Lecture Note

On
Cloud Computing
UNIT-1
Introduction to Cloud Computing
Cloud Computing is the combination of Network with Internet. It is a technology which
is manipulating, configuring, and accessing the hardware and software resources remotely. It
offers online data storage, infrastructure, and application. It is the on-demand delivery of IT
resources over the Internet.
Instead of buying, owning, and maintaining
physical data centres and servers, one can
access technology services, such as
computing power, storage, and databases,
on an as-needed basis from a cloud server.
Cloud computing offers platform
independency, that means software is not
required to be installed in a local PC.
In a cloud computing system the Remote
Servers are responsible for running
everything from e-mail to word processing
to complex data analysis programs for the
client users and all the computing process owned by another company.
Cloud can provide services over public and private networks, i.e., WAN, LAN or VPN.
Applications like e-mail, web conferencing, customer relationship management (CRM) executes
on cloud.

Advantages of Cloud Computing

• Back-up and restore data: Once the data is stored in the cloud, it is easier to get back-
up and restore that data using the cloud computing technology.
• Improved collaboration: Cloud applications have improved collaboration by allowing
groups of people to share information in the cloud quickly and easily.
• Excellent accessibility: It allows us to access and store data or information quickly and
easily from anywhere and anytime using internet connection. Ultimately it increases
the productivity and efficiency of the organization.
• Low maintenance cost: Cloud computing reduces both hardware and software
maintenance costs for an organization.
• Mobility: Cloud computing allows us to easily access all cloud data while on roaming.
• Unlimited storage capacity: Cloud offers us a huge amount of storage capacity for
storing our data such as documents, images, audio, video, etc. in one place.
• Data security: Data security is one of the biggest advantages of cloud computing. Cloud
offers many advanced features related to security and ensures that the data is safe.

Cloud Computing 1
Disadvantages of Cloud Computing

• Internet Connectivity: Cloud Server can be accessed only through internet. So if there is
no good internet connectivity or no internet connection, than the data cannot be
accessed properly.
• Vendor lock-in: Vendor lock-in is the biggest disadvantage of cloud computing.
Organizations may face problems when transferring their services from one vendor to
another. As different vendors provide different platforms, that creates a problem to move
data from one cloud to another.
• Limited Control: As we know, cloud infrastructure is completely owned, managed, and
monitored by the service provider, so the cloud users have less control on the cloud
servers.
• Security: Although cloud service providers implement the best security standards, but
before adopting cloud technology, the organization must be aware that they are
handing over all the organization's sensitive information to a third party, which is a
cloud computing service provider. While sending the data on the cloud, there may be a
chance that your organization's information is hacked by Hackers.

Types of Cloud
There are the following 4 types of cloud that
you can deploy according to the
organization's requirements.

Public Cloud

Public cloud is open to all to store and access information through Internet using the pay-per-
usage method. In public cloud, computing resources are managed and operated by the Cloud
Service Provider (CSP).

Example: Amazon elastic compute cloud (EC2), IBM

Smart Cloud Enterprise, Microsoft, Google App
Engine, Windows Azure Services Platform.

Advantages of Public Cloud

o Public cloud is owned at a lower cost than the private and hybrid cloud.
o Public cloud is maintained by the cloud service provider, so do not need to worry
about the maintenance.
o Public cloud is easier to integrate. Hence it offers a better flexibility approach to
consumers.
o Public cloud is location independent because its services are delivered through the
internet.

Cloud Computing 2
Disadvantages of Public Cloud

o Public Cloud is less secure because resources are shared publicly.

o Performance depends upon the high-speed internet network link to the cloud
provider.

o The Client has no control of data.

Private Cloud

Private cloud is also known as an internal

cloud or corporate cloud. It is used by organizations to
build and manage their own data centres internally or
by the third party.

Based on the location and management, National

Institute of Standards and Technology (NIST) divide
private cloud into the following two parts-

o On-premise private cloud

o Outsourced private cloud

Advantages of Private Cloud

o Private cloud provides a high level of security and privacy to the users.
o Private cloud offers better performance with improved speed and space capacity.
o It allows the IT team to quickly allocate and deliver on-demand IT resources.
o The organization has full control over the cloud because it is managed by the
organization itself. So, there is no need for the organization to depends on anybody.
o It is suitable for organizations that require a separate cloud for their personal use and
data security is the first priority.

Disadvantages of Private Cloud

o Skilled people are required to manage and operate cloud services.
o Private cloud is accessible within the organization, so the area of operations is limited.
o Private cloud is not suitable for organizations that have a high user base, and
organizations that do not have the prebuilt infrastructure, sufficient manpower to
maintain and manage the cloud.

Cloud Computing 3
Hybrid Cloud

Hybrid Cloud is a combination of the public cloud

and the private cloud.

It is partially secure because the services which are

running on the public cloud can be accessed by
anyone, while the services which are running on a
private cloud can be accessed only by the
organization's users.

Example: Google Application Suite (Gmail, Google

Apps, and Google Drive), Office 365 (MS Office on the Web and One Drive), Amazon Web
Services.

Advantages of Hybrid Cloud

o Hybrid cloud is suitable for organizations that require more security than the public
cloud.
o Hybrid cloud helps you to deliver new products and services more quickly.
o Hybrid cloud provides an excellent way to reduce the risk.
o Hybrid cloud offers flexible resources because of the public cloud and secure resources
because of the private cloud.

Disadvantages of Hybrid Cloud

o In Hybrid Cloud, security feature is not as good as the private cloud.
o Managing a hybrid cloud is complex because it is difficult to manage more than one
type of deployment model.
o In the hybrid cloud, the reliability of the services depends on cloud service providers.

Community Cloud

Community cloud allows systems and

services to be accessible by a group of several
organizations to share the information
between the organization and a specific
community. It is owned, managed, and
operated by one or more organizations in the
community, a third party, or a combination
of them.

Example: Health Care community cloud

Cloud Computing 4
Advantages of Community Cloud

o Community cloud is cost-effective because the whole cloud is being shared by several
organizations or communities.
o Community cloud is suitable for organizations that want to have a collaborative cloud
with more
o security features than the public cloud.
o It provides better security than the public cloud.
o It provides collaborative and distributive environment.
o Community cloud allows us to share cloud resources, infrastructure, and other
capabilities among various organizations.

Disadvantages of Community Cloud

o Community cloud is not a good choice for every organization.

o Security features are not as good as the private cloud.
o It is not suitable if there is no collaboration.
o The fixed amount of data storage and bandwidth is shared among all community
members.

Historical development

History of Cloud Computing

Before emerging the cloud computing, there was Client/Server computing which is basically a
centralized storage in which all the software applications, all the data and all the controls are
resided on the server side. If a single user wants to access specific data or run a program, he/she
need to connect to the server and then gain appropriate access, and then he/she can do his/her
business.

The concept of Cloud Computing came into existence in the year 1950 with implementation of
mainframe computers, accessible via thin/static clients. Since then, cloud computing has been
evolved from static clients to dynamic ones and from software to services.
Vision of Cloud Computing
The vision of cloud computing are

1. Cloud computing provides the facility of virtual hardware, runtime environment and
services to an individual or an organization.

2. The service of cloud server can be accessed as long as the user needed. There is no
requirement of any upfront commitment.

3. The entire collection of computing system is transformed into a collection of utilities,

which can be provisioned and composed together to deploy systems in hours rather
than days, with no maintenance costs.

Cloud Computing 5
 4. The long term vision of a cloud computing is that, IT services and business can be traded
as an utilities in an open market without any technological and legal barriers.

5. Due to the existence of a global platform for trading cloud services will also help service
providers to potentially increase their revenue.

6. A cloud provider can also become a consumer of a competitor service in order to fulfil
its promises to customers.

Characteristics of Cloud computing

According to NIST (National institute of standards) there are five essential characteristics of
cloud computing:

1. On Demand Self Service: User gets on demand computer services like email, applications etc.
without interacting with the service provider. Some of the cloud service providers are- Amazon
Web Service, Microsoft, IBM, Salesforce.com

2. Broad network access: Cloud services is available over the network and can be accessed by
different clients through Cell phone, IPAD, TAB, Laptops etc.

3. Resource pooling: Same resources can be used by more than one customer at a same time.
For example- storage and network bandwidth can be used by any number of customers and
without knowing the exact location of that resource.

4. Rapid elasticity: On users demand cloud services can be available and released. Cloud service
capabilities are unlimited and can be accessed at any time.

5. Measured service: Resources used by the users can be monitored, controlled. The reports are
available for both cloud providers and consumers. On the basis of this measured reports cloud
system automatically controls and optimizes the resources based on the type of services.

Cloud Computing 6
UNIT-2
Components of Cloud Computing Architecture

These are the following components of cloud computing architecture -

1. Client Infrastructure: Client Infrastructure is a Front end component. It provides GUI

(Graphical User Interface) to interact with the cloud.

2. Application: The application may be any software or platform that a client wants to access.

3. Service: A Cloud Services manages that which type of service you access according to the
client’s requirement.

Cloud computing offers the following three type of services:

i. Software as a Service (SaaS) – It is also known as cloud application services. Mostly,

SaaS applications run directly through the web browser means we do not require to
download and install these applications. Example: Google Apps, Salesforce Dropbox,
Slack, Hubspot, Cisco WebEx.
ii. Platform as a Service (PaaS) – It is also known as cloud platform services. It is quite
similar to SaaS, but the difference is that PaaS provides a platform for software creation,
but using SaaS, we can access software over the internet without the need of any
platform. Example: Windows Azure, Force.com, Magento Commerce Cloud, OpenShift.

iii. Infrastructure as a Service (IaaS) – It is also known as cloud infrastructure services.

It is responsible for managing applications data, middleware, and runtime
environments. Example: Amazon Web Services (AWS) EC2, Google Compute Engine
(GCE), Cisco Metapod.

4. Runtime Cloud: Runtime Cloud provides the execution and runtime environment to the
virtual machines.

5. Storage: Storage is one of the most important components of cloud computing. It provides a
huge amount of storage capacity in the cloud to store and manage data.

6. Infrastructure: It provides services on the host level, application level, and network level.
Cloud infrastructure includes hardware and software components such as servers, storage,
network devices, virtualization software, and other storage resources that are needed to
support the cloud computing model.

7. Management: Management is used to manage components such as application, service,

runtime cloud, storage, infrastructure, and other security issues in the backend and establish
coordination between them.

8. Security: Security is an in-built back end component of cloud computing. It implements a

security mechanism in the back end.

9. Internet: The Internet is medium through which front end and back end can interact and
communicate with each other.

Cloud Computing 7
Role of standards in Cloud Computing environment

Various standards in Cloud computing are:

Infrastructure as a Service (IaaS)
Infrastructure-as-a-Service provides
access to fundamental resources such
as physical machines, virtual machines,
virtual storage, etc. Apart from these
resources, the IaaS also offers:

• Virtual machine disk storage

• Virtual local area network
(VLANs)
• Load balancers
• IP addresses
• Software bundles
All of the above resources are made available to end user via server virtualization. Moreover,
these resources are accessed by the customers as if they own them.

Benefits

IaaS allows the cloud provider to freely locate the infrastructure over the Internet in a cost-
effective manner. Some of the key benefits of IaaS are listed below:
• Full control over computing resources: IaaS allows the customer to access computing
resources using administrative rights from virtual machines in the following manner:
• Flexible and efficient renting of computer hardware: IaaS resources such as virtual machines,
storage devices, bandwidth, IP addresses, firewalls, etc. are made available to the customers
on rent. Also with administrative access to virtual machines, the customer can run any type
of software.

• Portability, interoperability: It is possible to switch between applications and resources

between IaaS clouds. For example, network applications such as web server or e-mail server
that normally runs on customer-owned server hardware can also run from VMs in IaaS
cloud.

Issues

The various issues of IaaS are-

• Compatibility with legacy security vulnerabilities: Because IaaS offers the customer to run
legacy software in provider's infrastructure, it exposes customers to all of the security
vulnerabilities.
• Virtual Machine sprawl: The VM can become out-of-date with respect to security updates
because IaaS allows the customer to operate the virtual machines in running, suspended
and off state. However, the provider can automatically update such VMs, but this
mechanism is hard and complex.

Cloud Computing 8
 • Robustness of VM-level isolation: IaaS offers an isolated environment to individual
customers through hypervisor. Hypervisor is a software layer that includes hardware
support for virtualization to split a physical computer into multiple virtual machines.

• Data erase practices: The customer uses virtual machines that in turn use the common
disk resources provided by the cloud provider. When the customer releases the
resource, the cloud provider must ensure that next customer to rent the resource does
not observe data residue from previous customer.

Characteristics

Here are the characteristics of IaaS service model:

• Virtual machines with pre-installed software.
• Virtual machines with pre-installed operating systems such as Windows, Linux, and Solaris.
• On-demand availability of resources.
• Allows to store copies of particular data at different locations.
• The computing resources can be easily scaled up and down.

Platform as a Service (PaaS)

Platform-as-a-Service offers the runtime environment for applications. It also offers
development and deployment tools required to develop applications. PaaS has a feature
of point-and-click tools that enables non-developers to create web applications.
App Engine of Google and Force.com are examples of PaaS offering vendors. Developer may
log on to these websites and use the built-in API to create web-based applications.

Benefits

Following are the benefits of PaaS model:

• Lower administrative overhead: Customer need

not bother about the administration because it
is the responsibility of cloud provider.

• Lower total cost of ownership: Customer need

not purchase expensive hardware, servers,
power, and data storage.

• Scalable solutions: It is very easy to scale the

resources up or down automatically, based on
their demand.

• More current system software: It is the responsibility of the cloud provider to maintain
software versions and patch installations.

Cloud Computing 9
Issues

PaaS has significant burdens on customer's browsers to maintain reliable and secure
connections to the provider’s systems. However, there are some specific issues associated with
PaaS are-
• Lack of portability between PaaS clouds: Although standard languages are used, yet the
implementations of platform services may vary. For example, file, queue, or hash table
interfaces of one platform may differ from another, making it difficult to transfer the
workloads from one platform to another.

• Event based processor scheduling: The PaaS applications are event-oriented i.e., they have
to answer a request in a given interval of time.

• Security engineering of PaaS applications: Since PaaS applications are dependent on

network, they must have to use cryptography and manage security exposures.

Characteristics

Here are the characteristics of PaaS service model:

• PaaS offers browser based development environment. It allows the developer to
create database and edit the application code either via Application Programming
Interface or point-and-click tools.
• PaaS provides built-in security, scalability, and web service interfaces.
• PaaS provides built-in tools for defining workflow, approval processes, and business
rules.
• It is easy to integrate PaaS with other applications on the same platform.
• PaaS also provides web services interfaces that allow us to connect the applications
outside the platform.
Software as a Service (SaaS)
Software-as–a-Service (SaaS) model allows to provide software application as a service to the
end users. It refers to a software that is deployed on a host service and is accessible via Internet.
There are several SaaS applications listed below:
• Billing and invoicing system
• Customer Relationship Management (CRM) applications
• Help desk applications
• Human Resource (HR) solutions

Characteristics

Here are the characteristics of SaaS service model:

• SaaS makes the software available over the Internet.
• The software applications are maintained by the vendor.
• The license to the software may be subscription based or usage based. And it is billed
on recurring basis.

Cloud Computing 10
 • SaaS applications are cost-effective since they do not require any maintenance at end
user side.
• They are available on demand.
• They can be scaled up or down on demand.
• They are automatically upgraded and updated.
• SaaS offers shared data model. Therefore, multiple users can share single instance of
infrastructure. It is not required to hard code the functionality for individual users.
• All users run the same version of the software.

Benefits

Using SaaS has proved to be beneficial in terms of scalability, efficiency and performance. Some
of the benefits are listed below:
• Modest software tools: The SaaS application deployment requires a little or no client
side software installation, which results in the following benefits:
o No requirement for complex software packages at client side
o Little or no risk of configuration at client side
o Low distribution cost
• Efficient use of software licenses: The customer can have single license for multiple
computers running at different locations which reduces the licensing cost. Also, there is
no requirement for license servers because the software runs in the provider's
infrastructure.
• Centralized management and data: The cloud provider stores data centrally. However,
the cloud providers may store data in a decentralized manner for the sake of
redundancy and reliability.
• Platform responsibilities managed by providers: All platform responsibilities such as
backups, system maintenance, security, hardware refresh, power management, etc. are
performed by the cloud provider. The customer does not need to bother about them.

Issues

There are several issues associated with SaaS, some of them are listed below:
Browser based risks: If the customer visits malicious website and browser becomes infected,
the subsequent access to SaaS application might compromise the customer's data. To avoid
such risks, the customer can use a specific browser to access SaaS applications or can use virtual
desktop while accessing the SaaS applications.
Network dependence: The SaaS application can be delivered only when network is
continuously available. Also network should be reliable but the network reliability cannot be
guaranteed either by cloud provider or by the customer.
Lack of portability between SaaS clouds: Transferring workloads from one SaaS cloud to
another is not so easy because work flow, business logics, user interfaces, support scripts can
be provider specific.

Cloud Computing 11
UNIT-3
Introduction
Fault tolerance in cloud computing is very important to continue the service whenever a few
devices or components are down or unavailable. This helps the service provider to evaluate their
infrastructure requirements, and provide services when the associated devices are unavailable
due to some cause.

Scalability and Fault Tolerance

• Cloud Scalability is the ability to scale on-demand the facilities and services as and when
they are required by the user.

• Cloud Fault Tolerance is tolerating the faults by the cloud that are done by mistake by the
user.

• Cloud middleware is designed on the principle of scalability along with different dimensions
in mind e.g.:- performance, size and load.

• The cloud middleware manages a huge number of resources and users which depends on
the cloud.

• So in this overall scenario the ability to tolerate the failure is normal but sometimes it
becomes more important than providing an efficient & optimized system.

• The overall conclusion says that “it is a challenging task for the cloud providers to develop
such high scalable and fault tolerance systems and at the same time they will have to provide
a competitive performance.

Main Concepts behind Fault Tolerancein Cloud Computing System

Replication: The fault-tolerant system works on the concept of running several other replicates
for each and every service. Thus, if one part of the system goes wrong, than the other instances
that can be placed instead of it to keep it running.

Redundancy: When any system part fails or moves towards a downstate, then it is important to
have backup type systems.

Existence of Fault Tolerance in Cloud Computing

System Failure: This may be either software or hardware issue. The software failure results in a
system crash situation that may be due to data overflow or other reasons. Any improper
maintenance of the physical hardware machines will result in hardware system failure.

Security Breach Occurrences: There are several reasons why fault tolerance occurs due to
security failures. The hacking of the server negatively impacts the server and results in a data
lost. Other reasons for the necessity of fault tolerance in the form of security cracks include
phishing, virus attack, etc.

Cloud Computing 12
Cloud solutions
Any cloud-based solution refers to provide Applications SOFTWARE, Storage Soace, On-Demand
services, Computer networks, and other resources that are associated with cloud computing.

Benefits of Cloud Solution

• Cloud-based solutions offer benefits for both businesses and end-users.

• Cloud providers use a pay-as-you-go model, so that the client can pay to cloud as per the
requirements only. This is very much helpful for a start-ups.

• For end-users, cloud computing means they can access everything like Files, Emails,
Business applications and many more from any device and from anywhere if there is an
internet connection irrespective of place and environment.

• As the cloud-based technology is growing and the SOFTWARE as A SERVICE (SaaS) solution
is available in affordable price. So the clients of a Small Business (SMB) are interested in
cloud computing.

Cloud Ecosystem
A cloud ecosystem is a complex system of inter-dependent components that all works together
to enable the cloud services. In cloud computing, the ecosystem consists of hardware and
software as well as cloud customers, cloud engineers, consultants, integrators and partners.

A robust ecosystem provides a cloud provider's customers with an easy way to find and purchase
business applications and respond to changing business needs. When the apps are sold through
a provider’s app store such as AWS (Amazon Web Services) Marketplace, Microsoft Azure
Marketplace (for cloud software) or Microsoft AppSource (for business applications), the
customer access the catalogue of different vendors' software and services that have already
been scrutinized and reviewed for security, risk and cost.

The benefits of a cloud ecosystem

• Companies can use a cloud ecosystem to build new business models. They can promote
their business using cloud eco system than they sell their product to the customer.
Specially in medical equipment.

• In a cloud ecosystem, it is also easier to review data and analyse how the each part of
the system affects the other parts. For example a doctor can examine a patient over the
cloud because all the previous data and present problems of the patient available in the
cloud .
• Cloud ecosystem is helpful for complex system of interdependent components that
work together to enable the cloud services.

• The centre of a cloud ecosystem is a public cloud provider. It might be an IaaS provider
such as Amazon Web Services (AWS) or a SaaS vendor such as Salesforce.

• There is no vendor lock-in in the cloud ecosystem. That means a client can switch over
its business one cloud to other cloud without any restriction. Ex. Mobile No. portability.

Cloud Computing 13
Cloud Business process management
Cloud business process management is usually a platform-as-a-service (PaaS) solution that allows
the client to create workflows and use the software. Without installing a single Mb of software in
the client computer, user can use these cloud-based software solutions to streamline and optimise
everyday business activities.

Reasons of Cloud BPM

Minimized errors: Cloud BPM solutions helps the user to minimize the error rate. Less paperwork.
Multiple records are also eliminated since changes in data synchronized and visible to every team
member with access facility.

Anywhere, anytime access: Cloud BPM, stores information in a centralized database thereby
making access possible any time from any location. Further, stakeholders can access the
application from any device.

Secure data: Data security is most essential factor for any organization. Cloud BPM application
comes with a wide range of security features such as role-based access, conditional visibility, data
encryption, and more.

Reputed cloud business process management service providers host their applications on reliable
platforms such as Amazon Web Services or Google Cloud Platform, which in turn improves the
security of sensitive information.

Reliable, consistent experience: In older client-server system users were constantly threatened
by the possibility of server downtime and virus or malware attacks. With cloud BPM, vendors
provide ample backup to ensure that there’s minimal downtime and protect data using built-in
firewalls.

Better collaboration: Collaboration is incredibly easy with cloud BPM, irrespective of whether the
users are in the same office or at different offices . Centralized documentation, digital checklists,
and automated process flow make it possible for information to be accessed by stakeholders
whenever the need arises.

Improved insights: Cloud BPM applications feature has capabilities to store all in a central
database. It becomes simpler to monitor and analyse the data.

Portability and Interoperability

Cloud computing is important for many organizations, with use of a wide range of cloud services
and the transition of both data and applications to cloud computing environments.

The goal of cloud portability and interoperability is to enable cloud service users to avoid vendor-
lock- in and allow for customers to make best use of multiple cloud services.

Basic scenarios
The Cloud Standards Customer Council (CSCC) guide to cloud portability and interoperability
has identified five major scenarios requiring interoperability and portability:

Cloud Computing 14
Switching cloud service providers: the customer can move an application and data from one
Cloud to other Cloud.

Use of multiple cloud service providers: the customer subscribes to the same or different
services from two or more cloud service provider.

Directly linked cloud services: the customer needs Cloud 1 to be linked to Cloud 3 to make use
of its services

Hybrid cloud configuration: the customer connects traditional systems to an internal private
cloud which is linked to a public cloud service.

Cloud migration: the customer moves one or more in-house applications and/or data to Cloud.

Cloud portability is the ability to transfer applications between cloud environments without losing
any data. Several cloud providers have portability facility.

Cloud interoperability refers to the ability of customers to use the same management tools, server
images and other software with a variety of cloud computing providers and platforms.

The cloud computing portability and interoperability categories are:

• Data Portability: is the ability to easily transfer data from one cloud service to another cloud
service.

• Application Portability: Cloud application portability is the ability to easily transfer an

application or application components from one cloud service to a another cloud service.

• Application Interoperability: It is the interoperability between application components and

client devices using various standards like SaaS, PaaS, IaaS. An application component may
be a huge application, or a part of the distributed application.

• Management Interoperability: Management interoperability is an interoperability between

cloud services (SaaS, PaaS, or IaaS) and connected clients.

Cloud Service management

It is the responsibility of cloud service provider to manage resources and their performance.
Management of resources includes several aspects of cloud computing such as load balancing,
performance, storage, backups, capacity, deployment, etc. The management is essential to
access full functionality of resources in the cloud. The cloud provider performs a number of tasks
to ensure efficient use of cloud resources. Here, we will discuss some of them:

Data Flow of the System: The managers are responsible to develop a technology for data flow.
This process describes the movement of data between the organization and the cloud server.

Vendor Lock-In Awareness and Solutions: The managers must know the procedure to exit from
services of a particular cloud provider. The procedures must be defined to enable the cloud
managers to export data of an organization from their system to another cloud provider.

Cloud Computing 15
Knowing Provider’s Security Procedures: The managers should know the security plans of the
provider for the following services:

• Multi users
• E-commerce processing
• Employee screening
• Encryption policy
Monitor Audit Log Use: In order to identify errors in the system, managers must audit the logs
on a regular basis.

Solution Testing and Validation: When the cloud provider offers a solution, it is essential to
test it in order to ensure that it gives the correct result and it is error-free. This is necessary for
a system to be robust and reliable.

Cloud Offerings
It offers various servers, storage, databases, networking, software, analytics, and intelligence
over the Internet (“the cloud”) to the client in an innovative, faster and flexible way. The various
offerings are:

1. Cloud Environment: It describes the hosting environments of cloud in detail. The

various environments are:

• Elastic Infrastructure: It is responsible for hosting of virtual servers, disk storage,

and configuration of network connectivity.

• Elastic Platform: It is a middleware for the execution of customer’s application,

their communication, and data storage

• Environment-based Availability: A cloud provider offers an Elastic Infrastructure or

Platform on which customers may deploy various application software. The
availability of this environment helps the customer to achieve their requirements.

2. Processing Offerings: It describes how computing can be performed in the cloud.

• Hypervisor: In this process the time required to access and terminate server is
reduced through hardware virtualization.

• Execution Environment: It executes common application components and provides

common functionality for data storages, communication etc.

• Map Reduce: Large data sets to be processed are divided into smaller data chunks
and distributed among users. Individual results are later consolidated.

3. Storage Offerings: It describes how data can be stored in the cloud

• Block or Mass Storage: It is responsible for storing data centrally which is large
hard disk that is connected to the server.

Cloud Computing 16
 • Blob Storage: A large amount of data can be stored just like a file system. That
means data can be stored in a specified folder assigned for a particular type of file
like Audio Folder, Video Folder, Image Folder etc.

• Strict Consistency: Data is stored at different locations (replicas) to improve

response time and to avoid data loss in case of failures while consistency of
replicas is ensured at all times.

4. Communication Offering: It is responsible for describing how data can be exchanged in

the cloud.

• Virtual Networking: It is responsible for how can the physical networking resources,
such as networking interface cards, switches, routers etc. can be used in a virtual
mode . These Virtual Networking resources may share the same physical networking
resources.

• Message-oriented Middleware: Communication partners exchange information

asynchronously. The message-oriented middleware handles the message and sends
to the destination using available communication resources.

• Timeout-based Delivery: It assures that a message is properly received and it is not

deleted immediately after it has been read by the client. After the client has
successfully read the message, it sends an acknowledgement to the message queue.
After receiving the acknowledgement the message is deleted.

Testing under Control

Cloud testing typically involves monitoring and reporting on real-world user traffic conditions
as well as load balance and stress testing for a range of simulated usage conditions.

Load and performance testing conducted on the applications and services provided via cloud
computing in order to ensure maximum performance and scalability under a wide variety of
conditions.

Testing under the cloud decreases the manual intervention of technical persons for testing the
network condition.

Advantages of Cloud Testing:

• Reduces capital investment and operational costs and without effecting the business
targets.

• Offers new and attractive services to the clients and provides an opportunity to speed
cycles of innovations and improve the solution quality.

Cloud Computing 17
UNIT-4
Cloud Management and Virtualisation Technology
Virtualization is a technique, which allows to
share a single physical demand of a resource
or an application among multiple customers
and organizations.

Virtualization is the "creation of a virtual

(rather than actual) version of Server,
Desktop, Storage device, Operating system or
network resources".

Create a virtualised Architecture

A virtualization architecture is a conceptual
model specifying the arrangement and interrelationships of the particular components involved
in delivering a virtual rather than physical version like Server, Desktop, Storage device,
Operating system or network resources.

Virtualization is commonly hypervisor-based. The hypervisor (In hypervisor process the time
required to access and terminate server is reduced through hardware virtualization) isolates
operating systems and applications from the underlying computer hardware so that the host
machine can run multiple virtual machines.

Data Centre
A Virtual Datacentre is a huge cloud infrastructure designed for enterprise business needs.
Virtual Datacentres are hosted in the public cloud which provides full compatibility with any
environment.

In cloud computing, Virtual Datacentre is known as Infrastructure as a Service (IaaS). Using

virtualized data centre a service provider provides quick service to its clients.

A virtualized data centre is a logical software abstraction of a physical data centre that provides
a collection of cloud infrastructure components including servers, storage clusters, and other
networking components, to business enterprises

Resilience
Resilient means "having the ability to spring back. "Resiliency is the ability of a server, network, storage
system, or an entire data centre, to recover quickly and continue operating even when there has been an
equipment failure, power outage or other disruption.

Data centre resiliency is a planned part of a cloud architecture and is usually associated with other disaster
planning and data centre disaster-recovery like data protection.

Agility
Cloud agility refers to the addition of business value. When it comes to the cloud context, agility is all
about the ability of an organization to rapidly develop, test, and launch software applications that drive
business growth.

Cloud Computing 18
key benefits of agility in the cloud:

Greater Business Continuity and Flexibility: Due to Agility Cloud services can be rolled up or down as per
business requirements without increasing the bunch of IT equipment. For example, you can start with a 10
node cluster and then easily increase to 50 nodes as your requirements change.

Infrastructure Agility: Cloud allows companies to significantly decrease the time it takes to provision and
de-provision IT infrastructure.

Automated allocation of resources: It simplifies provisioning, de-provisioning and re-deploying resources

through automation and easy-to-use APIs (Application Program Interface) and web consoles. The time for
an IT systems administrator spent on managing and supporting cloud infrastructure is reduced.

Storage
Cloud Storage is a service that allows to save data on offsite storage system managed by third-
party and is made accessible through web based API.
Storage Devices
Block Storage Devices: The block storage devices offer raw storage to the clients. These raw
storage are partitioned to create volumes.

File Storage Devices: The file Storage Devices offer storage to clients in the form of files,
maintaining its own file system. This storage is in the form of Network Attached Storage (NAS).

Cloud Storage Classes

Cloud storage can be broadly classified into two categories:

Unmanaged Cloud Storage: Unmanaged cloud storage means the storage is preconfigured for
the customer. The customer can neither format, nor install his own file system or change drive
properties.

Managed Cloud Storage: Managed cloud storage offers online storage space on-demand. The
managed cloud storage system appears to the user to be a raw disk that the user can partition
and format.

Provisioning
Cloud provisioning is the allocation of a cloud provider's resources and services to a customer.
Cloud provisioning is the key feature of the cloud computing model, relating to how a customer
procures cloud services and resources from a cloud provider. Cloud provision includes
infrastructure as a service (IaaS), software as a service (SaaS) and platform as a service (PaaS).

Types of cloud provisioning

• Advanced provisioning: With advanced provisioning, the customer signs a formal

contract of service with the cloud provider. The provider then prepares the agreed-upon
resources or services for the customer and delivers them. The customer is charged a flat
fee or is billed on a monthly basis.

Cloud Computing 19
 • Dynamic provisioning: With dynamic provisioning, cloud resources are deployed flexibly
to match a customer's fluctuating demands.

• User self-provisioning: With user self-provisioning, also called cloud self-service, the
customer buys resources from the cloud provider through a web interface or portal. This
usually involves creating a user account and paying for resources with a credit card.

Asset Management
Cloud asset management (CAM) is a component of cloud management services focused on the
management of business in cloud environment, such as the products or services that are used
in cloud. Cloud asset management delivers visibility and control of all the assets and
infrastructure that make up your cloud environment. It's a crucial first step towards a better
optimised, more secure cloud.

Cloud Governance
Cloud Governance is a set of rules. It applies specific policies or principles to the use of cloud
computing services. This model aims to secure applications and data even if located distantly.
The best Cloud Governance solutions include People, Processes, and Technology. It basically
refers to the decision making processes, criteria, and policies involved in the planning,
architecture, acquisition, deployment, operation, architecture, acquisition, implementation,
operation, and management of a Cloud computing capability. Cloud Governance best practices
help to optimize the organization’s:

o Operations: Doing it efficiently

o Risk and compliance: Doing it securely
o Financial: Doing more with less

Load Balancing
Cloud load balancing is the process of distributing workloads and computing resources in a cloud
computing environment. Load balancing allows enterprises to manage application or workload
demands by allocating resources among multiple computers, networks or servers. Cloud load
balancing involves hosting the distribution of workload traffic and demands that reside over the
Internet. Cloud load balancing helps enterprises achieve high performance levels for potentially
lower costs than traditional on-premises load balancing technology. Cloud load balancing takes
advantage of the cloud's scalability and agility to meet rerouted workload demands and to
improve overall availability. In addition to workload and traffic distribution, cloud load balancing
technology can provide health checks for cloud applications.

Cloud Computing 20
High Availability
High availability is a type of computing infrastructure that allows to continue the functioning
of computer even when some of its components fail. This is very important for a cloud
customer who cannot tolerate interruption in service, and any downtime can cause damage
or result in financial loss.

High Availability in the cloud is achieved by creating clusters. A high availability cluster is a group
of servers that act as a single server to provide continuous service. These servers have common
access to the same shared storage space for data. So if a server is unavailable, the other servers
pick up the load. A high availability cluster can be anything from two to dozens of servers. As
well as providing failover, high availability clusters also allow load balancing of workloads so that
anyone server within the cluster will not get overloaded and you can provide more consistent
performance.

The basic elements of high availability

The following three elements are essential to a highly available system:

• Redundancy—ensuring that any elements critical to system operations have an
additional, redundant component that can take over in case of failure.

• Monitoring—collecting data from a running system and detecting when a

component fails or stops responding.

• Failover—a mechanism that can switch automatically from the currently active
component to a redundant component, if monitoring shows a failure of the active
component.

Disaster Recovery
Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back
up data, applications and other resources to public cloud or dedicated service providers. When
disaster occurs, the affected data, applications and other resources can be restored to the local
data centre or a cloud provider and resume normal operation for the enterprise.

Cloud disaster recovery is primarily an infrastructure as a service (IaaS) solution that backs up
designated system data on a remote offsite cloud server. It provides updated recovery point
objective (RPO) and recovery time objective (RTO) in case of a disaster or system restore.

Cloud Computing 21
UNIT-5
Virtualisation
Virtualization in Cloud Computing is making a virtual platform of server operating system
and storage devices. This will help the user by providing multiple machines at the same time it
also allows to share the physical resource and an application to multiple users.

Cloud Virtualizations also manage the workload by transforming traditional computing and
make it more scalable, economical and efficient. One of the important features of virtualization
is that it allows sharing of applications to multiple customers and companies. The various type
of Virtualizations are:

Network Virtualisation: Network virtualization helps to manage and monitor the entire
computer network as a single administrative entity. Admins can keep a track of various
components of network infrastructure such as routers and switches through a single software-
based administrator’s console. Network virtualization helps the network for transferring data
perfectly, flexibly, reliably and securely. It improves the overall network’s productivity and
efficiency. It becomes easier for administrators to allocate and distribute resources conveniently
and ensure high and stable network performance.

Desktop Virtualisation: Desktop virtualization is when the host server can run virtual machines
using a hypervisor (a software program). A hypervisor can directly be installed on the host
machine or over the operating system (like Windows, Mac, and Linux). Virtualized desktops
don’t use the host system’s hard drive; instead, they run on a remote central server. This type
of virtualization is useful for development and testing teams who need to develop or test
applications on different operating systems.

Local desktop Virtualisation : Local desktop virtualization means the operating system runs on
a client device using local hardware virtualization. This type of desktop virtualization works well
when users do not need a continuous network connection and can meet application computing
requirements with local system resources. However, this technique can be implemented locally
only.

Remote Desktop Virtualization: Remote desktop virtualization is a common use

of virtualization that operates in a client/server computing environment. This allows users to
run operating systems and applications from a server inside a data centre on a client device. This
client device could be a laptop, thin client device, or a smartphone.

Application Virtualisation: The process of installing an application on a central server that can
virtually be operated on multiple systems is known as application virtualization. For end users,
the virtualized application works exactly like a original application installed on a physical
machine. With application virtualization, it’s easier for organizations to update, maintain, and
fix applications centrally. Admins can control and modify access permissions to the application
without logging in to the user’s desktop. Another benefit of application virtualization is
portability. It allows users to access virtualized applications even on non-Windows devices, such
as iOS or Android.

Cloud Computing 22
Server Virtualisation: Server virtualization is a process of partitioning the resources of a single server
into multiple virtual servers. These virtual servers can run as separate machines. Server virtualization
allows businesses to run multiple independent tasks with different configurations using a single (host)
server. The process also saves the hardware cost involved in keeping a host of physical servers.

Block and File level Storage Virtualisation: Storage virtualization is an series of servers that are
managed by a virtual storage system. The servers aren’t aware of exactly where their data is
stored. This technology manages the storage of data from multiple users and utilized as a
single storage system. storage virtualization software maintains smooth operations and
consistent performance despite changes, break down and differences in the connected
equipment.

Data virtualization: This is a kind of virtualization in which the data is collected from various
sources and managed that in a single server without knowing more about the technical
information like how data is collected, stored & formatted. Then the stored data can be
arranged in sauch a way so that its virtual view can be accessed by interested users by using
the various cloud services remotely. Many big giant companies are providing their services like
Oracle, IBM, At scale, Cdata etc.

Virtual Machine Monitor

A virtual machine (VM) is a virtual environment that works like a computer within a computer.
It runs on a partition of its host computer with its own resources of CPU power, memory, an
operating system (e.g. Windows, Linux, macOS), and other resources. This allows end-users to
run applications on VMs and use them as they normally would on their workstation.

VMs are made possible through virtualization technology. Virtualization uses software to
simulate virtual hardware that allows multiple VMs to run on a single machine. The physical
machine is known as the host while the VMs running on it are called guests.

This process is managed by software known as a hypervisor. The hypervisor is responsible for
managing and provisioning resources like memory and storage from the host to guests.

Infrastructure Requirements
In virtualization, the server and the
software application which are required
by the cloud providers maintain by the
third party and in this, the cloud
provider gives some amount to the third
party.

With the help of Hypervisor software,

the cloud customer can access the
server. Hypervisor software is a
connectivity between the server and the
virtual environment and distributes the
resources between different virtual
environments.

Virtualisation benefits

• Security: During the process of virtualization security is one of the important factor. The

Cloud Computing 23
 security can be provided with the help of firewalls, which will help to prevent
unauthorized access and will keep the data confidential. Moreover, with the help of
firewall and security, the data can protect from harmful viruses malware and other
cyber threats.

• Flexible operations: With the help of a virtual network, the work of IT professional is
becoming more efficient and active. The network switch implement today is very easy
to use, flexible and saves time.

With the help of virtualization in Cloud Computing, technical problems can solve in
physical systems. It eliminates the problem of recovering the data from crashed or
corrupted devices and hence saves time.
• Economical: Virtualization in Cloud Computing, save the cost for a physical system such
as hardware and servers. It stores all the data in the virtual server, which are quite
economical. It reduces the wastage, decreases the electricity bills along with the
maintenance cost. Due to this, the business can run multiple operating system and apps
in a particular server.

• Eliminates the risk of system failure: While performing some task there are chances that
the system might crash down at the wrong time. This failure can cause damage to the
company but the virtualizations help you to perform the same task in multiple devices
at the same time.

It is possible because the data is stored in the cloud and it can be retrieve anytime and
with the help of any device. Moreover, there is two working server side by side which
makes the data accessible every time. Even if a server crashes with the help of the
second server the customer can access the data.

• Flexible transfer of data: The data can transfer to the virtual server and retrieve anytime.
The customers or cloud provider don’t have to waste time finding out hard drives to find
data. With the help of virtualization, it will very easy to locate the required data and
transfer them to the allotted authorities.

Cloud Computing 24
UNIT-6
Cloud Security
Cloud security refers to the technologies, policies, controls, and services that protect cloud data,
applications, and infrastructure from hackers and threats. Cloud security is essential for many
users who are concerned about the safety of their data which is store in the cloud. Data stored
in the cloud is more secured because cloud service providers have superior security measures,
and their employees are highly security experts.

Cloud Security Fundamentals

Information security is a complex and collective of techniques, technologies, regulations, and
behaviours that collaboratively protect the computing systems and data. IT security’s main aim
to defend against threats from both malicious intent and unintentional user errors. The
fundamental security terms relevant to cloud computing are

• Confidentiality: Confidentiality is the characteristic of something being made accessible

only to authorized users. Within cloud environments, confidentiality primarily pertains
to restricting access to data in transit and storage. The message issued by the cloud
consumer to the cloud service is considered confidential only if it is not accessed or read
by an unauthorized party.

• Integrity: Data integrity in the cloud is that the cloud service provider can be guaranteed
that the data transmission between the user and the server must be secure. Integrity
can extend to how data is stored, processed, and retrieved by cloud services and cloud-
based IT resources.

• Authenticity: Authenticity means data can be provided through some authorized

source. This concept ensures the non-rejection of data.

• Availability: Availability is the characteristic of being accessible and usable during a

specified time period. In typical cloud environments, the availability of cloud services
can be a responsibility that is shared by the cloud provider and the cloud carrier.

• Vulnerability: A vulnerability is a weakness that can be exploited due to insufficient

security controls. IT resource vulnerabilities can have a range of causes, including
configuration deficiencies, security policy weaknesses, user errors, hardware or
firmware flaws, software bugs, and poor security architecture.

• Risk: Risk is the possibility of loss or harm arising while performing an activity. Risk is
typically measured according to its threat level and the number of possible or known
vulnerabilities.

Cloud security services

Authentication : Authentication is the testing or reconciliation of evidence of a user’s identity.

It establishes the user’s identity and ensures the authenticity of the user. For example, an user
provides the user ID in the login screen and then has to provide a password. The computer
system authenticates the user by verifying that the password for the provided user ID.

Cloud Computing 25
Authorization : Authorization refers to rights and privileges granted to an individual user to
access the computer resources and information. Once a user’s identity and authentication are
established, authorization levels determine the extent of system rights to the authorised user.

Auditing: To maintain the operational process in cloud , organizations use two basic methods:

1. system audits and monitoring. These methods can be employed by the cloud
customer, the cloud provider, or both, depending on the architecture and deployment
of the cloud computing. A system audit is a one-time or periodic event to evaluate
security.

2. Information technology (IT) audit: This audit is often divided into two types: internal
and external. Internal auditors are typically performing their task inside the
organization, whereas external auditors are auditing the external network
infrastructure.

Accountability: Accountability is the ability to determine the actions and behaviours of a single
individual within a cloud system. Accountability can be fixed on an individual employ. Employ’s
performance can be tracked and judged through accountability.

Design Principles
The NCSC (National Cyber Security Centre) published some cloud security principles. These
principles are designed to give guidance to cloud service providers in order to protect their
customers.

Data in transit protection: User data which is transitioning between networks should be
protected against any interference.

Asset protection and resilience: User data, and the assets storing or processing it, should be
protected against physical tampering, loss, damage or seizure.

Separation between users: If a user of a service is compromised by malicious software, this

should not affect the service or data of another user.

Governance framework: A Security Governance Framework should be followed by the service

provider, in order to internally coordinate its management of the service.

Operational security: In order to prevent and detect attacks, the service must be operated
securely.

Secure development: Services should be designed with security in mind.

Personnel security: Service provider personnel should be thoroughly screened, followed by in-
depth training to reduce the possibility of accidental or malicious compromise.

Supply chain security: The service provider should ensure that their supply chain adheres to all
of the same security principles.

Cloud Computing 26
Secure user management: Service provider should ensure that the client should have the
relevant tools to securely manage the use of their services.

Identity and authentication: Access to the service interfaces should only be granted to specific
individuals and should all be guarded by adequate authentication measures – two way
authentication if possible.

External interface protection: Any external or less trustworthy service interfaces must be
identified and defended appropriately.

Secure service administration: If a cloud service is compromised through its administration

system, important company data could be stolen or manipulated. It is vital that these services
are secure.

Audit information for users: A service provider should supply their customers with the audit
record to monitor the service and who is able to access your data. This is vital as it gives you a
means to identify inappropriate or malicious activity.

Secure use of service: You have a responsibility to ensure the service is used properly, to
ensure your data is kept safe and protected.

Secure Cloud software requirements

The requirements for secure cloud software are concerned with non-functional issues such as
minimizing or eliminating vulnerabilities and ensuring that the software will perform as
required, even under attack.

• It must be dependable under anticipated operating conditions, and remain dependable

under unfriendly operating conditions.

• It must be trustworthy in its own behaviour and it should able to handle the outside
attack

• It must be robust enough to recover quickly to full operational capability with a

minimum of damage to itself, the resources and data it handles, and the external
components with which it interacts.

Below figure illustrates the major elements of the software requirements engineering process.

Cloud Computing 27
Policy Implementation
Security policies are the foundation of a sound cloud system security implementation. According
to the Data and Analysis Centre for Software (DACS), three main objectives common to all
system security policies and the mechanisms and countermeasures used to enforce those
policies:

• They must allow authorized person to connect and access the system to prevent
unauthorized access or connections, especially by unknown or suspicious user.

• They must be allowed to read, modify, destroy or delete of data while preventing
unauthorized users

• They must block the entry of content like user input, executable code, system
commands, etc. suspected of containing attack patterns or malicious logic that could
threaten the system’s ability to operate according to its security policy and its ability to
protect the information.

Implementation Issues : Before implementing the security policy it is very much important to
consider the following security issues.

• Access controls
• Data protection
• Confidentiality
• Integrity
• Identification and authentication
• Communication security and Accountability

Cloud Computing Security Challenges

Data Loss: Data loss is the most common cloud security risks of cloud computing. It is also known
as data leakage. Data loss is the process in which data is being deleted, corrupted, and
unreadable by a user, software, or application. In a cloud computing environment, data loss
occurs when our sensitive data is somebody else's hands, one or more data elements cannot be
utilized by the data owner, hard disk is not working properly, and software is not updated.

Hacked Interfaces and Insecure APIs (Application Program Interface): As we all know, cloud
computing is completely depends on Internet, so it is compulsory to protect interfaces and APIs
that are used by external users. APIs are the easiest way to communicate with most of the cloud
services. In cloud computing, few services are available in the public domain. These services can
be accessed by third parties, so there may be a chance that these services easily harmed and
hacked by hackers.

API is an application program interface that allows the end user to interact with a cloud provider's service

Data Breach: Data Breach is the process in which the confidential data is viewed, accessed, or
stolen by the third party without any authorization, so organization's data is hacked by the
hackers.

Cloud Computing 28
Vendor lock-in: Vendor lock-in is the of the biggest security risks in cloud computing.
Organizations may face problems when transferring their services from one vendor to another.
As different vendors provide different platforms, that can cause difficulty moving one cloud to
another.

Account hijacking: Account hijacking is a serious security risk in cloud computing. It is the
process in which individual user's or organization's cloud account (bank account, e-mail account,
and social media account) is stolen by hackers. The hackers use the stolen account to perform
unauthorized activities.

Cloud Computing 29