Leveraging Cloud for mission

critical and Enterprise-wide

Applications

by:
Mahabir Parshad Singhal
Cloud Computing
• Cloud computing is the delivery of dynamically scalable and often
virtualized computing resources—everything from applications to data
centres—’as a service’ over the Internet or intranet on a flexible pay-for-
use basis.
• From an IT perspective, cloud computing offers an infrastructure
management and services delivery that leverages:
● Virtualized resources
● Ability to manage as a single large resource
● Services delivered with elastic scaling
• According to NIST (National Institute of Science & Technology) US,: “Cloud
Computing is a model for enabling convenient, on-demand network access
to a shared pool of configurable computing resources (e.g., networks,
servers, storage, applications, and services) that can be rapidly provisioned
and released with minimal management effort or CSP interaction.”
Cloud Computing
As per ITU-T Y.3500 – “Cloud computing is a paradigm for enabling
network access to a scalable and elastic pool of shareable physical or
virtual resources with self-service provisioning and administration on-
demand.
The cloud computing paradigm is composed of the following key
characteristics –
• cloud computing roles and activities,
• cloud capabilities types and
• cloud service categories,
• cloud deployment models, and
• cloud computing cross cutting aspects”
Cloud Computing
• Cloud is a disruptive technology which influences across all aspects of
a modern economy.
• Cloud’s emergence, as a catalyst for continual innovation across both
business and IT, offers a user experience and business model that
provides:
• Standardized, self-service offerings that enable efficiency
• Rapidly provisioned services that create agility
• Flexible pricing that can enable innovation
• Cloud can deliver security-rich IT with fewer boundaries. But more
importantly, it can enable rapid delivery of product and service
innovation.
Cloud Computing Characteristics
Essential Characteristics:

On Demand Self-Service
Broad Network Access Rapid Elasticity & Scalability
Resource Pooling Measured Service

Common Characteristics:

Multi-tenancy Resilient Computing

Homogeneity Geographic Distribution

Virtualization Service Orientation

Low Cost Software Advanced Security

Characteristics of the Cloud Computing
• Shared Infrastructure — Uses a virtualized software model, enabling the sharing of physical
infrastructure, storage, and networking capabilities. The cloud infrastructure seeks to make the most of
the available infrastructure across a number of users.

• Multi-tenancy. A feature where physical or virtual resources are allocated in such a way that multiple
tenants and their computations and data are isolated from and inaccessible to one another.

• Dynamic Provisioning — Allows for the provision of services based on current demand requirements,
which is done automatically using software automation, enabling the expansion and contraction of
service capability, as & when needed. This dynamic scaling needs to be done while maintaining high
levels of reliability and security.

• Broad Network Access — Needs to be accessed across the Internet from a broad range of devices such
as PCs, laptops, and mobile devices, using standards-based APIs from anywhere. Deployments of
services in the cloud include everything from using business applications to the latest application.

• Managed Metering — Uses metering for managing and optimizing the service and to provide reporting
and billing information. Consumers are billed for services according to how much they have actually
used during the billing period.

Cloud computing allows for the sharing and scalable deployment of services, as needed,
from almost any location, and for which the customer can be billed based on actual usage
Service Models
Cloud Service Models
End-user application is delivered as a service.
Platform and infrastructure is abstracted, and can
Software as a Service (SaaS) deployed and managed with less effort.

Application platform onto which custom

applications and services can be deployed. Can
be built and deployed more inexpensively,
Platform as a Service (PaaS) although services need to be supported and
managed.

Physical infrastructure is abstracted to provide

computing, storage, and networking as a service,
Infrastructure as a Service (IaaS) avoiding the expense and need for dedicated
systems.
 Cloud Service Models
Software as a Service Platform as a Service Infrastructure as a
(SaaS) (PaaS) Service (IaaS)

SalesForce CRM

LotusLive

Google App
Engine

9 Adopted from: Effectively and Securely Using the Cloud Computing Paradigm by peter Mell, Tim Grance
Cloud Service Models
Further there can be addition Service Models of Cloud Computing
(Derivatives)
• Communications as a Service (CaaS). A cloud service category in which
the capability provided to the cloud service customer is real time
interaction and collaboration;
• Compute as a Service (CompaaS). A cloud service category in which the
capabilities provided to the cloud service customer are the provision and
use of processing resources needed to deploy and run software;
• Data Storage as a Service (DSaaS). A cloud service category in which the
capability provided to the cloud service customer is the provision and use
of data storage and related capabilities;
• Network as a Service (NaaS). A cloud service category in which the
capability provided to the cloud service customer is transport connectivity
and related network capabilities;
Deployment Models
Deployment Models
l Private Cloud:
- The cloud is operated solely for an organization. It may be
managed by the organization or a third party and may exist
on premise or off premise.
l Community Cloud:
- The cloud infrastructure is shared by several organizations and supports
a specific community that has shared concerns.
- It may be managed by the organizations or a third party and may exist
on premise or off premise. This may help to limit CAPEX for its
establishment as the costs are shared among the organizations.
 Deployment Models Contd.
l Public Cloud:
- The cloud infrastructure is made available to the general public or a
large industry group and it is owned by an organization selling cloud
services on a commercial basis.

l Hybrid cloud:
- The cloud infrastructure is a composition of two or more clouds
(private, community, or public). The clouds have the ability through
their interfaces to allow data and/or applications to be moved from one
cloud to another.
Deployment Models Contd.
Cloud Architecture

15
Benefits of Cloud Services
• Cost Savings — Companies can reduce their capital expenditures and use operational
expenditures for increasing their computing capabilities. This is a lower entry barrier and also
requires fewer in-house IT resources to provide system support.

• Scalability/Flexibility — Companies can start with a small deployment and grow to a large
deployment fairly rapidly, and scale back if necessary. Also, the flexibility of cloud computing
allows companies to use extra resources at peak times dynamically, enabling them to satisfy
consumer demands.

• Reliability — Services using multiple redundant sites can support business continuity and disaster
recovery.
• Maintenance — Cloud service providers do the system maintenance, and access is through APIs
that do not require application installations onto PCs, thus further reducing maintenance
requirements.
• Mobile Accessible — Mobile workers have increased productivity due to systems accessible in an
infrastructure available from anywhere.
• Big Data: The new computing ecosystem world is by essence creating a huge amount of data.
While some see this deluge of data as a challenge in terms of storage and management, the
reality lies in the opportunity that resides in this data if one could mine it and transform it into
sources of information and intelligence.
Benefits of Cloud Services (Contd..)
• Cloud Computing makes any smartphone “Smarter”. These smart devices with
some small storage and small computing power act as front ends to large scale
data centers which provide all sorts of services in real time may it be Voice,
“Apps”, language translators, personal assistants, etc.

• Cloud Computing will help to address some of the pressing human challenges
such as energy or environmental issues and new generations of drugs testing or
genomic research in an accelerated manner.

• The combination of mobility, connectivity, smarter search, social computing etc.,

allowed by Cloud innovators will come up with new ideas to help any company
digitally transform, innovate and bring new unprecedented work scenarios to
their employees and services to their clients.

• Cloud Computing will help governments become more flexible and agile by
delivering new services quickly at very low cost, reducing the risk of failure.
Benefits of Cloud Services (Contd..)
• More than ever, governments and businesses are expected to deliver services to
their clients the way the client want to consume them – on their preferred
device, anywhere any time.
• Businesses must innovate, differentiate from competitors, bring new products
and services to market faster, and connect to their clients in new ways.
• Governments are expected to meet their constituencies’ needs and expectations,
while at the same time controlling budgets and cutting costs.
• Governments must make smart decisions, based on real insight from their
constituencies, act fast, and become agile and flexible to efficiently serve.
• Cloud Computing enables cost reduction, flexflibility, agility, scale, and
innovation.
Challenges of Cloud
• Security and Privacy — The most CRITICAL issues which generally attributed to slowing the
deployment of cloud services are relate to storing and securing data, and monitoring the use of
the cloud by the service providers. These challenges can be addressee, by storing the
information internal to the organization, but allowing it to be used in the cloud. The security
mechanisms between organization and the cloud need to be robust and a Hybrid cloud could
support such a deployment.

• Lack of Standards — Clouds have documented interfaces; however, no standards are associated
with these, and thus it is unlikely that most clouds will be interoperable. The Open Grid Forum
is developing an Open Cloud Computing Interface to resolve this issue and the Open Cloud
Consortium is working on cloud computing standards and practices. DoT / TRAI has mandated
TSDSI to develop the Cloud Interoperability & Portability Standards for India.

• Continuously Evolving — User requirements are continuously evolving, as are the requirements
for interfaces, networking, and storage. This means that a “cloud,” especially a public one, does
not remain static and is also continuously evolving.

• Government Regulatory Compliance Concerns — The SOX Law in the US and Data Protection
directives in the EU are just two among many compliance issues affecting cloud computing,
based on the type of data and application for which the cloud is being used. In India, TRAI / DoT
is in the process of framing the policy on Cloud Computing.
Cloud Interoperability and Portability
• Interoperability can be defined as a measure of the degree to which diverse systems or
components can work together successfully. More formally, IEEE and ISO define interoperability
as the ability for two or more systems / applications to exchange information and mutually use
the information that has been exchanged.
Interoperability aspects of a cloud service mainly relate to the three interfaces between the
customer systems and the cloud service – the functional, admin and business interfaces.

• Portability is about the ability of a customer to move and suitably adapt their applications and
data between their own systems and cloud services, and between cloud services of different
cloud service providers and potentially different cloud deployment models. Portability is
differentiated into two separate areas: cloud data portability and cloud application portability:
• Interoperability and Portability Challenges
The interfaces and APIs of cloud services are not standardized and different providers use
different APIs for what are otherwise comparable cloud services.
CLOUD & Mission Critical Applications
• According to the survey by Harvard Business Review Analytic
Services – “the Cloud must also support mission-critical
operations, those ones which are essential in disaster planning,
maintaining high availability and scalability. However, the same
report states that “the greatest barrier for mission-critical
applications is security”.
 Cloud
Application in
Use*

Business applications are by far the most Learning Management and Education
popular for cloud migration. Delivery is applications has been
migrated to cloud by more respondents
Software development and testing is than either Scientific Computing or HPC
more popular compared to Business & Parallel Computing.
*Source: A joint study conducted by CCICI &
IIM Bengaluru Intelligence and Analytics.
Standardization Work done by ITU
Recommendation ITU-T X.1601 (2014) - Security framework for cloud computing
Recommendation ITU-T Y.3300 (2014) - Framework of software-defined networking
Recommendation ITU-T Y.3500 (2014) - Cloud computing ─ Overview and Vocabulary
Recommendation ITU-T Y.3501 (2013) - Cloud computing framework and high-level
requirements
Recommendation ITU-T Y.3502 (2014) - Cloud computing ─ Reference Architecture
Recommendation ITU-T Y.3510 (2013) - Cloud computing infrastructure requirements
Recommendation ITU-T Y.3511 (2014) - Framework of inter-cloud computing
Recommendation ITU-T Y.3512 (2014) - Cloud computing - Functional requirements of
Network as a Service
Recommendation ITU-T Y.3513 (2014) - Cloud computing - Functional requirements of
Infrastructure as a Service
Cloud Services - Regulatory Frameworks in India
• TRAI issued a Consultation Paper on “Cloud Computing” on 10th June 2016
https://main.trai.gov.in/consultation-paper-cloud-com.... CCICI submitted its inputs to TRAI in
response to this consultation paper along with other organisations.
• Subsequently, TRAI issued its recommendations on “Cloud Services” on 16th August, 2017 and send it
to DoT. [available on
https://main.trai.gov.in/sites/default/files/Recommendations_cloud_computing_16082017.pdf]
TRAI Recommendations on “Cloud Services” includes recommendations on :
• Legal and regulatory framework for Cloud Services,
• Overarching and comprehensive legal framework for data protection,
• Interoperability and portability,
• Legal framework for Cloud Service Providers (CSPs) operating in multiple jurisdictions,
• cost-benefits analysis, incentives for conceptualisation and implementation of cloud based
services in India, especially in government networks.
• Under legal and regulatory framework for Cloud Services, TRAI recommended to adopt ‘light
touch regulatory approach to regulate CSPs through their industry bodies’.
Accordingly, TRAI recommended that DoT may prescribe a framework for registration of CSPs’
industry body(s), which are not for profit.
Cloud Services - Regulatory Frameworks in India
• Authority further recommended that:
Ø A threshold value (based on previous financial year) may be notified by the Government from
time to time, above which all CSPs have to become member of one of the registered Industry
body for cloud services and accept the code of conduct prescribed by such body. Such
threshold may be based on either volume of business, revenue, number of customers, etc. or
combination of all these. Registered Industry body, not for profit, may charge fee from its
members, which is fair, reasonable and non-discriminatory.
Ø Industry body for Cloud Services would prescribe the code of conduct of their functioning
which shall include provisions for Adoption of a constitution towards its members,
Membership, Creation of working groups, Mandatory codes of conduct, standards or guidelines
that specifically include, Definitions, QoS parameters, Billing models, Data security, Dispute
resolution framework, Model SLA, Disclosure framework, Compliance to its codes and
standards, Compliance to guidelines, directions or orders issued by DoT, requisite information
in stipulated time-lines as and when sought by DoT/TRAI.
Ø No restrictions on number of such industry bodies may be imposed
Ø DoT may issue directions, from time to time, to such registered industry body (ies).
Ø A Cloud Service Advisory Group (CSAG) to be created to function as oversight body to
periodically review the progress of Cloud services and suggest the Government actions
required to be taken. This Advisory Group may consist of representatives of state IT
departments, MSME associations, Consumer advocacy groups, Industry experts and
representatives of Law Enforcement agencies.
Cloud Services - Regulatory Frameworks
• On 27th September 2018, DoT sought additional recommendations
from TRAI on “terms and condition of registration of industry body,
eligibility, entry fee, period of registration, and governance structure
etc”.
• TRAI reached out to CCICI formally on Jan 1, 2019 to seek our opinion
on the topic of establishing recognized Industry body for Cloud
Services in India. On our request, TRAI have sent a questionnaire so
we can respond appropriately with the information they are seeking.
The TRAI questionnaire is available at
https://drive.google.com/open?id=0B8jA8yuC-
TIUS19rNy11ZnFpLWpmS1Bub0dBb3hPVkpjdU9F,.
Questionnaire
Inputs about their own association and its practices

• What is the internal governance structure and organisational framework of your association, which may include Governance
Board, Executive Committee and Secretariat etc? If yes, please provide the details about its composition, types of members,
selection process for members and their power, rights (like voting right on any decision), roles and responsibilities.
• Whether you provide platforms for interactions among members. If yes, how members participate in meeting conducted by
your association. What rights different types of members have in such meetings?
• How dispute amongst members are being dealt. What is the general practice? Whether you have observed any trend on such
disputes and their resolutions. Who generally dominate in such meetings and outcome of dispute resolution, big size
enterprises or small & medium enterprises?
• Whether you have any rules, regulations, code and guidelines, which guide conducts of your members. How is your
association ensuring compliance of members? What Transparency and Documentation obligations are on your members?
Whether it is different for different type of members?
• Whether your association has monitoring bodies for observation of practices of your members? If yes, what are the
appointment procedure and functions of such monitoring bodies? Tell about the Transparency and documentation
obligations of Monitoring body, if any.
• Policy of Membership followed by you, which may include, membership options, benefits and responsibilities, membership
fee and their rights such as voting right in meeting & dispute resolutions etc.
• How you handle complaints from Members against the outcome of dispute resolutions, decision of Monitoring bodies and
other decision of supervisory body? Tell about the Complaint Handling and procedures followed by your association, if any.
• How you handle complaints from consumers of cloud services (enterprises/individuals) against any CSP and its compliance
with your guidelines, code or rules? Tell about the Complaint Handling and procedures followed by your association, if any.
• How your organisation manage cost of Secretariat, Monitoring Bodies and Complaint Handling System.
Questionnaire
• Inputs regarding International practices
• How cloud service providers are managed in other countries. What is the role
of Government/ Regulator and cloud services providers body in this regard.
• What are the best codes of practices followed by Cloud services providers in
other countries? How Cloud service providers’ industry bodies can ensures
compliance from members. Please cite your comments based on international
practices.
• What are the benefits/harms for any cloud service provider to join or not to
join a cloud service industry body? Please provide your inputs for both big
size enterprises and small and medium size intermediaries who provide cloud
services to consumers.
Present Status
• The matter is being perused on continuous basis with TRAI
• As learnt, TRAI is in the process of preparing the consultation paper
for public / industry consultation and expected to be released soon.