Cloud Computing

H.R.Tarle
Walchand College of Engineering/Information Technology, Sangli, India

Abstract—
With the significant advances in Information 2. Platform as a service (PaaS)
and Communication Technology (ICT) over the last 3. Software as a service (SaaS)
half century, there is an increasingly perceived vision
that computing will one day be the 5th utility (after 4. Network as a service (NaaS)
water, electricity, gas, and telephony). This computing
utility, like all other four existing utilities, will In the business model using software as a
provide the basic level of computing service that is service, users are provided access to application
considered essential to meet the everyday needs of the software and databases. The cloud providers manage
general community. To deliver this vision, a number the infrastructure and platforms on which the
of computing paradigms have been proposed, of applications run. SaaS is sometimes referred to as
which the latest one is known as Cloud computing. ―on-demand software‖ and is usually priced on a pay-
Cloud computing is a relatively new way of
per-use basis. SaaS providers generally price
referring to the use of shared computing resources,
and it is an alternative to having local servers handle applications using a subscription fee. Proponents
applications. Reducing costs, accelerating processes claim that the SaaS allows a business the potential to
and simplifying management are all vital to the reduce IT operational costs by outsourcing hardware
success of an effective IT infrastructure. Companies and software maintenance and support to the cloud
are increasingly turning to more flexible IT provider. This enables the business to reallocate IT
environments to help them realise these goals. It operations costs away from hardware/software
enables tasks to be assigned to a combination of spending and personnel expenses, towards meeting
software and services over a network. This network of
other IT goals. In addition, with applications hosted
servers is the cloud. It can help businesses transform
their existing server infrastructures into dynamic centrally, updates can be released without the need for
environments, expanding and reducing server capacity users to install new software. One drawback of SaaS
depending on their requirements. Cloud computing is that the users' data are stored on the cloud
has emerged at an inflexion point in the industry and provider’s server. As a result, there could be
our lives, where IT is all prevalent and is no longer unauthorized access to the data.[6]
the panacea for all industry ills. With cloud
computing sweeping across the IT and business
world, the economics of this emerging world will be
very different. Cloud computing is the current buzz
word in the air. This paper looks at the aspects that
cloud computing presents to all IT ecosystems during
the transformation. This paper begins by asking just
what exactly is cloud computing. We will take a look
at how cloud computing works and how is that going
to make an impact to our current working
environment. Also we will take a look into a category
of Cloud Computing, i.e. SaaS (software as a service).

I. INTRODUCTION
Cloud Computing is the use
of computing resources (hardware and software) that
are delivered as a service over a network (typically
the Internet). The name comes from the use of
a cloud-shaped symbol as an abstraction for the
complex infrastructure it contains in system diagrams.
Cloud computing entrusts remote services with a
user's data, software and computation.
There are many types of public cloud computing: Fig. 1 Cloud Computing
1. Infrastructure as a service (IaaS)

1
 End users access cloud based
applications through a web browser or a light-weight
desktop or mobile app while the business
software and user's data are stored on servers at a
remote location. Proponents claim that cloud
computing allows enterprises to get their applications
up and running faster, with improved manageability
and less maintenance, and enables IT to more rapidly
adjust resources to meet fluctuating and unpredictable
business demand. Cloud computing relies on sharing
of resources to achieve coherence and economies of
scale similar to a utility (like the electricity grid) over
a network. At the foundation of cloud computing is
the broader concept of converged infrastructure
shared services.[6]
II. CHARACHTERISTIC
1) Agility: improves with users' ability to re-
provision technological infrastructure resources.
2) Application Programming Interface:
(API) accessibility to software that enables machines
to interact with cloud software in the same way the
user interface facilitates interaction between humans
and computers. Cloud computing systems typically
use REST-based APIs.
3) Cost: is claimed to be reduced and in a public
cloud delivery model capital expenditure is converted
to operational expenditure. This is purported to lower
barriers to entry, as infrastructure is typically provided
by a third-party and does not need to be purchased for
one-time or infrequent intensive computing tasks.
Pricing on a utility computing basis is fine-grained
with usage-based options and fewer IT skills are
required for implementation (in-house). The e-
FISCAL project's state of the art repository contains
several articles looking into cost aspects in more
detail, most of them concluding that costs savings
depend on the type of activities supported and the
type of infrastructure available in-house.
4) Device and Location Independence:
enable users to access systems using a web browser
regardless of their location or what device they are
using (e.g., PC, mobile phone). As infrastructure is
off-site (typically provided by a third-party) and
accessed via the Internet, users can connect from
anywhere. [6]
5) Virtualization: technology allows servers and
storage devices to be shared and utilization be
increased. Applications can be easily migrated from
one physical server to another.
2
6) Mulitenancy: enables sharing of resources and
costs across a large pool of users thus allowing for:
Centralization of infrastructure in locations with lower
costs (such as real estate, electricity, etc.)
Peak-load capacity increases (users need not engineer
for highest possible load-levels)
Utilisation and efficiency improvements for systems
that are often only 10–20% utilised.
7) Reliability: is improved if multiple redundant
sites are used, which makes well-designed cloud
computing suitable for business
continuity and disaster recovery.
8) Scalability and elasticity: via dynamic ("on-
demand") provisioning of resources on a fine-grained,
self-service basis near real-time, without users having
to engineer for peak loads.
9) Performance: is monitored, and consistent and
loosely coupled architectures are constructed
using web services as the system interface.
10) Security: could improve due to centralization of
data, increased security-focused resources, etc., but
concerns can persist about loss of control over certain
sensitive data, and the lack of security for stored
kernels. Security is often as good as or better than
other traditional systems, in part because providers are
able to devote resources to solving security issues that
many customers cannot afford. However, the
complexity of security is greatly increased when data
is distributed over a wider area or greater number of
devices and in multi-tenant systems that are being
shared by unrelated users. In addition, user access to
security audit logs may be difficult or impossible.
Private cloud installations are in part motivated by
users' desire to retain control over the infrastructure
and avoid losing control of information security.
11) Maintenance: of cloud computing applications
is easier, because they do not need to be installed on
each user's computer and can be accessed from
different places. [6]
III. CLOUD MODELS
Cloud computing providers offer their
services according to three fundamental models:
infrastructure as a service (IaaS), platform as a
service (PaaS), and software as a service (SaaS)
where IaaS is the most basic and each higher model
abstracts from the details of the lower models. In 2012
network as a service (NaaS) and communication as a
service (CaaS) were officially included by ITU
(International Telecommunication Union) as part of
the basic cloud computing models, recognized service
categories of a telecommunication-centric cloud B. Platform as service:
ecosystem.
In the PaaS model, cloud providers
deliver a computing platform typically including
operating system, programming language execution
environment, database, and web server. Application
developers can develop and run their software
solutions on a cloud platform without the cost and
complexity of buying and managing the underlying
hardware and software layers. With some PaaS offers,
the underlying computer and storage resources scale
automatically to match application demand such that
cloud user does not have to allocate resources
manually. Examples of PaaS include: AWS Elastic
Beanstalk, Cloud Foundry, Force.com, EngineYard,
Mendix, Google App Engine, Windows Azure
Compute and OrangeScape.

C. Software as service:
In the SaaS model, cloud providers install
Fig. 2 Cloud Models and operate application software in the cloud and
cloud users access the software from cloud clients.
A. Infrastructure as service: The cloud users do not manage the cloud
infrastructure and platform on which the application is
In the most basic cloud-service model,
running. This eliminates the need to install and run the
providers of IaaS offer computers - physical or (more
application on the cloud user's own computers
often) virtual machines - and other resources. Pools of
simplifying maintenance and support. What makes a
hypervisors within the cloud operational support-
cloud application different from other applications is
system can support large numbers of virtual machines
its scalability. This can be achieved by cloning tasks
and the ability to scale services up and down
onto multiple virtual machines at run-time to meet the
according to customers' varying requirements. IaaS
changing work demand. Load balancers distribute the
clouds often offer additional resources such as images
work over the set of virtual machines. This process is
in a virtual-machine image-library, raw (block) and
transparent to the cloud user who sees only a single
file-based storage, firewalls, load balancers, IP
access point. To accommodate a large number of
addresses, virtual local area networks (VLANs), and
cloud users, cloud applications can be multitenant,
software bundles. IaaS-cloud providers supply these
that is, any machine serves more than one cloud user
resources on-demand from their large pools installed
organization. It is common to refer to special types of
in data centers. For wide-area connectivity, customers
cloud based application software with a similar
can use either the Internet or carrier clouds (dedicated
naming convention: desktop as a service, business
virtual private networks).
process as a service, test environment as a service,
To deploy their applications, cloud users
communication as a service.
install operating-system images and their application
The pricing model for SaaS applications is
software on the cloud infrastructure. In this model, the
typically a monthly or yearly flat fee per user, so price
cloud user patches and maintains the operating
is scalable and adjustable if users are added or
systems and the application software. Cloud providers
removed at any point. Examples of SaaS
typically bill IaaS services on a utility computing
include: Google Apps, Microsoft Office 365, Onlive,
basis: cost reflects the amount of resources allocated
and TradeCard.
and consumed.Examples of IaaS providers include
Amazon CloudFormation, Amazon EC2, Window
D. Network as service:
Azure virtual Machines DynDNS, Google compute
Engine,HP Cloud, iland, Joyent, Rackspace Cloud A category of cloud services where the
Compute,ReadySpace Cloud Services. capability provided to the cloud service user is to use
network/transport connectivity services and/or inter-

3
cloud network connectivity services. NaaS involves
the optimization of resource allocations by
considering network and computing resources as a
unified whole. Traditional NaaS services include
flexible and extended VPN, and bandwidth on
demand. NaaS concept materialization also includes
the provision of a virtual network service by the
owners of the network infrastructure to a third party
(VNP – VNO).
IV. CLOUD COMPUTING TYPES
The Cloud Computing types are divide into
the as per user use and what user want and its
application. Such as private cloud, public cloud,
community cloud and hybrid cloud. [6]
A. Public Cloud:
Public cloud applications, storage, and other
resources are made available to the general public by
a service provider. These services are free or offered
on a pay-per-use model. Generally, public cloud
service providers like Amazon AWS, Microsoft and
Google own and operate the infrastructure and offer
access only via Internet (direct connectivity is not
offered).
B. Community Cloud:
Community cloud shares infrastructure between
several organizations from a specific community with
common concerns (security, compliance, jurisdiction,
etc.), whether managed internally or by a third-party
and hosted internally or externally. The costs are
spread over fewer users than a public cloud (but more
than a private cloud), so only some of the cost savings
potential of cloud computing are realized.
C. Private cloud:
Private cloud is cloud infrastructure
operated solely for a single organization, whether
managed internally or by a third-party and hosted
internally or externally. Undertaking a private cloud
project requires a significant level and degree of
engagement to virtualize the business environment,
and it will require the organization to reevaluate
decisions about existing resources. When it is done
right, it can have a positive impact on a business, but
every one of the steps in the project raises security
issues that must be addressed in order to avoid serious
vulnerabilities. They have attracted criticism because
users "still have to buy, build, and manage them" and
thus do not benefit from less hands-on management,
4
essentially "[lacking] the economic model that makes
cloud computing such an intriguing concept".
D. Hybrid cloud:
Hybrid cloud is a composition of two or
more clouds (private, community or public) that
remain unique entities but are bound together,
offering the benefits of multiple deployment models.
By utilizing "hybrid cloud" architecture, companies
and individuals are able to obtain degrees of fault
tolerance combined with locally immediate usability
without dependency on internet connectivity. Hybrid
cloud architecture requires both on-premises
resources and off-site (remote) server-based cloud
infrastructure. Hybrid clouds lack the flexibility,
security and certainty of in-house applications. Hybrid
cloud provides the flexibility of in house applications
with the fault tolerance and scalability of cloud based
services.
V. CLOUD CLIENTS
Users access cloud computing using
networked client devices, such as desktop computers,
laptop, tablets and smartphones. Some of these
devices cloud clients rely on cloud computing for all
or a majority of their applications so as to be
essentially useless without it. Examples are thin
clients and the browser-based Chrome book. Many
cloud applications do not require specific software on
the client and instead use a web browser to interact
with the cloud application with AJAX and HTML5
these Web user interfaces can achieve a similar or
even better look and feel as native applications. Some
cloud applications, however, support specific client
software dedicated to these applications (e.g., virtual
desktop clients and most email clients). Some legacy
applications (line of business applications that until
now have been prevalent in thin client Windows
computing) are delivered via a screen-sharing
technology.
VI. CLOUD ARCHITECTURE
Cloud Architecture the systems architecture of
the software systems involved in the delivery of cloud
computing, typically involves multiple cloud
components communicating with each other over a
loose coupling mechanism such as a messaging
queue. Elastic provision implies intelligence in the use
of tight or loose coupling as applied to mechanisms
such as these and others.[6]

Fig. 3 Cloud Architecture
The Intercloud:
The Intercloud is an interconnected global
cloud of clouds and an extension of the Internet
network of networks on which it is based.
Cloud engineering:
Cloud engineering is the application
of engineering disciplines to cloud computing. It
brings a systematic approach to the high-level
concerns of commercialisation, standardisation, and
governance in conceiving, developing, operating and
maintaining cloud computing systems. It is a
multidisciplinary method encompassing contributions
from diverse area such as system, software, web,
performance, information, security, platform, risk, and
quality engineering. [6]
VII. CLOUD ISSUES
A. Privacy:
The cloud model has been criticized by
privacy advocates for the greater ease in which the
companies hosting the cloud services control, thus,
can monitor at will, whether permitted or not by their
customers, the communication between the host
company and the end user, as well as the user's stored
data. Instances such as the secret NSA program,
working with AT&T, and Verizon, which recorded
over 10 million telephone calls between American
citizens, causes uncertainty among privacy advocates,
and the greater powers it gives to telecommunication
companies to monitor user activity. Using a cloud
service provider (CSP) can complicate privacy of data
because of the extent to which virtualization for cloud
processing (virtual machines) and cloud storage are
used to implement cloud service. CSP operations,
customer or tenant data may not remain on the same
system, or in the same data center or even within the
same provider's cloud; this can lead to legal concerns
5
over jurisdiction. While there have been efforts (such
as US-EU Safe Harbor) to "harmonise" the legal
environment, providers such as Amazon still cater to
major markets (typically the United States and
the European Union) by deploying local infrastructure
and allowing customers to select "availability zones."
Cloud computing poses privacy concerns because the
service provider may access the data that is on the
cloud at any point in time. They could accidentally or
deliberately alter or even delete information.
Postage and delivery services
company Pitney Bowes launched Volly, a cloud-
based, digital mailbox service to leverage its
communication management assets. They also faced
the technical challenge of providing strong data
security and privacy. However, they were able to
address the same concern by applying customized,
application-level security, including encryption.
B. Compliance:
In order to obtain compliance with
regulations including FISMA, HIPAA and SOX in the
United States, the Data Protection Directive in the EU
and the credit card industry's PCI DSS, users may
have to adopt community or hybrid deployment modes
that are typically more expensive and may offer
restricted benefits. This is how Google is able to
"manage and meet additional government policy
requirements beyond FISMA‖. Rackspace Cloud or
QubeSpace are able to claim PCI compliance. Many
providers also obtain a SAS 70 Type II audit, but this
has been criticized on the grounds that the hand-
picked set of goals and standards determined by the
auditor and the auditee are often not disclosed and can
vary widely. Providers typically make this
information available on request, under non-
disclosure agreement. Customers in the EU
contracting with cloud providers outside the EU/EEA
have to adhere to the EU regulations on export of
personal data.
U.S. Federal Agencies have been directed by
the Office of Management and Budget to use a
process called FedRAMP (Federal Risk and
Authorization Management Program) to assess and
authorize cloud products and services. Federal CIO
Steven VanRoekel issued a memorandum to federal
agency Chief Information Officers on December 8,
2011 defining how federal agencies should use
FedRAMP. FedRAMP consists of a subset of NIST
Special Publication 800-53 security controls
specifically selected to provide protection in cloud
environments. A subset has been defined for the FIPS
199 low categorization and the FIPS 199 moderate
categorization. The FedRAMP program has also
established a Joint Accreditation Board (JAB)
consisting of Chief Information Officers from DoD,
DHS and GSA. The JAB is responsible for
establishing accreditation standards for 3rd party
organizations who will perform the assessments of
cloud solutions. The JAB will also review
authorization packages and may grant provisional
authorization (to operate). The federal agency
consuming the service will still have the final
responsibility for final authority to operate.
C. Legal:
As with other changes in the landscape of
computing, certain legal issues arise with cloud
computing, including trademark infringement,
security concerns and sharing of proprietary data
resources. The Electronic Frontier Foundation has
criticized the United States government for
considering during the Megaupload seizure process
that people lose property rights by storing data on a
cloud computing service. One important but not often
mentioned problem with cloud computing is the
problem of whom is in "possession" of the data. If a
cloud company is the possessor of the data, the
possessor has certain legal rights. If the cloud
company is the "custodian" of the data, then a
different set of rights would apply. The next problem
in the legalities of cloud computing is the problem of
legal ownership of the data. Many Terms of Service
agreements are silent on the question of ownership.
D. Open Source:
Open-source software has provided the
foundation for many cloud computing
implementations, prominent examples being
the Hadoop framework and VMware cloud
Foundry. In November 2007, the Free Software
Foundation released the Affero General Public
License, a version of GPLv3 intended to close a
perceived legal loophole associated with free software
designed to be run over a network.[5]
E. Open Standards:
Most cloud providers expose APIs that are
typically well-documented (often under a Creative
Commons license) but also unique to their
implementation and thus not interoperable. Some
vendors have adopted others' APIs and there are a
number of open standards under development, with a
view to delivering interoperability and portability. As
6
of November 2012, the Open Standard with broadest
industry support industry support is probably
OpenStack, Founded in 2010 by NASA and
Rackspace, and now governed by the Openstack
Foundation. Open stack supporters include AMD,
intel Canonical, SUSE Linuc,Redhat Cisco, Dell, HP,
IBM,[6] Yahoo and now VMware.
F. Security:
As cloud computing is achieving increased
popularity, concerns are being voiced about the
security issues introduced through adoption of this
new model. The effectiveness and efficiency of
traditional protection mechanisms are being
reconsidered as the characteristics of this innovative
deployment model can differ widely from those of
traditional architectures. An alternative perspective on
the topic of cloud security is that this is but another,
although quite broad, case of "applied security" and
that similar security principles that apply in shared
multi-user mainframe security models apply with
cloud security.
The relative security of cloud computing
services is a contentious issue that may be delaying its
adoption. Physical control of the Private Cloud
equipment is more secure than having the equipment
off site and under someone else’s control. Physical
control and the ability to visually inspect the data
links and access ports is required in order to ensure
data links are not compromised. Issues barring the
adoption of cloud computing are due in large part to
the private and public sectors' unease surrounding the
external management of security-based services. It is
the very nature of cloud computing-based services,
private or public, that promote external management
of provided services. This delivers great incentive to
cloud computing service providers to prioritize
building and maintaining strong management of
secure services. Security issues have been categorised
into sensitive data access, data segregation, privacy,
bug exploitation, recovery, accountability, malicious
insiders, management console security, account
control, and multi-tenancy issues. Solutions to various
cloud security issues vary, from cryptography,
particularly public key infrastructure (PKI), to use of
multiple cloud providers, standardisation of APIs, and
improving virtual machine support and legal support.
Cloud computing offers many benefits, but it
also is vulnerable to threats. As the uses of cloud
computing increase, it is highly likely that more
criminals will try to find new ways to exploit
vulnerabilities in the system. There are many
underlying challenges and risks in cloud computing
that increase the threat of data being compromised. To
help mitigate the threat, cloud computing stakeholders
should invest heavily in risk assessment to ensure that
the system encrypts to protect data; establishes trusted
foundation to secure the platform and infrastructure;
and builds higher assurance into auditing to
strengthen compliance. Security concerns must be
addressed in order to establish trust in cloud
computing technology. [5]
G. Sustainability:
Although cloud computing is often assumed
to be a form of "green computing", there is no
published study to substantiate this assumption. Citing
the server effects on the environmental effects of
cloud computing, in areas where climate favors
natural cooling and renewable electricity is readily
available, the environmental effects will be more
moderate. (The same holds true for "traditional" data
centers.) Thus countries with favorable conditions,
such as Finland, Sweden and Switzerland, are trying
to attract cloud computing data centers. Energy
efficiency in cloud computing can result from energy-
aware scheduling and server consolidation. However,
in the case of distributed clouds over data centers with
different source of energies including renewable
source of energies, a small compromise on energy
consumption reduction could result in high carbon
footprint reduction. [5]
H. Abuse:
As with privately purchased hardware,
customers can purchase the services of cloud
computing for nefarious purposes. This includes
password cracking and launching attacks using the
purchased services. In 2009, a banking trojan illegally
used the popular Amazon service as a command and
control channel that issued software updates and
malicious instructions to PCs that were infected by the
malware.[5]
I. IT governance:
Main article: Corporate governance of
information technology The introduction of cloud
computing requires an appropriate IT governance
model to ensure a secured computing environment
and to comply with all relevant organizational
information technology policies. As such,
organizations need a set of capabilities that are
essential when effectively implementing and
managing cloud services, including demand
management, relationship management, data security
management, application lifecycle management, risk
and compliance management. [5]
J. Consumer end storage:
The increased use of cloud computing could lead to a
reduction in demand for high storage capacity
consumer end devices, due to cheaper low storage
7
devices that stream all content via the cloud becoming
more popular.
K. Ambiguity of terminology:
Outside of the information technology and
software industry, the term "cloud" can be found to
reference a wide range of services, some of which fall
under the category of cloud computing, while others
do not. The cloud is often used to refer to a product or
service that is discovered, accessed and paid for over
the Internet, but is not necessarily a computing
resource. Examples of service that are sometimes
referred to as "the cloud" include, but are not limited
to, crowd sourcing, cloud printing, crowd funding,
cloud manufacturing.[5]
Conclusion
In today's global competitive market,
companies must innovate and get the most from its
resources to succeed. This requires enabling its
employees, business partners, and users with the
platforms and collaboration tools that promote
innovation. Cloud computing infrastructures are next
generation platforms that can provide tremendous
value to companies of any size. They can help
companies achieve more efficient use of their IT
hardware and software investments and provide a
means to accelerate the adoption of innovations.
Cloud computing increases profitability by improving
resource utilization. Costs are driven down by
delivering appropriate resources only for the time
those resources are needed. Cloud computing has
enabled teams and organizations to streamline lengthy
procurement processes. Cloud computing enables
innovation by alleviating the need of innovators to
find resources to develop, test, and make their
innovations available to the user community.
Innovators are free to focus on the innovation rather
than the logistics of finding and managing resources
that enable the innovation. Cloud platforms don’t yet
offer the full spectrum of an on-premises
environment. For example, business intelligence as
part of the platform isn’t common, nor is support for
business process management technologies such as
full-featured workflow and rules engines. This is all
but certain to change; however, as this technology
wave continues to roll forward. The attractions of
cloud-based computing, including scalability and
lower costs, are very real. If you work in application
development, whether for a software vendor or an end
user, expect the cloud to play an increasing role in
your future. The next generation of application
platforms is here. [5]
REFERENCES
[1] IBM Cloud Computing by Authors: Greg Boss, Padma
Malladi, Dennis Quan, Linda.
[2] Introduction to Cloud Computing architecture White Paper,1st
Edition, June 2009 by SUN.
[3] Cloud computing and emerging IT platforms: Vision, hype,
and reality for delivering computing as the 5th utility by
Rajkumar Buyyaa,b,_, Chee Shin Yeoa, Srikumar
Venugopala, James Broberg a, Ivona Brandic.
[4] White paper ―Application Architecture for Cloud Computing‖
[5] http://www.infoworld.com/d/cloud-computing/what-
cloudcomputing- really-means-031
[6] http://en.wikipedia.org/wiki/Cloud_computing
[7] http://www.ibm.com/ibm/cloud/
[8] http://www.tcs.com/cloud/
[9] http://www.wikinvest.com/concept/Cloud_Computing.