Cloud Computing Report of

May/June 2023

Seminar by cloud computing

 A Seminar
On
Cloud Computing

PRESENTED BY
GAIKWAD AKSHAY
 CETIFICATE

This is to certify that the project report entitled “Cloud Computing” Is

submitted for partial fulfilment Master Degree in MSc, Computer Science as
per requirement of Dr. Babasaheb Ambedkar University, Aurangabad for the
academic year May/June 2023.

(Dr. Ankush Takale)

Guide

Principal Head of Department

 Acknowledgment

We are pleased to acknowledge Dr.--------------------------------- for their

invaluable guidance during the course of this project work. We extend our
sincere thanks to Dr.------------------------------- who continuously helped us
throughout the project and without his guidance, this project would have been
not be Successful.
We are also grateful to other members of the MSC Computer Science
faculty members and technical staff who co-operated with us regarding some
issues.

➢ GAIKWAD AKSHAY VIJAY

TABLE OF CONTENT:

1.1 Introduction

1.2.1 History of Cloud Computing

2.2 Past

2.3 Present

2.4 Tomorrow

1.2.2. Life before Cloud Computing

1.3 What is Cloud?

1.4 What is Cloud Computing?

1.5 Cloud computing Architecture

1.6 Basic concept

1. Deployment Models

2. Service Models

1.6 Hybrid Cloud?

1.7 Advantages of Cloud Computing

1.8 Disadvantages of Cloud Computing

1.9 Underlying Components

1.10 Conclusion Cloud Computing

1.11 References
1.1 Introduction:

Cloud Computing provide us a means by which we can access the applications

utilities, over the Internet. It allows us to create, configure, and customize
applications online.

With Cloud Computing users can access databases resources via the interest
from anywhere for us long as they need without worrying about any
maintenance or management of actual resources.

Cloud computing allows consumers and business to use applications without

installation and access their personal files at any computer with internet
access. We take a deep dive into the world of cloud computing, the different
types of services it provides, and its applications in the world.
The digital industry changes almost daily. Technology is growing and changing,
and it can be tricky to keep on top of all the new developments and creations.
And while cloud computing isn’t necessarily a new development, it’s only been
in recent years that companies have started to turn to it.
The impact that cloud computing has had on the data industry and end-users
in general is difficult to overstate. Many aspects of everyday life have been
altered and transformed by this innovative digital solution.
From start-ups through to established businesses, cloud computing has helped
optimise costs and increase offerings. This is because they no longer require
extra hardware and software.
But for many, the world of cloud computing remains oblique and confusing.
We’ll give you an overview of cloud computing, and show how it can be used in
all sorts of domains, from developers through to the world of cyber security.
1.2.1 History of Cloud Computing

Yesterday, Today, and Tomorrow:

* In 1960s The American computer scientist named John, McCarthy stated

that computing will become a publicly available service in the future. This is
what has happened today cloud computing has made it all possible.

* He claimed that computing might be said in future in the same way as

utilities are (electricity, water etc.). The first company to develop commercially
successful cloud computing technology was Amazon.

The Past:

* In the past, computing was done through utility of supercomputers and

mainframes.

* The problem with this set-up arises from the cost needed to create a
supercomputer or mainframe.

* The cost of past computing methods was very high.

The Present:

* Today, computing can be done with utility of the service offered by a

provider that specializes on their industry.

* This makes the cost of computing lower compared with the utility of
supercomputers in the past and this is the concept of cloud computing.

* Intelligent cloud computing is able to manage all of the resources efficiently.

Tomorrow:

* As computer technology continue to progress so done the capability of cloud

computing.

* As faster computers and larger virtual storage areas become available, cloud
computing will also continuously improve with it.

* It can be possible in the future that data processed in an hour today can be
done in just a minute. Faster processors and connections will be the main
proponents of this improvement.

1.2. Life before cloud Computing

Traditional business applications have always been very complicated and

expensive. The amount and variety of hardware and software required to run
them are dauting. You need a whole team of experts to install, configure, test,
run, secure, and update them.

*When you multiply this effort across dozens or hundreds of apps. It’s easy to
see why the biggest companies with the best IT departments aren’t getting the
apps they need. Small and mid-sized business don’t stand a chance.

a. The Traditional Server Concept

System Administrators often used to talk about servers as a whole unit that
includes the hardware, the OS, the storage, and the applications. Servers are
often referred to by their function i.e. the Exchange server, the SQL server, the
File server, etc.
If something goes wrong
If the File server fills up, or the Exchange server becomes overtaxed, then the
System Administrator must add in a new server. Unless there are multiple
servers, if a service experiences a hardware failure, then the service is down.
System Administrators can implement clusters of servers to make them more
faults tolerant. However, even clusters have limits on their scalability, and not
all applications work in a clustered environment. This raised issues on server
maintenance and thus originating the concept of Virtual server.
b. The Virtual Server Concept
Virtual Server – Close up
Virtual server concept separates the server software away from the hardware.
This includes the OS, the applications, and the storage for that server. Servers
end up as mere files stored on a physical box, or in enterprise storage. A virtual
server can be serviced by one or more hosts, and one host may house more
than one virtual server. Virtual servers can still be referred to by their function
i.e. email server, database server, etc. If the environment is built correctly,
virtual servers will not be affected by the loss of a host. Hosts may be removed
and introduced almost at will to accommodate maintenance. Virtual servers
can be scaled out easily. If the administrators find that the resources
supporting a virtual server are being taxed too much, they can adjust the
amount of resources allocated to that virtual server. Server templates can be
created in a virtual environment to be used to create multiple, identical virtual
servers. Virtual servers themselves can be migrated from host to host almost at
will. Forbe’s.com
Forbe server’s operation hours are from 9AM till 5PM in a day. Then why spend
resources on the server during nights when it is not actually used? If Forbe’s
host their server themselves then why leaving it idle during its nonoperational
hours.

Forbe’s Solution:
Host the web site in Amazon’s EC2 Elastic Compute Cloud.
Provision new servers every day, and de-provision them every night.
Pay just $0.10* per server per hour or more for higher capacity servers.
Let Amazon worry about the hardware.
1.3 What is Cloud?

The term Cloud refers to a Network of Internet. In other words, we can say that
cloud is something. Which is present at remote location. Cloud can provide
services over network, i.e., on public networks or on private network, i.e.,
WAN, LAN or VPN. Application such as e-mail, web conferencing, customer
relationship management (CRM), all run in cloud.
The cloud enables users to access the same files and applications from almost
any device, because the computing and storage takes place on servers in a data
center, instead of locally on the user device. This is why a user can log in to
their Instagram account on a new phone after their old phone breaks and still
find their old account in place, with all their photos, videos, and conversation
history. It works the same way with cloud email providers like Gmail or
Microsoft Office 365, and with cloud storage providers like Dropbox or Google
Drive.
For businesses, switching to cloud computing removes some IT costs and
overhead: for instance, they no longer need to update and maintain their own
servers, as the cloud vendor they are using will do that. This especially makes
an impact for small businesses that may not have been able to afford their own
internal infrastructure but can outsource their infrastructure needs affordably
via the cloud. The cloud can also make it easier for companies to operate
internationally, because employees and customers can access the same files
and applications from any location.
1.4 What is Cloud Computing?

Cloud Computing refers to manipulating configuring , and accessing the

application online It offers data storage , infrastructure and application.
Cloud Computing is both a combination of software and hardware based
computing resources delivered as a network service.

Cloud computing is a general term for anything that involves delivering hosted
services over the internet. These services are divided into three main categories
or types of cloud computing: infrastructure as a service (IaaS), platform as a
service (PaaS) and software as a service (SaaS).
1.5 Cloud Computing Architecture

Cloud architecture is the way technology components combine to build a cloud,

in which resources are pooled through virtualization technology and shared
across a network. The components of a cloud architecture include:

A front-end platform (the client or device used to access the cloud)

A back-end platform (servers and storage)
A cloud-based delivery model
A network
Together, these technologies create a cloud computing architecture on which
applications can run, providing end-users with the ability to leverage the power
of cloud resources.
Basic Concepts

There are certain services and models working behind the scene making the
cloud computing feasible and accessible to end users. Following are the
working models for cloud computing:

1. Deployment Models
2. Service Models

Deployment Models

Deployment Models define the type of access to the cloud, i e. how the cloud is
located? Cloud can have any of the four of access; Public, Private. Hybrid and
Community. NIST defines four cloud deployment models: public clouds, private
clouds, community clouds, and hybrid clouds. A cloud deployment model is
defined according to where the infrastructure for the deployment resides and
who has control over that infrastructure. Deciding which deployment model
you will go with is one of the most important cloud deployment decisions you
will make.
Each cloud deployment model satisfies different organizational needs, so it’s
important that you choose a model that will satisfy the needs of your
organization. Perhaps even more important is the fact that each cloud
deployment model has a different value proposition and different costs
associated with it. Therefore, in many cases, your choice of a cloud deployment
model may simply come down to money. In any case, to be able to make an
informed decision, you need to be aware of the characteristics of each
environment.
Public cloud
As the name suggests, this type of cloud deployment model supports all users
who want to make use of a computing resource, such as hardware (OS, CPU,
memory, storage) or software (application server, database) on a subscription
basis. Most common uses of public clouds are for application development and
testing, non-mission-critical tasks such as file-sharing, and e-mail service.

Private cloud
True to its name, a private cloud is typically infrastructure used by a single
organization. Such infrastructure may be managed by the organization itself to
support various user groups, or it could be managed by a service provider that
takes care of it either on-site or off-site. Private clouds are more expensive than
public clouds due to the capital expenditure involved in acquiring and
maintaining them. However, private clouds are better able to address the
security and privacy concerns of organizations today.

Hybrid cloud
In a hybrid cloud, an organization makes use of interconnected private and
public cloud infrastructure. Many organizations make use of this model when
they need to scale up their IT infrastructure rapidly, such as when leveraging
public clouds to supplement the capacity available within a private cloud. For
example, if an online retailer needs more computing resources to run its Web
applications during the holiday season it may attain those resources via public
clouds.

Community cloud
This deployment model supports multiple organizations sharing computing
resources that are part of a community; examples include universities
cooperating in certain areas of research, or police departments within a county
or state sharing computing resources. Access to a community cloud
environment is typically restricted to the members of the community.

1.6 Advantages of Public Cloud Model

Minimal Investment: Because it is a pay-per-use service, there is no

substantial upfront fee, making it excellent for enterprises that require
immediate access to resources.
No setup cost: The entire infrastructure is fully subsidized by the cloud service
providers, thus there is no need to set up any hardware.
Infrastructure Management is not required: Using the public cloud does not
necessitate infrastructure management.
No maintenance: The maintenance work is done by the service provider (Not
users).
Dynamic Scalability: To fulfill your company’s needs, on-demand resources are
accessible.

1.7 Disadvantages of Public Cloud Model

Less secure: Public cloud is less secure as resources are public so there is no
guarantee of high-level security.
Low customization: It is accessed by many public so it can’t be customized
according to personal requirements.
Service Models

Service Models are the reference models on which the Cloud Computing is
based. These can be categorized into there basis service models as listed below;

1. Infrastructure as a Service (IaaS)

2. Platform as a Service (PaaS)

3. Software as a Service (SaaS)

Infrastructure as a Service (IaaS)

Infrastructure as a service (IaaS) is a type of cloud computing service that

offers essential compute, storage, and networking resources on demand, on a
pay-as-you-go basis. IaaS is one of the four types of cloud services, along with
software as a service (SaaS), platform as a service (PaaS), and serverless.
Migrating your organization's infrastructure to an IaaS solution helps you
reduce maintenance of on-premises data centers, save money on hardware
costs, and gain real-time business insights. IaaS solutions give you the
flexibility to scale your IT resources up and down with demand. They also help
you quickly provision new applications and increase the reliability of your
underlying infrastructure. IaaS lets you bypass the cost and complexity of
buying and managing physical servers and datacenter infrastructure. Each
resource is offered as a separate service component, and you only pay for a
particular resource for as long as you need it. A cloud computing service
provider like Azure manages the infrastructure, while you purchase, install,
configure, and manage your own software including operating systems,
middleware, and applications. IaaS is the delivery of technology infrastructure
as an on demand scalable service.
IaaS provides access to fundamental resources such as physical machines,
virtual machines, virtual storage, etc,

* Usually billed based usage

* Usually multitenant virtualized environment
* Can be coupled with Managed Services for OS and application supports

Platform as a Service (PaaS)

Platform as a service (PaaS) is a cloud computing platform where a third party

offers the necessary software and hardware resources. These offerings enable
clients to develop, run, and manage business applications without maintaining
the infrastructure required for such software development processes. Today’s
digital world is constantly bombarding organizations with newer technologies
and data. This large volume of information is making it difficult for legacy
environments to keep up. Owing to the data explosion, businesses are shifting
to cloud infrastructure as a feasible option. PaaS solutions cope with modern
business requirements while considerably reducing costs and complexities of
buying, installing, and managing in-house hardware and software.
PaaS provides the runtime environment for applications, development &
deployment tools, etc.
PaaS provides all of the facilities required to support the complete life cycle of
building and delivering web applications and services entirely from the
Internet. Typically applications must be developed with a particular platform in
mind.

Multitenant environments.
Highly scalable multitier architecture.

Software as a Service (SaaS)

SaaS is the most familiar form of cloud service for consumers. SaaS
redistributes the task of managing software and its deployment to third-party
services. Among the most familiar SaaS applications for business are customer
relationship management applications like Salesforce, productivity software
suites like Google Apps, and storage solutions brothers like Box and Dropbox.
Use of SaaS applications tends to reduce the cost of software ownership by
removing the need for technical staff to manage install, and upgrade software.
SaaS applications are usually provided on a subscription model.
Vendors:
Adobe Connect, ServiceNow, Google, Salesforce, Microsoft O365, MaaS360
Common SaaS Use-Case:
Replaces traditional on-device software. There are a wide variety of cases
including Customer Relationship Management, Video Conferencing, Email,
Collaboration, and more. SaaS services allow direct delivery of application level
capabilities to the end user with very little requirement for IT support resources
primarily focused on compliance management at the application layer.

Key Takeaway:
Software as a Service (SaaS) is a software licensing model, which allows access
to software on a subscription basis using external servers.
SaaS allows each user to access programs via the Internet, instead of having to
install the software on the user's computer.
SaaS has many business applications, including file sharing, email, calendars,
customer retention management, and human resources.
SaaS is easy to implement, easy to update and debug, and can be less
expensive than purchasing multiple software licenses for multiple computers.
Drawbacks to the adoption of SaaS include data security, speed of delivery,
and lack of control.
1.8 Cloud storage

The internet has drastically changed the IT industry. It not only connects a
person with the world, but it also introduces new features every year. In the
last decade, “cloud” was a new term tossed in the market, and soon it gained
so much popularity that it now covers a large area of the industry. Up to some
extent, we all are familiar with cloud technology and how it stores our data at
remote locations, and now every big tech company uses this technology to save
their own and customers’ data. Cloud is not only limited to large organizations
or enterprises but now even ordinary people also use the cloud to store their
data. Cloud has become so popular that every big tech giant has its cloud
service. For example, if you are an android user, you have to connect your
mobile device to a Google drive. This will store your data at a remote location,
so even if your mobile gets lost or reset, you can recover your data from the
remote server. If you are looking to further your knowledge and learn the
basics of cloud computing, head over to Cloud Academy and check out Cloud
Literacy. Whether you’re involved in sourcing IT services, need to understand
the cloud to make your business work more efficiently, or just want to know
about what the cloud is, this learning path is for you. Cloud storage is a cloud
computing model that enables storing data and files on the internet through a
cloud computing provider that you access either through the public internet or
a dedicated private network connection. The provider securely stores, manages,
and maintains the storage servers, infrastructure, and network to ensure you
have access to the data when you need it at virtually unlimited scale, and with
elastic capacity. Cloud storage removes the need to buy and manage your own
data storage infrastructure, giving you agility, scalability, and durability, with
anytime, anywhere data access.
Why is cloud storage important?
Cloud storage delivers cost-effective, scalable storage. You no longer need to
worry about running out of capacity, maintaining storage area networks
(SANs), replacing failed devices, adding infrastructure to scale up with demand,
or operating underutilized hardware when demand decreases. Cloud storage is
elastic, meaning you scale up and down with demand and pay only for what
you use. It is a way for organizations to save data securely online so that it can
be accessed anytime from any location by those with permission.

Whether you are a small business or a large enterprise, cloud storage can
deliver the agility, cost savings, security, and simplicity to focus on your core
business growth. For small businesses, you no longer have to worry about
devoting valuable resources to manage storage yourself, and cloud storage
gives you the ability to scale as the business grows. For large enterprises with
billions of files and petabytes of data, you can rely on the scalability, durability,
and cost savings of cloud storage to create centralized data lakes to make your
data accessible to all who need it.

Cost effectiveness
With cloud storage, there is no hardware to purchase, no storage to provision,
and no extra capital being used for business spikes. You can add or remove
storage capacity on demand, quickly change performance and retention
characteristics, and only pay for storage that you actually use. As data
becomes infrequently and rarely accessed, you can even automatically move it
to lower-cost storage, thus creating even more cost savings. By moving storage
workloads from on premises to the cloud, you can reduce total cost of
ownership by removing overprovisioning and the cost of maintaining storage
infrastructure.

Increased agility
With cloud storage, resources are only a click away. You reduce the time to
make those resources available to your organization from weeks to just
minutes. This results in a dramatic increase in agility for your organization.
Your staff is largely freed from the tasks of procurement, installation,
administration, and maintenance. And because cloud storage integrates with a
wide range of analytics tools, your staff can now extract more insights from
your data to fuel innovation.
Faster deployment
When development teams are ready to begin, infrastructure should never slow
them down. Cloud storage services allow IT to quickly deliver the exact amount
of storage needed, whenever and wherever it's needed. Your developers can
focus on solving complex application problems instead of having to manage
storage systems.

Efficient data management

By using cloud storage lifecycle management policies, you can perform
powerful information management tasks including automated tiering or locking
down data in support of compliance requirements. You can also use cloud
storage to create multi-region or global storage for your distributed teams by
using tools such as replication. You can organize and manage your data in
ways that support specific use cases, create cost efficiencies, enforce security,
and meet compliance requirements.

Virtually unlimited scalability

Cloud storage delivers virtually unlimited storage capacity, allowing you to
scale up as much and as quickly as you need. This removes the constraints of
on-premises storage capacity. You can efficiently scale cloud storage up and
down as required for analytics, data lakes, backups, or cloud native
applications. Users can access storage from anywhere, at any time, without
worrying about complex storage allocation processes, or waiting for new
hardware.

Business continuity
Cloud storage providers store your data in highly secure data centers,
protecting your data and ensuring business continuity. Cloud storage services
are designed to handle concurrent device failure by quickly detecting and
repairing any lost redundancy. You can further protect your data by using
versioning and replication tools to more easily recover from both unintended
user actions or application failures.

With cloud storage services, you can:

Cost-effectively protect data in the cloud without sacrificing performance.
Scale up your backup resources in minutes as data requirements change.
Protect backups with a data center and network architecture built for security-
sensitive organizations.

How does cloud storage work?

Cloud storage is delivered by a cloud services provider that owns and operates
data storage capacity by maintaining large datacenters in multiple locations
around the world. Cloud storage providers manage capacity, security, and
durability to make data accessible to your applications over the internet in a
pay-as-you-go model. Typically, you connect to the storage cloud either
through the internet or through a dedicated private connection, using a web
portal, website, or a mobile app. When customers purchase cloud storage from
a service provider, they turn over most aspects of the data storage to the
vendor, including capacity, security, data availability, storage servers and
computing resources, and network data delivery. Your applications access
cloud storage through traditional storage protocols or directly using an
application programming interface (API). The cloud storage provider might also
offer services designed to help collect, manage, secure, and analyze data at a
massive scale.

What are the types of cloud storage?

There are three main cloud storage types: object storage, file storage, and block
storage. Each offers its own advantages and has its own use cases.

Object storage
Organizations have to store a massive and growing amount of unstructured
data, such as photos, videos, machine learning (ML), sensor data, audio files,
and other types of web content, and finding scalable, efficient, and affordable
ways to store them can be a challenge. Object storage is a data storage
architecture for large stores of unstructured data. Objects store data in the
format it arrives in and makes it possible to customize metadata in ways that
make the data easier to access and analyze. Instead of being organized in files
or folder hierarchies, objects are kept in secure buckets that deliver virtually
unlimited scalability. It is also less costly to store large data volumes.
Applications developed in the cloud often take advantage of the vast scalability
and metadata characteristics of object storage. Object storage solutions are
ideal for building modern applications from scratch that require scale and
flexibility, and can also be used to import existing data stores for analytics,
backup, or archive.

File storage
File-based storage or file storage is widely used among applications and stores
data in a hierarchical folder and file format. This type of storage is often known
as a network-attached storage (NAS) server with common file level protocols of
Server Message Block (SMB) used in Windows instances and Network File
System (NFS) found in Linux.

Block storage
Enterprise applications like databases or enterprise resource planning (ERP)
systems often require dedicated, low-latency storage for each host. This is
analogous to direct-attached storage (DAS) or a storage area network (SAN). In
this case, you can use a cloud storage service that stores data in the form of
blocks. Each block has its own unique identifier for quick storage and retrieval.

What cloud storage requirements should you consider?

Ensuring your company’s critical data is safe, secure, and available when
needed is essential. There are several fundamental requirements when
considering storing data in the cloud.

Durability and availability

Cloud storage simplifies and enhances traditional data center practices around
data durability and availability. With cloud storage, data is redundantly stored
on multiple devices across one or more data centers.

Security
With cloud storage, you control where your data is stored, who can access it,
and what resources your organization is consuming at any given moment.
Ideally, all data is encrypted, both at rest and in transit. Permissions and
access controls should work just as well in the cloud as they do for on-
premises storage.
1.9 Download For Storage:

• In the Google Cloud console, go to the Cloud Storage Buckets page.

Go to Buckets
In the list of buckets, click on the name of the bucket that contains the object
you want to download.

• The Bucket details page opens, with the Objects tab selected.

• Navigate to the object, which may be located in a folder.

• Click the Download icon associated with the object.

• Your browser settings control the download location for the object.

Note: For some object types, selecting Download opens the object in the
browser. To download these objects to your local computer, right-click on
Download and select Save Link As....
To learn how to get detailed error information about failed Cloud Storage
operations in the Google Cloud console, see Troubleshooting.
To easily download all objects in a bucket or subdirectory, use the gsutil cp or
cloud storage cp command.

Download a portion of an object

If your download gets interrupted, you can resume where you left off by
requesting only the portion of the object that's left. Complete the following
instructions to download a portion of an object
* Download a cloud based app to an your computer
The app lives on your computer.
* Save files to the app
* When connected to the Internet it will sync with the cloud.
* The cloud can be accessed from any Internet connection.
Multitenancy

Traditional application:

* Multi copies of same application serve multiple users

Multitenancy

Multitenant Application:

* Single instance of software servers multiple customers (tenants).

* The distinction between the customers is achieved during application design,
thus customers do not share or see each other’s data.
* E g: Gmail for organizations.
Underlying Components

* Virtualization * Accounting
* Quality of Service * Auditing
* SLA * Data base
* End to End Security * Data Structure
* Semantic Web * Grid Computing
* Metering & Billing * Distributed System
* Monitoring * Storage
* Web Application framework
* Distributed File system.

Underlying Components

Virtualization:

The main physical components of cloud infrastructure are networking

equipment, servers and data storage. Cloud infrastructure also includes a
hardware abstraction layer that enables the virtualization of resources and
helps to drive down costs through economies of scale.
* Creation of a virtual version of something, such as an operating system, a
server, a storage device or network resources.
* Virtualization lets a single physical resource to appear as multiple logical
resources or making multiple physical resources appear as a single logical
resource.
Security and privacy

Cloud computing poses privacy concerns because the services provider can
access the data that is on the cloud at any time. It could accidentally or
deliberately alter or even delete information.
Many cloud providers can share information with third parties if necessary for
purposes of law and order even without a warrant. That is permitted in their
privacy policies which users have to agree to before they start using cloud
services. Solution to privacy include policy and legislation as well as end users’
choices for how data is stored. Users can encrypt data that is processed or
stored within the cloud to prevent unauthorized access. Advances in the usage
of information and communication technologies (ICT) has given rise to the
popularity and success of cloud computing.
Cloud computing offers advantages and opportunities for business users to
migrate and leverage the scalability of the pay-as-you-go price model. However,
outsourcing information and business applications to the cloud or a third party
raises security and privacy concerns, which have become critical in adopting
cloud implementation and services. Researchers and affected organisations
have proposed different security approaches in the literature to tackle the
present security flaws. The literature also provides an extensive review of
security and privacy issues in cloud computing. Unfortunately, the works
provided in the literature lack the flexibility in mitigating multiple threats
without conflicting with cloud security objectives. The literature has further
focused on only highlighting security and privacy issues without providing
adequate technical approaches to mitigate such security and privacy threats.
Conversely, studies that offer technical solutions to security threats have failed
to explain how such security threats exist.

1. Introduction
The Internet service industry, including areas such as cloud computing, is an
evolving paradigm for large scale infrastructure [1]. Cloud computing possesses
the power to reduce costs by resource sharing and storage virtualisation,
collectively merged with a provisioning mechanism that relies on a pay-as-you-
go business architecture [2]. Cloud computing technologies such as Amazon’s
Elastic Computing Cloud (EC2), Simple Storage Service (S3) and Google App
Engine have been the most popular in the software industry. Despite the
impact and the efficient services these applications have offered, there are still
security and privacy issues relating to how these cloud providers process users’
data [3].
Issues arising because of insecure cloud computing platforms spread across
different technological paradigms such as web-based outsourcing [4], mobile
cloud computing [5] and service-oriented architectures (SOA). Secure cloud
implementation demands an adaptive security mechanism to help users have a
significant level of trust in the cloud. Without the ability of such techniques to
guarantee a substantial level of security and privacy, there will continue to be a
great fear of privacy loss and sensitive data leakage, which are significant
obstacles and a deciding factors in the full adoption of cloud services [.
Privacy is a fundamental human right that comprises the right to be left alone
and demands the appropriate use and protection of personal information [6].
The implementation of cloud computing paradigms violates privacy in different
ways, such as misappropriation of confidential information [7], uncontrollable
use of cloud services, data propagation, potential unauthorised secondary
usage, trans-border flow of data and dynamic provisioning. Other privacy
concerns are data retention regulation, outsourced data deletion, and privacy
awareness breaches [8]. In current practices, a consensus is typically achieved
through a third-party service or by the general terms and conditions for
personal data processing. The security and privacy issues become more
complicated when granting user permission in an environment with minimal or
no user interface due to unauthorised data usage permission and ineffective
processing of personal information, which is often not considered during the
designing phase. In terms of cloud security implementation, there are
questions about data security policies for users in the cloud environment.
Firstly, what are the commitments of Cloud Service Providers (CSPs) in
establishing information security? Secondly, what data security policies have
been published and made open to the public? The lack of clear justification has
led to recent violations of privacy. In April 2019, Facebook Inc. was sued for a
total of USD 5bn for Analytica privacy violations, making infrastructures for
data security be under constant scrutiny to meet user privacy needs. Still,
there has not been any clear direction for management support initiatives [9].
The authorisation process and access control mechanisms for data processing
facilities have not been very efficient due to insider attacks generated from
internal personnel.
Most recently, organizations have been entrusting the security of users’
confidential data to third-party access for security auditing, raising more
security concerns on accountability of third-party. The best-case scenario is an
honest but curious third party, which is still not suitable for real-life
deployment [10]. Thirdly, what measures are defined to classify data access,
and how can they be justified through third-party auditing? In granting third-
party access, organizations need to define a hierarchy for accessing data, and
proper identity management for third-party access should be an essential task
for every CSP [9]. Without appropriate identity management, an inside attack
can occur by deploying malicious applications on edge nodes, exploiting
vulnerabilities that affect the quality of service (QoS). Such hostile acts can
significantly affect sensitive data temporarily saved on multiple edge routers.
As more organizations are moving to the cloud as an effective means of data
storage, they need to share, process rapidly and disseminate a high volume of
sensitive information to enhance effective decision-making [11].
However, a significant setback is the lack of security and privacy flexibility.
Current security and privacy mechanism lacks the flexibility in responding to
the changing external environment, which has led to an uncontrollable risk of
data leakage. Organizations are concerned about stabilising cloud security
infrastructures without depleting data leakage and information of users.
Unfortunately, data storage services keep changing and, today, privacy can be
individually defined—what might be private for an individual might be
disclosed by some without concern.
Therefore, there is a need to describe non-specific requirements when building
privacy and security protocols for cloud computing. Strict privacy or security
protocols will only be stagnant in the long run because technology and its
resources are moving to the open world where everyone might decide what they
choose to be private, especially in the cloud environment.

2. Cloud Computing Security

Cloud computing’s diverse range of applications has drawn academic attention
to security when it comes to data storing, management and processing [12].
Cloud computing brings open issues regarding the security and privacy of
outsourced data. Due to its dynamic abstraction and scalability, applications
and data outsourced to the cloud have unlimited security boundaries and
infrastructure. Another primary security concern surrounding the adoption of
cloud computing is its multi-tenancy nature and sharing of virtualised
resources [10]. Cloud providers such as Google, Microsoft, and Amazon have
recently accelerated their cloud computing infrastructure and services to
support a more considerable amount of users [13]. Nevertheless, the issue of
privacy and security will continue to grow because cloud databases usually
contain important sensitive information [14]. The confidence level in adopting
the cloud is dropping due to the threats analysed.

3. Privacy Preservation through Access Patterns and Design

Privacy Process Patterns are specifically designed to model privacy issues
effectively. They can be defined as patterns applied to privacy associated
processes by specifying how privacy issues can be realised through identifiable
procedures, connecting flows and the activities that link them.
As supplementary, they assist software developers to understand how better to
implement several privacy properties in a more precise manner. Privacy Process
Patterns (PPP) are considered a more robust way to bridge the gap between
user confidentiality and cloud service providers. Privacy Pattern Properties are
defined as follows [16]

• Anonymity can be defined as a quality that does not permit the user to
be identified in any form, either directly or indirectly. A problem that can
arise when a user is anonymous is the issue of Accountability and a
large anonymity set. The benefits include location tracking freedom,
user's freedom of expression, and low user involvement. This property
can be implemented using Tor [17], Onion routing [18] and DC-nets [19]
• Pseudonymity can be defined as the utilisation of an alias instead of
personally identifiable information. A problem that can arise is the issue
of Integrity [20]. The benefits include supporting user access to services
without disclosing real identities. Users still maintain integrity protocol.
This property can be implemented using administrative tools such as
biometrics, identity management and smart cards.
• Unlinkability can be defined as using a service or resource with the
inability of third-party linkage between the user and the service. Issue:
Integrity and Accountability. Benefits: privacy-preserving by not allowing
malicious monitoring of user experience. Implementation: Onion routing,
Tor and DC-nets.
 • Undetectability inability of third-party tracking amongst a set of possible
users. Issues: undetectability strength is highly dependent on the size of
the undetectability set. Benefits: preserve users’ privacy without allowing
detectability of service by malicious intruders. Secondly, attackers
cannot adequately detect the existence of an exact Item of Interest (IOI),
e.g., the use of steganography and watermarking. Implementation:
smartcards and permission management, encryption methods such as
mail and transaction encryption.
• Unobservability inability to perceive the existence of a user amongst a set
of potential users. Issue: dependent on the integrity level and anonymity
set. Benefits: anonymity and undetectability enforcement per resources.
Secondly, ensuring user experience without the connection and
observability of a third-party. Implementation: smartcards and
permission management. Anonymizer services such as Tor, Hordes and
GAP.
The literature has identified the need to introduce a Privacy by Design (PbD) to
support the need for sensitive and confidential information stored, shared and
distributed at the digital level [21][22][23]. From the literature, works are still in
progress to define privacy design patterns in cloud computing. Developing a
privacy pattern language will further assist developers in building the gap
between the design and implementation phase.
However, despite the works presented in the literature, there is still a gap
between privacy design and implementation. Authors in [23] implemented and
provided Privacy Process Patterns by Design that can be used to bridge gaps
highlighted in the literature.
The authors demonstrated the practicality of the application through
JavaScript Object Notation (JSON) in conjunction with the Privacy Safeguard
(PriS) methodology and applied them to a real case study. Further
implementation of privacy access patterns was implemented by [21][22][24].
The challenges of Privacy by Design were highlighted by Diamantopoulou et al.
as a factor of design and implementation of policies established by software
engineers, as they lack a standard definition of privacy requirements and
policies.
Secondly, the lack of proper policy requirement knowledge for correct
implementation. Therefore, there is a need to propose a set of Privacy Process
Patterns that enhances the detailed understanding of cloud computing and a
distinct coalition between cloud computing infrastructure and privacy
requirements. The proper implementation helps support a privacy-aware
technique in bridging the gap between user confidentiality and cloud service
providers.
The authors of [23] successfully designed a set of privacy process patterns that
can be used to bridge the gap between privacy design and implementation and
their instantiation in several platforms without expertise or skill limitations.
The authors argued that privacy should be controllable through access
patterns and designs in that it allows secrecy preferences by a user. This helps
users of the system be flexible when divulging Personal Identifiable Information
[25]. Papanikolaou et al. [26] carried out extensive surveys on how to automate
legal and regulatory processes to regulate and extract privacy rules. The idea is
to apply a link policy and compliant techniques to provide salient means for
maintaining and achieving user privacy in the cloud.
1.11 CONCLUSION

In conclusion, cloud computing is recently new technological development that

has the potential to have a great impact on the world. It has many benefits that
it provides to it users and businesses. For example, some of the benefits that it
provides to businesses, is that it reduces operating cost by spending less on
maintenance and software upgrades and focus more on the businesses itself.
But there are other challenges the cloud computing must overcome. People are
very skeptical about whether their data is secure and private. There are no
standards or regulations worldwide provided data through cloud computing.
Europe has data protection laws but the US, being one of the most
technological advance nation, does not have any data protection laws. Users
also worry about who can disclose their data and have ownership of their data.
But once, there are standards and regulation worldwide, cloud computing will
revolutionize the future.
Considerations were made based on cloud computing security and privacy
issues that demand self-adaptiveness. The multiple security threats posed by
the security issues are depicted in Table 2. Table 2 shows a need for control
mechanisms that provide hybrid mitigation when designing security
implementation for cloud infrastructure. For instance, attack mitigation and
control mechanisms such as ML algorithms for detection and prevention are
faster and more accurate due to the high probability of detecting attacks
compared to similar approaches using homomorphic encryption schemes. ML
systems can recover from an integrity loss on time, gaining sufficient
awareness without substantial availability loss. Therefore, knowing the damage
of an attack campaign and how feasible it can become requires a high
awareness level.
So, while cloud computing is really great and you’re probably already using it,
either or business of for personal means, here’s what we’ve learned from taking
a look at the pros and cons. Cloud computing is a really cheap way for
companies to have all the resources they need in once place. It’s a much better
way to spread your resources, and it becomes easier to access things from
longer distances. Cloud computing will affect large part of computer industry
including Software companies, Internet service providers. Cloud computing
makes it very easy for companies to provide their products to end-user without
worrying about hardware configurations and other requirements of servers. The
cloud computing and virtualization are distinguished by the fact that all of the
control plane activities that center around creation, management, and
maintenance of the virtual environment, are outsourced to an automated layer
that is called as an API and other management servers for the cloud
management. In simple words, the virtualization is a part of cloud computing
where manual management is done for interacting with a hypervisor. On the
other hand, in cloud computing, the activities are self-managing where an API
(Application Program Interface) is used so that the users can self-consume the
cloud service.
1.11 References

• Cloud Computing: Concepts, Technology, and Architecture by

Thomas Erl
• Cloud Computing- A hands on approachby Arshdeep Bahga & Vijay
Madisetti
• https://computingforgeeks.com/top-open-source-cloud-platforms-
and-solutions/
• https://www.educba.com/cloud-computing-service-providers/
• https://www.ubuntupit.com/best-cloud-os-the-experts-
recommendation/
• https://www.outsource2india.com/software/azure-application-
development-services.asp