Authentication
validates user credentials, while authorization determines the actions a user is
allowed to perform.
3. Frontend Processor: Manages incoming user requests from the front end and
directs them to the appropriate backend services. It serves as a mediator, making
communication easier between the backend infrastructure and the user
interface.
4. Virtualization Layer: Utilizes virtualization technologies to create and manage
virtual instances of computing resources. This layer enables the operation of
several virtual machines on a single physical server, optimising hardware
utilization.
5. Resource Pool: It consists of the virtual and physical resources that serve as
cloud computing's building blocks. Servers, storage units, and networking
hardware provide on-demand computing resources.
6. Networking Infrastructure: It permits communication between the various
cloud architecture components. This comprises switches, routers, and other
networking hardware that makes sure data moves through the cloud environment
effectively.
7. Storage Infrastructure: Offers scalable and redundant storage solutions to meet
the diverse needs of users. Cloud storage allows for the secure and flexible
management of data, accommodating changing storage requirements.
8. Compute Nodes: Physical or virtual servers responsible for executing
applications and processing data. Compute nodes are crucial for providing the
computing power needed to run applications and services within the cloud.
9. Security Services: It includes a variety of security techniques to protect data
and infrastructure, including intrusion detection systems, firewalls, and
encryption. Security services are essential to preserve the confidentiality and
integrity of data stored in the cloud.
 UNIT -3 Cloud Computing Architecture
Benefits of Cloud Computing Architecture

Cloud computing architecture offers many advantages that have revolutionized how
businesses and individuals manage and deploy computing resources. Here are key
benefits that make cloud computing a transformative solution:

1. Cost Efficiency: Cloud computing removes the need for large initial hardware
and infrastructure investments. Pay-as-you-go access to computer resources
allows users to maximize savings and make sure that fees correspond with real
usage.
2. Scalability and Flexibility: The seamless scalability provided by cloud
architecture makes it simple for users to increase or decrease resource capacity
in response to demand. Because of this flexibility, companies may adjust to
shifting workloads without having to make major resource provisioning or
planning decisions. Cloud services are accessible to users from any location
with an internet connection. This improves cooperation and makes remote work
easier, giving people and enterprises flexibility and mobility.
3. Resource Optimization: In cloud computing, virtualization and resource pooling
maximize hardware utilization. A single physical server can support several
virtual instances, increasing efficiency and minimizing the environmental effect
of wasted resources. Cloud service providers typically offer robust infrastructure
with redundancy and failover mechanisms. This ensures high availability and
reliability, minimizing downtime and disruptions to services.
4. Security Measures: Cloud providers implement advanced security measures,
including encryption, firewalls, and identity management, to protect data and
infrastructure. Many providers adhere to stringent compliance standards,
enhancing overall data security. Cloud services often handle system updates,
patches, and maintenance tasks automatically. This reduces the burden on users
and ensures that applications and infrastructure are running on the latest, most
secure versions.
5. Global Reach: Cloud computing allows businesses to reach a global audience
without the need for physical infrastructure in multiple locations. Content
delivery networks (CDNs) ensure low-latency access to data and applications
from various geographical regions.
6. Elasticity for Peak Loads: Businesses can handle peak workloads and seasonal
demands by leveraging the elasticity of cloud resources. Scaling up during high-
demand periods and scaling down during quieter times optimizes costs and
performance. Cloud providers offer automated backup and disaster recovery
solutions. Data is regularly backed up and stored in geographically dispersed
locations, ensuring resilience against data loss and disasters.

InterCloud Resource Management

 UNIT -3 Cloud Computing Architecture
As we all know, management is very crucial everywhere. In Cloud Computing, it is the
cloud provider's duty to manage resources and their performance. Examples of
resource management in cloud computing are Load balancing, performance, storage,
backups, capacity, and deployment. To access the full capabilities of cloud resources,
management is required.
InterCloud
The term "intercloud" refers to a network of interconnected clouds. This encompasses
private, public, and hybrid clouds, all of which work together to create a seamless data
flow.
In 2008, Cisco announced the notion of Intercloud as a research project, which was
later refined by the Institute of Electrical and Electronics Engineers (IEEE). Most
Intercloud solutions have "pay-per-use" prime service flexibility, allowing clients to
effectively manage expenses.
Advantages: Portability and Migration, Moving data from one supplier to the next might
become as simple as "dragging and dropping." Money, time, and human resources
would all be saved as a result of this.
The term "cloud computing management" refers to the process of maintaining and
regulating cloud services and resources, whether they are public, private, or hybrid. To
do so, cloud management professionals must have complete access to all cloud
resource functionality. To create a unified cloud management strategy and process,
many software products and technologies are merged.
• Private cloud infrastructure is administered by the company or by a third
party for a single enterprise.

• Public cloud services are supplied through an open network that is

accessible to the whole public. In this model, a private corporation owns the
IT Infrastructure, and members of the public can buy or rent data storage or
computer resources as needed.

• Hybrid cloud setups are made up of a mix of public and private cloud
services from various vendors.

For privacy reasons, most businesses keep data on private cloud servers, while using
public cloud apps for less sensitive data at a reduced cost.
 UNIT -3 Cloud Computing Architecture

Cloud Management Requirements

Large enterprises are increasingly turning to the cloud for their primary data storage. A
minor outage or error can result in significant financial loss and inconvenience for
businesses. Specific members are responsible for designing, managing, and
maintaining a cloud computing service, ensuring that everything runs well and that any
difficulties that arise are resolved.
Resource Management
Resource management is the process of allocating
1. Computing
2. Storage
3. Networking
4. and Energy resources

to a group of applications in order to match the infrastructure providers' and cloud

users' performance goals and needs.
Cloud Management Platform
A cloud management platform is a software solution with a powerful and wide set of
APIs that enables it to pull data from any part of the IT infrastructure. A CMP enables an
IT company to build a standardized approach to security and IT governance that can be
applied throughout the full cloud environment of the organization.
Cloud Management Tasks
Auditing System Backups -
It is necessary to check backups on a regular basis to verify the restoration of randomly
selected files from various users. This could be done by the company or by the cloud
service provider.
Data Flow of the System-
The managers are in charge of creating a diagram that depicts a thorough process flow.
The transportation of data belonging to an organization throughout the cloud solution is
described in this process flow.
 UNIT -3 Cloud Computing Architecture
Vendor Lock-In -
Managers should be able to transfer data from one server to another if the company
decides to change providers.
Knowing Provider’s Security Procedures -
Managers should be aware of the provider's security plans for the following services:
Multitenant use
E-commerce processing
Employee screening
Encryption policy
Monitoring the Capacity, Planning, and Scaling abilities -
The manager should be aware of whether or not their existing cloud provider will be
able to fulfill their organization's future demand, as well as their scalability capabilities.
Monitoring audit log -
Logs are audited on a regular basis by managers in order to discover system faults.
Solution Testing and Validation -
Testing and verifying the results of cloud services is required for error-free solutions.

What is cloud security?

Cloud security is the set of control-based security measures and technology

protection, designed to protect online stored resources from leakage, theft, and data
loss. Protection includes data from cloud infrastructure, applications,
and threats. Security applications uses a software the same as SaaS (Software as a
Service) model.

How to manage security in the cloud?

Cloud service providers have many methods to protect the data.

Firewall is the central part of cloud architecture. The firewall protects the network and
the perimeter of end-users. It also protects traffic between various apps stored in the
cloud.

Access control protects data by allowing us to set access lists for various assets. For
example, you can allow the application of specific employees while restricting others.
It's a rule that employees can access the equipment that they required. We can keep
essential documents which are stolen from malicious insiders or hackers to
maintaining strict access control.

Data protection methods include Virtual Private Networks (VPN), encryption, or

masking. It allows remote employees to connect the network. VPNaccommodates the
tablets and smartphone for remote access. Data masking maintains the data's integrity
by keeping identifiable information private. A medical company share data with data
masking without violating the HIPAA laws.
 UNIT -3 Cloud Computing Architecture
For example, we are putting intelligence information at risk in order of the importance
of security. It helps to protect mission-critical assets from threats. Disaster recovery is
vital for security because it helps to recover lost or stolen data.

Benefits of Cloud Security System

We understand how the cloud computing security operates to find ways to benefit your
business.

Cloud-based security systems benefit the business by:

o Protecting the Business from Dangers

o Protect against internal threats
o Preventing data loss
o Top threats to the system include Malware, Ransomware, and
o Break the Malware and Ransomware attacks
o Malware poses a severe threat to the businesses.

More than 90% of malware comes via email. It is often reassuring that employee's
download malware without analysingit. Malicious software installs itself on the
network to steal files or damage the content once it is downloaded.

Ransomware is a malware that hijacks system's data and asks for a financial ransom.
Companies are reluctant to give ransom because they want their data back.

Data redundancy provides the option to pay a ransom for your data. You can get that
was stolen with minimal service interruption.

Many cloud data protection solutions identify malware and ransomware. Firewalls
keep malicious email out of the inbox.

DDoS Security

Distributed Denial of Service (DDoS)is flooded with requests. Website slows down
the downloading until it crashes to handle the number of requests.

DDoS attacks come with many serious side effects. Most of the companies suffering
from DDoS attacks lose $ 10,000 to $ 100,000. Many businesses damage reputation
when customers lose confidence in the brand. If confidential customer data is lost
through any DDoS attack, we may face challenges.

The severity of these side effects, some companies shut down after the DDoS attacks.
It is to be noted that the last DDoS attack lasted for 12 days.
 UNIT -3 Cloud Computing Architecture
Cloud security service monitors the cloud to identify and prevent attacks. The cloud
service providers protectthe cloud service users in real time.

Threat to detect

Cloud computing detects advanced threats by using endpoint scanning for threats at
the device level.

Difference between Cloud Security and Traditional IT Security

Cloud security Traditional IT Security

Quick scalable Slow scaling

Efficient resource utilization Lower efficiency

Usage-based cost Higher cost

Third-party data centres In-house data centres

Reduced time to market Longer time to market

Low upfront infrastructure High Upfronts costs

What is service-oriented architecture?

Service-oriented architecture (SOA) is a method of software development that uses

software components called services to create business applications. Each service
provides a business capability, and services can also communicate with each other
across platforms and languages. Developers use SOA to reuse services in different
systems or combine several independent services to perform complex tasks.

For example, multiple business processes in an organization require the user

authentication functionality. Instead of rewriting the authentication code for all
business processes, you can create a single authentication service and reuse it for all
applications. Similarly, almost all systems across a healthcare organization, such as
patient management systems and electronic health record (EHR) systems, need to
register patients. These systems can call a single, common service to perform the
patient registration task.

What are the benefits of service-oriented architecture?

 UNIT -3 Cloud Computing Architecture
Service-oriented architecture (SOA) has several benefits over the traditional monolithic
architectures in which all processes run as a single unit. Some major benefits of SOA
include the following:

Faster time to market

Developers reuse services across different business processes to save time and costs.
They can assemble applications much faster with SOA than by writing code and
performing integrations from scratch.

Efficient maintenance

It’s easier to create, update, and debug small services than large code blocks in
monolithic applications. Modifying any service in SOA does not impact the overall
functionality of the business process.

Greater adaptability

SOA is more adaptable to advances in technology. You can modernize your

applications efficiently and cost effectively. For example, healthcare organizations can
use the functionality of older electronic health record systems in newer cloud-based
applications.

What are the basic principles of service-oriented architecture?

There are no well-defined standard guidelines for implementing service-oriented

architecture (SOA). However, some basic principles are common across all SOA
implementations.

Interoperability

Each service in SOA includes description documents that specify the functionality of
the service and the related terms and conditions. Any client system can run a service,
regardless of the underlying platform or programming language. For instance, business
processes can use services written in both C# and Python. Since there are no direct
interactions, changes in one service do not affect other components using the service.

Loose coupling

Services in SOA should be loosely coupled, having as little dependency as possible on

external resources such as data models or information systems. They should also be
stateless without retaining any information from past sessions or transactions. This
way, if you modify a service, it won’t significantly impact the client applications and
other services using the service.
 UNIT -3 Cloud Computing Architecture
Abstraction

Clients or service users in SOA need not know the service's code logic or
implementation details. To them, services should appear like a black box. Clients get
the required information about what the service does and how to use it through service
contracts and other service description documents.

Granularity

Services in SOA should have an appropriate size and scope, ideally packing one
discrete
business function per service. Developers can then use multiple services to create a
composite service for performing complex operations.

What are the components in service-oriented architecture?

There are four main components in service-oriented architecture (SOA).

Service

Services are the basic building blocks of SOA. They can be private—available only to
internal users of an organization—or public—accessible over the internet to all.
Individually, each service has three main features.

Service implementation
The service implementation is the code that builds the logic for performing the specific
service function, such as user authentication or bill calculation.

Service contract
The service contract defines the nature of the service and its associated terms and
conditions, such as the prerequisites for using the service, service cost, and quality of
service provided.

Service interface
In SOA, other services or systems communicate with a service through its service
interface. The interface defines how you can invoke the service to perform activities or
exchange data. It reduces dependencies between services and the service requester.
For example, even users with little or no understanding of the underlying code logic can
use a service through its interface.
 UNIT -3 Cloud Computing Architecture
Service provider

The service provider creates, maintains, and provides one or more services that others
can use. Organizations can create their own services or purchase them from third-
party service vendors.

Service consumer

The service consumer requests the service provider to run a specific service. It can be
an entire system, application, or other service. The service contract specifies the rules
that the service provider and consumer must follow when interacting with each other.
Service providers and consumers can belong to different departments, organizations,
and even industries.

Service registry

A service registry, or service repository, is a network-accessible directory of available

services. It stores service description documents from service providers. The
description documents contain information about the service and how to
communicate with it. Service consumers can easily discover the services they need by
using the service registry.

How does service-oriented architecture work?

In service-oriented architecture (SOA), services function independently and provide

functionality or data exchanges to their consumers. The consumer requests
information and sends input data to the service. The service processes the data,
performs the task, and sends back a response. For example, if an application uses an
authorization service, it gives the service the username and password. The service
verifies the username and password and returns an appropriate response.

Communication protocols

Services communicate using established rules that determine data transmission over
a network. These rules are called communication protocols. Some standard protocols
to implement SOA include the following:

• Simple Object Access Protocol (SOAP)

• RESTful HTTP
• Apache Thrift
• Apache ActiveMQ
• Java Message Service (JMS)
 UNIT -3 Cloud Computing Architecture

What is Message Oriented Middleware (MOM)?

The full form of MOM is Message-Oriented Middleware which is an infrastructure
that allows communication and exchanges the data (messages). It involves the
passing of data between applications using a communication channel that carries
self-contained units of information (messages).In a MOM-based communication
environment, messages are sent and received asynchronously.
MOM provides asynchronous communication, and it just sends the message and
performs its asynchronous operations. It consists of inter-application
communication software that relies on asynchronous message passing which would
oppose request-response architecture. So asynchronous system consists of a
message queue that provides a temporary stage so that the destination program
becomes busy or might not be connected. Message Queue helps in storing the
message on a MOM platform. MOM clients can send and receive the message
through the queue.
Queues act as a central component for implementing asynchronous interaction
within MOM.
• Middleware is software that acts as a link between two or more objects
• Middleware simplifies complex distributed applications,
• It consists of web servers, application servers, and more, it is integrals to
modern information technology based on XML, SOAP, service-oriented
architecture.
 UNIT -3 Cloud Computing Architecture
Block Representation of Middleware:

Middleware
Features and Capabilities
1. Unified messaging
2. Provisioning and monitoring
3. Dynamic scaling
4. Management and control tools
5. Dynamic scaling
6. Flexible service quality
7. Secure communication
8. Integration with other tools
Structure and working of the Message Queue in MOM:

Message Queue in MOM

MOM enables communication between distributed components. Middleware makes
programming easier in a distributed environment. It acts like an Operating System
(OS) for distributed computing architecture and provides transparency for the
applications.
 UNIT -3 Cloud Computing Architecture
A message-oriented middleware acts as a middleware for different applications for
example:

MOM Deployment
The above diagram is a message-oriented middleware-based distributed system
deployment that offers a service-based approach to inter-process communication.
The messaging of MOM is the same as the postal service.
The Architecture of Message Oriented Middleware:

Types of middleware:
1. Database Middleware
2. Application Server Middleware
3. Messaging middleware
4. Message-oriented Middleware
5. Transaction processing middleware
Roles of message-oriented middleware
1. The message distribution is enabled over complex IT systems.
 UNIT -3 Cloud Computing Architecture
2. It servers as a connector for two different applications or platforms.
3. MOM helps in implementing the delivery of messages across different IT
organizations.
4. It will create a distributed product that is compatible with the various OS.
5. MOM allows various software components can talk to each other.
6. It is a type of middleware that consists of several lines that are connected to
different applications.
7. It connects different technologies involving message origination and delivery
destination.
8. It links front and back-end systems.
Example:
MQTT(Message Queuing for Telemetry Transport): Most MQ systems and protocols
are aimed at backed and enterprise applications and these types of technologies are
not suited for constrained devices like sensor nodes. Such devices are typically
constrained in terms of memory, bandwidth, and power.
MQTT is a message-oriented protocol aimed at applications like wireless sensor
networks, M2M(mobile 2 mobile) and ultimately the internet of things(a large number
of nodes and applications loosely through a messaging system).
Advantages
1. Loose coupling
2. Scalability
3. Fast
4. Reliability
5. Availability
Disadvantage
1. Requires extra component in the architecture
2. Poor programming abstraction
3. One-to-one communication for queue abstraction
4. Not implemented for some platform