Part 1: Overview of Cloud Computing

Part 1: Overview of Cloud Computing

“Advantages, History, and Characteristics of Cloud Computing … Service & Deployment Models, Infrastructure, and Consumer View … Security and Scenarios … Assumptions, Terms of Service, & Promises … Limitations, Obligations, Recommendations, & Implications”
(Source URL)

Summaries

  • Part 1: Overview of Cloud Computing > Advantages, History, and Characteristics of Cloud Computing > Video
  • Part 1: Overview of Cloud Computing > Advantages, History, and Characteristics of Cloud Computing > Video
  • Part 1: Overview of Cloud Computing > Service & Deployment Models, Infrastructure, and Consumer View > Video
  • Part 1: Overview of Cloud Computing > Security and Scenarios > Video
  • Part 1: Overview of Cloud Computing > Assumptions, Terms of Service, & Promises > Video
  • Part 1: Overview of Cloud Computing > Limitations, Obligations, Recommendations, & Implications > Video
  • Part 1: Overview of Cloud Computing > Summary of Part 1 > Video

Part 1: Overview of Cloud Computing > Advantages, History, and Characteristics of Cloud Computing > Video

  • According to the NIST Cloud Computing Definition, Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.
  • Before describing the NIST computing model and the different ways that clouds are used, let’s address the question “why is there so much excitement about cloud computing?” The value proposition of cloud computing is that it allows computer users to conveniently rent access to applications, software development and deployment environments, and computing infrastructure such as data storage and processing.
  • It has been predicted that the new products and services created by cloud computing could produce $1.1 trillion a year in new business revenues and spending on public and private IT cloud services will generate nearly 14 million jobs worldwide according to a study by the analysis firm IDC.
  • Through the 1960’s and 70’s, large banks of computers provided so-called “time-sharing” services to local and remote users.
  • While the concepts of cloud computing are not new, what is new is that faster data communications capability, faster and more reliable computing power, denser and cheaper storage, and new programming paradigms have enabled comprehensive computational resource-sharing to become vast, pervasive and economical.
  • That is, the provider’s computing resources are comingled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand.
  • This characteristic refers to the ability of cloud systems to automatically control and optimize resource utilization through monitoring, measurement and reporting of cloud attributes, for example storage capacity, processing power, network bandwidth, and number of active user accounts.

Part 1: Overview of Cloud Computing > Advantages, History, and Characteristics of Cloud Computing > Video

  • According to the NIST Cloud Computing Definition, Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.
  • Before describing the NIST computing model and the different ways that clouds are used, let’s address the question “why is there so much excitement about cloud computing?” The value proposition of cloud computing is that it allows computer users to conveniently rent access to applications, software development and deployment environments, and computing infrastructure such as data storage and processing.
  • It has been predicted that the new products and services created by cloud computing could produce $1.1 trillion a year in new business revenues and spending on public and private IT cloud services will generate nearly 14 million jobs worldwide according to a study by the analysis firm IDC.
  • Through the 1960’s and 70’s, large banks of computers provided so-called “time-sharing” services to local and remote users.
  • While the concepts of cloud computing are not new, what is new is that faster data communications capability, faster and more reliable computing power, denser and cheaper storage, and new programming paradigms have enabled comprehensive computational resource-sharing to become vast, pervasive and economical.
  • That is, the provider’s computing resources are comingled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand.
  • This characteristic refers to the ability of cloud systems to automatically control and optimize resource utilization through monitoring, measurement and reporting of cloud attributes, for example storage capacity, processing power, network bandwidth, and number of active user accounts.

Part 1: Overview of Cloud Computing > Service & Deployment Models, Infrastructure, and Consumer View > Video

  • With Platform as a Service the consumer deploys consumer-created or -acquired applications onto the cloud infrastructure using programming languages and tools provided by the provider.
  • The consumer does not manage or control the underlying cloud infrastructure such as network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations.
  • The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications and limited control of certain networking components, such as host firewalls.
  • Deployment Models The NIST cloud definition describes four deployment models: private, community, public, and hybrid.
  • The private cloud may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.
  • With a community cloud the infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns, such as a common mission, security requirements, policy, and compliance considerations.
  • The cloud may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of these, and it may also exist on or off premises.
  • Cloud Infrastructure A cloud infrastructure is the collection of hardware and software that enables the five essential characteristics of cloud computing.
  • Conceptually the abstraction layer sits above the physical layer The cloud infrastructure can be viewed as containing both a physical layer and an abstraction layer.
  • The physical layer consists of the hardware resources that are necessary to support the cloud services being provided, and typically includes server, storage and network components.
  • In general terms, a cloud system and its consumers employ the client-server model, which means that clients, whether human users or software programs, send messages over a network to server computers, which then perform work in response to the messages received.
  • The cloud’s computing resources are depicted as a grid of computer systems storage and applications, where users and clients access a cloud over network connections.
  • New users and clients may arrive, existing ones may depart, and the number of these using a cloud at any one time is variable.
  • A cloud maintains a pool of hardware resources that it manages to maximize service and minimize costs.
  • To maintain highly available services despite expected component failures and service life expirations, a cloud will attach new hardware components as needed and retire old or failing components.

Part 1: Overview of Cloud Computing > Security and Scenarios > Video

  • It is sometimes asserted that when compared to traditional on premises computing, cloud computing requires consumers to give up two important capabilities: control and visibility.
  • The assertion that control and visibility are given up by cloud consumers to the provider is true.
  • The various cloud deployment models have implications for the locations of consumer-controlled security perimeters and hence for the level of control that consumers can exercise over resources that they entrust to a cloud.
  • The security perimeter extends around both the consumer’s on-site resources and the private cloud’s resources.
  • One is implemented by a provider and one implemented by a cloud consumer.
  • The security of data and processing conducted in the outsourced private cloud depends on the strength of the security perimeters and the communications link.
  • The provider accepts responsibility to enforce the provider-implemented security perimeter and to prevent mingling of private cloud resources with other cloud resources that are outside the provider-controlled security perimeter.
  • A number of mechanisms can be used to achieve the desired strength of separation between private cloud resources and other cloud resources.
  • The left side depicts members that provide and possibly consume cloud services.
  • The boundary controllers in any configuration should grant appropriate access to the cloud resources both to local clients and to clients of other participant organizations.
  • If access to local cloud resources is allowed, non-cloud resources should be protected appropriately.
  • This figure conveys another lesson; that is the access policy of a community cloud may be complex and if there are many community members, a decision must be made, either implicitly or explicitly, on how to share a member’s local cloud resources with each of the other members.
  • The cloud provider implements a security perimeter which prevents mingling of community cloud resources with other cloud resources that are outside the provider-controlled security perimeter.
  • A significant difference between the outsourced community and private clouds is that in the outsourced cloud the provider may need to enforce a sharing policy among participant organizations in the community cloud.
  • Finally, the cloud serves a diverse universe of users and clients that might include potential attackers.
  • A hybrid cloud is a composition of clouds where each is one of other cloud models described.
  • The figure depicts a generalized hybrid cloud composed of a number of constituent clouds representing all of the deployment model variants.
  • Access points into the constituent clouds and the network connectivity between them are shown.
  • Security policies governing the flow of information and access to resources could be implemented in a wide variety of ways, for example, based on policies applied by each individual constituent cloud.
  • Global issues such as identity management and shared standards for authentication and information protection within the hybrid cloud need to also be considered.
  • A further complication is that a hybrid cloud may change over time with constituent clouds joining and leaving.
  • However many less complex and highly useful hybrid cloud configurations are possible.
  • So called “Cloud bursting” is an option in which a consumer uses a private cloud for routine workloads, but optionally accesses one or more external clouds during periods of high demand.
  • In another hybrid configuration, cloud A can be used for the disaster recovery of cloud B. In such a case, cloud A tracks and replicates all state changes in cloud B and can be brought online in the event of catastrophic failure in B. For new software developed specifically to run on cloud platforms multi-cloud configurations are possible.
  • Request handling platform clouds can be very efficient for making Web applications continuously available at low cost while on-site or community infrastructure clouds may be more suitable for performing necessary background work to support the applications.
  • An organization may elect to process sensitive data such as personnel files in an outsourced private cloud but use a public cloud for new software development and testing activities.

Part 1: Overview of Cloud Computing > Assumptions, Terms of Service, & Promises > Video

  • In making the decision to employ a cloud computing solution, and the appropriate deployment and service model, there are certain underlying assumptions that must recognized.
  • Cloud consumers need a working and secure network to access a cloud.
  • By operating the server computers, a provider may reduce the need for IT staff in consumer organizations, but consumers will still access the cloud from on-site consumer-managed client systems that must be maintained and secure.
  • To manage a cloud’s hardware resources efficiently, providers must be able to migrate consumer workloads between machines without inconveniencing the clients, that is, without the clients being required to track and adapt to changes and therefore without the clients being aware.
  • A flaw in the implementation or in the provider’s management and operational policies and procedures could compromise the security of consumers.
  • A consumer’s terms of service for a cloud are determined by a legally binding agreement between the consumer and producer, often contained in two parts: a service agreement, and a Service Level Agreement.
  • Generally, the service agreement is a legal document specifying the rules of the legal contract between a consumer and provider, and the service level agreement is a shorter document stating the technical performance promises made by a provider including remedies for performance failures.
  • Certain elements of typical commercial cloud service agreements directly express the quality of service and security that providers offer.
  • Typically a consumer either accepts a provider’s pricing and other terms, or finds a provider with more acceptable terms.
  • Published service agreements between consumers and providers can typically be terminated at any time by either party, either “For cause” such as a consumer’s violation of a cloud’s acceptable use policies, or for failure of a consumer to pay in a timely manner.
  • So if a provider specifies an availability interval of, say, 5 minutes, and the service is not functional for 4 minutes, then the provider can still claim 100% availability for that interval.
  • Providers usually reserve the right to monitor consumer actions in a cloud, and they may even demand a copy of consumer software to assist in that monitoring.

Part 1: Overview of Cloud Computing > Limitations, Obligations, Recommendations, & Implications > Video

  • Generally, provider policies include five key limitations: If a provider announces a scheduled service outage, the outage does not count as failure to perform.
  • Examples include power failures, natural disasters, and failures in network connectivity between consumers and providers.
  • Providers generally reserve the right to change the terms of the service agreement at any time, and to change pricing with limited advanced notice.
  • Providers generally assert that they are not responsible for the impacts of security breaches or for security in general, that is unauthorized modification or disclosure of consumer data, or service interruptions caused by malicious activity.
  • In some cases, providers promise to use best efforts to protect consumer data, but all of the providers surveyed disclaim security responsibility for data breach, data loss, or service interruptions by limiting remedies to service credits for failure to meet availability promises.
  • In some cases, providers bundle such software and include monitoring to ensure that license restrictions are enforced.
  • Recommendations When a consumer of cloud services chooses a provider or negotiates services he should focus on several key aspects of the negotiated agreements.
  • Common terms may be redefined by a cloud provider in ways that are specific to that provider’s offerings.
  • A consumer should carefully assess whether the service agreement specifies compliance with appropriate laws and regulations governing consumer data.
  • He should carefully examine the service agreement for any disclaimers relating to security or critical processing, and should also search for any comment on whether the provider recommends independent backup of data stored in their cloud.
  • If the terms of the default service agreement do not address all consumer needs, the consumer should discuss modifications of the service agreement with the provider prior to use.
  • Finally he should be aware that, depending on the details of the service agreement, a provider may change the terms of service with a specified level of advance notice.
  • The workloads of different clients may reside concurrently on the same system and local network, separated only by access policies implemented by a provider’s software.
  • A flaw in the implementation or in the provider’s management and operational policies and procedures could compromise the security of consumers.

Part 1: Overview of Cloud Computing > Summary of Part 1 > Video

  • In this course we have seen the many ways that cloud computing can be used to organize resources to optimize various properties such performance and reliability.
  • We have discussed the various basic cloud deployment and service models and have seen how these models can be assembled into immense space of combinations.
  • All of these factors, and many others need to be taken account when deciding whether to adopt a cloud computing strategy and, if yes, which strategy or strategies to adopt.

Return to Summaries

(image source)

 

Print Friendly, PDF & Email