Cloud Computing Mis

8/8/2019 Cloud Computing Mis

http://slidepdf.com/reader/full/cloud-computing-mis 1/62

CLOUD COMPUTING

´When it·s smarter to rent than

to buyµ

1



HISTORY OF CLOUD COMPUTING

1960 - John McCarthy

came into commercial use around the turn of the 21st

century

2007 saw increased activity, including Google, IBM It was a hot topic by mid-2008 and numerous cloud

computing events had been scheduled.

2



INTRODUCTION

With traditional desktop computing, we run copies of

software programs on our own computer. The

documents we create are stored on our own pc.

Although documents can be accessed from other

computers on the network, they can·t be accessed bycomputers outside the network. This is PC-centric.

With cloud computing, the software programs one use

aren·t run from one·s personal computer, but are rather

stored on servers accessed via the Internet.

3



If a computer crashes, the software is still available for

others to use. Same goes for the documents one create;

they·re stored on a collection of servers accessed via

the Internet.

Anyone with permission can not only access the

documents, but can also edit and collaborate on those

documents in real time. Unlike traditional computing, this cloud computing

model isn·t PC-centric, it·s document-centric.

4



W HAT IS CLOUD COMPUTING?

5



CLOUDCOMPUTING:

Cloud computing is Internet- ("CLOUD-") based

development and use of computer technology

("COMPUTING").

Cloud computing is a general term for anything that

involves delivering hosted services over theInternet.

It is used to describe both a platform and type of

application.

Cloud computing also describes applications that

are extended to be accessible through the Internet. These cloud applications use large data centers and

powerful servers that host Web applications and

Web services.



User of the cloud only care about the service or information they are

accessing - be it from their PCs, mobile devices, or anything else connected

to the Internet - not about the underlying details

of how the cloud works.´



K E Y PROPERTIES OF CLOUD COMPUTING

Cloud Computing Is User Centric:

Once a user is connected to the cloud, whatever isstored there³documents, messages, images,applications, whatever³becomes authorized to the user

access them.

Cloud Computing Is Powerful:

Connecting hundreds or thousands of computerstogether in a cloud creates a wealth of computing power

impossible with a single desktop PC.

Cloud Computing Is Accessible:

Because data is stored in the cloud, users can instantlyretrieve more information from multiple repositories.

8



K E Y PROPERTIES OF CLOUD COMPUTING

Cloud Computing Is Intelligent:

With all the various data stored on the computers in a

cloud, data mining and analysis are necessary to access

that information in an intelligent manner.

Cloud Computing Is Programmable:

Many of the tasks necessary with cloud computing must

be automated. For example, to protect the integrity of

the data, information stored on a single computer in thecloud must be replicated on other computers in the

cloud. If that one computer goes offline, the cloud·s

programming automatically redistributes that

computer·s data to a new computer in the cloud.9



Driving Cloud ComputingThe CLOUD COMPUTING is driving in two types:

y Customer perspective

y Vendor perspective



Customer Perspective1. In one word: economics.

2. Faster, simpler, cheaper to use cloud

computation.3. No upfront capital required for servers and

storage.

4. No operational expenses for running data-center.

5. Application can be run from anywhere.



Vendor perspective1. Easier for application vendors to reach new

customers.

2. Lowest cost way of delivering and supportingapplications.

3. Ability to use commodity server and storage

hardware.

4. Ability to drive down data-center operationalcots.



Types of Services



These services are broadly categorized into three divisions.

1. Infrastructure-as-a-service (IAAS)2. Platform-as-a-service (PAAS)

3. Software-as-a-service (SAAS)



INFRASTRUCTURE- AS- A -SERVICE (I AA S)

Infrastructure-as-a-Service(IaaS) like Amazon

Web Services provides virtual

servers with unique IP addresses and blocks of

storage on demand. Customers benefit from an API from which they

can control their servers.

Because customers can pay for exactly the

amount of service they use, like for electricity or

water, this service is also called utility

computing.



PLATFORM- AS- A -SERVICE (P AA S)

Infrastructure-as-a-Service(IaaS) like Amazon Web

Services provides virtual servers with unique IP

addresses and blocks of storage on demand. Customers benefit from an API from which they can

control their servers.

This is because customers can pay for exactly the

amount of service they use like for electricity or water,this service is also called utility computing.



SOFTWARE- AS- A -SERVICE (S AA S)

Software-as-a-Service (SaaS) is the broadest market.

In this case the provider allows the customer only to use its

applications.

The software interacts with the user through a userinterface.

These applications can be anything from web based email,

to applications like Twitter or Last.fm.



Why Cloud Computing?

Business needs are straining IT

Business dependency on IT continues to grow Business and IT are becoming one

As business dependency grows, so do the IT

resources necessary to run the business Many organizations have built massive, overly

complex, underutilized, rigid IT infrastructure

Why we are seeing some IT initiatives

Data center consolidation, application rationalization,virtualization

These efforts aren·t enough to stem the tide; revealing

some harsh realities«

5



Why Cloud Computing?

IT is too expensive, rigid, and complex Owning and operating IT is an expensive,

and time consuming proposition Many data centers are out of power/ space

Complex infrastructures decrease the

ability to respond to business needs Install new applications, provision additional

capacity, and secure their environment

Limits business agility and growth Business units are forced to go outside their IT

organizations to meet their needs

IT organizations have more work thanpersonnel can reasonably manage

Many data centers house extraneous, infrastructurethat has nothing to do with the organization·s corebusiness

6



Enterprise

IT

IT Services

IT is completely ´ownedand operatedµ by theEnterprise·s IT

organization

Cloud Computing: Transforming IT

Strategic and

non-strategic



IT

Enterprise

SaaS

CloudComputing

PaaS

SIaaS

HIaaS

Post-Modern or

Hybrid IT

Strategic ITServices Non-StrategicIT Services

Cloud Computing: Transforming IT



HOW DOES CLOUD COMPUTING

WORK?

23



UNDERSTANDING CLOUD A RCHITECTURE:

Individual users connect to the cloud from their own personalcomputers or portable devices, over the Internet. To theseindividual users, the cloud is seen as a single application, device, ordocument. The hardware in the cloud (and the operating systemthat manages the hardware connections) is invisible.

24



UNDERSTANDING CLOUD STORAGE

One of the primary uses of cloud computing is fordata storage.

With cloud storage, data is stored on multiplethird-party servers, rather than on the dedicated

servers used in traditional networked datastorage.

When storing data, the user sees a virtualserver³that is, it appears as if the data is storedin a particular place.

But that place doesn·t exist in reality.

In reality, the user·s data could be stored on anyone or more of the computers used to create thecloud. 26



UNDERSTANDING CLOUD SERVICES

Any web-based application or service offered via cloud

computing is called a cloud service.

Cloud services can include anything from calendar

and contact applications to word processing and

presentations.

With a cloud service, the application itself is hosted in

the cloud. An individual user runs the application

over the Internet, typically within a web browser.

The browser accesses the cloud service and aninstance of the application is opened within the

browser window.

Once launched, the web-based application operates

and behaves like a standard desktop application.27



UNDERSTANDING CLOUD

COMPUTING

28



5 ESSENTIAL CLOUD

CHARACTERISTICS On-demand self-service

Broad network access

Resource pooling

y Location independence Rapid elasticity

Measured service

30



3 CLOUD SERVICE MODELS

Cloud Software as a Service (SaaS)y Use provider·s applications over a network

Cloud Platform as a Service (PaaS)y Deploy customer-created applications to a cloud

Cloud Infrastructure as a Service (IaaS)y Rent processing, storage, network capacity, and other

fundamental computing resources

To be considered ´cloudµ they must be deployedon top of cloud infrastructure that has the keycharacteristics

31



SERVICE MODEL A RCHITECTURES

32



4 CLOUD DEPLOYMENT MODELS

Private cloud

y enterprise owned or leased

Community cloud

y

shared infrastructure for specific community Public cloud

y Sold to the public, mega-scale infrastructure

Hybrid cloudy composition of two or more clouds

33



COMMON CLOUD CHARACTERISTICS

Cloud computing often leverages:

y Massive scale

y Homogeneity

y Virtualization

y Resilient computing

y Low cost software

y Geographic distribution

y Service orientation

y Advanced security technologies

34



35

CLOUD COMPUTING

SECURITY



SECURITY IS THE M AJOR ISSUE

36



A NALYZING CLOUD SECURITY

Some key issues:

y trust, multi-tenancy, encryption, compliance

Clouds are massively complex systems can be

reduced to simple primitives that arereplicated thousands of times and common

functional units

Cloud security is a tractable problem

y There are both advantages and challenges

37

Former Intel CEO, Andy Grove: ³only the paranoid survive´



GENERAL SECURITY

A DVANTAGES

Shifting public data to a external cloud reduces

the exposure of the internal sensitive data

Cloud homogeneity makes security

auditing/testing simpler Clouds enable automated security management

Redundancy / Disaster Recovery

38



GENERAL SECURITY

CHALLENGES

Trusting vendor·s security model

Customer inability to respond to audit findings

Obtaining support for investigations

Indirect administrator accountability Proprietary implementations can·t be examined

Loss of physical control

39



SECURITY RELE VANT CLOUD

COMPONENTS

Cloud Provisioning Services

Cloud Data Storage Services

Cloud Processing Infrastructure

Cloud Support Services Cloud Network and Perimeter Security

Elastic Elements: Storage, Processing, and

Virtual Networks

40



PROVISIONING SERVICE

Advantages

y Rapid reconstitution of services

y Enables availability

Provision in multiple data centers / multiple instances

y Advanced honey net capabilities

Challenges

y Impact of compromising the provisioning service

41



D ATA STORAGE SERVICES

Advantagesy Data fragmentation and dispersal

y Automated replication

y Provision of data zones (e.g., by country)

y Encryption at rest and in transity Automated data retention

Challengesy Isolation management / data multi-tenancy

y Storage controllerSingle point of failure / compromise?

y Exposure of data to foreign governments

42



CLOUD PROCESSING INFRASTRUCTURE

Advantages

y Ability to secure masters and push out secure images

Challenges

y

Application multi-tenancyy Reliance on hypervisors

y Process isolation / Application sandboxes

43



CLOUD SUPPORT SERVICES

Advantages

y On demand security controls (e.g., authentication,

logging, firewalls«)

Challenges

y Additional risk when integrated with customer

applications

y Needs certification and accreditation as a separate

application

y

Code updates

44



CLOUD NETWORK AND

PERIMETER SECURITY

Advantages

y Distributed denial of service protection

y VLAN capabilities

y Perimeter security (IDS, firewall, authentication)

Challenges

y Virtual zoning with application mobility

45



CLOUD SECURITY A DVANTAGES

Data Fragmentation and Dispersal

Dedicated Security Team

Greater Investment in Security Infrastructure

Fault Tolerance and Reliability Greater Resiliency

Hypervisor Protection Against Network Attacks

Possible Reduction of C&A Activities (Access to Pre-

Accredited Clouds)

46



CLOUD SECURITY A DVANTAGES

Simplification of Compliance Analysis

Data Held by Unbiased Party (cloud vendor assertion)

Low-Cost Disaster Recovery and Data Storage Solutions

On-Demand Security Controls Real-Time Detection of System Tampering

Rapid Re-Constitution of Services

Advanced Honeynet Capabilities

47



CLOUD SECURITY

CHALLENGES

Data dispersal and international privacylaws

y EU Data Protection Directive and U.S. SafeHarbor program

y Exposure of data to foreign government and datasubpoenas

y Data retention issues

Need for isolation management Multi-tenancy Logging challenges Data ownership issues Quality of service guarantees 48

C S



CLOUD SECURITY

CHALLENGES

Dependence on secure hypervisors Attraction to hackers (high value target) Security of virtual OSs in the cloud Possibility for massive outages Encryption needs for cloud computing

y Encrypting access to the cloud resource controlinterface

y Encrypting administrative access to OS instances

y Encrypting access to applications

y Encrypting application data at rest

Public cloud vs internal cloud security Lack of public SaaS version control 49



1. CENTRALIZED D ATA

Reduced Data Leakage

The data ´landminesµ of today could be greatly

reduced by the Cloud

Monitoring benefitscentral storage is easier to control and monitor

52



2. INCIDENT RESPONSE / FORENSICS

Forensic readiness

Decrease evidence acquisition time

Eliminate or reduce service downtime

Decrease evidence transfer time

Eliminate forensic image verification time

Decrease time to access protected documents

53



3. P ASSWORD ASSURANCE TESTING

Decrease password cracking time

you can use Cloud Compute to decrease crack

time

Keep cracking activities to dedicatedmachines

password cracker to spread the load across non-

production machines

54



4. LOGGING

´Unlimitedµ, pay per drink storage

Improve log indexing and search

Getting compliant with Extended logging

55



5. IMPROVE THE STATE OF SECURITY SOFTWARE

Drive vendors to create more efficient security

software

Billable CPU cycles get noticed. More attention will

be paid to inefficient processesSecurity vendors that understand how to squeeze the

most performance from their software will win

56



6. SECURE BUILDS

Pre-hardened, change control builds

Reduce exposure through patching offline

Easier to test impact of security changes

57



COST OF TRADITIONAL D ATA

CENTERS

11.8 million servers in data centers

Servers are used at only 15% of their capacity

800 billion dollars spent yearly on purchasing and

maintaining enterprise software80% of enterprise software expenditure is on

installation and maintenance of software

Data centers typically consume up to 100 times

more per square foot than a typical office building Average power consumption per server quadrupled

from 2001 to 2006.

Number of servers doubled from 2001 to 200660



ENERGY CONSERVATION AND

D ATA CENTERS

Standard 9000 square foot costs $21.3 million to build with

$1 million in electricity costs/year

Data centers consume 1.5% of our Nation·s electricity (EPA)

y .6% worldwide in 2000 and 1% in 2005

Green technologies can reduce energy costs by 50%

IT produces 2% of global carbon dioxide emissions

61



CLOUD ECONOMICS

Estimates vary widely on possible cost savings ´If you move your data-centre to a cloud provider, it

will cost a tenth of the cost.µ ² Brian Gammage,Gartner Fellow

Use of cloud applications can reduce costs from 50%to 90% - CTO of Washington D.C.

IT resource subscription pilot saw 28% cost savings - Alchemy Plus cloud (backing from Microsoft)

George Reese, founder Valtira and enStratusy Using cloud infrastructures saves 18% to 29% before considering

that you no longer need to buy for peak capacity

62

Cloud Computing Mis

Documents

Transcript of Cloud Computing Mis