Module3

1. Discuss the classification of cloud computing based on deployment models and

Types of services offered
2. Discuss cloud design objectives
3. Compare cost models in traditional IT and cloud computing
4. Explain the basic requirements for managing the resources of a data center
5. With a neat diagram explain the generic cloud architecture.
6. With a neat diagram explain layered cloud architectural development
7. With a neat diagram explain Market-Oriented Cloud Architecture
8. Explain the architectural design challenges
9. Explain the following public cloud platforms
(a)GAE
(b) AWS
(c) AZURE
10. Explain the stack of six layers of cloud services
11. Explain the cloud resource provisioning policies
Module 4
1. Discuss top security concerns for cloud users
2. Discuss the security risks faced by cloud users and top threats to cloud computing?
3. Discuss privacy and privacy impact assessment.
4. Explain different types of cloud data encryption methods
5. Discuss security of data base services in cloud.
6. Discuss operating system security in cloud.
7. With a neat diagram Explain different types of virtual machine security services.
8. Explain security risks posed by shared images
9. Explain security risks posed by a management and cloud securitOS
10. With a neat diagram explain the components of Xoar.
11. Analyse the design of a trusted hypervisor.
12. Explain mobile device and cloud security.
13. With a neat diagram explain the corresponding security taken at each cloud
Service models.
 MODULE-3
4TH ANS :-
Here’s a simple explanation of the basic requirements for managing data center resources:

1. Making Users Happy

The data center should serve its users well for many years (at least 30 years). It should be
designed to give good, reliable service to a large number of people.

2. Smooth Information Flow

Data and services should move easily and quickly within the system. The goal is to keep services
running continuously and available all the time.

3. Multiuser Support
The system should support many users at the same time, handling tasks like managing traffic,
updating databases, and maintaining servers smoothly.

4. Scalability
As more users and data come in, the system should be able to grow easily. This includes adding
more storage, processing power, cooling systems, and energy support without big changes.

5. Reliability
The system should keep running even if something goes wrong. Features like:
• Failover (automatic switch to backup),
• Fault tolerance (resist failure), and
• Live migration (moving VMs without shutdown)
help in recovering quickly from hardware failures or disasters.

6. Low Cost
Running and using the data center should be affordable for both the company and the users.
This means cutting unnecessary expenses and using resources efficiently.

7. Security and Data Protection

Strong security must be in place to protect data from:
• Hackers,
• System failures,
• User mistakes.
This includes firewalls, encryption, and other defense tools.

8. Eco-Friendly (Green IT)

Data centers should save energy and use power efficiently. This helps the environment and also
reduces electricity costs.
Here’s a simple explanation of the Architectural Design Challenges in cloud computing:
8th ANS:-
Challenge 1: Service Availability and Data Lock-In
• If a cloud service is run by just one company, and it fails, all your data and services can
be lost.
• Solution: Use multiple cloud providers to stay safe from service failures.
• Also, it's hard to move your data from one provider to another because each one uses
different APIs (ways to connect).
• Solution: If APIs become standardized, it would be easier to switch providers and keep
your data safe.

Challenge 2: Data Privacy and Security

• Since cloud services work over the internet, they are open to hackers and other threats.
• Solution: Use encryption, firewalls, and secure networks to protect data.
• Newer attacks like VM hijacking or man-in-the-middle during VM transfer can also
occur.
• Countries may have rules about where user data must be stored (e.g., must stay within
national borders).

Challenge 3: Unpredictable Performance and Bottlenecks

• When many virtual machines (VMs) share the same resources, like storage or network,
they can slow each other down.
• Example: One VM writing data to disk may reduce speed for others.
• Solution: Improve I/O systems and plan where data and apps are placed to avoid traffic
jams.

Challenge 4: Distributed Storage and Software Bugs

• Cloud data is stored across many servers; it must scale as the data grows and still remain
consistent and available.
• Bugs in distributed systems are hard to find and fix because they don't show up easily
in testing.
• Solution: Use virtual machines to capture and analyze errors, or simulate systems for
testing.

Challenge 5: Scalability, Interoperability, and Standards

• Each cloud provider charges differently (e.g., AWS charges hourly, GAE charges based
on use).
• It’s tricky to scale quickly without breaking service agreements (SLAs).
• Also, different platforms don't always work well together.
• Solution: Use open standards like OVF to make sure VMs can run on any platform and
scale easily.
 5th ANS:-

What is the goal of this diagram?

It shows how cloud computing works, especially focusing on security and how everything
connects — from the user (you) to the servers (data centers).

Step 1: Clients (Users)

You (or any company) are the client.
You want to use cloud services like:
• Storing files
• Running applications
• Using servers without buying them

Step 2: Service Catalog

You first look at a menu (called a service catalog) to choose what cloud services you want.

Step 3: Resource Provisioning

The system then:
• Gives you the servers (virtual ones)
• Sets up storage and software
• Manages it for you
This is like the cloud giving you a ready-made computer inside the internet.

Step 4: Cloud Platform

All this is done inside the cloud platform, which:
 • Takes resources (like storage and CPU) from data centers
• Gives them to users as needed
• Manages everything smartly

Step 5: Data Centers

These are big buildings full of real computers (servers).
Cloud platforms use these to give users virtual services.

Step 6: Security System

There are special tools to protect your data and services, like:
• Trust systems: to check if the person or system is safe
• Reputation check: like checking reviews before trusting
• Data coloring: to mark sensitive data, so it’s protected

Step 7: Monitoring
The system always watches (monitors):
• Performance (is it running well?)
• Security (is anything being attacked?)

6th ANS:-

Types of Clouds (at the top):

1. Public Clouds – Services available to anyone over the internet (like Google Cloud or
AWS).
2. Private Clouds – Services used by one organization, over a private network (more
secure).
3. Hybrid Clouds – A mix of both public and private clouds.
All of them connect through the internet.
 Cloud Service Layers (at the bottom):
These are the layers that build up cloud services:
1. Infrastructure Layer (IaaS, HaaS, DaaS, etc.)
o Think of it as the base: virtual servers, storage, and networking.
o Example: Amazon EC2 provides virtual machines.
2. Platform Layer (PaaS)
o This is where developers build applications using tools provided by the cloud.
o Example: Google App Engine, where you can deploy code without managing
servers.
3. Application Layer (SaaS)
o Apps you can use directly from the cloud.
o Example: Gmail, Google Docs, or Dropbox.

Provisioning Layer (in the middle):

This green box manages and delivers both the physical and virtual resources to the cloud types
(public, private, hybrid).

1ST ANS:-
1. Public Cloud
• What it is: Cloud services that anyone can use over the internet.
• Example companies: Google Cloud, Microsoft Azure, Amazon Web Services (AWS)
• Who owns it: A third-party company
• Used by: General public or businesses
• Example use: You store your photos on Google Drive — that’s a public cloud!
Pros: Cheap, easy to use
Cons: Less control and security

2. Private Cloud
• What it is: Cloud that is used by only one organization.
• Who owns it: The organization itself or a private vendor
• Used by: Banks, government, or large companies needing high security
• Example use: A hospital stores patient records in its own private cloud.
Pros: More security and control
Cons: Expensive to maintain

3. Community Cloud
• What it is: Cloud shared by several organizations with similar needs.
• Used by: Groups like universities, government departments, or research labs
• Example use: Different colleges using one shared cloud to store research data
Pros: Shared cost, secure for group use
Cons: Limited flexibility compared to public cloud

4. Hybrid Cloud
 • What it is: A mix of public and private clouds.
• Used when: Some data is public (non-sensitive), and some is private (secure)
• Example use: A company runs its public website on a public cloud but stores customer
payment info on a private cloud
Pros: Flexible, balances cost and security
Cons: More complex to manage

1. IaaS – Infrastructure as a Service

• What you get: Basic building blocks like servers, storage, and networks
• Used by: IT admins and infrastructure experts
• You manage: Everything above the hardware (like OS, apps)
• Example: Amazon EC2, Google Compute Engine
Think of it like renting a computer from a cloud provider. You install and manage everything
on it.

2. PaaS – Platform as a Service

• What you get: A platform with OS, programming tools, and database support
• Used by: App developers
• You manage: Only your code and data; the rest is handled for you
• Example: Google App Engine, Microsoft Azure App Services
It’s like a pre-installed kitchen. You just come and cook your recipe (your app) without
worrying about setting up the kitchen.

3. SaaS – Software as a Service

• What you get: Ready-to-use software applications
• Used by: End users (like students, employees, customers)
• You manage: Nothing! Just use the software
• Example: Gmail, Google Docs, Zoom
It’s like ordering food online. You just eat — no cooking, no cleaning.

10th ANS:-
six layers of cloud services, ranging from hardware, network, and collocation to infrastructure,
platform, and software applications. We already introduced the top three service layers as SaaS,
PaaS, and IaaS, respectively. The cloud platform provides PaaS, which sits on top of the IaaS
infrastructure. The top layer offers SaaS. These must be implemented on the cloud plat forms
provided. Although the three basic models are dissimilar in usage, as shown in Table 4.7, they
are built one on top of another. The implication is that one cannot launch SaaS applications with
a cloud platform. The cloud platform cannot be built if compute and storage infrastructures are
not there.

The bottom three layers are more related to physical requirements. The bottommost layer
provides Hardware as a Service (HaaS). The next layer is for interconnecting all the hardware
com ponents, and is simply called Network as a Service (NaaS). Virtual LANs fall within the
scope of NaaS. The next layer up offers Location as a Service (LaaS), which provides a
collocation service to house, power, and secure all the physical hardware and network resources.
Some authors say this layer provides Security as a Service (“SaaS”). The cloud infrastructure
layer can be further subdi vided as Data as a Service (DaaS) and Communication as a Service
(CaaS) in addition to compute and storage in IaaS.

We will examine commercial trends in cloud services in subsequent sections. Here we will
mainly cover the top three layers with some success stories of cloud computing. As shown in
Table 4.7, cloud players are divided into three classes: (1) cloud service providers and IT
administrators, (2) soft ware developers or vendors, and (3) end users or business users. These
cloud players vary in their roles under the IaaS, PaaS, and SaaS models. The table entries
distinguish the three cloud models as viewed by different players. From the software vendors’
perspective, application performance on a given cloud platform is most important. From the
providers’ perspective, cloud infrastructure performance is the primary concern. From the end
users’ perspective, the quality of services, including security, is the most important.
 Module-4
1st ANS:-
Common Cloud Security Concerns (in simple words)
1. Data Breaches and Unauthorized Access
o In the cloud, many users share the same resources (called multi-tenant).
o If security is weak, hackers might access your private or sensitive
information.
2. Data Loss
o Your data is stored in big data centers.
o If something bad happens (like a cyberattack, fire, flood, or power
failure), your data could be lost.
3. Insecure Interfaces and APIs
o Cloud services talk to other apps through something called APIs (like
digital connectors).
o If these are not designed securely, hackers can use them to get in.
4. Lack of Visibility and Control
o When you use the cloud, your data is stored in a place you can't fully see
or control.
o You might not know exactly where your data is, or how it's protected.
5. Compliance and Legal Issues
o Companies must follow laws about how data is handled (like privacy
rules).
o Since cloud data can be stored in different countries, it's harder to make
sure all the rules are followed.

3rd ANS:-
What is a Privacy Impact Assessment (PIA) in Cloud?
A PIA is like a safety check for your personal data when you're using the cloud.
It helps organizations find out if there are any privacy risks, and what to do to protect
the data.

Why is PIA important in the Cloud?

When a company stores or moves your data to the cloud (like names, emails, medical
records, etc.), there are risks.
A PIA helps them to:
1. Follow data protection laws (like GDPR, HIPAA).
2. Find risks before something goes wrong.
3. Be clear about how your data is used and protected.
4. Plan how to keep your data safe – like using encryption and passwords.

Steps in the PIA Process (in simple steps):

1. Know Your Data – What data is being collected and used in the cloud?
 2. Find Risks – How could hackers or mistakes expose that data?
3. Check Rules – Are you following the laws that protect data?
4. Add Protection – Use tools like encryption, access control, and monitoring.
5. Keep It Updated – Review and improve your data protection plan regularly.

4th ANS:-
What is DBaaS (Database-as-a-Service)?
It means companies use databases from cloud providers like Amazon RDS, Google
Cloud SQL, or MongoDB Atlas, instead of managing their own database servers.
Benefits: Easy to use, flexible, scalable, and saves money.
But... it also comes with security risks!

Main Security Concerns in Cloud Databases (DBaaS):

1. Data Breaches and Unauthorized Access
o Hackers may try to steal data since cloud databases are available over the
internet.
o Mistakes in settings can make your database publicly visible by accident.
2. Multi-Tenancy Risks
o Many users share the same cloud database platform.
o If separation fails, one user’s data might be seen by another.
3. Insider Threats
o Employees or cloud staff with special access might misuse the database.
4. Misconfigurations and Weak Security
o Using default usernames/passwords, not updating the system, or giving
too many permissions can lead to attacks.
5. Compliance and Legal Rules
o Cloud databases must follow laws like GDPR, HIPAA, PCI-DSS that protect
users' personal data.
o If not followed, companies can face fines or data loss.

To Keep Cloud Databases Safe:

• Use strong passwords and change defaults.
• Turn on encryption to protect data.
• Limit who can access the database.
• Regularly update and patch software.
• Always backup data and plan for disasters (like cyberattacks or system failures).