Introduction

To
Cloud
Computing
 What is Cloud Computing?
• Cloud computing is a model for enabling convenient, on-
demand network access to a shared pool of configurable
computing resources (e.g., networks, servers, storage,
applications, and services)
• It can be rapidly provisioned and released with minimal
management effort.
• It provides high level abstraction of computation and storage
model.
• It has some essential characteristics, service models, and
deployment models.
What is Cloud Computing?
• On-Demand Self Service:
• A consumer can unilaterally provision computing capabilities,
automatically without requiring human interaction with each
service’s provider.
• Heterogeneous Access:
• Capabilities are available over the network and accessed
through standard mechanisms that promote use by
heterogeneous small or large client platforms.
What is Cloud Computing?
• Resource Pooling:
• The provider’s computing resources are pooled to serve
multiple consumers using a multi-tenant model.
• Different physical and virtual resources dynamically assigned
and reassigned according to consumer demand.
• Measured Service:
• Cloud systems automatically control and optimize resources
used by leveraging a metering capability at some level of
abstraction appropriate to the type of service.
• It will provide analyzable and predictable computing platform.
 History & Evolution
Cloud computing is all about renting
computing services. This idea first came in the 1950s.
In making cloud computing what it is today, five
technologies played a vital role.

These are distributed systems and its

peripherals, virtualization, web 2.0, service
orientation, and utility computing.
What is Cloud Computing?
 History & Evolution
Distributed Systems:
It is a composition of multiple independent systems but all
of them are depicted as a single entity to the users. The purpose of
distributed systems is to share resources and also use them effectively
and efficiently. Distributed systems possess characteristics such as
scalability, concurrency, continuous availability, heterogeneity, and
independence in failures. But the main problem with this system was
that all the systems were required to be present at the same
geographical location.
 History & Evolution
Mainframe computing:
Mainframes which first came into existence in 1951 are
highly powerful and reliable computing machines. These are
responsible for handling large data such as massive input-output
operations. Even today these are used for bulk processing tasks such as
online transactions etc.
These systems have almost no downtime with high fault
tolerance. After distributed computing, these increased the processing
capabilities of the system. But these were very expensive. To reduce
this cost, cluster computing came as an alternative to mainframe
technology.
 History & Evolution
Cluster computing:
In 1980s, cluster computing came as an alternative to
mainframe computing. Each machine in the cluster was
connected to each other by a network with high bandwidth.
These were way cheaper than those mainframe systems. These
were equally capable of high computations.
Also, new nodes could easily be added to the cluster
if it was required. Thus, the problem of the cost was solved to
some extent but the problem related to geographical
restrictions still pertained. To solve this, the concept of grid
computing was introduced.
 History & Evolution
Grid computing:
In 1990s, the concept of grid computing was introduced. It
means that different systems were placed at entirely different
geographical locations and these all were connected via the internet.
These systems belonged to different organizations and thus the grid
consisted of heterogeneous nodes. Although it solved some problems
but new problems emerged as the distance between the nodes
increased.
Virtualization:
It was introduced nearly 40 years back. It refers to the
process of creating a virtual layer over the hardware which allows the
user to run multiple instances simultaneously on the hardware. It is a
 History & Evolution
Web 2.0:
It is the interface through which the cloud computing
services interact with the clients. It is because of Web 2.0 that we have
interactive and dynamic web pages. It also increases flexibility among
web pages.

Popular examples of web 2.0 include Google Maps,

Facebook, Twitter, etc. Needless to say, social media is possible because
of this technology only. In gained major popularity in 2004.
 History & Evolution
Service orientation:
It acts as a reference model for cloud computing. It
supports low-cost, flexible, and evolvable applications. Two
important concepts were introduced in this computing model.

These were Quality of Service (QoS) which also

includes the SLA (Service Level Agreement) and Software as a
Service (SaaS).
 History & Evolution
Utility computing:
It is a computing model that defines service provisioning
techniques for services such as compute services along with
other major services such as storage, infrastructure, etc which
are provisioned on a pay-per-use basis.
 Merits of Cloud Computing
Cloud computing is a term referred to storing and accessing data over
the internet. It doesn’t store any data on the hard disk of your personal
computer. In cloud computing, you can access data from a remote
server.

Here, we will learn what are the

benefits of Cloud Computing in
your organization:
 Merits of Cloud Computing
Cost Savings:
Cost saving is one of the biggest Cloud Computing benefits. It helps you to
save substantial capital cost as it does not need any physical hardware investments.
Also, you do not need trained personnel to maintain the hardware. The buying and
managing of equipment is done by the cloud service provider.

Strategic Edge:
Cloud computing offers a competitive edge over your competitors. It is
one of the best advantages of Cloud services that helps you to access the latest
applications any time without spending your time and money on installations.

High Speed:
Cloud computing allows you to deploy your service quickly in fewer clicks.
This faster deployment allows you to get the resources required for your system within
fewer minutes.
 Merits of Cloud Computing
Back-up and restore data:
Once the data is stored in a Cloud, it is easier to get the back-up and
recovery of that, which is otherwise very time taking process on-premise.
Automatic Software Integration:
In the cloud, software integration is something that occurs
automatically. Therefore, you don’t need to take additional efforts to customize and
integrate your applications as per your preferences.
Reliability:
Reliability is one of the biggest benefits of Cloud hosting. You can always
get instantly updated about the changes.
Mobility:
Employees who are working on the premises or at the remote locations
can easily access all the could services. All they need is an Internet connectivity.
 Merits of Cloud Computing
Unlimited storage capacity:
The cloud offers almost limitless storage capacity. At any time you can
quickly expand your storage capacity with very nominal monthly fees.

Collaboration:
The cloud computing platform helps employees who are located in
different geographies to collaborate in a highly convenient and secure manner.

Quick Deployment:
Last but not least, cloud computing gives you the advantage of rapid
deployment. So, when you decide to use the cloud, your entire system can be fully
functional in very few minutes. Although, the amount of time taken depends on what
kind of technologies are used in your business.
Obstacles for Cloud Computing?
Performance Can Vary:
When you are working in a cloud environment, your application is
running on the server which simultaneously provides resources to other
businesses. Any greedy behavior or DOS attack on your tenant could affect the
performance of your shared resource.
Technical Issues:
Cloud technology is always prone to an outage and other
technical issues. Even, the best cloud service provider companies may face this
type of trouble despite maintaining high standards of maintenance.
Downtime:
Downtime should also be considered while working with cloud
computing. That’s because your cloud provider may face power loss, low
internet connectivity, service maintenance, etc.
Obstacles for Cloud Computing?
Security Threat in the Cloud:
Another drawback while working with cloud computing services is
security risk. Before adopting cloud technology, you should be well aware of the
fact that you will be sharing all your company’s sensitive information to a third-
party cloud computing service provider. Hackers might access this information.
Internet Connectivity:
Good Internet connectivity is a must in cloud computing. You can’t
access cloud without an internet connection. Moreover, you don’t have any
other way to gather data from the cloud.
Lower Bandwidth:
Many cloud storage service providers limit bandwidth usage of
their users. So, in case if your organization surpasses the given allowance, the
additional charges could be significantly costly
 CLOUD COMPUTING
RISK/VULNERABILITIES
At a high level, cloud environments face the same
dangers as traditional data centers; the threat situation is similar.
Cloud computing runs software, and adversaries attempt to exploit
any vulnerabilities.

In cloud computing, however, unlike in a data center

where IT systems are concerned, the CSP and the cloud customer
share responsibility for assuring that any security vulnerabilities
resulting from these software flaws are addressed.
 CLOUD COMPUTING
MISCONFIGURED CLOUD STORAGE:
RISK/VULNERABILITIES
Cybercriminals exploit cloud storage for various purposes,
including generating fraudulent revenue. Despite the potentially enormous
consequences, businesses continue to make the error of cloud storage
misconfiguration, which has cost many firms millions. It is one of the most
common cloud computing vulnerabilities.
DATA BREACHES:
Data breaches are costly, and millions of dollars can be lost each
time. According to Verizon’s 2019 Data Breach Investigations Report, 43
percent of victims were small businesses. Data breaches disproportionately
impact small businesses for various reasons, one of which is that they do not
have the same level of security as multinational corporations. They are
appealing targets, and when their data is stolen, they tend to suffer the most
damage. It is one of the most dangerous cloud computing vulnerabilities.
 CLOUD COMPUTING
RISK/VULNERABILITIES
UNAUTHORIZED ACCESS:
Unlike an organization’s on-premises infrastructure, cloud-based
installations are accessible from the public Internet and outside the network
perimeter. While this infrastructure is beneficial to employees and consumers
in terms of accessibility, it also makes it simpler for attackers to gain
unauthorized access to an organization’s cloud-based resources.
INSECURE APIS:
APIs allow unrelated software products to communicate and
interoperate without knowing one other’s internal workings. APIs are often
required, and they frequently grant access to critical business data. Many APIs
are made public for businesses to expedite their technology adoption by
allowing outside developers and business partners to use the organization’s
services and information.
 CLOUD COMPUTING
RISK/VULNERABILITIES
ACCOUNT HIJACKING:
Account hijacking, also known as session riding, occurs when users’ account
credentials are stolen from their computer or device.

• Phishing: To gain access to their information or capture their session ID, hackers may
direct customers to an insecure website where they can steal their data or hijack their
session.
• Keyloggers: A software program that keeps track of user activity, including usernames
and passwords, and transmits the data to hackers.
• Buffer overflow attacks: Overwriting data in memory with bad content designed to
provide the unauthorized attacker entry.
• Cross-Site Scripting (XSS) attacks: An attack in which the attacker uses a web browser to
deliver harmful scripts to obtain access to unsecured accounts.
• Brute force attacks: When attackers guess passwords — usually with software — they
compromise accounts.
 CLOUD COMPUTING
RISK/VULNERABILITIES
MALICIOUS INSIDERS:
Even if you prevent yourself from the other types of
cloud security threats, malicious insiders, such as present and
previous employees, can still harm your organization. It is one
of the most common cloud computing vulnerabilities.

• Employees
• Contractors
• Business partners
 CLOUD COMPUTING
RISK/VULNERABILITIES
CYBERATTACKS:
Cybercrime is a business, and cybercriminals target their victims
based on their expected return on investment. Publicly accessible cloud-based
facilities are frequently inadequately secured, and they contain a lot of sensitive
and valuable data. Furthermore, because many different firms utilize the cloud,
successful assaults have a good chance of being repeated many times with
considerable accuracy. As a consequence, corporate cloud expansions are
frequent targets of cyberattacks. It is one of the most common cloud computing
vulnerabilities.

EXTERNAL SHARING OF DATA:

The cloud is meant to make data sharing as simple as possible.
Many clouds allow you to explicitly invite a collaborator via email or share a link
that leads to the shared resource and allows anyone with the URL access.
 CLOUD COMPUTING
DENIAL OFRISK/VULNERABILITIES
SERVICE ATTACKS
Many organizations find that the cloud is critical to their
ability to conduct business. They utilize the cloud to keep vital
corporate data and run important internal and customer-facing
applications.

STORED DATA IS LOST:

Because of the nature of cloud computing, data may be
destroyed for various reasons. Customer data can be lost if it is
accidentally deleted by the cloud service provider or a physical
catastrophe, such as a fire or an earthquake.
 Cloud migration
Cloud migration is the process of moving a company’s
digital assets, services, databases, IT resources, and applications either
partially, or wholly, into the cloud. Cloud migration is also about moving
from one cloud to another.

For companies that undertake the process of cloud

migration, the cloud can have a massive impact. This includes a
reduction in the total cost of ownership (TCO), faster time to delivery,
and enhanced opportunities for innovation. With access to the cloud
comes agility and flexibility, both of which are imperative to meet
changing consumer and market demands.
Benefits of migrating to the cloud include:
• Increased agility and flexibility
• Ability to innovate faster
• Easing of increasing resource demands
• Better managing of increased customer expectations
• Reduction in costs
• Deliver immediate business results
• Simplify IT
• Shift to everything as-a-service
• Better consumption management
• Cloud scalability
• Improved performance
 Cloud Service Provider
“Cloud service provider” is probably
one of the most visible concepts when related to “cloud computing”. In
all possibilities we would all have encountered this word, without
actually knowing its meaning and significance.
A “cloud service provider” or CSP is an
organization which hosts all the services such as networking, software,
servers, infrastructure and more. In addition they also employ and
manage the staff, and provide security for the services they provide. This
relieves the client organizations of their individual responsibility of
setting their infrastructure and managing them. Some of the popular
examples of cloud service providers are ‘Amazon Web services’,
Microsoft Azure, Salesforce, Google Cloud platform and more.
The five roles, as defined in the reference model, are:
1. Cloud Consumer is a person or organization that maintains a business
relationship with, and uses service from, cloud providers.
2. Cloud Provider is a person, organization, or entity responsible for making a
service available to interested parties. It’s responsible for selling, onboarding,
configuring and supporting cloud services for its consumers.
3. Cloud Auditor is a party that can conduct independent assessment of cloud
services, information system operations, performance, and security of the
cloud implementation.
4. Cloud Broker is any entity that manages the use, performance, and delivery
of cloud services, and negotiates relationships between Cloud Providers and
Cloud Consumers.
5. Cloud Carrier is an intermediary that provides connectivity and transport of
cloud services from Cloud Providers to Cloud Consumers.
 The Shared Responsibility In The Cloud
Data classification and accountability: the
responsibility for manage, classify, or meet any compliance obligation is always
on the customer side. The cloud provider offers you a set of tools to help you
on that task, like data encryption, data loss prevention, auditing, and so.

Client protection: refers to the devices (both mobile

or PC) used by end-users to access the cloud. This is also a complete
responsibility of the customer.

Identity and access management: this is an important

point for any organization since it provides the capability to access cloud
resources. The identity refers to who (specific user) is accessing your cloud and
access controls what specific services this user can use.
 Application controls: using managed applications is a way to
reduce the responsibility for managing the application layer like patch
management, anti-malware, or configuration of the underlying platform.
Network controls: includes the configuration, management, and
securing of the network layer such as DNS, gateways, load balancing, or virtual
networking. In both IaaS and PaaS, this point is shared between the customer and
the service provider but with differences.
Host infrastructure: includes the configuration, management,
and securing of the compute, such as containers or virtual hosts, storage and
platform services. In IaaS, this is a shared responsibility.
Physical security: as not occur on the on-premise approach, the
service provider is always responsible (on all 3 models) for physical security like
maintaining and securing the building, the server rooms, the server power, and
cooling, or replacing replacement of defective or old components, like hard-drives
or processors.
 Service Level Agreement (SLA)
A Service Level Agreement (SLA) is
the bond for performance negotiated between the cloud services
provider and the client. Earlier, in cloud computing all Service Level
Agreements were negotiated between a client and the service
consumer. Nowadays, with the initiation of large utility-like cloud
computing providers, most Service Level Agreements are standardized
until a client becomes a large consumer of cloud services. Service level
agreements are also defined at different levels which are mentioned
below:
 Customer-based SLA
 Service-based SLA
 Multilevel SLA
 Few Service Level Agreements are enforceable as
contracts, but mostly are agreements or contracts which are more along
the lines of an Operating Level Agreement (OLA) and may not have the
restriction of law. It is fine to have an attorney review the documents
before making a major agreement to the cloud service provider. Service
Level Agreements usually specify some parameters which are mentioned
below:
 Availability of the Service (uptime)
 Latency or the response time
 Service components reliability
 Each party accountability
 Warranties
 In any case, if a cloud service provider fails to meet the stated
targets of minimums, then the provider has to pay the penalty to the cloud
service consumer as per the agreement. So, Service Level Agreements are like
insurance policies in which the corporation has to pay as per the agreements if
any casualty occurs.

Service Level Agreements are based on the usage model.

Frequently, cloud providers charge their pay-as-per-use resources at a premium
and deploy standards Service Level Agreements only for that purpose. Clients
can also subscribe at different levels that guarantees access to a particular
amount of purchased resources. The Service Level Agreements (SLAs) attached
to a subscription many times offer various terms and conditions. If client
requires access to a particular level of resources, then the client need to
subscribe to a service. A usage model may not deliver that level of access under
peak load condition.