UNIT

1 Introduction

CONTENTS
Part-1 : Introduction to Cloud 1-2E to 1-17E
Computing, Definition
of Cloud, Evolution of
Cloud Computing :
Part-2 : Underlying Principles of. .1-17E to 1-26E
Parallel and Distributed
Computing, Cloud
Characteristics, Elasticity
in Cloud, On-Demand
Provisioning

1-1E (CSIT-Sem-7)
1-2 E(CSTT-Sem-7) Introduction

PART- 1
Introductionto Cloud Computing,Definitionof Cloud, Evolution
of Cloud Computing.

Questions-Answers
Long Answer Type and Medium Answer Type Questions

Que 1.1. What do you mean by cloud computing ? Als0, give its
properties.

Answer
1 Cloud computing is the mears of delivering all IT from computer
applications,software,businessprocesses,messaging,and collaboration
to end users as a servicewherever and wheneverthey need it.
2 Cloud computingis a paradigmfor deliveringIT where rapid provisioning
is an importantcharacteristicfor computingresources,data applications
and IT.
3 Cloud computinghelps us to face the challengessuch as :
Decreasingthe capex and opex cost.
Enhancingthe servicequality.
ii. Maintainingthe desired and right level of security,compliances,
regulations,and policiesacross the differentfunctionsof enterprise.
iv. Rapid provisioning,agility,and businesstransparencyfor consistent
self-servicedelivery.
4 Thus, cloud computingis the service and deploymentmodel using large
resource pool based provisioningof virtual or physicalresources in a
servicemodel using the intermet(publiccloud)or intranet(privatecloud).
Properties of cloud computingare :
1. User centric: This means once a user is connected to cloud any data,
such as images,videos, applications,becomes his property.Not only the
data but the devices connected to it and the user can share it with other
users.

2. Task centric : Cloud computing focus on what one need and how
applicationcan do it. Here documentsare given more prioritythan the
applicationswhich create them.
 1-3E (CSTT-Sem-7)
Cloud Computing
3. Self healing:In selfhealing,backupsare availablefor every document
in the cloud. Hence, if one document crashes there will be its duplicate
ready to run.
4. Multi-tenancyand intelligence: Multi-tenancyrefers to sharing of
data and costs across a large pool of users. As various data are stored in
cloud, data mining and analysis are necessaryfor accessinginformation
in an intelligent manner.
5. Programmable:Many processesin cloud computingshall be automate
such as backingup crasheddata with its duplicate,Hence, programming
is associated with cloud computing.
6 Flexible: Flexibleas the users may be of differentvarietiesand hence
has to match with their needs.

Que 1.2. What are the advantages and disadvantagesof cloud

computing ?
Answer
Advantages of cloud computing :
as it does not
1. Cost saving: It helps us to save substantialcapital cost
need any physical hardware investments.
latest
2. Strategic edge : Cloud computing helps us to access the
applications any time without spending our time and money on
installations.
3
quickly in
High speed : Cloud computingallowsus to deploy our serviceresources
fewer clicks. This faster deployment allows us to get the
required for our system within fewer minutes.
4
Reliability :Through cloud computing we can always get instantly
updated about the changes.
5 Mobility:Employeeswho are workingon the premisesor at the remote
internet
locationscan easilyaccess all the cloud services.All they need is
connectivity.
6. Unlimitedstorage capacity:Cloud computingoffers limitlessstorage
capacity.
Disadvantages of cloud computing :
1 Performancecan vary: When we are workingin a cloud environment,
provides
our applicationis runningon the server which simultaneously
resources to other businesses that can affect the performanceof our
shared resource.
2 Technicalissues : Cloud technologyis always prone to an outage and
other technical issues.
 14E (CSTT-Sem-7) Introduction

3. Securitythreatin the cloud: Before adoptingcloudtechnology,we

shouldbe well aware of the fact that we will be sharingall our company's
sensitiveinformationto a third-partycloud computingservice provider.
Hackersmight access this information.
4. Internet connectivity: Good internetconnectivityis must in cloud
computing.We cannot access cloud without an internet connection.
5. Lack of support: Cloud computingcompaniesfail to provide proper
supportto the customers.Moreover,they want theiruser to depend on
FAQs or onlinehelp, which can be a tediousjob for non-technicalpersons.
Que 1.3.Explainvision of cloudcomputing.
Answer
1 Cloud computing provides the facility to provision virtual hardware,
runtime environmentand services to a person having money.
2 These all things can be used as long as they are needed by the user.
3 The whole collectionof computingsystem is transformed into collection
of utilities,which can be provisionedand composedtogether to deploy
systems in hours rather than days, with no maintenancecosts.
4 The long term vision of a cloud computingis that IT services are traded
as utilitiesin an open market without technologicaland legal barriers.
5. In the future, we can imagine that it will be possibleto find the solution
that matcheswith our requirementsby simply enteringout request in a
global digital market that trades with cloud computingservices.
6 The existence of such market will enable the automationof discovery
processand its integrationinto its existingsoftwaresystems.
7. Due tothe existenceof a global platformfor trading cloud serviceswill
also help service providersto potentiallyincreasetheir revenue.
8 Acloud provider can also become a consumer of a competition
in order to fulfill its promisesto service
customers.
Que 1.4. List the major categoriesof parallel
computingsystems.
Answer
Categoriesof parallel computingsystems :
i. Bit level parallelism: It is a form of
parallelismwhich is based on
increasingprocessorsword size. It shortens
that the system must run in order to
the number of instructions
are greater in size.
perform task on variableswhich
a

i. Instructionlevel parallelism: It is a form of parallel

which we can calculate the amount of operation carried computingin
out by an
operatingsystem at same time. For example :
 1-5E (CSIT-Sem-7)
Cloud Computing
1 Instructionpipelining
2 Out of order execution
3. Registerrenaming
4. Speculativeexecution
5. Branch prediction
Que 1.5. Discuss the issues related to cloud computing.

Answer
Severalissues related tocloud computingare :
Issues in clouds

Security issues
Data issues
Performance issues
Energy related issues

Fault tolerance

Fig. 1.5.1.
Security issues : Some of the security problems which are faced by the
cloud computingare as follows:
1. Data integrity: When a data is on a cloud, anyone from any location
differentiate
can access those data from the cloud. Cloud does not
between asensitive data from a common data thus enabling anyone to
access those sensitivedata. Thus there is a lack of data integrityin cloud
computing.
2. Data theft: Most of the cloud vendors instead of acquiringa server try
to lease a server from other service providers because they are cost
effective and flexible for operation.
3.
Security on vendor level: Vendor should make sure that the server
is well secured from allthe external threats it may come across. Acloud
is good only when there is good security provided by the vendor to the
customers.
4. Security on user level: Even tho ugh the vendor has provided good
security layer for the customer, the customer should make sure that
because of its own action, there should not be any loss of data or
tamperingof data for other users who are using the same cloud.
5. Information security : Securityrelated to the informationexchanged
betweendifferenthosts or betweenhosts and user. This issues pertaining
 1-6 E (CSIT-Sem-7)
Introduction
to secure communication,
on and delegation. authentication,issues concerningsingle sign
Data issues:Variousdata issues in cloud
1. Data loss:
computingare as follows :
Ifthe vendor closes due to financial or legal
will be a loss of data for the customers.The problemsthere
access those data customers will not be able to
because data is nomore availablefor the customer as
the vendor shut down.
2 Data location : When it comes to location of the
data
transparenteven the customers do not know where his ownnothing is
data are
located. The vendor does not reveal where all the data are
stored. The
data will not even be in the same country of the
located anywhere in the world. customer, it might be
3. Datalock-in:Softwarestacks have improved
platforms,but the APls for cloud computingitself interoperabilityamong
are still essentially
proprietary.or at least have not been the subjectof active standardisation.
Thus, customers cannot easily extract their data and programs from
one site to run on another.
4Data segregation: Data in the cloud is typicallystored in a shared
environmentwhereby one customer'sdata is stored alongside another
customer'sdata, hence it is difficultto assure data segregation.
5. Dataconfidentialityand auditability: Current cloud offeringsare
essentiallypublic (rather than private) networks, exposingthe system
to more attacks. Auditabilitycould be added as an additionalsaver
beyond
the reach of the virtualizedguest OS providingfacilities
secure than those built into the applicationsthemselvesandarguablymore
the software responsibilitiesrelated to confidentialityand centralizing
a single logical layer. auditabilityto
6. Data integrity: One of the biggest concerns with cloud
data storage is
the verificationof data integrityat untrustedservers, and how to deal
with sensitivedata. It is not an easy task to maintaincustomer'smost
sensitivecloud data securely,which is needed in many applicationsfor
clients.
7. Deletion of data: Data that has to be deleted by the user becausehe or
she no longer needs it or many no longer process it for another
is also deleted by the providerand no more copies of reason
data are available.
This can lead toproblems, particularin connectionwith backups.
8. Service level agreements: According to the purpose for which
data is processed,it is importantto agree on binding service levelsthe
for
availabilityand data recoveryand if necessary,safe guarded by supporting
fixed penaltiesin the event of non-compliancewith the agreed
levels. service
Cloud Computing 1-7E (CSTT-Sem-7)

Various performanceissues in cloud computingare:

1. Poor applicationperformanceor applicationhang-ups:Usually
the applicationis starvedfor RAMor CPU cycles, and faster processors
or more RAM is added.
2 Slow access to applications and data : Bandwidth is usually the
cause, and the most common solution is to add faster network
connections.
3. Horizontal and vertical scalability :
i. Vertical scaling : Vertical scaling (up) entails adding more
resources to the same computingp0ol.
ii Horizontalscaling:Horizontalscaling (out)requiresthe addition
handle the
of more machinesdevices to the computingplatform to
increaseddemand. Sustainedincreasesin demand, however, require
horizontalscalingand load balancingto restore and maintainpeak
performance.
are as follows :
Energy related issues: Various energy related issues
numbers
1 Cloud computingis rapidly growing in importanceas increasing
to cloud service
workload
ofenterprisesand individualsare shiftingtheir
providers.
infrastructureof
2. The electricitycosts involvedin operatinga large cloudservice providers
multiple data centres can be enormous. In fact, cloud
the energy they
often must pay for the peak power they draw, as well as
consume.
challenges facing
3. Lowering these high operating costs is one of the
cloud service providers.
overheatingof
4. Insufficientor malfunctioningcoolingsystem can lead to
and devices lifetime.
the resourcesreducingsystem reliability
leads to substantialcarbon
5. High powerconsumptionby the infrastructure greenhouse effect.
dioxide (CO,)emissioncontributingto the
Fault tolerance :
cloud computing. Fault
1 Fault tolerance is one of the key issues of necessary to enable a
tolerance is concerned with all the techniques
system to tolerate softwarefaults.
themselves during
2 These software faults may or may not manifest techniques
softwarefault tolerant
systemsoperations,but when they do, of the software system to
should provide the necessary mechanisms
prevent system failure occurrences.
Fault tolerance techniquesare employed during the procurement,or
3. these techniques
occurs,
development,of the software. When a fault
system failure
provide mechanismsto the softwaresystem to prevent
from occurring.
 1-8E (CSIT-Sem-7)
Introduction

Que 1.6. What are the hurdles in cloud computing?

Answer
Hurdles in cloud computing:
1. Securty:
i As the servicesare opened and deliveredover
the network between
the cloud service provider and the
consumer,the security in this
model is perceivedat higher levels.
Other inhibitors can be
where consumer does not location-independent resource pooling
know where his services are running or
where his data is stored.
iü. Limited service management and
monitoringcapabilities in the
public cloud model also added to the complexities.
2. Regulationand compliances:
i. There is a need of data governancemodels to be
establishedin the
enterprisesand federatingdata privacy.
ii In large organizations,IT delivery is taken
with the concerns of
reliability,performance,and availability.
ii. There are different levels of
maturitiesfor organizationsseeking
differentlevels of Service Level Agreements(SLA) but cloud service
providersare not equippedto deliverthe services.
iv. There is a need of stringent Recovery Point
Objective(RPO)and
the Recovery Time Objective (RTO) with the agreed number of
mins/hours down-time.
3. Cloud migration :
This requires the propertyof powerful interoperabilityof platforms
that should identifythe appropriateapplicationthat can be migrated
to the cloud.
It is importantto identify the
interdependenciesand integration
pointswith standardsand interfacesthat are lackingamong
provider:s. service
iii. Cloud migrationbecomes more complex if the
service bundles are
integrated from multiple cloud service providers. This can also
become the deal breakeror the reason for downgraded
performance.
4. Workload suitabilityfor cloud :
Not all the applicationsare suitablecandidatesfor the cloud.
It depends on the function of the business, enterprise policies,
application architecture,scalability, suitability, usage patterns
accordingto pay-per-use-model,or infrastructurerequirementsin
the service model.
Cloud Computing 1-9 E (CSIT-Sem-7)

Que 1.7. Explain briefly the term cloud.

Answer
1 Cloud is an extensionofthe internetwith some level of inherent discipline
and ethics.
2 Cloud can be thought of unification of information technology with
businessintelligence.
3 Technologymerges virtualization,grid functionalitiesand web standards
as a single utility model which is delivered to the custumers over the
internet,whereasthe businessintelligencedefines the best cost schemes
leading to win-win situationfor both the cloud service provider as well
as the cloud service consumer.
4 Cloud brokers negotiate the best deals and relationshipsbetween the
cloud consumersand cloud providers.
5. They can use specializedtools to identify the most appropriatecloud
resource and map the requirementsof the applicationto it.
6
Cloud broker servicesare mainly categorizedinto three group:
Service intermediation broker provides a service to a consumer
that enhancesa given service by addingsome value on top to increase
some specific capability.
integrates
b Service aggregation brokerage service combines and
are modelled across
into one or more services and ensures that data
of data between
all componentservicesand movement, security
the service consumer and multiple providers,
C Service arbitrageis similarto cloud serviceaggregationbut services
services provide
being aggregatedare not fixed. In addition,these
flexibilityand opportunityfor the service aggregator.
Que 1.8. What are the components of cloud ?

Answer
Components of cloud :
1. Cloud service consumer (or end user):
clients, which
i. Cloud service consumersare the end users known as
interact with the system and demand for services as per their
requirement.
ii The clientcan be categorizedinto the following three categories:
a Mobile clients : Mobile clients run the application from
laptops, PDAs and smart phones. This category of clients
demands for higher speed and high level of security.
1-10 E (CSIT-Sem-7)
Introduction
b. Thinclients:Thin clients neither have hard
DVD ROM drives, and largely depend on the drives nor have
server.
C. Thick clients : Thick clients are self-sufficientin terms of
accessories.
2. Cloud service provider:
Cloud service providers are the agents which host the
the cloud and deliver service to the servers in
end users.
ii. The major cloud providersare Google, Amazon, Sales Force, IBM,
Microsoftand Rackspace.
3. Internet medium: Internet medium is the communicationchannel
between the consumer and providerwhere servicesare redirected.
4. Datacentre:
Datacentre is the collection of servers where the applications
subscribedare housed.
ii. It consists of storage,network,and server.
Que 1.9. Give the characteristics of cloud.

Answer
Characteristics of cloud are :
1 Self-serviceon-demand:As acloud consumer, users are privilegedto
request and provisioncomputingcapabilitiesbundledwith serviceswith
or without approvalprocess powered by automationand workflows.
2. Ubiquitousnetworkaccess:This is the characteristicby which end
user and server computing devices can be accessed over the network
even using the next generation heterogeneous devices such as
smartphone,tablets,thin and thick chents.
3 Resource pooling:
This characteristicrefers to the poolingof resourcesacross
datacenters. multiple
These pooled virtual datacenters are then divided into multiple
pools to provide their services to various consumers in a multi
tenant model.
i. These pools can have both physical and virtual resources.
iv. The devices provided by this pool give the notion of
location
independent compute (storage, servers, processing, network
bandwidth, virtual machines, etc.), where the consumer does not
have control or visibilityabout the service locationand its
geography.
4. Rapid elasticity:
This characteristicmakes the provisioningrapid and elastic.
Cloud Computing 1-11 E (CSIT-Sem-7)

This provisioningcan be automatic and can flex-up and flex-down

on the basis of spikes of utilization.
iii. The consumer can view the infinite capacityavailableas a service,
which can be bought at any point of time.
Que 1.10. What are the challengesin cloud ?
Answer
Challenges in cloud:
1. Lack of control : In case of lack of control, by delegating the IT
managementto a third party, the service consumer loses the ability to
workload.
directlycontrol and monitor the executionof the submitted
2 Securityy : For security,trusting a third party to store enterprises
confidential data is asource of potential concern and needs to be
effectivelyaddressedby the cloud service provider.
3. Interoperabilityamong multipleservice providers:This leads to
avoid vendor lock-in, it is desirableto be able to run the same virtualized
applicationon clouds providedby multiplevendors.Appropriatestandards
need to be in place for addressingthis concern.
4 Resource management: The management of computing,storage
a hard'
and other resources in a distributedsystem is recognized as
problem.

Que 1.11. Explain cloud services.

Answer
has given various
On the basis of user requirements,the cloud infrastructure or clients or
servicingschemesin order to deliverthe utilityto the consumers
end users :
Infrastructure-as-a-Service (IaaS) :
a.
Infrastructure-as-a-Service (laaS) model allows the customer to
provisionprocessing,storage, networkand other importantsoftware
such as operatingsystem and applications.
:
The consumer does not have control over the underlying
infrastructurebut has control over the operatingsystems, storage
and deployed applications.
b. Platform-as-a-Service (PaaS) :
i. Platform-as-a-Service(PaaS) model provides capacity to the
customerto deploy the customer-createdapplicationsinto the cloud
infrastructureusing the programminglanguage or tools supported
by the cloud provider.
1-12 E (CSIT-Sem-7)
Introduction
The consumerdoes not manage the
such as network, storage, etc., butunderlying cloud infrastructure
has control over the deployed
applications.
iü. It also provides solutions for
integratingcloud computing into
existing application,services, and
orientedapproach. infrastructurewith a market
C.

i
Software-as-a-Service(SaaS):
Software-as-a-Service
the
(SaaS) model enables the customer to use
providedapplicationhosted on the cloud
i. In this model, the customer does not infrastructure.
have any control over the
cloud infrastructurebut has a little control
over the application
configuration settings.
iii. The applicationsare accessiblefrom the
client devices such as thin
client or web browser interface.

Cloud

SaaS

PaaS

laaS

Fig. 1.11.1. Cloud services.

Que 1.12. List the benefits of cloud.

Answer
Benefits of cloud:
1 Increased agilityon the IT datacenterresources and innovation.
2 Enablingof
self-serviceportal and thus ensure VirtualMachines(VMs)
in less lead-times.
3. Adherenceof SLAs as the VM lead-timesand down-timesare
reduced. significantly
Cloud Computing 1-13 E (CSSIT-Sem-7)

4. Trial and error configurationtests can be done at ease.

5. Completecontrol over cloud usage for administratorsis p0ssible.
Scalabilityand flexibilityallow the laaS cloud to almost deliverthe promise
of unlimited IT services on demand.
7. Usage-based payment and not getting billed when the utilization
decreases.
8. Significantreductionin the costs for IT datacenter.
Dynamic sharing of the resources available in IT datacenter
through
9.
private cloud so that demands can be met cost effectively.
of IT datacenter.
10. Considerable increase in the utilization of resources
resources in the IT
11. Increase in the operational efficiency of the
datacenter.
12. Achieve a greener datacenter.
Avoids vendor locking.
13. Support for heterogeneoushardware vendors.
Que 1.13. Explain the evolution of cloudcomputing.

Answer
Evolution of cloud computing:
1. Grid computing :
evolution of
Grid computing appeared in the early 1990s as an
clustercomputing.
. Grid computing proposed a new approach to access large
computationalpower, huge storage facilities, and a variety of
services. Users can consume resources in the same way as they
use other utilities such as power, gas, and water.
iüi. Grids initiallydevelopedas aggregationof geographicallydispersed
cluster by means of internet connection.
and
iv. These clusters belonged to different organizations
computational
arrangementswere made among them to share the
power.
Different from a large cluster, a computing grid was a dynamic
was
aggregationof heterogeneouscomputingnodes, and its scale
nationwide or even worldwide.

2. Utility computing:
Utility computing is a vision of computing, defining a service
such
provisioningmodel for computingservicesin which resources
infrastructure are
as storage, compute power, applications, and
packaged and offeredon a pay-use basis.
1-14 E (CS/IT-Sem-7)
Introduction
The business model introducedwith utility computing
requirementsand led to an improvementof mainframebrought new
technology,
additionalfeatures such as operatingsystems, process controland
user metering facilities.
i. The idea of computingas utility remained and extended from
business domain to the academia with the advent of cluster the
computing.
3. Software-as-a-Service:Refer Q. 1.11, Page 1-11E, Unit-1.
4. Cloud computing: Refer Q. 1.1, Page 1-2E, Unit-1.
Que 1.14. Discuss the architecture of cloud
computing.
Answer
Cloud computingarchitecturerefers to the componentsand
required for cloud computing.These componentsconsist of:subcomponents
1 Front end platform :
Cloud computingarchitectureconsistsof front end platformscalled
clients or cloud clients.
These clients comprise servers, fat (or thick) clients, thin clients,
zero clients, tablets and mobile devices.
i. These client platformsinteractwith the cloud data
storage through
an application(middleware),through a web browser, or
virtual session.
through a
iv. The front end refers to the client part of cloud
computing
consists of interfacesand applicationsthat are requiredsystem. It
to access
the cloud computingplatformslike web browser.
2 Back end platform:
Theback end refers to the cloud itself. It consistsof all the
requiredto provide cloud computingservices. resources
It comprises of huge data storage, virtual
mechanism,services, deploymentmodels, servers, machines, security
etc.
ii. It is online network storage wheredata is
stored and accessibleto
multiple cients.
3 Cloud based delivery:These include the following:
i
Software-as-a-Service(SaaS): Refer Q. 1.11, Page 1-11E, Unit-1.
ii.
Development-as-a-Service
web-based,communityshared
(DaaS) : Developmentas a service is
developmenttools. This is equivalent
to locally installeddevelopmenttools in the
traditional(non-cloud
computing)deliveryof developmenttools.
CloudComputing 1-15 E (CSIT-Sem-7)

iii. Platform-as-a-Service(PaaS): Refer Q. 1.11, Page l-11E, Unit-1.

iv. Infrastructure-as-a-Service
(IaaS): Refer Q. 1.11, Page 1-11E,
Unit-1.
4. Network: The cloud network layer offers :
i. High bandwidth (low latency) : Allowing users to have
uninterruptedaccess to their data and applications.
i. Agilenetwork:On-demandaccessto resourcesrequiresthe ability
to move quicklyand efficientlybetweenserversand possiblyeven
clouds.
iii. Networksecurity: Securityis always important,but when dealing
with multi-tenancy,it becomes much more important because we
are dealingwith segregatingmultiple customers.

Client infrastructure Front end

Internet

Application

Management Service
Security

Cloud runtime Back end

Storage

Infrastructure

Fig. 1.14.1. Cloud computingarchitecture.

Que 1.15. Write some applications of cloud computing.

Answer
Applications of cloudcomputing:
1. Big data analytics: From fraud recognitionto statisticalinvestigation,
big data exist universally.Analyse how Hadoop and great presentation
computingclusterscan be set-up in both public and private clouds.
2.
Develop and test : Build and test applications in on-requirement
platforms using constantly configured resources, lower expenditure,
and decreasedrelease cycles.
1-16 E (CSIT-Sem-7) Introduction

3. Disasterrecovery: Public and private clouds facilitatecommercial

solutionsto maintainhighlyaccessibleapplicationswith flexiblemultiple
datacentresand providerarchitectures,and reduce down-timeand data
loss.
4 Gamingapplications:Distributeflexiblecapacityto assemblerandom
traffic actions and to lower expenditure for the ongoing life cycle
managementby public and private clouds.
5. Web and mobile applications : Deploy mobile applications and web
applicationsthat are extremelyscalableand accessibleacrossa range of
verifiedarchitectures,technologiesand clouds.
Que 1.16.Givelimitationsof cloudcomputing.
Answer
Limitations of cloud computing :
1. Data protection:
i. Data security is a crucial element that warrants scrutiny.
Enterprises are reluctant to buy an assurance of business data
securityfrom vendors.
ii. They fear losingdata to competitionand the data confidentialityof
consumers.

iv In many instances,the actualstoragelocationis not disclosed,adding

onto the securityconcernsof enterprises.
V
In the existing models, firewalls across datacentres(owned by
enterprises)protectthis sensitiveinformation.
vi. In the cloud model, serviceprovidersare responsiblefor maintaining
data securityand enterpriseswould have to rely on them.
2 Data recoveryand availability:
i. All business applicationshave service level agreements that are
stringentlyfollowed.
i. Operationalteams play a key role in managementof service level
agreementsand runtime governanceof applications.
ii. In productionenvironments,operational teams support:
Appropriateclusteringand fail over
b Data replication
C.
System monitoring(transactionsmonitoring,logs mnonitoring
and others)
Maintenance(runtime governance)
e. Disaster recovery
f. Capacity and performancemanagement.
 1-17E (CSIT-Sem-7)
Cloud Computing

3. Management capabilities :
the managementof
Despite there being multiplecloud providers,
infancy.
platformand infrastructureis still in its
ii. For example,features like
Auto-scalingare a crucial requirement
for many enterprises.
the scalabilityand load
There is huge potential to improve on
balancingfeaturesprovidedtoday.
restrictions :
4. Regulatory and compliance
governmentregulationsdo not
i In some of the Europeancountries,
information and other sensitive
allow customer's personal the state or country.
informatipnto be physicallylocatedoutside
cloud providersneed to set-up
In order to meet such requirements,
exclusivelywithin the country to
a datacentre or a storage site
complywith regulations.
may not always be feasible and is a
iii. Having such an infrastructure
big challengefor cloud providers.

PART-2

and DistributedComputing,
UnderlyingPrinciples of ParallelElasticity
Cloud Characteristics, in Cloud,
On-DemandProvisioning.

Questions-Answers

Questions
Long Answer Type and Medium Answer Type

Que 1.17. Write a short note on parallel computing. Write the

zdvantagesof parallel computingover serial computing.

Answer
1. Parallelcomputingis a computationtype in which multiple processors
execute multipletasks simultaneously.
2. Problems are broken down into instructionsand are solved concurrently.
3. The main reason for parallel programmingis to executecode efficiently,
since parallel programming saves time, allowing the execution of
applicationsin a shorter time.
4. Advantagesof parallelcomputingover serial computingare :
1-18 E (CSIT-Sem-7) Introduction

i
lt saves time and money as many resourcesworkingtogetherwill
E:
F: reduce the time and cut potentialcosts.
It can be impracticalto solve larger problems on serial computing.
i. It can take advantage of non-local resources when the local
resources are finite.
iv. Serial computing wastes the potential computing power, thus
parallelcomputingmakes betterwork of hardware.
Que 1.18. Describebriefly the components of parallelcomputing.
Answer
Componentsof parallelcomputing:

Computing Assign
parallel
problems
computations
to processors

Parallel
algorithms Mapping Hardware
and data architecture
,structures

Dependency Programming Qperatingsystem

analysis High-level Binding Applicationsoftware
languages (compile,
load)
Performance
evaluation
Fig. 1.18,1.
1. Computingproblems :
i. Numerical computing : Science and engineeringnumerical
problemsdemandintensiveintegerand floatingpoint computations.
ii. Logical reasoning : Artificial Intelligence(AI) demands logic
inferencesand symbolicmanipulationsand large space searches.
2 Parallel algorithms and data structures :
Special algorithmsand data strueturesare needed to specify the
computationsand communicationpresentin computingproblenms
(from dependencyanalysis).
ii Most numerical algorithmsare deterministicusing regular data
structures.
Cloud Computing 1-19 E (CSIT-Sem-7)

ii. Symbolic processing may use heuristics or non-deterministic

searches.

iv. Parallel algorithm development requires interdisciplinary

interaction.
3. Hardware resources :
Processors,memory, and peripheraldevices (processingnodes) form
the hardware core of a computersystem.
Processorconnectivity(systeminterconnects,network), memory
organization,influencethe system architecture.
4. Operating systems :
i. Manages the allocationof resourcesto runningprocesses.
ii. Mapping tomatch algorithmicstructureswith hardwarearchitecture
and vice-versa, processor scheduling, memory mapping.
interprocessorcommunication.

Que 1.19. What are the propertiesof distributedcomputing?

Answer
Properties of distributedcomputing:
1. Fault tolerance :
When one on some nodes fails, the whole system can still work fine
except performance.
ii. Need to check the status of each node.

2 Each node play partialrole:

Each computerhas only a limited, incompleteview of the system.
i. Each computer may know only one part of the input.
3.
Resource sharing: Each user can share the computing power and
storage resource in the system with other users.
4 Load sharing: Dispatchingseveral tasks toeach node can help share
loading to the whole system.
5. Easy to expand:We expect to use few time when adding nodes.Hope
to spend no time if possible.
6 Performance : Parallel computing can be considered a subset of
distributedcomputing.
Que 1.20. Write ashortnote on distributedcomputing.
1-20 E (CSTT-Sem-7)
Introduction

Answer
1. Distributedcomputing is a model in which components of a software
system are shared among multiplecomputersto improve
performance. efficiencyand
2 In distributedcomputing,each
processor has its own private memory
(distributedmemory). Informationis exchangedby passing messages
between the processors.
3 A distributedsystem allows resource sharing,
systems connectedto the network.
including software by
4 The goal of distributed computing is to make network as a
computer.
single
5. Examplesof distributedsystems/applicationsof distributedcomputing
are :Intranets,Internet,WWW, email.
Que 1.21. Differentiatebetweenparallel computingand distributed
computing.
Answer
S.No. Parallel computing Distributedcomputing
1 It is a type of computation A system whose components are
in which many calculations located on different networked
or the execution of computers, which communicate
processes are carried out and coordinate their actions by
simultaneously. passingmessagesto one another.
2 It occurs in a single It involves multiple
computer.
computers.
3. Multiple processorsexecute Multiple computersperform tasks
multipletasks at the same at the same time.
time.

4. Computercan have shared Each computer has its own

memory or distributed memory.
memory.
5. Processorscommunicate Computers communicate with
with each other using a each other through the network.
bus.
6. Increase the performance Allows scalability sharing
of the system. resources and helps to perform
computationtasks efficiently.
Cloud Computing 1-21 E (CSTT-Semn-7)

Que 1.22. Explain briefly the architecture of distributed

computing.
Answer
Architecture of distributedcomputing:
1. Data-centered architecture :
i These architecturesidentifythe data as the fundamentalelement
of the software system and access to shared data is the core
characteristic of the data-centered architectures.
Therefore,especiallywithinthe contextof distributedand parallel
computing system, integrity of data is the overall goal for such
systems.
ii. The repositoryarchitecturalstyle is the most relevant reference
model in this category.
iv. It is characterizedby two main components; the central data
structure, which represents the current state of the system, and a
collectionof independentcomponents,which operate on the central
data.
V. The ways in which the independentcomponentsinteract with the
central data structurecan be very heterogeneous.
2 Data-flow architecture :
In the case of data-flowarchitectures,it is the availabilityof data
that controlsthe computation.
With respect to the data-centeredstyles, where the access to data is
the core feature,data-flowstylesexplicitlyincorporatethe pattern
of data flow, since their design is determinedby an orderly motion
of data from component to component, which is the form of
communication between them.
ii. Data-flowarchitecturesare optimalwhen the system to be designed
embodiesa multi-stageprocess,which can be clearlyidentifiedinto
collectionof separate componentsthat need to be orchestrated
together.
3. Virtual machine architecture:
This class of architecturalstylesis characterizedby the presenceof
an abstract execution environment that simulates features that
are not available in the hardware of software.
Applicationsand system are implemented and become portable
over differenthardware and software environmentas long as there
is an implementationof the virtual machine they interface with
constitutes its execution.
 1-22 E (CSIT-Sem-7)
Introduction
4. Calland return architecture:
i. This category identifies all the
systems that are composed by
componentsmostly connectedtogether by method calls.
The activity of systems modeled in this way is
chain of method calls whose overallexecutioncharacterized
by a
and composition
identify the executionof one or more operations.
iii. The internal organizationof components and their
may vary.
connections
5. Architecturalstyles based on independentcomponents:
This class of architecturalstyles model systems in term of
independentcomponentshaving their own life cycle, which interact
to each other in order to perform their activities.
ii. There are two major categorieswithin this class,which differentiate
in the way the interactionamong componentsis
managed:
a.
Communicatingprocesses : In this architecturalstyle,
components are representedby independentprocesses that
leverage Inter-Process Communication(IPC)facilities for
coordinate management.
b. Event systems :In this architecturalstyle, the components
ofthe system are looselycoupled and connected. In additionto
exposing operation for data and state manipulation,each
componentalso publishes(or announces)a collectionof events
that other componentscan registerwith.

Que 1.23. What do you mean by dynamiccloud infrastructure?

Answer
1. Cloud computingclients can access standardizedITresourcesto deploy
new applications,services,or computing resources rapidly without re
engineeringtheir entire infrastructure,thus making it dynamic.
2. Cloud dynamic infrastructureis based on an architecturethat combines
the following initiatives:
a. Service management : Offers business transparency and
automationacross the pillars of business for consistentdelivery.
b. Asset management:Maximizesthe value of criticalbusiness and
IT assets over their life cycle with industry-tailored asset
management solutions.
C. Virtualizationand consolidation: Reduce operating costs,
improve responsiveness,and fully utilizethe resources.
d. Information infrastructure : Helps businesses achieve
information compliance, availability, retention, and security
Cloud Computing 1-23 E (CSIT-Sem-7)

objectives.
e. Energyefficiency: Offersgreen and sustainableenergysolutions
for business.
£. Security :Providesend-to-endindustrycustomizedgovernance,
risk management,and compliancefor businesses.
g. Elasticity: Maintainscontinuousbusinessand IT operationswhile
rapidly adaptingand respondingto risks and opportunities.
Que 1.24. Explain technologies used for distributedcomputing.

Answer
Technologies used for distributed computing are :
1. Remote procedure call :
i. Remote Procedure Call (RPC) is the fundamental abstraction
enabling the execution of procedureson client'srequest.
beyond the
It allows extending the concept of procedure call
boundariesof a processorand a single memory address space.
be on the same
ii. The called procedure and calling procedure maynetwork.
system, or they may be on different systems in a
model.
iv. The system is based on a client server
availableprocedures
V The server process maintainsa registryof all the clients
that can be remote invoked, and listens for requests fromvalues of
with the
that specifywhich procedureto invoke together
the parametersrequired by the procedure.
is natural in process
vi. RPCmaintainsthe synchronouspattern that
procedure and function calls.
2 Distributed object frameworks:
object-oriented
Distributed object frameworks extend the
across a
programmingsystemsby allowingobjectsto be distributed can
heterogeneousnetwork and provide facilities so that they
coherentlyact as if they were in the same address space.
ii Distributed object frameworks leverage the basic mechanism
introducedwith RPC,and extend it to enable the remote invocation
made
of object methods and to keep track of references to object
available through a network connection.
with
ii. Distributedobjects frameworksgive the illusionofinteraction
a local instance while invoking remote methods. This is done by a
mechanismcalled proxy-skeleton.
iv. Proxy and skeleton always constitute a pair, the server process
maintain the skeleton component,which is in charge of executing
 1-24 E (CSIT-Sem-7)
Introduction
the methodremotely invoked,while the
clients
component allowing its hosting environmenttomaintainthe proxy
remotely invoke
methods through the proxy interface.
Que 1.25. What are the
characteristicsof cloud computing?
Answer
Characteristicsof cloud computingare :
1. On
demandself-service:
without the need of humanResources
can automaticallybe
interactionas and when needed.provisioned
2.
Compatibility:Cloud servicesallow access to the data from any location
and on any device. Employees can work
from anywhere.
3.
Elasticity:Cloud servicesare scalable. Consumerscan add
they need and discard resources they do not resources
want.
4. Reliability: Cloud runs on multiple servers and is automated to run
even if one server fails. Resources are drawn from the other
ensure continuitywithout any interruption. servers to
5. Disaster recovery:With replicationand storing across multipleservers,
cloud allows easy cost-effectivesolutions at times of data loss due to
some theft or calamity.
6. Updates : Consumers need not
technicalissues. The cloud serversworry about software updates and
are located in differentplaces
from our businesspremises.The away
7.
providersdo all the updatesand patches.
Security:Cloud services offers
data from any system even if we enhanced security.We can accessour
lose our personaldevice.
Que 1.26. Write a short note on
elasticityin cloud.
Answer
1 In cloud computing,elasticityis
is able to adapt to defined as "the degree to whicha system
workload changesby provisioningand
resourcesin an autonomic manner, de-provisioning
such that at each point in time the
availableresourcesmatch the current demand as closely as possible".
2
Elasticityis a definingcharacteristicthat
from previouslyproposed differentiatescloud computing
computingparadigms,
The dynamic adaptationof such as grid computing.
resources,to meet a varyingcapacity, by altering the use of
computing
workload is called elasticcomputing.
4.
Elasticityaims at
with the amountmatching the amountof resourceallocatedto a
of resource it service
provisioningor under-provisioning. actually requires, avoiding over
Cloud Computing 1-25 E (CSIT-Sem-7)

5. Over-provisioning,ie., allocatingmore resourcesthan required,should

be avoided as the serviceprovideroften has to pay for the resourcesthat
are allocated to the service.
6. Under-provisioning,i.e., allocatingfewer resourcesthan required,must
be avoided, otherwise the service cannot serve its users with a good
service.

Que 1.27. What are the advantages of elasticcloud computing?

Answer
Advantagesof elastic cloud computing:
1 Cost efficiency :
approaches
Cloud is availableat much cheaperrates than traditional
and can significantlylower the overall IT expenses.
licensingfees as well as
ii By using cloud solutioncompaniescan save storage,
eliminate overhead charges such as the cost of data
software updates, managementetc.
makes easier
2. Convenience and continuous availability : Cloud
and modifychoice. Public
access ofshared documentsand files with view
available wherever the end user
clouds also offer services that are
continuous availabilityof
might be looted Moreover it guaranteedalternative instances are
resources and in use of system failure,
automaticallyspawned on other machines
up and recoveringdata
3. Backup and recovery : The processof backing
cloud and not on a physicaldevice.
is easy as informationis residingon flexible backup/recovery
The various cloud providersoffer reliableand
solutions.
cloud is more efficientthan the
4. Cloud is environment friendly:The resourcesto compute,thus
typicalIT infrastructureand it takes fewer
saving energy.
a built-in feature for
5. Scalability and performance : Scalabilityis automaticallyonly
are deployed
cloud deployments.Cloud instancesperformance with excellentspeed
when needed and as a result enhance
of computations.

Que 1.28. What are the disadvantagesof

elasticcloud computing?

Answer
Disadvantages of elasticcloud computing:
biggestconcernin
1. Security and privacy in the cloud: Securityis the private data and
their
cloud computing. Companies essentiallyhide
infrastructureis used, it is
informationover cloud as remote based cloud
1-26 E (CSIT-Sem-7) Introduction

then up to the cloud service providerto manage, protect and retain data
confidential.
2. Limited control : Since the applications and services are running
remotely companies,users and third party virtual environmentshave
limited control over the function and execution of the hardware and
software.
3. Dependency and vendor lock-in : One of the major drawbacks of
cloud computing is the implicit dependency on the provider. It is also
called "vendor lock-in".As it becomesdifficultto migrate vast data from
old providerto new.So, it is advisableto select vendor very carefully.
4. Increasedvulnerability :Cloud based solutions are exposed on the
public internetthereforeare more vulnerabletarget for malicioususers
and hackers.
 2 UNIT

2 Cloud Enabling
Technologies

CONTENTS
Part-1 : Service Oriented Architecture 2-2E to 2-6E

Part-2 : REST and Systems of 2-7E to 2-15E

Systems, Web Services,
Publish-Subscribe Model

Part-3 : Basics of Virtualization, .2-15E to 2-23E

Types of Virtualization,
Implementation Levels
of Virtualization

: Virtualization Structure, Tools .2-23E to 2-33E

Part-4 .......,. ....

and Mechanism, Virtualization

of CPU, Memory, IVO Devices,
VirtualizationSupport and
Disaster Recovery

2-1 E (CSIT-Sem-7)
 2-2 E (CSIT-Sem-7)
Cloud EnablingTechnologies

PART-1
Service OrientedArchitecture.

Questions-Answers
Long Answer Type and Medium Answer Type Questions

Que 2.1. Brieflydescribethe Service Oriented Architecture(SOA).

Answer
1 Service Oriented Architecture(SOA) is an architecturalapproach in
which applicationsmake use of services available in the network.
2. Service Oriented Architecture(SOA) is a style of softwaredesign where
servicesare providedto the other componentsby applicationcomponents
through a communicationprotocol over a network.
3 SOAallows users to combine a large number of facilitiesfrom existing
servicesto form applications.
4 SOAencompassesa set of design principlesthat structuresthe system
development and provide means for integrating components into a
coherentand decentralizedsystem.
5. SOA based computingpackagesfunctionalitiesintoa set of interoperable
services, which can be integrated into different software systems
belongingto separatebusiness domains.
6. SOA provides a translation and management layer within the cloud
architecturethat removes the barrierfor cloud clientsobtainingdesired
services.

Que 2.2. Explain the major roles of ServiceOrientedArchitecture

(SOA).

Answer
There are two major roles of Service Oriented Architecture(SOA):
1. Service provider:
a The service provider is the maintainer of the service and the
organizationthat makes availableone or more services for others
to use.
b To advertise services,the provider can
publish them in a registry,
together with a service contract that specifies the nature of the
service, how to use it, the requirementsfor the service, and the
fees chargcd.
Cloud Computing 2-3E (CSIT-Sem-7)

2. Service consumer :
a. The service consumercan locate the servicemetadatain the registry
and develop the required client components to bind and use the
service.

b. Services aggregate information and data retrieved from other

servicesor create workflowsof services to satisfy the request of a
given service consumer.

Que 2.3. Describethe guidingprinciplesof SOA.

Answer
Guiding principles of S0A :
to a given
1. Standardized service contract : Services adhere more service
communicationagreementwhich is specifiedthroughone or
descriptiondocuments.
components,
2. Loose coupling: Servicesare designed as self-contained services.
maintainrelationshipthat minimizesdependencieson other
3. Abstraction: Aserviceis completely
defined by service contractsand
encapsulated
description documents. They hide their logic, which is
within their implementation.
be reused
4. Reusability : Being designed as components,services can associated
and the
more effectively,thus reducingthe developmenttime effective system
costs. It allows for a more agile design and cost
implementationand deployment.
pattern, service
5 Lack of state : By providing a stateless interaction especially in a
increase the chance of being reused and aggregated,
consumers belonging
scenariowhere a single serviceis used by multiple
domains.
todifferentadministrativeand business
documentsthat
6. Discoverability : Servicesare definedby description
they can be effectively
constitutesupplementalmetadatathroughwhich means for utilizing
discovered.Service discoveryprovidesan effective
third-partyresources.
as building blocks, sophisticated
7. Composability: By using services
implemented.Serviceorchestrationand
and complexoperationscan be services and
choreography provide a solid support for composing
achievingthe businessgoals.
disadvantages of SOA ?
Que 2.4. What are the advantages and

Answer
Advantages of SOA:
1 Service reusability : In SOA,
applicationsare made from existing
applications.
services. Thus, services can be reused to make many
24E (CSTT-Sem-7) Cloud EnablingTechnologies
Easy maintenance: As services are independent of each other they
can be updated and modifiedeasily without affectingother services.
3. Platformindependent:SOA allows making a complex applicationby
combiningservices picked from differentsources and are independent
of the platform.
4. Availability:SOA facilitiesare easily availableto anyone on request.
5. Reliability :SOA applicationsare more reliable because it is easy to
debug small codes rather than huge codes.
6. Scalability : Services can run on different servers within an
environment,this increasesscalability.
Disadvantages of SOA:
1. High overhead: A validation of input parameters of services is done
wheneverservicesinteract,which decreasesperformanceas it increases
load and response time.
2. High investment :A huge initial investment is required for SOA.
3. Complex service management : When services interact they
exchangemessagesto tasks.The numberof messagesmay go in millions.
It becomes a cumbersometask to handle a large number of messages.

Que 2.5.Explainthe applicationareas of SOA.

Answer

Applicationareas of SOAare:
1 SOA infrastructureis used by many armies and airforce to deploy
situationalawarenesssystems.
2. SOA is used to improvethe healthcaredelivery.
3. SOAis used in mobile solutionsapps such as games and they use inbuilt
functions to run.
4 SOA helps to maintain museums a virtualizedstorage pool for their
information and content.

Que 2.6. What are the benefits of using SOA ?

Answer

Benefits of usingSOA:
1. Language neutral integration: Regardless of the develoving
languageused, the svstem offers and invoke services through a coror
mechanism.Programminglanguage neutralizationis one o! the key
benefits of SOA'sintegrationapproach.
Cloud Computing 2-5 E (CSIT-Sem-7)

2. Component reuse : Once an organizationbuilt an application

component,and offered it asa service, the rest of the organizationcan
utilize that service.
3. Organizationalagility: SOA defines buildingblocks of capabilities
provided by software and it offers some services that meet some
organizationalrequirementwhich can be recombinedand integrated
rapidly.
4 Leveragingexistingsystem : This is one of the major use of SOA
which is to classifyelementsor functions of existingapplicationsand
make them availableto the organizationsor enterprise.
Que 2.7. Explain horizontal layer of SOA architecture.

Answer
sOA architectureis viewed as five horizontallayers:
1. Consumerinterfacelayer : These are GUI based apps for end users
accessingthe applications.
2. Business process layer : These are business-usecases in terms of
application.
3. Serviceslayer: These are whole-enterprise,in service inventory.
4. Service component layer : They are used to build the services,such
as functional and technical libraries.
5. Operational systems layer: It contains the data model.

Que 2.8. Explain verticallayers of SOA architecture.

Answer
Vertical layers of SOA architecture:
1. Integrationlayer:Startswith pltformintegration(protocolssupport),
data integration,service integration,applicationintegration,leadingto
enterpriseapplicationintegrationsupportingB2B and B2C.
2 Quality of service layer : Security, availability,performanceete.,
constitutethe quality of service parameterswhich are configuredbased
on required SLAs, OLAs.
3 Informationallayer :Provide business information.
4 Governancelayer: IT strategyis governedto each horizontallayerto
achieve requiredoperatingand capabilitymodel.
Que 2.9.Explain the elements of SOA.
2-6E (CSIT-Sem-7) Cloud EnablingTechnologies

Answer
Elementsof ServiceOrientedArchitecture (SOA):

SOA

Application Service
Service Service Bus
frontend repository

Contract Implementation Interface

Business logic Data

1. Application frontend :
a. Applicationfrontendsare active elementsof the SOA, delivering
the value of SOA to the end users.
b They initiate and control all activity of the enterprise system.
2. Service: It is a software component that encapsulatesa high level
businessconcept.
3 Contract : It provides a specificationof the purpose, functionality,
constraints,and usage of services.
4 Interface : Functionalityof the service exposed by the service to the
clients that are connected to the service.
5. Implementation:The service implementationprovides the required
business logic and appropriate data. It contains one or more of the
artifacts :programs,configuration,data and databases.
6. Businesslogic : Business process representedby the service.
7 Data: Data representedin the service used by the service.
8. Servicerepository :It registersthe services and their attributesto
facilitate the discovery of services, operation, access rights,
qualities,etc. owner,
9. Servicebus: Aflexible infrastructurefor integrating
applicationsand
servicesby :routingmessages,transformingprotocolsbetween
and service, handling business events and requestor
QoS,security, and managing the deliveringthem, providing
interactionamong services.
 2-7 E (CSIT-Sem-7)
Cloud Computing

PART-2
Publish-Subscribe
Services,
Systems,Web
RESTand Systems of Model.

Questions-Answers

and MediumAnswer Type Questions

Long Answer Type

note on REST.
Que 2.10. Write a short

Answer information
State Transfer (REST) is a way of getting contains
Representational which
1
from a website by readinga designatedwebpage content.
content desired
describes and includes the
an XML file that
cloud provider to provide updated subscription
2 REST is used by
information.
includescontentand XML
provider could prepare a web page that
3 The described in the code.
statements that are (URL)
need to know the Uniform Resource Locator
Subscribers only witha web browser.
4
page where the XML file is located,read it display it
for the using XML information, and
understand the content
appropriately. sites use with RDF
same publishingapproachthat many
5 REST uses the
(RSS). RSS uses the ResourceDescriptionFramework
Site Summary way to describe a website.
(RDF), which is a standard
benefits :
REST offers the following support
response time and reducedserver load due to its
1. It gives better representations.
for the cachingof maintainsession
scalabilityis improved by reducingthe need to
2. Server
state. resource, so less
single browser can access any applicationand any
3 A be written.
client-side software needs to the use
resource discovery mechanismis not needed, due to
4 separate
A
of hyperlinksin representations. characteristics.
5. It has better
long-termcompatibilityand evolvability

2.11. What are HTTP methods used by REST architecture ?

Que
2-8 E (CSTT-Sem-7)
Cloud EnablingTechnologies

Answ er
The REST architecture makes use of four HTTP methods. These are :
1 GET method : This method helps in offering read-only access for the
resources.
2. POST mnethod:Thismethod is implementedfor creatinga new resource.
3. DELETE method:Thismethod is implementedfor removinga resource.
4. PUT: This method is implementedfor updatingan existingresourceor
creating a new one.

Que 2.12. Write a short note on RESTful API.

Answer
1 ARESTful API is an Application Program Interface (API) that uses
HTTP requests to GET, PUT, POST and DELETE data.
2. A RESTful API is referred to as a RESTful web service that is based on
RepresentationalState Transfer (REST) technology,an architectural
style and approach to communicationsoften used in web services
development.
3. REST technologyis generallypreferredto the more robust Simple Object
Access Protocol (SOAP) technology because REST leverages less
bandwidth,making it more suitablefor internetusage.
4 An API for website is a code that allows two software programs to
communicate with each other.
5 REST is a logical choice for buildingAPIs that allow users to connect and
interact with cloud services.
6. RESTful APIs are used by sites such as Amazon, Google, LinkedÉn and
Twitter.
7 A RESTful API breaks down a transaction to create a series of small
modules. Each module addresses a particular underlying part of the
transaction.This modularityprovidesdeveloperswith a lot of flexibility.
Que 2.13. Differentiate betweenRESTfulweb serviceand RESTless
web service.
Cloud Computing 2-9 E (CSIT-Sem-7)

Answer

S. No. RESTful web service RESTless web service

1. An applicationthat provides An applicationthat is not based on

interoperabilitybetween the principle of REST.
computer systems on the
internet.

2, Use REST. Use SOAP.

3. Support variousdata format SupportXML format.

such as HTML, JSON, etc.
4 Use ÜRL to expose business Use the service interfaceto expose
logic. businesslogic.
5 Easier and flexible. Not easy and flexible.

6 Inherits security measures Defines its own securitylayer and

from the underlying is more secure.
transportprotocols.
7 Consume less bandwidthand Consume more bandwidth and
resources. resources.

Que 2.14. What are the advantages of REST?

Answer
The advantagesof REST are :
the server:
1. Separation between the client and
interfacefrom the
a The REST protocol totally separatesthe user
server and the data storage.
interfaceto other
For example,it improves the portabilityof the the projects,and
b
types of platforms,it increasesthe scalabilityof
be evolved
allows the differentcomponentsof the developmentsto
independently.
2. Visibility,reliabilityand scalability: evident
has one
The separation between client and server
product
advantage, that each development team can scale the
without problem.
of changes in
b They can migrateto other serversor make all kinds is sent
the database, provided that the data from each request
correctly.
2-10 E (CSIT-Sem-7)
Cloud EnablingTechnologies
The separation makes it easier to have the front and the back on
different servers, and this makes the apps more flexible to work
with.
3. The REST APIis always independentof the type of platformor
languages :
a. The REST API always adapts to the type of syntax or platforms
being used, which gives considerablefreedom when changing or
testing new environmentswithin the development.
b. With a REST API we can have PHP, Java,Python Servers.
Que 2.15. Write a short note on web services.

Answer
1 A web service is a software package that is used for communicating
between two devices or web entities lying on the network.
2 They involve a service provider along with a service requester,i.e., the
client.
3. Since web services are advantageousas they are languagetransparent,
so there is no issue whether the fundamental system is providing the
service developed in Java, PHP or any other languagewhile the client
applicationis written in Python,Ruby, PerlorJavaScript.
4. Task performedby web services :
Web services are searched for over the network as well as call upon
accordingly.
As a web service is called, it would be capable of providingoperation
for the client that has invoked the web service.

Que 2.16. What are types of web services ?

Answèr
Two types of web services:
1 SOAP web services:
i The abbreviationofSOAP is ServiceOrientedArchitectureProtocol.
ii It is an XML based protocolhaving the main benefitof
the SOAP web service as its security. implementing
iüi. SOAP offersawrapper for sending a web service based
messages
over the Internetby the help of HTTPprotocol.AIl its messages are
usually in XML format.
Cloud Computing 2-11 E (CSIT-Sem-7)

iv. The SOAP message consists of:

SOAP documenthas a root elementtermed as the <Envelope>
element. This element is the initial element used in an XML
document.
b. Then next the Envelope"which is categorizedinto two parts.
The former is the header,' and the later is the body.'
C.
The header includes the routing data that is essentiallythe
informationtelling the XML document to whom or for which
the client needs to be sent to.
Lastly, the body includesthe actual message.
2. REST (RepresentationalState Transfer)web services:
REST service is not a collectionof paradigm or specific rules, it is
instead the style architecture for software.
iü. Those apps that are designedusing this architectureare collectively
termed as RESTful web services.
well as
ii. It establishes the resources through the use of URL as
depends on the nature of the transportprotocol(like HTTP's: GET,
PUT, POST, DELETE, etc.) used to perform the resources.
iv. Allocationof resourcesin REST depends on the URL. It is more like
conventionsbased application.

Que 2.17. Explain architectural constraints of web services.

Answer

Architectural constraints of web service are:

1. Uniform interface:
a REST API and
i. It is a key constraintthat differentiatesbetween
Non-REST API.
interactingwith
It suggests that there should be a uniform way of
application(website,
a givenserverirrespectiveofdeviceor type of
mobile app).
interface:
iüi. There are four guidelinesprinciple of uniforn1
Resource-based : Individual resources are identified in
a.

requests.
b. Manipulationof resources through representations :
Client has representationof resource and it contains enough
informationto modify or delete the resource on the server,
provided that it has permissionto do so.
2-12 E (CSIT-Sem-7)
Cloud EnablingTechnologies
C.
Self-descriptivemessages:Each messageincludesenough
informationto describe how to process the message so that
server can easily analyse the request.
d. Hypermedia As The Engine of Application State
(HATEOAS):It need to include links for each response so
that client can discover other resources easily.
2. Stateless:
i. It means that the necessarystate used to handle the
request is
contained within the request itself and server would not store
anything relatedto the session.
i. In REST, the client must include all informationfor the
server to
fulfill the request whether as a part of headers or URI.
3. Cacheable:
Every response should include whether the response is cacheable
or not and for how much duration responses can be cached at the
client side.
ii. Client will return the data from its cache for any subsequent
and there would be no need to send the request again to the request
server.
4 Client-Server:
i REST applicationshould have client-serverarchitecture.
. A client is someone who is requesting
resources and are not
concernedwith data storage,which remains internalto each server,
and server is someone who holds the
resources and are not
concerned with the user interface or user state.
5. Layered system :
An applicationarchitectureneeds to be composedof
multiplelayers.
Each layer does not know anythingabout any layer other than that
of immediate layer and there can be lot of
between client and the end server.
intermediateservers
ii. Intermediaryservers may improvesystem
availabilityby enabling
load-balancingand by providingshared caches.
6. Code on demand:
It is an optionalfeature.Accordingto this, serverscan
executablecode to the client.
also provide

Que 2.18. DifferentiatebetweenREST and SOAP.

Cloud Computing 2-13 E (CSIT-Sem-7)

Answer

S. No. REST -SOAP

1. REST is Representational SOAP is Service Oriented
State Transfer. ArchitectureProtocol.

2. It is an architecturestyle. It is a protocol.
3. It usessimple HTTP protocol. It uses SOAP envelop and then
HTTP to transfer the data.
4. It supports many different It supports only XMLformat.
data format like JSON, XML,
YAML etc.

5 Performance,scalability,and Slower performance and

cachingis high. scalabilityis bit complex,caching
not possible.
6. It is used widely and It is used where REST is not
frequently. possible.

Que 2.19. Explain briefly publish-subscribemodel.

Answer
1 In softwarearchitecture,publish-subscribepatternis a message pattern,
a network oriented architectural pattern, which describes how two
differentparts ofa message passing system connect and communicate
with each other.
2 In modern cloud architecture,applicationsare decoupledinto smaller,
independent building blocks that are easier to develop, deploy and
maintain.
3
Publish/Subscribe (Pub/Sub) messaging provides instant event
notificationsfor these distributedapplications.
4
The publish-subscribemodel allows messages to be broadcastto different
parts of a system.
5 Publish-subscribeis a siblingof the message queue paradigm,and is one
part of a larger message-orientedmiddlewaresystem.
6. Messagingsystemssupport both the pub/suband message queue models
in theirAPI. For example, Java Message Service (JMS).
7. This patternprovidesgreaternetworkscalabilityand a dynamic network
topology,with a resultingdecreased flexibilityto modify the publisher
and the structureof the publisheddata.
 2-14 E (CSIT-Sem-7)
Cloud EnablingTechnologies
Que 2.20. Explain how
publish-subscribemodel works.
Answer
Working of publish-subscribemodel :

Subscriber
Message
Message
Publisher Publish/subscribechannel Subscriber

Subscriber

Fig. 2.20.1.
1. Publisher:Publishesmessagesto the communicationinfrastructure.
2. Subscriber:Subscribesto a category of messages.
3. Communicationinfrastructure(channel, classes) : Receives
messagesfrom publishersand maintainssubscribersubscription.
4. The publisher willcategorize published messages into classes where
subscriberswill receive the message.
5 A publisher has one input channel that splits into
channels, one for each subscriber. multiple output
6 Subscriberscan express interestin one or more classes and only receive
interestedmessage.
7 In pub/sub model the publisher and subscriber are
unaware of each
other. The publishersends messages to subscribers,without knowing
about subscriber.
8. Subscriber receives messages, without having knowledge of the
publishers.If there are no subscribersaround to receive the topic-based
information,the message is dropped.
Que 2.21. What are the benefits of publish-subscribemodel ?
Answer
Followingare the benefits of publish-subscribemodel:
1. It decouplessubsystemsthat need to
communicate.Subsystemscan be
managed independently,and messages can be properly managedeven
if one or more receivers are offline.
2. It increasesscalabilityand improves
responsivenessof the sender.The
sender can quickly send a single message to the input channel, then
 2-15 E (CSIT-Sem-7)
Cloud Computing
messaging
return to its core processing responsibilities. Thedelivered to
infrastructure is responsible for ensuring messages
interested subscribers.
helps applicationsto
3. It improves reliability.Asynchronousmessaging
increased loads and handle
continuously run smoothly under
intermittentfailures more effectively.
to pick up messages
4. It allows scheduledprocessing.Subscriberscan waitprocessedaccording
untiloff-peakhours, or messagescan be routedor
to a specific schedule.
5 It enablessimplerintegrationbetweensystems usingdifferentplatforms,
protocols,as well as between
programminglanguages,or communication
the cloud.
on-premisessystemsand applicationsrunningin
enterprise.
6 It facilitatesasynchronousworkflowsacross an
monitoredand messagescan be
7 It improvestestability.Channelscan be strategy.
inspectedor logged as part of an overallintegrationtest
PART-3
Implementation
Basics of Virtualization,Types of Virtualization,
Levels of Virtualization.

Questions-Answers

Type Questions
Long Answer Type and MediumAnswer

Why it is needed ?
Que 2.22. Define virtualization.

Answer
decouples the
1. Virtualizationis an abstractionlayer (hypervisor)thatdelivergreater
(0S) to
physical hardwarefrom the OperatingSystem
IT resourceutilizationand flexibility.
of platformand allows
2. The virtualizationplatformprovidesthe isolation same physical
multiplebusinessesto run multiplevirtualmachineson the
machine.
3. Followingare the benefitsprovided by virtualization:
i. Money saving :
With virtualizationtechnology,the number of physical servers
can be reduced.
Therefore, the ongoing pro curement, maintenance, and
b.
ongoingoperationalcosts will also be reduced.
2-16 E (CSTT-Sem-7)
Cloud EnablingTechnologies
ii. Dramaticincrease in control:
a.
Virtualizationprovidesaflexiblefoundationto providecapacity
accordingto the demand for an organization.
b. New serverscan be quickly deployed. Therefore,servicescan
be providedwithin minutes.
C. It is also easy to ship the infrastructurewhen it is deployed
using virtualizationtechniques.
iüi. Simplifieddisasterrecovery:
More efficient and cost effective disaster recovery solutions
a.
can be realizedwith virtualizationtechnologies.
b. Servers and online businesscan be transferredto an alternate
site within minuteswith the help of virtualization.
iv. Business readiness assessment:
Virtualizationintroduces a shared computing model to an
enterprise and it is easy to understand infrastructure
requirementsin a virtualizedenvironment.
Virtualizationcan help to :
1 Reduce the cost of the existinginfrastructureby reducing operational
and systems managementcost while maintainingthe needed capacity.
2 Reduce the complexityof adding to the infrastructure.
3. Gather informationand collaborationacross the organizationto increase
both the utilization of information and its effectiveuse.
4. Deliveron-ServiceLevel Agreement(SLA) response time during spikes
in productionand test scenarios.
5. Build a heterogeneousinfrastructure across the organization that is
more responsiveto the organization'sneeds.
Que 2.23. Explain various current virtualizationinitiatives.

Answer
Various current virtualization initiatives are:
1. Virtual CPU and memory:
i. Physical CPUs and RAM can be dedicatedor dynamicallyallocated
to virtual machines.
As there is no OS dependencyon the physical hardware, with the
CPUchecking off, virtual machines can be migrated to different
hosts, with backgroundchanges to the physical CPUand memory
resources being transparentto the guest OSs running on virtual
machines.
Cloud Computing 2-17 E (CSIT-Sem-7)

2. Virtual networking:
This creates a virtual 'networkin a box' solution that allows the
hypervisorto managevirtualmachinenetworktrafficthroughthe
physicalNetworkInterfaceController(NIC) and allows each of the
virtual machines to have a unique identityon the network from
the physicalhost.
3. Virtual disk :
i StorageArea Network(SAN) based storageis presentedas storage
targets to the physical host, which in turn used to host virtual
machine's vdisks (virtual disks).
4 Consolidatedmanagement:
i. The performance and health of virtual machines and guest OSs
can be monitored and console access to all of the servers can be
obtainedvia single console.
5. Virtual machine :
Active virtual machines can be transparentlytransferredacross
physicalhosts with no down-timeand no loss of serviceavailability
or performance.
The virtual machine's executionstate, active memory, network
identity,and active networkconnectionsare preservedacross the
source and destinationhosts so that the guest OS and running
applicationsare unawareof the migration.
6. Storage virtual machine :
i Vdisks of active virtual machines can be seamlessly and
transparentlytransferredacross data stores,while the execution
state, active memory, and active network connectionsremain on
the same physical host.
7. Dynamicload balancing:
Dynamicallyload balancesvirtualmachinesacrossthe most optimal
physicalhosts to ensure that pre-definedperformancelevels are
met.
Virtualmachinescan be automaticallyand seamlesslytransferred
to a less busy hostif a particularhost in a resourcepool is in a high
utilization state.
iüi. Differentresourcepools can be definedfor differentbusinessneeds.
iv. For instance,productionpools can be definedwith more demanding
service level requirements,while developmentpools can be used
with more relaxed servicelevel requirements.
8. LogicalPartitions (LPARs):
i LPARs result in hardware layer logical partitioningtocreatetwo or
more isolatedcomputingdomains,each with its own CPU, memory
addressspace and VO interface,with each domain capableof housing
a separate OS environmenton single physicalserver.
 2-18E(CNTTSem
ii LPARs canshare OPUacbavededcatedplyatsal
ii Likewise, an LAR can be a dudeatud jlyanal ydan
space or memory addeeaaeaCan lw dyaancally ulbocaud nnE
LPARs as needed
9. Logical Donains (DOMs) :
Operatingayatums unng in each logal dama
independently managed, lati, alpd, utatud, nd nled
without inpuclingotherLOMa rnig n hat
AType I 'bare etal hyperviooglalate plg v
from physicalresources.
For exanple,domainsaross diatc Wueada n la paHl
the multithveadinglechnologY, hecam lhe hypVan
dynamically managingandencapaulatingthe allnathd hyaal
resouCe8.

10. Zones :

Zone is an O8level vitualizationsolulionvallherthan hulwa.

level hypervisorsolution.
Each zone is an encapsulatedvirtualarver envin nng
within a single Oinstance
As such, zones slare a commn kornel, hmgh a tlhhal nns,
although'hon-native'zonescan emulale an Oenvivmmet oher
than that of the hosl's native O8
Que 2.24. What are the advantagea nnd diaadvantagsat
virtualization ?

Answer
Advantages i
Virtualizationsoftwarereduces VMM comdexily
2. Improves hunctionality.
Increase ertormance
4 Providesserverconsolidation,tuetingad develpnent, epviaot
dynamicload balancingand thedaalerrevery and alan pnvea th
Byslen reliability and security
5.
Connervalionaf enorgY,maintenanve of logny apptatnt
Bupporting a erosa platorm ofiee
Disadvantages
1. High risk in the pthyaical fault
2. It in alo not eany, quite eomplieated
3 Not supported by allapleationa
 2-19 E (CSTT-Sem-7)
Cloud Computing
point of failure, demands power machines,visualization
4 It has single
may lead to lower performance.
possible.
5. Applicationis identifiedto be alwaysnot
note on server
virtualization.
Que 2.25. Write a short

Answer computerthat
works
virtualization as amaskingof the server
1. Server with servers, storage,
of resources
comprises the count and identityuser.
end
processors and OS from the VMs
server into multipleisolated
2 Administratorsdivide the physical
talking to same resourcep0ols. server
an abstractionof the physical
Virtualizationofserversprovidesserver
3
pools for users(Fig.2.25.1).
by maintainingresource

Application Application

Operatingsystem
Operatingsystem

CPU, Memory, Disk

CPU, Memory, Disk

Virtualization/Hypervisor

Memory Disk
CPU

virtualization.
Fig. 2.25.1.Server
Virtual machine: partition, or
termed as a virtual environment,
1 Virtual machinecan be
container. physicallyexist but is
environment, a server that does not
2 Ina server server is called'guest'.
createdon a different termed as 'host'.
instance where a virtual machine runs is
3. The physicalserver.
can have multiple VMs runningon the
4. These hosts
resources can be dynamicallyassignedto
toa pool of
5. AllVMs assigned
pool-based available resources.
VM, he/she is privilegedto use his/herVM as
6. When auser talks to this functionalitiessuch as accessing the OSs,
with all
a physical server hard disk from the common pool.
CPU, memory, and serversbased on supported
multiple virtual
7. The hypervisorvirtualizes
architecture.
bundledwith an OS, CPU,hard disk, and memory.
8 Eachvirtualmachineis
2-20 E (CSTT-Sem-7) Cloud EnablingTechnologies
Virtualizationtechnologies: Two major types of technologies are
employedin server virtualization:
a. Hardware virtualization :
i. Hardware virtualizationis also known as hypervisor-based
virtualization,bare-metalhypervisor,type 1virtualization,or
simply hypervisor.
This virtualizationtechnologyhas a virtualizationlayer running
immediatelyon the hardwarewhichdividesthe servermachine
into several , virtual machines or partitions, with a guest OS
running in each of these machines.
i. The binarytransparencyis providedby avirtualizedapproach
and products enable the transparencyfor OSs, middleware,
and applications.
b. OS virtualization:
This type of server virtualizationis also known as OS-based
virtualization,OS-level virtualization,or type 2virtualization.
OS virtualization creates virtualization environments within a
single instanceof an 0S.
üi. Virtual environmentscreated by OS virtualizationare often
called 'containers'.
iv. Because all virtualizationenvironmentSmust share resources
of a single OS while having a privatevirtual OS environment,
a particularimplementationof the technology may alter the
file systemorientationand often introduceaccess restrictions
to globalsystem configurationor settings.

|Application |Application
Guest OS Guest OS

Application Hypervisor

Host OS

Hardware

Fig. 2.25.2. OS virtualization.

Que 2.26. What are the types of virtualization?

Answer
Types of virtualization :
1. OS virtualization :
i Virtualizingan operatingsystem environmentis the most common
form of virtualization.
 2-21 E (CSTT-Sem-7)
Cloud Computing
instances of an
ii. It involves putting a second instance or multiple
operatingsystem, like Windows,on a single machine.
physical
li. This empowers businesses to reduce the amount of
hardwarerequiredto run theirsoftwareby cuttingdown the number
of actual machines.
rack space,
ivIt saves companiescash on energy, cabling, hardware, of
and more, while still allowing them to run the same quantity
applications.
2. Application-servervirtualization:
Application-servervirtualizationis also referred to as 'advanced
servers
load balancing,'asit spreads applicationsacross serversand
across applications.
specific
This enables IT departments to balance the workload of
.

ii
software in an agile way that does not overload a specificserver or
underload a specific applicationin the event of a large project or
change.
ii. It also allows for easier managementof
servers and applications,
since we can manage them as a single instance.
3 Application virtualization :
Applicationvirtualizationoperates applicationon computersas if
on
they reside naturallyon the hard drive, but instead are running
a server.
storing
The abilityto use RAM and CPUto run the programswhile
terminal services and
them on a server, like through Microsoft are
cloud-basedsoftware,improves how softwaresecurityupdates
pushed, and how softwareis rolled out.
Administrative virtualization :
4.
least-known forms of
1.
Administrative virtualization is one of the
used in data
virtualization,likelydue to the fact that its primarily
centers.
'management,'virtualization
The concept of administration,or policies.
means segmentedadmin roles throughgroup and user
involves virtually
5. Network virtualization : Network virtualizationlike routing tables,
managing IPs, and is accomplishedthrough tools
NICs, switches,and VLAN tags.
Page 2-19E, Unit-2.
6 Hardware virtualization : Refer Q. 2.25,
7. Storage virtualization:
are managed by a
Storagevirtualizationis an array of servers that
virtual storage system.
where their data is stored.
The servers are not aware of exactly
level of virtualization.
Que 2.27. Explain the implementation
2-22 E (CSIT-Sem-7)
Cloud EnablingTechnologies

Answer
Various implementationlevel of virtualization:
1. InstructionSet
Architecture(ISA) level:
i. At the ISA level, virtualizationis performedby
ISAby the ISAof the host machine. emulatinga given
The basic emulationmethod is throughcode
üi. An interpreterprograminterpretsthe sourceinterpretation.
instructionsone by one. instructionsto target
iv. One source instruction may require
tens or hundreds of native
target instructionsto perform its function. This process is
slow. relatively
V For better performance,dynamic binary translationis
Vi. This approach translatesbasic blocks of dynamic
desired.
to target instructions. source instructions
Vi. The basic blocks can also be
extendedto program traces or super
blocks to increase translationefficiency.
vi. AVirtualInstructionSet
Architecture(V-ISA)thus requiresadding
a processor-specificsoftware
translationlayer to the compiler.
2. Hardware abstractionlevel:
It is performedright on top of the
bare hardware and generatesa
virtual hardware environmentfor a VM.
The idea is to virtualize a
computer's resources, such as its
processors, memory, and VO devices so as hardware utilization
rate by multiple users concurrentlymay be
3. Operating system level :
upgraded.
OS-level virtualizationcreates isolated containers on a
single
physical server and the OS instances to utilize the hardware
software in data centers. and
The containersbehave like real servers.
OS-levelvirtualizationis
commonly used in creatingvirtual hosting environmentsto allocate
hardwareresources among a large number of mutually distrusting
users.

ii. Library Support Level

Virtualizationwith library
possibleby controllingthe communicationlink betweeninterfaces is
and the rest of a system through API hooks. applications
4. Library support level:
Virtualizationwith library interfacesis possibleby controllingthe
communicationlink between applicationsand the rest of a system
through API hooks.
ii. The softwaretool WINE has
Windows applicationson topimplemented this approachto support
of UNIX hosts.
Cloud Computing 2-23 E (CSIT-Sem-7)

5. User-application level :
Virtualizationat the applicationlevel virtualizesan applicationas a
VM.
On a traditionalOS, an applicationoften runs as a process.
iüi. Therefore, application-level virtualization is also known as
process-levelvirtualization.The most popularapproachis to deploy
High Level Language(HLL).

Applicationlevel

JVM/.NET

Library (user-level API)level

WINEVisual MainWin

Operatingsystem level

Virtual Environment/FVM

Hardware abstraction layer (HAL) level

VMware/Virtual PC/Xen/
User mode Linux/CooperativeLinux

Instruction set architecture (ISA) level

Bochs/BIRD/Dynamo

Fig. 2.27.1.

PART-4

VirtualizationStructure,Tools and Mechanism, Virtualizationof

CPU,Memory, I/O Devices, VirtualizationSupport and
DisasterRecovery.
 2-24 E (CSIT-Sem-7)
Cloud EnablingTechnologies

Questions-Answers
Long Answer Type and Medium Answer Type Questions

Que 2.28. Describevirtualizationstructure.

Answer
1. In virtualizationstructure,the
operatingsystem manages the hardware.
2. Avirtualizationlayer is insertedbetween the
hardwareand the operating
system.The virtualizationlayer is responsiblefor convertingportionsof
the real hardware intovirtual hardware.
3. Therefore,different operatingsystemssuch as Linux and Windows can
run on the same physical machine,simultaneously.
4 Dependingon the positionof the virtualizationlayer, there are several
classes of VM architectures:
i Hypervisor(VirtualMachineMonitor)architecture
i. Para-virtualization
Host-based virtualization

Que 2.29. Deseribehypervisorarchitectureand Xenarchitecture.

Answer
Hypervisor architecture :
1. The hypervisorsupports hardware-levelvirtualizationon bare-metal
deviceslike CPU, memory,disk and netwÍrkinterfaces.
2. The hypervisorsoftware sits directly between the physical hardware
and its OS.
3 This virtualizationlayeris referredto as eitherthe VMM or the hypervisor.
The hypervisorprovideshypercallsfor the guest OS and applications.
4. Dependingon the functionality,a hypervisorcan assumea microkernel
architecturelike the MicrosoftHyper-V,or it can assume a monolithic
hypervisorarchitecturelike the VMware ESX for servervirtualization.
5. A microkernel hypervisor includes only the basic and unchanging
functions (such as physical memory management and processor
scheduling).The device drivers and other changeablecomponentsare
outside the hypervisor.
6. Amonolithie hypervisor implements all the mentioned functions,
includingthose of the device drivers.
Cloud Computing 2-25 E (CSTT-Sem-7)

The Xen architecture :

1 Xen is a microkernelhypervisor,which separatesthe policy from the
mechanism.
2. The Xen hypervisorimplementsall the mechanisms,leavingthe policy
to be handled by Domain 0.
3 Xen does not include any device drivers natively. It just provides a
mechanismby which a guest OS can
4. Xen provides a virtual environmentlocated between the hardware and
the OS.
5. The core componentsof a Xen system are the hypervisor, kernel,and
applications.
6 Like other virtualizationsystems, many guest OS can run on top of the
hypervisor.
and the
7. The guest OS, which has control ability, is called Domain 0,
others are called Domain U.

8 Domain 0 is a privilegedguest OS of Xen. Domain 0 is designedto access

hardwaredirectlyand manage devices.
map hardware
9 The responsibilitiesof Domain 0 is to allocate and
domains).
resourcesfor the guest domains (the Domain U
Control, JO Guest domain
(Domain 0) Guest domain

XonoLinux XonoWindows
Domain 0

XEN (Hypervisor)
Hardware devices

Fig. 2.29.1.

with fll
Que 2.30. Write a short note on binary translation
virtualization.
OR
Describe host-based virtualization.
2-26 E (CSIT-Sem-7) Cloud EnablingTechnologies

Answer
Binary translationwith full virtualization:
1. Full virtualization:
i. With fullvirtualization,non-criticalinstructionsrun on the hardware
directlywhile criticalinstructionsare discoveredand replacedwith
traps intothe VMM tobe emulated by software.
Both the hypervisor and VMM approaches are considered full
virtualization.
ii. Critical instructionsare trapped into the VMM because binary
translationcan incur a large performanceoverhead.
iv. Non-critical instructions do not control hardware or threaten the
securityof the system, but criticalinstructionsdo.
V.
Therefore,runningnon-criticalinstructionson hardwarenot only
can promote efficiency,but also can ensure system security.
2. Binary translation of guest OS requests using a VMM:
i. VMware puts the VMM at Ring 0 and the guest OS at Ring 1.
: The VMM scans the instructionstream and identifiesthe
privileged,
control and behaviour sensitive instructions.
üi. When these instructionsare identified,they are trapped into the
VMM, which emulates the behaviour of these instructions.The
method used in this emulationis called binary translation.
iv. Full virtualizationcombines binary translationand direct
execution.
The guest OS is completely decoupled from the underlying
hardware.Consequently,the guest OS is unaware that it is being
virtualized.

User apps Direct

Ring 3 execution
of user
Ring 2 requests
Ring 1 Guest OS
Binary
Ring 0 VMM translation
of OS
request
Host computer
system hardware

Fig. 2.30.1.
Cloud Computing 2-27 E (CSIT-Sem-7)

Host-based virtualization:
An alternativeVM architectureis to install a virtualizationlayer on
top of the host OS. This host OS is still responsiblefor managing
the hardware.
ii. The guest OS are installed and run on top of the virtualization
layer.
ii. Dedicatedapplicationsmay run on the VMs. Certainly,some other
applicationscan also run with the host OS directly.
iv. Advantagesof host- basedarchitecture:
a.
The user can install the VM architecture without modifying
the host OS. The virtualizingsoftwarecan rely on the host OS
services.This will
to provide device drivers and other low-level
simplifythe VM design and ease its deployment.
b The host-based approach appeals to many host machine
configurations.Comparedto the hypervisor/VMMarchitecture,
the performanceof the host-based architecturemay also be
low.

Que 2.31. Describe para-virtualization.

Answer
Para-virtualization :

Application Application

Para-virtualized Para-virtualized
guest operating guest operating
system system

Hypervisor/VMM
Hardware

Fig. 2.31,1.
1
Para-virtualizationneeds to modify the guest operatingsystems.
substantialOS
2 Apara-virtualizedVM provides special API requiring
modificationsin user applications.
machine
3 The virtualizationlayer can be insertedat differentpositionsin a
software stack.
4 Para-virtualizationattemptstoreduce the virtualizationoverhead,and
kernel.
thus improve performanceby modifyingonly the guest OS
5 The guest operatingsystems are para-virtualized. They are assisted by
OS instructions
non-virtualizable
an intelligentcompilerto replace the
by hypercalls.
2-28 E (CSIT-Sem-7)
Cloud EnablingTechnologies
6 The traditionalX86 processoroffers four instructionexecution rings:
Rings 0, 1, 2, and 3.
7. The lower the ring number, the higher the privilege of instructionbeing
executed.
8. The OS is responsiblefor managing the hardware and the privileged
instructionsto execute at Ring 0, while user-level applicationsrun at
Ring 3.
Ring 3 User Apps

Ring 2 Direct
execution
of user
Ring 1
requests
Paravirtualized
Ring 0 Guest OS
Hypercallsto the
Virtualizationlayer virtualization
layer replace
non-virtualizable
Host computer OSinstructions
system hardware

Fig. 2.31.1.

Que 2.32. What are the various tools of virtualization?

Answer
Various tools of virtualization are :
1. Ganeti :
Ganetiis a clusterserver managementtool developedby Google.
It is builton existingvirtualizationtechnologieslike KVM, Xen and
other open-sourcesoftware.
. Ganeti was initiallystartedas a VMware alternativefor managing
networks,storage,and virtualmachinesand not as acloud platform,
meaningit lacks severalof the featuresthat come with largeropen
cloud projects.
iv. It was designed to handle cluster managementof virtual servers
and offer quick and easy recovery after physical failures using
commoditysoftware.
2. KVM (Kernel-basedVirtualMachine):
KVM isan open-sourcevirtualizationtool for Linux and contains
virtualizationextensions(AMD-Vor Intel VT).
Cloud Computing 2-29 E (CSIT-Sem-7)

ii It can either be operatedin emulationor hardwaremode. However,

without the CPUextensions,the overallperformancewill be poor.
ii. It was designed for command line.
iv. KVM has a decent management interface that enable users to
perform actions like launching and stopping virtual machines or
taking screen shots with ease.
3. oVirt:
oVirt is a virtualizationsolution used to manage/createvirtual data
centers. oVirt manages storage options, virtualizednetworks, and
virtual machines using interactive an easy to use web-based
administrationand user portal.
oVirt supports several advanced virtualizationfeatures like live
storage migration,high availability,and the ability to control and
schedule the deploymentof virtual machines.
4. Packer:
i. Packer can be used by system admins to build and subsequently
manage the operations of virtualmachine images.
ii
The same commands and files can be used to build an image on
DigitalOcean, AWS or for vagrant and VirtualBox.
ii. This enables us to use the same system for developmentwhich we
then create in production.
5. Vagrant :
i.
Vagrant is a command-linetool that provides a framework and
configurationformat for creating, managing and distributing
virtualizeddevelopmentenvironments.
ii Vagrant enables users to share their runningvagrant environment
via the internet.

6. Xen :
i Xen is a best Linux hypervisors.
i.
The Xen hypervisoris inserted betweenthe server'shardwareand
the operatingsystem.
iü. This createsan abstractionlayer that allows multipleguest operating
systems to be concurrentlyexecutedon a single physical server.
iv. Xen is includedwith most popular Linux distributionslike Fedora,
RHEL,CentOS, Ubuntu, and Debian.

Que 2.33. Write a short note on CPU virtualization,

Answer
1 CPUvirtualizationis a hardwarefeaturethat allows a single processor
to act as ifit was multipleindividualCPUs.
2-30 E (CSIT-Sem-7)
Cloud EnablingTechnologies
2 This allows an operatingsystem to effectively&efficientlyutilize the
CPU powerin the computer.
3 CPUvirtualizationgoes by different names depending on the CPU
manufacturer.
4 For Intel CPUs, this feature is called Intel Virtualization
Intel VT, and with AMD CPUs it is called AMD-V. RegardlessTechnology,or
of what it
is called, each virtualizationtechnology provides generally the
features and benefitsto the operatingsystem. same
5 CPUvirtualizationis disabled by default in the BIOS and needs to be
enabled in order for an operatingsystem to take advantageof it.
6 CPUvirtualizationinvolves a single CPUacting as if it were multiple
separateCPUs. The most common reason for doing this is to run multiple
different operatingsystems on one machine.
7. CPUvirtualizationemphasizesperformanceand runs directly on the
dvailable CPUs whenever possible.
8 The underlyingphysicalresources are used wheneverpossible and the
virtualizationlayer runs instructionsonly as needed to make virtual
machinesoperate as ifthey were runningdirectlyon a physical machine.
Que 2.34. Describe memory virtualizationin cloud computing.

Answer
1. MemoryvirtualizationdecouplesvolatileRandom Access Memory (RAM)
resourcesfrom individualsystemsin the data center, and then aggregates
those resourcesinto a virtualizedmemory pool availableto any computer
in the cluster.
2 The memory pool is accessed by the operating system or applications
running on top of the operatingsystem.
3 The distributedmemory pool can then be utilizedas a high-speedcache,
a messaginglayer, or a large shared memory resourcefor a CPU.
4 Memoryvirtualizationallows networkedand distributed,serversto share
a pool of memory to overcome physical memory limitations,a common
bottleneckin software performance.
5 With this capabilityintegratedinto the network, applicationscan take
advantage of a very large amount of memory to improve overall
performance,system utilization,increase memory usage eficiency,and
enable new use cases.
6 Memory virtualizationimplementationsare distinguishedfrom shared
memory systems.
7 Shared memory systems do not permit abstractionof memory resources,
thus requiringimplementationwith a single operatingsystem instance
(i.e., not within a clusteredapplicationenvironment).
Cloud Computing 2-31 E (CSIT-Sem-7)

8 Memory virtualizationis differentfrom storagebased on flash memory

such as Solid-StateDrives (SSDs) -SSDs and othersimilartechnologies
replace hard-drives (networked or otherwise), while memory
virtualizationreplacesor complementstraditionalRAM.
Que 2.35.Writea short note on VO virtualization.
Answer
1. JO Virtualization(10V), or input/outputvirtualization,is technology
that uses software to abstract upper-layer protocols from physical
connectionsor physicaltransports.
2 This technique takes a single physical component and presents it to
devicesas multiplecomponents.
3
Because it separates logical resource from physical resources. IOV is
considered an enabling data center technology that aggregates IT
infrastructureas a shared pool, includingcomputing, networkingand
storage.
4 Recent PeripheralComponentInterconnectexpress(PCle) virtualization
standardsinclude single root VO virtualization(SR-IOV)and multi-root
VOvirtualization(MR-IOV).
5.
SR-IOV convertsa hardware componentinto multiplelogical partitions
that can simultaneouslyshare access toa PCle device.
MR-IOV devices reside externallyfrom the host and are shared across
6.
multiplehardwaredomains.

Que 2.36 How LVO virtualizationworks.

Answer
1 In VO virtualization,a virtual device is substituted for itsphysical
equivalent,such as a Network InterfaceCard (NIC) or Host Bus Adapter
(HBA).
setup
2 Aside from simplifyingserver configurations,/O virtualization
devices.
has cost implicationsby reducingthe electricpower drawn by I/O
3
Virtualizationand blade server technologiescram dense computingpower
centers
into a small form factor. With the advent of virtualization,dataas burst
started using commodityhardware to support functions such
computing,load balancingand multi-tenantnetworkedstorage.
4
JOvirtualizationis based on a one-to-manyapproach.The path between
a physical server and nearby peripheralsis virtualized,
allowinga single
IT resource tobe shared among Virtual Machines (VMs).
5 The virtualizeddevices interoperatewith commonly used applications,
operatingsystemsand hypervisors.
2-32 E (CSIT-Sem-7) Cloud EnablingTechnologies
6 This techniquecan be applied to any server component,including disk
based RAID controllers,Ethernet NICs, Fibre Channel HBAs,graphics
cards and internallyznountedSolid-StateDrives (SSDs). For example, a
single physical NIC is presentedas a series of multiplevirtual NICs.
Que 2.37 Describe virtualizationsupport.
Answer
1 With the help of VM technology,a new computingmode known as cloud
computingis emerging.Cloud computingis transformingthe computing
landscapeby sharingthe hardwareand costs of managinga computational
center to third parties,just like bankS.
2 Cloud computinghas atleast two challenges:
The ability to use a variable number of physicalmachines and VM
instancesdependingon the needs of a problem. For example, a task
may need only a single CPU during some phases of executionbut
may need hundreds of CPUs at other times ?
The slow operationof instantiatingnew VMs. Currently,new VMs
originate either as fresh boots or as replicatesof a template VM,
unaware of the current applicationstate. Therefore, to support
cloud computing,a large amount of researchand developmentis to
be done.

Que 2.38 Explain DisasterRecovery (DR) in cloud

computing.
Answer
1 Disaster Recovery (DR) is one of the important factors for cloud
deployments.
2 DR defines the factorsto ensure service availabilityand trust,
and help
todevelop credibilityfor the cloud vendor.
3 DR has been treated as separate disciplinesthat focused on
and recovering business operations having following planning
disruptions: catastrophic
Site/facilitydestruction,hurricanes,tornados, floods and fire.
Often long duration (days to weeks).
iüi. Often involvesshiftingwork (and people) to alternate
facilitiesfor
some period of time.
4. The objective of the DR plan is to provide critical IT service within a
stated period of time followingthe declaration of a disaster and perform
the followingactivities:
i Protect and maintain currency of vital records.
ii. Select a site or vendor
that is capableof
of the criticalapplicationworkload. supportingthe requirements
Cloud Computing 2-33 E (CSIT-Sem-7)

ii. Provide a provision for the restoration of all IT services when

possible.
5. ADR plan includes proceduresthat will ensure the optimum availability
of the critical business function and the protection of vital records
necessaryto restore all servicesto normal.
6. When DR plansfail, the failuresprimarilyresultfrom lack of HA (High
Availability)planning, preparation,and maintenanceprior to the
occurrence of the disaster.
7 An infrastructuresupportinghigh availability(HA) is essentialfor a
rapid DR. The system and applicationdesignsmust be built to support
HAand rapid DR.
8 To preventgaps in DR plans,recoveryprocedures,technologyplatforms,
and DR vendors,contractsmust be updatedconcurrentlywith changes.
 3
UNIT
Cloud Architecture,
Servicesand Storage

CONTENTS
Part-1 : Layered Cloud Architecture ........... 3-2E to 3-6E
Design, NIST Cloud Computing
Reference Architecture

Part-2 : Public, Private and ......... 3-6E to 3-14E

Hybrid Clouds
Part-3: laaS, PaaS, SaaS .3-14E to 3-26E
Part-4 : Architectural Design .3-26E to 3-32E
Challenges, Cloud Storage,
Storage-as-a-Service,
Advantages of Cloud
Storage, Cloud Storage
Providers-S3

31E(CNIT-Sem-7)
3-2E (CSIT-Sem-7)
Cloud Architecture,Services&Storage

PART- 1

Layered Cloud ArchitectureDesign, NIST Cloud Computing

ReferenceArchitecture.

Questions-Answers
Questions
Long Answer Type and Medium Answer Type

Que 3.1. Explain the layered architecture ofa cloud.

Answer
Layered architecture of acloud:
Applicationlayer

(Web services,multimedia,business applications)

Platformslayer
(Software framework)

Infrastructure layer

(Storages,virtual machine)

Datacenter layer

(CPU, memory, disk, bandwidth)

1. Application layer :
used by
a. This layer consists of different cloud services which are
cloud users.
b These applicationsprovide services to the end user as per their
requirements.
2. Platform layer :
a. This layer consistsof applicationsoftware and operatingsystem.
b. The objectiveof this layer is to deploy applicationsdirectlyon the
virtual machines.
Cloud Computing 3-3E(CNIT-Sem-7)
3. Infrastrueturelayer :
Itin avirtualizationlayer where physicalresourcesare
into set of virtual resources through different partitioned
virtualization
technologiessuch as Xen,KVM andVMware.
This layer is the core of thecloud environmentwhere cloud resources
nre dynamically provisioned using different
technologies. virtualization
4. Datacenterlayer :
This layer is accountablefor managing physical resourcessuch as
Nervers, Nwitches,routers, power supply, and
in the datacenter of the cloud environment. cooling system et.,
b All the resources are available and managed in
datacenters to
provide Nervices to the end user.
The dataconter consists of physical servers, connected through
high speed deviceN such as router and gwitches.
Que 3.2. Describe briefly NIST cloud computing reference
architecture.

Answer
NIST cloud computingarchitecture:

Cloud
consumer

Cloud provider Cloud

Cloud broker
auditor

Cloud carrier
1. Cloud consumer :
Acloud consumer is the end user who browses or utilizes the
services provided by Cloud Service Providers(CSP),sets up service
contractswith the cloud provider.
In this, set of organizationshaving mutual
performs a securityand risk assessment forregulatory constraints
cach use case of cloud
migrationsand deployments.
i. Cloudconsumersuse Service-LevelAgreement (SLAs) to
the technicalperformance requirementsto be specify
provider. fulfilled by a cloud
iv. SLAs can cover terms concerningthe
and remedies for performancefailures.quality service, security,
of
34E (CSIT-Sem-7) Cloud Architecture,Services&Storage

2. Cloud auditor :
Cloud auditoris an entity that can conductindependentassessment
of cloud services, security,performanceand informationsystem
operationsof the cloud implementations.
i. The services that are provided by Cloud Service Providers(CSP)
can be evaluated by service auditors in terms of privacy impact,
securitycontrol and performance,etc.
iü. Cloud Auditor can make assessment of the securitycontrolsin the
informationsystem to determinethe extent to which the controls
are implementedcorrectly,operatingas planned and constructing
necessities
the desiredoutcome with respect to meeting the security
for the system.
auditor :
iv. There are three major roles of cloud
a. Securityaudit
b Privacyimpactaudit
C.
Performance audit
3. Cloud service providers :
servicesto cloud consumers
i It is a group or object that delivers cloud
or end users.
variety of cloud services
.H
It offers consumersto purchasea growing
from cloud service providers.
cloud-based services:
ii. There are various categoriesof
providers
a. laaS providers : In this model, the cloud service
in an on
offer infrastructure components that would exist servers,
premises datacenter. These compcnents consist of
networkingand storageas well as the virtualizationlayer.
Software-as-a-Service(SaaS), vendors
b. SaaS providers : In technologies,such as
provide a wide sequence of business Customer
Human Resources Management(HRM)software,which the
all
RelationshipManagement(CRM) software, internet. of
SaaS vendor hosts and provide servicesthrough
(PaaS), vend
C. PaaS providers : In Platform-as-a-Service
offer cloud infrastructure and services that can access to
products are
perform many functions. In PaaS, services andprovidersoffer
mostly utilizedin softwaredevelopment.PaaS
providers provide
more services than laaS providers. PaaS applicationstack,
operatingsystemand middlewarealong with
tothe underlyinginfrastructure.
4. Cloudbroker: performance,use and
An organizationor a unit that manages the
deliveryof cloud servicesby enhancingspecificcapabilityand offers
the value-added services to cloudconsumers.
into one or more new
It combines and integrates various services
services.
Cloud Computing 3-5 E (CSIT-Sem-7)

ii They provide service arbitrage which allows flexibility and

opportunisticchoices.
iv There are major three servicesoffered by a cloud broker :
a. Serviceintermediation
b. Service aggregation
C. Service arbitrage
5. Cloud carrier:
i The mediatorwho offer connectivityand transportofcloud services
within cloud service providersand cloud consumers.
It allows access to the servicesof cloud throughInternetnetwork,
telecommunication,and other access devices.
Que 3.3. Discuss the scope between provider and consumer of
NIST cloud computingreferencearchitecture.
Answer
1 The cloud providerand cloud consumershare the control of resources
in a cloud system.
2. This analysis of descriptionof controls over the applicationstack helps
to understand the responsibilitiesof parties involved in managing the
cloud application.
Cloud consumer
Paas
|Applicationlayer IaaS

SaaS
Paas Middlewarelayer
Operating system
layer

Cloud provider
Fig. 3.3.1. Scope of controls between provider and consumer.
3. The application layer includes software applications targeted at end
users or programs.
4 The applicationsare used by SaaS consumers, or installed/managed/
maintainedby PaaS consumers,IaaS consumers,and SaaS providers.
5. The middlewarelayer provides software building blocks (for example,
ibraries,database, and Java Virtual Machine) for
software in the cloud. The middleware is useddevelcping application
by PaaS consumers,
installed/managed/maintainedby laaS consumers or PaaS providers,
and hidden fromn SaaS consumers.
3-6E (CSIT-Sem-7) Cloud Architecture,Services&Storage

6. The OS layer includesoperatingsystem and drivers, and is hidden from

SaaS consumers and PaaS consumers.
7 An laaS cloud allows one or multiple guest OS's to run virtualizedon a
single physicalhost.
8 Generally, consumers have broad freedom to choose which OS to be
hosted among all the OS's that could be supportedby the cloud provider.
The laaS consumers should assume full responsibilityfor the guest
OS's, while the laaS provider controls the host OS.

PART-2

Public,Private and Hybrid Clouds.

Questions-Answers

Long Answer Type and Medium Answer Type Questions

Que 3.4. Write a short note on public cloud.

Answer
Public cloud is a cloud in which the cloud infrastructure and computing
1
network.
resourcesare made availableto the general public over a public
Publiccloud offers resource pooling, self-service,service accounting,
2
elasticity, multi-tenancyto manage the solutions, deployment, and
securingthe resourcesand applications.
Public cloud

Cloud

Fig. 3.4.1. Public cloud.

Cloud Computing 3-7 E (CSIT-Sem-7)
4
Eiiterprisesare able tooffload commodity applicationsto third-party
serviceproviders(hosters).
5. The term 'public' does not mean:
a.
That it is free, even though it can be free or fairly
use. inexpensiveto
b. That a user's data is publiclyvisible - public cloud
vendors typically
provide an access control mechanism for their users.
6. Followingare the examplesof publiccloud application:
Public facing web pages
b PublicWiki'sand blogs
C. Jobs resemblingbatch processingwith lower
d
securityconstraints.
Data intensiveworkloads
7. The servicesconsumed from a public cloud are as
follows:
i. Security and data privacy
ii Ease of access
iii. Discovery of services
iv. RESTful interfacesupport
V. Lower cost
vi. Speed and availability
Que 3.5. Discuss securityin a public cloud.
Answer
Securityin a public cloud :
1. Multi-tenancy:
i As long as the cloud providerbuilds its securityto
risk client requirements, all of the meet the higher
lower-risk clients get better
securitythan they would have normally.
A bandage manufacturermay have a low
risk of being a direct
target of malfeasance,but a music label that is
sharers could have a high risk of being targetedcurrently using file
by malfeasance.
ii. When both the bandage
manufacturer
same cloud (multi-tenancy),
and the musiclabel use the
it is possible that attacks directed at
the music label could affect the
infrastructureas well. bandage manufacturer's
iv. So, the cloud provider must design the
of the music label and the security to meet the needs
bandage manufacturergets the benefits.
2 Securityreview :
As the timepasses, organizationsbecome
policies. lenientwith their security
3-8 E (CSTT-Sem-7) Cloud Architecture,Services&Storage

i. In order to tackle security review, cloud service provider should

conduct regular audits, review, and assessmentsfor the security.
üi. This should be done by securityspecialistswho are able to identify
the issues and fix them.
immediatelyafter the
iv. The report should be providedto each clientknow
assessmentis performedso that the clientsthe current state
of the overallcloud'ssecurity.
Mutual risk :
i There can be a situationwhere the cloud service providermay not
be the cloud operator,but providinga value-addedservice on top of
another cloud provider'sservice.
is good to
Like somebodywants to offer the SaaS-basedservices,itthe SaaS
offer
lease the infrastructureof an laaS provider and
infrastructure from the
based services instead of building the
scratch.
each
ii. Inthis way,the tiers of IaaS and SaaS are developedon top of
other.
operatorand service
iv. In this setup,there is a risk associatedto each
providerand it is shared among them.
They share the securityrisks at differentlevels.
should be devised to suit
vi. Therefore,a holistic risk mitigationplan
the architecture of the cloud provider.
4 Employeephysical screening:
organizationsto hire
i. In this outsourcingworld, it is common for the
for the cloud service
the contract services. Same thing works
providers.
backgroundverification
i. Likeregularemployees,contractemployee
service provider.
should be done by a third party for cloud
all type of employees
ii. Service providershould publish its policy to employees once the
and report should be generated for the
backgroundverificationis accomplished.
betweenthe user and the service
iv. This screeningestablishesthe trust
provider.
5. Multi-geographical datacenters:
i. Disasters, whether man-made or natural, are part of life.
practice,the
They can be storm, earthquakes,fire, or cable cuts. In
cloud is areliable modelas it is not based on single or one location
hence,
based datacenter. Cloud datacenters are distributed and
less prone to disasters.
services for
ii. But sometimesorganizationssign up the public cloud
one location only.
Cloud Computing 3-9 E (CSIT-Sem-7)

iv. In this case, it is more important for the providers to test their
disaster recovery option as they are heavily tied with SLAB and
penalties.
V At the same time, organizationas a consumer should als0 check
and test the disaster recoveryoptionswith mock drills of fail over.
6. Physical security:Physicalthreatsare also importantto be analyzed
when optingfor cloud servicesfrom a provider.There are various points
to be analyzed:
i. Whether allthe facilitiesof the cloud providerhave the same level
of security?
ii Is it possiblethat only one site is secured and there is no information
availablefor the data residency?
iüi. Whether datacenteris having all the necessary physical security
componentssuch as biometricaccess, surveillancecameras, logbook,
escorts, and automatic alarms ?
7. Regulations :
i If any of the service provider says that they never had a security
issue, it means they are either misleading or not aware of the
consequencesof the incidents.
i. So, all cloud service providersshould have a special task force for
any incidentresponsebased on the policiesand regulations.
ii. These policies should be shared with the end customersalso.
8. Programming conventions :
1. Whether it is IaaS, SaaS, or PaaS, cloud providersstill use their
own softwarethat may be prone to securitythreats and bugs.
It is recommended to the cloud providers to use the secure coding
and programmingpractices.It should be based on standardsthat
are well documented,reviewed, accepted, and adhered.
9. Data control :
Today in the securitydomain,an organization'sgreatestrisk is daa
and information control.
All governments and corporate organizationshave laid down
compliancesand regulationsto handle the situation.
i. Therefore,the cloud service providershould be able to adhere to
the guidelineslaid by the region or agency.
iv. The cloud provider should own the policies to meet the regulation
and compliances.
V. There should be strong encryption mechanism for the in-flight
data.

Que 3.6. Write down the advantagesand disadvantagesof public

cloud.
3-10 E (CSIT-Sem-7) Cloud Architecture,Services&Storage

Answer
Advantages of publiccloud:
1. Flexible
2 Reliable
3 High scalable
4 Low cost
5. Place independence
Disadvantages of publiccloud:
1 Less secured
2 Poor customizable

Que 3.7. What do youmean by private cloud ?

Answer
1 Private clouds are deploymentsmade inside the company'sfirewall (on
premise datacenters)and traditionallyrun by on-site servers.
2. Private clouds offer some of the benefits of a public cloud computing
environment, such as elastic on-demand capacity, self-service
provisioning,and service-basedaccess.
3 Private cloud is suitable when the traditional requirements,such as
control,security,and resiliency,are more emphasizedby an organization
with the restrictedand designateduser access and authorization.
Servicesin private cloud:
1. Virtualization
2 Governmentand management
3. Multi-tenancy
4 Consistentdeployment
5. Chargebackand pricing
6 Security and access control
Benefits of using private clouds :
1. Eliminatingcapital expensesand operatingcosts :
Ownership of the hardware or software eliminatesthe pay-per
use potential,as these must be upfront purchases.
The full cost of operations must be shouldered as there is no
elasticity.
iüi. If the privatecloud hardwareis sized for peak loads, there will be
inefficientexcesscapacity.
iv. Otherwise,the owner will face complex procurementcycles.
Cloud Computing 3-11 E (CSIT-Sem-7)
2. Removing undifferentiatedheavy lifting by offloading data
center operations:
i Utilitypricing(for lower capitalexpenses and
operatingexpenses)
usually implies an outside vendor offeringon-demand
. It relies on the economiesof services.
of resources. multipletenantssharinga larger pool
ii. These highercosts might be justifiedif the
easier self-serviceprovisioningand benefitsof quicker and
service-orientedaccess are large.
Que 3.8. What are the types of
private cloud ?
Answer
Types of private cloud :
1. Shared privatecloud:
a. This is a shared compute capacitywith variable
to business units that are based on usage-basedpricing
service offerings,accounts data
centers.
b. It requiresan internalprofit centerto take over or buy
made available throughaccount consolidations. infrastructure
2 Dedicatedprivatecloud:
a
Dedicated private cloud has IT service catalog with dynamic
provisioning.
b. It depends on standardized
Service-OrientedArchitecture(SOA)
assetsthat can be broadlydeployed into new and existingaccounts
and is a lower-cost model.
3. Dynamic private cloud:
a Dynamic private cloud allows client workloads to dynamically
migrate from and to the compute cloud as needed.
b This model can be shared and dedicated.
C It delivers the ultimate value of clouds.
d This is a very low-managementmodel with reliable SLAs and
scalability.
Que 3.9. Write down the advantagesand disadvantagesof private
cloud.

Answer
Advantagesof private cloud :
1. Highly privateand secured:Privatecloud resource
secured.
sharing is highly
3-12 E (CSIT-Sem-7) Cloud Architecture,Services&Storage

2 Control oriented : Private clouds provide more control over its

resourcesthan publiccloud as it can be accessedwithin the organization's
boundary.
Disadvantagesof private cloud :
1. Poor scalability :Privatetype of clouds is scaled within internallimited
hosted resources.
2 Costly: It provides secured and more features, so it's more expensive
than a public cloud.
3. Pricing:It is inflexiblei.e., purchasingnewhardware for up-gradation
is more costly.
4. Restriction : It can be accessed locally within an organization and is
difficultto expose globally.
Que 3.10.Explain hybrid cloud.

Answer
1. Ahybrid cloud is a combinationof an interoperatingpublic and private
cloud.
2
This is the model where consumer takes the non-critical application or
informationand compute requirementsto the public cloud while keeping
all the criticalinformationand applicationdata in control.
3 The hybrid model is used by both public and private clouds
simultaneously.
4.
It is an intermediatestep in the evolutionprocess,providingbusinesses
on-ramp from their current IT environment into the cloud.
5. It offers the best of both cloud worlds- the scale and convenienceof a
public cloud and the control and reliabilityof on-premisessoftwareand
infrastructure- and let them move fluidly between the two on the basis
of their needs.
6 This model allows the following:
a Elasticityis the ability to scale capacity up or down within minutes,
without owning the capital expenseof the hardwareor datacenter.
b. Pay-as-you-gopricing.
C.
Network isolation and secure connectivityas if all the resources
were ina privately owned datacenter.
d. Graduallymove to the public cloud configuration,replicatean entire
datacenter, or move anywhere in between.
Cloud Computing 3-13 E (CSIT-Sem-7)

'Community
cloud
Private cloud

Public cloud

Fig. 3.10.1.Hybrid cloud.

Que 3.11. How can we manage hybrid cloud ? Explain.

Answer
1. A managementstrategyfor hybrid cloud should define what we need to
manage and how best to do that.
2. Hybrid cloud consistsof an internalprivatecloud and contractswith one
or more publiccloud providers.
3 Hybrid cloud administratorsare responsiblefor managingcomputing,
networkingand storage resourcesin multipledomains.
4. Over the time,combinationofdomainswill change,but our management
strategy and tools should remain the same.
5. In a hybrid cloud, the managementsystem should provide the means
for the user tomake submissionswithoutthe need to choose or indicate
the localizationof the computationalresourcesto be used.
6 The hybrid cloud managementsystemmust implementmeans to deploy
interfaceswith each publiccloud to be used, as well as with the private
cloud resources.
7. The workload managementsystem is tightly coupled to the resource
managementsystem.Besidesthe submissioninterface,which interacts
with users, two other main actors appear to manage the workload
executionin hybrid cloud:the dispatcher/schedulerand the application.
8 Configurationand installImentmanagementpoliciesshouldspecifyrules
governingthe creation,deployment,patchingand rebuildingof images.
a. Access control policies should be in place when sensitive data and
restricted applications,such as programs containing high-value
intellectualproperty,are beingused in the privateor apublic cloud.
b
Budgetmanagementand reportingpoliciesshould specifyhow cloud
users willreceive informationregardingcosts and use.
Que 3.12. Write down the advantagesand disadvantagesof hybrid
cloud.
3-14 E (CSIT-Sem-7) Cloud Architecture,Services&Storage

Answer
Advantages of hybridcloud:
1. Flexible 2. Secure
3 Cost effective 4. Scalable
Disadvantagesof hybrid cloud:
1 Complexnetworkingproblem
2. Organization'ssecuritycompliance
Que 3.13. Differentiate betweenpublic,private,hybridcloud.
Answer

S. No. Public cloud Private cloud Hybrid cloud

1 A deployment Adeploymentmodel| Acompositionof
model that renders that operates for a private and public
services over a singleorganization. cloud that offer
networkfor public benefits of multiple
use. deploymentmodels.
2 It is less secure. It offers more Itis more secure than
security. publiccloud.
3. It offersservicesto It offers services to It offers services of
the generalpublic. an organization. both private and
public cloud as it is a
combination of both.

4. Itis highly scalable Not very scalable| It providesscalability

as it can be scaled because it can be accordingtothe
downscaledonly with the publiccloud scalability
depending on the capacity of internal and privatecloud
|requirement. hosted resources. scalabilityin it.
5. Requiresaminimum More expensive. Cost effective than
cost. privatecloud.

PART-3

laaS, PaaS, SaaS.

Questions-Answers
LongAnswerType and MediumAnswerTypeQuestions
Cloud Computing 3-15 E (CS/IT-Sem-7)

Que 3.14. Explain Infrastructure-as-a-Service

(IaaS).
Answer
1. In Infrastructure-as-a-Service
(laaS), an organizationoutsourcesthe
infrastructurerelatedto the storage,hardware,serversand networking
componentsto the service provider.
2. laaS is also referredto as
Hardware-as-a-Service(HaaS).
of applicationsrequireshuge initial investmentfor setting upDeployment
hardware,
storage devices and networking components in addition to the
maintenanceof the hardware and storage devices, a large amount of
electricityis also needed to power the servers as well as to keep the data
center cool.
3. In case of laaS, the client typicallypays on a per-use
basis to the
provider. Common characteristicsand componentsof laaS includeservice
utility
computingservice, billing model, automationof administrativetasks,
dynamic scaling, virtualization,policy-based services and network
connectivity.
4 The billing is usually on an hourly,daily or monthly basis based on the
actual consumptionof the resources.
5. It is not like the conventionalservices in which we
pay a fixed amount
whether we use the resources or not.

Load balancer

VM VM VM VM VM VM
laaS

VirtualizationLayer

Processor |Memory Storage Network3

Physical shared infrastructure
Fig, 3.14.1. IaaS.
6 Use of laaS is quite rationalas it is cost
huge investmenton hardware. effectiveand makes us free from
3-16 E (CSIT-Sem-7) Cloud Architecture,Services&Storage

7. With laaS, one can configure the required resources as per the
requirement and the user can increase or decrease capacity within
minutes.
8 We can ask for one, hundreds or even thousands of server instances
simultaneouslyas per our computingneed. Good serviceproviderensures
99.99% availabilityof the servicewthin aregionover atrailing365 day
period.
9 The laaS service provider ensures that the infrastructural needs of the
virtual machine are continuouslymet. With the quick availabilityof
laaS and infrastructuredeliveredas a service, it frees the organization
to focus their time and resourcesin bringinginnovationsin applications
and solutions.
10. However, it is the responsibilityof the user to invest on the operating
system and applicationsoftware.
Que 3.15. What are the advantages and disadvantages of IaaS ?

Answer
Advantages of IaaS:
1. Allows IT to shift focus: With the quick availability of laaSservices,
infrastructure delivered as a service (ready to consume), it frees an
organizationto leverage and focus their time and resourcesin bringing
innovationsin applicationsand solutions.
2 Hassle free service:
i Each infrastructure componentis provided as a service.
For example, hardware as a service, server as a service, computing
as a service, storage as a service.
iüü. This adds lot offlexibilityto anyone lookingfor only specificservices.
iv. Some require more computing power and others more storage.
3 Utility service:
laaS follows a utility service model - pay per-use/pay per-go
subscriptionbased model.
i. Availabilityof ready to go laaS offerings with limited time for
implementationand customization(if provided).
iüi. This is hallmark of cloudservices.
4. Dynamie scaling:
Scales up and down of infrastructure services based on the
application usage, best for the applications where there are
significantspikes and troughs on the usage of infrastructures.
This again is one of the pillars of cloud computingservices.
Cloud Computing 3-17 E (CSIT-Sem-7)

5. Multiple tenants : Service provisioning includes multiple users

accessingsame piece of infrastructure.
6 Investmentcap:
More beneficial for companies with limited capital to invest in
hardware and infrastructure.
ii. Most small and medium businessescannot afford the upfront cost
of their IT infrastructureas they want to focus more on their
productoffering/corebusiness.
Disadvantagesof laaS :
1. Security:The enterprisedoes not have any controlover cloud security
in an laaS environment.They need to reviewthe cloudserviceprovider's
Service Level Agreement(SLA) to help them understandits security
obligationsand thereby identifyinggaps in their securitycoverage.
2. Lack of flexibility: Serviceprovidersmaintainthe software,but they
do not upgrade the softwarefor some of the businesses.
3. Technicalproblems: Organizationsfaces some down-timewith laaS,
and it will restrict their access to applicationsand data.
4. Over dependency: HavingIaaS in our organizationmeans have a full
dependencyon the provideror third party for our data.
5. Upgrade and maintenance: The organizationis solely responsible
for any upgradesof softwareand maintenanceof tools or data system.
6. Virtualization services and user-privacy : laaS depends on
virtualizationservices.Also,restrictsuser-privacyand customization.
Que 3.16. Discuss the vendors of laaS cloud computingplatform.
Answer
Vendors providingIaaS cloud computingplatform:
1. Amazon web services:
i Its solution are Elastic, Elastic Compute Cloud (EC2), MapReduce,
Route S3, VirtualPrivateCloud, etc.
The cloud computingplatformpioneer,Amazon offers auto scaling,
cloud monitoring,and load balancingfeaturesas part ofits portfolio.
2. Reliance communications :
i. Its solution is RelianceInternet Data Center (RIDC).
ii RIDC supports both traditionalhosting and cloud services, with
datacentersin Mumbai,Bangalore,Hyderabad,and Chennai. The
cloud services offered by RIDC include laaS and SaaS.
3. Sify technologies :
i Its solution is Sify IaaS.
Sify's cloud computing platform is powered by HP's converged
infrastructure.The vendor offers all three types of cloud services:
laaS, PaaS, and SaaS.
3-18 E (CSIT-Sem-7) Cloud Architecture,Services&Storage

4. Tata communications :
Its solutionis InstaCompute.
InstaComputeis TataCommunicationslaaS offering.InstaCompute
datacenters are located in Hyderabad and Singapore, with
operationsin both countries.

Que 3.17.Explain Platform-as-a-Service

(PaaS) in brief.
Answer
1 Platform-as-a-Service(PaaS)is a categoryof cloud computingservices
that providesa platformallowingcustomersto develop,run, and manage
applicationswithout the complexityof building and maintainingthe
infrastructuretypicallyassociatedwith developingand launchingan
app.
2 PaaS can be deliveredin two ways :
As a public cloud service from a provider, where the consumer
controlssoftwaredeploymentwith minimalconfigurationoptions,
and the provider provides the networks, servers, storage, OS,
'middleware'(i.e., java runtime, .net runtime, integration,etc.),
database andother servicesto host the consumer'sapplication.
As a private service (software)inside the firewall, or as software
deployedon a public infrastructureas a service.
Applicationdevelopers

Load balancer

Application runtime Database

instance instances

PaaS

Virtualizationlayer

Application runtimes Database

Developmentplatform
Fig. 3.17.1. PaaS.
Cloud Computing -19 E(CNIT-Sem-7)
3. Peatures of PaaS:
Operatingsystem
ii. Server-sidescriptingenvironment
ii. Database managementsystem
iv. Server software
v. Support
vi. Storage
vii. INetwork access
vii. Tools for design and development
ix. Hosting

Que 3.18. What are the advantages and disadvantagesof PaaS ?

Answer
Advantages of PaaS:
1. Simple and convenient for users : It provides much of the
infrastructureand other IT services,which users can access anywhere
through a web browser.
2. Cost effective: It charges for the servicesprovided on a per-use basis
thus eliminatingthe expensesone may have for on-premiseshardware
and software.
3. Eficientlymanaging the lifecycle: It is designed to support the
completeweb applicationlifecycle:building, testing,deploying,managing
and updating.
4 Efficiency : It allows for higher-level programming with reduced
complexitythus, the overalldevelopmentof the applicationcan be more
effective

Disadvantages of PaaS:
1 Developers maynot be able to use a full range of conventionaltools (for
example, relationaldatabaseswitn unrestrictedjoins).
2 It locked into a certain platform. However, most PaaS are relatively
lock-in free.

Que 3.19.Givecharacteristicsof PaaS.

Answer
The main characteristiesof PaaS are:
1. Runtimeframework:
a. This is the "softwarestack" aspect of PaaS, and perhaps the aspect
that comes first to mind for most people.
3-20 E (CSIT-Sem-7) Cloud Architecture,Services& Storage

b. The PaaS runtimeframeworkexecutesend user code accordingto

policiesset by the applicationowner and cloud provider.
C. PaaS runtime frameworkscome in many flavours,some based on
traditionalapplicationruntimes,others based on 4GL and visual
programmingconcepts,and some with pluggablesupportfor multiple
applicationruntimes.
2 Abstraction:
Platform-orientedcloud platformsare distinguishedby the hgher
level of abstractionthey provide.
b With laaS, the focus is on deliveringto user raw access to physical
or virtual infrastructure.
C In contrastwith PaaS, the focus is on the applicationsthat the cloud
must support.
d Whereasan laaS cloud gives the user a bunch of virtual machines
that must be configuredand to which applicationcomponentsmust
be deployed, a PaaS cloud provides the user a way to deploy the
applicationsinto a seeminglylimitlesspol ofcomputingresources,
eliminatingthe complexity of deployment and infrastructure
configuration.
3. Automation : PaaS environmentsautomatethe process of deploying
applicationsto infrastructure,configuringapplicationcomponents,
provisioningand configuringsupportingtechnologylike load balancers
and databases,and managingsystemchange based on policiesset by the
user.

4. Cloud services :
a PaaS provide developersand architectswith servicesand APls that
help to simplify the job of delivering elasticallyscalable, highly
availablecloud applications.
b These cloud services provide a wide variety of capabilitieskey
differentiatorsamong competingPaaS oferings.
Que 3.20. Write down the vendors of PaaS cloud computing
platform.
Answer
Vendors providingPaaS cloud computingplatform:
1 Google Apps Engine (GAE)
2 SalesForce.com
3 Windows Azure
4. AppFog
5. Openshift
6. Cloud foundry from VMware
Cloud Computing 3-21 E (CSIT-Sem-7)

Que 3.21.Whatdo you mean by cloud platform?

-Answer
1 Cloud platform lets developers to write applicationsthat run in the
cloud, or use servicesprovidedfrom the cloud, or both. Cloud platform is
also known as on-demandplatform and
2
Platform-as-a-Service(PaaS).
When a developmentteam creates an on-premisesapplication(i.e., one
that will run within an organization),much of what that application
needs already exists.
3 An operatingsystem providesbasic supportfor executingthe application,
interacting with storage, and more, while other computers in the
environmentoffer services such as remote storage.
4. If the creators of every on-premisesapplicationfirst had to build all of
these basics,we have many fewer applicationstoday.
5. Similarly,if every development team that wishes to create a cloud
applicationmust first build its own cloud platform, we would not see
many cloud applications.
6 Vendors are rising to this challenge, and a number of cloud platform
technologiesare availabletoday.
7. The goal is to categorizeand briefly describethose technologiesas they
are seen by someone who creates enterpriseapplications.
8 Toget a grip on cloud platforms,it is useful to start by looking at cloud
services in general.
9 Three broad categories of servicesin cloud:
a.
Software-as-a-Service(SaaS):
i A SaaS applicationruns entirely in the cloud (i.e., on servers at
an internet-accessibleservice provider).
The on-premisesclient is typically a browser or some other
simple client. For example, salesforce.com.
b. Attached services:
i. Every on-premisesapplicationprovidesuseful functionson its
own. An applicationcan sometimesenhance application-specific
servicesprovidedin the cloud.
Because these services are usable only by this particular
application,they can be thoughtof as attachedto it. For example,
Apple's iTunes.
iüi. The desktop applicationis useful for playing music and more,
while an attachedservice allows buying new audio and video
content.
iv. Microsoft'sexchange hosted services provides an enterprise
example, adding cloud-based spam filtering, archiving, and
other services to an on-premisesexchange server.
3-22 E (CSIT-Sem-7) CloudArchitecture,Services&Storage
C. Cloud platforms :
i. A cloud platform provides cloud-basedservices for creating
applications.Ratherthanbuildingtheirown customfoundation,
for example, the creators of a new SaaS applicationcould
insteadbuild on a cloud platform.
ii. In Fig. 3.21.1,the directusers of acloud platformare developers,
not end users.
Software-as-a-Service Attached Cloud
(SaaS) services platforms
Extra (Application)
Cloud (Application) functions,
Platform

Browser (Application (Application)

client

Users Users Developers

Fig. 3.21.1.
Que 3.22. Explain Software-as-a-Service(SaaS) in brief.

Answer
1.
SaaS (Software-as-a-Service)is an applicationhosted on a remote server
and accessed through the internet.
2.
SaaS is the web-based e-mail service offered by companies such as
Microsoft(Hotmail),Coogle (Gmail), and Yahoo! (Yahoo Mail).
3.
Each mail servicemeets the basic criteria,the vendor (Microsoft,Yahoo,
and so on) hosts all of the programs and data in a central location,
is
providing end users with access to the data and software, which
accessed across the World Wide Web.
SaaS application delivered to client

World Wide Web

Client Vendor offeringSaaS

application
Fig. 3.22.1.
Cloud Computing 3-23 E (CSIT-Sem-7)

5. Two major categories of SaaS:

a. Line of business services :
These are business solutions offered to companies and
enterprises.
iü. They are sold through a subscriptionservice.
ii. Applications covered under this category include business
processes, like supply chain management applications,
customerrelationsapplications,and similarbusiness-oriented
tools.
b. Customer-orientedservices :
i These services are offered to the general public on a
E:
F:
subscriptionbasis.
They are offeredfor free and supportedby advertising.
ili. For example,web mail services,online
gaming, and consumer
banking, among others.

World Wide Web

Client Online e-mail service

Fig. 3.22.2. E-mail is stored by the vendor, and accessed by the client.

Que 3.23. What are the advantages of SaaS?

Answer
Advantagesof SaaS :
1 There is a faster time to value and
improvedproductivity,when compared
to the long implementationcycles and failure rate of enterprise
software.
2 SaaS offeringsfeature the biggest cost savings over installedsoftware
byeliminatingthe need for enterprisesto install and maintainhardware,
pay labour costs, and maintainthe applications.
3 SaaS can be used to avoid the custom development cycles to get
applicationsto the organizationquickly.
4 SaaS vendors typicallyhave very accuratesecurityaudits.
Que 3.24. Explain software considerationsin SaaS.
Answer
1 Using the existing software paradigm,the user purchases a software
package and license by payinga one time fee. The softwarethen becomes
the propertyof the user who bought it.
2. Support and updatesare providedby the vendor under the terms of the
licenseagreement.This can be costly ifwe are
on hundredsor thousandsof computers. installing new application
a
3-24 E (CTT-Sem-7) Cloud Architecture,Services&Storage

3 SaaS, has no licensing.Ratherthan buyingthe application,we pay for it

through the use of a subscription,and we only pay for what we use. If
we stop using the application,we stop paying.

World Wide Web

Client Cloud vendor

Fig. 3.24.1.

Que 3.25. Give vendor advantagesand limitations of SaaS.

Answer
Vendor advantages of SaaS:
1. SaaS not only does the end user benefit, but so does the vendor.
(They are in the business to make money, so there is at least that
benefit. )
2. Financial benefit is vendors get a constant stream of income, often what
is more than the traditional software licensing setup.
3
Vendors can fond off piracy concerns and unlicensed use of software.
4.
Vendors also benefit more as more subscribers come online.
5 They have a huge investmentin physical space, hardware, technology
staff, and process development.
provider can
6 The more resources are used to capacity, the more the
clear as margin.
Limitations of SaaS:
1
Technical obstacles to SaaS have included an effective,multi-tenant
architecture. This has become less and less of a problem due to
virtualization,but designing an applicationto efficientlydeliver it to
thousands of customers via the internet is hard work.
2 Software companiesare being asked to become service companies,and
the two do not necessarilymesh well.
3 They tend to have a corporateculture that is dominatedby engineering
innovation and a license-sales mindset. These are fine traits to have if
we are writingprograms and applications,but it is not the best when we
are called upon for customer service.
4 Further, a business model that is built on selling licensedsoftwaredoes
not easily transform into a subscriptionmodel very cleanly. Not only
does the vendor face challenges,but so does the customer.
5 While some applications are ideal for SaaS, others are not good to use
employingan SaaS model.
Que 3.26. Write a short note on driving forces of SaaS.

A
Cloud Computing 3-25 E (CSIT-Sem-7)

Answe:
Drivingforces of SaaS are:
1. Popularity :
1. SaaS has become big buzz in the already buzzy issue of cloud
computing.
SaaS is becoming trendy, because of its a number of factors. But
there are solid reasonsother than type that make it so popular.
2. Plenty of SaaS platforms:
i. There are many SaaS platformswhich grow each rapidly.
ii For example, Oracle is developingits own SaaS platform while
Microsoftis workingtomake their own applicationsSaaS ready.
ii. As SaaS becomes more and more popular, more vendors are going
to be forced to make their platformsSaaS-friendlyfor SaaS-based
applications.
iv. Anotherreason SaaS platformswill continueto grow is becauseof
the interest in Green IT and the effortsto move toward virtualized
infrastructure.
V That means clients are likely to move toward SaaS platformsso
they can reduce the number of servers.
3. Virtualization benefits:
Virtualizationmakes it easy to move to a SaaS system.
It is easierfor IndependentSoftwareVendors(ISVs) to adopt SaaS
is the growthof virtualization.
ii. The growingpopularityof some SaaS vendors using Amazon'sEC2
cloud platformand the overall popularityof virtualizedplatforms
help with the developmentof SaaS.
4. SaaS and SOA:
AService-OrientedArchitecture(SOA) is one in which IT supports
the business processes that cover current and emerging
requirements to run the business end-to-end.
This ranges from Electronic Data Interchange (EDI) to online
auctions.By updatingolder technologieslike Internet-enablingEDI
based systems companiescan make their IT systems availableto
internal or external customers.
iii. SOA unifiesbusinessprocessesby structuringlarge applicationsas
a collection of smaller modules known as services.
iv. SOA presentsa design frameworkfor realizingrapid and low-cost
systemdevelopmentand improvingtotal system quality.SaaS and
SOA are quite similar;what they have in common is that they use
a service model.
5. Economic impact :
i. Many industry observers think conventionalISVs will have a
tougher time than SaaS vendors.
3-26 E (CSIT-Senm-7) Cloud Architecture,Services&Storage

The subscription-basedpayment model of SaaS makes it more

appealingin these tough times.
ii. The ability to quickly and easily turn on new applicationswith a
significantlylower initialcost of ownershipmakes SaaS an attractive
offeringfor smalland mid-sizedbusinesses,significantlyexpanding
the market for softwareapplications.
iv. The benefitsare likelyto be key in a slowereconomicenvironment
where purchasers of software may be increasingly skeptical of
significantupfrontinvestmentswhich we anticipateto characterize.

Que 3.27. DifferentiatebetweenlaaS, PaaS, SaaS.

Answer

S. No. IaaS PaaS SaaS

1 Infrastructure-as- Platform-as-a-Service. Software-as-a
a-Service. Service.

2. Aservice model inA cloud computing A service model in

cloud computingmodel that delivers cloud computingthat
that provides tools necessary for hosts software and
virtualized application makes them available
computing development over the for clients over the
resources. internet. internet.

3. It provides access It providesruntime It provides software

to resources such environments as services to the end
a virtual developmentand users.

machines,virtual deploymenttoolsfor
storage etc. applications.
4 It is used by It is used by It is used by end users.
network developers.
architects.

PART-4

ArchitecturalDesign Challenges,Cloud Storage,

Storage-as-a-Service,Advantagesof Cloud Storage, Cloud Storage
Providers-S3.

Questions-Answers
Long Answer Type and Medium Answer Type Questions
CloudComputing 3-27 E (CSIT-Sem-7)

Que 3.28. Write short note on the architecturaldesign challenges

in cloud.

Answer
Cloud architectural design challenges:
1. Service availabilityand data lock-in problem.
2. Data privacy and securityconcerns.
3. Unpredictableperformanceand bottlenecks.
4. Distributedstorage and widespreadsoftware bugs.
5 Cloudscalability,interoperability,and standardization
6 Softwarelicensingand reputationsharing.
Que 3.29. Write a short note on storage.
Answer
1. The necessary storage is provided and configured in much the same
way as the computingresources.IP-basedstorage systems are deployed.
2. To reduce hardware configurationeffort, the computingsystems use
direct-attachedstorage. Using Fiber-Channel(FC) cards in the servers
and deploying an FC network increases overall system complexity
substantially.The IP storagesystems are linked via Giga-bitEthernet.

Backup
integrate
Data storage Application OS Archive

Backup
DC 1 DC2
DWDM

Mirror
Fig. 3.29.1. Storageresource : backup-integrated,
read-only and archive storage.
3 Storage is automaticallyallocatedto the server systems that require it.
Storage resourcesare located in different fire zones as well as in
differentdatacenters,preventingdata loss in the event of a disaster.
3-28 E (CSIT-Sem-7) Cloud Architecture,Services& Storage

4 The storage system handles replicationof data between datacenters

and fire zones.So, computingresources are not needed for this purpose.
5. In addition to storage resources,backups are necessaryto safeguard
against data loss. For this reason, and in the interests of automation,
the Dynamic Data Center model directly couples backup to storage; in
other words, Backup-IntegratedStorage (BIS) is provided, along with
full managementfunctionality.
6 To accelerate backup and reduce the volume of data transferred, data
are backed up on hard disks within the storage system by means of snap
shooting.
7 This simplifiesthe structure of the computingsystems and minimizes
the potentialfor temporalbottlenecks.Storage systemsnormalyprovide
on
for 35-day storage period. Usually, the last three days are accessible
line, with the rest being accessiblefrom a remote site.
8. Archive and other storage :
Archivesystems are also availablefor long term data storage. Like
BIS, these are hard disk-basedand linked via IP to the respective
systems. Data for archiving is replicatedwithin the archive system
datacenter.
and in a separate fire zone, as well as ata remote
b Replicationis handled by the archivesystem itself.
C Archivingcan be initiatedeither from the applicationsthemselves,
which then handle administration of all data, or via a document
cache.
managementsystem. Some systems require a hard disk
This is not worth backing up via BIS, since data in a cache change
rapidly,and the original data are stored and backed up elsewhere
in the system.
Que 3.30. Describe cloud storage. What are the types of cloud
storage ?

Answer
the cloud,
1 Cloud storage is defined as the storage of data online in multiple
wherein a company's data is stored in and accessible from
distributed and connectedresourcesthat comprisea cloud.
2 Cloud storage can provide the benefits of greater accessibilityand
reliability,rapid deployment,strong protectionfor data backup,archival
and disaster recovery purposes, and lower overall storage costs as a
result of not having to purchase, manage and maintain expensive
hardware.
3
Cloud storage does have the potential for security and compliance
concernsthat are not associatedwith traditionalstorage systems.
 Cloud Computing 3-29 E (CSTT-Sem-7)

Types of cloud storage:

1. Personal cloud storage :
It is also known as mobile cloud storage. Personalcloud
storage is a
subset ofpubliccloud storagethat appliesto storingan individual's
data in the cloud and providing the individualwith access to the
data from anywhere.
ii. It providesdata syncing and sharing capabilitiesacross multiple
devices. Apple's iCloud is an example of personalcloud storage.
2. Public cloud storage :
Public cloud storage is where the enterprise and storage service
providerare separate and there aren't any cloud resourcesstored
in the enterprise's datacenter.
i. The cloud storage provider fully manages the enterprise'spublic
cloud storage.
3. Private cloud storage :
1 A form of cloud storage where the
enterprise and cloud storage
providerare integratedin the enterprise'sdatacenter.
In private cloud storage,the storageprovider has
infrastructurein
the enterprise'sdatacenterthat is typicallymanaged by the
provider.
storage
ili. Private cloud storagehelps to resolve the potentialfor securityand
performanceconcerns while still offeringthe advantagesof cloud
storage.
4. Hybrid cloud storage:Hybridcloud storage is a combination of public
and private cloud storage where some critical data resides in the
enterprise'sprivatecloud while other data is stored and accessiblefrom
a public cloud storage provider.
Que 3.31. Write short note on Storage-as-aService (SaaS).

Answer
1 Storage-as-aService (SaaS) is abusinessmodel in which alarge company
rents space in their storage infrastructureto a smaller company or
individual.
2 In the enterprise, SaaS vendors are targeting
applicationsby promotingSaaS as a convenientway secondary storage
to manage backups.
3 The key advantage to SaaS in the enterprise is in cost
savings, in
personnel, in hardware and in physical storage space.
4 Storage-as-a-Serviceis generallyseen as a good alternativefor a small
or mid-sized business that lacks the capital budget
personnelto implementand maintaintheir own storageand/or technical
infrastructure.
3-30 E (CSIT-Sem-7) Cloud Architecture,Services&Storage

5. SaaS is also being promotedas a way for all businessesto mitigate risks
enhance
in disasterrecovery,providelong-termretentionfor recordsand
both businesscontinuityand availability.

Que 3.32. What are the advantages and disadvantagesof cloud

storage ?
Answer
Advantagesof cloud storage :
folders for Mac's and
1. Usability : All cloud storage serviceshave desktop
PCs. This allows users to drag and drop files between the cloud storage
and their local storage.
2. Bandwidth:Avoid emailingfiles to people and send an internetlink to
recipientsthroughemail.
3. Accessibility: Stored files can be retrievedfrom anywhere viaInternet
connection.
have an
4 Disaster recovery : It is highly suggested that businesses
used as a
emergencybackup plan ready in the case of a crisis. It can be
backup plan by companies by providing a second backup of important
may be obtained
files. These records are saved at a remote locationand
through an online connection.
lower
5. Price savings : Businesses and organizationsmay frequently
observe extra
may
annual operatingcosts by using cloud storage. Users ability to store
cost savings because it does not require internal
information remotely.
Disadvantages of cloud storage :
a file to the
1. Usability : Be careful when using drag/drop to transfer record from its
cloud storage folder. This may permanentlymove our paste instead
originalfolder to the cloud storage place. Do a backup and
locationin addition
of drag/dropif we want to retain the record'sunique
totransferringa backup on the folder.
bandwidth
2 Bandwidth : Many storage services have a particular
allowance, further
allowance.When an organizationexceedsthe specified
unlimited
charges could be important. But some suppliers allow
bandwidth.This is a factor that firms should considerwhen looking at a
cloud storage supplier.
to our
3. Access : If we have no internet connection, we have no access
information.
4 Data security: There are concernswith the securityand privacy of all
importantdata stored remotely.The possibilityof personal information
commingling with other businesses makes some companies
uncomfortable.
Cloud Computing 331 E (CSIT-Sem-7)

Que 3.33. Explain cloud storage providers.

Answer
1. A cloud storage provider, also known as a Managed Service Provider
(MSP), is a companythat offers organizationsand individualsthe ability
to place and retain data in an off-site storage system.
Customers can
lease cloud storage capacityper month or on demand.
2. A cloud storage providerhosts a customer'sdata in its own
datacenter,
providingfee-based computing,networkingand storage infrastructure.
3 Both individual and corporate customers can get unlimited storage
capacityon a provider'sserversat a low per-gigabyte price.
4 Rather than store data on local storage devices, such as a hard disk
drive, flash storage or tape, customerschoose a cloud storage provider
to host data on a system in a remote datacenter.Users can then
access
those files using an internetconnection.
5 The delivery of IT services via the internet is broadly defined as cloud
computingor utility computing.This businessmodel first hit mainstream
enterpriseswith the rise of applicationservice providers.
6 A
cloud storage provider also sells non-storageservices for a fee.
7. Enterprises purchase compute, software, storage and related IT
componentsas discrete cloud serviceswith a pay-as-you-golicense.
8 For example, customers can opt to lease
infrastructure-as-a-service,
platform-as-a-service,or security,softwareand storage-as-a-service.
Que 3.34. What are the challenges faced by cloud service
providers?

Answer
Challengesfaced by thecloud serviceproviders:
1. Data corruption : Cloud serviceswhich host consumerdata are usually
burdenedwith the responsibilityof ensuringthe integrityand availability
of these data, dependingon the subscribedservice level.
2. Logical security : In terms of informationsecurity, an appropriate
control of logical securityshould be adopted by the producer to ensure
adequate confidentiality(i.e., data and transactionsare open only to
those who are authorized to view or access them).
3. Data interoperability:Producer should follow the interoperability
standards in order for the consumers to be able to combine any of the
cloud services into their solutions.
4. Software vulnerabilityand breaches : There are occasions when
the public community discovers vulnerabilitiesof specific software,
middleware,web services,or other networkservicescomponentsin the
3-32 E (CIT-Sem-7) Cloud Architecture,Services&Storage

software components.The producershould ensure that a proper strategy

and processesare in placed to address such vulnerabilitiesand fixed to
prevent breaches.

Que 3.35. Describe the two charging models of cloud service

provider.
Answer
Two chargingmodels of cloud service providerare:
1. Utility model:
i.
Pay-per-usemodel where consumer is charged on the quantity of
similar to
cloud services usage and utilization. This model is
traditionalelectricity charges.
private
i. For example,a consumeruses secured storageto supportits
work documentation.The consumeris chargedyearly fee for every
a lower
10gigabytesof storage that is used. ThËs model provides
to actual
startup cost option for a customer in translating TCO
utilization.
2. Subscription model:
cloud services
Here the consumer is charged based on time-based
usage.

ii. For example, the consumer is charged yearly fee

for a dedicated
website. This model
storage of 10 gigabytes to host the company
stream of
provides predictablecost outlay and provides a steady
revenue for the services provider.
 4 UNIT Resource Management
and Security in Cloud

CONTENTS
Part-1 : Inter Cloud Resource 4-2E to 4-6E
Management
Part-2 : Resource Provisioning and 4-6E to 4-9E
Resource Provisioning Methods
Part-3 : Global Exchange of ...4-9E to 4-10E
Cloud Resources

Part-4: Security Overview, ... 4-11E to 4-15E

Cloud Security Challenges
Part-5 : Software-as-a-Service 4-15E to 4-25E
Security, Security
Governance, Virtual
Machine Security, IAM,
Security Standards

4-1 E (CSIT-Sem-7)
4-2 E (CSIT-Sem-7) Resource Management& Securityin Cloud

PART- 1

Inter Cloud Resource Management.

Questions-Answers
Questions
Long Answer Type and Medium Answer Type

Que 4.1. Write a short note on inter cloud.

Answer
networks,includingpublic,
1 Inter cloud is the conceptof connectedcloud
private,and hybrid clouds.
are put togetherto
2 It incorporatesa number of technologyefforts that networks.
improveinteroperabilityand portabilityamong cloud terms
cloud networks. The
3 The goal was to improve interoperabilityof
this concept.
inter cloud computingand intercloudwere used to address
platformsand
Inter cloud is used to connect differentcloud computingdatacenters
4. or
allows the data and applicationsto be ported between
cloud services.
service
5. The main focus is on direct interoperabilitybetween public cloud
providers.
interconnectedclouds
6 To provide cloud services as utility successfully, factors
important
are requiredand interoperabilityand portabilityare
in inter cloud.
resource.
7. The limitationsof cloud are that they have limited physical
Explain the types of inter cloud resource management.
Que 4.2.

Answer
Types of inter cloud resource management are:
1. Federation clouds :
providers
i A federation cloud is an inter cloud where a set of cloud
willinglyinterconnecttheir cloud infrastructuresin order to share
resources among each other.
i.
The cloud providers in the federation voluntarily collaborate to
exchange resources.
ii. This type of inter cloud is suitablefor collaborationof governmental
clouds (Clouds owned and utilized by non-profit institution or
government)or private cloud portfolios(Cloud is a part of aportfolio
of clouds where the clouds belong to the same organization).
Cloud Computing 43E (CIT-Sem-7)

iv. This types of federationclouds are Peer-to-Peerand Centralized

clouds.
2. Multi-Cloud :
i. In a multi-cloud,a client or serviceuses multipleindependentclouds.
A multi-cloud environment has no volunteer interconnection and
sharingof the cloud service providerinfrastructures.
ii. Managingresource provisioningand schedulingis the responsibility
of client or their representatives.
iv. This approach is used toutilize resources from both governmental
clouds and private cloud portfolios.
V. This types of multi-cloud are services and libraries.

Que 4.3. Deseribe the challenges faced in federation of cloud

infrastructure.
Answer
The following are the challenges faced in federation of cloud
infrastructures:
1. Applicationservicebehaviourprediction:
It is importantthat the systemshouldbe able to predictthe demands
and the behaviour of the services.
ii. Only when it can predict, it can take decisions intelligentlyto
dynamicallyscale up and down.
i. Predictionand forecastingmodels must be built.
iv. The challenge is to build such models that accuratelylearn and fit
statistical functions suitable to different behaviours. It is more
challengingto correlatebetween differentbehavioursof a service.
2 Flexible mapping of services to resources :
i It is importantto maximize the efficiency,cost-effectivenessand
utilizationbecause ofhigh operatingcosts and energy requirements.
The system has to compute the best software and hardware
configurationswhich result in acomplex process of mapping services
to cloud resources.
iii. Mapping of servicesmust guarantee that QoS targets are satisfied
along with maximum system efficiencyand utilization.
3. Economie models driven optimizationtechniques:
Combinatorialoptimizationproblem is a market driven decision
making strategy which searches the optimal combinations of services
and deploymentplans.
Optimization models must be developed which optimize both
resource-centricand user-centricQoS targets.
44E (CSTT-Sem-7) Resource Management&Securityin Cloud

4. Integrationand interoperability:
i. Sensitive data in an enterprise also may not be migrated to the
cloud for securityreasons and privacy.
Aneed related to integrationand interoperabilityarises between
identity
assets on premisesand the cloud services.Issues related to
management, data management, and business process
orchestrationneed to be resolved.
5. Scalable monitoring of system components :
distributed but the
The components in a federated system are
techniques employed for system monitoring and managing use
centralizedapproaches.
arising
Due to concerns of scalability,performanceand reliability
volume
from the managementof multiple service queues and large and
of service requests,centralizedapproaches are not suitable
architectures using service monitoringand management services
based on decentralizedmessagingand indexingmodels are needed.
Que 4.4. Describe the topologies used in inter cloud architecture.

Answer
Topologiesused in inter cloudarchitectures:
1. Peer-to-peer inter cloud federation :
i. Clouds collaboratedirectlywith each other but may use distributed
entities for directoriesor brokering.
ii Clouds communicatewith each other and negotiatedirectlywithout
mediators.
iüi. The inter cloud projects that use Peer-to-Peer federation are
RESERVOIR (Resources and Services Virtualization without
BarriersProject).
Centralized inter cloud federation:
Clouds use a central entity to performor faciitateresourcesharing.
The centralentity acts as a storehousewhere the available cloud
resourcesare registered.
iüi. The inter cloud projectsthat use centralizedinter cloud federation
are inter cloud, Dynamic Cloud Collaboration(DCC) and federated
cloud management.
3. Multi-cloud service :
i Clientsaccess multipleclouds throughaservice.
Aservice is hosted by the cloud client either externallyor in-house.
ii. The services contain broker components.
 45E (CSIT-Sem-7)
Cloud Computing
servicesare OPTIMIS,
iv. The intercloud projectsthat use multi-cloud cloud management
contrail,MOSAIC, STRATOS and commercial
systems.
4. Multi-cloud libraries :
as a
1 Clients develop their own brokers by using a unified cloud API
library. in a
i. Inter clouds that use libraries facilitate the usage of clouds
uniform way.
ii. Examplesof SeveralMulti-cloudLibrariesare Java library
J-clouds,
Python library Apache Lib-Clouds, Ruby library Apache Delta
Cloud.
Que 4.5. Explain the extended cloud computingservices.

Answer
1 Fig. 4.5.1 shows six layers of cloud services ranging from hardware,
network, and collocation to infrastructure, platform, and software
applications.

Cloud application(SaaS)

Cloud softwareenvironment(PaaS)
Cloud software infrastructure
Computational Storage Communications
resources (IaaS) (DaaS) (CaaS)

Collocationcloud services (Laas)

Network cloud services (NaaS)

Hardware/Virtualization cloud services (HaaS)

Fig. 4.5.1. A stack of six layers of cloud servicesand their providers.
2 The top three service layers are SaaS, PaaS, and laaS.
3 The cloud platform provides PaaS, Which sits on top of the IaaS
infrastructure.
4 The top layer offers SaaS. These must be implementedon the cloud
platformsprovided.Althoughthe three basic models are dissimilarin
usage, they are built one on top of another.
5 The implicationis that one cannot launch Sass applicationswith a cloud
platform. The cloud platform cannot be built if compute and storage
infrastructures are not there.
46E (CSTT-Sem-7) Resource Management&Securityin Cloud

6 The bottom three layers are more relatedto physicalrequirements.The

bottom most layer providesHardware-as-a-Service(HaaS).
7. The next layer is for interconnectingall the hardwarecomponents,and
is simply called Network-as-a-Service(NaaS). Virtual LANs fall within
the scope of NaaS.
The next layer up offers Location-as-a-Service(LaaS), which providesa
collocationservice to house, power, and secure all the physicalhardware
and network resources.
9 The cloud infrastructurelayer can be further subdividedas Data-as-a
Service (DaaS) and Communication-as-a-Service(CaaS).

Que 4.6. Give the cloud differencein perspectivesof providers,

vendors and users.

Answer
1 Table 4.6.1,shows that cloud players are divided into three classes :
a Cloud serviceprovidersand IT administrators.
b. Software developersor vendors.
C End users or business users.
and SaaS
2 These cloud players vary in their roles under the IaaS, PaaS
models.
viewed by
3 The table entries distinguish the three cloud models as
different players.
a
4 From the software vendors perspective,applicationperformanceon
given cloud platform is most important.
performanceis the
5 From the providerperspective,cloud infrastructure
primary concern.
security,
6 From the end users perspective,the quality of services,including
is the most important.
vendors and
Table 4.6.1. Cloud difference in perspectives of providers,
users.

PaaS SaaS
Cloud Players IaaS
Monitor SLAs and enable Monitor SLAs and
IT administration/ Monitor SLAs
service platforms deploy software
cloud providers
To deploy and store Enabling platforms via Develop and deploy
Software developers configuratorsand APls software
(vendors) data

To develop and test web Use business software

End users or business To deploy and store
data software
users

PART-2

Resource Provisioningand Resource ProvisioningMethods.

Cloud Computing 4-7E (CTT-Sem-7)

Questions-Answers
Long Answer Type and Medium Answer Type Questions

Que 4.7. Explain resource provisioning.

Answer
1 Resource provisioningmeans the selection,deployment,and run-time
managementof software(for example, database managementservers,
load balancers)and hardware resources (for example, CPU,
and network) for ensuringguaranteedperformancefor
storage,
applications.
2 This resource provisioningtakes Service Level Agreement (SLA)into
considerationfor providingservice to the cloud users.
3 This is an initial agreement between the cloud users and cloud service
providers which ensures Quality of Service (QoS) parameters like
performance,availability,reliability,responsetime etc.
4 Based on the applicationneeds static provisioningdynamic provisioning
and static/dynamic allocation of resources have to be made in order to
efficientlymake use of the resourceswithoutviolatingSLA and meeting
these QoS parameters.
5 Over provisioningand under provisioningof resourcesmust be avoided.

Que 4.8. What are the types of resource provisioning?

Answer
Types of resource provisioning:
1. Static provisioning:
For applicationsthat have predictableand generaly unchanging
demands workloadswe use static provisioningeffectively.
ii. With advance provisioning,the customercontractswith the provider
for services and the providerprepares the appropriateresources in
advance of start of service.
ii. The customer is charged a flat fee or is billed on a monthly basis.
2. Dynamic provisioning:
i. In cases where demand by applicationsmay change
orvary, dynamic
provisioningtechniqueshave been suggested whereby VTls may
be migrated on-the-flyto new compute nodes within the cloud.
ii With dynamic provisioning,the providerallocates more
as they are needed and removes them when they resources
are not. The
customer is billed on a pay-per-use basis. When dynamic
4-8E (CSIT-Semn-7) Resource Management&Securityin Cloud

provisioningis used to create ahybrid cloud, it is sometimesreferred

to as cloud bursting.
User self-provisioning :
1.
With user self-provisioning(also known as cloud self-service),the
customer purchasesresourcesfrom the cloud provider through a
web form, creating a customer account and paying for resources
with a credit card.

Que 4.9. Describe briefly parameters used for resource

provisioning.

Answer
Parameters used for resource provisioning are :
i. Response time :The resource provisioningalgorithmdesigned must
take minimal time to respond when executingthe task.
be
ii. Minimize cost : From the cloud user point of view cost should
minimized.
cloud service
iii. Revenue maximization: This is to be achieved from the
provider'sview.
provide service in
iv. Fault tolerance: The algorithmnshould continueto
spite of failure of nodes.
V. Reduced SLA violation : The algorithm designed must be able to
reduce SILA violation.
migration
vi. Reduced power consumption : VM placement and
techniquesmust have lower power consumption.
Que 4.10. Describethe resource provisioning methods.
Answer

Resource provisioning methods are:

1. Demand-driven resource provisioning :
This method adds or removes computing instances based on the
current utilization level of the allocated resources.
: The demand-driven method automatically allocates two Xeon
processorsfor the user application,when the user was using one
extended
Xeon processor more than (A) percent of the time for an
period.
certain
iii. In general,when a resource has surpasseda thresholdfor a
amount of time, the scheme increases that resource based on
demand.
time.
iv. When a resource is below a threshold for a certain amount of
that resourcecould be decreasedaccordingly.
Cloud Computing 4-9 E (CSIT-Sem-7)
V.
Amazon implementssuch an auto-scalefeature in its EC2 platform.
vi. This method is easy to implement.The scheme does not work out
right if the workloadchanges abruptly.
2. Event-drivenresource provisioning:
This scheme adds or removesmachine instances based on a specific
time event.
The scheme works better for seasonal or predictedevents.
iii. During events, the number of users grows before the event period
and then decreasesduring the event period.
iv. This scheme anticipatespeak traffic before it happens.
V. The method results in a minimalloss of QoS if the event is predicted
correctly.
vi. Otherwise,wasted resourcesare even greaterdue to events that
do not follow a fixed pattern.
3. Popularity-drivenresource provisioning:
i. In this method the Internet searches for popularity of certain
applicationsand creates the instancesby popularitydemand.
The scheme anticipatesincreasedtraffic with porularity.
ii. The scheme has a minimal loss of QoS, if the predictedpopularityis
correct. Resources may be wasted if traffic does not occur as
expected.

PART-3

Global Exchangeof Cloud Resources.

Questions-Answers

Long Answer Type and MediumAnswerType Questions

Que 4.11. |Writeashort note on globalexchange of cloudresources.

Answer
1 Enterprisesemploycloud servicesin order to improvethe scalabilityof
their servicesand to deal with bursts in resourcedemands.
2 However,at present,service providershave inflexiblepricing,generally
limited to flat rates or tariffs based on usage thresholds,and consumers
are restrictedto offeringsfrom a single providerat a time.
3 For cloud computingto mature, it is requiredthat the servicesfollow
standard interfaces.
4-10 E (CSIT-Sem-7) ResourceManagement&Securityin Cloud

4. This would enable servicesto be commoditisedand thus, would pave the

way for the creationof a market infrastructurefor tradingin services.
5. The marketdirectoryallowsparticipantsto locate providersor consumers
with the right offers.
6. The banking system ensures that financial transactionspertainingto
agreements between participantsare carried out.
Que 4.12. What are the market-orientedtechniques?

Answer
Various market-orientedtechniquesare:
1. Aneka:
i. Aneka is implied in Platform-as-a-Servicetype and offers platform
in cloud computingto its users making it convenientfor them to
create and deploy applications.
Its unique feature is its flexibledesign and customizationcapability
that allows it to target differentapplicationscenarios.
2. Workflowengine :
in
i. The Workflow Management System (WMS) assists users
representingtheir applicationsas a workflow.
from higher
i. It then executesthese workflowson the cloud platform
level of abstraction.
editor that allows for
ii. The WMS provisionsan easy to use workflow
applicationcomposition.
3. MetaCDN:
low cost
i MetaCDNcreatesan integratedoverlaynetworkat a verymultiple
offered by
by exploitingstorage cloud resources being
laaS vendors.
with multiplestorage
It eradicatesthe difficultyarose due to dealing
providers.
4. CloudSim :
to the users that enable
i The CloudSimtoolkitoffersan environment
clouds.
extensible
them to model and simulate
applicationsexecuted.
iü. They offersplatformwhere user can get theirallows extension and
customizable tool that
iii. It is a complete stack.
descriptionof policiesin the software
5. Resource management :
is considered as an
Resource management in cloud computing utilizationof available
important aspect as it leads to proper optimum computing
resources for making a cloud as an
environment.
management falls under various
ii. The taxonomy of resource SLA-aware, market-oriented,
categoriessuch as energy-aware,
cloud computing.
load balanced,hybridcloud and mobile
Cloud Computing 4-11 E(CIT-Sem-7)

PART-4
Security Overview,Cloud Security Challenges.

Questions-Answers
Long Answer Type and Medium Answer Type Questions

Que 4.13. Give a schematic diagram of various cloud

security
challenges ?
Answer
1 Fig.4.13.1 representsthe schematicdiagram showingthe hierarchyof
the cloud computing, with security challenges on both the
cloud
computingmodels, deploymentand service models and also the issues
related to networks.

Cloud computing
Security challenges

Deployment models Service model

Network issues

Private Public| Hybrid SaaS

Browser security
PaaS laaS
SQL injection attack

Cloningand Data leakage Flooding attack

resource pooling problems
XML signature
Motility of data and
Malicious attacks elementwrapping
data residuals
Incompletedata
Elastic perimeter Backup and storage deletion

Shared multi-tenant Locks-in

Shared technological
environment issues

Unencrypteddata Service hijacking

Authenticationand Virtual machine
identity management
hopping
Fig. 4.13.1. Classificationof security
challenge.
4-12 E (CNT-Sem-7) Resource Management&Securityin Cloud

2.
The classificationshown in Fig.4.13.1 reveals variouscommon challenges
under cloud computing.The deploymentmodel is classifiedfurther as
private,public and hybrid cloud and the securityissues of the samehave
been exposed in common.
its
3 The service model is classifiedinto the SaaS, PaaS and laaS briefing
respect to
securitychallengesin common. ThesecuritychallengeswithNetwork
network are also known as for any internet based service. is
consideredas the backbone for cloud computing.

Que 4.14. Explain various security challenges related to

deployment models.
Answer
Various security challenges related to deployment model :
1. Cloning and resource pooling :
i. Cloningdeals with replicatingor duplicatingthe data.
Cloning leads to data leakage problems revealing the machine's
authenticity.
2. Motility of data and data residuals:
For the best use of resources,data is moved to cloud infrastructure.
ii. As a result,the enterprisewould be devoid
of the location where
data is put on the cloud.
iüi. This is true with public cloud.
behind which
iv. With this data movement,the residualsof data is left
may be accessed by unauthorized users.
3. Elastic perimeter :
A
cloud infrastructure,particularlycomprisingof private cloud,
creates an elastic perimeter.
ii.
Various departmentsand users throughoutthe organizationallow
sharing of different resources to increase facility of access but
unfortunatelylead to data breach problem.
4. Shared multi-tenant environment :
i Multi-tenancyis one of the vital attributeof cloud computing,which
allows multiple users to run their distinctapplicationsconcurrently
on the same physical infrastructurehiding user data from each
other.
ii. But the shared multi-tenantcharacterof public cloud adds security
risks such as illegal access of data by other renter using the same
hardware.
5. Unencrypted data:
i. Data encryptionis a process that helps to addressvarious external
and maliciousthreats.
CloudE:Computing 4-13 E (CSIT-Sem-7)

Unencrypteddata is vulnerablefor susceptibledata, as it does not

provideany securitymechanism.
ii These unencrypteddata can easily be accessed by unauthorized
users.
6. Authenticationand identitymanagement:
With the help of cloud, a user is facilitatedto access its private data
and make it available to various services across the network.
Identity managementhelps in authenticatingthe users through
their credentials.

Que 4.15. Discuss security challenges related with the service

models.

Answer
Various security challenges related with the service models :
1. Data leakageand consequentproblem:
i Data deletion or alteration without backup leads to certain drastic
data relatedproblemslike security,integrity,locality,segregation
and breaches.
This would leadto sensitivedata beingaccessedby the unauthorized
users.

2 Malicious attacks:
i The threat of malicious attackers is augmented for customers of
cloud services by the use of various IT services which lacks the
intelligibilitybetweenthe procedureand processrelatingto service
providers.
Malicious users may gain access to certain confidentialdata and
thus leadingto data breaches.
3. Backup and storage :
The cloud vendor must ensure that regular backup of data is
implementedwith all measures.
But this backupdata is generallyfound in unencryptedform leading
to misuse of the data by unauthorizedparties.
ii. Thus, data backupslead to varioussecuritythreats.
4. Shared technologicalissues:
i laaS vendors transport their services in a scalable way by
contributinginfrastructure.
But this structure does not offer strong isolation propertiesfor a
multi-tenantarchitecture.
ii. Hence, in order to address this gap, a virtualizationhypervisor
intercede the access between guest operating systems and the
physicalcompute resources.
4-14 E (CS/IT-Sem-7) Resource Management&Securityin Cloud
5. Service hijacking:
i. Service hijacking is associated with gaining an illegal control on
certainauthorizedservicesby variousunauthorizedusers.
It accounts for various techniques like phishing, éxploitationof
software and fraud.
ii. This is consideredas one of top most threats.
6. VM hopping:
i WithVMhopping,an attackeron one VM gainsrightsto use another
victim VM's.
The attackercan check the victim VM's resourceprocedure,alter
its configurationsand can even delete storeddata, thus, puttingit
in dangerthe VM's confidentiality,integrityand availability.
ii. Arequirementfor this attackis that the two VM's must be operating
on the same host, and the attacker must recognizethe victim VM's
IP address.
7. VM mobility :
i The contents of VMs virtual disks are saved as files such that VMs
can be copied from one host to another over the system or via
moveable storage devices with no physicallystealinga hard drive.
i. VM mobilitymight offer quick use but could show the way to security
problems likewise, the rapid spread of susceptibleconfigurations
that an attackercould make use of, to endangerthe securityof a
novel host.
8. VM denial of service:
Virtualizationlets numerousVM's split physicalresourceslike CPU,
network bandwidth and memory or disk.
ADenial-of-Service(DoS) attack in virtualizationtakes place when
one VM occupies all the obtainablephysicalresourcessuch that the
hypervisorcannot hold-upmore VM's and accessibilityis endangered.
iii The most excellent move towards preventing aDoS attack is to
bound resource allocationusing correct configurations.
Que 4.16. What are cloud security controls ?

Answer
Cloud securitycontrolsare::
1. Detective control : This type of control is used to detect and react
instantlyand appropriatelyto any incident.
2. Preventivecontrol:It strengthenthe system againstany incidentor
attack by actuallyeliminatingthe vulnerabilities.
 Cloud Computing 4-15 E (CSIT-Sem-7)

3. Deterrent control:This type of controlis used is meant to reduce

attack on cloud system. It reducesthe threatlevel by givinga warning
sign.
4 Correctivecontrol : It reduces the consequencesof an incident by
controllingthe damage.Restoringsystembackup is an exampleof such
type.

PART-5

Software-as-a-ServiceSecurity,SecurityGovernance,Virtual
Machine Security,IAM, SecurityStandards.

Questions-Answers

Long AnswerType and Medium AnswerType Questions

Que 4.17. What is cloud security governance ? Describe its

challenges.
Answer
i. Cloud security governance refers to the management model that
facilitateseffectiveand efficientsecuritymanagementand operations
in the cloud environment so that an enterprise's business targets are
achieved.
This model incorporatesa hierarchyof executive mandates,performance
expectations,operationalpractices,structures,and metricsthat when
implemented, result in the optimization of business value for an
enterprise.
Cloud securitv governance challenges :
1. Lack of senior management participation and buy-in :
1. The lack of a senior management influenced and initial security
policy is one of the common challengesfaced by cloud customers.
An enterprisesecuritypolicy is intended to set the executivetone,
principlesand expectationsfor security managementand operations
in the cloud.
üi. The result of this situation is the ineffective definition and
communicationof executive tone and expectationsfor security in
the cloud.
iv. T resolve this challenge, it is essential to
engage enterprise
executivesin the discussionand definitionof tone and
for securitythat will feed a formal enterprisesecurityexpectations
policy.
4-16 E(CSTT-Sem-7) ResourceManagement&Securityin Cloud
controls :
2. Lack of embeddedmanagement operational
repackagedas
Controlsare interpretedas an auditor'schecklistorembedded into
procedures,and as a result, are not effectively
should be,
securityoperationalprocessesand proceduresas theyday-to-day
for purposes of optimizing value and reducing
operational risks.
that
This lack of embeddedcontrolsmay result in operationalrisks
may not be apparent to the enterprise.
3 Lack of operating model, roles, and responsibilities :
tend to lack
i Many enterprisesmoving into the cloud environment
strategicand
a formal operatingmodel for security,or do not havedefined
tactical roles and responsibilities properly and
operationalized.
i.
This situation stifles the effectivenessof a security management
and operationalfunction/organizationtosupport security in the
cloud.
ii. Establishinga hierarchyhelp an enterpriseto better manage and
investments in
control securityin the cloud, and protect associated
accordancewith enterprisebusiness goals.
iv. This hierarchycan be employed as in-sourced,out-sourced,or co
sourced model dependingon the culture, norms, and risk tolerance
of the enterprise.
4.
Lack of metricsfor measuringperformanceand risk:
i.
Another major challengefor cloud customersis the lack of defined
metrics to measure security performanceand risks. A problem that
also stifles executive visibility into the real security risks in the
cloud.
Que 4.18. What are objectives of cloudsecurity governance ?

Answer
Objectives of cloudsecuritygovernance:
1. Strategic alignment : Enterprises should mandate that security
investments,services,and projectsin the cloud are executedto achieve
established business goals (For example, market competitiveness,
financial, or operationalperformance).
2. Value delivery: Enterprisesshould define, operationalize,and maintain
an appropriatesecurityfunction/organizationwith appropriatestrategic
and tactical representation, and charged with the responsibilityto
maximizethe businessvalue (Key Goal Indicators,RGI) from the pursuit
of securityinitiativesin the cloud.
3 Risk mitigation : Security initiativesin the cloud should subject to
measurements that gauge effectivenessin mitigating risk to the
Cloud Computing 4-17 E (CSIT-Sem-7)

enterprise(Key Risk Indicators).These initiativesshould also yield results

that progressivelydemonstratea reduction in these risks over time.
4. Effectiveuse of resources:It is importantfor enterprisesto establish
a practical operating model for managing and performing security
operations in the cloud, including the proper definition and
operationalizationof due processes,the institutionof appropriateroles
and responsibilities,and use of relevant tools for overall efficiencyand
effectiveness.
5. Sustainedperformance:Security initiativesin the cloud should be
measurable in terms of performance,value and risk to the enterprise
(Key Performance Indicators, Key Risk Indicators),and yield results
that demonstrate attainment of desired targets (Key Goal Indicators)
Over time.

Que 4.19. Write down propertiesand characteristics of VM.

Answer
Virtual machine is open-sourcesoftwarethat runs an operatingsystem and
application.It is comprisedof a set of specificationand configurationfiles and
is backed by the physical resource of a host.
Virtual machine properties:
1. Dispatcher: Hypervisorstartingpoint to decide which module to eall
for the given trap.
2. Allocator: It has to decide what system resources are to be provided.
3. Interpreter:It needs oneinterpreterroutine per privilegedinstruction,
each routine has to simulatethe effect of the instructionwhich is trapped.
Characteristics of VM :
1 A virtual machine (VM) is a special program,which must nmeet the
followingthreecharacteristics:
a. The efficiency property
b. The resource control property
C. The equivalenceproperty
The virtual machine can run any program in its virtual environment.
3 The efficiency property requires that the large portion of the program
instructionswill be executeddirectly on the physicalprocessor,without
any changesor interventionsfrom the virtual machine nonitor.
4 This requirementis not only set for performance reasons, but also to
exclude emulatorsor simulatorsfrom the virtual machine detinition.
Que 4.20. Discuss implementationsof virtualmachines.
Answer
There are two main implementationsof Virtual Machines(VMs):
4-18 E(CSTT-Sem-7) Resource Management&Securityin Cloud

i. Process virtual machines :

1 AprocessVMisa vitualmachinecapable of supportingan individual
process as long as the process isalive. Fig. 4.20.1(a)demonstrates
processVMs.

Application
Guest
Application Processes
Processes Guest VM

Virtualization OS
Runtime
software
Virtualization
OS Hypervisor Software
Host
Hardware Host Hardware
machine
(a) (b)

Fig. 4.20.1. Virtual machine types (a) Process virtual

machines,and (b) Systemvirtual machines.
2 A process VM terminates when the hosted process ceases. From a
process VM perspective,a machine consists of a virtual memory
address space, user-levelregisters and instructionsassigned to a
single process so as to execute a user program.
deemed a
3. A regular process in a general-purposeOS can also be
machine. However, a process in an OS can only support user
In
program binaries compiled for the ISA of the host machine.
other words,executingbinariescompiledfor an ISA differentthan
that of the host machine cannot be ensued with regular processes.
4.
Conversely,a process VM allowsemulation.As shown in Fig. 4.20.2,
emulation is the process of allowing the interfaces and
functionalities of one system (the source) to be employed on a
system with differentinterfacesand functionalities(the target).
Guest
(Source ISA)

Host
(Target ISA)

Fig, 4.20.2. Emulationprocess.

5.
The abstraction of the process VM is provided by a piece of
virtualizingsoftwarecalled the runtime as shown in Fig.4.20.1(a).
The runtimeis placed at the ApplicationBinary Interface(ABI), on
top of the host OS, and the underlyinghardware.It is this runtime
that emulates the VM instructions and system calls when guest
and host ISAs are different.
Cloud Computing 4-19 E (CTT-Sem-7)

6. AprocessVM may not directlycorrespondto any physicalplatform

but employedmainly tooffercross-platformportability.Such kinds
of processVMs are knownas High Level LanguageVirtualMachines
(HLLVMs).
7. An HLL VM abstracts away details of the underlyinghardware
resourcesand the OS and allows programsto run in the same way
on any platform.Java VM (JVM) and MicrosoftCommon Language
Infrastructure(CLI) are examples of HLLVMs.
8 A process VM is similar to a regular process running on an OS.
However, a processVM allows, throughemulation,the execution
of an applicationcompiledfor an ISAdifferentthan that of the host
machine.
ii. System virtual machines :
1 AsystemVM is a virtualmachinecapableof virtualizinga full set of
hardwareresourcesincluding processors,memories,and IO devices,
thus providinga completesystem environment.
2 AsystemVM can supportan OS alongwith its associatedprocesses
as long as the system environmentis alive. Fig. 4.20.1(b)illustrates
systemVMs.The hypervisor(or the VirtualMachineMonitor(VMM)
is a piece of softwarethat providesabstractionfor the systemVM.
3 It can be placed at the ISA leveldirectlyon top of the raw hardware
and below system images (for example, OSs). The hardware
resourcesof the host platformcan be shared among multipleguest
VMs. The hypervisormanagesthe allocationof, and access to, the
hardware resourcesto/by the guest VMs.
4 The hypervisorprovidesan elegantway to logicallyisolatemultiple
guest VMs sharing a single physicalinfrastructure(for example,
the cloud datacentres).Each guest VM is given the illusion of
acquiring the hardware resources of the underlying physical
machine.
5. There are different classes of system VMs as shown in Fig. 4.20.3.
Guest Guest
applications applications
Guest
applications Guest OS Guest OS
Unprivileged
Applications Guest OS Hypervisor Hypervisor mode

OS Hypervisor Host OS Host OS Privileged

mode
Hardware Hardware Hardware Hardware
Traditional Native system User-mode hosted Dual-mode hosted
system s VMs system VMs system VMs
Fig.4.20.3. Differentsystem VM classes.
4-20 E (CSTT-Sem-7) ResourceManagement&Securityin Cloud

6
OS runs in privileged
In aconventionaltime-sharedsystem, theassociatedwith it run in
mode (systemmode) whilethe applications
unprivilegedmode (user mode).
7 With system virtualization,however, the
guest OS(s)will run
unprivilegedmode while the hypervisorcan operate in privileged
system VM. In native
mode. Such a system is denoted as native
program
system VM, every privilegedinstruction issued by a user
at any guest OS has to trap to the hypervisor.
every function
8 The hypervisorneeds to specify and implementcontrary, if the
required for managing hardware resources. In
hypervisoroperatesin unprivilegedmode onmode. top of a host OS, the
guest OS(s) will also operate in unprivileged
In this case,
9 This system is called user-mode hosted system VM. trap to the
privilegedinstructions from guest OS(s) still need to the host
to
hypervisor.In return, the hypervisoralso needs to trap
OS.
more trap per
10. Clearly, this increases the overhead by adding one
the functions
everyprivilegedinstruction.The hypervisorcan utilize resources.
already available on the host OS to manage hardware
11. Finally,the hypervisorcan operate partly in privilegedmode and
referred to as dual-mode hosted
partly in user-mode in a system
the host OS's
system VM. This way, the hypervisorcan make use of
resource management functions and also preclude the one more
user-modehosted
trap per each privilegedinstructionincurredin
system VMs.

Que 4.21. Write a short note on IAM.

Answer
1. Identityand Access Management(IAM) is a system that secures,stores,
and manages user identities and access privileges.
2. It ensures that users are who they say they are and will grant access to
applicationsand resources only if they have the permissionto use them.
3 Some of the most common IAM solutions include Single Sign-On (SSO),
Multi-FactorAuthentication(MFA), and access management,all of which
can be deployed on-premisesor in the cloud.
4 Modern technology enables businesses to be mo ile anu efficient
than ever before.
5 For instance,the cloud lets the employeeswork from anywhereat any
time on any device.
6 However, this means that the workforce has moved beyond the
protectionsof on-premisesecurity.
Que 4.22. Describethe benefits of IAM.
Cloud Computing 4-21 E (CSIT-Sem-7)

Answer
Benefits of IAMare:
1. Improving user experiences:
SSO eliminatesthe need for Users to rememberand input multiple
passwordsto access differentareas of the system.
.

All vendors offer a variety of user authenticationschemes ranging

from more strict multi-factorauthenticationto federatedsolutions
that leverageexistinguser securityprofiles.
2. Enhancingsecurityprofiles :
i. IAM systems can authenticate and authorize users based on the
access level indicatedin theirdirectory profiles.
IAM systemcan also automaticallycontroluser access using other
factors to specificfunctionsof our system.
3. Simplifiesauditing and reporting :
i. Consolidatinguser identitiesand passwords with SSO makes it
easier for IT departments to audit where and how these user
credentials are used.
In the event that user credentialsare compromised,IAM systems
make it easier for IT departmentsto identify which user was
compromisedand which data was accessedduring the breach.
4. Allows easy access no matter where we are :
IAM/SS0 allows users to access to all interconnectedsystems,
regardlessof where the user is physicallylocated.
This can be especiallyuseful for large companies doing business
globally,providingease ofaccess to employees,partnersand clients
alike.
5. Inereases productivity and reduces IT costs :
The originalbenefitof SSO for IT departmentswas to eliminatethe
cost of internal help desks helping users locked out of their
applicationaccounts.
IAM leverage in already existing identity stores such as Active
Director. IAM allows to extend what we have intothe future.
ii. Cloud-basedand mobile-basedIAM tools not only allow users to
authenticate from anywhere anytime, they also provide the
extensiveaudit trails, analytics,access rules and policies totruly
automateidentityaccess and managementacross the enterprise.
Que 4.23. What are the advantageand disadvantagesof IAM?
4-22 E (CSIT-Sem-7) ResourceManagement&Securityin Cloud

Answer
Advantages of LAM are:
1. Users have fewer accountsand passwordsto manage.
2. Less passwordfatigue relatedto managingmultiplepasswords.
3 Less user time neededto log separatelyinto differentsystems.
4 Fewer support requestsfor passwordresets.
5. Providesacentrallocationfor administrativemanagementof accounts.
Disadvantages of IAM are:
1 The primary concern with SSO systemsis that it creates a single point of
failure ifthe authentication server fails. This forces the added burden of
multiple authenticationservers to provide redundancy.
2. This single point also creates a single breach point. Ifa user account is
breached,an attacker can gain access to all protectedsystems that the
compromiseduser account has access to.

Que 4.24. Explain the architecture of IAM.

Answer
Architecture of IAMare:
Cloud-based and multi-tenant architecture:
a.
A multi-tenant architecture provides lots of benefit such as the
vendor can issue updates, security fixtures, and improves
performance.
b. It also modifies the capability to manage access provision and
governanceeffectively.
ii. Security, management architecture :
The most importantneed of IAM is identityand access management.
b. IAM in Cloud computing offer features like multi-factor
authentication,digital access cards, and biometrics.
C.
These features help to easily retrieve the informationin a secure
manner.

ii. Single Sign-On (SS0)and federation:

a. SSO enhances the experience of the end user while maintaining
securityand availabilityof the network to users as intended.
b. The user can use the safest passwordcombinationwithout working
hard to remember, which is used to access services on regular
basis.
C. It also benefits in another way, as it helps to manage secure
authenticationfor third-partycloud services.
Cloud Computing 4-23 E (CTT-Sem-7)
iv. Analytics andintelligence:
Analyticsand intelligencecapabilitiesare used to report the use of
access privilegesin the context of multifacetedrelationships.
b. This relationshipis between users, their roles and responsibilities,
job function, and data usage.
C. This informationallows the organizationtoidentifyanomaliesfor
former employee'sawesome specific type of workforce segment:
V. Governance,risk, and compliance:
a. The governance,risk and complianceare supportedby modifying
the automationand intelligencecapabilitiesof an identityas a service
system.
b This IAM function helps an organizationto define and automate
the applicationspecificprocesses,which will get familiarwith the
access and usage patterns.

Que 4.25. Discuss the cloud securitystandards.

Answer
Followingare the cloud securitystandards:
1. InformationTechnologyInfrastructureLibrary (TIL) :
i. It is a set of best practicesand guidelinesthat definean integrated,
process-basedapproach for managing informationtechnology
services.

ITIL helps to make sure that propersecuritymeasuresare takenat

allimportantlevels,namelystrategic,tactical,and operationallevel.
iiüi Many IT organizationsemploy securitymanagement framework
InformationTechnologyInfrastructureLibrary(ITIL)
iv. This industrystandardmanagementframeworkprovidesguidance
for planning and implementing a governance program with
sustainingmanagementprocessesthat protectinformationassets
and thus provide security.
V
Hence, it providesa frameworkwith continuousimprovementthat
is necessaryto align and realign IT servicesto changingbusiness
needs.
2. Open VirtualizationFormat (0VF):
i Open Virtualization Format (0VF) is a standard pertaining to
portabilityconcern.OVF providesthe abilityfor an efficient,flexible
and securedistributionof enterprisesoftwareover the cloud.
OVF thus providescustomers,vendorand platformindependence
as it facilitatesmobility of virtual machines.
4-24 E (CSTT-Sem-7) ResourceManagement&Securityin Cloud
i. Acrossthe cloud OVF plays a major role in providingcross-platform
portability.It also helps to provide simplified deployment over
multipleplatforms.
iv. An OVF format virtual machinecan be deployedeasilyby customers.
They can do so on the platformof their choice. It helps to enhance
customer experience as it provides customers with portability,
platform independence,verification,signing, versioning, and
licensingterms.
3. ITU-TX.1601:
The ITU standardpresentsa sketch of issues pertainingto cloud
computingand proposes a frameworkfor cloud security.
It talks in detail about various security challenges and ways to
reduce these securityrisks in cloud computing.It also discussesa
frameworkthat providesan insightinto what securitycapabilities
are required for making the cloud secure and facing security
challenges.
iüi. ITU-TX.1601startsby listingdown major securitythreatsthat the
cloud can encounter.
1V. The standarddiscussesthe securitychallengesbased on the nature
of the role that an individualor an organizationplays in the cloud
computingparadigm.
V. The standard divides the roles of an individualor an organization
into followingthree categories:
a. Cloud Service Provider (CSP): An individual or an
organizationresponsiblefor making cloud services available.
b. Cloud Service Customer (CSC) : An individual or an
organizationthat uses cloud services.
c. Cloud Service Partner (CSN) :A partnerthat helps support
the CSPs or the CSCs.
4. PCI DSS:
i. Payment Card Industry Data Security Standard (PCI DSS) was
releasedby PCI securitystandardscouncil.
PCI's main objectiveis to providesecurityguidelinesfor credit card
usage and address CSP's and CSC's.
iüi. Cloud securityis ashared responsibilitybetween the CSP and its
clients
iv. The divisionof responsibilitiesbetweenthe clientand the CSP for
managingPCI DSS controlsis influencedby multiplefactors,which
are:

a. The client uses the cloud servicefor what purpose.

b. What scope of PCI DSS requirementsis the client outsourcing
to the CSP ?
Cloud Computing 4-25 E (CSIT-Sem-7)

c. The CSP validateswhich service and system

its own operations.
componentswithin
d. The service option that the client has selected to
engage the
CSP (laaS, PaaS or SaaS).
e. The scope of any additionalservicesthe CSP is providingto pro
activelymanage the client'scompliance.
5. ISOTEC 27017 Code of practicefor informationsecuritycontrols:
i. This standardis yet to be launchedin the market.
It aims to provide further guidance in the information security
domain of cloud computing.
iü. It is aimed at supplementingthe guidance in ISO/IEC 27002 and
various other IS027k standards including ISO/IEC 27018 on the
privacy aspects of cloud computing, ISOMEC 27031 on business
continuity,and ISO/IEC27036-4 on relationshipmanagemernt,as
wellas all the other ISO27k standards.
iv. The scope and purpose:
a. It aims is to provide an advancementto ISOIEC 27002 in terms
of adding value to its practicesof control implementation
b. Additionally,the standardwill provide further securityadvice
for both: clients and service providers.It will do that by offering
advice for both side-by-sidein each section.
 5
UNIT
Cloud Technologies
and Advancements

CONTENTS
.5-2E to 5-10E
Part-1: Hadoop, MapReduce,
Virtualbox
.6-10E to 5-14E
Part-2: Google App Engine,
Programming Environment
for Google App Engine
.6-14E to 5-21E
Part-3: Openstack,Federation in the
Cloud, Four Levels of
Federation, Federated Services
and Applications,Future
of Federation

5-1 E (CSIT-Sem-7)
5-2 E (CSTT-Sem-7) Cloud Technologies&Advancements

PART-1
Hadoop, MapReduce, Virtualbox.

Questions-Answers
Long Answer Type and MediumAnswer Type Questions

Que 5.1. Describebriefly the term Hadoop ?

Answer
1 Hadoop is an open-source software framework used for storing data
and runningapplicationson clustersof commodityhardware.
2 It provides massive storage for any kind of data, enormous processing
power and the ability to handle virtuallylimitlessconcurrenttasks or
jobs.
3 The Hadoop ecosystem is a framework of various types of complex and
evolvingtools and components.Some of these elementsare very different
from each other in terms of their architecture however, what keeps
them all together under a single roof is that they all derive their
functionalitiesfrom the scalabilityand power of Hadoop.
4 Hadoop ecosystemcan be defined as a comprehensivecollectionof tools
and technologiesthat can be effectivelyimplementedand deployed to
provide big data solutionsin a cost-effectivermanner.
5 MapReduceand Hadoop DistributedFile System (HDFS)are twocore
componentsof the Hadoop ecosystemthat is used to manage big data.
However,they are not sufficientto deal with the big data challenges.
6 Along with these two, the Hadoop ecosystem provides a collection of
variouselementsto supportthe completedevelopmentand deployment
of big data solutions.
Que 5.2. Why do we use Hadoop ?
Answer
Use of Hadoop:
1 Ability to store and process huge amounts of any kind of data quickly.
2. Computing power:Hadoop'sdistributedcomputingmodel processes
big data fast.
 53E (CSIT-Sem-7)
Cloud Computing
3. Fault tolerance:Data and applicationprocessingare protectedagainst
hardwarefailure. Ifa node goes down, jobs are automaticallyredirected
to other nodes to make sure that distributedcomputingdoes not fail.
Multiple copies of all data are stored automatically.
4. Flexibility:Unlike traditionalrelationaldatabases,we do not have to
preprocessdata before storingit. We can store as much data as we want
and decide how to use it later. That includesunstructureddata like text,
images and videos.
5. Low cost : The open-source framework is free and uses commodity
hardware to store large quantitiesof data.
6 Scalability: We can easilygrow our system to handle more data simply
by adding nodes.

Que 5.3. Explainfeaturesof Hadoop.

Answer

Features of Hadoop:
1. Suitable for big data analysis :
i. As big data tends to be distributed and unstructured in nature,
Hadoop clusters are best suited for analysisof big data.
Since it is processing logic (not the actual data) that flows to the
computingnodes, less network bandwidthis consumed.
ii. This conceptis called as data localityconcept which helps to increase
the efficiencyof Hadoop based applications.
2. Scalability :
Hadoop clusters can easily be scaled to any extent by adding
additionalcluster nodes and thus allows for the growth of big data.
Scalingdoes not require modificationsto applicationlogic.
3. Fault tolerance :
Hadoop ecosystemhas a provisionto replicatethe input data on to
other cluster nodes.
ii In case of a clusternode failure, data processingcan still proceed by
using data stored on another cluster node.

Que 5.4. Write a short note on modules of Hadoop.

54E(CSIT-Sem-7) Cloud Technologies&Advancements

Answer

Modules of Hadoop:
1. HDFS (Hadoop DistributedFile System):It states that the files will
be broken into blocks and stored in nodes over the distributed
architecture.
2. YARN (Yet Another Resource Negotiator) : It is used for job
schedulingand managingthe cluster.
3. MapReduce :
This is a frameworkwhich helps Java programs to do the parallel
computationon data using key value pair.
The Map task takes input data and convertsit into a data set which
can be computedin key value pair.
The output of Map task is consumed by reduce task and then the
reducer gives the desired result.
4. Hadoop common:These Java librariesare used to start Hadoop and
are used by other Hadoop modules.
Que 5.5. What are the advantagesof Hadoop ?

Answer
Advantages of Hadoop:
1. Fast :in HDFS, the data distributedover the cluster helps in faster
retrieval.As tools are presenton the same server, reducingthe processing
time. It is able to process terabytesof data in minutes and peta bytes in
hours.
2. Scalable: Hadoop clustercan be extended by just adding nodes in the
cluster.
3. Cost effective: Hadoop is open-sourcethat uses commodityhardware
to store data so it is cost effectiveas compared to traditionalrelational
databasemanagementsystem.
4 Resilientto failure:HDFShas the property with which it can
data over the network, so if one node is down or some other replicate
network
failure happens, then Hadoop takes the other copy of data and use it.
Normally, data are replicated thrice but the replication factor is
configurable.
Que 5.6. Explain the architectureof Hadoop.
Cloud Computing 5 5E (CSIT-Sem-7)

Answer
Architecture of Hadoop:
MapReducelayer HDFS layer

Task Name
tracker node

Master Data
Job
tracker, node

Task Data
Slave tracker node

Fig. 5.6.1.
NameNode:
cluster.
i It is a single master server that exists in the HDFS
ii As it is a single node,it may beconme the reason of single point
failure.
ii. It manages the file system namespace by executingan operation
like the opening, renamingand closing the files.
iv. It simplifiesthe architectureof the system.
DataNode:
The HDFS cluster containsmultiple DataNodes.
Each DataNodecontainsmultipledata blocks.
iii. These data blocks are used to store data.
iv. It is the responsibilityof DataNodeto read and write requestsfrom
the file system'sclients.
V It performsblock creation,deletion,and replicationupon instruction
from the NameNode.
Job tracker:
i. The role ofjob trackeris to accept the MapReducejobs from client
and process the data by using NameNode.
iü. Inresponse, NameNode provides metadatato job tracker.
Task tracker:
It works as a slave node for job tracker.
It receivestask and code from job tracker and applies that code on
the file. This process can also be called as a Mapper.
5-6E(CSTT-Sem-7) Cloud Technologies& Advancements

Que 5.7. Differentiatebetweencloud computingand Hadoop.

Answer
S. No. Cloud computing Hadoop
1 Storingof data, applications Hadoop process and store large
and software are in cloud volume data
sets in a distributed
servers accessible through GDFS computing environment
the internet on-demand across clusters and data nodes.
basis.
2 Cloud computing reduces Business can apply Hadoop to
the cost of managing and analyze a variety of business
maintaining IT systems, problems such as product
instead of purchasing recommendation,fraud detection,
expensive systems and and sentimentanalysis.
equipmentfor the business.
3 Cloud computing offers a Hadoop HDFS provides
reliable, secure and appropriate response times and
consistentQualityof Service increasedsystem availability.
(QoS) manage ment as
decided in service level
agreements.
4 Cloud managementconsole Hadoopdatabase can be connected
provides a complete analysis to many data reportingtools like
of cloud usage as reportsand Microstrategy,and, data meter.
graphs.
5 Computing behaviour like Big data with a large volume of
performance, scalability, data is processed and analyzed
availability,and security is using Hadoop.
analyzed.
6 Cloud computing focus on Hadoop focuses on manipulating
system performance, large data sets with structuredand
network performance,data unstructured data.
security, and availability.
Cost is focused on delivering
Software-as-a-Servicein the
cloud.
Cloud Computing 5-7E (CSTT-Sem-7)

Que 5.8. Write a short note on MapReduce.

Answer
1. MapReduceis based on the parallelprogrammingframeworkto process
large amountsof data dispersedacrossdifferentsystem.
2 The process is initiatedwhen a user requestis receivedto executethe
MapReduceprogramand terminatedonce the results are writtenback
to the HDFS (HadoopDistributedFile System).
3 MapReducefacilitatethe processingand analyzingof both unstructured
and sem-structureddata collectedfrom different sources,which may
not be analyzedeffectivelyby othertraditionaltools.
4. MapReduceenables computationalprocessingof data stored in a file
system without the requirementof loading the data initially intoa
database.
5 It primarilysupportstwo operations,map and reduce.
6 These operationsexecute in parallelon a set of worker nodes.
7 MapReduceworks on a master workingapproachin which the master
process controls and directs the entire activity, such as collecting,
segregating,and delegatingthe data among differentworking.
Que 5.9. Explain the working and phases of MapReduce.

Answer
1 The MapReducealgorithmcontainstwo importanttasks, namely Map
and Reduce:
The Map task takes a set of data and convertsit into another set of
data, where individualelementsare brokendown into tuples (key
value pairs).
The Reduce task takes the output from the Map as an input and
combinesthose data tuples (key-valuepairs) into a smallerset of
tuples.
2. The reduce task is always performedafter the map task.
Phases of MapReduce:
1. Input phase : Here we have a record reader that translates each
record in an input file and sends the parsed data to the mapper in the
form of key-value pairs.
2. Map: Map is a user-defined function,which'takes a series of key-value
pairs and processes each one of them to generate zero or more key
value pairs.
3. Intermediate keys : They key-valuepairs generatedby the mapper
are known as intermediate keys.
 8E(CSIT-Sem-7) Cloud Technologies&Advancements
4. Combiner :
1. Acombiner is a type of local reducer that groups
the map phase into identifiablesets.
similardata from
ii It takes the intermediatekeys from the
mapper as input and applies
a user-definedcode to aggregatethe values in a small
scope of one
mapper.
iüü. Itis not a part of themain MapReducealgorithm;it is
5.
optional.
Shuffle and sort:
i The Reducer task starts with the shuffle and sort step.
It downloadsthe grouped key-value pairs onto the local
machine,
where the reducer is running.
iüi. The individualkey-valuepairs are sorted by key into a larger
list.
data
iv. The data list groups the equivalent keys together so that their
values can be iterated easily in the reducer task.
6. Reducer:
The reducer takes the grouped key-valuepaired data as input and
runs a reducer function on each one of them.
iü. Here, the data can be aggregated, filtered, and combined in a
number of ways, and it requires a wide range of processing.
iüi. Once the executionis over, it gives zero or more key-value pairs to
the final step.
7. Output phase :
i In the output phase, we have an output formatter that translates
the final key-value pairs from the reducer function and writes
them ontoa file using a record writer.
Input |UP nput Input Input |Input Input +Input phase

M M M M
Map phase
kl:vkl vk2:v klv klvkl:vk2:v klvkl:vk2v klv kl:vkl:vk2.v Intermediate
keys
Group by key Combiner
(optional)
Shufle
kl:v,v,v,v| k2:v k3:v,v k4:v,v,v |k5:v
and sort
Reducer
R R
phase
Output
Output phase
Fig. 5.9.1.
 5-9 E (CIT-Sem-7)
Cloud Computing

Que 5.10.Explainthe features of MapReduce.

Answer
Features of MapReduce:
1. Scheduling:
and reduce, which are
MapReduceinvolves two operations: map smallerchunksare run in
executedby dividinglarge problemsinto
parallelby differentcomputingresources.
subtasks and running these
The operation of breakingtasks into called mapping, which is
subtasks independentlyin parallel is
performedahead of the reduce operation.
2. Synchronization :
requiressynchronization.
i Executionofseveralconcurrentprocesses
framework is aware of the
The MapReduce program execution
ii.
are taking place in the
mapping and reducing operations that
program.
3. Co-location of code/data (Data locality) :
mechanismdependson the
i. The effectivenessof a data processing for the code to execute.
locationof the code and the data required
both code and data reside on the
The best result is obtained when
same machine.
of the code and data produces the
iüi. This means that the co-location
most effectiveprocessingoutcome.
4. Handling of errors/faults :
fault tolerance and
MapReduce engines provide a high level of
robustnessin handlingerrors.
these engines is their high
The reason for providingrobustnessto
tendency to make errors or faults.
5. Scale-out architecture :
way that they can
MapReduce engines are built in such arequired.
i
accommodatemore machines, as and when
computing resources to the
This possibilityof introducingmore more suited
architecturemakes the MapReduceprogrammingmodel
data.
tothe higher computationaldemandsof big
Que 5.11. Write a short note on virtualbox ?

Answer
virtualizingthe x86
1. Virtualbox is an open-source software used for
computingarchitecture.
5-10 E (CSIT-Sem-7) Cloud Technologies&Advancements
2 It acts as a hypervisor,creating a VM (Virtual Machine) in which the
user can run another OS (OperatingSystem).
3 The operatingsystem in which virtualboxruns is called the host OS.
4. The operating system running in the VM is called the guest OS.
Virtualb0xsupportsWindows, Linux, or MacOS as its host OS.
5 When configuring avirtual machine, the user can specify how many
CPUcores,and how much RAM and disk space should be devoted to the
VM.
6 When the VM is running, it can be paused (systemexecutionis frozen at
that moment in time), and resumed later when the user wishes to
continue.

Que 5.12. Describethe working of MapReduce algorithm.

Answer
Working of MapReducealgorithm:
1. Take a large dataset or set of records.
2. Perform iteration over the data.
3. Extract some interesting patterns to prepare an output list by using the
map function.
4. Arrange the output list properly to enable optimizationfor further
processing.
5. Compute a set of results by using the reduce function.
6. Provide the final output.

PART-2

Google App Engine, ProgrammingEnvironment

for Gdogle App Engine.

Questions-Answers

Long Answer Type and MediumAnswer Type Questions

Que 5.13. Write a short note on Google App Engine (GAE).

Answer
1. Google App Engine (GAE) is a Platform-as-a-Service (PaaS) product
that providesweb app developersand enterpriseswith accessto Google's
scalablehostingand tier-1 Internetservice.
Cloud Computing 5-11 E (CSIT-Sem-7)

2
The App Enginerequiresthat apps writtenin Java or Python,store data
in Google BigTable and use the Google query language. Non-compliant
applicationsrequire modificationto use App Engine.
3. Google App Engine provides more infrastructurethan other scalable
hosting servicessuch as Amazon ElasticCompute Cloud (EC2).
4 The App Engine also eliminates some system administrationand
developmentaltasks to make it easierto write scalableapplications.
5 Google App Engine is free up to a certainamount of resourceusage.
6 Users exceeding the per-day or per-minute usage rates for CPU
resources, storage, number of APIcalls or requests and concurrent
requests can pay for more of these resources.

Que 5.14. What are the advantageand disadvantages of GAE?

Answer
Advantages of GoogleApp Engine(GAE):
1 GAE do not scale however, even after we empower billing, the whole
system is augmented to support only 500 requests per second. If we
want more, we can reach Google'sdisposalto increaseour thresholds,
so we can have millionsofusers, but more than 500 requests per second.
2 GAE feature set is good enough to build a decent websiteand we do not
need to do the maintenance work.
3 It does not requireany serveradministration.It has free usage allocation
and providesscalability.GAE has better access to Google user accounts
and deploymentprocess is very easy.
4 GAE has the highestadmin load, but once it is set up, deployingand re
deployingis quick.
5 We can get any feature from the store with GAE.
Disadvantages of GAE:
1 GAE is not stable enough and the budget would increase much when
the website becomes bulky.
2 Without native file system read/writeaccess, it is hard to processsome
data transformwith existinglibrary,and it do not supportsome native
file system base libraryas well.
3 It does not provide full text search API.
4 SDK (SoftwareDevelopmentKit) Java is unfavorablewith GAE as it is
unsatisfactoryto accomplishlots ofexternallibraries.
5-12 E (CSIT-Sem-7) Cloud Technologies&Advancements

5. The SDK/Java depth rest on IDE, and the default project directory
structure is different from normal web app.
6. It is not easy to process unit test. It cannot fix the root cause and does
not support add SSL to website.
7. The GAE may be the developmentfor future web application,but it is
not equippedfor buildinga modern web site.
8 It suffers from the inabilityto weak server software. The file system
and many standardlibrarymodulesare inaccessible.Only Python and a
few runs of Java Virtual Machine are accessible.

Que 5.15. What are the features of GoogleApp Engine?

Answer
Features of GoogleApp Engine:
1. Persistentstoragewith queries,sortingand transactions.
Automaticscalingand load balancing.
iii. APls for authenticatingusers and sendingemail using Google accounts.
iv. Task queues for performingwork outsideof the scope of aweb request.
V. Scheduled tasks for triggeringevents at specifiedtimes and regular
ntervals.
vi. Dynamic web serving, with full support for common web technologies.
Que 5.16. Explain the services providedby Google App Engine.

Answer
Servicesprovidedby Google App Engine:
1. Data store :
i. App engine provides a powerful distributeddata storage service
that features query engine and transactions. Data store entities
are schemaless.

i. The structure of dataentitiesis provided and enforcedby application

code. The Java interfaces and the Python data store interface
include features for applyingand enforcingstructurewithin app.
The data store is stronglyconsistentand uses optimisticconcurrency
control. An update of an entity occurs in a transaction that retried
afixednumber of times if otherprocessesare trying to update the
same entity simultaneously.
operations in a
iv. The application can execute multiple data store ensuring the
single transaction which either all succeed or all fail
integrityofour data.
Cloud Computing 5-13 E (CSIT-Sem-7)
2. Google accounts :
i. App Engine supportsintegratingan app with Google accounts for
user authentication.Our application can allow a user to sign in
with a Google account,and access the email addressand displayable
name associated with the account.
It also saves the effort of implementinga user account
systemjust
for the application.
ii. Ifthe applicationis runningunder Google apps, it can use the same
features with members of the organization and Google apps
accounts.
iv. The users APIcan also tell the application whether the current
user is aregisteredadministratorfor the application.This makes it
easy to implementadmin-onlyareas of the site.
3. URL fetch: Applicationscan access resourceson the Internet, such as
web services or other data using App Engine's. URL fetch service
retrieves web resources using the same high-speed Google
infrastructurethat retrievesweb pages for many other Google products.
4 Mail : Applicationscan send email messages using App Engine's mail
service. The mail service uses Google infrastructure to send email
messages.
5 Image manipulation:Theimage servicelets the applicationmanipulate
images. With this API, wve can resize, crop, rotate and flip images in
JPEG and PNG formats.
6 Memcache:
i The memcacheserviceprovidesapplicationwith a high performance
in memory key value cache that is accessibleby multipleinstances
of the application.
ii Memcache is useful for data that do not need the persistence and
transactionalfeatures of the data store, such as temporarydata or
data copied from the data store to the cache for high speed access.
7. Scheduled tasks and task queues:
An applicationcan perform tasks outside of responding to web
requests.
The applicationcan performthese tasks on a schedule,such as on
a daily or hourly basis.
iii. The applicationcan perform tasks added to a queue by the application
itself, such as a backgroundtask created while handlinga request.

Que 5.17. Describebriefly the supported environments for Google

App Engine.
5-14 E (CSIT-Sem-7) Cloud Technologies&Advancements

Answer
Supportedenvironmentsfor Google App Engine:
1. Java Runtime Environment :

Developapplicationusing commonjava web developmenttools and

APIstandards.
i. It includesjava Runtime Environment6, platformand libraries.
ii. App interactswith the environmentusing Java Servlet standard
and can use common web applicationtechniquessuch as Java Server
pages.
2 Python Runtime Environment :
Implementapp using the Python runtime environment,and run it
on an optimizedPython interpreter.
ii. Appengineincludesrich data modelling APls and tools for managing
and accessingapp's data.
iüi. Uses Python version 2.5.2, in future being consideredPython 3.
iv. Provides rich APIs for the data store, Google accounts,URL fetch,
and email services.
V. It provides simple Python web applicationframework called web
app to make it easy to start buildingapplications.

PART-3
Openstack, Federationin the Cloud, Four Levels of Federation,
FederatedServicesand Applications,Future of Federation.

Questions-Answers
Long Answer Type and Medium Answer Type Questions

Que 5.18. Explain openstack.

Answer
1 Openstackis an open-sourcesoftware that allows the deploymentand
managementof a cloud Infrastructure-as-a-Service
(IaaS) platform.
2. Openstacksupportsboth privateand public cloud deployments.
3 It fulfills two main requirementsof the cloud, massive
scalabilityand
simplicityofimplementation.
4. Openstackis highly configurableas user can choose whether or not to
implementseveral servicesoffered by the software.
Cloud Computing 5-15 E (CSIT-Sem-7)

5 The configurationof each componentis also up to the user and is easily

made through the ApplicationProgrammingInterface(AP).
6. Therefore,there are many differentways to use openstack,which makes
it a flexible tool that is able to work along with other software.
7. Another reason to adopt openstack is that it supports different
hypervisors(Xen, VMware or Kernel-basedVirtual Machine KVM)
and several virtualizationtechnologies(such as bare-metalor high
performancecomputing).
Que 5.19.Whatare the components of openstack?
Answer
Components of openstack:Openstackhas open nature, anyone can add
additionalcomponentsto openstackto help it to meet their needs. But the
openstackcommunityhas collaborativelyidentifiednine key components
that are a part of the core ofopenstack,officiallymaintainedby the openstack
community:
1 Nova :
i It is the primarycomputingengine behind openstack.
i. It is used for deploying and managing large numbers of virtual
machinesand other instancesto handle computingtasks.
2. Swift :
i It is a storage system for objects and files.
ii. It allows the system, rather than the developer,to make sure that
data is backed up in case of the failure of a machine or network
connection.

3. Cinder :
i It is a block storage component, which is more analogous to the
traditionalnotion of a computerbeing able to access specificlocations
on a disk drive.
ii. This more traditional way of accessingfiles might be importantin
scenarios in which data access speed is the most important
consideration.
4. Neutron :
It provides the networkingcapabilityfor openstack.
ii. It helps to ensure that each of the components of an openstack
deployment can communicate with one another quickly and
efficiently.
5. Horizon:
i. It is the dashboardbehind openstack.
i.
Developers can access all of the components of openstack
individuallythrough an ApplicationProgrammingInterface(API),
5-16E (CSIT-Sem-7) Cloud Technologies&Advancements
but the dashboardprovidessystemadministratorsa look at what is
going on in the cloud, and how to manage it.
6. Keystone :
i Itprovidesidentityservicesfor openstack.
i. It is essentiallya central list of all of the users of the openstack
cloud,mapped against all of the services provided by the cloud,
which they have permissionto use.
ii. Itprovidesmultiplemeans of access, so that, developerscaneasily
map their existinguser access methodsagainst keystone.
7 Glance:
i. It providesimage servicesto openstack.
In this case, images refers to images (or virtual copies) of hard
disks.
ii. Glance allows these imagesto be used as templateswhen deploying
new virtual machine instances.
8. Ceilometer:
1. It provides telemetry services, which allow the cloud to provide
billingservices to individualusers of the cloud.
It also keeps a verifiablecountof each user's systemusage of each
of the various componentsof an openstack cloud.
9. Heat :
i. It is the orchestrationcomponent of openstack,which allows
developersto store the requirementsofa cloud applicationin a file
that defineswhat resourcesare necessaryfor that application.
:
In this way, it helps to manage the infrastructure needed for a
cloud service to run.
Que 5.20. Write down the benefits of usingopenstack?

Answer
Benefits of using openstack :
1. Enables rapid innovation :
L.
Openstack's orchestration and self-service capabilities offers
developersand IT staff withfaster and better access to IT resources.
Because developerscan provisionmachinesrapidlyand on-demand,
they can significantlyreduce developmentand testing periods and
have more freedom to experimentwith new ideas.
2. Cuts down time-to-market :
Faster deployment of IT resources also means end users and
i.
business units no longer have to wait days or weeks to start using
the network services and applicationsthey need.
Cloud Computing 5-17 E (CSIT-Sem-7)

ii. In turn, they would be more capable of rolling out and completing
projectsearlierthan before.
3. Boosts scalability and resource utilization:
i Althoughnot as scalableas public clouds, openstackprivate clouds
still offer a significantdegree of scalability.We can still spin up and
spin down servers on demand.
4. Eases regulatorycompliance:
i. Becauseopenstackenablesthe constructionof private,on-premise
clouds, it can help in regulatorycomplianceendeavors.
If our cloud is in our own datacenter,we will have more control of
access privileges,securitymeasures,and securitypolicies.
ii. We can personallytake chargeof ensuringthat policiesfor securing
personaldata, financial data,and other confidentialand regulated
informationare actuallyenforcedand not just printedon a piece of
paper.

Que 5.21. Write a short note on cloud federation.

Answer
1. Cloud federationrefers to the unionizationof software,infrastructure
and platformservicesfrom disparatenetworksthat can be accessedby
a client through the internet.
2. The federation of cloud resources is facilitated through network
gatewaysthat connect public or external clouds, private or internal
clouds (owned by a single entity) and/or communityclouds (owned by
several cooperating entities); creating a hybrid cloud computing
environment.
3 The federatedcloud computingservicesrely on the existenceof physical
datacenters.
4. Two approachesof cloud federationare :
a. Centralizedfederationmodel : This is the approach taken by
several identity federation standards. It distinguishes two
operationalroles in transaction:
i The identity provider
i. The service provider
b. Claim-based model : This approach addresses the problem of
user authenticationfrom a differentperspectiveand requires users
toprovide claims answeringwho they are and what they can do in
order to access content or completea transaction.
Que 5.22. What are the benefits of cloud federation?
5-18 E (CSIT-Sem-7)
Cloud Technologies& Advancements

Answer
Benefitsof cloud federationare :
1. The federationof cloud resources
allows client to optimizeenterpriseIT
service delivery.
2 The federation of cloud resources allows a client to
cho0se best cloud
service providersin terms of flexibilitycost and availabilityof servicesto
reach particularbusinessor technologicalneed within their
3
organization.
Federationacross differentcloud resourcespools allows applicationsto
run in the most appropriateinfrastructure
environments.
4 The federationof cloud resourcesalso allows an
enterpriseto
workloads around the globe, move data between disparatedistribute
networks
and implement innovative security models for user access to cloud
resources.

Que 5.23. What are the levels of federation?

Answer
Levels of federationare:
1. Permissivefederation:
i. Permissivefederationoccurs when a server accepts a connection
from a peer network server without verifying its identity using
DNS lookups or certificatechecking.
ii. The lack of verification or authentication may lead to domain
spoofing(the unauthorizeduse of a third-partydomain name in an
email message in order to pretend to be someone else), which
opens the door to widespreadspam and other abuses.
2 Verified federation:
This type of federation occurs when a server accepts a connection
from a peer after the identity of the peer has been verified.
i. It uses information obtained via DNS and by means of domain
specifickeys exchanged beforehand.
iii. The connectionis not encrypted,and the use ofidentityverification
effectivelypreventsdomain spoofing.
iv. Tomake this work, federationrequires proper ITS setup, and that
is still subject to DNS poisoning attacks.
V Verifiedfederationhas been the default service policy on the open
XMPP since the release of the open-sourcejabberd 1.2 server.
3. Encryptedfederation:
i In this mode, a server accepts a connectionfrom a peer if and only
if the peer supportsTransportLayer Security(TLS).
Cloud Computing 5-19 E (CSTT-Sem-7)

ii. The peer must present a digital certificate.The certificatemay be

self-signed,but this preventsusing mutual authentication.
i. If this is the case, both parties proceed to weakly verify identity
using Server Dialback. XEP-0220 defines the server dialback
protocol, which is used to provide identity verification.
iv. Server dialback uses the DNS as the basis for verifyingidentity,
the basic approach is that when a receivingserver receivesa server
to-server connection request from an originating server, it does
authoritative
not accept the request until it has verifieda key with an
server for the domain asserted by the originatingserver.
V.
Althoughserver dialbackdoes not provide strongauthenticationor
trustedfederation,and althoughit has effectivelypreventedmost
instancesof address spoofingon the XMPP network since its release
in 2000.
weak identity
vi. This results in an encrypted connection with
verification.
4. Trustedfederation:
only under the
Here, a server accepts a connection from a peer
a
condition that the peer supports TLS and the peer can present
(CA) that
digitalcertificate issued by a root CertificationAuthority
is trusted by the authenticatingserver.
more
ii The list of trusted root CAs may be determined by one or
software, or
factors, such as the operatingsystem, XMPP server
local servicepolicy.
resrlts not only
ii. In trusted federation,the use of digitalcertificates
authentication.
in a channelencryptionbut also in strong
effectivelyprevents DNS
iv. The use of trusted domain certificates since such
poisoningattacks but makes federationmore difficult,
obtain.
certificateshave traditionallynot been easy to

cloud federation ?
Que 5.24. What are the advantages providedby

Answer
Advantages provided by cloud federation :
to
i. Performance guarantees : By lending resources, it is possibleservices.
the rendered
maintain the necessarylevels of performanceto
diversity for data and services
ii. Availability guarantees : Location areas,
allows migration of services. For example, disaster-prone
maintaininghigheravailabilityto the client.
5-20 E (CSTT-Senm-7)
Cloud Technologies& Advancements
iii. Convenience:Federationprovidesconvenience the clientin relation
tocontractedservices,allowing a unified
to
view from servicesof different
providers.
iv. Dynamic workload
scatterload accordingtodistribution:Geographic
the client location.
distributionallows to
Que 5.25. What are the approaches used to model cloud
federation ?
Answer
Approachesused to model cloudfederationare:
1 Semanticsbased:
i. A theoretical federation
model based on semantics and
Infrastructure-as-a-Service(IaaS) is proposed.
The authors utilize ontology to provide
autonomousclouds in a resource sharinginteroperability
environment.
between
ii. The use of ontologies is justified by the
difficulties offering
interoperability,which is acritical aspect in afederatedcloud.
iv. The difficulties in providing
interoperabilityinclude different
implementationschemesfor the same type of entityor components
on each cloud, where ontologies are utilised to
model such differences. understand and
2. Market-oriented:
i The federation model oriented to
proposed.
computation services was
ii It focuses on the
commercialization
structure that resemblesa servicesofinfrastructure resourcesin a
market.
ii. To support this model, four componentsare
the cloud federation :
utilized as the core of
a. Clouds: Where resources are located and the serviceswill be
offered to the clients.
b. Application broker:Interfaceresponsiblefor
operationsbetween client and federation. intermediating
C. Cloud coordinator :Component located in each cloud and
responsible maintainingthe integrityof the federation.
for
d. Concentrator:Acts as the market of resourcesand services.
3. Reservoir :
The reservoiris a project leaded by IBM and
developed with the
objective to provide a cloud federation environment that offers
software-as-a-serviceto providers.
Cloud Computing 5-21 E (CSIT-Sem-7)

The reservoir modelling is focused in loose coupling, and also in

avoidinglimitationsshown by isolatedclouds, such as:
Difficultiessmall providershave in providingscalability.
b. Lack of interoperability.
C Lack of support to BusinessService Management(BSM).
i. The officialdocumentationhighlightsfour functionalrequirements:
rapid installationof applicationsand services,dynamicelasticity,
semantic and continuous optimization, and independence of
virtualizationtechnologies.