Unit III

SOA foundation
 A service-oriented architecture (SOA) is a design methodology used to develop
software based on interoperable services. Actually, these services are the IT capabilities
that are provided to components using a communication network.
 Organizations compliant with SOA are known as the service-oriented enterprises
(SOE)
 Characteristics
 Refurbished and reusable: Services can be reused multiple times for multiple
processes.
 Loosely coupled: Services are designed to be independent with minimum
dependency on implementation.
 Platform independent: The base of services in the XML format.
 Based on standards: The service design is based on WSDL and SOAP standards.

Web Services and SOA

  Web services are the technical foundations of SOA that include the concept of
interoperability. They are independent software accessed over a network through
standard protocols.
 Web services have a prescribed interface on which they are written. There are
constraints applied and policies as per the specified service description.
 IBM Definition:
 "SOA is a business-centric IT architectural approach that supports integrating our
business as linked, repeatable business tasks, or services."
SOA communication
SOA from a viewpoint of service providers, consumers and the service registry:

Service Provider: It provides all kinds of service-related operations like service registration,
service discovery, exception handling, platform independence, interoperability, and so on.
Service Consumer: It is a human or a system that uses service(s) supported by SOA and
which has a valid entry in the service registry.
Service Registry: It is the connection between service providers and service customers. Both
the service provider and service consumer needs to register themselves to service registry
before starting communication. It is just like an information catalog that allows service
providers to discover services. The registry is constantly updated with services and their
information.

SOA components
There are three core components in a SOA communication model:

Extensible Markup Language (XML): Due to open standards and platform-independence,

SOA needs a common platform to form a mutual base of understanding. XML is at the core of
this infrastructure because:
  XML is device independent and structured way to represent the content
 XML is compatible with different data formats in different applications across multiple
platforms.
 XML is text-based which makes it natural, easily representable and flexible.
 XML is a generic language that underlies a web service. XML namespaces and XML
schemas are widely used while creating a web service.

 One-way: Messages sent without a reply required

 Request/response: The sender sends a message and the received sends a reply.
 Solicit response: A request for a response. (The specific definition for this action is
pending.)
 Notification: Messages sent to multiple receivers. (The specific definition for this
action is pending.)
 Bindings: A port is defined by associating a network address with a port type. A
collection of ports defines a service. These Services are further bind to a port using
SOAP, CORBA Internet Inter-ORB Protocol (IIOP), Service (JMS) and other
protocol architectures.

SOA Infrastructure
 Applications need the SOA infrastructure and SOA platform for successful execution
and organization.
 Core: This level performs core functions which include constructing, seeking and binding
of web services.
Platform: This level is where the World Wide Web services are developed using some
programming languages like J2EE and .NET.
QoS: This level tests if the evolved web service supports value of service.
Need of SOA
 Reduced cost:
 Reengineering and reusability adds value to core investments
 Faster integration, agile and long-term value of interoperability
 Scalability:
 Scalable and evolvable systems
 Rapid scale up and scale down as per organizational needs
 Platform independence and compatibility with heterogeneous environment:
 Semantic message-oriented interactions
 Business agility:
 Build to change
 Build and deployed incrementally
 Loosely coupled
Business Process Management (BPM)
 BPM is a dimension of operations management that emphasizes on refining and optimizing
business processes through automation.
 BPM itself is not a technology but enables technologies to operate in such a way that the
current processes get aligned to a desired and optimized state.
 Reengineering and outsourcing are examples of BPM.

Cloud computing implements BPM using the SaaS model.

BPM in the cloud can be seen as a combination of BPM PaaS and BPaaS (Business Process as
a Service)
Business Process Management Platform as a Service - BPM PaaS
Business Process as a Service-BPaaS
BPaaS represents the process outsourcing in which business processes like human resources,
payroll, expense management, and so on are provided using the web.

Benefits of BPM with cloud:

 It is cost efficient because there is no need to build a large and complicated IT
infrastructure.
 It is time efficient because lack of substantial internal infrastructure results in rapid
roll out business process management in the organization.
 It is agile in nature and enables the earlier adoption of process management.
 It automates manual flows, load balancing, exception handling and failovers.
Challenges of BPM with cloud:
 High vulnerability to external intruders; therefore, firewalls are required but with
expected quality of service.
 Service level agreements are a must to achieve dependable performance.
 Application integration: Many organizations are unwilling to use
 BPM with cloud until they completely migrate to their data over cloud.

CLOUD SECURITY
Data breaches: Data breach occurs when an unauthorized third party maliciously gains access
to data at rest in a cloud infrastructure or data in transit for compromising its integrity

Network security: Network security problems often arise when an elastic cloud infrastructure
is incorrectly configured or experience a malicious-denial-of-service attack or unauthorized
access leading to data leakage.

Data locality: Cloud service consumers are not aware of where their data is stored due to
virtualization.

Data access: Data accessibility is the ability of cloud service customers to be able to gain
authorized access to their subscribed services anywhere and at any time. However, strong
identity management and access control schemes must be implemented for user authentication
before access to the massive cloud resources is granted.

System vulnerabilities: Vulnerabilities of the system are exploitable program bugs in the
operating system that can be exploited by attackers to gain full access to the host computer.

Account hijacking: This involves the stealing and using of the account details of a legitimate
user for disreputable purposes using techniques like fraud and phishing.

Malicious insiders: These are past or present malicious insiders like system administrators,
former employees, business partners or a third-party contractors with high-level of access to
potentially private, sensitive information and critical systems leading to a serious data breach.

The advanced persistent threats: This is a stealthy computer network attack in which
multiple assault code are injected into a vulnerable system at entry points
Permanent data loss: This can be due to natural disaster, total hardware failure, unintentional
cancellation by clients or support staff at the service providers' end or psychological militant
assault.

Shared technology, shared dangers: Vulnerability and misconfigured components or weak

isolation properties of a cloud services' component in a shared multi-tenant cloud system

Compromised credentials and broken authentication: Many cloud applications are

equipped towards clients' collaborations, thereby releasing open cloud administrations to
pernicious clients.

Hacked interfaces and Application Programming Interface (API): APIs and user interfaces
are the fundamental backbones of cloud system connections and interaction among clients and
the elastic computing systems. Cloud APIs' Internet Protocol (IP) addresses expose the
association between clients and the cloud, so securing APIs from corruption or human mistakes
is pertinent to cloud security.

Cloud computing security architecture

Cloud CIA security model

Due to the multi-tenancy structure of the cloud computing system, cloud data is highly
vulnerable to a number of security threats. The major challenges of cloud resources are
confidentiality, integrity and availability (CIA).

Data confidentiality
Data confidentiality refers to the ability to share sensitive data between a numbers of users
without violating the privileges granted by the data owner to each of the targeted user.

Data integrity
Data integrity refers to the process of ensuring that cloud users' data is protected from
unauthorized modification

Data availability
This characteristic indicates that rightful owners of data, in this case, cloud service consumers,
can seamlessly gain access to their data, and they are not denied access erroneously or due to
malicious attacks by any entity. A Denial of Service (DoS) attack is the main threat to data
availability.

The security architecture of cloud computing is the most critical and fundamental determinant
of the level of security that would be experienced in the entire cloud computing ecosystem.

User Layer
The user layer consists of several components, including programming, cloud applications,
tools, and environments.
Common security implementations at the user layer include, but are not limited to, Browser
Security, Authentication and Security-as-a-Service.
Service Provider Layer
At the service provider layer, the important constituent components include resource
provisioning, SLA Monitor, Scheduler & Dispatcher, Metering, Load Balancer,
Accounting, Policy Management and Advance Resource Reservation Monitor.

Security concerns in the service provider layer include Data transmission, Privacy, People
and Identity, Infrastructure management, Audit and Compliance, Cloud integrity and
Biding Issues.

Virtual Machine Layer

Virtual machine layer security considerations include cloud legal and regulatory issues, VM
Escape, VM Sprawl, Infrastructure, Identity and Access management as well as separation
between customers and others.

Infrastructure-as-a-Service (IaaS) layer

However, key security concerns in this layer are physical security, Secure data at rest, and
Security: Network and Server.

Service provider security issues

Identity and access management (IAM)
IAM involves the Authentication, Authorization and Auditing (AAA) of users accessing cloud
services.
The private data center perimeter is secured via network security controls that include virtual
private networks (VPNs), intrusion prevention systems (IPSs), intrusion detection
systems (IDSs) and multifactor authentication
Privacy
An effective assessment strategy must be formulated to cover identity management, data
protection, secure operations, privacy, and other issues related to security and legal aspects.

Securing data in transmission

During transmission using secure socket layer protocols to verify. Integrity and confidentiality
of data in transmission

User identity
Provide the capability for the users to easily and efficiently use single sign-on logons for both
the cloud and internally-hosted applications

Audit and compliance

The cloud service providers (CSPs) are responsible for the monitoring, evaluation and
demonstration of the degree of compliance

Cloud Integrity and Binding Issues

An important requirement in the cloud computing ecosystem is to coordinate and maintain
instances of virtual machines (IaaS) or explicit service execution modules (PaaS).

Flooding attacks
A flooding attack causes the server's hardware resources to become completely exhausted such
that the same hardware system is unable to perform any intended tasks. Cloud Computing
pprovides a dynamic adaptation of hardware requirements to the actual workload by using
virtual machines.

Accounting and accountability

Accounting and accountability is a significant cost-effective motivator to adopt cloud services.
As customers are charged based on the actual usage of cloud services

Security issues in virtualization

A virtual machine (VM) is a software implementation of a physical machine that executes

programs and processes users' data.

Virtual machine escape

VM escape is a security situation which occurs when a total system failure is experienced due
to improperly configured virtual machines. The other potential risk associated with
virtualization is Rogue Hypervisors. A hypervisor is a component of the virtual machine that
enables host isolation and resource sharing.

VM security recommendations (best practices security techniques)

Hardening the Host Operating System. Using Encrypted Communications is to provide secure
communications via cryptography techniques like Secure Shell (SSH), Transport Layer
Security (TLS), Secure HTTP (HTTPS) and encrypted Virtual Private Networks (VPNs)

Separation between users

Separation between a cloud provider's users to avoid intentional or inadvertent access to
sensitive information
Cloud legal issues
A cloud provider must be aware of strong policies that address regulatory and legal issues

Datacenter (infrastructure) security issues

It is pertinent to capture the datacenter security solutions

Securing data-storage
Cloud data storage' security concerns include the manner in which data is accessed and stored,
notification requirements, audit requirements, compliance, issues involving the cost of data
breaches and damage to brand value

Network and server

Server-side protection: Virtual servers and applications are required to be secured in IaaS
clouds physically and logically

Securing the hybrid cloud

A hybrid cloud is a composite cloud infrastructure consisting of a private cloud composed with
another organization's public cloud

Privacy issues in the cloud and mitigation strategies

Personally identifiable information (PII): These are information that have close connections
with the name or address of any individual which could be used to identify or locate people or
information that can be potentially correlated with the other information

Sensitive information: These are private information that can be used to describe a
person or way of life. These include health records, religion or race, sexual orientation,
union membership, and so on.

Usage data: Usage data is data that is collected from computer devices like printers and
behavioral information such as viewing habits for digital content, users' recently visited
websites or product usage history.

Unique device identities: The other types of information that can be uniquely traceable
to a user device are IP addresses, Radio Frequency Identity (RFID) tags, and unique
hardware identities.

The main privacy risks and stakeholders are as follows:

The cloud service user: Being forced or persuaded to be tracked or give personal information
against their will, or in a way in which they feel uncomfortable.

Organization using the cloud service: Failure to comply with business policies and
legislation, credibility and loss of reputation.

Developers of cloud platforms: Exposure of sensitive information stored on the platforms

(potentially for fraudulent purposes), loss of reputation and credibility, lack of user trust, legal
liability and take up.
Cloud service providers: Loss of reputation, legal non-compliance, 'function creep' using the
personal information stored on the cloud.

The data subject: Exposure of personal information

Performance monitoring and management of cloud services

Amazon CloudWatch: Amazon CloudWatch is a proprietary monitoring solution for Amazon
Web Services (AWS). This solution makes easy management of basic metrics such as storage
and processing possible.

Private Cloud Monitoring Systems (PCMONS): PCMONS is an open source monitoring

solution developed for private clouds. It uses an integration layer to grant homogeneous access
to managers (administrators, services providers, cloud service brokers, and so on) and users
(cloud service consumers) that manipulate resources in a cloud.

Cloud Management System (CMS): CMS leverages on RESTful Web Services to provide
monitoring services.

Runtime Model for Cloud Monitoring (RMCM): RMCM is designed to monitor resources
through abstract models which allow possible homogeneous handling of heterogeneous
resources.

Flexible Automated Cloud Monitoring Slices Flex-ACMS is a composite and comprehensive

cloud monitoring solution resulting from a rich integrated set of monitoring solutions.

Legal issues in cloud computing

Governing law and jurisdiction: This is often liable and governed within the service provider's
country.

Data location: Issues related to data storage locations must be addressed directly within the
contract by the cloud service provider and the customer.

Privacy and confidentiality: Most often, data are used for a specific purpose for which they
are collected.

Data security: Independent specific security standards should be used to replace relative cloud
service providers envisioned reasonable or industry-standard security provisions in the contract
to realize greater level of security.

Data access for E-discovery: This contract is expected to exhibit the architecture of the service
being provided.

End-users responsibility: In a situation where the cloud subscriber makes end users of the
service to abide to the terms and agreements of the cloud service provider and customer, a
liability of the third-party usage of the system

Inappropriate and unauthorized usage: In an attempt made by the service providers to place
the responsibility of monitoring and preventing inappropriate and unauthorized usage
End-users' account suspension: Service providers can suspend the customer's end-users'
account at their will on the violation of some terms and conditions.

Emergency security issues: Service providers may have legislation laws inserted to suspend
without notice, a provisioned service, in the event that an unethical use of such a service causes
an emergency issue.

Service suspension and termination: Service providers have the reserved right to suspend a
service or to even terminate a service in the event of specified events.

Data ownership: The service contract between the service provider and the consumer is
expected to explicitly state that all data

Publicity: The service provider may request to use the customer's name, logos or trademarks
for the service providers' own advertisement purpose

Service Level Agreements (SLAs): Guarantees for the service provision

Disclaimer of warranty: The service contract is expected to guarantee that the provided
service operates correspondingly to its specifications without breaching the rights of any third
party

Customer indemnification: Some service provider contracts require indemnification for the
service provider

Vendor indemnification: Service provider contracts rarely outline any indemnification that
benefits the customer

Contract modifications: The cloud service consumer must ensure that the rights of the service
providers to modify services

URL terms incorporation: Beyond advertised contract terms advertised on the service
provider's website and other related avenues, legal information should rather be maintained
within the confines of the service contract

Automatic renewal: It is expected of a service contract to provide advanced notice of any

changes to terms and conditions in the renewal.

Risk management process for cloud consumers

A high level of cloud-related security and privacy controls helps organizations to make sound
decisions in the face of an incident.

Requirement for risk management in ISO/IEC 27001

It is required for an organization to define and apply an information security risk assessment
process that:

 Establishes and maintains information security risk criteria

  Ensures consistent output of risk assessments
 Identifies respective information security risks and risk players
 Analyzes consequences and possibilities of the risks
 Evaluates and prioritizes the risks for mitigation
 There is a category of risks associated with the adoption of cloud services that include
data privacy, availability, service provisioning, malicious activities, and regulatory
compliance risks.
Data privacy risks in the cloud
Data privacy risks include those associated with access control, internal segmentation, sub-
contractors, data ownership, e-discovery, data censorship and encryption.
Access control:
When an organization decides to move corporate data and/or documents to an external cloud
environment, there is a high risk.
To manage this risk
 Grant data/files access to only personnel
 Run background checks on such personnel
 Maintain proper records of approval and removal of internal access to the data
 Review and monitor data access
 Conduct essential training for internal staff on data protection requirements
Internal segmentation:
This is a data disclosure risk of likely occurrence between two or more organizations when the
vulnerabilities associated with improper structuring and configuration of the data architecture

To manage this risk

 Practice internal walls/segmentation between the data of different organizations
 Audit data storage to ensure effective implementation of internal barriers
 Monitor the cloud provider for compliance to these risk mitigation strategies

Sub-contractors:
A number of cloud service providers with multiple layers of cloud services usually engage in
subletting cloud provisioning to support the services of other cloud providers

To manage this risk

 Discuss how to provide the identities of all sub-contractors with the cloud service
provider in order to monitor their compliance status.
 Reach a contractual agreement with the service provider to ensure that the serial
service providers associated with the organization's cloud service provisioning
adhere to compliance requirements.
 Ensure that the service provider puts a vendor management program in place to
track the compliance of its vendors.
 Monitor the service provider's compliance with the vendor management program
requirements.
Data ownership:

Most cloud service providers usually place ownership claims, usage and redistributable rights
over consumers' data being hosted.
 To manage this risk

 Emphasize on the primacy of its data ownership rights and ensure it is

acknowledged by the service providers.
 Contractually bind the service provider to use organization data within the agreed
limit.
 Contractually bind the service provider to return and delete the organization's data
when the period of their contract terms expires.
E-Discovery:
Organization data hosted by a cloud service provider is potentially prone to e-
discovery
To manage this risk

 Contractually bind the service provider to inform the organization of any required
legal disclosure that may compromise the organization's data via e-discovery.
 Make internal arrangements to tackle e-disclosure needs if it arises.
Data censorship:

Unacceptable delays on the part of an organization (cloud consumer) are often experienced
when changes are required to be made to an organization's data when the cloud providers hold
the right to audit and censor any data to the host.

To manage this risk

 Contractually identify and assess conditions for such activities to hold any
supported process from the service provider.
 Request to be notified of such activities by the service provider
Encryption:
Some uncommon cloud services are hyped to meet specific regulatory requirements,
including data encryption

To manage this risk

 Adopt the use of encryption-free cloud data services only.
 Select and validate such that a cloud service provider is encryption compliant and
with appropriate encryption controls that are often assessed.
 Ensure that the appropriate key management practices for encryption support are
available.
Availability risks
Service degradation:
The external services offered by a cloud provider are provided via internet connections.
To address this risk, the organization can:
 Ensure cloud services are only used for applications that are not affected by
degradation of service.
 Use alternate carriers to obtain redundant lines to the service provider to secure
alternate connecting lines to the service.
 Implement relevant and sustainable alternatives for services during periods of
service degradation.
 Service outage:
In case service outages arise. To address this risk, the organization should do the
following:
 Validate that the provisioned service by the service provider has sufficient
capacity and multiple service sources to reduce outages
 Establish a SLA with the service provider on the minimum acceptable
availability performance levels with contractual penalties for non-compliance
 Ensure that the established level of service availability is proportional to
business productivity
 Validate that the service provider executes a proactive backup program and
recovery plan
 Validate that the service provider recovery plan is tested regularly
 Confirm the availability of alternative service options at moments of non-
availability of service
 Implement relevant and sustainable alternatives for services during an outage
Service provisioning risks

Service changes:
Possibility is high that an organization might me unable to gain access to its data or to
its cloud services
To manage this risk:
 For possible event of service changes, contractually demand for a specified
minimum period of prior notice.
 Confirm the availability of alternative service options that can be used on
needs.
 Keep an updated internal copy of the data for emergency use.
Cost changes:
Due to possible cost changes to cloud services over time, the essence of cloud
adoption might become risked.
To address this:
 Ensure that the service contract contains information regarding the service costs and
potential changes.
 Assess the cost/benefit/risk trade-offs of the relationship during each contract
renewal.
Malicious activity risks:
The fact that the cloud service providers operate in the open internet makes their
cloud environments and services rich targets for attacks through their website portals.
To manage this risk:
 Ascertain that the service provider adheres to recommended security best practices
 Ascertain that appropriate vulnerability and penetration tests are conducted
 Ensure that proper auditing of these tests is conducted by the service provider