UNIT 1

1]
Basic Concepts and Terminologies in Cloud Computing
Cloud computing is a paradigm that enables on-demand access to computing
resources over the internet. Understanding the fundamental concepts and
terminologies is essential for comprehending how cloud computing operates.
Detailed Explanation:
Cloud:
Definition: The cloud refers to a network of remote servers hosted on the internet
that store, manage, and process data. It allows users to access and use IT resources
without the need for local infrastructure.
Example: Services like Google Drive, which store files in the cloud and allow access
from any device.
IT Resource:
Definition: IT resources in cloud computing include hardware, software, storage,
networks, and services that can be accessed and managed through the cloud.
These resources are virtualized and provided on a pay-as-you-go basis.
Example: Virtual machines, databases, and storage systems.
On-Premise:
Definition: On-premise refers to IT infrastructure and resources that are hosted and
managed within an organization’s own physical premises, rather than in the cloud.
Comparison: On-premise solutions require significant upfront investment and
ongoing maintenance, unlike cloud-based solutions that are more flexible and
scalable.
Cloud Consumers and Cloud Providers:
Cloud Consumers: These are individuals or organizations that use cloud services
provided by cloud providers. They access and utilize cloud resources to run
applications, store data, or perform computing tasks.
Cloud Providers: These are companies that offer cloud services to consumers. They
own and manage the infrastructure and platforms that deliver cloud services.
Examples include Amazon Web Services (AWS), Microsoft Azure, and Google Cloud.
Relationship: Cloud consumers rely on cloud providers to supply the necessary
resources, while cloud providers ensure that these resources are available, secure,
and scalable.
Scaling - Horizontal and Vertical:
Horizontal Scaling: Also known as scaling out, it involves adding more instances of a
resource (e.g., more servers) to distribute the load across multiple systems.
Vertical Scaling: Also known as scaling up, it involves increasing the capacity of a
single resource (e.g., adding more CPU or memory to a server) to handle increased
demand.
Use Cases: Horizontal scaling is often used for applications requiring high
availability, while vertical scaling is used for tasks requiring more processing power.
Cloud Service:
Definition: A cloud service is any service provided over the internet that allows
users to access and use IT resources. Cloud services are typically categorized into
three models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and
Software as a Service (SaaS).
Example: SaaS applications like Microsoft Office 365, PaaS platforms like Google
App Engine, and IaaS offerings like AWS EC2.
Cloud Service Consumer:
Definition: A cloud service consumer is the end-user or organization that accesses
and uses a cloud service. The consumer interacts with the cloud service to perform
tasks, whether it's running applications, storing data, or managing infrastructure.
Example: An enterprise using Salesforce (a SaaS CRM platform) for customer
relationship management.
2]
Cloud Characteristics
On-Demand Usage: Cloud services are available whenever you need them, allowing
you to instantly access computing resources without waiting, and pay only for what
you use.
Ubiquitous Access: You can access cloud services from any location and on any
device with an internet connection, ensuring flexibility and convenience.
Multitenancy (and Resource Pooling): The cloud infrastructure is shared among
multiple users, with resources automatically distributed based on demand,
optimizing efficiency.
Elasticity: The cloud can automatically expand or reduce resources to match your
current needs, ensuring you have the right amount of resources at any time.
Measured Usage: Cloud providers track your resource usage precisely, so you’re
charged only for what you actually consume, making it cost-effective.
Resiliency: Cloud systems are built to quickly recover from failures, ensuring your
services remain available and reliable even in the face of disruptions.
3]
Cloud Deployment Models (10 Marks)
Cloud deployment models describe the way cloud services are deployed, managed,
and accessed. The four primary models are Public Cloud, Private Cloud, Hybrid
Cloud, and Community Cloud. Each model has its unique characteristics,
advantages, and use cases.
Public Cloud:
Definition: The public cloud is a cloud environment operated by third-party cloud
service providers. It offers services like storage, applications, and computing power
to the general public over the internet.
Key Characteristics:
Scalability: Resources can be scaled up or down based on demand.
Cost-Effectiveness: Pay-as-you-go pricing with no need for physical infrastructure.
Accessibility: Accessible from anywhere with an internet connection.
Example: Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft
Azure.
Use Case: Ideal for startups and businesses that need to quickly scale resources
without investing in hardware.
Private Cloud:
Definition: A private cloud is a cloud environment dedicated to a single organization.
It can be hosted on-premises or by a third-party provider but is not shared with
other organizations.
Key Characteristics:
Control: Greater control over the environment, including hardware and software
configurations.
Security: Enhanced security measures tailored to the organization's specific needs.
Customization: Customizable to meet specific business and compliance
requirements.
Example: A company's in-house data center configured to offer cloud services to
internal departments.
Use Case: Suitable for organizations that require high levels of security and
compliance, such as financial institutions.
Hybrid Cloud:
Definition: The hybrid cloud combines elements of both public and private clouds,
allowing data and applications to be shared between them.
Key Characteristics:
Flexibility: Organizations can use the public cloud for non-sensitive operations and
the private cloud for sensitive data.
Cost Efficiency: Balance between cost savings from public cloud and control from
private cloud.
Integrated Management: Requires management of multiple environments but offers
a unified experience.
Example: A company storing customer data in a private cloud while running a
public-facing application on a public cloud.
Use Case: Businesses that need to optimize costs while maintaining control over
critical data.
Community Cloud:
Definition: A community cloud is a cloud environment shared by several
organizations with similar needs, such as security, compliance, or performance
requirements.
Key Characteristics:
Shared Infrastructure: Resources are shared among organizations with common
goals.
Security and Compliance: Designed to meet specific regulatory and security
requirements.
Collaboration: Encourages collaboration among organizations within the same
community or sector.
Example: A group of healthcare organizations sharing a cloud infrastructure to
manage patient records.
Use Case: Ideal for sectors with shared regulatory concerns, such as government
agencies or healthcare providers.
4] Cloud Delivery Models [assignment paper !]
UNIT 2
1]
Data center technology component:
Virtualization: Allows multiple virtual machines to run on one physical server,
improving resource use and cloud service flexibility
Standardization and Modularity: Ensures uniformity and easy scalability through
standardized, interchangeable parts.
Automation: Uses software to handle routine data center tasks, reducing the need
for manual work and ensuring efficiency.
Remote Operation and Management: Lets admins monitor and manage data centers
from anywhere, ensuring continuous operation.
High Availability: Keeps services running by using redundancy and failover systems
to minimize downtime.
Security-Aware Design: Builds in protections at every level to safeguard against
unauthorized access and data breaches.
Operation and Management: Oversees daily activities, ensuring resources are used
efficiently and performance stays high.
Facilities: Includes the physical infrastructure like power and cooling systems that
support data center operations.
Computing Hardware: The servers and processors that handle the workloads,
requiring high performance for cloud tasks.
Storage Hardware: Provides fast and scalable data storage, critical for cloud service
reliability and speed.
Network Hardware: Manages data traffic within and outside the data center,
ensuring fast and reliable communication.
Web Tier Load Balancing and Acceleration: Distributes web traffic evenly and
speeds up web performance through optimizations.
LAN Fabric: Connects devices within the data center, ensuring smooth and fast
internal communication.
SAN Fabric: Links storage to servers, providing quick access to data for high-
performance applications.

NAS Gateways: Allows shared file access across the network, centralizing data
management in the data center.

2]
1. Virtualization TECHNOLOGY
Explanation: Virtualization enables the creation of multiple virtual machines (VMs)
on a single physical server, optimizing resource utilization and providing flexibility
for cloud services.
2. Standardization and Modularity
Explanation: Standardization ensures uniformity in components and protocols, while
modularity allows easy scalability and maintenance through interchangeable,
standardized modules.
3. Automation
Explanation: Automation uses software tools to manage data center tasks like
provisioning, monitoring, and maintenance, reducing manual intervention and
ensuring consistent performance.
4. Remote Operation and Management
Explanation: Remote operation and management allow administrators to monitor
and control data center resources from any location, ensuring continuous operation
without the need for on-site personnel.
5. High Availability
Explanation: High Availability ensures continuous operation of data center services
through redundancy, failover mechanisms, and load balancing, minimizing
downtime.
6. Security-Aware Design
Explanation: Security-aware design integrates physical, network, and data security
measures into the data center’s architecture to protect against unauthorized access
and breaches.
7. Operation and Management
Explanation: Operation and management involve overseeing daily data center
activities, ensuring efficient resource use, performance monitoring, and compliance
with policies.
8. Facilities
Explanation: Facilities refer to the physical infrastructure of the data center,
including power, cooling, and security systems, which support the operation of
computing equipment.
9. Computing Hardware
Explanation: Computing hardware includes servers and processors that handle data
center workloads, requiring high performance and scalability for cloud services.
10. Storage Hardware
Explanation: Storage hardware, such as SSDs and storage arrays, provides reliable,
fast, and scalable data storage solutions critical for cloud operations.
11. Network Hardware
Explanation: Network hardware, including routers and switches, manages data flow
within the data center and to external networks, ensuring low-latency
communication.
12. Web Tier Load Balancing and Acceleration
Explanation: Load balancing distributes web traffic across servers to prevent
overload, while acceleration technologies, like CDNs, enhance web performance by
reducing load times.
13. LAN Fabric
Explanation: LAN fabric connects all devices within the data center, ensuring
efficient data flow and high bandwidth for smooth cloud service operation.
14. SAN Fabric
Explanation: SAN fabric connects storage devices to servers, providing high-speed,
block-level access to storage, essential for applications requiring fast data access.
15. NAS Gateways
Explanation: NAS gateways connect storage systems to the network, allowing file-
level access and centralized management of shared data across the data center.
These brief explanations capture the essence of each technology in the context of
data center operations.
3]
Virtualization technology allows multiple virtual instances to run on a single physical
machine, improving efficiency and management in IT systems.
Key Concepts:
Hardware Independence:
Explanation: Virtualization abstracts the software from the physical hardware. This
means virtual machines (VMs) are not tied to specific hardware, making it easy to
move VMs between different physical servers without changing the software.
Example: A VM running on one brand of server can be transferred to another brand
without needing modifications.
Server Consolidation:
Explanation: Virtualization enables multiple VMs to run on a single physical server.
This reduces the number of physical servers needed, saving on hardware, power,
and cooling costs.
Example: Instead of needing 10 servers for different applications, you can run those
applications on 3 servers using virtualization.
Resource Replication:
Explanation: Virtualization allows physical resources like CPU, memory, and storage
to be shared among multiple VMs. Each VM gets a portion of these resources,
improving overall efficiency and utilization.
Example: A server with 64 GB of RAM can be split into 8 GB segments for 8 different
VMs.
Operating System-Based Virtualization:
Explanation: This type of virtualization involves running multiple operating systems
on a single physical machine. Each VM can run its own OS, providing isolated
environments for different applications.
Example: A single server can run Windows, Linux, and other operating systems
simultaneously in different VMs.
Hardware-Based Virtualization:
Explanation: Hardware-based virtualization uses special processor features (like
Intel VT-x or AMD-V) to improve the performance of VMs. These features help
manage VM operations more efficiently by handling some tasks directly in the
hardware.
Example: A VM running a resource-intensive application benefits from hardware
support that speeds up operations and enhances performance.
Virtual Management:
Explanation: Virtual management tools provide a centralized interface to manage
VMs. They help with creating, configuring, monitoring, and maintaining VMs, making
it easier to allocate resources and manage performance.
Example: Tools like VMware vCenter allow administrators to oversee multiple VMs
from a single dashboard, track their usage, and adjust resources as needed.

3] WEB AND MUKLTITE ENANT TECHNOLOGY IN TXT

UNIT 3
1]
Resource replication*
is the process of creating multiple copies or instances of the same IT resource, such
as servers, storage systems, or databases. This is done to improve both the
*availability* and *performance* of the resource.
1. *Why Replication?*
When an IT resource (like a cloud server or database) is crucial for running
applications or storing important data, creating multiple copies of it ensures that if
one copy fails or becomes slow, another copy is ready to take over. This improves
availability because users or systems can always access a working copy.
2. *Improving Performance:*
By having multiple instances of the same resource, tasks and workloads can be
distributed across them. This load-sharing helps avoid overloading a single resource
and keeps everything running smoothly. For example, if many users are accessing
the same data, the requests can be split among the replicated instances, speeding
up response times.
3. *Virtualization and Cloud:*
Virtualization technology is often used for resource replication, especially in cloud
environments. Virtualization allows IT resources to be easily duplicated and
managed on virtual machines. For example, instead of using a physical server, a
cloud provider can create multiple virtual copies of a server that perform the same
job. These virtual copies can be created, updated, and managed quickly and
flexibly.

A *failover system* is a method used to make IT resources more reliable and ensure
continuous availability. Its main purpose is to have backup systems ready to take
over immediately if the primary system fails. This is especially important for critical
services that need to be always available, like banking systems, healthcare
applications, or large-scale websites.
Here’s a more detailed look:

### How It Works:

- A *failover system* automatically switches to a backup system (or multiple backup
systems) when the main system experiences a failure or downtime.
- This is done to prevent disruption in services, ensuring that users or applications
can continue working without noticing any issues.
2]
Failover Systems:
Two Main Types :
1. *Active-Active Failover:*
- In an active-active setup, multiple systems (also called resources) are working at
the same time.
- These systems share the workload, so if one system goes down, the others
continue working, distributing the tasks among them. For instance, if one server
crashes, the remaining servers will automatically pick up the tasks without any
downtime.
- A *load balancer* is used to manage this process. The load balancer monitors
the systems and ensures that work is evenly spread across them. If a failure occurs,
it redirects traffic from the failed system to the others.
- This setup is highly reliable because all systems are active, making it easy to
recover from failures.
2. *Active-Passive Failover:*
- In an active-passive setup, one system is active and working, while another
backup system (or several backups) remains in standby mode, doing nothing.
- If the active system fails, the passive (standby) system is quickly activated to
take over.
- The advantage here is that resources aren't used up unnecessarily on backups.
However, there might be a slight delay in switching over compared to active-active
setups.
Resource Replication in Failover:
- *Resource replication* is the process of making copies of the IT resources (like
servers, databases, or applications) so that the backup systems are always ready.
- These copies are constantly updated to match the current state of the active
system. For example, if your main server is handling a lot of data, the replicated
system will be continuously synchronized with the same data. This means that if a
failure occurs, the backup system is already up-to-date and can take over
immediately without losing any information.
Why Use Failover Systems?
Failover systems are crucial for ensuring high *availability* and *reliability* of
services. In industries where downtime can lead to big losses (financial, reputation,
or even in human lives), failover systems are essential. They keep systems running
smoothly by stepping in when something goes wrong, often without users even
noticing an issue.
In simple terms, a *failover system* is like having a spare tire for your car. If one
tire bursts, you can quickly replace it and continue driving without a major delay or
problem. Similarly, if a part of your IT system fails, the backup immediately takes
over, keeping everything running smoothly. a littlr detailed

UNIT 4
Public Key Infrastructure (PKI)
IT is a cloud security mechanism that manages digital keys and certificates to
establish secure, encrypted communications over the internet. In the context of
cloud security, PKI is used to authenticate users and devices, ensure data integrity,
and enable secure communication through encryption.
Key components of PKI under cloud security include:
Digital Certificates: PKI uses digital certificates to verify the identities of users,
applications, or devices. These certificates are issued by a trusted Certificate
Authority (CA).
Public and Private Keys: PKI employs asymmetric cryptography, which uses a pair of
keys (public and private) for encryption and decryption. The public key is shared
openly, while the private key is kept secure.
Certificate Authorities (CAs): CAs are trusted entities responsible for issuing and
managing digital certificates. They validate identities and ensure that the
certificates are properly issued.
Encryption: PKI enables encryption of data in transit, ensuring that only authorized
parties with the correct private key can decrypt the data.
Authentication: PKI is used for authentication in cloud services, ensuring that only
authorized users or systems can access certain data or resources.
By employing PKI, cloud providers can secure communication channels, protect
sensitive information, and verify the identities of users and devices accessing the
cloud environment.
2]
SSO:
SSO allows users to authenticate once through a security broker for seamless
access to multiple cloud services.
Role of Security Broker:
The security broker manages user credentials and maintains a security context
across different services.
Authentication Process:
Users provide credentials to the broker, which generates an authentication token
upon successful login.
Authentication Token:
This token acts as a digital key, enabling access to various cloud services (e.g., A, B,
C) without re-entering credentials.
Efficiency Improvement:
SSO reduces the need for multiple logins, enhancing user efficiency and reducing
frustration.
Cross-Provider Access:
SSO is especially useful in multi-cloud environments, allowing users to access
services across different cloud providers easily.
Security Management:
The security broker securely handles user credentials and determines appropriate
security procedures for each service.
Usability Enhancement:
SSO simplifies access management, encouraging better resource utilization and
increasing user satisfaction.
Not a Security Solution:
While SSO improves usability, it does not directly mitigate specific cloud security
threats.
Overall Impact:
By streamlining access to distributed IT resources, SSO enhances the overall cloud
computing experience.
3]
IDENTITY ACCESS MANAGEMNET
Identity Verification: Uses digital certificates to authenticate the identities of users,
devices, and applications.
Asymmetric Cryptography: Employs a public-private key pair for encryption and
decryption.

Digital Certificates: Certificates issued by trusted Certificate Authorities (CAs) are

used to validate identity.
Certificate Authorities (CAs): Trusted entities that issue and manage digital
certificates.
Data Encryption: Secures data in transit through encryption to prevent unauthorized
access.
Secure Communication: Ensures secure communication channels between users
and cloud services.
Authentication: Verifies users, devices, or systems before granting access to cloud
resources.
Integrity Assurance: Ensures the integrity of data and communication by detecting
tampering or alterations.
Trust Management: Maintains trust within the cloud environment through certificate
revocation lists (CRLs) and proper key management policies.
These elements contribute to secure cloud operations, protecting data and ensuring
trust between users and services.