ASSIGNMENT 2 FRONT SHEET

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit 16: Cloud Computing

Submission date Date Received 1st submission

Re-submission Date Date Received 2nd submission

Student Name Chu Tiến Đạt Student ID GCS18584

Class GCS0706A Assessor name Ho Nguyen Phu Bao

Student declaration

I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that
making a false declaration is a form of malpractice.

Student’s signature

Grading grid

P5 P6 P7 P8 M3 M4 D2 D3
 Summative Feedback:  Resubmission Feedback:

Grade: Assessor Signature: Date:

Signature & Date:

ASSIGNMENT 2 BRIEF
Qualification BTEC Level 5 HND Diploma in Computing

Unit number Unit 9: Cloud Computing

Assignment title Cloud’s implementation and security threats

Academic Year 2020

Unit Tutor Ho Nguyen Phu Bao

Page 2
Issue date Submission date

IV name and date

Submission Format:

Format: A presentation in Power Point format(about 25 pages)

A security manual(in PDF format)
You must use font Calibri size 12, set number of the pages and use multiple line spacing at
1.3. Margins must be: left: 1.25 cm; right: 1 cm; top: 1 cm and bottom: 1 cm. The reference
follows Harvard referencing system.
Submission Students are compulsory to submit the assignment in due date and in a way requested by
the Tutors. The form of submission will be a soft copy posted on
http://cms.greenwich.edu.vn/
Note: The Assignment must be your own work, and not copied by or from another student or from
books etc. If you use ideas, quotes or data (such as diagrams) from books, journals or other sources, you
must reference your sources, using the Harvard style. Make sure that you know how to reference properly,
and that understand the guidelines on plagiarism. If you do not, you definitely get failed

Unit Learning Outcomes:

LO3 Develop Cloud Computing solutions using service provider’s frameworks and open source tools.

LO4 Analyse the technical challenges for cloud applications and assess their risks

Assignment Brief and Guidance:

Task 1

Base on the scenario and architecture design in the first assignment provide the implementation.
Because of the time constraint of the assignment, the implementation just provides some demo
functions of the scenario. The implementation includes two parts:

 A presentation (about 25 pages)

o which shows which functions are implemented
o How to config, deploy and test the services (Web application, Database Server, Source
code management, server logs..) using service provider’s frameworks and open source
tools.
o Images for the built functions
 The source code for the built application

Page 3
Task 2

The table of contents in your security manual (which should be 500–700 words) should be as follows:

1. Analysis of the most common problems of a cloud computing platform.

2. Possible solutions to these problems.
3. Analysis of the most common security issues in the cloud environment.
4. Discussion on how to overcome these issues.
5. Summary.

Page 4
 Learning Outcomes and Assessment Criteria

Pass Merit Distinction

LO3 Develop Cloud Computing solutions using service provider’s frameworks

and open source tools
P5 Configure a Cloud Computing
platform with a cloud service
provider’s framework.
D2 Critically discuss how one can
M3 Discuss the issues and overcome these issues and
constraints one can face during the constraints.
development process.

P6 Implement a cloud platform using

open source tools.

LO4 Analyse the technical challenges for cloud applications and assess their
risks

P7 Analyse the most common M4 Discuss how to overcome these D3 Critically discuss how an
problems which arise in a Cloud security issues when building a organisation should protect their
Computing platform and discuss secure cloud platform. data when they migrate to a cloud
appropriate solutions to these solution.
problems.
P8 Assess the most common security
issues in cloud environments.

Page 5
Contents
P5 Configure a Cloud Computing platform with a cloud service provider’s framework. ............................................ 7
I. Top Cloud Service Providers ................................................................................................................................ 7
1. Amazon Web Services .................................................................................................................................... 7
2. Microsoft Azure .............................................................................................................................................. 7
4. Vmware .......................................................................................................................................................... 7
5. Salesforce ....................................................................................................................................................... 8
6. IBM Cloud ....................................................................................................................................................... 8
1. Foundation for almost any use case ............................................................................................................... 8
2. Feature-intensive and more intensive ............................................................................................................ 9
3. Security is recognized as stronger than the on-premises platform ................................................................. 9
4. Extensive vision for compliance and management ......................................................................................... 9
5. Combination feature ...................................................................................................................................... 9
6. Regional Network and Global Edge Locations ................................................................................................ 9
1 Open source cloud ............................................................................................................................................. 10
P7 Analyse the most common problems which arise in a Cloud Computing platform and discuss appropriate
solutions to these problems..................................................................................................................................... 12
P8 Assess the most common security issues in cloud environments. ....................................................................... 13
Discuss how to overcome these security issues when building a secure cloud platform...................................... 16
References: .............................................................................................................................................................. 18

Page 6
P5 Configure a Cloud Computing platform with a cloud service
provider’s framework.
I. Top Cloud Service Providers
1. Amazon Web Services
AWS is Amazon's cloud web hosting platform which offers fast, flexible, reliable and costeffective
solutions. It is one of the top cloud service providers which offers a service in the form of building
block which can be used to create and deploy any kind of application in the cloud. It is the most
popular as it was the first to enter the cloud computing space.
Features:
• Easy sign-up process
• Fast Deployments
• Allows easy management of add or remove capacity
• Access to effectively limitless capacity
• Centralized Billing and management
• It is one of the cloud companies that offers Hybrid Capabilities and per hour billing.
2. Microsoft Azure
Azure is a cloud platform which is launched by Microsoft in February 2010. This open source and
flexible cloud platform which helps in development, data storage, service management & hosting
solutions.
Features:
• Windows Azure offers the most effective solution for your data needs
• Provides scalability, flexibility, and cost-effectiveness
• Offers consistency across clouds with familiar tools and resources
• Allow you to scale your IT resources up and down according to your business needs.
3. Google Cloud Platform
Google Cloud is a set of solution and products which includes GCP & G suite. It is one of the top cloud
service providers which helps you to solve all kind of business challenges with ease.
Features:
• It is one of the cloud companies that allows you to scale with open, flexible technology
• Solve issues with accessible AI & data analytics
• Eliminate the need for installing costly servers
• Allows you to transform your business with a full suite of cloud-based services.
4. Vmware
VMware is a comprehensive cloud management platform. It helps you to manage a hybrid
environment running anything from traditional to container workloads. The tools also allow you to
maximize the profits of your organization.
Page 7
Features:
• Enterprise-ready Hybrid Cloud Management Platform
• Offers Private & Public Clouds
• Comprehensive reporting and analytics which improve the capacity of forecasting & planning
• Offers additional integrations with 3rd parties and custom applications, and tools.
• Provides flexible, Agile services
5. Salesforce
Salesforce cloud computing offers multiple cloud services like Sales Cloud, Service Cloud, Marketing
Cloud, etc. It is one of the top cloud computing companies which helps you to accelerate the
production of your environment
Features:
• Salesforce Service Cloud offers 24 * 7 support
• Allows you to take the right and decisive decisions about your business
• Helps in managing the customer's contact information, automating the business processes, etc..
6. IBM Cloud
IBM cloud is a full-stack cloud platform that spans public, private, and hybrid environments. It is one
of the best cloud providers which is built with a robust suite of advanced and AI tools.
Features:
• IBM cloud offers infrastructure as a service (IaaS), software as a service (SaaS), and platform as a
service (PaaS)
• IBM Cloud is used to build pioneering which helps you to gain value for your businesses
• It offers high performing cloud communications and services into your IT environment
7. Dell Cloud
Dell offers a cloud platform, cloud-enabled infrastructure, models, and serves in a single place. It
allows your own or selects from reference architecture, integrated, and public cloud platforms.
Features:
• Cloud that works with your existing operations
• Cloud consumption using Dell Financial Services
• Accelerate your transformation with expert Dell cloud services provider help.
II. Types of cloud service providers
Features of Amazon Web Services
1. Foundation for almost any use case
From data storage to deployment tools, directories to content delivery, over 50 services will be
available in just a few clicks using AWS. New services are provided quickly, without upfront capital
costs, allowing businesses, start-ups, SMEs, and public sector customers to access Consolidation is
required to respond quickly to changing business requirements.

Page 8
2. Feature-intensive and more intensive
After nearly a decade of close collaboration with organizations like Pinterest, GE, and MLB, the AWS
Cloud enables customers to collaborate in a whole new way. In-depth features such as a wide range
of database tools, server configuration, encryption, and powerful data tools let you focus on your
core business, not your core business. is focusing on protection infrastructure or cooling system.
3. Security is recognized as stronger than the on-premises platform
Security in the cloud is recognized as better than the on-premises platform. Extensive security
accreditation and certification, data encryption on shutdown and in transit, and robust physical
security and hardware security modules all contribute to a way of managing infrastructure. IT layer of
the business is more secure.
4. Extensive vision for compliance and management
Controlling, testing, and managing identity, configuration, and usage is an important part of today's
IT infrastructure. With the AWS Cloud, these features are built into the platform to help you meet
your regulatory, regulatory, and compliance requirements.
5. Combination feature
Choosing between the current investment in infrastructure and moving to the cloud is not an easy
decision. In-depth features, connectivity-specifics, identity binding, and built-in tools allow you to run
"hybrid" applications across on-premises and cloud services.
6. Regional Network and Global Edge Locations
AWS Cloud spans over 55 Availability Zones in 18 Geographic Regions and 1 Local Area around the
world, with announced plans for 12 Availability Zones and four other Bahraini Regions, Special
Administrative Regions Hong Kong, Sweden and a second AWS GovCloud region in the United States.
Basic services
Amazon Web Service provides many services and applications:
- Calculate (Compute)
- Storage (Storage)
Networking & Content Delivery (Networking & Content Delivery)
- Development Tools (Developer Tools)
- Management tools (Management Tools)
- Analytic
- Machine learning (Machine Learning)
- Virtual reality technology (AR & VR)
- Customer Engagement (Customer Engagement)
- Application Integration (Application Intergration)
- Business Productivity (Business Productivity)
- Desktop & App Streaming (Desktop & App Streaming)

Page 9
Each of the above services is divided into smaller services, for example, storage services include simple
storage service (Amazon Simple Storage Service - S3), storage by block (Amazon Elastic Block Storage
- EBS), system file (Amazon Elastic File System - EFS).
The basic AWS services can be visualized in the following image. Include VPC, EC2, RDS, S3.
P6 Implement a cloud platform using open source tools.
1 Open source cloud
In my website, I use a free open source cloud on Heroku that attaches to PostgreSQL to work as a database

As a free service, data storage on Heroku only offers the maximum number of command rows as well
as 20 connections at a time.

Heroku also kept my database secure, one with an encrypted and hard-to-remember username and
password.

Page 10
Deploying steps on Heroku
First, we access our Heroku account and choose to Create a new app.

After that, enter the application and access the deploy tab
Then, I choose Github as a method to store and deploy my code into Heroku. To do that, I connect my
Github account and search for the repository that contains my source code.

Page 11
My website on Heroku
Link Customer page: https://stark-mesa-36747.herokuapp.com/#

P7 Analyse the most common problems which arise in a Cloud

Computing platform and discuss appropriate solutions to these
problems.

In general, with the cloud computing model the biggest drawback is the issue of security
and privacy of users, besides the problem of data loss can occur when system errors, the
hacker can cause loss to users as well but suppliers are also unavoidable. Although it is an
advanced technology that has a tremendous capacity and quick access, overload can still
cause some big problems. But this is also a common disadvantage can be seen in previous
virtual servers. Some can be mentioned and its solutions are
_ Security

Page 12
ATN should deploy multi-factor authentication and more password layers, also can apply
biometric security to make sure everything is under control. Access permission related to
passwords and usernames should only be given to those who require them.
_ Knowledge/ Human Error
It is important to training ATN’s staffs about the process and tools of the could computing,
or we can also recruit more staff major in this field. Ensuring their knowledge also
importantly contributes to the management of ATN’s business.
_ Cost
For some circumstances, such as small company cost is not really a big problem, but in a
large and complex one, it is a major concern. So, we need to plan the most fit technique of
Cloud Computing, define budget, limit, targets, condition, etc. And also, suitable service
model (PaaS). Then, we can minimize the redudant cost.

_ Attack by Hacker
We can use some techniques, such as, keep all security layers up-to-date, make security
become a core aspect for all operations, make sure employees practices the best with cloud
computing, prevent leakage data, and apply security for any open source software.
_ Flexibility
Utilizing a cloud provider to help ATN with executing, supporting cloud admin.
_Loss of Data
Data can be lost due to disaster, system suspended. And we can only back up data on the
cloud regularly to stop this problem.
_Challenging in handle Cloud Computing
We must use some Cloud management tools to support ATN’s business, for example
OpenStack, Symantec Web and Cloud Security, Microsoft Azure Cost Management.

P8 Assess the most common security issues in cloud environments.

Page 13
Data Security Risks

Because of enormous structure, cost off organizations are slowly swapping to cloud
technology. As data do not reside in organization place, many complex challenges also will
arise.

When the processing and storage of data is outsourced to infrastructure owned and
sustained by a thirdparty company, this leads to a host of issues to consider when capturing
data.

_Reporting, Auditing and compliance concerns.

_ Loss off standards how to securely recycle/erase existing data.

_ Cloud service models with multi-tenants distributing the same infrastructure

_ It is necessary to secure most confidential government or business data

_ Etc.

In summary, there are three types properties that we need to secure are
Page 14
o Confidentially

o Data Integrity

o Availability

_ Organizational Security Risks

In some situation, if a cloud service provider (CSP) goes out of business (bankrupt) or gets
merge and acquisitions (M&A) by other organizations. There could be the threat for the
organization which could make harm using the data provided by their CSCs.

_ Physical Security Risks

In order to avoid the case of security breach without timely processing, the user should
provide a solution to resolve the error and set up quick response scenarios in case of
unexpected occurrence. In addition, users also need to ensure the compatibility of data for
the security system and applications used, ensuring those who have access to data and
applications. For instance, we can ensure multiple layers of physical security or get rid of
terrorist, theft. It might include guards, surveillance camera, barriers, biometric locks, and
so on.Moreover, cloud technology providers will provide users with information about
system applications, data posting specifications, and security technologies used. Thus, when
you know the complete and clear security information, users will easily choose before
making a decision. Another important issue affecting data center security is the choice of
cloud computing technology provider. Before choosing to use the service, users - businesses
need to understand carefully the history, prestige, and security policies of suppliers.

_ Compliance and Audit Risks

There are risks associated to the law. There can be mentioned are, risks related to lack of
jurisdiction information, modifications in jurisdiction, illegal parts in the contract.

o Integrated Program Design: We plan and modify each part of the Compliance Audit
program around the organization view (how people see and collaborate with their
clients),administrative measures, to guarantee the following business insight is both
relevant and significant to the partners in that field, although being conscious of drawing
the direct connections back to how the clients experience with ATN.

o Auditor management: Our auditors are managed on a daily basis by our inside company
of field experts. Auditor implementation as specified by our quality measurements effects
and selects singular qualification for the report. Our systems also monitor for scoring feeling
Page 15
(positive/negative) and we regularly inactivate the individuals who constantly show a
tendency to grant high or low scores.

Discuss how to overcome these security issues when building a secure cloud
platform.
There are some models to secure data on the cloud:

_ Data Availability: Downtime is an unavoidable and everything we can do is limit the

consequence.

We can verify that the stored information is limited in size in another person’s servers. This
is where the administration level understanding is essential to subtleties truly matters. For
example, Amazon Web Server provides 99.99% access while Microsoft Azure offers only
99.9%. The difference is very small but will ensure your data is only taken where needed

_ Encryption: For all purposes, the provider will store encrypted information while it is
exchanged on the cloud. Most are done via a browser, in fact, there are some services that
provide distributed storage like Mega customers use as an encryption key.

_ Data security and staff: Most incidents related to employees are not malicious. We should

encourage to recruit more employees with high skill and loyalty with organization.

_ Data Privacy: Most domestic and international laws have forced more than some
companies say no to cloud computing because it has too many loopholes. Obviously, many
providers could store their data on servers not located in their country or region but in a
different place which is the laws may be alternative. Not to mention that some cloud
service providers may deny their responsibility, which causes customers to take full
responsibility for violations.

_ Preserve Data Integrity: Data integrity can be defined as protecting data from
modification or deletion. This is simple in a data file and you can only have one route in or
out of the database that we can control. While in many clouds, it becomes precarious. Due
to the huge number of data sources, approval is important in ensuring information
cooperation. Methods must be stricter to access, two-factor authentication and login, or
control data wirelessly

_ Privacy protection: information must be protected from unacceptable, to focus on options

on the cloud, and incorporate information encryption and control who can see and receive
things. In some cases, we need to grant access to specific employees. We should distinguish

Page 16
the types of sensitive information. Find places that contain sensitive information, arrange,
describe the types of information that can and cannot be included in the cloud. A giant
number of early adopters of the cloud rushed to move every one of their information
around, just to acknowledge it must have been maintained on-premises in a private cloud.

Page 17
References:
(Latest), T., 2020. Top 20 Cloud Computing Issues And Challenges (Latest). [online] EDUCBA. Available at:
<https://www.educba.com/cloud-computing-issues-challenges/> [Accessed 7 November 2020].

Ibexlabs. 2020. Security Issues In Cloud Computing | Ibexlabs. [online] Available at: <https://www.ibexlabs.com/security-issues-
in-cloud-computing/> [Accessed 7 November 2020].

Guru99.com. 2020. Top 25 Cloud Computing Service Provider Companies (2020). [online] Available at:
<https://www.guru99.com/cloud-computing-service-provider.html> [Accessed 7 November 2020].

Page 18