Smt.

Kumudben Darbar College of Commerce, Science & Management

Studies, VIJAYAPUR
UNIT II
Cloud Computing Technology: Hardware and Infrastructure, clients, security,
network, services, accessing the Cloud, Platform, Web Applications, Web APIs, web
browsers, Cloud Storage –Overview, Cloud Storage Providers, standards, Application,
Client, Infrastructure, Service.
Cloud Computing Technology:
Hardware and Infrastructure:
• In order to get the most out of your cloud computing solution, it’s important to have the
right hardware and infrastructure in place.
• In this Unit we’ll talk about what equipment you need on your end and how it should be
configured for the best interaction with your cloud.

Clients
• The clients on your end user’s desks are how you will interact with the cloud.
• In this section we’ll talk about the different types of clients and how they can be configured
to communicate with the cloud.
• There are different types of clients that can link to the cloud.
• Each one offers a different way for you to interact with your data and applications.
• Depending on your organization and its needs, you may find yourself using any
combination of these devices.
Mobile
1. Mobile clients run the from laptops to PDAs (Personal digital Assistant-Handheld PC) and
smartphones, like an iPhone or BlackBerry
2. You cannot run robust application on a PDA or smartphone.
3. But laptop users can connect to the cloud and access applications just as if they were sitting
at their desk.
4. Mobile clients have security and speed worries.
5. Because the clients will be connecting to the cloud from various locations that may not have
an optimized connection.
6. As in a hotel, you can’t expect the speed that a desk-bound client will achieve.
7. But not all applications need speedy connections.
8. Further, since you can create your own applications in the cloud.
9. They can be design/made with a mobile client in mind.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 47

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
10. Mobile user won’t put tons of information into a
database, an application can still be developed to let
them access it.
11. Security is a major problem, but it’s a two-sided
issue.
12. On the one hand, it’s easier to lose or misplace a
laptop, and whatever information is on it could be
compromised.
13. On the other hand, if data is maintained on the
cloud and the user only has select files on his or her
laptop, if the laptop were to be stolen, only a
minimal set of data would be compromised.
Thin
1. Thin clients are client computers that have no L
hard drives, no DVD-ROM drives.
2. It simply display what’s on the server.
3. If a client only needs to access cloud-based .?123
services or is accessing a virtualized server, then
thin clients are a great option.
4. They are less expensive than thick clients, are
much less expensive to maintain, and use less
energy.
5. There’s also a high level of security, because no
data is stored on the thin client.
6. All the data resides in your datacenter or on the cloud, so the risk of a physical breach is
small.

Thick
1. Thick clients are the clients normal PC.
2. You can be used to connect to applications in the cloud.
3. Already some applications have installed in end users’ machines.
4. While you can offload some of your applications to the cloud or some mission-critical
applications that simply need to stay in-house.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 48

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
5. These machines can be connected to a virtualized server.
6. Thick clients are good choices if users need to maintain files on their own machines or run
programs that don not exist on the cloud.
7. Security-wise, thick clients are more risk to attack than thins.
8. Since data is stored on the machine’s hard drive, if the machine is stolen then the data could
be compromised.
Thin client Thick client
If a thin client fails, another thin to get There’s also an issue of reliability
plugged in and the user’s work If a thick client fails, whatever data is
environment is right there. stored on the machine, including the
operating system and all the configuration
settings, is lost and a new computer will
have to be configured for the user.

Security
• Security is the number one issue when it comes to cloud computing.
• Since a third party stores your data, you don’t know what’s going on with it.
• It’s easy to worry about the security risks of a cloud solution, but also security benefits, as well.

Data Leakage
1. The biggest benefit is the centralization of data.
2. Organizations have a problem to protect their resource.
3. Because of data being stored in numerous places, like laptops and the desktop.
4. Thick clients are suitable to download files and maintain them on the hard drive, and there are
plenty of laptops out there with nonencrypted files.-Data Leakage
5. Using thin clients creates a better chance for centralized data storage. As such, there’s less chance
for data leakage.

that maintain no permanent storage.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 49

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
6. Centralization also provides the opportunity for better monitoring. That data is in one place makes
it easier to check in on your data and see that everything is okay.

Offloading Work (Dumping data)

• It is Another security benefit isn’t so much a technology
• It is transfer of resources computational task to a separate processor or platform or to cloud.
• Offloading to a coprocessor can be used to accelerate applications including; image rendering and
mathematical calculations.
• Offloading computing to an external platform over a network can provide computing power and
overcome hardware limitations of a device, such as limited computational power, storage, and
energy.
• It’s up to the cloud provider to provide adequate security
• The fact of the matter is that your cloud provider might offer more security features than you had
before.
• The fact that so many clients are paying allows cloud providers to have bigger security, simply
because of the economy of scale involved.
Logging
• It is also called Logging as a service (LaaS).
• logging is the process of collecting and storing data over a period of time in order to analyze
specific trends or record the data-based events/actions of a system, network or IT environment.
• It is collecting any type of log files coming from any given source or location such as servers,
applications, devices etc.
• logging enables the recording of activity performed on one or more data/file objects or sets.
• data logging records events/actions, such as the data's size, most recent modification and
username/name of the individual that modified the data.
• logging also facilitates the storage and collection of computer or device information.
• logging also allows information security (IS) and auditing staff to analyze system access
information and assess audit trails to trace viruses and identify suspicious activities.
• In the cloud, you have to contend with large volumes of log data. Your log data may be extra-
complex because different cloud providers or services use different formats. And your logs may
be spread across a distributed architecture.
• How can we deal with these challenges?
• Logging is also improved. It’s something that, in-house, usually gets the short end of the
stick. But in the virtualized world of cloud computing, providers can add as much memory
as they need to extend logging.
Forensics- scientific tests or techniques used in connection with the detection of crime
1. If there is a breach, the cloud provider can respond to the incident with less downtime
than if you had to investigate the breach locally.
2. It is easy to build a forensic server online, and it costs almost nothing until it comes into
use.
3. Cloud Forensics is actually an application within Digital Forensics which oversees the
crime committed over the cloud and investigates on it.
4. If there is a problem, the virtual machine can be cloned for easy offline analysis.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 50

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
5.Further, many companies don’t have a dedicated in-house incident response team. Development
• Even more good news is that security vendors are not in the dark about this whole cloud thing.
• They are actively developing products that can apply to virtual machines and the cloud.
• Security vendors also have a unique opportunity in the cloud.
Auditing
It is the responsibility of the auditor to report on all the risks an organization may face.
Following are some points that an auditor have to consider while performing an audit of the organization
who uses cloud for storage and processing of data:-
• Auditor have to verify that only authorized individuals have access to cloud computing resources based
on their roles and responsibilities.
• Auditor have to check about the type and sensitivity of data stored in the cloud. As loss, leakage or
unavailability of data can cause loss to business
• Auditor have to check the risk associated with the change of technology. How the new technology is
adopted and what are the benefits users
• Auditor have to verify the sufficiency and appropriateness of policies, practices and procedures for the
protection of data stored in the cloud.
• Auditor have to review the terms of Service level Agreement (SLA) for the protection of data stored on
the cloud.
• Auditor have to assure that confidential and sensitive data should be encrypted in the cloud.
• Auditor have to go through the access logs and assure the protection of access logs from inadvertent
deletion or unauthorized access.
• Auditor have to assure that if there is any lack of policy and procedures for appropriate handling of
security and privacy incidents.
• Auditor have to assure that password settings are strong at cloud and according to the organizational
policies
• there is the headache of securing your own local network.
• But when you send your data to the cloud, a whole new set of issues arise.
• This is largely because your data is being stored on someone else’s equipment.
• The goal of CloudAudit is to provide cloud service providers with a way to make their performance and
security data readily available for potential customers.

Compliance-Agreement /standards
• Compliance adds another level of headache.
• The term 'cloud compliance’ can relate to many different industry standards and
regulations that cloud customers need to comply with.
• For example, in the healthcare industry, a set of laws called HIPAA make strict
guidelines and security protocols mandatory for certain kinds of patient health data.
• Another example is new financial privacy regulations that have stemmed from changes in
the finance world over the last couple of decades.
• Cloud customer will figure out whether their cloud vendor services match the compliance
that they need.
• In assessing cloud security, experts suggest that cloud customers ask certain kinds of
questions, such as -- where is the data going to be stored? And who will be able to access
it?

Cloud Computing - 2019-20 By PRAVEEN BADAMI 51

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
• Cloud compliance will remain an issue as engineers and designers work on how to
provide the most secure and best options for customers.
• compliance could be managed by a few tasks:

• Identify users and access privileges

• Identify sensitive data
• Identify where it’s located
• Identify how it is encrypted
• Document this for auditors and regulators

Web Application Breaches(cracks):

• Because service providers use so many web connections, they should be asked about the
security of their web applications.
• This should include whether they follow Open Web Application Security Project (OWASP)
guidelines for secure application development.
• This is similar to Requirement 6.5 of PCI, which requires compliance with OWASP coding
procedures.
• When dealing with a provider, you should seek out those who are able (willing) to talk about
how they handle breaches among their staff as well as where data is stored

VPNs: whether your employees access the cloud across the public Internet or from your office, you need
a secure remote access solution, like an SSL VPN. Virtual Private Network

What SSL Is An SSL VPN (Secure Sockets Layer virtual private network) is a VPN that can be used with a
standard web browser. VPN, an SSL VPN does not require you to install specialized client software on end
users’ computers.

SSL VPNs use an established protocol to connect to the cloud securely.

SSL is a protocol for managing the security of message transmission on the Internet. SSL is
included as part of popular web browsers and most web server products

Better Security Practices

• Requiring antivirus software to be running

Cloud Computing - 2019-20 By PRAVEEN BADAMI 52

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
• Verifying that OS patches have been installed
• Checking to see if malware or bots are running

Key Management:
• Key management refers to management of cryptographic keys in a cryptosystem.
• A key management service is a software-only approach that allows the client to create and
manage the encryption keys used to protect sensitive data held in the cloud. Encryption keys
reside within the cloud provider's infrastructure and are accessible only by the client.
• With your data stored off-site, there’s certainly opportunity for your data to be
compromised.
• Your applications, compute cycles, and storage are not under your direct control.
• So, while cloud vendors aspire to keep your data safe, you can never really be 100 percent
sure that it’s not at risk.
• there’s no guarantee that it will be destroyed.
• This is accomplished through client and server certificates that let you know you are
connecting securely to your cloud assets.
• Remote services must also be cryptographically protected. You use an authorization
infrastructure, like Kerberos, to ensure that you are properly authenticated.

FIGURE 5-1 Cloud computing key management diagram

• With cloud storage, be sure to protect it cryptographically as well. This includes encrypting the data
you store and ensuring that data is set up to be destroyed when the storage key is destroyed.
• This process will make your data more secure, but it also requires a lot of keys. Consider the
network diagram in Figure 5-1.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 53

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
• Notice in fig a key management server, which is critical to have to keep track of all your keys.
Keys on the server include
• Transport keys
• Authentication keys
• Authorization tokens
• File encryption keys
• Hardware storage keys
• Revocation keys
• Certificates

Network
• Cloud is accessed via the Internet.
• In order for the cloud to deliver its best resources, there are differing levels of connectivity needed.
• What works for one organization might not necessarily be the best means of connectivity for
another.
Basic Public Internet
1. The public Internet is the most basic choice for cloud connectivity office or home.
2. This is the type of access that you buy from an Internet service provider (ISP) and connect with via
broadband or dial-up, based on your location.
3. But “basic public Internet” is just that—basic.
4. There are no extras like Transmission Control Protocol (TCP) or advanced application-specific
optimization.
5. This method is adopt by Organizations/customers by taking multiple ISPs connection and cloud
providers should also get bandwidth from multiple sources.

This model has the following advantages:

• There’s a large audience. Anyone with Internet access can use this solution.
• It’s highly fault tolerant (accepting).
• Many provider options are available.
• Secure Sockets Layer (SSL)–based, Hypertext Transport Protocol Over Secure Sockets
Layer (HTTPS), encrypted access provides confidentiality.
• It’s cost-effective.

It also has the following disadvantages:

• Lack of end-to-end quality of service (QoS), thus making end-to-end service-level

agreements (SLAs) difficult to reach.
• poor response over high-latency connections.
• Downtime that might be out of your control (cable cuts, problems at the ISP, and so
forth).

Cloud Computing - 2019-20 By PRAVEEN BADAMI 54

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR

The Accelerated Internet

• Accelerated Internet Access is a service that uses various software techniques to speed up the
delivery of web pages to your web browser.
• Accelerated internet. Faster internet through combining multiple internet connections.
• It features on top of your Internet connection can benefit both the service provider and the client.
• Cloud improvement can increase by 20 percent to 50 percent by offloading network-related
functions from the server.
• This method is mostly oriented toward the cloud service provider, but in the end it benefits the end
user.
• At the cloud, this method of acceleration requires the installation of a server-side appliance.
• At the end user, it normally requires the installation of a downloadable client.
Some providers offering this service include

• AT&T Hosting
• Citrix NetScaler
• F5’s WebAccelerator

Optimized Internet Overlay

1. An optimized Internet overlay approach allows customers to access the cloud via the public
Internet.
2. but enhancement occurs on the provider’s cloud.
3. Enhancements at these points of presence (POP) include

• Optimized real-time routing. This helps avoid slowdowns.

• protocols and payload can be optimized and re-encrypted.
• better scalability, fault tolerance, and response time, usually in excess of 80 percent.
Disadvantages of this method include

• It is costlier than public Internet connectivity, sometimes as much as four times as much.
Site-to-Site VPN
1. The fourth option is to connect to the service provider directly using a private wide area network
(WAN).
2. This setup allows confidentiality, guaranteed bandwidth, and packet loss.
Table 5-1 compares all four connections.

Cloud Providers
1. Cloud providers that use services spread across the cloud need a strong connection method.
2. Cloud providers that are growing might face big costs as network bandwidth charges increase.
3. This traffic is from traffic both to and from clients as well as traffic among provider sites.
4. Big providers, like Google, are able to sidestep these charges by building their own WANs.
5. Performance can be improved and bandwidth charges reduced if providers use asymmetrical
optimization. (asymmetric network has multiple routes for incoming and outgoing network traffic)

Cloud Computing - 2019-20 By PRAVEEN BADAMI 55

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
6. This can reduce response time by up to 70 percent and bandwidth requirements by up to 80
percent. The benefit is that additional equipment is not needed at client sites.

Connection Method Description Examples of Use

Basic public internet Anyone can use it Consumer applications

Fault tolerant Advertising supported services
Multiple providers Applications where “best effort”
Cost-effective service is sufficient
Performance issues for globally
delivered applications

Accelerated internet Improved end-user performance Best for cost-sensitive service

Inconsistent performance, based where improved response times
on provider and ISP configuration and bandwidth are necessary
Low cost

Optimized overlay Consistent performance Business-critical applications that

Ability to have strong SLAs require SLAs delivering promised
Expensive response times and bandwidth
Limited provider options
Provider risk

Site-to-site VPN Ability to have strong SLAs Business-critical applications,

Site-specific delivery including server-to-server traffic
Consistent performance
Lowest latency Limited
reach

TABLE 5-1 Features of Connectivity Options

Cloud Consumers
1. Large companies can build their own scalable distributed IT infrastructure in which datacenters are
connected with their own private fiber optic connections.
2. Clients located at major sites normally access applications over the corporate WAN.
3. For smaller offices or mobile workers, accelerated Internet services provide a more robust solution.
Pipe Size
how much bandwidth you need, There are three factors that are simply out of your control when
it comes to how much bandwidth you need:

• The Internet bandwidth between your organization and the cloud

• The round-trip time between your organization and the cloud
• The response time of the cloud

Cloud Computing - 2019-20 By PRAVEEN BADAMI 56

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
Upstream/Downstream
1. If your connection with the cloud is symmetric, then that means you are sending and
receiving data at the same rate.
2. If your connection is asymmetric, then data is sent from your organization at a slower rate
than you’re receiving it.
3. Data moves through different routers and network appliances, so your speed will vary from
time to time. It may not be noticeable, but it does change.
4. As such, even though you are paying for connection don not call the phone company to
complain right away—there’s always a delay somewhere.
5. Perform an Internet connection test several times a day. To check bandwidth.

Redundancy

1. Network redundancy is a process through which additional or alternate instances of network

devices, equipment and communication mediums are installed within network infrastructure.
2. It is a method for ensuring network availability in case of a network device or path failure and
unavailability.
3. When formulating your cloud infrastructure, be sure to consider the issue of reliability and uptime.
4. Ask your service provider to configure your computing infrastructure for redundancy and failover.
5. In your LAN, redundancy used to mean that another server or two were added to the datacenter in
case there was a problem.
6. These days with virtualization, redundancy might mean a virtual server being cloned onto the same
device, or all the virtual servers of one machine being cloned onto a second physical server.
7. It becomes more complex in the cloud. While you may think of your server being hosted at the
datacenter of your cloud provider, it is not as easy to fix down.
8. Parts of your data may be housed in one location and other parts scattered throughout the country
(possibly even the world).
9. And when the provider adds a redundant system, again the data is scattered throughout their cloud.
10. So it’s not an issue of the service provider wheeling in a new server to provide redundant services.
Rather, they simply reallocate resources to give you a redundant system.
Services
There are different services you will need to run, depending on your cloud provider and what your
organization does. Also, these services will likely affect how your cloud infrastructure is deployed.

Identity
• No matter where an application runs—in-house or on the cloud—it needs to know about its users.
• To accomplish this, the application asks for a digital identity—a set of bytes—to describe the
user.
• Based on this information, the application can determine who the user is and what he or she is
allowed to do.
• Clouds, however, have to use their own identity services.
• If you sign on to Amazon cloud services, you have to sign on using an Amazon-defined identity.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 57

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
• Google’s App Engine requires a Google account, and Windows uses Windows Live ID for use
with Microsoft’s cloud applications.
• OpenID is an open, decentralized, single signon standard that allows users to log in to many
services using the same digital identity.
• An OpenID registration is shown in Figure 5-2. OpenID authentication is used by many
organizations, including:
• Google
• IBM
• Microsoft
• Yahoo!

FIGURE 5-2 OpenID is a means to keep login information consistent across several sites.

Integration
• Cloud integration is a system of tools and technologies that connects various applications,
systems, repositories, and IT environments for the real-time exchange of data and processes.
• Once combined, the data and integrated cloud services can then be accessed by multiple devices
over a network or via the internet.
• Cloud integration is the act of combining different cloud-based systems into an integral whole.
• The term may also refer to joining cloud-based systems with on-premises(buildings) systems.
• The ultimate goal of cloud integration is to connect the disparate elements of various cloud and
local resources into a single.
• For example, Amazon’s Simple Queue Service (SQS) provides a way for applications to exchange
messages via queues in the cloud.- Amazon SQS provides a queued cloud platform for message
creation, transport and broadcasting
• Another example of cloud-based integration is BizTalk Services.
• Instead of using queuing, BizTalk Services utilizes a relay service in the cloud, allowing
applications to communicate through firewalls.

Mapping
• Maps are becoming more and more popular in web applications.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 58

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
• For example, hotel and restaurant web sites show their locations on their web sites and allow
visitors to enter their addresses to get customized directions.
• But the guy who developed the web site likely didn’t have the time or money (not to mention the
interest) to make his own mapping database.
• Enough organizations want this functionality, however, so it is offered as a cloud application.
• Such services as Google Maps and Microsoft’s Virtual Earth provide this cloud-based function,
allowing developers to embed maps in web pages.
• These services are really just additions to existing web sites.

Payments
• Another cloud service that you might want to plan for and configure your hardware appropriately
for is payments.
• Depending on your organization, you may or may not want to accept online payments from
customers.
• Luckily, there is no lack of ways to get paid online.You can simply sign up with a service to accept
credit cards, or you can go the route of PayPal.
• With an online payment service, customers can send money directly to your organization.

Search
• The ability to embed search options in a web site is certainly nothing new, but it is a rich feature
that you might want to employ in your own web or application development.
• Microsoft’s Live Search allows on-site and cloud applications to submit searches and then get the
results back.
• For example, let’s say a company has a database of movie information. By typing in the name of
the movie, you can search its own database as well as a search of the Internet to give you two types
of results—what’s stored in the company database as well as what’s on the entire Web.
Accessing the Cloud:
• How you will interact with your cloud will depend on many factors,

Cloud Computing - 2019-20 By PRAVEEN BADAMI 59

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
• not the least of which is the provider you use.
• There are a number of development tools that allow you to build your applications and
several browser options that you can use to access those applications.
• tools you can use to connect with the cloud so you can realize which tools will work best
for your organization and your particular needs.
Platforms
• A platform is how a cloud computing environment is delivered to you.
• In this section we’ll take a closer look at how the cloud can be produced and presented to
you.
Web Application Framework
1. A web application framework is used to support the development of dynamic web sites,
web applications, and web services.
2. The point of a framework is to reduce the overhead that comes with common activities in
web development.
3. frameworks provide libraries that are already written so the developer doesn’t have to reinvent
the wheel every time a web site is developed.

AJAX
• Asynchronous JavaScript and XML (AJAX) is a group of web development techniques used for
creating interactive web applications.
• Advantages of AJAX is : Connections to the server are reduced, because scripts and style sheets
need only be downloaded once.
• Disadvantages of AJAX include : If a browser does not support AJAX or if JavaScript is disabled,
AJAX functionality cannot be used.

Python Django
• Django is an open-source web application framework written in Python.
• The Google App Engine includes Django.
• Django was developed to improve the creation of database-driven web sites and uses reusability of
components.
• Django utilizes the principle of DRY (Don’t Repeat Yourself). It also uses an administrative
CRUD (create, read, update, and delete) interface that is dynamically generated.
• Included in the core framework are: A lightweight, stand-alone web server for development and
testing

Cloud Computing - 2019-20 By PRAVEEN BADAMI 60

 Web Hosting Service
• Web hosting service that will allow to store data and applications. This is what we think of when
the term “cloud provider” is used. This is the organization that will host your data.
• Some web hosting services include Amazon Elastic Compute Cloud and Mosso.
Amazon Elastic Compute Cloud
• Amazon Elastic Compute Cloud (http://aws.amazon.com/ec2) is a web service that provides
resizable compute capacity in the cloud.
• Amazon EC2’s web service interface allows you to obtain and configure capacity with minimal
friction(tension).
• It provides complete control of your computing resources and lets you run on Amazon’s
computing environment.
• Amazon EC2 quickly scale capacity, both up and down, as a client’s computing requirements
change.
• Amazon EC2 changes the economics of computing by allowing you to pay only for capacity that
you actually use.
Mosso
• Mosso is the home of The Hosting Cloud and CloudFS, providing enterprise-grade hosting and
storage services.
• Mosso provides an easily managed interface so that developers, designers, and IT managers can
deploy reliable web applications quickly and easily
• It is high-performance cloud-based storage service.
• Mosso offering: Cloud Sites (put sites on cloud), Cloud Files(unlimited storage), cloud
Servers(deploy hundreds of cloud server)

Microsoft and Force.com are two examples of companies that have designed their own infrastructure
for connecting to the cloud.

Azure
• The Azure Services Platform is Microsoft’s cloud solution that areas from the cloud to the
enterprise datacenter.
• It delivers content across the PC, web, and phone.
• The Azure Services Platform provides developers with the ability to create applications while
taking advantage of their existing skills, tools, and technologies such as the Microsoft .NET
Framework and Visual Studio.
Force.com
• Force.com, a PaaS from Salesforce.com, is another way to create and deploy business applications.
• The Force.com platform gives customers the ability to run multiple applications within the same
Salesforce.com instance, allowing all of a company’s Salesforce.com applications to share a
common security model, data model, and user interface.
• Visualforce As part of the Force.com platform, Visualforce gives customers the ability to design
application user interfaces for any experience on any screen. Using the logic and workflow.
 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
Web Applications
• If you are going to use applications on the cloud, there are many to choose from.
• In this section we’ll talk about the choices you have in existing cloud applications.

Your Choices
• You have tons of options when it comes to finding online applications.
• Your provider may have a stable of premade applications that you can use.
• It may be that someone else has already created the application and it is simply a matter of using
what they have created.
• For example, Force.com allows you and others to create your own apps and then make them
available for others to use.
• If you do not see an application that you want, ask your service provider—they may have it offline
somewhere—or they can point you to it.
Sample Applications
• Different companies offer different things, but for the sake of understanding the market, let’s take
a closer look at cloud giant Google and their offerings.
• Following this link (http://www.google .com/apps/intl/en/business/index.html) will take you to
their apps.
• More than 100,000 small businesses and hundreds of universities now use the service.
• Google also offers a premium service called Google Apps Premier Edition.
• Google Apps Premier Edition has the following unique features: Per-user storage of 10GBs, APIs
for business integration Uptime of 99.9 percent ,Support for critical issues 24/7,Advertising
optional ,Low fee, Google Docs and Spreadsheets
• Google Apps, launched as a free service in August 2006, is a suite of applications that
includes

• Gmail webmail services

• Google Calendar shared calendaring
• Google Talk instant messaging and Voice Over IP
• Start Page for creating a customizable home page on a specific domain

Web APIs
1. You are likely to use APIs when building your apps.
2. There are a number of different APIs out there, and which one you use will depend on your
programmer’s skills and which company you use for cloud services.
3. Different cloud providers use different APIs.

What Are APIs?

1. An application programming interface (API) is a set of programming instructions and standards for
accessing a web-based program.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 62

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
2. Software companies release their APIs to the public so that other software developers can design
products that are powered by its service.
3. For example, Amazon released its own API so that web site developers could more easily access
information maintained at the Amazon web site.
4. By using Amazon’s API, a third-party web site can directly link to products on the Amazon site.
5. APIs allow one program to speak with another. They are not user interfaces.

How APIs Work

The API is a piece of software code written as a series of XML messages, like the one for the

API Creators
There are many different APIs you can use to link your organization with your cloud applications.
The Google Gadgets API is composed of three languages: XML, HTML, Javascript

Google Data APIs

1. The Google Data APIs provide a simple standard protocol for reading and writing data on the
Web.
2. They encompass a broad range of business functions that can be used to link your applications
within and outside of the cloud.
3. The Google Data APIs include: Blogger Data API, Google Book Search Data API, Google
Calendar Data API

GoGrid
1. GoGrid’s API is a web service that allows developers to control their interaction with GoGrid’s
cloud hosting infrastructure.
2. The GoGrid API provides two-way communication for controlling GoGrid’s control panel
functionality. Typical uses for the API include
• Auto-scaling network servers
• Listing assigned public and private IP addresses
• Deleting servers
• Listing billing details

Web Browsers
1. To connect to the cloud, users will utilize a web browser.
2. Browsers tend to be mostly the same, but with some sensitive functional differences.
3. Internet Explorer enjoys the highest market share of browser usage—69.77 percent.
4. Internet Explorer is included with Windows operating system.
5. Mozilla’s Firefox accounts for 20.78 percent, Apple’s Safari represents 7.13 percent, while Google
Chrome accounts for less than 1 percent of the market.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 63

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR

FIGURE 6-1 Microsoft Internet Explorer represented almost 70 percent of the web browser market at the end
of 2008.

we’re also going to talk about Google Chrome, mainly because it has been developed as a cloud
computing tool.

Internet Explorer
Windows Internet Explorer 8 for Windows Vista, XP, and Windows 7 is the latest version of the
popular web browser.

IE 8 Features
1. Internet Explorer 8 delivered a new look and enhanced capabilities that made everyday tasks—
such as searching, browsing multiple sites, and printing—simple and fast.
2. Microsoft engineered Internet Explorer 8 for compatibility with existing web sites by most
important standards for web site development.
Firefox
1. In June 2008 Mozilla released Firefox 3, free, open-source web browser.
2. Firefox 3 is the three years of efforts from thousands of developers, security experts, localization
and support communities, and testers from around the globe.
3. Available in approximately 50 languages,
User Experience
1. The enhancements to Firefox 3 include the new Firefox 3 smart location bar, affectionately known
as the “Awesome Bar.”
2. The Firefox 3 has browsing history, bookmarks, and tags, where they can be easily searched and
organized.
Firefox Performance
1. Firefox 3 uses less memory while it is running and its redesigned page rendering and layout engine
means that users see web pages two to three times faster than with Firefox 2.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 64

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
Security
1. The new malware and phishing protection helps protect from viruses, worms, trojans, and spyware
to keep people safe on the Web.
2. Firefox 3’s one-click site ID information allows users to verify that a site is what it claims to be.

Customization
1. Firefox 3 lets users customize their browser with more than 5,000 add-ons.
2. Firefox add-ons allow users to manage tasks like uploading digital photos, seeing the weather
forecasts, and listening to music.
Safari
1. Apple claims that Safari 3.1 is the world’s fastest web browser for Mac and Windows PCs, loading
web pages 1.9 times faster than Internet Explorer 7 and 1.7 times faster than Firefox 2.
2. Safari also runs JavaScript up to six times faster than other browsers.
3. Safari 3.1 is available as a free download at www.apple.com/safari for both Mac OS X and
Windows.
Safari Performance
1. Safari features a drag-and-drop bookmarks, easy-to organize tabs.
2. Safari 3.1 is the first browser to support the new video and audio tags in HTML 5 and the first to
support CSS Animations.
Chrome
1. Chrome is Google’s open-source browser.
2. Google Chrome was built for today’s Web and for the applications of tomorrow.
3. Google Chrome has a simple user interface with a hi-tech core to enable the modern web.
Chrome Features
1. A combined search and address bar quickly takes users where they want to go.
2. When users open a new tab it shows most-visited sites, recent searches, and bookmarks, making it
easier to navigate the Web.
Open Source
1. Google Chrome was built upon other open source projects that are making significant
contributions to browser technology.
2. Google Chrome is being released as an open-source project under the name Chromium.
Chrome Cloud
1. Chrome being a great tool for cloud computing.
2. It is believed that Chrome will allow desktop and web applications to merge, putting everything
into the cloud so that you won’t even have to think about both terms.
3. Chrome is an application virtual machine for both on and offline web applications.
4. Google Chrome can be downloaded at www.google.com/chrome

Cloud Computing - 2019-20 By PRAVEEN BADAMI 65

 Smt.Kumudben Darbar College of Commerce, Science &
Management Studies, VIJAYAPUR
Cloud Storage
• Cloud storage involves exactly what the name suggests—storing your data with a cloud
service provider rather than on a local system.
• Then cloud services, access the data stored on the cloud via an Internet link.
Overview
• Cloud storage has a number of advantages over traditional data storage.
• If you store your data on a cloud, you can get at it from any location that has Internet access.
• Workers do not need to use the same computer to access data nor do they have to carry
around physical storage devices.
• Also, if your organization has branch offices, they can all access the data from the cloud
provider.
The Basics
• When a client wants to retrieve the data, then accesses the data server with a web-based
interface.
• Cloud storage systems utilize dozens or hundreds of data servers. Because servers require
maintenance or repair.
• It is necessary to store the saved data on multiple machines, providing redundancy
(additional or alternate device is added in case of failure).
• Without that redundancy, cloud storage systems could not assure clients that they could
access their information at any given time.
• Most systems store the same data on servers such that clients can still access their data even
if a power supply fails.
• Many clients use cloud storage because of safety. If something happens to their building,
then they haven’t lost all their data.
Storage as a Service
• The term Storage as a Service means that a third-party provider rents space on their storage
to end users who does not have a budget to pay.
• Also, when technical personnel are not available or have inadequate knowledge to
implement and maintain that storage infrastructure.
• Storage service providers are popular for backup, duplication, and disaster recovery among
small and medium-sized businesses.
• The biggest advantage to SaaS is cost savings.
• Storage is rented from the provider using a cost-per-gigabyte-stored or cost-per-data-
transferred model.
• The end user does not have to pay for infrastructure; they simply pay for how much they
transfer.

Providers
There are hundreds of cloud storage providers on the Web, some examples of specialized
cloud providers:

Cloud Computing - 2019-20 By PRAVEEN BADAMI 66

 Smt.Kumudben Darbar College of Commerce, Science &
Management Studies, VIJAYAPUR
• Google Docs allows users to upload documents, spreadsheets, and presentations to
Google’s data servers.
• Web email providers like Gmail, Hotmail, and Yahoo! Mail store email messages on
their own servers. Users can access their email from computers and other devices
connected to the Internet.
• Flickr and Picasa host millions of digital photographs. Users can create their own
online photo albums.
• YouTube hosts millions of user-uploaded video files.
• GoDaddy store files and data for many client web sites.
• Facebook and MySpace are social networking sites and allow members to post
pictures and other content.
• Many of these services are provided for free, but others charge you per stored
gigabyte and by how much information is transferred to and from the cloud.
Security
To secure data, most systems use a combination of techniques:

• Encryption: A complex algorithm is used to encode information. To decode the encrypted

files, a user needs the encryption key.
• Authentication processes : This requires a user to create a name and password.
• Authorization practices : The client lists the people who are authorized to access
information stored on the cloud system. For example, a front-line employee might have
limited access to data stored on the cloud.
Reliability
• If a cloud storage system is unreliable, it becomes a danger.
• No one wants to save data on an unstable system, nor would they trust a company that is
financially unstable.
• Most cloud storage providers try to address the reliability issues through redundancy.
• But the possibility still exists that the system could crash and leave clients with no way to
access their saved data.
Advantages
• with cloud storage, data resides on the Web, located across storage systems rather than at a
hosting site.
• Cloud storage providers balance server loads and move data among various datacenters,
ensuring that information is stored close—and thereby available quickly—to where it is
used.
• it allows to protect data in case there is a disaster.
• Locally storing of critical information as backups does not help when sudden fire to
organization, so Storing data on the cloud is advantageous and good.
• Amazon S3 is the best-known storage solution, but other vendors might be better for large
enterprises.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 67

 Smt.Kumudben Darbar College of Commerce, Science &
Management Studies, VIJAYAPUR
Cautions (Warnings)
• Don not commit everything to the cloud, but use it for a few, non-critical purposes.
• Large enterprises might have difficulty with vendors like Google or Amazon, because they
are forced to rewrite solutions for their applications.
• The biggest deal in cloud storage seem to be price and reliability.
• Check the services that will provide before you commit too much to the cloud.
• Legal issues are also important. For example, if you have copyrighted material—like music
or video—that you want to maintain on the cloud, such an option might not be possible for
licensing reasons.
• Vendors offer different assurances with the maintenance of data. but make sure you know
exactly what your vendor will in case of data loss.
• The best solution is to have multiple redundant systems: local and offsite backup; sync and
archive.
Outages (not available for a temporary period)
• In case service is not available for a temporary period of time
• The result was client applications going offline.
• In this case no data is lost and data store multiple copies of every object in several locations.
• So need some warnings when deciding to pursue a cloud option.

Theft
• You should also keep in mind that your data could be taken or viewed by those who
are not authorized to see it.
• Whenever your data is let out of your own datacenter, you risk trouble from a
security point of view.
• If you do store your data on the cloud, make sure you’re encrypting data and securing
data transit with technologies like SSL.
• Because storage providers put everything into one pot, so to speak, your company’s
data could be stored next to a competitor’s

Cloud Storage Providers

Amazon ,Google is ready to launch its own cloud storage solution called GDrive. EMC is readying a
storage solution, and IBM already has a number of cloud storage options called Blue Cloud

Amazon Simple Storage Service (S3)

• The best-known cloud storage service is Amazon’s Simple Storage Service (S3).
• Amazon S3 is designed to make web-scale computing easier for developers.
• Amazon S3 provides a simple web services interface that can be used to store and retrieve
any amount of data, at any time, from anywhere on the Web.
• Amazon S3 functionality: Write, read, and delete objects containing from 1 byte to 5
gigabytes of data each.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 68

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
Nirvanix

• Nirvanix uses custom-developed software and file system technologies running on Intel storage
servers at six locations on both coasts of the United States.
• Benefits of Nirvanix CloudNAS cloud network attached storage (CloudNAS) include
• Cost savings of 80–90 percent over managing traditional storage solutions
• Encrypted offsite storage that integrates into existing archive and backup processes
• Built-in data disaster recovery and automated data replication

Google Bigtable Datastore

• Google Bigtable is database capable of handling numerous users on on-demand basis.
• Bigtable was developed with very high speed, flexibility, and extremely high scalability in mind.
• A Bigtable database can be petabytes (one thousand million bytes 1015) in size and span thousands
of distributed servers.
• Bigtable is available to developers as part of the Google App Engine, their cloud computing
platform.
MobileMe
• MobileMe is Apple’s solution that delivers push email, push contacts, and push calendars from the
MobileMe service in the cloud.
• Used in applications on iPhone, iPod touch, Macs, and PCs.
• MobileMe also provides a suite of ad-free web applications that deliver a desktop like experience
through any modern browser.
• MobileMe applications (www.me.com) include Mail, Contacts, and Calendar, as well as Gallery
for viewing and sharing photos and iDisk for storing and exchanging documents online.

Live Mesh
• Live Mesh is Microsoft’s “software-plus-services” platform.
• Live Mesh has the following components: The Live Mesh software, called Mesh Operating
Environment (MOE), is available for Windows XP, Windows Vista, Windows Mobile, Mac OS X
Standards
Using Standards, it is possible to connect to the cloud and at a same time help to make it possible
to develop and deliver content.
established standards that make cloud computing possible, and also the sorts of standards that are used to
develop applications on the cloud.

Application
• A cloud application is the software that is run on client computer without installing application.
• There are many applications that can run, but there needs to be a standard way to connect between
the client and the cloud.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 69

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
• In this section we will take a closer look at the protocols that are used to manage connections
between both parties.
Communication
• Computers need a common way to speak with one another.
• Think of it like talking on the telephone to someone who does not speak English and you do not
speak their language.
• There is no way to achieve a common understanding.
• You may be able to guess a word here or there, but for the most part, the conversation will not
work.
• Computers cannot even guess a common word, so without a language in common, that
communication will not happen.

HTTP
• To get a web page from your cloud provider, you will likely be using the Hypertext Transfer
Protocol (HTTP)
• It is computing mechanism to transfer data between the cloud and your organization.
• HTTP is a stateless protocol. web developers to use alternative methods for maintaining users’
states.
• For example, when a host needs to customize the content of a web site for a user, the web
application must be written to track the user’s progress from page to page. The most common
method for solving this problem is sending and receiving cookies.
XMPP
XMPP Protocol
XMPP is a short form for Extensible Messaging Presence Protocol. It is protocol for streaming XML
elements over a network in order to exchange messages and presence information in close to real time. This
protocol is mostly used by instant messaging applications like WhatsApp.
Let’s dive into each character of word XMPP:

• X : It means eXtensible. XMPP is a open source project which can be changed or extended
according to the need.
• M : XMPP is designed for sending messages in real time. It has very efficient push
mechanism compared to other protocols.
• P : It determines whether you are online/offline/busy. It indicates the state.
• P : XMPP is a protocol, that is, a set of standards that allow systems to communicate with
each other.
• It is XML-based and easily extensible, which makes it ideal for cloud services.
• It is efficient and able to scale to millions of concurrent users on a single service.
• XMPP allows for easy two-way communication, eliminating the need for polling.
XMPP maintains a connection between the client and the web server

Cloud Computing - 2019-20 By PRAVEEN BADAMI 70

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
.
1. The problem is that current cloud services—including SOAP and other HTTP-based protocols—
are all one-way information exchanges.
2. This means that clouds do not operate in real time and might have difficulties clearing a firewall.
XMPP allows for two-way communication and eliminates polling.
3. XMPP (also known as Jabber) is a protocol that Google, Apple, AOL, IBM, and LiveJournal have
all signed on with.
4. XMPP was developed for instant messaging and presence, It includes the following features:
Security
• Securing your cloud sessions is mainly important.
• As security is one of the top reason’s businesses are think (not want) to join the cloud.
• Securing your cloud sessions can be accomplished via encryption and authentication.
• The most common means of web encryption comes standard on every browser.
• There are two option widely used Secure Sockets Layer (SSL) for encryption, and another
OpenID for authentication
SSL:
1. SSL is the standard security technology for establishing an encrypted link between a
web server and browser.
2. This ensures that data passed between the browser and the web server stays private.
3. The last time you bought something from your favorite online retailer, you passed along your
credit card information, using Secure Sockets Layer (SSL).
4. To create an SSL connection on a web server requires an SSL certificate.
5. Your web browser will be able to establish an encrypted link between your computer and the cloud
provider
OpenID
• OpenID is an open-source solution for the problem of needing a unique username and password
for access to different web sites.
• OpenID is a product of the open-source community to solve problems that were not easily solvable
by existing technology.
• This allows you to choose the OpenID provider that best meets your need and that you trust. Also,
OpenID can stay with you no matter which provider you move to. Best of all, OpenID is free.
• This is good for businesses, because it means a lower cost for password and account management.
• Company likes like AOL, Microsoft, Sun, and Novell begin to accept and provide
OpenIDs.

Client
• When your clients connect to the cloud, they need to run certain software on their machines, and
most often it will be a web browser.
• Web browsers use a number of ways to store and display data, like the widely known Hypertext
Markup Language (HTML).
• In this section we will talk about the different means to store and display information.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 71

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
HTML
• Cloud computing is based on connecting via the World Wide Web the main standard to
communicate data is HTML.
• HTML is under constant revision to improve its usability and functionality.
• W3C is the organization that is charged with designing and maintaining the language.
• When you click on a link in a web page, you are accessing HTML code in the form of a hyperlink,
which then takes you to another page.
• HTML works using tags, CSS, Dynamic HTML, Scripts

Infrastructure
• Infrastructure is a way to deliver virtualization to your cloud computing solution.
• Virtualization work across the Internet having your machines running on a remote server and
displayed at your organization.
• And also, locally having your clients’ sessions run on a local server and displayed at their
desktops.

• Virtualization—a fairly new computing solution—is being standardized and how major company
working together to make it come together.
Virtualization
• Whenever something new happens in the world of computing, competitors to have their
implementation be the standard.
• Virtualization is somewhat different, and major players worked together to develop a standard.

on a server and are displayed on the client.

The server can be local or on the other side of the cloud.

VMware, Cisco, Computer Associates International, Dell, HP, IBM, Intel, Novell, QLogic, and Red Hat all
worked together to advance open virtualization standards.
Open Hypervisor Standards
• Hypervisors are the primary component of virtual infrastructure, an open-standard hypervisor
framework can benefit customers able to exchange and make use of information.
Community Source
• The Community Source program provides industry partners with an opportunity to access
VMware Server source code under a royalty-free license.

Cloud Computing - 2019-20 By PRAVEEN BADAMI 72

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
• Partners can contribute shared code or create binary modules and make an integrated virtualization
solution.
• The idea is to combine the best of both the traditional commercial and open-source development
models.
• For customers, the VMware Community Source program help to get integrated VMware virtual
infrastructure products.
OVF
Open Virtualization Format (OVF). OVF describes how virtual appliances can be packaged in a vendor-
neutral format to be run on any hypervisor. It is standard for packaging and distribution format for virtual
appliances
Service
• A web service, as defined by the World Wide Web Consortium (W3C), “is a software system
designed to support and exchange information from machine-to-machine interaction over a
network” and accessed by other cloud computing components.
• Web services are often web APIs that can be accessed over a network, like the Internet, and
executed on a remote system that hosts the requested services.
In this section we’ll talk about some of the popular web services, like REST, SOAP, and JSON.

Data
Data can be mixed and served up with a number of mechanisms; two of the most popular are JSON
and XML. Both are based on leading industry standards—HTML and JavaScript— to help deliver
and present data.

JSON
JSON is short for JavaScript Object Notation and is a lightweight computer data interchange format.
.it is used primarily to transmit data between a server and web application, It is often used as an
alternative to XML.it is standardized format commonly used to transfer data as a text that can be sent
over a network.

Other benefits of XML include

• Self-describing data XML does not require relational database, file description tables,
external data type definitions, XML also guarantees that the data is usable.
• Database integration XML documents can contain any type of data—from text
and numbers to multimedia objects to active formats like Java.
• No reprogramming if modifications are made Documents and web sites can be changed
with XSL Style Sheets, without having to reprogram the data.
• One-server view of data XML is ideal for cloud computing, because data spread
across multiple servers looks as if it is stored on one server.
• The W3C has endorsed XML as an industry standard, and it is supported by all leading
software providers.
Web Services

Cloud Computing - 2019-20 By PRAVEEN BADAMI 73

 Smt.Kumudben Darbar College of Commerce, Science & Management
Studies, VIJAYAPUR
1. Web services describe how data is transferred from the cloud to the client. Let see how REST and
SOAP work, and which would be best for your cloud needs.

REST
• Representational state transfer (REST) is a way of getting information content from a web site by
reading a designated web page that contains an XML file that describes and includes the desired
content.
• For example, REST could be used by your cloud provider to provide updated subscription
information.
• Every so often, the provider could prepare a web page that includes content and XML statements
that are described in the code. Subscribers only need to know the uniform resource locator (URL)
for the page where the XML file is located, read it with a web browser, understand the content
using XML information, and display it appropriately.

and uses REST to send the information back to the clients.

A benefit when using RESTful applications on the cloud is that REST allows users to bookmark
specific queries and allows those queries to be sent to others via email or instant messaging. This
“representation” of a path or entry point into an application becomes very portable.

SOAP
• Simple Object Access Protocol (SOAP) is a way for a program running in one kind of operating
system (such as Windows Vista) to communicate with a program in the same or another kind of an
operating system (such as Linux) by using HTTP and XML as the tools to exchange information.

-End Of UNIT- 2-

Cloud Computing - 2019-20 By PRAVEEN BADAMI 74