Professional Documents
Culture Documents
STUDENT DETAILS
UNIT DETAILS
When submitting evidence for assessment, each student must sign a declaration confirming that
the work is their own.
Plagiarism
Plagiarism is a particular form of cheating. Plagiarism must be avoided at all costs and students
who break the rules, however innocently, may be penalized. It is your responsibility to ensure
that you understand correct referencing practices. As a university level student, you are expected
to use appropriate references throughout and keep carefully detailed notes of all your sources of
materials for material you have used in your work, including any material downloaded from the
Internet. Please consult the relevant unit lecturer or your course tutor if you need any further
advice.
Student Declaration
I certify that the assignment submission is entirely my own work and I fully understand
the consequences of plagiarism. I understand that making a false declaration is a form of
malpractice.
1
Ashish Dhungana (4th semester)
N2)
2
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Contents
Part 1: ..................................................................................................................................................... 6
Introduction: ........................................................................................................................................... 6
Introduction: ........................................................................................................................................... 8
Selecting the deployment model and also comparing the service model for given scenario:.............. 14
Virtualization: ...................................................................................................................................... 21
3
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Google Stackdriver:.......................................................................................................................... 24
Dockers: ........................................................................................................................................... 25
Conclusion: .......................................................................................................................................... 26
Part 2: ................................................................................................................................................... 27
Introduction: ......................................................................................................................................... 27
Application Tools...................................................................................................................... 28
Obstacles and opportunities one can face during the development process in cloud computing ........ 30
4
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Conclusion:....................................................................................................................................... 43
Conclusion: .......................................................................................................................................... 56
5
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Table of figure:
Figure 1: Cloud Architecture of Tri-tech international ........................................................................ 12
Figure 2 Fig: SaaS as a service ........................................................................................................... 15
Figure 3: PaaS as a service................................................................................................................... 16
Figure 4: IaaS as a service ................................................................................................................... 17
Figure 5: Cloud challenges .................................................................................................................. 34
Figure 6ig: (Suryakanthi, 2021) ........................................................................................................... 35
Figure 7 Multi-tenancy approaches...................................................................................................... 37
Figure 8: Cloud computing model layers. ............................................................................................ 38
6
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Part 1:
Introduction:
In this Part 1, I will refer to the above scenario and prepare a report that analyzes the evaluation and
fundamental concept of cloud computing, as well as present the design of an appropriate
architectural Cloud Computing Framework and discuss my thoughts on why a company should
migrate to a cloud computing solution. Obviously, Finally, I will define an appropriate deployment
model and compare service models to select a model, which can be real-world examples to
demonstrate deployment models.
7
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
By: To:
Sec: N2
8
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Introduction:
This section provides the related information on the concise study of the principles and design of
cloud computing. The first thing that needs to be addressed is the nature of cloud computing which
is how we have come to the cloud. The basic architecture of the cloud computing platform is
developed, and the necessity and purpose for the enterprise to move to the cloud with a background
is discussed and the other fundamental elements are compared with simple assumptions such as
deployment models and service model models.
In addition, it provides an overview of the cloud computing technology drivers and how the cloud
computing model is enhanced by those technical drivers. Finally, the rationale of the Cloud
Computing resources used to enable various cloud operations.
9
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
In the 1990s, telecommunications companies, who previously offered primarily dedicated point-to
point data circuits, began offering virtual private network (VPN) services with comparable quality
of service, but at a lower cost. By switching traffic as they saw fit to balance server use, they could
use overall network bandwidth more effectively. They began to use the cloud symbol to denote the
demarcation point between what the provider was responsible for and what users were responsible
for. Cloud computing extended this boundary to cover all servers as well as the network
infrastructure. As computers became more diffused, scientists and technologists explored ways to
make large-scale computing power available to more users through time-sharing. They
experimented with algorithms to optimize the infrastructure, platform, and applications to prioritize
CPUs and increase efficiency for end users. Then, after the decades, Amazon Web Services (AWS)
was into action and the service Elastic Cloud Compute (EC2) that gave company flexibility to rent
the virtual computers from which they can operate their own program and applications. Also,
Google launched Google Docs in the same year which is uses to create, edit and modify documents
and share all over the cloud.
The cloud was first used in the late 1990s to represent the gap between the end user and the
provider. Cloud computing, as described by Ramnath Chellapa of Emory University in 1997, is a
new computer paradigm in which the limits of computing are decided by economic logic rather than
technological considerations. This is a good summary of cloud computing's evolution. Then, as
companies gained a better understanding of the resources and their utility, cloud computing became
more widespread. Salesforce became the best example of how to use cloud computing efficiently in
1999.
In 2007, the joint effort of various universities, IBM and Google puts effort to develop the server
farm for the purpose of the research. Also, Netflix was released in the same year which is uses to
stream movies and other video content in various screen from various users which can be count in
millions as it uses the cloud.
10
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
After that, several companies have emerged to provide cloud services, such as IBM, which
introduced cloud-based streaming video services. The first open-source program for deploying
Private and Hybrid Clouds was released by NASA Open Nebula in 2007. In 2011, Apple released the
Apple Cloud, also known as ICloud, which focuses on storing more personal data. Oracle also
launched the Oracle cloud in 2012, which includes IaaS (Infrastructure-as-a-Service), PaaS
(Platform-as-a-Service), and SAAS (Software-as-a-Service) (Software-as-a-Service).
This framework was created for Federal IT executives, Program Managers, and IT procurement
authorities to have a fundamental understanding of and communicate the components of a cloud
computing system (USG). Cloud Service Consumer, Cloud Service Provider, Cloud Broker, Cloud
Auditor, and Cloud Carrier are the 5 major factors.
• Cloud consumer:
A person or organization that maintains a business relationship with, and uses service from,
Cloud Providers. A cloud consumer browses the service catalog from a cloud provider,
requests the appropriate service, sets up service contracts with the cloud provider, and uses
the service. The cloud consumer may be billed for the service provisioned, and needs to
arrange payments accordingly.
11
Ashish Dhungana (4th semester)
N2)
• Cloud Broker:
A Cloud Broker is a company that handles the use, performance, and delivery of cloud
services, as well as negotiating contracts between Cloud Providers and Cloud Consumers. As
cloud computing advances, cloud consumers may find it difficult to manage the integration of
cloud services. Cloud Broker is in responsible to manage and negotiate cloud service
utilization, including service intermediation, aggregation, and arbitrage. Because these
services are too complex for a cloud consumer to administer on their own, cloud consumers
seek cloud services from a cloud broker rather than dealing directly with the cloud provider.
Cloud providers gain from collaborating with Cloud Broker by minimizing reliance,
increasing business continuity, and increasing SLAs by leveraging different cloud providers.
However, it might lead to potential conflicts of interest when a cloud broker offers the best
services for their own benefit.
• Cloud auditor:
A cloud auditor is a third party who may analyze cloud services, information system
operations, performance, and security of a cloud computing deployment in an independent
manner. A cloud auditor can assess a cloud provider's services for security measures, privacy
implications, performance, and compliance with service level agreement standards.
• Cloud carrier:
A cloud carrier serves as an intermediary between cloud consumers and cloud providers,
providing connectivity and transfer of cloud services. Consumers can access cloud carriers
via network, telecommunications, and other access devices. Cloud Carrier obtains cloud
services from cloud providers via network access such as network and telecommunications,
as well as Software Level Agreements (SLAs), and serves as a transport agent between Cloud
Consumers and Cloud Providers.
Architectural components:
As identified in the NIST cloud computing definition, a cloud infrastructure may be operated in one
of the following deployment models: public cloud, private cloud, community cloud, or hybrid
cloud. The differences are based on how exclusive the computing resources are made to a Cloud
Consumer. The service orchestration in the top right is the composition of system components to
support the Cloud Providers activities to arrange, co-ordinate and manage the computing resources.
12
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Following the deployment and service models, cloud service control includes all service-related
functions that are necessary for the operation and management of the offered services, which are
mostly used for business support, provisioning, and configuration.
• Flexibility: Cloud-based services are ideal for businesses with growing or fluctuating bandwidth
demands. If your needs increase it’s easy to scale up your cloud capacity, drawing on the service’s
remote servers. Likewise, if we need to scale down again, the flexibility is baked into the service.
13
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
This level of agility can give businesses using cloud computing a real advantage over
competitors- it is not surprising that CIOs and IT Directors rank ‘operational agility’ as a
top driver for cloud adoption.
• Automatic Software Updates:
The beauty of cloud computing is that the servers are off-premise, out of sight and out of your hair.
Suppliers take care of them and roll out regular software updates including security updates. So, we do
not have to worry about wasting time maintaining the system ourselves.
• Capital-expenditure Free: Cloud computing cuts out the high cost of hardware. We simply pay as
we go and enjoy a subscription-based model that is kind to our cash flow. Add to that the ease of
setup and management and suddenly your scary; hairy IT project looks at lot friendlier.
• Work from anywhere: With cloud computing, if we have an internet connection we can be at work.
Moreover, with most serious cloud services offering mobile apps, we are not restricted by which
device we have to hand.
• Better Storage: Most businesses use cloud services because they provide large volumes of
highly accessible data storage for a fraction of the cost of doing so on-premise. Furthermore,
we can easily expand and shrink our storage capacity depending on your needs, which is
particularly beneficial for businesses that experience seasonal traffic. We can expand our
cloud storage at a low cost and not have to worry about running out of space.
• Measured service:
All computing resources offered by the cloud are monitored, and the results are later used for
recording. The various services usage is tracked and documented, which assists both the
provider and the consumer in justifying resource utilization (Ranger, 2018). Because the pay-
as-you-go features are justified by measured service, charge-per-use is possible.
• Automated Tasks - When it comes to keeping essential software up to date, IT staff has less
to think about thanks to cloud application migration. This is due to the fact that all cloud
systems are modified in the backend without causing any disruption, resulting in increased
organizational stability. It creates code for application development automatically, allowing
you to complete tasks more quickly.
• On-demand self-service:
This function is extremely important in Cloud Computing since it allows users to manage and
monitor network consumption, server uptime, and other computing capabilities.
• Operational Flexibility: A cloud platform helps us to be more versatile when installing
software and testing. Since the applications are deployed from the backend, the IT team does
14
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
not need to install them manually or over a remote network. Also, if we don't like an
application, we can easily uninstall it and replace it with one given by the provider.
• Disaster Recovery: Migrating to the cloud would make it easier to recover from any cloud-
based disaster. Since cloud systems automatically backup data at regular intervals and
upgrade the system on a regular basis, they can retrieve all updated information in the event
of an emergency and assist in the efficient completion of tasks.
• Cloud security:
Lost laptops are a billion dollar business problem. And potentially greater than the loss of an expensive
piece of kit is the loss of the sensitive data inside it. Cloud computing gives us greater security when this
happens. Because your data is stored in the cloud, we can access it no matter what happens to our
machine. And we can even remotely wipe data from lost laptops so it doesn’t get into the wrong
hands.
Selecting the deployment model and also comparing the service model for given scenario:
First, we need to evaluate the company's position before selecting the implementation model for tri-tech
international. Since this firm needs to migrate its aging infrastructure to the cloud and provide such SaaS
and PaaS services to its customers, suggesting that the company is intended to play the role of providing its
SaaS and PaaS services to its customers.
15
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Google Apps, Salesforce, Workday, Concur, and Cisco WebEx are some examples of SaaS.
Platform as a service:
PaaS is a service that provides cloud components to apps and is used to build applications and other
technologies. PaaS refers to a system for developing or customizing software or applications. PaaS
enables fast and cost-effective application development, testing, and deployment. Third-party
vendors are in charge of their own servers, operating systems, and virtualization, storage,
networking, and PaaS applications. Cloud characteristics such as scalability, high availability, and
multi-tenancy are inherited by PaaS applications.
Example: Apprenda is a private cloud PaaS for.NET and Java, Google App Engine supports web
applications written in Java, Python, PHP, and Go, Microsoft Azure supports various application
creation in.NET, PHP, Python, and Ruby, and AWS allows users to build, deploy, and manage web
applications and services written in Java,.NET, PHP, Node.js, Python, Ruby, and Go.
16
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Infrastructure as a service:
Self-service models for accessing, controlling, and maintaining remote datacenter infrastructures,
such as virtualized storage, networking, and network services like firewalls, are known as IaaS.
Instead of buying hardware, users can pay for IaaS depending on how much they use it, similar to
how they pay for electricity or utilities. In comparison to SaaS and PaaS, IaaS is responsible for
managing programs, files, runtime, middleware, and operating systems. Databases, message queues,
and other virtualization-related services are managed by IaaS providers.
Amazon Web Services (AWS), Cisco Metapod, Microsoft Azure, Google Compute Engine, Oracle
Cloud, and others are examples of IaaS.
17
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Computer resources:
For cloud computing, the device or system should have a variety of computer resources, especially
data storage and processing power, as well as directly interacting management tools for the user.
Data center for the collection of all data that the user accesses through the internet or a cloud
platform. Large clouds necessitate the distribution of functions from central servers across several
locations.
18
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
meeting the SLA's specified level of service. The following are the main SLA components and
checklists.
• Statement of Objectives: The service provider should state the general goals for the services
they will be providing.
• Service Description: The SLA should provide comprehensive explanations of the service.
Each individual service should be described, as well as a summary of the service that should
be offered to the customer.
• Quality Standard: As each service is received, the customer should state the anticipated
performance and quality of the services.
• Customers' Responsibilities: Customers must be mindful of and adhere to the service
provider's terms and conditions.
• Penalties for contract breaches: An SLA may provide a plan for the documentation of how
the service provider will pay in the event of a contract breach by defining performance
benchmarks.
19
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
The term "private cloud" refers to the process of organizing an existing infrastructure by combining
virtualization and cloud-like interfaces. Users can connect with the local data center while getting the
same benefits as public clouds, such as a self-service interface, privileged access to virtual servers,
and per-use monitoring and charging. The original SLA agreement, training, and moving existing
non-cloud processes to the cloud are all part of the outsourced private cloud main costs. In this
model, an organization can serve as both a consumer and a supplier of cloud services, as it used IaaS
as a consumer and then wanted to provide IaaS and SaaS to a customer, thereby becoming a cloud
provider. The private clouds also allow the organization to utilize the infrastructure to centralize
access to IT resources across several locations, which is another requirement.
20
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Level of control Consumers have full Consumers have Only consumption and
cloud consumers administrative control limited administrative usage-related
over the resources access in SaaS. configuration are
they use in IaaS. available to customers.
Typical functionality They have full access They have some Only the front-end
made available to to IT resources administrative control user interface is
cloud consumer connected to over IT resources that available to them.
virtualized are relevant to their
infrastructure. use.
21
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
1. Virtualization.
2. Programming models.
3. Service oriented architecture.
4. Web 2.0 and Web 3.0
5. Network Technology.
6. Memory and storage technology.
7. Software process model.
8. Pervasive computing.
Virtualization:
It is the process of sharing license keys to physical instances of application among different users of
the enterprise. The main purpose of this technology is to provide a standard version of the cloud
application to all clients. It is popularly used for its flexibility and instant running process.
22
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Programming models:
Programming models are called bridges between hardware and software, which enable both
algorithms and data structures to be expressed. Three types of programming models are Task
Programming Model, Parallel Programming Model, Thread Model and Shared Model. Where The
task-programming model is designed to allow the writing of Maple code using multiple processors,
while avoiding the complexities of conventional multi-threaded programming. The Parallel Program
Model is used for shared memory, communications and concurrent data transfer, as well as hardware
and memory architecture abstractions. This emphasizes multiple algorithms to operate concurrently
without having an effect on important results, and avoids threads through the development of tasks
that are used in cloud computing more often.
23
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
24
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Internet of Things:
At the edge and in the cloud, IoT services connect, process, store, and analyze data. It consists of an
integrated software stack as well as scalable, fully managed cloud services that provide all of the
machine learning capabilities required for the services. Predictive maintenance, real-time asset
tracking, logistics and supply chain management, and small city and building management are all
applications for these systems. By delivering embedded operating systems and out-of-the-box
support for devices, it helps to accelerate business agility with IoT data and enhance operational
efficiency. It also triggers automatic adjustments based on real-time events utilizing Cloud Function
workflows.
Google Stackdriver:
Google Stackdriver is a monitoring service that allows IT teams to keep track of services, containers,
infrastructures, and applications. The Google Stackdriver collects measurements, incidents, and logs
from infrastructures and applications, providing developers and operators with a rich, visible signal
of root-cause and reducing mean-time-to-resolutions and solving various problems (Sill, 2021). The
service searches various cloud accounts for metadata and allows users to access data from graphs and
charts. Stackdriver tracking, Stackdriver error reporting, Stackdriver debugger, Stackdriver trace, and
Stackdriver logging are some of the key features of Google Stackdriver.
25
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
creating functions rather than designing cloud infrastructures. Applications running on the GCP, for
example, may activate functions.
Dockers:
Docker is a platform that uses containers to make it easier to build, deploy, manage, and run
applications. Regardless of any customizable settings, the program will run on Linux machines. To
put it another way, Docker is a virtual computer. Docker allows applications to run on the same
Linux kernel system as their host, resulting in major performance gains and a reduction in
application size.
26
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
hacking will result in vulnerability of your sensitive business and application data since data
stored in the cloud is easily accessible from anywhere on the Internet.
• Platform Dependency: There are a plethora of vendors and suppliers that provide cloud
services to their customers. Some cloud providers enslave their customers with proprietary
applications, making switching to a different cloud provider prohibitively costly or
impossible. Although it is costly to reconfigure software to meet business requirements, the
conversion will expose sensitive data to privacy and security risks.
Conclusion:
In a nutshell, a cloud enables users to access applications without having to acknowledge where they
are processed or housed, in other words, online. The basic explanation of all of these variables, such
as service models and deployment models, shows that cloud providers primarily sell services rather
than products. The numerous advancements in Cloud Computing, such as Web 2.0 and 3.0,
Networking Technology, Virtualization Technology, and many more, provide new gestures for
browsing and accessing the internet, as well as managing all of the resources in the Cloud, allowing
it to spread rapidly.
27
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Part 2:
Discuss the issues and constraints one can face during the development process and critically
discuss how one can overcome these issues and constraints.
Build and deploy nginx docker image in kubernetes client as Google Platform for PoC for
management.
Configure and migrate existing on-premise MySQL database to GCP Cloud SQL and connect
to the database.
Deploy network monitoring tools and troubleshooting methods to establish network baselines
and produce network documentation. Also, step by step process of troubleshooting methods.
Prepare cost benefits analysis on-premise infrastructure and application with compare with the
public cloud deployment.
An IT company decides to provide free access to a public cloud dedicated to higher education.
Which one of the three cloud computing delivery models, SaaS, PaaS or IaaS should it embrace
and why? What applications would be most beneficial for the students? Will this solution have
an impact on distance learning? Why?
Describe how Cloud computing technology can be applied to support remote ECG Monitoring
IOT solution.
Introduction:
In this task, I will configure a cloud computing platform using a cloud service providers system and
then implement the platform using open source software. Similarly, I will address the problems and
28
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
constraints that can arise during the development process, as well as how to solve these problems and
constraints. In this task, I will configure a cloud computing platform using a cloud service providers
system and then implement the platform using open source software. I chose Google Cloud Platform
for cloud computing because it is the best cloud for business processes, and Google Cloud is also used
in my office.
Software as a service:
Various services such as office and business process automation, various business services
applications, various virtual desktops, and information and messaging services such as email are
available as software as a service. Most SaaS applications can be accessed via a web browser and do
not require any downloads or installations. SaaS removes the need to install and run software on
individual machines due to the online distribution model. Below is a detailed outline of each part of
the cloud computing architecture in software as a service:
• Services and built-in features: Rather than buying several services, such as a new piece of
software, Google Cloud provides automatic built-in functionality. Alternatively, we can
incorporate various functionalities and behaviors at a lower rate. Developers can create
exciting cloud-based applications with exciting functionality and services for business
processes.
Platform as a Service:
Database management services, which include a platform for storing, saving, deleting, and retrieving
data, directory services, testing tools for various software, and various applications for business
services and processes are all part of the platform as a service system. Developer tools software for
developers is also included in platform as a service. Below is a comprehensive description of each
part of the cloud service system in platform as a service:
29
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
connection between the servers, the database, and the various clients. Middleware services
are used to link the database and application servers.
Infrastructure as a Service:
There are different services available in infrastructure as a service, including better storage, better
web server facilities, server hosting facilities, and various virtual machines. Computing, networking,
virtualized images, and a variety of hardware services are all available. Below is a detailed
description of each aspect of the cloud service system in infrastructure as a service.
• Virtualized resource: Cloud Platform deals with a variety of virtualized services, including
computer, networking, and storage. Google Cloud Platform's compute engine, which
provides virtual machines running in Google's revolutionary data centers and around the
globe through fiber network, is commonly referred to as compute. Compute engine provides
fast VM boot times, persistent disk storage, and consistent performance, as well as the ability
to create custom machine types. Google Cloud builds massive computing clusters that benefit
from good and reliable cross-machine bandwidth on the networking side. Using Google's
private global fiber network, it will link to machines in other data centers and other Google
services. We can build an instance for networking and manage our network configuration.
• Virtualized Photos: There are a variety of operating system images available in the cloud,
including Linux, Mac, Windows, and other operating systems. Public photos produced and
preserved by Google, open source communities, and third-party vendors are the two forms of
images available.
Open stack:
Open stack is a collection of open source cloud computing tools that manage and provision large
pools of compute, storage, and networking resources across a datacenter using APIs and a standard
authentication mechanism. Open stack, in general, is work that is done under the infrastructure as a
service functionality. To access infrastructure tools, an open stack implementation includes a range
of modules, such as nova for computing, Zun for container service, and qinling for functions service.
On the hardware side, there are two ironic elements for the bare metal provisioning device cyborg for
accelerator lifecycle management.
Swift for object storage, cinder for block storage, and manila for shared file system are the three
components on the storage side. Additionally, on the networking side, there are three working
30
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
mechanisms: neutron for networking, Octavia for load balancing, and designate for DNS operation.
There is a working framework called keystone that provides the identity service of open stack for
shared services. A central list of all users of the open stack cloud who have permission to use it is
needed. Searchlight for indexing and scanning, Placement for placement service, Glimpse for image
service (virtual images on hard disks), and Placement for placement service.
There are a variety of identity and access management services available, including heat for self-
orchestration, senlin for clustering, mistral for workflow, and zaqar for messaging. There is Sahara
for big data processing system provisioning and trove for database as a service provisioning for
workflow provisioning. Finally, exciting dashboards are on the horizon for the web frontend.
Obstacles and opportunities one can face during the development process in cloud computing:
• “Business Continuity and Service Availability: Organizations often worry about cloud
providers' service availability. And well-known companies like Google, Amazon, and
Microsoft have experienced outages.
• “Data Locked-In: Data Locked-In refers to an organization's business's reliance on the cloud
provider's software and hardware infrastructure. Despite the fact that software stacks have
enhanced platform interoperability, storage APIs remain largely proprietary, or at the very
least have not been subject to active standardization. As a result, consumers can't transfer
their data and programs from one site to another, as in hybrid cloud computing or surge
computing.”
• “Data Confidentiality: One of the most common objections to cloud computing is data
protection or personal information in the cloud. Both outside and within the cloud, cloud
users face security threats. While the cloud simplifies external security, it introduces new
issues in terms of internal security. Users' theft or denial-of-service attacks must be avoided
by cloud providers. Users must be kept safe from one another.
• “Performance Unpredictability: Virtual machines in the cloud can easily share CPUs and
main memory, but network and I/O sharing is more difficult. As a consequence, I/O output
varies more between Amazon EC2 instances than main memory performance.
• “Scalable Resources: The issue with storage is its inflexibility when it comes to scalability.
There have been numerous attempts to address this question, with varying degrees of richness
in query and storage APIs, performance guarantees, and consistency semantics.
• Bugs in Large-Scale Distributed Systems: Eliminating errors in large-scale distributed
systems is one of the most challenging problems in cloud computing. The fact that these
31
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
To minimize risk, use a zero-cost model: Zero trust is an IT protection technique in which every
user in an organization is required. A zero confidence approach means tightly limiting access for
ensure, a company that specializes in property and casualty insurance services and software.
Learn from news stories about IT failures: Many organizations are moving data to the cloud these
days, and we're hearing a lot about data breaches in the cloud, so we can learn from these stories
about how to protect our company data in the cloud. Investing time in researching industry news for
cloud-related failures can assist you in reducing your cloud risk. Because of the dynamic and
changing existence of cloud computing in today's company, there's always something to be learned
from high-profile failures.
Rethinking our cloud management strategy blend of manual vs. automated: Organizations may
use automation, virtual agents, and data crunching to not only sell more goods, but also to handle
cloud services. Manual services are the conventional, ancient, and potentially dangerous alternative,
but an automated system may be the best option for detecting problems and standardizing cloud
configuration.
32
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Conclusion:
I configured a cloud-computing platform with a cloud service providers system and introduced a
cloud-computing platform using open source software as part of the Part 2 “I” assignment. Similarly,
I have addressed the problems and constraints that can arise during the development process, as well
as how to solve these problems and constraints. Finally, I deployed cloud systems with auto-scaling
capabilities, and I'll go over the financial benefits
33
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Part 3:
A. Write an article which
Analyzes the most common challenges and risks which arise in a Cloud Computing platform and
discusses appropriate solutions to these problems.
How does Cloud computing help to reduce the time to market for applications and to cut down
capital expenses?
Assesses the most common security issues in cloud environments and discusses how to overcome
the security issues when building a secure cloud platform.
Critically discuss how to overcome these security issues when building a secure cloud platform.
Introduction:
This article will primarily focus on the present difficulties and their solutions that develop on the Cloud
Computing Platform. The common issues and risks that exist in cloud computing solutions are first
described, followed by solutions to the problems. The primary security difficulties or issues are then
evaluated, along with potential solutions for building a safe cloud platform. Also to be critically
considered are strategies to protect vital data of a company while shifting to a cloud solution.
The term "cloud" is being talked about everywhere these days. This unclear word occurs to cover
almost every aspect of our lives. While "the cloud" is merely a metaphor for the internet, cloud
computing is the topic of conversation these days. It improves data storage, security, flexibility, and
employee communication, as well as changing the workflow of small and large businesses to help
them make better decisions while lowering expenses.
Keywords: cloud computing, cloud computing security, cloud computing security management
RightScale conducted its annual State of the Cloud Survey on the newest cloud trends in January 2018.
They polled 997 technical personnel from a wide range of enterprises about their cloud infrastructure
deployment. Their findings were eye-opening, particularly in light of contemporary cloud computing
issues. To answer the basic topic of what are the challenges of cloud computing, we've expanded on
34
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
some of their results and listed some additional cloud computing issues that businesses may face
(Durcevic, 2019).
Misconfiguration:
Misconfiguration today leads to cloud data breaches. The design of the cloud infrastructure is the main
cause of these data breaches. The infrastructure is designed in such a way that data can be easily shared
while unauthorized parties are not easily detected. The infrastructure, like the infrastructure, lacks
complete visibility and control over their infrastructure. As a result, they should rely on the security
controls provided by cloud service providers.
Lack of visibility:
The cloud-based resources of an organization are situated outside of the corporate network and run on
infrastructure that is not owned by the corporation. As a result, rather than using typical network traffic
monitoring methods, there should be the capacity to view inside the cloud service itself in order to
have complete visibility over data.
Insider threats:
Insider threats are a serious security concern for any company. A malicious insider has already been
granted access to a company's network and some of its most sensitive assets. As a result, there's a good
chance that data will be leaked on purpose.
Compliance:
35
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
The use of cloud computing services gives regulatory and corporate compliance a new dimension.
Regulatory regulations like as HIPAA, PCI, and Sarbanes-Oxley, as well as obligations from internal
teams, partners, and customers, may apply to your cloud infrastructure. Compliance and risk
management processes involve infrastructure from cloud providers as well as interfaces between in-
house systems and the cloud.
Access controls based on the traditional data center network perimeter are no longer effective because
users can access cloud apps and data over the internet. Bring-your-own-device (BYOD) technology
allows users to access the system from any place or device. Furthermore, privileged access by cloud
provider workers may allow them to overcome your own security safeguards.
36
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
37
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
region level), in order to avoid planned attacks isolating between running services and API
that attempt to co-locate with victim assets. calls. Isolation in SaaS should be used to
Isolation in IaaS should take into account VM separate transactions carried out on the same
storage, processor, memory, cache memories, instance by distinct tenants, as well as tenant
and networks. Isolation in PaaS should include data.
38
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
39
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Each stakeholder has their own security what dangers exist, and what breaches occur on
management systems in place to define their the cloud platform and hosted services. This is
assets, anticipated risks and their known as "trust but verify," in which cloud
consequences, as well as how to mitigate those users should have faith in their providers but
risks. Both cloud providers (who are unaware cloud providers should give tools to assist users
of the contents and security needs of services in verifying and monitoring security policies.
housed on their infrastructures) and cloud
Cloud computing service delivery models and
consumers (who are unaware of the contents
security implications:
and security requirements of services hosted on
their infrastructures) lose control when they Each service delivery model's significant
adopt the cloud model (who are not able to security issues/vulnerabilities are summarized.
control neither on their assets security nor on Some of these issues fall under the purview of
other services sharing the same resources). cloud providers, while others fall under the
Security SLA management frameworks are a purview of cloud users.
portion of the solution for defining, enforcing,
IaaS issue:
and monitoring security attributes. SLAs, on
VM security — employing traditional or cloud-
the other hand, nevertheless leave security
based security solutions to protect VM
aspects out of their requirements. Furthermore,
operating systems and workloads from
SLAs are high-level contracts that do not
common security threats that afflict traditional
include the specifics of security rules and
physical servers, such as malware and viruses.
controls, as well as how to update them at
Cloud users are responsible for the security of
runtime.
their virtual machines. Each cloud customer
Cloud providers, on the other hand, are unable can implement their own security safeguards
to implement efficient and effective security based on their needs, risk tolerance, and
controls since they are unaware of the security management methodology.
architectures of hosted services. Furthermore,
Securing the VM image repository - unlike real
cloud providers are confronted with a slew of
servers, virtual machines are vulnerable even
new security regulations, all while maintaining
when they are turned down. By introducing
a diverse set of security controls that must be
malicious code into the VM file or even
updated. The security administrators' jobs are
stealing the VM file itself, VM images can be
made much more difficult by this. Between
hacked. Cloud providers are responsible for
cloud providers and consumers, there must be
maintaining a secure VM image library.
transparency about what security is enforced,
40
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
41
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Web application vulnerability scanning - web monitoring, billing, elasticity, IaaS, PaaS, SaaS
applications that are going to be hosted on services registry, and cloud security
cloud infrastructure should be validated and management are all CML components. Such a
inspected for vulnerabilities utilizing web layer is crucial since any vulnerability or
application scanners. The National breach of it will allow an adversary to take
Vulnerability Database (NVD) and the control of the entire cloud platform, much like
Common Weaknesses Enumeration (CWE) an administrator. This layer provides a set of
should keep such scanners up to date with APIs and services that client applications can
newly found vulnerabilities and attack routes utilize to connect to the cloud platform. As a
(CWE). To minimize existing/discovered result, the same security concerns that plague
vulnerabilities, web application firewalls the PaaS paradigm also apply to the CML layer.
should be in place (examining HTTP requests Methods of Obtaining Access to the Cloud (E)
and responses for applications specific Security Concerns The concept of cloud
vulnerabilities). Injection, cross-site scripting computing is to expose resources across the
(Input validation) flaws are among the top ten internet. These resources can be accessed by
most significant online application using the following methods: -
vulnerabilities identified by OWASP in 2010.
In the case of web applications, SaaS, web
Web application security misconfiguration and browsers (HTTP/HTTPS).
breaking - In SaaS, web application security
In the case of web services and APIs - PaaS and
misconfiguration or vulnerabilities in
CML APIs – SOAP, REST, and RPC protocols
application-specific security measures is a
are used.
major problem. With multi-tenancy, security
misconfiguration is even more critical, as each In the case of VMs and storage services – IaaS
tenant has their own security configurations – remote connections, VPN, and FTP are used.
that may conflict with one another, resulting in To safeguard data transported between the
security flaws. To implement and manage cloud platform and consumers, security
security in a consistent, dynamic, and resilient policies should address vulnerabilities
manner, it is generally suggested to rely on connected to these protocols.
cloud provider security policies. D. Cloud
Cloud computing security enables:
Management Security Concerns the Cloud
Federation and Identity & Access Management
Management Layer (CML) is a "microkernel"
(IAM) Identity is at the heart of any security-
that can be expanded to include and coordinate
conscious system. It allows systems and other
many components. SLA management, service
42
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
parties to recognize users, services, servers, APIs and service calls made by other
clouds, and other entities. A bundle of data applications. The application's keys, as well as
connected with a given entity makes up an all other credentials required by the program to
identity. Because of the context, this access such APIs, must be kept secure.
information is useful. Identity should not reveal
Security management:
"private" information about users. A
Cloud security management becomes a more
comprehensive and consistent Identity
challenging research topic as a result of the big
management solution should be delivered or
number of cloud stakeholders, the deep
supported by cloud platforms. This system
dependency stack, and the large number of
should provide identity context information for
security controls to meet security needs.
all cloud items and cloud users. Identity
Security management should include security
provisioning and deprovisioning, identity
requirements and policies, security controls
information privacy, identity linking, identity
configurations based on policies, and feedback
mapping, identity federation, identity attributes
from the environment and security controls to
federation, single sign on, authentication, and
security management and cloud stakeholders.
authorization are all things that should be
Security management should be implemented
included. Existing standards, such as SPML,
as a CML plug-in.
SAML, OAuth, and XACML, should be used
to securely federate identities among Lifecycle of Secure Software Development
interacting entities across domains and cloud Elicitation of security requirements, threat
platforms in such a system. modeling, and augmentation of security needs
to systems models and generated code are all
Key management:
part of the secure software development
One of the main goals of cloud computing
lifecycle (SDLC with security engineering
security is confidentiality (CIA triad).
activities). The lifecycles and techniques used
Encryption is the primary means of achieving
to construct secure systems will be
data, process, and communication
revolutionized by cloud-based apps. The PaaS
confidentiality. Key-based encryption
offers a set of reusable security enablement
techniques are either symmetric or asymmetric.
components to aid in the development of secure
Both encryption methods have a big issue with
cloud-based applications.
encryption key management, or how to
generate, store, access, and share secret keys in The cloud-based application's security
a secure manner (Anitian, 2021). PaaS also engineering should also evolve to satisfy new
requires the use of application keys for any security criteria placed on such systems. To
43
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
accommodate a wide range of customer and implemented across the various cloud
security requirements, applications should platforms involved.
enable adaptive security (rather than hardcoded
Conclusion:
security). Externalizing/delegating security
For service providers, cloud providers, and
enforcement and application security
cloud customers, the cloud computing
management to cloud security management,
paradigm is one of the most promising
cloud security services, and security controls is
computing models. However, in order to get the
the foundation of adaptive application security.
most out of the model, we need to plug the
Optimization of the security-performance
existing security gaps (Vold, 2021). Based on
tradeoff SLAs are used to supply services in the
the information presented above, the cloud
cloud computing model. SLAs should include
security issue can be summarized as follows:
performance, reliability, and security
objectives. SLAs also specify the penalties that Some of the security issues are due to the
will be enforced if the SLA is broken. technologies that are being used, such as
Delivering a high level of security, as one of the virtualization and SOA.
SLA objectives, necessitates a significant
Multi-tenancy and isolation are two significant
increase in resource consumption, which has an
aspects of the cloud security problem that
influence on the performance goal (the more
necessitate a vertical solution that extends from
adopted security tools and mechanism, the
the SaaS layer to the physical infrastructure (to
worst the impact on the performance of the
develop physical alike boundaries among
underlying services). Using utility functions for
tenants instead of virtual boundaries currently
security and performance, cloud management
applied). To regulate and manage such a large
should examine the trade-off between security
number of needs and controls, security
and performance (least security unless stated
management is necessary. As shown in Figure
otherwise).
3, the cloud model should have a holistic
Security federation across many clouds: security wrapper that requires all access to the
When a consumer uses apps that rely on cloud platform's objects to pass through
services from several clouds, he must ensure security components first. We advocate that
that his security requirements are met on both cloud computing security solutions: Focus on
clouds and in the middle (MacDermott, 2021) . problem abstraction, employing model-based
When many clouds join forces to supply a approaches to capture different security views
larger pool of resources or integrated services, and link such views in a holistic cloud security
their security requirements must be federated model. The cloud architecture is built with this
44
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Presentation:
45
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
46
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
47
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
48
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
49
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
50
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
51
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
52
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
53
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
54
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
55
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
56
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Conclusion:
Here, I have wrote an article that evaluates the most prevalent challenges and hazards that develop in
a cloud computing platform and discusses viable solutions to these issues. I've also discussed how
cloud computing can help reduce application time to market and capital expenditures. I evaluated the
most prevalent security challenges in the cloud environment and addressed how to overcome these
issues while developing a safe cloud platform, and I developed a presentation that included the
important ideas and concepts regarding the topic assigned to me.
57
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
Bibliography
(n.d.). Retrieved from https://www.mja.com.au/journal/2000/173/11/media-and-young-minds
58
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
59
Ashish Dhungana (4th semester)
N2)
Cloud Computing 2021
60
Ashish Dhungana (4th semester)
N2)