CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

UNIT 1
CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE
Cloud Architecture: System Models for Distributed and Cloud Computing – NIST Cloud
Computing Reference Architecture – Cloud deployment models – Cloud service models;
Cloud Infrastructure: Architectural Design of Compute and Storage Clouds – Design
Challenges.
CLOUD
Cloud is a term used to describe a global network of servers, each with a unique
function. The cloud is not a physical entity, but instead is a vast network of remote servers
around the globe which are hooked together and meant to operate as a single ecosystem.
The term cloud refers to a network or the internet. It is a technology that uses remote servers
on the internet to store, manage, and access data online rather than local drives. The data can be
anything such as files, images, documents, audio, video, and more.
CLOUD COMPUTING
Cloud Computing means storing and accessing the data and programs on remote servers that
are hosted on the internet instead of the computer’s hard drive or local server. Cloud computing is
also referred to as Internet-based computing; it is a technology where the resource is provided as a
service through the Internet to the user. The data that is stored can be files, images, documents, or any
other storable document.

1
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

CLOUD ARCHITECTURE
Cloud computing architecture is a combination of service-oriented architecture and event-
driven architecture. Cloud computing architecture is divided into the following two parts –
1. Front end (Fat client, thin client)
2. Back-end platforms (Servers, Storage)
3. Cloud-based delivery and a network (Internet, Intranet, Intercloud)
Front End
The front end is used by the client. It contains client-side interfaces and applications that are
required to access the cloud computing platforms. The front end includes web servers (including
Chrome, Firefox, internet explorer, etc.), thin & fat clients, tablets, and mobile devices.
Back End
The back end is used by the service provider. It manages all the resources that are required to
provide cloud computing services. It includes a huge amount of data storage, security mechanism,
virtual machines, deploying models, servers, traffic control mechanisms, etc.
Cloud-Based Delivery and Network
On-demand access to the computer and resources is provided over the Internet, Intranet, and
Intercloud. The Internet comes with global accessibility, the Intranet helps in internal communications
of the services within the organization and the Intercloud enables interoperability across various cloud
services. This dynamic network connectivity ensures an essential component of cloud computing
architecture on guaranteeing easy access and data transfer.

2
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Application
Application in backend refers to a software or platform to which client accesses. Means it
provides the service in backend as per the client requirement.
Service
Service in backend refers to the major three types of cloud based services like SaaS, PaaS and
IaaS. Also manages which type of service the user accesses.
Runtime Cloud
Runtime cloud in backend provides the execution and Runtime platform/environment to the
Virtual machine.
Storage
Storage in backend provides flexible and scalable storage service and management of stored
data.
Infrastructure
Cloud Infrastructure in backend refers to the hardware and software components of cloud like
it includes servers, storage, network devices, virtualization software etc.
Management
Management in backend refers to management of backend components like application,
service, runtime cloud, storage, infrastructure, and other security mechanisms etc.
Security
Security in backend refers to implementation of different security mechanisms in the backend
for secure cloud resources, systems, files, and infrastructure to end-users.
Internet
Internet connection acts as the medium or a bridge between frontend and backend and
establishes the interaction and communication between frontend and backend.
Database
Database in backend refers to provide database for storing structured data, such as SQL and
NOSQL databases. Example of Databases services include Amazon RDS, Microsoft Azure SQL
database and Google CLoud SQL.
Networking
Networking in backend services that provide networking infrastructure for application in the
cloud, such as load balancing, DNS and virtual private networks.
Analytics
Analytics in backend service that provides analytics capabilities for data in the cloud, such as
warehousing, business intelligence and machine learning.

3
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

SYSTEM MODELS FOR DISTRIBUTED AND CLOUD COMPUTING

Distributed computing and cloud computing are two closely related concepts, with the latter
being an evolution of the former. Distributed computing refers to a model in which multiple
computing resources work together as a single system to solve a complex problem, with each resource
contributing to the overall task. Cloud computing is a type of distributed computing that involves
delivering on-demand computing resources over the internet. There are several system models that are
used in distributed and cloud computing, including the following:
1. Clusters of Cooperative Computers
2. Grid Computing Infrastructures
3. Peer-to-Peer Network Families
4. Cloud Computing over the Internet
1. Cluster
A distributed systems cluster is a group of machines that are virtually or geographically
separated and that work together to provide the same service or application to clients. It is possible
that many of the services you run in your network today are part of a distributed systems Cluster
Distributed Services:
a) Domain Naming System
b) Windows Internet Naming Service
c) Active Directory

Figure above shows the architecture of a typical server cluster built around a low-latency,
high-bandwidth interconnection network. This network can be as simple as a SAN (e.g., Myrinet) or a
LAN (e.g., Ethernet). To build a larger cluster with more nodes, the interconnection network can be
built with multiple levels of Gigabit Ethernet, Myrinet, or InfiniBand switches. Through hierarchical
construction using a SAN, LAN, or WAN, one can build scalable clusters with an increasing number
of nodes. The cluster is connected to the Internet via a virtual private network (VPN) gateway. The

4
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

gateway IP address locates the cluster. The system image of a computer is decided by the way the OS
manages the shared cluster resources. Most clusters have loosely coupled node computers. All
resources of a server node are managed by their own OS. Thus, most clusters have multiple system
images as a result of having many autonomous nodes under different OS control.
An ideal cluster should merge multiple system images into a single-system image (SSI).
Cluster designers desire a cluster operating system or some middle-ware to support SSI at various
levels, including the sharing of CPUs, memory, and I/O across all cluster nodes. An SSI is an illusion
created by software or hardware that presents a collection of resources as one integrated, powerful
resource. SSI makes the cluster appear like a single machine to the user. A cluster with multiple
system images is nothing but a collection of independent computers.
2. Computing Grids
This is the use of widely distributed computer resources to reach a common goal. A
computing grid can be thought of as a distributed system with non-interactive workloads that involve
many files. Grid computing is distinguished from conventional high-performance computing systems
such as cluster computing in that grid computers have each node set to perform a different
task/application. Grid computers also tend to be more heterogeneous and geographically dispersed
than cluster computers.

Figure above shows an example computational grid built over multiple resource sites owned
by different organizations. The resource sites offer complementary computing resources, including
workstations, large servers, a mesh of processors, and Linux clusters to satisfy a chain of
computational needs. The grid is built across various IP broadband networks including LANs and
WANs already used by enterprises or organizations over the Internet. The grid is presented to users as
an integrated resource pool as shown in the upper half of the figure.

5
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Grid technology demands new distributed computing models, software/middleware support,

network protocols, and hardware infrastructures. National grid projects are followed by industrial grid
plat-form development by IBM, Microsoft, Sun, HP, Dell, Cisco, EMC, Platform Computing, and
others. New grid service providers (GSPs) and new grid applications have emerged rapidly, similar to
the growth of Internet and web services in the past two decades. Grid systems are classified in
essentially two categories: computational or data grids and P2P grids. Computing or data grids are
built primarily at the national level.

3. P2P Networks
In a P2P system, every node acts as both a client and a server, providing part of the system
resources. Peer machines are simply client computers connected to the Internet. All client machines
act autonomously to join or leave the system freely. This implies that no master-slave relationship
exists among the peers. No central coordination or central database is needed. The system is self-
organizing with distributed control.

Data items or files are distributed in the participating peers. Based on communication or file-
sharing needs, the peer IDs form an overlay network at the logical level. This overlay is a virtual
network formed by mapping each physical machine with its ID, logically, through a virtual mapping
as shown in above figure. When a new peer joins the system, its peer ID is added as a node in the

6
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

overlay network. When an existing peer leaves the system, its peer ID is removed from the overlay
network automatically. Therefore, it is the P2P overlay network that characterizes the logical
connectivity among the peers.
In a P2P system, every node acts as both a client and a server, providing part of the system
resources. Peer machines are simply client computers connected to the Internet. All client machines
act autonomously to join or leave the system freely. This implies that no master-slave relationship
exists among the peers. No central coordination or central database is needed. In other words, no peer
machine has a global view of the entire P2P system. The system is self-organizing with distributed
control.
There are two types of overlay networks: unstructured and structured. An unstructured
overlay network is characterized by a random graph. There is no fixed route to send messages or files
among the nodes. Often, flooding is applied to send a query to all nodes in an unstructured overlay,
thus resulting in heavy network traffic and nondeterministic search results. Structured overlay net-
works follow certain connectivity topology and rules for inserting and removing nodes (peer IDs)
from the overlay graph. Routing mechanisms are developed to take advantage of the structured
overlays.
4. Internet clouds
The idea is to move desktop computing to a service-oriented platform using server clusters
and huge databases at data centers. Cloud computing leverages its low cost and simplicity to benefit
both users and providers. Machine virtualization has enabled such cost-effectiveness. Cloud
computing intends to satisfy many user Virtualized resources from data centers to form an Internet
cloud, provisioned with hardware, software, storage, network, and services for paid users to run their
applications.

Cloud computing applies a virtualized platform with elastic resources on demand by

provisioning hardware, software, and data sets dynamically as shown in above figure. The idea is to
move desktop computing to a service-oriented platform using server clusters and huge databases at
data centers. Cloud computing leverages its low cost and simplicity to benefit both users and
providers. Machine virtualization has enabled such cost-effectiveness. Cloud computing intends to

7
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

satisfy many user applications simultaneously. The cloud ecosystem must be designed to be secure,
trustworthy, and dependable. Some computer users think of the cloud as a centralized resource pool.
Others consider the cloud to be a server cluster which practices distributed computing over all the
servers used.
Traditionally, a distributed computing system tends to be owned and operated by an
autonomous administrative domain (e.g., a research laboratory or company) for on-premises
computing needs. However, these traditional systems have encountered several performance
bottlenecks: constant system maintenance, poor utilization, and increasing costs associated with
hardware/software upgrades. Cloud computing as an on-demand computing paradigm resolves or
relieves us from these problems. Figure below depicts the cloud landscape and major cloud players,
based on three cloud service models.

NIST CLOUD COMPUTING REFERENCE ARCHITECTURE

The NIST cloud computing reference architecture focuses on the requirements of “what”
cloud services provide, not a “how to” design solution and implementation. The reference architecture
is intended to facilitate the understanding of the operational intricacies in cloud computing. It does not
represent the system architecture of a specific cloud computing system; instead it is a tool for
describing, discussing, and developing a system-specific architecture using a common framework of
reference.
The design of the NIST cloud computing reference architecture serves the following
objectives: to illustrate and understand the various cloud services in the context of an overall cloud
computing conceptual model; to provide a technical reference to USG agencies and other consumers
to understand, discuss, categorize and compare cloud services; and to facilitate the analysis of
candidate standards for security, interoperability, and portability and reference implementations.

8
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

NIST Cloud Computing reference architecture defines five major performers:

1. Cloud Provider
2. Cloud Carrier
3. Cloud Broker
4. Cloud Auditor
5. Cloud Consumer

1. Cloud Consumer:
A person or organization that maintains a business relationship with, and uses service from,
Cloud Providers.
The cloud consumer is the principal stakeholder for the cloud computing service. A cloud
consumer represents a person or organization that maintains a business relationship with, and uses the
service from a cloud provider. A cloud consumer browses the service catalog from a cloud provider,
requests the appropriate service, sets up service contracts with the cloud provider, and uses the
service. The cloud consumer may be billed for the service provisioned, and needs to arrange payments
accordingly.
Cloud consumers need service-level agreements (SLA) to specify the technical performance
requirements fulfilled by a cloud provider. SLAs can cover terms regarding the quality of service,
security, remedies for performance failures. A cloud provider may also list in the SLAs a set of
promises explicitly not made to consumers, i.e. limitations, and obligations that cloud consumers must
accept. A cloud consumer can freely choose a cloud provider with better pricing and more favorable
terms. Typically cloud providers pricing policy and SLAs are non-negotiable, unless the customer
expects heavy usage and might be able to negotiate for better contracts

9
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Depending on the services requested, the activities and usage scenarios can be different
among cloud consumers. Figure above presents some example cloud services available to a cloud
consumer.
2. Cloud Provider
A person, organization, or entity responsible for making a service available to interested
parties.
A cloud provider is a person, an organization; it is the entity responsible for making a service
available to interested parties. A Cloud Provider acquires and manages the computing infrastructure
required for providing the services, runs the cloud software that provides the services, and makes
arrangement to deliver the cloud services to the Cloud Consumers through network access.
For Software as a Service, the cloud provider deploys, configures, maintains and updates the
operation of the software applications on a cloud infrastructure so that the services are provisioned at
the expected service levels to cloud consumers. The provider of SaaS assumes most of the
responsibilities in managing and controlling the applications and the infrastructure, while the cloud
consumers have limited administrative control of the applications.
For PaaS, the Cloud Provider manages the computing infrastructure for the platform and runs
the cloud software that provides the components of the platform, such as runtime software execution
stack, databases, and other middleware components. The PaaS Cloud Provider typically also supports
the development, deployment and management process of the PaaS Cloud Consumer by providing
tools such as integrated development environments (IDEs), development version of cloud software,
software development kits (SDKs), deployment and management tools.

10
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

For IaaS, the Cloud Provider acquires the physical computing resources underlying the
service, including the servers, networks, storage and hosting infrastructure. The Cloud Provider runs
the cloud software necessary to makes computing resources available to the IaaS Cloud Consumer
through a set of service interfaces and computing resource abstractions, such as virtual machines and
virtual network interfaces.

A Cloud Providers activities can be described in five major areas, as shown in above figure, a
cloud provider conducts its activities in the areas of service deployment, service orchestration, cloud
service management, security, and privacy.
3. Cloud Auditor
A party that can conduct independent assessment of cloud services, information system
operations, performance and security of the cloud implementation.
A cloud auditor is a party that can perform an independent examination of cloud service
controls with the intent to express an opinion thereon. Audits are performed to verify conformance to
standards through review of objective evidence. A cloud auditor can evaluate the services provided by
a cloud provider in terms of security controls, privacy impact, performance, etc. Auditing is especially
important for federal agencies as “agencies should include a contractual clause enabling third parties
to assess security controls of cloud providers”.
Cloud Auditor can make an assessment of the security controls in the information system to
determine the extent to which the controls are implemented correctly, operating as planned and
constructing the desired outcome with respect to meeting the security necessities for the system. There
are three major roles of Cloud Auditor which are mentioned below:
a) Security Audit.
b) Privacy Impact Audit.
c) Performance Audit.
Security controls are the management, operational, and technical safeguards or
countermeasures employed within an organizational information system to protect the confidentiality,

11
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

integrity, and availability of the system and its information. For security auditing, a cloud auditor can
make an assessment of the security controls in the information system to determine the extent to
which the controls are implemented correctly, operating as intended, and producing the desired
outcome with respect to the security requirements for the system.
The security auditing should also include the verification of the compliance with regulation
and security policy. For example, an auditor can be tasked with ensuring that the correct policies are
applied to data retention according to relevant rules for the jurisdiction. The auditor may ensure that
fixed content has not been modified and that the legal and business data archival requirements have
been satisfied.
4. Cloud Broker
An entity that manages the use, performance and delivery of cloud services, and negotiates
relationships between Cloud Providers and Cloud Carrier.
As cloud computing evolves, the integration of cloud services can be too complex for cloud
consumers to manage. A cloud consumer may request cloud services from a cloud broker, instead of
contacting a cloud provider directly. A cloud broker is an entity that manages the use, performance
and delivery of cloud services and negotiates relationships between cloud providers and cloud
consumers.
In general, a cloud broker can provide services in three categories:
1. Service Intermediation
2. Service Aggregation
3. Service Arbitrage
Service Intermediation: A cloud broker enhances a given service by improving some specific
capability and providing value-added services to cloud consumers. The improvement can be
managing access to cloud services, identity management, performance reporting, enhanced security,
etc.
Service Aggregation: A cloud broker combines and integrates multiple services into one or more
new services. The broker provides data integration and ensures the secure data movement between the
cloud consumer and multiple cloud providers.
Service Arbitrage: Service arbitrage is similar to service aggregation except that the services being
aggregated are not fixed. Service arbitrage means a broker has the flexibility to choose services from
multiple agencies. The cloud broker, for example, can use a credit-scoring service to measure and
select an agency with the best score.
5. Cloud Carrier
An intermediary that provides connectivity and transport of cloud services from Cloud
Providers to Cloud Consumers.
A cloud carrier acts as an intermediary that provides connectivity and transport of cloud
services between cloud consumers and cloud providers. Cloud carriers provide access to consumers

12
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

through network, telecommunication and other access devices. For example, cloud consumers can
obtain cloud services through network access devices, such as computers, laptops, mobile phones,
mobile Internet devices. The distribution of cloud services is normally provided by network and
telecommunication carriers or a transport agent, where a transport agent refers to a business
organization that provides physical transport of storage media such as high-capacity hard drives. Note
that a cloud provider will set up SLAs with a cloud carrier to provide services consistent with the
level of SLAs offered to cloud consumers, and may require the cloud carrier to provide dedicated and
secure connections between cloud consumers and cloud providers.
CLOUD DEPLOYMENT MODELS
Cloud Deployment Model functions as a virtual computing environment with a
deployment architecture that varies depending on the amount of data you want to store and
who has access to the infrastructure.
The cloud deployment model identifies the specific type of cloud environment
based on ownership, scale, and access, as well as the cloud’s nature and purpose. The
location of the servers you’re utilizing and who controls them are defined by a cloud
deployment model. It specifies how your cloud infrastructure will look, what you can change,
and whether you will be given services or will have to create everything yourself.
Relationships between the infrastructure and your users are also defined by cloud deployment
types. Different types of cloud computing deployment models are described below.

Public Cloud
The public cloud makes it possible for anybody to access systems and services. The
public cloud may be less secure as it is open to everyone. The public cloud is one in which
cloud infrastructure services are provided over the internet to the general people or major
industry groups. The infrastructure in this cloud model is owned by the entity that delivers the
cloud services, not by the consumer. It is a type of cloud hosting that allows customers and

13
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

users to easily access systems and services. This form of cloud computing is an excellent
example of cloud hosting, in which service providers supply services to a variety of
customers. In this arrangement, storage backup and retrieval services are given for free, as a
subscription, or on a per-user basis. For example, Google App Engine etc.

Advantages
1. Minimal Investment: Because it is a pay-per-use service, there is no substantial upfront
fee, making it excellent for enterprises that require immediate access to resources.
2. No setup cost: The entire infrastructure is fully subsidized by the cloud service providers,
thus there is no need to set up any hardware.
3. Infrastructure Management is not required: Using the public cloud does not necessitate
infrastructure management.
4. No maintenance: The maintenance work is done by the service provider (not users).
5. Dynamic Scalability: To fulfill your company’s needs, on-demand resources are
accessible.
Disadvantages
1. Less secure: Public cloud is less secure as resources are public so there is no guarantee of
high-level security.
2. Low customization: It is accessed by many public so it can’t be customized according to
personal requirements.
3. Service/License Limitation - While there are many resources you can exchange with
tenants, there is a usage cap.

14
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Private Cloud
The private cloud deployment model is the exact opposite of the public cloud
deployment model. It’s a one-on-one environment for a single user (customer). There is no
need to share your hardware with anyone else. The distinction between private and public
clouds is in how you handle all of the hardware. It is also called the “internal cloud” & it
refers to the ability to access systems and services within a given border or organization. The
cloud platform is implemented in a cloud-based secure environment that is protected by
powerful firewalls and under the supervision of an organization’s IT department. The private
cloud gives greater flexibility of control over cloud resources.

Advantages
1. Better Control: You are the sole owner of the property. You gain complete command
over service integration, IT operations, policies, and user behavior.
2. Data Security and Privacy: It’s suitable for storing corporate information to which only
authorized staff have access. By segmenting resources within the same infrastructure,
improved access and security can be achieved.
3. Supports Legacy Systems: This approach is designed to work with legacy systems that
are unable to access the public cloud.
4. Customization: Unlike a public cloud deployment, a private cloud allows a company to
tailor its solution to meet its specific needs.
Disadvantages
1. Less scalable: Private clouds are scaled within a certain range as there is less number of
clients.
2. Costly: Private clouds are more costly as they provide personalized facilities.

15
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Hybrid Cloud
By bridging the public and private worlds with a layer of proprietary software,
hybrid cloud computing gives the best of both worlds. With a hybrid solution, you may host
the app in a safe environment while taking advantage of the public cloud’s cost savings.
Organizations can move data and applications between different clouds using a combination
of two or more cloud deployment methods, depending on their needs.

Advantages
1. Flexibility and control: Businesses with more flexibility can design personalized
solutions that meet their particular needs.
2. Cost: Because public clouds provide scalability, you’ll only be responsible for paying for
the extra capacity if you require it.
3. Security: Because data is properly separated, the chances of data theft by attackers are
considerably reduced.
Disadvantages
1. Difficult to manage: Hybrid clouds are difficult to manage as it is a combination of both
public and private cloud. So, it is complex.
2. Slow data transmission: Data transmission in the hybrid cloud takes place through the
public cloud so latency occurs.
Community Cloud
It allows systems and services to be accessible by a group of organizations. It is a
distributed system that is created by integrating the services of different clouds to address the
specific needs of a community, industry, or business. The infrastructure of the community
could be shared between the organization which has shared concerns or tasks. It is generally
managed by a third party or by the combination of one or more organizations in the
community.

16
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Advantages
1. Cost Effective: It is cost-effective because the cloud is shared by multiple organizations or
communities.
2. Security: Community cloud provides better security.
3. Shared resources: It allows you to share resources, infrastructure, etc. with multiple
organizations.
4. Collaboration and data sharing: It is suitable for both collaboration and data sharing.
Disadvantages
1. Limited Scalability: Community cloud is relatively less scalable as many organizations
share the same resources according to their collaborative interests.
2. Rigid in customization: As the data and resources are shared among different
organizations according to their mutual interests if an organization wants some changes
according to their needs they cannot do so because it will have an impact on other
organizations.
Multi-Cloud
We’re talking about employing multiple cloud providers at the same time under this
paradigm, as the name implies. It’s similar to the hybrid cloud deployment approach, which
combines public and private cloud resources. Instead of merging private and public clouds,
multi-cloud uses many public clouds. Although public cloud providers provide numerous
tools to improve the reliability of their services, mishaps still occur. It’s quite rare that two
distinct clouds would have an incident at the same moment. As a result, multi-cloud
deployment improves the high availability of your services even more.
We can mix and match the best features of each cloud provider’s services to suit the
demands of your apps, workloads, and business by choosing different cloud providers. To
reduce latency and improve user experience, you can choose cloud regions and zones that are

17
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

close to your clients. It’s quite rare that two distinct clouds would have an incident at the
same moment. So, the multi-cloud deployment improves the high availability of your
services.
Overall Analysis of Cloud Deployment Models
The overall Analysis of these models with respect to different factors is described
below.

Factors Public Cloud Private Cloud Community Cloud Hybrid Cloud

Complex, requires a Complex, requires a Complex, requires a
Initial Setup Easy professional team to professional team to professional team to
setup setup setup
Scalability
and High High Fixed High
Flexibility
Cost- Distributed cost Between public and
Cost-Effective Costly
Comparison among members private cloud
Reliability Low Low High High

Data Security Low High High High

Data Privacy Low High High High

Right Choice for Cloud Deployment Model?

As of now, no such approach fits picking a cloud deployment model. We will always
consider the best cloud deployment model as per our requirements. Here are some factors
which should be considered before choosing the best deployment model.
Each model has some advantages and some disadvantages, and the selection of the
best is only done on the basis of your requirement. If your requirement changes, you can
switch to any other model.
1. Cost: Cost is an important factor for the cloud deployment model as it tells how
much amount you want to pay for these things.
2. Scalability: Scalability tells about the current activity status and how much we can
scale it.
3. Easy to use: It tells how much your resources are trained and how easily can you
manage these models.
4. Compliance: Compliance tells about the laws and regulations which impact the
implementation of the model.
5. Privacy: Privacy tells about what data you gather for the model.

18
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

CLOUD SERVICE MODELS

Cloud service models are categorized based on the services offered by the cloud
service providers. They are
1. Infrastructure as a Service (IaaS)
2. Platform as a Service (PaaS)
3. Software as a Service (SaaS)
4. Anything/Everything as a service (XaaS)
5. Function as a Service (FaaS)
These are sometimes called the cloud computing stack because they are built on top
of one another. Knowing what they are and how they are different, makes it easier to
accomplish your goals. These abstraction layers can also be viewed as a layered architecture
where services of a higher layer can be composed of services of the underlying layer i.e, SaaS
can provide Infrastructure.

Infrastructure as a Service (IaaS)

IaaS is also known as Hardware as a Service (HaaS). It is a computing infrastructure
managed over the internet. The main advantage of using IaaS is that it helps users to avoid
the cost and complexity of purchasing and managing the physical servers.
IaaS customers pay on a per-user basis, typically by the hour, week, or month. Some
providers also charge customers based on the amount of virtual machine space they use. It
simply provides the underlying operating systems, security, networking, and servers for
developing such applications, and services, and deploying development tools, databases, etc.

19
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Characteristics
There are the following characteristics of IaaS
 Resources are available as a service
 Services are highly scalable
 Dynamic and flexible
 GUI and API-based access
 Automated administrative tasks
Example: DigitalOcean, Linode, Amazon Web Services (AWS), Microsoft Azure, Google
Compute Engine (GCE), Rackspace, and Cisco Metacloud.
Advantages of IaaS:
 Cost-Effective
 Website hosting
 Security
 Maintenance
Disadvantages of laaS :
 Limited control over infrastructure
 Security concerns
 Limited access
Platform as a Service
PaaS is a category of cloud computing that provides a platform and environment to
allow developers to build applications and services over the internet. PaaS services are hosted
in the cloud and accessed by users simply via their web browser.
A PaaS provider hosts the hardware and software on its own infrastructure. As a
result, PaaS frees users from having to install in-house hardware and software to develop or
run a new application. Thus, the development and deployment of the application take place
independent of the hardware.

20
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

The consumer does not manage or control the underlying cloud infrastructure
including network, servers, operating systems, or storage, but has control over the deployed
applications and possibly configuration settings for the application-hosting environment. To
make it simple, take the example of an annual day function, you will have two options either
to create a venue or to rent a venue but the function is the same.
Characteristics of PaaS
There are the following characteristics of PaaS -
 Accessible to various users via the same development application.
 Integrates with web services and databases.
 Builds on virtualization technology, so resources can easily be scaled up or down as
per the organization's need.
 Support multiple languages and frameworks.
 Provides an ability to "Auto-scale".
Example: AWS Elastic Beanstalk, Windows Azure, Heroku, Force.com, Google App
Engine, Apache Stratos, Magento Commerce Cloud, and OpenShift.
Advantages of PaaS:
 Simple and convenient for users
 Cost-Effective
 Efficiently managing the lifecycle
 Web application lifecycle
 Efficiency
Disadvantages of Paas:
 Limited control over infrastructure
 Dependence on the provider
 Limited flexibility

21
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Software as a Service (SaaS)

Software-as-a-Service (SaaS) is a way of delivering services and applications over
the Internet. Instead of installing and maintaining software, we simply access it via the
Internet, freeing ourselves from the complex software and hardware management. It removes
the need to install and run applications on our own computers or in the data centers
eliminating the expenses of hardware as well as software maintenance.
SaaS provides a complete software solution that you purchase on a pay-as-you-go
basis from a cloud service provider. Most SaaS applications can be run directly from a web
browser without any downloads or installations required. The SaaS applications are
sometimes called Web-based software, on-demand software, or hosted software.

Characteristics of SaaS
There are the following characteristics of SaaS -
 Managed from a central location
 Hosted on a remote server
 Accessible over the internet
 Users are not responsible for hardware and software updates. Updates are applied
automatically.
 The services are purchased on the pay-as-per-use basis
Example: BigCommerce, Google Apps, Salesforce, Dropbox, ZenDesk, Cisco WebEx,
ZenDesk, Slack, and GoToMeeting.
Advantages of SaaS
 Cost-Effective
 Reduced time
 Accessibility

22
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

 Automatic updates
 Scalability
Disadvantages of Saas :
 Limited customization
 Dependence on internet connectivity
 Security concerns
 Limited control over data
Anything as a Service
It is also known as Everything as a Service. Most of the cloud service providers
nowadays offer anything as a service that is a compilation of all of the above services
including some additional services.

XaaS is one of the latest developments in cloud technology and makes it easier for
businesses to integrate cloud services with their existing systems. Each of these four services
– software as a service (SaaS), platform as a service (PaaS), infrastructure as a service (IaaS),
and managed services – provides an advantage for businesses.
However, businesses should be aware of the disadvantages of XaaS, such as privacy
concerns, data loss, and changes in availability. By choosing the right services and
implementing them correctly, businesses can get the most out of XaaS.
Disadvantages of XaaS
 Dependence on the provider
 Limited flexibility
 Limited integration

23
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Function as a Service:
FaaS is a type of cloud computing service. It provides a platform for its users or
customers to develop, compute, run and deploy the code or entire application as functions. It
allows the user to entirely develop the code and update it at any time without worrying about
the maintenance of the underlying infrastructure. The developed code can be executed with
response to the specific event. It is also as same as PaaS.

FaaS is an event-driven execution model. It is implemented in the serverless

container. When the application is developed completely, the user will now trigger the event
to execute the code. Now, the triggered event makes response and activates the servers to
execute it. The servers are nothing but the Linux servers or any other servers which is
managed by the vendor completely. Customer does not have clue about any servers which is
why they do not need to maintain the server hence it is serverless architecture.
Both PaaS and FaaS are providing the same functionality but there is still some
differentiation in terms of Scalability and Cost. FaaS, provides auto-scaling up and scaling
down depending upon the demand. PaaS also provides scalability but here users have to
configure the scaling parameter depending upon the demand.
In FaaS, users only have to pay for the number of execution time happened. In PaaS,
users have to pay for the amount based on pay-as-you-go price regardless of how much or
less they use.
Advantages of FaaS :
 Highly Scalable
 Cost-Effective
 Code Simplification
Disadvantages of FaaS :
 Cold start latency
 Limited control over infrastructure
 Security concerns
 Limited scalability

24
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

CLOUD INFRASTRUCTURE
Cloud Infrastructure is the collection of hardware and software elements such as
computing power, networking, storage, and virtualization resources needed to enable cloud
computing. Cloud infrastructure types usually also include a user interface (UI) for managing
these virtual resources.

Infrastructure as a Service, or IaaS, is a prominent and accessible example of this

model. With IaaS, a team or enterprise acquires the computing infrastructure it needs over the
Internet, including computing power (whether on physical or, more likely, virtual machines),
storage, and plenty of related needs such as load balancers and firewalls. They do this in lieu
of provisioning and managing their own physical infrastructure. Instead, they lease the
resources they need from the IaaS provider.
While this is a well-known example, cloud infrastructure, or cloud architecture,
encompasses a larger range of platforms and environments, including private and hybrid
clouds.
Cloud infrastructure components:
Different components of cloud infrastructure supports the computing requirements
of a cloud computing model. Cloud infrastructure has number of key components but not
limited to only server, software, network and storage devices. Still cloud infrastructure is
categorized into three parts in general i.e.
1. Computing
2. Networking
3. Storage

25
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

The most important point is that cloud infrastructure should have some basic
infrastructural constraints like transparency, scalability, security and intelligent monitoring
etc. The below figure represents components of cloud infrastructure.

1. Hypervisor:
Hypervisor is a firmware or a low level program which is a key to enable
virtualization. It is used to divide and allocate cloud resources between several customers. As
it monitors and manages cloud services/resources that’s why hypervisor is called as VMM
(Virtual Machine Monitor) or (Virtual Machine Manager).
2. Management Software:
Management software helps in maintaining and configuring the infrastructure. Cloud
management software monitors and optimizes resources, data, applications and services.
3. Deployment Software:
Deployment software helps in deploying and integrating the application on the
cloud. So, typically it helps in building a virtual computing environment.
4. Network:
It is one of the key component of cloud infrastructure which is responsible for
connecting cloud services over the internet. For the transmission of data and resources
externally and internally network is must required.
5. Server:
Server which represents the computing portion of the cloud infrastructure is
responsible for managing and delivering cloud services for various services and partners,
maintaining security etc.
6. Storage:
Storage represents the storage facility which is provided to different organizations
for storing and managing data. It provides a facility of extracting another resource if one of
the resource fails as it keeps many copies of storage.

26
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Infrastructural Constraints
Fundamental constraints that cloud infrastructure should implement are
Transparency
Virtualization is the key to share resources in cloud environment. But it is not
possible to satisfy the demand with single resource or server. Therefore, there must be
transparency in resources, load balancing and application, so that we can scale them on
demand.
Scalability
Scaling up an application delivery solution is not that easy as scaling up an
application because it involves configuration overhead or even re-architecting the network.
So, application delivery solution is need to be scalable which will require the virtual
infrastructure such that resource can be provisioned and de-provisioned easily.
Intelligent Monitoring
To achieve transparency and scalability, application solution delivery will need to be
capable of intelligent monitoring.
Security
The mega data center in the cloud should be securely architected. Also the control
node, an entry point in mega data center, also needs to be secure.
STORAGE CLOUDS
Cloud storage is a virtual locker where we can remotely stash any data. When we
upload a file to a cloud-based server like Google Drive, OneDrive, or iCloud that file gets
copied over the Internet into a data server that is cloud-based actual physical space where
companies store files on multiple hard drives. Most companies have hundreds of the ese
servers known as ‘server farms’ spanning across multiple locations. So, if our data gets
somehow lost we will not lose our data because it will be backed up by another location. This
is known as redundancy which keeps our data safe from being lost.
Features of Cloud Storage System:
 It has a greater availability of resources.
 Easy maintenance is one of the key benefits of using Cloud computing.
 Cloud computing has a Large Network Access.
 It has an automatic system.
 Security is one of the major components and using cloud computing you can secure
all over the networks.

27
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Storage Systems in the Cloud

There are 3 types of storage systems in the Cloud as follows.
1. Block-Based Storage System
2. File-Based Storage System
3. Object-Based Storage System
1. Block-Based Storage System
Hard drives are block-based storage systems. Your operating system like Windows
or Linux actually sees a hard disk drive. So, it sees a drive on which you can create a volume,
and then you can partition that volume and format them. For example, If a system has 1000
GB of volume, then we can partition it into 800 GB and 200 GB for local C and local D
drives respectively. Remember with a block-based storage system, your computer would see
a drive, and then you can create volumes and partitions.
2. File-Based Storage System
In this, you are actually connecting through a Network Interface Card (NIC). You
are going over a network, and then you can access the network-attached storage server
(NAS). NAS devices are file-based storage systems. This storage server is another computing
device that has another disk in it. It is already created a file system so that it’s already
formatted its partitions, and it will share its file systems over the network. Here, you can
actually map the drive to its network location. In this, like the previous one, there is no need
to partition and format the volume by the user. It’s already done in file-based storage
systems. So, the operating system sees a file system that is mapped to a local drive letter.

28
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

3. Object-Based Storage System

In this, a user uploads objects using a web browser and uploads an object to a
container i.e., Object Storage Container. This uses the HTTP Protocols with the rest of the
APIs (for example: GET, PUT, POST, SELECT, DELETE). For example, when you connect
to any website, you need to download some images, text, or anything that the website
contains. For that, it is a code HTTP GET request. If you want to review any product then
you can use PUT and POST requests. Also, there is no hierarchy of objects in the container.
Every file is on the same level in an Object-Based storage system.
DESIGN CHALLENGES

1. Data Security and Privacy

Data security is a major concern when switching to cloud computing. User or
organizational data stored in the cloud is critical and private. Even if the cloud service
provider assures data integrity, it is your responsibility to carry out user authentication and
authorization, identity management, data encryption, and access control. Security issues on
the cloud include identity theft, data breaches, malware infections, and a lot more which
eventually decrease the trust amongst the users of your applications. This can in turn lead to
potential loss in revenue alongside reputation and stature. Also, dealing with cloud computing
requires sending and receiving huge amounts of data at high speed, and therefore is
susceptible to data leaks.

29
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

2. Cost Management
Even as almost all cloud service providers have a “Pay As You Go” model, which
reduces the overall cost of the resources being used, there are times when there are huge costs
incurred to the enterprise using cloud computing. When there is under optimization of the
resources, let’s say that the servers are not being used to their full potential, add up to the
hidden costs. If there is a degraded application performance or sudden spikes or overages in
the usage, it adds up to the overall cost. Unused resources are one of the other main reasons
why the costs go up. If you turn on the services or an instance of cloud and forget to turn it
off during the weekend or when there is no current use of it, it will increase the cost without
even using the resources.
3. Multi-Cloud Environments
Due to an increase in the options available to the companies, enterprises not only use
a single cloud but depend on multiple cloud service providers. Most of these companies use
hybrid cloud tactics and close to 84% are dependent on multiple clouds. This often ends up
being hindered and difficult to manage for the infrastructure team. The process most of the
time ends up being highly complex for the IT team due to the differences between multiple
cloud providers.
4. Performance Challenges
Performance is an important factor while considering cloud-based solutions. If the
performance of the cloud is not satisfactory, it can drive away users and decrease profits.
Even a little latency while loading an app or a web page can result in a huge drop in the
percentage of users. This latency can be a product of inefficient load balancing, which means
that the server cannot efficiently split the incoming traffic so as to provide the best user
experience. Challenges also arise in the case of fault tolerance, which means the operations
continue as required even when one or more of the components fail.
5. Interoperability and Flexibility
When an organization uses a specific cloud service provider and wants to switch to
another cloud-based solution, it often turns up to be a tedious procedure since applications
written for one cloud with the application stack are required to be re-written for the other
cloud. There is a lack of flexibility from switching from one cloud to another due to the
complexities involved. Handling data movement, setting up the security from scratch and
network also add up to the issues encountered when changing cloud solutions, thereby
reducing flexibility.

30
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

6. High Dependence on Network

Since cloud computing deals with provisioning resources in real-time, it deals with
enormous amounts of data transfer to and from the servers. This is only made possible due to
the availability of the high-speed network. Although these data and resources are exchanged
over the network, this can prove to be highly vulnerable in case of limited bandwidth or cases
when there is a sudden outage. Even when the enterprises can cut their hardware costs, they
need to ensure that the internet bandwidth is high as well there are zero network outages, or
else it can result in a potential business loss. It is therefore a major challenge for smaller
enterprises that have to maintain network bandwidth that comes with a high cost.
7. Lack of Knowledge and Expertise
Due to the complex nature and the high demand for research working with the cloud
often ends up being a highly tedious task. It requires immense knowledge and wide expertise
on the subject. Although there are a lot of professionals in the field they need to constantly
update themselves. Cloud computing is a highly paid job due to the extensive gap between
demand and supply. There are a lot of vacancies but very few talented cloud engineers,
developers, and professionals. Therefore, there is a need for upskilling so these professionals
can actively understand, manage and develop cloud-based applications with minimum issues
and maximum reliability.
8. Service Availability and Data Lock-in Problem
Service Availability
Service Availability in Cloud might be affected because of
 Single Point Failure
 Distributed Denial of Service
 Single Point Failure
Depending on single service provider might result in failure. In case of single service
providers, even if company has multiple data centers located in different geographic regions,
it may have common software infrastructure and accounting systems.
Solution:
 Multiple cloud providers may provide more protection from failures and they provide
High Availability (HA)
 Multiple cloud Providers will rescue the loss of all data.

31
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

Data Lock-in
Data Lock in is a situation in which a customer using service of a provider cannot be
moved to another service provider because technologies used by a provider will be
incompatible with other providers? This makes a customer dependent on a vendor for
services and makes customer unable to use service of another vendor.
Solution:
Have standardization (in technologies) among service providers so that customers
can easily move from a service provider to another.
9. Data Privacy and Security Concerns
Cloud services are prone to attacks because they are accessed through internet.
Security is given by
 Storing the encrypted data in to cloud.
 Firewalls, filters.
Cloud environment attacks include
1. Guest hopping- Virtual machine hyper jumping (VM jumping) is an attack method that
exploits (make use of) hypervisor’s weakness that allows a virtual machine (VM) to be
accessed from another.
2. Hijacking: Hijacking is a type of network security attack in which the attacker takes
control of a communication VM Rootkit: is a collection of malicious (harmful) computer
software, designed to enable access to a computer that is not otherwise allowed.
3. A man-in-the-middle (MITM) attack is a form of eavesdropping (Spy) where
communication between two users is monitored and modified by an unauthorized party. Man-
in-the-middle attack may take place during VM migrations [virtual machine (VM) migration
- VM is moved from one physical host to another host].
4. Passive attacks steal sensitive data or passwords.
5. Active attacks may manipulate (control) kernel data structures which will cause major
damage to cloud servers.
9. Unpredictable Performance and Bottlenecks
Multiple VMs can share CPUs and main memory in cloud computing, but I/O
sharing is problematic. Internet applications continue to become more data-intensive (handles
huge amount of data). Handling huge amount of data (data intensive) is a bottleneck in cloud
environment. Weak Servers that does not provide data transfers properly must be removed
from cloud environment.

32
 CLOUD ARCHITECTURE MODELS AND INFRASTRUCTURE

10. Distributed Storage and Widespread Software Bugs

The database is always growing in cloud applications. There is a need to create a
storage system that meets this growth. This demands the design of efficient distributed SANs
(Storage Area Network of Storage devices). Bug refers to errors in software. Debugging must
be done in data centers.
Data centers must meet
 Scalability
 Data durability
 HA(High Availability)
 Data consistence
11. Cloud Scalability, Interoperability and Standardization
Cloud Scalability: Cloud resources are scalable. Cost increases when storage and network
bandwidth scaled (increased)
Interoperability: Open Virtualization Format (OVF) describes an open, secure, portable,
efficient, and extensible format for the packaging and distribution of VMs. OVF defines a
transport mechanism for VM that can be applied to different virtualization platforms.
Standardization: Cloud standardization, should have ability for virtual machine to run on
any virtual platform.
12. Software Licensing and Reputation Sharing
Cloud providers can use both pay-for-use and bulk-use licensing schemes to widen
the business coverage. Cloud providers must create reputation-guarding services similar to
the “trusted e-mail” Services Cloud providers want legal liability to remain with the
customer, and vice versa.

33