Department of information technology

GC University faisalbad
Assignment:Cloud Computing
Submitted To:Mam Nosheen Ashraf
Submitted By:Kashif Muneer
Roll No:15141
Class:BS-IT
Smester:7th

Q1:
SaaS
SaaS Cloud Computing Security ArchitectureSaaS services provide access to software
applications and data through a browser. The specific terms of security responsibility may vary
between services, and are sometimes up for negotiation with the service provider.Cloud Access
Security Brokers (CASB) offers logging, auditing, access control and encryption capabilities that
can be critical when investigating security issues in a SaaS product. In addition, make sure your
SaaS environment has:Logging and alertingIP whitelists and/or blacklistsAPI gateways, in case
the service is accessed via API

SaaS enables users to use and access the cloud provider’s applications that are running on the
provider’s infrastructure from thin client or program interfaces.

Examples: There are loads: Google G-Suite, Dropbox, Cisco Webex, Concur, Microsoft O365,
Genesys, PayPal
Common Use Cases: SaaS is a comfortable service model for applications that are highly
interoperable – used by multiple users internally and externally – and for short-term projects.
SaaS models are preferred by small and medium-sized businesses that do not wish to invest
heavily in IT maintenance.

PaaS
PaaS Cloud Computing Security ArchitecturePaaS platforms enable organizations to build
applications without the overhead and complexity associated with managing hardware and
back-end software. In a PaaS model, the CSP protects most of the environment. However, the
company is still responsible for the security of the applications it is developing.Therefore, a PaaS
security architecture is similar to a SaaS model.

PaaS offers an even greater abstraction of cloud service, offering users the capability to build or
deploy applications using tools (i.e. programming languages, libraries, services) without
maintaining the underlying infrastructure. Users instead have control over the applications
themselves.

Examples: Salesforce, AWS Elastic Beanstalk, Heroku, Google App Engine (GAE), and OpenShift

Common Use Cases: PaaS is highly available and highly scalable, and it gives organizations the
ability to build and create new services and solutions without the need for highly skilled
developers focused on software maintenance. PaaS is preferred by IT in hybrid cloud
environments.

Q2:
what is virtualization in cloud computing?
Virtualization is a technique of how to separate a service from the underlying physical delivery
of that service. It is the process of creating a virtual version of something like computer
hardware. It was initially developed during the mainframe era. It involves using specialized
software to create a virtual or software-created version of a computing resource rather than the
actual version of the same resource. With the help of Virtualization, multiple operating systems
and applications can run on same machine and its same hardware at the same time, increasing
the utilization and flexibility of hardware.

In other words, one of the main cost effective, hardware reducing, and energy saving
techniques used by cloud providers is virtualization. Virtualization allows to share a single
physical instance of a resource or an application among multiple customers and organizations at
one time. It does this by assigning a logical name to a physical storage and providing a pointer to
that physical resource on demand.

executing applications but also for storage, memory, and network.The machine on which the
virtual machine is going to be build is known as Host Machine and that virtual machine is
referred as a Guest Machine.

Server Virtualization:
Server virtualization is a process that creates and abstracts multiple virtual instances on a single
server. A server administrator uses virtualization software to partition one physical server into
multiple isolated virtual environments; each virtual environment is capable of running
independently. The virtual environments are sometimes called virtual private servers, but they
are also known as guests, instances, containers or emulations.

Single, dedicated servers can only run one operating system (OS) instance at a time. Each single
dedicated server requires its own OS, memory, central processing unit (CPU), disk and other
hardware to properly operate. Server virtualization can be viewed as part of an overall
virtualization trend in enterprise IT that includes storage virtualization, network virtualization
and workload management.

How does server virtualization work?

Server virtualization works by partitioning software from hardware using a hypervisor.

Hypervisors come in different types and are used in different scenarios. The most common
hypervisor -- Type 1 -- is designed to sit directly on a server, which is why it is also called a bare-
metal hypervisor. Type 1 hypervisors provide the ability to virtualize a hardware platform for use
by VMs. Type 2 hypervisors are run as a software layer atop a host operating system and are
used more often for testing/labs.

Application Virtualizaion:
Microsoft Application Virtualization, also known as App-V, is a component of the Microsoft
Desktop Optimization Pack. It allows for easier management and maintenance of the
application since it technically resides on a platform separated from the operating system of the
client device. The purpose of the App-V Management Server is to deliver prepackaged and
configured applications in an “on-demand” fashion to a workstation running the App-V Desktop,
and Terminal Services clients. The App-V Management Server uses Microsoft SQL Server for its
data store. Multiple App-V servers can share a single data store. The App-V server authenticates
requests, provides security, metering, monitoring, and data gathering. Active Directory is used
to manage users and applications.

Some application virtualization solutions such as VMware's ThinApp offer the ability to stream
the application to a user's desktop from a file server. By using this approach administrators can
update a single file on a centralized file server so that the next time users start the application,
they will get the latest version of that application.

Q3:
(A)Billing and Metering services in cloud computing
Metering:
Metering is the process of collecting and calculating cloud resource usage. Metering also
involves pricing this resource usage to calculate cost.

Cloud Platforms record events and other information about deployed cloud resources. Some of
these events are relevant for metering. For example, starting and stopping a virtual machine
may generate a corresponding stream of events that describes how long the virtual machine
was running. For example, we can use data from the cloud platform to calculate how much
RAM-hours and vCPU-hours a virtual machine consumed in a given period. Typically usage is the
product of a quantity and a duration, i.e. a single vCPU used for an hour. But their may be other
usage units as well that consist only of quantities (i.e. bytes transferred over the network) or a
duration (i.e. resource usage hour).

A product catalog also contains pricing rules that determine the cost for a particular resource
usage.

Billing:
Billing is the process of attributing resource usage to cloud tenants and creating appropiate
invoices.

There are two principal steps to the billing process. The first is creating periodic (e.g. monthly)
Tenant Usage Reports that aggregate cloud resource usage data for tenants. meshStack makes
Tenant Usage Reports available to all involved users, i.e. customer & project owners, platform
operators and partners.

The second is invocing the customer according to agreed terms for this usage. This may also
involve applying additional pricing and discount rules to aggregated usage reports, i.e. volume
discounts.

(B)Tooling and automation in cloud computing

Tooling:
Cloud vendors are delivering boatloads of new tools to help enterprise IT build, buy, manage,
monitor, tweak and track cloud services. These tools are designed to help IT execs free up their
budgets and their staff so both can be used towards more strategic, line of business projects

Company: Cloudyn

Product: S3 Life-Cycle Tracker, EC2 Reservation Detector, RDS Reservation Detector

Category: Cloud Optimization

Automation:
Cloud automation is a fundamental building block for the cloud computing paradigm.

Automation aims to make all activities related to cloud computing as fast, efficient, and as hands
off as possible through the use of various software automation tools which are installed directly
on the virtualization platform or software and controlled via an intuitive interface.Cloud
automation is meant to alleviate the complexity that comes with cloud computing
orchestration, which is the deployment of the different resources and modules in a cloud
computing or virtualized environment.

This is mainly because of the number of things to do like deploying individual virtual machines
plus their set-up, not to mention set-up and deployment of other virtualized infrastructures
such as server and storage clusters and virtual networks, as well as monitoring and managing
the health of the entire system.

Q4:
Framwork of common cloud management platform
A cloud management platform (CMP) is a suite of software tools that organizations use to gain
visibility into their cloud deployments. IT admins use these tools to control and monitor cloud
computing resources. This allows for better control of cloud environments, optimization of costs
and performance, and enhancement of security.

Cloud management platform architecture varies widely. While some CMPs are on-premises
applications, others are software-as-service (SaaS) products. These tools vary widely based on
their features, flexibility, ease of use, and cost.

Layer 1: Cloud Portal and Self-Service Portal

This is the top layer. It represents the web user interface with which the client interacts. Clients
can place orders, track, and manage their cloud service subscriptions.

Layer 2: Automated Provisioning, Orchestration and Service Design

This is the middle layer. It represents the orchestrating, automation, workflow, and resource
management functionality.

Layer 3: Network Operations and Management Suite

This is the bottom later. It’s responsible for network management. This is where security,
systems monitoring, and capacity management functionality monitor cloud infrastructure. It
also integrates with existing data center operations management tools.