Unit-2(Cloud Computing Architecture)

What is a cloud ecosystem?

A cloud ecosystem is a complex system of interdependent components that all work together
to enable cloud services. In nature, an ecosystem is composed of living and nonliving things
that are connected and work together. In cloud computing, the ecosystem consists of
hardware and software as well as cloud customers, cloud engineers, consultants, integrators
and partners.
Cloud computing offers revolutionary benefits: streamlined offerings for self-service, fast-
provisioning services, competitive pricing, and more. Such benefits serve several business
needs, such as analytics and analytics, collaborative capabilities, and the rapid growth of new
technologies and facilities.
How a cloud ecosystem works
The center of a cloud ecosystem is a public cloud provider. It might be an IaaS provider such
as Amazon Web Services (AWS) or a SaaS vendor such as Salesforce. Radiating out from
the center of the cloud are software companies that use the provider's anchor platform, as
well as consultants and companies that have formed strategic alliances with the anchor
provider.
There is no vendor lock-in because these companies overlap, making the ecosystem more
complex. For example, AWS is the center of its own ecosystem, but it's also a part of the
Salesforce ecosystem. Salesforce runs a number of its services on AWS's infrastructure, and
Salesforce customers can gain access, through devices called connectors, to pieces of AWS,
such as its Simple Storage Service (S3).
A robust ecosystem provides a cloud provider's customers with an easy way to find and
purchase business applications and respond to changing business needs. When the apps are
sold through a provider’s app store such as AWS Marketplace, Microsoft Azure
Marketplace (for cloud software) or Microsoft AppSource (for business applications), the
customer essentially has access to a catalog of different vendors' software and services that
have already been vetted and reviewed for security, risk and cost.
Benefits of a cloud ecosystem
Aggregating data and evaluating how each component of the system influences the other
component is often easier to aggregate. For instance, it becomes possible to analyze trends
across an entire patient population if an environment consists of patient records, smart device
logs and healthcare provider records. Cloud deployment model analysis is a cloud
environment can be established and recorded, resulting in a deliverable series.
 To define the deployment analysis is used to deployment model type.
 Cloud readiness evaluation - evaluating the skills to handle and organize the
implementation of cloud-enabled solutions
 The vision of cloud adoption, outlining our governance plan, planned market
performance, and business cases that highlight projected advantages. To construct a
step-by-step plan to frame the cloud expedition in an ideal sequence. Developing
sustainable guidance system will initiate and guide a transformative cloud strategy.
 Use cases building a set of case studies and scenarios to guide the analysis, selection
and prioritization of candidate workloads "cloud-friendly
 Architectural considerations - evaluating the architecture of knowledge (data,
structure and deployment standards) and application architecture (applications,
structure and development standards).

Er.Binay Kumar Yadav Page 1

 Unit-2(Cloud Computing Architecture)

The architecture of the Cloud Ecosystem

The following figure shows the cloud ecosystem architecture.

The main actors of the Cloud Ecosystem are as follows -

Cloud Service User
 Cloud service user (CSU) is an individual or company who uses cloud services that
are distributed.
 End-users may be individuals, machines, or apps.
Cloud service Provider
 A company that provides and manages the cloud services provided.
Cloud Service Partner
 An entity or organization which supports the creation of the service offer by a partner.
Cloud Management in Cloud Computing
Cloud computing management is maintaining and controlling the cloud services and
resources be it public, private or hybrid. Some of its aspects include load balancing,
performance, storage, backups, capacity, deployment etc. To do so a cloud managing
personnel needs full access to all the functionality of resources in the cloud. Different
software products and technologies are combined to provide a cohesive cloud management
strategy and process.
As we know Private cloud infrastructure is operated only for a single organization, so that
can be managed by the organization or by a third party. Public cloud services are delivered
over a network that is open and available for public use. In this model, the IT infrastructure
is owned by a private company and members of the public can purchase or lease data
storage or computing capacity as needed. Hybrid cloud environments are a combination of
public and private cloud services from different providers. Most organizations store data on
private cloud servers for privacy concerns, while leveraging public cloud applications at a
lower price point for less sensitive information. The combination of both the public and
private cloud are known as Hybrid cloud servers.

Er.Binay Kumar Yadav Page 2

 Unit-2(Cloud Computing Architecture)

Need of Cloud Management :

Cloud is nowadays preferred by huge organizations as their primary data storage. A small
downtime or an error can cause a great deal of loss and inconvenience for the
organizations. So as to design, handle and maintain a cloud computing service specific
members are responsible who make sure things work out as supposed and all arising issues
are addressed.
Cloud Management Platform :
A cloud management platform is a software solution that has a robust and extensive set of
APIs that allow it to pull data from every corner of the IT infrastructure. A CMP allows an
IT organization to establish a structured approach to security and IT governance that can be
implemented across the organization’s entire cloud environment.
Cloud Management Tasks :
The below figure represents different cloud management tasks :

Cloud Management Tasks

 Auditing System Backups –
It is required to audit the backups from time to time to ensure restoration of randomly
selected files of different users. This might be done by the organization or by the cloud
provider.
 Flow of data in the system –
The managers are responsible for designing a data flow diagram that shows how the data
is supposed to flow throughout the organization.
 Vendor Lock-In –
The managers should know how to move their data from a server to another in case the
organization decides to switch providers.
 Knowing provider’s security procedures –
The managers should know the security plans of the provider, especially Multitenant
use, E-commerce processing, Employee screening and Encryption policy.

Er.Binay Kumar Yadav Page 3

 Unit-2(Cloud Computing Architecture)

 Monitoring the Capacity, Planning and Scaling abilities –

The manager should know if their current cloud provider is going to meet their
organization’s demand in the future and also their scaling capabilities.
 Monitoring audit log –
In order to identify errors in the system, logs are audited by the managers on a regular
basis.
 Solution Testing and Validation –
It is necessary to test the cloud services and verify the results and for error-free
solutions.

What is On-Demand Computing?

On-demand computing (ODC) is a delivery model in which computing resources are
made available to the user as needed. The resources may be maintained within the user's
enterprise or made available by a cloud service provider.The term cloud computing is often
used as a synonym for on-demand computing when the services are provided by a third party
-- such as a cloud hosting organization.
The on-demand business computing model was developed to overcome the challenge of
enterprises meeting fluctuating demands efficiently. Because an enterprise's demand for
computing resources can be unpredictable at times, maintaining sufficient resources to meet
peak requirements can be costly. And cutting costs by only maintaining minimal resources
means there are likely insufficient resources to meet peak loads. The on-demand model
provides an enterprise with the ability to scale computing resources up or down whenever
needed, with the click of a button.
The model is characterized by three attributes: scalability, pay-per-use and self-service.
Whether the resource is an application program that helps team members collaborate or
provides additional storage, the computing resources are elastic, metered and easy to obtain.
When an organization pairs with a third party to provide on-demand computing, it either
subscribes to the service or uses a pay-per-use model. The third party then provides
computing resources whenever needed, including when the organization is working on
temporary projects, has expected or unexpected workloads or has long-term computing
requirements. For example, a retail organization could use on-demand computing to scale up
their online services, providing additional computing resources during a high-volume time,
such as Black Friday.
On-demand computing normally provides computing resources such as storage capacity, or
hardware and software applications. The service itself is provided with methods
including virtualization, computer clusters and distributed computing.
Common Applications of On-demand Computing
Whenever we use an online service like YouTube, Gmail, or Office 365, we access on-
demand computing resources online. The applications of this business computing model are
vast. Here are some of the common applications of cloud computing:
1. Cloud Server Hosting: It allows businesses to host their websites, domains, and databases
on dedicated servers and hardware to facilitate information sharing and data storage.
2. Cloud Storage: It allows users to store and access their confidential data on remote cloud
storage systems maintained by cloud storage service providers like OneDrive, Dropbox, and
Drive.
3. Cloud Backup: It allows users to prevent their data from losing in case of a cyberattack,
equipment failure, server crash, or any other event that could result in data loss.

Er.Binay Kumar Yadav Page 4

 Unit-2(Cloud Computing Architecture)

Benefits of On-demand Computing

Given below are some of the key benefits offered by on-demand computing:
1. Accessibility
The biggest advantage of on-demand computing is that it allows users to access their desired
resources anytime, anywhere. Cloud-based applications don’t need on-premises installation;
rather, you can get your desired features and perform different functions online over the
internet.
Similarly, businesses can access their confidential data from a central web-based hub. Hence,
on-demand computing significantly improves the quality of operations and gives companies
a long-term edge over their competitors.
2. Better Team Collaboration
With the rise in remote and hybrid work, businesses need digital solutions to improve team
collaboration and make data-driven decisions. As a result, the demand for on-demand
computing has skyrocketed because cloud-based resources allow teams across different
locations to work together.
Data stored on the cloud is automatically synced between multiple devices used by several
team members. This way, you can share insights, make timely corrections, and stay updated
for improved performance.
3. Ease of Use
Traditional software requires on-premises installation, maintenance, and regular updates for
optimum performance. Cloud computing eliminates all these requirements since cloud-based
solutions are accessed over the internet without any restriction of time and location.
This makes on-demand computing a user-friendly business model. Companies can achieve
their objectives and meet their desired goals by leveraging robust cloud-based solutions
online. Moreover, on-demand computing also ensures that users access the updated versions
all the time and stay ahead of trends.
4. Cost-efficiency
Lastly, on-demand computing is a cost-effective business model. Instead of investing in
expensive IT infrastructure and resources, SMEs and startups can access cloud-based
solutions online. They can subscribe to a plan that meets their business requirements and
upgrade their plan as their needs evolve with time.
Eventually, cloud computing enables businesses to reduce their operational expenses and
achieve long-term cost savings. These benefits ultimately lead to financial stability which is
essential to succeed amid rising economic challenges.

Cloud Computing Identity as a Service (IDaaS)

Employees in a company require to login to system to perform various tasks. These systems
may be based on local server or cloud based. Following are the problems that an employee
might face:
 Remembering different username and password combinations for accessing multiple
servers.
 If an employee leaves the company, it is required to ensure that each account of that
user is disabled. This increases workload on IT staff.
To solve above problems, a new technique emerged which is known as Identity-as–a-
Service (IDaaS).
IDaaS offers management of identity information as a digital entity. This identity can be
used during electronic transactions.

Er.Binay Kumar Yadav Page 5

 Unit-2(Cloud Computing Architecture)

Identity
Identity refers to set of attributes associated with something to make it recognizable. All
objects may have same attributes, but their identities cannot be the same. A unique identity is
assigned through unique identification attribute.
There are several identity services that are deployed to validate services such as validating
web sites, transactions, transaction participants, client, etc. Identity-as-a-Service may include
the following:
 Directory services
 Federated services
 Registration
 Authentication services
 Risk and event monitoring
 Single sign-on services
 Identity and profile management
Single Sign-On (SSO)
To solve the problem of using different username and password combinations for different
servers, companies now employ Single Sign-On software, which allows the user to login
only one time and manage the access to other systems.
SSO has single authentication server, managing multiple accesses to other systems, as shown
in the following diagram:

SSO Working
There are several implementations of SSO. Here, we discuss the common ones:

Following steps explain the working of Single Sign-On software:

 User logs into the authentication server using a username and password.

Er.Binay Kumar Yadav Page 6

 Unit-2(Cloud Computing Architecture)

The authentication server returns the user's ticket.

 User sends the ticket to intranet server.
 Intranet server sends the ticket to the authentication server.
 Authentication server sends the user's security credentials for that server back to the
intranet server.
If an employee leaves the company, then disabling the user account at the authentication
server prohibits the user's access to all the systems.
Federated Identity Management (FIDM)
FIDM describes the technologies and protocols that enable a user to package security
credentials across security domains. It uses Security Markup Language (SAML) to
package a user's security credentials as shown in the following diagram:

OpenID
It offers users to login into multiple websites with single account. Google, Yahoo!, Flickr,
MySpace, WordPress.com are some of the companies that support OpenID.
Benefits
 Increased site conversation rates
 Access to greater user profile content
 Fewer problems with lost passwords
 Ease of content integration into social networking sites
What are the Benefits of IDaaS

 Reduce costs. Using a cloud-based IDaaS solution eliminates the need for equipment
purchases, specialized IT staff and ongoing training, allowing your IT team to stay
focused on day-to-day operations.
 Better user experiences. Single sign-on and multi-factor authentication let users login
with a single set of credentials, which reduces friction and password reset assistance.
 Increase revenue and customer loyalty. A good first impression from a smooth login
process leads to more customer interactions and sales.
 Strengthen security. Outsourcing your IAM solution to experts limits the ability of
bad actors with compromised credentials from entering your system and stealing
data.
 Scalable to meet your needs. Cloud-based subscription services adapt easily to
changing user bases, such as an influx of new customers for events and promotions.

Er.Binay Kumar Yadav Page 7

 Unit-2(Cloud Computing Architecture)

 Risk mitigation. Identity solutions reduce your risk of a data breach, which could
cost your organization millions of dollar.
Compliance as a Service (CaaS) in Cloud Computing
Compliance as a Service (CaaS) is a type of solution that uses cloud computing to help
businesses store data and manage regulatory compliance. Though services may vary
depending on the industry, CaaS providers typically store sensitive data in accordance with
regulations and provide tools for managing and reporting compliance in your organization.

Cloud compliance issues occur as any cloud consumer make use of cloud storage and
backup services. Cloud computing by its very nature extents various jurisdictions. The laws
of the country of request from where it originates many not necessarily match the laws of
the country in which the request is being processed, and probably laws of neither location
match the laws of the country in which the service is delivered. Compliance is beyond than
a basically provided an unidentified service token to an identity so that access to a resource
can be obtain. Compliance is a difficult issue which needs considerable expertise.—
The major services that should provided additionally in a Compliance as a Service (CaaS)
offering:
1. Database access control
2. Separation of duties
3. Annual risk assessment
4. Application management
5. Change control
6. Data discovery
7. Data masking
8. Incident response
9. Policy creation and enforcement
10.Real-time data protection
11.Repair of vulnerabilities
12.Personnel training
13.Service configuration
Advantages of Compliance as a Service (CaaS) –
1. In cloud, Encryption is quite arduous to track which is simplified by the Compliance as a
Service. To fulfill the needs of end user and organizations around governance including
compliance, they use a cloud provider’s service. These services deliver pre-built
behaviors with specific regulations, such as needed encryption levels.
2. Compliance as a Services are configurable i.e. no development is required. This is cost
effective for the organizations and it reduce the maintenance along with changing
regulations, as well as internal and external policies of the corporations.
Disadvantages of Compliance as a Service (CaaS) –
1. Cloud service consumers will be held responsible for any issues with the compliance
services. Its mandatory that customer validate the compliance services to ensure that
there are no issues.
2. It is impossible to Compliance as a Service providers to support all the regulations
among all the countries. Also, as all the services are cloud based then there is always a
risk that providers will stop to providing the services at any time because of low uses of
their services. So, end-user and organization become dependent on service providers.
Overall these are some critical aspects which falls under drawbacks of CaaS.

Er.Binay Kumar Yadav Page 8