1.

Cloud Computing NIST model

The National Institute of Standards and Technology (NIST), a US
Government body, defines the standard protocol for cloud computing
providers. Vendonors then develop their cloud platform while following the
defined standard guidelines and start their operational engagement with
enterprise business systems.
Leading cloud service providers map their services to the NIST reference
model. IBM, Microsoft, Oracle, and Amazon are leading companies in the
market which provide cloud service that comply with the NIST reference
model. The reference model:

● Describes the domain and key concepts.

● Provides a shared vision, understanding, and taxonomy.
● Reduces complexity to enhance the development of new products.
● Provides a guide for interoperability and standards.
● Provides a model for functions and services of cloud
implementations.

NIST MODEL

Essential Characteristics:
On-demand self-services:
The Cloud computing services does not require any human administrators,
user themselves are able to provision, monitor and manage computing
resources as needed.
Broad network access:
The Computing services are generally provided over standard networks
and heterogeneous devices.
Rapid elasticity:
The Computing services should have IT resources that are able to scale
out and in quickly and on as needed basis. Whenever the user require
services it is provided to him and it is scale out as soon as its requirement
gets over.
Resource pooling:
The IT resource (e.g., networks, servers, storage, applications, and
services) present are shared across multiple applications and occupant in
an uncommitted manner. Multiple clients are provided service from a same
physical resource.
Measured service:
The resource utilization is tracked for each application and occupant, it will
provide both the user and the resource provider with an account of what
has been used. This is done for various reasons like monitoring billing and
effective use of resource.

Service Models:

Software as a Service (SaaS). The capability provided to the consumer is

to use the provider’s applications running on a cloud infrastructure . The
applications are accessible from various client devices through either a thin
client interface, such as a web browser (e.g., web-based email), or a
program interface.
Platform as a Service (PaaS). The capability provided to the consumer is
to deploy onto the cloud infrastructure consumer-created or acquired
applications created using programming languages, libraries, services, and
tools supported by the provider.
Infrastructure as a Service (IaaS). The capability provided to the
consumer is to provision processing, storage, networks, and other
fundamental computing resources where the consumer is able to deploy
and run arbitrary software, which can include operating systems and
applications.

Deployment Models:
Public cloud As the name suggests, this type of cloud deployment
model supports all users who want to make use of a computing resource,
such as hardware (OS, CPU, memory, storage) or software (application
server, database) on a subscription basis.

Private cloud True to its name, a private cloud is typically infrastructure

used by a single organization. Such infrastructure may be managed by the
organization itself to support various user groups, or it could be managed
by a service provider that takes care of it either on-site or off-site.

Community cloud This deployment model supports multiple organizations

sharing computing resources that are part of a community; examples
include universities cooperating in certain areas of research, or police
departments within a county or state sharing computing resources.

Hybrid cloud In a hybrid cloud, an organization makes use of

interconnected private and public cloud infrastructure.

2. Cloud Computing Deployment Models

Cloud deployment model indicate how the cloud services are made

available to users. The four deployment models associated with cloud
computing are as follows:
Public cloud As the name suggests, this type of cloud deployment
model supports all users who want to make use of a computing resource,
such as hardware (OS, CPU, memory, storage) or software (application
server, database) on a subscription basis.

Private cloud True to its name, a private cloud is typically infrastructure

used by a single organization. Such infrastructure may be managed by the
organization itself to support various user groups, or it could be managed
by a service provider that takes care of it either on-site or off-site.

Community cloud This deployment model supports multiple organizations

sharing computing resources that are part of a community; examples
include universities cooperating in certain areas of research, or police
departments within a county or state sharing computing resources.

Hybrid cloud In a hybrid cloud, an organization makes use of

interconnected private and public cloud infrastructure. Many organizations
make use of this model when they need to scale up their IT infrastructure
rapidly, such as when leveraging public clouds to supplement the capacity
available within a private cloud.

3. Comparison of cloud computing with traditional

computing architecture

The differences between cloud computing and traditional

IT infrastructure
Elasticity and resilience
The information and applications hosted in the cloud are evenly distributed
across all the servers, which are connected to work as one. Therefore, if
one server fails, no data is lost and downtime is avoided. The cloud also
offers more storage space and server resources, including better
computing power. This means your software and applications will perform
faster.

Traditional IT systems are not so resilient and cannot guarantee a

consistently high level of server performance. They have limited capacity
and are susceptible to downtime, which can greatly hinder workplace
productivity.

Flexibility and Scalability

Cloud hosting offers an enhanced level of flexibility and scalability in
comparison to traditional data centres. The on-demand virtual space of
cloud computing has unlimited storage space and more server resources.
Cloud servers can scale up or down depending on the level of traffic your
website receives, and you will have full control to install any software as
and when you need to. This provides more flexibility for your business to
grow.

With traditional IT infrastructure, you can only use the resources that are
already available to you. If you run out of storage space, the only solution is
to purchase or rent another server.If you hire more employees, you will
need to pay for additional software licences and have these manually
uploaded on your office hardware. This can be a costly venture, especially
if your business is growing quite rapidly.

Automation
A key difference between cloud computing and traditional IT infrastructure
is how they are managed. Cloud hosting is managed by the storage
provider who takes care of all the necessary hardware, ensures security
measures are in place, and keeps it running smoothly. Traditional data
centres require heavy administration in-house, which can be costly and
time consuming for your business. Fully trained IT personnel may be
needed to ensure regular monitoring and maintenance of your servers –
such as upgrades, configuration problems, threat protection and
installations.

Running Costs
Cloud computing is more cost effective than traditional IT infrastructure due
to methods of payment for the data storage services. With cloud based
services, you only pay for what is used – similarly to how you pay for
utilities such as electricity. Furthermore, the decreased likelihood of
downtime means improved workplace performance and increased profits in
the long run.

With traditional IT infrastructure, you will need to purchase equipment and

additional server space upfront to adapt to business growth. If this slows,
you will end up paying for resources you don’t use. Furthermore, the value
of physical servers decreases year on year, so the return on investment of
investing money in traditional IT infrastructure is quite low.

Security
Cloud computing is an external form of data storage and software delivery,
which can make it seem less secure than local data hosting. Anyone with
access to the server can view and use the stored data and applications in
the cloud, wherever internet connection is available. Choosing a cloud
service provider that is completely transparent in its hosting of cloud
platforms and ensures optimum security measures are in place is crucial
when transitioning to the cloud. Please see our How Secure Is Cloud
Computing? page for more information.

With traditional IT infrastructure, you are responsible for the protection of

your data, and it is easier to ensure that only approved personnel can
access stored applications and data. Physically connected to your local
network, data centres can be managed by in-house IT departments on a
round-the-clock basis, but a significant amount of time and money is
needed to ensure the right security strategies are implemented and data
recovery systems are in place.

4. Service level agreements in Cloud computing

A service level agreement (SLA) is a technical services performance

contract. SLAs can be internal between an in-house IT team and end-
users, or can be external between IT and service providers such as cloud
computing vendors.
 Life cycle of SLA

Benefits of the SLA :-

● Protects both parties: When internal IT deploys a new application,
they work closely with end users to make sure everything is working.
They track application success by emails and phone calls, and if
there is a problem they get on the phone with the vendor to solve it.
● Guarantees service level objectives: The cloud provider agrees to
the customer’s SLOs and can prove it reached them. If there is a
problem, then there is a clear response and solution mechanism. This
also protects the provider. If a customer saved money by agreeing to
a 48-hour data recovery window for some of their applications, then
the provider is entirely within its rights if it takes 47 hours.
● Quality of service: The customer does not have to guess or assume
levels of service. They get frequent reports on the metrics that are
meaningful to them. And if the cloud computing provider fails an
agreement, then the customer has recourse via negotiated penalties.

Service level agreements are also defined at different levels which are

mentioned below:
● Customer-based SLA

● Service-based SLA

● Multilevel SLA

Service Level Agreements usually specify some parameters which are

mentioned below:
 ● Availability of the Service (uptime)
● Latency or the response time
● Service components reliability
● Each party accountability
● Warranties

5. Data Security and Storage in Cloud Computing

Cloud-based internet security is an outsourced solution for storing data.

Instead of saving data onto local hard drives, users store data on Internet-
connected servers. Data Centers manage these servers to keep the data
safe and secure to access.
Enterprises turn to cloud storage solutions to solve a variety of problems.
Small businesses use the cloud to cut costs. IT specialists turn to the cloud
as the best way to store sensitive data.Any time you access files stored
remotely, you are accessing a cloud.

Data security in Cloud computing

How Secure is Cloud Storage :- All files stored on secure cloud servers
benefit from an enhanced level of security. The security credential most
users are familiar with is the password. Cloud storage security vendors
secure data using other means as well. Some of these include:

● Advanced Firewalls: Firewalls inspect traveling data packets.

Simple ones only examine the source and destination data.
Advanced ones verify packet content integrity. These programs then
map packet contents to known security threats.

● Intrusion Detection: Online secure storage can serve many users at

the same time. Successful cloud security systems rely on identifying
when someone tries to break into the system. Multiple levels of
detection ensure cloud vendors can even stop intruders who break
past the network’s initial defences.

● Event Logging: Event logs help security analysts understand

threats. These logs record network actions. Analysts use this data to
build a narrative concerning network events. This helps them predict
and prevent security breaches.

● Internal Firewalls: Not all accounts should have complete access to

data stored in the cloud. Limiting secure cloud access through
internal firewalls boosts security. This ensures that even a
compromised account cannot gain full access.

● Encryption: Encryption keeps data safe from unauthorized users. If

an attacker steals an encrypted file, access is denied without finding
a secret key. The data is worthless to anyone who does not have the
key.
● Physical Security: Cloud data centers are highly secure. Certified
data centers have 24-hour monitoring, fingerprint locks, and armed
guards. These places are more secure than almost all on-site data
centers. Different cloud vendors use different approaches for each of
these factors. For instance, some cloud storage systems keep user
encryption keys from their users.