CS439 - Cloud Computing

Introduction
 Cloud computing
• Uses Internet technologies to offer scalable and
elastic services
 “Elastic computing” refers to the ability of dynamically
acquiring computing resources and supporting a variable
workload
• Resources used for such services can be metered
 Users can be charged only for the resources they used
• Service provider ensures the maintenance & security

• Service providers can operate

more efficiently due to
 Specialization
 Centralization
 Cloud computing
• Lower costs for the cloud service provider are
passed to the cloud users

• Data is stored
 Closer to the site where it is used
 In a device
 In a location-independent manner

• The data storage strategy can

 Increase reliability
 Increase security
 Decrease communication costs
Cloud Services
Cloud Services Models

Softwar Saa
e S
Platfor Paa
m S
Infrastructu Iaa
re
Databases S
DBaaS

Also known as cloud delivery models.

 Software-as-a-Service (SaaS)
• Applications are supplied by the service provider
 User does not manage or control the underlying cloud
infrastructure or individual application capabilities
• Potential Services:
 Enterprise services: workflow management, group-ware
& collaborative, supply chain, communications, digital
signature, customer relationship management (CRM),
desktop software, financial management, geo-spatial, and
search
 Web applications: metadata management, social
networking, blogs, wiki services, and portal services
• Not suitable for real-time applications or for those
where data is not allowed to be hosted externally
• Examples:
 Gmail, Google search, Google Docs
 Platform-as-a-Service (PaaS)

• Allows a cloud user to deploy consumer-created or

acquired applications using programming
languages and tools supported by the service
provider

• The user:
 Has control over the deployed applications and, possibly,
application hosting environment configurations.
 Does not manage or control the underlying cloud
infrastructure including network, servers, operating
systems, or storage.

• Not particularly useful when:

 The application must be portable.
 Proprietary programming languages are used.
 The hardware and software must be customized to improve
the performance of the application.
 Infrastructure-as-a-Service (IaaS)
• User is able to deploy and run arbitrary software,
including operating system (OS) and applications

• The user does not manage or control the underlying

cloud infrastructure but has control over OSs,
storage, deployed applications, and possibly limited
control of some networking components, e.g., host
firewalls.

• Services offered by this delivery model include:

 server hosting, Web servers, storage, computing hardware,
operating systems, virtual instances, load balancing, Internet
access, and bandwidth provisioning
 Databases-as-a-Service (DBaaS)
• In DBaaS, database runs on the CSP infrastructure.
• DBaaS offers distinct advantages, like:
 instantaneous scalability, performance guarantees, specialized
expertise, latest technology, failover support, and declining
pricing.
• Most relevant features of the DBaaS model are:
1. Self-service—Service provisioning without major
deployment or configuration and without performance and
cost penalties.
2. Device and location-independent - Abstract database
resources without concern for hardware utilization.
3. Elasticity and scalability—Automated and dynamic
scaling.
4. Pay-as-you-go model—Metered use of resources and cost
reflecting the resources used.
5. Agility—Applications adapt seamlessly to new technology or
additional requirements.
 Databases-as-a-Service (DBaaS)
• Cloud DBaaS uses a layered architecture, with
following layers:
1.User interface layer supports access to the service via
the Internet.
2.Application layer is used to access software services and
storage space.
3.Database layer provides efficient and reliable database
service; it saves time for querying and loading data by
reusing the query statements residing in the storage.
4.Data storage layer encrypts the data when stored without
user involvement; backup management and disk monitoring
are also provided by this layer.

• Multi-tenancy is integral part of the DBaaS model.

 However, multitenancy often poses resource management
and security challenges.
Cloud Services Models Infrastructure as a Service

Presentation

API

Applications

Platform as a Service Data Metadata

Integration and Integration and

Software as a Service middleware middleware

API API API

connectivity

connectivity
Abstraction

Abstraction
connectivity
Abstraction

Core

Core
Core

Hardware Hardware Hardware

Facilities Facilities Facilities

Shared security responsibility (SSR) model

Bold: Cloud Service

Provider
Normal: Cloud user
 Future View of Cloud Services Models

• Cloud delivery models will continue to coexist for the

foreseeable future.
• Services based on SaaS will probably be increasingly
more popular because they are more accessible to
lay people.

• Services based on the IaaS will be the domain of

computer-savvy individuals, large organizations, and
the government.
 If the standardization effort succeeds, then IaaS might be
designed to migrate from one infrastructure to another and
overcome the concerns related to vendor lock-in.

• The popularity of DBaaS services is likely to grow.

 Infrastructure as Code (IaC)
• IaC is used to automate the provisioning of cloud
infrastructure, i.e.,
 Manage servers, operating systems, database connections,
storage, and other infrastructure elements.
• Code is written by using a a high-level descriptive
language like YAML.
• For the functional or declarative IaC approach, a
skilled administrator specifies the desired final state
of the infrastructure, and the IaC software handles
the rest, e.g.
 Spinning up the virtual machine (VM) or container,
 Installing and configuring the necessary software,
 Resolving system and software interdependencies, and
 Managing versioning.
• The procedural IaC approach automates provisioning the
infrastructure one step at a time
 Infrastructure as Code (IaC)
• IaC takes advantage of virtualization and cloud
native development to allow developers provision
their own virtual servers or containers on demand.

• A cloud native application consists of discrete,

reusable components, called Microservices
 Microservices act as building blocks, often packaged in containers,
and designed to integrate into any cloud environment.

• Microservices can be independently scaled,

continuously improved, and quickly iterated
through automation and orchestration processes.
 Infrastructure as Code (IaC)
• Most used IaC tools are Ansible and Terraform.
• Ansible is an open-source IT automation engine, used
to improve scalability, consistency, and reliability of IT
environment.
• Ansible supports:
 Provisioning
 Configuration management,
 Application deployment using DevOps.
• Terraform automates resource management across
multiple providers
 Regardless of where physical servers, DNS servers, or
databases reside and provisions applications written in any
language.
• Terraform creates an execution plan to generate a
graph of all resources and parallelizes creation and
modification of any non-dependent resources.
 Types of Clouds
• Public Cloud
• Private Cloud
• Community Cloud
• Hybrid Cloud
 Public Cloud
• Owned by the organization selling cloud
services
• Made available to the general public, or a
large industry group
• IaaS, PaaS, or SaaS for anyone to use
• Built for general-purpose deployment
• Public APIs
• Major players
 AWS, GCP, Azure, IBM
 Private Cloud
• Built and managed by an organization for itself
• Purpose-built for its own services
• Custom APIs
• Handles critical/custom services
• Might holds critical data
 Legal reasons
 Security concerns
• Major players
 Google
 Facebook
 Microsoft
 Baidu
 Community Cloud
• Shared by several organizations

• Supports a community that has

shared concerns
 Hybrid Cloud
• Composition of two or more
clouds (public, private, or
community)

• Bound by standardized
technology that enables
data and application
portability
 Benefits of cloud computing

• Resources are shared

 CPU cycles, storage, network bandwidth

• Multiplexing leads to a higher resource

utilization
 When multiple applications share a system, their peak
demands for resources are not synchronized

• Resources can be aggregated to support

data-intensive applications

• Data sharing facilitates collaborative

activities
 Many applications require multiple types of analysis of
shared data sets and multiple decisions carried out by
groups scattered around the globe
 Benefits of cloud computing

• Minimal investment cost

 Eliminates the initial investment costs for a private
computing infrastructure and the maintenance and
operation costs

• Cost reduction
 Concentration of resources creates the opportunity to pay
as you go for computing

• Elasticity
 Ability to accommodate workloads with very large peak-to-
average ratios

• User convenience
 Virtualization allows users to operate in familiar
environments rather than in idiosyncratic ones
 Challenges for cloud computing
• Availability of service
 Users expect services to be available
 Associated Cost
■ Lost revenue
■ Lost engagement

Source: Skybox terms of service:

http://skyboxinnovations.com/terms-of-service/

■ Service level agreements (SLAs):

■ P50 or P95 latencies
■ Cost for not meeting levels
 Challenges for cloud computing
• Value of Service
 Users also expect services to stay relevant and
provide value
■ Continuously changing requirements from users
■ Important for services to stay relevant
 Challenges for cloud computing
• User Engagement
 Services providers need to keep their users
engaged

Relevant User
services engagement

Revenu
e
 Challenges for Cloud Computing
• Standardization
 Diversity of services, data organization, user interfaces
available at different service providers limit user mobility;
once a customer is hooked to one provider it is hard to
move to another

• Performance unpredictability
 One of the consequences of resource sharing.
 How to use resource virtualization and performance
isolation for QoS guarantees?
 How to support elasticity, the ability to scale up and down
quickly?
 Challenges for Cloud Computing

• Data transfer bottleneck

 Many applications are data-intensive.

• Resource management
 Are self-organization and self-management the solution?

• Security and confidentiality

 Major concern

Addressing these challenges provides good research

opportunities!!
 Cloud Computing – Holistic View

Delivery models
Software as a Service (SaaS) Deployment models
Platform as a Service (PaaS) Public cloud

Infrastructure as a Service (IaaS) Private cloud

Community cloud
Hybrid cloud

Cloud computing
Infrastructure
Distributed infrastructure
Defining attributes
Resource virtualization
Massive infrastructure
Autonomous systems
Utility computing. Pay-per-usage
Resources
Accessible via the Internet
Compute & storage servers
Networks Services Elasticity

Applications
 Cloud activities

• Service management and provisioning

including

 Virtualization
 Service provisioning
 Call center
 Operations management
 Systems management
 QoS management
 Billing and accounting, asset management
 SLA management
 Technical support and backups
 Cloud activities

• Security management including:

 ID and authentication
 Certification and accreditation
 Intrusion prevention
 Intrusion detection
 Virus protection
 Cryptography
 Physical security, incident response
 Access control, audit and trails, and firewalls
 Cloud activities

• Customer services such as:

 Customer assistance and on-line help

 Subscriptions
 Business intelligence
 Reporting
 Customer preferences
 Personalization

• Integration services including:

 Data management
 Development
 NIST cloud reference model
Carrier

Service
Consumer Service Provider Broker

Service Layer Service

Management Intermediation
SaaS
S P
PaaS
IAAS
Business e r
Auditor support
IaaS c i
Security
u v
Aggregation

audit Resource r a
abstraction and Provisioning i
control layer c
Privacy t y
impact audit Physical resource
y
layer Arbitrage
Portability/
Hardware Interoperability
Performance
audit
Facility

Carrier
https://bigdatawg.nist.gov/_uploadfiles/M0008_v1_7256814129.pdf
 Ethical issues

• Paradigm shift with implications on

computing ethics:
oThe control is relinquished to third party
services
oThe data is stored on multiple sites
administered by several organizations
oMultiple services interoperate across the
network
• Implications
oUnauthorized access
oData corruption
oInfrastructure failure, and
oservice unavailability
 De-perimeterisation
• Systems can span the boundaries of multiple
organizations and cross the security borders

• Complex structure of cloud services can make it

difficult to determine who is responsible in case
something undesirable happens

• Identity fraud and theft are made possible by the

unauthorized access to personal data, also pose a
danger to cloud computing
 Privacy issues
• Cloud service providers have already collected
petabytes of sensitive personal information stored
in data centers around the world.

• Acceptance of cloud computing will be determined

by privacy issues addressed by these companies
and the countries where the data centers are
located.

• Privacy is affected by cultural differences:

 Some cultures favor privacy.
 Others emphasize community.
 This leads to an ambivalent attitude towards privacy in the
Internet which is a global system.
 Cloud vulnerabilities

• Clouds are affected by malicious attacks and

failures of the infrastructure, e.g., power
failures
• Such events can affect the Internet domain
name servers and prevent access to a cloud
or can directly affect the clouds:
o In 2004 an attack at Akamai technologies, caused a
domain name outage and a major blackout that affected
Google, Yahoo, and other sites.

o In 2009, Google was the target of a denial of service

attack which took down Google News and Gmail for
several days.

o In 2012, lightning caused a prolonged down time at

Amazon.