Cloud Computing Architecture

Cloud Computing reference model

 Saas
• SaaS is also known as "On-Demand Software". It is a
software distribution model in which services are hosted
by a cloud service provider. These services are available
to end-users over the internet so, the end-users do not
need to install any software on their devices to access
these services.
• There are the following services provided by SaaS providers -
• Business Services - SaaS Provider provides various business
services to start-up the business.
• The SaaS business services include
• ERP (Enterprise Resource Planning), billing, and sales.
• Document Management - SaaS document management is a
software application offered by a third party (SaaS providers)
to create, manage, and track electronic documents.
• Example: Slack, Samepage, Box, and Zoho Forms.
• Social Networks - As we all know, social
networking sites are used by the general public, so
social networking service providers use SaaS for
their convenience and handle the general public's
information.
• Mail Services - To handle the unpredictable
number of users and load on e-mail services,
many e-mail providers offering their services using
SaaS.
SaaS Providers
 IaaS
• IaaS is also known as Hardware as a Service (HaaS). It is one of
the layers of the cloud computing platform. It allows customers to
outsource their IT infrastructures such as servers, networking,
processing, storage, virtual machines, and other resources.
Customers access these resources on the Internet using a pay-as-per
use model.
• In traditional hosting services, IT infrastructure was rented out for a
specific period of time, with pre-determined hardware configuration.
The client paid for the configuration and time, regardless of the
actual use. With the help of the IaaS cloud computing platform layer,
clients can dynamically scale the configuration to meet changing
requirements and are billed only for the services actually used.
IaaS
• IaaS provider provides the following services -
1.Compute: Computing as a Service includes virtual
central processing units and virtual main memory for
the Vms that is provisioned to the end- users.
2.Storage: IaaS provider provides back-end storage for
storing files.
3.Network: Network as a Service (NaaS) provides
networking components such as routers, switches,
and bridges for the Vms.
4.Load balancers: It provides load balancing
capability at the infrastructure layer.
IaaS Providers
 Platform as a Service (PaaS)
• Platform as a Service (PaaS) provides a runtime environment. It
allows programmers to easily create, test, run, and deploy web
applications. You can purchase these applications from a cloud
service provider on a pay-as-per use basis and access them using
the Internet connection. In PaaS, back end scalability is managed by
the cloud service provider, so end- users do not need to worry about
managing the infrastructure.
• PaaS includes infrastructure (servers, storage, and networking) and
platform (middleware, development tools, database management
systems, business intelligence, and more) to support the web
application life cycle.
• Example: Google App Engine, Force.com, Joyent, Azure.
PaaS Providers
 Public Cloud

• Public Cloud provides a shared platform that is accessible to

the general public through an Internet connection.
• Public cloud operated on the pay-as-per-use model and
administrated by the third party, i.e., Cloud service provider.
• In the Public cloud, the same storage is being used by multiple
users at the same time.
• Public cloud is owned, managed, and operated by businesses,
universities, government organizations, or a combination of them.
• Amazon Elastic Compute Cloud (EC2), Microsoft Azure, IBM's Blue
Cloud, Sun Cloud, and Google Cloud are examples of the public
cloud.
 Advantages of Public Cloud
• There are the following advantages of public cloud -
• 1) Low Cost
• Public cloud has a lower cost than private, or hybrid cloud, as it
shares the same resources with a large number of consumers.
• 2) Location Independent
• Public cloud is location independent because its services are
offered through the internet.
• 3) Save Time
• In Public cloud, the cloud service provider is responsible for the
manage and maintain data centers in which data is stored, so
the cloud user can save their time to establish connectivity,
deploying new products, release product updates, configure,
and assemble servers.
 Disadvantages of Public Cloud

• 1) Low Security
• Public Cloud is less secure because resources are
shared publicly.
• 2) Performance
• In the public cloud, performance depends upon the
speed of internet connectivity.
• 3) Less customizable
• Public cloud is less customizable than the private
cloud.
 Private Cloud

• Private cloud is also known as an internal cloud or corporate cloud.

• Private cloud provides computing services to a private internal
network (within the organization) and selected users instead of
the general public.
• Private cloud provides a high level of security and privacy to data
through firewalls and internal hosting. It also ensures that operational
and sensitive data are not accessible to third-party providers.
• HP Data Centers, Microsoft, Elastra-private cloud, and Ubuntu are the
example of a private cloud.
 Advantages of Private cloud
1) More Control
• Private clouds have more control over their resources and hardware
than public clouds because it is only accessed by selected users.
2) Security & privacy
• Security & privacy are one of the big advantages of cloud
computing. Private cloud improved the security level as compared
to the public cloud.
3) Improved performance
• Private cloud offers better performance with improved
speed and space capacity.
 Disadvantages of Private Cloud

• 1) High cost
• The cost is higher than a public cloud because set up and maintain
hardware resources are costly.
• 2) Restricted area of operations
• As we know, private cloud is accessible within the organization, so
the area of operations is limited.
• 3) Limited scalability
• Private clouds are scaled only within the capacity of internal hosted
resources.
• 4) Skilled people
• Skilled people are required to manage and operate cloud services.
 Hybrid Cloud

• Hybrid cloud is a combination of public and private clouds.

Hybrid cloud = public cloud + private cloud
• The main aim to combine these cloud (Public and Private) is to create
a unified, automated, and well-managed computing environment.
• In the Hybrid cloud, non-critical activities are performed by
the public cloud and critical activities are performed by
the private cloud.
• Mainly, a hybrid cloud is used in finance, healthcare, and Universities.
• The best hybrid cloud provider companies are Amazon, Microsoft,
Google, Cisco, and NetApp.
 Advantages of Hybrid Cloud

1) Flexible and secure

• It provides flexible resources because of the public cloud and
secure resources because of the private cloud.
2) Cost effective
• Hybrid cloud costs less than the private cloud. It helps
organizations to save costs for both infrastructure and
application support.
3) Cost effective
• It offers the features of both the public as well as the private
cloud. A hybrid cloud is capable of adapting to the demands that
each company needs for space, memory, and system.
 Disadvantages of Hybrid Cloud

1) Networking issues
• In the Hybrid Cloud, networking becomes complex because of the
private and the public cloud.
2) Infrastructure Compatibility
• Infrastructure compatibility is the major issue in a hybrid cloud.
With dual-levels of infrastructure, a private cloud controls the
company, and a public cloud does not, so there is a possibility that
they are running in separate stacks.
3) Reliability
• The reliability of the services depends on cloud service providers.
 Community Cloud

• Community cloud is a cloud infrastructure that

allows systems and services to be accessible by a
group of several organizations to share the
information. It is owned, managed, and operated
by one or more organizations in the community, a
third party, or a combination of them.
• Example: Our government organization within
India may share computing infrastructure in the
cloud to manage data.
 Advantages of Community Cloud

• Cost effective
• Community cloud is cost effective because the whole cloud is shared
between several organizations or a community.
• Flexible and Scalable
• The community cloud is flexible and scalable because it is compatible with
every user. It allows the users to modify the documents as per their needs
and requirement.
• Security
• Community cloud is more secure than the public cloud but less secure than
the private cloud.
• Sharing infrastructure
• Community cloud allows us to share cloud resources, infrastructure, and
other capabilities among various organizations.
 Disadvantages of Community Cloud

There are the following disadvantages of Community Cloud -

•Community cloud is not a good choice for every organization.
•Slow adoption to data
•The fixed amount of data storage and bandwidth is shared among all
community members.
•Community Cloud is costly than the public cloud.
•Sharing responsibilities among organizations is difficult.
Cloud Computing actors
 Actors in Cloud computing
• Cloud Consumer: A person or organisation that maintains a business
relationship with, and uses service from, cloud providers.
• Cloud Provider: A person, organisation, or entity responsible for
making a service available to interested parties.
• Cloud Auditor: A party that can conduct independent assessment of
cloud services, information system operations, performance and
security of the cloud implementation.
• Cloud Carrier: An intermediary that provides connectivity and
transport of cloud services from cloud providers to cloud consumers.
• Cloud Broker: An entity that manages the use, performance and
delivery of cloud services, and negotiates relationships between cloud
providers and cloud consumers.
Cloud Consumers
 Economics Of Cloud
• Pay as you go model
• Scalable and Simple
• Reduces the capital costs
• Removes the maintenance cost
• Removes administration cost
 What is Capital Cost?
• It is cost occurred in the purchasing infrastructure or the asset.
• It takes long time to make profit
• 3 Pricing strategies
• Tiered Pricing
• Per Unit pricing
• Subscription Based Pricing
 Tired Pricing
• Cloud prices are offered in the various tiers.
• Each tier offers fixed service agreement at specific cost
• Amazon Ec2
 Per Unit Pricing
• Based upon unit specific concept
• Data transfer and memory allocation includes in this model for
specific unit.
• Go Greed uses this kind of facility in term of RAM/Hour
 Subscription based Pricing
• Users are paying periodic subscription fee for the usage of
software
• These models gives flexible solutions about cloud economy.
 Open Challenges
• 1. Data Security and Privacy
• Data security is a major concern when switching to cloud computing.
User or organizational data stored in the cloud is critical and private.
Even if the cloud service provider assures data integrity, it is your
responsibility to carry out user authentication and authorization,
identity management, data encryption, and access control. Security
issues on the cloud include identity theft, data breaches, malware
infections, and a lot more which eventually decrease the trust amongst
the users of your applications. This can in turn lead to potential loss in
revenue alongside reputation and stature. Also, dealing with cloud
computing requires sending and receiving huge amounts of data at high
speed, and therefore is susceptible to data leaks.
• 2. Cost Management
• Even as almost all cloud service providers have a “Pay As You Go”
model, which reduces the overall cost of the resources being used,
there are times when there are huge costs incurred to the enterprise
using cloud computing. When there is under optimization of the
resources, let’s say that the servers are not being used to their full
potential, add up to the hidden costs. If there is a degraded application
performance or sudden spikes or overages in the usage, it adds up to
the overall cost. Unused resources are one of the other main reasons
why the costs go up. If you turn on the services or an instance of cloud
and forget to turn it off during the weekend or when there is no current
use of it, it will increase the cost without even using the resources.
• 3. Multi-Cloud Environments
• Due to an increase in the options available to the companies, enterprises not
only use a single cloud but depend on multiple cloud service providers. Most of
these companies use hybrid cloud tactics and close to 84% are dependent on
multiple clouds. This often ends up being hindered and difficult to manage for
the infrastructure team. The process most of the time ends up being highly
complex for the IT team due to the differences between multiple cloud
providers.

• 4. Performance Challenges
• Performance is an important factor while considering cloud-based solutions. If
the performance of the cloud is not satisfactory, it can drive away users and
decrease profits. Even a little latency while loading an app or a web page can
result in a huge drop in the percentage of users. This latency can be a product
of inefficient load balancing, which means that the server cannot efficiently
split the incoming traffic so as to provide the best user experience. Challenges
also arise in the case of fault tolerance, which means the operations continue
as required even when one or more of the components fail.
• 5. Interoperability and Flexibility
• When an organization uses a specific cloud service provider and wants to switch to
another cloud-based solution, it often turns up to be a tedious procedure since
applications written for one cloud with the application stack are required to be re-
written for the other cloud. There is a lack of flexibility from switching from one
cloud to another due to the complexities involved. Handling data movement, setting
up the security from scratch and network also add up to the issues encountered
when changing cloud solutions, thereby reducing flexibility.

• 6. High Dependence on Network

• Since cloud computing deals with provisioning resources in real-time, it deals with
enormous amounts of data transfer to and from the servers. This is only made
possible due to the availability of the high-speed network. Although these data and
resources are exchanged over the network, this can prove to be highly vulnerable in
case of limited bandwidth or cases when there is a sudden outage. Even when the
enterprises can cut their hardware costs, they need to ensure that the internet
bandwidth is high as well there are zero network outages, or else it can result in a
potential business loss. It is therefore a major challenge for smaller enterprises that
have to maintain network bandwidth that comes with a high cost.
• 7. Lack of Knowledge and Expertise
• Due to the complex nature and the high demand for research
working with the cloud often ends up being a highly tedious task.
It requires immense knowledge and wide expertise on the
subject. Although there are a lot of professionals in the field they
need to constantly update themselves. Cloud computing is a
highly paid job due to the extensive gap between demand and
supply. There are a lot of vacancies but very few talented cloud
engineers, developers, and professionals. Therefore, there is a
need for upskilling so these professionals can actively
understand, manage and develop cloud-based applications with
minimum issues and maximum reliability.
 Interoperability :
•
It is defined as the capacity of at least two systems or applications
to trade with data and utilize it.
• On the other hand, cloud interoperability is the capacity or extent at
which one cloud service is connected with the other by trading data
as per strategy to get results.
• The two crucial components in Cloud interoperability are usability
and connectivity, which are further divided into multiple layers.
1. Behaviour
2. Policy
3. Semantic
4. Syntactic
5. Transport
6. Portability
• It is the process of transferring the data or an application
from one framework to others, making it stay executable
or usable. Portability can be separated into two types:
Cloud data portability and Cloud application portability.
• Cloud data portability –
It is the capability of moving information from one cloud
service to another and so on without expecting to re-enter
the data.

• Cloud application portability –

It is the capability of moving an application from one cloud
service to another or between a client’s environment and
a cloud service.
 Categories of Cloud Computing
Interoperability and portability :

The Cloud portability and interoperability can be divided into –

• Data Portability
• Platform Interoperability
• Application Portability
• Management Interoperability
• Platform Portability
• Application Interoperability
• Publication and Acquisition Interoperability
 Data Portability –
•
Data portability, which is also termed as cloud
portability, refers to the transfer of data from one
source to another source or from one service to
another service, i.e. from one application to
another application or it may be from one cloud
service to another cloud service in the aim of
providing a better service to the customer without
affecting it’s usability. Moreover, it makes the
cloud migration process more easier.
 Application Portability –
•
It enables re-use of various application
components in different cloud PaaS services. If the
components are independent in their cloud service
provider, then application portability can be a
difficult task for the enterprise. But if components
are not platform specific, porting to another
platform is easy and effortless.
 Platform Portability –
•
There are two types of platform portability- platform
source portability and machine image portability. In the
case of platform source portability, e.g. UNIX OS, which
is mostly written in C language, can be implemented by
re-compiling on various different hardware and re-
writing sections that are hardware-dependent which are
not coded in C. Machine image portability binds
application with platform by porting the resulting bundle
which requires standard program representation.
 Cloud Scalability :
•
Cloud scalability is used to handle the growing workload where
good performance is also needed to work efficiently with software
or applications. Scalability is commonly used where the
persistent deployment of resources is required to handle the
workload statically.
• Example :
Consider you are the owner of a company whose database size
was small in earlier days but as time passed your business does
grow and the size of your database also increases, so in this case
you just need to request your cloud service vendor to scale up
your database capacity to handle a heavy workload.
 Key features of Cloud scalability
• 1) Grow or shrink :
• Scaling is change in size. It can mean increasing or decreasing.

• 2) Sizable Difference :
• Adding a significant amount of users or data or hardware like assets such as vCPU and vRAM

• 3) Non Disruptive :
• You are adding resources to existing deployment so there should be minimal downtime.

• 4)Relatively Fast :
• Not all cloud solutions are scale up in minute but at least can buying up fasters

• 5) Easy:
• Easy to use.
 Fault Tolerance
• Fault tolerance in cloud computing means creating a blueprint
for ongoing work whenever some parts are down or
unavailable. It helps enterprises evaluate their infrastructure
needs and requirements and provides services in case the
respective device becomes unavailable for some reason.
• It does not mean that the alternative system can provide
100% of the entire service. Still, the concept is to keep the
system usable and, most importantly, at a reasonable level in
operational mode. It is important if enterprises continue
growing in a continuous mode and increase their productivity
levels.
Main Concepts behind Fault Tolerance in Cloud Computing System

• Replication: Fault-tolerant systems work on running multiple replicas for

each service. Thus, if one part of the system goes wrong, other instances
can be used to keep it running instead. For example, take a database
cluster that has 3 servers with the same information on each. All the
actions like data entry, update, and deletion are written on each.
Redundant servers will remain idle until a fault tolerance system demands
their availability.
• Redundancy: When a system part fails or goes downstate, it is important
to have a backup type system. The server works with emergency
databases that include many redundant services. For example, a website
program with MS SQL as its database may fail midway due to some
hardware fault. Then the redundancy concept has to take advantage of a
new database when the original is in offline mode.
Techniques for Fault Tolerance in Cloud Computing

• Priority should be given to all services while

designing a fault tolerance system. Special
preference should be given to the database as it
powers many other entities.
• After setting the priorities, the Enterprise has to
work on mock tests. For example, Enterprise has a
forums website that enables users to log in and
post comments. When authentication services fail
due to a problem, users will not be able to log in.
Major Attributes of Fault Tolerance in Cloud Computing

• None Point of Failure: The concepts of

redundancy and replication define that fault
tolerance can occur but with some minor effects. If
there is no single point of failure, then the system
is not fault-tolerant.
• Accept the fault isolation concept: the fault
occurrence is handled separately from other
systems. It helps to isolate the Enterprise from an
existing system failure.
Existence of Fault Tolerance in Cloud Computing

• System Failure: This can either be a software or hardware

issue. A software failure results in a system crash or hangs,
which may be due to Stack Overflow or other reasons. Any
improper maintenance of physical hardware machines will
result in hardware system failure.
• Incidents of Security Breach: There are many reasons
why fault tolerance may arise due to security failures. The
hacking of the server hurts the server and results in a data
breach. Other reasons for requiring fault tolerance in
the form of security breaches include ransomware,
phishing, virus attacks, etc.
 Ready For the Cloud
• Web application design- share the same basic architecture.
Web Applications
 Problem with memory lock
• Room Allocation Problem
• 1)Lock data associated with the room
• 2)Check whether room is currently available
• 3)If currently available , mark it booked And thus no longer
available
• 4)Release the lock.
 Machine image design
• Two benefits :
• It forces discipline in
• 1)Deployment Planning
• 2)Disaster Recovery
 Machine image design
• Contains:
• 1) Installed applications
• 2)Deployment :
• Process of starting up new virtual instance
 Process of establishing a machine image
1) Create a component model
2) Separate out stateful data in computer
3) Identify the operating system
4) Search for an existing public machine image
5) Harden your system
6) Install all the components
7) Verify the functioning
8) Build and save the machine image.
 Process of hardening
1. Removing unnecessary services.
2. Removing unnecessary accounts.
3. Running all services as a role account
4. Running all services in restriction
5. Verify proper permissions for necessary system.
 Process of testing
1. Build a temporary image from your development instance
2. Launch a new instance from temporary image
3. Verify all functions
4. Fix if any issues.
5. Repeat until process is robust and reliable.
 Privacy design
• Privacy in the cloud
• Strict separation of sensitive information from unsensitive
information.
• By encryption of all sensitive information.
 Example : Credit Card
1. Application server and credit card server sit in different
security zones.
2. Credit card numbers are encrypted using customer specific
encryption key.
3. Credit card processor has no access to the encryption key.
4. Application server has ability to read credit card numbers.
5. No person has access to both servers
• Two servers should not be running on same software.
 Database Management
• Trickiest part of managing cloud infrastructure.
• Managing your persistent data.
• Persistent data is any data that needs to survive the
destruction of your cloud environment.
• Because you can easily reconstruct your operating system ,
software but they do not qualify persistent data.
• Whether physical or virtual database fails there is chance of file
and your database be corrupted.
 Clustering your database
• Unless you have skilled DBA you should not even understood
deployment of clustering.
• Clustered Database vendors often require you to pay for most
expensive licenses to use clustering.
• Clustering comes with significant performance problems
• Alternative to clustering is replication.
 Replication over Clustering
1. It is generally much simpler to implement.
2. It does not require an excessive number of servers and
expensive licenses.
3. Unfortunately replication is not reliable as clustering.
 Data Security
• Privacy Protection:
• Your data should be protected from unauthorized access.
• Data encryption and controlling who sees and who access your
data.
• Example : Developers need live data to test,
– But they don’t have access to see the data.
 Threats
• Data breaches :
• It possible for user on one virtual machine to listen for
the signal that may be encryption key has arrived on
another VM on the same host.
• Victims credentials are in someone else hand.
• Data Loss :
• Someone logging in into your account and erasing everything.
• Hijacked account :
• Someone steal your password and Capture your account
• It have only one solution Two factor authentication.
• Crypto jacking :
• Crypto jacking spiked in 2017-18 .
• Cloud was popular target because there are more compute
resources available.
• To stop this We have to monitor unusual compute activity .
 Network Security
• Protecting computer network from any kind of unauthorized
access.
 Access control list (ACL)
• An access control list (ACL) is a list of rules that specifies which
users or systems are granted or denied access to a particular
object or system resource.
• Access control lists are also installed in routers or switches,
where they act as filters, managing which traffic can access the
network.
 Demilitarized zone
• A DMZ, short for demilitarized zone, is a network (physical or
logical) used to connect hosts that provide an interface to
• an un trusted external network –
• usually the internet –
• while keeping the internal, private network –
• usually the corporate network –
• separated and isolated form the external network.
 VPN
• VPN stands for "Virtual Private Network" and describes the
opportunity to establish a protected network connection when
using public networks.
• VPNs encrypt your internet traffic and disguise your online
identity. This makes it more difficult for third parties to track
your activities online and steal data.
• The encryption takes place in real time.
 Intruder
• The most common threat to security is the attack by the intruder.
• Intruders are often referred to as hackers and are the most
harmful factors contributing to the vulnerability of security.
• They have immense knowledge and an in-depth understanding of
technology and security. Intruders breach the privacy of users and
aim at stealing the confidential information of the users.
• The stolen information is then sold to third-party, which aim at
misusing the information for their own personal or professional
gains.
 Types of Intruders
• Masquerader
• Misfeasor
• Clandestine User
 Host Security
• It describes how your server is set up for following :
• Preventing Attacks
• Minimizing the impact of a successful attack on the overall
system.
• Responding to attacks when they occur.