Unit I Introduction to Cloud Computing 07 Hours

Importance of Cloud Computing, Characteristics, Pros and

Cons of Cloud Computing, Migrating into the Cloud,
Seven-step model of migration into a Cloud, Trends in
Computing. Cloud Service Models: SaaS, PaaS, IaaS,
Storage. Cloud Architecture: Cloud Computing Logical
Architecture, Developing Holistic Cloud Computing
Reference Model, Cloud System Architecture, Cloud
Deployment Models.

Top benefits of cloud computing

Cloud computing is a big shift from the traditional way businesses think about IT resources. Here
are seven common reasons organizations are turning to cloud computing services:
Cost
Moving to the cloud helps companies optimize IT costs. This is because cloud computing
eliminates the capital expense of buying hardware and software and setting up and
running onsite datacenters—the racks of servers, the round-the-clock electricity for power
and cooling, and the IT experts for managing the infrastructure. It adds up fast.

Speed
Most cloud computing services are provided self service and on demand, so even vast
amounts of computing resources can be provisioned in minutes, typically with just a few
mouse clicks, giving businesses a lot of flexibility and taking the pressure off capacity
planning.

Global scale
The benefits of cloud computing services include the ability to scale elastically. In cloud
speak, that means delivering the right amount of IT resources—for example, more or less
computing power, storage, bandwidth—right when they’re needed, and from the right
geographic location.
Productivity
Onsite datacenters typically require a lot of “racking and stacking”—hardware setup,
software patching, and other time-consuming IT management chores. Cloud computing
removes the need for many of these tasks, so IT teams can spend time on achieving more
important business goals.

Performance
The biggest cloud computing services run on a worldwide network of secure datacenters,
which are regularly upgraded to the latest generation of fast and efficient computing
hardware. This offers several benefits over a single corporate datacenter, including
reduced network latency for applications and greater economies of scale.

Reliability
Cloud computing makes data backup, disaster recovery, and business continuity easier
and less expensive because data can be mirrored at multiple redundant sites on the cloud
provider’s network.

Security
Many cloud providers offer a broad set of policies, technologies, and controls that
strengthen your security posture overall, helping protect your data, apps, and
infrastructure from potential threats.

Types of cloud computing

Not all clouds are the same and no single type of cloud computing is right for everyone. Several
different models, types, and services have evolved to help offer the right solution for your needs.

First, you need to determine the type of cloud deployment, or cloud computing architecture, that
your cloud services will be implemented on. There are three different ways to deploy cloud
services: on a public cloud, private cloud, or hybrid cloud. Learn more about public, private, and
hybrid clouds.
Public cloud
Public clouds are owned and operated by third-party cloud service providers, which deliver
computing resources like servers and storage over the internet. Microsoft Azure is an example of
a public cloud. With a public cloud, all hardware, software, and other supporting infrastructure is
owned and managed by the cloud provider. You access these services and manage your account
using a web browser.

Private cloud
A private cloud refers to cloud computing resources used exclusively by a single business or
organization. A private cloud can be physically located on the company’s onsite datacenter. Some
companies also pay third-party service providers to host their private cloud. A private cloud is one
in which the services and infrastructure are maintained on a private network.

Hybrid cloud
Hybrid clouds combine public and private clouds, bound together by technology that allows data
and applications to be shared between them. By allowing data and applications to move between
private and public clouds, a hybrid cloud gives your business greater flexibility and more
deployment options and helps optimize your existing infrastructure, security, and compliance.

Types of cloud services: IaaS, PaaS, serverless, and SaaS

Most cloud computing services fall into four broad categories: infrastructure as a service (IaaS),
platform as a service (PaaS), serverless, and software as a service (SaaS). These are sometimes
called the cloud computing "stack" because they build on top of one another. Knowing what they
are and how they’re different makes it easier to accomplish your business goals.

IaaS
The most basic category of cloud computing services. With infrastructure as a service (IaaS), you
rent IT infrastructure—servers and virtual machines (VMs), storage, networks, operating
systems—from a cloud provider on a pay-as-you-go basis.

● IaaS, or infrastructure as a service, is on-demand access to physical and virtual servers,

storage, and networking that are housed in the cloud and serve as the backbone IT
infrastructure for executing workloads and applications there. In the IaaS model, the cloud
provider controls IT infrastructures, including storage, server, and networking resources,
and provides them to subscriber companies via virtual machines that are accessed online.
IaaS may provide enterprises with a variety of advantages, including the ability to make
workloads quicker, simpler, more adaptable, and more affordable.

PaaS
Platform as a service (PaaS) refers to cloud computing services that supply an on-demand
environment for developing, testing, delivering, and managing software applications. PaaS is
designed to make it easier for developers to quickly create web or mobile apps, without worrying
about setting up or managing the underlying infrastructure of servers, storage, network, and
databases needed for development.

● Platform as a Service, often known as PaaS, provides on-demand access to a full, ready-
to-use, cloud-hosted platform for creating, deploying, operating, and managing
applications. Software developers may simply create, execute, and manage software
applications using PaaS (platform-as-a-service), a type of cloud computing, without having
to worry about supporting infrastructure. With the introduction of cloud computing,
suppliers were able to group together the essential components needed to develop an
application, with the goal of automating or greatly simplifying many of the most challenging
and time-consuming steps involved in the deployment of code.

SaaS
Software as a service (SaaS) is a method for delivering software applications over the internet,
on demand and typically on a subscription basis. With SaaS, cloud providers host and manage
the software application and underlying infrastructure, and handle any maintenance, like software
upgrades and security patching. Users connect to the application over the internet, usually with a
web browser on their phone, tablet, or PC.

● Software as a service, or SaaS, is the on-demand usage of pre-configured cloud-hosted

application software. A cloud service provider that offers SaaS offers a whole software
solution that you may pay for as you use it. Your users connect to an app that you have
rented for your business through the Internet, typically via a web browser. The data centre
of the service provider houses all of the supporting infrastructure, middleware, app
software, and app data. With the right service agreement, the service provider, who also
oversees the hardware and software, will guarantee the app’s accessibility, security, and
privacy. SaaS enables your business to swiftly launch an app for a modest initial
investment.

Serverless computing
Overlapping with PaaS, serverless computing focuses on building app functionality without
spending time continually managing the servers and infrastructure required to do so. The cloud
provider handles the setup, capacity planning, and server management for you. Serverless
architectures are highly scalable and event-driven, only using resources when a specific function
or trigger occurs.
Uses of cloud computing
You’re probably using cloud computing right now, even if you don’t realize it. If you use an online
service to send email, edit documents, watch movies or TV, listen to music, play games, or store
pictures and other files, it’s likely that cloud computing is making it all possible behind the scenes.
A variety of organizations—from tiny startups to global corporations, government agencies to non-
profits—have embraced cloud computing technology for all sorts of reasons.

Here are a few examples of what’s possible with cloud services from a cloud provider:
Create cloud-native applications
Quickly build, deploy, and scale applications—web, mobile, and API. Take advantage of
cloud-native technologies and approaches, such as containers, Kubernetes,
microservices architecture, API-driven communication, and DevOps.
Store, back up, and recover data
Protect your data more cost-efficiently—and at massive scale—by transferring your data
over the internet to an offsite cloud storage system that’s accessible from any location and
any device.
Stream audio and video
Connect with your audience anywhere, anytime, on any device with high-definition video
and audio with global distribution.
 Deliver software on demand
Also known as software as a service (SaaS), on-demand software lets you offer the latest
software versions and updates to customers—anytime they need, anywhere they are.
Test and build applications
Reduce application development cost and time by using cloud infrastructures that can
easily be scaled up or down.
Analyze data
Unify your data across teams, divisions, and locations in the cloud. Then use cloud
services, such as machine learning and artificial intelligence, to uncover insights for more
informed decisions.
Embed intelligence
Use intelligent models to help engage customers and provide valuable insights from the
data captured.

Cloud Computing Architecture

Cloud Computing Architecture is divided into two parts, i.e., front-end and back-end. Front-end
and back-end communicate via a network or internet. A diagrammatic representation of cloud
computing architecture is shown below:

Cloud Computing Architecture

Front-End

● It provides applications and the interfaces that are required for the cloud-based service.
● It consists of client’s side applications, which are web browsers such as Google Chrome
and Internet Explorer.
● Cloud infrastructure is the only component of the front-end. Let's understand it in detail.

Front-end - Cloud Computing Architecture

● Cloud infrastructure consists of hardware and software components such as data storage,
server, virtualization software, etc.
● It also provides a Graphical User Interface to the end-users to perform respective tasks.

Moving ahead, let’s understand what the back-end is.

Want a Job at AWS? Find Out What It Takes

Cloud Architect Master's ProgramExplore Program

Back-End

It is responsible for monitoring all the programs that run the application on the front-end

It has a large number of data storage systems and servers. The back-end is an important and
huge part of the whole cloud computing architecture, as shown below:
Back-end - Cloud Computing Architecture

The components of the back-end cloud architecture are mentioned below. Let's understand them
in detail one by one.

Application

● It can either be a software or a platform

● Depending upon the client requirement, the application provides the result to the end-user
(with resources) in the back end

Service

● Service is an essential component in cloud architecture

● Its responsibility is to provide utility in the architecture
● In a Cloud, few widely used services among the end-users are storage application
development environments and web services

Storage

● It stores and maintains data like files, videos, documents, etc. over the internet
● Some of the popular examples of storage services are below:
○ Amazon S3
○ Oracle Cloud-Storage
○ Microsoft Azure Storage
● Its capacity varies depending upon the service providers available in the market

Management

● Its task is to allot specific resources to a specific task, it simultaneously performs various
functions of the cloud environment
 ● It helps in the management of components like application, task, service, security, data
storage, and cloud infrastructure
● In simple terms, it establishes coordination among the cloud resources

Security

● Security is an integral part of back-end cloud infrastructure

● It provides secure cloud resources, systems, files, and infrastructure to end-users
● Also, it implements security management to the cloud server with virtual firewalls which
results in preventing data loss

Now, that we know the architecture of cloud computing, let’s move on and learn about the benefits
of the architecture.

Learn the Fundamentals of How Business Works

Executive Certificate In General ManagementExplore Program

Benefits of Cloud Computing Architecture

The cloud computing architecture is designed in such a way that:

● It solves latency issues and improves data processing requirements

● It reduces IT operating costs and gives good accessibility to access data and digital tools
● It helps businesses to easily scale up and scale down their cloud resources
● It has a flexibility feature which gives businesses a competitive advantage
● It results in better disaster recovery and provides high security
● It automatically updates its services
● It encourages remote working and promotes team collaboration

Going ahead, let’s have a look at the components of cloud computing architecture.

What is Cloud Computing Reference Model?

The cloud computing reference model is an abstract model that divides a cloud computing
environment into abstraction layers and cross-layer functions to characterize and standardize its
functions. This reference model divides cloud computing activities and functions into three cross-
layer functions and five logical layers.

Each of these layers describes different things that might be present in a cloud computing
environment, such as computing systems, networking, storage equipment, virtualization software,
security measures, control and management software, and so forth. It also explains the
connections between these organizations. The five layers are the Physical layer, virtual layer,
control layer, service orchestration layer, and service layer.

Cloud Computing reference model is divided into 3 major service models:

1. Software as a Service (SaaS)

2. Platform as a Service (PaaS)
3. Infrastructure as a Service (IaaS)

The below diagram explains the cloud computing reference model:

Cloud Computing Reference Model Overview

IaaS, PaaS, and SaaS are the three most prevalent cloud delivery models, and together they
have been widely adopted and formalized. A cloud delivery service model is a specific,
preconfigured combination of IT resources made available by a cloud service provider. But the
functionality and degree of administrative control each of these three delivery types offer cloud
users varies.

These abstraction layers can also be considered a tiered architecture, where services from one
layer can be combined with services from another, for example, SaaS can supply infrastructure
to create services from a higher layer. Let us have a look at the layers of cloud computing
reference model.

1. SaaS
Software as a Service (SaaS) is a form of application delivery that relieves users of the burden of
software maintenance while making development and testing easier for service providers.

The cloud delivery model's top layer is where applications are located. End customers get access
to the services this tier offers via web portals. Because online software services provide the same
functionality as locally installed computer programs, consumers (users) are rapidly switching from
them. Today, ILMS and other application software can be accessed via the web as a service.

In terms of data access, collaboration, editing, storage, and document sharing, SaaS is
unquestionably a crucial service. Email service in a web browser is the most well-known and
widely used example of SaaS, but SaaS applications are becoming more cooperative and
advanced.

Features of SaaS are as follows:

● The cloud consumer has full control over all the cloud services.
● The provider has full control over software applications-based services.
● The cloud provider has partial control over the implementation of cloud services.
● The consumer has limited control over the implementation of these cloud services.

2. PaaS

Platform as a Service is a strategy that offers a high level of abstraction to make a cloud readily
programmable in addition to infrastructure-oriented clouds that offer basic compute and storage
capabilities (PaaS). Developers can construct and deploy apps on a cloud platform without
necessarily needing to know how many processors or how much memory their applications would
use. A PaaS offering that provides a scalable environment for creating and hosting web
applications is Google App Engine, for instance.

Features of PaaS layer are as follows:

● The cloud provider has entire rights or control over the provision of cloud services to
consumers.
● The cloud consumer has selective control based on the resources they need or have opted
for on the application server, database, or middleware.
● Consumers get environments in which they can develop their applications or databases.
These environments are usually very visual and very easy to use.
● Provides options for scalability and security of the user’s resources.
● Services to create workflows and websites.
● Services to connect users’ cloud platforms to other external platforms.

3. IaaS

Infrastructure as a Service (IaaS) offers storage and computer resources that developers and IT
organizations use to deliver custom/business solutions. IaaS delivers computer hardware
(servers, networking technology, storage, and data center space) as a service. It may also include
the delivery of OS and virtualization technology to manage the resources. Here, the more
important point is that IaaS customers rent computing resources instead of buying and installing
them in their data centers. The service is typically

paid for on a usage basis. The service may include dynamic scaling so that if the customers need
more resources than expected, they can get them immediately.

The control of the IaaS layer is as follows:

● The consumer has full/partial control over the infrastructure of the cloud, servers, and
databases.
● The consumer has control over the Virtual Machines' implementation and maintenance.
● The consumer has a choice of already installed VM machines with pre-installed Operating
systems.
● The cloud provider has full control over the data centers and the other hardware involved
in them.
● It has the ability to scale resources based on the usage of users.
● It can also copy data worldwide so that data can be accessed from anywhere in the world
as soon as possible.

You can learn in-depth about these layers when you go for AWS certification Cloud Practitioner
course.

Types of Cloud Computing Reference Model

There is various type of cloud computing reference model used based on different requirements
of the consumers. The most important type of cloud computing reference model is the cloud
reference model in cloud computing. The National Institute of Standards and Technology (NIST)
is an organization designed by the US government (USG) agency for the adoption and
development of cloud computing standards.

The principle of NIST Cloud computing reference architecture are:

1. Create a vendor-neutral architecture that adheres to the NIST standard.

2. Create a solution that does not inhibit innovation by establishing a required technological
solution.
3. The NIST Cloud computing reference architecture provides characteristics like elasticity,
self-service, the collaboration of resources, etc.

The service models involved in this architecture are:

1. Software as a Service (SaaS)

2. Platform as a Service (PaaS)
3. Infrastructure as a Service (IaaS)
NIST Cloud computing also has 4 deployment models, which are as follows:

1. Public

This is the model where cloud infrastructure and resources are given to the public via a public
network. These models are generally owned by companies that sell cloud services.

2. Private

This is the model where cloud infrastructure and resources are only accessible by the cloud
consumer. These models are generally owned by cloud consumers themselves or a third party.

3. Community

This is the model where a group of cloud consumers might share their cloud infrastructure and
resources as they may have the same goal and policies to be achieved. These models are owned
by organizations or third-party.

4. Hybrid

This model consists of a mixture of different deployment models like public, private, or community.
This helps in the exchange of data or applications between various models.

Examples of Cloud Computing Reference Model Apart From NIST

1. IBM Architecture
2. Oracle Architecture
3. HP Architecture
4. Cisco Reference Architecture
Major Actors of Cloud Computing Reference Model

There are five major actors in NIST cloud computing reference architecture. They are:

1. Cloud Consumer
2. Cloud Provider
3. Cloud Carrier
4. Cloud Auditor
5. Cloud Broker

The below image will explain cloud computing reference model with a neat diagram.

Each actor is an entity that participates in the process and/or completes duties in cloud computing.
This entity could be a person or an organization.

1. Cloud Consumer

The end user that the cloud computing service is designed to support is the cloud consumer. An
individual or corporation with a working relationship with a cloud provider and utilizing its services
is referred to as a cloud consumer. A cloud customer peruses a cloud provider's service catalog,
makes the proper service request, enters into a service agreement with the cloud provider, and
then utilizes the service. The cloud customer may be charged for the service provided, in which
case payment arrangements must be made. They need to have a cloud Service Level Agreement
(SLA).

2. Cloud Provider
Any individual, group, or other entity in charge of making a service accessible to cloud users is a
cloud provider. A cloud provider creates the requested software, platforms, and infrastructure
services, manages the technical infrastructure needed to supply the services, provisions the
services at agreed-upon service levels, and safeguards the services' security and privacy.

Through service interfaces and virtual network interfaces that aid in resource abstraction, the
cloud provider implements the cloud software to make computing resources accessible to cloud
consumers that use the infrastructure as a service.

3. Cloud Carrier

A cloud carrier serves as an intermediary between cloud providers and customers, facilitating
connectivity and transport of cloud services. Customers can access the cloud through the
network, telecommunication, and other access equipment provided by cloud carriers. Customers
of cloud services, for instance, can get them through network access devices, including laptops,
mobile phones, PCs, and mobile Internet devices (MIDs), among others. Network and
telecommunication carriers typically handle the distribution of cloud services, while a transport
agent is a company that arranges for the physical delivery of storage devices like high-capacity
hard drives.

Remember that a cloud provider will establish service level agreements (SLAs) with a cloud
carrier to provide services at a level consistent with the SLAs offered to cloud consumers. The
cloud provider may also demand that the cloud carrier provide dedicated and encrypted
connections between cloud consumers and cloud providers.

4. Cloud Auditor

An unbiased evaluation of cloud services, information system operations, performance, and the
security of a cloud computing implementation can be done by a cloud auditor. A cloud auditor can
assess a cloud provider's services in terms of performance, service level agreement compliance,
privacy implications, and security controls.

The management, operational, and technical precautions or countermeasures used inside an

organizational information system to ensure the privacy, availability, and integrity of the system
and its data are known as security controls.

To do a security audit, a cloud auditor can evaluate the information system's security controls to
see how well they are being implemented, functioning as intended, and achieving the required
results in relation to the system's security needs. Verifying compliance with law and security policy
should be part of the security audit.

5. Cloud Broker

An organization called a "Cloud Broker" controls how cloud services are used, performed, and
delivered and negotiates contracts between cloud providers and cloud users. The integration of
cloud services could become too difficult for cloud consumers to handle as cloud computing
develops. Instead of contacting a cloud provider directly in certain circumstances, a cloud
consumer may request cloud services through a cloud broker. A single point of access for
controlling numerous cloud services is offered by cloud brokers. The capacity to offer a single
consistent interface to numerous different providers, whether the interface is for commercial or
technical objectives, separates a cloud broker from a cloud service provider. Cloud Brokers
provide services in three categories:

Intermediation

By enhancing a certain feature and offering cloud consumers value-added services, a cloud
broker improves a given service. The enhancement may take the shape of identity management,
performance reporting, improved security, etc.

Aggregation

Several services are combined and integrated into one or more new services by a cloud broker.
The broker offers data and service integration, guarantees secure data transfer between the cloud
consumer and various cloud providers, and provides these services.

Arbitrage

Like service aggregation, service arbitrage differs from it in that the services being integrated or
aggregated are not fixed. Service arbitrage refers to the freedom a Broker has to select services
from various service Providers.

Interactions Between Actors in Cloud Computing in Cloud Security

Reference Model

1. Instead of contacting a cloud provider directly, a cloud consumer may request service through
a cloud broker. The cloud broker may combine several services to form a new service or may
improve an existing one. In this illustration, the cloud consumer interacts directly with the cloud
broker and is unaware of the actual cloud providers.
2. An unbiased evaluation of the functionality and security of a cloud service's implementation is
done by a cloud auditor. Interactions with the cloud consumer and cloud provider may be
necessary for the audit.

3. The connectivity and delivery of cloud services from cloud providers to cloud consumers are
handled by cloud carriers. Figure 4 shows how a cloud provider arranges and participates in two
distinct service level agreements (SLAs), one with a cloud carrier (for example, SLA2) and one
with a cloud consumer (e.g., SLA1).

To ensure that the cloud services are used at a consistent level in accordance with the contractual
responsibilities with the cloud consumers, a cloud provider negotiates service level agreements
(SLAs) with a cloud carrier and may ask for dedicated and encrypted connections. In this situation,
the provider may express its functionality, capability, and flexibility needs in SLA2 to meet SLA1's
basic requirements.

Security Reference Model in Cloud Computing

The formal model for the NIST Cloud Computing Security Reference Architecture is NIST SP 500-
292: A connected collection of security components generated from the CSA TCI-RA, the NIST
Cloud Computing Reference Architecture, and a way for utilizing the formal model and the security
components to orchestrate a safe cloud ecosystem.

The Cloud Security reference model is agnostic about the cloud deployment model, and its
methodology may easily be applied to data about Private, Community, or Hybrid clouds. It is a
formal model, a collection of Security Components, and a methodology for applying a cloud-
adapted Risk Management Framework. Since a public cloud deployment model best supports
illustrative examples of all the NCC-SRA Security Components and security considerations, this
document uses it to describe the methodology for illustration purposes.

The Cloud Security reference model introduces a risk-based methodology to establish each cloud
actor's accountability for putting particular controls throughout the cloud ecosystem's life cycle.
The Security Components are specifically examined for each instance of the cloud Ecosystem to
determine the degree to which each cloud actor participated in the implementation of those
components. This document's main goal is to demystify the process of describing, identifying,
classifying, analyzing, and choosing cloud-based services for cloud consumers who are trying to
figure out which cloud service offering best addresses their cloud computing needs and supports
their business and mission-critical processes and services in the most secure and effective way.