A Paper on Cloud Computing, Moses From JPR,IIND, IT Dept. (2)

8/4/2019 A Paper on Cloud Computing, Moses From JPR,IIND, IT Dept. (2)

http://slidepdf.com/reader/full/a-paper-on-cloud-computing-moses-from-jpriind-it-dept-2 1/8

JEPPIAAR ENGINEERING COLLEGEJeppiaar Nagar ,Gandhi salai,chennai-119

DEPARTMENT OF INFORMATION TECHNOLOGY

A PRESENTATION ON

CLOUD COMPUTING

BY:

MOSES.A

IInd

Year / B- SecDEPTMENT OF IT



Introduction:

Cloud computing has become famous

in recent years. The basics of cloud computing

is defined as computer and software services

necessary for computing works provided via

the internet is called cloud computing.

Its basically a virtual server available over the

Internet. But others says very broadly, arguinganything you consume outside the firewall is "in

the cloud," including conventional outsourcing

Why is it named so.....Because all the services

are provided via the internet and cloud symbol is

used to represent internet in flowchart and

diagrams.

Types of cloud computing: There are three types of services offered.

1. Infrastructure as a service

2. Platform as a service

3. Software as a service

1.Infrastructure as a service:

In this type,the service provider

provides the necessary servers,hardware and

networking components to an organisation for a

fee.The organisation in turn installs the

necessary programs in the service provider's

server and uses them.The service provider is

responsible for the maintenance of the servers.

2.Platform as a service:

In this type,the service provider

provides the necessary softwares and the tools

for creating softwares which are installed in

their server to an organisation for a specified

amount.The organisation creates the necessary

softwares on his platform and uses them.Its like

renting in a house which has all the necessary

things.

3.Software as a service:

In this type the applications hosted in the

service provider s server are made available to

customers via the internet.The provider also

interacts with the user through a front end

panel.The provider provides the necessary

support to the customer.The services range

from e-mail to data processing.



What is It and How Does ItWork?

Cloud computing is becoming a

buzzword. It refers to a computing system in

which tasks are assigned through a combination

of connections, service and software over a

network. This collective of connections is known

as ‘the cloud’. Computing at this level allows

users to sort through a vast amount of data. For

example, Google is currently the forerunner of

cloud computing due to its need to produce

accurate and instant results for the millions of

search queries it receives every day. Other

companied have developed web based operating

systems that look and feel like Windows.

Basic components of cloud computing:

client:

Everything ends with the client. The hardware

components, the application and everything else

developed for cloud computing will be used in

the client. Without the client, nothing will be

possible.

The client could come in two forms: the

hardware component or the combination of

software and hardware components. Although

it’s a common conception that cloud computing

solely relies on the cloud (internet), there are

certain systems that requires pre-installedapplications to ensure smooth transition. The

hardware on the other hand will be the platform

where everything has to be launched.

Optimization is based on two fronts: the local

hardware capacity and the software security.

Through optimized hardware with security, the

application will launch seamlessly.

A cloud client consists of computer hardware and/or computer software that relies on

cloud computing for application delivery, or that

is specifically designed for delivery of cloud

services and that, in either case, is essentially

useless without it. Examples include some

computers, phones and other devices, operating

systems and browsers.

Application:

Cloud application services or "Software as a

Service (SaaS)" deliver software as a service

over the Internet, eliminating the need to installand run the application on the customer's own

computers and simplifying maintenance and

support.

Network-based access to, and management of,

commercially available software

* Activities that are managed from central

locations rather than at each customer's site,

enabling customers to access applications

remotely via the Web

* Application delivery that typically is closer to a one-to-many model (single instance, multi-

tenant architecture) than to a one-to-one model,

including architecture, pricing, partnering, and

management characteristics

* Centralized feature updating, which obviates

the need for downloadable patches and upgrades.

Platform:

Cloud platform services or "Platform as a

Service (PaaS)" deliver a computing platform

and/or solution stack as a service, oftenconsuming cloud infrastructure and sustaining

cloud applications.It facilitates deployment of

applications without the cost and complexity of

buying and managing the underlying hardware

and software layers.

Infrastructure:

Cloud infrastructure services or "Infrastructure

as a Service (IaaS)" delivers computer

infrastructure, typically a platform virtualization

environment as a service. Rather than purchasing

servers, software, data center space or network equipment, clients instead buy those resources as



a fully outsourced service. The service is

typically billed on a utility computing basis and

amount of resources consumed (and therefore the

cost) will typically reflect the level of activity. It

is an evolution of virtual private server offerings.

server:

The servers layer consists of computer hardware

and/or computer software products that are

specifically designed for the delivery of cloud

services, including multi-core processors, cloud-

specific operating systems and combined

offerings.Example google server is given below.

Eco-Friendly Incentives for Cloud

Computing :

Of course another incentive to option for cloud

computing is that it is more environmentally

friendly. Reducing the number of hardware

components and replacing them with cloud

computing systems reduces energy costs for

running hardware and cooling as well as

reducing carbon dioxide emissions and

conserving energy. Moving applications to the

cloud can potentially reduce energy costs for

running and cooling hardware. This can also

work in combination with government tax

incentives to go green and power companies

added incentives.

How Could the Future of Cloud

Computing Work for You?

In theory the process is very simple. Cloud

computing could allow you to have only a small

and inexpensive computer, processor and

monitor in front of you. You would have no need

for a hard drive or a CD/DVD drive. Instead you

would need only an Internet connection, which

would hook you up to a central supercomputer

that would host all your programs and files. This

presents and advantage to both storage and

security issues.

For now, cloud computing could be easily

identified with grid computing wherein the

“cloud” become the application for business

purposes. Although grid computing is more

focused on the server capabilities of the

application, their similarities are based on the

focus on providing online and on-time servicesto the enterprise.

But cloud computing is so much more than

simplified “cloud” processing. The business aim

of getting things done no matter where they are

without the necessary of a local or desktop

software is realized. The ease of data processing

with real time interaction and company-wide

availability of data in an instant could be done

through proper implementation of cloud

computing. Best of all, these processes are aimed

to be available with very little to no downtime.

The future of cloud computing should be highly

considered by businesses in any industry. The

possibility of full adaptation of cloud computing

by almost any industry is slowly starting to

happen. If a business will not consider their

future in cloud computing, the challenges as well

as the advantages of cloud computing may not be

addressed and fully harnessed.



Cloud Computing Security:

Security is one of the biggest concerns of

businesses in any form. Whether a business is a

small brick-and-mortar or a multi-million online

ventures, security should be implemented.

Exposing the company to different security flawsis always inviting to different elements with

malicious intent. A single security strike could

mean millions of dollars for businesses and

might single handedly close the business down.

Proper implementation of security measures is

highly recommended for cloud computing. The

mere fact that the application is launched

through internet makes it vulnerable to any time

of attack. An application available in LAN

(Local Area Network) only could even be

infiltrated from the outside so placing an

application over the internet is always a securityrisk. This is the unique situation of cloud

computing. Implementation of cloud computing

could require millions of dollars in infrastructure

and applications development but it still places

itself at risk for different types of attacks.

Protecting the Users

Above everything else, cloud computing or any

type of online application format should consider

protecting its users. Developers should make

sure that data related to the user should not be

mishandled and could be extracted just by one.

There are two ways to ensure cloud computing

security: restrictive user access and

certifications.

Restrictive access could come from simple

username/password challenge to complicated

CAPTCHA log in forms. But applications in

cloud computing should not only base itself on

these challenges. IP specific applications and

user time-outs are only some of the security

measures that should be implemented.

The challenge in restrictive user access is to limit

the access privilege of the user. Each user will

have to be assigned manually with security

clearance to ensure limitation of access to

different files.

Certifications are also important for user

certification. Developers have to open their

application to security specialists or companies

that provide certifications for security. This is

one way of assuring users that the application

has been fully tested against different types of

attacks. This is often the dilemma for cloudcomputing as external security checks might

open the company secrets on cloud computing.

But this has to be sacrificed to ensure the

security of their users.

Data Security

Aside from user protection against different

types of attacks, the data itself should be protected. In this aspect, the hardware and

software linked to cloud computing should be

scrutinized. Again, a certification is highly

desired in this part of cloud computing.

The hardware component for cloud computing

on the other hand requires a different type of

security consideration. The location of data

center should not only be selected because of its

proximity to controllers and intended users but

also on its security (and even secrecy) from

external problems. The data center should be

protected against different types of weather conditions, fire and even physical attacks that

might destroy the center physically.

With regards to the hardware component in

relation to the application, certain manual

components have to be available for increased

security. Among them is manual shutdown to

prevent further access of the information.

Although data could be controlled with another

application that data could be infiltrated unless

the application is shutdown immediately.

Recovery and Investigation

Cloud computing security should not only focus

itself on prevention. Ample resources should

also be focused on recovery if the unfortunate

event really strikes. Even before disaster

happens, certain plans have to be in place to

ensure that everyone will be working in unison

towards recovery. The plans do not have to be

focused on software attacks alone – certain

external disasters such as weather conditions

should have separate recovery plans. When

everything has been recovered, developers and

the company handling the application shouldhave the means to investigate the cause of the

problem. Through investigation, certain

conditions that lead to the event could be

realized and insecurities could be discovered.

Even legal actions could be done if security has

been breached on purpose.

Security is one of the most difficult task to

implement in cloud computing. It requires

constant vigilance against different forms of

attacks not only in the application side but also

in the hardware components. Attacks with

catastrophic effects only needs one security flawso it’s always a challenge for everyone involved

to make things secured.



Advantages:

• The advantage of this is,the customer

after paying the amount can get the service

at any time.

•

Also there are no problems of computer crash or server down.it is the responsibility

of the service provider.

• There is no investment cost for

computers,servers,software,etc..

• Amount can be payed according to

usage

• Now a days, the service providers

provide the service on a monthly basis.The

provider and the customer can cancel the

agreement at any time.So ther is no loss for

anyone.• Access your data at all times – not just

while in the office

• A physical storage center is no longer

needed

• Most have a pay structure that only

calls for payment only when use

• Relieves burden on IT Professionals

and frees up their time in the office

• Easily scalable so companies can add or

subtract storage based on their own needs

This service is suitable for small business

groups. Servers in a CloudOne of the advantages

of cloud computing is that both small and

medium sized businesses can instantly obtain the

benefits of the enormous infrastructure without

having to implement and administer it directly.

This also permits accessibility to multiple data

centers anywhere on the globe. It also means that

as the need for resources increases, companies

can add additional service as and when needed

from the cloud computing vendor without havingto pay for additional hardware.

Negatives:

If you are going to move all of your information

to data centers situated outside your company,

then security should be of utmost importance.

• Lost control comes with handing over your

data and information

• Depending on third-party to ensure the security

and confidentiality of data and information

• If your cloud host disappears, where does your

information go?

If you are a small business, or even a Fortune

500 company, cloud computing can take a large

technology professionals can be a real burden

and finding cost-efficient means through cloudhosting can be very beneficial. With Amazon

moving into the cloud computing environment,

everyone has access to what could be a major

change in business intelligence. Amazon’s

Elastic Compute Cloud is a dedicated, high

performance, analytic database cluster that is

open to businesses, on a pay-per-use scale, for a

monthly fee. This sounds like an excellent

business deal, if you are prepared to hand over

your personal data and information.

The Real Problems with Cloud

Computing:

There is a great deal of truth that Google can

maintain the security of systems better than

individual companies. While I may be critical of

some aspects of Google Apps security, I firmly

believe that Google is significantly more likely

to maintain the security of individual systems

than companies would themselves.

CSO — The recent Twitter hack, where a

French hacker compromised internal Twitter

documents by accessing the account of

administrative assistant, among others, wasessentially an attack on Google Docs. The reason

is that Twitter outsourced their infrastructure by

contracting with Google, and the accounts in

question were on Google's infrastructure.

The ensuing reports questioned the security of

Google Apps and cloud security in general. In

the process, Google claimed that their security

was better and less expensive than the security

that companies could provide for themselves. At

the same time, people (including me) persisted in

their statements that exposed information is

exposed information. This position takes thestand that companies want to protect their

information, and not the computers themselves.

This can be extremely confusing for CSOs trying

to decide whether or not to implement cloud

computing. This issue is at the forefront,

especially given Los Angeles County's stated

intention to migrate to Google Apps.

Let's first acknowledge that Google Apps was

not specifically "hacked" in the traditional sense

of the word during the Twitter hack. A hacker

did not break into Google computers through

some technical vulnerability in the Googleinfrastructure.



A hacker found a personal e-mail account for the

administrative assistant previously mentioned.

Similar to the Sarah Palin Yahoo! account hack,

the hacker researched social networking sites to

find the answer to the "secret question" required

to reset the account's password. In going through

the e-mails in the account, the hacker apparentlyfound the password used by the administrative

assistant on other sites, and correctly assumed

that person used that password on their Twitter

corporate account at Google Apps.

This gave the person access to e-mails and files.

Other information available to the account also

allowed the attacker to compromise the Twitter

corporate accounts of other employees.

While the initial reaction would be to blame the

guessability of the security questions on the

freemail account, as well as the reuse of the password, that is akin to saying people drown

because of water. Clearly, there are many other

vulnerabilities in cloud computing

implementation that enabled the compromise of

the accounts on Google Apps.

For example, the fact is Google Apps allowed

for anyone in the world to attempt to log into any

account at Twitter. In this case, the account

holder was in the San Francisco area and the

hacker logged in from France. If the accounts

were maintained internally, Twitter would have

had the ability to deny remote access. Similarly,if there was misuse and abuse detection, even

allowed accesses would have been flagged given

the location as well as the scope of the data

access. There are also data leak prevention

(DLP) tools that could have been in place.

Google Apps doesn't provide for add-on security

tools, such as those mentioned above. They do

provide for SAML 2.0 authentication integration.

However, that is a footnote, and organizations

who are using Google Apps because they don't

want to maintain the internal technical staff

required to run office applications are not likelyto maintain staff to manage a SAML compliant

tool, which can be even more complicated.

Using an automobile analogy, it is like saying

you will bring your car to a repair shop for

everything, even simple oil changes -- except for

the ignition system, which you agree to maintain

entirely on your own.

There is a great deal of truth that Google can

maintain the security of systems better than

individual companies. This specifically involves

server security, not data security. For example,

hackers target vulnerable operating systems thatdon't have properly applied patches. While I may

be critical of some aspects of Google Apps

security, I firmly believe that Google is

significantly more likely to maintain the security

of individual systems than companies would

themselves.

Google also implements sharding, which means

that an individual file could be divided amonghundreds of systems in theory. This way, if

someone actually does break into a server, they

will not likely get a useful amount of information

out of individual documents.

However, the fact is that attackers want your

information and will get it however they have to.

For example, the recent Heartland hacks resulted

from SQL injection which targeted the database

applications, not the servers. While Google Apps

may better maintain fundamental security of the

office applications, that again does not help with

the access, and sniffing potential.

Cloud computing puts your data outside of your

organization. Also when you use a cloud

computing service, you are limiting yourself to

the amount of advanced security tools that you

can put on the system. I already gave the

examples of DLP and misuse and abuse

detection, which is not available to Google Apps

users. Likewise, you cannot limit the access to

only internal staff. There are many other security

tools that cannot be put in place in cloud

environments, unless the cloud environment is

specifically designed for them.

There are also other issues to consider. You have

little control over how much audit information is

collected. For example, you likely do not have

access to failed log-in attempts, so you cannot

proactively look for attack reconnaissance.

Likewise, while you may maintain ownership of

your own data, you do not likely own all of the

access log data. That potentially creates legal

problems. For example, if someone does illicitly

access your information, you might need to get a

court order to see where they are coming from. If

however you maintained your data internally,you would have instant access to all of this

information.

Once a term only used by governments, cloud

hosting is making its way to businesses both

large and small. According to Wikipedia, cloud

computing "is a style of computing in which

dynamically scalable and often virtualized

resources are provided as a service over the

internet." Image a multitude of servers that are

connected through networks to create a cloud

where companies are able to store data.

Essentially, this cloud acts as an outsourcingagent for server and storage needs.



conclusion:

The Cloud Computing is one kind of

emerging business accounting model which in

the grid computation, the public computation and

the SaaS foundation develops. It will calculate

the duty to distribute on the resource pool which

the massive computers will constitute, willenable each kind of application system according

to need to gain the computation strength, the

storage space and each kind of software service.

This paper presentation introduced the Cloud

Computing evolution process, has analyzed the

Cloud Computing essence, but this article key

point studies the industrial world 3 concrete

Cloud Computing example,includes Google the

cloud to calculate the platform, IBM Corporation

specifically “Blue Cloud” .I conclued that in this

century cloud computing is one of the great

technology which is be most useful technology

in this world.…….

(Will Explain the Real world Problem with block

diagram and their solutions in Power point

Presentation)

THANK YOU.

Documents

A Paper on Cloud Computing, Moses From JPR,IIND, IT Dept. (2)