SlideShare uma empresa Scribd logo

The Nitty Gritty of Cloud Computing

M
Mike Tase
1 de 10
Baixar para ler offline
1 | P a g e THE NITTY-GRITTY OF CLOUD COMPUTING (November 2014) Michael G. Tase, MSc Data Communications, University of Sheffield. ABSTRACT Computer Scientists have over the years developed various strategies to enable the enhancement of modern computing thereby making it more reliable, efficient, flexible and safer to operate on. Cloud computing is one of the major developmental areas believed by scientists to completely change the way people exchange, manipulate and store huge amount of data remotely in the next decade. But what is the cloud? What technologies define cloud computing? How does cloud computing work? How safe would it be to store sensitive information in a geographically different location? This paper tends to dig in detail into various aspects of the cloud computing technology, highlighting its benefits and challenges together with possible ways to alleviate issues that could affect its further development.
2 | P a g e 1. INTRODUCTION 1.1 The cloud and cloud computing “It’s all about the cloud,” a phrase commonly said these days that usually leaves a large amount of people puzzled at what the cloud and cloud computing could possibly mean. If you are conversant with networking and the internet, you should see that most of the pictorial representations of the internet is usually done by using some mystical cloud symbol. In general, the term cloud means a remote network of networks or simply put, “the internet” that describes all of the infrastructure out there in a remote location enabling the sharing of information between two or more locations geographically separated. Cloud computing on the other hand involves the utilization of infrastructure, resources and shared services together with software that are not local to the user for storage, information transfer, running of high level applications etc. [1]. In the world of today, people send emails using a web browser or some other email application without the need to know the various paths such information takes to reach its destination. These paths made up of servers, routers, high speed media and other network devices all put together form the cloud. For instance, a company executive in charge of the IT affairs of staff doesn’t need to purchase several licenses of a particular software for use by the company staff but instead uses the services of a cloud computing company remotely located to run the software thereby making each staff member able to use same software by simply logging into the cloud using a client interface that could be as simple as a web browser. 1.2 Evolution of cloud computing Even though the concept of cloud computing seems to be an emerging field in computer science and engineering, its idea has for a long time been in existence. Cloud computing is basically seen as an evolution rather than a revolution. In the 1960s, John McCarthy an American computer and cognitive scientist stated that “computation may someday be organised as a public utility” [2]. And then many years later precisely in the 1990s, grid computing which is similar to an electric power grid became a huge enabler of cloud computing. In 1997, Ramnath Chellappa a professor in information systems at Emory University while delivering a lecture made use of cloud computing in its present context as a new computing paradigm. 1999 saw a bright side to cloud computing development when Salesforce.com a cloud computing company Single cloud users Organizational users Database servers Mobile & portables Figure 1.1. The Cloud Computing system The Cloud environment
3 | P a g e showed that it was possible to use a simple website to deliver enterprise applications. Amazon web service was launched in 2002, and in 2006 cloud computing broke out of its shell and became very known thanks to Google Docs. The year 2006 was also nicknamed the actual birth of cloud computing which came after Amazon introduced a commercial web service called the Elastic Compute Cloud (EC2) whereby users could rent a computer in the cloud to run personal applications [2]. In 2007, Google and IBM together with some universities in the United States collaborated within the field. Then in 2008 a platform for deploying private clouds was created by Eucalyptus while a platform for both private and public clouds was formed by Open Nebula. Microsoft finally joined the league of cloud computing service providers in 2009 with the Microsoft Azure providing a platform for users to develop and test software in the cloud [2]. From 2010 till date, several other companies have emerged and have started providing various cloud computing services and this tends to make computer scientists and engineers envision the future of cloud computing. 1.3 Why and why not choose the cloud? The machines and infrastructure present in the cloud makes it capable of running almost any kind of application that a normal user computer would run [3], and it is without doubt that lots of companies and big enterprises are beginning to consider moving into the cloud to utilize services provided. But why should anyone want to pay another company to cater for its data storage and software applications? Some of such driving forces for companies include [3]:  As long as there is an internet connection, you could access your data from any location in the world at any time as cloud computing enables you to access all your information without being present with the machines storing your information. This is very useful for companies with branches in many locations.  Overall running costs would be reduced because users no longer need sophisticated systems to run applications. With just a simple computer and the appropriate client software, you could connect to the cloud and run the same applications as though they were present on your local computer. Maintenance costs for both hardware and software are also cut down.  Companies only need to pay a metered fee to cloud computing companies which replaces the need for buying several software licenses for each member of the staff.  Physical area usually constitute a huge problem for most companies. Some of them pay for extra space to store lots of big servers. This problem could be alleviated by the cloud company in that the company’s database could be stored up in the cloud without the need to procure additional database servers and physical space.  Cloud computing offers an on-demand self-service. This simply means that customers do not need to interact with the cloud service provider in order to use the cloud resources. It is available at any time as long as you are permitted to access. On the other hand, a lot of concerns and challenges have been highlighted as to why most companies still remain paranoid on the idea to migrate into the cloud environment. Security is one of the biggest challenge, and companies still feel safer knowing that its information is kept secured within its premises rather than someplace else where the integrity of such information could be compromised. Another salient challenge is Privacy. Authentication and authorization are most times used to add further security to services and data in the cloud. While Authentication grants access to owners of information by making use of usernames, passwords etc., authorization assigns individuals level of privilege to access information. These methods are usually employed by cloud computing service providers but the fact still remains that companies still consider the possibility of hackers making use of software such as key logger to gain undeserved access to private information by stealing keyed inputs. These and many other issues are being discussed later in this paper together with possible solutions that could help mitigate their effects.
4 | P a g e 2. CLOUD COMPUTING ARCHITECTURE Several components, segments and services integrated together make up the overall cloud computing architecture. They include constituents of the cloud, services provided by cloud companies, and how a user can access the cloud itself. Categorically, the architecture is divided into two, the front end and the back end. The front end simply consists of the client’s user interfaces and applications used to access the cloud. The most common application being the web browser. Other forms may include special purpose software used by a particular company for accessing its information and utilizing services in the cloud. The back end is the cloud section of the system. The deployment models which show the way users can access the cloud, the services rendered by the cloud as well as some intricate cloud computing technologies fall under this category. 2.1 The Deployment Models The cloud computing deployment model defines the kind of access granted to the subscribers of cloud services by cloud service providers depending on subscriber needs. A typical cloud has any of these four types of access: Public, Private, Community and Hybrid. i. Public Cloud This is the most basic cloud access type as it allows any member of the general public to utilize the resources embedded within the cloud. Examples include email service, online data storage providers like drop-box, online gaming etc. This cloud may be less secured due to the nature of its access model. Its infrastructure could be created and maintained by anyone willing to provide the service. All of the cloud’s machines and structures are positioned in provider’s location [1]. ii. Private Cloud The private nature of this cloud model makes its access restricted to only a particular organization. This means that it has the highest level of security when compared with other cloud models to prevent unauthorized personnel from gaining access. All its infrastructure may be owned by a third party company, the organization or a combination of both, and may be located in either of the premises. iii. Community Cloud This allows cloud’s services and resources to be exclusively accessed by a group of organizations sharing similar objectives, requirements and features. Its infrastructure could be located in any of the organizations or a third party cloud computing company altogether. iv. Hybrid Cloud The hybrid cloud simply combines the features of the private and public clouds. This means that for an ideal organisation, critical activities are performed using the private cloud in order to limit unnecessary access, while less critical or more generic activities are performed under the public cloud aspect of the seamless combination of clouds. Figure 2.1 depicts a typical scenario of the four cloud deployment models and kinds of access granted to users depending on desired needs.
5 | P a g e Table 2.1. Comparison of the four deployment models of cloud computing CLOUD MODEL USAGE OWNERSHIP LOCATION PROS CONS Public The general pubic A third party Cloud service provider’s premises Cost effectiveness, high scalability, flexible, Low security, Less customizable Private Exclusive to an organisation The organisation or a third party On/Off provider’s premises Higher security and privacy, More control, cost efficiency Restricted area, additional skills and expertise, inflexible scalability Community Organisations having similar requirements Organisations or third party On/Off provider’s premises Cost effectiveness, More secured than public clouds Responsibility allocation challenge, Less secured than private Hybrid Private and Public models combined Organisation or third party Private and public models combined Scalability, security on the private side, flexible Networking complexities, security challenges. This comparison is important when making a decision to select a cloud access method. 2.2 The Service Delivery Models The cloud service models act as the reference models which shows the category of services being offered by the cloud for utilization by organisations and subscribers. The principal cloud service models include: Software as a service (SaaS), Platform as a service (PaaS), and Infrastructure as a service (IaaS). Others could take the form of Application as a service (AaaS), Business as a service (BaaS), Network as a Service (NaaS), but only the principal services would be discussed. Organisation 1 Organisation 2 Public cloud user Public cloud user Small business PUBLIC CLOUD HYBRID CLOUD PRIVATE CLOUD COMMUNITY CLOUD Figure 2.1. The Cloud Deployment Models
6 | P a g e i. Software as a Service (SaaS) This service provides customers with deployed applications running in the cloud’s infrastructure and can be accessed from the front end using a client web browser or a customised program. Customers usually do not have control over the resources of the cloud providing this service like the hardware and network components, operating systems and memory [1]. Examples of such service provider are: Zoho, SalesForce, DocLanding etc. SaaS finds usefulness in everyday work activities like online gaming, Human Resources, Help Desk applications, emailing and billing. ii. Platform as a Service (PaaS) As the name implies, this service provides a platform for developing applications in the cloud. A runtime environment more like an IDE (Integrated Development Environment) is offered on the cloud. Customers and developers who require high processing speed and capacity together with lots of memory can now utilize this service for application development. Customers can also deploy applications for use under this platform but do not have control over the infrastructure and operating systems used by the cloud [1]. The users can only have access to their deployed applications. Examples of PaaS include, Microsoft Azure, Google App engine, Amazon EC2, Force.com, Load Storm etc. iii. Infrastructure as a service (IaaS) A customer has access to infrastructure components and resources such as the memory, storage, physical and virtual machines, CPU, and other networks. The customer can deploy operating systems and has certain level of privileges to manipulate software on the cloud. The customer however does not have control over the cloud’s operating system and network, but can make use of them to perform related tasks. Examples of IaaS providers include: Amazon S3, Rackspace Cloud, Google Compute Engine, FlexiScale etc. [1, 5]. More control is exercised by the subscriber or customer over cloud resources in the lower service models and lesser control by the cloud service provider [4]. This means that at the bottom layer 1 (IaaS), the customer has more control than at (SaaS) layer 3. Consider a customer being an individual or a small business owner planning on utilizing the cloud’s resources. The best bet is to subscribe to IaaS and gain access to infrastructure resources rather than spend money to acquire these resources considering the effect on the business economy. On the other hand a simple free user can subscribe to email service (SaaS), since he doesn’t require much control to send and receive emails [4]. SaaS Email service, communication, virtual desktop, online games PaaS Execution runtime, Database, Webserver, Development tools, IDE IaaS Servers, Virtual machine, Storage, Load balancers, network Client / Users Web browsers, Mobile Apps, thin client, terminal emulator etc. Figure 2.2. Layered block diagram showing the relationship between the main service models [5] Application layer 3 Infrastructure layer 1 Platform layer 2
7 | P a g e 2.3 Cloud Computing Enabling Technologies Cloud computing isn’t an island technology. Even though it can ideally stand and function well on its own, some existing technologies have made it function even much better and has taken cloud computing to an elevated level. The main enabling technologies are: Virtualization, Service-oriented Architectures (SOA), Grid computing, utility computing, Data storage. i. Virtualization The term virtualization in the IT context refers to the sharing of an instance of a resource or application amongst several users. It assigns a logical identity to a physical resource and then uses a pointer to that location whenever it is needed. Virtual machines are called virtual because they are made up of software rather than hardware. For a typical virtual machine to function, an operating system (OS) called the (Guest O.S) is installed on it, i.e. a software on another software [7]. Also there exists a virtual machine manager (VMM) that does the controlling of all aspects of the virtual machine environment. In the context of cloud computing, imagine different services such as email, web, storage, applications all having dedicated servers in the cloud. Your guesses would be right as mine that not all of these servers would run at full capacity, and therefore leading to a wastage of processing power. Instead, virtual servers are implemented such that one server would be tricked into believing it is a multiple. Guest operating systems are installed on the hardware more like the way a user PC hard drive can be partitioned to take more than one OS at a time, and each OS functions on sections as though it was in a different server entirely. Virtual machines can be controlled in different ways by making use of three main approaches [7]: a. Operating System-based virtualization In this approach, the host OS allows guest OS’ to be installed and run on the same physical server, and it is responsible for controlling and maintaining the operation of the virtual machines. The problem this approach could face is that once a hacker infiltrates the host OS kernel, he can make it possible for the guest OS’ to gain control over the host OS. b. Application-based virtualization This method of virtualization has the application hosted on the host OS. It is not commonly used in real life practice as it has similar vulnerabilities as the OS-based virtualization. c. Hypervisor-based virtualization This approach uses extra security such as intrusion detection systems to further protect the system of virtual machines. The hypervisor is simply a firmware that is usually installed on the server hardware, and being part of the boot time it enables the assignment of resources to virtual machines thereby controlling the activities within the system and acting as a VMM. Also importantly, whenever the hypervisor crashes, all the virtual machines become vulnerable but this wouldn’t cause much concern as it is difficult for hackers to gain control of the hypervisor. Research on this problem is ongoing to find possible measures to alleviate this vulnerability. ii. Service-Oriented Architecture (SOA) Most times, people fail to highlight the difference between cloud computing and SOA. Though similar both work in pretty different ways, and complement each other. In SOA, standard interfaces are provided such that it is possible for users to use different set of software from different vendors to exchange information easily without an additional set of programs or applications to run these applications [6]. Services that employ reusable functionalities are employed here.
8 | P a g e iii. Grid Computing Grid computing describes a type of computing in which a certain group of devices or computers are connected together in order to achieve an objective. This is similar to the electricity grid in which several generating stations contribute to the overall generated power. By employing grid computing, heavy tasks are being split into smaller simpler tasks (modularity) creating a more efficient computing system. Participating units are usually geographically dispersed and work in a heterogeneous way. Grid computing technology finds application in the cloud where multiple CPUs networked together creates greater reliability and efficiency in computing [8]. iv. Utility Computing Basically this involves a metered service of pay per use model. Computational resources such as hardware, software, network bandwidth are rented to customers based on requirements and demand at that point in time. Utility computing serves as enabler for both grid and cloud computing [8]. v. Cloud Data Storage Cloud storage has been existing even before cloud computing became a norm. It provides a form of virtualized storage which is being provided based on the demand. A basic form of cloud storage is web hosting. As the concept of cloud computing keeps improving, customers are now paying for disk space to store up information in the cloud. Most enterprises have their database of information been stored in their private clouds. And these data is been managed by the cloud computing company. A user can backup important data in the cloud, as it is likely to be safer in the cloud. 3. CLOUD COMPUTING CONCERNS AND CHALLENGES In as much as the concept of cloud computing seem interesting and propitious, some companies and enterprises still wouldn’t want to give control to some third party company over important information of the company, and you tend to see reasons with them. Security and Privacy pose the major challenge faced by cloud computing operators. This is why the first thing companies usually do these days is to create a checklist of security measures put in place by cloud service providers to tackle such challenge and make the system safer to operate on [4]. Paranoia on the side of the customer is mainly caused by two reasons which make them less at ease: Loss of control over data and dependence on the cloud computing provider for security. Some of the basis for concern and challenging decision for migration into the cloud are described below [10, 11]. i. Identity Management Unauthorized access to data and information in the cloud poses a significant issue with cloud access system. Organizations would normally have various ways of identifying and authenticating users intending to access its resources with within its network, but this is hardly compatible in the long run with the external cloud based systems. So even though the organization implements powerful authentication techniques internally, this might not be so on the external side. ii. Transparency Cloud providers are most times not transparent enough to the customers. Usually the location where data is being stored is unknown to the customer, and since many companies are likely to have the same cloud provider, data could be compromised by another competing company or even the cloud provider themselves. This can even occur at times when the cloud providers analyse data in the cloud by performing techniques such as data mining. iii. Remote Access safety The connection between the customer and the cloud involves a Wide Area Network (WAN) connection, this means signals could be intercepted if not adequately protected by employing network security measures. Hackers could gain access or control through eavesdropping, DNS
9 | P a g e spoofing, Denial-of-Service attacking. Denial-of-Service could pose serious problems as it occurs when hackers prevent users from accessing information or from responding to legitimate requests by performing an assault using several computers to flood the user with illegitimate requests. Amazon has once been hit by this assault, so this could frighten prospective subscribers [11]. iv. Availability The downtime of most cloud companies is approximately 8.69 hours, which means that regardless of all the high tech architecture and infrastructures put in place, some form of temporal outage is likely to be experienced by cloud computing services [11]. For instance, amazon S3 and EC2 in 2009 once experienced a down time for three hours which affected the services of cloud subscribers like twitter. Other cloud service providers like SalesForce.com and Microsoft Azure have experienced similar issues. Also, in a case were the cloud service provider’s business crashes or goes bankrupt, subscribers would inevitably be cut out of access to data which would in turn affect business activities. v. Data Deletion Due to several backups and redundancy usually made to ensure reliability, complete deletion of subscriber’s data by the cloud company whenever requested could be less guaranteed. Complete deletion of data would involve finding all data which is generally a difficult task. Most subscribers sign an agreement which ensures mandatory deletion of data, but this shouldn’t be over relied on. vi. Legal Issues Three parties are most of the time involved in the overall cloud computing system; the Cloud service provider, the internet service provider (ISP) and the customer. Compliances may not be adequately defined since cloud’s data centres are not collocated. Other risk management factors are likely to be a problem as the question of who is responsible for what and at what cost becomes a challenge. 4. RECOMMENDATIONS BASED ON SECURITY CHALLENGES Some of the recommendations for both the cloud service providers and the customers planning to migrate into the cloud environment are discussed below: i. Authentication and authorization are very crucial parts of cloud security measures. Since we don’t want unauthorized access to resources, implementation of extra security measures is of the essence. Cloud computing companies should think of strategies like Security Assertion Markup Language (SAML). SAML technology basically make use of Simple Object Access Control (SOAC) which has its format based on Extensible Markup Language (XML) [11]. And this enables secure authentication and authorization data exchange between the service provider, the user (principal) and the identity provider. ii. Trust between the cloud service providers and the customer could be strengthened by providing a legal binding contract between both parties which allows customers to get more involved with knowing the location of their data and how the data is being stored and processed. iii. The communication link between the cloud service provider and the customer should be adequately secured to prevent intercepting attacks like denial-of-service and malware attacks. A secure telecommunications network providing guarantee to customers could be employed in cloud computing implementations [10]. iv. Cloud computing companies should also ensure confidentiality of user data and information. This is a trust placed on them and it is their duty to make sure data doesn’t get compromised. The company is responsible for employing all possible means to ensure that the integrity of the customer’s information is highly maintained regardless of where the data is being located.
10 | P a g e Redundancy of data, like creating a backup of user information is also encouraged to reduce the chances of data unavailability. v. Mandatory deletion of data must also be included in the regulations of the contract. Care should also be taken by the cloud service providers when storing information in order not to have several copies in unknown locations. 5. CONCLUSION The main focus of this article was on the major aspects of cloud computing technology which makes it a very functional and useful aspect of the general computing world. The discussed sections are: the architectural components of the cloud, modes of access to the cloud resources, services rendered by cloud service providers, security and privacy issues and some recommendations for migration. The future of cloud computing might be seeing billions of mobile subscribers seeking for more bandwidth and high data storage space, so it is imperative for us to understand how cloud computing was originated, its present status and how efficient it will be to cater for future demands. REFERENCES [1] S. Wattal, A. Kumar “Cloud Computing- an Emerging Trend in Information Technology,” International Conference on Issues and Challenges in Intelligent computing Techniques (ICICT), 2014. [2] S. Biswas, “A History of Cloud Computing,” February 9, 2011, http://cloudtweaks.com/2011/02/a- history-of-cloud-computing [Accessed November, 2014]. [3] J. Strickland, “How Cloud Computing Works,” http://computer.howstuffworks.com/cloud- computing/cloud-computing.htm [Accessed November, 2014]. [4] A. Huth, J. Cebula, “The Basics of Cloud Computing,” Produced for US-CERT, a government organisation. Carnegie Mellon University, 2011. [5] S. Gibbs, “Cloud Computing,” International journal of Innovative Research in Engineering & Science, vol. 1 no. 1, July, 2012. [6] G. Lewis, “Basics about Cloud Computing,” Software Engineering Institute| Carnegie Mellon, Sept 2011. [7] F. Sabahi, “Secure Virtualization for Cloud Environment Using Hypervisor-based Technology,” International Journal of Machine Learning and Computing, vol. 2, No. 1, Feb 2012. [8] S. Biswas, “Cloud computing vs Utility Computing vs Grid Computing: Sorting the differences,” February 1, 2011, http://cloudtweaks.com/2011/02/a-history-of-cloud-computing [Accessed November, 2014]. [9] “Cloud Storage for Cloud Computing,” Joint production of the Open Grid Forum and the Storage Networking Industry Association, 2009. [10] M. Holbl, “Cloud Computing Security and Privacy Issues,” Council of European Professional Informatics Societies (CEPIS), vol 17. March 2011. [11] W. A. Jansen, “Cloud Hooks: Security and Privacy Issues in Cloud Computing,” Proceedings of the 44th Hawaii International Conference on System Sciences, 2011.

Recomendados

International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
Cloud Computing for Universities Graduation Project
Cloud Computing for Universities Graduation ProjectCloud Computing for Universities Graduation Project
Cloud Computing for Universities Graduation Project
Mohamed Shorbagy
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
vishnu varunan
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Kshitij Mittal
 
Cloud computing..
Cloud computing..Cloud computing..
Cloud computing..
manoj kumar
 
Report on cloud computing by prashant gupta
Report on cloud computing by prashant guptaReport on cloud computing by prashant gupta
Report on cloud computing by prashant gupta
Prashant Gupta
 
Cloud computing report
Cloud computing reportCloud computing report
Cloud computing report
Vamsi Krishna Vanama
 
The seminar report on cloud computing
The seminar report on cloud computingThe seminar report on cloud computing
The seminar report on cloud computing
Divyesh Shah
 

Recomendados

International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
IJERD Editor
 
Cloud Computing for Universities Graduation Project
Cloud Computing for Universities Graduation ProjectCloud Computing for Universities Graduation Project
Cloud Computing for Universities Graduation Project
Mohamed Shorbagy
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
vishnu varunan
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Kshitij Mittal
 
Cloud computing..
Cloud computing..Cloud computing..
Cloud computing..
manoj kumar
 
Report on cloud computing by prashant gupta
Report on cloud computing by prashant guptaReport on cloud computing by prashant gupta
Report on cloud computing by prashant gupta
Prashant Gupta
 
Cloud computing report
Cloud computing reportCloud computing report
Cloud computing report
Vamsi Krishna Vanama
 
The seminar report on cloud computing
The seminar report on cloud computingThe seminar report on cloud computing
The seminar report on cloud computing
Divyesh Shah
 
Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar report
shafzonly
 
Cloud computing Report
Cloud computing ReportCloud computing Report
Cloud computing Report
Virendra Ruhela
 
seminar on cloud computing report
seminar on cloud computing reportseminar on cloud computing report
seminar on cloud computing report
ANKIT KUMAR
 
Cloud computing report
Cloud computing reportCloud computing report
Cloud computing report
ErManish5
 
SURVEY OF CLOUD COMPUTING
SURVEY OF CLOUD COMPUTINGSURVEY OF CLOUD COMPUTING
SURVEY OF CLOUD COMPUTING
ijwscjournal
 
Cloud computing white paper
Cloud computing white paperCloud computing white paper
Cloud computing white paper
Vaneesh Bahl
 
Group seminar report on cloud computing
Group seminar report on cloud computingGroup seminar report on cloud computing
Group seminar report on cloud computing
Sandhya Rathi
 
Cloud Computing on ISO/IEC JTC 1
Cloud Computing on ISO/IEC JTC 1Cloud Computing on ISO/IEC JTC 1
Cloud Computing on ISO/IEC JTC 1
Seungyun Lee
 
cloud computing
cloud computingcloud computing
cloud computing
Mukhid Khan LashKari
 
Cloud computing.pptx
Cloud computing.pptxCloud computing.pptx
Cloud computing.pptx
ProfRajivKumarShobhi
 
Cloud Computing Documentation Report
Cloud Computing Documentation ReportCloud Computing Documentation Report
Cloud Computing Documentation Report
Ajit Yadav
 
cloud computing documentation
cloud computing documentationcloud computing documentation
cloud computing documentation
shilpa bojji
 
Briefing 47
Briefing 47Briefing 47
Briefing 47
Srinivas Reddy Manda
 
Cloud Computing and Security Issues
Cloud Computing and Security IssuesCloud Computing and Security Issues
Cloud Computing and Security Issues
IJERA Editor
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Soumitra Halder
 
Jagadeesha kulal J - Cloud computing
Jagadeesha kulal J - Cloud computing Jagadeesha kulal J - Cloud computing
Jagadeesha kulal J - Cloud computing
JAGADEESHA KULAL J
 
Cloud computing
Cloud computingCloud computing
Cloud computing
MIDAS Automation & Telecommunications Pvt. Ltd. (MIDAUTEL)
 
Cloud computing for enterprise
Cloud computing for enterpriseCloud computing for enterprise
Cloud computing for enterprise
Pravin Asar
 
Cloud Computing Documentation Report
Cloud Computing Documentation ReportCloud Computing Documentation Report
Cloud Computing Documentation Report
Usman Sait
 
Las Emociones en la Educación - mesa redonda
Las Emociones en la Educación - mesa redondaLas Emociones en la Educación - mesa redonda
Las Emociones en la Educación - mesa redonda
Carolina Mendez
 
Excellent News 2011
Excellent News 2011Excellent News 2011
Excellent News 2011
Peter Krøijer-Jensen
 
Sport en voeding
Sport en voedingSport en voeding
Sport en voeding
Frank Senders
 

Mais conteúdo relacionado

Mais procurados

SURVEY OF CLOUD COMPUTING
SURVEY OF CLOUD COMPUTINGSURVEY OF CLOUD COMPUTING
SURVEY OF CLOUD COMPUTING
ijwscjournal
 
cloud computing documentation
cloud computing documentationcloud computing documentation
cloud computing documentation
shilpa bojji
 
Cloud Computing and Security Issues
Cloud Computing and Security IssuesCloud Computing and Security Issues
Cloud Computing and Security Issues
IJERA Editor
 
Jagadeesha kulal J - Cloud computing
Jagadeesha kulal J - Cloud computing Jagadeesha kulal J - Cloud computing
Jagadeesha kulal J - Cloud computing
JAGADEESHA KULAL J
 
Cloud computing for enterprise
Cloud computing for enterpriseCloud computing for enterprise
Cloud computing for enterprise
Pravin Asar
 

Mais procurados (19)

Cloud computing seminar report
Cloud computing seminar reportCloud computing seminar report
Cloud computing seminar report
 
Cloud computing Report
Cloud computing ReportCloud computing Report
Cloud computing Report
 
seminar on cloud computing report
seminar on cloud computing reportseminar on cloud computing report
seminar on cloud computing report
 
Cloud computing report
Cloud computing reportCloud computing report
Cloud computing report
 
SURVEY OF CLOUD COMPUTING
SURVEY OF CLOUD COMPUTINGSURVEY OF CLOUD COMPUTING
SURVEY OF CLOUD COMPUTING
 
Cloud computing white paper
Cloud computing white paperCloud computing white paper
Cloud computing white paper
 
Group seminar report on cloud computing
Group seminar report on cloud computingGroup seminar report on cloud computing
Group seminar report on cloud computing
 
Cloud Computing on ISO/IEC JTC 1
Cloud Computing on ISO/IEC JTC 1Cloud Computing on ISO/IEC JTC 1
Cloud Computing on ISO/IEC JTC 1
 
cloud computing
cloud computingcloud computing
cloud computing
 
Cloud computing.pptx
Cloud computing.pptxCloud computing.pptx
Cloud computing.pptx
 
Cloud Computing Documentation Report
Cloud Computing Documentation ReportCloud Computing Documentation Report
Cloud Computing Documentation Report
 
cloud computing documentation
cloud computing documentationcloud computing documentation
cloud computing documentation
 
Briefing 47
Briefing 47Briefing 47
Briefing 47
 
Cloud Computing and Security Issues
Cloud Computing and Security IssuesCloud Computing and Security Issues
Cloud Computing and Security Issues
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Jagadeesha kulal J - Cloud computing
Jagadeesha kulal J - Cloud computing Jagadeesha kulal J - Cloud computing
Jagadeesha kulal J - Cloud computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing for enterprise
Cloud computing for enterpriseCloud computing for enterprise
Cloud computing for enterprise
 
Cloud Computing Documentation Report
Cloud Computing Documentation ReportCloud Computing Documentation Report
Cloud Computing Documentation Report
 

Destaque

Inventariodedepresiondebeck
InventariodedepresiondebeckInventariodedepresiondebeck
Inventariodedepresiondebeck
Viri Avila
 
Aarbog 20 1990_jensen_fagbevaegelsen_i_lokalsamfundet
Aarbog 20 1990_jensen_fagbevaegelsen_i_lokalsamfundetAarbog 20 1990_jensen_fagbevaegelsen_i_lokalsamfundet
Aarbog 20 1990_jensen_fagbevaegelsen_i_lokalsamfundet
SFAH
 
Filosofosdelanaturaleza
FilosofosdelanaturalezaFilosofosdelanaturaleza
Filosofosdelanaturaleza
luisramong
 
As campanhas de mocambique em 1895
As campanhas de mocambique em 1895As campanhas de mocambique em 1895
As campanhas de mocambique em 1895
bart3881
 
Vælg den rigtige leverandør
Vælg den rigtige leverandørVælg den rigtige leverandør
Vælg den rigtige leverandør
BestBrains
 
E D I T A L I B G E
E D I T A L I B G EE D I T A L I B G E
E D I T A L I B G E
guestd0af26
 
How did you use media technologies in the construction and research planning ...
How did you use media technologies in the construction and research planning ...How did you use media technologies in the construction and research planning ...
How did you use media technologies in the construction and research planning ...
Elie Kraft
 
Boodschappen voor-de-nieuwe-tijd
Boodschappen voor-de-nieuwe-tijdBoodschappen voor-de-nieuwe-tijd
Boodschappen voor-de-nieuwe-tijd
rozentuil
 

Destaque (20)

Las Emociones en la Educación - mesa redonda
Las Emociones en la Educación - mesa redondaLas Emociones en la Educación - mesa redonda
Las Emociones en la Educación - mesa redonda
 
Excellent News 2011
Excellent News 2011Excellent News 2011
Excellent News 2011
 
Sport en voeding
Sport en voedingSport en voeding
Sport en voeding
 
Update 2
Update 2Update 2
Update 2
 
TAF - Skype Lessons Learned
TAF - Skype Lessons LearnedTAF - Skype Lessons Learned
TAF - Skype Lessons Learned
 
Oug 99 2006
Oug 99 2006Oug 99 2006
Oug 99 2006
 
SMO
SMOSMO
SMO
 
Inventariodedepresiondebeck
InventariodedepresiondebeckInventariodedepresiondebeck
Inventariodedepresiondebeck
 
Water treatment no dirt, no germs
Water treatment no dirt, no germsWater treatment no dirt, no germs
Water treatment no dirt, no germs
 
Aarbog 20 1990_jensen_fagbevaegelsen_i_lokalsamfundet
Aarbog 20 1990_jensen_fagbevaegelsen_i_lokalsamfundetAarbog 20 1990_jensen_fagbevaegelsen_i_lokalsamfundet
Aarbog 20 1990_jensen_fagbevaegelsen_i_lokalsamfundet
 
Filosofosdelanaturaleza
FilosofosdelanaturalezaFilosofosdelanaturaleza
Filosofosdelanaturaleza
 
As campanhas de mocambique em 1895
As campanhas de mocambique em 1895As campanhas de mocambique em 1895
As campanhas de mocambique em 1895
 
Mc Donald
Mc DonaldMc Donald
Mc Donald
 
Making the case for digital citizenship
Making the case for digital citizenshipMaking the case for digital citizenship
Making the case for digital citizenship
 
Vælg den rigtige leverandør
Vælg den rigtige leverandørVælg den rigtige leverandør
Vælg den rigtige leverandør
 
E D I T A L I B G E
E D I T A L I B G EE D I T A L I B G E
E D I T A L I B G E
 
Influensa 2007
Influensa 2007Influensa 2007
Influensa 2007
 
Charge premium prices and visitors will thank you
Charge premium prices and visitors will thank youCharge premium prices and visitors will thank you
Charge premium prices and visitors will thank you
 
How did you use media technologies in the construction and research planning ...
How did you use media technologies in the construction and research planning ...How did you use media technologies in the construction and research planning ...
How did you use media technologies in the construction and research planning ...
 
Boodschappen voor-de-nieuwe-tijd
Boodschappen voor-de-nieuwe-tijdBoodschappen voor-de-nieuwe-tijd
Boodschappen voor-de-nieuwe-tijd
 

Semelhante a The Nitty Gritty of Cloud Computing

Cloud computing writeup
Cloud computing writeupCloud computing writeup
Cloud computing writeup
selvavijay1987
 
SURVEY OF CLOUD COMPUTING
SURVEY OF CLOUD COMPUTINGSURVEY OF CLOUD COMPUTING
SURVEY OF CLOUD COMPUTING
ijwscjournal
 
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTINGA STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
Er Piyush Gupta IN ⊞⌘
 

Semelhante a The Nitty Gritty of Cloud Computing (20)

Cloud Computing Essay
Cloud Computing EssayCloud Computing Essay
Cloud Computing Essay
 
akashgupta(2).pptx
akashgupta(2).pptxakashgupta(2).pptx
akashgupta(2).pptx
 
Cloud computing writeup
Cloud computing writeupCloud computing writeup
Cloud computing writeup
 
cloud computing basics
cloud computing basicscloud computing basics
cloud computing basics
 
chapter 3 Selected Topics in computer.pptx
chapter 3 Selected Topics in computer.pptxchapter 3 Selected Topics in computer.pptx
chapter 3 Selected Topics in computer.pptx
 
SURVEY OF CLOUD COMPUTING
SURVEY OF CLOUD COMPUTINGSURVEY OF CLOUD COMPUTING
SURVEY OF CLOUD COMPUTING
 
International journal of computer science and innovation vol 2015-n2-paper2
International journal of computer science and innovation vol 2015-n2-paper2International journal of computer science and innovation vol 2015-n2-paper2
International journal of computer science and innovation vol 2015-n2-paper2
 
Cloud computing notes unit I as per RGPV syllabus
Cloud computing notes unit I as per RGPV syllabusCloud computing notes unit I as per RGPV syllabus
Cloud computing notes unit I as per RGPV syllabus
 
Cloud computing applicatio
Cloud computing applicatioCloud computing applicatio
Cloud computing applicatio
 
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTINGA STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Sami-Cloud
Sami-CloudSami-Cloud
Sami-Cloud
 
cloude computing report
cloude computing reportcloude computing report
cloude computing report
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud Computing Essays
Cloud Computing EssaysCloud Computing Essays
Cloud Computing Essays
 
Cloud computing _ key the Ultimate future
Cloud computing _ key the Ultimate futureCloud computing _ key the Ultimate future
Cloud computing _ key the Ultimate future
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
The why of a cloud ppt
The why of a cloud pptThe why of a cloud ppt
The why of a cloud ppt
 

The Nitty Gritty of Cloud Computing

  • 1. 1 | P a g e THE NITTY-GRITTY OF CLOUD COMPUTING (November 2014) Michael G. Tase, MSc Data Communications, University of Sheffield. ABSTRACT Computer Scientists have over the years developed various strategies to enable the enhancement of modern computing thereby making it more reliable, efficient, flexible and safer to operate on. Cloud computing is one of the major developmental areas believed by scientists to completely change the way people exchange, manipulate and store huge amount of data remotely in the next decade. But what is the cloud? What technologies define cloud computing? How does cloud computing work? How safe would it be to store sensitive information in a geographically different location? This paper tends to dig in detail into various aspects of the cloud computing technology, highlighting its benefits and challenges together with possible ways to alleviate issues that could affect its further development.
  • 2. 2 | P a g e 1. INTRODUCTION 1.1 The cloud and cloud computing “It’s all about the cloud,” a phrase commonly said these days that usually leaves a large amount of people puzzled at what the cloud and cloud computing could possibly mean. If you are conversant with networking and the internet, you should see that most of the pictorial representations of the internet is usually done by using some mystical cloud symbol. In general, the term cloud means a remote network of networks or simply put, “the internet” that describes all of the infrastructure out there in a remote location enabling the sharing of information between two or more locations geographically separated. Cloud computing on the other hand involves the utilization of infrastructure, resources and shared services together with software that are not local to the user for storage, information transfer, running of high level applications etc. [1]. In the world of today, people send emails using a web browser or some other email application without the need to know the various paths such information takes to reach its destination. These paths made up of servers, routers, high speed media and other network devices all put together form the cloud. For instance, a company executive in charge of the IT affairs of staff doesn’t need to purchase several licenses of a particular software for use by the company staff but instead uses the services of a cloud computing company remotely located to run the software thereby making each staff member able to use same software by simply logging into the cloud using a client interface that could be as simple as a web browser. 1.2 Evolution of cloud computing Even though the concept of cloud computing seems to be an emerging field in computer science and engineering, its idea has for a long time been in existence. Cloud computing is basically seen as an evolution rather than a revolution. In the 1960s, John McCarthy an American computer and cognitive scientist stated that “computation may someday be organised as a public utility” [2]. And then many years later precisely in the 1990s, grid computing which is similar to an electric power grid became a huge enabler of cloud computing. In 1997, Ramnath Chellappa a professor in information systems at Emory University while delivering a lecture made use of cloud computing in its present context as a new computing paradigm. 1999 saw a bright side to cloud computing development when Salesforce.com a cloud computing company Single cloud users Organizational users Database servers Mobile & portables Figure 1.1. The Cloud Computing system The Cloud environment
  • 3. 3 | P a g e showed that it was possible to use a simple website to deliver enterprise applications. Amazon web service was launched in 2002, and in 2006 cloud computing broke out of its shell and became very known thanks to Google Docs. The year 2006 was also nicknamed the actual birth of cloud computing which came after Amazon introduced a commercial web service called the Elastic Compute Cloud (EC2) whereby users could rent a computer in the cloud to run personal applications [2]. In 2007, Google and IBM together with some universities in the United States collaborated within the field. Then in 2008 a platform for deploying private clouds was created by Eucalyptus while a platform for both private and public clouds was formed by Open Nebula. Microsoft finally joined the league of cloud computing service providers in 2009 with the Microsoft Azure providing a platform for users to develop and test software in the cloud [2]. From 2010 till date, several other companies have emerged and have started providing various cloud computing services and this tends to make computer scientists and engineers envision the future of cloud computing. 1.3 Why and why not choose the cloud? The machines and infrastructure present in the cloud makes it capable of running almost any kind of application that a normal user computer would run [3], and it is without doubt that lots of companies and big enterprises are beginning to consider moving into the cloud to utilize services provided. But why should anyone want to pay another company to cater for its data storage and software applications? Some of such driving forces for companies include [3]:  As long as there is an internet connection, you could access your data from any location in the world at any time as cloud computing enables you to access all your information without being present with the machines storing your information. This is very useful for companies with branches in many locations.  Overall running costs would be reduced because users no longer need sophisticated systems to run applications. With just a simple computer and the appropriate client software, you could connect to the cloud and run the same applications as though they were present on your local computer. Maintenance costs for both hardware and software are also cut down.  Companies only need to pay a metered fee to cloud computing companies which replaces the need for buying several software licenses for each member of the staff.  Physical area usually constitute a huge problem for most companies. Some of them pay for extra space to store lots of big servers. This problem could be alleviated by the cloud company in that the company’s database could be stored up in the cloud without the need to procure additional database servers and physical space.  Cloud computing offers an on-demand self-service. This simply means that customers do not need to interact with the cloud service provider in order to use the cloud resources. It is available at any time as long as you are permitted to access. On the other hand, a lot of concerns and challenges have been highlighted as to why most companies still remain paranoid on the idea to migrate into the cloud environment. Security is one of the biggest challenge, and companies still feel safer knowing that its information is kept secured within its premises rather than someplace else where the integrity of such information could be compromised. Another salient challenge is Privacy. Authentication and authorization are most times used to add further security to services and data in the cloud. While Authentication grants access to owners of information by making use of usernames, passwords etc., authorization assigns individuals level of privilege to access information. These methods are usually employed by cloud computing service providers but the fact still remains that companies still consider the possibility of hackers making use of software such as key logger to gain undeserved access to private information by stealing keyed inputs. These and many other issues are being discussed later in this paper together with possible solutions that could help mitigate their effects.
  • 4. 4 | P a g e 2. CLOUD COMPUTING ARCHITECTURE Several components, segments and services integrated together make up the overall cloud computing architecture. They include constituents of the cloud, services provided by cloud companies, and how a user can access the cloud itself. Categorically, the architecture is divided into two, the front end and the back end. The front end simply consists of the client’s user interfaces and applications used to access the cloud. The most common application being the web browser. Other forms may include special purpose software used by a particular company for accessing its information and utilizing services in the cloud. The back end is the cloud section of the system. The deployment models which show the way users can access the cloud, the services rendered by the cloud as well as some intricate cloud computing technologies fall under this category. 2.1 The Deployment Models The cloud computing deployment model defines the kind of access granted to the subscribers of cloud services by cloud service providers depending on subscriber needs. A typical cloud has any of these four types of access: Public, Private, Community and Hybrid. i. Public Cloud This is the most basic cloud access type as it allows any member of the general public to utilize the resources embedded within the cloud. Examples include email service, online data storage providers like drop-box, online gaming etc. This cloud may be less secured due to the nature of its access model. Its infrastructure could be created and maintained by anyone willing to provide the service. All of the cloud’s machines and structures are positioned in provider’s location [1]. ii. Private Cloud The private nature of this cloud model makes its access restricted to only a particular organization. This means that it has the highest level of security when compared with other cloud models to prevent unauthorized personnel from gaining access. All its infrastructure may be owned by a third party company, the organization or a combination of both, and may be located in either of the premises. iii. Community Cloud This allows cloud’s services and resources to be exclusively accessed by a group of organizations sharing similar objectives, requirements and features. Its infrastructure could be located in any of the organizations or a third party cloud computing company altogether. iv. Hybrid Cloud The hybrid cloud simply combines the features of the private and public clouds. This means that for an ideal organisation, critical activities are performed using the private cloud in order to limit unnecessary access, while less critical or more generic activities are performed under the public cloud aspect of the seamless combination of clouds. Figure 2.1 depicts a typical scenario of the four cloud deployment models and kinds of access granted to users depending on desired needs.
  • 5. 5 | P a g e Table 2.1. Comparison of the four deployment models of cloud computing CLOUD MODEL USAGE OWNERSHIP LOCATION PROS CONS Public The general pubic A third party Cloud service provider’s premises Cost effectiveness, high scalability, flexible, Low security, Less customizable Private Exclusive to an organisation The organisation or a third party On/Off provider’s premises Higher security and privacy, More control, cost efficiency Restricted area, additional skills and expertise, inflexible scalability Community Organisations having similar requirements Organisations or third party On/Off provider’s premises Cost effectiveness, More secured than public clouds Responsibility allocation challenge, Less secured than private Hybrid Private and Public models combined Organisation or third party Private and public models combined Scalability, security on the private side, flexible Networking complexities, security challenges. This comparison is important when making a decision to select a cloud access method. 2.2 The Service Delivery Models The cloud service models act as the reference models which shows the category of services being offered by the cloud for utilization by organisations and subscribers. The principal cloud service models include: Software as a service (SaaS), Platform as a service (PaaS), and Infrastructure as a service (IaaS). Others could take the form of Application as a service (AaaS), Business as a service (BaaS), Network as a Service (NaaS), but only the principal services would be discussed. Organisation 1 Organisation 2 Public cloud user Public cloud user Small business PUBLIC CLOUD HYBRID CLOUD PRIVATE CLOUD COMMUNITY CLOUD Figure 2.1. The Cloud Deployment Models
  • 6. 6 | P a g e i. Software as a Service (SaaS) This service provides customers with deployed applications running in the cloud’s infrastructure and can be accessed from the front end using a client web browser or a customised program. Customers usually do not have control over the resources of the cloud providing this service like the hardware and network components, operating systems and memory [1]. Examples of such service provider are: Zoho, SalesForce, DocLanding etc. SaaS finds usefulness in everyday work activities like online gaming, Human Resources, Help Desk applications, emailing and billing. ii. Platform as a Service (PaaS) As the name implies, this service provides a platform for developing applications in the cloud. A runtime environment more like an IDE (Integrated Development Environment) is offered on the cloud. Customers and developers who require high processing speed and capacity together with lots of memory can now utilize this service for application development. Customers can also deploy applications for use under this platform but do not have control over the infrastructure and operating systems used by the cloud [1]. The users can only have access to their deployed applications. Examples of PaaS include, Microsoft Azure, Google App engine, Amazon EC2, Force.com, Load Storm etc. iii. Infrastructure as a service (IaaS) A customer has access to infrastructure components and resources such as the memory, storage, physical and virtual machines, CPU, and other networks. The customer can deploy operating systems and has certain level of privileges to manipulate software on the cloud. The customer however does not have control over the cloud’s operating system and network, but can make use of them to perform related tasks. Examples of IaaS providers include: Amazon S3, Rackspace Cloud, Google Compute Engine, FlexiScale etc. [1, 5]. More control is exercised by the subscriber or customer over cloud resources in the lower service models and lesser control by the cloud service provider [4]. This means that at the bottom layer 1 (IaaS), the customer has more control than at (SaaS) layer 3. Consider a customer being an individual or a small business owner planning on utilizing the cloud’s resources. The best bet is to subscribe to IaaS and gain access to infrastructure resources rather than spend money to acquire these resources considering the effect on the business economy. On the other hand a simple free user can subscribe to email service (SaaS), since he doesn’t require much control to send and receive emails [4]. SaaS Email service, communication, virtual desktop, online games PaaS Execution runtime, Database, Webserver, Development tools, IDE IaaS Servers, Virtual machine, Storage, Load balancers, network Client / Users Web browsers, Mobile Apps, thin client, terminal emulator etc. Figure 2.2. Layered block diagram showing the relationship between the main service models [5] Application layer 3 Infrastructure layer 1 Platform layer 2
  • 7. 7 | P a g e 2.3 Cloud Computing Enabling Technologies Cloud computing isn’t an island technology. Even though it can ideally stand and function well on its own, some existing technologies have made it function even much better and has taken cloud computing to an elevated level. The main enabling technologies are: Virtualization, Service-oriented Architectures (SOA), Grid computing, utility computing, Data storage. i. Virtualization The term virtualization in the IT context refers to the sharing of an instance of a resource or application amongst several users. It assigns a logical identity to a physical resource and then uses a pointer to that location whenever it is needed. Virtual machines are called virtual because they are made up of software rather than hardware. For a typical virtual machine to function, an operating system (OS) called the (Guest O.S) is installed on it, i.e. a software on another software [7]. Also there exists a virtual machine manager (VMM) that does the controlling of all aspects of the virtual machine environment. In the context of cloud computing, imagine different services such as email, web, storage, applications all having dedicated servers in the cloud. Your guesses would be right as mine that not all of these servers would run at full capacity, and therefore leading to a wastage of processing power. Instead, virtual servers are implemented such that one server would be tricked into believing it is a multiple. Guest operating systems are installed on the hardware more like the way a user PC hard drive can be partitioned to take more than one OS at a time, and each OS functions on sections as though it was in a different server entirely. Virtual machines can be controlled in different ways by making use of three main approaches [7]: a. Operating System-based virtualization In this approach, the host OS allows guest OS’ to be installed and run on the same physical server, and it is responsible for controlling and maintaining the operation of the virtual machines. The problem this approach could face is that once a hacker infiltrates the host OS kernel, he can make it possible for the guest OS’ to gain control over the host OS. b. Application-based virtualization This method of virtualization has the application hosted on the host OS. It is not commonly used in real life practice as it has similar vulnerabilities as the OS-based virtualization. c. Hypervisor-based virtualization This approach uses extra security such as intrusion detection systems to further protect the system of virtual machines. The hypervisor is simply a firmware that is usually installed on the server hardware, and being part of the boot time it enables the assignment of resources to virtual machines thereby controlling the activities within the system and acting as a VMM. Also importantly, whenever the hypervisor crashes, all the virtual machines become vulnerable but this wouldn’t cause much concern as it is difficult for hackers to gain control of the hypervisor. Research on this problem is ongoing to find possible measures to alleviate this vulnerability. ii. Service-Oriented Architecture (SOA) Most times, people fail to highlight the difference between cloud computing and SOA. Though similar both work in pretty different ways, and complement each other. In SOA, standard interfaces are provided such that it is possible for users to use different set of software from different vendors to exchange information easily without an additional set of programs or applications to run these applications [6]. Services that employ reusable functionalities are employed here.
  • 8. 8 | P a g e iii. Grid Computing Grid computing describes a type of computing in which a certain group of devices or computers are connected together in order to achieve an objective. This is similar to the electricity grid in which several generating stations contribute to the overall generated power. By employing grid computing, heavy tasks are being split into smaller simpler tasks (modularity) creating a more efficient computing system. Participating units are usually geographically dispersed and work in a heterogeneous way. Grid computing technology finds application in the cloud where multiple CPUs networked together creates greater reliability and efficiency in computing [8]. iv. Utility Computing Basically this involves a metered service of pay per use model. Computational resources such as hardware, software, network bandwidth are rented to customers based on requirements and demand at that point in time. Utility computing serves as enabler for both grid and cloud computing [8]. v. Cloud Data Storage Cloud storage has been existing even before cloud computing became a norm. It provides a form of virtualized storage which is being provided based on the demand. A basic form of cloud storage is web hosting. As the concept of cloud computing keeps improving, customers are now paying for disk space to store up information in the cloud. Most enterprises have their database of information been stored in their private clouds. And these data is been managed by the cloud computing company. A user can backup important data in the cloud, as it is likely to be safer in the cloud. 3. CLOUD COMPUTING CONCERNS AND CHALLENGES In as much as the concept of cloud computing seem interesting and propitious, some companies and enterprises still wouldn’t want to give control to some third party company over important information of the company, and you tend to see reasons with them. Security and Privacy pose the major challenge faced by cloud computing operators. This is why the first thing companies usually do these days is to create a checklist of security measures put in place by cloud service providers to tackle such challenge and make the system safer to operate on [4]. Paranoia on the side of the customer is mainly caused by two reasons which make them less at ease: Loss of control over data and dependence on the cloud computing provider for security. Some of the basis for concern and challenging decision for migration into the cloud are described below [10, 11]. i. Identity Management Unauthorized access to data and information in the cloud poses a significant issue with cloud access system. Organizations would normally have various ways of identifying and authenticating users intending to access its resources with within its network, but this is hardly compatible in the long run with the external cloud based systems. So even though the organization implements powerful authentication techniques internally, this might not be so on the external side. ii. Transparency Cloud providers are most times not transparent enough to the customers. Usually the location where data is being stored is unknown to the customer, and since many companies are likely to have the same cloud provider, data could be compromised by another competing company or even the cloud provider themselves. This can even occur at times when the cloud providers analyse data in the cloud by performing techniques such as data mining. iii. Remote Access safety The connection between the customer and the cloud involves a Wide Area Network (WAN) connection, this means signals could be intercepted if not adequately protected by employing network security measures. Hackers could gain access or control through eavesdropping, DNS
  • 9. 9 | P a g e spoofing, Denial-of-Service attacking. Denial-of-Service could pose serious problems as it occurs when hackers prevent users from accessing information or from responding to legitimate requests by performing an assault using several computers to flood the user with illegitimate requests. Amazon has once been hit by this assault, so this could frighten prospective subscribers [11]. iv. Availability The downtime of most cloud companies is approximately 8.69 hours, which means that regardless of all the high tech architecture and infrastructures put in place, some form of temporal outage is likely to be experienced by cloud computing services [11]. For instance, amazon S3 and EC2 in 2009 once experienced a down time for three hours which affected the services of cloud subscribers like twitter. Other cloud service providers like SalesForce.com and Microsoft Azure have experienced similar issues. Also, in a case were the cloud service provider’s business crashes or goes bankrupt, subscribers would inevitably be cut out of access to data which would in turn affect business activities. v. Data Deletion Due to several backups and redundancy usually made to ensure reliability, complete deletion of subscriber’s data by the cloud company whenever requested could be less guaranteed. Complete deletion of data would involve finding all data which is generally a difficult task. Most subscribers sign an agreement which ensures mandatory deletion of data, but this shouldn’t be over relied on. vi. Legal Issues Three parties are most of the time involved in the overall cloud computing system; the Cloud service provider, the internet service provider (ISP) and the customer. Compliances may not be adequately defined since cloud’s data centres are not collocated. Other risk management factors are likely to be a problem as the question of who is responsible for what and at what cost becomes a challenge. 4. RECOMMENDATIONS BASED ON SECURITY CHALLENGES Some of the recommendations for both the cloud service providers and the customers planning to migrate into the cloud environment are discussed below: i. Authentication and authorization are very crucial parts of cloud security measures. Since we don’t want unauthorized access to resources, implementation of extra security measures is of the essence. Cloud computing companies should think of strategies like Security Assertion Markup Language (SAML). SAML technology basically make use of Simple Object Access Control (SOAC) which has its format based on Extensible Markup Language (XML) [11]. And this enables secure authentication and authorization data exchange between the service provider, the user (principal) and the identity provider. ii. Trust between the cloud service providers and the customer could be strengthened by providing a legal binding contract between both parties which allows customers to get more involved with knowing the location of their data and how the data is being stored and processed. iii. The communication link between the cloud service provider and the customer should be adequately secured to prevent intercepting attacks like denial-of-service and malware attacks. A secure telecommunications network providing guarantee to customers could be employed in cloud computing implementations [10]. iv. Cloud computing companies should also ensure confidentiality of user data and information. This is a trust placed on them and it is their duty to make sure data doesn’t get compromised. The company is responsible for employing all possible means to ensure that the integrity of the customer’s information is highly maintained regardless of where the data is being located.
  • 10. 10 | P a g e Redundancy of data, like creating a backup of user information is also encouraged to reduce the chances of data unavailability. v. Mandatory deletion of data must also be included in the regulations of the contract. Care should also be taken by the cloud service providers when storing information in order not to have several copies in unknown locations. 5. CONCLUSION The main focus of this article was on the major aspects of cloud computing technology which makes it a very functional and useful aspect of the general computing world. The discussed sections are: the architectural components of the cloud, modes of access to the cloud resources, services rendered by cloud service providers, security and privacy issues and some recommendations for migration. The future of cloud computing might be seeing billions of mobile subscribers seeking for more bandwidth and high data storage space, so it is imperative for us to understand how cloud computing was originated, its present status and how efficient it will be to cater for future demands. REFERENCES [1] S. Wattal, A. Kumar “Cloud Computing- an Emerging Trend in Information Technology,” International Conference on Issues and Challenges in Intelligent computing Techniques (ICICT), 2014. [2] S. Biswas, “A History of Cloud Computing,” February 9, 2011, http://cloudtweaks.com/2011/02/a- history-of-cloud-computing [Accessed November, 2014]. [3] J. Strickland, “How Cloud Computing Works,” http://computer.howstuffworks.com/cloud- computing/cloud-computing.htm [Accessed November, 2014]. [4] A. Huth, J. Cebula, “The Basics of Cloud Computing,” Produced for US-CERT, a government organisation. Carnegie Mellon University, 2011. [5] S. Gibbs, “Cloud Computing,” International journal of Innovative Research in Engineering & Science, vol. 1 no. 1, July, 2012. [6] G. Lewis, “Basics about Cloud Computing,” Software Engineering Institute| Carnegie Mellon, Sept 2011. [7] F. Sabahi, “Secure Virtualization for Cloud Environment Using Hypervisor-based Technology,” International Journal of Machine Learning and Computing, vol. 2, No. 1, Feb 2012. [8] S. Biswas, “Cloud computing vs Utility Computing vs Grid Computing: Sorting the differences,” February 1, 2011, http://cloudtweaks.com/2011/02/a-history-of-cloud-computing [Accessed November, 2014]. [9] “Cloud Storage for Cloud Computing,” Joint production of the Open Grid Forum and the Storage Networking Industry Association, 2009. [10] M. Holbl, “Cloud Computing Security and Privacy Issues,” Council of European Professional Informatics Societies (CEPIS), vol 17. March 2011. [11] W. A. Jansen, “Cloud Hooks: Security and Privacy Issues in Cloud Computing,” Proceedings of the 44th Hawaii International Conference on System Sciences, 2011.