Chapter 2

Cloud Computing
2.1 Introduction to Cloud Computing
2.2 Cloud Computing Elements
2.3 Cloud Services and Standards
2.4 Cloud Providers and Systems

1
7.1 Introduction to Cloud Computing
• The emergence of cloud computing is fundamentally changing the
relationship between users and the applications they run, and networked
sensors are enabling a wealth of new applications.
• Cloud Computing is the delivery of computing services such as servers,
storage, databases, networking, software, analytics, intelligence, and more,
over the Cloud (Internet)

2
Are we using the cloud yet?

3
How can consumers think about their Cloud journey?
Build
▪ Design and construct
▪ Quality assurance (test)
▪ Security and compliance
▪ Lifecycle management

Plan
▪ Understand strategic direction
▪ Analyze workloads (apps. data etc.)
▪ Determine delivery model Deliver
▪ Define architecture ▪ Deploy
▪ Build the business case ▪ Consume
▪ Manage
▪ Optimize

4
Roadmap for cloud as part of the existing IT optimization strategy
Consolidate
▪ Reduce infrastructure
complexity
▪ Reduce staffing
requirements
▪ Manage fewer things better
▪ Lower operational costs
Standardize
and automate
▪ Standardize services
Virtualize ▪ Reduce deployment cycles
▪ Enable scalability
▪ Remove physical
▪ Flexible delivery
resource boundaries
▪ Increase hardware
utilization
▪ Reduce hardware
costs
▪ Simplify deployments
5
Evolution from Traditional Environments to Cloud
Clients will make workload-driven
trade offs among functions such as
security, degree of customization,
control and economics

6
 The Traditional IT Cloud Computing Model

Source: IoT Fundamentals Networking Technologies, Protocols, and Use Cases for the IoT - David Hanes 7
Video - What Is Cloud? | WIRED Brand Lab

https://www.youtube.com/watch?v=FV0KZhnTr4o

8
 What is Cloud Computing

Source: https://www.javatpoint.com/introduction-to-cloud-computing 9
Video - Cloud Computing

https://www.youtube.com/watch?v=_a6us8kaq0g

10
What is Cloud Computing
Computing power Applications

Networking Data storage Services

11
Video - Introduction to Cloud Computing

https://www.youtube.com/watch?v=Fgk6Jn00s2k

12
 What is Cloud Computing

Source: https://www.javatpoint.com/introduction-to-cloud-computing 13
Video - Introduction to Cloud Computing

https://www.youtube.com/watch?v=QYzJl0Zrc4M

14
Cloud Computing

• A widely adopted definition by NIST in SP-800-145:

“A model for enabling ubiquitous, convenient, on-demand network access to a
shared pool of configurable computing resources (e.g., networks, servers, storage,
applications, and services) that can be rapidly provisioned and released with
minimal management effort or service provider interaction. This cloud model
promotes availability and is composed of five essential characteristics, three service
models, and four deployment models.”

15
Cloud Computing
• Cloud computing is a new way of thinking when delivering IT enabled
business services like application development and test.

Cloud is: Cloud enables:

▪ A new consumption and ▪ Self-service
delivery model inspired by
▪ Sourcing options
consumer Internet services
▪ Economies of scale
▪ End-user focused

Cloud is essentially an IT consumption and

delivery model that is optimized by workload

16
Cloud
Computing
Context

17
The Importance of Cloud Computing for Development and Test

Traditional
High deployment costs to deliver
• Reduced installation and administration costs
software • Lower TCO by improved utilization of software
assets

Control and governance chaos in • Better governance through standardized delivery of

software processes services
• Preconfigured software embodying best practices

Onramp and on-boarding of teams • Tools can be provisioned in minutes. No download,

reduces time to software delivery installation or setup.
• Self-administered portal to access to software
resources for a globally distributed team

18
 IT Benefits from Cloud Computing

Results from IBM cloud computing engagements

Increasing Test provisioning Weeks Minutes

speed and
Change management Months Days/hours
flexibility
Release management Weeks Minutes

Service access Administered Self-service

Standardization Complex Reuse/share

Metering/billing Fixed cost Variable cost

Reducing Server/storage utilization 10–20% 70–90%

costs Payback period Years Months

SOURCE: Based on IBM and client experience.

19
Chapter 2
Cloud Computing
2.1 Introduction to Cloud Computing
2.2 Cloud Computing Elements
2.3 Cloud Services and Standards
2.4 Cloud Providers and Systems

20
7.2 Cloud Computing Elements
• NIST SP 500-292 (NIST Cloud Computing Reference Architecture)
establishes a reference architecture, described as follows:
“The NIST cloud computing reference architecture focuses on the requirements of
“what” cloud services provide, not a “how to” design solution and implementation.
The reference architecture is intended to facilitate the understanding of the
operational intricacies in cloud computing. It does not represent the system
architecture of a specific cloud computing system; instead, it is a tool for describing,
discussing, and developing a system-specific architecture using a common
framework of reference.”

21
Cloud Computing Elements

22
Cloud Computing: Essential Characteristics
• Broad network access
• Services available over the network can be accessed using mobile/smart phones, tablets,
laptops and desktops.
• Rapid elasticity
• Ability to quickly scale in/out service with demand, at any time.
• Measured service
• Control, optimise services based on metering (i.e. pay-per-use pricing model)
• Type of service include storage, processing, bandwidth etc.
• On-demand self service
• Users automatically access computing resources (e.g. servers, storage etc.) as needed.
• Resource pooling
• Computing resources (including memory and bandwidth) can be pooled to serve multiple
customers at the same time.
• Location independence 23
Cloud Computing: Deployment Models

Multiple clouds coexist 24

 Cloud Computing: Deployment Models
• Customers are choosing a variety of cloud models to meet their unique needs and priorities
Private cloud Public cloud

On or off premises cloud infrastructure Available to the general public or a

operated solely for an organization and Hybrid Cloud
managed by the organization or a third party large industry group and owned by an
organization selling cloud services.

Traditional IT and clouds (public and/or private) that

remain separate but are bound together by technology
Community Clouds that enables data and application portability
Traditional IT

Provisioned for exclusive use by specific consumers with shared concerns

(e.g. security requirements, policy, and compliance considerations). Appliances, pre-integrated systems and
It may be owned, managed, and operated by one or more of the
standard hardware, software, and
networking.
organizations in the community. 25
Cloud Computing Reference Architecture

26
Roles and Responsibilities
• Cloud auditor
• An independent entity that can assure that the CP conforms to a set of standards
• Cloud broker
• Useful when cloud services are too complex for a cloud consumer to easily manage
• Three areas of support can be offered by a cloud broker: service intermediation,
service aggregation, service arbitrage
• Cloud carrier
• A networking facility that provides connectivity and transport of cloud services
between cloud consumers and CPs

27
Service Models: Cloud Provider (CP)
Can provide one or more of the cloud services to meet IT and business
requirements of cloud consumers
• IaaS: CP acquires the physical computing resources underlying the service,
including the servers, networks, storage, and hosting infrastructure
• PaaS: CP manages the computing infrastructure for the platform and runs the
cloud software that provides the components of the platform, such as
runtime software execution stack, databases, and other middleware
components
• SaaS: CP deploys, configures, maintains, and updates the operation of the
software applications on a cloud infrastructure so that the services are
provisioned at the expected service levels to cloud consumers

28
 Attributes of Cloud Networking
The cloud network must scale to Cloud networks operate 24x7,
the overall level of throughput downtime is not an option.
required to ensure that it does not This requires a network
become a bottleneck. architecture that offers self-
healing and the ability for
transparent in-service
software updates.

The cloud network must scale to Real-time upgrades and image/patch

the overall level of throughput management in a large cloud-
required to ensure that it does not network is a daunting challenge to
become a bottleneck. network administrators.
The cloud network must provide
predictable performance to service many
simultaneous applications in the network,
including video, voice, and web traffic. 29
 The Network is Critical to Cloud Computing
▪ Every cloud is some combination if a
service and deployment model
▪ Regardless of the type of cloud, one fact
remains true:
NO network == NO cloud
Without Network:
▪ Users cannot access their cloud services.
▪ Applications, data, and users cannot move
between clouds.
▪ The infrastructure components that must
work together to create a cloud cannot.
30
Current thoughts on Cloud Computing Adoption Risks

• Shifting computing power to the cloud brings many benefits.

• Cost savings
• Scalability
• Increased agility in software deployment etc.
• But don’t ignore the risks

31
Categories of Cloud Computing Risks
Technology Immaturity
Lack of world-wide adopted Standards.
Less Control Use of closed proprietary technologies.
Data Security
Many companies and governments Lack of knowledge and trust.
are uncomfortable with the idea of API Jungle. Migrating workloads to a shared
their information located on Legal uncertainties. network and compute infrastructure
systems they do not control. increases the potential for
Providers must offer a high degree unauthorized exposure. Authentication
of security transparency to help Vendor Lock-in and access technologies become
put customers at ease. Interoperability constraints. increasingly important.
Low level of portability of application and
services based on cloud.
Contract and exit strategies
Limitations on sharing or transferring data
Compliance Security
Complying with SOX, HIPAA
and other regulations may Management
prohibit the use of clouds for
some applications.
Reliability Providers must supply easy
High availability will be a key concern. IT controls to manage firewall and
Comprehensive auditing security settings for applications
departments will worry about a loss of
capabilities are essential. and runtime environments in the
service should outages occur. Mission
critical applications may not run in the cloud cloud.
without strong availability guarantees.
32
Cloud Computing Security Risks
• Security is among a top concern with cloud computing
Application and process
Help keep applications secure, protected from
People and identity malicious or fraudulent use, and hardened
Mitigate the risks associated with against failure
user access to corporate resources

Network, server and end point

Optimize service availability by mitigating risks to
network components
Data and information
Understand, deploy and properly
test controls for access to and usage
of sensitive data
Physical infrastructure
Provide actionable intelligence on the desired state of
physical infrastructure security and make
improvements

33
Cloud Security Risks and Countermeasures
• Abuse and nefarious use of cloud computing
• Countermeasures: stricter initial registration and validation processes; enhanced credit
card fraud monitoring and coordination; comprehensive introspection of customer
network traffic; monitoring public blacklists for one’s own network blocks
• Malicious insiders
• Countermeasures: enforce strict supply chain management and conduct a
comprehensive supplier assessment; specify human resource requirements as part of
legal contract; require transparency into overall information security and management
practices, as well as compliance reporting; determine security breach notification
processes

34
Cloud Security Risks and Countermeasures
• Insecure interfaces and APIs
• Countermeasures: analyzing the security model of CP interfaces; ensuring that strong
authentication and access controls are implemented in concert with encryption
machines; understanding the dependency chain associated with the API
• Shared technology issues
• Countermeasures: implement security best practices for installation/configuration;
monitor environment for unauthorized changes/activity; promote strong
authentication and access control for administrative access and operations; enforce
SLAs for patching and vulnerability remediation; conduct vulnerability scanning and
configuration audits

35
Cloud Security Risks and Countermeasures
• Data loss or leakage
• Countermeasures: implement strong API access control; encrypt and protect integrity
of data in transit; analyze data protection at both design and run time; implement
strong key generation, storage and management, and destruction practices
• Account or service hijacking
• Countermeasures: prohibit the sharing of account credentials between users and
services; leverage strong two-factor authentication techniques where possible; employ
proactive monitoring to detect unauthorized activity; understand CP security policies
and SLAs
• Unknown risk profile
• Countermeasures: disclosure of applicable logs and data; partial/full disclosure of
infrastructure details; monitoring and alerting on necessary information

36
Chapter 2
Cloud Computing
2.1 Introduction to Cloud Computing
2.2 Cloud Computing Elements
2.3 Cloud Services and Standards
2.4 Cloud Providers and Systems

37
7.3 Cloud Services and Standards

• Software-as-a-Service (SaaS)
• Platform-as-a-Service (PaaS)
• Infrastructure-as-a-Service (IaaS)

38
7.3 Cloud Services and Standards
IaaS Infrastructure as a service
▪ Provision servers
▪ Storage
▪ Networking resources

PaaS Platform as a service

▪ Middleware platform
▪ Solution stack
▪ Both accessible over a network

SaaS Software as a service

▪ Software
▪ Applications
▪ Or services that are delivered over a network
39
Infrastructure as a service (IaaS) architecture
• An infrastructure provider (IP) makes an entire computing infrastructure available
“as a service”

• Manages a large pool of computing resources and uses virtualization to assign and
dynamically resize customer resources
• Customers rent processing capacity, memory, data storage, and networking
resources that are provisioned over a network
40
Platform as a service (PaaS) architecture
• Service provider (SP) supplies the software platform or middleware where the
applications run
• Service user is responsible for the creation, updating, and maintenance of the
application

• The sizing of the hardware that is required for the execution of the software is
made in an understandable manner
41
Software as a service (SaaS) architecture
• Service provider (SP) is responsible for the creation, updating, and
maintenance of software and application

• Service user accesses the service through Internet-based interfaces

42
Cloud Security as a Service (SecaaS)
• The Cloud Security Alliance defines SecaaS as the provision of security
applications and services via the cloud either to cloud-based infrastructure
and software or from the cloud to the customers’ on-premise systems
• CSA has identified the following SecaaS categories of service:
• Identity and access management
• Data loss prevention
• Web security
• E-mail security
• Security assessments
• Intrusion management
• Security information and event management
• Encryption
• Business continuity and disaster recovery
• Network security 43
Elements of Cloud SecaaS

44
Split of Responsibilities: provider-side and consumer-side
Traditional Infrastructure Platform Software
on-premises as a service as a service as a service

Applications Applications Applications Applications

Data Data Data Data

Runtime Runtime Runtime Runtime

Middleware Middleware Middleware Middleware

O/S O/S O/S O/S

Virtualization Virtualization Virtualization Virtualization

Servers Servers Servers Servers

Storage Storage Storage Storage

Networking Networking Networking Networking

Client manages Vendor manages in the cloud 45

Cloud Layer Architecture

46
Chapter 2
Cloud Computing
2.1 Introduction to Cloud Computing
2.2 Cloud Computing Elements
2.3 Cloud Services and Standards
2.4 Cloud Providers and Systems

47
7.4 Cloud Providers and Systems

48
Cloud Providers and Systems
• The rise of cloud computing systems
• https://www.youtube.com/watch?v=4_BeSgiNoQ0
• Introduction to Virtualization - Virtualization and Cloud Computing
• https://www.youtube.com/watch?v=l0DfHUWMjsU
• Linux and the Cloud Operating System
• https://www.youtube.com/watch?v=oCQ4HxMTalc
• Cloud Phone System: RingCentral Office
• https://www.youtube.com/watch?v=h3HIg0lIAhM

49
Cloud is an opportunity — Will you be able to take advantage?

• Technology is enabling a smarter planet

• We must face head-on the challenges to building an

effective IT

• Cloud computing is one keyway to address the

challenges of a smarter planet

50
Conclusion
• Cloud fears largely stem from the perceived loss of
control of sensitive data.
• Current control measures do not adequately address
cloud computing’s third-party data storage and
processing needs.
• Looking to the future, adoption of cloud computing
by enterprises will be driven by several factors
including user preferences and business priorities.
• Nonetheless, delays in adapting the current law to
the cloud era may impede success of this
technology
51