Unit IV

Business continuity and disaster recovery

A disaster is an unforeseen event in a system lifetime. It can be caused by natural disaster
(earthquake, climate change or tsunami), human errors or hardware/ software failures. This in
turn can lead to serious financial loss or even death. As a result, the major objective of Cloud
Disaster Recovery (DR) is to provide an organization with automated and reliable approach
(es) to data recovery and failover in the event of a man-made or natural catastrophe.

Cloud disaster recovery as a service that enables the backup and recovery of remote machines
on a cloud-based platform.

Disaster recovery can be categorized into three levels based on different requirements. These
include data-level, system level and application-level disaster recovery.

Data-level disaster recovery is the most fundamental among all others and guarantees the
security of the application data.

System level disaster recovery makes recovery for operating system of application server as
short as possible.

Application level disaster recovery makes recovery from the cloud software failure.

Disaster recovery requirements

There are five primary requirements for the disaster recovery

Recovery Point Objective (RPO): The RPO of a DR (Disaster Recovery) system depicts the
point in time of the most recent backup prior to the event of a disaster or failure.
Recovery Time Objective (RTO): The RTO is an impertinent business decision that determines
the duration it takes an application to be restored back online in the event of a failure

Performance: Disaster recovery service must allow a minimal impact on the performance of
each application being protected under failure-free operation for it to be useful.

Consistency: This ensures that an application regains a consistent state after a failure occurs.

Geographic separation: This ensures that both the primary and backup sites are located at
separate geographical locations

Mechanisms for cloud disaster recovery

These are additional requirements that must be met for DR

Network reconfiguration: Cloud platforms allow a flexible reconfiguration of the network

setup for an application after it is restored online in the backup site. Two possible network
reconfiguration processes to achieve this include modification of Domain Network Service
(DNS) or updating routes to redirect traffic to the failover site

Security and isolation: Security concerns to be addressed include the privacy of storage,
network, and the virtual machine resources being used.

Virtual machine migration and cloning: Although not currently supported, cloud platforms
are expected to allow VM migration in or out of the cloud.

Disaster recovery as a service

This phenomenon allows recovery of data center infrastructures and critical servers to be
replicated in the cloud as a service. The architecture is configured with pre-built options to
support virtual recovery environments characterized by network connectivity, security and
server failover.

The cloud disaster recovery architecture

In a two-zone cloud DR configuration, Zone "A" and Zone "B", each zone replicates the other
such that if a zone experiences a downtime as a result of disaster, then the other becomes active.
Each zone has its own internal System Architecture (SA) similar to the other. The zone "A"
has an Active Load Balancer and zone "B" has a Passive Load Balancer.
Active Load Balancer: The primary function of a load balancer is to ensure fair distribution of
the system's work load. The load balancer is also responsible for citizen request identification
and evaluation to include the type and volume of requests and confirms if the available
resources can serve these requests or not.

Passive Load Balancer: This is the same as Active Load Balancer except that it is in the passive
mode. It becomes active within 5 to 10 minutes when zone "A" experiences a downtime due to
a disaster.

Monitoring Unit: This unit manages the activities and states (good/ compromised) of both zone
"A" and zone "B" to improve efficiency and reliability of service.

Challenges of the cloud disaster recovery

Dependency: Customers are totally dependent on cloud service providers due to lack of control
over the system and the data as the data backup is on premises of service providers.

Cost: Cloud service providers annually charge differently for interrelated DR systems as a
service operation

Failure detection: A failure detection time is expected to be very short so that the system
downtime can be adequately managed on time.

Security: Cyber terrorism attacks and natural disasters are major problems. Mechanisms must
be developed to protect important data.

Data storage: Storage single point of failure and data loss are critical challenges to store data
in cloud service providers' DR solutions.

Solutions:
Local backup: An alternative backup plan can be made for both data and complete application
at the customer's end

Geographical Redundancy and Backup (GRB): With this approach, two cloud zones are
located at different geographical locations and ones synchronously mirrored as a replication of
the other.

Inter-Private Cloud Storage (IPCS): This approach provisions three different geographical
backup locations for business data storage such that each backup location is dedicated to
backup only one of the servers, local backup server (LBS) or remote backup server (RBS).

Resource management: Improved technologies for hardware and software application

management must be deployed for seamless critical data DR services.
Threats in cloud
Data breaches: Data breaches are often a result of simple human error, poor security practices,
targeted attacks, and application vulnerabilities.

Data loss: This is often experienced due to hard drive failure, malware attacks, natural disasters
(for example, earthquakes and floods), power failure and human errors (accidental file deletion
by a cloud administrator) leading to corrupt or unavailability of data.

Malicious insiders: These are past or present malicious insiders like a system administrator,
former employee, business partner or a third-party contractor with high-level of access to
potentially private, sensitive information and critical systems leading to a serious data breach.

Denial of Service (DoS): A DoS attack originates from a source machine only and is designed
to deny legitimate user’s access

Distributed Denial of Service (DDoS) attack: a DDoS attack locates vulnerable systems
(zombies/slaves) participating in a network

Vulnerable systems and application programming interfaces (APIs):

Cloud APIs represent gateways which can be well exploited by an attacker to gain considerable
access to cloud resources.

Weak authentication and identity management: Attackers can inject malicious software to
attack the cloud services, modify data and service management/control parameters or sniff data
in transit.

Account hijacking: This involves the stealing and using of the account details of a legitimate
user for disreputable purposes using techniques like fraud and phishing.

Shared technology vulnerabilities: Attackers to cause data breach due to compromised cloud
data security.

Lacking due diligence: Due diligence involves verification of the availability of appropriate
security controls, standards and accreditations.

Advanced Persistent Threats (APT):

Adaptive program that penetrates the cloud infrastructure of an organization to steal data via
techniques such as direct hacking, use of unsecured third-party APIs, spear phishing, attack
code

Abuse of cloud services: Poorly secured cloud service deployments, fraudulent account sign-
ups via payment interfaces, and free cloud service trials expose cloud computing models to
malicious attacks.

Metadata spoofing attack: User information can be modified by attackers to redirect users to
a different place, a concept similar to DNS poisoning.
Security techniques for threats protection
To mitigate against the threats discussed in the previous section, the following security
measures must be taken into consideration to secure the cloud:

Protection from Data Breaches:

 Encrypt sensitive data before the actual storage on cloud and in the network using
some efficient key management algorithm.
 Implement proper isolation among virtual machines to guide against information
leakage.
 Ensure proper access controls are implemented against unauthorized access.
 Conduct a risk assessment of the cloud environment to identify the storage of
sensitive data and its transmission between various services and networks.
 Use attributed-based encryption to secure data before storage such that only users
with access attributes and keys can access the data.
 Use fine-grained and scalable data access control.

Protection from data loss:

 Maintain backup of all cloud data for replication purpose in the event of data loss.
 Protect data backup to maintain data metadata security properties such as integrity and
confidentiality.

Protection from account or service hijacking:

 Monitor network traffic and nodes in cloud to detect malicious activities via network
security features like the intrusion detection systems (IDS).
 Ensure proper implementation of identity and access management to avoid
unauthorized access to account credentials.
 Implement multi-factor authentication for remote access using at least two credentials.
 Audit all users' privileged activities along with their associated information security
events.

Protection from DoS:

 Identify and implement all the basic security requirements of cloud network,
applications, databases, and other services.
 Verify and close every potential loop hole that can be exploited by attackers by testing
applications after designing.
 Prevent DDOS attacks by having extra network bandwidth, using intrusion detection
system (IDS) that verify network requests before reaching the cloud server
 Protection from insecure Interfaces and APIs:
 Developers should design APIs via the principles of trusted computing.
 Cloud providers must ensure that APIs implemented in the cloud are designed securely
and checked before deployment for possible flaws.
 Implement strong authentication mechanisms and access controls to secure data and
services from insecure interfaces and APIs by following the Open Web Application
Security Project (OWASP).
 Customers must analyze the interfaces and APIs of cloud providers before migrating
their data to cloud.
Protection from malicious insiders:
 Limit the hardware and infrastructure access to the authorized users only.
 Service providers must implement and enforce strong access control and segregation
of duties in the management layer
 Audit employees routinely for possible suspicious behavior.
 Implement appropriate encryption in storage and public networks.

Protection from abuse of cloud services:

 Identify malicious customers via strict initial registration and validation processes.
 Make policies that allow the protection of critical organizational assets a part of the
SLA between the user and service provider.
 Ensure the network monitoring process is comprehensive enough to detect malicious
packets.
 Install all the updated security devices in the network.

Protection from insufficient due diligence:

 Service providers must disclose the applicable logs and infrastructure such as a
firewall to consumers to take measures for securing their applications and data.
 The provider must set up requirements for implementing cloud applications and
services using industry standards.
 A cloud provider must conduct risk assessment using quantitative and qualitative
methods periodically to check the storage, flow and processing of data.

Protection from Shared Technology Vulnerabilities:

 A hypervisor must be secured to ensure proper functioning ofother virtualization
components and implementing isolation between VMs.
 Create and use baseline requirements for all cloud components in the design of the
cloud architecture.
 A service provider should monitor the vulnerabilities in the cloud environment and
release patches to fix those vulnerabilities periodically.

SLA

Cloud service level agreements (SLA) practices

 A SLA is a formal and legal contract document containing a set of well-negotiated
objectives, purpose, terms and conditions of business engagements between the cloud
service providers and the cloud users.
 A SLA also contains details of the cloud services to be rendered, benefits and
drawbacks of the cloud, responsibilities, cloud deployment and security challenges as
well as guarantees and warranties of the services.
 These agreements might include but not limited to what cloud services will be offered,
the mode of service delivery and who will be responsible for the execution, monitoring,
reporting failures, security, and privacy responsibilities.
Components of a cloud SLA
A typical cloud service level agreement is composed of a service guarantee, service guarantee
time period, service guarantee granularity, service guarantee exclusion, service credit, and
service violation measurement and reporting:

Service guarantee: This establishes the metrics which a cloud provider seeks to achieve within
a service guarantee time period.

Service guarantee time period: This is the acceptable period of time required for a service
guarantee to be met.

Service guarantee granularity: This characterizes the resources scale on which a provider
defines a service guarantee.

Service guarantee exclusions: These are the potential possibilities and likely events that are
not included in the service guarantee metric calculations.

Service credit: This is the accrued amount in favor of the cloud consumer or brought forward
towards future payments for new services

Service violation measurement and reporting: This identifies true violations of a service
guarantee by defining how and who is responsible for measuring and reporting of such
violation(s), respectively.

Types of SLAs
Customer-based SLA: which covers all services used by the users.
Service-based SLA: This is an agreement between the cloud service provider and all registered
users using the service.
Multilevel SLA: This kind of SLA consists of different levels with each containing the
conditions of different customers using the same service.
Customer level SLA: This document contains records of all service level management
problems related to a group of certain users.
Service level SLA: This document contains records of all service level management problems
related to a specific service

Significance of SLAs:
 It provides concise and transparent understanding of the cloud services and the cloud
service providers.
 It presents a list of all available services a service provider could provide with an
associated detailed specification and description of each service.
 It provides detailed information regarding business requirements and objectives in a
transparent manner
 It showcases critical privacy and security management policies for the cloud
environment.
 It offers service-oriented monitoring of performance, service quality, responsibilities,
and priorities.
 It presents the service management requirements in a transparent manner if an event of
a cloud service failure occurs.
Issues of Quality of Cloud Services

Performance quality evaluation measures of the cloud services are summarized and presented
The following table represents the economic quality features of cloud services:

The following table represents security quality requirements:

The following table shows general quality assurance requirements for cloud services:
Migration of a local server into cloud
The basic orderly steps required to migrate data:

The first initial step of migrating an organization's resources into the cloud starts by conducting
a preliminary checklist of some important definitions of needs and requirements with its
associated risk factors, followed by extensive planning and then migration.

Preliminary checklist/planning for migration:

 Identify all potential benefits

 Confirm that the traditional computing infrastructure suits cloud
 Prepare a cost/opportunity and risk evaluation model to guide decision making
 Develop a standard guideline and blueprint to optimize the current computing resources
 Identify which current computing resources can/cannot be migrated into the public
cloud
 Identify and prepare in-house technical how-to competencies
 Appoint a cross-functional team
 Assess technical problems
 Confirm that the current networking/computing environment is ready for migration
Application and business services into a cloud environment are Business Requirement
Analysis, Migration Decision Evaluation, Legacy System Analysis, Identification of
component(s) to be migrated, Offering of Candidate Service, Choosing Migration Type,
Function or Component, Migration of Component, Linking of Migrated Component, Checking
Complete Service, Confirming Complete Migration, Consumption of Service and Undo
Change.

The four basic types of cloud-enabled migrations are

Type I: This is the least invasive type of migration, where one or more (architectural)
components are replaced by cloud services.
Type II: Partially migrate some of the application functionality to the cloud.
Type III: This is a classic migration in which the entire software stack of the application is
migrated to the cloud.
Type IV: It typifies a complete migration of the application, data and business logic to the
cloud as well as the associated functions and components

Trust management evaluation attributes

A Trust Management (TM) system should be able to measure the degree of truthfulness of
cloud-services via the following attributes:

Data integrity: This includes service requirements such as privacy, data security, and
accuracy.

Security: Cloud service providers must put up mechanisms to protect their consumer's personal
information and data securely.

Privacy: The cloud service providers should maintain privacy of sensitive information of their
customers for continued trustworthiness and integrity.

Credibility: This is the degree of quality of a cloud service provided to a cloud service
consumer by a cloud service provider.
Turnaround efficiency: This includes both the actual and the promised turnaround times.
Availability: This measures the degree of uptime and accessibility of resources, services or
components provisioned by a cloud service provider.
Reliability/success rate: This defines the degree of compliance of a cloud service provider to
provide mutually agreed upon services

Adaptability: This reflects redundant provisioning of data storage and processing facilities to
manage potential single point of failure events.

SLA: This is an official document that clearly specifies technical and functional descriptions
to be complied by the cloud service provider.

Customer support: This is the actual support (technical, feedback, security, and so on) offered
by the cloud service provider to its consumers.

User feedback: This is a post-service experience scoring by a cloud consumer on the

performance and quality of service(s) being rendered by the cloud service provider.
Google Cloud, Microsoft Cloud, Apple Cloud, Amazon Cloud