Streamlining Python Development: A Guide to a Modern Project Setup
Cloud computing architecture and vulnerabilies
1.
2. POINTS OF DISCUSSION
INTRODUCTION
NEED OF CLOUD COMPUTING
EVOLUTION
ARCHITECTURES
CHARACTERISTICS
SECURITY ISSUES
SECURITY REQUIREMENTS
2
3. WHAT IS CLOUD COMPUTING ?
• Cloud computing is delivery of computing as service rather
than as a product.
• Enables on-demand network access to a shared pool.
• Requires minimal management effort or service provider
interaction.
• It is UTILITY based system comprising of:
3
4. • It is collection of virtualized computers connected under
SERVICE LEVEL AGREEMENT (SLA).
• A service-level agreement is a part of a service contract
where the level of service is formally defined.
• It defines the role of third party control which includes:
Negotiation of contract.
Fulfillment in real time.
QoS parameter.
Monitoring.
Enforcement.
4
5. NEED OF CLOUD COMPUTING
• Cloud computing is a compelling paradigm.
• The mission is to take computing on retail basis.
• Making internet the ultimate resource of all
computing needs.
• Services are sold on a subscription or pay-per usage
basis over internet.
5
10. SERVICE ORIENTED ARCHITECTURE (SOA)
• SOA is an architectural pattern that guides business solutions to create,
organize and reuse its computing components.
• It is having a layered architecture each layer meant for performing
different tasks.
Fig 4 : Basic Architecture diagram of service oriented architecture [ref 2] 10
11. DETAILED SOA ARCHITECTURE DESCRIPTION
Fig 5: detailed service oriented architecture description including all layers and their components.[ref 1] 11
12. • Individual Cloud Provider Layer:
Each provider builds a data center that powers the cloud
services it provides.
Within each cloud there is request dispatcher working with
virtual machine monitor to allocate the requests to available
resources.
• Cloud Ontology Mapping Layer:
It masks the differences among the different cloud providers.
Helps in migration of cloud application from one cloud to
another.
Storage ontology
Computing ontology
Communication ontology
12
13. • Cloud Broker Layer:
It serves as an agent between individual CSP and SOA layer.
It needs to fulfill following tasks:
CLOUD PROVIDER INFORMATION PUBLISHING
RANKING
DYNAMIC SLA NEGOTIATION
ON-DEMAND PROVISION MODEL
• SOA Layer:
Services are published as re-deployable packages.
It contains following information and files:
COMPILED CODE
SOURCE CODE
CONFIGURATION FILE
13
14. CHARACTERISTIC OF CLOUD COMPUTING
Fig 6 : Various characteristics of cloud computing [ref 8]
14
16. SERVICE CATEGORIES
The service provider provides services under
following categories:
Software is
Provides a Virtualizes
presented to the end
development computing power,
user on demand,
platform with a set of storage and
usually in a browser.
services to assist on network
cloud connectivity
16
17. Fig 7: service categories in a cloud with various components implemented at various levels [ref 6] 17
18. TECHINICAL CHARACTERISTICS
LOOSE COUPLING:
Through virtualization or other
technologies, the infrastructures are separated in logic.
Users sets Uset1 , Uset2 , …, Usetm where (m ≥1).
Providers sets Pset1 , Pset2 ,…, Psetn where ( n ≥1 ).
Useti loose coupling with provider setj: Set (Useti Psetj ).
User sets are independent: Useti ∩ Usetj =φ ( 0 ≤ i, j ≤ m , i ≠ j ).
Provider sets are independent: Pseti ∩ Psetj =φ ( 0 ≤ i, j ≤ m , i ≠ j ).
The loose coupling (cloud user connects to cloud
Provider) sets are independent: Set (Useti1, Psetj1 )∩ (Useti2, Psetj2 )
=φ.
Set (Usetgoogle ,Psetgoogle ) ∩ Set (Usetyahoo ,Psetyahoo) ∩ (Usetbing ,Psetbing ) =φ
18
19. Fig 8: Result of a survey conducted among IT giants to find out most crucial element that 19
they are concerned about in cloud computing [ref 4 ]
20. SECURITY: In cloud, data is distributed
regardless of where your base
repository of data is finally
stored
Personal data may be scattered in
PRIVACY: various virtual data centers, even
across the national borders.
Servers in cloud have same
problems as resident servers
RELIABILITY: experiencing downtimes and
slowdowns.
By unthoughtful data sharing,
various laws and government
LEGAL ISSUES regulations may be violated.
Data in the cloud should never
become invalid even when the
service provider go broke and
LONG TERM VIABILITY:
swallowed by other company.
21. Fig 9: information security requirements in various service categories of different computing models of cloud
computing [ref 7] 21
22. • Identification & Authentication:
Users must be validated by username-password authentication.
• Authorization:
Exerting control and privilege over information flow in the cloud.
• Confidentiality:
Information security protocols must be enforced at various layers of
cloud architecture.
• Integrity:
Applying the due diligence within the cloud domain when accessing the
data.
• Non-repudiation:
Applying traditional security protocols and token provisioning to data
transfer.
• Availability:
Most critical security requirement as it is a key decision factor when
choosing among different cloud models.
22
23. Cloud computing is an emerging technology having many
features from earlier technologies like grid and cluster
computing.
It brings infinite computability, good scalability, service on-
demand, etc.
The reliability, availability and other non functional properties
are very good.
There are still many challenges regarding security of data but
that can be solved.