Welcome to the VTU Padhai Family!

We are excited to offer you a complete set of notes for Cloud Computing,
covering all the essential topics across five key modules. Whether you're
preparing for exams or looking to deepen your understanding of cloud
technologies, these notes will serve as your go-to resource for navigating the
complexities of the subject.
Here’s what you can expect from each module:
 Module 1: A comprehensive introduction to Cloud Computing, exploring
its service models (IaaS, PaaS, SaaS) and core concepts.
 Module 2: A closer look at cloud deployment models (Public, Private,
Hybrid) and virtualization, laying the foundation for cloud architecture.
 Module 3: Insights into cloud architecture and security practices to
ensure data integrity and safety in cloud environments.
 Module 4: Exploring cloud storage solutions, resource management
strategies, and scalability techniques for efficient cloud operations.
 Module 5: Keeping up with the latest trends and innovations in Cloud
Computing and understanding its diverse applications in real-world
scenarios.
These notes are crafted to not only aid in exam preparation but also provide
valuable insights that will serve you throughout your career in cloud
technologies. As you progress through the modules, you'll gain a well-rounded
understanding of the concepts, tools, and best practices in the ever-evolving
cloud space.
We hope these notes empower you to succeed in your studies and beyond. Let's
embark on this learning journey and unlock the potential of Cloud Computing
together!

Thank you for choosing VTU Padhai.. Happy learning!

 TABLE OF CONTENTS
SL. No Module Page

1. Introduction: 1-24
Introduction, Cloud Computing at a Glance, Historical
Developments, Building Cloud Computing Environments, Amazon
Web Services (AWS), Google AppEngine, Microsoft Azure,
Hadoop, Force.com and Salesforce.com, Manjrasoft Aneka

2. Virtualization: 25-45
Introduction, Characteristics of Virtualized, Environments
Taxonomy of Virtualization Techniques, Execution Virtualization,
Other Types of Virtualizations, Virtualization and Cloud Computing,
Pros and Cons of Virtualization, Technology Examples
3. Cloud Computing Architecture: 46-54
Introduction, Cloud Reference Model, Types of Clouds, Economics
of the Cloud, Open Challenges
4. Cloud Security: 55-70
Risks, Top concern for cloud users, privacy impact assessment,
trust, OS security, VM Security, Security Risks posed by shared
images and management OS.
5. Cloud Platforms in Industry Amazon web services: - Compute 71-103
services, Storage services, Communication services, Additional
services. Google AppEngine: - Architecture and core concepts,
Application life cycle, Cost model, Observations.

Cloud Applications: Scientific applications: - HealthCare: ECG

analysis in the cloud, Biology: gene expression data analysis for
cancer diagnosis, Geoscience: satellite image processing. Business
and consumer applications: CRM and ERP, Social networking,
media applications.
6. Question Bank 104-106
Cloud Computing 21CS72

MODULE 1
Cloud Computing: The Future of Utility-Based Computing Services
Utility Computing Concept:
 Computing is being transformed into a model resembling utility services like water,
electricity, and gas.
 In this model, users access services based on their requirements, without worrying
about where the services are hosted.
 This approach is termed utility computing.
Cloud Computing as a New Paradigm:
 Cloud computing is the latest paradigm aiming to make the vision of utility
computing a reality.
 It changes how we design systems, develop applications, and leverage existing
services.
Dynamic Provisioning:
 Cloud computing is based on the concept of dynamic provisioning, which applies to
services, computing power, storage, networking, and IT infrastructure.
 Resources are made available via the Internet and are offered on a pay-per-use basis
by cloud vendors.
Scalability and Flexibility:
 Cloud services allow users to scale infrastructure up or down based on demand.
 Users only pay for the time they use these resources, which offers cost-efficiency and
flexibility.
Ease of Access and Deployment:
 With cloud services, anyone with a credit card can subscribe to services, deploy, and
configure servers for an application.
 The infrastructure can be adjusted quickly to meet changing application needs.
Cloud Computing at a Glance
1. Leonard Kleinrock's Vision (1969):
Leonard Kleinrock, one of the chief scientists behind ARPANET, predicted the rise of
computer utilities, akin to electricity or telephone services.
He anticipated a future where computing services would be available on demand, much like
today's utilities, serving homes and offices across the country.

1
Cloud Computing 21CS72

2. Utility Computing and Cloud Computing:

The vision of utility computing evolved into what we now refer to as cloud computing.
Since 2007, cloud computing has been used to describe a model where businesses and users
can access applications and infrastructure as services from anywhere in the world.
3. Dynamic Provisioning and Virtualization:
Cloud computing enables the dynamic provisioning of computing services through advanced
data centers and virtualization technologies.
This model allows efficient resource consolidation and utilization, making computing more
scalable and accessible.
4. Pay-Per-Use Model:
Cloud computing operates on a pay-per-use model, allowing users to rent infrastructure,
runtime environments, and services only when needed.
It provides a flexible, cost-effective solution, removing the need for large investments in IT
infrastructure.
5. Different Perspectives on Cloud Computing:
Enterprises: IT leaders see cloud computing as a way to scale infrastructure based on
business needs, allowing them to grow or shrink capacity as required.
End Users: Cloud computing allows users to access documents and data from any device
connected to the Internet, anytime and anywhere.
General View: Many view cloud computing as a utility where they don't need to know where
their servers or data are hosted, as long as they are always available.
6. Cloud Computing as an IT Utility:
Cloud computing transforms IT services into utilities, much like water or electricity.
It has been made possible by various technologies reaching a level of maturity, such as Web
2.0, which has transformed the Internet into a robust service delivery platform.
7. Flexibility and Integration:
Cloud computing provides a highly flexible environment for building new systems or
integrating additional capacity into existing ones.
It offers a more attractive option than buying infrastructure that may only be needed for a
limited time, making it easier to scale resources based on fluctuating demands.
8. Standardization and Consolidation:
As cloud computing continues to grow in popularity, the foundation technologies and systems
supporting it are becoming standardized.

2
Cloud Computing 21CS72

This consolidation is essential for achieving the long-term vision of cloud computing as a
universal, on-demand utility service.
The Vision of Cloud Computing
1. Provisioning of Resources:
Cloud computing enables users to easily provision virtual hardware, runtime environments,
and services with just a credit card, requiring no up-front commitments.
The entire computing stack can be transformed into utilities, allowing systems to be deployed
within hours with minimal maintenance costs.
2. Growing Adoption Across Industries:
Initially met with skepticism, cloud computing has now become a widespread practice across
various business sectors and application domains due to its convenience and scalability.
The rapid demand has accelerated technical development, making services more
sophisticated and cost-effective.
3. Challenges in Vendor Standardization:
Despite advancements, cloud computing often limits users to services from a single vendor
due to the lack of standardization, making it difficult to migrate between providers.
The long-term goal is to establish an open market for IT services where cloud resources can
be traded as utilities, free from technological and legal barriers.
4. A Global Cloud Marketplace:
The vision for the future includes a global digital marketplace where cloud services can be
traded and accessed easily.
This would allow service discovery through automated processes, reducing the need for
manual intervention and enabling seamless integration into existing systems.
5. Cloud as a Utility for Diverse Stakeholders:
Different stakeholders use cloud services for various purposes: developers rely on scalable
runtime environments, end users enjoy web-based document access and processing, and
enterprises leverage on-demand storage and computing power.

6. Benefits for Service Providers and Consumers:

A global cloud market would help service providers become more visible, enhancing their
revenue potential.
The marketplace would also blur the lines between service providers and consumers,
allowing providers to consume competitor services to meet their own client demands.
7. Establishing Standards for Cloud Interoperability:

3
Cloud Computing 21CS72

The establishment of unified standards is crucial for ensuring smooth interaction between
different cloud technologies and for enabling a global cloud marketplace.

8. Consolidation and Optimization of Cloud Datacenters:

Centralizing cloud services into large datacenters reduces the need for extensive technical
infrastructure on the consumer side, optimizing both cost and resource usage.
9. Towards a Future of Seamless Cloud Integration:
The rapid adoption of cloud computing is paving the way for a future where services are
traded effortlessly, enabling businesses and individuals to leverage cloud technologies
without limitations.

Defining a Cloud
Cloud computing has become a widely used term, encompassing a range of technologies,
services, and concepts. It is often associated with virtualized infrastructure, hardware on
demand, utility computing, IT outsourcing, platform and software as a service (SaaS), and
more. The term "cloud" historically emerged from telecommunications, symbolizing the
network or the Internet in system diagrams. In cloud computing, the Internet acts as both the
medium and the platform through which services are delivered.

4
Cloud Computing 21CS72

Definitions
1. Armbrust's Definition:
Cloud computing refers to applications delivered as services over the Internet and the
hardware and system software in datacenters providing those services.
It covers the entire stack, from underlying hardware to high-level software services,
introducing the concept of Everything as a Service (XaaS). XaaS allows IT infrastructure,
platforms, databases, and more to be delivered as a service, priced based on usage.
2. NIST's Definition:
Cloud computing is a model for on-demand network access to a shared pool of configurable
computing resources (networks, servers, storage, applications, services). These resources can
be rapidly provisioned and released with minimal management effort.
Utility-Oriented Approach
Cloud computing adopts a utility-oriented model, where services are delivered with a
pricing model, typically a "pay-per-use" strategy. Users can rent virtual hardware, access
online storage, or use development platforms, paying only for their effective usage. This
model eliminates the need for large up-front costs and allows services to be accessed via a
web browser or API.
Reese identifies three key criteria to determine if a service qualifies as cloud computing:
1. Web Accessibility: The service is accessible via a nonproprietary web browser or
API.
2. Zero Capital Expenditure: No up-front costs are needed to begin.
3. Pay-per-Use: Users are charged based on actual usage.
Service-Level Agreements (SLAs)
For enterprise-level services, cloud providers and users typically establish Service-Level
Agreements (SLAs), which define the quality of service, including uptime, performance, and
support terms. This relationship ensures that cloud resources are managed according to the
user's business needs.
Buyya's Definition
Buyya et al. describe cloud computing as a parallel and distributed system consisting of
virtualized computers that are dynamically provisioned and presented as unified computing
resources. These resources are managed through SLAs negotiated between providers and
consumers, which dictate service quality and usage.
A Closer Look at Cloud Computing
Cloud computing is revolutionizing the way enterprises, governments, institutions, and
research organizations build and manage their computing systems. Its ease of access and
integration, often as simple as making a credit card transaction online, makes cloud resources
highly practical for various market segments.

5
Cloud Computing 21CS72

Real-World Examples
1. Large Enterprises:
o The New York Times: When the New York Times needed to convert its
digital library of past editions into a web-friendly format, the task required
immense computing power for a short duration. Instead of investing in
infrastructure, they used Amazon EC2 and S3 cloud resources. This allowed
them to complete the task in 36 hours with no additional ongoing costs after
relinquishing the resources.
2. Small Enterprises and Startups:
o Animoto: A company that transforms images, music, and video fragments into
customized videos for users. Their need for considerable storage and backend
processing fluctuates. Instead of owning servers, they rely entirely on Amazon
Web Services (AWS), scaling from 70 to 8,500 servers in just one week due
to user demand.
3. System Developers:
o Little Fluffy Toys: This London-based company created a widget for
providing information on nearby bicycle rentals. They used Google
AppEngine to handle the widget’s computing needs, allowing them to launch
the product within a week by focusing solely on business logic rather than
infrastructure management.
4. End Users:
o Apple iCloud: Allows users to store documents in the cloud and access them
from any device. For example, a user can take a photo with a smartphone, edit
it later on a laptop, and see it updated on a tablet. This seamless experience is
entirely transparent to the user, requiring no manual device syncing.
Cloud Computing Models
Cloud computing operates on a pay-as-you-go basis, which accommodates various needs
across sectors, including computing power, storage, and application runtime environments.
This model not only provides on-demand IT services but also reshapes how IT resources are
perceived—as utilities, similar to electricity or water.
The three major deployment models for cloud computing include:
1. Public Clouds:
o These are third-party provided environments (e.g., virtualized datacenters)
made available to consumers on a subscription basis. Public clouds allow users
to quickly access compute, storage, and application services, with data and
applications hosted on the provider's premises.

6
Cloud Computing 21CS72

2. Private Clouds:
o Large organizations with substantial computing infrastructures replicate cloud
IT services in-house, creating a private cloud. This model allows them to
manage data and applications internally while still benefiting from the cloud's
flexibility and scalability.

3. Hybrid Clouds:
o A combination of both public and private cloud infrastructures, allowing
organizations to leverage the benefits of both while maintaining control over
certain sensitive or critical workloads.

The Cloud Computing Reference Model

7
Cloud Computing 21CS72

Cloud computing offers diverse IT services on demand, leading to different perceptions of

what it represents. These services are generally classified into three main categories:
Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-
Service (SaaS). These categories can be visualized in a layered model, often referred to as
the Cloud Computing Reference Model.

8
Cloud Computing 21CS72

How These Layers Work Together?

Each layer in the Cloud Computing Reference Model serves different types of users and
purposes:

 IaaS supports users who require control over infrastructure to build scalable systems.
 PaaS caters to developers building applications in a managed environment.
 SaaS benefits end users who need scalable applications without any involvement in
infrastructure or software management.
1. Infrastructure-as-a-Service (IaaS)
 Description: IaaS provides the fundamental building blocks of computing systems in
the form of virtualized hardware, storage, and networking. These resources are made
available on demand and can be scaled dynamically based on user needs.
 Components:
o Virtual Hardware: Delivered as virtual machine instances that can be
customized with specific software stacks.
o Virtual Storage: Available either as raw disk space or in the form of object
storage for managing data entities.
o Virtual Networking: Manages connectivity among virtual instances and the
Internet or private networks.
 Examples: Amazon EC2, Amazon S3, Rightscale, vCloud.
 Use Case: Ideal for users who want to build dynamically scalable computing systems
or manage large-scale data processing tasks.
2. Platform-as-a-Service (PaaS)
 Description: PaaS provides a higher level of abstraction by offering scalable runtime
environments for applications. It frees users from infrastructure management,
allowing them to focus on application development using predefined APIs and
libraries. The service provider manages scalability and fault tolerance.
 Components:
o Runtime Environments: Scalable and elastic environments for application
execution.
o Middleware Platforms: Abstract environments that handle application
deployment and execution.
 Examples: Windows Azure, Google AppEngine, Hadoop, Aneka.
 Use Case: Ideal for developers who need a scalable programming platform for
building new applications without worrying about underlying infrastructure.

9
Cloud Computing 21CS72

3. Software-as-a-Service (SaaS)
 Description: SaaS delivers software applications on demand, often through a web
browser. These applications are hosted on the provider's infrastructure, making them
more scalable and accessible without requiring users to install or maintain software.
 Components:
o End-User Applications: Common desktop functionalities such as document
management, CRM, and photo editing are replicated in a cloud environment.
o Social Networking and Other Services: Cloud infrastructure supports
applications like social networking sites, which need to handle massive user
interaction loads.
 Examples: Google Docs, Salesforce, Facebook, Flickr.
 Use Case: Best for end users who need applications like email, CRM, or document
management, without the hassle of software development or infrastructure
management.
Characteristics and Benefits of Cloud Computing
Cloud computing provides a variety of characteristics that offer substantial benefits for both
Cloud Service Consumers (CSCs) and Cloud Service Providers (CSPs). The key
characteristics include:
1. No Up-front Commitments
 Description: Users do not need to invest heavily in IT infrastructure or software
before starting to use cloud services. Resources are available on demand, and users
only pay for what they use.
 Benefit: This drastically reduces capital expenditures for organizations, allowing
them to avoid costly upfront investments.
2. On-demand Access
 Description: Cloud resources are available whenever they are needed, and users can
scale their consumption based on demand.
 Benefit: This increases flexibility and agility, allowing organizations to dynamically
scale resources to handle traffic spikes or unexpected workloads without having to
plan capacity in advance.
3. Nice Pricing (Pay-as-you-go)
 Description: Cloud services operate on a pay-as-you-go model, where users are billed
for the resources they consume (such as compute hours, storage space, etc.).
 Benefit: Costs are turned into operating expenses (Opex) rather than capital
expenditures (Capex), allowing businesses to better manage their budgets and
reducing the need for expensive hardware investments.
4. Simplified Application Acceleration and Scalability

10
Cloud Computing 21CS72

 Description: Cloud platforms offer built-in scalability and performance

enhancements for both infrastructure and applications.
 Benefit: Organizations can scale their IT infrastructure and applications more easily
and quickly, leveraging cloud platforms to accommodate growing demands and to
increase performance without the need for specialized hardware.
5. Efficient Resource Allocation
 Description: Cloud computing optimizes the use of resources by dynamically
allocating computing power, storage, and networking capacity based on real-time
needs.
 Benefit: This leads to better utilization of IT resources, reducing waste and lowering
costs. It also enhances energy efficiency by minimizing idle computing capacity,
contributing to a more environmentally friendly approach.
Key Benefits of Cloud Computing
1. Reduced Costs:
o Cloud computing converts capital costs (Capex) into operational costs (Opex),
reducing the need for upfront investments in IT infrastructure and software.
Maintenance costs are also lowered, as the responsibility for maintaining
hardware and software shifts to the CSP.
2. Scalability and Flexibility:
o Cloud services allow for rapid scaling based on demand, providing more
flexibility in responding to workload surges without extensive planning. This
is particularly beneficial for handling unplanned spikes in traffic or workload.
3. Increased Agility:
o With cloud services, organizations can structure and adjust their software
systems more dynamically. There’s no need to acquire physical hardware,
making it easier and faster to deploy new applications and services.
4. Multitenancy and Cost Sharing:
o Cloud platforms often operate on a multitenant model, where multiple users
share the same infrastructure. This reduces costs for all users since the
infrastructure is fully utilized and the costs are distributed among many
tenants.
5. Accessibility and Convenience:
o End users benefit from having access to data and services from anywhere, on
any device, through web-based interfaces. This enables mobile workforces and
increases productivity as users can work from virtually any location.
Environmental and Energy Efficiency

11
Cloud Computing 21CS72

Cloud computing’s concentration of IT infrastructure into large datacenters enables

significant optimization in resource allocation and energy efficiency. By consolidating
computing power, CSPs can reduce the environmental impact of IT operations, lowering
energy consumption and contributing to a greener approach to computing.
Challenges Ahead in Cloud Computing
As cloud computing evolves, several significant challenges have emerged that require
attention from IT professionals, cloud providers, governments, and regulators. These
challenges fall into technical, security, and legal domains:
1. Dynamic Provisioning and Resource Management
 Challenge: One of the main difficulties in cloud computing is determining how many
resources to provision and for how long. This is especially relevant in Infrastructure-
as-a-Service (IaaS), where cloud providers must optimize resource allocation to
balance costs and performance.
 Impact: Incorrect provisioning can lead to either wasted resources (increased costs)
or insufficient capacity to handle workload spikes, impacting performance.
2. Infrastructure Management and Virtualization
 Challenge: Cloud service providers face technical difficulties in managing large-scale
computing infrastructures, particularly when virtualization is involved. Efficiently
using virtualization while maintaining performance and reliability is complex.
 Impact: Poorly managed infrastructure or inefficient use of virtualization
technologies can reduce system efficiency, leading to higher costs and poorer service
quality.
3. Security Concerns
 Challenge: Security is a paramount concern, especially around confidentiality,
secrecy, and data protection in cloud environments. Since organizations don’t own
the infrastructure, they must trust providers to secure their data.
 Impact: The weak point in the security chain arises when data must be decrypted for
processing in memory. Virtualization can expose these memory pages to malicious
providers, creating potential risks of data breaches.
 Solution: Enhanced encryption techniques, secure memory management, and more
rigorous auditing are needed to mitigate this risk.
4. Legal and Regulatory Issues
 Challenge: The global nature of cloud computing raises significant legal challenges,
particularly regarding data privacy laws. Different countries have varying
regulations concerning who can access data and under what circumstances.
o For example, the U.S. government has broad authority to access data for
national security reasons, while European laws are more stringent in
protecting data privacy.

12
Cloud Computing 21CS72

 Impact: Organizations using cloud services in multiple jurisdictions may face legal
disputes regarding data ownership and access. Conflicts between local and
international laws can complicate data handling, particularly for multinational
companies.

5. Data Sovereignty and Geographical Distribution

 Challenge: The spread of cloud infrastructure across different geographical regions
can lead to conflicts over data sovereignty. For instance, if a U.S. company stores data
in a European datacenter, it may be difficult for U.S. authorities to access that data
under suspicion.
 Impact: This can create legal deadlocks or complications when different national
laws about data access and privacy collide, potentially exposing organizations to
regulatory penalties or non-compliance.

Historical Developments in Cloud Computing

The concept of renting computing services has evolved significantly from the days of early
mainframes to the modern cloud computing era. The development of cloud computing is
deeply rooted in the evolution of distributed computing technologies. Here’s an overview of
the key historical milestones that have influenced cloud computing

1. Distributed Systems
 Definition: A distributed system is a collection of independent computers that appears
to its users as a single coherent system. This concept is crucial for cloud computing,
which hides the complexity of its architecture behind a unified interface.

13
Cloud Computing 21CS72

 Characteristics: Distributed systems are marked by their ability to share resources

and improve utilization. They often exhibit features such as heterogeneity, openness,
scalability, and continuous availability—traits that are also important in cloud
computing.

2. Mainframes (1950s - 1980s)

 Overview: Mainframes were the first large-scale computing facilities that utilized
multiple processing units to provide high computational power. They were known for
their reliability and ability to handle massive I/O operations and data processing tasks.
 Impact: Mainframes were used for bulk processing tasks and set the stage for the
development of large-scale computational facilities. They introduced the idea of
centralized, powerful computing resources that could be accessed by users as a single
entity.
3. Clusters (1980s - 1990s)
 Overview: Cluster computing emerged as a cost-effective alternative to mainframes
and supercomputers. Clusters connected multiple commodity machines through high-
bandwidth networks and managed them as a single system.
 Impact: This technology made high-performance computing more accessible and
affordable, facilitating the development of distributed computing tools and
frameworks such as Condor, Parallel Virtual Machine (PVM), and Message Passing
Interface (MPI). Clusters provided a more flexible and expandable approach to
computing power.
4. Grid Computing (1990s - 2000s)
 Overview: Grid computing extended the concept of clusters to a larger scale,
aggregating geographically dispersed clusters through Internet connections. It allowed
users to access vast computational power and storage as utility services.
 Impact: Grids were dynamic aggregations of heterogeneous computing nodes and
introduced the idea of computing resources being shared across organizations and
regions. This model paved the way for cloud computing by demonstrating the
feasibility of utility-based computing.
5. Cloud Computing (2000s - Present)
 Overview: Cloud computing represents the culmination of ideas from mainframe,
cluster, and grid computing. It involves deploying large-scale computing
infrastructures in data centers that provide services to users on a pay-per-use basis.
 Characteristics: Clouds offer virtually unlimited capacity, high tolerance to failures,
and are always available. They are typically built from commodity machines and
leverage the utility model introduced by grid computing. Major milestones include:
o 2004: Introduction of Web 2.0, which emphasized user-generated content and
collaboration.

14
Cloud Computing 21CS72

o 2007: Launch of Manjrasoft Aneka, a cloud computing platform.

o 2008: Google AppEngine introduced, offering scalable cloud-based
application development.
o 2009: Amazon Web Services (AWS) expanded its offerings with EC2 and S3,
marking a significant step in commercial cloud services.
Virtualization and Its Role in Cloud Computing
Virtualization is a cornerstone of modern cloud computing, enabling the abstraction and
efficient utilization of computing resources. This technology has evolved significantly over
the past four decades, and its advancements have been crucial for the development of cloud
services. Here’s an overview of virtualization and its impact on cloud computing:
Overview of Virtualization
 Definition: Virtualization is a technology that abstracts fundamental computing
elements such as hardware, runtime environments, storage, and networking. It allows
for the creation of multiple virtual instances on a single physical resource, making
resource management more efficient and flexible.
 Historical Context: Although virtualization has been around for over 40 years, its
widespread use has only become feasible recently due to technological advancements.
Early limitations in hardware and software efficiency restricted the practical
applications of virtualization. Today, these limitations have been overcome, and
virtualization is integral to cloud computing.
Types of Virtualizations
1. Hardware Virtualization
o Description: This involves creating virtual machines (VMs) that simulate the
hardware interface expected by an operating system. Each VM operates in
isolation, allowing multiple software stacks to coexist on the same physical
hardware.
o Impact: Hardware virtualization enables cloud services to deliver virtual
servers on demand. Examples include Amazon EC2, VMware vCloud, and
other similar platforms. It allows for the dynamic provisioning of virtual
servers tailored to user needs, optimizing resource utilization and scalability.
2. Storage Virtualization
o Description: This technology abstracts storage resources from the underlying
hardware. It enables the pooling of storage devices to appear as a single,
unified storage resource to users and applications.
o Impact: Storage virtualization enhances storage efficiency, simplifies
management, and improves data access and scalability. It is essential for
providing scalable storage solutions in cloud environments.
3. Network Virtualization

15
Cloud Computing 21CS72

o Description: Network virtualization abstracts and combines network

resources, creating virtual networks that can operate independently of physical
network infrastructure.
o Impact: It allows for the creation of flexible, on-demand network
configurations and improves network management and scalability. This is
crucial for dynamic and scalable cloud services.
4. Process Virtual Machines
o Description: Unlike hardware virtualization, process virtual machines provide
an abstraction layer for applications rather than entire operating systems.
Examples include the Java Virtual Machine (JVM) and the .NET Common
Language Runtime (CLR).
o Impact: Process virtual machines isolate application execution from the
underlying hardware and operating system. This abstraction offers better
control over application resources and is used in cloud platforms for scaling
applications, such as Google AppEngine and Windows Azure.
Web 2.0 and Its Impact on Cloud Computing
Web 2.0 represents a significant evolution in the way web technologies and services are
utilized, impacting both application development and user interaction. This new phase of the
web has paved the way for a richer and more interactive online experience, which is closely
integrated with cloud computing. Here’s a detailed look at Web 2.0 and its influence on cloud
computing:
Definition and Characteristics of Web 2.0
 Definition: Web 2.0 refers to the second generation of web-based services and
technologies that emphasize user interactivity, collaboration, and content sharing.
Unlike the static nature of earlier web technologies, Web 2.0 focuses on dynamic
content and user-driven interaction.
 Key Characteristics:
o Interactivity: Web 2.0 enhances user interaction with websites and
applications. This includes real-time updates, user feedback, and dynamic
content presentation.
o Flexibility: Web pages and applications are more flexible, providing features
traditionally found in desktop applications directly through the web interface.
o User-Centered Design: The design philosophy of Web 2.0 prioritizes user
experience, enabling users to actively contribute to and shape the content and
functionality of applications.
o Application Composition: Web 2.0 supports the integration and composition
of various web services, allowing for the creation of new applications from
existing services.
Technologies Enabling Web 2.0

16
Cloud Computing 21CS72

 XML (eXtensible Markup Language): XML is used to structure data in a way that
is both machine-readable and human-readable, facilitating data interchange between
web services.
 AJAX (Asynchronous JavaScript and XML): AJAX enables web applications to
update content asynchronously without requiring a full page reload. This results in a
more responsive and dynamic user experience.
 Web Services: Web services allow applications to communicate and share data over
the internet using standard protocols. They play a crucial role in integrating and
composing different web functionalities.
 RSS (Really Simple Syndication): RSS feeds allow users to receive updates from
websites without visiting them. It helps in aggregating and distributing content
efficiently.
Examples of Web 2.0 Applications
 Google Documents: An online document editor that allows real-time collaboration
and sharing of documents, leveraging cloud infrastructure for storage and processing.
 Google Maps: Provides interactive maps and location-based services using AJAX and
other web technologies.
 Facebook: A social networking site that uses Web 2.0 technologies to provide a
highly interactive and personalized user experience.
 Flickr: An image and video hosting service that harnesses user contributions for
content creation and sharing.
 YouTube: A video-sharing platform that allows users to upload, view, and interact
with video content.
 Wikipedia: An online encyclopedia that relies on user-generated content and
community collaboration.
Service-Oriented Computing (SOC) and Its Role in Cloud Computing
Service-Oriented Computing (SOC) represents a foundational paradigm for developing and
managing applications and systems within cloud computing. SOC focuses on using services
as the core building blocks for creating scalable, flexible, and interoperable systems. Here’s a
detailed overview of SOC and its influence on cloud computing:
Concepts of Service-Oriented Computing
1. Definition of a Service:
o Abstraction: A service is a self-contained and platform-independent
component that performs a specific function or task.
o Loose Coupling: Services are designed to be loosely coupled, meaning they
can interact with each other without being tightly integrated. This allows for
flexibility and reusability.

17
Cloud Computing 21CS72

o Platform Independence: Services are accessible from different platforms and

technologies, enhancing their usability across various systems.
o Location Transparency: Services can be accessed from anywhere, making
them available over a network without concern for their physical location.

2. Service-Oriented Architecture (SOA):

o Definition: SOA is an architectural framework that organizes software
systems into a collection of services. These services are designed to be
discoverable, reusable, and interact through well-defined interfaces.
o Composition: Services in SOA can be composed and aggregated to create
more complex applications and business processes. This composition is
facilitated through published and discoverable service interfaces.
3. Quality of Service (QoS):
o Definition: QoS refers to a set of attributes that evaluate the performance and
reliability of a service. These attributes can include response time, security,
transactional integrity, scalability, and availability.
o Service Level Agreements (SLA): QoS requirements are defined in SLAs
between service providers and clients. SLAs specify the acceptable
performance levels and other criteria that must be met by the service.
4. Software-as-a-Service (SaaS):
o Definition: SaaS is a software delivery model where applications are hosted
by service providers and made available over a network, typically on a
subscription basis.
o Economies of Scale: SaaS providers achieve cost efficiency through
multitenancy, where a single instance of the software serves multiple clients.
This model reduces maintenance costs and simplifies updates.
o Flexibility: SaaS allows for the delivery of complex business processes and
applications as services, enabling on-the-fly composition and reuse of
services.
Utility-Oriented Computing: Evolution and Impact
Utility-Oriented Computing is a model that envisions computing resources—such as
storage, processing power, applications, and infrastructure—as services provided on a pay-
per-use basis, akin to utilities like electricity or water. This model has evolved significantly
over the years and has become a cornerstone of modern cloud computing. Here’s a detailed
look at utility-oriented computing and its evolution:
Historical Background

18
Cloud Computing 21CS72

1. Early Vision by John McCarthy:

1961 Insight: John McCarthy, a pioneering computer scientist, envisioned computing as a
public utility. He suggested that computing power could one day be organized and delivered
like a utility service, much like telephones or electricity. This idea laid the groundwork for the
utility computing model we see today.

2. Mainframe Era:
Mainframe Computing: During the era of mainframe computers, companies like IBM
provided computing resources to large organizations such as banks and government agencies.
These early systems were among the first instances of utility-like computing, where
organizations paid for the computing power they used.
Improvements: This model led to advancements in mainframe technology, including
enhanced operating systems, process control, and user-metering features.
3. Cluster Computing:
Academic and Research Use: The concept of utility computing extended to academic and
research institutions with the advent of cluster computing. Institutions could access powerful
computing resources externally to tackle complex computational problems, known as "Grand
Challenge" problems, without needing to invest in their own infrastructure.
4. Internet and Web Technologies:
Global Access: The widespread adoption of the Internet and web technologies facilitated the
realization of utility computing on a global scale. Computing grids emerged, offering planet-
scale distributed computing infrastructure accessible on demand.
Market Orientation: Computing grids introduced market-oriented elements, allowing users
to bid for or purchase computing resources, such as storage and computation, much like any
other commodity.
5. E-commerce and Online Services:
E-commerce Infrastructure: The rise of e-commerce in the late 1990s, which allowed
consumers to buy a wide range of goods and services online, contributed to the adoption of
utility computing. The development of online payment systems made it easier for users to
purchase computing resources and services.
Public Interest: Although interest in online services waned after the dot-com bubble burst,
the infrastructure for online payments and services had already been established, paving the
way for utility computing.
Building Cloud Computing Environments
Creating effective cloud computing environments involves both developing applications that
leverage cloud capabilities and designing the infrastructure and systems that deliver these
cloud services. Here's a detailed breakdown of how to approach both aspects:

19
Cloud Computing 21CS72

1. Application Development
Applications that utilize cloud computing benefit from dynamic scaling and on-demand
resource allocation. This is crucial for handling varying workloads and complex processes.
The main categories of cloud applications include:
1. Web Applications:
Scalability: Web applications benefit significantly from cloud computing due to its ability to
scale resources based on user demand. This is essential for applications with fluctuating user
interactions and workload.
Web 2.0 Technologies: With Web 2.0, the Web has become a platform for complex and
interactive applications. These applications interact with users and backend services across
multiple tiers, making them sensitive to infrastructure sizing and deployment variability.
2. Resource-Intensive Applications:
Data-Intensive and Compute-Intensive: These applications require substantial resources
but only intermittently. Examples include scientific simulations and large-scale data analyses.
On-Demand Resource Usage: Cloud computing allows these applications to access massive
compute power and storage only when needed, avoiding the need for permanent
infrastructure investments.
3. Cloud Benefits:
Dynamic Scaling: Cloud environments provide methods for dynamically scaling compute
power, storage, and networking resources.
Runtime Environments: Cloud platforms offer environments designed for scalability and
dynamic resource allocation.
Application Services: Cloud services mimic desktop applications but are hosted and
managed on the provider's side, making integration seamless. These services are often
accessed through RESTful Web services, simplifying development and management.
2. Infrastructure and System Development
Developing cloud infrastructure and systems involves several core technologies and requires
addressing unique challenges:
1. Distributed Computing:
o Foundation: Cloud computing systems are distributed, and managing these
distributed resources effectively is crucial.
o Dynamism: The ability to provision new nodes and services on demand adds
complexity. This is primarily managed at the middleware layer.
2. Infrastructure-as-a-Service (IaaS):
o Resource Management: IaaS provides scalable resources (compute, storage,
networking) that can be added or removed as needed.

20
Cloud Computing 21CS72

o Deployment Considerations: Developers must wisely utilize the scalable

infrastructure, balancing resource availability with system performance and
cost.
3. Platform-as-a-Service (PaaS):
o Provisioning and Leasing: PaaS solutions manage resource provisioning and
lease processes, often incorporating algorithms and rules that can be either
transparent or controllable by developers.
o Integration: Seamless integration with existing systems is crucial for
leveraging PaaS effectively.
4. Web 2.0 Technologies:
o Service Orientation: Cloud computing systems are built on service-oriented
architectures (SOAs), where services are delivered through Web interfaces and
accessed via APIs.
o XaaS Model: Cloud computing is often summarized as Everything-as-a-
Service (XaaS), emphasizing the role of services in the cloud.
5. Virtualization:
o Core Feature: Virtualization allows cloud providers to create virtual instances
of hardware and runtime environments. This technology is crucial for
managing cloud resources.
o Challenges: Developers must understand the limitations and implications of
virtualization technology, including its impact on system volatility and
performance.
6. Programming Considerations:
o Dynamic Components: Cloud computing requires designing systems that can
handle dynamic scaling and replication of components under stress.
o Design Guidelines: Focus on scalability, flexibility, and reliability when
designing cloud-based systems. Consider the impact of component volatility
and the need for effective resource management.
Computing Platforms and Technologies
Cloud computing environments are built using various platforms and technologies, each
offering different services and capabilities. Here’s an overview of key platforms and
technologies used in cloud computing:
1. Amazon Web Services (AWS)
AWS provides a broad range of cloud infrastructure services, including:
 Elastic Compute Cloud (EC2): Offers customizable virtual hardware configurations,
including GPU and cluster instances. Users can deploy instances via the AWS console

21
Cloud Computing 21CS72

or Web services API. EC2 instances can be saved as images, allowing for template
creation, which are then stored in Simple Storage Service (S3).
 Simple Storage Service (S3): Provides scalable storage in the cloud organized into
buckets. S3 allows storage of various types of objects, including files and disk images,
accessible globally.
 Additional Services: AWS includes a variety of other services for networking,
caching, DNS, and databases (both relational and non-relational), supporting
comprehensive cloud computing solutions.
2. Google App Engine
Google App Engine is designed for developing scalable web applications, leveraging
Google’s infrastructure to handle dynamic scaling:
 Runtime Environment: Offers a secure environment for web applications with
services such as in-memory caching, scalable data stores, job queues, messaging, and
cron tasks.
 Development and Deployment: Developers use the App Engine SDK to build and
test applications locally. Once tested, applications can be deployed to App Engine
with easy migration, cost containment through quotas, and availability across the
globe.
 Supported Languages: Python, Java, and Go.
3. Microsoft Azure
Microsoft Azure provides a comprehensive cloud platform with the following features:
 Roles: Applications are organized into roles: Web roles for hosting web applications,
Worker roles for generic workload processing, and Virtual Machine roles for fully
customizable environments including operating systems.
 Additional Services: Azure offers support for storage (both relational and blobs),
networking, caching, content delivery, and more, complementing the execution of
cloud applications.
4. Hadoop
Apache Hadoop is an open-source framework for processing large data sets:
 MapReduce: Implements the MapReduce programming model developed by Google,
which consists of two operations: map (transforming input data) and reduce
(aggregating map results).
 Usage: Yahoo! has integrated Hadoop into its infrastructure for data processing and
operates one of the largest Hadoop clusters. Hadoop is also available for academic
use.

22
Cloud Computing 21CS72

5. Force.com and Salesforce.com

Force.com is a platform for developing social enterprise applications, primarily used in
conjunction with Salesforce.com:
 Development Platform: Allows for the creation of applications using pre-built blocks
and components. Developers can also create custom components or use those
available in AppExchange.
 Application Development: Supports end-to-end development from data layout
design to business rules and user interfaces. Applications are hosted on the cloud and
accessed through web services.
6. Manjrasoft Aneka
Manjrasoft Aneka is a cloud application platform for building scalable applications:
 Programming Abstractions: Provides abstractions such as tasks, distributed threads,
and map-reduce for application development.
 Distributed Runtime: Supports deployment on various types of hardware (clusters,
networked desktops, cloud resources) with a service-oriented architecture for
flexibility in integrating new features and managing runtime activities.
Cloud Computing Service Models
These platforms generally fall into the three major cloud service models:
1. Infrastructure-as-a-Service (IaaS): Provides virtualized computing resources over
the internet (e.g., AWS EC2).
2. Platform-as-a-Service (PaaS): Offers a platform allowing customers to develop, run,
and manage applications without dealing with the underlying infrastructure (e.g.,
Google App Engine, Microsoft Azure).
3. Software-as-a-Service (SaaS): Delivers software applications over the internet on a
subscription basis (e.g., Salesforce.com).
-------------------------------------END OF MODULE 1----------------------------------

23
Cloud Computing 21CS72

MODULE 2
VIRTUALIZATION
Introduction
Virtualization refers to a set of technologies and concepts that provide an abstract environment,
whether virtual hardware or operating systems, to run applications. Historically, virtualization has
been available in many forms, offering virtual environments at various levels, such as the operating
system, programming languages, and applications. While it has been around for a while, recent
developments have made it more prevalent, especially in delivering Infrastructure-as-a-Service (IaaS)
solutions for cloud computing.
Virtualization has gained momentum due to several factors:
 Increased Performance and Computing Capacity: Modern PCs, even desktops, are
powerful enough to run virtual machines alongside regular tasks without noticeable
performance degradation.
 Underutilized Hardware and Software: Powerful computers are often not fully utilized,
especially in enterprise environments, where office computers may be idle after business
hours. Virtualization can help maximize their use.
 Lack of Space: Companies are often constrained by the physical space needed for data
centers. Virtualization enables server consolidation, which reduces the number of physical
servers required.
 Greening Initiatives: Reducing energy consumption and the carbon footprint of data centers
is becoming increasingly important. Virtualization helps reduce power consumption and the
need for cooling by consolidating servers.
 Rising Administrative Costs: As server numbers grow, so do administrative costs.
Virtualization can reduce the number of physical servers, which helps lower these costs.
In addition to hardware virtualization, other forms of virtualization have played a key role in
development, particularly virtual machine-based programming languages like Java and .NET. Java,
released in 1995, became popular for integrating small applications (applets), and by the early 2000s,
Java and .NET were used for enterprise-class applications. These developments proved that
virtualization could be implemented without significant performance overhead, paving the way for the
widespread adoption of virtualization technologies in data centers.
Characteristics of Virtualized Environments
Virtualized environments refer to the creation of virtual versions of various system components such
as hardware, software, storage, or networks. The virtualization process involves three key
components: guest, host, and the virtualization layer. These components operate as follows:
 Guest: This is the system interacting with the virtualization layer instead of directly with the
host.
 Host: Represents the original environment where the virtualization layer operates.
 Virtualization Layer: The software responsible for recreating the environment where the
guest will run, ensuring the separation between guest and host.

24
Cloud Computing 21CS72

Guest Virtual Image Applications Applications

Virtual Hardware Virtual Storage Virtual Networking

Virtualization Layer
Software Emulation

Host Physical Hardware Physical Storage Physical Networking

Virtualization can be applied in different areas such as hardware, storage, and networking. For
instance, in hardware virtualization, the guest is typically a system image that includes an operating
system and applications running on virtual hardware managed by the Virtual Machine Manager
(VMM). This is supported by the host's physical hardware.
Key Characteristics of Virtualized Environments
1. Increased Security:
o Virtualization enables secure and isolated execution of guest systems. The virtual
machine (VM) provides a layer between the guest and the host, which can filter and
manage operations. For example, sensitive data on the host can be hidden from the
guest. This capability is essential when running untrusted code or isolated
applications like Java applets in sandboxed environments. VMs like VMware
Desktop, VirtualBox, and Parallels ensure that the virtual file system is separated
from the host system, making it ideal for running potentially harmful applications
without compromising host security.

Virtual
Resources

Sharing Aggregation Emulation Isolation Virtualization

Physical
Resources

25
Cloud Computing 21CS72

2. Managed Execution:
o Virtualized environments provide greater control over how guest systems are
executed, offering benefits like:
 Sharing: Allows multiple guests to share the same physical resources,
improving utilization. For example, in data centers, resource sharing helps
reduce server counts and power consumption.
 Aggregation: The reverse of sharing, where multiple physical hosts can be
grouped together and represented as a single virtual system. This is useful in
distributed computing scenarios.
 Emulation: Allows a guest to run in an environment emulated by the virtual
layer, which is different from the physical host. This feature is useful for
testing software on different platforms or running legacy applications.
 Isolation: Virtualization provides each guest with a completely separate
environment, preventing interference between guests and protecting the host
from harmful operations. This is particularly useful in multi-tenant
environments.
3. Portability:
o One of the main advantages of virtualization is portability. In hardware
virtualization, virtual machine images can be moved and run on different virtual
machines with minimal effort. Similarly, applications developed for platforms like
Java (JVM) or .NET can be run on any system supporting the corresponding virtual
machine, providing flexibility and consistency across different environments.
Additional Benefits
 Performance Tuning: Modern virtualization technologies allow fine-tuning of resources
allocated to guests, improving performance. For example, guests can be assigned specific
amounts of memory or processing power, and their performance can be optimized.
 Virtual Machine Migration: This feature allows the movement of a guest system from one
physical machine to another without disrupting its execution, which is particularly useful in
virtualized data centers for load balancing and maintenance tasks.
These features, including enhanced security, flexibility in execution, and portability, make virtualized
environments a powerful tool for optimizing IT infrastructure and application deployment.
Taxonomy of Virtualization Techniques
Virtualization involves various techniques aimed at emulating different aspects of computing. The
taxonomy of these techniques is based on the service or entity being emulated. Broadly, virtualization
can be categorized into the following areas:
 Execution Virtualization
 Storage Virtualization
 Network Virtualization
Of these, execution virtualization is the most developed and widely used, meriting deeper
investigation and further classification. The execution virtualization techniques can be divided into
two main categories based on the type of host they require:

26
Cloud Computing 21CS72

1. Process-Level Virtualization:
o These techniques run on top of an existing operating system, which has full control
over the hardware.
o The virtualization layer creates isolated environments for applications, which operate
as if they have their own operating system resources but share the underlying kernel.
o Examples include containers like Docker and LXC, which offer isolated user spaces
for running applications.
2. System-Level Virtualization:
o These techniques are implemented directly on hardware and do not require (or require
minimal support from) an existing operating system.
o This type of virtualization provides a guest system with a virtual environment that
closely mimics the underlying hardware.

How it is done? Technique Virtualization Model

Emulation Application

Execution
Process Level High-Level VM
Programming
Environment Language

Operating
Storage Multiprogramming
System
Virtualization

Hardware-Assisted
Network Virtualization

Full Virtualization
Hardware
. System Level
Paravirtualization

Partial Virtualization

o Examples include hypervisors like VMware ESXi, Hyper-V, and KVM, which
allow multiple operating systems to run on a single physical machine by abstracting
the hardware.
Categories within Execution Virtualization
Execution virtualization techniques can be classified based on the type of virtual environment
provided to the guest:
1. Bare Hardware Virtualization:
o The guest operating system runs directly on a virtualized version of the hardware. The
hypervisor manages virtual machines by providing them with virtualized access to
physical hardware.
o Example: Hypervisors like VMware, Xen, and Hyper-V.

27
Cloud Computing 21CS72

2. Operating System Resource Virtualization:

o This involves providing isolated instances of operating system resources for running
multiple user environments on a single operating system kernel.
o Example: Containers like Docker or OpenVZ.
3. Low-Level Programming Language Virtualization:
o A virtual environment is created to run programs compiled against an abstract
machine model, allowing them to execute independently of the hardware.
o Example: Java Virtual Machine (JVM) or .NET Common Language Runtime
(CLR).
4. Application-Level Virtualization:
o This approach isolates applications by virtualizing libraries or services on which they
depend, enabling them to run in isolated environments.
o Example: Application virtualization solutions like Microsoft App-V.
Machine Reference Model
Virtualizing an execution environment at different levels of the computing stack requires a reference
model to define the interfaces between layers of abstraction. These layers hide implementation
details, which simplifies the virtualization process by allowing one layer to intercept calls to another.
Modern computing systems can be described using the machine reference model. This model includes
several layers, each of which plays a critical role in the functioning of a computing system.

Applications Applications

API calls
API
Libraries Libraries

ABI System calls User

User ISA
Operative System Operative System ISA

ISA ISA

Hardware Hardware

Components of the Machine Reference Model:

1. Instruction Set Architecture (ISA):
o ISA defines the instruction set of the processor, including registers, memory, and
interrupt management.
o It serves as the interface between hardware and software, providing the foundation for
both system-level and application-level programming.
o The System ISA is relevant to OS developers, while the User ISA concerns
developers writing applications that directly manage hardware.

28
Cloud Computing 21CS72

2. Application Binary Interface (ABI):

o ABI defines the interface between the operating system and applications. It includes
low-level details like data types, memory alignment, and calling conventions.
o This level allows portability of applications across operating systems that implement
the same ABI by defining a consistent format for executable programs.
o System calls, which are essential for interacting with the OS, are defined at this level.
3. Application Programming Interface (API):
o API provides the highest level of abstraction, allowing applications to interact with
system libraries and operating system services.
o This is the interface most developers use for high-level program interactions.
The overall process flows from the highest abstraction level (API) down to the hardware level (ISA),
with each layer performing its designated functions. The abstraction at each level simplifies system
development and multitasking.
Security and Privileged Execution
To maintain security, the machine reference model separates instructions into two categories:
 Privileged Instructions:
o These are instructions that can affect shared resources or the privileged state of the
processor. They are executed in supervisor mode (Ring 0) to avoid interference with
other tasks.
o Examples include I/O operations and instructions that alter CPU registers.
 Non-Privileged Instructions:
o These do not affect shared resources and are safe to execute in user mode (Ring 3).
o Examples include arithmetic or floating-point instructions.
Many architectures use a ring-based security model, with Ring 0 being the most privileged level
(used by the kernel) and Ring 3 being the least privileged (used by user applications). Some
architectures, like modern systems, simplify this model into just two levels: supervisor mode (Ring
0) and user mode (Ring 3).
Hypervisor and Execution Modes
The hypervisor concept is central to virtualization:
 A hypervisor runs above the supervisor mode, overseeing multiple virtual machines.
 Hypervisors manage sensitive instructions that are typically executed in privileged mode
(Ring 0) to ensure isolation and control over hardware resources.
 Early ISAs posed challenges because certain sensitive instructions could be executed in user
mode, causing security risks. Newer ISA implementations (e.g., Intel VT, AMD Pacifica)
have addressed this issue by ensuring all sensitive instructions are executed in privileged
mode.

29
Cloud Computing 21CS72

Importance of the Machine Reference Model

The machine reference model helps to:
 Simplify system development: Each layer abstracts its specific operations, providing a clear
separation of concerns.
 Enhance security: Privileged instructions are restricted to prevent malicious operations in
virtualized environments.
 Enable multitasking: The model allows multiple execution environments to coexist without
interference.
Hardware-Level Virtualization
Hardware-level virtualization, also known as system virtualization, provides an abstract execution
environment by simulating hardware on which guest operating systems can run. In this virtualization
model:
 Host: Represents the physical computer hardware.
 Guest: Represents the guest operating system running on the virtualized environment.
 Virtual Machine: Represents the virtualized emulation of the underlying hardware.
 Hypervisor: Manages the virtual machines and abstracts the underlying hardware, allowing
multiple operating systems to run concurrently.
Types of Hypervisors
1. Type I (Native or Bare-Metal Hypervisors):
o Runs directly on the host hardware, replacing the operating system.
o Emulates the ISA (Instruction Set Architecture) interface of the hardware to
manage guest operating systems.
o Examples include VMware ESXi, Microsoft Hyper-V, and Xen.
2. Type II (Hosted Hypervisors):
o Requires the support of an operating system, acting as an application within it.
o Interacts with the host OS through the ABI (Application Binary Interface) and
emulates the ISA of the virtual hardware for guest OSs.
o Examples include VMware Workstation and Oracle VirtualBox.

30
Cloud Computing 21CS72

VM VM VM VM
ISA

Virtual Machine Manager

VM VM VM VM
ABI ISA

Operative System Virtual Machine Manager

ISA ISA

Hardware Hardware

Virtual Machine Manager (VMM) Design

The VMM (hypervisor) is responsible for emulating the underlying hardware and managing virtual
machines. It consists of three key modules:
 Dispatcher: Entry point for the virtual machine’s instructions, routing them to appropriate
modules.
 Allocator: Manages the allocation of resources like CPU, memory, and I/O devices to the
virtual machines.
 Interpreter: Handles privileged instructions from virtual machines by triggering traps and
invoking appropriate routines.

Virtual Machine Instance

ISA
Instructions (ISA)

Dispatcher Interpreter
Routines

Allocator

The VMM architecture allows guest OSs to run on top of the virtual environment transparently, as if
they were running directly on physical hardware.
Goldberg and Popek Criteria for Virtualization
For efficient hardware-level virtualization, the following criteria must be met, as defined by Goldberg
and Popek (1974):
1. Equivalence: The behavior of a guest OS under a VMM should be identical to its behavior on
the physical host.
2. Resource Control: The VMM must have full control over virtualized resources.

31
Cloud Computing 21CS72

3. Efficiency: Most of the machine instructions must execute directly on the hardware without
VMM intervention.
Theorem 3.1: Conditions for Constructing a Virtual Machine Manager (VMM)
This theorem states that for any conventional third-generation computer, a VMM can be constructed if
the sensitive instructions of the system are a subset of the privileged instructions. Sensitive
instructions are those that affect system resources, and if these instructions can be trapped and
controlled by the hypervisor in user mode, the VMM can efficiently manage the resources without
significant performance degradation. The theorem ensures resource control when the hypervisor
operates in the most privileged mode (Ring 0), allowing non-sensitive instructions to be executed
without hypervisor intervention, maintaining the system's equivalence property.
Theorem 3.2: Recursive Virtualization
A system is recursively virtualizable if:
1. It is virtualizable (i.e., supports VMM construction as per Theorem 3.1).
2. A VMM without timing dependencies can be built on the system.
This allows for nested virtualization, meaning a VMM can run another VMM on top of itself, as long
as the system's resources support it.
Theorem 3.3: Hybrid VMM Construction
This theorem introduces the concept of a hybrid virtual machine (HVM), which may be built for
systems where the set of user-sensitive instructions is a subset of privileged instructions. Unlike full
virtualization, HVMs rely on interpreting more instructions (especially those related to sensitive
system behaviors) instead of executing them directly. This approach is less efficient than full
virtualization but still enables system emulation.
Virtualization Techniques
 Hardware-Assisted Virtualization: This method uses hardware features (such as Intel VT
and AMD V) to support virtual machine managers in running guest OSes in isolation. It
improves performance by reducing the need for software-based emulation, which was the
standard before these hardware extensions were introduced.
 Full Virtualization: Refers to complete hardware emulation, allowing the guest OS to run
without modifications. While it provides complete isolation and security, it can introduce
performance challenges, particularly with privileged instructions. Hardware-assisted
virtualization is often combined with full virtualization to mitigate these issues.
 Paravirtualization: In this method, the guest OS is modified to interact directly with the host
for certain performance-critical operations, leading to improved performance. It requires the
guest OS source code to be accessible for modifications, making it more suitable for open-
source systems. Xen is a notable example using paravirtualization.
 Partial Virtualization: This technique emulates only part of the hardware, allowing certain
applications to run in isolation but not the full operating system. Address space virtualization
is an example, commonly used in time-sharing systems where multiple users or applications
share the same hardware but operate in separate memory spaces.
 Operating System-Level Virtualization: Here, different user-space instances are created and
isolated within the same OS kernel, allowing multiple applications to run concurrently in
separate environments. Unlike hardware virtualization, there is no hypervisor. This technique

32
Cloud Computing 21CS72

is efficient for scenarios where servers share the same OS and resources. Examples include
FreeBSD Jails, Solaris Zones, and OpenVZ.
Application-level virtualization
This is a technique that allows applications to run in environments where they are not natively
supported. Unlike traditional installation, applications are executed as if they were running in their
expected environment. This technique mainly deals with partial file systems, libraries, and operating
system components, which are emulated by a lightweight program or component responsible for
executing the application.
Key Features of Application-level Virtualization:
1. Runtime Emulation: A thin layer emulates the necessary parts of the runtime environment,
allowing applications to function without needing to be fully installed or supported by the
host system.
2. Emulation vs. Hardware-level Virtualization:
o Emulation: Executes programs compiled for different hardware architectures.
o Hardware Virtualization: Emulates a complete hardware environment that allows
running entire operating systems.
3. Strategies for Emulation:
o Interpretation: Each source instruction is interpreted and emulated, leading to poor
performance due to the overhead of interpreting every instruction.
o Binary Translation: Translates source instructions to native ones, caching translated
blocks for reuse. It has high initial overhead but improves performance as cached
instructions are reused.
Advantages:
 Handling Missing Libraries: Application-level virtualization can use replacement libraries
or remap calls to compatible functions, enabling applications to run even with missing
components.
 Lighter Virtualization: Compared to hardware-level virtualization, this method is less
resource-intensive because it emulates only parts of the runtime environment, not the whole
hardware.
 Compatibility: It allows applications that are otherwise incompatible to run together on the
same host system.
Popular Solutions:
 Wine: Runs Windows applications on Unix-like operating systems. It includes a container for
applications and libraries, called Winelib, to port applications to Unix.
 CrossOver: A solution for running Windows applications on macOS.
 VMware ThinApp: Captures installed applications and packages them into an executable
that runs independently of the host operating system.

33
Cloud Computing 21CS72

Other Types of Virtualisation

1. Storage Virtualization
 Definition: Storage virtualization abstracts the physical storage hardware and presents it as a
single logical storage system to users.
 Key Feature: Users interact with a logical representation of storage without needing to know
the physical location of their data.
 Technique: One common approach is network-based storage virtualization, such as
Storage Area Networks (SANs), which use high-bandwidth network connections to provide
scalable storage solutions.
2. Network Virtualization
 Definition: Network virtualization abstracts physical network resources, combining them into
one logical network or providing virtual network functionality within a host system.
 Types:
o External Network Virtualization: Aggregates multiple physical networks into a
Virtual LAN (VLAN), where hosts communicate as if they are in the same network
domain.
o Internal Network Virtualization: Often paired with hardware and OS virtualization,
where virtual machines (VMs) communicate using virtual network interfaces. It can
involve techniques such as Network Address Translation (NAT) or using a
dedicated virtual network device.
3. Desktop Virtualization
 Definition: Desktop virtualization separates the desktop environment from the physical
hardware and allows remote access to a desktop system.
 Key Feature: The desktop environment is often hosted on a remote server or data center and
accessed via a network, providing users with the same desktop interface as though it were
installed locally.
 Use Cases: It is common in cloud computing, where multiple desktop environments are
hosted on the same server and accessed on demand. Some common software and
infrastructure supporting desktop virtualization are Windows Remote Services, VNC, and X
Server, along with cloud-based solutions like Citrix XenDesktop and Sun Virtual Desktop
Infrastructure (VDI).
 Advantages: High availability, persistence, and ease of access from any location.
4. Application Server Virtualization
 Definition: Application server virtualization abstracts multiple application servers into a
single logical unit by using load-balancing and high-availability techniques.
 Key Feature: Unlike emulation or hardware virtualization, it does not simulate different
environments but focuses on improving the quality of service by distributing the load and
ensuring availability.
 Use Case: This type of virtualization is similar to storage virtualization in that it improves
efficiency and reliability rather than changing the runtime environment.

34
Cloud Computing 21CS72

Roles of Virtualization in Cloud Computing

1. Execution Virtualization:
o Hardware Virtualization: This plays a central role in Infrastructure-as-a-Service
(IaaS) offerings. It enables the creation of virtual machines (VMs) that share the
same physical hardware while running different operating systems in isolation.
o Programming Language Virtualization: This is crucial for Platform-as-a-Service
(PaaS) offerings, where virtualized environments run applications written in various
programming languages without being tied to a specific OS.
2. Customization and Isolation:
o Virtualization provides sandboxed environments that can be finely controlled. This is
useful for cloud service providers, allowing them to offer configurable environments
that meet specific user requirements without interference between different users'
workloads.
3. Resource Efficiency and Server Consolidation:
o Server Consolidation: This refers to consolidating workloads onto fewer servers,
maximizing resource utilization and reducing operational costs. Virtual machines can
be dynamically moved between servers without disrupting services.
o Virtual Machine Migration: Virtual machines can be migrated from one server to
another. Live migration allows this movement while the VM is still running, with no
disruption to the service, which is particularly beneficial for scaling applications that
require high availability.
4. Storage Virtualization:
o Virtual Storage Services: Cloud providers can virtualize storage infrastructure into
logical slices that can be dynamically allocated as needed. This enables storage
resources to be easily partitioned and offered as scalable services.
5. Desktop Virtualization:
o Remote Desktop Access: Initially developed in the mainframe era, desktop
virtualization is used to deliver full desktop environments over the cloud, enabling
users to access their desktops remotely through a thin client via the Internet.
6. Efficient Workload Management:
o Cloud computing often supports on-demand scaling, where resources like virtual
machines can be spun up or down based on application requirements. This is essential
for server applications that need to process increasing workloads without
interruptions, with technologies like live migration ensuring seamless resource
adjustments.

35
Cloud Computing 21CS72

Advantages of Virtualization:
1. Managed Execution and Isolation: Virtualization enables the creation of secure, isolated
environments where harmful operations are restricted, allowing better management of
computing resources. This capability is crucial for server consolidation, providing better
control and enhanced security in IT environments.
2. Portability: Virtualized systems, such as virtual machine instances, can be easily transported
as files. They are self-contained, simplifying their administration. This portability is useful for
migrating workloads and managing applications across different hardware systems.
3. Resource Efficiency: Virtualization allows multiple systems to share the same hardware
resources without interference. This leads to more efficient use of computing power and can
reduce costs by consolidating servers, especially in underutilized environments.
4. Cost Reduction: With fewer physical machines needed to handle the same workload,
virtualization lowers hardware, maintenance, and energy costs. This leads to energy
conservation and reduced environmental impact.
5. Security: Virtualization offers the advantage of controlled, sandboxed environments, reducing
the risk of harmful software affecting the underlying system.
6. Dynamic Resource Allocation: Virtualization enables dynamic adjustment of resources to
meet current load demands, improving system flexibility. This is particularly useful for
applications that need to scale in real-time.

Disadvantages of Virtualization:
1. Performance Degradation: Since virtualization adds an extra layer between the hardware
and guest system, it can increase latency and reduce overall performance. This is particularly
noticeable in hardware virtualization due to the overhead involved in managing virtual
processors, privileged instructions, and paging.
2. Inefficiency and Degraded User Experience: Some host features may not be accessible to
the virtual machine due to the abstraction layer. For example, drivers for specific hardware
devices may not be fully utilized, leading to inefficiencies or reduced capabilities in
virtualized environments.
3. Security Vulnerabilities: Virtualization can introduce new security risks, such as malware
that can emulate virtual environments, compromising the host system. Examples like BluePill
and SubVirt demonstrate how virtualization malware can infiltrate a system by manipulating
the guest operating system.
4. Complexity in Resource Management: Virtualization adds complexity to managing
resources, which can sometimes result in suboptimal resource allocation, negatively
impacting performance or efficiency.
Xen and Paravirtualization
Xen is a widely-used open-source virtualization platform that implements paravirtualization.
Initially developed at the University of Cambridge, Xen has grown with significant contributions from
the open-source community and is also offered commercially through Citrix as XenSource. Xen is
versatile, supporting desktop, server, and cloud computing via the Xen Cloud Platform (XCP).

36
Cloud Computing 21CS72

The key element of Xen's architecture is the Xen Hypervisor, which enables efficient
paravirtualization and, more recently, hardware-assisted virtualization for full virtualization.
Paravirtualization vs Full Virtualization
Paravirtualization in Xen differs from full virtualization because it modifies the guest operating
system to eliminate performance penalties related to special instruction management. This
modification leads to high-performance execution, making Xen suitable for x86 architecture on
commodity machines and servers. Full virtualization, on the other hand, emulates the entire system
without modification to the guest OS, which can introduce performance loss.
Xen Architecture
Xen uses a privilege model mapped onto the classic x86 security rings (0 to 3):
 The Xen Hypervisor operates at the highest privilege level (Ring 0) and controls the guest
OS's access to the hardware.
 Guest OS instances run within domains, with Domain 0 having privileged access for
managing the other guest systems (Domain U). Domain 0 hosts an HTTP interface for
managing virtual machines (VMs) and serves as the base for cloud Infrastructure-as-a-Service
(IaaS) systems.

User Application

Management Domain (Domain 0) (Unmodified ABI)

• VM Management Ring 3
• HTTP interface User Domains (Domain U)
• Access to the Xen Hypervisor Ring 2
• Guest OS
Ring 1
• Modified codebase
Ring 0 • Hypercalls into Xen VMM
Privileged
instructions

Xen Hypervisor (VMM)

• Memory management
• CPU state registers
• Devices I/O

Hardware

Security Levels and Execution

Xen operates within x86's four security levels, typically used as:
 Ring 0: Kernel code.
 Ring 3: User applications.
In Xen:
 Hypervisor runs in Ring 0.
 Domain 0 (control domain) and Domain U (guest VMs) run in Ring 1.
 User applications run in Ring 3.

37
Cloud Computing 21CS72

By running guest operating systems in Ring 1, Xen maintains Application Binary Interface (ABI)
compatibility. However, some system calls from Ring 3 to Ring 0 can cause traps or faults, requiring
modifications to guest operating systems. These modifications involve hypercalls, which allow the
Xen hypervisor to handle sensitive instructions
VMware: Full Virtualization
VMware implements full virtualization, a technology that replicates the underlying hardware and
presents it to the guest operating system. The guest OS operates as though it has direct access to the
physical hardware, remaining unaware of the virtualization layer. This contrasts with
paravirtualization (e.g., Xen), where the guest OS must be modified. VMware’s full virtualization
supports both desktop and server environments using Type I and Type II hypervisors.
Hypervisors in VMware:
1. Type I Hypervisors: Also known as bare-metal hypervisors, these run directly on the server
hardware, allowing VMware to virtualize server environments. An example is VMware
ESXi, which manages virtual machines (VMs) at the hardware level.
2. Type II Hypervisors: These run on top of an existing operating system, making them suitable
for desktop environments. VMware Workstation is an example of this, enabling users to run
multiple guest operating systems on a single desktop machine.
Full Virtualization Mechanism
VMware achieves full virtualization by using:
 Direct execution for non-sensitive instructions, where the guest OS runs instructions directly
on the host CPU.
 Binary translation for sensitive instructions, which involves dynamically translating
privileged instructions to ensure safe execution in a virtual environment.
This mechanism allows VMware to virtualize x86 architectures without needing modifications to the
guest OS, providing broad compatibility across various operating systems.
Full Virtualization and Binary Translation in VMware
VMware is renowned for its ability to virtualize x86 architectures, allowing guest operating systems
(OS) to run unmodified on its hypervisors. Prior to the introduction of hardware-assisted
virtualization (such as Intel VT-x and AMD-V in 2006), VMware relied on dynamic binary
translation to achieve full virtualization.
The Challenge with x86 Architecture
The x86 architecture does not natively meet the conditions required for classical virtualization,
particularly because the set of sensitive instructions (which control hardware and privileged actions)
is not fully encapsulated within the privileged instruction set (executed in Ring 0). In a virtualized
environment, where the guest OS runs in Ring 1 instead of Ring 0, these sensitive instructions can
misbehave, causing errors or traps.
Dynamic Binary Translation
To manage these issues, VMware utilized dynamic binary translation, a technique where sensitive
instructions that trigger traps are dynamically translated into a different set of instructions that can
be safely executed in the virtualized environment without causing exceptions. Once translated, the
new instruction set is cached, eliminating the need to retranslate them during subsequent executions.

38
Cloud Computing 21CS72

Advantages of Binary Translation:

 Unmodified Guest OS: One major benefit of binary translation is that it allows unmodified
guest operating systems to run in a virtualized environment. This is especially important for
closed-source operating systems like Windows.
 Portability: Binary translation provides a portable virtualization solution across different
platforms.
Disadvantages of Binary Translation:
 Performance Overhead: The real-time translation of instructions incurs additional
overhead, which can slow down performance. However, this is mitigated by using direct
execution for non-sensitive instructions, minimizing the impact on overall system
performance.
Memory Virtualization
Beyond CPU virtualization, full virtualization also involves virtualizing memory and I/O devices.
Memory virtualization is especially challenging due to the complexity of handling the Memory
Management Unit (MMU), which must be emulated as part of the virtual hardware. This can slow
down performance, particularly with hosted hypervisors (Type II), where both the virtual MMU and
host OS MMU must map memory addresses before accessing physical memory.
To address this, VMware uses a technique called Translation Look-aside Buffer (TLB) mapping,
where virtual memory pages are mapped directly to physical memory pages, reducing the impact of
performance degradation unless a TLB miss occurs.
I/O Virtualization
VMware also provides full virtualization of various I/O devices, including:
 Network controllers
 Peripheral devices (keyboard, mouse, USB controllers, etc.)

39
Cloud Computing 21CS72

VMware virtualization solutions:

1. End-User (Desktop) Virtualization
VMware provides desktop virtualization solutions that enable users to run multiple operating systems
or isolated applications on their end-user computers. Two popular products are:
 VMware Workstation (for Windows) and VMware Fusion (for macOS): These products
create virtual machines (VMs) on a host operating system, allowing users to run different OS
environments (such as Linux, Windows, or macOS) within a single system. These solutions
offer features like USB device sharing, folder sharing, and GUI integration with the host OS.
o Architecture Overview:
 A Hypervisor is deployed, utilizing binary translation to manage sensitive
instructions and allowing the guest OS to run unmodified.
 The virtualization environment is supported by a driver installed in the host
OS that provides hooks for VM management, including I/O processing.
 Virtual machine images are stored in files, enabling snapshot creation and
rollback for easy state management.

 VMware Player: A lightweight version of VMware Workstation, focused on running pre-

existing VMs in both Windows and Linux environments.
 VMware ACE: Designed for enterprise use, it wraps virtual machines with corporate policies
to ensure security when deploying virtual environments on end-user devices.
 VMware ThinApp: This application virtualization solution isolates applications to avoid
conflicts, by packaging the application along with its changes to the OS environment,
enabling it to run without installation.
2. Server Virtualization
VMware provides robust server virtualization solutions that support various workloads, from small
business servers to large-scale data centers:

40
Cloud Computing 21CS72

 VMware GSX Server: An early VMware product that virtualizes server environments,
specifically targeting web server virtualization. It supports remote management and scripting
for VMs. GSX server architecture includes a daemon process (serverd) to manage VM
instances and communicate with the VMware driver.

 VMware ESX and ESXi Servers: These are hypervisor-based solutions installed directly on
bare-metal servers:
o VMware ESX includes a service console based on a modified Linux kernel to
manage the hypervisor.
o VMware ESXi is a more lightweight solution with a reduced memory footprint,
providing minimal OS overhead. It employs the VMkernel, a minimal POSIX-
compliant operating system for resource scheduling, I/O stacks, and device drivers.
3. Infrastructure Virtualization and Cloud Solutions
VMware provides an entire cloud infrastructure stack:
 VMware vSphere: The core of VMware’s data center virtualization, vSphere ties together a
pool of virtualized servers, providing services like virtual storage, virtual networking, and

Application
Zimbra
Virtualization

Platform
vFabric
Virtualization

vCloud

vCenter vCenter

Infrastructure
vSphere vSphere vSphere vSphere Virtualization

ESXi ESXi ESXi ESXi

ESX ESX ESX ESX

Server Server Server Server

Data Center Data Center

41
Cloud
Cloud Computing 21CS72

high-availability solutions like VM migration and data recovery.VMware vCenter:

Centralized management for vSphere environments, vCenter facilitates the administration of
virtual data centers, offering tools for VM provisioning, resource allocation, and monitoring.
 VMware vCloud: A solution for building Infrastructure-as-a-Service (IaaS) clouds. vCloud
allows organizations or service providers to offer virtualized computing environments to end
users on a pay-per-use basis, including self-provisioning of VMs via a web portal.
 VMware vFabric: Focused on cloud application development, vFabric includes tools for
scalable data management and application monitoring, facilitating Java-based web application
development and deployment in virtual environments.
 Zimbra: A Software-as-a-Service (SaaS) solution from VMware, providing cloud-based
messaging, email, and collaboration tools.
Observations
VMware began with a focus on fully virtualized x86 hardware but has since expanded its offerings to
encompass a comprehensive suite for virtualizing hardware, infrastructure, applications, and services.
This evolution allows VMware to cover a wide spectrum of the cloud computing market. Although
full x86 virtualization remains core to its technology, VMware has incorporated paravirtualization
features into its solutions, especially following the advent of hardware-assisted virtualization. Key
enhancements include various device emulations and the VMware Tools suite, which facilitates better
integration between guest and host operating environments. VMware has also played a pivotal role in
developing and standardizing the Virtual Machine Interface (VMI), promoting a general and vendor-
agnostic approach to paravirtualization.
Microsoft Hyper-V
Hyper-V is Microsoft's infrastructure virtualization solution for server virtualization, utilizing a
hypervisor-based approach that supports various guest operating systems. It is integrated as a
component of Windows Server 2008 R2, where the hypervisor is installed as a server role.

42
Cloud Computing 21CS72

Architecture:
Hyper-V enables multiple concurrent executions of guest operating systems through partitions—
completely isolated environments where operating systems run. The architecture includes a parent
partition, which has direct access to hardware, and child partitions that host guest operating systems
without direct hardware access.
Key components of the Hyper-V hypervisor include:
 Hypercalls Interface: Entry point for executing sensitive instructions, allowing

communication between partitions and the hypervisor.

 Memory Service Routines (MSRs): Manage memory access and leverage hardware-assisted
virtualization for efficient device access.
 Advanced Programmable Interrupt Controller (APIC): Manages signals from the
hardware, with each virtual processor having a synthetic interrupt controller.
 Scheduler: Allocates virtual processors to physical processors based on policies set by the
parent partition.
 Address Manager: Manages virtual network addresses for guest operating systems.
 Partition Manager: Oversees the creation and management of partitions through the
hypercalls interface API.
The hypervisor operates in Ring -1, requiring compatible hardware for this privileged mode, thus
supporting legacy operating systems while enabling newer OSs to utilize Hyper-V's architecture for
optimized I/O operations.
Enlightened I/O and Synthetic Devices

43
Cloud Computing 21CS72

Enlightened I/O optimizes I/O operations by allowing guest operating systems to use an interpartition
communication channel, VMBus, rather than relying on hardware emulation. This feature benefits
hypervisor-aware operating systems, enhancing performance for storage, networking, and other
subsystems.
The architecture includes:
 VMBus: Communication channel for data exchange between partitions.
 Virtual Service Providers (VSPs): Kernel-level drivers in the parent partition providing
hardware access.
 Virtual Service Clients (VSCs): Virtual device drivers in child partitions.
Legacy operating systems that lack hypervisor awareness still function but rely on less efficient device
driver emulation.
Parent Partition
The parent partition runs the host OS and implements the virtualization stack, directly accessing
device drivers and mediating access for child partitions. It manages the lifecycle of child partitions via
the Virtualization Infrastructure Driver (VID) and instantiates a Virtual Machine Worker Process
(VMWP) for each child partition.
Child Partitions
Child partitions execute guest operating systems in isolated environments. They can be either
enlightened (benefiting from Enlightened I/O) or unenlightened (relying on hardware emulation).
Cloud Computing and Infrastructure Management
Hyper-V serves as the foundation of Microsoft's virtualization infrastructure, complemented by
additional components for enhanced server virtualization capabilities. Windows Server Core, a
streamlined version of Windows Server 2008, offers a reduced maintenance footprint by removing
unnecessary features, while still allowing remote management through PowerShell.
System Center Virtual Machine Manager (SCVMM) 2008 enhances virtual machine management
with capabilities like:
 Creation and management of virtual instances
 Virtual to Virtual (V2V) and Physical to Virtual (P2V) conversions
 Delegated administration
 Intelligent VM placement and host capacity management
SCVMM integrates with various virtualization platforms, particularly benefiting from Hyper-V’s
infrastructure.
----------------------------------------------END OF MODULE 2--------------------------------------------------

44
Cloud Computing 21CS72

MODULE 3
CLOUD COMPUTUNG ARCHITECTURE
The Cloud Reference Model
Cloud computing supports various IT services that can be consumed as utilities and delivered
through networks, most commonly the internet. This model encompasses multiple aspects,
including infrastructure, development platforms, applications, and services. The cloud
reference model organizes these elements in a layered architecture, which provides a
structured view of how cloud computing resources are managed and utilized.

4.2.1 Architecture Overview

Cloud computing can be organized into layers, starting from the physical hardware to
software systems. The architecture is designed to offer scalable computing power, typically
through data centers where multiple nodes work together. These layers represent different
aspects of cloud services, from infrastructure management to application delivery.
1. Physical Infrastructure Layer (IaaS)
The cloud infrastructure is the foundation for cloud computing, consisting of hardware
resources such as servers, storage, and network resources. These can be heterogeneous,
meaning various types of resources like clusters, networked PCs, and database systems are
used to create the infrastructure.
 Key Component: Virtualization technologies, like hypervisors, allow cloud
infrastructure to be virtualized. Virtual machines (VMs) abstract the physical
resources to create an environment where applications can run independently and
isolated from others. Hardware virtualization optimizes resource utilization such as
CPU, memory, and storage.

45
Cloud Computing 21CS72

2. Core Middleware Layer

This layer focuses on managing the cloud infrastructure and providing a runtime environment
for applications. It is responsible for ensuring resources are used efficiently, providing
features like:
 Quality of Service (QoS) management, admission control, execution monitoring,
accounting, and billing.
 Virtualization Management: Hypervisors and storage or network virtualization help
manage the infrastructure while maintaining the isolation and customization needed
for specific applications.
Core middleware handles the management of virtualized resources, allowing flexibility and
scalability for cloud-based services. For instance, when users need to build applications, they
can either use physical infrastructure directly or opt for virtualized environments provided by
IaaS platforms.
3. Platform-as-a-Service (PaaS) Layer
At this level, the focus shifts from infrastructure to providing development platforms. PaaS
solutions provide users with tools and frameworks to build applications directly on top of the
cloud infrastructure without needing to manage the underlying resources.
 Development Tools: Web interfaces, command-line tools, and distributed
programming frameworks are commonly provided in this layer. Users can develop
cloud-native applications using APIs exposed at the user-level middleware.
PaaS solutions often bundle infrastructure management, allowing users to focus solely on
application development. Some platforms offer only the middleware (Pure PaaS) and require
users to complement the service with their own infrastructure.
4. Software-as-a-Service (SaaS) Layer
This is the topmost layer, where cloud applications are provided as services to end-users.
SaaS applications are typically web-based and rely on the cloud to scale and manage large
numbers of users.
 Examples: Cloud-based applications such as email services, CRM software, and
social networking platforms.
 Scalability: The cloud infrastructure (via IaaS and PaaS layers) ensures that SaaS
applications can elastically scale based on demand, making them highly efficient and
reliable.
In a typical SaaS setup, cloud service providers manage the infrastructure, platform, and
applications, and users only interact with the application layer.
5. Adaptive Management and Autonomic Behavior
One of the key features of cloud computing is its adaptive management capability, which
ensures that the services can elastically scale based on demand.

46
Cloud Computing 21CS72

 SaaS implementations generally feature automatic scaling and performance

management.
 PaaS and IaaS platforms expose APIs that allow users to scale their services
according to their needs, ensuring resources are used efficiently.
6. Everything-as-a-Service (XaaS)
The concept of XaaS refers to the idea that any IT service or component can be delivered
through the cloud as a service. This can range from basic infrastructure (IaaS) to platforms
for development (PaaS), and even complete software applications (SaaS).
 Combination of Services: Providers can offer a range of services that allow
businesses to combine different offerings for a complete solution. For instance, a
startup might use IaaS to provision virtual machines, deploy a PaaS layer for
development, and deliver applications via SaaS to users.
 Cost Efficiency: This flexible model reduces capital investment in IT infrastructure,
making cloud computing a viable solution for startups to scale quickly without
upfront costs.

Types of Clouds
Cloud computing is categorized into several types based on the administrative domain and
the deployment model. Each type addresses different needs for service delivery, resource
management, and security.
1. Public Clouds
 Definition: Public clouds are open to the general public and are managed by third-
party cloud service providers. The services offered, such as computing power, storage,
and applications, are delivered over the Internet.

47
Cloud Computing 21CS72

 Key Features:
o Multitenancy: Public clouds support multiple users with isolated
environments, ensuring secure and efficient service delivery.
o Scalability: They can scale resources up or down based on demand, making
them ideal for businesses with variable needs.
o Cost-Efficiency: Public clouds are based on a pay-as-you-go model, reducing
the need for upfront investments in hardware and infrastructure.
o Examples: Amazon EC2 (IaaS), Google AppEngine (PaaS), Salesforce.com
(SaaS).
o Architecture: They are typically made up of geographically dispersed
datacenters to handle large-scale user demand and ensure reliability.
2. Private Clouds
 Definition: Private clouds are deployed within the premises of an organization,
offering computing resources solely for internal users. They are designed for
organizations that need greater control over their infrastructure and security.
 Key Features:
o Control and Security: Private clouds provide organizations with control over
their infrastructure, reducing security risks associated with public clouds.
o Customization: These clouds can be tailored to meet specific organizational
needs, such as compliance with regulatory requirements.
o Efficiency: Organizations can optimize their existing IT resources and reduce
the burden of managing physical infrastructure.
o Examples: VMware vCloud, Eucalyptus, OpenNebula.

o Architecture: Private clouds are usually built on existing IT infrastructures,

including datacenters, clusters, and enterprise grids. They may use IaaS or
PaaS solutions to manage and deliver cloud services.
48
Cloud Computing 21CS72

3. Hybrid Clouds

A hybrid cloud integrates private and public cloud infrastructures, allowing enterprises to
benefit from the scalability and cost-effectiveness of public clouds while maintaining
sensitive data and critical workloads in a private cloud. This hybrid approach enables
businesses to optimize their IT resources, balancing between control and flexibility.
Key Characteristics:
 Private Cloud Integration: Enterprises can maintain their existing IT infrastructure
while utilizing public cloud resources when required.
 Dynamic Provisioning: Hybrid clouds offer dynamic provisioning, where additional
resources from public clouds can be provisioned when needed and released when no
longer necessary. This is known as cloudbursting, a concept where a private cloud
expands into a public cloud to handle peak loads.
 Security: Security concerns are generally limited to the public portion of the cloud,
where less sensitive workloads are run. Sensitive data can still remain within the
private cloud.
 Scalability: By leveraging external resources, hybrid clouds address scalability
challenges, especially during demand surges. These resources are rented temporarily,
ensuring cost efficiency.

49
Cloud Computing 21CS72

Management and Software:

 Infrastructure Management: Tools like OpenNebula allow the integration of public
cloud resources, such as Amazon EC2, into a private cloud. The virtual machines in
the public cloud are managed just like local virtual machines.
 Advanced Scheduling: Hybrid clouds often incorporate advanced scheduling engines
(e.g., Haizea) that consider costs and optimize resource allocation based on available
budgets.
 Platform as a Service (PaaS): PaaS solutions are commonly used in hybrid clouds
for deploying distributed applications. Dynamic provisioning ensures that applications
meet service-level agreements (SLAs) and perform optimally based on the user’s
budget.

4. Community Clouds
A community cloud is designed for a specific community of users, such as a government
agency, industry group, or research organization. It addresses shared concerns like security,
compliance, or regulatory requirements while providing cloud services.
Key Characteristics:
 Shared Infrastructure: Multiple organizations share the infrastructure, which is
managed either by the organizations themselves or a third party. It may be located on-
premise or off-premise.
 Specific Community Needs: The cloud is tailored to meet the needs of a specific
community, such as government bodies, healthcare organizations, or scientific
research entities.
 Collaboration: Community clouds facilitate collaboration by providing a shared
environment for joint operations while maintaining compliance with security and
privacy concerns.

50
Cloud Computing 21CS72

 Example Industries:
o Healthcare: Community clouds can store patient data in a private cloud while
using shared infrastructure for non-critical services.
o Energy & Core Industries: These sectors can benefit from a community
cloud that bundles services for management, deployment, and orchestration of
operations.
o Scientific Research: Science clouds support large-scale scientific computing
by providing distributed infrastructure to multiple research organizations.
Benefits:
 Openness: Community clouds often emphasize openness, removing vendor
dependencies and promoting fair competition among solutions.
 Scalability: The infrastructure scales as the community expands, growing organically
with the demand from users.
 Environmental Sustainability: By utilizing underutilized resources, community
clouds have a smaller carbon footprint and can be more sustainable.

Economic Benefits of Cloud Computing

Cloud computing offers numerous economic benefits, especially by shifting IT costs from
capital expenditures (CapEx) to operational expenditures (OpEx), primarily through the pay-
as-you-go model. This model helps organizations reduce the financial burden of maintaining
on-premises infrastructure, software, and support systems, making IT resources more
accessible and manageable.
Key Economic Benefits of Cloud Computing:
1. Reduction of Capital Costs:
o Organizations traditionally invest heavily in IT infrastructure, such as servers,
storage, and software, which incurs large capital expenses.
o With cloud computing, these capital expenditures are reduced as companies no
longer need to purchase and maintain physical hardware. Instead, they pay for
cloud services as they use them, shifting costs to operational expenses.
2. Elimination of Depreciation Costs:
o Hardware and software assets typically depreciate over time, reducing their
value and the company’s profits.
o Cloud computing removes this issue since there is no ownership of physical
assets. Depreciation costs are effectively eliminated as organizations rent IT
resources instead of owning them.
3. Software Licensing and Subscriptions:

51
Cloud Computing 21CS72

o The move from traditional software licensing to subscription-based models

(common in Software-as-a-Service (SaaS) offerings) means organizations can
avoid the upfront costs of buying software and the associated maintenance
costs.
o This model allows for better cash flow management and eliminates the
complexity of licensing agreements and renewals.
4. Lower Maintenance and Administrative Costs:
o The cloud service provider manages the infrastructure, reducing the need for
an internal IT department focused on maintaining hardware, software, and
security.
o Enterprises can reduce administrative costs, such as those associated with
software upgrades, patch management, and system monitoring.
5. Flexibility and Scalability:
o Cloud computing provides scalability on-demand, allowing businesses to scale
their resources up or down based on needs without incurring the fixed costs
associated with maintaining a large IT infrastructure.
o This flexibility is especially beneficial for businesses with variable workloads
or seasonal spikes in demand.
Financial Models in Cloud Computing:
Cloud providers offer several pricing strategies to cater to different business needs:
 Tiered Pricing: Cloud services are offered in multiple tiers with predefined
configurations (e.g., varying CPU capacity, memory, and storage), and customers pay
based on their chosen tier. This is commonly seen with Infrastructure-as-a-Service
(IaaS) offerings like Amazon EC2.
 Per-Unit Pricing: Charges are based on specific service usage metrics such as data
transfer, storage, and memory. This model allows businesses to optimize their
resource allocation and only pay for what they use, as seen in services like GoGrid.
 Subscription-Based Pricing: Predominantly used by SaaS providers, this model
involves paying a periodic subscription fee for the use of software or integrated
services. It’s ideal for businesses that require consistent access to software without the
overhead of managing installations.
Case Studies of Cloud Cost Reduction:
 Startups: Small startups can fully leverage cloud computing to eliminate capital
costs, using cloud infrastructure and software without initial investments. This
significantly reduces financial strain and allows businesses to focus on growth
without the burden of maintaining IT resources.
 Established Enterprises: Larger enterprises with existing IT assets may benefit from
using cloud computing to handle peak loads and unplanned expenses, thus converting

52
Cloud Computing 21CS72

capital expenses into more flexible operational costs. Cloud-based Infrastructure-as-a-

Service (IaaS) is particularly useful in such scenarios.

Open Challenges in Cloud Economics:

1. Vendor Lock-In:
o The lack of standardization and interoperability between different cloud
platforms can create dependency on a specific vendor, making it difficult for
companies to switch providers without significant costs or technical barriers.
2. Standards and Interoperability:
o Efforts to create cloud standards, such as the Open Virtualization Format
(OVF), aim to improve interoperability between different platforms. However,
the absence of universal standards still hinders smooth transitions between
cloud providers.
3. Scalability and Fault Tolerance:
o Cloud services promise to scale on-demand, which is essential for businesses
that need flexibility in their resource allocation. However, ensuring consistent
performance across multiple cloud platforms and maintaining fault tolerance
in the face of system failures or traffic spikes remains a challenge for cloud
providers.
4. Security and Compliance:
o With the increased adoption of cloud computing, the need for strong security
measures becomes more pressing. Data privacy and regulatory compliance are
significant concerns for businesses moving to the cloud, particularly when
operating across different geographical regions with varying legal
frameworks.

----------------------------------------END OF MODULE 3----------------------------------------

53
Cloud Computing 21CS72

MODULE 4
CLOUD SECURITY
Security Risks Faced by Cloud Users
Cloud computing offers numerous advantages, but it also introduces a range of security risks,
which can be broadly categorized into three areas: traditional security threats, threats related
to system availability, and threats related to third-party data control.
1. Traditional Security Threats:
o Denial-of-Service (DoS) Attacks: Cloud services are vulnerable to distributed
denial-of-service (DDoS) attacks, which prevent legitimate users from
accessing cloud services.
o Phishing and SQL Injection: These attacks target user credentials and
databases, often exploiting weak input validation mechanisms.
o Cross-Site Scripting (XSS): This common web application vulnerability
allows attackers to inject malicious scripts into websites, potentially bypassing
access controls.
o Authentication and Authorization: In cloud environments, ensuring proper
user authentication and role-based access control (RBAC) is challenging.
Users must be assigned privileges based on their roles, and these policies must
align with both organizational and cloud security standards.
o Infrastructure Protection: The cloud infrastructure used by users, including
the local network, must be protected against attacks originating from external
sources. This task is complicated by the fact that some components, such as
cloud clients and virtual machines, are outside the user's traditional security
perimeter.
2. System Availability Risks:
o Service Outages and Failures: Cloud services depend on the availability of
various systems, such as data centers and network infrastructure. Failures,
such as power outages or hardware malfunctions, can disrupt cloud services,
leading to business downtime.
o Data Lock-In: In situations where an organization depends heavily on cloud-
hosted data, service outages or disruptions could result in an inability to access
critical business data, which can lead to operational failures.
o Phase Transition Phenomena: Complex systems such as cloud infrastructure
are subject to unexpected behaviors under certain conditions, such as system
overloads or resource allocation failures, which may disrupt availability.
3. Third-Party Data Control:
o Data Privacy and Espionage: Storing sensitive data on the cloud can expose
it to third-party risks, especially if the cloud provider or subcontractors have

54
Cloud Computing 21CS72

poor data protection practices. Malicious insiders or external hackers can

exploit weaknesses to gain unauthorized access to proprietary data.
o Lack of Transparency: Cloud providers often have limited visibility into
their internal practices, making it difficult for users to audit data management
processes or ensure compliance with security regulations. Additionally, cloud
agreements often place the onus of security solely on users, leaving them
vulnerable to data breaches and loss.
o Subcontractor Risks: Cloud providers may outsource certain services to
third-party vendors, which could introduce additional risks if those third
parties fail to secure customer data properly.
o Contractual Limitations: Many cloud providers, such as Amazon Web
Services (AWS), limit their liability in case of data loss or unauthorized
access, making it difficult for users to seek compensation if their data is
compromised.

Top concern for cloud users

1. Data Vulnerability:
o Storage vs. Processing: Data stored in the cloud is more vulnerable than
during processing due to prolonged storage durations. However, processing is
not exempt from risks, including flaws in Virtual Machine Monitors (VMM),
rogue VMs, or Virtual Machine-Based Rootkits (VMBRs).
o Unauthorized Access: Risks include rogue CSP employees and unclear
personnel screening policies.
2. Data Lifecycle Control:

55
Cloud Computing 21CS72

o Users lack transparency in ensuring deleted data is irrecoverable. Seamless

backups, which occur without user consent, exacerbate the issue, potentially
leading to accidental data exposure or loss.
3. Standardization and Interoperability:
o The lack of standard protocols raises questions about service interruptions,
data accessibility during outages, and the costs of migrating to another CSP.
4. Audit and Compliance:
o Cloud systems present unique challenges for establishing audit trails and
meeting compliance requirements.
5. Evolving Technology:
o Emerging technologies like autonomic computing introduce additional threats
by complicating the traceability of actions and their impact on security.
6. Multitenancy:
o A core feature of cloud computing that enables cost savings but introduces
risks due to shared infrastructure among multiple users.
7. Legal and Jurisdictional Issues:
o The international nature of CSP operations complicates understanding which
laws apply to data handling, especially when data crosses borders or is
outsourced.
Mitigation Strategies for Users:
1. Evaluate CSP Policies:
o Analyze CSP security policies and enforcement mechanisms.
o Clearly define security-related contractual obligations, including:
 Handling sensitive data securely and complying with privacy laws.
 Liability for data mishandling and loss.
 Data ownership rules.
 Storage locations for data and backups.
2. Minimize Sensitive Data Exposure:
o Avoid storing or processing sensitive data on the cloud where feasible.
o Use tools like Google’s Secure Data Connector to access firewall-protected
data.
3. Encryption and Data Protection:
o Encrypt sensitive data to protect against unauthorized access, though
encryption complicates indexing and searching.

56
Cloud Computing 21CS72

o Explore advanced methods like homomorphic encryption or secure two-party

computation for secure processing.
Privacy impact assessment
Privacy refers to the right of individuals, groups, or organizations to control access to
personal or proprietary information and protect it from unauthorized disclosure. It is
considered a fundamental human right, recognized by laws and regulations globally.

Challenges to Privacy in the Digital Age

1. Identity Theft: Personal data can be misused if stolen or improperly handled,
especially in online platforms or cloud storage.
2. Lack of Control:
o Users lose control over data location and access once stored on Cloud Service
Providers (CSPs).
o Example: Gmail users cannot control where their emails are stored or for how
long.
3. Unauthorized Secondary Use:
o Data may be repurposed for activities like targeted advertising without
consent.
4. Data Proliferation:
o Information spread across multiple servers and systems increases risk.
5. Dynamic Provisioning:
o Ambiguities arise in CSP operations, e.g.,:
 Rights of subcontractors handling data.
 Ownership of data during CSP mergers or bankruptcies.

Key Elements of Privacy in Cloud Computing

1. User Control: The loss of user-centric data control due to reliance on CSPs.
2. Security Risks: Data stored unencrypted on CSP servers is vulnerable to breaches.
3. Contextual Variations: Privacy policies differ across cloud delivery models like
SaaS (e.g., Gmail collects device, location, and cookie information).

57
Cloud Computing 21CS72

Fair Information Practices (U.S. Federal Trade Commission)

To ensure consumer privacy, the FTC proposed four widely accepted principles:
1. Notice:
o Websites must provide clear, transparent details about:
 What data is collected.
 How data is used.
 Who has access to the data (e.g., third-party entities).
o Example: Cookie usage and location tracking disclosures.
2. Choice:
o Consumers should have control over the use of their data for purposes beyond
the original intent (e.g., internal marketing or external sharing).
3. Access:
o Users must be able to:
 View and review their data.
 Correct inaccuracies.
 Delete information if desired.
4. Security:
o Organizations must implement reasonable measures to protect user data,
recognizing variations based on data type and technology.

Privacy Impact Assessment (PIA)

PIA is a systematic process to identify and address privacy risks associated with information
systems or projects.
Key Components of a PIA:
1. Inputs:
o Project details.
o Stakeholder information.
o Potential privacy risks.

58
Cloud Computing 21CS72

2. Outputs:
o PIA report summarizing:
 Risk assessments.
 Security measures.
 Cross-border data flow concerns.
3. Tools:
o SaaS-based tools with a knowledge base maintained by experts.
o Systems generate reports based on templates and user-provided details.

Benefits of Conducting a PIA

1. Proactive Privacy Management:
o Embedding privacy rules from the design stage (ab initio approach) avoids
costly changes later.
2. Enhanced Compliance:
o Aligns systems with legal frameworks like the EU’s GDPR or the U.K.-U.S.
Safe Harbor agreement.
3. Improved Trust:
o Demonstrates a commitment to protecting user privacy, fostering consumer
confidence.
Trust in Cloud Computing
Trust in cloud computing mirrors the general trust in online activities and requires addressing
its complexities, particularly due to the virtual and remote nature of interactions.

1. Traditional Trust Definition

 Definition: According to Merriam-Webster, trust means "assured reliance on the
character, ability, strength, or truth of someone or something."
 Features: Enables cooperation, reduces conflicts, lowers transaction costs, and
promotes effective crisis management.

2. Key Conditions for Trust

1. Risk: Trust involves a perceived probability of loss, making it necessary when
uncertainty exists.
2. Interdependence: Trust arises when one entity's goals rely on another's cooperation.

59
Cloud Computing 21CS72

3. Phases of Trust
1. Building Phase: Formation of trust.
2. Stability Phase: Sustained trust over time.
3. Dissolution Phase: Decline or loss of trust due to violations.

4. Forms and Reasons for Trust

 Deterrence-Based Trust: Trust enforced by penalties for breaches.
 Calculus-Based Trust: Based on mutual self-interest.
 Relational Trust: Developed through consistent, dependable interactions.

5. Challenges in Online Trust

 Anonymity: Lack of physical identity increases mistrust as it hampers accountability.
 Lack of Contextual Cues: Limited personal and institutional characteristics online
impede judgment.
 Identity Concerns: Difficulty in verifying whether an entity is genuine.

6. Mechanisms to Enhance Online Trust

1. Access Control: Prevents unauthorized access.
2. Identity Transparency: Uses tools like biometrics and digital certificates for
verification.
3. Surveillance: Through intrusion detection or audit logs.
4. Credentials: Verified by trusted authorities to establish credibility.

7. Policies and Reputation

 Policies: Define conditions for trust and actions for breaches.
 Reputation: Derived from historical interactions or recommendations.

8. Trust in Computing Context

 Measured as a belief in an entity's dependability for a specific service within a defined
time and context.

60
Cloud Computing 21CS72

Operating System Security

Operating system (OS) security focuses on protecting hardware resources and applications
against a wide range of attacks.

1. Purpose of an OS
 Manages hardware resources.
 Provides security through defined policies for access control, authentication, and
cryptography.

2. Key OS Security Policies

1. Access Control: Regulates access to resources.
2. Authentication: Verifies users or entities.
3. Cryptography: Secures data transmission and storage.

3. Trusted Applications
 Special applications with privileges for security functions.
 Operate with the minimum privileges necessary to reduce risks.

4. Challenges in Commercial OS Security

 Lack of multilayered security.
 Vulnerability due to millions of lines of code.
 Weak isolation of applications.

5. Trusted Paths
 Ensure secure interactions between users and trusted software.
 Protect against malicious software impersonating trusted systems.

6. Solutions for Enhanced OS Security

1. Decomposing Mechanisms: Dividing complex processes into well-defined
components like enforcer and decider for access control.

61
Cloud Computing 21CS72

2. Sandboxing: Using environments like Java’s sandbox to restrict unauthorized actions.

3. Closed-Box Platforms: Embedded cryptographic keys for authentication.

7. Application-Specific Security
 Applications above the OS layer often implement better security.
 Example: Digital signatures for e-commerce transactions.

8. Limitations
 Commodity OSes offer low assurance and are susceptible to attacks.
 Compromising one application can endanger the entire platform.
 Weak authentication mechanisms and lack of trusted paths add to vulnerabilities.

Virtual Machine Security Overview

Virtual Machine (VM) security revolves around safeguarding virtualized environments from
threats at the Virtual Machine Monitor (VMM) and individual VM levels. This section
explores the challenges, advantages, and vulnerabilities of virtual systems, particularly under
the traditional system VM model.

Virtual Security Services

1. VMM-Centric Security:
o Security services are integrated into the VMM (Figure 9.2(a)).
o The VMM manages hardware access and enforces security protocols like
memory isolation and controlled network/disk access.
o Benefits include stricter isolation compared to traditional OS-based processes.
2. Dedicated Security VM:
o An alternative setup involves a separate VM for security services (Figure
9.2(b)).
o This design reduces the complexity of guest OS security responsibilities by
offloading security functions to a specialized VM.
3. Trusted Computing Base (TCB):
o A secure and uncompromised TCB is essential for ensuring system-wide
security.

62
Cloud Computing 21CS72

o Any compromise in the TCB threatens the entire virtual ecosystem.

Capabilities and Challenges

 Isolation:
o VMs are isolated by the VMM, preventing one VM from affecting others.
o Resource isolation is enforced, ensuring memory, CPU, and network
segregation.
 Inspection:
o VMM can inspect guest VM states, aiding in intrusion detection.
o Inspections are at a raw data level (disk blocks, memory pages), which can
limit logical insights.
 Interposition:
o VMM intercepts and emulates privileged instructions from guest VMs.
o This capability helps manage and secure sensitive operations.
 Advanced Security Tactics:
o Cloning: Suspicious applications can be tested in a cloned environment to
assess malicious behavior.
o Encryption: Guest VM states can be encrypted to prevent unauthorized
access.
o Dedicated File VMs: Files can be stored in secure VMs for enhanced
protection.

Threats and Mitigation VMM-Based Threats:

1. Resource Starvation and Denial of Service:
o Caused by misconfigured resource limits or rogue VMs bypassing limits.
o Mitigation: Properly configure resource limits and monitor VM behavior.
2. Side-Channel Attacks:
o Rogue VMs can exploit shared resources to extract sensitive data.
o Mitigation: Isolate inter-VM traffic and use packet inspection tools with
robust configurations.
3. Buffer Overflow Attacks:
o Malicious actors exploit vulnerabilities in the VMM's code.

63
Cloud Computing 21CS72

o Mitigation: Regularly patch and audit the VMM for vulnerabilities.

VM-Based Threats:
1. Deployment of Insecure VMs:
o Unauthorized creation or tampering of VM instances.
o Mitigation: Enforce access controls and use role-based permissions for
administrative tasks.
2. Tampered VM Images:
o Insecure or tampered VM images in repositories.
o Mitigation: Implement integrity verification mechanisms (e.g., digital
signatures) and secure access controls for repositories.

Trade-Offs of Virtualization Security

 Costs:
o Increased hardware requirements (CPU, memory, disk, bandwidth).
o Overheads in VMM development and maintenance.
 Complexity:
o Paravirtualization demands modifications to host OS and applications.
o Advanced security mechanisms may impact performance.

Security risks posed by shared images

64
Cloud Computing 21CS72

The security risks posed by shared images in cloud environments, particularly in the context
of Infrastructure as a Service (IaaS) and Amazon Machine Images (AMIs), are multifaceted
and significant. Below is a summary and analysis of the key concerns and findings:

1. Vulnerabilities in Shared AMIs

 Critical Software Vulnerabilities:
o A study analyzing over 5,000 AMIs revealed that 98% of Windows AMIs and
58% of Linux AMIs contained critical vulnerabilities.
o Windows AMIs averaged 46 vulnerabilities per image, while Linux AMIs
averaged 11.
o Older images are particularly vulnerable due to outdated software and
unpatched security issues.

2. Backdoors and Leftover Credentials

 Backdoor Access:
o AMI creators often leave their public SSH keys or passwords in the images,
allowing them unauthorized access to instances created by others.
o Tools like John the Ripper can crack exposed password hashes.
 Unremoved Credentials:
o Credentials such as AWS API keys, SSH keys, and other sensitive files can be
recovered using standard recovery tools.
o Over 22% of Linux AMIs analyzed allowed intruders to log in using recovered
credentials.

3. Unsolicited Connections
 Malicious or compromised AMIs may establish outgoing connections:
o Leak Privileged Information: Such as IP addresses or system events.
o Modified Syslog Daemons: Found in some instances, forwarding sensitive
data to external entities.

4. Malware
 Some AMIs were found to include:
o Keylogging Trojans: Capture sensitive user inputs, such as passwords.

65
Cloud Computing 21CS72

o Spyware and Trojans: Exploit system vulnerabilities to steal or manipulate

data.

5. Data Recovery Risks

 Residual Data:
o Files deleted by the AMI creator can be recovered unless securely wiped.
o Tools like exundelete can recover sensitive data from "free" blocks in the file
system.
 Exposed Logs and Histories:
o Access to shell histories, browser histories, and logs can reveal credentials,
browsing activities, and more.

6. Misconfigured Instances
 Failure to run cloud-init scripts compromises SSH server host keys, enabling man-
in-the-middle attacks.
 Malicious actors can use tools like NMap to identify vulnerabilities in the SSH setup
of shared AMIs.

7. Privacy Risks for AMI Creators

 AMI creators may inadvertently expose:
o Private keys, IP addresses, and shell or browser histories.
o AWS API keys, which attackers can use to incur charges on the creator's
account.

Recommendations to Mitigate Risks

1. For Users:
o Always verify and audit AMIs from trusted sources.
o Use tools like Nessus to scan for vulnerabilities.
o Regenerate SSH keys and host credentials when using a new image.
2. For Creators:
o Use secure deletion tools (e.g., shred, wipe) to remove sensitive data before
publishing.
o Regularly update images to fix software vulnerabilities.

66
Cloud Computing 21CS72

o Remove leftover credentials, keys, and histories from AMIs.

3. For Cloud Providers:
o Implement stricter controls and automated scans to identify and mitigate
vulnerabilities in shared AMIs.
o Educate users about the risks associated with using shared images.
Security risks posed by a management OS
Virtualization Security and the Role of the Hypervisor:
1. Hypervisor Simplicity vs. Security:
o The small codebase of a hypervisor (e.g., Xen with ~60,000 lines of code) is
often seen as a security advantage because it can be carefully analyzed and
audited.
o However, the trusted computing base (TCB) of a virtualized environment also
includes the management OS (Dom0), which introduces additional
vulnerabilities.
2. Vulnerabilities in Dom0:
o Dom0 is responsible for creating and managing VMs (DomU) and handling
their memory, page tables, and virtual CPUs.
o Many attacks target Dom0's service components, including:
 Buffer overflows.
 Denial-of-service (DoS) attacks.
 Unauthorized access to DomU's memory and state.
3. Potential Malicious Activities by Dom0:
o Refusal to initialize a VM, resulting in DoS.
o Modifying the kernel or page tables of a DomU, compromising its integrity.
o Unauthorized memory access during or after the VM build process.
Runtime Interactions and Security Concerns:
1. Shared Memory and Driver Communication:
o Dom0 uses shared memory to interact with DomU via split drivers (front-end
in DomU, back-end in Dom0).
o While TLS encryption is used, it does not prevent Dom0 from extracting
cryptographic keys from DomU.
2. System State Management via XenStore:
o XenStore is critical for maintaining the state of the system.

67
Cloud Computing 21CS72

o A malicious VM or Dom0 can deny access to or manipulate XenStore,

affecting other VMs' integrity and confidentiality.

Security Enhancements and Strategies:

1. Restricted Access for Dom0:
o Dom0 should only access DomU's memory or CPU registers if explicitly
allowed by a hypercall initiated by DomU.
o Such interactions should involve encryption and integrity checks.
2. Hypercall Control:
o Hypercalls from Dom0 that do not affect DomU memory/registers can be
allowed.
o Critical hypercalls (e.g., for debugging or IOMMU control) should be
restricted or monitored.
3. New Mechanisms for Enhanced Security:
o Encrypted Virtual CPU Registers: Encrypt registers during save and decrypt
during restore with integrity checks.
o Encrypted Memory Pages: Dom0 should only handle encrypted memory
pages, with integrity ensured via hashing.
o Freshness Verification: Add version numbers to hashes to ensure VM state
freshness.

68
Cloud Computing 21CS72

Trade-offs:
 Enhanced security measures introduce performance overheads:
o VM build time: Increased by 1.7–2.3 times.
o VM save time: Increased by 1.3–1.5 times.
o VM restore time: Increased by 1.7–1.9 times.
-------------------------------------END OF MODULE 4-------------------------------------------------

69
Cloud Computing 21CS72

MODULE 5
Cloud platforms in Industry
Amazon Web Services
Amazon Web Services (AWS) is a comprehensive cloud computing platform that supports the
development of flexible, scalable applications. Its services are designed to provide
infrastructure scalability, messaging, and data storage solutions. AWS is accessible
via SOAP or RESTful web service interfaces and includes a web-based console for
administration, monitoring, and cost management on a pay-as-you-go pricing model.
At the core of the AWS ecosystem are its foundational services, which provide the building
blocks for scalable and reliable applications. Amazon Elastic Compute Cloud (EC2) offers
flexible virtual server capacity, while Amazon Simple Storage Service (S3) ensures secure
and scalable object storage.
These core services are complemented by solutions like Elastic Block Store (EBS) for high-
performance block storage and Amazon Relational Database Service (RDS) for managing
relational databases. Networking capabilities are strengthened with Amazon Virtual Private
Cloud (VPC) for isolated environments, Elastic Load Balancing for traffic distribution, and
Amazon Route 53 for DNS management.
Additionally, communication tools such as Amazon Simple Queue Service (SQS) and Simple
Notification Service (SNS) facilitate seamless integration and messaging between
applications, providing the infrastructure required for modern, connected systems
Compute Services
Compute services form the backbone of cloud computing platforms, offering scalable and
flexible resources for deploying applications. Amazon Elastic Compute Cloud (EC2) stands
as the primary compute service within AWS, providing an Infrastructure-as-a-Service (IaaS)
model that has become a standard for cloud solutions. EC2 enables users to deploy virtual
servers, referred to as instances, created from Amazon Machine Images (AMIs). These
instances come preconfigured with operating systems and software stacks, with customizable
memory, processor, and storage options. Users can remotely access these instances to
configure or install additional software, ensuring flexibility and control.

1. Amazon Machine Images (AMIs)

Amazon Machine Images (AMIs) serve as the templates for creating EC2 instances. Stored in
Amazon S3 and identified by unique identifiers .AMIs define the operating system and
software environment for virtual machines. Each AMI includes configurations such as
Amazon Ramdisk Image (ARI) and Amazon Kernel Image (AKI), which determine the
instance’s system setup. AMIs can be built from scratch or bundled from running EC2
instances. Users often prepare new AMIs by customizing an instance, installing required
software, and converting it back into an image. Once stored in an S3 bucket, AMIs can be
shared with others or retained for private use. Additionally, product codes can be associated

70
Cloud Computing 21CS72

with AMIs, enabling owners to monetize their images whenever they are used to launch EC2
instances.

Example Cloud Computing Offerings (Table 9.1)

 AWS (Amazon Web Services): A versatile platform offering IaaS, PaaS, and SaaS,
with EC2 as its flagship elastic compute service.
 Google AppEngine: A PaaS platform providing scalable runtime environments for
Java and Python.
 Microsoft Azure: A PaaS offering leveraging Hyper-V technology and the .NET
framework for scalable application development.
 SalesForce.com/Force.com: SaaS and PaaS for CRM applications, enabling
component development.
 Heroku: A PaaS platform focused on Ruby applications with scalability in mind.
 RightScale: An IaaS management platform offering hybrid cloud management via a
unified dashboard.
This layered ecosystem exemplifies how AWS and its competitors provide a diverse range of
solutions catering to different aspects of cloud-based infrastructure and application
development.
2. EC2 Instances
EC2 instances represent virtual machines built using Amazon Machine Images (AMIs) as
templates. These instances can be customized by configuring the number of virtual cores,
computing power, and memory. The computational power of an EC2 instance is measured in
EC2 Compute Units (ECUs), which represent a consistent quantity of real CPU performance.
This abstraction allows Amazon to update underlying hardware without affecting the
predictable performance of EC2 instances.
Instances are categorized into six major types, each tailored to specific use cases:
1. Standard Instances: Suitable for most applications with configurations offering
balanced computing power, memory, and storage.
2. Micro Instances: Designed for lightweight applications with limited computing
needs but capable of handling occasional workload bursts.
3. High-Memory Instances: Ideal for memory-intensive applications such as high-
traffic, three-tier web services.
4. High-CPU Instances: Targeted at compute-intensive workloads requiring high
computational power.
5. Cluster Compute Instances: Optimized for high-performance computing (HPC)
applications with exceptional I/O and network performance.

71
Cloud Computing 21CS72

6. Cluster GPU Instances: Equipped with GPUs for graphic-intensive applications,

such as rendering or general-purpose computing, making them suitable for HPC and
cluster workloads.
EC2 instances are billed hourly, with costs determined by the instance category. Spot
instances provide a dynamic and cost-effective alternative, with pricing and availability based
on demand and user-defined price caps. However, spot instances are less stable, requiring
backup and checkpointing strategies to mitigate potential interruptions.
Instances can be managed using command-line tools, the AWS console, or other interfaces.
By default, EC2 instances come with ephemeral storage tied to the AMI, which is lost upon
instance termination. To persist data, users can attach Elastic Block Store (EBS) volumes,
with content stored in Amazon S3. Moreover, EC2 allows customization of kernel and disk
configurations (AKI and ARI) to meet specific requirements, offering significant flexibility.
This robust ecosystem of EC2 instances caters to diverse needs, from small-scale web
applications to intensive computational and graphical tasks.

3. EC2 Environment
The EC2 environment enables virtual instances to operate efficiently by providing the
necessary services to host applications. Key aspects of the EC2 environment include:
1. Networking and Addressing:
 Instances are assigned an internal IP address by default, allowing
communication within the EC2 network and enabling internet access as
clients.
 Elastic IPs can be associated with instances, providing static IPs that can be
remapped to different instances as needed. This feature is useful for failover
implementations and public internet accessibility.
 Each instance with an external IP is also assigned a domain name (e.g., ec2-
xxx-xxx-xxx.compute-x.amazonaws.com), where the IP and the availability
zone are encoded in the domain.
2. Availability Zones:
 EC2 offers five availability zones, which are priced differently:
 Two in the United States (Virginia, Northern California)
 One in Europe (Ireland)
 Two in Asia Pacific (Singapore, Tokyo)
 Users can influence the deployment location for instances to some extent.
3. Security:
 Key Pairs: Instance owners can associate key pairs for secure, remote root
access.

72
Cloud Computing 21CS72

 Firewall Rules: Amazon EC2 uses basic firewall configurations to manage

instance accessibility. Owners can specify source addresses, ports, and
protocols (TCP, UDP, ICMP).
 Security Groups: These group-level rules provide flexible security for
instances, complementing the internal security configurations within each
instance.
4. Advanced Compute Services
AWS builds upon EC2 instances with advanced services to simplify deployment and support
complex computing requirements.
1. AWS CloudFormation:
 CloudFormation uses JSON templates to describe application resources and
their relationships.
 Templates allow for explicit linkage and dependency definitions between EC2
instances and other AWS services, such as S3, SimpleDB, SQS, SNS, and
Route 53.
 This declarative approach simplifies the construction of complex systems.
2. AWS Elastic Beanstalk:
 Elastic Beanstalk streamlines application deployment, particularly
for Java/Tomcat-based web applications.
 Developers can package their applications in WAR files for automated
deployment.
 Beanstalk abstracts infrastructure details, simplifying tedious tasks while still
allowing users to control underlying EC2 instances.
 Compared to CloudFormation, Elastic Beanstalk provides a higher-level,
application-centric deployment model.
3. Amazon Elastic MapReduce (EMR):
 EMR offers a cloud platform for MapReduce applications powered by
Hadoop.
 Utilizes EC2 for computational infrastructure and S3 for storage.
 Supports the broader Hadoop ecosystem (e.g., Pig, Hive) and
introduces elasticity, allowing dynamic cluster resizing.
 Users can select configurations for EC2 instances in the cluster, including
Small, High-Memory, High-CPU, Cluster Compute, and Cluster GPU
instances.
These advanced compute services, built on top of EC2, enable users to deploy, manage, and
scale applications with ease while addressing specific computational and storage needs.

73
Cloud Computing 21CS72

Storage Services
Amazon Simple Storage Service (S3): Overview
Amazon S3 is a highly scalable and distributed object storage service. It allows users to store
data in any format and access it over the web. Below is a summary of key components,
concepts, and advanced features of Amazon S3:
Core Components
1. Buckets:
 Virtual containers for storing data objects.
 Serve as top-level namespaces and are globally unique.
 Cannot be nested, i.e., no sub-buckets.
 Objects within a bucket share the same geographic region.
2. Objects:
 The actual data stored in buckets, identified by a unique name within the
bucket.
 Immutable once uploaded (cannot rename or modify directly).
 Maximum size: 5 GB per object.
 Objects support metadata (system or user-defined key-value pairs).

Concepts
1. Hierarchy:
 S3 provides a flat structure with logical directories simulated using object
naming conventions (e.g., folder1/file1.txt).
2. RESTful Interface:
 S3 operations are accessed via HTTP methods:
 GET/HEAD: Retrieve data/metadata.
 PUT/POST: Upload objects.
 DELETE: Remove objects.
 Accessible via Uniform Resource Identifiers (URIs).
3. Bucket Addressing:
 Canonical Form: http://s3.amazonaws.com/bucket_name/

74
Cloud Computing 21CS72

 Subdomain Form: http://bucket_name.s3.amazonaws.com/

 Virtual Hosting Form: http://bucket-name.com/
4. Access Control:
 Managed through Access Control Policies (ACPs) or canned policies.
 Permissions include READ, WRITE, READ_ACP, WRITE_ACP, and
FULL_CONTROL.
 Supports temporary signed URLs for limited-time access.
5. Eventual Consistency:
 Data may not be immediately visible across all regions due to replication
latencies.
 Designed for high availability and fault tolerance.
6. Failure Handling:
 Occasional failures (e.g., internal server errors) are expected due to distributed
infrastructure.
Advanced Features
1. Server Access Logging:
 Tracks bucket and object access details.
 Can be enabled using an XML configuration.
2. BitTorrent Integration:
 Allows downloading S3 objects via the BitTorrent protocol by
appending ?torrent to the object URI.
 Requires public read permissions.

2. Amazon Elastic Block Store (EBS)

Amazon Elastic Block Store (EBS) is a highly scalable and persistent storage solution
provided by AWS, designed to work seamlessly with EC2 instances. It offers volumes of up
to 1 TB that can be formatted as raw storage, file systems, or customized configurations
based on instance needs. EBS volumes are durable, as their data is backed up in Amazon S3,
ensuring it survives beyond the lifecycle of the associated EC2 instance.
Features like incremental snapshots, cross-availability zone connections, and the ability to
attach multiple volumes to a single instance make it highly versatile.
To optimize performance, EBS volumes are typically kept in the same availability zone as the
EC2 instance, with lazy loading to reduce I/O overhead.

75
Cloud Computing 21CS72

Costs are calculated based on allocated storage ($0.10/GB/month) and I/O requests ($0.10 per
million requests), making EBS a reliable and cost-effective storage option for various
applications.

3. Amazon ElastiCache
Amazon ElastiCache is a fully managed in-memory caching service that provides ultra-fast
data retrieval for applications hosted on AWS. By reducing the latency involved in accessing
frequently used data, ElastiCache helps optimize application performance. It supports popular
caching engines like Memcached and Redis, making it versatile and compatible with
existing caching protocols.
Key Features:
1. In-Memory Data Store: ElastiCache enables fast data access by storing data in
memory instead of disk-based storage.
2. Seamless Scalability: Clusters can be elastically scaled to handle growing application
demands, with features such as automatic sharding and replication.
3. Failover and Recovery: Automatic detection and recovery of failed cache nodes
ensure high availability without manual intervention.
4. Compatibility with Existing Tools: ElastiCache supports the Memcached and Redis
protocols, allowing users to migrate existing applications without code modifications.
5. Management Features:
 Automatic software patching.
 Backup and restore capabilities (especially for Redis).
 Monitoring and metrics integration via Amazon CloudWatch.
Use Cases:
 Web Session Storage: Store user session data for faster retrieval in web applications.
 Gaming Leaderboards: Provide real-time leaderboard rankings in multiplayer
gaming environments.
 Content Caching: Cache dynamic or frequently accessed content to reduce database
load.
 Machine Learning: Speed up machine learning workflows by caching intermediate
computations.
 Analytics: Enhance the performance of analytics platforms by caching query results
or pre-computed data.

76
Cloud Computing 21CS72

Pricing:
ElastiCache pricing depends on:
1. Node Type: Based on the type of EC2 instances used for the cache nodes.
2. Cluster Size: Number of nodes in the cluster.
3. Data Transfer: Charges may apply for data transferred out of AWS regions.
4. Features Used:
 Redis-specific features like backup, restore, and multi-AZ deployment may
incur additional costs.
Advanced Features:
 Redis Support:
 Multi-AZ deployments with automatic failover.
 Data persistence through backup and restore options.
 Streams and geospatial data processing.
 Monitoring and Insights: Integrated with CloudWatch for real-time monitoring of
cache performance, latency, and resource utilization.
Benefits:
1. Low Latency and High Throughput: Ideal for applications requiring sub-
millisecond response times.
2. Ease of Management: Managed by AWS, eliminating the need for server setup,
configuration, and maintenance.
3. Security: Supports Amazon Virtual Private Cloud (VPC) and encryption for secure
access and data transmission
4. Structured Storage Solutions in AWS
In enterprise applications, structured storage solutions are essential for managing and
analyzing large volumes of data. Amazon Web Services (AWS) provides several options for
structured data storage, including preconfigured EC2 AMIs, Amazon Relational Database
Service (RDS), and Amazon SimpleDB. These services are tailored to different use cases,
depending on the level of control and complexity required for data management.
4.1. Preconfigured EC2 AMIs
 What it is: Preconfigured Amazon Machine Images (AMIs) are templates that come
with a database management system (DBMS) pre-installed. These AMIs allow users
to create EC2 instances with popular database engines such as IBM DB2, Microsoft
SQL Server, MySQL, Oracle, PostgreSQL, Sybase, and Vertica.
 Management responsibility: The user is responsible for the configuration,
management, maintenance, and patching of the database. This solution gives users

77
Cloud Computing 21CS72

flexibility and control over the database setup but requires more administrative
overhead.
 Storage: EC2 instances created from these AMIs can be paired with Amazon Elastic
Block Store (EBS) for persistent storage.
 Cost: The pricing is based on EC2 instance types and follows the EC2 hourly cost
model.
4.2. Amazon RDS (Relational Database Service)
 What it is: Amazon RDS is a managed relational database service that operates on top
of EC2 infrastructure. It provides automatic management of database instances,
including backups, patching, and failover mechanisms.
 Database Engines: It supports MySQL, Oracle, and other RDBMS systems, offering
a fully managed solution that handles many operational aspects for the user.
 Key Features:
 Multi-AZ Deployment: Ensures high availability by maintaining standby
replicas in different availability zones (AZs) that can take over in case of a
failure.
 Read Replicas: Improves read-heavy workloads by providing replicas of the
database that handle read requests, reducing load on the primary database.
 Automated Backups: Provides features like automated daily backups, point-
in-time recovery, and snapshot management.
 Management: AWS takes care of most of the administrative tasks, including
hardware provisioning, database setup, patching, and scaling.
 Pricing: RDS is priced based on the instance type (Standard or High-Memory) and
storage capacity. Users can also choose between On-Demand and Reserved instances
to optimize costs.
Pricing Example (2011-2012) for On-Demand RDS Instances:
 Small Instance: $0.11/hour (1.7 GB memory)
 Extra Large Instance: $0.88/hour (15 GB memory)
 High-Memory Instances can cost as much as $2.60/hour for quadruple extra
large.
4.3. Amazon SimpleDB
 What it is: Amazon SimpleDB is a lightweight, scalable, and flexible NoSQL data
store for applications that do not require a fully relational database model. It supports
semi-structured data, allowing attributes to vary between items within the same
domain.

78
Cloud Computing 21CS72

 Data Model: SimpleDB uses a key-value pair model organized into domains, where
each domain is similar to a table in relational databases but more flexible, as different
items in a domain can have different attributes.
 Key Features:
 Eventual Consistency: SimpleDB uses an eventually consistent model,
meaning updates to data might not be immediately visible to all readers, but
will eventually converge over time. It offers an option to block reads during
updates for stronger consistency.
 Conditional Operations: Allows for conditional insertions and deletions to
prevent lost updates in multi-writer scenarios.
 Scalability: Handles large quantities of data efficiently with simple queries
and indexing.
 Pricing:
 Free for the first 25 SimpleDB instances per month.
 Charges for additional instances ($0.14/hour after the free tier) and for data
transfer.
 SimpleDB is better suited for applications with smaller, semi-structured data
rather than large-scale object storage, making it more suitable for real-time
applications that need fast access to small data objects.
Pricing Example (2011-2012):
 Data Transfer: Charged based on data storage and data transfer outside AWS.
 Machine Usage: Additional charges apply for machine usage once the free
instance limit is exceeded.
4.4. Comparison with Amazon S3
 Amazon S3 is a simple storage service designed for large objects, such as files and
backups. SimpleDB, by contrast, is designed for small, fast-access semi-structured
data and is not optimized for large object storage. While SimpleDB excels at querying
small objects quickly, S3 is a better choice for storing large files and long-term data
storage.
5. Amazon CloudFront
CloudFront is Amazon's content delivery network (CDN) service, built on top of its
distributed storage infrastructure. It optimizes the delivery of static and streaming web
content by using edge servers that are distributed globally. These edge servers reduce the
transfer time for content requests, ensuring faster access for users regardless of their location.
CloudFront works by creating a distribution, which connects to an origin server that holds the
original version of the content. The origin can be an S3 bucket, an EC2 instance, or an
external server outside of Amazon’s infrastructure. Once a distribution is set up, CloudFront
provides a domain name (e.g., my-distribution.Cloudfront.net) that users can reference. When

79
Cloud Computing 21CS72

a user requests content, CloudFront directs them to the nearest edge server, which serves the
content. If the content is not available or has expired, the request is redirected to the origin
server to fetch the latest version.
The service supports both static content (HTTP/HTTPS) and streaming content (RTMP -
Real-Time Messaging Protocol). Users can control which protocols are allowed and
configure access rules to limit or manage distribution. Additionally, CloudFront offers the
ability to invalidate or update content in its cache before it expires, ensuring content is up-to-
date.
CloudFront is typically cheaper than S3, as its purpose is to efficiently distribute frequently
accessed content across the globe, rather than serving as long-term storage for large files. The
pricing model for CloudFront reflects this optimization.
Communication Services
Amazon Web Services (AWS) provides various tools to facilitate communication between
applications and services within the AWS ecosystem. These tools are divided into two major
categories: virtual networking and messaging.
1. Virtual Networking
Virtual networking in AWS offers users a range of services that control connectivity between
compute and storage services within the AWS environment. Some of the key services
include:
1. Amazon Virtual Private Cloud (VPC):
 Amazon VPC allows users to create private networks within AWS, giving
them control over the network’s structure and connectivity. Users can choose
between predefined templates for common network setups or create fully
customized networks for more advanced configurations.
 Templates include public subnets, isolated networks, private networks with
internet access via NAT (Network Address Translation), and hybrid networks
that combine AWS and private resources.
 VPC enables users to control connectivity between different services (e.g.,
EC2 instances and S3 buckets) through AWS Identity and Access Management
(IAM).
 Cost: As of 2011, Amazon VPC was priced at $0.50 per connection hour.
2. Amazon Direct Connect:
 Direct Connect allows users to create dedicated, high-bandwidth connections
between their private networks and AWS locations, ensuring consistent
performance. These connections can be further partitioned into multiple
logical connections.
 This service is ideal for scenarios requiring high bandwidth between an on-
premise network and AWS services like EC2, S3, or VPC.

80
Cloud Computing 21CS72

 Available ports are limited to two locations in the U.S., but users can utilize
external providers for higher bandwidth access.
 Pricing:
 1 Gbps port: $0.30 per hour
 10 Gbps port: $2.25 per hour
 Inbound traffic is free; outbound traffic costs $0.02 per GB.
3. Amazon Route 53:
 Route 53 offers DNS services that allow AWS resources to be accessed
through custom domain names, rather than using Amazon’s default domain
names.
 Route 53’s global network of DNS servers facilitates reliable access to
resources like EC2 instances and S3 buckets under user-controlled domain
names.
 It also supports dynamic DNS, allowing AWS resources to be mapped to
domain names as they are launched or created (e.g., EC2 instances or S3
buckets).
 Users can manage hosted zones and edit available resources through the Route
53 Web service.
 Pricing:
 $1 per month per hosted zone
 $0.50 per million queries for the first billion queries per month, with
reduced rates for higher query volumes ($0.25 per million queries over
1 billion).
2. Messaging
Messaging services offered by AWS enable communication between applications by using
various message transmission models. These services include Amazon Simple Queue
Service (SQS), Amazon Simple Notification Service (SNS), and Amazon Simple Email
Service (SES).
1. Amazon SQS:
 Description: SQS is a distributed messaging queue service that allows
applications to send and receive messages. It uses a disconnected model,
meaning messages are stored in a queue, and applications can retrieve them at
their own pace.
 Functionality: Users can create an unlimited number of message queues and
configure access control. Messages are stored securely and redundantly within
AWS for a limited time. When a message is read, it is locked to prevent
duplication. The lock expires after a predefined period.

81
Cloud Computing 21CS72

2. Amazon SNS:
 Description: SNS provides a publish-subscribe model for connecting
applications, allowing applications to receive notifications about updates on
specific topics.
 Functionality: Users can create topics, and other applications can subscribe to
these topics. When a message is published to a topic, all subscribers are
automatically notified. SNS supports various notification methods, including
HTTP/HTTPS, email, and SQS.
3. Amazon SES:
 Description: SES is an email service that enables users to send email
messages through AWS infrastructure. It is a scalable service primarily for
transactional and marketing emails.
 Functionality: Users must verify an email address to use SES, after which
they can send emails via SMTP or raw email methods. SES provides feedback
on email delivery and failure notifications, along with detailed statistics to
improve email campaigns.
Google AppEngine
Google AppEngine is a Platform as a Service (PaaS) solution designed to facilitate the
development and hosting of scalable web applications. It leverages Google's distributed
infrastructure to handle high volumes of traffic, automatically scaling applications and
allocating additional computing resources as needed. AppEngine also simplifies the process
of application development with built-in services that support easy scaling and resource
management. It supports applications built in languages such as Java, Python, and Go.
1. Infrastructure
The primary role of AppEngine's infrastructure is to efficiently serve user requests. It does
this by utilizing Google's extensive network of servers across various data centers. For
each HTTP request, AppEngine identifies the servers hosting the application, evaluates their
current load, and may allocate more resources or redirect the request to a server that can
handle it.
Key features of AppEngine's infrastructure include:
 Dynamic Resource Allocation: If necessary, additional servers are added to balance
the load, ensuring that applications can scale seamlessly.
 State Independence: AppEngine applications are designed in such a way that they do
not implicitly maintain state between requests. This allows the infrastructure to route
requests to any available server without worrying about state synchronization,
simplifying load balancing and resource management.
 Performance Monitoring: The infrastructure also monitors the performance of
applications and collects statistics that are later used for billing purposes.
2. Runtime Environment

82
Cloud Computing 21CS72

The runtime environment in Google AppEngine represents the execution context of

applications hosted on the platform. This environment is activated when a request
handler starts processing a request, and it terminates once the handler completes its
execution. Essentially, the runtime provides the necessary environment for executing the
application code in response to HTTP requests.

Sandboxing:
One of the key functions of the runtime environment in AppEngine is sandboxing.
Sandboxing isolates applications in a protected environment to ensure that they do not affect
the server or other applications. This isolation helps maintain security and stability.
 Sandboxing Mechanism: AppEngine restricts access to certain system resources to
prevent potentially harmful actions. For instance, an application cannot write to the
server’s file system or access external networks (except for services like Mail,
UrlFetch, and XMPP).
 Execution Restrictions: The runtime environment imposes several restrictions to
prevent long-running tasks (e.g., requests must complete within 30 seconds) and limit
operations outside the scope of requests, queued tasks, or cron jobs.
AppEngine only supports managed or interpreted languages (such as Java, Python, and
Go), and sandboxing ensures that applications developed in these languages are safe and
resource-controlled.
Supported Runtimes
AppEngine supports three programming languages for application
development: Java, Python, and Go. Each language has its own runtime environment
tailored for the AppEngine platform.
1. Java:
 AppEngine supports Java 6, and developers can use Java tools like Java
Server Pages (JSP) and Servlets.
 Java applications interact with AppEngine services via Java libraries that
provide interfaces for the platform's abstractions.
 The Java SDK allows development with either Java 5 or Java 6, but some
Java libraries may not be compatible with AppEngine’s sandbox restrictions.
2. Python:
 AppEngine uses an optimized Python 2.5.2 interpreter.
 Similar to Java, Python applications can use the standard library, but with
restrictions on certain modules that perform potentially harmful operations.
 AppEngine also offers a webapp framework for developing Python-based
web applications.
3. Go:

83
Cloud Computing 21CS72

 The AppEngine runtime for Go supports Go r58.1 and allows developers to

build applications in Go.
 The Go SDK includes a compiler and standard libraries for developing Go
applications and interfacing with AppEngine services.
 As with Python, certain functionalities are restricted, and third-party libraries
can be included if they are implemented in pure Go.
3. Storage
AppEngine provides different types of storage for applications, designed to support various
data storage needs based on the volatility of the data. There are three primary levels of
storage:
1. In-Memory Cache: For fast, short-term storage.
2. Semistructured Data Storage: For data that has some structure but does not require
the strictness of relational databases.
3. Long-Term Storage for Static Data: For data that remains mostly unchanged, like
images, HTML files, and other static assets.
Static File Servers
Static file servers in AppEngine host content that does not change frequently, such as CSS
files, HTML files, JavaScript, images, and icons. These files are optimized for delivery and
can be served independently from dynamic content. When deploying an application,
developers can specify how dynamic content should be served.

DataStore :DataStore is a key service in AppEngine designed for semistructured

data storage. It is a NoSQL service optimized for scalability and high-performance data
retrieval.
 Data Representation: Data is stored as entities, each consisting of properties.
Entities are identified by a key, and each entity is associated with a kind that helps
optimize data retrieval.
 Indexes: To speed up queries, DataStore automatically creates indexes for specified
queries. These indexes allow for efficient querying of data, making the execution time
independent of the size of the data, only depending on the size of the result set.
 Transaction Support: AppEngine supports atomic updates for a single entity. It also
allows multiple entities to be updated atomically, but only if they belong to the
same entity group. AppEngine uses optimistic concurrency control, meaning that if
two users try to update the same entity simultaneously, one of the updates will fail.
4. Application Services in Google AppEngine
Google AppEngine provides several application services that simplify common operations in
web applications. These services include data access, communication, account management,

84
Cloud Computing 21CS72

external resource integration, image manipulation, and asynchronous computation. Below are
the primary services and their functionalities:

1. UrlFetch
 Purpose: Enables web applications to retrieve remote resources via HTTP/HTTPS.
 Key Features:
 Applications can perform synchronous or asynchronous web requests.
 Allows integration of remote resources into the application's workflow,
aligning with the Service-Oriented Architecture (SOA) model.
 Supports setting request deadlines to control timeouts.
 Use Cases:
 Fetching fragments of HTML or data from external APIs.
 Rendering resources from remote servers within a single web page.

2. MemCache
 Purpose: Provides a distributed in-memory caching system for frequently accessed
objects, enhancing application speed.
 Key Features:
 Acts as a volatile storage mechanism for fast data retrieval.
 Automatically removes rarely accessed objects.
 Advantages:
 Reduces latency by serving data from memory instead of persistent storage.
 Allows developers to implement a lookup hierarchy: first check MemCache,
then DataStore if needed.
 Use Cases:
 Storing session data.
 Caching user-specific or frequently accessed data.

3. Mail and Instant Messaging

 Mail Service:
 Supports sending and receiving emails programmatically.
 Allows attachments and multiple recipients.

85
Cloud Computing 21CS72

 Operates asynchronously, with delivery failure notifications sent to the sender.

 XMPP Service:
 Enables communication via chat messages using protocols like Google Talk.
 Useful for integrating chat bots or implementing administrative tools via chat.
 Use Cases:
 Sending notifications or updates to users via email.
 Building real-time communication features.

4. Account Management
 Integration with Google Accounts:
 Simplifies user authentication and account management.
 Leverages Google’s authentication system, eliminating the need for custom
solutions.
 Key Features:
 Enables storing user profiles as key-value pairs attached to Google accounts.
 Particularly beneficial for corporate environments using Google Apps,
allowing seamless integration with other Google services.
 Use Cases:
 Handling user authentication and personalization in web applications.
 Managing user data securely.

5. Image Manipulation
 Purpose: Provides lightweight tools for basic image processing directly within web
applications.
 Key Features:
 Supports resizing, rotation, mirroring, and image enhancement.
 Optimized for speed, ensuring efficient performance for routine image tasks.
 Use Cases:
 Adding watermarks or branding to user-uploaded images.
 Resizing or formatting images for responsive design.

86
Cloud Computing 21CS72

5. Compute Services in Google AppEngine

Google AppEngine provides compute services to handle operations that require asynchronous
execution or scheduling. These services are particularly useful for tasks that cannot be
completed synchronously during a web request, ensuring optimal application performance
and user experience.

1. Task Queues
 Purpose: Enable applications to schedule tasks for later execution, especially for
long-running computations.
 Key Features:
 Delayed Execution: Tasks are submitted for execution at a later time, outside
the scope of the original web request.
 Queue Configuration: Supports up to 10 queues, each with configurable
execution rates.
 Failure Handling: Automatically retries tasks in case of transient failures to
ensure successful completion.
 How It Works:
 A task is defined by a web request to a specified URL.
 The queue invokes the request handler, passing the task payload as part of the
web request.
 The request handler performs the task execution, while the queue handles
retries if needed.
 Use Cases:
 Background processing, such as generating reports or resizing images.
 Long-running computations that exceed the maximum response time for a web
request.

2. Cron Jobs
 Purpose: Schedule operations to run at specific times or intervals, independent of
user requests.
 Key Features:
 Executes tasks at predefined times, such as daily, weekly, or hourly schedules.
 No Automatic Retries: Unlike Task Queues, tasks are not retried upon failure.
 Ideal for periodic or maintenance tasks.

87
Cloud Computing 21CS72

 How It Works:
 Similar to Task Queues, the service invokes a request handler for the
scheduled task.
 The request handler executes the operation at the specified time.
 Use Cases:
 Sending scheduled email notifications or reminders.
 Performing regular maintenance, such as clearing temporary data or updating
cached information.
 Scheduling batch processing jobs.
Application Life Cycle
Google AppEngine simplifies the development and deployment process for scalable web
applications by providing tools for all phases, including testing, development, deployment,
and monitoring.
1. Development and Testing
 Developers can use local development servers to simulate the AppEngine
runtime environment.
 The servers provide mock implementations of services like DataStore,
MemCache, and UrlFetch.
 Java SDK:
 Supports Java 5 and Java 6 environments.
 Offers integration with Eclipse through Google AppEngine plug-ins.
 Allows for servlet-based development with additional tools for
building web applications.
 Python SDK:
 Supports Python 2.5 and includes the GoogleAppEngineLauncher tool.
 Comes with a built-in web framework (webapp) and supports others
like Django.
 Provides command-line tools for monitoring, deploying, and
debugging.
2. Deployment and Management
 Applications are deployed using a unique Application Identifier that serves
as its address (http://application-id.appspot.com).
 Once uploaded, AppEngine handles the scaling, monitoring, and management.

88
Cloud Computing 21CS72

 Developers can manage multiple versions of an application and adjust billing

settings through the administrative console.
Cost Model
AppEngine's cost model revolves around quotas, ensuring that developers can manage their
applications within their budgets:
1. Free Service with Daily Quotas
 Free quotas reset every 24 hours, offering a no-cost testing environment.
2. Billing Quotas
 Developers can enable billing for higher allowances.
 Quotas include:
 Billable Quotas: Daily usage defined by the allocated budget.
 Free Quotas: A subset of billable quotas for which no charge is
incurred.
 Fixed Quotas: Infrastructure-defined limits to prevent resource
monopolization.
 Per-Minute Quotas: Designed to prevent quick depletion of resources.
3. Quota Exhaustion
 Depleted resources result in errors:
 CPU and bandwidth return HTTP 403 errors.
 Other resources generate exceptions.

Observations
 AppEngine’s scalable and sandboxed runtime ensures secure and isolated execution of
applications.
 Services are designed to handle common web development needs efficiently.
 To fully utilize AppEngine, developers need to adapt to its specific application model
and scaling architecture.
This framework is ideal for building applications that require robust scalability and benefit
from a pay-as-you-go model.

89
Cloud Computing 21CS72

Scientific applications
ECG Analysis in the Cloud:
The integration of cloud computing with healthcare has enabled significant advancements,
particularly in remote diagnostic and monitoring processes. One notable example is ECG
(Electrocardiogram) analysis, which utilizes cloud technologies to assist in diagnosing
heart conditions more effectively. This approach combines wearable sensors, mobile devices,
and cloud-hosted systems to create an efficient and scalable health-monitoring infrastructure.

How Cloud-Based ECG Analysis Works

1. Wearable Devices:
Patients use wearable devices equipped with ECG sensors that continuously monitor
the heart's electrical activity and capture heartbeat data.

90
Cloud Computing 21CS72

2. Data Transmission:
The ECG data is tran smitted from the wearable device to the patient's mobile device,
which forwards it to a cloud-hosted web service.
3. Cloud Infrastructure:
 Data Storage: ECG data is stored using cloud services like Amazon S3.
 Processing Workflow: The system uses scalable platforms like Aneka and
EC2 instances to process the data dynamically based on demand.
 Analysis: The processing involves extracting waveforms and comparing them
against reference waveforms to detect anomalies.
4. Notification:
If anomalies are detected, doctors and emergency personnel are immediately notified
to intervene.
Advantages of Cloud-Based ECG Monitoring
1. Elasticity:
Cloud infrastructures dynamically scale resources up or down based on the workload,
ensuring efficient use of computing power and reducing costs associated with over-
provisioning.
2. Ubiquity:
Cloud-hosted systems are accessible from any internet-connected device, allowing
seamless integration with hospital systems and remote access by healthcare providers.
3. Cost Savings:
 Pay-per-use pricing models reduce the need for capital investment in on-
premises infrastructure.
 Volume discounts for frequent usage make this solution cost-effective for
large-scale implementations.
4. Improved Patient Care:
 Continuous monitoring enables early detection of potential heart conditions.
 Immediate notification of anomalies ensures timely intervention, potentially
saving lives.
Cloud-Based Protein Structure Prediction in Biology
Protein structure prediction is a computationally intensive task crucial for understanding
biological processes and designing drugs for disease treatment. Using cloud computing for
this purpose offers a dynamic, scalable, and cost-efficient alternative to traditional
supercomputing or cluster computing infrastructures.
Protein Structure Prediction Overview
1. Objective:
Determine the 3D geometric structure of a protein from its gene sequence. This

91
Cloud Computing 21CS72

involves complex computations to find the structure that minimizes energy

requirements.
2. Challenges:
 Vast computational space with numerous states.
 High computational demands for state evaluation.
3. Cloud Computing Solution:
On-demand computational power eliminates the need for physical clusters, reduces
bureaucratic hurdles, and accelerates research processes.
Jeeva Portal: A Cloud-Based Solution
The Jeeva portal exemplifies cloud-driven protein structure prediction. It utilizes Aneka, a
scalable cloud middleware, to offload and execute prediction tasks.

1. Key Features:
 Uses machine learning (Support Vector Machines - SVMs) for classifying
protein structures into secondary structures (E, H, and C).
 Decomposes tasks into three sequential phases: Initialization, Classification,
and Final Prediction.
 Exploits parallel processing in the Classification phase, running multiple
classifiers concurrently to reduce computation time.
2. Task Execution:
 Tasks are translated into a task graph and executed in the cloud using Aneka.
 After completion, results are visualized through the Jeeva portal.

92
Cloud Computing 21CS72

Advantages of Cloud Computing for Protein Structure Prediction

1. Scalability:
Cloud infrastructure dynamically adjusts to computational needs, ensuring efficient
resource use.
2. Cost Efficiency:
Pay-per-use pricing reduces upfront costs associated with dedicated infrastructure.
3. Ubiquity and Accessibility:
Researchers access tools and data from anywhere via cloud-hosted portals.
4. Enhanced Research Productivity:
Accelerates tasks like drug design by leveraging the parallelization capabilities of
cloud computing.
Architecture of the Jeeva Portal
 Initial Phase: BLAST (Basic Local Alignment Search Tool) and Data Vector
creation.
 Classification Phase: Executes classifiers like HH, SS, TT, etc., in parallel.
 Final Phase: Predicts the secondary structure by aggregating classification results
Cloud-Based Satellite Image Processing in Geoscience
Geoscience applications, particularly those involving satellite image processing, generate
massive geospatial datasets. The increasing deployment of sensors and satellites for planetary
monitoring has significantly amplified data generation. Cloud computing offers a scalable
and efficient infrastructure to manage these compute- and I/O-intensive workflows.

Components of Satellite Image Processing in Geoscience

1. Geographic Information System (GIS):
GIS is fundamental in geoscience, managing geographically referenced data for
diverse applications, such as:
 Advanced farming: Optimizing agricultural yield.
 Civil security: Disaster management and urban planning.
 Natural resource management: Monitoring and sustainable exploitation of
resources.
2. Satellite Remote Sensing Data:
 Produces hundreds of gigabytes of raw images.
 Requires processing, corrections, and transformations before integration
into GIS products.
3. Challenges:
 Large volumes of data ingestion.

93
Cloud Computing 21CS72

 High computational demands for processing.

 Need for efficient data movement and storage.

Cloud Computing Solution

Cloud computing provides a robust infrastructure for satellite image processing by offering:
1. Scalability: Dynamic provisioning of compute and storage resources to handle
fluctuating workloads.
2. Cost Efficiency: Avoids heavy capital investments by transforming costs into a pay-
per-use model.
3. Ease of Integration: Facilitates seamless data movement and workflow automation.
Business and consumer applications
Cloud computing has revolutionized the business and consumer sectors by offering scalable,
cost-effective, and accessible solutions. Businesses can shift from capital-intensive IT
infrastructure to operational expenses with pay-as-you-go models, allowing them to adapt
quickly to changing demands.
This flexibility supports innovations in applications such as CRM, ERP, and data analytics,
enabling organizations to optimize operations and enhance customer experiences. For
consumers, cloud services provide seamless access to data and applications across devices,
fostering productivity and convenience.
The elastic nature of the cloud empowers both sectors to experiment, innovate, and scale
without significant upfront investments, making it a cornerstone of modern digital
transformation.
1. CRM and ERP
Cloud-based Customer Relationship Management (CRM) and Enterprise Resource Planning
(ERP) applications are thriving in the modern business environment, with CRM solutions
being more mature and widely adopted. Cloud CRM provides an affordable and flexible
option for small businesses and start-ups, offering subscription-based access without
substantial upfront investments.
These applications enable seamless access to customer and business data from any device,
contributing to their widespread popularity. Conversely, cloud ERP solutions face slower
adoption due to the complexity of integrating various enterprise functions, such as finance,
human resources, and supply chain management.
Established in-house ERP systems present significant competition, as transitioning to the
cloud involves challenges like unclear long-term cost benefits and compatibility with existing
installations. Consequently, CRM solutions currently outpace ERP systems in cloud adoption.
2. Salesforce

94
Cloud Computing 21CS72

Salesforce.com is one of the most popular and advanced CRM solutions available today, with
over 100,000 customers worldwide. It provides highly customizable CRM solutions that can
be integrated with additional features developed by third parties. The platform is built on the
Force.com cloud development platform, which serves as a scalable and high-performance
middleware to execute all operations within Salesforce applications.
The Force.com platform has evolved from supporting only CRM applications to
accommodating a broad range of cloud-based applications. At its core, the platform features a
metadata architecture, which offers flexibility and scalability by storing the core logic and
business rules of applications as metadata, rather than in specific components and tables. This
metadata is stored in the Force.com store, enabling a runtime engine to retrieve and perform
operations on the data. Despite operating in isolated containers, applications logically share
the same database structure, and the runtime engine processes them uniformly.
A full-text search engine further enhances the user experience, allowing efficient navigation
through large data sets. The search engine updates its indexing data continuously in the
background as users interact with the application.
Users can customize Salesforce applications by using the Force.com framework or leveraging
programmatic APIs in popular programming languages. The framework allows users to
visually define the data structure or core application logic, while APIs offer a more
conventional development approach based on web services. Additionally, users can enhance
processes and logic by writing scripts in APEX, a Java-like language that supports both
object-oriented and procedural programming. APEX enables users to define on-demand
scripts, triggers, and complex queries to access and manipulate data within the platform.

95
Cloud Computing 21CS72

3. Microsoft Dynamics CRM

Microsoft Dynamics CRM is a customer relationship management solution provided by

Microsoft, available both for on-premise installation or as an online solution. The online
version is subscription-based, priced per user on a monthly basis.
The system is hosted in Microsoft’s global data centers and provides a 99.9% Service Level
Agreement (SLA), with bonus credits for failure to meet the SLA. Each Dynamics CRM
instance is deployed on its own database, ensuring high levels of isolation and security. The
platform offers users capabilities in marketing, sales, and advanced customer relationship
management, with both web browser and programmatic access through SOAP and RESTful
Web services.
This makes it easy to integrate with other Microsoft products and business applications.
Dynamics CRM can be extended via custom plug-ins to trigger specific behaviors in response
to defined events. Additionally, it supports the use of Windows Azure for further development
and feature integration.

96
Cloud Computing 21CS72

4. Net Suite
NetSuite is a comprehensive suite of cloud-based applications designed to manage various
aspects of business operations. It includes three main products: NetSuite Global
ERP, NetSuite Global CRM, and NetSuite Global Ecommerce. Additionally, NetSuite
offers an all-in-one solution, NetSuite OneWorld, which integrates these three products. The
services are powered by two major data centers on the East and West coasts of the United
States, ensuring 99.5% uptime and high availability.
NetSuite provides not only prepackaged solutions but also infrastructure for customized
applications, enabling businesses to extend the platform’s functionality. The NetSuite
Business Operating System (NS-BOS) is a complete stack for building Software-as-a-
Service (SaaS) business applications that leverage NetSuite's products.
With its SuiteFlex online development environment, businesses can create new web
applications that integrate NetSuite capabilities and distribute them through SuiteBundler.
The entire NetSuite infrastructure is hosted in its own data centers, which guarantee
application uptime and availability.
Productivity Applications in the Cloud
Productivity applications have become a key area in cloud computing, providing users with
essential tools like document storage, office automation, and full desktop environments—all
hosted in the cloud. These services allow users to work from anywhere, using any device
connected to the Internet, while also providing enhanced accessibility, scalability, and
collaboration features.
1. Dropbox and iCloud
Cloud-based document storage has become an essential part of many users' daily routines,
thanks to the seamless access to files across multiple platforms. Dropbox has emerged as one
of the most popular solutions for online document storage. It offers users the ability to
synchronize files across devices and platforms, including Windows, Mac, Linux, and mobile
devices. Users can access their Dropbox folder via a browser or by installing a Dropbox
client. All changes made to files in the folder are automatically synchronized across all
devices, ensuring consistency and availability. Dropbox's key strength lies in its cross-
platform support, allowing users to work on files from any device with ease.
iCloud, developed by Apple, provides a similar cloud storage and synchronization solution,
but with a focus on seamless integration across iOS-based devices. Unlike Dropbox, iCloud
operates transparently—users don't need to manually sync files. For example, photos taken
on an iPhone are automatically available on an iMac, and documents edited on one device
update on all others. However, iCloud is primarily limited to Apple devices, and currently,
there is no web-based interface for broader accessibility.
Other similar services, like Windows Live, Amazon Cloud Drive, and CloudMe, offer
similar features with varying levels of integration and device support.
2. Google Docs
Google Docs is a powerful SaaS (Software as a Service) application that delivers basic office
automation functions, such as creating and editing text documents, spreadsheets,

97
Cloud Computing 21CS72

presentations, forms, and drawings. Designed as an alternative to desktop software like

Microsoft Office and OpenOffice, Google Docs allows for collaborative editing in real-time.
Multiple users can edit documents simultaneously, eliminating the need for constant emailing
or file version management. With its integration into Google’s cloud infrastructure,
documents are accessible from any Internet-connected device. Furthermore, Google Docs
supports offline work, which is useful when connectivity is limited. It also supports various
document formats, allowing for easy import/export to and from other desktop office tools.
The main benefits of Google Docs include ubiquitous access, elastic scalability,
and absence of installation and maintenance costs—making it a prime example of what
cloud computing offers to end users.
3. Cloud Desktops: EyeOS and XIOS/3
The evolution of cloud computing technologies has led to the development of cloud
desktops, which replicate traditional desktop environments entirely in the cloud. These cloud
desktops provide users with a full-fledged desktop experience, available through any web
browser, while leveraging cloud resources for computation and storage.
EyeOS is one of the most popular cloud desktop solutions, offering a full desktop
environment through a web browser. It provides a range of pre-installed applications for file
and document management and supports both individual users and organizations. EyeOS
operates using a simple client-server model, with the user interface rendered in the browser
using JavaScript, while AJAX is used to manage communication with the server for tasks like
document editing, file management, and more. EyeOS also supports custom application
development via APIs, allowing for an expanded feature set tailored to user needs.
XIOS/3, part of the CloudMe platform, is another cloud desktop solution that uses XML as
the foundation for its system. The client-side architecture handles most user interface tasks
and process orchestration, while the server manages core functionalities like transaction
management for collaborative document editing. XIOS/3’s key differentiator is its deep
integration of XML-based services, allowing for simplified development of complex
applications that integrate seamlessly with the cloud desktop environment. The system
includes a visual development environment called XIDE, which allows developers to build
applications using a combination of visual tools and XML-based business logic.
These cloud desktop solutions bring traditional desktop environments into the cloud, offering
users flexibility, accessibility, and ease of collaboration. Whether for personal use or
enterprise deployment, they provide a compelling alternative to traditional desktop systems,
with all data and applications hosted remotely in the cloud.

98
Cloud Computing 21CS72

Social Networking Applications

Social networking platforms, like Facebook, have grown substantially in recent years. These
platforms require continuous scaling to support millions of users. Facebook, for example,
relies heavily on cloud computing for scalability and high performance.
1 Facebook
Overview:

99
Cloud Computing 21CS72

 Facebook, with over 800 million users, is one of the largest social networking sites
worldwide. To support such a large user base, Facebook uses cloud computing for
scalability and performance.
Cloud Infrastructure:
 Facebook is backed by two data centers designed to efficiently manage large-scale
operations, reduce costs, and have a minimal environmental impact.
 The infrastructure is built on inexpensive hardware, which is complemented by a
customized software stack developed by Facebook.
Back-End Technology Stack:
 Facebook uses the LAMP stack (Linux, Apache, MySQL, PHP) as its foundational
technology.
 The back-end consists of additional services written in various languages to support
different functionalities such as news feeds, search, notifications, and more. These
services provide high-performance functionality, with critical parts of the service
being optimized using faster languages than PHP.
Database and Caching:
 The user data is stored in a distributed MySQL database cluster, where the data is
primarily in the form of key-value pairs.
 For fast retrieval, frequently accessed data is cached, improving the overall
performance of the system.
Communication and Development Tools:
 Thrift: An important tool for enabling cross-language communication. It allows
services written in different languages to communicate by taking care of serialization,
deserialization, and data exchange.
 Scribe: A service for aggregating log data in real-time.
 Rightscale: Used for auto-scaling to manage the infrastructure and ensure capacity is
dynamically added as needed.
Media Applications
Media applications are well-suited for leveraging cloud computing, especially for
tasks like video processing (encoding, transcoding, rendering), which can be
computationally demanding.
Examples:
Animoto
 Animoto is an example of a cloud-based video creation platform, where users can
generate videos by uploading photos, video fragments, and music. The process is
computationally intensive, particularly for video rendering.

100
Cloud Computing 21CS72

Cloud Infrastructure:
 Animoto utilizes Amazon Web Services (AWS), specifically Amazon EC2 for web
front-end and worker nodes, Amazon S3 for storing images, music, and videos,
and Amazon SQS for communication between components.
Scalability:
 Animoto’s system uses auto-scaling with Rightscale, which monitors system load
and dynamically adds or removes worker instances as needed. During peak times,
Animoto can scale to 4,000 servers without dropping requests, though some delays in
rendering are acceptable.
Key Workflow:
 The video creation process involves users uploading media and selecting themes, after
which rendering tasks are queued via SQS and processed by EC2 worker nodes.
Once rendered, users are notified about the completion.

Maya Rendering with Aneka

 In the engineering and movie production industries, rendering is a critical, resource-
intensive task, especially for 3D visualization. Cloud technologies help reduce the
time needed for rendering high-quality 3D models.
Cloud Infrastructure:
 Aneka, a private cloud solution, is used by GoFront, a division of China Southern
Railway for rendering 3D designs of high-speed trains.
Cloud Deployment:
 Aneka turns the local network of desktops into a private cloud, which allows the
team to utilize off-peak hours (e.g., night-time) for rendering, thereby reducing the
time from days to hours.
Workflow:
 Engineers submit rendering tasks through a specialized client interface, and Aneka
distributes the task to various machines in the cloud. This increases efficiency and
speeds up the design process for prototypes.

Video Encoding on the Cloud: Encoding.com

 Video encoding and transcoding are computationally intensive tasks, and cloud
platforms are well-suited to handle these tasks on-demand. Encoding.com is an
example of a cloud-based service for video conversion.
Cloud Infrastructure:

101
Cloud Computing 21CS72

 The service integrates with both AWS (EC2, S3, CloudFront) and Rackspace (Cloud
Servers, Cloud Files) for handling the storage and processing of videos.
Pricing Models:
 Encoding.com offers several pricing plans: monthly subscriptions, pay-as-you-go, and
special rates for high volumes.
Workflow:
 Users upload videos for conversion through various interfaces (web, APIs, or desktop
applications), specify the desired output format, and the transcoding is processed in
the cloud. This enables seamless integration into a variety of workflows.

Multiplayer Online Gaming

Overview:
 Multiplayer online gaming requires scalable infrastructure to handle large volumes of
players interacting in a shared environment. Cloud computing helps scale the servers
to handle millions of players, ensuring smooth game experiences.
Game Log Processing:
 Multiplayer games use game logs to track interactions between players. These logs
are processed on servers, which update the game state and forward the information to
all players in real time.
Cloud Benefits:
 Game log processing can be compute-intensive, especially with a high number of
concurrent users. Cloud computing provides the elasticity needed to process large
numbers of game logs and scale when necessary.
Case Study: Titan Inc. (Xfire)
 Titan Inc. (now Xfire), a gaming company, offloaded its game log processing to
an Aneka private cloud.
Cloud Deployment:
 The game logs from multiple games are processed concurrently across various cloud
servers, improving scalability and allowing the system to handle a larger user base.
Elasticity:
 The cloud system automatically adjusts to handle increases in demand, ensuring the
system can handle large numbers of users without significant delays.

Takeaways on Cloud Application Use-Cases:

1. Social Networking (Facebook):
 Leveraging cloud computing for scalability and performance.

102
Cloud Computing 21CS72

 Use of customized back-end infrastructure and cross-language communication

tools.
2. Media Applications (Animoto, Maya Rendering, Encoding.com):
 Cloud computing is well-suited for video processing tasks (encoding,
rendering, transcoding) which are resource-intensive.
 Systems are designed to scale on-demand using services
like AWS and Rightscale to handle large workloads.
3. Multiplayer Online Gaming:
 Cloud infrastructures support the scalability required for large-scale online
gaming, particularly for real-time processing of game logs and interaction
data.
 The elasticity of cloud computing ensures that gaming portals can dynamically
scale to meet the demand.
-----------------------------------END OF MODULE 5-----------------------------------

103
Cloud Computing 21CS72

Dear VTU Padhai Family,

We have compiled a comprehensive file containing all past year questions, important model
papers and IA question papers for all 5 modules of Cloud Computing. This carefully curated
resource is designed to provide everything you need for your exam preparation in one place.
We wish you great success in your studies and for your upcoming exam!
Warm regards,
VTU Padhai Team.
Subject: Cloud Computing Subject Code: 21CS72
Question Bank
Module -1
1. What is Cloud Computing? Explain the cloud computing reference model with a
neat diagram.
2. Explain in brief the services provided by
i) Amazon web service
ii) Microsoft Azure
iii) Hadoop.
3. Explain the different types of cloud computing service models (IaaS, PaaS, SaaS)
and provide examples of each.
4. Explain the differences between public, private, and hybrid cloud deployment
models
5. Identify and explain the different cloud service providers and their offerings

6. Describe how cloud computing affects traditional IT services and infrastructure

7. Explain briefly about the historical developments of cloud computing

8. Explain briefly about challenges in Cloud Computing

Module-2
1. Define virtualisation in detail and explain in detail about their types with pros and
cons
2. Explain characteristics of virtualised environments

3. Discuss the architecture of Hyper-V. Discuss its use in cloud computing

4. What are hardware visualisation techniques?

5. Discuss classification or taxonomy of virtualisation at different levels

6. What is Xen? Discuss its elements for virtualisation

7. Discuss the machine reference model of execution virtualisation

104
Cloud Computing 21CS72

8. Emphasise on Goldberg and Popek theorems that support virtualisation

Module-3
1. How can a small business use cloud computing to work better?

2. What are the open challenges of cloud computing?

3. Describe the fundamental features of the economic and business model behind
Cloud computing
4. What do the infrastructure, platform, and application layers do in cloud computing?

5 How does the Cloud Reference Model help when using multiple cloud services?

6. What is "pay-as-you-go" pricing in cloud services, and what costs are involved?

7. Why is cloud computing important for businesses going digital?

Module-4
1. How can cloud providers gain trust from businesses?

2. Explain virtual Machine security.

3. What are the steps to do a Privacy Impact Assessment (PIA)?

4. How well does a Privacy Impact Assessment (PIA) help reduce privacy risks in the
cloud?

5. Explain security risks posed by shared images.

6. What are the long-term financial benefits and risks of using cloud computing for a
new business?

7. How could a security problem in the management system affect a multi-tenant

cloud?

105
Cloud Computing 21CS72

Module-5
1. Explain the various storage services provided by AWS and their primary use cases.

2. Summarize the key concepts of S3 and explain their significance in cloud storage.

3. Illustrate and explain the architecture of Google App Engine, detailing the role of
each component.

4. Describe the core components of Google App Engine and their functions in
application deployment

5. Explain the functionalities of Dropbox and Animoto, including how they serve their
respective user bases.

6. Interpret CRM and ERP implementations by providing three examples, including

diagrams that illustrate their structures.

7. Apply your understanding to explain the following Amazon Web Services

concepts:
a) EC2
b) CloudWatch
c) EBS
d) Simple DB, and provide examples of their practical applications
8. Identify how cloud management techniques and software deployment
considerations are applied in satellite image processing, providing specific
examples of their benefits

9. Analyse how cloud computing enables remote ECG monitoring by breaking down
its key components and examining their interactions in ensuring seamless
functionality

10. Examine and explain the development technologies currently supported by App
Engine, discussing how they can be utilized in application development

106