Unit 3 - Meena

3
Cloud Architecture, Services

and Storage
Syllabus
Layered cloud architecture design - NIST cloud computing reference architecture - Public, Private
and Hybrid clouds - laaS - PaaS - SaaS - Architectural design challenges - Cloud storage -
Storage-as-a-Service - Advantages of cloud storage - Cloud storage providers - S3.
Contents
3.1 Cloud Architecture Design
3.2 NIST Cloud Computing Reference Architecture
3.3 Cloud Deployment Models
3.4 Cloud Service Models
3.5 Architectural Design Challenges
3.6 Cloud Storage
3.7 Storage as a Service
3.8 Advantages of Cloud Storage
3.9 Cloud Storage Providers
3.10 Simple Storage Service (S3)
(3 - 1)
Cloud Computing 3-2 Cloud Architecture, Services and Storage
3.1 Cloud Architecture Design

The cloud architecture design is the important aspect while designing a cloud. The
simplicity in cloud services attract cloud users to use it which makes positive business
impact. Therefore, to design such a simple and user - friendly services, the cloud
architecture design plays an important role to develop that. Every cloud platform is
intended to provide four essential design goals like scalability, reliability, efficiency and
virtualization. To achieve this goal, certain requirements has to be considered. The basic
requirements for cloud architecture design are given as follows :
 The cloud architecture design must provide automated delivery of cloud services
along with automated management.
 It must support latest web standards like Web 2.0 or higher and REST or RESTful
APIs.
 It must support very large - scale HPC infrastructure with both physical and virtual
machines.
 The architecture of cloud must be loosely coupled.
 It should provide easy access to cloud services through a self - service web portal.
 Cloud management software must be efficient to receive the user request, finds the
correct resources and then calls the provisioning services which invoke the
resources in the cloud.
 It must provide enhanced security for shared access to the resources from data
centers.
 It must use cluster architecture for getting the system scalability.
 The cloud architecture design must be reliable and flexible.
 It must provide efficient performance and faster speed of access.
Today's clouds are built to support lots of tenants (cloud devices) over the resource
pools and large data volumes. So, the hardware and software plays an important role to
achieve that. The rapid development in multicore CPUs, memory chips, and disk arrays
in the hardware field has made it possible to create data centers with large volumes of
storage space instantly. While development in software standards like web 2.0 and SOA
have immensely helped to developed a cloud services. The Service - Oriented
Architecture (SOA) is also a crucial component which is used in the delivery of SaaS. The
web service software detects the status of the joining and leaving of each node server and
performs appropriate tasks accordingly. The virtualization of infrastructure allows for
quick cloud delivery and recovery from disasters. In recent cloud platforms, resources are
®
TECHNICAL PUBLICATIONS - An up thrust for knowledge
built into the data centers which are typically owned and operated by a third - party
provider. The next section explains the layered architecture design for cloud platform.
3.1.1 Layered Cloud Architecture Design

The layered architecture of a cloud is composed of three basic layers called
infrastructure, platform and application. These three levels of architecture are
implemented with virtualization and standardization of cloud - provided hardware and
software resources. This architectural design facilitates public, private and hybrid cloud
services that are conveyed to users through networking support over the internet and the
intranets. The layered cloud architecture design is shown in Fig. 3.1.1.
Fig. 3.1.1 : Layered cloud architecture design
In layered architecture, the foundation layer is infrastructure which is responsible for

providing different Infrastructure as a Service (IaaS) components and related services. It
is the first layer to be deployed before platform and application to get IaaS services and to
run other two layers. The infrastructure layer consists of virtualized services for
computing, storage and networking. It is responsible for provisioning infrastructure
components like compute (CPU and memory), storage, network and IO resources to run
®
virtual machines or virtual servers along with virtual storages. The abstraction of these
hardware resources is intended to provide the flexibility to the users. Internally,
virtualization performs automated resource provisioning and optimizes the process of
managing resources. The infrastructure layer act as a foundation for building the second
layer called platform layer for supporting PaaS services.
The platform layer is responsible for providing readily available development and
deployment platform for web applications to the cloud users without needing them to
install in a local device. The platform layer has collection of software tools for
development, deployment and testing the software applications. This layer provides an
environment for users to create their applications, test operation flows, track the
performance and monitor execution results. The platform must be ensuring to provide
scalability, reliability and security. In this layer, virtualized cloud platform, acts as an
"application middleware" between the cloud infrastructure and application layer of cloud.
The platform layer is the foundation for application layer.
A collection of all software modules required for SaaS applications forms the
application layer. This layer is mainly responsible for making on demand application
delivery. In this layer, software applications include day-to-day office management
softwares used for information collection, document processing, calendar and
authentication. Enterprises also use the application layer extensively in business
marketing, sales, Customer Relationship Management (CRM), financial transactions and
Supply Chain Management (SCM). It is important to remember that not all cloud services
are limited to a single layer. Many applications can require mixed - layers resources. After
all, with a relation of dependency, the three layers are constructed from the bottom up
approach. From the perspective of the user, the services at various levels need specific
amounts of vendor support and resource management for functionality. In general, SaaS
needs the provider to do much more work, PaaS is in the middle and IaaS requests the
least. The best example of application layer is the Salesforce.com's CRM service where not
only the hardware at the bottom layer and the software at the top layer is supplied by the
vendor, but also the platform and software tools for user application development and
monitoring.
3.2 NIST Cloud Computing Reference Architecture

In this section, we will examine and discuss the reference architecture model given by
the National Institute of Standards and Technology (NIST). The model offers approaches
for secure cloud adoption while contributing to cloud computing guidelines and
standards.
®
The NIST team works closely with leading IT vendors, developers of standards,
industries and other governmental agencies and industries at a global level to support
effective cloud computing security standards and their further development. It is
important to note that this NIST cloud reference architecture does not belong to any
specific vendor products, services or some reference implementation, nor does it prevent
further innovation in cloud technology.
The NIST reference architecture is shown in Fig. 3.2.1.
Fig. 3.2.1 : Conceptual cloud reference model showing different actors and entities
From Fig. 3.2.1, note that the cloud reference architecture includes five major actors :
 Cloud consumer
 Cloud provider
 Cloud auditor
 Cloud broker
 Cloud carrier
Each actor is an organization or entity plays an important role in a transaction or a
process, or performs some important task in cloud computing. The interactions between
these actors are illustrated in Fig. 3.2.2.
®
Fig. 3.2.2 : Interactions between different actors in a cloud
Now, understand that a cloud consumer can request cloud services directly from a
CSP or from a cloud broker. The cloud auditor independently audits and then contacts
other actors to gather information. We will now discuss the role of each actor in detail.
3.2.1 Cloud Consumer

A cloud consumer is the most important stakeholder. The cloud service is built to
support a cloud consumer. The cloud consumer uses the services from a CSP or person or
asks an organization that maintains a business relationship. The consumer then verifies
the service catalogue from the cloud provider and requests an appropriate service or sets
up service contracts for using the service. The cloud consumer is billed for the service
used.
Some typical usage scenarios include :
Example 1 : Cloud consumer requests the service from the broker instead of directly
contacting the CSP. The cloud broker can then create a new service by combining
multiple services or by enhancing an existing service. Here, the actual cloud provider is
not visible to the cloud consumer. The consumer only interacts with the broker. This is
illustrated in Fig. 3.2.3.
Fig. 3.2.3 : Cloud broker interacting with cloud consumer
Example 2 : In this scenario, the cloud carrier provides for connectivity and transports
cloud services to consumers. This is illustrated in Fig. 3.2.4.
®
Fig. 3.2.4 : Scenario for cloud carrier
In Fig. 3.2.4, the cloud provider participates by arranging two SLAs. One SLA is with
the cloud provider (SLA2) and the second SLA is with the consumer (SLA1). Here, the
cloud provider will have an arrangement (SLA) with the cloud carrier to have secured,
encrypted connections. This ensures that the services are available for the consumer at a
consistent level to fulfil service requests. Here, the provider can specify the requirements,
such as flexibility, capability and functionalities in SLA2 to fulfil essential service
requirements in SLA1.
Example 3 : In this usage scenario, the cloud auditor conducts independent evaluations
for a cloud service. The evaluations will relate to operations and security of cloud service
implementation. Here the cloud auditor interacts with both the cloud provider and
consumer, as shown in Fig. 3.2.5.
Fig. 3.2.5 : Usage scenario involving a cloud auditor
In all the given scenarios, the cloud consumer plays the most important role. Based on
the service request, the activities of other players and usage scenarios can differ for other
cloud consumers. Fig. 3.2.6 shows an example of available cloud services types.
In Fig. 3.2.6, note that SaaS applications are available over a network to all consumers.
These consumers may be organisations with access to software applications, end users,
app developers or administrators. Billing is based on the number of end users, the time of
use, network bandwidth consumed and for the amount or volume of data stored.
®
Fig. 3.2.6 : Example of cloud services available to cloud consumers
PaaS consumers can utilize tools, execution resources, development IDEs made
available by cloud providers. Using these resources, they can test, develop, manage,
deploy and configure many applications that are hosted on a cloud. PaaS consumers are
billed based on processing, database, storage, network resources consumed and for the
duration of the platform used.
On the other hand, IaaS consumers can access virtual computers, network - attached
storage, network components, processor resources and other computing resources that
are deployed and run arbitrary software. IaaS consumers are billed based on the amount
and duration of hardware resources consumed, number of IP addresses, volume of data
stored, network bandwidth, and CPU hours used for a certain duration.
®
3.2.2 Cloud Provider

Cloud provider is an entity that offers cloud services to interested parties. A cloud
provider manages the infrastructure needed for providing cloud services. The CSP also
runs the software to provide services and organizes the service delivery to cloud
consumers through networks.
SaaS providers then deploy, configure, maintain and update all operations of the
software application on the cloud infrastructure, in order to ensure that services are
provisioned and to fulfill cloud consumer service requests. SaaS providers assume most
of the responsibilities associated with managing and controlling applications deployed on
the infrastructure. On the other hand, SaaS consumers have no or limited administrative
controls.
PaaS cloud providers manage the computing infrastructure and ensure that the
platform runs the cloud software and implements databases, appropriate runtime
software execution stack and other required middleware elements. They support
development, deployment and the management of PaaS consumers by providing them
with necessary tools such as IDEs, SDKs and others. PaaS providers have complete
control of applications, settings of the hosting environment, but have lesser control over
the infrastructure lying under the platform, network, servers, OS and storage.
Now, the IaaS CSP aggregates physical cloud resources such as networks, servers,
storage and network hosting infrastructure. The provider operates the cloud software and
makes all compute resources available to IaaS cloud consumer via a set of service
interfaces, such as VMs and virtual network interfaces. The IaaS cloud provider will have
control over the physical hardware and cloud software to enable provisioning and
possible infrastructure services.
The main activities of a cloud provider can be viewed in Fig. 3.2.7.
Fig. 3.2.7 : Major activities of a cloud provider
®
Cloud Computing 3 - 10 Cloud Architecture, Services and Storage
The major activities of a cloud provider include :

 Service deployment : Service deployment refers to provisioning private, public,
hybrid and community cloud models.
 Service orchestration : Service orchestration implies the coordination, management
of cloud infrastructure and arrangement to offer optimized capabilities of cloud
services. The capabilities must be cost-effective in managing IT resources and must
be determined by strategic business needs.
 Cloud services management : This activity involves all service-related functions
needed to manage and operate the services requested or proposed by cloud
consumers.
 Security : Security, which is a critical function in cloud computing, spans all layers
in the reference architecture. Security must be enforced end-to-end. It has a wide
range from physical to application security. CSPs must take care of security.
 Privacy : Privacy in cloud must be ensured at different levels, such as user privacy,
data privacy, authorization and authentication and it must also have adequate
assurance levels. Since clouds allow resources to be shared, privacy challenges are a
big concern for consumers using clouds.
3.2.3 Cloud Auditor

The cloud auditor performs the task of independently evaluating cloud service
controls to provide an honest opinion when requested. Cloud audits are done to validate
standards conformance by reviewing the objective evidence. The auditor will examine
services provided by the cloud provider for its security controls, privacy, performance,
and so on.
3.2.4 Cloud Broker

The cloud broker collects service requests from cloud consumers and manages the use,
performance, and delivery of cloud services. The cloud broker will also negotiate and
manage the relationship between cloud providers and consumers. A cloud broker may
provide services that fall into one of the following categories :
 Service intermediation : Here the cloud broker will improve some specific
capabilities, and provide value added services to cloud consumers.
 Service aggregation : The cloud broker links and integrates different services into
one or more new services.
®
 Service Arbitrage : This is similar to aggregation, except for the fact that services
that are aggregated are not fixed. In service arbitrage, the broker has the liberty to
choose services from different agencies.
3.2.5 Cloud Carrier

The cloud carrier tries to establish connectivity and transports cloud services between
a cloud consumer and a cloud provider. Cloud carriers offer network access for
consumers, by providing telecommunication links for accessing resources using other
devices (laptops, computers, tablets, smartphones, etc.). Usually, a transport agent is an
entity offering telecommunication carriers to a business organization to access resources.
The cloud provider will set up SLAs with cloud carrier to ensure carrier transport is
consistent with the level of SLA provided by the consumers. Cloud carriers provide
secure and dedicated high - speed links with cloud providers and between different cloud
entities.
3.3 Cloud Deployment Models

A cloud deployment models are defined according to where the computing
infrastructure resides and who controls the infrastructure. The NIST have classified cloud
deployment models into four categories namely,
 Public cloud
 Private cloud
 Hybrid cloud
 Community cloud
They describe the way in which users can access the cloud services. Each cloud
deployment model fits different organizational needs, so it's important that you pick a
model that will suit your organization's needs. The four deployment models are
characterized based on the functionality and accessibility of cloud services. The four
deployment models of cloud computing are shown in Fig. 3.3.1.
®
Fig. 3.3.1 : Four deployment models of cloud computing
3.3.1 Public Cloud

The public cloud services are runs over the internet. Therefore, the users who want
cloud services have to have internet connection in their local device like thin client, thick
client, mobile, laptop or desktop etc. The public cloud services are managed and
maintained by the Cloud Service Providers (CSPs) or the Cloud Service Brokers (CSBs).
The public cloud services are often offered on utility base pricing like subscription or pay-
per-use model. The public cloud services are provided through internet and APIs. This
model allows users to easily access the services without purchasing any specialize
hardware or software. Any device which has web browser and internet connectivity can
be a public cloud client. The popular public cloud service providers are Amazon web
services, Microsoft azure and Google app engine, Salesforce etc.
Advantages of public cloud

1. It saves capital cost behind purchasing the server hardware’s, operating systems
and application software licenses.
2. There is no need of server administrators to take care of servers as they are kept at
CSPs data center and managed by them.
3. No training is required to use or access the cloud services.
4. There is no upfront or setup cost is required.
5. A user gets easy access to multiple services under a single self - service portal.
6. Users have a choice to compare and select between the providers.
®
7. It is cheaper than in house cloud implementation because user have to pay for that
they have used.
8. The resources are easily scalable.
Disadvantages of public cloud

1. There is lack of data security as data is stored on public data center and managed by
third party data center vendors therefore there may be compromise of user’s
confidential data.
2. Expensive recovery of backup data.
3. User never comes to know where (at which location) their data gets stored, how
that can be recovered and how many replicas of data have been created.
3.3.2 Private Cloud

The private cloud services are used by the organizations internally. Most of the times it
run over the intranet connection. They are designed for a single organization therefore
anyone within the organization can get access to data, services and web applications
easily through local servers and local network but users outside the organizations cannot
access them. This type of cloud services are hosted on intranet therefore users who are
connected to that intranet get access to the services. The infrastructure for private cloud is
fully managed and maintained by the organization itself. It is much more secure than
public cloud as it gives freedom to local administrators to write their own security
policies for user’s access. It also provides good level trust and privacy to the users. Private
clouds are more expensive than public clouds due to the capital expenditure involved in
acquiring and maintaining them. The well-known private cloud platforms are Openstack,
Open nebula, Eucalyptus, VMware private cloud etc.
Advantages of private cloud

1. Speed of access is very high as services are provided through local servers over
local network.
2. It is more secure than public cloud as security of cloud services are handled by local
administrator.
3. It can be customized as per organizations need.
4. It does not require internet connection for access.
5. It is easy to manage than public cloud.
®
Disadvantages of private cloud
1. Implementation cost is very high as setup involves purchasing and installing

servers, Hypervisors, Operating systems.
2. It requires administrators for managing and maintaining servers.
3. The scope of scalability is very limited.
3.3.3 Hybrid Cloud

The hybrid cloud services are composed of two or more clouds that offers the benefits
of multiple deployment models. It mostly comprises on premise private cloud and off-
premise public cloud to leverage benefits of both and allow users inside and outside to
have access to it. The Hybrid cloud provides flexibility such that users can migrate their
applications and services from private cloud to public cloud and vice versa. It becomes
most favored in IT industry because of its eminent features like mobility, customized
security, high throughput, scalability, disaster recovery, easy backup and replication
across clouds, high availability and cost efficient etc. The popular hybrid clouds are AWS
with eucalyptus, AWS with VMware cloud, Google cloud with Nutanix etc.
The limitations of hybrid cloud are compatibility of deployment models, vendor-lock
in solutions, requires a common cloud management software and management of
separate cloud platforms etc.
3.3.4 Community Cloud

The community cloud is basically the combination of one or more public, private or
hybrid clouds, which are shared by many organizations for a single cause. The
community cloud is setup between multiple organizations whose objective is same. The
Infrastructure for community cloud is to be shared by several organizations within
specific community with common security, compliance objectives which is managed by
third party organizations or managed internally. The well-known community clouds are
Salesforce, Google community cloud etc.
3.3.5 Comparison between various Cloud Deployment Models

The comparison between different deployment models of cloud computing are given
in Table 3.3.1.
®
Sr. Public Community

Feature Private Cloud Hybrid Cloud
No Cloud Cloud
1 Scalability Very High Limited Very High Limited
2 Security Less Secure Most Secure Very Secure Less Secure
Low to
3 Performance Good Good Medium
Medium
Medium to
4 Reliability Medium High Medium
High
5 Upfront Cost Low Very High Medium Medium
Quality of
6 Low High Medium Medium
Service
Intranet and
7 Network Internet Intranet Internet
Internet
For general
For general Organizations public and For community
8 Availability
public internal staff organizations members
internal Staff
Openstack,
Windows Combination of
VMware cloud, Salesforce
9 Example Azure, AWS Openstack and
CloudStack, community
etc. AWS
Eucalyptus etc.
Table 3.3.1 : Comparison between various Cloud Deployment Models
3.4 Cloud Service Models

A Cloud computing is meant to provide variety of services and applications for users
over the internet or intranet. The most widespread services of cloud computing are
categorised into three service classes which are called cloud service models or cloud
reference models or working models of cloud computing. They are based on the
abstraction level of the offered capabilities and the service model of the CSPs. The various
service models are :
 Infrastructure as a Service (IaaS)
 Platform as a Service (PaaS)
 Software as a Service (SaaS)
The three service models of cloud computing and their functions are shown in
Fig. 3.4.1.
®
Fig. 3.4.1 : Cloud service models
From Fig. 3.4.1, we can see that the Infrastructure as a Service (IaaS) is the bottommost
layer in the model and Software as a Service (SaaS) lies at the top. The IaaS has lower
level of abstraction and visibility, while SaaS has highest level of visibility.
The Fig. 3.4.2 represents the cloud stack organization from physical infrastructure to
applications. In this layered architecture, the abstraction levels are seen where higher
layer services include the services of the underlying layer.
Fig. 3.4.2 : The cloud computing stack
As you can see in Fig. 3.4.2, the three services, IaaS, PaaS and SaaS, can exist
independent of one another or may combine with one another at some layers. Different
layers in every cloud computing model are either managed by the user or by the vendor
®
(provider). In case of the traditional IT model, all the layers or levels are managed by the
user because he or she is solely responsible for managing and hosting the applications. In
case of IaaS, the top five layers are managed by the user, while the four lower layers
(virtualisation, server hardware, storage and networking) are managed by vendors or
providers. So, here, the user will be accountable for managing the operating system via
applications and managing databases and security of applications. In case of PaaS, the
user needs to manage only the application and all the other layers of the cloud computing
stack are managed by the vendor. Lastly, SaaS abstracts the user from all the layers as all of
them are managed by the vendor and the former is responsible only for using the
application.
The core middleware manages the physical resources and the VMs are deployed on
top of them. This deployment will provide the features of pay-per-use services and multi-
tenancy. Infrastructure services support cloud development environments and provide
capabilities for application development and implementation. It provides different
libraries, models for programming, APIs, editors and so on to support application
development. When this deployment is ready for the cloud, they can be used by end-
users/ organisations. With this idea, let us further explore the different service models.
3.4.1 Infrastructure as a Service (IaaS)

Infrastructure-as-a-Service (IaaS) can be defined as the use of servers, storage,
computing power, network and virtualization to form utility like services for users. It is a
cloud service model that provides hardware resources virtualized in the cloud. It
provides virtual computing resources to the users through resource pool. In IaaS, the CSP
owns all equipment, such as servers, storage disks, and network infrastructure.
Developers use the IaaS service model to create virtual hardware on which the
applications and/ or services are developed. We can understand that an IaaS cloud
provider will create hardware utility service and make them available for users to
provision virtual resources as per need. Developers can create virtual private storage,
virtual private servers, and virtual private networks by using IaaS. The private virtual
systems contain software applications to complete the IaaS solution. The infrastructure of
IaaS consists of communication networks, physical compute nodes, storage solutions and
the pool of virtualized computing resources managed by a service provider. IaaS provides
users with a web-based service that can be used to create, destroy and manage virtual
machines and storage. It is a way of delivering cloud computing infrastructure like
Virtual servers, Virtual storage, Virtual network and Virtual operating systems as an on-
demand service. Instead of purchasing extra servers, softwares, datacenter space or
®
network equipment, IaaS enables on-demand provisioning of computational resources in

the form of virtual machines in cloud data center. Some key providers of IaaS are Amazon
Web Services (AWS), Microsoft Azure, GoGrid, Joyent, Rackspace etc. and some of the
private cloud softwares through which IaaS can be setup are Openstack, Apache Cloud
Stack, Eucalyptus, and VMware VSphere etc.
You must understand that the virtualised resources are
mapped to real systems in IaaS. This can be understood as
when a user with IaaS service makes a request for a service
from virtual systems, that request is redirected to the
physical server that does the actual work. The structure of
the IaaS model is shown in Fig. 3.4.3.
In IaaS service delivery, workload is the fundamental
component of the virtualised client. It simulates the
capacity of a physical server to perform work. Hence, the
work done is equal to the total number of Transaction Per
Minute (TPM). Note that the workload also has other
attributes, such as disk I/O (determined by I/O
per second), RAM used in MB, latency and network Fig. 3.4.3 : Components in
throughput and others. IaaS service model (cloud
In the case of hosted applications, the client runs on a security alliance)
dedicated server inside a server rack. It may also run on a
standalone server. In cloud computing, the provisioned server is known as an instance (or
server instance), which is reserved by a customer, along with adequate computing
resources required to fulfil their resource requirements. The user reserves an equivalent
machine required to run workloads.
The IaaS infrastructure runs the instances of the server in the data centre offering the
service. The resources for this server instance are drawn from a mix of virtualised
systems, RAID disks, network and interface capacity. These are physical systems
partitioned into logical smaller logical units.
The client in IaaS is allocated with its own private network. For example, Amazon EC2
enables this service to behave such that each server has its own separate network unless
the user creates a virtual private cloud. If the EC2 deployment is scaled by adding
additional networks on the infrastructure, it is easy to logically scale, but this can create
an overhead as traffic gets routed between logical networks.
®
In IaaS, the customer has controls over the OS, storage and installed applications, but
has limited control over network components. The user cannot control the underlying
cloud infrastructure. Services offered by IaaS include web servers, server hosting,
computer hardware, OS, virtual instances, load balancing, web servers and bandwidth
provisioning. These services are useful during volatile demands and when there is a
computing resource need for a new business launch or when the company may not want
to buy hardware or if the organisation wants to expand.
3.4.2 Platform as a Service

The Platform as a Service can be defined as a computing platform that allows the user
to create web applications quickly and easily and without worrying about buying and
maintaining the software and infrastructure. Platform-as-a-Service provides tools for
development, deployment and testing the softwares, middleware solutions, databases,
programming languages and APIs for developers to develop custom applications;
without installing or configuring the development environment. The PaaS provides a
platform to run web applications without installing them in a local machine i.e. the
applications written by the users can be directly run on the PaaS cloud. It is built on the
top of IaaS layer. The PaaS realizes many of the unique benefits like utility computing,
hardware virtualization, dynamic resource allocation, low investment costs and pre-
configured development environment. It has all the application typically required by the
client deployed on it. The challenge associated with PaaS is compatibility i.e. if user wants
to migrate the services from one provider to other then they have checked the
compatibility of execution engine and cloud APIs first. Some key providers of PaaS
clouds are Google App Engine, Microsoft Azure, NetSuite, Red hat Open shift etc.
The PaaS model includes the software environment
where the developer can create custom solutions using
development tools available with the PaaS platform. The
components of a PaaS platform are shown in Fig. 3.4.4.
Platforms can support specific development languages,
frameworks for applications and other constructs. Also,
PaaS provides tools and development environments to
design applications. Usually, a fully Integrated
Development Environment (IDE) is available as a PaaS Fig. 3.4.4 : Components of
service. For PaaS to be a cloud computing service, the PaaS
platform supports user interface development. It also has
many standards such as HTML, JavaScript, rich media and so on.
®
In this model, users interact with the software and append and retrieve data, perform
an action, obtain results from a process task and perform other actions allowed by the
PaaS vendor. In this service model, the customer does not own any responsibility to
maintain the hardware and software and the development environment. The applications
created are the only interactions between the customer and the PaaS platform. The PaaS
cloud provider owns responsibility for all the operational aspects, such as maintenance,
updates, management of resources and product lifecycle. A PaaS customer can control
services such as device integration, session management, content management, sandbox,
and so on. In addition to these services, customer controls are also possible in Universal
Description Discovery and Integration (UDDI), and platform independent Extensible
Mark-up Language (XML) registry that allows registration and identification of web
service apps.
Let us consider an example of Google app engine.
The platform allows developers to program apps using Google’s published APIs. In
this platform, Google defines the tools to be used within the development framework, the
file system structure and data stores. A similar PaaS offering is given by Force.com,
another vendor that is based on the Salesforce.com development platform for the latter’s
SaaS offerings.Force.com provides an add - on development environment.
In PaaS, note that developers can build an app with Python and Google API. Here, the
PaaS vendor is the developer who offers a complete solution to the user. For instance,
Google acts as a PaaS vendor and offers web service apps to users. Other examples are :
Google Earth, Google Maps, Gmail, etc.
PaaS has a few disadvantages. It locks the developer and the PaaS platform in a
solution specific to a platform vendor. For example, an application developed in Python
using Google API on Google App Engine might work only in that environment.
PaaS is also useful in the following situations :
 When the application must be portable.
 When proprietary programming languages are used.
 When there is a need for custom hardware and software.
Major PaaS applications include software development projects where developers and
users collaborate to develop applications and automate testing services.
3.4.2.1 Power of PaaS
PaaS offers promising services and continues to offer a growing list of benefits. The
following are some standard features that come with a PaaS solution :
®
 Source code development : PaaS solutions provide the users with a wide range of
language choices including stalwarts such as Java, Perl, PHP, Python and Ruby.
 Websites : PaaS solutions provide environments for creating, running and
debugging complete websites, including user interfaces, databases, privacy and
security tools. In addition, foundational tools are also available to help developers
update and deliver new web applications to meet the fast-changing needs and
requirements of their user communities.
 Developer sandboxes : PaaS also provides dedicated “sandbox” areas for
developers to check how snippets of a code perform prior to a more formal test.
Sandboxes help the developers to refine their code quickly and provide an area
where other programmers can view a project, offer additional ideas and suggest
changes or fixes to bugs.
The advantages of PaaS go beyond relieving the overheads of managing servers,
operating systems, and development frameworks. PaaS resources can be provisioned and
scaled quickly, within days or even minutes. This is because the organisation does not
have host any infrastructure on premises. In fact, PaaS also may help organisations reduce
costs with its multitenancy model of cloud computing allowing multiple entities to share
the same IT resources. Interestingly, the costs are predictable because the fees are pre-
negotiating every month.
The following boosting features can empower a developer’s productivity, if efficiently
implemented on a PaaS site :
 Fast deployment : For organisations whose developers are geographically scattered,
seamless access and fast deployment are important.
 Integrated Development Environment (IDE) : PaaS must provide the developers
with Internet - based development environment based on a variety of languages,
such as Java, Python, Perl, Ruby etc., for scripting, testing and debugging their
applications.
 Database : Developers must be provided with access to data and databases. PaaS
must provision services such as accessing, modifying and deleting data.
 Identity management : Some mechanism for authentication management must be
provided by PaaS. Each user must have a certain set of permissions with the
administrator having the right to grant or revoke permissions.
 Integration : Leading PaaS vendors, such as Amazon, Google App Engine, or
Force.com provide integration with external or web-based databased and services.
This is important to ensure compatibility.
®
 Logs : PaaS must provide APIs to open and close log files, write and examine log
entries and send alerts for certain events. This is a basic requirement of application
developers irrespective of their projects.
 Caching : This feature can greatly boost application performance. PaaS must make
available a tool for developers to send a resource to cache and to flush the cache.
3.4.2.2 Complications with PaaS
PaaS can significantly affect an application’s performance, availability and flexibility.

However, there are critical issues to consider. The following are some of the
complications or issues of using PaaS :
Interoperability : PaaS works best on each provider’s own cloud platform, allowing
customers to make the most value out of the service. But the risk here is that the
customisations or applications developed in one vendor’s cloud environment may not be
compatible with another vendor and hence not necessarily migrate easily to it.
Although most of the times customers agree with being hooked up to a single vendor,
this may not be the situation every time. Users may want to keep their options open. In
this situation, developers can opt for open - source solutions. Open - source PaaS
provides elasticity by revealing the underlying code and the ability to install the PaaS
solution on any infrastructure. The disadvantage of using an open source version of PaaS
is that certain benefits of an integrated platform are lost.
Compatibility : Most businesses have a restricted set of programming languages,
architectural frameworks and databases that they deploy. It is thus important to make
sure that the vendor you choose supports the same technologies. For example, if you are
strongly dedicated to a .NET architecture, then you must select a vendor with native .NET
support. Likewise, database support is critical to performance and minimising
complexity.
Vulnerability and security : Multitenancy lets users to be spread over interconnected
hosts. The providers must take adequate security measures in order to protect these
vulnerable hosts from attacks, so that an attacker is not able to easily access the resources
of host and also tenant objects.
Providers have the ability to access and modify user objects/systems. The following
are the three ways by which security of an object can be breached in PaaS systems :
 A provider may access any user object that resides on its hosts. This type of attack is
inevitable but can be avoided to some extent by trusted relations between the user
and the provider.
®
 Co-tenants, who share the same resources, may mutually attack each other’s objects.
 Third parties may attack a user object. Objects need to securely code themselves to
defend themselves.
 Cryptographic methods namely, symmetric and asymmetric encryption, hashing
and signatures are the solution for object vulnerability. It is the responsibility of the
providers to protect the integrity and privacy of user objects on a host.
Vendor lock-in : Pertaining to the lack of standardisation, vendor lock-in becomes a
key barrier that stops users from migrating to cloud services. Technology related solutions
are being built to tackle this problem of vendor lock-in. Most customers are unaware of
the terms and conditions of the providers that prevent interoperability and portability of
applications. A number of strategies are proposed on how to avoid/lessen lock-in risks
before adopting cloud computing.
Lock-in issues arise when a company decides to change cloud providers but is unable
to migrate its applications or data to a different vendor. This heterogeneity of cloud
semantics creates technical incompatibility, which in turn leads to interoperability and
portability challenges. This makes interoperation, collaboration, portability and
manageability of data and services a very complex task.
3.4.3 Software as a Service

Software-as-a-Service is specifically designed for on demand applications or software
delivery to the cloud users. It gives remote access to softwares that resides on cloud
server not on the user’s device. Therefore, user does not need to install required softwares
in their local device as they are provided remotely through network. The consumer of a
SaaS application only requires thin client software such as a web browser to access the
cloud-hosted application. This reduces the hardware requirements for end-users and
allows for centralized control, deployment and maintenance of the software.
SaaS provides a model for complete infrastructure. It is viewed as a complete cloud
model where hardware, software and the solution, all are provided as a complete service.
You can denote SaaS as software deployed on the cloud or on a hosted service accessed
through a browser, from anywhere over the internet. The user accesses the software, but
all the other aspects of the service are abstracted away from the user. Some examples of
popular SaaS applications are Google Docs, Hotmail, Salesforce and Gmail. The structure
of the SaaS system is illustrated in Fig. 3.4.5.
®
SaaS provides the capability to use applications

supplied by the service provider but does not follow
control of platform or the infrastructure. Most of the users
are familiar with SaaS systems because they offer a
substitute for local software. Examples are : Google
Calendar, Zoho Office Suite, Google Gmail.
SaaS applications come in a variety of applications to
include custom software such as CRM applications, Fig. 3.4.5 : Structure of SaaS
Helpdesk applications, HR applications, billing and

invoicing applications and so on. SaaS applications may not be fully customisable, but
there are many applications that provide APIs for developers to create customised
applications.
The APIs allow modifications to the security model, data schema, workflow
characteristics and other functionalities of services as experienced by the user. Few
examples of SaaS platform enabled by APIs include Salesforce.com, Quicken.com and
others. SaaS apps are delivered by CSPs. This further implies that the user does not have a
hand in infrastructure management or individual app capabilities. Rather the SaaS apps
can be accessed over a thin client web interface. SaaS provides the following services :
 Enterprise - level services
 Web 2.0 applications including social networking, blogs, wiki servers, portal
services, metadata management and so on.
Some of the common characteristics found in SaaS applications are as follows :
 Applications deployed on SaaS are available over the internet and can be accessed
from any location.
 Software can be licensed based on subscriptions or billed based on usage, usually
on a recurring basis.
 The vendor monitors and maintains the software and the service.
 SaaS applications are cheaper because they reduce the cost of distribution and
maintenance. End - user costs are also reduced significantly.
 SaaS enables faster rollout, as features such as automatic rollouts, upgrades, patch
management and other tasks are easier to implement from a centralised system.
 SaaS applications can scale up or scale down based on demand and they have lower
barrier entry compared to their locally installed competitors.
 All SaaS users can have the same version of the software, and hence the issue of
®
compatibility is eliminated.
 SaaS has the capacity to support multiple users.
In spite of the above benefits, there are some drawbacks of SaaS. For example, SaaS is
not suited for applications that need real - time response where there is a requirement for
data to be hosted externally.
3.5 Architectural Design Challenges

The cloud architecture design plays an important role in making cloud services
successful in all aspects, but still it has some challenges. The major challenges involved in
architectural design of cloud computing are shown in Fig. 3.5.1 and explained as follows.
Fig. 3.5.1 : Architectural design challenges in cloud
3.5.1 Challenges related to Data Privacy, Compliance and Security Concerns

Presently, most of the cloud offerings are basically runs on public networks which
renders the infrastructure more susceptible to attack. The most common attacks on the
network include buffer overflows, DoS attacks, spyware, malware, root kits, trojan horses
and worms. With well-known technologies such as encrypted data, virtual LANs and
network middleboxes such as firewalls, packet filters etc., many challenges can be solved
immediately. Newer attacks may result from hypervisor malware, guest hopping and
hijacking or VM rootkits in a cloud environment. Another form of attack on VM
migrations is the man-in-the-middle attack. The passive attacks typically steal personal
data or passwords while active attacks can exploit data structures in the kernel that will
cause significant damage to cloud servers.
®
To protect from cloud attacks, one could encrypt their data before placing it in a cloud.
In many countries, there are laws that allow SaaS providers to keep consumer data and
copyrighted material within national boundaries that also called as compliance or
regulatory standards. Many countries still do not have laws for compliance; therefore, it is
indeed required to check the cloud service providers SLA for executing compliance for
services.
3.5.2 Challenges related to Unpredictable Performance and Bottlenecks

In cloud computing, the cloud platform is responsible for deploying and running
services on the top of resource pool which has shared hardware from different physical
servers. In a production environment, multiple Virtual Machines (VMs) shares the
resources with each other like CPU, memory, I/O and network. Whenever I/O devices
are shared between VMs, it may generate a big challenge during provisioning due to I/O
interfaced between them. It may generate an unpredicted performance and may result
into system bottlenecks. The problem becomes wider when such I/O resources are pulled
across boundaries of cloud. In such scenarios, the accessibility may become complicated
for data placement and transport. To overcome that, data transfer bottlenecks must be
removed, bottleneck links must be widened and weak servers in cloud infrastructure
should be removed. One solution for this challenge is to improve I / O architectures and
operating systems used in physical servers, so that interrupts and I / O channels can be
easily virtualized.
3.5.3 Challenges related to Service Availability and Vendor/Data Lock-in

Due to popularity of cloud computing, many organizations run their mission critical or
business critical applications on cloud with shared infrastructure provided by cloud
service providers. Therefore, any compromise in service availability may result into huge
financial loss. Therefore, managing a single enterprise cloud service is often leads to
single failure points. The solution related to this challenge is use of multiple cloud
providers. In such case, even if a company has multiple data centers located in different
geographic regions, it may have common software infrastructure and accounting systems.
Therefore, using multiple cloud providers may provide more protection from failures.
In such instances, even if an organization has several data centers located in various
geographic regions the multiple cloud service providers can protect their cloud
infrastructure and accounting systems and make them available continuously. The use of
multiple cloud providers will also provide more protection against failures. Such
implementation may ensure the high availability for the organizations. Distributed Denial
®
of Service (DDoS) attacks are another obstacle to availability. Criminals are trying to slash
SaaS providers' profits by making their services out of control. Some utility computing
services give SaaS providers the ability to use quick scale - ups to protect themselves
against DDoS attacks.
In some cases, due the failure of a single company who was providing cloud storages
the lock - in concern arises. As well as because of some vendor - lock in solutions of cloud
services providers, organizations face difficulties in migrating to new cloud service
provider. Therefor to mitigate those challenges related to data lock in and vendor lock in,
software stacks can be used to enhance interoperability between various cloud platforms
as well as standardize APIs to rescue data loss due to a single company failure. It also
supports "surge computing" that has the same technological framework in both public
and private clouds and is used to catch additional tasks that cannot be performed
efficiently in a private cloud's data center.
3.5.4 Challenges related to Cloud Scalability, Interoperability and

Standardization
In cloud computing, pay-as-you-go model refers to utility - based model where bill for
storage and the bandwidth of the network are calculated according to the number of
bytes used. Depending on the degree of virtualization, computation is different. Google
App Engine scales and decreases automatically in response to load increases; users are
paid according to the cycles used. Amazon Web Service charges the number of instances
used for VM by the hour, even though the computer is idle. The potential here is to scale
up and down quickly in response to load variability, to save money, but without
breaching SLAs. In virtualization, the Open Virtualization Format (OVF) defines an open,
secure, portable, effective and extensible format for VM packaging and delivery. It also
specifies a format to be used to distribute the program in VMs. It also specifies a
transportation framework for VM templates, which can refer to various virtualization
platforms with different virtualization levels.
The use of a different host platform, virtualization platform or guest operating system
does not depend on this VM format. The solution is to address virtual platform - agnostic
packaging with bundled device certification and credibility. The package provides
support for virtual appliances that span more than one VM. The ability of virtual
appliances needs to be proposed to operate on any virtual platform in terms of cloud
standardization to allow VMs to run hypervisors on heterogeneous hardware platforms.
The cloud platform should also introduce live cross - platform migration between x86
®
Intel and AMD technologies and support legacy load balancing hardware to avoid the
challenges related to interoperability.
3.5.5 Challenges related to Software Licensing and Reputation Sharing

Most of the cloud computing providers primarily depended on open source software,
as the commercial software licensing model is not suitable for utility computing. The key
opportunity is either to stay popular with open source, or simply to encourage
commercial software companies to adjust their licensing structure to suit cloud
computing better. One may consider using both pay-for-use and bulk licensing schemes
to broaden the scope of the company. Bad conduct by one client can affect the credibility
of the cloud as a whole. For example, In AWS, spam - prevention services can restrict
smooth VM installation by blacklisting of EC2 IP addresses. An advantage would be to
build reputation - guarding services similar to those currently provided through "trusted
e-mail" providers for providers hosted on smaller ISPs. Another legal issue concerns the
transfer of legal responsibility. Cloud services require consumers to remain legally
accountable and vice versa. This problem needs to be solved at SLA level.
3.5.6 Challenges related to Distributed Storage and Bugs in Softwares

In cloud applications the database services continuously grow. The potential is to
build a storage infrastructure that not only fulfills this growth but also blends it with the
cloud benefit of scaling up and down dynamically on demand. That involves the design
of efficiently distributed SANs. The data centers will meet the standards of programmers
in terms of scalability, system reliability and HA. A major problem in cloud computing is
data consistency testing in SAN - connected data centers. Large - scale distributed bugs
cannot be replicated, so debugging must take place on a scale in the data centers for
production. Hardly any data center will deliver that convenience. One solution may be to
focus on using VMs in cloud computing. The virtualization level can allow valuable
information to be captured in ways that are impossible without using VMs. Debugging
on simulators is another way to fix the problem, if the simulator is well designed.
3.6 Cloud Storage

With the rise in the popularity of cloud computing, you may be wondering where and
how the data is stored in the cloud. The model in which the digital data is stored in logical
pools is a cloud storage. Your data is stored in an online repository. So, it is the
responsibility of the storage service provider to take care of the data files. Take an
example of the email service you are using, like Gmail, Yahoo etc. The emails you send or
®
receive are not stored on your local hard disks but are kept on the email providers’ server.
It is important to note that none of the data is stored on your local hard drives.
It is true that all computer owners store data. For these users, finding enough storage
space to hold all the data they have accumulated seems like impossible mission. Earlier,
people stored information in the computer’s hard drive or other local storage devices, but
today, this data is saved in a remote database. The Internet provides the connection
between the computer and the database. Fig. 3.6.1 illustrates how cloud storage works.
Fig. 3.6.1 : The working of cloud storage
People may store their data on large hard drives or other external storage devices like
thumb drives or compact discs. But with cloud, the data is stored in a remote database.
Fig. 3.6.1 consists of a client computer, which has a bulk of data to be stored and the
control node, a third-party service provider, which controls several databases together.
Cloud storage system has storage servers. The subscriber copies their files to the storage
servers over the internet, which will then record the data. If the client needs to retrieve the
data, the client accesses the data server with a web - based interface, and the server either
sends the files back to the client or allows the client to access and manipulate the data
itself.
Cloud storage is a service model in which data is maintained, managed and backed up
remotely and made available to users over a network. Cloud storage provides extremely
efficient storage of objects that scales to exabytes of data. It allows to access data from any
storage class instantly, integrate storage with a single unified API into your applications
and optimize the performance with ease. It is the responsibility of cloud storage providers
®
to keep the data available and accessible and to secure and run the physical environment.
Even though data is stored and accessed remotely, you can maintain data both locally and
on the cloud as a measure of safety and redundancy.
The cloud storage system requires one data server to be connected to the internet. The
copies of files are sent by the client to that data server, which saves the information. The
server sends the files back to the client. Through the web - based interface, the server
allows the client to access and change the files on the server itself, whenever he or she
wants to retrieve it. The connection between the computer and database is provided by
the internet. Cloud storage services, however, use tens or hundreds of data servers. Since
servers need maintenance or repair, it is important to store stored data on several
machines, providing redundancy. Without redundancy, cloud storage services could not
guarantee clients that they would be able to access their information at any given time.
There are two techniques used for storing the data on cloud called cloud sync and cloud
backup which are explained as follows.
3.6.1 Difference between Cloud Sync and Cloud Backup

 Cloud sync : Cloud sync stores the same set of most up-to-date version of files and
folders on client devices and cloud storage. When you modify the data, sync
uploads those updated files, which can be manually downloaded by the user. This
is one-way sync. In two - way sync, the intermediate storage is a cloud. Cloud sync
is suitable for the organisations or people who use multiple devices regularly. Some
cloud sync services are Dropbox, iCloud Drive, OneDrive, Box and Google Drive.
These services match up organisers on your PC to folders on different machines or
to the cloud – enabling clients to work from a folder or directory from anywhere.
 Cloud backup : Sending a copy of the data over a public network to an off - site
server is called cloud backup and is handled by a third - party service provider. Some
cloud backup services are IBackup, Carbonite, Back Blaze, etc. These services work
out of sight naturally. The client does not have to make any move, such as setting up
folders. Backup services commonly go down any new or changed information on
your PC to another area.
3.7 Storage as a Service

Storage as a service comes across as a good substitute for a small or medium scale
organisations who are not efficient enough have their own storage infrastructure, have
budget constraints and lacks technical personnel for storage implementation. It is an
outsource model which allows third party providers (organizations) to rent space on their
®
storage to end users, who lacks a budget or a capital budget to pay for it on their own.
End users store their data on rented storage space at remote location on cloud. The
storage as a service providers rent their storage space to the organizations on a cost-per-
gigabyte stored or cost-per-data-transfer basis. The end user doesn't have to pay for the
infrastructure; they only pay for how much they're transferring and saving data on the
servers of the provider.
The storage as a service is a good alternative for small or mid - size businesses that
lacks the capital budget to implement and maintain their own storage infrastructure. The
key providers of storage as a service are Amazon S3, Google Cloud Storage, Rackspace,
Dell EMC, Hewlett Packard Enterprise (HPE), NetApp and IBM etc. It is also being
promoted as a way for all companies to mitigate their risks in disaster recovery, provide
long-term retention of records and enhance both business continuity and availability. The
small - scale enterprises find it very difficult and costly to buy dedicated storage
hardware for data storage and backup. This issue is addressed by storage as a service,
which is a business model that help the small companies in renting storage from large
companies who have wider storage infrastructure. It is also suitable if the technical staff
are not available or have insufficient experience to implement and manage the storage
infrastructure.
Individuals as well as small companies can use storage as a service to save cost and
manage backups. They can save cost in hardware, personnel and physical space. Storage
as a service is also called as hosted storage. Storage Service Provider (SSP) are those
companies which are providing storage as a service. SaaS vendors promotes SaaS as a
suitable way of managing backups in the enterprise. They target the secondary storage
applications. It also helps in mitigating the effect of disaster recovery.
Storage providers are responsible for storing data of their customers using this model.
The storage provider provides the software required for the client to access their stored
data on cloud from anywhere and at any time. Customers use that software to perform
standard storage related activities, including data transfers and backups. Since storage as
a service vendors agree to meet SLAs, businesses can be assured that storage can scale
and perform as required. It can facilitate direct connections to both public and private
cloud storage.
In most instances, organizations use storage as a service that opt public cloud for
storage and backup purpose instead of keeping data on premises. The methods provided
by storage as a service include backup and restore, disasters recovery, block storage, SSD
storage, object storage and transmission of bulk data. The backup and restore refers to
data backup to the cloud which provides protection and recovery when data loss occurs.
®
Disaster recovery may refer to protecting and replicating data from Virtual Machines
(VMs) in case of disaster. Block storage allows customers to provision block storage
volumes for lower - latency I/O. SSD storage is another type of storage generally used for
data intensive read/write and I/O operations. Object storage systems are used in in data
analytics, disaster recovery and cloud applications. Cold storage is used for quick creation
and configuration of stored data. Bulk data transfers can use disks and other equipment
for bulk data transmission.
There are many cloud storage providers available on the internet, but some of the
popular storage as a service providers are listed as follows :
 Google drive - The google provides Google Drive as a storage service for every
Gmail user who can store up to 15 GB of data free of cost which can scale up to ten
terabytes. It allows to use Google Docs embedded with google account to upload
documents, spreadsheets and presentations to Google’s data servers.
 Microsoft one drive - Microsoft provides One drive with 5 GB free storage space
which is scalable to 5 TB for storing users’ files. It is embedded with Microsoft 365
and Outlook mails. It allows to synchronize files between the cloud and a local
folder along with providing a client software for any platform to store and access
files from multiple devices. It allows to backed-up files with ransomware protection
as well as allowing to recover previous saved versions of files or data from the
cloud.
 Drop box - Dropbox is a file hosting service, that offers cloud storage, file
synchronization, personal cloud and client software services. It can be installed and
run on any OS platform. It provides free storage space of 2 GB which can scale up to
5 TB.
 MediaMax and Strongspace - They offer rented storage space for any kind of
digital data to be stored on cloud servers.
3.7.1 Advantages of Storage as a Service

The key advantages of storage as a service are given as follows
 Cost - Storage as a service reduces much of the expense of conventional backup
methods, by offering ample cloud storage space at a small monthly charge.
 Invisibility - Storage as a service is invisible, as no physical presence can be seen in
its deployment, and therefore does not take up valuable office space.
 Security - In this type of service, data is encrypted both during transmission and
during rest, ensuring no unauthorized access to files by the user.
®
 Automation - Storage as a service makes the time - consuming process of backup

easier to accomplish through automation. Users can simply select what and when
they want to backup and the service does the rest of it.
 Accessibility - By using storage as a service, users can access data from
smartphones, netbooks to desktops and so on.
 Syncing - Syncing in storage as a service ensures that your files are updated
automatically across all of your devices. This way, the latest version of a user file
stored on their desktop is available on your smartphone.
 Sharing - Online storage services make it easy for users to share their data with just
a few clicks.
 Collaboration - Cloud storage services are also ideal for collaborative purposes.
They allow multiple people to edit and collaborate in a single file or document. So,
with this feature, users don't need to worry about tracking the latest version or who
made any changes.
 Data protection - By storing data on cloud storage services, data is well protected
against all kinds of disasters such as floods, earthquakes and human error.
 Disaster recovery - Data stored in the cloud is not only protected from disasters by
having the same copy at several locations, but can also favor disaster recovery in
order to ensure business continuity.
3.7.2 Disadvantages of Storage as a Service

The disadvantages of storage as a service are given as follows
 Potential downtimes : Due to failure in cloud, vendors may go through periods of
downtime where the service is not available, which may be a major issue for
mission - critical data.
 Limited customization : As the cloud infrastructure is owned and managed by the
service provider, it is less customizable.
 Vendor lock-in : Due to potential for vendor lock-in, it may be difficult to migrate
from one service provider to another.
 Unreliable - In some cases, there is still a possibility that the system could crash and
leave consumers with no means of accessing their stored data. The small service
provider becomes unreliable in that case. Therefore, when a cloud storage system is
unreliable, it becomes a liability. No one wants to save data on an unstable platform
or trust a organization that is unstable. Most cloud storage providers seek to resolve
the issue of reliability through redundancy.
®
3.8 Advantages of Cloud Storage

In today’s scenario, cloud storage is an extremely important and valuable tool for all
kind of businesses. Therefore, it is necessary to understand the benefits and risks
associated with cloud storage. We will now discuss some benefits and risks of the cloud
technology.
The following are the benefits of cloud storage :
 Accessibility : With the internet, clients can access the information from anyplace
and at any time using devices such as smartphones, laptops, tablets, etc. This
reduces the stress of transferring files. Also, files remain same across all the devices.
The cloud storage gives you freedom to access to your files from anywhere, at any
time and on any device through an internet connection.
 Greater collaboration : Without wasting time, cloud storage enables you to transfer
or share files or folders in a simple and a quick way. It removes the pain of sending a
lot of emails to share files. This helps save your time and provides better
collaboration. Also, all the changes are automatically saved and shared with the
collaborators.
 Security : Security is a major concern when it comes to your confidential data.
Cloud storage is secure, with various encryption techniques that prevent
unauthorised access. Cloud storage providers complement their services with
additional security layers. Since there are many users with files stored in the cloud,
these services go to great lengths to ensure that the files are not accessed by anyone
who are not authorized for.
 Cost - efficient : Cloud storage, which is an online repository, eliminates the cost of
hard drives or any other external devices like compact disks. Organisations do not
need to spend extra money on additional expensive servers. There is plenty of space
in online storage. The physical storage's can be expensive than cloud storage as
cloud storage provides remarkably cheaper per GB pricing without the need for
hardware storage than using external drives.
 Instant data recovery : You can access your files in the cloud and recover them in
case of a hard drive failure or some other hardware malfunction. It serves as a
backup solution for your physical drives data stored locally. Cloud storage allows
easy recovery of your original files and restores them with minimal downtime.
 Syncing and updating : When you deal with cloud storage, any time you make
changes to a file from which you access the cloud will be synchronized and
modified across all of your devices.
®
 Disaster recovery : Companies are highly advised to have an emergency response

plan ready in case of an emergency. Enterprises may use cloud storage as a back -
up service by offering a second copy of critical files. Such files are stored remotely,
and can be accessed through an internet connection.
3.8.1 Risks in Cloud Storage

The following are the risks in cloud storage :
 Dependency : It is also known as “vendor-lock-in”. The term alludes to the
difficulties in moving from one cloud specialist organisation to other. This is because
of the movement of information. Since administrations keep running over a remote
virtual condition, the client is furnished with restricted access over the product and
equipment, which gives rise to concerns about control.
 Unintended permanence : There have been scenarios when cloud users complain
that specific pictures have been erased in the current ‘iCloud hack’. In this way, the
specialist organisations are in full commitment that the client’s information ought
not be damaged or lost. Consequently, clients are urged to make full utilisation of
cloud backup offices. Subsequently, the duplicates of documents might be recovered
from the servers, regardless of the possibility that the client loses its records.
 Insecure interfaces and APIs : To manage and interact with cloud services, various
interfaces and APIs are used by customers. Two categories of web - based APIs are
SOAP (based on web services) and REST (based on HTTP). These APIs are easy
targets for man-in-the-middle or replay attacks. Therefore, secure authentication,
encryption and access control must be used to provide protection against these
malicious attacks.
 Compliance risks : It is a risk for organisations that have earned certifications to
either meet industry standards or to gain the competitive edge when migrating to
clouds. This is a risk when cloud provider does not follow their own compliance
requirements or when the cloud provider does not allow the audit by the cloud
customer.
3.8.2 Disadvantages of Cloud Storage

 Privacy concerns : In cloud storage, the data no longer exists on your physical disks
as it stores on cloud platform run by cloud service providers. In many cases, the
storage solutions are outsourced by cloud providers to other firms, in such cases the
privacy concerns may arises due to intervention of third - party providers.
 Dependency on internet connection : The data file can only be moved to a cloud
®
server when your internet connection remains working. When your internet
connection faces technical problems or stops functioning, you will face difficulties
in transmitting the data to or recovering from remote server.
 Compliance problems : Many cloud service providers are prone to weaker
compliance as many countries restrict cloud service providers to expose their users
data across country’s geographic boundaries and if they do so, they may get
penalized or may leads to closure of IT operations of specific cloud service provider
in that country that may leads to huge data loss. Therefore, one should never
purchase cloud storage from an unknown source or third parties and always decide
to buy from well - established companies. It might not be possible to operate within
the public cloud depending on the degree of regulation within your industry. This
is particularly the case for healthcare, financial services and publicly traded
enterprises that need to be very cautious when considering this option.
 Vulnerability to attacks : The vulnerability to external hack attacks is present with
your business information stored in the cloud. The internet is not entirely secure,
and for this reason, sensitive data can still be stealthy.
 Data management : Managing cloud data can be a challenge because cloud storage
systems have their own structures. Your business current storage management
system may not always fit well with the system offered by the cloud provider.
 Data protection concerns : Cloud protection and privacy : There are issues about
the remote storage of sensitive and essential data. Before adopting cloud
technologies, you should be aware that you are providing a third - party cloud
service provider with confidential business details and that could potentially harm
your firm. That's why it's crucial to choose a trustworthy service provider you trust
to keep your information protected.
3.9 Cloud Storage Providers

The cloud storage provider, also known as the Managed Service Provider (MSP), is a
company that provides organizations and individuals with the ability to place and retain
data in an off - site storage system. Customers can lease cloud storage capacity per month
or on request. Cloud storage provider hosts customer data in its own data center,
providing cost - based computing, networking and storage infrastructure. Individual and
corporate customers can have unlimited storage capacity on the provider's servers at a
low per - gigabyte price. Instead of storing data on local storage devices, such as a hard
disk drive, flash storage or tape, customers choose a cloud storage provider to host data
®
on a remote data center system. Users can then access these files via an internet
connection. The cloud storage provider also sells non - storage services at a fee.
Enterprises purchase computing, software, storage and related IT components as discreet
cloud services with a pay-as-you-go license. Customers may choose to lease infrastructure
as a service; platform as a service; or security, software and storage as a service. The level
and type of services chosen are set out in a service level agreement signed with the
provider. The ability to streamline costs by using the cloud can be particularly beneficial
for small and medium - sized organizations with limited budgets and IT staff. The main
advantages of using a cloud storage provider are cost control, elasticity and self - service.
Users can scale computing resources on demand as needed and then discard those
resources after the task has been completed. This removes any concerns about exceeding
storage limitations with on - site networked storage. Some of popular cloud storage
providers are Amazon Web Services, Google, Microsoft, Nirvanics and so on. The
description about popular cloud storage providers are given as follows :
 Amazon S3 : Amazon S3 (Simple Storage Service) offers a simple cloud services
interface that can be used to store and retrieve any amount of data from anywhere
on the cloud at any time. It gives every developer access to the same highly scalable
data storage infrastructure that Amazon uses to operate its own global website
network. The goal of the service is to optimize the benefits of scale and to pass those
benefits on to the developers.
 Google Bigtable datastore : Google defines Bigtable as a fast and highly scalable
datastore. The google cloud platform allows Bigtable to scale through thousands of
commodity servers that can store petabytes of data together. Bigtable has been
designed with very high speed, versatility and extremely high scalability in mind.
The size of the Bigtable database can be petabytes, spanning thousands of
distributed servers. Bigtable is now open to developers as part of the Google app
engine, their cloud computing platform.
 Microsoft live mesh : Windows live mesh was a free-to-use internet - based file
synchronization application designed by Microsoft to enable files and directories
between two or more computers to be synchronized on Windows or Mac OS
platforms. It has support of mesh objects that consists of data feeds, which can be
represented in Atom, RSS, JSON, or XML. It uses live framework APIs to share any
data item between devices that recognize the data.
®
 Nirvanix : Nirvanix offers public, hybrid and private cloud storage services with
usage - based pricing. It supports Cloud - based Network Attached Storage
(CloudNAS) to store data in premises. Nirvanix CloudNAS is intended for
businesses that manage archival, backup or unstructured archives that need long -
term, secure storage, or organizations that use automated processes to migrate files
to mapped drives. The CloudNAS has built - in disaster data recovery and
automatic data replication feature for up to three geographically distributed storage
nodes.
3.10 Simple Storage Service (S3)

Amazon S3 offers a simple web services interface that can be used to store and retrieve
any amount of data from anywhere, at any time on the web. It gives any developer access
to the same scalable, secure, fast, low - cost data storage infrastructure that Amazon uses
to operate its own global website network. S3 is an online backup and storage system. The
high - speed data transfer feature known as AWS Import/Export will exchange data to
and from AWS using Amazon’s own internal network to another portable device.
Amazon S3 is a cloud - based storage system that allows storage of data objects in the
range of 1 byte up to 5 GB in a flat namespace. The storage containers in S3 have
predefined buckets, and buckets serve the function of a directory, though there is no
object hierarchy to a bucket, and the user can save objects to it but not files. Here it is
important to note that the concept of a file system is not associated with S3 because file
systems are not supported, only objects are stored. In addition to this, the user is not
required to mount a bucket, as opposed to a file system. Fig. 3.10.1 shows an S3
diagrammatically.
Fig. 3.10.1 : AWS S3
S3 system allows buckets to be named (Fig. 3.10.2), but the name must be unique in the
S3 namespace across all consumers of AWS. The bucket can be accessed through the S3
web API (with SOAP or REST), which is similar to a normal disk storage system.
®
Fig. 3.10.2 : Source bucket
The performance of S3 is limited for use with non-operational functions such as data
archiving, retrieval and disk backup. The REST API is more preferred to SOAP API
because it is easy to work with large binary objects in REST.
Amazon S3 offers large volumes of reliable storage with high protection and low
bandwidth access. S3 is most ideal for applications that need storage archives. For
example, S3 is used by large storage sites that share photos and images.
The APIs to manage the bucket has the following features :
 Create new, modify or delete existing buckets.
 Upload or download new objects to a bucket.
 Search and identify objects in buckets.
 Identify metadata associated with objects and buckets.
 Specify where the bucket is stored.
 Provide public access to buckets and objects.
The S3 service can be used by many users as a backup component in a 3-2-1 backup
method. This implies that your original data is 1, a copy of your data is 2 and an off-site
copy of data is 3. In this method, S3 is the 3rd level of backup. In addition to this, Amazon
S3 provides the feature of versioning.
®
In versioning, every version of the object stored in an S3 bucket is retained, but for this,
the user must enable the versioning feature. Any HTTP or REST operation, namely PUT,
POST, COPY or DELETE will create a new object that is stored along with the older
version. A GET operation retrieves the new version of the object, but the ability to recover
and undo actions are also available. Versioning is a useful method for reserving and
archiving data.
3.10.1 Amazon Glacier

Amazon glacier is very low - price online file storage web service which offer secure,
flexible and durable storage for online data backup and archiving. This web service is
specially designed for those data which are not accessed frequently. That data which is
allowed to be retrieved within three to five hours can use amazon glacier service.
You can virtually store any type of data, any format of data and any amount of data
using amazon glacier. The file in ZIP and TAR format are the most common type of data
stored in amazon glacier.
Some of the common use of amazon glacier are :
 Replacing the traditional tape solutions with backup and archive which can last
longer.
 Storing data which is used for the purposes of compliance.
3.10.2 Glacier Vs S3
Both amazon S3 and amazon glacier work almost the same way. However, there are
certain important aspects that can reflect the difference between them. Table 3.10.1 shows
the comparison of amazon glacier and amazon S3 :
Amazon Glacier Amazon S3
It supports 40 TB archives It supports 5 TB objects
It is recognised by archive IDs which are It can use “friendly” key names
system generated
It encrypts the archives automatically It is optional to encrypt the data automatically
It is extremely low - cost storage Its cost is much higher than Amazon Glacier
Table 3.10.1 : Amazon Glacier Vs Amazon S3
You can also use amazon S3 interface for availing the offerings of amazon glacier with
no need of learning a new interface. This can be done by utilising Glacier as S3 storage
class along with object lifecycle policies.
®
Summary
 The cloud architecture design is the important aspect while designing a cloud.
Every cloud platform is intended to provide four essential design goals like
scalability, reliability, efficiency, and virtualization. To achieve this goal, certain
requirements has to be considered.
 The layered architecture of a cloud is composed of three basic layers called
infrastructure, platform, and application. These three levels of architecture are
implemented with virtualization and standardization of cloud-provided
hardware and software resources.
 The NIST cloud computing reference architecture is designed with taking help of
IT vendors, developers of standards, industries and other governmental
agencies, and industries at a global level to support effective cloud computing
security standards and their further development.
 A cloud deployment models are defined according to where the computing
infrastructure resides and who controls the infrastructure. There are four
deployment models are characterized based on the functionality and
accessibility of cloud services namely Public, Private, Hybrid and community.
 The public cloud services are runs over the internet. Therefore, the users who
want cloud services have to have internet connection in their local device,
private cloud services are used by the organizations internally and most of the
times it run over the intranet connection, Hybrid cloud services are composed of
two or more clouds that offers the benefits of multiple deployment models while
community cloud is basically the combination of one or more public, private or
hybrid clouds, which are shared by many organizations for a single cause.
 The most widespread services of cloud computing are categorised into three
service classes which are also called Cloud service models namely IaaS, PaaS
and SaaS.
 Infrastructure-as-a-Service (IaaS) can be defined as the use of servers, storage,
computing power, network and virtualization to form utility like services for
users, Platform as a Service can be defined as a computing platform that allows
the user to create web applications quickly and easily and without worrying
about buying and maintaining the software and infrastructure while Software-
as-a-Service is specifically designed for on demand applications or software
delivery to the cloud users.
 There are six challenges related to cloud architectural design related to data
privacy, security, compliance, performance, interoperability, standardization,
service availability, licensing, data storage and bugs.
®
 Cloud storage is a service model in which data is maintained, managed and

backed up remotely and made available to users over a network. Cloud Storage
provides extremely efficient storage of objects that scales to exabytes of data.
 The Storage as a Service is an outsource model which allows third party
providers (organizations) to rent space on their storage to end users, who lacks a
budget or a capital budget to pay for it on their own.
 The cloud storage provider, also known as the Managed Service Provider (MSP),
is a company that provides organizations and individuals with the ability to
place and retain data in an off-site storage system.
 Amazon S3 offers a simple web services interface that can be used to store and
retrieve any amount of data from anywhere, at any time on the web. It gives any
developer access to the same scalable, secure, fast, low-cost data storage
infrastructure that Amazon uses to operate its own global website network.
Short Answered Questions
Q.1 Bring out differences between private cloud and public cloud. AU : Dec.-16
Ans. : The differences between private cloud and public cloud are given in Table 3.1.
Sr. No Feature Public Cloud Private Cloud
1 Scalability Very High Limited
2 Security Less Secure Most Secure
3 Performance Low to Medium Good
4 Reliability Medium High
5 Upfront Cost Low Very High
6 Quality of Service Low High
7 Network Internet Intranet
8 Availability For General Public Organizations Internal Staff
Openstack, VMware
9 Example Windows Azure, AWS etc. Cloud, CloudStack,
Eucalyptus etc.
Table 3.1 : Comparison between various cloud deployment models
Q.2 Why do we need hybrid cloud ? AU : Dec.-16
®
Ans. : The hybrid cloud services are composed of two or more clouds that offers the
benefits of multiple deployment models. It mostly comprises on premise private cloud
and off - premise public cloud to leverage benefits of both and allow users inside and
outside to have access to it. The hybrid cloud provides flexibility such that users can
migrate their applications and services from private cloud to public cloud and vice
versa. It becomes most favored in IT industry because of its eminent features like
mobility, customized security, high throughput, scalability, disaster recovery, easy
backup and replication across clouds, high availability and cost efficient etc. The other
benefits of hybrid cloud are
 Easily - accessibility between private cloud and public cloud with plan for disaster
recovery.
 We can take a decision about what needs to be shared on public network and what
needs to be kept private.
 Get unmatched scalability as per demand.
 Easy to control and manage public and private cloud resources.
Q.3 Write a short note on community cloud. AU : Dec.-18

Ans. : Refer section 3.3.4.
Q.4 Summarize the differences between PaaS and SaaS. AU : May-17

Ans. : The differences between PaaS and SaaS are given as follows.
Platform as a Service (PaaS) Software as a Service (SaaS)

It is used for providing a platform to develop, It is used for on demand software or
deploy, test or run web applications quickly application delivery over the internet or
and easily without worrying about buying and intranet.
maintaining the software and infrastructure.
It is used for web hosting. It is used for software or application hosting.
It provides tools for development, deployment It provides hosted software stack to the users
and testing the softwares along with from which they can get access to particular
middleware solutions, databases, and APIs for software at any time over the network.
developers.
It is used by developers. It is used by end users.
The abstraction in PaaS is moderate. The abstraction in SaaS is very high.
It has significantly lower degree of control than It has higher degree of control than PaaS.
SaaS.
Risk of vendor-interlocking is medium. Risk of vendor-interlocking is very high.
®
Operational cost is lower than IaaS. Operational cost is very minimal than IaaS
and PaaS.
It has lower portability than IaaS. It doesn’t provide portability.
Examples : AWS Elastic Beanstalk, Windows Examples : Google Apps, Dropbox,
Azure, Heroku, Force.com, Google App Salesforce, Cisco WebEx, Concur,
Engine, Apache Stratos, OpenShift GoToMeeting
Q.5 Who are the major players in the cloud ? AU : May-19

Ans. : There are many major players who provides cloud services, some of them with
their services supported are given in Table 3.2.
Sr. No. Name of Supported services Deployment
Cloud service model
provider
1) Amazon Web Infrastructure as a Services using EC2, Platform Public cloud
Service (AWS) as a service using elastic beanstalk, Database as a
service using RDB, Storage as a service using S3,
Network as a service using pureport, Containers
as a service using amazon elastic container
service, Serverless computing using lambda etc.
2) Openstack Infrastructure as a services using Nova, Platform Private cloud
as a service using Solum, Database as a service
using Trove, Network as a service using
Neutron, Big data as a service using Sahara etc.
3) Google cloud Infrastructure as a services using google compute Public cloud
platform engine, Platform as a service using google app
engine, Software as a service using google docs,
Gmail and google suit, Database as a service
using Cloud SQL, Containers as a service using
Kubernetes, Serverless computing using
functions as a service, Big data as a service using
Big Query, Storage as a service google cloud
storage, etc.
4) Microsoft azure Infrastructure as a services using azure virtual Public cloud
machines, Platform as a service using azure app
services, Database as a service using azure SQL,
Storage as a service using azure Blob storage,
Containers as a service using azure Kubernetes
service, Serverless computing using azure
functions etc.
®
5) Salesforce Software as a service Public cloud

6) Oracle Cloud Infrastructure as a services using Oracle Cloud Public cloud
Infra OCI, Platform as a service using Oracle
application container, Storage as a service using
Oracle Cloud Storage OCI, Containers as a
service using Oracle Kubernetes service,
Serverless computing using Oracle cloud Fn etc.
7) Heroku Cloud Platform as a service Public cloud
Q.6 What are the basic requirements for cloud architecture design ?
Ans. : The basic requirements for cloud architecture design are given as follows :
 The cloud architecture design must provide automated delivery of cloud services
along with automated management.
 It must support latest web standards like Web 2.0 or higher and REST or RESTful
APIs.
 It must support very large - scale HPC infrastructure with both physical and virtual
machines.
 The architecture of cloud must be loosely coupled.
 It should provide easy access to cloud services through a self-service web portal.
 Cloud management software must be efficient to receive the user request, finds the
correct resources, and then calls the provisioning services which invoke the resources
in the cloud.
 It must provide enhanced security for shared access to the resources from data
centers.
 It must use cluster architecture for getting the system scalability.
 The cloud architecture design must be reliable and flexible.
 It must provide efficient performance and faster speed of access.
Q.7 What are different layers in layered cloud architecture design ?

Ans. : The layered architecture of a cloud is composed of three basic layers called
infrastructure, platform, and application. The infrastructure layer consists of virtualized
services for computing, storage, and networking. It is responsible for provisioning
infrastructure components like Compute (CPU and memory), Storage, Network and IO
resources to run virtual machines or virtual servers along with virtual storages. The
platform layer is responsible for providing readily available development and
deployment platform for web applications to the cloud users without needing them to
®
install in a local device. The platform layer has collection of software tools for
development, deployment and testing the software applications. A collection of all
software modules required for SaaS applications forms the application layer. This layer
is mainly responsible for making on demand application delivery. In this layer,
software applications include day-to-day office management softwares used for
information collection, document processing, calendar and authentication. Enterprises
also use the application layer extensively in business marketing, sales, Customer
Relationship Management (CRM), financial transactions, and Supply Chain
Management (SCM).
Q.8 What are different roles of cloud providers ?
Ans. : Cloud provider is an entity that offers cloud services to interested parties. A
cloud provider manages the infrastructure needed for providing cloud services. The
CSP also runs the software to provide services, and organizes the service delivery to
cloud consumers through networks.
SaaS providers then deploy, configure, maintain and update all operations of the
software application on the cloud infrastructure, in order to ensure that services are
provisioned and to fulfil cloud consumer service requests. SaaS providers assume most
of the responsibilities associated with managing and controlling applications deployed
on the infrastructure. On the other hand, SaaS consumers have no or limited
administrative controls.
The major activities of a cloud provider include :
 Service deployment : Service deployment refers to provisioning private, public,
hybrid and community cloud models.
 Service orchestration : Service orchestration implies the coordination, management
of cloud infrastructure, and arrangement to offer optimized capabilities of cloud
services. The capabilities must be cost-effective in managing IT resources and must
be determined by strategic business needs.
 Cloud services management : This activity involves all service-related functions
needed to manage and operate the services requested or proposed by cloud
consumers.
 Security : Security, which is a critical function in cloud computing, spans all layers in
the reference architecture. Security must be enforced end-to-end. It has a wide range
from physical to application security. CSPs must take care of security.
®
Fig. 3.1 : Major activities of a cloud provider
 Privacy : Privacy in cloud must be ensured at different levels, such as user privacy,
data privacy, authorization and authentication, and it must also have adequate
assurance levels. Since clouds allow resources to be shared, privacy challenges are a
big concern for consumers using clouds.
Q.9 What are different complications in PaaS ?
Ans. : The following are some of the complications or issues of using PaaS :
 Interoperability : PaaS works best on each provider’s own cloud platform, allowing
customers to make the most value out of the service. But the risk here is that the
customisations or applications developed in one vendor’s cloud environment may
not be compatible with another vendor, and hence not necessarily migrate easily to
it.
Although most of the times customers agree with being hooked up to a single
vendor, this may not be the situation every time. Users may want to keep their
options open. In this situation, developers can opt for open-source solutions. Open-
source PaaS provides elasticity by revealing the underlying code, and the ability to
install the PaaS solution on any infrastructure. The disadvantage of using an open
source version of PaaS is that certain benefits of an integrated platform are lost.
 Compatibility : Most businesses have a restricted set of programming languages,
architectural frameworks and databases that they deploy. It is thus important to
make sure that the vendor you choose supports the same technologies. For example,
if you are strongly dedicated to a .NET architecture, then you must select a vendor
with native .NET support. Likewise, database support is critical to performance and
minimising complexity.
®
 Vulnerability and Security : Multitenancy lets users to be spread over interconnected

hosts. The providers must take adequate security measures in order to protect these
vulnerable hosts from attacks, so that an attacker is not able to easily access the
resources of host and also tenant objects.
 Providers have the ability to access and modify user objects/systems. The following
are the three ways by which security of an object can be breached in PaaS systems :
o A provider may access any user object that resides on its hosts. This type of attack
is inevitable but can be avoided to some extent by trusted relations between the
user and the provider.
o Co-tenants, who share the same resources, may mutually attack each other’s
objects.
o Third parties may attack a user object. Objects need to securely code themselves to
defend themselves.
o Cryptographic methods, namely symmetric and asymmetric encryption, hashing
and signatures are the solution for object vulnerability. It is the responsibility of
the providers to protect the integrity and privacy of user objects on a host.
 Vendor lock-in : Pertaining to the lack of standardisation, vendor lock-in becomes a
key barrier that stops users from migrating to cloud services. Technology related
solutions are being built to tackle this problem of vendor lock-in. Most customers are
unaware of the terms and conditions of the providers that prevent interoperability
and portability of applications. A number of strategies are proposed on how to
avoid/lessen lock-in risks before adopting cloud computing.
Lock-in issues arise when a company decides to change cloud providers but is
unable to migrate its applications or data to a different vendor. This heterogeneity of
cloud semantics creates technical incompatibility, which in turn leads to
interoperability and portability challenges. This makes interoperation, collaboration,
portability and manageability of data and services a very complex task.
Q.10 Enlist the pros and cons of storage as a service.
Ans. : The key advantages or pros of storage as a service are given as follows :
 Cost - Storage as a service reduces much of the expense of conventional backup

methods, by offering ample cloud storage space at a small monthly charge.
 Invisibility - Storage as a service is invisible, as no physical presence can be seen in
its deployment, and therefore does not take up valuable office space.
 Security - In this type of service, data is encrypted both during transmission and
during rest, ensuring no unauthorized access to files by the user.
®
 Automation - Storage as a service makes the time-consuming process of backup

easier to accomplish through automation. Users can simply select what and when
they want to backup, and the service does the rest of it.
 Accessibility - By using storage as a service, users can access data from smartphones,
netbooks to desktops, and so on.
 Syncing - Syncing in storage as a service ensures that your files are updated
automatically across all of your devices. This way, the latest version of a user file
stored on their desktop is available on your smartphone.
 Sharing - Online storage services make it easy for users to share their data with just a
few clicks.
 Collaboration - Cloud storage services are also ideal for collaborative purposes. They
allow multiple people to edit and collaborate in a single file or document. So, with
this feature, users don't need to worry about tracking the latest version or who made
any changes.
 Data Protection - By storing data on cloud storage services, data is well protected
against all kinds of disasters, such as floods, earthquakes and human error.
 Disaster Recovery - Data stored in the cloud is not only protected from disasters by
having the same copy at several locations, but can also favor disaster recovery in
order to ensure business continuity.
The disadvantages or cons of storage as a service are given as follows

 Potential downtimes : Due to failure in cloud, vendors may go through periods of
downtime where the service is not available, which may be a major issue for mission-
critical data.
 Limited customization : As the cloud infrastructure is owned and managed by the
service provider, it is less customizable.
 Vendor lock-in : Due to Potential for vendor lock-in, it may be difficult to migrate
from one service provider to another.
 Unreliable : In some cases, there is still a possibility that the system could crash and
leave consumers with no means of accessing their stored data. The small service
provider becomes unreliable in that case. Therefore, when a cloud storage system is
unreliable, it becomes a liability. No one wants to save data on an unstable platform
or trust an organization that is unstable. Most cloud storage providers seek to resolve
the issue of reliability through redundancy.
Q.11 What are different risks in cloud storages ?
®
Ans. : The following are the risks in cloud storage :
 Dependency : It is also known as “vendor-lock-in”. The term alludes to the

difficulties in moving from one cloud specialist organisation to other. This is because
of the movement of information. Since administrations keep running over a remote
virtual condition, the client is furnished with restricted access over the product and
equipment, which gives rise to concerns about control.
 Unintended Permanence : There have been scenarios when cloud users complain
that specific pictures have been erased in the current ‘iCloud hack’. In this way, the
specialist organisations are in full commitment that the client’s information ought not
be damaged or lost. Consequently, clients are urged to make full utilisation of cloud
backup offices. Subsequently, the duplicates of documents might be recovered from
the servers, regardless of the possibility that the client loses its records.
 Insecure Interfaces and APIs : To manage and interact with cloud services, various
interfaces and APIs are used by customers. Two categories of web-based APIs are
SOAP (based on web services) and REST (based on HTTP). These APIs are easy
targets for man-in-the-middle or replay attacks. Therefore, secure authentication,
encryption and access control must be used to provide protection against these
malicious attacks.
 Compliance Risks : It is a risk for organisations that have earned certifications to
either meet industry standards or to gain the competitive edge when migrating to
clouds. This is a risk when cloud provider does not follow their own compliance
requirements or when the cloud provider does not allow the audit by the cloud
customer.
Q.12 Enlist the different cloud storage providers.
Ans. : The description about popular cloud storage providers are given as follows :
 Amazon S3 : Amazon S3 (Simple Storage Service) offers a simple cloud services

interface that can be used to store and retrieve any amount of data from anywhere on
the cloud at any time. It gives every developer access to the same highly scalable data
storage infrastructure that Amazon uses to operate its own global website network.
The goal of the service is to optimize the benefits of scale and to pass those benefits
on to the developers.
 Google Bigtable Datastore : Google defines Bigtable as a fast and highly scalable
datastore. The google cloud platform allows Bigtable to scale through thousands of
commodity servers that can store petabytes of data together. Bigtable has been
designed with very high speed, versatility and extremely high scalability in mind.
®
The size of the Bigtable database can be petabytes, spanning thousands of distributed
servers. Bigtable is now open to developers as part of the Google App Engine, their
cloud computing platform.
 Microsoft Live Mesh : Windows Live Mesh was a free-to-use Internet-based file
synchronization application designed by Microsoft to enable files and directories
between two or more computers to be synchronized on Windows or Mac OS
platforms. It has support of mesh objects that consists of data feeds, which can be
represented in Atom, RSS, JSON, or XML. It uses Live Framework APIs to share any
data item between devices that recognize the data.
 Nirvanix : Nirvanix offers public, hybrid and private cloud storage services with
usage-based pricing. It supports Cloud-based Network Attached Storage
(CloudNAS) to store data in premises. Nirvanix CloudNAS is intended for
businesses that manage archival, backup, or unstructured archives that need long-
term, secure storage, or organizations that use automated processes to migrate files
to mapped drives. The CloudNAS has built-in disaster data recovery and automatic
data replication feature for up to three geographically distributed storage nodes.
Q.13 What is Amazon S3 ?
Ans. : Amazon S3 is a cloud-based storage system that allows storage of data objects in
the range of 1 byte up to 5 GB in a flat namespace. The storage containers in S3 have
predefined buckets, and buckets serve the function of a directory, though there is no
object hierarchy to a bucket, and the user can save objects to it but not files. Amazon S3
offers a simple web services interface that can be used to store and retrieve any amount
of data from anywhere, at any time on the web. It gives any developer access to the
same scalable, secure, fast, low-cost data storage infrastructure that Amazon uses to
operate its own global website network.
Long Answered Questions
Q.1 With architecture, elaborate the various deployment models and reference
models of cloud computing. AU : Dec.-17
Ans. : Refer section 3.3 for cloud deployment models and section 3.4 for cloud reference
models.
Q.2 Describe service and deployment models of cloud computing environment
with illustration. How do they fit in NIST cloud architecture ? AU : Dec.-17
Ans. : Refer section 3.3 for cloud deployment models and section 3.4 for cloud reference
models and section 3.2 for NIST cloud architecture.
®
Q.3 List the cloud deployment models and give a detailed note about them.
AU : Dec.-16
Ans. : Refer section 3.3 for cloud deployment models.
Q.4 Give the importance of cloud computing and elaborate the different types of
services offered by it. AU : Dec.-16
Ans. : Refer section 3.4 for cloud service models.
Q.5 What are pros and cons for public, private and hybrid cloud ? AU : Dec.-18
Ans. : Refer section 3.3 for pros and cons of public, private and hybrid cloud and
section 3.3.5 for their comparison.
Q.6 Describe Infrastructure as a Service (IaaS), Platform-as-a-Service (PaaS) and
Software-as-a-Service (SaaS) with example. AU : Dec.-18
Ans. : Refer section 3.4 for cloud service models for description of Infrastructure as a
Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS).
Q.7 Illustrate the cloud delivery models in detail. AU : Dec.-19
Ans. : Refer section 3.4 for cloud delivery models.
Q.8 Compare and contrast cloud deployment models. AU : Dec.-19

Ans. : Refer section 3.3 for cloud deployment models and 3.3.5 for comparison between
cloud deployment models.
Q.9 Describe the different working models of cloud computing. AU : May-19
Ans. : Refer sections 3.3 and 3.4 for working models of cloud computing which are
deployment models and service models.
Q.10 Write a detailed note on layered cloud architecture design.
Ans. : Refer section 3.1.1.
Q.11 Explain in brief NIST cloud computing reference architecture.

Ans. : Refer section 3.2.
Q.12 Enlist and contrast architectural design challenges of cloud computing.

Q.13 Explain in detail cloud storage along with its pros and cons.
Ans. : Refer section 3.6 for cloud storage and 3.8 for pros and cons of cloud storage.
Q.14 Write a detailed note on storage-as-a-service

Q.15 Explain in brief significance of Amazon S3 in cloud computing.


®

Unit 3 - Meena

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Unit 3 - Meena

Uploaded by

Copyright:

Available Formats

3

Cloud Architecture, Services

3.1 Cloud Architecture Design

3.1.1 Layered Cloud Architecture Design

Fig. 3.1.1 : Layered cloud architecture design

In layered architecture, the foundation layer is infrastructure which is responsible for

3.2 NIST Cloud Computing Reference Architecture

Fig. 3.2.2 : Interactions between different actors in a cloud

3.2.1 Cloud Consumer

Fig. 3.2.3 : Cloud broker interacting with cloud consumer

Fig. 3.2.4 : Scenario for cloud carrier

Fig. 3.2.5 : Usage scenario involving a cloud auditor

Fig. 3.2.6 : Example of cloud services available to cloud consumers

3.2.2 Cloud Provider

Fig. 3.2.7 : Major activities of a cloud provider

The major activities of a cloud provider include :

3.2.3 Cloud Auditor

3.2.4 Cloud Broker

3.2.5 Cloud Carrier

3.3 Cloud Deployment Models

Fig. 3.3.1 : Four deployment models of cloud computing

3.3.1 Public Cloud

Advantages of public cloud

Disadvantages of public cloud

3.3.2 Private Cloud

Advantages of private cloud

Disadvantages of private cloud

1. Implementation cost is very high as setup involves purchasing and installing

3.3.3 Hybrid Cloud

3.3.4 Community Cloud

3.3.5 Comparison between various Cloud Deployment Models

Sr. Public Community

Table 3.3.1 : Comparison between various Cloud Deployment Models

3.4 Cloud Service Models

Fig. 3.4.1 : Cloud service models

Fig. 3.4.2 : The cloud computing stack

3.4.1 Infrastructure as a Service (IaaS)

network equipment, IaaS enables on-demand provisioning of computational resources in

3.4.2 Platform as a Service

PaaS can significantly affect an application’s performance, availability and flexibility.

3.4.3 Software as a Service

SaaS provides the capability to use applications

Helpdesk applications, HR applications, billing and

3.5 Architectural Design Challenges

Fig. 3.5.1 : Architectural design challenges in cloud

3.5.1 Challenges related to Data Privacy, Compliance and Security Concerns

3.5.2 Challenges related to Unpredictable Performance and Bottlenecks

3.5.3 Challenges related to Service Availability and Vendor/Data Lock-in

3.5.4 Challenges related to Cloud Scalability, Interoperability and

3.5.5 Challenges related to Software Licensing and Reputation Sharing

3.5.6 Challenges related to Distributed Storage and Bugs in Softwares

3.6 Cloud Storage

Fig. 3.6.1 : The working of cloud storage

3.6.1 Difference between Cloud Sync and Cloud Backup

3.7 Storage as a Service

3.7.1 Advantages of Storage as a Service

 Automation - Storage as a service makes the time - consuming process of backup

3.7.2 Disadvantages of Storage as a Service

3.8 Advantages of Cloud Storage

 Disaster recovery : Companies are highly advised to have an emergency response

3.8.1 Risks in Cloud Storage

3.8.2 Disadvantages of Cloud Storage

3.9 Cloud Storage Providers

3.10 Simple Storage Service (S3)