SlideShare una empresa de Scribd logo

Multi-tenancy in Private Clouds

Descargar como PPSX, PDF
Patrick Nicolas
Patrick Nicolas

This presentation introduces the different modes of deployment of applications on a private cloud. Each solution is evaluate in terms of access control, performance and scalability.

TecnologíaEmpresariales
1 de 19
Patrick Nicolas http://patricknicolas.blogspot.com http://www.slideshare.net/pnicolas https://github.com/prnicolas Nov 7, 2007 Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com
Introduction This presentation is an introduction to the different modes of deployment of multitenant application in the cloud, taking into account security, access control, scalability, performance and maintainability. Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 2
Elements of Multi-tenancy There are 3 key elements to consider in deploying a multi-tenant SaaS that defines the degree of isolation in a cloud environment between tenants. • Accesspolicies • Application deployment • Data access and privacy Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 3
Access policies Proxies or web traffic managers are used to control access to cloud resources. Users’ credentials tenant tenant External content Client source Target resources Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 4
Application deployment options They are several options for deploying application servers to support multiple concurrent tenants in a cloud environment • Isolated business logic • Virtualized application servers • Shared virtual servers • Shared application servers Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 5
Isolated Business Logic Each tenant accesses a dedicated physical server running a specific, customized business process (100% isolation) tenant tenant 6
Virtualization Each tenant accesses an application server and database running on a dedicated virtual machine. Virtual machines may share the same underlying physical server. tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 7
Shared Virtualization Each tenant accesses a dedicated application server with database running on a shared virtual machine. tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 8
Shared Application Server Several tenants share the same application server running on the same virtualized environment. The execution of the business logic is done through dedicated thread or processed, providing limited isolation tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 9
Data: Deployment vs. Privacy There are 5 configurations for deploying databases multi-tenant environment in a secure and private manner: • Dedicatedhosts • Shared virtualized hosts • Dedicated databaseon shared hosts • Dedicateddatabase instances on shared databases • Shared Schema Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 10
Data on Dedicated Host In this configuration the database resides in a dedicated server, providing tenant with a fully isolated data access tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 11
Data on Virtual Machine The tenant accesses his/her data from separate databases running on a dedicated virtual machine but sharing a host. tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 12
Databases on Shared Virtualization In this configuration the tenants access dedicated databases sharing the same virtual machine, with very limited isolation. tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 13
Shared Databases The tenants manage their data residing on different tables within the same database instance. Although very cost effective for the cloud provider, this solution provides the customer with very limited privacy and isolation tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 14
Strategy A cloud provider has to balance the different objectives, constraints when building a platform with resources shared among tenants: • Regulatory constraints • Data isolation • Maintenance costs • Schema extensibility • Business continuity and recovery • Liability regarding security breaches Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 15
Costs vs. Data Privacy It is obvious that greater application and data isolation increases deployment costs while sharing resources represents risks for data thief and loss Costs Dedicated host Database on virtual machine Database on shared host Shared database Data privacy risks Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 16
Design The key requirements to build a first class, robust multi-tenant SaaS are • Data protection and liability • Scalability and costs • Customization and reusability • High availability Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 17
Mitigating Risks The SaaS architect is responsible for setting up the defense perimeter to protect data from unintentional access or attack, for a configuration with a limited isolation. The toolbox should include • Filteringproxies (OAuth, NAT, Reputation,..) • Access control lists (SAMM, Kerberos, Identity management, …) • Cryptology Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 18
Data Distribution The distribution of data is the most important factor in the scalability of a SaaS application that serve large amount of content. The most common techniques are • Dynamic provisioning • Partitioning • Sharding • Indexing • Caching Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 19

Recomendados

Multi tenant architecture
Multi tenant architectureMulti tenant architecture
Multi tenant architectureEastern Software Systems
 
Multi Tenancy In The Cloud
Multi Tenancy In The CloudMulti Tenancy In The Cloud
Multi Tenancy In The Cloudrohit_ainapure
 
VMware vCloud Suite
VMware vCloud SuiteVMware vCloud Suite
VMware vCloud SuiteVMware
 
Veeam Backup and Replication: Overview
Veeam Backup and Replication: OverviewVeeam Backup and Replication: Overview
Veeam Backup and Replication: OverviewDudley Smith
 
Pros and Cons of Erasure Coding & Replication vs. RAID in Next-Gen Storage
Pros and Cons of Erasure Coding & Replication vs. RAID in Next-Gen StoragePros and Cons of Erasure Coding & Replication vs. RAID in Next-Gen Storage
Pros and Cons of Erasure Coding & Replication vs. RAID in Next-Gen StorageEric Carter
 
Virtual Infrastructure Overview
Virtual Infrastructure OverviewVirtual Infrastructure Overview
Virtual Infrastructure Overviewvalerian_ceaus
 
CDW: SAN vs. NAS
CDW: SAN vs. NASCDW: SAN vs. NAS
CDW: SAN vs. NASSpiceworks
 
Data Center Server Rack Strategies
Data Center Server Rack StrategiesData Center Server Rack Strategies
Data Center Server Rack Strategies42U Data Center Solutions
 

Recomendados

Multi tenant architecture
Multi tenant architectureMulti tenant architecture
Multi tenant architectureEastern Software Systems
 
Multi Tenancy In The Cloud
Multi Tenancy In The CloudMulti Tenancy In The Cloud
Multi Tenancy In The Cloudrohit_ainapure
 
VMware vCloud Suite
VMware vCloud SuiteVMware vCloud Suite
VMware vCloud SuiteVMware
 
Veeam Backup and Replication: Overview
Veeam Backup and Replication: OverviewVeeam Backup and Replication: Overview
Veeam Backup and Replication: OverviewDudley Smith
 
Pros and Cons of Erasure Coding & Replication vs. RAID in Next-Gen Storage
Pros and Cons of Erasure Coding & Replication vs. RAID in Next-Gen StoragePros and Cons of Erasure Coding & Replication vs. RAID in Next-Gen Storage
Pros and Cons of Erasure Coding & Replication vs. RAID in Next-Gen StorageEric Carter
 
Virtual Infrastructure Overview
Virtual Infrastructure OverviewVirtual Infrastructure Overview
Virtual Infrastructure Overviewvalerian_ceaus
 
CDW: SAN vs. NAS
CDW: SAN vs. NASCDW: SAN vs. NAS
CDW: SAN vs. NASSpiceworks
 
Data Center Server Rack Strategies
Data Center Server Rack StrategiesData Center Server Rack Strategies
Data Center Server Rack Strategies42U Data Center Solutions
 
2.6 backup and recovery
2.6 backup and recovery2.6 backup and recovery
2.6 backup and recoverymrmwood
 
Chap 1 introduction to cloud computing
Chap 1 introduction to cloud computingChap 1 introduction to cloud computing
Chap 1 introduction to cloud computingRaj Sarode
 
CCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best PracticesCCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best Practiceswalk2talk srl
 
Commvault Story - CVTSP_1.pptx
Commvault Story - CVTSP_1.pptxCommvault Story - CVTSP_1.pptx
Commvault Story - CVTSP_1.pptxHardeep Singh Manhas
 
Server Consolidation
Server ConsolidationServer Consolidation
Server ConsolidationManuel Padilha
 
Understanding das-nas-san
Understanding das-nas-sanUnderstanding das-nas-san
Understanding das-nas-sanAshwin Pawar
 
CloudStack Architecture
CloudStack ArchitectureCloudStack Architecture
CloudStack ArchitectureCloudStack - Open Source Cloud Computing Project
 
Virtual SAN 6.2, hyper-converged infrastructure software
Virtual SAN 6.2, hyper-converged infrastructure softwareVirtual SAN 6.2, hyper-converged infrastructure software
Virtual SAN 6.2, hyper-converged infrastructure softwareDuncan Epping
 
Azure backup Disaster Recovery Business Continuity
Azure backup Disaster Recovery Business ContinuityAzure backup Disaster Recovery Business Continuity
Azure backup Disaster Recovery Business ContinuityMike Resseler
 
Disaster Recovery using Azure Services
Disaster Recovery using Azure ServicesDisaster Recovery using Azure Services
Disaster Recovery using Azure ServicesAnoop Nair
 
Hyper-Converged Infrastructure Vx Rail
Hyper-Converged Infrastructure Vx Rail Hyper-Converged Infrastructure Vx Rail
Hyper-Converged Infrastructure Vx Rail Jürgen Ambrosi
 
VMware Virtual SAN Presentation
VMware Virtual SAN PresentationVMware Virtual SAN Presentation
VMware Virtual SAN Presentationvirtualsouthwest
 
VMware vSphere technical presentation
VMware vSphere technical presentationVMware vSphere technical presentation
VMware vSphere technical presentationaleyeldean
 
Software-Defined Storage (SDS)
Software-Defined Storage (SDS)Software-Defined Storage (SDS)
Software-Defined Storage (SDS)Ali Mirfallah
 
Virtualization and cloud computing
Virtualization and cloud computingVirtualization and cloud computing
Virtualization and cloud computingDeep Gupta
 
Virtualization
VirtualizationVirtualization
VirtualizationKingston Smiler
 
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueShapeBlue
 
Storage Architectures And Options
Storage Architectures And OptionsStorage Architectures And Options
Storage Architectures And OptionsAlan McSweeney
 
Multi-Tenant Approach
Multi-Tenant ApproachMulti-Tenant Approach
Multi-Tenant ApproachPerfectial, LLC
 
MySQL Atchitecture and Concepts
MySQL Atchitecture and ConceptsMySQL Atchitecture and Concepts
MySQL Atchitecture and ConceptsTuyen Vuong
 
Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloudsdevillers
 
Multi-Tenant SOA Middleware for Cloud Computing
Multi-Tenant SOA Middleware for Cloud ComputingMulti-Tenant SOA Middleware for Cloud Computing
Multi-Tenant SOA Middleware for Cloud ComputingSrinath Perera
 

Más contenido relacionado

La actualidad más candente

2.6 backup and recovery
2.6 backup and recovery2.6 backup and recovery
2.6 backup and recoverymrmwood
 
Chap 1 introduction to cloud computing
Chap 1 introduction to cloud computingChap 1 introduction to cloud computing
Chap 1 introduction to cloud computingRaj Sarode
 
CCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best PracticesCCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best Practiceswalk2talk srl
 
Understanding das-nas-san
Understanding das-nas-sanUnderstanding das-nas-san
Understanding das-nas-sanAshwin Pawar
 
Virtual SAN 6.2, hyper-converged infrastructure software
Virtual SAN 6.2, hyper-converged infrastructure softwareVirtual SAN 6.2, hyper-converged infrastructure software
Virtual SAN 6.2, hyper-converged infrastructure softwareDuncan Epping
 
Azure backup Disaster Recovery Business Continuity
Azure backup Disaster Recovery Business ContinuityAzure backup Disaster Recovery Business Continuity
Azure backup Disaster Recovery Business ContinuityMike Resseler
 
Disaster Recovery using Azure Services
Disaster Recovery using Azure ServicesDisaster Recovery using Azure Services
Disaster Recovery using Azure ServicesAnoop Nair
 
Hyper-Converged Infrastructure Vx Rail
Hyper-Converged Infrastructure Vx Rail Hyper-Converged Infrastructure Vx Rail
Hyper-Converged Infrastructure Vx Rail Jürgen Ambrosi
 
VMware Virtual SAN Presentation
VMware Virtual SAN PresentationVMware Virtual SAN Presentation
VMware Virtual SAN Presentationvirtualsouthwest
 
VMware vSphere technical presentation
VMware vSphere technical presentationVMware vSphere technical presentation
VMware vSphere technical presentationaleyeldean
 
Software-Defined Storage (SDS)
Software-Defined Storage (SDS)Software-Defined Storage (SDS)
Software-Defined Storage (SDS)Ali Mirfallah
 
Virtualization and cloud computing
Virtualization and cloud computingVirtualization and cloud computing
Virtualization and cloud computingDeep Gupta
 
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueShapeBlue
 
Storage Architectures And Options
Storage Architectures And OptionsStorage Architectures And Options
Storage Architectures And OptionsAlan McSweeney
 
MySQL Atchitecture and Concepts
MySQL Atchitecture and ConceptsMySQL Atchitecture and Concepts
MySQL Atchitecture and ConceptsTuyen Vuong
 

La actualidad más candente (20)

2.6 backup and recovery
2.6 backup and recovery2.6 backup and recovery
2.6 backup and recovery
 
Chap 1 introduction to cloud computing
Chap 1 introduction to cloud computingChap 1 introduction to cloud computing
Chap 1 introduction to cloud computing
 
CCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best PracticesCCI2018 - Azure Network - Security Best Practices
CCI2018 - Azure Network - Security Best Practices
 
Commvault Story - CVTSP_1.pptx
Commvault Story - CVTSP_1.pptxCommvault Story - CVTSP_1.pptx
Commvault Story - CVTSP_1.pptx
 
Server Consolidation
Server ConsolidationServer Consolidation
Server Consolidation
 
Understanding das-nas-san
Understanding das-nas-sanUnderstanding das-nas-san
Understanding das-nas-san
 
CloudStack Architecture
CloudStack ArchitectureCloudStack Architecture
CloudStack Architecture
 
Virtual SAN 6.2, hyper-converged infrastructure software
Virtual SAN 6.2, hyper-converged infrastructure softwareVirtual SAN 6.2, hyper-converged infrastructure software
Virtual SAN 6.2, hyper-converged infrastructure software
 
Azure backup Disaster Recovery Business Continuity
Azure backup Disaster Recovery Business ContinuityAzure backup Disaster Recovery Business Continuity
Azure backup Disaster Recovery Business Continuity
 
Disaster Recovery using Azure Services
Disaster Recovery using Azure ServicesDisaster Recovery using Azure Services
Disaster Recovery using Azure Services
 
Hyper-Converged Infrastructure Vx Rail
Hyper-Converged Infrastructure Vx Rail Hyper-Converged Infrastructure Vx Rail
Hyper-Converged Infrastructure Vx Rail
 
VMware Virtual SAN Presentation
VMware Virtual SAN PresentationVMware Virtual SAN Presentation
VMware Virtual SAN Presentation
 
VMware vSphere technical presentation
VMware vSphere technical presentationVMware vSphere technical presentation
VMware vSphere technical presentation
 
Software-Defined Storage (SDS)
Software-Defined Storage (SDS)Software-Defined Storage (SDS)
Software-Defined Storage (SDS)
 
Virtualization and cloud computing
Virtualization and cloud computingVirtualization and cloud computing
Virtualization and cloud computing
 
Virtualization
VirtualizationVirtualization
Virtualization
 
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
 
Storage Architectures And Options
Storage Architectures And OptionsStorage Architectures And Options
Storage Architectures And Options
 
Multi-Tenant Approach
Multi-Tenant ApproachMulti-Tenant Approach
Multi-Tenant Approach
 
MySQL Atchitecture and Concepts
MySQL Atchitecture and ConceptsMySQL Atchitecture and Concepts
MySQL Atchitecture and Concepts
 

Destacado

Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloudsdevillers
 
Multi-Tenant SOA Middleware for Cloud Computing
Multi-Tenant SOA Middleware for Cloud ComputingMulti-Tenant SOA Middleware for Cloud Computing
Multi-Tenant SOA Middleware for Cloud ComputingSrinath Perera
 
A Multi-tenant Architecture for Business Process Executions
A Multi-tenant Architecture for Business Process ExecutionsA Multi-tenant Architecture for Business Process Executions
A Multi-tenant Architecture for Business Process ExecutionsSrinath Perera
 
JavaOne 2014 - Supporting Multi-tenancy Applications with Java EE
JavaOne 2014 - Supporting Multi-tenancy Applications with Java EEJavaOne 2014 - Supporting Multi-tenancy Applications with Java EE
JavaOne 2014 - Supporting Multi-tenancy Applications with Java EERodrigo Cândido da Silva
 
ConFoo 2015 - Supporting Multi-tenancy Applications with Java EE
ConFoo 2015 - Supporting Multi-tenancy Applications with Java EEConFoo 2015 - Supporting Multi-tenancy Applications with Java EE
ConFoo 2015 - Supporting Multi-tenancy Applications with Java EERodrigo Cândido da Silva
 
Multi-tenancy in Java
Multi-tenancy in JavaMulti-tenancy in Java
Multi-tenancy in Javaseges
 
The Inevitable Cloud Outage
The Inevitable Cloud OutageThe Inevitable Cloud Outage
The Inevitable Cloud OutageNewvewm
 
Slides cloud computing
Slides cloud computingSlides cloud computing
Slides cloud computingHaslina
 

Destacado (9)

Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloud
 
Multi-Tenant SOA Middleware for Cloud Computing
Multi-Tenant SOA Middleware for Cloud ComputingMulti-Tenant SOA Middleware for Cloud Computing
Multi-Tenant SOA Middleware for Cloud Computing
 
A Multi-tenant Architecture for Business Process Executions
A Multi-tenant Architecture for Business Process ExecutionsA Multi-tenant Architecture for Business Process Executions
A Multi-tenant Architecture for Business Process Executions
 
Multi-tenancy in the cloud
Multi-tenancy in the cloudMulti-tenancy in the cloud
Multi-tenancy in the cloud
 
JavaOne 2014 - Supporting Multi-tenancy Applications with Java EE
JavaOne 2014 - Supporting Multi-tenancy Applications with Java EEJavaOne 2014 - Supporting Multi-tenancy Applications with Java EE
JavaOne 2014 - Supporting Multi-tenancy Applications with Java EE
 
ConFoo 2015 - Supporting Multi-tenancy Applications with Java EE
ConFoo 2015 - Supporting Multi-tenancy Applications with Java EEConFoo 2015 - Supporting Multi-tenancy Applications with Java EE
ConFoo 2015 - Supporting Multi-tenancy Applications with Java EE
 
Multi-tenancy in Java
Multi-tenancy in JavaMulti-tenancy in Java
Multi-tenancy in Java
 
The Inevitable Cloud Outage
The Inevitable Cloud OutageThe Inevitable Cloud Outage
The Inevitable Cloud Outage
 
Slides cloud computing
Slides cloud computingSlides cloud computing
Slides cloud computing
 

Similar a Multi-tenancy in Private Clouds

CohesiveFT and IBM joint EMEA Webinar - 20Jun13
CohesiveFT and IBM joint EMEA Webinar - 20Jun13CohesiveFT and IBM joint EMEA Webinar - 20Jun13
CohesiveFT and IBM joint EMEA Webinar - 20Jun13Cohesive Networks
 
Cloud computing(Basic).pptx
Cloud computing(Basic).pptxCloud computing(Basic).pptx
Cloud computing(Basic).pptxnischal52
 
1 croreprojects dotnet ppt
1 croreprojects dotnet ppt1 croreprojects dotnet ppt
1 croreprojects dotnet pptKumar Dlk
 
Distributed, concurrent, and independent access to encrypted cloud databases
Distributed, concurrent, and independent access to encrypted cloud databasesDistributed, concurrent, and independent access to encrypted cloud databases
Distributed, concurrent, and independent access to encrypted cloud databasesieeepondy
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the CloudCloudSmartz
 
An study of security issues & challenges in cloud computing
An study of security issues & challenges in cloud computingAn study of security issues & challenges in cloud computing
An study of security issues & challenges in cloud computingijsrd.com
 
Enhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Enhanced Data Partitioning Technique for Improving Cloud Data Storage SecurityEnhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Enhanced Data Partitioning Technique for Improving Cloud Data Storage SecurityEditor IJMTER
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Cloud Computing_presentation.pptx
Cloud Computing_presentation.pptxCloud Computing_presentation.pptx
Cloud Computing_presentation.pptxGopalThapa9
 
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...IRJET Journal
 
Enhanced security framework to ensure data security in cloud using security b...
Enhanced security framework to ensure data security in cloud using security b...Enhanced security framework to ensure data security in cloud using security b...
Enhanced security framework to ensure data security in cloud using security b...eSAT Journals
 
Ijarcet vol-2-issue-3-884-890
Ijarcet vol-2-issue-3-884-890Ijarcet vol-2-issue-3-884-890
Ijarcet vol-2-issue-3-884-890Editor IJARCET
 
A Framework for Multicloud Environment Services
A Framework for Multicloud Environment ServicesA Framework for Multicloud Environment Services
A Framework for Multicloud Environment ServicesEswar Publications
 
Enabling Integrity for the Compressed Files in Cloud Server
Enabling Integrity for the Compressed Files in Cloud ServerEnabling Integrity for the Compressed Files in Cloud Server
Enabling Integrity for the Compressed Files in Cloud ServerIOSR Journals
 
Enhanced security framework to ensure data security
Enhanced security framework to ensure data securityEnhanced security framework to ensure data security
Enhanced security framework to ensure data securityeSAT Publishing House
 
Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409Editor IJARCET
 
Crypto multi tenant an environment of secure computing using cloud sql
Crypto multi tenant an environment of secure computing using cloud sqlCrypto multi tenant an environment of secure computing using cloud sql
Crypto multi tenant an environment of secure computing using cloud sqlijdpsjournal
 

Similar a Multi-tenancy in Private Clouds (20)

CohesiveFT and IBM joint EMEA Webinar - 20Jun13
CohesiveFT and IBM joint EMEA Webinar - 20Jun13CohesiveFT and IBM joint EMEA Webinar - 20Jun13
CohesiveFT and IBM joint EMEA Webinar - 20Jun13
 
Cloud computing(Basic).pptx
Cloud computing(Basic).pptxCloud computing(Basic).pptx
Cloud computing(Basic).pptx
 
1 croreprojects dotnet ppt
1 croreprojects dotnet ppt1 croreprojects dotnet ppt
1 croreprojects dotnet ppt
 
Distributed, concurrent, and independent access to encrypted cloud databases
Distributed, concurrent, and independent access to encrypted cloud databasesDistributed, concurrent, and independent access to encrypted cloud databases
Distributed, concurrent, and independent access to encrypted cloud databases
 
Whitepaper: Security of the Cloud
Whitepaper: Security of the CloudWhitepaper: Security of the Cloud
Whitepaper: Security of the Cloud
 
Security of the Cloud
Security of the CloudSecurity of the Cloud
Security of the Cloud
 
An study of security issues & challenges in cloud computing
An study of security issues & challenges in cloud computingAn study of security issues & challenges in cloud computing
An study of security issues & challenges in cloud computing
 
Enhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Enhanced Data Partitioning Technique for Improving Cloud Data Storage SecurityEnhanced Data Partitioning Technique for Improving Cloud Data Storage Security
Enhanced Data Partitioning Technique for Improving Cloud Data Storage Security
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)
 
Cloud Computing_presentation.pptx
Cloud Computing_presentation.pptxCloud Computing_presentation.pptx
Cloud Computing_presentation.pptx
 
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
 
ITM711-M2.pdf
ITM711-M2.pdfITM711-M2.pdf
ITM711-M2.pdf
 
V04405122126
V04405122126V04405122126
V04405122126
 
Enhanced security framework to ensure data security in cloud using security b...
Enhanced security framework to ensure data security in cloud using security b...Enhanced security framework to ensure data security in cloud using security b...
Enhanced security framework to ensure data security in cloud using security b...
 
Ijarcet vol-2-issue-3-884-890
Ijarcet vol-2-issue-3-884-890Ijarcet vol-2-issue-3-884-890
Ijarcet vol-2-issue-3-884-890
 
A Framework for Multicloud Environment Services
A Framework for Multicloud Environment ServicesA Framework for Multicloud Environment Services
A Framework for Multicloud Environment Services
 
Enabling Integrity for the Compressed Files in Cloud Server
Enabling Integrity for the Compressed Files in Cloud ServerEnabling Integrity for the Compressed Files in Cloud Server
Enabling Integrity for the Compressed Files in Cloud Server
 
Enhanced security framework to ensure data security
Enhanced security framework to ensure data securityEnhanced security framework to ensure data security
Enhanced security framework to ensure data security
 
Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409
 
Crypto multi tenant an environment of secure computing using cloud sql
Crypto multi tenant an environment of secure computing using cloud sqlCrypto multi tenant an environment of secure computing using cloud sql
Crypto multi tenant an environment of secure computing using cloud sql
 

Más de Patrick Nicolas

Autonomous medical coding with discriminative transformers
Autonomous medical coding with discriminative transformersAutonomous medical coding with discriminative transformers
Autonomous medical coding with discriminative transformersPatrick Nicolas
 
Open Source Lambda Architecture for deep learning
Open Source Lambda Architecture for deep learningOpen Source Lambda Architecture for deep learning
Open Source Lambda Architecture for deep learningPatrick Nicolas
 
AI for electronic health records
AI for electronic health recordsAI for electronic health records
AI for electronic health recordsPatrick Nicolas
 
Monadic genetic kernels in Scala
Monadic genetic kernels in ScalaMonadic genetic kernels in Scala
Monadic genetic kernels in ScalaPatrick Nicolas
 
Scala for Machine Learning
Scala for Machine LearningScala for Machine Learning
Scala for Machine LearningPatrick Nicolas
 
Stock Market Prediction using Hidden Markov Models and Investor sentiment
Stock Market Prediction using Hidden Markov Models and Investor sentimentStock Market Prediction using Hidden Markov Models and Investor sentiment
Stock Market Prediction using Hidden Markov Models and Investor sentimentPatrick Nicolas
 
Advanced Functional Programming in Scala
Advanced Functional Programming in ScalaAdvanced Functional Programming in Scala
Advanced Functional Programming in ScalaPatrick Nicolas
 
Adaptive Intrusion Detection Using Learning Classifiers
Adaptive Intrusion Detection Using Learning ClassifiersAdaptive Intrusion Detection Using Learning Classifiers
Adaptive Intrusion Detection Using Learning ClassifiersPatrick Nicolas
 
Data Modeling using Symbolic Regression
Data Modeling using Symbolic RegressionData Modeling using Symbolic Regression
Data Modeling using Symbolic RegressionPatrick Nicolas
 
Semantic Analysis using Wikipedia Taxonomy
Semantic Analysis using Wikipedia TaxonomySemantic Analysis using Wikipedia Taxonomy
Semantic Analysis using Wikipedia TaxonomyPatrick Nicolas
 
Taxonomy-based Contextual Ads Targeting
Taxonomy-based Contextual Ads TargetingTaxonomy-based Contextual Ads Targeting
Taxonomy-based Contextual Ads TargetingPatrick Nicolas
 

Más de Patrick Nicolas (12)

Autonomous medical coding with discriminative transformers
Autonomous medical coding with discriminative transformersAutonomous medical coding with discriminative transformers
Autonomous medical coding with discriminative transformers
 
Open Source Lambda Architecture for deep learning
Open Source Lambda Architecture for deep learningOpen Source Lambda Architecture for deep learning
Open Source Lambda Architecture for deep learning
 
AI for electronic health records
AI for electronic health recordsAI for electronic health records
AI for electronic health records
 
Monadic genetic kernels in Scala
Monadic genetic kernels in ScalaMonadic genetic kernels in Scala
Monadic genetic kernels in Scala
 
Scala for Machine Learning
Scala for Machine LearningScala for Machine Learning
Scala for Machine Learning
 
Stock Market Prediction using Hidden Markov Models and Investor sentiment
Stock Market Prediction using Hidden Markov Models and Investor sentimentStock Market Prediction using Hidden Markov Models and Investor sentiment
Stock Market Prediction using Hidden Markov Models and Investor sentiment
 
Advanced Functional Programming in Scala
Advanced Functional Programming in ScalaAdvanced Functional Programming in Scala
Advanced Functional Programming in Scala
 
Adaptive Intrusion Detection Using Learning Classifiers
Adaptive Intrusion Detection Using Learning ClassifiersAdaptive Intrusion Detection Using Learning Classifiers
Adaptive Intrusion Detection Using Learning Classifiers
 
Data Modeling using Symbolic Regression
Data Modeling using Symbolic RegressionData Modeling using Symbolic Regression
Data Modeling using Symbolic Regression
 
Semantic Analysis using Wikipedia Taxonomy
Semantic Analysis using Wikipedia TaxonomySemantic Analysis using Wikipedia Taxonomy
Semantic Analysis using Wikipedia Taxonomy
 
Hadoop Ecosystem
Hadoop EcosystemHadoop Ecosystem
Hadoop Ecosystem
 
Taxonomy-based Contextual Ads Targeting
Taxonomy-based Contextual Ads TargetingTaxonomy-based Contextual Ads Targeting
Taxonomy-based Contextual Ads Targeting
 

Último

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 

Último (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 

Multi-tenancy in Private Clouds

  • 2. Introduction This presentation is an introduction to the different modes of deployment of multitenant application in the cloud, taking into account security, access control, scalability, performance and maintainability. Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 2
  • 3. Elements of Multi-tenancy There are 3 key elements to consider in deploying a multi-tenant SaaS that defines the degree of isolation in a cloud environment between tenants. • Accesspolicies • Application deployment • Data access and privacy Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 3
  • 4. Access policies Proxies or web traffic managers are used to control access to cloud resources. Users’ credentials tenant tenant External content Client source Target resources Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 4
  • 5. Application deployment options They are several options for deploying application servers to support multiple concurrent tenants in a cloud environment • Isolated business logic • Virtualized application servers • Shared virtual servers • Shared application servers Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 5
  • 6. Isolated Business Logic Each tenant accesses a dedicated physical server running a specific, customized business process (100% isolation) tenant tenant 6
  • 7. Virtualization Each tenant accesses an application server and database running on a dedicated virtual machine. Virtual machines may share the same underlying physical server. tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 7
  • 8. Shared Virtualization Each tenant accesses a dedicated application server with database running on a shared virtual machine. tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 8
  • 9. Shared Application Server Several tenants share the same application server running on the same virtualized environment. The execution of the business logic is done through dedicated thread or processed, providing limited isolation tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 9
  • 10. Data: Deployment vs. Privacy There are 5 configurations for deploying databases multi-tenant environment in a secure and private manner: • Dedicatedhosts • Shared virtualized hosts • Dedicated databaseon shared hosts • Dedicateddatabase instances on shared databases • Shared Schema Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 10
  • 11. Data on Dedicated Host In this configuration the database resides in a dedicated server, providing tenant with a fully isolated data access tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 11
  • 12. Data on Virtual Machine The tenant accesses his/her data from separate databases running on a dedicated virtual machine but sharing a host. tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 12
  • 13. Databases on Shared Virtualization In this configuration the tenants access dedicated databases sharing the same virtual machine, with very limited isolation. tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 13
  • 14. Shared Databases The tenants manage their data residing on different tables within the same database instance. Although very cost effective for the cloud provider, this solution provides the customer with very limited privacy and isolation tenant tenant Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 14
  • 15. Strategy A cloud provider has to balance the different objectives, constraints when building a platform with resources shared among tenants: • Regulatory constraints • Data isolation • Maintenance costs • Schema extensibility • Business continuity and recovery • Liability regarding security breaches Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 15
  • 16. Costs vs. Data Privacy It is obvious that greater application and data isolation increases deployment costs while sharing resources represents risks for data thief and loss Costs Dedicated host Database on virtual machine Database on shared host Shared database Data privacy risks Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 16
  • 17. Design The key requirements to build a first class, robust multi-tenant SaaS are • Data protection and liability • Scalability and costs • Customization and reusability • High availability Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 17
  • 18. Mitigating Risks The SaaS architect is responsible for setting up the defense perimeter to protect data from unintentional access or attack, for a configuration with a limited isolation. The toolbox should include • Filteringproxies (OAuth, NAT, Reputation,..) • Access control lists (SAMM, Kerberos, Identity management, …) • Cryptology Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 18
  • 19. Data Distribution The distribution of data is the most important factor in the scalability of a SaaS application that serve large amount of content. The most common techniques are • Dynamic provisioning • Partitioning • Sharding • Indexing • Caching Patrick Nicolas (C) Copyright 2007-2013 patricknicolas.blogspot.com 19