Distributed Systems And

Cloud Computing
Engr. Njawe Edouard
IT Operation Engineer,CAMTEL
What is a Distributed System?

• Definition: A distributed system is a collection of

independent computers that appears to its users as
a single coherent system.
Characteristics of Distributed Systems
• Multiple Components: Independent entities (nodes)
work together.
• Transparency: The system hides the complexities of its
components.
• Scalability: Can be scaled horizontally by adding more
machines.
• Concurrency: Multiple computations occur
simultaneously.
Advantages of Distributed Systems
• Resource Sharing: Utilizes resources
across different nodes.
• Fault Tolerance: Redundancy helps avoid
system failure.
• Scalability: New nodes can be added
easily.
Examples of Distributed Systems
• Google Search Engine: Queries are
processed across distributed data
centers.
• Blockchain: A decentralized system for
cryptocurrency transactions.
Components of Distributed Systems
Types of Distributed Systems
• Client-Server Model: Clients request
resources, and servers respond.
– Example: A web browser (client)
requesting a webpage from a server.
• Peer-to-Peer (P2P) Model: All nodes are
peers; each can act as both client and server.
– Example: File-sharing applications like
BitTorrent.
Communication in Distributed Systems
• Message Passing: Nodes communicate
via messages.
• Remote Procedure Call (RPC): Allows a
program to request a service from
another program on a different
computer in the network.
– Example: A web application invoking
a service hosted on a remote server.
Coordination and Synchronization
Time Synchronization:
• Ensuring clocks across different systems
are synchronized (e.g., Network Time
Protocol (NTP)).
Example
Mutual Exclusion:
Ensures that no two processes access the
same resource concurrently (e.g., Locks
and Semaphores).
Cloud Computing Fundamentals
What is Cloud Computing?
• Definition: Cloud computing refers to
delivering computing services (servers,
storage, databases, networking, etc.)
over the internet ("the cloud").
Cloud Service Models
• Infrastructure as a Service (IaaS): Provides virtualized
computing resources over the internet.
– Example: Amazon Web Services (AWS), Microsoft
Azure.
• Platform as a Service (PaaS): Provides a platform allowing
customers to develop, run, and manage applications
without worrying about the underlying infrastructure.
– Example: Google App Engine.
• Software as a Service (SaaS): Provides access to software
applications over the internet.
– Example: Google Workspace (Gmail, Docs).
Deployment Models
• Public Cloud: Available to the general public;
infrastructure is owned by the provider.
– Example: Microsoft Azure.
• Private Cloud: Infrastructure is exclusively used by a
single organization.
– Example: An on-premises data center for a bank.
• Hybrid Cloud: Combines both public and private clouds
for flexibility.
– Example: A company using private cloud for sensitive
data and public cloud for non-critical workloads.
Distributed System Architectures
Centralized vs. Decentralized
Architectures
• Centralized Architecture: A single node
controls the system (e.g., client-server
model).
– Example: A traditional web server
handling all client requests.
• Decentralized Architecture: No single node
has complete control (e.g., peer-to-peer).
– Example: Bitcoin's blockchain.
Microservices Architecture
• Definition: An architectural style where
applications are built as a collection of loosely
coupled, independently deployable services.
• Advantages:
– Fault isolation: Failure in one service
doesn't bring down the entire system.
– Scalability: Individual services can scale
independently.
Examples of Distributed Architectures
• Hadoop: A distributed system for
processing large datasets using
MapReduce.
• Kubernetes: An open-source platform
for automating containerized
applications.
Cloud Computing and Distributed Systems
Integration
Distributed Systems in Cloud Computing
• Data Centers: A large-scale, distributed
system where resources are virtualized
and managed in the cloud.
– Example: AWS Elastic Compute Cloud
(EC2) provides scalable compute
power.
Cloud Computing Platforms
• Google Cloud Platform (GCP): Provides
distributed infrastructure for application
deployment.
• Microsoft Azure: A cloud computing
platform offering IaaS, PaaS, and SaaS
services.
Challenges in Cloud Computing
• Data Security: Storing sensitive data in
the cloud requires robust security
measures.
• Latency: Distributed systems may suffer
from high latencies when
communicating between nodes in
different geographical locations.
Fault Tolerance in Distributed Systems
What is Fault Tolerance?
• Definition: The ability of a distributed
system to continue operating correctly
even in the presence of hardware or
software failures.
Techniques for Fault Tolerance
• Replication: Duplication of components to ensure availability.
– Example: A distributed database replicating data across
multiple servers.
• Failover Mechanisms: Automatically switching to a backup
component if the primary fails.
– Example: In cloud platforms like AWS, instances may
failover to another region if one region goes down.
• Consensus Algorithms: Ensure all nodes in a distributed
system agree on a decision.
– Example: Paxos or Raft consensus algorithms used in
distributed databases.
Scalability and Performance in
Distributed Systems
What is Scalability?
• Definition: The ability of a system to
handle increased workload by adding
resources (e.g., nodes).
Types of Scalability
• Horizontal Scaling: Adding more
machines (nodes) to the system.
– Example: Adding more servers to a
web application’s backend.
• Vertical Scaling: Adding more resources
(CPU, memory) to an existing node.
– Example: Increasing the RAM on a
server to handle more traffic.
Load Balancing
• Definition: Distributing workloads
evenly across nodes to ensure no single
node is overwhelmed.
– Example: Round-robin DNS is used to
distribute requests across multiple
servers in a web application.
Performance Bottlenecks
• Network Latency: Time taken for data to
travel between nodes.
• Resource Contention: Multiple
processes competing for limited
resources (CPU, memory).
Emerging Trends in Distributed Systems
and Cloud Computing
Serverless Computing
• Definition: A cloud-computing execution
model where the cloud provider
dynamically manages the allocation of
machine resources.
– Example: AWS Lambda, which
automatically scales based on the
demand for the function.
Summary
• Distributed systems and cloud computing
represent the backbone of modern computing
architectures. Distributed systems offer
flexibility, scalability, and fault tolerance, while
cloud computing leverages these principles to
provide services over the internet. Examples
of applications include online services like
Google Search, blockchain technology, and
cloud platforms like AWS and Microsoft Azure.
Security risks of Cloud Computing | Threats, Issues and
Challenges

• Distributed systems and cloud

computing offer flexibility and scalability,
but they also introduce several security
challenges. Here are some key security
issues associated with these
environments:
Data Security and Privacy
• Data Breaches: Unauthorized access to data is a major
risk in cloud environments, where sensitive information
is often shared or stored across multiple servers.
• Data Leakage: Data leaks can occur if there are
weaknesses in data storage, transfer, or handling
practices.
• Privacy Concerns: The multi-tenancy model in cloud
computing, where multiple users share the same
infrastructure, creates privacy risks, as data isolation
between tenants must be maintained.
Access Control and Identity Management
• Insufficient Identity and Access Management (IAM):
Weak or improperly configured IAM policies can allow
unauthorized access to resources.
• Privilege Escalation: Attackers could exploit system
vulnerabilities to gain higher-level access privileges,
which can lead to unauthorized data manipulation or
extraction.
• Account Hijacking: Phishing, social engineering, or
vulnerabilities in IAM can lead to account compromise,
giving attackers control over cloud services.
Data Integrity and Consistency
• Data Tampering: In distributed systems, data
might be altered or corrupted during transit
or in storage if proper integrity checks and
cryptographic measures are not in place.
• Replication Vulnerabilities: Inconsistencies
between replicas in distributed databases
can lead to synchronization issues, making
data susceptible to tampering and loss.
Network Security
• Man-in-the-Middle Attacks (MITM): Unencrypted data
exchanges between cloud clients and servers are
vulnerable to interception by attackers.
• Distributed Denial-of-Service (DDoS) Attacks: Cloud
services are often public-facing, making them
susceptible to DDoS attacks which can disrupt service
availability and performance.
• Virtual Network Isolation: In cloud environments,
ensuring that virtual networks are isolated is
challenging and, if not managed properly, could expose
sensitive data across networks.
Application Security
• Vulnerable APIs: Cloud and distributed
systems often expose application
programming interfaces (APIs) that may have
security flaws, enabling unauthorized access
or exploitation.
• Multi-Tenancy Risks: Bugs or vulnerabilities in
applications used by multiple tenants could
allow one tenant to access or compromise
another tenant’s data.
Virtualization Risks
• Hypervisor Attacks: In cloud environments,
the hypervisor that enables virtualization can
be a target. Compromising the hypervisor
gives attackers control over multiple virtual
machines (VMs).
• VM Escape: Attackers can exploit
vulnerabilities within a VM to escape into the
host system, potentially compromising other
VMs hosted on the same physical server.
Compliance and Legal Issues
• Regulatory Compliance: Distributed systems
may operate across various geographical
regions, each with its own data privacy laws
and regulations, complicating compliance
management.
• Data Sovereignty: Cloud providers often
store data in multiple locations, which may
violate data residency requirements or other
regulatory obligations.
Lack of Transparency and Control
• Limited Customer Control: In public cloud
environments, customers have limited
visibility and control over security measures,
relying on providers to ensure data security.
• Cloud Provider Vulnerabilities: A security
flaw in the cloud provider's infrastructure
can impact all tenants, making risk
mitigation challenging for users.
Insider Threats
• Malicious Insiders: Cloud providers
often employ numerous personnel with
privileged access to systems and data,
increasing the risk of malicious activity.
• Human Error: Misconfigurations, like
improper access control settings, can
unintentionally
Disaster Recovery and Resilience
• Data Loss: Distributed systems may face
data loss due to system failures, hardware
issues, or natural disasters if robust
backup mechanisms are not in place.
• Business Continuity: Ensuring the
availability of services during outages,
attacks, or disasters requires redundancy
and effective disaster recovery plans.
Shared Responsibility Confusion
• Misunderstanding of Responsibilities: In cloud
environments, security is a shared responsibility
between the cloud provider and the client.
However, ambiguity often exists regarding which
party is responsible for what aspects of security,
leading to potential vulnerabilities.
• Vendor Dependency: Relying on third-party
vendors for key security functions can create gaps
in security coverage, especially if vendors lack
robust security measures.
Container and Microservices Security
• Container Vulnerabilities: Containers can introduce
vulnerabilities, especially if they are built from
outdated or insecure images. An attacker who gains
access to one container might be able to
compromise others on the same host.
• Service-to-Service Communication: In microservices
architectures, the communication between services
must be secured. Unencrypted or improperly
authenticated communication channels can lead to
data interception or service compromise.
Supply Chain Attacks
• Third-Party Dependencies: Cloud systems often
depend on external libraries, plugins, and
services, which may harbor vulnerabilities. A
compromised third-party dependency can impact
all clients using the cloud provider’s services.
• Dependency Vulnerabilities: Attackers can target
widely-used open-source libraries and inject
malicious code, compromising systems that
integrate these libraries.
Insecure Data Transfers
• Data Migration Risks: Moving large volumes
of data to the cloud can expose it to risks if
proper encryption and secure transfer
protocols (like HTTPS and TLS) are not
applied.
• Inter-Cloud Transfers: When data is moved
between clouds (multicloud strategy), the risk
of exposure increases, as different providers
may have different security standards.
Endpoint Security
• Insecure Endpoints: As cloud and distributed
systems rely on multiple endpoints (such as
employee devices), these endpoints can be entry
points for attackers, especially if endpoint security
(antivirus, firewalls) is not robust.
• Remote Access Vulnerabilities: Increased remote
access, especially with cloud systems, can open
up new attack vectors if employees connect over
insecure networks or do not use VPNs.
Configuration and Patch Management
• Misconfigurations: Misconfigured cloud resources
(e.g., open storage buckets, exposed databases)
are common security risks that can expose data
and services to attackers.
• Delayed Patch Management: Many cloud
providers manage patching for certain
infrastructure layers, but clients must ensure
timely updates and patching on their applications.
Unpatched vulnerabilities can be exploited by
attackers.
Insufficient Logging and Monitoring
• Lack of Visibility: Without adequate logging
and monitoring, detecting and responding to
suspicious activities becomes challenging.
• Log Tampering: Attackers may attempt to
delete or alter logs to erase evidence of their
activity. Implementing secure, tamper-
resistant logging mechanisms is essential for
forensic analysis.
Threats from Legacy Systems
• Incompatibility with Security Protocols: Older
systems may lack compatibility with modern
security measures (e.g., encryption or two-
factor authentication), making them easier
targets within a distributed system.
• Insecure Legacy APIs: Legacy APIs may lack
robust security and can serve as entry points
for attackers, particularly when integrated
with more modern cloud environments.
Human Factors and Social Engineering
• Social Engineering Attacks: Phishing and
other social engineering attacks target
employees to obtain access credentials,
making human awareness a critical security
layer.
• Lack of Employee Training: Employees
unaware of security best practices might
inadvertently create security risks, such as
weak passwords or unsecured devices.
Lateral Movement Risks in Cloud and
Distributed Environments
• Lateral Movement by Attackers: Once inside a
cloud or distributed system, attackers can
move laterally across networked systems to
reach sensitive data or systems if proper
segmentation isn’t in place.
• Insufficient Segmentation: Inadequate
segmentation between cloud resources or
within distributed systems can allow attackers
to access multiple systems after breaching one.
Data Residency and Cross-Border Data
Flows
• Data Residency Regulations: Distributed
systems may store data across multiple
regions, which could conflict with data
residency and privacy laws.
• Cross-Border Compliance: Legal
requirements for handling data vary
widely by region, creating compliance
challenges for multinational organizations.
Cloud Migration Security Challenges
• Migration Security Risks: Moving systems to
the cloud often involves temporarily exposing
data to internet-facing connections, which
can be a security risk if not handled properly.
• Incompatibility with Security Tools: Some
traditional security tools may not be
compatible with cloud environments,
requiring organizations to adapt their security
infrastructure.
Resource Exhaustion and Availability
Attacks
• Resource Starvation: Attackers can exhaust
cloud resources, such as compute or storage,
affecting service availability.
• Botnet and Resource Exploitation:
Distributed systems can be targeted by
botnets, leading to resource exhaustion and
high costs, especially in cloud environments
where resource use is charged.
Lack of Unified Security Frameworks Across Multicloud and
Hybrid Environments

• Diverse Security Policies: Multicloud and

hybrid cloud environments often involve
different providers, each with its own security
framework, complicating unified security
management.
• Inconsistent Security Controls: A lack of unified
security controls across multiple environments
can lead to unaddressed vulnerabilities and
inconsistent security postures.
Ransomware and Malware
• Cloud Ransomware Attacks: Ransomware
attacks targeting cloud environments can
encrypt data, making it inaccessible without
paying a ransom.
• Malware in Shared Resources: Malware
introduced by one user in a shared
environment can spread across shared
storage or virtualized resources, affecting
other users.
Mitigation Strategies
• Strong Encryption: Encrypt data at rest and in
transit to protect against unauthorized access.
• Multi-Factor Authentication (MFA): Use MFA
to secure access to cloud resources and
critical systems.
• Regular Audits and Compliance Checks:
Perform regular audits of data handling
practices to maintain compliance and security.
• Comprehensive IAM: Implement role-based
access control, enforce least privilege
principles, and monitor user access
logs.Network Security Measures: Use
firewalls, intrusion detection systems (IDS),
and secure VPNs for data protection.Data
Backups: Regular backups are essential for
disaster recovery, ensuring data can be
restored in case of loss or corruption.
• Cloud Access Security Brokers (CASB): A CASB solution provides
a security layer between users and cloud providers, offering
access controls, data loss prevention, and threat protection.
• Zero-Trust Architecture: Implement a zero-trust security model
to restrict access strictly on a need-to-know basis and regularly
verify user identities.
• Microsegmentation: Use microsegmentation in cloud
environments to isolate workloads and reduce lateral
movement risks.
• Security Automation and AI: Leveraging automated threat
detection and response, often using AI, can help quickly identify
and address threats across cloud environments.