CLOUD STORAGE AND

ITS DATABASE
Unit IV CLOUD STORAGE AND ITS DATABASE
● Introduction to database servers
● Types of storages – file storage, block storage, and object storage
● Cloud Storage and database Cost Optimization
● Cloud Database Security and Compliance
● Traditional storage methods
● Cloud storage security, benefits
Introduction to Database
Servers
Introduction

● A server is a computer or system that provides services, data, programs, or resources to other
computers, known as clients. Servers can be used for many purposes, such as storing data, running
applications, and providing email services. Companies rely on digital data.
● Database servers offer companies a simple way to update, maintain and save large amounts of data. A
database server runs a database management system and provides database services to clients.
● The server manages data access and retrieval and completes clients’ requests.

https://phoenixnap.com/kb/what-is-a-database-server
https://www.indeed.com/career-advice/career-development/database-server
Database Server Definition

A database server is a type of hardware that runs database software.

Database software helps users or companies store, manage, retrieve, update or change files, information logs and other forms of digital data.

The two primary components of database servers are back-end functions and client-facing services.
The back end of a database server stores all the digital files and information.
Client-facing services allow the people or companies using that database to access, modify, add to or monitor the data stored on the server.

A company can rent a database server from a provider to store its crucial business information. Database server companies often use one
server to provide services to multiple clients.
Many businesses decide to rent databases from providers because a database server requires large memory and storage capabilities. Some
businesses may also choose to own and maintain their own database servers.

A database server consists of hardware and software that run a database.

The software side of a database server, or the database instance, is the back-end database application.
The application represents a set of memory structures and background processes accessing a set of database files.

The hardware side of a database server is the server system used for database storage and retrieval.
Database workloads require a large storage capacity and high memory density to process data efficiently. These requirements mean that the
machine hosting the database is usually a dedicated high-end computer.
What Is a Database Server Used For?

Database servers provide an easy way to store, organize and maintain large amounts of digital information. Many
companies have large amounts of data stored on their computing devices or networks, such as client information,
operational processes or financial information. By storing valuable information on a database server,
organizations can:

Access business data through multiple devices: A database server gives businesses a simple method for
accessing business intel or digital procedures through multiple devices on their network. For example, if many
employees at a company use computers, a database server can give them instant access to company files
simultaneously.

Authorize specific users to view or edit certain files: Database servers allow you to grant specific access
privileges to various users. For example, you can give all team members access to files on the company's clients, but
decide to authorize only company supervisors to view or modify financial data.

Protect sensitive and valuable company data: A database server can help improve a business' security system.
Using a database server may minimize the chances of an unexpected situation or challenge, such as a natural
disaster or a cyber threat, affecting data and digital processes.
How Does a Database Server Work?

Database servers work by containing the database storage and memory space, along with a database
management system (DBMS).
The DBMS is the application clients use to access their digital information through the database server.

When a database server client sends a specific command to the DBMS, the application then executes
the client's requested task.

Commands from a client to a database server may include updating access privileges, uploading new
information to the database server, accessing existing data from the server or changing the information
stored on the server.

Clients typically connect to database servers through a database service provider on the internet. If a
company has database servers on its premises, that business may access the database server directly
through the company's internal network.
Types of database servers (Contents beyond syllabus)

Centralized database servers: Centralized database servers operate from one specific location. Larger companies
may use a centralized database server to access the servers that control, store, organize and back up their data
directly.

Distributed database servers: Distributed database servers spread an organization's data across multiple servers.
Using more than one server to store company data can help make accessing various digital processes and
information faster and more reliable.

Operational database servers: Operational database servers function simultaneously, allowing users to update the
information on a database server immediately from any authorized device within their network. An operational
database can be a great option for companies that use the information on their database to send communications
between employees.

Cloud database servers: A cloud database server connects users to their database server through the internet.
Many database server providers use cloud computing databases to give users easy and fast access to their services.
Some examples of database servers (Contents beyond syllabus)

1. Microsoft SQL
One common database server is Microsoft (MS) SQL. SQL is a type of programming language that organizes data for a DBMS. Both Windows and Linux
computing systems and devices can run and connect with MS SQL. Users can connect with data on Microsoft SQL either locally or through the internet and at the
same time as other users.

2. MySQL
MySQL uses relational database management systems (RDBMS), meaning it organizes information and files based on how those files connect to each other. You
can find MySQL database systems in most industries. This is because MySQL is an open-source project that offers many features, and it's widely compatible with
other technologies.

3. MongoDB
MongoDB specializes in storing both structured and unstructured data. In the computing field, structured data has defined patterns that make its information easy
to search and organize, while unstructured data doesn't. Typically, structured data consists only or entirely of numerical information. Image files, social media
posts, video files and digital presentations are examples of unstructured data types on which companies rely.

4. SQLite
SQLite is an open-source database server. Open-source means users can personalize the software and code of SQLite to best fit the functions and needs of their
organization. SQLite also needs much less memory, storage and computing power than many other database servers. This may make SQLite a great choice for
organizations that want to access their database servers through devices with less computing power, such as mobile phones or tablets.

5. Microsoft Access
If a company frequently analyzes its data, it may consider using Microsoft Access as its database service provider. MS Access helps users evaluate large
amounts of data and easily discover or report their findings to others. Many businesses with online stores use MS Access to manage information about their
clients and inventory. One benefit of using MS Access is that it's easy for people new to database servers to get started, as it provides you with a beginner's
guide.
Cloud Storage
Introduction
Cloud Storage : Cloud storage is a service model in which data is maintained, managed,
backed up remotely and made available to users over a network (typically the Internet).

Cloud Storage Infrastructure : A cloud storage infrastructure is the hardware and software
framework that supports the computing requirements of a private or public cloud storage
service. Both public and private cloud storage infrastructures are known for their elasticity,
scalability and flexibility.

Cloud General Architecture:

Cloud storage architectures are primarily about delivery of storage on demand in a highly
scalable and multi-tenant way. cloud storage architectures consist of a front end that exports an
API to access the storage.
 Cloud Storage Architecture
Characteristic Description
The ability to manage a system with minimal
Manageability
resources
Access method Protocol through which cloud storage is exposed
Performance Performance as measured by bandwidth and
latency
Multi-tenancy Support for multiple users (or tenants)
Ability to scale to meet higher demands or load in
Scalability
a
graceful manner
Data availability Measure of a system’s uptime
Ability to control a system — in particular, to
Control configure for cost, performance, or
other characteristics
Storage efficiency Measure of how efficiently the raw storage is Fig. General Cloud Architecture
used
Measure of the cost of the storage (commonly
Cost
in dollars per gigabytes)
Types of storages – file storage,
block storage, and object storage
Object Storage:
● Object storage is a highly scalable and durable storage solution for storing unstructured
data, such as files, images, videos, and documents.
● Objects are stored with a unique identifier and can be accessed via HTTP or APIs. Each
object may have associated metadata for better organization and retrieval.
● Examples of object storage services include Amazon S3 (Simple Storage Service), Google
Cloud Storage, and Azure Blob Storage.

Block Storage:
● Block storage provides storage volumes that can be attached to virtual machines or
instances.
● It offers low-latency, high-performance storage for applications and databases that require
direct block-level access.
● Block storage volumes can be formatted with file systems and used like traditional hard
drives.
● Examples of block storage services include Amazon EBS (Elastic Block Store), Google
Cloud Persistent Disks, and Azure Managed Disks.
File Storage:
● File storage offers shared file systems accessible by multiple virtual machines
or instances.
● It provides a centralized location for storing and sharing files, enabling
concurrent access from multiple servers.
● File storage is suitable for applications that require shared file access, such
as content management systems, file servers, or development environments.
● Examples of file storage services include Amazon EFS (Elastic File System),
Google Cloud Filestore, and Azure Files.
 Core AWS services

Amazon Amazon
S3 EBS

Amazon Amazon
EFS S3 Glacier
Amazon Virtual Amazon Elastic AWS Identity and
Private Cloud Compute Cloud Storage Access Management
(Amazon VPC) (Amazon EC2) (IAM)

Amazon Relational Amazon

Database Service DynamoDB
Database 19
Amazon Elastic Block Store (Amazon EBS)

Amazon Elastic Block Store

(Amazon EBS)

20
AWS storage options: Block storage versus object storage
What if you want to change one character in a 1-GB file?

Block storage Object

Change one block (piece of the file) Entire filestorage
must be updated
that contains the character

21
Section 1 key Amazon EBS features:
takeaways ● Persistent and customizable block
storage for Amazon EC2
● HDD and SSD types
● Replicated in the same Availability Zone
● Easy and transparent encryption
● Elastic volumes
● Back up by using snapshots

22
Amazon Simple Storage Service (Amazon S3)

Amazon Simple Storage Service

(Amazon S3)
"11 nines" of durability
means that a system is at
23
Amazon S3 overview

• Data is stored as objects in buckets

• Virtually unlimited storage
• Single object is limited to 5 TB
• Designed for 11 9s of durability
• Granular access to bucket and
objects

24
Data is redundantly stored in the Region

media/welcome.mp4
Facility 1 Facility 2 Facility 3

my-bucket-name

Region
25
 Common use cases

Storing application assets

Static web hosting
Backup and disaster recovery (DR)
Staging area for big data
Many more….

26
 Amazon S3 common scenarios

● Backup and storage

● Application hosting
● Media hosting Amazon S3 buckets

● Software delivery

Corporate
data center
Amazon
EC2
instances

27
Section 2 key ● Amazon S3 is a fully managed cloud
storage service.
takeaways
● You can store a virtually unlimited
number of objects.
● You pay for only what you use.
● You can access Amazon S3 at any time
from anywhere through a URL.
● Amazon S3 offers rich security controls.

28
Amazon Elastic File System (Amazon EFS)

Amazon Elastic File

System (Amazon EFS)
29
 Amazon EFS features

File storage in the AWS Cloud

Works well for big data and analytics, media processing workflows, content management, web
serving, and home directories
Petabyte-scale, low-latency file system
Shared storage
Elastic capacity
Supports Network File System (NFS) versions 4.0 and 4.1 (NFSv4)
Compatible with all Linux-based AMIs for Amazon EC2

30
 ● Amazon EFS provides file storage over a
Section 3 key network.
takeaways ● Perfect for big data and analytics, media
processing workflows, content management,
web serving, and home directories.
● Fully managed service that eliminates storage
administration tasks.
● Accessible from the console, an API, or the CLI.
● Scales up or down as files are added or
removed and you pay for what you use.

31
Amazon S3 Glacier

Amazon S3 Glacier

32
 Amazon S3 Glacier review

Amazon S3 Glacier is a data archiving service that is designed for

security, durability, and an extremely low cost.
Amazon S3 Glacier is designed to provide 11 9s (99.999999999%) of durability for objects.

It supports the encryption of data in transit and at rest through Secure Sockets Layer (SSL) or
Transport Layer Security (TLS).

The Vault Lock feature enforces compliance through a policy.

Extremely low-cost design works well for long-term archiving.

Provides three options for access to archives—expedited, standard, and bulk—

retrieval times range from a few minutes to several hours.

33
Amazon S3 Glacier use cases

Media asset archiving

Healthcare information archiving

Regulatory and compliance archiving

Scientific data archiving

Digital preservation

Magnetic tape replacement

34
Section 4 key ● Amazon S3 Glacier is a data archiving
service that is designed for security,
takeaways durability, and an extremely low cost.
● Amazon S3 Glacier pricing is based on
Region.
● Its extremely low-cost design works well
for long-term archiving.
● The service is designed to provide 11 9s
of durability for objects.

35
 Cloud Storage and
Database Cost Optimization
Database Cost Optimization
Database cost optimization in cloud computing involves implementing strategies to
optimize costs associated with database services while ensuring performance, scalability,
and reliability.

Here are some key techniques for optimizing database costs in the cloud:

1. Right-Sizing Resources:
● Analyze the workload patterns and performance requirements of your database.
● Choose the appropriate instance type and storage configuration that aligns with
your database workload.
● Avoid over-provisioning resources, as it can lead to unnecessary costs.
Regularly monitor and adjust resource allocation based on actual usage
patterns.
2. Reserved Instances or Savings Plans:
● Take advantage of reserved instances or savings plans offered by cloud
providers.
● Commit to using specific database resources for a longer period in return for
significant cost savings compared to on-demand pricing.
● Analyze your workload's long-term usage patterns and select the appropriate
payment options (e.g., all upfront, partial upfront, no upfront) to optimize cost
savings.

3. Auto Scaling:
● Implement auto scaling for your database to automatically adjust the number of
read replicas or database instances based on workload demand.
● Auto scaling ensures that you have the required capacity during peak periods
and reduces costs during low-demand periods.
4. Database Instance Scheduling:
● Identify non-critical workloads or databases that can be shut down or scaled
down during periods of low usage.
● Schedule automated start and stop times for these instances to minimize
costs and maximize resource utilization.

5. Data Lifecycle Management:

● Implement data lifecycle policies to manage the retention and storage of data.
● Identify and categorize data based on its age, importance, and access
patterns.
● Archive or move less frequently accessed data to lower-cost storage options,
such as archival storage or lower-performance tiers.
Cloud Database Security
and Compliance
What is Cloud Database Security?

● Cloud security is a set of security measures designed to protect cloud-based

infrastructure, applications, and data.
● These safeguards protect data privacy by ensuring user and device authentication,
data and resource access control.

● Moreover, they also assist with keeping data compliance requirements.

● In essence, Cloud Database Security protects a company’s data from data breaches,
distributed denial of service (DDoS) attacks, viruses, hackers, and unauthorized user
access or use in cloud environments.

https://satoricyber.com/data-security/the-basics-of-cloud-database-security/
The Importance of Cloud Database Security

● Because most businesses are currently adopting cloud computing in some way or another, cloud security
has become quite crucial.

● IT professionals are still wary of shifting more data and apps to the cloud because of security threats,
governance, and compliance challenges when data gets kept in the cloud.

● They are concerned that extremely sensitive data and intellectual property could get compromised due to
unintentional leaks or more sophisticated cyber attacks.

● A significant cloud security component is business content and data protection to solve this issue.

● Preventing data leaks and theft is vital for retaining your customers’ trust and safeguarding the assets
that contribute to your competitive advantage.

● The capacity of cloud database security to protect your big data store and support is critical for any firm
moving to the cloud, such as Google cloud storage.
Common Threats and Challenges

● Numerous software configurations that are not correct, weaknesses, or

patterns of carelessness or abuse can lead to a breach of security. Here are
some of the most prevalent kinds of reasons for security attacks and the
reasons.

Malware
● Malware is software designed to exploit vulnerabilities or cause harm to
databases. Malware can be accessed via any device that connects to the
databases network.

https://www.javatpoint.com/database-security
Insider Dangers
● An insider threat can be an attack on security from any three sources having
an access privilege to the database.

○ A malicious insider who wants to cause harm

○ An insider who is negligent and makes mistakes that expose the database to attack.
○ An infiltrator is an outsider who acquires credentials by using a method like phishing
or accessing the database of credential information in the database itself.

● Insider dangers are among the most frequent sources of security breaches to
databases. They often occur as a consequence of the inability of employees to
have access to privileged user credentials.
Human Error

● The unintentional mistakes, weak passwords or sharing passwords, and other

negligent or uninformed behaviours of users remain the root causes of almost
half (49 percent) of all data security breaches.

Database Software Vulnerabilities can be Exploited

● Hackers earn their money by identifying and exploiting vulnerabilities in
software such as databases management software.
● The major database software companies and open-source databases
management platforms release regular security patches to fix these
weaknesses.
● However, failing to implement the patches on time could increase the risk of
being hacked.
Buffer Overflow is a way to Exploit Buffers
● Buffer overflow happens when a program seeks to copy more data into the memory block
with a certain length than it can accommodate.
● The attackers may make use of the extra data, which is stored in adjacent memory
addresses, to establish a basis for them to begin attacks.

DDoS (DoS/DDoS) Attacks

● In a distributed denial-of-service (DDoS) attack in which the attacker
overwhelms the targeted server.
● In this case, the database server with such a large volume of requests that
the server is unable to meet no longer legitimate requests made by actual
users.
● In most cases, the server is unstable or even fails to function.
Attacks on Backups
Companies that do not protect backup data using the same rigorous controls employed to
protect databases themselves are at risk of cyberattacks on backups.

The following factors amplify the threats:

● Data volumes are growing: Data capture, storage, and processing continue to increase
exponentially in almost all organizations. Any tools or methods must be highly flexible to
meet current as well as far-off needs.
● The infrastructure is sprawling: Network environments are becoming more
complicated, especially as companies shift their workloads into multiple clouds and
hybrid cloud architectures and make the selection of deployment, management, and
administration of security solutions more difficult.
● More stringent requirements for regulatory compliance: The worldwide regulatory
compliance landscape continues to increase by complexity. This makes the compliance
of every mandate more challenging.
Best use of Database Security

● As databases are almost always accessible via the network, any security risk
to any component or part of the infrastructure can threaten the database.
● Likewise, any security attack that impacts a device or workstation could
endanger the database.
● Therefore, security for databases must go beyond the limits of the database.
● In evaluating the security of databases in our workplace to determine our
organization's top priorities, look at each of these areas.
● Security for physical security: If the database servers are on-premises or
the cloud data centre, they should be placed in a secure, controlled climate.
(If our server for database is located in a cloud-based data centre, the cloud
provider will handle the security on our behalf.)
● Access to the network and administrative restrictions: The practical
minimum number of users granted access to the database and their access
rights should be restricted to the minimum level required to fulfil their tasks.
Additionally, access to the network is limited to the minimum permissions
needed.
● End security of the user account or device: Be aware of who has access
to the database and when and how data is used. Monitoring tools for data can
notify you of data-related activities that are uncommon or seem to be
dangerous. Any device that connects to the network hosting the database
must be physically secured (in the sole control of the appropriate person) and
be subject to security checks throughout the day.
● Security: All data including data stored in databases, as well as credential
information should be secured using the highest-quality encryption when in
storage and while in transport. All encryption keys must be used in
accordance with the best practices guidelines.
● Security for web server applications and websites: Any application or web
server that connects to the database could be a target and should be
subjected to periodic security testing and best practices management.
● Security of backups: All backups, images, or copies of the database should
have the identical (or equally rigorous) security procedures as the database
itself.
● Auditing: Audits of security standards for databases should be conducted
every few months. Record all the logins on the server as well as the operating
system. Also, record any operations that are made on sensitive data, too.
Traditional storage methods
Traditional storage methods
● Digital Universe is rapidly expanding and doubling every two years.
● With this explosion of data, companies of all sizes must implement data
storage solutions.
● Businesses must choose from various storage options such as:

○ Direct-Attached Storage (DAS)

○ Network-Attached Storage (NAS)
○ Storage Area Network (SAN)
Traditional storage methods
Direct-Attached Storage (DAS):
● DAS refers to storage devices directly connected to individual servers or workstations.
● Data is stored on local drives, such as hard disk drives (HDDs) or solid-state drives
(SSDs), directly attached to the server or workstation via interfaces like SCSI.
● DAS provides high-speed access to data but lacks centralized management and scalability.

Network-Attached Storage (NAS):

● NAS is a dedicated storage device connected to a local area network (LAN) and provides
file-level storage to multiple clients or servers.
● NAS systems typically run on specialized operating systems and provide shared file access
using protocols like NFS (Network File System) or SMB (Server Message Block).
● NAS devices can offer centralized management, data protection features, and scalability by
adding more storage capacity.
Storage Area Network (SAN):

● SAN is a specialized network that connects multiple servers to shared block-level storage
devices.
● SAN provides high-speed, low-latency access to data and allows multiple servers to
concurrently access the same storage resources.
● SAN uses Fibre Channel or iSCSI protocols to present storage volumes to servers, allowing
them to function as if the storage is locally attached.
● SAN offers features like storage virtualization, data replication, and snapshot-based backups.
 Cloud Storage Types
• DAS – Direct Attached Storage

• NAS Network Attached Storage.

• SAN- Storage Area Network.

Which Storage technology I should use for my Business

Application.?
Cloud Storage Infrastructure – Direct Attached Storage(DAS)

• DAS – Direct attached Storage

• DAS stands for Direct Attached Storage and as the name suggests,
it is an architecture where storage connects directly to hosts.

• Examples of DAS include hard drives, SSD, optical disc drives

and external storage drives.

• DAS is ideal for localized data access and sharing in environment

where small server are located for instance, small businesses,
departments etc.

• Block-level access protocols are used to access data through

applications and it can also be used in combination with SAN and
NAS.
Cloud Storage Infrastructure – Direct Attached Storage(DAS)

Based on the location of storage devices with respect to host, DAS can be classified as external or
internal.

Internal DAS: The storage device is internally connected to the host by serial or parallel buses.

Most internal buses have distance limitations and can only be used for short distance
connectivity and can also connect only a limited number of devices. And also hamper
maintenance as they occupy large amount of space inside the server.

External DAS: the server connects directly to the external storage devices. SCSI or FC
protocol are used to communicate between host and storage devices.

It overcomes the limitation of internal DAS and overcome the distance and
device count
limitations and also provides central administration of storage devices
What are SCSI and FC Protocol? (Content beyond syllabus)

SCSI: Small Computer System Interface

• is a smart bus, controlled with a microprocessor, that allows you to add up to
15 peripheral devices to the computer.
• These devices can include hard drives, scanners, printers, and other peripherals.

FC Protocol: Fibre Channel Protocol (FCP)

• is the SCSI interface protocol utilising an underlying Fibre Channel connection.
• The Fibre Channel standards define a high-speed data transfer mechanism that
can be used to connect workstations, mainframes, supercomputers, storage
devices and displays.
 Cloud Storage Infrastructure – Direct Attached Storage(DAS)
Why and why not to go for DAS?
Why to go for DAS:

• It requires low investment than other networking architectures.

• Less hardware and software are needed to setup and operate DAS.

• Configuration is simple and can be deployed easily.

• Managing DAS is easy as host based tools such as host OS are used.

Why not to go for DAS:

• Major limitation of DAS is that it doesn’t scale up well and it restricts the number of hosts that can be directly
connected to the storage.

• Limited bandwidth in DAS hampers the available I/O processing capability and when capability is reached, service
availability may be compromised.

• It doesn’t make use of optimal use of resources due to its lack of ability to share front end ports.
Cloud Storage Infrastructure –Network Attached Storage(NAS)
NAS is a file-level computer data storage server connected to a network and providing data accessibility to a
diverse group of clients.

NAS is specialized for the task assigned to it either by its hardware, software or by both and provides the
advantage of server consolidation by removing the need of having multiple file servers.

NAS also uses its own OS which works on its own peripheral devices.

A NAS operating systems is optimized for file I/O and, therefore performs file I/O better than a primitive server.
It also uses different protocols like TCP/IP, CIFS and NFS which are basically used for data transfer and for
accessing remote file service.

Components of NAS

NAS head which is basically a CPU and a memory.

More than one Network Interface Cards (NIC’s).
Optimized Operating System.
Protocols for file sharing (NFS or CIFS).
What are TCP/IP, CIFS, NFS and NIC (Content beyond syllabus)

Transmission Control Protocol/Internet Protocol

• is a suite of communication protocols used to interconnect network devices on the internet.
• TCP/IP is also used as a communications protocol in a private computer network (an intranet or extranet)

Common Internet File System (CIFS)

• is a network filesystem protocol used for providing shared access to files and printers between machines on the network.
• A CIFS client application can read, write, edit and even remove files on the remote server.

NFS: Network File System

• This distributed file system protocol allows a user on a client computer to access files over a network in the same way they would
access a local storage file.
• As such, NFS enables a client to view, store, and update files on a remote computer as if they were locally stored.

The main difference between these two types of communication systems are
• CIFS can used only in Windows operating system, whereas NFS can be used in UNIX and LINUX based systems.
• In terms of security, CIFS provides better network security than NFS.
• On the other hand, NFS offers higher scalability features than CIFS.

NIC: Network Interface Cards

• is a hardware component without which a computer cannot be connected over a network.
• It is a circuit board installed in a computer that provides a dedicated network connection to the computer.
• It is also called network interface controller, network adapter or LAN adapter.
 Cloud Storage Infrastructure –Network Attached Storage(NAS)

FIG: NAS

• Centralized storage device for storing data on a Fig: Network Attached Storage
network.
• Will have multiple hard drives in RAID
configuration.
• Directly attaches to a switch or router on a
network.
• Are used in Small businesses.

Drawbacks
• Single point of Failure.
What is a RAID configuration? (Content beyond syllabus)

RAID: Redundant Arrays of Independent Disks

is a technique which makes use of a combination of multiple disks instead of using a single disk for increased performance, data redundancy or
both.

Why data redundancy?

• Data redundancy, although taking up extra space, adds to disk reliability.
• This means, in case of disk failure, if the same data is also backed up onto another disk,
• we can retrieve the data and go on with the operation.
• On the other hand, if the data is spread across just multiple disks without the RAID technique, the loss of a single disk can affect the entire
data.
Cloud Storage Infrastructure –Storage Area Network(SAN)
• A storage area network (SAN) provides access to consolidated, block level data storage that is accessible by
the application running on any of the networked server.

• It carries data between servers (hosts) and storage devices through fibre channel switches.

• A SAN helps in aiding organizations to connect geographically isolated hosts and provide
robust communication between hosts and storage devices.

• In a SAN, each storage server and storage device is linked through a switch which includes SAN features like
storage virtualization, quality of service, security and remote sensing etc.

Components of SAN: Cabling, Host Bus Adapters (HBA) and Switches.

• Cabling:- is the physical medium which is used to for establishing a link between every SAN device.

• HBA or Host Bus Adapter is an expansion card that fits into expansion slot in a server.

• Switch is used to handle and direct traffic between different network devices. It accepts traffic and then
transmits the traffic to the desired endpoint device.
Cloud Storage Infrastructure –Storage Area Network(SAN)
• A Special High Speed network that stores and
provides access to large amounts of data.
• SAN’s are Fault Tolerant.
• Data is shared among several disk arrays.
• Server access data as if it was accessing data from
local drive.
• iSCSI(Cheaper) and FC(Expensive)
protocols used.
• SAN’s are not affected by network traffic.
• Highly scalable, Highly Redundant High
and
Fig: Storage Area Network Speed(interconnected with fibre channel).
• Expensive.
 Cloud Storage Infrastructure –Key Difference between DAS, NAS and SAN
• DAS–Directly Attached Storage.
-Usually disk or tape.
-Directly attached by a cable to the computer processor.(The hard disk drive inside a PC or a tape drive attached
to a single server are simple types of DAS.) I/O requests (also called protocols or commands).
-Access devices directly.

• NAS–Network Attached Storage.

-A NAS device (“appliance”), usually an integrated processor plus disk storage, is attached to a TCP/IP-based
network (LAN or WAN), and accessed using specialized file access/file sharing protocols.
-File requests received by a NAS are translated by the internal processor to device requests.

• SAN-Storage Area Network.

-Storage resides on a dedicated network.
-I/O requests access devices directly.
-Uses Fiber Channel media, providing an any-to-any connection for processors and storage on that network.
-Ethernet media using an I/O protocol called iSCSI is emerging in.
 DAS, NAS, SAN-Best Case Scenario Vs Worst Case Scenario
Storage Best Case Scenario Worst Case Scenario
Type
DAS DAS is ideal for small businesses that only need to DAS is not a good choice for businesses that are
share data locally, have a defined, non-growth growing quickly, need to scale quickly, need to
budget to work with and have little to no IT share across distance and collaborate or support a
support to maintain a complex system lot of system users and activity at once

NAS NAS is perfect for SMBs and organizations that Server-class devices at enterprise organizations
need a minimal-maintenance, reliable and flexible that need to transfer block-level data supported
storage system that can quickly scale up as needed by a Fibre Channel connection may find that
to accommodate new users or growing data NAS can’t deliver everything that’s needed.
Maximum data transfer issues could be a
problem with NAS
SAN SAN is best for block-level data sharing of SAN can be a significant investment and is a
mission- critical files or applications at data sophisticated solution that’s typically reserved for
centers or large- scale enterprise organizations. serious large-scale computing needs. A small-to-
midsize organization with a limited budget and
few IT staff or resources likely wouldn’t need
SAN.
Cloud Storage Security
What is Cloud Storage Security?

Cloud storage security refers to the measures and protocols put in place to
protect data stored in cloud storage services from unauthorized access, data
breaches, data loss, and other security threats.

Cloud storage is a popular choice for individuals and organizations to store and
manage their data due to its scalability, accessibility, and cost-effectiveness.

However, it also introduces specific security concerns that need to be addressed.

Here are some key aspects of cloud storage security:
Cloud Storage Security
● Data Encryption: Encryption is fundamental to cloud storage security. Data should be encrypted both
in transit (while being transferred between the user's device and the cloud server) and at rest (when
stored on the cloud server). This ensures that even if someone gains access to the data, they cannot
read it without the encryption key.
● Access Control: Cloud storage services provide access control mechanisms to restrict who can
access and manipulate stored data. This includes user authentication, authorization, and role-based
access control (RBAC) to ensure that only authorized individuals can access specific data.
● Identity and Access Management (IAM): IAM systems help manage user identities and permissions
within a cloud storage environment. It enables administrators to control who has access to what data
and what actions they can perform. Proper IAM configurations are essential for security.
● Multi-Factor Authentication (MFA): MFA adds an extra layer of security by requiring users to provide
multiple forms of authentication before gaining access to their cloud storage accounts. This can include
something they know (password), something they have (a mobile device), and something they are
(fingerprint or facial recognition).
Cloud Storage Security
● Data Backup and Redundancy: Cloud storage services often provide
redundancy and backup options to ensure data availability even in the event
of hardware failures or data corruption. Regular backups are crucial for data
recovery.
● Auditing and Monitoring: Cloud storage services typically offer logging and
monitoring features to track user activities and access to data. Regularly
reviewing logs can help identify and respond to security incidents.
● Compliance and Regulations: Many industries and regions have specific
compliance requirements for data storage and security. It's essential to ensure
that your cloud storage solution complies with relevant regulations.
Cloud Storage Security
● Security Updates and Patch Management: Keeping the cloud storage service and associated software
up to date with security patches is crucial to address vulnerabilities that could be exploited by
attackers.
● Employee Training and Awareness: Employees should be educated about best practices for cloud
storage security, including password hygiene, recognizing phishing attempts, and understanding the
importance of data security.
● Physical Security: While cloud storage primarily relies on remote servers, the physical security of the
data centers where the servers are housed is also important to prevent unauthorized physical access.

Cloud storage security is a shared responsibility between the cloud service provider and the user or
organization using the service. While the provider is responsible for securing the infrastructure and
platform, users must ensure proper configuration, access controls, and data encryption to protect their
data in the cloud.
Benefits
Benefits of Cloud Security System

Cloud security systems offer a wide range of benefits for organizations looking to protect their data and
applications in cloud environments. Here are some key advantages of implementing a cloud security
system:

● Scalability: Cloud security solutions can scale with your organization's needs. You can easily
adjust your security measures as your cloud infrastructure grows or changes, ensuring that you
maintain effective protection.
● Cost-Efficiency: Cloud security eliminates the need for expensive on-premises hardware and
infrastructure. You pay for the security services you use, often through a subscription model, which
can be more cost-effective than managing and maintaining your own security infrastructure.
● Rapid Deployment: Cloud security solutions can be quickly deployed compared to traditional on-
premises security systems. This agility allows you to adapt to emerging threats and changing
security requirements more efficiently.
● Automatic Updates and Patching: Cloud security providers often handle updates, patch
management, and security enhancements automatically. This reduces the burden on IT teams
and ensures that security measures are up to date, addressing known vulnerabilities.
● Global Reach: Cloud security services are often hosted in data centers distributed worldwide.
This global reach can help improve the availability and resilience of security measures, ensuring
protection even in the face of regional outages or disruptions.
● Flexibility: Cloud security solutions offer flexibility in terms of the types of security services you
can choose and configure to meet your specific needs. This allows you to tailor your security
measures to your organization's unique requirements.
● Centralized Management: Many cloud security systems provide a centralized management
console or dashboard, giving IT teams visibility and control over security policies and
configurations across the entire cloud environment. This simplifies management and
monitoring.
● Integrated Services: Cloud security providers frequently offer integrated security services, allowing you to
combine various security features such as firewall protection, intrusion detection, encryption, and identity
management within a single platform.
● Threat Monitoring and Response: Cloud security systems typically include real-time monitoring and threat
detection capabilities. They can quickly identify and respond to suspicious activities and potential security
incidents.
● User and Access Controls: Cloud security solutions offer robust access control mechanisms, including multi-
factor authentication (MFA) and role-based access control (RBAC), to manage who can access your cloud
resources and data.
● Reduced Maintenance Burden: With cloud security, the maintenance burden shifts to the service provider,
freeing up your IT staff to focus on other strategic tasks.

It's important to note that while cloud security systems offer these benefits, their effectiveness also depends on
proper configuration and management by the organization. A well-implemented cloud security strategy is a critical
component of protecting data and applications in the cloud.
Thank You!!!