In: Computer Science
When we look at cloud usage the categories can include some of but is not limited to following:
· SaaS: Software as a Service
· PaaS: Platform as a Service
· IaaS: Infrastructure as a Service
· MaaS: Monitoring as a Service
Research cloud computing. Complete a 2-3-page paper with an abstract and conclusion(plus cover sheet and reference page) that:
· Describe at least 3 types of cloud computing service categories
· What are the architecture considerations?
· Give details of the function of the service with an example
· What are the advantages and disadvantages of the service?
· What are the security risk and protection considerations?
· Do you see any impact on availability and performance?
Specific questions or items to address:
· Describe at least 3 types of cloud computing service categories
· What are the architecture considerations?
· Give details of the function of the service with an example
· What are the advantages and disadvantages of the service?
· What are the security risk and protection considerations?
· Do you see any impact on availability and performance?
Abstract :
The term “cloud computing” is a recent buzzword in the IT world.
Behind this fancy poetic phrase there lies a true picture of the
future of computing for both from a technical perspective and a
social perspective.
According to the IEEE Computer Society Cloud Computing is:
"A paradigm in which information is permanently stored in servers
on the Internet and cached temporarily on clients that include
desktops, Entertainment centers, table computers, notebooks, wall
computers, handhelds, etc."
Cloud computing is aimed at providing IT as a service to the cloud
users on-demand basis with greater flexibility, availability,
reliability, and scalability with the utility computing
model.people can access the information that they need from any
device with an Internet connection—including mobile and handheld
phones—rather than being chained to the desktop. It also means
lower costs, since there is no need to install software or
hardware. Today, almost any business or major activity uses, or
relies in some form, on IT and IT services. These services need to
be enabling and appliance-like, and there must be an economy of-
scale for the total-cost-of-ownership to be better than it would be
without cyberinfrastructure.
Cloud Architecture:
Cloud architecture the systems architecture of the software systems
involved in the delivery of cloud computing comprises hardware and
software designed by a cloud architect who typically works for a
cloud integrator. It typically involves multiple cloud components
communicating with each other over application programming
interfaces, usually web services. This closely resembles the Unix
philosophy of having multiple programs doing one thing well and
working together over universal interfaces. Complexity is
controlled and the resulting systems are more manageable than their
monolithic counterparts. Cloud architecture extends to the client,
where web browsers and/or software applications access cloud
applications. Cloud storage architecture is loosely coupled, where
metadata operations are centralized enabling the data nodes to
scale into the hundreds, each independently delivering data to
applications or users.
Cloud –Types :
1) Public Cloud:
Public cloud or external cloud describes cloud computing in the
traditional mainstream. Public clouds are run by third parties, and
applications from different customers are likely to be mixed
together on the cloud’s servers, storage systems, and networks. A
public cloud provides services to multiple customers.
2) Private Cloud:
Private clouds are built for the exclusive use of one client,
providing the utmost control over data, security, and quality of
service. The company owns the infrastructure and has control over
how applications are deployed on it. Private clouds can be built
and managed by a company’s own IT organization or by a cloud
provider.
3) Hybrid Cloud:
Hybrid clouds combine both public and private cloud models. This is
most often seen with the use of storage clouds to support Web 2.0
applications.
Cloud computing products and services can be classified into 3 major categories:
They are
1. Platform as a Service (PaaS) :
Cloud vendors are companies that offer cloud computing services and
products. One of the services that they provide is called PaaS.
Under this, a computing platform such as the operating system is
provided to a customer or end-user on a monthly rental basis. Some
of the major cloud computing vendors are Amazon, Microsoft, Google
etc. Popular examples of PaaS include AWS Elastic Beanstalk,
Windows Azure, Heroku, Force.com, Google App Engine, and
OpenShift.
Advantages:
there are many great advantages to a PaaS. Here are some of
them.
a)One clear advantage to using PaaS is that you only pay for what
you need via cloud computing, you are saving money that can be used
for other business operations. You will not have to maintain,
upgrade, or replace systems and software, and will get the best of
the best when it comes to updating technology for your business to
use. Freeing up this time and money allows your company to focus on
development and operations, promoting visionary thinking and
business growth from within.
b)With a PaaS, you can test and implement new applications you have
developed quickly. Faster deployment means better business success.
Your development teams can try various configurations of an app,
test it in different environments and perfect it far faster than is
possible in a traditional, on-site manner.
c)As with most cloud services, PaaS offers dynamic scaling. When
you need a more robust infrastructure, your provider will make it
happen, scaling back when the demand is low. You will only pay for
what you use, so you can save money overall, while ensuring that
your clients and customers do not have to deal with slow, lagging
connections owing to a lack of network capabilities.
Disadvantages:
a)With a PaaS, data security needs to be considered and
scrutinized, as information is stored off-site. With the right
measures and data practices in place to keep confidential
information out of the cloud, you can ensure that the system is
private enough for your uses. This can sometimes be a hard sell,
however, to executives and other staff outside of the IT
department.
b)Not every part of your company’s existing infrastructure may be
built for the cloud. If some elements cannot be cloud-enabled
successfully, you might have to switch various apps and programs to
integrate fully. Or you may need to leave some of these things out
of the cloud and within your existing infrastructure.
c)Finally, a less than ideal PaaS provider could leave your company
feeling frustrated. You need good levels of speed, reliability, and
support to make PaaS worthwhile.
2. Infrastructure as a service (IaaS) : Cloud computing vendors offer infrastructure as a service. One may avail hardware services such as processors, memory, networks etc on the agreed basis for specific duration and price. Popular examples of IaaS include DigitalOcean, Linode, Rackspace, Amazon Web Services (AWS), Cisco Metacloud, Microsoft Azure, and Google Compute Engine (GCE).
Advantages:
a)Less responsibility is on you and your team because both data
center infrastructure and environment are handled for you.
b)You get a team of experts to manage your infrastructure for you,
increasing your manpower and ensuring the success of your
solution.
c)You don’t have to pay the initial start-up costs of purchasing
and building infrastructure.
d)You gain increased cost-efficiency and flexibility because you
only pay for what you need when you need it.
Disadvantages:
a)If you already have a large team of experts on hand or have
already invested in a lot of your own infrastructure, IaaS may not
be as beneficial for you.
b)You don’t have fine-tuned control over the data center or any
infrastructure within it, which means relinquishing some
control.
c)Some very large businesses will save money down the line by
investing in ownership of their infrastructure rather than renting
it.
3. Software as a Service (SaaS) : Software packages such as CRM or CAD/CAM can be accessed under a cloud computing scheme. Here a customer upon registration is allowed to use software accessible through the net and use it for his or her business process. The related data and work may be stored on local machines or with the service providers. SaaS services may be available on a rental basis or on per-user basis. These are several popular examples of SaaS, including Google GSuite (Apps), Dropbox, Salesforce, Cisco WebEx, SAP Concur, and GoToMeeting.
Advantages:
a)Cost is reduced for customer due to savings on human capital,
physical space, electricity, and support when SaaS is provided
through a multi-tenant distribution model.
b)Maintenance is easier because applications do not need to be
installed on each user’s computer and the vendor can deploy patches
and updates throughout the environment at a faster rate.
c)Access is faster because there is no installation or
implementation process so getting up and running can be quick. The
software is essentially already installed and running.
d)Device and location independence has improved because users can
access systems using a web browser regardless of their location or
device.
Disadvantages:
a)Security will be time-intensive because each customer needs to
take steps to ensure that the vendor has the appropriate controls
and systems in place for the various types of data.
b)Contractual obligations differs for each customer and product
based on the present obligations. For example, confidentiality may
be an issue because third-party contracts may prevent customers
from sharing certain data with a vendor.
c)Data localization will be complicated because depending on the
type of data and country where the data is located standards can
restrict transfer, govern the storage, or expand customer
rights.
d)Control of data needs to be significant and should be addressed
in the contract to ensure protocols are in place for breach notice,
deletion of data, and data accuracy.
The Following can be understood by the below picture(Pizza
Making):
security risks :
a)Data Leaks: Data in the cloud is exposed to the same threats
as traditional infrastructures. Due to a large amount of data,
platforms of cloud providers become an attractive target for
attackers. Data leaks can lead to a chain of unfortunate events for
IT companies and infrastructure as a service (IaaS)
providers.
b)Compromising Accounts and Authentication Bypass: Data leaks often
result from insufficient attention to authentication verification.
More often than not, weak passwords in conjunction with poor
management of encryption keys and certificates are to blame. In
addition, IT organizations are faced with problems of managing
rights and permissions when users are assigned with much greater
powers than they actually need. The problem can also occur when a
user takes another position or leaves the company: no one is in a
rush to update permissions under the new user roles. As a result,
the account has rights to more features than necessary.
c)Interface and API Hacking: Today, it is impossible to imagine
cloud services and applications without friendly user interfaces
(UIs) and application program interfaces (APIs). The security and
availability of cloud services depend on reliable mechanisms of
data access control and encryption. Weak interfaces become
bottlenecks in matters of availability, confidentiality, integrity,
and security of systems and data.
d)Cyberattacks: Targeted cyberattacks are common in our times. An
experienced attacker, who has secured his presence in a target
infrastructure, is not so easy to detect. Remote network attacks
may have a significant impact on the availability of infrastructure
in general. Despite the fact that denial-of-service (DoS) attacks
have a long history, the development of cloud computing has made
them more common. DoS attacks can cause business-critical services
to slow down or even stop. DoS attacks consume a large amount of
computing power that comes with a hefty bill. Despite the fact that
the principles of DoS attacks are simple at first glance, you need
to understand their characteristics at the application level: the
focus on the vulnerability of web servers, databases and
applications.
e)Permanent Data Loss: Data loss due to malicious acts or accidents
at the provider’s end is no less critical than a leak. Daily
backups and their storage on external protected alternative
platforms are particularly important for cloud environments. In
addition, if you are using encryption before moving data to the
cloud, it is necessary to take care of secure storage for
encryption keys. As soon as keys fall into the wrong hands, data
itself becomes available to attackers, the loss of which can wreak
havoc on any organization.
Protection Methodology:
In order to reduce risks associated with information security, it
is necessary to determine and identify the levels of infrastructure
that require attention and protection. For example, the computing
level (hypervisors), the data storage level, the network level, the
UI and API level, and so on.
Next, you need to define protection methods at each level,
distinguish the perimeter and cloud infrastructure security zones,
and select monitoring and audit tools.
Enterprises should develop an information security strategy that
includes the following, at the very least:
a)Regular software update scheduling
b)Patching procedures
c)Monitoring and audit requirements
d)Regular testing and vulnerability analysis
Impact on availability and performance:
These services are widely available and we need basic internet a
web browser to access and build a Cloud infrastructure. We do have
security concerns but a huge heavy lifting has been done by the
organizations that performance is no more an issue now.
IaaS vs PaaS vs SaaS: Which Cloud Service Is Suitable for
You?
It’s time to pick which cloud-based service you need. In fact, the
choice totally depends on your business goals, so, first of all,
consider what your company needs. Here are some common business
needs that can easily be met with the appropriate cloud
service:
If your business needs out-of-the-box software (CRM, email,
collaboration tools, etc.), choose Software as a Service.
If your company requires a platform for building software products,
pick Platform as a Service.
If your business needs a virtual machine, opt for Infrastructure as
a Service.