SlideShare une entreprise Scribd logo

Understanding the Basics of Cloud Computing

Tarek Nader
Tarek Nader

Overview of cloud computing

Technologie
1  sur  24
Télécharger pour lire hors ligne
© Peter R. Egli 2013 1/24 Rev. 1.70 Cloud Computing indigoo.com • Contents 1. What is cloud computing? 2. Why cloud computing? 3. Typical IaaS, PaaS, SaaS providers 4. Cloud provider landscape 5. Technology foundation of cloud computing 6. Cloud computing versus outsourcing 7. Hybrid clouds 8. Cloud security 9. Cloud risk management 10. Cloud certifications 11. Cloud standards
© Peter R. Egli 2013 2/24 Rev. 1.70 Cloud Computing indigoo.com 1. What is cloud computing? (1/5) Could computing definition by NIST: NIST (National Institute of Standards and Technology, US non-regulatory federal agency) published a widely used and accepted definition of cloud computing: «Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction». Source: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf NIST defines cloud computing around 5 essential characteristics 3 service models 4 deployment models
© Peter R. Egli 2013 3/24 Rev. 1.70 Cloud Computing indigoo.com 1. What is cloud computing? (2/5) 5 essential key characteristics of clouds: On-demand self-service computing resources (elasticity):  Automatic provisioning without human interaction with service provider. Broad network access:  Availability of cloud resources through various platforms (desktops, mobiles, workstations). Resource pooling:  Sharing of provider resources among customers (multi-tenant model).  Location transparency (customer is not aware of the location of the server resources). Rapid elasticity:  Resources can be allocated and released to scale according to demand. Measured service:  Monitoring resource usage, service assurance (SLA – Service Level Agreement).
© Peter R. Egli 2013 4/24 Rev. 1.70 Cloud Computing indigoo.com 1. What is cloud computing? (3/5) 3 service models (1/2): 3 service models define the level of cloud service. IaaS PaaS SaaS IaaS – Infrastructure as a Service: IT infrastructure is provided as a service. IaaS comprises resources such as servers, network and simple mass storage. SaaS - Software as a Service: SaaS builds on top of PaaS and provides application-level services such as collaboration, ERP and document management. PaaS - Platform as a Service: PaaS provides platforms and run-time environments including middleware, messaging, databases and identity management.
© Peter R. Egli 2013 5/24 Rev. 1.70 Cloud Computing indigoo.com 1. What is cloud computing? (4/5) 3 service models (2/2): IaaS, PaaS and SaaS define different levels of cloud services with regard to the traditional IT stack that is entirely managed by the inhouse IT department. Applications Data Runtime Middleware OS Virtualization Servers Storage Networking Traditional IT Applications Data Runtime Middleware OS Virtualization Servers Storage Networking IaaS Applications Data Runtime Middleware OS Virtualization Servers Storage Networking PaaS Applications Data Runtime Middleware OS Virtualization Servers Storage Networking SaaS Cloudprovidermanaged Cloudprovidermanaged Cloudprovider managed ITmanaged ITmanaged IT managed
© Peter R. Egli 2013 6/24 Rev. 1.70 Cloud Computing indigoo.com 1. What is cloud computing? (5/5) 4 cloud deployment models: Private cloud: • Cloud is enterprise owned or leased. • Cloud is used by a single enterprise or organization. • Cloud equipment may exist on- or off-premise. • Private cloud may be internal (company premises) or external (provider hosted). • Typically operated by a third-party with the required skills to lower operating costs. Community cloud: • Shared infrastructure for a specific community. • May exist on- or off-premise. Public cloud: • Cloud is sold to the public, mega-scale infrastructure. • Exists on premises of cloud provider. Hybrid cloud: • Different cloud types combined. • Typically the base load is covered by a private cloud, load bursts handled by a public cloud computing resources («cloud bursting», «pay-as-you-go» cost model).
© Peter R. Egli 2013 7/24 Rev. 1.70 Cloud Computing indigoo.com 2. Why cloud computing? (1/3) The rationale of cloud computing (for the customer) is reduced and linearly scaling costs. Cloud computing allows allocating required computing resources dynamically to demand. It scales linearly with the number of users, i.e. incurs no or little capital expenses (capex), only operating expenses (opex). Traditional IT: Cloud computing: Fixed costs (CapEx) Users / usage Costs Variable costs (OpEx) Users / usage Costs Data centers, servers etc. require a large up-front investment (CapEx). The infrastructure must be dimensioned to accommodate a certain peak load. Variable costs incur on top of CapEx (run-time licenses for users etc.). Fixed costs are transferred to the cloud provider and thus largely reduced for the customer (customer infrastructure reduced to network, workstations). Variable costs vary according to usage demand. The variable costs are reduced since the cloud provider exploits economy of scale. Variable costs (OpEx) Fixed costs (CapEx)
© Peter R. Egli 2013 8/24 Rev. 1.70 Cloud Computing indigoo.com 2. Why cloud computing? (2/3) By means of pooling, a reduced number of servers can deliver the processing power demands of multiple customers (scaling effect) because customer’s processing demands are distributed over time (statistical multiplexing). Time Demand Time Demand Time Demand Customer 1 Customer 2 Customer 3 Combined processing power demand profile. Provisioned server performance can accommodate peak demands of customers.  «Peak of sums < sum of peaks». Peak demand that can not be serviced Peak demand Average processing power demand Unused (wasted) processing power
© Peter R. Egli 2013 9/24 Rev. 1.70 Cloud Computing indigoo.com 2. Why cloud computing? (3/3) Business drivers for cloud computing: • High costs due to high server performance requirements to meet peak demands (low average server capacity usage: 15%). • Avoidance of CapEx. • Need for reduction of data center energy consumption. • High IT maintenance costs (IT staff, licenses). • Meet compliance requirements (data protection, security, data center access etc.). • Need for flexible data center usage arrangments (scale up when need arises for peak performance demands). Potential cost savings with cloud computing 50 – 90%.
© Peter R. Egli 2013 10/24 Rev. 1.70 Cloud Computing indigoo.com 3. Typical IaaS, PaaS, SaaS providers Some key players in the cloud market: IaaS PaaS SaaS Simple storage. Content Delivery Network. Cloud servers. OS, node.js platform. Google App Engine (Java platform). Development and hosting platform. MS Office and collaboration appl. Cloud based CRM. Cloud based ERP.
© Peter R. Egli 2013 11/24 Rev. 1.70 Cloud Computing indigoo.com 4. Cloud provider landscape (1/2) Cloud Service Providers (CSP): CSPs offer IaaS, PaaS and SaaS services as private, hybrid or public clouds. Cloud Service Brokers (CSB): CSBs resell and sometimes integrate CSP cloud services. CSBs focus on consultancy services, (help customers choose the right cloud solution, provide best practices for cloud deployment). Cloud Service Aggregators (CSA): CSAs integrate cloud services into value-added services, e.g. bundling storage services from different CSPs into a high-availability offering. CSB (Broker) CSP CSA (Aggr.) CSP CSP Customer
© Peter R. Egli 2013 12/24 Rev. 1.70 Cloud Computing indigoo.com 4. Cloud provider landscape (2/2) IaaS, PaaS and SaaS Cloud Service Providers (CSP): Private Cloud Hybrid Cloud Public Cloud IaaS PaaS SaaS
© Peter R. Egli 2013 13/24 Rev. 1.70 Cloud Computing indigoo.com 5. Technology foundation of cloud computing (1/2) Cloud computing is based on and made possible by a number of technologies. Virtualization: Virtualization is a crucial technology to completely decouple OS and software from the underlying hardware. This allows running multiple OS instances on a single server hardware. Grid technology: Often cloud computing is based on some kind of grid computing where a large number of physical servers is available to host and run cloud infrastructures, platforms and applications. When demand arises, services can be moved around the grid environment. Broadband network access: Diminishing differences in network bandwidth between LAN and WAN access make it possible to move entire applications to clouds. Distributed computing: Middleware and particularly web services provide the necessary interoperability for cloud- based distributed applications.
© Peter R. Egli 2013 14/24 Rev. 1.70 Cloud Computing indigoo.com 5. Technology foundation of cloud computing (2/2) Web technologies: Web technologies, namely the HTTP/HTML/CSS/Javascript combo, define an interoperable standard client interface. Security protocols and technologies: Security is essential for cloud computing. The necessary technologies for authentication, privacy, authorization, key distribution and trust federation are available on different platforms. Service orientation: SOA as a core architectural principle allows to compose applications of a collection of services, each of which can be hosted in a cloud-based environment. Open source software: Clouds need tons of software. A wealth of open source software for virtually every aspect in cloud infrastructures is available and allows cloud providers to deliver high-level cloud services at reasonable costs.
© Peter R. Egli 2013 15/24 Rev. 1.70 Cloud Computing indigoo.com 6. Cloud computing versus outsourcing Outsourcing: In a typical outsourcing arrangement, the providers offers a service according to the conditions of the customer. Usually the contracts and SLAs are different for each customer. Cloud: Typical cloud providers have a standard offering, usually high-volume commoditized services without the possibility for custom specific extensions. Provider Customer Contract Cloud Provider Customer Standard offering Customer
© Peter R. Egli 2013 16/24 Rev. 1.70 Cloud Computing indigoo.com 7. Hybrid clouds (1/2) Why hybrid clouds? Hybrid clouds combine the benefits of private and public clouds. Private clouds: • Mainstay IT resources • Privacy and security • Enhanced control Public clouds: • Absorb temporal processing demand bursts (cloud bursting, load balancing) • Provide business continuity in case of private cloud outages (disaster recovery) • Help smooth out private cloud investments over time Public Private Burst out additional demand Smoother buildup of private cloud infrastructure
© Peter R. Egli 2013 17/24 Rev. 1.70 Cloud Computing indigoo.com 7. Hybrid clouds (2/2) Criteria for offloading to a public cloud: While combining private and public clouds may bring overall benefit, a number of criteria need to be carefully assessed prior to deploying hybrid clouds. a. Level of security provided by public cloud provider b. SLA provided by public cloud provider (availability, recovery etc.) c. Compliance with data security regulations such as PCI DSS (Payment Card Industry) d. Network bandwidth demands between clients, servers and databases e. Platform requirements (Linux, Windows, software stacks, middleware and platforms) f. Compatibility of authentication, authorization and identity management between private and public cloud g. Unified management and administration of private and public clouds
© Peter R. Egli 2013 18/24 Rev. 1.70 Cloud Computing indigoo.com 8. Cloud security (1/2) Typical cloud security concerns of customers: • Trust (do we trust the cloud provider?). • Data ownership issues (what happens if cloud provider goes bancrupt?). • Loss of physical control of data, infrastructure. • Customer isolation (how good are customers technically isolated from each other). • Legality of data transfer to an offshore cloud provider (see also «safe harbor»). • Concern about moving data to cloud providers that are attractive targets for hackers and crackers (high value targets). • Security of software components in the cloud infrastructure (are the components secure? Are they regularly updated with the latest security patches?). • Availability concerns (cloud infrastructure outage may bring operations of a company down). • Compliance and regulatory issues (HIPAA, SoX, ISO 27001, Basel II etc.).
© Peter R. Egli 2013 19/24 Rev. 1.70 Cloud Computing indigoo.com 8. Cloud security (2/2) Cloud security advantages: Concerning security, clouds may also have advantages. • Dedicated security team (people trained for the purpose). • Defined and standardized security, ideally an integrated part of the SLA (service level agreement). • When customers use multiple cloud providers, applications are better isolated and protected than would be the case with BYO (build your own) IT infrastructure. • Greater resilience to outages (often intrinsically supported by cloud infrastructure). • Fault and redundancy mechanisms provided as part of the cloud offering. • Compliance delivered by cloud provider as part of the offering. • Defined monitoring and auditing of services by cloud provider.
© Peter R. Egli 2013 20/24 Rev. 1.70 Cloud Computing indigoo.com 9. Cloud risk management (1/2) What are the risks in clouds? Traditional IT has its own set of risks to be addressed. On top of these risks, cloud computing adds many more risks in various fields such as IT fragmentation ("shadow IT"), infrastructure security, compliance, business continuity and data management. Deloitte's «Cloud Computing Risk Intelligence Map» provides an excellent overview of potential cloud risk areas. Risk management frameworks: A holistic approach for risk management is a must in every cloud strategy. Risk management frameworks provide a structured and disciplined approach for managing ICT risks including: a. risk identification b. risk analysis and evaluation c. risk classification and prioritization d. risk mitigation and control measures e. risk monitoring
© Peter R. Egli 2013 21/24 Rev. 1.70 Cloud Computing indigoo.com 9. Cloud risk management (2/2) Risk management frameworks: Existing IT management frameworks address cloud risks to a varying degree: Framework Title Risk Management Audit, certification & attest for organizations COBIT 5 Control Objectives for Information and Related Technology Risk IT Framework (addresses all IT related risks) Yes (COBIT assessment) ITIL V3 Information Technology Infrastructure Library Yes (risk management for IT services) No ISO/IEC 2700X Information Security Management Systems (Series of standards) Information security risk management (ISO/IEC 27005) Yes PCI DSS Payment Card Industry Data Security Standard No, but requires a process for risk management Yes CSA Cloud Security Alliance GRC Stack (Governance, Risk, Compliance) STAR Self-assessment STAR Certification STAR Attestation COSO ERM Committee of Sponsoring Organizations of the Treadway Commission ERM – Enterprise Risk Management No OCTAVE Operationally Critical Threat, Asset, and Vulnerability Evaluation Information Security Risk Management No
© Peter R. Egli 2013 22/24 Rev. 1.70 Cloud Computing indigoo.com 10. Cloud certifications To date, there is no single certification program in place for approving cloud provider's (CSPs) adherence to security and confidentiality guidelines. A number of programs and certifications exist that may help to evaluate a CSPs compliance with security best practices. Certification Authority / Issuer Scope Applicability IEC27001 IEC / 3rd party audit Information Security Management CSPs HIPAA US Government, 3rd party audit Protection of health-related information Health Care Providers PCI DCS Payment Card Industry Security Standards Council IT security Payment Service Providers FedRAMP Federal Risk and Authorization Management Program Central certification agency for U.S. agencies. Defined and required criteria for U.S. gov. agencies to use a cloud provider. US agencies EU SafeHarbor Compliance Self-certification Data protection, information security All companies exchanging data with the US SSAE 16, SOC 1-3 Service Organization Control Operational Controls, Security, Privacy, Confidentiality Most applicable for CSPs that do financial data processing EuroCloud Star Audit Cloud Security Alliance Self-assessment, certification, attestation Only general statement on cloud provider quality (1-5 stars) CSPs
© Peter R. Egli 2013 23/24 Rev. 1.70 Cloud Computing indigoo.com 11. Cloud standards (1/2) Clouds are still mostly based on proprietary technology. However, standards are emerging to improve interoperability between customer, CSP and CSA. Auth. Service Cloud Infrastructure Management Layer Customer Cloud Infrastructure Mgt. CDMI Virtualization Layer IaaS, PaaS, SaaS Cloud Infrastructure Stack OVF Service Front End Customer Users CIM, CIMI Service Front End SAML, XACML Service Abstraction Layer TOSCA Customer Cloud Service Mgt. Occi CSP
© Peter R. Egli 2013 24/24 Rev. 1.70 Cloud Computing indigoo.com 11. Cloud standards (2/2) Body Standard Scope / goal Link Distributed Management Task Force (DMTF) OVF – Open Virtualization Format Portability and deployment of virtual applicances (VMs) http://dmtf.org/standards/ovf OASIS SAML, XACML Access Control based on XML (authorization of data access) https://www.oasis- open.org/standards Open Grid Forum (OGF) Occi – Open Cloud Computing Interface Open and standard API for customers to access and manage (mostly) IaaS-type services (infrastructure) http://occi-wg.org/ Storage Networking Industry Association (SNIA) CDMI – Cloud Data Management Interface Standard interface for applications to access data elements (store, retrieve, update, delete) http://www.snia.org/cdmi Cloud Management Working Group (CMWG) CIMI – Cloud Infrastructure Management Interface CIM – Common Information Model Standard cloud management interface http://dmtf.org/ OASIS TOSCA – Topology and Orchestration Specification for Cloud Applications Standardization of higher level cloud services so these are easily portable across providers (e.g. standardized storage service, service choreography) https://www.oasis- open.org/committees/tosca

Recommandé

Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...Pushpa
 
Cc unit 2 ppt
Cc unit 2 pptCc unit 2 ppt
Cc unit 2 pptDr VISU P
 
Hybrid Cloud and Its Implementation
Hybrid Cloud and Its ImplementationHybrid Cloud and Its Implementation
Hybrid Cloud and Its ImplementationSai P Mishra
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingMuthusamy Arumugam
 
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...EuroCloud
 
Cc unit 1 ppt
Cc unit 1 pptCc unit 1 ppt
Cc unit 1 pptDr VISU P
 
Cloud Reference Model
Cloud Reference ModelCloud Reference Model
Cloud Reference ModelDr. Ramkumar Lakshminarayanan
 
Virtualization in cloud computing
Virtualization in cloud computingVirtualization in cloud computing
Virtualization in cloud computingMehul Patel
 

Recommandé

Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...Pushpa
 
Cc unit 2 ppt
Cc unit 2 pptCc unit 2 ppt
Cc unit 2 pptDr VISU P
 
Hybrid Cloud and Its Implementation
Hybrid Cloud and Its ImplementationHybrid Cloud and Its Implementation
Hybrid Cloud and Its ImplementationSai P Mishra
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingMuthusamy Arumugam
 
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...
Virgílio Vargas Presentations / CloudViews.Org - Cloud Computing Conference 2...EuroCloud
 
Cc unit 1 ppt
Cc unit 1 pptCc unit 1 ppt
Cc unit 1 pptDr VISU P
 
Cloud Reference Model
Cloud Reference ModelCloud Reference Model
Cloud Reference ModelDr. Ramkumar Lakshminarayanan
 
Virtualization in cloud computing
Virtualization in cloud computingVirtualization in cloud computing
Virtualization in cloud computingMehul Patel
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data securityMohammed Fazuluddin
 
Cloud computing - new class of network based computing
Cloud computing - new class of network based computingCloud computing - new class of network based computing
Cloud computing - new class of network based computingAshita Agrawal
 
Microsoft Cloud Computing E-Book
Microsoft Cloud Computing E-BookMicrosoft Cloud Computing E-Book
Microsoft Cloud Computing E-BookZAG Technical Services
 
Cloud computing 1
Cloud computing 1Cloud computing 1
Cloud computing 1Ashok Kumar
 
Cs6703 grid and cloud computing unit 3
Cs6703 grid and cloud computing unit 3Cs6703 grid and cloud computing unit 3
Cs6703 grid and cloud computing unit 3RMK ENGINEERING COLLEGE, CHENNAI
 
Cloud Computing Security Organization Assessments Service Categories Responsi...
Cloud Computing Security Organization Assessments Service Categories Responsi...Cloud Computing Security Organization Assessments Service Categories Responsi...
Cloud Computing Security Organization Assessments Service Categories Responsi...SlideTeam
 
Cloud computing
Cloud computingCloud computing
Cloud computingsfu-kras
 
Cloud Computing - Introduction
Cloud Computing - IntroductionCloud Computing - Introduction
Cloud Computing - IntroductionRupesh Mishra
 
Cloud computing reference architecture from nist and ibm
Cloud computing reference architecture from nist and ibmCloud computing reference architecture from nist and ibm
Cloud computing reference architecture from nist and ibmRichard Kuo
 
cloud computing
cloud computingcloud computing
cloud computingRoshan Bagdiya
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityPiyush Mittal
 
Cloud And Virtualization To Support Grid Infrastructures
Cloud And Virtualization To Support Grid InfrastructuresCloud And Virtualization To Support Grid Infrastructures
Cloud And Virtualization To Support Grid InfrastructuresIgnacio M. Llorente
 
CLOUD COMPUTING_proposal
CLOUD COMPUTING_proposalCLOUD COMPUTING_proposal
CLOUD COMPUTING_proposalLaud Randy Amofah
 
Реализация частной и гибридной облачной IT-инфраструктуры предприятия на осно...
Реализация частной и гибридной облачной IT-инфраструктуры предприятия на осно...Реализация частной и гибридной облачной IT-инфраструктуры предприятия на осно...
Реализация частной и гибридной облачной IT-инфраструктуры предприятия на осно...ActiveCloud
 
Unit 1
Unit 1Unit 1
Unit 1Ravi Kumar
 
Cloud computing and Cloud Enabling Technologies
Cloud computing and Cloud Enabling TechnologiesCloud computing and Cloud Enabling Technologies
Cloud computing and Cloud Enabling TechnologiesAbdelkhalik Mosa
 
Presentation on Top Cloud Computing Technologies
Presentation on Top Cloud Computing TechnologiesPresentation on Top Cloud Computing Technologies
Presentation on Top Cloud Computing TechnologiesAbu Hasnat Md. Shakik Prodhan
 
Cloud computing Fundamentals
Cloud computing FundamentalsCloud computing Fundamentals
Cloud computing FundamentalsKen-Lauren Daganio
 
Cloud computing
Cloud computingCloud computing
Cloud computingMonika Kumari
 
Cloud Computing: What it Means for Libraries, Library Staff, Training and Skills
Cloud Computing: What it Means for Libraries, Library Staff, Training and SkillsCloud Computing: What it Means for Libraries, Library Staff, Training and Skills
Cloud Computing: What it Means for Libraries, Library Staff, Training and Skillssherif user group
 
Overview of Cloud Computing
Overview of Cloud ComputingOverview of Cloud Computing
Overview of Cloud ComputingPeter R. Egli
 
Cloud computing What Why How
Cloud computing What Why HowCloud computing What Why How
Cloud computing What Why HowAsian Institute of Technology (AIT)
 

Contenu connexe

Tendances

Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data securityMohammed Fazuluddin
 
Cloud computing - new class of network based computing
Cloud computing - new class of network based computingCloud computing - new class of network based computing
Cloud computing - new class of network based computingAshita Agrawal
 
Cloud computing 1
Cloud computing 1Cloud computing 1
Cloud computing 1Ashok Kumar
 
Cloud Computing Security Organization Assessments Service Categories Responsi...
Cloud Computing Security Organization Assessments Service Categories Responsi...Cloud Computing Security Organization Assessments Service Categories Responsi...
Cloud Computing Security Organization Assessments Service Categories Responsi...SlideTeam
 
Cloud computing
Cloud computingCloud computing
Cloud computingsfu-kras
 
Cloud Computing - Introduction
Cloud Computing - IntroductionCloud Computing - Introduction
Cloud Computing - IntroductionRupesh Mishra
 
Cloud computing reference architecture from nist and ibm
Cloud computing reference architecture from nist and ibmCloud computing reference architecture from nist and ibm
Cloud computing reference architecture from nist and ibmRichard Kuo
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityPiyush Mittal
 
Cloud And Virtualization To Support Grid Infrastructures
Cloud And Virtualization To Support Grid InfrastructuresCloud And Virtualization To Support Grid Infrastructures
Cloud And Virtualization To Support Grid InfrastructuresIgnacio M. Llorente
 
Реализация частной и гибридной облачной IT-инфраструктуры предприятия на осно...
Реализация частной и гибридной облачной IT-инфраструктуры предприятия на осно...Реализация частной и гибридной облачной IT-инфраструктуры предприятия на осно...
Реализация частной и гибридной облачной IT-инфраструктуры предприятия на осно...ActiveCloud
 
Cloud computing and Cloud Enabling Technologies
Cloud computing and Cloud Enabling TechnologiesCloud computing and Cloud Enabling Technologies
Cloud computing and Cloud Enabling TechnologiesAbdelkhalik Mosa
 
Cloud Computing: What it Means for Libraries, Library Staff, Training and Skills
Cloud Computing: What it Means for Libraries, Library Staff, Training and SkillsCloud Computing: What it Means for Libraries, Library Staff, Training and Skills
Cloud Computing: What it Means for Libraries, Library Staff, Training and Skillssherif user group
 

Tendances (20)

Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
 
Cloud computing - new class of network based computing
Cloud computing - new class of network based computingCloud computing - new class of network based computing
Cloud computing - new class of network based computing
 
Microsoft Cloud Computing E-Book
Microsoft Cloud Computing E-BookMicrosoft Cloud Computing E-Book
Microsoft Cloud Computing E-Book
 
Cloud computing 1
Cloud computing 1Cloud computing 1
Cloud computing 1
 
Cs6703 grid and cloud computing unit 3
Cs6703 grid and cloud computing unit 3Cs6703 grid and cloud computing unit 3
Cs6703 grid and cloud computing unit 3
 
Cloud Computing Security Organization Assessments Service Categories Responsi...
Cloud Computing Security Organization Assessments Service Categories Responsi...Cloud Computing Security Organization Assessments Service Categories Responsi...
Cloud Computing Security Organization Assessments Service Categories Responsi...
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud Computing - Introduction
Cloud Computing - IntroductionCloud Computing - Introduction
Cloud Computing - Introduction
 
Cloud computing reference architecture from nist and ibm
Cloud computing reference architecture from nist and ibmCloud computing reference architecture from nist and ibm
Cloud computing reference architecture from nist and ibm
 
cloud computing
cloud computingcloud computing
cloud computing
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Cloud And Virtualization To Support Grid Infrastructures
Cloud And Virtualization To Support Grid InfrastructuresCloud And Virtualization To Support Grid Infrastructures
Cloud And Virtualization To Support Grid Infrastructures
 
CLOUD COMPUTING_proposal
CLOUD COMPUTING_proposalCLOUD COMPUTING_proposal
CLOUD COMPUTING_proposal
 
Реализация частной и гибридной облачной IT-инфраструктуры предприятия на осно...
Реализация частной и гибридной облачной IT-инфраструктуры предприятия на осно...Реализация частной и гибридной облачной IT-инфраструктуры предприятия на осно...
Реализация частной и гибридной облачной IT-инфраструктуры предприятия на осно...
 
Unit 1
Unit 1Unit 1
Unit 1
 
Cloud computing and Cloud Enabling Technologies
Cloud computing and Cloud Enabling TechnologiesCloud computing and Cloud Enabling Technologies
Cloud computing and Cloud Enabling Technologies
 
Presentation on Top Cloud Computing Technologies
Presentation on Top Cloud Computing TechnologiesPresentation on Top Cloud Computing Technologies
Presentation on Top Cloud Computing Technologies
 
Cloud computing Fundamentals
Cloud computing FundamentalsCloud computing Fundamentals
Cloud computing Fundamentals
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud Computing: What it Means for Libraries, Library Staff, Training and Skills
Cloud Computing: What it Means for Libraries, Library Staff, Training and SkillsCloud Computing: What it Means for Libraries, Library Staff, Training and Skills
Cloud Computing: What it Means for Libraries, Library Staff, Training and Skills
 

Similaire à Understanding the Basics of Cloud Computing

Overview of Cloud Computing
Overview of Cloud ComputingOverview of Cloud Computing
Overview of Cloud ComputingPeter R. Egli
 
Understanding the cloud computing stack
Understanding the cloud computing stackUnderstanding the cloud computing stack
Understanding the cloud computing stackSatish Chavan
 
Cloud Computing genral for all concepts.pptx
Cloud Computing genral for all concepts.pptxCloud Computing genral for all concepts.pptx
Cloud Computing genral for all concepts.pptxraghavanp4
 
What is cloud computing
What is cloud computingWhat is cloud computing
What is cloud computingDan Morrill
 
Cloud Computing: Overview & Utility
Cloud Computing: Overview & UtilityCloud Computing: Overview & Utility
Cloud Computing: Overview & Utilityiosrjce
 
Comparison of Several IaaS Cloud Computing Platforms
Comparison of Several IaaS Cloud Computing PlatformsComparison of Several IaaS Cloud Computing Platforms
Comparison of Several IaaS Cloud Computing Platformsijsrd.com
 
Cloud Computing Security Issues in Infrastructure as a Service” report
Cloud Computing Security Issues in Infrastructure as a Service” reportCloud Computing Security Issues in Infrastructure as a Service” report
Cloud Computing Security Issues in Infrastructure as a Service” reportVivek Maurya
 
Introduction on Cloud Computing
Introduction on Cloud Computing Introduction on Cloud Computing
Introduction on Cloud Computing Sanjiv Pradhan
 
Cloud computing lecture 1
Cloud computing lecture 1Cloud computing lecture 1
Cloud computing lecture 1ADEOLA ADISA
 
A Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in CloudA Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in CloudIOSR Journals
 
Cloud Ecosystems A Perspective
Cloud Ecosystems A PerspectiveCloud Ecosystems A Perspective
Cloud Ecosystems A Perspectivejmcdaniel650
 
Cloud computing - dien toan dam may
Cloud computing - dien toan dam mayCloud computing - dien toan dam may
Cloud computing - dien toan dam mayNguyen Duong
 
Private Cloud With System Center Project
Private Cloud With System Center ProjectPrivate Cloud With System Center Project
Private Cloud With System Center ProjectAbhijit Kundu
 
Oruta phase1 report
Oruta phase1 reportOruta phase1 report
Oruta phase1 reportsuthi
 
Intro To Cloud Computing
Intro To Cloud ComputingIntro To Cloud Computing
Intro To Cloud Computingprakashjjaya
 
cloud computing notes for anna university syllabus
cloud computing notes for anna university syllabuscloud computing notes for anna university syllabus
cloud computing notes for anna university syllabusViolet Violet
 

Similaire à Understanding the Basics of Cloud Computing (20)

Overview of Cloud Computing
Overview of Cloud ComputingOverview of Cloud Computing
Overview of Cloud Computing
 
Cloud computing What Why How
Cloud computing What Why HowCloud computing What Why How
Cloud computing What Why How
 
Understanding the cloud computing stack
Understanding the cloud computing stackUnderstanding the cloud computing stack
Understanding the cloud computing stack
 
Cloud
CloudCloud
Cloud
 
Cloud Computing genral for all concepts.pptx
Cloud Computing genral for all concepts.pptxCloud Computing genral for all concepts.pptx
Cloud Computing genral for all concepts.pptx
 
What is cloud computing
What is cloud computingWhat is cloud computing
What is cloud computing
 
Cloud Computing: Overview & Utility
Cloud Computing: Overview & UtilityCloud Computing: Overview & Utility
Cloud Computing: Overview & Utility
 
G017324043
G017324043G017324043
G017324043
 
Comparison of Several IaaS Cloud Computing Platforms
Comparison of Several IaaS Cloud Computing PlatformsComparison of Several IaaS Cloud Computing Platforms
Comparison of Several IaaS Cloud Computing Platforms
 
Cloud Computing Security Issues in Infrastructure as a Service” report
Cloud Computing Security Issues in Infrastructure as a Service” reportCloud Computing Security Issues in Infrastructure as a Service” report
Cloud Computing Security Issues in Infrastructure as a Service” report
 
Introduction on Cloud Computing
Introduction on Cloud Computing Introduction on Cloud Computing
Introduction on Cloud Computing
 
Cloud computing lecture 1
Cloud computing lecture 1Cloud computing lecture 1
Cloud computing lecture 1
 
A Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in CloudA Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud Ecosystems A Perspective
Cloud Ecosystems A PerspectiveCloud Ecosystems A Perspective
Cloud Ecosystems A Perspective
 
Cloud computing - dien toan dam may
Cloud computing - dien toan dam mayCloud computing - dien toan dam may
Cloud computing - dien toan dam may
 
Private Cloud With System Center Project
Private Cloud With System Center ProjectPrivate Cloud With System Center Project
Private Cloud With System Center Project
 
Oruta phase1 report
Oruta phase1 reportOruta phase1 report
Oruta phase1 report
 
Intro To Cloud Computing
Intro To Cloud ComputingIntro To Cloud Computing
Intro To Cloud Computing
 
cloud computing notes for anna university syllabus
cloud computing notes for anna university syllabuscloud computing notes for anna university syllabus
cloud computing notes for anna university syllabus
 

Plus de Tarek Nader

UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014Tarek Nader
 
Leaders of Gartner Magic Quadrant 2014 for Secure Web Gateways
Leaders of Gartner Magic Quadrant 2014 for Secure Web GatewaysLeaders of Gartner Magic Quadrant 2014 for Secure Web Gateways
Leaders of Gartner Magic Quadrant 2014 for Secure Web GatewaysTarek Nader
 
Improving coverage and capacity in cellular systems
Improving coverage and capacity in cellular systemsImproving coverage and capacity in cellular systems
Improving coverage and capacity in cellular systemsTarek Nader
 
MicroStrip Antenna
MicroStrip AntennaMicroStrip Antenna
MicroStrip AntennaTarek Nader
 

Plus de Tarek Nader (6)

UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014
 
Leaders of Gartner Magic Quadrant 2014 for Secure Web Gateways
Leaders of Gartner Magic Quadrant 2014 for Secure Web GatewaysLeaders of Gartner Magic Quadrant 2014 for Secure Web Gateways
Leaders of Gartner Magic Quadrant 2014 for Secure Web Gateways
 
Mimo dr. morsi
Mimo dr. morsiMimo dr. morsi
Mimo dr. morsi
 
Improving coverage and capacity in cellular systems
Improving coverage and capacity in cellular systemsImproving coverage and capacity in cellular systems
Improving coverage and capacity in cellular systems
 
RTP
RTPRTP
RTP
 
MicroStrip Antenna
MicroStrip AntennaMicroStrip Antenna
MicroStrip Antenna
 

Dernier

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 

Dernier (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

Understanding the Basics of Cloud Computing

  • 1. © Peter R. Egli 2013 1/24 Rev. 1.70 Cloud Computing indigoo.com • Contents 1. What is cloud computing? 2. Why cloud computing? 3. Typical IaaS, PaaS, SaaS providers 4. Cloud provider landscape 5. Technology foundation of cloud computing 6. Cloud computing versus outsourcing 7. Hybrid clouds 8. Cloud security 9. Cloud risk management 10. Cloud certifications 11. Cloud standards
  • 2. © Peter R. Egli 2013 2/24 Rev. 1.70 Cloud Computing indigoo.com 1. What is cloud computing? (1/5) Could computing definition by NIST: NIST (National Institute of Standards and Technology, US non-regulatory federal agency) published a widely used and accepted definition of cloud computing: «Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction». Source: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf NIST defines cloud computing around 5 essential characteristics 3 service models 4 deployment models
  • 3. © Peter R. Egli 2013 3/24 Rev. 1.70 Cloud Computing indigoo.com 1. What is cloud computing? (2/5) 5 essential key characteristics of clouds: On-demand self-service computing resources (elasticity):  Automatic provisioning without human interaction with service provider. Broad network access:  Availability of cloud resources through various platforms (desktops, mobiles, workstations). Resource pooling:  Sharing of provider resources among customers (multi-tenant model).  Location transparency (customer is not aware of the location of the server resources). Rapid elasticity:  Resources can be allocated and released to scale according to demand. Measured service:  Monitoring resource usage, service assurance (SLA – Service Level Agreement).
  • 4. © Peter R. Egli 2013 4/24 Rev. 1.70 Cloud Computing indigoo.com 1. What is cloud computing? (3/5) 3 service models (1/2): 3 service models define the level of cloud service. IaaS PaaS SaaS IaaS – Infrastructure as a Service: IT infrastructure is provided as a service. IaaS comprises resources such as servers, network and simple mass storage. SaaS - Software as a Service: SaaS builds on top of PaaS and provides application-level services such as collaboration, ERP and document management. PaaS - Platform as a Service: PaaS provides platforms and run-time environments including middleware, messaging, databases and identity management.
  • 5. © Peter R. Egli 2013 5/24 Rev. 1.70 Cloud Computing indigoo.com 1. What is cloud computing? (4/5) 3 service models (2/2): IaaS, PaaS and SaaS define different levels of cloud services with regard to the traditional IT stack that is entirely managed by the inhouse IT department. Applications Data Runtime Middleware OS Virtualization Servers Storage Networking Traditional IT Applications Data Runtime Middleware OS Virtualization Servers Storage Networking IaaS Applications Data Runtime Middleware OS Virtualization Servers Storage Networking PaaS Applications Data Runtime Middleware OS Virtualization Servers Storage Networking SaaS Cloudprovidermanaged Cloudprovidermanaged Cloudprovider managed ITmanaged ITmanaged IT managed
  • 6. © Peter R. Egli 2013 6/24 Rev. 1.70 Cloud Computing indigoo.com 1. What is cloud computing? (5/5) 4 cloud deployment models: Private cloud: • Cloud is enterprise owned or leased. • Cloud is used by a single enterprise or organization. • Cloud equipment may exist on- or off-premise. • Private cloud may be internal (company premises) or external (provider hosted). • Typically operated by a third-party with the required skills to lower operating costs. Community cloud: • Shared infrastructure for a specific community. • May exist on- or off-premise. Public cloud: • Cloud is sold to the public, mega-scale infrastructure. • Exists on premises of cloud provider. Hybrid cloud: • Different cloud types combined. • Typically the base load is covered by a private cloud, load bursts handled by a public cloud computing resources («cloud bursting», «pay-as-you-go» cost model).
  • 7. © Peter R. Egli 2013 7/24 Rev. 1.70 Cloud Computing indigoo.com 2. Why cloud computing? (1/3) The rationale of cloud computing (for the customer) is reduced and linearly scaling costs. Cloud computing allows allocating required computing resources dynamically to demand. It scales linearly with the number of users, i.e. incurs no or little capital expenses (capex), only operating expenses (opex). Traditional IT: Cloud computing: Fixed costs (CapEx) Users / usage Costs Variable costs (OpEx) Users / usage Costs Data centers, servers etc. require a large up-front investment (CapEx). The infrastructure must be dimensioned to accommodate a certain peak load. Variable costs incur on top of CapEx (run-time licenses for users etc.). Fixed costs are transferred to the cloud provider and thus largely reduced for the customer (customer infrastructure reduced to network, workstations). Variable costs vary according to usage demand. The variable costs are reduced since the cloud provider exploits economy of scale. Variable costs (OpEx) Fixed costs (CapEx)
  • 8. © Peter R. Egli 2013 8/24 Rev. 1.70 Cloud Computing indigoo.com 2. Why cloud computing? (2/3) By means of pooling, a reduced number of servers can deliver the processing power demands of multiple customers (scaling effect) because customer’s processing demands are distributed over time (statistical multiplexing). Time Demand Time Demand Time Demand Customer 1 Customer 2 Customer 3 Combined processing power demand profile. Provisioned server performance can accommodate peak demands of customers.  «Peak of sums < sum of peaks». Peak demand that can not be serviced Peak demand Average processing power demand Unused (wasted) processing power
  • 9. © Peter R. Egli 2013 9/24 Rev. 1.70 Cloud Computing indigoo.com 2. Why cloud computing? (3/3) Business drivers for cloud computing: • High costs due to high server performance requirements to meet peak demands (low average server capacity usage: 15%). • Avoidance of CapEx. • Need for reduction of data center energy consumption. • High IT maintenance costs (IT staff, licenses). • Meet compliance requirements (data protection, security, data center access etc.). • Need for flexible data center usage arrangments (scale up when need arises for peak performance demands). Potential cost savings with cloud computing 50 – 90%.
  • 10. © Peter R. Egli 2013 10/24 Rev. 1.70 Cloud Computing indigoo.com 3. Typical IaaS, PaaS, SaaS providers Some key players in the cloud market: IaaS PaaS SaaS Simple storage. Content Delivery Network. Cloud servers. OS, node.js platform. Google App Engine (Java platform). Development and hosting platform. MS Office and collaboration appl. Cloud based CRM. Cloud based ERP.
  • 11. © Peter R. Egli 2013 11/24 Rev. 1.70 Cloud Computing indigoo.com 4. Cloud provider landscape (1/2) Cloud Service Providers (CSP): CSPs offer IaaS, PaaS and SaaS services as private, hybrid or public clouds. Cloud Service Brokers (CSB): CSBs resell and sometimes integrate CSP cloud services. CSBs focus on consultancy services, (help customers choose the right cloud solution, provide best practices for cloud deployment). Cloud Service Aggregators (CSA): CSAs integrate cloud services into value-added services, e.g. bundling storage services from different CSPs into a high-availability offering. CSB (Broker) CSP CSA (Aggr.) CSP CSP Customer
  • 12. © Peter R. Egli 2013 12/24 Rev. 1.70 Cloud Computing indigoo.com 4. Cloud provider landscape (2/2) IaaS, PaaS and SaaS Cloud Service Providers (CSP): Private Cloud Hybrid Cloud Public Cloud IaaS PaaS SaaS
  • 13. © Peter R. Egli 2013 13/24 Rev. 1.70 Cloud Computing indigoo.com 5. Technology foundation of cloud computing (1/2) Cloud computing is based on and made possible by a number of technologies. Virtualization: Virtualization is a crucial technology to completely decouple OS and software from the underlying hardware. This allows running multiple OS instances on a single server hardware. Grid technology: Often cloud computing is based on some kind of grid computing where a large number of physical servers is available to host and run cloud infrastructures, platforms and applications. When demand arises, services can be moved around the grid environment. Broadband network access: Diminishing differences in network bandwidth between LAN and WAN access make it possible to move entire applications to clouds. Distributed computing: Middleware and particularly web services provide the necessary interoperability for cloud- based distributed applications.
  • 14. © Peter R. Egli 2013 14/24 Rev. 1.70 Cloud Computing indigoo.com 5. Technology foundation of cloud computing (2/2) Web technologies: Web technologies, namely the HTTP/HTML/CSS/Javascript combo, define an interoperable standard client interface. Security protocols and technologies: Security is essential for cloud computing. The necessary technologies for authentication, privacy, authorization, key distribution and trust federation are available on different platforms. Service orientation: SOA as a core architectural principle allows to compose applications of a collection of services, each of which can be hosted in a cloud-based environment. Open source software: Clouds need tons of software. A wealth of open source software for virtually every aspect in cloud infrastructures is available and allows cloud providers to deliver high-level cloud services at reasonable costs.
  • 15. © Peter R. Egli 2013 15/24 Rev. 1.70 Cloud Computing indigoo.com 6. Cloud computing versus outsourcing Outsourcing: In a typical outsourcing arrangement, the providers offers a service according to the conditions of the customer. Usually the contracts and SLAs are different for each customer. Cloud: Typical cloud providers have a standard offering, usually high-volume commoditized services without the possibility for custom specific extensions. Provider Customer Contract Cloud Provider Customer Standard offering Customer
  • 16. © Peter R. Egli 2013 16/24 Rev. 1.70 Cloud Computing indigoo.com 7. Hybrid clouds (1/2) Why hybrid clouds? Hybrid clouds combine the benefits of private and public clouds. Private clouds: • Mainstay IT resources • Privacy and security • Enhanced control Public clouds: • Absorb temporal processing demand bursts (cloud bursting, load balancing) • Provide business continuity in case of private cloud outages (disaster recovery) • Help smooth out private cloud investments over time Public Private Burst out additional demand Smoother buildup of private cloud infrastructure
  • 17. © Peter R. Egli 2013 17/24 Rev. 1.70 Cloud Computing indigoo.com 7. Hybrid clouds (2/2) Criteria for offloading to a public cloud: While combining private and public clouds may bring overall benefit, a number of criteria need to be carefully assessed prior to deploying hybrid clouds. a. Level of security provided by public cloud provider b. SLA provided by public cloud provider (availability, recovery etc.) c. Compliance with data security regulations such as PCI DSS (Payment Card Industry) d. Network bandwidth demands between clients, servers and databases e. Platform requirements (Linux, Windows, software stacks, middleware and platforms) f. Compatibility of authentication, authorization and identity management between private and public cloud g. Unified management and administration of private and public clouds
  • 18. © Peter R. Egli 2013 18/24 Rev. 1.70 Cloud Computing indigoo.com 8. Cloud security (1/2) Typical cloud security concerns of customers: • Trust (do we trust the cloud provider?). • Data ownership issues (what happens if cloud provider goes bancrupt?). • Loss of physical control of data, infrastructure. • Customer isolation (how good are customers technically isolated from each other). • Legality of data transfer to an offshore cloud provider (see also «safe harbor»). • Concern about moving data to cloud providers that are attractive targets for hackers and crackers (high value targets). • Security of software components in the cloud infrastructure (are the components secure? Are they regularly updated with the latest security patches?). • Availability concerns (cloud infrastructure outage may bring operations of a company down). • Compliance and regulatory issues (HIPAA, SoX, ISO 27001, Basel II etc.).
  • 19. © Peter R. Egli 2013 19/24 Rev. 1.70 Cloud Computing indigoo.com 8. Cloud security (2/2) Cloud security advantages: Concerning security, clouds may also have advantages. • Dedicated security team (people trained for the purpose). • Defined and standardized security, ideally an integrated part of the SLA (service level agreement). • When customers use multiple cloud providers, applications are better isolated and protected than would be the case with BYO (build your own) IT infrastructure. • Greater resilience to outages (often intrinsically supported by cloud infrastructure). • Fault and redundancy mechanisms provided as part of the cloud offering. • Compliance delivered by cloud provider as part of the offering. • Defined monitoring and auditing of services by cloud provider.
  • 20. © Peter R. Egli 2013 20/24 Rev. 1.70 Cloud Computing indigoo.com 9. Cloud risk management (1/2) What are the risks in clouds? Traditional IT has its own set of risks to be addressed. On top of these risks, cloud computing adds many more risks in various fields such as IT fragmentation ("shadow IT"), infrastructure security, compliance, business continuity and data management. Deloitte's «Cloud Computing Risk Intelligence Map» provides an excellent overview of potential cloud risk areas. Risk management frameworks: A holistic approach for risk management is a must in every cloud strategy. Risk management frameworks provide a structured and disciplined approach for managing ICT risks including: a. risk identification b. risk analysis and evaluation c. risk classification and prioritization d. risk mitigation and control measures e. risk monitoring
  • 21. © Peter R. Egli 2013 21/24 Rev. 1.70 Cloud Computing indigoo.com 9. Cloud risk management (2/2) Risk management frameworks: Existing IT management frameworks address cloud risks to a varying degree: Framework Title Risk Management Audit, certification & attest for organizations COBIT 5 Control Objectives for Information and Related Technology Risk IT Framework (addresses all IT related risks) Yes (COBIT assessment) ITIL V3 Information Technology Infrastructure Library Yes (risk management for IT services) No ISO/IEC 2700X Information Security Management Systems (Series of standards) Information security risk management (ISO/IEC 27005) Yes PCI DSS Payment Card Industry Data Security Standard No, but requires a process for risk management Yes CSA Cloud Security Alliance GRC Stack (Governance, Risk, Compliance) STAR Self-assessment STAR Certification STAR Attestation COSO ERM Committee of Sponsoring Organizations of the Treadway Commission ERM – Enterprise Risk Management No OCTAVE Operationally Critical Threat, Asset, and Vulnerability Evaluation Information Security Risk Management No
  • 22. © Peter R. Egli 2013 22/24 Rev. 1.70 Cloud Computing indigoo.com 10. Cloud certifications To date, there is no single certification program in place for approving cloud provider's (CSPs) adherence to security and confidentiality guidelines. A number of programs and certifications exist that may help to evaluate a CSPs compliance with security best practices. Certification Authority / Issuer Scope Applicability IEC27001 IEC / 3rd party audit Information Security Management CSPs HIPAA US Government, 3rd party audit Protection of health-related information Health Care Providers PCI DCS Payment Card Industry Security Standards Council IT security Payment Service Providers FedRAMP Federal Risk and Authorization Management Program Central certification agency for U.S. agencies. Defined and required criteria for U.S. gov. agencies to use a cloud provider. US agencies EU SafeHarbor Compliance Self-certification Data protection, information security All companies exchanging data with the US SSAE 16, SOC 1-3 Service Organization Control Operational Controls, Security, Privacy, Confidentiality Most applicable for CSPs that do financial data processing EuroCloud Star Audit Cloud Security Alliance Self-assessment, certification, attestation Only general statement on cloud provider quality (1-5 stars) CSPs
  • 23. © Peter R. Egli 2013 23/24 Rev. 1.70 Cloud Computing indigoo.com 11. Cloud standards (1/2) Clouds are still mostly based on proprietary technology. However, standards are emerging to improve interoperability between customer, CSP and CSA. Auth. Service Cloud Infrastructure Management Layer Customer Cloud Infrastructure Mgt. CDMI Virtualization Layer IaaS, PaaS, SaaS Cloud Infrastructure Stack OVF Service Front End Customer Users CIM, CIMI Service Front End SAML, XACML Service Abstraction Layer TOSCA Customer Cloud Service Mgt. Occi CSP
  • 24. © Peter R. Egli 2013 24/24 Rev. 1.70 Cloud Computing indigoo.com 11. Cloud standards (2/2) Body Standard Scope / goal Link Distributed Management Task Force (DMTF) OVF – Open Virtualization Format Portability and deployment of virtual applicances (VMs) http://dmtf.org/standards/ovf OASIS SAML, XACML Access Control based on XML (authorization of data access) https://www.oasis- open.org/standards Open Grid Forum (OGF) Occi – Open Cloud Computing Interface Open and standard API for customers to access and manage (mostly) IaaS-type services (infrastructure) http://occi-wg.org/ Storage Networking Industry Association (SNIA) CDMI – Cloud Data Management Interface Standard interface for applications to access data elements (store, retrieve, update, delete) http://www.snia.org/cdmi Cloud Management Working Group (CMWG) CIMI – Cloud Infrastructure Management Interface CIM – Common Information Model Standard cloud management interface http://dmtf.org/ OASIS TOSCA – Topology and Orchestration Specification for Cloud Applications Standardization of higher level cloud services so these are easily portable across providers (e.g. standardized storage service, service choreography) https://www.oasis- open.org/committees/tosca