Cloud computing is Internet ("cloud") based development and use of computer technology ("computing"). It is an emerging computing technology that uses the Internet and central remote servers to maintain data and applications. Cloud computing allows consumers and business to use applications without installation and access their personal files at any computer with Internet access. This technology allows for much more efficient computing by centralizing storage, memory, processing and bandwidth.
A Secure and Reliable Document Management System is Essential.docx
Cloud computing
1. Title
WHITE PAPER ON CLOUD COMPUTING
Abstract
This white paper will help readers to know the basics of
cloud computing and also to gain an understanding on how
cloud computing works. I hope it will be beneficial to all
people who want to save some money on infrastructures.
Cloud based on demand web-services such as databases,
queues, identity management, data on-demand, widgets,
etc. are meeting with browser based thick-client frameworks
such as AJAX, Adobe Flex, MS Silverlight, etc. to create a
new breed of applications, built on a resuscitated
Client/Server (Client/Server 2.0) SOA-based paradigm. The
traditional "business logic" application server middle-tier is
ceding the way to cloud based pay-per-use SOA.
The increasing sophistication of cloud web-services
platforms, the increase in browser sophistication and the
availability of advanced client side IDEs will reinforce this
trend. The new paradigm will simplify the development of
web applications, simplify the creation of SaaS, provide
better maintainability and lower TCO.
3. Table of Contents
I. Cloud Computing Basics...............................................................................................................................4
II. Segment of Cloud Computing......................................................................................................................6
i. Application................................................................................................................................................6
ii. Platforms...................................................................................................................................................6
iii. Infrastructure...........................................................................................................................................7
III. Implementing Cloud Computing ...............................................................................................................8
i. Private Clouds............................................................................................................................................8
ii. Public Clouds ...........................................................................................................................................9
iii. Hybrid Clouds ......................................................................................................................................10
IV. Characteristics of Cloud computing.........................................................................................................11
i. Dynamic computing infrastructure..........................................................................................................11
ii. IT service-centric approach....................................................................................................................11
iii. Self-service based usage model.............................................................................................................12
iv. Minimally or self-managed platform.....................................................................................................12
v. Consumption-based billing.....................................................................................................................12
V. Cloud Computing Security Plan................................................................................................................14
VII. Barriers to Cloud Computing..................................................................................................................17
i. Customer Perspective..............................................................................................................................17
ii. Vendor Perspective.................................................................................................................................17
VIII. Summary ...............................................................................................................................................19
IX. Conclusion ...............................................................................................................................................20
X. Abbreviation..............................................................................................................................................21
Page 3 of 21
4. I. Cloud Computing Basics
Cloud computing is Internet ("cloud") based development
and use of computer technology ("computing"). It is an
emerging computing technology that uses the Internet and
central remote servers to maintain data and applications.
Cloud computing allows consumers and business to use
applications without installation and access their personal
files at any computer with Internet access. This technology
allows for much more efficient computing by centralizing
storage, memory, processing and bandwidth.
Cloud computing is the convergence and evolution of several
concepts from virtualization, distributed application design,
grid, and enterprise IT management to enable a more
flexible approach for deploying and scaling applications.
Cloud promises real costs savings and agility to customers.
Through cloud computing, a company can rapidly deploy
applications where the underlying technology components
can expand and contract with the natural ebb and flow of
the business life cycle. Traditionally, once an application was
deployed it was bound to a particular infrastructure, until the
infrastructure was upgraded. The result was low efficiency,
utilization, and flexibility. Cloud enablers, such as
virtualization and grid computing, allow applications to be
dynamically deployed onto the most suitable infrastructure
at run time. This elastic aspect of cloud computing allows
applications to scale and grow without needing traditional
‘fork-lift’ upgrades.
IT departments and infrastructure providers are under
increasing pressure to provide computing infrastructure at
the lowest possible cost. In order to do this, the concepts of
resource pooling, virtualization, dynamic provisioning, utility
and commodity computing must be leveraged to create a
public or private cloud that meets these needs. World-class
data centers are now being formed that can provide this
Page 4 of 21
5. Infrastructure-as-a-Service (IaaS) in a very efficient
manner.
Customers can thus decide to develop their own
applications, to run on their own internal private clouds, or
leverage software as a SaaS application that run on public
clouds. Integration and federation of services across both
the public and private cloud, so-called “hybrid clouds,” is an
emerging area of interest. The public cloud concept allows
customers to develop and deploy applications with
tremendous speed without the procurement and red-tape
issues of dealing with potentially slow moving and costly IT
departments. This also allows customers to shift traditional
Capital Expenditures (CapEx) into their Operating
Expenditure (OpEx) budgets.
Driven by concerns over security, regulatory compliance,
control over Quality of Service (QoS), vendor lock-in, and
long-term costs, many larger customers, who have the
economies of scale and strong IT competency, will build
internal private clouds. These private clouds can provide the
same cost and agility benefits as public clouds, while
mitigating enterprise concerns about security, compliance,
QoS, lock-in and TCO.
Page 5 of 21
6. II. Segment of Cloud Computing
Cloud computing is broken down into three segments:
"applications," "platforms," and "infrastructure".
i. Application
So far, the applications segment of cloud computing is the
only segment that has proven successful as a business
model. By running business applications over the Internet
from centralized servers rather than from on-site servers,
companies can cut some serious costs. Furthermore, while
avoiding maintenance costs, licensing costs and the costs of
the hardware required to run servers on-site, companies are
able to run applications much more efficiently from a
computing standpoint.
On demand software services come in a few different
varieties that may vary in their pricing scheme and how the
software is delivered to the end users. In the past, the end-
user would generally purchase a license from the software
provider and then install and run the software directly from
on-premise servers.
ii. Platforms
Platforms serve as an interface for users to access
applications provided by partners or in some cases the
customers.
The following companies are some that have developed
platforms that allow end users to access applications from
centralized servers using the Internet. Next is the name of
the platform used by the company:
1. Google (GOOG) - Apps Engine
2. Amazon.com (AMZN) - EC2
3. Microsoft (MSFT) - Windows Live
Page 6 of 21
7. 4. Terremark Worldwide (TMRK) - The Enterprise Cloud
5. Salesforce.com (CRM) - Force.com
6. NetSuite (N) - Suiteflex
7. Mosso - Mosso, a division of Rackspace
8. Metrisoft - Metrisoft SaaS Platform
iii. Infrastructure
The final segment in cloud computing, known as
infrastructure, is the backbone of the entire concept.
Infrastructure vendors provide the physical storage space
and processing capabilities that allow all the services
described above.
Page 7 of 21
8. III. Implementing Cloud Computing
All of the architectural and organizational considerations
mentioned herein are generally apply to all implementations
of a cloud infrastructure. As we focus on building the cloud,
a number of models have been developed for deploying a
cloud infrastructure.
i. Private Clouds
In a private cloud, the infrastructure for implementing the
cloud is controlled completely by the enterprise. Typically,
private clouds are implemented in the data center of the
enterprise and managed by internal resources.
A private cloud maintains all corporate data in resources
under the control of the legal and contractual umbrella of
the organization. This eliminates the regulatory, legal and
security concerns associated with information being
processed on third party computing resources.
The private cloud can also be used by existing IT
departments to dramatically reduce their costs and as an
opportunity to shift from a cost center to a value center in
the eyes of the business.
As an example, the following diagram depicts the key
architectural elements of a private cloud utilizing Oracle’
scalabilities’:
Page 8 of 21
9. ii. Public Clouds
In a public cloud, external organizations provide the
infrastructure and management required to implement the
cloud. Public clouds dramatically simplify implementation
and are typically billed based on usage. This transfers the
cost from a capital expenditure to an operational expense
and can quickly be scaled to meet the organization’s needs.
Temporary applications or applications with burst resource
requirements typically benefit from the public cloud’s ability
to ratchet up resources when needed and then scale them
back when they are no longer needed. In a private cloud,
the company would need to provision for the worst case
across all the applications that share the infrastructure. This
can result in wasted resources when utilization is not at its
peak.
Public clouds have the disadvantage of hosting your data in
an offsite organization outside the legal and regulatory
umbrella of your organization. In addition, as most public
clouds leverage a worldwide network of data centers, it is
Page 9 of 21
10. difficult to document the physical location of data at any
particular moment. These issues result in potential
regulatory compliance issues that include the use of public
clouds for certain organizations or business applications.
Not all public cloud based applications can provide the
necessary flexibility and functionality needed by business
users. For this reason, customers require the ability to take
preferred functionality from one cloud application and
combine it with another, creating a cloud based component
application. This is still an emerging area of development
with some early companies, such as Cast Iron, providing
integration of a wide range of cloud-based applications.
Ultimately, many customers may decide that the private
cloud offers more flexibility and develop new applications
themselves.
iii. Hybrid Clouds
To meet the benefits of both approaches, newer execution
models have been developed to combine public and private
clouds into a unified solution.
Applications with significant legal, regulatory or service level
concerns for information can be directed to a private cloud.
Other applications with less stringent regulatory or service
level requirements can leverage a public cloud
infrastructure.
Implementation of a hybrid model requires additional
coordination between the private and public service
management system. This typically involves a federated
policy management tool, seamless hybrid integration,
federated security, information asset management,
coordinated provisioning control, and unified monitoring
systems.
Page 10 of 21
11. IV. Characteristics of Cloud computing
i. Dynamic computing infrastructure
Cloud computing requires a dynamic computing
infrastructure. The foundation for the dynamic infrastructure
is a standardized, scalable, and secure physical
infrastructure. There should be levels of redundancy to
ensure high levels of availability, but mostly it must be easy
to extend as usage growth demands it, without requiring
architecture rework. Next, it must be virtualized.
A dynamic computing infrastructure is critical to effectively
supporting the elastic nature of service provisioning and de-
provisioning as requested by users while maintaining high
levels of reliability and security. The consolidation provided
by virtualization, coupled with provisioning automation,
creates a high level of utilization and reuse, ultimately
yielding a very effective use of capital equipment.
ii. IT service-centric approach
Cloud computing is IT (or business) service-centric. This is in
sharp contrast to more traditional system- or server- centric
models. In most cases, users of the cloud generally want to
run some business service or application for a specific,
timely purpose; they don’t want to get bogged down in the
system and network administration of the environment.
They would prefer to quick and easy access a dedicated
instance of an application or service. By abstracting away
the server-centric view of the infrastructure, system users
can easily access powerful pre-defined computing
environments designed specifically around their service.
An IT Service Centric approach enables user adoption and
business agility – the easier and faster a user can perform
an administrative task, the more expedient the business
moves, reducing costs or driving revenue.
Page 11 of 21
12. iii. Self-service based usage model
Interacting with the cloud requires some level of user self-
service. Best of breed self-service provides users the ability
to upload, build, deploy, schedule, manage, and report on
their business services on demand. Self-service cloud
offerings must provide easy-to-use, intuitive user interfaces
that equip users to productively manage the service delivery
lifecycle.
iv. Minimally or self-managed platform
For an IT team or a service provider to efficiently provide a
cloud for its constituents, they must leverage a technology
platform that is self-managed. Best-of-breed clouds enable
self-management via software automation, leveraging the
following capabilities:
1. A provisioning engine for deploying services and tearing
them down recovering resources for high levels of
reuse
2. Mechanisms for scheduling and reserving resource
capacity Capabilities for configuring, managing, and
reporting to ensure resources can be allocated and
reallocated to multiple groups of users
3. Tools for controlling access to resources and policies for
how resources can be used or operations can be
performed
All of these capabilities enable business agility while
simultaneously enacting critical and necessary
administrative control.
v. Consumption-based billing
Finally, cloud computing is usage-driven. Consumers pay for
only what resources they use and therefore are charged or
billed on a consumption-based model. Cloud computing
platforms must provide mechanisms to capture usage
information that enables charge back reporting and
integration with billing systems.
Page 12 of 21
14. V. Cloud Computing Security Plan
Cloud computing has unique security risks. Security risks,
threats, and breaches can come in so many forms and from
so many places that many companies take a comprehensive
approach to security management across IT and the
business. The following pointers useful for creating cloud
computing security plan.
• In most circumstances, approach cloud security from a
risk-management perspective. Be sure to involve your
organization’s risk-management specialists in the
planning.
• The cost of security could be an issue. Be aware of
what similar organizations spend on IT security and be
prepared to spend a similar amount. It also helps to
track time lost due to any kind of attack—as a
measurement of cost that you may be able to reduce.
• Identity management is key. Give priority to improving
identity management if your current capability is poor.
• Try to create general awareness of security risks by
educating and warning staff members about specific
dangers. It is easy to become complacent, especially if
you’re using a cloud service provider. However, most
security breaches are created inside the network.
• Use external IT security consultants to regularly check
your company’s security policy and network, as well as
those of your cloud service providers.
• Determine specific IT security policies for change
management and patch management, and make sure
that policies are well understood by your staff and your
cloud service provider.
• Stay abreast of news about IT security breaches in
other companies and the causes of those breaches.
• Review backup and disaster-recovery systems in light
of IT security. Apart from anything else, IT security
breaches can require complete application recovery.
Page 14 of 21
15. Because of the complexity of securing cloud environments,
many organizations use hybrid cloud environments that
include public as well as private clouds.
Cloud service providers each have their own way of
managing security. Sometimes, the cloud service provider’s
security plan will conflict with your company’s rules. Before
you implement your security plan you need to ensure that it
will complement your provider’s plan.
Page 15 of 21
16. VI. Primary Benefits of Cloud Computing
The primary benefits of using cloud computing are as
follows:
1. To deliver a future state architecture that captures the
promise of Cloud Computing, architects need to
understand the primary benefits of Cloud computing.
2. Decoupling and separation of the business service from
the infrastructure needed to run it (virtualization).
3. Flexibility to choose multiple vendors that provide
reliable and scalable business services, development
environments, and infrastructure that can be leveraged
out of the box and billed on a metered basis—with no
long term contracts.
4. Elastic nature of the infrastructure to rapidly allocate
and de-allocate massively scalable resources to
business services on a demand basis.
5. Cost allocation flexibility for customers wanting to
move CapEx into OpEx.
6. Reduced costs due to operational efficiencies, and more
rapid deployment of new business services.
Page 16 of 21
17. VII. Barriers to Cloud Computing
IT cloud services are still largely in the early adoption phase.
As such, it is no surprise that there’s a long list of issues
cloud services suppliers need to address to drive
mainstream adoption. Here’s how our respondents rated
nine of the challenges commonly ascribed to the cloud
services model.
i. Customer Perspective
• Data Security: Many customers don’t wish to trust their
data to “the cloud”. Data must be locally retained for
regulatory reasons.
• Latency: The cloud can be many milliseconds away. Not
suitable for real-time applications.
• Application Availability: Cannot switch from existing legacy
applications. Equivalent cloud applications do not exist.
ii. Vendor Perspective
1. Service Level Agreements
• Security: with the businesses’ information and critical
IT resources outside the firewall, customers worry
about their vulnerability to attack.
• Cloud services dependability: The complex web of
interdependency that supports cloud services
Page 17 of 21
18. availability and performance – from network availability
and performance, to the availability and performance of
the cloud service provider’s systems, and beyond, to
the performance and availability of the “supply chain”
of services that the service provider depends on – cries
out for suppliers who can offer greater transparency of
interdependencies as well as credible service level
assurances.
2. Business Models
• SaaS/PaaS models are challenging.
• Much lower upfront revenue.
While customers certainly enjoy the economic and
operational benefits of the off-the-shelf, standardized
nature of many cloud services, this survey shows they
nonetheless want greater ability to “fit” cloud services
more tightly into the context of their specific business.
Users want to maximize the leverage of their many
other critical business systems – in-house legacy
systems and, increasingly, externally-sourced cloud
services – by being able to integrate across these
systems. ”SaaS 1.0″ systems – that lack standard-
based APIs, and are effectively “islands” – are of
diminishing value; this is why user should be include
the requirement for web services APIs in definition of
cloud services.
3. Customer Lock-in
• Customers want open/standard APIs.
• Need to continuously add value.
Page 18 of 21
19. VIII. Summary
For IT departments in larger enterprises, developing a
private cloud often makes the most financial and business
sense. When developing the architectural vision, an
enterprise architect should bear in mind the characteristics
of cloud computing as well as consider some of the
organizational and cultural issues that might become
obstacles to the adoption of the future state architecture.
When moving ahead, decisions must be made on whether
the future-state technical architecture should emphasize
compatibility with the current standard or start from scratch
to minimize cost. Future state systems architecture designs
involve trade-offs between lower cost/operational efficiency
and greater flexibility. Using an Enterprise Architecture
framework can help enterprise architects navigate the trade-
offs and design a system that accomplishes the business
goal.
Page 19 of 21
20. IX. Conclusion
Cloud computing offers real alternatives to IT departments
for improved flexibility and lower cost. Markets are
developing for the delivery of software applications,
platforms, and infrastructure as a service to IT departments
over the “cloud”. These services are readily accessible on a
pay-per-use basis and offer great alternatives to businesses
that need the flexibility to rent infrastructure on a temporary
basis or to reduce capital costs. Architects in larger
enterprises find that it may still be more cost effective to
provide the desired services in-house in the form of “private
clouds” to minimize cost and maximize compatibility with
internal standards and regulations. If so, there are several
options for future-state systems and technical architectures
that architects should consider finding the right trade-off
between cost and flexibility. Using an architectural
framework will help architects evaluate these trade-offs
within the context of the business architecture and design a
system that accomplishes the business goal.
Page 20 of 21
21. X. Abbreviation
SaaS Software as a Service
PaaS Platform as a service
CapEx Capital Expenditures
OpEx Operating Expenditure
SOA Service-Oriented Architecture
TCO Total Cost of Ownership
IaaS Infrastructure-as-a-Service
QoS Quality of Service
Page 21 of 21