Assignment Cover Sheet: Student Details

INTERNATIONAL SCHOOL OF
MANAGEMENT & TECHNOLOGY
ASSIGNMENT COVER SHEET
STUDENT DETAILS
Student ID Reg No.
Family Name Dhungana Given Name Ashish
Enrolment Year 2018 Section N2
Semester 4th Email ashish@ismt.edu.np
UNIT DETAILS
Unit Title Cloud computing Unit Code F/615/1644
Assessor Name Mr. Krishna Parajuli Issued Date 23 July, 2021
Assignment Title Tri-tech International Nepal
Assignment No 1/1 Submission Date Septemeber,

2021
Qualification BTEC HND IN Campus ISMT

COMPUTING
Cloud Computing 2021
STUDENT ASSESSMENT SUBMISSION AND

DECLARATION
When submitting evidence for assessment, each student must sign a declaration confirming that
the work is their own.
Student Name Ashish Dhungana Assessor Name Mr. Krishna Parajuli
Issue Date 23 July, 2021 Submission Date 22 September, 2021
Programme Btech HND in Computing
Unit Name F/615/1644
Assignment Title Tri-tech International Nepal
Plagiarism
Plagiarism is a particular form of cheating. Plagiarism must be avoided at all costs and students
who break the rules, however innocently, may be penalized. It is your responsibility to ensure
that you understand correct referencing practices. As a university level student, you are expected
to use appropriate references throughout and keep carefully detailed notes of all your sources of
materials for material you have used in your work, including any material downloaded from the
Internet. Please consult the relevant unit lecturer or your course tutor if you need any further
advice.
Student Declaration
I certify that the assignment submission is entirely my own work and I fully understand
the consequences of plagiarism. I understand that making a false declaration is a form of
malpractice.
Pearson Education 2018

Higher Education Qualifications
1
Ashish Dhungana (4th semester)
N2)
2
N2)
Contents
Part 1: ..................................................................................................................................................... 6
Introduction: ........................................................................................................................................... 6
Introduction: ........................................................................................................................................... 8
Evolution of cloud computing and its history ........................................................................................ 8
Concept of cloud computing .................................................................................................................. 8
Cloud computing framework: .............................................................................................................. 10
Architectural components: ............................................................................................................... 11
Reason to migrate to a cloud computing solution:............................................................................... 12
Selecting the deployment model and also comparing the service model for given scenario:.............. 14
Architectural layer of cloud computing ............................................................................................... 14
Service models: .................................................................................................................................... 14
Software as a Services: ..................................................................................................................... 14
Platform as a service ........................................................................................................................ 15
Infrastructure as a service ................................................................................................................. 16
Network resources on cloud: ............................................................................................................ 17
Computer resources: ......................................................................................................................... 17
Service level agreement model: ....................................................................................................... 17
Public cloud model: .......................................................................................................................... 18
Private cloud model:......................................................................................................................... 18
Hybrid cloud model:......................................................................................................................... 19
Community cloud model .................................................................................................................. 19
Selecting Deployment model for Tri-tech International Nepal ........................................................... 19
Comparing the service model for Tri-tech International Nepal ........................................................... 19
Technology driver for cloud computing .............................................................................................. 21
Virtualization: ...................................................................................................................................... 21
Programming models: .......................................................................................................................... 21
3
N2)
Service Oriented Architecture.............................................................................................................. 22
Web 2.0 and 3.0: .................................................................................................................................. 22
Justifying the tools to realize a cloud computing solutions: ................................................................ 23
Google compute engine:................................................................................................................... 23
Pub/Sub (publish-subscribe pattern) ................................................................................................ 23
Internet of Things: ............................................................................................................................ 24
Google App engine: ......................................................................................................................... 24
Google Stackdriver:.......................................................................................................................... 24
Google cloud functions: ................................................................................................................... 24
Google Kubernetes engine ............................................................................................................... 25
Dockers: ........................................................................................................................................... 25
Disadvantages of migrating application to cloud:................................................................................ 25
Conclusion: .......................................................................................................................................... 26
Part 2: ................................................................................................................................................... 27
Introduction: ......................................................................................................................................... 27
Software as a service ............................................................................................................................ 28
Services and built-in features .................................................................................................... 28
Platform as a Service ........................................................................................................................... 28
Application Tools...................................................................................................................... 28
Basic Middleware (database and application services .............................................................. 28
Infrastructure as a Service .................................................................................................................... 29
Virtualized resource .................................................................................................................. 29
Virtualized Photos ..................................................................................................................... 29
Open-source tools: ............................................................................................................................... 29
Open stack: ....................................................................................................................................... 29
Obstacles and opportunities one can face during the development process in cloud computing ........ 30
Cloud computing’s deep dependencies stack: .................................................................................. 37
4
N2)
IaaS issue .......................................................................................................................................... 39
PaaS security Issues: ........................................................................................................................ 40
Cloud computing security enables: .................................................................................................. 41
Key management: ............................................................................................................................. 42
Security management: ...................................................................................................................... 42
Conclusion:....................................................................................................................................... 43
Conclusion: .......................................................................................................................................... 56
5
N2)
Table of figure:
Figure 1: Cloud Architecture of Tri-tech international ........................................................................ 12
Figure 2 Fig: SaaS as a service ........................................................................................................... 15
Figure 3: PaaS as a service................................................................................................................... 16
Figure 4: IaaS as a service ................................................................................................................... 17
Figure 5: Cloud challenges .................................................................................................................. 34
Figure 6ig: (Suryakanthi, 2021) ........................................................................................................... 35
Figure 7 Multi-tenancy approaches...................................................................................................... 37
Figure 8: Cloud computing model layers. ............................................................................................ 38
6
N2)
Part 1:
With reference to the scenario, prepare a report which:
• Analyzes the evolution and fundamental concept of cloud computing.

• Presents design of an appropriate architectural Cloud Computing framework.
• Discuss your point of views why company should migrate to a cloud computing
solution.
• Define an appropriate deployment model and compares the service models for
choosing a model with real world examples.
Justifies the tools chosen to realize a Cloud Computing solution
Introduction:
In this Part 1, I will refer to the above scenario and prepare a report that analyzes the evaluation and
fundamental concept of cloud computing, as well as present the design of an appropriate
architectural Cloud Computing Framework and discuss my thoughts on why a company should
migrate to a cloud computing solution. Obviously, Finally, I will define an appropriate deployment
model and compare service models to select a model, which can be real-world examples to
demonstrate deployment models.
7
N2)
Implementation of Cloud Infrastructures
By: To:
Ashish Dhungana Mr. Krishna Parajuli
Sec: N2
8
N2)
Introduction:
This section provides the related information on the concise study of the principles and design of
cloud computing. The first thing that needs to be addressed is the nature of cloud computing which
is how we have come to the cloud. The basic architecture of the cloud computing platform is
developed, and the necessity and purpose for the enterprise to move to the cloud with a background
is discussed and the other fundamental elements are compared with simple assumptions such as
deployment models and service model models.
In addition, it provides an overview of the cloud computing technology drivers and how the cloud
computing model is enhanced by those technical drivers. Finally, the rationale of the Cloud
Computing resources used to enable various cloud operations.
Evolution of cloud computing and its history:

Cloud Computing is the computing where the services such as storage, infrastructure and
applications are accessed from utilizing the making use of another company's remote services for a
fee. The blueprints of cloud computing were seen in 1950s when the mainframe computer was in
use as many uses accessed the central computer through dummy terminals. To save the cost by
various companies the idea of provision of shared access to a single computer was gained. During
the 1960s, the initial concepts of time-sharing became popularized via RJE (Remote Job Entry);[19]
this terminology was mostly associated with large vendors such as IBM and DEC. Full-time-
sharing solutions were available by the early 1970s on such platforms as Multics (on GE hardware),
Cambridge CTSS, and the earliest UNIX ports (on DEC hardware). Yet, the "data center" model
where users submitted jobs to operators to run on IBM's mainframes was overwhelmingly
predominant.
Concept of cloud computing:
9
N2)
In the 1990s, telecommunications companies, who previously offered primarily dedicated point-to
point data circuits, began offering virtual private network (VPN) services with comparable quality
of service, but at a lower cost. By switching traffic as they saw fit to balance server use, they could
use overall network bandwidth more effectively. They began to use the cloud symbol to denote the
demarcation point between what the provider was responsible for and what users were responsible
for. Cloud computing extended this boundary to cover all servers as well as the network
infrastructure. As computers became more diffused, scientists and technologists explored ways to
make large-scale computing power available to more users through time-sharing. They
experimented with algorithms to optimize the infrastructure, platform, and applications to prioritize
CPUs and increase efficiency for end users. Then, after the decades, Amazon Web Services (AWS)
was into action and the service Elastic Cloud Compute (EC2) that gave company flexibility to rent
the virtual computers from which they can operate their own program and applications. Also,
Google launched Google Docs in the same year which is uses to create, edit and modify documents
and share all over the cloud.
The cloud was first used in the late 1990s to represent the gap between the end user and the
provider. Cloud computing, as described by Ramnath Chellapa of Emory University in 1997, is a
new computer paradigm in which the limits of computing are decided by economic logic rather than
technological considerations. This is a good summary of cloud computing's evolution. Then, as
companies gained a better understanding of the resources and their utility, cloud computing became
more widespread. Salesforce became the best example of how to use cloud computing efficiently in
1999.
In 2007, the joint effort of various universities, IBM and Google puts effort to develop the server
farm for the purpose of the research. Also, Netflix was released in the same year which is uses to
stream movies and other video content in various screen from various users which can be count in
millions as it uses the cloud.
10
N2)
After that, several companies have emerged to provide cloud services, such as IBM, which
introduced cloud-based streaming video services. The first open-source program for deploying
Private and Hybrid Clouds was released by NASA Open Nebula in 2007. In 2011, Apple released the
Apple Cloud, also known as ICloud, which focuses on storing more personal data. Oracle also
launched the Oracle cloud in 2012, which includes IaaS (Infrastructure-as-a-Service), PaaS
(Platform-as-a-Service), and SAAS (Software-as-a-Service) (Software-as-a-Service).
Cloud computing framework:

The cloud computing framework is a set of development tools, middleware, and database services
that make it easier to create, deploy, and manage cloud applications. This industry selects the NIST
cloud computing reference framework. The NIST cloud computing definition is widely accepted and
useful for understanding cloud computing technology and services. This section presents the NIST
cloud computing reference architecture, which is a natural extension of the NIST cloud computing
definition.
This framework was created for Federal IT executives, Program Managers, and IT procurement
authorities to have a fundamental understanding of and communicate the components of a cloud
computing system (USG). Cloud Service Consumer, Cloud Service Provider, Cloud Broker, Cloud
Auditor, and Cloud Carrier are the 5 major factors.
• Cloud consumer:
A person or organization that maintains a business relationship with, and uses service from,
Cloud Providers. A cloud consumer browses the service catalog from a cloud provider,
requests the appropriate service, sets up service contracts with the cloud provider, and uses
the service. The cloud consumer may be billed for the service provisioned, and needs to
arrange payments accordingly.
• Cloud service provider:

A person, organization, or entity responsible for making a service available to interested parties.
A Cloud Provider acquires and manages the computing infrastructure required for providing the
services, runs the cloud software that provides the services, and arranges to deliver the cloud
services to the Cloud Consumers through network access. As various services like SaaS, IaaS,
PaaS, Management, Data Security and Privacy is being provided by the Cloud Service Provider.
11
N2)
• Cloud Broker:
A Cloud Broker is a company that handles the use, performance, and delivery of cloud
services, as well as negotiating contracts between Cloud Providers and Cloud Consumers. As
cloud computing advances, cloud consumers may find it difficult to manage the integration of
cloud services. Cloud Broker is in responsible to manage and negotiate cloud service
utilization, including service intermediation, aggregation, and arbitrage. Because these
services are too complex for a cloud consumer to administer on their own, cloud consumers
seek cloud services from a cloud broker rather than dealing directly with the cloud provider.
Cloud providers gain from collaborating with Cloud Broker by minimizing reliance,
increasing business continuity, and increasing SLAs by leveraging different cloud providers.
However, it might lead to potential conflicts of interest when a cloud broker offers the best
services for their own benefit.
• Cloud auditor:
A cloud auditor is a third party who may analyze cloud services, information system
operations, performance, and security of a cloud computing deployment in an independent
manner. A cloud auditor can assess a cloud provider's services for security measures, privacy
implications, performance, and compliance with service level agreement standards.
• Cloud carrier:
A cloud carrier serves as an intermediary between cloud consumers and cloud providers,
providing connectivity and transfer of cloud services. Consumers can access cloud carriers
via network, telecommunications, and other access devices. Cloud Carrier obtains cloud
services from cloud providers via network access such as network and telecommunications,
as well as Software Level Agreements (SLAs), and serves as a transport agent between Cloud
Consumers and Cloud Providers.
Architectural components:
As identified in the NIST cloud computing definition, a cloud infrastructure may be operated in one
of the following deployment models: public cloud, private cloud, community cloud, or hybrid
cloud. The differences are based on how exclusive the computing resources are made to a Cloud
Consumer. The service orchestration in the top right is the composition of system components to
support the Cloud Providers activities to arrange, co-ordinate and manage the computing resources.
12
N2)
Following the deployment and service models, cloud service control includes all service-related
functions that are necessary for the operation and management of the offered services, which are
mostly used for business support, provisioning, and configuration.
Figure 1: Cloud Architecture of Tri-tech international
Reason to migrate to a cloud computing solution:

In order to save on network implementation costs, the Tri-tech International Nepal needed some
cloud solutions to migrate some of its aging infrastructure. When the company transfers the
resources to the cloud has various advantages. Here, are the few reasons why this company requires
to migrate to cloud computing solutions:
• Flexibility: Cloud-based services are ideal for businesses with growing or fluctuating bandwidth
demands. If your needs increase it’s easy to scale up your cloud capacity, drawing on the service’s
remote servers. Likewise, if we need to scale down again, the flexibility is baked into the service.
13
N2)
This level of agility can give businesses using cloud computing a real advantage over
competitors- it is not surprising that CIOs and IT Directors rank ‘operational agility’ as a
top driver for cloud adoption.
• Automatic Software Updates:
The beauty of cloud computing is that the servers are off-premise, out of sight and out of your hair.
Suppliers take care of them and roll out regular software updates including security updates. So, we do
not have to worry about wasting time maintaining the system ourselves.
• Capital-expenditure Free: Cloud computing cuts out the high cost of hardware. We simply pay as
we go and enjoy a subscription-based model that is kind to our cash flow. Add to that the ease of
setup and management and suddenly your scary; hairy IT project looks at lot friendlier.
• Work from anywhere: With cloud computing, if we have an internet connection we can be at work.
Moreover, with most serious cloud services offering mobile apps, we are not restricted by which
device we have to hand.
• Better Storage: Most businesses use cloud services because they provide large volumes of
highly accessible data storage for a fraction of the cost of doing so on-premise. Furthermore,
we can easily expand and shrink our storage capacity depending on your needs, which is
particularly beneficial for businesses that experience seasonal traffic. We can expand our
cloud storage at a low cost and not have to worry about running out of space.
• Measured service:
All computing resources offered by the cloud are monitored, and the results are later used for
recording. The various services usage is tracked and documented, which assists both the
provider and the consumer in justifying resource utilization (Ranger, 2018). Because the pay-
as-you-go features are justified by measured service, charge-per-use is possible.
• Automated Tasks - When it comes to keeping essential software up to date, IT staff has less
to think about thanks to cloud application migration. This is due to the fact that all cloud
systems are modified in the backend without causing any disruption, resulting in increased
organizational stability. It creates code for application development automatically, allowing
you to complete tasks more quickly.
• On-demand self-service:
This function is extremely important in Cloud Computing since it allows users to manage and
monitor network consumption, server uptime, and other computing capabilities.
• Operational Flexibility: A cloud platform helps us to be more versatile when installing
software and testing. Since the applications are deployed from the backend, the IT team does
14
N2)
not need to install them manually or over a remote network. Also, if we don't like an
application, we can easily uninstall it and replace it with one given by the provider.
• Disaster Recovery: Migrating to the cloud would make it easier to recover from any cloud-
based disaster. Since cloud systems automatically backup data at regular intervals and
upgrade the system on a regular basis, they can retrieve all updated information in the event
of an emergency and assist in the efficient completion of tasks.
• Cloud security:
Lost laptops are a billion dollar business problem. And potentially greater than the loss of an expensive
piece of kit is the loss of the sensitive data inside it. Cloud computing gives us greater security when this
happens. Because your data is stored in the cloud, we can access it no matter what happens to our
machine. And we can even remotely wipe data from lost laptops so it doesn’t get into the wrong
hands.
Selecting the deployment model and also comparing the service model for given scenario:
First, we need to evaluate the company's position before selecting the implementation model for tri-tech
international. Since this firm needs to migrate its aging infrastructure to the cloud and provide such SaaS
and PaaS services to its customers, suggesting that the company is intended to play the role of providing its
SaaS and PaaS services to its customers.
Architectural layer of cloud computing:

Service models:
Software as a Services:
Software as a service (SaaS) is the largest cloud market and continues to expand rapidly. SaaS uses
the web to offer applications that are run by third-party providers and whose interfaces are accessed
by the client side. Most SaaS applications can be accessed via a web browser and do not require any
downloads or installations (D, 2021). SaaS removes the need to install and run software on
individual machines due to the online distribution model. The run time, programs, data, middleware,
virtualization, servers, storage, and networking were all controlled by third-party vendors.
15
N2)
Figure 2 Fig: SaaS as a service
Google Apps, Salesforce, Workday, Concur, and Cisco WebEx are some examples of SaaS.
Platform as a service:
PaaS is a service that provides cloud components to apps and is used to build applications and other
technologies. PaaS refers to a system for developing or customizing software or applications. PaaS
enables fast and cost-effective application development, testing, and deployment. Third-party
vendors are in charge of their own servers, operating systems, and virtualization, storage,
networking, and PaaS applications. Cloud characteristics such as scalability, high availability, and
multi-tenancy are inherited by PaaS applications.
Example: Apprenda is a private cloud PaaS for.NET and Java, Google App Engine supports web
applications written in Java, Python, PHP, and Go, Microsoft Azure supports various application
creation in.NET, PHP, Python, and Ruby, and AWS allows users to build, deploy, and manage web
applications and services written in Java,.NET, PHP, Node.js, Python, Ruby, and Go.
16
N2)
Figure 3: PaaS as a service
Infrastructure as a service:
Self-service models for accessing, controlling, and maintaining remote datacenter infrastructures,
such as virtualized storage, networking, and network services like firewalls, are known as IaaS.
Instead of buying hardware, users can pay for IaaS depending on how much they use it, similar to
how they pay for electricity or utilities. In comparison to SaaS and PaaS, IaaS is responsible for
managing programs, files, runtime, middleware, and operating systems. Databases, message queues,
and other virtualization-related services are managed by IaaS providers.
Amazon Web Services (AWS), Cisco Metapod, Microsoft Azure, Google Compute Engine, Oracle
Cloud, and others are examples of IaaS.
17
N2)
Figure 4: IaaS as a service
Network resources on cloud:

The term "network resource" refers to all types of data, information, and hardware devices that can
be accessed by a group of computers through a shared network. Network resources, including cloud
resources, refer to data center infrastructure such as switches, routers, VLANS, DNS, and public and
private IP addresses. The key network tools, like VNET, a virtual network, are depicted in the
diagram below. PNET is the optical network used by the physical computer that is used by the VM
Cluster. When a virtual machine is built and activated, the code assigns a set of IP addresses and
MAC addresses. VM assigns MAC/IP address pairs and ensures that each VM has its own IP
address. When a user opens a VM instance, he or she can connect to the private network VLAN,
which allows the VNET to be independent of the physical network.
Computer resources:
For cloud computing, the device or system should have a variety of computer resources, especially
data storage and processing power, as well as directly interacting management tools for the user.
Data center for the collection of all data that the user accesses through the internet or a cloud
platform. Large clouds necessitate the distribution of functions from central servers across several
locations.
Service level agreement model:

The Service Level Agreement (SLA) is a contract between service providers and internal and
external customers that specifies the services that will be provided and the minimum level of quality
for those services. SLAs are a model that service providers may use to control customer expectations
and identify the situations under which they are not responsible for performance issues
(Montgomery, 2021). For example, the customer is responsible for ensuring that the service offered
by the service provider is adequate or meets your needs, while the service provider is responsible for
18
N2)
meeting the SLA's specified level of service. The following are the main SLA components and
checklists.
• Statement of Objectives: The service provider should state the general goals for the services
they will be providing.
• Service Description: The SLA should provide comprehensive explanations of the service.
Each individual service should be described, as well as a summary of the service that should
be offered to the customer.
• Quality Standard: As each service is received, the customer should state the anticipated
performance and quality of the services.
• Customers' Responsibilities: Customers must be mindful of and adhere to the service
provider's terms and conditions.
• Penalties for contract breaches: An SLA may provide a plan for the documentation of how
the service provider will pay in the event of a contract breach by defining performance
benchmarks.
Public cloud model:

Cloud services or hosting providers own the public cloud. It makes resources and services available
to a multiple companies and users. It can only be accessed through a secure network connection
(typically over the internet). The public cloud model is a form of cloud hosting model that makes
systems and services conveniently accessible to clients and users (Microsoft, 2021). IBM, Google,
Amazon, Microsoft, among others are some of the companies that provide public cloud services. In
terms of technical specifications, as well as structural design and protection, there is little difference
between private clouds and public clouds. For load management, the public cloud is best suited for
industry. The key benefits of the public cloud include flexibility, reliability, high scalability, low
cost, and so on.
Private cloud model:

The organization that uses cloud resources owns and operates a private cloud. In their data center,
companies create a cloud environment. Users within the business have self-service access to compute
resources offered by the private cloud (Citrix, 2020). As a result, with a private cloud, the
organization is in charge of running the service they supply. The resources are completely under the
authority of the organizations. This private cloud can be used by businesses who have a complex,
sensitive, and stable management environment.
19
N2)
Hybrid cloud model:

Hybrid Cloud Models are cloud computing models that incorporate two or more cloud servers that
are private, public, or community into a single architecture. Hybrid cloud is the most flexible cloud.
Organizations decide where to run their applications in the hybrid cloud, as well as regulate security,
compliance, and regulatory requirements. The public cloud is used for non-critical activities, while
the private cloud is used for critical and sensitive tasks. Flexible, stable, cost-effective, and richly
scalable are the key benefits of this cloud.
Community cloud model:

A community cloud is comparable to a public cloud, but it is located in a specific community of
cloud consumers who are controlled by community members or a third-party cloud provider who
provides a public cloud with restricted access. Members of this cloud share responsibility for day-to-
day operations, and other parties or outsiders are often denied access unless the community's
authority grants permission. Financial institutions, such as banks, are the best examples of this cloud
model.
Selecting Deployment model for Tri-tech International Nepal:

Tri-tech International needs to migrate from its traditional infrastructure to the cloud. The various
deployment models are described above. We believe that the private cloud is the best model for.
SAAS is used in combination with the private cloud model. The cloud reduces deployment and
maintenance costs as well as up-front costs.
The term "private cloud" refers to the process of organizing an existing infrastructure by combining
virtualization and cloud-like interfaces. Users can connect with the local data center while getting the
same benefits as public clouds, such as a self-service interface, privileged access to virtual servers,
and per-use monitoring and charging. The original SLA agreement, training, and moving existing
non-cloud processes to the cloud are all part of the outsourced private cloud main costs. In this
model, an organization can serve as both a consumer and a supplier of cloud services, as it used IaaS
as a consumer and then wanted to provide IaaS and SaaS to a customer, thereby becoming a cloud
provider. The private clouds also allow the organization to utilize the infrastructure to centralize
access to IT resources across several locations, which is another requirement.
Comparing the service model for Tri-tech International Nepal:
20
N2)
Criteria IaaS PaaS SaaS

Cloud consumer Cloud consumers were Consumers of cloud Cloud consumers are
Activities. responsible for setting services and cloud- only interested in
up and configuring based solutions needed using and configuring
bare infrastructure as to design, test, deploy, cloud services.
well as installing, and manage cloud
managing, and services and cloud-
monitoring any based solutions.
required software.
Cloud provider roles: They also keep track They also keep track They keep track of
of consumption and, of consumption and, if consumption and set
as necessary, handle necessary, pre- up and maintain cloud
physical processing, configure the services
storage, networking, platform, middleware,
and hosting. and IT resources.
Level of control Consumers have full Consumers have Only consumption and
cloud consumers administrative control limited administrative usage-related
over the resources access in SaaS. configuration are
they use in IaaS. available to customers.
Typical functionality They have full access They have some Only the front-end
made available to to IT resources administrative control user interface is
cloud consumer connected to over IT resources that available to them.
virtualized are relevant to their
infrastructure. use.
Examples AWS EC2: For AWS Elastic G Suite is a Google

businesses that want to Beanstalk: This tool that allows you to
host cloud-based service provides create documents in
applications, EC2 access to over 100 the cloud.
delivers scalable cloud computing
infrastructure. services, including
EC2, RDS, and S3.
21
N2)
Technology driver for cloud computing:

There is various technology driver for cloud computing. Some of them are mentioned below:
1. Virtualization.
2. Programming models.
3. Service oriented architecture.
4. Web 2.0 and Web 3.0
5. Network Technology.
6. Memory and storage technology.
7. Software process model.
8. Pervasive computing.
Virtualization:
It is the process of sharing license keys to physical instances of application among different users of
the enterprise. The main purpose of this technology is to provide a standard version of the cloud
application to all clients. It is popularly used for its flexibility and instant running process.
Fig: virtualized cloud model

Few types of virtualizations are:
- Hardware Virtualization - Server Virtualization
- Operating System Virtualization - Storage Virtualization
22
N2)
Programming models:
Programming models are called bridges between hardware and software, which enable both
algorithms and data structures to be expressed. Three types of programming models are Task
Programming Model, Parallel Programming Model, Thread Model and Shared Model. Where The
task-programming model is designed to allow the writing of Maple code using multiple processors,
while avoiding the complexities of conventional multi-threaded programming. The Parallel Program
Model is used for shared memory, communications and concurrent data transfer, as well as hardware
and memory architecture abstractions. This emphasizes multiple algorithms to operate concurrently
without having an effect on important results, and avoids threads through the development of tasks
that are used in cloud computing more often.
Service Oriented Architecture:

The term "service-oriented architecture" refers to an architectural approach in which applications
make use of network services. Services are supplied to form applications in this architecture via an
internet communication call. SOA enables users to create applications by combining a large number
of features from existing services. SOA refers to a set of architectural principles that organize system
development and allow components to be integrated into a unified, decentralized system. Because
SOA applications are deployed in many server farms in a load-balance environment over the
internet, they enable horizontal scaling in Cloud Computing. By virtue of its reusability properties, it
also aids the organization's time to market and development time.
Web 2.0 and 3.0:

The theory of internetworking supports cloud computing. The World Wide Web (WWWW) is a
system of interconnected IT resources that can be accessed via the Internet. Web 2.0 is the second
generation of the WWW. Internet. The Web Browser and Web Server are the most important
components, although there are also proxies, caching services, gateways, and load balancers. Web
2.0 brings in a revolution by bringing human connection to the web; earlier, there were only static
HTML pages, but today they are being replaced by a more interactive and dynamic web experience
that focuses more on collaboration between users and web publishers. Web 3.0, on the other hand, is
an upcoming technical driver for cloud that combines semantic web and AI to improve web
technology to generate, share, and connect through search and analysis rather than keywords to take
user interaction to the next level.
23
N2)
Justifying the tools to realize a cloud computing solutions:

As an IT officer in the IT Department of Tri-tech International Nepal, my primary duties include
planning, managing, designing, implementing, and optimizing the cloud computing framework for
ABC Technology, which includes cloud computing instance implementation, server system access,
various other services, network devices, security devices, user and community policy allocation, and
service analysis (Iaas, Paas, and Saas), comparison of public cloud platforms (AWS, GCP, and
Alibaba Cloud), and data and server availability in various locations, etc. I should demonstrate
knowledge of container technology and its orchestration technologies, such as Docker and
Kubernetes, and assist in the creation of a Proof of Concept Design for Management to understand
the advantages of container technology (Michael, 2021). With the aim of completing all of the tasks
that have been assigned to me, I have chosen two public clouds to complete the tasks: Google Cloud
Platform (GCP) and Amazon Web Services (AWS). In terms of tool range, I prefer GCP because it
has the most exciting tools, which are as follows:
Google compute engine:

Google Compute Engine is an IaaS platform that allows clients to run workloads on Google's
physical hardware. Google also offers highly customizable virtual machines with the best features,
affordable pricing, and the ability to deploy code directly or via containers. GCE manages with the
most up-to-date APIs, command-line interfaces, and a web console. Virtual machines, DNS servers,
http and https applications, and load balancing features are all available via the GCE application
programs gui. Linux with Debian and Centos has a range of CPUs and RAM configurations, while
VMs have a number of CPUs and RAM configurations. GCE is divided into three regions: the
United States, Asia, and Europe, each with two availability zones.
Pub/Sub (publish-subscribe pattern):

Pub/Sub is an asynchronous service-to-service communication protocol that's popular in serverless
and micro services architectures. Pub/Sub is used for global communications and event processing in
Google Cloud Platform. On its way to processing, storage, and analysis, Cloud Pub/Sub provides a
simple and dependable staging site for event data. Many developers, like those from Khan Academy
and Agosto, use Pub/Sub to enhance, duplicate, arrange, aggregate, and land events, as well as
integrate real-time batch processing with durable storage. Cloud Pub/Sub has a number of
advantages, including the fact that it requires no provisioning and that everything is automated
because it lacks shards or partitions. Users need to do nothing more than set the quota, publish, and
consume.
24
N2)
Internet of Things:
At the edge and in the cloud, IoT services connect, process, store, and analyze data. It consists of an
integrated software stack as well as scalable, fully managed cloud services that provide all of the
machine learning capabilities required for the services. Predictive maintenance, real-time asset
tracking, logistics and supply chain management, and small city and building management are all
applications for these systems. By delivering embedded operating systems and out-of-the-box
support for devices, it helps to accelerate business agility with IoT data and enhance operational
efficiency. It also triggers automatic adjustments based on real-time events utilizing Cloud Function
workflows.
Google App engine:

Google App Engine is a Platform as a Service (PaaS) offering that allows Web developers and other
businesses to use Google's hosting, distribution, and internet tiering services. The app engine allows
developers to create and deploy apps on a completely controlled platform, allowing them to scale
their applications from zero to planet scale without having to worry about the infrastructure.
Developers are likely to provide many services, like creating and deploying applications using a
variety of common languages, like Java, Node.js, PHP, Python, C#,.Net, Ruby, and Go, as well as
debugging source code and running APIs in the backend using leading tools including cloud SDK,
Visual Studio, and PowerShell.
Google Stackdriver:
Google Stackdriver is a monitoring service that allows IT teams to keep track of services, containers,
infrastructures, and applications. The Google Stackdriver collects measurements, incidents, and logs
from infrastructures and applications, providing developers and operators with a rich, visible signal
of root-cause and reducing mean-time-to-resolutions and solving various problems (Sill, 2021). The
service searches various cloud accounts for metadata and allows users to access data from graphs and
charts. Stackdriver tracking, Stackdriver error reporting, Stackdriver debugger, Stackdriver trace, and
Stackdriver logging are some of the key features of Google Stackdriver.
Google cloud functions:

Google Cloud Functions is a serverless, event-driven lightweight computing solution that allows
developers to build and execute programmatic functions in the Google Public Cloud without having
to invest in cloud infrastructure. Developers may use Cloud Functions to perform unique tasks for
small code fragments, which are usually connected to triggering responses to real-world and
software-driven events. The cloud function's key advantage is that it allows users to concentrate on
25
N2)
creating functions rather than designing cloud infrastructures. Applications running on the GCP, for
example, may activate functions.
Google Kubernetes engine:

GKE (Google Kubernetes Engine) is a management framework for deploying, controlling, and
scaling containerized applications and apps on Cloud infrastructure. GKE includes a cluster of
devices that have been grouped together. GKE is primarily used by organizations to create or resize
Docker container clusters, container pods, services, or load balancers, resize application controllers,
update and upgrade container clusters, and debug container clusters. Google Kubernetes is widely
used by developers to build and test enterprise applications.
Dockers:
Docker is a platform that uses containers to make it easier to build, deploy, manage, and run
applications. Regardless of any customizable settings, the program will run on Linux machines. To
put it another way, Docker is a virtual computer. Docker allows applications to run on the same
Linux kernel system as their host, resulting in major performance gains and a reduction in
application size.
Disadvantages of migrating application to cloud:

• Data Sensitivity: Any company runs its cloud operations at the expense of the application
data they store in the clouds and the clients with whom they share the data. This data will
only be exchanged after it has been transferred to the cloud, and it is very likely that any
application data will leak out or that data breaches will occur if the application is migrated to
the cloud.
• Data Interoperability: Interoperability problems are one of the most significant drawbacks of
migrating applications to the cloud. In an ideal world of cloud computing, a single line of
code can operate across all of the vendors' applications, which is unfortunately not the case
right now. As a result, any business enterprise considering migrating applications to the cloud
should consider interoperability and how applications interact.
• Cloud Security: In today's interconnected world, I don't believe that any data stored in the
cloud is completely secure. Despite the fact that existing cloud providers have been pushing
their ideas of making the most advanced and up-to-date data protection systems, data
breaches and data loss occur on a daily basis. Even Facebook, a global corporation, is subject
to data breaches from time to time. Data breach due to careless password protection or
26
N2)
hacking will result in vulnerability of your sensitive business and application data since data
stored in the cloud is easily accessible from anywhere on the Internet.
• Platform Dependency: There are a plethora of vendors and suppliers that provide cloud
services to their customers. Some cloud providers enslave their customers with proprietary
applications, making switching to a different cloud provider prohibitively costly or
impossible. Although it is costly to reconfigure software to meet business requirements, the
conversion will expose sensitive data to privacy and security risks.
Conclusion:
In a nutshell, a cloud enables users to access applications without having to acknowledge where they
are processed or housed, in other words, online. The basic explanation of all of these variables, such
as service models and deployment models, shows that cloud providers primarily sell services rather
than products. The numerous advancements in Cloud Computing, such as Web 2.0 and 3.0,
Networking Technology, Virtualization Technology, and many more, provide new gestures for
browsing and accessing the internet, as well as managing all of the resources in the Cloud, allowing
it to spread rapidly.
27
N2)
Part 2:
With reference to the scenario; develop cloud computing solutions:
Configure a Cloud Computing platform with a cloud service provider’s framework

(AWS/GCP/Azure).
Implement a cloud computing platform using open source tools.
Discuss the issues and constraints one can face during the development process and critically
discuss how one can overcome these issues and constraints.
Produce technical report which includes
Build and deploy nginx docker image in kubernetes client as Google Platform for PoC for
management.
Configure and migrate existing on-premise MySQL database to GCP Cloud SQL and connect
to the database.
Configure AI Chatbots for customer support and review.
Deploy network monitoring tools and troubleshooting methods to establish network baselines
and produce network documentation. Also, step by step process of troubleshooting methods.
Prepare cost benefits analysis on-premise infrastructure and application with compare with the
public cloud deployment.
An IT company decides to provide free access to a public cloud dedicated to higher education.
Which one of the three cloud computing delivery models, SaaS, PaaS or IaaS should it embrace
and why? What applications would be most beneficial for the students? Will this solution have
an impact on distance learning? Why?
Describe how Cloud computing technology can be applied to support remote ECG Monitoring
IOT solution.
Introduction:
In this task, I will configure a cloud computing platform using a cloud service providers system and
then implement the platform using open source software. Similarly, I will address the problems and
28
N2)
constraints that can arise during the development process, as well as how to solve these problems and
constraints. In this task, I will configure a cloud computing platform using a cloud service providers
system and then implement the platform using open source software. I chose Google Cloud Platform
for cloud computing because it is the best cloud for business processes, and Google Cloud is also used
in my office.
Software as a service:
Various services such as office and business process automation, various business services
applications, various virtual desktops, and information and messaging services such as email are
available as software as a service. Most SaaS applications can be accessed via a web browser and do
not require any downloads or installations. SaaS removes the need to install and run software on
individual machines due to the online distribution model. Below is a detailed outline of each part of
the cloud computing architecture in software as a service:
• Services and built-in features: Rather than buying several services, such as a new piece of
software, Google Cloud provides automatic built-in functionality. Alternatively, we can
incorporate various functionalities and behaviors at a lower rate. Developers can create
exciting cloud-based applications with exciting functionality and services for business
processes.
Platform as a Service:
Database management services, which include a platform for storing, saving, deleting, and retrieving
data, directory services, testing tools for various software, and various applications for business
services and processes are all part of the platform as a service system. Developer tools software for
developers is also included in platform as a service. Below is a comprehensive description of each
part of the cloud service system in platform as a service:
• Application Tools: Different clouds, including Google Cloud, provide a variety of

development tools and libraries to help developers build more quickly. We need easier ways
to debug source code in development, a solution for running API back ends, or just want
intuitive integration into our favorite IDE.
• Basic Middleware (database and application services): Middleware services are a software
platform that lies between an application and another application or computer. It establishes a
29
N2)
connection between the servers, the database, and the various clients. Middleware services
are used to link the database and application servers.
Infrastructure as a Service:
There are different services available in infrastructure as a service, including better storage, better
web server facilities, server hosting facilities, and various virtual machines. Computing, networking,
virtualized images, and a variety of hardware services are all available. Below is a detailed
description of each aspect of the cloud service system in infrastructure as a service.
• Virtualized resource: Cloud Platform deals with a variety of virtualized services, including
computer, networking, and storage. Google Cloud Platform's compute engine, which
provides virtual machines running in Google's revolutionary data centers and around the
globe through fiber network, is commonly referred to as compute. Compute engine provides
fast VM boot times, persistent disk storage, and consistent performance, as well as the ability
to create custom machine types. Google Cloud builds massive computing clusters that benefit
from good and reliable cross-machine bandwidth on the networking side. Using Google's
private global fiber network, it will link to machines in other data centers and other Google
services. We can build an instance for networking and manage our network configuration.
• Virtualized Photos: There are a variety of operating system images available in the cloud,
including Linux, Mac, Windows, and other operating systems. Public photos produced and
preserved by Google, open source communities, and third-party vendors are the two forms of
images available.
Open source tools:
Open stack:
Open stack is a collection of open source cloud computing tools that manage and provision large
pools of compute, storage, and networking resources across a datacenter using APIs and a standard
authentication mechanism. Open stack, in general, is work that is done under the infrastructure as a
service functionality. To access infrastructure tools, an open stack implementation includes a range
of modules, such as nova for computing, Zun for container service, and qinling for functions service.
On the hardware side, there are two ironic elements for the bare metal provisioning device cyborg for
accelerator lifecycle management.
Swift for object storage, cinder for block storage, and manila for shared file system are the three
components on the storage side. Additionally, on the networking side, there are three working
30
N2)
mechanisms: neutron for networking, Octavia for load balancing, and designate for DNS operation.
There is a working framework called keystone that provides the identity service of open stack for
shared services. A central list of all users of the open stack cloud who have permission to use it is
needed. Searchlight for indexing and scanning, Placement for placement service, Glimpse for image
service (virtual images on hard disks), and Placement for placement service.
There are a variety of identity and access management services available, including heat for self-
orchestration, senlin for clustering, mistral for workflow, and zaqar for messaging. There is Sahara
for big data processing system provisioning and trove for database as a service provisioning for
workflow provisioning. Finally, exciting dashboards are on the horizon for the web frontend.
Obstacles and opportunities one can face during the development process in cloud computing:
• “Business Continuity and Service Availability: Organizations often worry about cloud
providers' service availability. And well-known companies like Google, Amazon, and
Microsoft have experienced outages.
• “Data Locked-In: Data Locked-In refers to an organization's business's reliance on the cloud
provider's software and hardware infrastructure. Despite the fact that software stacks have
enhanced platform interoperability, storage APIs remain largely proprietary, or at the very
least have not been subject to active standardization. As a result, consumers can't transfer
their data and programs from one site to another, as in hybrid cloud computing or surge
computing.”
• “Data Confidentiality: One of the most common objections to cloud computing is data
protection or personal information in the cloud. Both outside and within the cloud, cloud
users face security threats. While the cloud simplifies external security, it introduces new
issues in terms of internal security. Users' theft or denial-of-service attacks must be avoided
by cloud providers. Users must be kept safe from one another.
• “Performance Unpredictability: Virtual machines in the cloud can easily share CPUs and
main memory, but network and I/O sharing is more difficult. As a consequence, I/O output
varies more between Amazon EC2 instances than main memory performance.
• “Scalable Resources: The issue with storage is its inflexibility when it comes to scalability.
There have been numerous attempts to address this question, with varying degrees of richness
in query and storage APIs, performance guarantees, and consistency semantics.
• Bugs in Large-Scale Distributed Systems: Eliminating errors in large-scale distributed
systems is one of the most challenging problems in cloud computing. The fact that these
31
N2)
vulnerabilities cannot be replicated in smaller configurations is a common caveat, so

debugging must take place at scale in production data centers.
• Rapid Scaling: Since storage and network bandwidth can be calculated in terms of bytes
transmitted, the pay-as-you-go model works well. Depending on the degree of virtualization,
computation differs slightly. Google AppEngine, for example, scales automatically in
response to load increases and decreases, and users are paid based on the number of cycles
used. The number of instances that are alive (even though they are inactive) is charged by the
hour by AWS.
• “Software Licensing: The issue with cloud computing is that the computational units are
virtual machines rather than physical machines. There may be tens of virtual machines
operating on a single physical computer. So, how do tech companies license their products?”
Mitigating issues and constraints during development process in cloud computing:

Assess your risk appetite: Setting a risk appetite to drive operational decisions is popular in the
banking industry. A conservative risk appetite, for example, would lead to the rejection of profitable
but highly uncertain loans. Your risk appetite will influence your due diligence, ongoing tracking,
and ability to engage in risk reduction from the perspective of IT management.
To minimize risk, use a zero-cost model: Zero trust is an IT protection technique in which every
user in an organization is required. A zero confidence approach means tightly limiting access for
ensure, a company that specializes in property and casualty insurance services and software.
Learn from news stories about IT failures: Many organizations are moving data to the cloud these
days, and we're hearing a lot about data breaches in the cloud, so we can learn from these stories
about how to protect our company data in the cloud. Investing time in researching industry news for
cloud-related failures can assist you in reducing your cloud risk. Because of the dynamic and
changing existence of cloud computing in today's company, there's always something to be learned
from high-profile failures.
Rethinking our cloud management strategy blend of manual vs. automated: Organizations may
use automation, virtual agents, and data crunching to not only sell more goods, but also to handle
cloud services. Manual services are the conventional, ancient, and potentially dangerous alternative,
but an automated system may be the best option for detecting problems and standardizing cloud
configuration.
32
N2)
Conclusion:
I configured a cloud-computing platform with a cloud service providers system and introduced a
cloud-computing platform using open source software as part of the Part 2 “I” assignment. Similarly,
I have addressed the problems and constraints that can arise during the development process, as well
as how to solve these problems and constraints. Finally, I deployed cloud systems with auto-scaling
capabilities, and I'll go over the financial benefits
33
N2)
Part 3:
A. Write an article which
Analyzes the most common challenges and risks which arise in a Cloud Computing platform and
discusses appropriate solutions to these problems.
How does Cloud computing help to reduce the time to market for applications and to cut down
capital expenses?
Assesses the most common security issues in cloud environments and discusses how to overcome
the security issues when building a secure cloud platform.
Critically discuss how to overcome these security issues when building a secure cloud platform.
B. In order to give presentation (about 20 minutes) to you seniors, prepare a presentation

including the key ideas and concepts about the topic allocated to you.
Introduction:
This article will primarily focus on the present difficulties and their solutions that develop on the Cloud
Computing Platform. The common issues and risks that exist in cloud computing solutions are first
described, followed by solutions to the problems. The primary security difficulties or issues are then
evaluated, along with potential solutions for building a safe cloud platform. Also to be critically
considered are strategies to protect vital data of a company while shifting to a cloud solution.
The term "cloud" is being talked about everywhere these days. This unclear word occurs to cover
almost every aspect of our lives. While "the cloud" is merely a metaphor for the internet, cloud
computing is the topic of conversation these days. It improves data storage, security, flexibility, and
employee communication, as well as changing the workflow of small and large businesses to help
them make better decisions while lowering expenses.
Keywords: cloud computing, cloud computing security, cloud computing security management
Challenges and risk of cloud computing platform:
RightScale conducted its annual State of the Cloud Survey on the newest cloud trends in January 2018.
They polled 997 technical personnel from a wide range of enterprises about their cloud infrastructure
deployment. Their findings were eye-opening, particularly in light of contemporary cloud computing
issues. To answer the basic topic of what are the challenges of cloud computing, we've expanded on
34
N2)
some of their results and listed some additional cloud computing issues that businesses may face
(Durcevic, 2019).
Figure 5: Cloud challenges
Misconfiguration:
Misconfiguration today leads to cloud data breaches. The design of the cloud infrastructure is the main
cause of these data breaches. The infrastructure is designed in such a way that data can be easily shared
while unauthorized parties are not easily detected. The infrastructure, like the infrastructure, lacks
complete visibility and control over their infrastructure. As a result, they should rely on the security
controls provided by cloud service providers.
Lack of visibility:
The cloud-based resources of an organization are situated outside of the corporate network and run on
infrastructure that is not owned by the corporation. As a result, rather than using typical network traffic
monitoring methods, there should be the capacity to view inside the cloud service itself in order to
have complete visibility over data.
Insider threats:
Insider threats are a serious security concern for any company. A malicious insider has already been
granted access to a company's network and some of its most sensitive assets. As a result, there's a good
chance that data will be leaked on purpose.
Compliance:
35
N2)
The use of cloud computing services gives regulatory and corporate compliance a new dimension.
Regulatory regulations like as HIPAA, PCI, and Sarbanes-Oxley, as well as obligations from internal
teams, partners, and customers, may apply to your cloud infrastructure. Compliance and risk
management processes involve infrastructure from cloud providers as well as interfaces between in-
house systems and the cloud.
Access to cloud data and applications:
Access controls based on the traditional data center network perimeter are no longer effective because
users can access cloud apps and data over the internet. Bring-your-own-device (BYOD) technology
allows users to access the system from any place or device. Furthermore, privileged access by cloud
provider workers may allow them to overcome your own security safeguards.
The cloud computing architecture and security

implications
There are three service delivery models and

three main deployment models in the Cloud
Computing concept. The following are the
deployment models:
Public cloud: A cloud platform that allows

Figure 6ig: (Suryakanthi, 2021)
public users to register and use the
infrastructure that is provided. Infrastructure-as-a-Service (IaaS) is a cloud
computing model in which cloud providers
Private cloud: A private cloud platform is one
supply resources on - demand, storage, and
that is dedicated to a single enterprise.
networking as web-based services. The
Hybrid cloud: A private cloud that can access virtualization technology supports this service
public cloud services. Because public clouds paradigm. The most well-known IaaS supplier
are available for public users to host their is Amazon EC2.
services, including malicious users, they are the
Platform-as-a-Service (PaaS) is a cloud-based
most susceptible deployment model. The
service that allows users to design, launch, and
following are examples of cloud service
manage their own apps without having to
delivery models, as shown in Figure 1:
install any platforms or support tools on their
local PCs. The PaaS paradigm can be built on
36
N2)
top of an IaaS model or directly on top of cloud infrastructure as an internet-based service to

infrastructures. The most well-known PaaS are end users without requiring the apps to be
Google Apps and Microsoft Windows Azure. installed on their machines. This approach can
be hosted on top of PaaS, IaaS, or cloud
Software-as-a-service (SaaS) is a cloud
infrastructure directly. A good example of a
computing model in which cloud providers
SaaS supplier is Sales Force CRM.
distribute programs hosted on their
As shown in Figure 1, each service delivery with their own customizations in approach 1.
model offers a variety of possible (Customization may include special
implementations, challenging the development to meet customer needs). In
establishment of a common security model for approach 2, each tenant has their own dedicated
each service delivery model. Furthermore, instance, similar to approach 1, but all instances
different service delivery models may coexist have different configurations (adjustment of
in a single cloud platform, complicating the application parameters or interfaces). All
security management process even further. leaseholders share the same instance with
runtime configuration in approach 3 (the
Cloud computing characteristics and security
program is divided into core application
implications:
components and extra components that are
Cloud providers must improve resource loaded based on current user requests – similar
consumption while lowering costs in order to to SalesForce.com). In method 4, tenants are
achieve efficient resource utilization. At the sent to a load balancer, which routes their
same time, consumers must be able to use requests to the most appropriate instance based
resources only as far as they are required, with on the load on the current instance. The most
the ability to raise or decrease resource dangerous approaches are 3 and 4, because
consumption in response to actual demand. The renters share the same memory and hardware.
cloud computing model delivers two crucial This resource sharing compromises the
characteristics: multitenancy and elasticity, anonymity of tenants' IT assets, necessitating
resulting in a win-win situation. the use of secure multitenancy. . To deliver
secure multi-tenancy, there should be data
Multi-tenancy means that leaseholders share
isolation (at rest, processing, and transition)
computing resources, storage, services, and
and location transparency, where tenants have
applications. Figure 2 shows the many
no knowledge or control over the specific
techniques to multi-tenancy realization. Each
location of their resources (may have high level
leaseholder has their own dedicated instance
control on data location such as country or
37
N2)
region level), in order to avoid planned attacks isolating between running services and API
that attempt to co-locate with victim assets. calls. Isolation in SaaS should be used to
Isolation in IaaS should take into account VM separate transactions carried out on the same
storage, processor, memory, cache memories, instance by distinct tenants, as well as tenant
and networks. Isolation in PaaS should include data.
users' security and regulatory concerns, such as

not putting competing services on the same
server and keeping data within the tenants'
country borders. In order to fulfill demand and
maximize resource utilization, placement
engines may incorporate a migration strategy in
which services are moved from one physical
host to another or from one cloud to another.
The same security restrictions should be
Figure 7 Multi-tenancy approaches. considered in this migration method.
Elasticity refers to the ability to adjust the
Cloud computing’s deep dependencies stack:
number of resources allotted to a service based
The cloud computing concept is based on a
on demand. The ability to scale up and down an
deep stack of interdependent layers of objects
owner's resources allows other users to utilise
(VMs, APIs, Services, and Applications), each
the owner's previously assigned resources. This
of which is dependent on the lower layers for
could lead to concerns with confidentiality. For
functionality and security. Cloud physical
example, tenant A scaled down to free up
infrastructure layer (storage, networks, and
resources, which are now allotted to tenant B,
servers), virtualization layer (hypervisors), and
who uses them to deduce tenant A's prior
virtualized resources layer are all covered
contents (similar to lag problem between DNS
under the IaaS paradigm (VMs, virtual storage,
and DNS cache). Elasticity also features a
virtual networks). Platform layers (such as
service placement engine that keeps track of the
application servers, web servers, IDEs, and
available resources from the provider's pool of
other tools), as well as APIs and Services
available resources. . This is the list that is used
layers, are covered by the PaaS paradigm. The
to assign resources to services. Such placement
PaaS layer is dependent on IaaS-provided
algorithms should take into account cloud
resource virtualization.
38
N2)
and integrate the security controls of the

various layers.
Cloud computing stakeholders and security

implications:
Different stakeholders are involved in the cloud

computing model: cloud provider (an entity
that provides infrastructure to cloud
consumers), service provider (an entity that
uses cloud infrastructure to deliver
applications/services to end users), and service
Figure 8: Cloud computing model layers.
consumer (an entity that uses services hosted
Because the security of each object/layer is
on the cloud infrastructure). Each stakeholder
dependent on the security of the lower
has its own security management
objects/layers, this deep dependency stack of
systems/processes, as well as expectations
cloud objects complicates the cloud security
(requirements) and capabilities (provided)
dilemma. Furthermore, any compromise of any
from/to other stakeholders. As a result,
cloud item has consequences for the entire
cloud platform's security. Each cloud A collection of security requirements defined
layer/object has its own set of security on a service by various tenants that may
requirements and vulnerabilities, therefore contradict. To mitigate new threats, each
delivering a secure service necessitates a set of service's security configurations should be
security controls. As a result, there are a large maintained and enforced at the service instance
number of security controls to handle. level and at runtime, taking into consideration
Furthermore, coordinating such disparate the likelihood of changing requirements based
security controls to meet security requirements on current users' demands.
is a difficult undertaking, especially when
The implemented security features must be
conflicts exist between security requirements
negotiated and agreed upon by providers and
and security controls at each tier. This could
consumers. However, there are no industry-
lead to an inconsistency in the security model.
standard security specification notations that
As a result, there is a need for a unified security
cloud stakeholders can use to represent and
control management module. Based on security
reason about their offered/required security
requirements, this module should coordinate
qualities.
39
N2)
Each stakeholder has their own security what dangers exist, and what breaches occur on
management systems in place to define their the cloud platform and hosted services. This is
assets, anticipated risks and their known as "trust but verify," in which cloud
consequences, as well as how to mitigate those users should have faith in their providers but
risks. Both cloud providers (who are unaware cloud providers should give tools to assist users
of the contents and security needs of services in verifying and monitoring security policies.
housed on their infrastructures) and cloud
Cloud computing service delivery models and
consumers (who are unaware of the contents
security implications:
and security requirements of services hosted on
their infrastructures) lose control when they Each service delivery model's significant
adopt the cloud model (who are not able to security issues/vulnerabilities are summarized.
control neither on their assets security nor on Some of these issues fall under the purview of
other services sharing the same resources). cloud providers, while others fall under the
Security SLA management frameworks are a purview of cloud users.
portion of the solution for defining, enforcing,
IaaS issue:
and monitoring security attributes. SLAs, on
VM security — employing traditional or cloud-
the other hand, nevertheless leave security
based security solutions to protect VM
aspects out of their requirements. Furthermore,
operating systems and workloads from
SLAs are high-level contracts that do not
common security threats that afflict traditional
include the specifics of security rules and
physical servers, such as malware and viruses.
controls, as well as how to update them at
Cloud users are responsible for the security of
runtime.
their virtual machines. Each cloud customer
Cloud providers, on the other hand, are unable can implement their own security safeguards
to implement efficient and effective security based on their needs, risk tolerance, and
controls since they are unaware of the security management methodology.
architectures of hosted services. Furthermore,
Securing the VM image repository - unlike real
cloud providers are confronted with a slew of
servers, virtual machines are vulnerable even
new security regulations, all while maintaining
when they are turned down. By introducing
a diverse set of security controls that must be
malicious code into the VM file or even
updated. The security administrators' jobs are
stealing the VM file itself, VM images can be
made much more difficult by this. Between
hacked. Cloud providers are responsible for
cloud providers and consumers, there must be
maintaining a secure VM image library.
transparency about what security is enforced,
40
N2)
Another problem with VM templates is that PaaS security Issues:

they may keep the original owner's Security problems relating to Service-oriented
information, which may be used by a new Architecture (SOA) — the PaaS architecture is
customer. built on the SOA model. As a result, all security
vulnerabilities in the SOA domain are
Sharing network infrastructure among multiple
inherited, including DOS attacks, Man-in-the-
tenants within the same server (using vSwitch)
Middle attacks, XML-related attacks, Replay
or on physical networks increases the
attacks, Dictionary attacks, Injection attacks,
possibilities of exploiting DNS servers, DHCP,
and input validation-related attacks. To protect
IP protocol flaws, or even the vSwitch
cloud-based services, mutual authentication,
software, resulting in network-based VM
authorization, and WS-Security requirements
assaults.
are essential. Cloud providers, service
Securing VM boundaries - VMs, unlike providers, and users all share responsibility for
physical servers, have virtual bounds. Virtual this security issue. API Security PaaS may
machines that coexist on the same physical provide APIs for business services, security
server share the same CPU, memory, I/O, functions, application administration, and other
network interface card, and other resources (i.e. management functions.To enforce consistent
there is no physical isolation among VM authentication and authorization on requests to
resources). The cloud provider is responsible such APIs, security controls and standards,
for securing VM boundaries. such as OAuth, should be applied. There is also
a requirement for API separation in memory.
Security of hypervisors - a hypervisor is a
The cloud service provider is responsible for
"virtualizer" that converts physical resources
this problem. Security Concerns with SaaS
into virtualized ones and vice versa. It is the
primary controller for virtual machines' access Enforcing and maintaining security in the SaaS
to physical server resources. Because all VM model is a joint duty between cloud providers
operations are traceable unencrypted, any and service providers (software vendors).
penetration of the hypervisor compromises the Because it is constructed on top of the
security of the VMs. Cloud providers and preceding two models, the SaaS model inherits
service providers are responsible for hypervisor the security challenges described in those
security. The SP in this context is the vendor of models, including data security management
the hypervisor software, such as VMware or (data location, integrity, segregation, access,
Xen. confidentiality, and banning).
41
N2)
Web application vulnerability scanning - web monitoring, billing, elasticity, IaaS, PaaS, SaaS
applications that are going to be hosted on services registry, and cloud security
cloud infrastructure should be validated and management are all CML components. Such a
inspected for vulnerabilities utilizing web layer is crucial since any vulnerability or
application scanners. The National breach of it will allow an adversary to take
Vulnerability Database (NVD) and the control of the entire cloud platform, much like
Common Weaknesses Enumeration (CWE) an administrator. This layer provides a set of
should keep such scanners up to date with APIs and services that client applications can
newly found vulnerabilities and attack routes utilize to connect to the cloud platform. As a
(CWE). To minimize existing/discovered result, the same security concerns that plague
vulnerabilities, web application firewalls the PaaS paradigm also apply to the CML layer.
should be in place (examining HTTP requests Methods of Obtaining Access to the Cloud (E)
and responses for applications specific Security Concerns The concept of cloud
vulnerabilities). Injection, cross-site scripting computing is to expose resources across the
(Input validation) flaws are among the top ten internet. These resources can be accessed by
most significant online application using the following methods: -
vulnerabilities identified by OWASP in 2010.
In the case of web applications, SaaS, web
Web application security misconfiguration and browsers (HTTP/HTTPS).
breaking - In SaaS, web application security
In the case of web services and APIs - PaaS and
misconfiguration or vulnerabilities in
CML APIs – SOAP, REST, and RPC protocols
application-specific security measures is a
are used.
major problem. With multi-tenancy, security
misconfiguration is even more critical, as each In the case of VMs and storage services – IaaS
tenant has their own security configurations – remote connections, VPN, and FTP are used.
that may conflict with one another, resulting in To safeguard data transported between the
security flaws. To implement and manage cloud platform and consumers, security
security in a consistent, dynamic, and resilient policies should address vulnerabilities
manner, it is generally suggested to rely on connected to these protocols.
cloud provider security policies. D. Cloud
Cloud computing security enables:
Management Security Concerns the Cloud
Federation and Identity & Access Management
Management Layer (CML) is a "microkernel"
(IAM) Identity is at the heart of any security-
that can be expanded to include and coordinate
conscious system. It allows systems and other
many components. SLA management, service
42
N2)
parties to recognize users, services, servers, APIs and service calls made by other
clouds, and other entities. A bundle of data applications. The application's keys, as well as
connected with a given entity makes up an all other credentials required by the program to
identity. Because of the context, this access such APIs, must be kept secure.
information is useful. Identity should not reveal
Security management:
"private" information about users. A
Cloud security management becomes a more
comprehensive and consistent Identity
challenging research topic as a result of the big
management solution should be delivered or
number of cloud stakeholders, the deep
supported by cloud platforms. This system
dependency stack, and the large number of
should provide identity context information for
security controls to meet security needs.
all cloud items and cloud users. Identity
Security management should include security
provisioning and deprovisioning, identity
requirements and policies, security controls
information privacy, identity linking, identity
configurations based on policies, and feedback
mapping, identity federation, identity attributes
from the environment and security controls to
federation, single sign on, authentication, and
security management and cloud stakeholders.
authorization are all things that should be
Security management should be implemented
included. Existing standards, such as SPML,
as a CML plug-in.
SAML, OAuth, and XACML, should be used
to securely federate identities among Lifecycle of Secure Software Development
interacting entities across domains and cloud Elicitation of security requirements, threat
platforms in such a system. modeling, and augmentation of security needs
to systems models and generated code are all
Key management:
part of the secure software development
One of the main goals of cloud computing
lifecycle (SDLC with security engineering
security is confidentiality (CIA triad).
activities). The lifecycles and techniques used
Encryption is the primary means of achieving
to construct secure systems will be
data, process, and communication
revolutionized by cloud-based apps. The PaaS
confidentiality. Key-based encryption
offers a set of reusable security enablement
techniques are either symmetric or asymmetric.
components to aid in the development of secure
Both encryption methods have a big issue with
cloud-based applications.
encryption key management, or how to
generate, store, access, and share secret keys in The cloud-based application's security
a secure manner (Anitian, 2021). PaaS also engineering should also evolve to satisfy new
requires the use of application keys for any security criteria placed on such systems. To
43
N2)
accommodate a wide range of customer and implemented across the various cloud
security requirements, applications should platforms involved.
enable adaptive security (rather than hardcoded
Conclusion:
security). Externalizing/delegating security
For service providers, cloud providers, and
enforcement and application security
cloud customers, the cloud computing
management to cloud security management,
paradigm is one of the most promising
cloud security services, and security controls is
computing models. However, in order to get the
the foundation of adaptive application security.
most out of the model, we need to plug the
Optimization of the security-performance
existing security gaps (Vold, 2021). Based on
tradeoff SLAs are used to supply services in the
the information presented above, the cloud
cloud computing model. SLAs should include
security issue can be summarized as follows:
performance, reliability, and security
objectives. SLAs also specify the penalties that Some of the security issues are due to the
will be enforced if the SLA is broken. technologies that are being used, such as
Delivering a high level of security, as one of the virtualization and SOA.
SLA objectives, necessitates a significant
Multi-tenancy and isolation are two significant
increase in resource consumption, which has an
aspects of the cloud security problem that
influence on the performance goal (the more
necessitate a vertical solution that extends from
adopted security tools and mechanism, the
the SaaS layer to the physical infrastructure (to
worst the impact on the performance of the
develop physical alike boundaries among
underlying services). Using utility functions for
tenants instead of virtual boundaries currently
security and performance, cloud management
applied). To regulate and manage such a large
should examine the trade-off between security
number of needs and controls, security
and performance (least security unless stated
management is necessary. As shown in Figure
otherwise).
3, the cloud model should have a holistic
Security federation across many clouds: security wrapper that requires all access to the
When a consumer uses apps that rely on cloud platform's objects to pass through
services from several clouds, he must ensure security components first. We advocate that
that his security requirements are met on both cloud computing security solutions: Focus on
clouds and in the middle (MacDermott, 2021) . problem abstraction, employing model-based
When many clouds join forces to supply a approaches to capture different security views
larger pool of resources or integrated services, and link such views in a holistic cloud security
their security requirements must be federated model. The cloud architecture is built with this
44
N2)
in mind. Flexible security interfaces should be model's adoption. To overcome such a

provided by delivery mechanisms (such as challenge, we must:
elasticity engines) and APIs. Support for multi-
(1) capture the security requirements of many
tenancy, where each user can only see his own
stakeholders from various perspectives and
security configurations, and elasticity, which
levels of detail.
allows you to scale up and down depending on
the situation. To deliver integrated security, (2) Match the cloud architecture, security
support integration and coordination with patterns, and security enforcement mechanisms
various security measures at different layers. to the security needs.
Adapt to changes in the environment and the
(3) Provide cloud providers and users with
needs of stakeholders.
information on the present state of security. We
Future work: propose using an adaptive model-based
approach.
We're looking at the cloud security
management issue. Our goal is to close the Ashish Dhungana
security gap that has emerged in cloud
consumers' and cloud providers' security
management processes as a result of the cloud
Presentation:
45
N2)
46
N2)
47
N2)
48
N2)
49
N2)
50
N2)
51
N2)
52
N2)
53
N2)
54
N2)
55
N2)
56
N2)
Conclusion:
Here, I have wrote an article that evaluates the most prevalent challenges and hazards that develop in
a cloud computing platform and discusses viable solutions to these issues. I've also discussed how
cloud computing can help reduce application time to market and capital expenditures. I evaluated the
most prevalent security challenges in the cloud environment and addressed how to overcome these
issues while developing a safe cloud platform, and I developed a presentation that included the
important ideas and concepts regarding the topic assigned to me.
57
N2)
Bibliography
(n.d.). Retrieved from https://www.mja.com.au/journal/2000/173/11/media-and-young-minds
Academy, C. N. (May 9, 2014). Retrieved from https://www.ciscopress.com
Anitian. (2021). Retrieved from https://www.anitian.com/
Citrix. (2020). Retrieved from https://www.citrix.com/
D, J. (2021, 7 2). Retrieved from https://www.mcafee.com/
Durcevic, S. (2019, january 10). Retrieved from https://www.datapine.com/blog/cloud-computing-

risks-and-challenges/
FRANKENFIELD, J. (2020). Retrieved from https://www.investopedia.com/
MacDermott, Á. (2021, january 2). Retrieved from https://www.researchgate.net/
MacDermott, Á. (2021, january 2). Retrieved from https://www.researchgate.net/
Michael. (2021). Retrieved from https://www.salesforce.com/
Microsoft. (2021). Retrieved from https://azure.microsoft.com/
Montgomery, J. (2021). Retrieved from https://searchstorage.techtarget.com/
Ranger, S. (2018, dec). Retrieved from https://www.zdnet.com/
Sill, A. (2021). Retrieved from https://www.nist.gov
skfdjskdfjs. (n.d.). sdfsdf. Retrieved 2014
Suryakanthi, T. (2021). Retrieved from https://www.researchgate.net/
VELIMIROVIC, A. (2021). Retrieved from https://phoenixnap.com/
Vold, N. (2021). Retrieved from https://www.visma.com/
Wilkinson, D. (n.d.). Retrieved from https://libguides.wits.ac.za/c.php?g=693518&p=4914913
xgxdfd. (n.d.). xxfdxd. Retrieved 2010
Zamani, E. (2021, 7 8). Retrieved from https://www.ncbi.nlm.nih.gov
58
N2)
Марковић, С. (2021). Retrieved from https://www.researchgate.net
59
N2)
60
N2)

Assignment Cover Sheet: Student Details

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Assignment Cover Sheet: Student Details

Uploaded by

Copyright:

Available Formats

INTERNATIONAL SCHOOL OF

MANAGEMENT & TECHNOLOGY

ASSIGNMENT COVER SHEET

Student ID Reg No.

Family Name Dhungana Given Name Ashish

Enrolment Year 2018 Section N2

Semester 4th Email ashish@ismt.edu.np

Unit Title Cloud computing Unit Code F/615/1644

Assessor Name Mr. Krishna Parajuli Issued Date 23 July, 2021

Assignment Title Tri-tech International Nepal

Assignment No 1/1 Submission Date Septemeber,

Qualification BTEC HND IN Campus ISMT

STUDENT ASSESSMENT SUBMISSION AND

Student Name Ashish Dhungana Assessor Name Mr. Krishna Parajuli

Issue Date 23 July, 2021 Submission Date 22 September, 2021

Programme Btech HND in Computing

Unit Name F/615/1644

Assignment Title Tri-tech International Nepal

Pearson Education 2018

Evolution of cloud computing and its history ........................................................................................ 8

Concept of cloud computing .................................................................................................................. 8

Cloud computing framework: .............................................................................................................. 10

Architectural components: ............................................................................................................... 11

Reason to migrate to a cloud computing solution:............................................................................... 12

Architectural layer of cloud computing ............................................................................................... 14

Service models: .................................................................................................................................... 14

Software as a Services: ..................................................................................................................... 14

Platform as a service ........................................................................................................................ 15

Infrastructure as a service ................................................................................................................. 16

Network resources on cloud: ............................................................................................................ 17

Computer resources: ......................................................................................................................... 17

Service level agreement model: ....................................................................................................... 17

Public cloud model: .......................................................................................................................... 18

Private cloud model:......................................................................................................................... 18

Hybrid cloud model:......................................................................................................................... 19

Community cloud model .................................................................................................................. 19

Selecting Deployment model for Tri-tech International Nepal ........................................................... 19

Comparing the service model for Tri-tech International Nepal ........................................................... 19

Technology driver for cloud computing .............................................................................................. 21

Programming models: .......................................................................................................................... 21

Service Oriented Architecture.............................................................................................................. 22

Web 2.0 and 3.0: .................................................................................................................................. 22

Justifying the tools to realize a cloud computing solutions: ................................................................ 23

Google compute engine:................................................................................................................... 23

Pub/Sub (publish-subscribe pattern) ................................................................................................ 23

Internet of Things: ............................................................................................................................ 24

Google App engine: ......................................................................................................................... 24

Google cloud functions: ................................................................................................................... 24

Google Kubernetes engine ............................................................................................................... 25

Disadvantages of migrating application to cloud:................................................................................ 25

Software as a service ............................................................................................................................ 28

Services and built-in features .................................................................................................... 28

Platform as a Service ........................................................................................................................... 28

Basic Middleware (database and application services .............................................................. 28

Infrastructure as a Service .................................................................................................................... 29

Virtualized resource .................................................................................................................. 29

Virtualized Photos ..................................................................................................................... 29

Open-source tools: ............................................................................................................................... 29

Open stack: ....................................................................................................................................... 29

Cloud computing’s deep dependencies stack: .................................................................................. 37

IaaS issue .......................................................................................................................................... 39

PaaS security Issues: ........................................................................................................................ 40