CCW Unit1 and 2 TXTBK

New S llabus
MU
As per the New Choice Based Credit System (CBCS) Syllabus of

Mumbai University w.e.f. academic year 2023 - 2024
Cloud Computing and

Web Services
©<602) (Core Subject)
*.Y7.B.Sc. (Computer Science) Semester VI
---seep Kamble Sayali Parab Chayan Bhattacharjee
_ Tech K| nowledge
4645 hanual
Publications
—
SYLLABUS
Course Code | Course Title | Credits Lectures/Week
USCS602 | Cloud Computing and Web Services | 2 3
Unit |
Topics
No. of
Lectures
| Cloud Computing Basics
Web Services - Distributed Computing, Parall

el Computing, WSDL structure,
~SOAP- Structure of SOAP Message (In JAX-WS), SOAP Messaging
Architecture, SOAP Header, Client-side SOAP Handl
er, REST- What is REST?
HTTP methods, Java API for RESTful Web
Services (JAX-RS)
_ Virtulization : Characteristics of Virtualize
d Environments.. Pros and Cons
of Virtualization. Virtualization using KVM, Creat
ing virtual machines, oVirt -
mana gement tool for virtualization environmen
t. (Refer Chapters 1 and 2)
II | Introduction to Cloud Comput
ing:
| Definition, Types of Clouds, Deployment of software solutions and
| applications,
web
Types of Cloud Platforms, Essential characteristics
- On-
| demand self-service, Broad network access, Location independ
ent resource
| pooling ,Rapid elasticity , Measured servi
ce, Comparing cloud providers with
_ traditional IT service providers
Cloud Computing Software Security fundamenta
Ul
i
ls : Cloud Information
| Security Objectives, Confidentiality, Integrity, Availability, Cloud Securi
ty
Services, Relevant Cloud Security Design Principles, Secur
e Cloud Software
_ Requirements, Secure Development practices, Approaches to Cloud
| Software Requirement Engineering, Cloud Security Policy Implementa
tion.
(Refer Chapters 3 and 4)
ul | Cloud Applications
| CloudSim : Introduction to Simulator, understanding CloudSim simulator,
Cloudsim Architecture(User code, CloudSim, GridSim, SimJava)
_ Understanding Working platform for CloudSim,
| OpenStack : Introduction to OpenStack, OpenStack test-drive, Basic
| OpenStack operations, OpenStack CLI and APIs, Tenant model operations, 15
| Quotas, Private cloud building blocks, Controller deployment, Networking
deployment, Block Storage deployment, Compute deployment, deploying
and utilizing OpenStack in production environments, Building a production |
environment, Application orchestration using OpenStack Heat
AWS : Architecting on AWS, Building complex solutions with Amazon
Virtual Private Cloud (Amazon VPC). (Refer Chapters 5, 6 and 7)
gac
Lab Syllabus
| |
| Course Code | Course Title Credits | Lectures/Week |
f a
USCSP602 [cows Computing and Web Services - Practical 1 3
_ a |
eee
| 1 Define a simple services like Converting Rs into Dollar and Call it from different ,
| platform like JAVA and .NET. |
| _
2 | Create a Simple SOAP service.
|
[— 3 | Create a Simple REST Service.
||
[ 4 Develop application to consume Google’s search / Google’s Map RESTful Web
service.
5 | Installation and Configuration of virtualization using KVM. |

| 6 Develop application to download image/video from server or upload image/video to
Server using MTOM techniques.
7 Implement FOSS-Cloud Functionality VSI (Virtual Server Infrastructure)

| Infrastructure as a Service (IaaS), Storage.
8 | Implement FOSS-Cloud Functionality - VSI Platform as a Service (PaaS), |
9 Using AWS Flow Framework develop application that includes a simple workflow.
Workflow calls an activity to print hello world to the console. It must define the basic ||
usage of AWS Flow Framework, including defining contracts, implementation of |
| 10
| activities and workflow coordination logic and worker programs to host them.
| Implementation of Openstack with user and private network creation.

. WY
Table of Cont
Cloud Computing and Web Services
——_
1-1 to 1-34
Chapter 1: Web Services —_—
=
: Web Services - Distributed Computing, Parallel Computing, WSDL structure, SOAP- Structure of SOAP Message (In Jay. |
Syllabus
HTTP methods, Java API for
WS), SOAP Messaging Architecture, SOAP Header, Client-side SOAP Handler, REST- What is REST?
RESTful Web Services (JAX-RS) _ nr nn rn nn n—_
1.1 porter emer mmm ene menenrerertmene rent 1-1

Basic Concept of Distributed SyStem........ummomoeenrmerorormemrr
1.1.1 Distributed System Architecture.....oooororrt torr r odor rn preteen tt eep teen

rept erenees 1-1
1.1.2 Characteristics of a Distributed SyStem ..essssssesssscssssssssssssssesesteenasessusssesseesnsssctesssersusseeasssesnessesinasssatee 1-3
1.2 Elenietits of Distributed Computing... comm ans osc canavoivasn ign ecxoresecrioreren egeyrenton nrnasniyenstmr ste anete tene nen t 1-5
1.2.1 General Concepts and Definitions Distributed Computing IANA 1-5
12.2 Components ofa Distributed SyStent.....— ome rmerepmcocconccemnrrem com emcee rr Eton 1-6
1.2.3 Architectural Styles for Distributed Computing . . ses us sen se netersnts 1-7
1.2.4 Technologies for Distributed Computing 1-13
1.2.4(A) Remote Procedure Call 1-14
1.2.4(B) Distributed Object Frameworks “ A IN 1-15
1.3 Parallel Computing 1-17
1.3.1 Elements of Parallel Computing. 1-17
1.3.2 Hardware Architectures for Parallel Processing 1-18
13.3 Levels of Parallelism : osccosnensonnnnanenncrecnsarsavaansnsseensenenusotsenisnsesiitenchiviisdheassaseccssnunsnsataseasuaees 1-20
ORC EE NEE 1-21

1.4.1 Web Services Description Language (WSDL) eee eee eee ee eee eee eo ooo oo eee
1.5 SOAP sssissisinisssorsssrssnacessusesesssssesssees ssssereneecncussessutsussssessunseasseceeeeccessnssssssssuscsssegenennsnenasansenes
15:1 Structure of SOAP Message (In OT
1.5.2 SOAP Messaging Architecture.erscmmmosnnmmmntiiittnmnintiatsnnnnunnstniinissinmenatitiineseaccace
15.3 SETA FELT EE IE

1.5.4 Client-Side SOAP Handlers ee ee a
REST What is REST. mmm

mm l
1.6.1 HTTP MethOdS nmin
,
. 1.6.2 Java API for RESTful Web Services (AX-RS) siting 0
Cloud Computing and Web Services 5 Table of Contents
Chapter 2: Virtualization 2-1 to 2-9
Syllabus : Characteristics of Virtualized Environments. Pros and Cons of Virtualization. Virtualization using KVM. Creating virtual
machines, oVirt - management tool for
for virtualization environment
|
2.1 Introduction to Virtualization eee ee ee ee eee ooo oo ooo oo o oo ooo ore ore —_ I Te ECT ereraen 2-1
2.1.1 Virtualization Basics eee eee ee eee eee ee ee e ee ee eo oo os oo eo oops earn 2-2
2.1.2 Virtualization Approaches. eee eee eee ee eee ee ee ee ee ooo oo oo oo oo oo ooo ras ZZ
2.1.3 Characteristics of Virtualized Environment. eee eee eee ee oe oe oo ooo oo oo o roo oo ataoeetas 2-2
2.2 Pros and Cons of Virtualization ce ee ee eee ee ee ee eee eee e e e ee e ee eo ee eds oa vases 2-5
22.1 Pros Of Virtualization __RRWW_W_A NT 2-5
22:2 COIL _U_WWCW_—_—_—_—_———— OOO 2-5
2.3 Virtualization USING KVM......ccsssssscssssssssssssssssssssssssssssecsssssscesssessecsesssciesesssse SE 2-6
2.4 Creating Virtual Machine... c s s s s s s s se s s s se ces s s s s s s cse es s s se s es es s s se sce s as as us es es ec e ser s ec es ens ec s esa 2-7
2.4.1 To create a Virtual Machine using VMware Workstation m 2-7
2.5 oVirt Management Tool for Virtualization Environment... ne re rern erere cn nre 2-3
2.5.1 What is oVirt?. ene 208

2.5.2 Goals of the OVirt s s s cs sn se s ecsen ctes n steas ne 2-9
Chapter 3: Introduction to Cloud Computing 3-1 to 3-19
Syllabus : Introduction to Cloud Computing : Definition, Types of Clouds, Deployment of software solutions and web applications.
independent resource
Types of Cloud Platforms, Essential characteristics — On-demand self-service, Broad network access, Location
with traditional IT service providers.
‘pooling, Rapid elasticity, Measured service, Comparing cloud providers
3-1
3-1. Cloud Computing.........
Oo — — — 3-4
3.1.1 CT {N_———
SLES
rrrrmmmmrr
mmmmmmrr rr wag She
rrrrSSF
3.2 Types of Cloud.uumnommommmmmeennmrerp
se . 3-8
plications..
3.3 Deployment of Software Solutions and Web Ap
LST rST 3-9
LLL mmrr
rornooropm
ummmmmmonoomnoonnn
3.4 Types of Cloud Platform /Refererice MOdelS.u
3-9
as a Service) clout
3.4.1 JaaS/Haas (Infrastructure / Hardware
nn nn 3-11
e
3.4.2 PaaS (Platform as a INT e
nt re 3-11
rm
mmm omrmrmmrr
3.4.3 SaaS (Software as a SCIVICE) momomm
nce arnnenenns 3-13
ing .a...ssceceestsencenantmmenenanetnn
3.5 Essential Characteristics of Cloud Comput
3-14
Provider coun oor
3.6 Cloud Provider with Traditional IT Service
Tech Knowledge
=
7 NS Publications
ALT NN
Cloud Computing and Web Services 3 Table of Contents

3.7 Open Challenges of Cloud Computing.........::u:ssntnmnenennennenienieninennusieniiiuniinsisantttenene, tie
3.8 Cloud Computing Software Security Fundamentals.......:c:o:ssscsssnennseueuenetssininsieinunenenaenuenenitstiteee, 3-17
3.9 Cloud Information Security .....sssssnessanenseianenansnanananinsansnsenansnueienetieissiiisisietstsseieicsneienitieceve 3-18
—
Chapter 4 : Cloud Computing Software Security Fundamentals 4-1 to 4.8
Syllabus : Cloud Computing Software Security fundamentals : Cloud Information Security Objectives, Confidentiality. Integnty
Availability, Cloud Security Services, Relevant Cloud Security Design Principles, Secure Cloud Software Requirements, Secure
Development practices, Approaches to Cloud Software Requirement Engineering, Cloud Security Policy Implementation.
4.1 Cloud Information Security : Confidentiality... rotor ttt rct rr rrtctcs 4-1
4.2 Cloud Information Security : Integrity 4-2

4.3 Cloud Information Security : Availability 4-2
4.4 Cloud Security Services 4-3
4.5 Cloud Security Design Principles 4-4
4.6 Secure Cloud Software Requirements _
4.7 Secure Development Practices . | 4-5
4.8 Approaches to Cloud Software Requirement Engineering 4-6
4.9 Cloud Security Policy Implementation 4-7
Chapter5: Cloud Applications : CloudSim 5-1 to 5-5
‘Syllabus : CloudSim : Introduction to Simulator, understanding CloudSim simulator, CloudSim Architecture (User code, Cloudsim.|
GridSim, SimJava) Understanding Working platform for CloudSim.
5:1 Introduction to SMUIACOF wecs ces u es nus evs sn aesnu as ecs a nse a 5-1
5.2 Understanding CloudSim Simulator ...._corrmeorrmrnrrmrtret retreat eters 5-1
5.3 CloudSim Architecture : sees 7D
5.3.1 User Code... oecerreenerrarreeneecpreeence srossscossseensussccsusssssssecsssssessescsscarsusesensees 5-2
5.3.2 CloudSim LayCr...mmmomceomermeemo erence nee meter eee er A Aenean 5-3
$33 GridSIM eeeesesssssssesessesersensettnnnnsnnessnvennnnnnnnnsnnnnnnne ee 5-3
TC NC 5-3
ee =
5.4 Understanding Working Platform for CloudSim
TechKnowledge
Publications
tents
—
3-18 Table of Contents

Cloud Computing and Web Services 4
3-17 Chapter6: Cloud Applications : OpenStack 6-1 to 6-33
Syllabus : OpenStack : Introduction to OpenStack, OpenStack test-drive, Basic OpenStack operations, OpenStack CLI and APIs, Tenant
model operations, Quotas, Private cloud building blocks. Controller deployment, Networking deployment, Block Storage deployment,
—_— Compute deployment, deploying and utilizing OpenStack in production environments, Building a production environment, Application
orchestration using OpenStack Heat.
egrity,
6.1 Introduction to OpenStack...rcsssessssssssesseesecessessssssseesssseesessesssesstssesivisetssensssiensesvnnessuneesssee 6-1
Secure
6.1.1 OpenStack for Cloud Environment .ccccsssssssssssssssessssessssssesssssssssssesssssssssssessssssussesessinissnnsssessssuanescestiueessereetionen 6-1
6.1.2 Component of OpenStack.....cccsessesesssessessessssnsessissssessssesiasssssesssssuesesssssssssiessssnsessteniesssesiieeetseeee 6-2

6.2 UE Nc TORN 6-2
62.1 OpenStack Software and APIs 6-3
6.2.2 Up amd NNN 6-4

6.3 Basic OpenStack Operations 6-5
6.4 OpenStack CLI and APIs 6-6
6.4.1 OpenStack Client Command-Line Interface (CLI) 6-6
6.4.2 OpenStack Networking Concepts 6-8
6.5 Tenant Model Operations 6-8
6.5.1 Tenant Networks 6-8
6.5.2 Provider Networks. 6-9
6.6 Quotas 6-10
6.7 OpenStack Private Cloud 6-14
6.7.1 OpenStack Private Cloud Benefits 6-15
6.8 Private Cloud Building Blocks 6-16
6.9 Controller Deployment 6-16
6.9.1 Install and Configure Controller Node ......ssssssssssssssssssssssssssseessssssonssssecsesssussssesnnsecsgsusussssssnssesssusussasssessccuesusansnee 6-16
6.9.2 Install and Configure Components... eee eee oro renee 6-19
6.9.3 Networks and Network Interfaces.......sssssssssssssssssssssssssssssssssuessssssssnnsssssecesssssesessssnssssseessesaususessesensanecesaeeceeceteas 6-21
6.10 Block Storage (Cinder) o.ecccecscsssssssssessuassssssssesesssussssssteeesssussssssssessesesensssnseseseeuesesssnssesssuucasssaneeeseuvasseseeeeeusunueseeneeeecanaeenseseasenseee 6-22
Compute Dep LOyTTVELie scesecassccassceassevizassveniciecsntbetennnnrscasssennvenssoauscercccesspypiyeateetorsonges¥pesoenn

ELSE Lamont
seeeueeh 6-23
Ephemeral Storage [Nova] cmeserscseesanmnssosscreuasnesessnseseniscusaviasinrnsensenmer-annecossnnerieonieuvermicsensanesiiavenaasnssal..
6-24
l Rs. TechKnowledge
Publications
Cloud Computing and Web Services 5
Table of Content, }
—
6.13 Deploying OpenStack in a Production Environment canpadnnorecurencetioepeepededuodttogopperederogeecoooeefececee ron 6-25 |
6.14 Building a Production Environment........nnneeececcccs ne sssessssesetersesecesse 6-27 |
6.15 OpenStack Heat Orchestration...
Chapter 7 : Cloud Applications : AWS
[Syllabus : AWS : Architecting on AWS, Building complex solutions with Amazon Virtual Private Cloud (Amazon VPC)
7.1 Basics of AWS
7.1.1 Components and services within AWS
72 Architecting on AWS 7-2
7.3 Building Complex Solutions with Amazon Virtual Private Cloud (Amazon VPC)
7-3
7.31 Steps to Build Complex Solutions with Amazon Virtual Private Cloud 73
732 An Example of Building a Complex Solution using Amazon VPC 7-9
- Lab Manual L-1 to L-30
OOO
= > ——_ Y* Roh meth.
> > Snag CIA Cline OOO ee
Web Services
Web _ Services - Distributed Computing, | Parallel Computing, WSDI structure, SOAP Structure of SOAP a
Massage -
(In JAX-WS) SOAP Messaging Architecture, SOAP Header, Client side SOAP Handler, PEST What is PEST T? HTTP methods,
Java API for RESTful Web Services (JAX-RS)
1.1 Basic Concept of Distributed System
Distriouted system is an application that executes a collection of protocols to co-ordinate the actions of multiple
processes on a communication network, such that all components cooperate together to perform a single or
small set of related tasks.
¢ The collaborating computers can access remote resources as well as local resources in the distributed system Va
the communication network.
e
The existence of multiple autonomous computers is transparent to the user in a distributed system. The user 15
not aware that the jobs are executed by multiple computers subsist in remote locations. This means that like
centralized systems no single computer in the system carries the entire load on system resources that running a
computer program usually required.
1.1.1 Distributed System Architecture
© Distributed systems are built up on top of existing networking and operating systems software.
e A distributed system comprises a collection of autonomous computers, linked through a computer network and
distribution middleware. To become autonomous there exist a clear master/slave association between two
computers in the network.
* The middleware enables computers to coordinate their activities and to share the resources of the system, so
that users perceive the system as a single, integrated computing facility. Thus, middleware ts the bridge that
connects distributed applications across dissimilar physical locations, with dissimilar hardware platforms,
network technologies, operating systems, and programming languages.
* The middleware sofiware is being developed following agreed standards and protocols. It provides standard
services such as naming, persistence, concurrency control to ensures that accurate results for concurrent
n to specify
processes are produced and obtains the results as fast as possible, event distribution, authorizatio
access rights to resources, security ete,
architecture of a distributed
* The middleware service extends over multiple machines. Fig. 1.1.1 shows a Simple
system.
PREY TA RINSE SIA
Cloud Computing and Web Services 1-2

Machine A Machine B Machine C
ON | MON HEN
Distributed applications |
a 6
Middleware service
| fora OS | | Local OS | | Local OS
Network
Fig. 1.1.1: Architecture of a Distributed System
* The distributed system can be viewed as defined by the physical components or as defined from user or
computation point of view. The first is known as the physical view and the second as the logical
view. Physically
a distributed system consists of a set of nodes (computers) linked together
by a communication network.
* The nodes in the network are loosely coupled and do not share
their memory. The nodes in the system
communicate by passing messages over the communication
network. Communication protocols are used for
sending messages from one node to another.
¢ The logical model is the view that an application has of the system. It contains
a set of concurrent processes and
communication channels between them. The core network is treated as fully connected
.
* Processes communicate by sending messages to each other. A system is synchronous if during a proper
execution, it all the time performs the intended operation in a known fixed
time, otherwise it is asynchronous.
* In synchronous system the failure can be noticed by a lack of response
from the system. Therefore, timeout-
based techniques are used for failure discovery.
e A distributed system can be constructed by means of fully connect
ed networks or partially connected networks.
A fully connected network is a network in which each of the nodes
is connected to each other.
* The problem with such a system is that adding new nodes
to the system results in the increase of number of
nodes connected to the node.
* Due to this the numbers of file descriptors and
complexity for each node to implement the connec
tions are
increased heavily. Thus, the scalability (capability of
a system to continue to function well when the system
is
changed in size or volume) of such systems is limited by each node’s capacit
y to open file descriptors and the
ability to handle the new connections.
* The communication cost - the message delay of sending
a message from the source to the destination- is low
because a message sent from one computer to another one only goes through one
link. Fully connected systems
are reliable because when a few computers or links fail, the rest of the computers can still communicate with
others.
e Ina partially connected network, direct links exist between some, but not all, pairs of computers.
partially connected network models are star structured networks, multi-access bus networks; |;
networks, and tree-structured networks. Some of the traditional distributed systems such as
paradigm use a Star as the network topology.
e The problem with such a system is that when the central node fails, the entire system will be collapseq, Ina
i ared C ications line, calle da bus.
multi-access bus network, a set of clients are connected via a shared communicatlo
Tech Knowing.
PUDlic ation
dye
Cloud Computing and Web Services 1-3 Web Servi
ervices
© The bus liink becomes the bottleneck and ifif itit fails,
fai all the nodes in the system cannot connect to each other.
Another di isadvantage isi that performance degrades as additional. computers are added or on heavy traffic.
e § network
Inaringn each node connects to exactly two other nodes, forming a single continuous pathway for
signals
gn thr ough each node. As new nodes are added, the diameter
i of the system grows as the number of nodes in
the system, resulting ina longer message transmission delay.
e A node fai
failure or cable break j
might j
isolate every node attached to the ring. In a tree-structured
network
(h ierarchi ical network), the nodes are connected as a tree. Each node in the network having a specific fixed
number, of nodes associated to it at the next lower level in the hierarchy.
© Thes calability
ili of the tree-structured network isi better than that of the fully connected network, since new node
can be added as the child node of the leaf nodes or the interior riodes.
e On th e other hand, ini such systems, only messages transmitted

i between a parent node and its child node go
thou gh one link,
i i
other messages transmitted between two nodes have to go through one or more intermediate
nodes.
1.1.2 Characteristics of a Distributed System
A distributed system must possess the following characteristics to deliver utmost performance for the users :
Characteristics of a Distributed System
==> a. Fault-Tolerant
==> b. Scalable
c. Predictable Performance
= Openness
e. Security
f. Transparency
Fig. 1.1.2 : Characteristics of a Distributed System
(a) Fault-Tolerant
to fail in
Distributed systems consist of a large number of hardware and software modules that are bound
should be able
the long run. Such component failures can escort to service unavailability. Hence, the systems
of fault tolerance is to
to recover from component failures without performing erroneous actions. The goal
ed service.
avoid failures in the system even in the presence of faults to provide uninterrupt
aim of any fault tolerant system
A system is said to be fault tolerant if it can mask the presence of faults. The
defined as the probability that the
is to increase its reliability or availability. The reliability of a system is
system survives till that time.
component failures. Availability is the
A reliable system prevents loss of information even in the event of
tolerance is achieved by providing
fraction of time for which a system is available for use. Usually fault
redundancy.
HT TechKnowledge
Publications
e
Cloud Computing and Web Services 1-4 Web Serview

ot needed for its correct functioning, It jg nt
Redundancy is defined as those parts of the systerem that are n
three types - hardware,"e, softw
S areare ime. =
© o
and t hardware components to system

which take over the rok
Hardware redundancycy 1s 1s ac achie Idi ng ex tra hardwe
i ved by addi
of faile
iled
i components i n case
1n cas 2 some faults bo occur - in
in them. + code inch =
. ,.
Softwarere redundancy
red c i
Inc ludes S extra‘a instructions
instrt and code INC ded fo managing the extra ha rd war
components, = and sing ; g them corr correcectl

tly y ſor
for un unin
; + upte sd s serviice,
terr
in case
ce, IN Case ( of some component failure. Jn time
usin d This= fs was i to Randle temporary hau
ins Baitl.
s int
redundancy the
he same
sz ructnion is: executed many
instructio
inst 7 imes. m TY
system.
(b) Scalable
A distributed system can operate correctly even

as some aspect of the sysystem is scaled to a larger size.
Scale has three components : the number of user
s and other entineties that are p art of the sys
y tem, the distance
between the farthest nodes in the syst
em, and the number of organizat izatiions that ex ert administr
over pieces of the system. ative contr ol
The three elements of scale

affect distributed systems in
naming, authentication for ver many ways. Among the altect
ifying someone's identity, aut ed components are
horization,communication, the use of
resources, and the mechanism remote
s by which users observe the
manage scale : replicat sys tem . Three techniques are employ
ion, distribution ed to
and caching.
(c) Predictable Perfor
mance
over a comple
tely closed and self
-reliant system. at scales
has benefi
t
software platforms
achieves the proper
ty of openness. The
every client (local refore, every servic
or remote) in the e is ©
system. Wally quail.
The implementation,
“he j PMeNntati to
Installation and
inetallar;
>
debugging
Possessing openness
5
of Ps
new services
“APyiAAG
should
a
characteristic. not) be \ very
ven
complex
..
in: a SvSren;
(e) Security
Distributed systems
should allow Communication
| between programs/users/
computers by enlorcing resources on ditterg
necessary security
arrangements.
The security features are nt
mainly intended to provid
e confidentiality, integrit
Confidentiality (privacy) y and availability,
is protection against disclo
sure to unauthorized pers
ranges from the dis on. Violation of confide
comforting to the nti;
BO — cat ast rophic.
= rm Ee
Cloud Computing and Web Services i Web Services
© Integrity provides protection against alteration and corruption. Availability keeps the resource accessible.
eS
Many incidents of hacking compromise the integrity of databases and other resources. “Denial of service’
} j o F E . " i. n Uy
attacks are attacks against availability. Other important security concerns

are access control and
nonrepudiation.
Maintaining access control facilitates the users to access only those resources and services to which they are
entitled. It also ensures that users are not denied resources that they legitimately can expect to access.
Non-repudiation provides protection against denial by one of the entities involved in a communication. The
security mechanisms put into practice should guarantee appropriate use of resources by different users in
the system.
(f) Transparency
© Distributed systems should be perceived by users and application developers as a whole rather than as a
collection of cooperating components.
The locations of the computer systems involved in the operations, concurrent operations data
, replication,
resource discovery from multiple sites, failures, system recovery etc. are hidden from users.
Transparency hides the distributed nature of the system from its users and shows the user that the system
is appearing and performing as a normal centralized system. The transparency can be employed in different
ways in a distributed system.
12 Elements of Distributed Computing
A distributed computing system is basically a collection of processors/computers interconnected by a

communication network in which each processor has its own local memory and other peripherals, and the
communication between any two processors of the system takes place by message passing over the
communication network. For a particular processor, its own resources are local, whereas the other processors
and their resources are remote.
Together, a processor and its resources are usually referred to as a node or site or machine of the distributed
computing system.
1.2.1 General Concepts and Definitions Distributed Computing
Distributed systems are built up on top of existing networking and operating systems software.
A distributed system comprises a collection of autonomous computers, linked through a computer network and
distribution middleware. To become autonomous there exist a clear master/slave association between two
computers in the network.
The middleware enables computers to coordinate their activities and to share the resources of the system, so
that users perceive the system as a single, integrated computing facility. Thus, middleware is the bridge that
connects distributed applications across dissimilar physical locations, with dissimilar hardware platforms,
network technologies, operating systems, and programming languages.
The middleware software is being developed following agreed standards and protocols. It provides standard
services such as naming, persistence, concurrency control to ensures that accurate results for concurrent
processes are produced and obtains the results as fast as possible, event distribution, authorization to specify
access rights to resources, security etc. The middleware service extends over multiple machines.
TechKnowledge
Publications
Cloud Computing and Web Serv
ee k=__—___
ices 1-6
Wes Services
1.2.2 Components of a Distributed
System
* A distributed system comprises a collection of autono
mous computers, linked through a computer Networ
k ang
distribution middleware.
Frameworks for Applications

Distributed j
Programming
Middleware
IPC Primitives for
Control and Data
Operating System
Networking and
FrDr
Parallel Hardware
Hardware
Fig. 1.2.1: Cloud computing distributed system
To become autonomous there exist a clear

master/slave association between two compu
ters in the network.
Fig. 1.2.1 provides an overview of the differ
ent layers of a distributed system.
The very bottom layer constitutes the physical
infrastructure such as computer and network hardw
are; these
components are directly managed by the operat
ing system, which provides the basic servic
es for Inter-Process
Communication (IPC), process scheduling and
management, and resource management in
terms of file system
and local devices.
¢ These two layers become the platform on top of which specialized
software is deployed to turn a set of
networked computers into a distributed system
. At the operating system level, IPC services
are implemented on
top of standardized communication protocols
such Transmission Control Protocol/Internet
Protocol (TCP/IP),
User Datagram Protocol (UDP) or others.
The middleware enables computers to coordi

nate their activities and to share the resour
ces of the system, so
that users perceive the system as a single,
integrated computing facility. Thus, middleware
is the bridge that
connects distributed applications across
dissimilar physical locations, with dissimilar
hardware platforms,
network technologies, operating systems, and
programming languages.
* The middleware software is being developed follow
ing agreed standards and protocols. It provides
standard
services such as naming, persistence, concurrenc
y control to ensures that accurate results
for concurrent
processes are produced and obtains the results
as fast as possible, event distribution, authorizatio
n to specify
access rights to resources, security etc. The middl
eware service extends over multiple machines.
* Allof them constitute a uniform interface to distri
buted application developers that is completely
independent
from the underlying operating system and hides
all the heterogeneities of the bottom layers.
TechKnowledge
Publications
_
Pew dea YF or thn, oO OA os See OE _
Cloud Computing and Web Services 1-7 . Web Services
1.2.3 Architectural Styles for Distributed Computing
architecture Te;
of individual :
cloud-native .
services, oa
providing ae in a
resources as services
e = The he cl cloud isi a distributed
istri ;
tiered fashion to construct a full technology stack from hardware to middleware platforms to applications.
© The configuration and deployment of applications and cloud platforms as interdependent adaptive systems can
be managed dynamically, responding to changes in both requirements and the execution platform.
¢ The middleware layer of distributed system architecture enables distributed computing, by providing a coherent
and uniform runtime environment for applications.
Following are two major categories of architectural styles :
1 Software Architectural Styles

2. System Architectural Styles
1. Software Architectural Styles
© Software architecture style focuses on logical organization of software components and different patterns of
communication between them.
e They are helpful because they provide an intuitive view of the whole system, despite its physical
deployment. They also identify the main abstractions that are used to shape the components of the system
and the expected interaction patterns between them. Table 1.2.1 shows different categories in architectural
styles.
Table 1.2.1 : Software Architecture Style
Sr. No. Category Most Common Architectural Styles
1. Data-centered Repository
Blackboard
2. Data flow Pipe and filter

Batch sequential
3. Virtual machine Rule-based system

Interpreter
4. Call and return Main program and subroutine call/top-down systems Object-oriented
systems.
5. Independent components Communicating processes

Even systems
(i) Data-centered Architectures

es refers to
Have the goal of achieving the quality of integrability of data. The term Data-centered Architectur
apt description. At its heart, it
systems in which the access and update of a widely accessed data store is an
that communicates with a number of clients.
is nothing more than a centralized data store
e The means of communication (sometimes called the coordination model) distinguishes the two subtypes:
and blackboard. A blackboard sends notification to subscribers when data of
repository (the one shown)
interest changes and is thus active.

TechKnowledge
Publications
oS TC
h
T
Cloud Computing and Web Services Web SY

(ii) Data-Flow Architectures
* Have the goal of achieving the qualities of reuse and modifiability. The data-flow style is characterized by
viewing the system as a series of transfor mations on successive pieces of input data.
Data enter the system and then flows through the components one ata tme until they are assigned to some
final destination (output or a data store).
* Architecture style in data-flow can be further categorized as Batch Sequential Style and Pipe-and-Filter Style
A. Batch Sequential
It is a classical data processing model, in which a data transformation subsystem can initiate its Process only
after its previous subsystem is completely through - the processing steps, or components, are independent
programs, and the assumption is that each step runs to completion before the next step starts. Each batch of data
is transmitted as a whole between the steps.
The flow of data carries a batch of data as a whole from one subsystem to another.
© The communications between the modules are conducted through temporary intermediate files which
can
be removed by successive subsystems.
It is applicable for those applications where data is batched, and each subsystem reads related
input files
and writes output files.
©
Typical application of this architecture includes business data processing such as banking and
utility billing.
Advantages
¢ Provides simpler divisions on subsystems.

e — Each subsystem can be an independent program working on input data and producing output data.
Disadvantages
* Provides high latency and low throughput.

¢ Does not provide concurrency and interactive interface.
* External control is required for implementation.
B. Pipe and Filter Style
incremented execution.
Filter
PTR te rd TLE LE ES
Cloud Computing and Web Services 1-9 Web Services

There are two types of filters
(a) Active filter

(b) Passive filter
(a) Active filter
Active filter lets connected pipes to pull data in and push out the transformed data. It operates with passive
pipe, which provides read/write mechanisms for pulling and pushing. This mode is used in UNIX
pipe and
filter mechanism.
(b) Passive filter
Passive filter lets connected pipes to push data in and pull data out. It operates with
active pipe, which pulls
data from a filter and pushes data into the next filter. It must provide read/writ
e mechanism.
Advantages
Provides concurrency and high throughput for excessi

ve data processing.
Provides reusability and simplifies system mainte
nance.
Provides modifiability and low coupling betwee
n filters.
Provides simplicity by offering clear divisions between any
two filters connected by pipe.
Provides flexibility by supporting both sequential and paralle
l execution.
Disadvantages
Not suitable for dynamic interactions.
A low common denominator is needed for transmission of data

in ASCII formats.
Overhead of data transformation between filters.
Does not provide a way for filters to cooperatively interact to solve a proble
m.
Difficult to configure this architecture dynamically.
(iii) Virtual Machine
Architectures have the goal of achieving the quality of portability. Virtual machines
are software styles that
simulate some functionality that is not native to the hardware and/or software on
which it is implemented.
Executing a module via a virtual machine adds flexibility through the ability to
interrupt and query the
program and introduce modifications at runtime, but there is a performance cost because
of the additional
computation involved in execution.
(iv) Call-and-Return
Architectures have the goal of achieving the qualities of modifiability and

solvability. Call-and-Return
architectures have been the dominant architectural style in large software systems for the past 30 years.
However, within this style a number of substyles, each of which has interesting features, have emerged.
(v) Main-Program-and-Subroutine
Architectures is the classical programming paradigm. The goal is to decompose a program into smaller
pieces to help achieve modifiability.
lwuggbG_
xEaa
mr QCnuu_
g_ nn
gQ—QGCQCz
Cloud Computing and Web Services 1-10 Web Service,

<tunically a si ||
* A program is decomposed hierarchically. There is typically a single thread of control and each component i,
the hierarchy gets this control (optionally along with some data) from its parent and passes it along to
its ||
children.
(vi) Remote Procedure Call
e Systems are main-program-and-subroutine systems that are decomposed Ht parts that live on computers
the computations and taking
connected via a network. The goal is to increase performance by distributing
advantage of multiple processors.
ntil runtime
to o p processors is deferred unti ,
In remote procedure call systems, the actual assignment of parts
i
. . - ; erformance tuning.8
meaning that the assignment is easily changed to accommodate p
In fact, except that subroutine calls may take longer to accomplish if it is invoking a function on a remote
machine, a remote procedure call is indistinguishable from standard main program and subroutine systems
(vii) Object-oriented or Abstract Data Type

like the
e Systems are the modern version of call-and-return architectures. The object-oriented paradigm,
abstract data type paradigm from which it evolved, emphasizes the bundling of data and methods ty
manipulate and access that data (Public Interface).
The object abstractions form components that provide black-box services and other components that
request those services.
The goal is to achieve the quality of modifiability. This bundle is an encapsulation that hides its internal
secrets from its environment.
Access to the object is allowed only through provided operations, typically known as methods, which are
constrained forms of procedure calls. This encapsulation promotes reuse and modifiability, principally
because it promotes separation of concerns. The user of a service need not know, and should not know, |
anything about how that service is implemented.
(viii) Layered Systems
¢ Are ones in which components are assigned to layers to control intercomponent interaction. In the pure _
version of this architecture, each level communicates only with its immediate neighbours.
* Thegoal is to achieve the qualities of modifiability and, usually, portability. The lowest layer provides some
core functionality, such as hardware, or an operating system kernel. Each successive layer is built on its
predecessor, hiding the lower layer and providing some services that the upper layers make use of.
2. System Architectural Styles
¢ The physical organization of components and processes of a distributed infrastructure is depicted in a

system architectural style.
¢ They provide a set of reference models for the deployment of such systems and help engineers not only have
a common vocabulary in describing the physical layout of systems but also quickly identify the major
advantages and drawbacks of a given deployment and whether it is applicable for a specific class of
applications.
TechKnowledge
Publications
ES cc rc Ur oorwuwaruuw_l=__

(i) Client-Server
This archi
chitecture iis very popular ini distributed computing and is suitable for a wide
. : _—
variety of applications.
Aserver and a client
i : components of client-server model. As depicted
are the two major . _—
in Fig. 1.2.2.
Inte met Isi a communication
icati channel between these two components. The communication is half duplex
( unidirecti onal communication}
TION :
: The client/server model .is an extension
. of the modular programming ;
model.
Modular programming breaks down the design of a program into individual modules that can be
ro
programm ed and tested independe
i ntly. A modular program consists
i of a main module and one or more
auxiliary modules.
Like modular programming model, a client/server model consists of clients and servers. The clients and
servers normally run on different computers interconnected
by a computer network. The calling component
becomes the client and the called component the
server.
A client application sends messages to a server via the network to request the server
for performing a
specific task. The client handles local resources such as input-output devices, local disks, and
other
peripherals.
The server program listens for client requests that are transmitted via the network. Servers receive those
requests and perform actions. Most of the data is processed on the server and only the results are returned
to the client. This reduces the amount of network traffic between the server and the client machine. Thus,
network performance is improved further.
The server controls the allocation of the information and also optimizes the resource consumption. For the
client design, identify two major models can be considered :
(a) Thin-client Model
o Sometimes also referred as a lean, zero or slim client. In this model, the client component is depending
on another computer (its server) to fulfill its computational roles.
o The term thin client is also used to describe software applications that use the client-server model in
which the server performs all the processing. Thin clients and other lean devices rely on a network
connection to a central server for full computing and don't do much processing on the hardware itself.
© The term is derived from the fact that small computers in networks tend to be clients and not servers
and the idea that since the goal is to limit the capabilities of thin clients to only essential applications,
the devices tend to be purchased and remain “thin” in terms of the client applications they include.
o In general, thin clients are centrally managed, are not as vulnerable to malware attacks, have a longer
life cycle, use less power and are less expensive to purchase. Since the idea is to limit the capabilities of
thin clients to only essential applications, they tend to be purchased and remain “thin” in terms of the
client applications they include.
TechKnowledge
Publications
Web Servicgs
27
2
2
=
©
2
> Lo
/
YYYN GY YN yy
Two Tier > > “ ( E
(Classic Model)
Chent þ. © a A z BY
Three Tier
N Tier
Server/client
Fig. 1.2.2 : Client-server Architecture
(b) Fat-client Model
(0] Also called as heavy, rich or thick client. The client component provides rich functionality independent
of central server. A fat client (sometimes called a thick client) is a networked
computer with most
resources installed locally, rather than distributed over a network as is the case with a thin client.
Most PCs (personal computers), for example, are fat clients because they have
their own hard drive
DVD drives, software applications and so on.
Fat clients are almost unanimously preferred by network users because they are
very customizable and
the user has more control over what programs are installed and specific
system configuration. On the
other hand, thin clients are more easily managed, are easier to protect from
security risks, and offer
lower maintenance and licensing costs.
Presentation, Application logic, and Data storage are the three major components
in the client-server
O
model. In the Thin-client architecture, the client embodies only the presentat
ion component, while the
server absorbs the other two.
Presentation, application logic, and data storage and mainten
ance can be seen as conceptual layers,
O
which are more appropriately called tiers,

Client-server architecture is usually made up of the; application server,
database server and PC. The |
two main architectures are the 2-tier and 3-tier archite
cture,
A. Two-tier Architecture
(o] This is an architecture which

involves only the Database server and a client PC. In
2-tier architecture, the users will run applications on their PC (Client), which
connects through a
network to the server. The client application runs both the coding
and business logic, and then displays
output to the user. It is also called thick client.
TechKnowl
Publications
Web Services
1-13
ut involving any intermediary.
access to the database directly witho
o Itis considered when the client has
will be assigned to each of the
used to perf orm appli catio n logic whereby the application code
It is also
client in the workstation.
B. Three-tier architecture/N-tier architecture

server and Application server.
involves the client PC, Database
© This architecture
application servers. In this
to N-tier whereby it involves more
3-tier architecture can be extended and less coding are
on logic only, whereby less resources
architecture, the client contains presentati and provides more
server being in charge of many clients
needed by the client. It supports one as middleware.
rmediary (Application server) also known
resources in the server. It involves an inte
as a middleware
ves an application server which serves
o Middleware : The 3-tier architecture invol are running on a
r. The middleware tier is separate softw
between the client PC and database serve
separate machine and performs application logic
block of more complex systems.
has been an important building
o The client-server architecture
this model gives more
systems, and several applications with
Designing and deploying distributed where the interaction
ble in the case of a many-to-one scenario,
feasibility. This model is generally suita and therefore it is not
ts and suffers from scalability issues,
is unidirectional and started by the clien
appropriate in very large systems.
(ii) Peer-to-Peer
the same role. There is no
ts are called as peers, every peer plays
In peer-to-peer model, all the componen r capabilities.
peer incorporates both client and serve
superior component (main station), each
with a central server. A peer-to-
re, multiple clients will communicate
In the common client-server architectu that are both clients and
ork of peers - nodes
peer (P2P) architecture consists of a decentralized netw
servers.
te and consume resources
orks distr ibute the work load between peers, and all peers contribu
P2P netw
all peers are necessarily equal.
n the netw ork with out the need for a centralized server. However, not
withi
ume.
and can contribute more than they cons
Super peers may have more resources
network. In its purest form, P2P
rces, they only consume from the
Edge peers do not contribute any resou s there is a central tracking
d. However, in application, sometime
architecture is completely decentralize
manage the network.
ork to help peers find each other and
server layered on top of the P2P netw
network, so new peers joining
work s best when there are lots of active peers in an active
P2P architecture out of the network,
to. If a large number of peers drop
to connect
the network can easily find other peers a few peers, there are less
enou gh rema inin g peers to pick up the slack. If there are only
there are still
resources available overall. are
is, which means that lots of peers
ple, in a P2P file- shari ng appli cation, the more popular a file
For exam
be downloaded.
sharing the file, the faster it can
puting
1.2.4 Technologies for Distributed Com
raction models, which
tech nolo gies that prov ide concrete implementations of inte
There are several relev
ant
communication.
mostly rely on message-based orks and Service-Oriented
Rem ote Pro ced ure Call (RPC ), Distributed Object Framew
These technologies include
TechKnowledge
Publications
”
Web Services

=
1.2.4(A) Remote Procedure Call

The Parameterters and results Are Packeg
cin servers running on remote hosts.
all
RPC allows clients to call procedures 'n * client and the Server: RPC also offers access transparency. RPC Clients
.
ing in RPC is invisi
in messages that are passed between the dures in the same way- Message passing
P ble to the
call local procedures and remote proce
programmer. i and the server stub.
:
procedures : the client stub
* Message passing is hidden in two library
-RPC.
|
e Example RPC systems : Sun RPC, DCE RPC, XML
protocol, which specifies The format of the messages exchanged
Client and serve Inin RPC must follow
the same .
e characters In ASCII, floats in
"
of various data typ es (e.g, integers in two's complement,
and the representation
everything sto re d in big endian). The transport protocol in RPC is used for Message
IEEE standard #754, with
exchange (e.gg., TPC, UDP, HTTP) Wait for result
Client —_— 7
Call remote Return
procedure from call
Request Reply
Server CT me
Call local procedure Time ——>
and return results
Fig. 1.2.3 : RPC between a client and a server

Client machine Server machine
Client process
Client process
1. Client call to 7 2
procedure implementation 6. Stub makes
of add lacal call to “add”
Server stub =
k = add(i,j) + Client stub WN k=add(i,)
5. : Stub unpacks
int: val(i)
proc. acd 2. Sub builds poe ete
int: val(i) message
int: val(j) message int: val(j}
proc: ‘add’. ry
Client OS int: val) Server OS 4. Server OS
int: val()) hands message
to server stub
3. Message is sent
across the network
Fig. 1.2.4 : The steps involved in a remote procedure call
RPC Steps
1. The client process calls the client stub, which resides within the client's address space.
then executes a
The client stub packs the parameters into a message. This is called marshalling. The client stub
system call (e.g., Sendto) to send the message.
The kernel sends the message to the remote server machine.
YX
The server stub receives the message from the kernel.

naek
The server stub unmarshals the parameters.

The server stub calls the desired procedure.
Tech
\ public
1-15 Web Services
7. The server process executes the procedure and returns the result to the server stub.
8. The server stub marshals the results into a message and passes the message to the kernel.
9. The kernel sends the message to the client machine.

10. The client stub receives the message from the kernel.
11. The client stub unmarshals the results and passes them to the caller.
Implementing RPC
exchange of messages in
RPC is generally implemented over a request-reply protocol that supports two-way
client-server interactions. The protocol is based on 3 communication primitives :
1. doOperation : Used by a client to invoke a remote Operation. It sends a request message to the remote server
and returns the reply message.
2. getRequest: Used by a server to acquire request messages.
3. sendReply : Used by a server to send the reply message to the client after it has invoked the operation specified
in the request message.
Node B f-
neneaaeent, ae
7] Node A ———
=!
Coo nan nn nn nmnnnng | NN
enn
=
1
i
1
1
ee we
1
1 1
7 7
1
Procedure Registry
-
1
Main Procedure
ee
1
k |
on eS ae Tomes
' A
ne eee
1
1 —
1
1 A.
1
1 y 1
bl
nee
t
Procedure A | i Procedure C:Node B !
1
1 c
1 Vy Procedure C
1
t1 heme mem ema neem mage emmy 1
ww
'
1 . . a
i 4 il
1 2 1
1
|... RPC Library --..

Ll
RPC Service
mee
Procedure B|
i I
J 1
t ii 1
[ _ i
i 4
H1 =
ee
ITY ... [Program C(RPC Server)|./
1
[
\
\[Pr ogram A (RPC Client). ee eee / 1 CE
wwe
Parameters Unmarshaling| | Retum Value )

_— Parameters Marshaling |_| Retum Value! | Marshaling [TT
Unmarshaling -and Procedure Name
and Procedure Name
¥ WL ne ne eee ewe eee eee [--_--. ME ————— \
EEEE ES Erna
—
———————— ance Sy
—_ Network j----*
— —
Fig. 1.2.5: RPC Reference Model
1.2.4(B) Distributed Object Frameworks

a programming model based on object-oriented
Middleware based on distributed objects is designed to provide
d approach to distributed programming.
principles and therefore to bring the benefits of the object-oriente
evolution from three strands of activity :
* Emmerich [2000] sees such distributed objects as a natural
on the client-server model and there was a desire
1. In distributed systems, earlier middleware was based
actions.
for more sophisticated programming abstr
Smalltalk led
r work in object-oriented languages such as Simula-67 and
2. In programming languages, earlie
and C++
am and heavil y used programming languages such as Java
to the emergence of more mainstre
d systems).
(languages used extensively in distribute TechKnowledge
Publications
Web Services
|Z |
V , ha) (0]
i d
ol . , , e
gineer ing, = ignificant "
made in the gn
25S Was ndu st
. I as an
i UMI
are systems.
si
Language
of |
de ng
ah
methods, leading to the emergence
f c M
1e Un
hject-oriented s
notation for specifying (potentially distributed) 0 h, distributed systems developers are anot only
as Cox
an objec 0 0: nc
* In other words, through adopting
i ioct-oriented approach, g | such a5 Cos an
+4 richer programming abstractions (using familiar progr
provided with richer programming © inciples tools and techniques (including ) in the
"entted design p ri
but are also able to use objej ct-orien
i
are.
development of distributed systems softw al
, previously, such design techniques
were not available. |;
major Step forwa rd in a n area where
© This represents a the standardization of
estin g to note that the OMG, the organ izati on t hat developed CORBA, also manages
is inter
UML. o o | 7
. I 1 I
. I
t . 1 II ff,
Di st il t | »
'
Y les of distr
examp j t ml iddleware include Java RMI an
istriibuted objec
RMI is restricted to Java based development,
in common, there is one important difference: the use of Java
in a variety of languages to interoperate,
whereas CORBA is a multi-language solution allowing objects written
(Bindings exist for C++, Java, Python and several others.)
It must be stressed that programming with distributed objects is both different from and significantly more
complex than standard object-oriented programming, as summarized as follows :

The key differences between objects and distributed objects have already been covered in the context of RMI.
Other differences will emerge when we look in detail at CORBA in these include :
e Class is a fundamental concept in object-oriented languages but does not feature so prominently in distributed
object middleware. As noted in the CORBA case study, it is difficult to agree upon a common interpretation of
class in a heterogeneous environment where multiple languages coexist.
e In the object oriented world more generally, class has several interpretations, including the description
of the
behaviour associated with a group of objects (the template used to create an object
from the class), the place to
go to instantiate an object with a given behaviour (the associated
factory) or even the group of objects that
adhere to that behaviour. While the term ‘class’ is avoided,
more specific terms such as ‘factory’ and ‘template’
are readily used (a factory being an object that will
instantiate a new object from a given template).
1— ana
e The style of inheritance is significantly different
from that offered in most object-oriented langua
ges. In
particu lar, distri buted object middleware offers interface inheritance, which is a relationship between
¢ iIn contrast, objeject

ct-o-ori
rienente
ted d lang|: uages such as Smalltalk
offer implementation inherita
o n
etwe inementati
en impl at ons
ol wherereby nce as a relationship
eby thethe new class (in1 thisi case) inherits
| the implementation (and henc
meinalnal class
€ origi class andan can add extra beha e
ehavviiour. Implementation
n
to implement, particularly j
inher it.
i ance is much more difficult
ted systems, due to the in distribu
need to re solve the correct executable
runtime. Consider, for example, behaviour at
the level of heterogeneity th exist j a dist:
at may
the need to implem
j ent highly scalable solutions. y exist in a distributed system, together with
¢ Inter-object Communication : A distributed object middleware fr.
TechKnowledge
Publicattons
Lifecycle Management : Lifecycle management is concerned with the creation, migration and deletion of
objects, with each step having to deal with the distributed nature of the underlying
environment.
Activation and Deactivation :In non-distributed implementations, it can often be assumed that objects are
active all the time while the process that contains them runs. In distributed systems, however, this cannot be
assumed as the numbers of objects may be very large, and hence it would be wasteful of resources to have all
objects available at any time.
In addition, nodes hosting objects may be unavailable for periods of time. Activation is the process of making an
object active in the distributed environment by providing the necessary resources for it to process incoming
invocations = effectively, locating the object in virtual memory
and giving it the necessary threads to execute.
Deactivation is then the opposite process, rendering an object temporarily
unable to process invocations.
Persistence : Objects typically have state, and it is important to maintain this state across possible cycles of
activation and deactivation and indeed system failures. Distributed object middleware must therefore offer
persistency management for stateful objects.
1.3 Parallel Computing
1.3. 1 Elements of Parallel Computing
Parallel execution of computations depends on the architecture of the execution platform. Processor chips are
the key components of computers.
An important performance factor is the clock frequency of the processor, which determines the cycle time of the
processor and therefore the time needed for the execution of an instruction.
Internally, processor chips consist of transistors. The number of transistors contained in a processor chip can be
used as a rough estimate of its complexity and performance. ‘
The increase of the number of transistors and the increase in clock speed have led to a significant increase in the
performance of computer systems.
Parallel Processing
A computer system is said to be Parallel Processing System or Parallel Computer if it provides facilities for
simultaneous processing of various set of data or simultaneous execution of multiple instruction.
On a computer with more than one processor each of several processes can be assigned to its own processor, to
allow the processes to progress simultaneously. If only one processor is available the effect of parallel processing
can be simulated by having the processor run each process in turn for a short time.
Parallel processing in multiprocessor computer is said to be true parallel processing and parallel processing in
uniprocessor computer is said to simulated or virtual parallel processing.
Parallel processing provides a cost-effective solution to this problem by increasing the number of CPUs in a
computer and by adding an efficient communication system between them.
The workload can then be shared between different processors. This setup results in higher computing power
and performance than single-processor system offers. The development of parallel processing is being
influenced by many factors.
TechKnowledge
Publications
Cloud Computing and Web Services 1-18 Web se
View
1.3.2 Hardware Architectures for Parallel Processing oS |
The core elements of parallel processing are CPUs. Based on the number of instruction and data streams that
be processed simultaneously, computing systems are classified into the following four categories :
(a) Single Instruction, Single Data (SISD) systems

(b) Single Instruction, Multiple Data (SIMD) systems
(c) Multiple Instruction, Single Data (MISD) systems
(d) Multiple Instruction, Multiple Data (MIMD) systems
(a) SISD Systems
SISD systems contain one control unit, one processing unit, and one memory unit.
In this type of computers, the processor receives a single stream of instructions from the control unit ang
operates on a single stream of data from the memory unit. During computation, at each step, the Processor
receives one instruction from the control unit and operates on a single data received from the Memory unit
| Instruction Stream -
Data Input - Data Output
Processor
Fig. 1.3.1 : Single Instruction, Single Data (SISD) architecture
(b) SIMD Systems
SIMD systems contain one control unit, multiple processing units, and shared
memory or interconnection
network. Here, one single control unit sends instructions to all processin
g units. During computation, at.
each step, all the processors receive a single set of instructions from
the control unit and operate on
different set of data from the memory unit.
Each of the processing units has its own local memory unit to store both data
and instructions. In SIMD
computers, processors need to communicate among themselves. This is
done by shared memoryar
by interconnection network. 4
While some of the processors execute a set of instructions, the remaining processors wait
for their next
of instructions. Instructions from the control unit decides which processor will be active (execut
instructions) or inactive (wait for next instruction).
(c) MISD Systems
As the name suggests, MISD systems contain multiple control units, multiple processing units and one
|
common memory unit.
Here, each processor has its own control unit and they share a common memory unit. All the processors get
instructions individually from their own control unit and they operate on a Single stream of data as Pe!
instructions they have received from their respective control units. This processor operates simultaneo
Tech Knowleeg
Publication
4-19 Web Services
\
(Qi, sinal Instruction Stream
———— —
hind
GD) [ Data Output 1]
_———
c
i}
Processor 1 Uy []
ora
i]
©
Input f 2
[Data In
- | =>
[Lond
> Processor2
| | -
Data Input N
[_
i
Fig. 1.3.2 : Single Instruction, Multiple Data (SIMD) architecture
EQ struction 10: Instruction {03 Instruction

| SAG Stream 1 || 2280} Stream 2 [| aakO Stream N J,
[
1
1
z =
[|i
|}
” []
ig '
i)
1
1
1 i}
FT) 1 1
I
=
1
’
[
Single Data Output Stream

Single Data Input Stream.
Processor 1
V
a
Fig. 1.3.3: Multiple Instruction, Single Data (MISD) architecture
(d) MIMD Systems
control units, multiple processing units, and ashared memory or

MIMD systems have multiple
interconnection network.
ic and logic unit. They receive
Here, each processor has its own control unit, local memory unit, and arithmet
on different sets of data.
different sets of instructions from their respective contro] units and operate
an
An MIMD systems that shares a common memory is known as multiprocessors, while those that uses
interconnection network is known as multicomputer.
r are of two types :
Based on the physical distance of the processors, multicompute
to one another (e.g,, in the same room).
(i) Multicomputer : When all the processors are very close
one another (e.g. - in the different
(ii) Distributed System : When all the processors are far away from
cities)
TechKnowledge
Publications
© NASA
OE 0 255 —_$
Cloud Computing and Web Services 1-20 Web Sen,
Wy
mm
&O}
A
Instruction [|
AE=
INStruction[[£O2,
instruction
Instructs
7 [£ Bp 00am 1 || Suen 2 || Bi om 1},
ODD
1
Ry Data Output 2
A o
he's 1
> Processor 2 r —>
X [Data Output 3
MOL et 1
Processor N —,
Fig. 1.3.4 : Multiple Instruction, Multiple Data (MIMD) architecture
* Compared to MIMD computers, SIMD computers have the advantage that they are easy to program, since
there is only one program flow, and the synchronous execution does not require synchronization a
program level. Some processors support SIMD computations as additional possibility for processing large
uniform data sets.
* An example is the x86 architecture which provides SIMD instructions in the form of SSE (Streaming SIMD
Extensions) or AVX (Advanced Vector Extensions) instructions.
* The computations of GPUs are also based on the SIMD concept, MIMD computers are more flexible as SIMD
computers, since each processing element can execute its own program flow.
IPC Channel IPC Channel
1
l
1 S ae Nt = 22
1
! Processor 1 | | Processor 2 Processor N

i Memory
' Bus
1
t
i)
| CZ Global System Memory |
Ll
[|
1
Fig. 1.3.5 : Shared MIMD (left), distributed MIMD (right) architecture
1.3.3 Levels of Parallelism
© Levels of parallelism are decided based on grain size. Table 1.3.1 lists categories of
code granularity for
parallelism. All these approaches have a common goal: to boost processor efficiency
by hiding latency.
The idea js to execute concurrently two or more single-threaded applications, such as compiling,
text formatting,
database searching, and device simulation.
(multiple-instruction issue) parallelism and distribution at the top two levels, which involve the distribution 0
p
the computation among multiple threads or processes.
Table 1.3.1 : Level of Parallelism
Grain size Code item Parallelized by
Separate and heavy weight process Programmer |
Function or procedure Programmer
|
i
Fine Loop or instruction block Parallelizing complier
|
Very fine Instruction Processor
|
Large Level
(Processes, Tasks) |
. Shared
function f1() Memory function f2() ) HER function f2() Metin Love)
Gad] —>|(..) —>|(..) (Threads, Functions)
Function 1 Function 2 Function J
k4
r
a[0] =... a[1]=... a[k] =... Fi ine Level
b[0] =... bl1]=... blk] =... (Processor.
Statements Statements Statements Instructions)
Very Fine Level |

(Cores, Pipeline,
Instructions)
Fig. 1.3.6 : Level of Parallelism
1.4 Web Services
* Web services have emerged as the leading technology for implementing SOA (Service-Oriented Architecture)
systems and applications. By harnessing the power of Internet technologies and widely accepted standards, they
offer a robust solution for building distributed systems. What makes Web services stand out as the technology of
choice for SOA? For one, they promote seamless interoperability between diverse plattorms and programming
languages.
* Additionally, they are built on established and independent standards like HTTP, SOAP, XML, and WSDL. And
they provide a straightforward and user-friendly approach to connecting varied Software systems, facilitating
the rapid assembly of services within a distributed environment. Most importantly, they offer the essential
capabilities necessary for enterprise business applications lo thrive in a real-world setting. These include
sophisticated features for service discovery, enabling seamless integration within a system.
TechKnowledge
Publications
Cloud Computing and Web Services 1-22; WwW :
=D SErVicgg
ti TE
* Web services, based on the simple concept of object-oriented abstraction, offer a one e of bl operationst hat can be
Fw support the passing
utilized through internet protocols. These method operations assing of various P paramet er types
and return values in both complex and simple forms.
* Thestandardized use of XML and WSDL ensures the interoperability of web service methods, making it effortles;
to express a variety of types in a universal fashion. These services

j are easily
i ssible when hosted inj a we
accessib
i
server, with HTTP being the preferred transport protocol for seamless inter actions.
ice. Thi .
* System architects utilize their preferred technology to create and implement a Web seme IS SETVICE Can then
be accessed through compatible Web or application servers. The details of the service are conveyed through ;
Web Service Definition Language (WSDL) document, which can be added to a global registry or directly Attached
to the service itself.
* To find and access these services, users can browse through global catalogs using Universal Description
Discovery and Integration (UDDI), or more commonly, they can directly retrieve the service's metadata by firs,
querying the Web service.
* The Web service description document provides a helpful function for service consumers by effortlessly
generating clients for the specific service and seamlessly embedding them within their current application. Due
to the widespread popularity of Web services, they offer bindings for all mainstream programming languages in
the form of easily accessible libraries and development tools.
* This leads to a seamless and uncomplicated usage of Web services compared to more challenging integration
required by technologies like CORBA. Additionally, the interoperability of Web services makes them a superior
choice for Service-Oriented Architecture (SOA) compared to other distributed object frameworks
like .NET
Remoting, Java RMI, and DCOM/COM+, which are limited to a single platform or environment.
1.4.1 Web Services Description Language (WSDL)
* WSDL is a vital tool in the world of Java web development,

serving as an XML format that outlines network
services through a collection of endpoints that
operate on messages containing either docum
ent-oriented or
procedure-oriented information. These
operations and messages are described
in an abstract manner, and then
paired with a specific network protocol and
message format to create an endpoint.
* This allows for the creation of abstract
and concrete endpoints, which can then
be combined into services.
WSDL's extensibility also makes it possible
to describe endpoints and messages regardless
of the communication
protocols or formats used. However, this
document primarily focuses on t he use of
WSDL with SOAP 1.1, HTTP
GET/POST and MIME bindings.
WSDL Document Structure
WSDL documents serve as essential blueprints for services,

grouping together network endpoints, also known as
ports. WSDL cleverly separates the abstract definiti
ons of these endpoints and messages
from their concrete
deploy ment on a network or binding of data formats.
This results in reusability of abstract definitions
messages,
such as
which describe the data being communicated,
and port types, which are collections of operat
ions. The
beauty of this separation lies in the creation
of reusable bindings, where the Specific specif
ications for the protocols
and data formats associated with a particular port type can be
reused. Ultimately, a service is defined by a group
of
ports, each with a network address linked to a reusable binding.
— ooo
TechKnowledgé
Publications
-
_ Types
Abstract
definition of Messages
service
Port Types
Bindings
Protocol and me
physical
locations Service ports
Fig. 1.4.1 : WSDL

Table: 1.4.1
—
Element Description
<types> Defines the (XML Schema) data types used by the web service. It is a container for data type
definitions using some type system (such as XSD).
<message> | Defines the data elements for each operation. It is an abstract, typed definition of the data being
communicated.
<portType> | Describes the operations that can be performed and the messages involved. An abstract set of
operations supported by one or more endpoints.
<binding> Defines the protocol and data format for each port type. A concrete protocol and data format
specification for a particular port type.
<service> Service- a collection of related endpoints.
<port> Port- a single endpoint defined as a combination of a binding and a network address.
1.5 SOAP
* SOAP, also known as Simple Objects Access Protocol, was developed by Microsoft in 1998 as a web
communication protocol. Its primary purpose is to facilitate the transmission of data over HTTP/HTTPS and it is
commonly used to expose web services.
* However, its capabilities are not limited to just these functions. Unlike the REST pattern, SOAP only Supports
XML as its data format and rigidly adheres to established standards such as messaging structure, encoding rules,
and the format for requesting and responding to procedures.
* One of the key advantages of SOAP is its capability to seamlessly create web-based services, making it
independent of language and platform when handling communications and generating responses. Despite the
growing popularity of REST as the preferred means of web data exchange, SOAP is expected to remain relevant
due to its robust standardization, potential for automation in certain scenarios, and enhanced security features.
Tech Knowledge
Publications
AOE ORs —_—
— PESTA
Cloud Computing and Web Services 1-24 Web Service

==
1.5.1 Structure of SOAP Message (In JAX-WS)
* In Java API for XML Web Services (JAX-WS), SOAP (Simple Object Access Protocol) messages are useq for
communication between web services. These messages have a specific structure defined by the SOAP Protocol, jp,
JAX-WS, the structure of a SOAP message can be represented as follows:
* JAX-WS works with SOAP messages through generated proxy classes or by using the JAX-WS APIs (avax.xml.ws
package) to create, send, and process SOAP messages programmatically. You can generate client or server code
from WSDL (Web Services Description Language) using tools like wsimport to handle SOAP messages ang
interact with web services in Java.
Handling SOAP messages in JAX-WS involves creating request and response objects, setting parameters, invoking
methods, and marshalling/unmarshalling the SOAP XML content. The javax.xml.soap package provides classe.
for creating and manipulating SOAP messages and their components.
1.5.2 SOAP Messaging Architecture
SOAP: Envelope
SOAP Header
Header block
A Optional
]
Header block
SOAP Body
Rody element Content or payload of

Body element 7 the SOAP message
Fig. 1.5.1 : SOAP Messaging Architecture
Envelope : The SOAP message begins with an <Envelope> element. This element
encapsulates the entire SOAP
message and contains namespaces and encoding style declarations.
Header (Optional) : The <Header> element is an optional part of the SOAP message. It contains header
information such as authentication details, routing data, or
any other metadata related to the message.
* Body: The <Body> element encapsulates the actual content or payload
of the SOAP message. It contains the data
that is being transferred between the client and the
web service.
e Fault (Optional) : It is used to indicate error messages. In case of errors
or exceptions during processing, a
<Fault> element may be included within the <Body> element. It contains error
information including fault codes,
fault strings, and fault details.
If a Fault element is present, it must appear as a child element of the Body
element. A Fault element c
appear once ina SOAP message.
“Tech Knowledge
Publications
= FMP NS
Cloud Computing and Web Services ot Web Services

1-25
Sub elements of SOAP Fault element
Sub Remon ,
Loe t | Description
<faultcode> | A code for identifying the fault.
<faultst
tstring>
ri | Itisi used for providi
i ng explanation of the fault.
. : —— =I
< ror
| <faultactor> | Information about who caused the fault to happen.
<detail> l> + opi , NT
|<detal | Holds application specific error information related to the Body element.
Syntax
<SOAP-ENV:Envelope
xmIns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/”
xmlIns:xsi="URL of XMLSchema-instance"
xmIns:xsd="URL of /XMLSchema">
<SOAP-ENV:Header>


</SOAP-ENV:Header>
<SOAP-ENV:Body>

</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
1.5.3 SOAP Header
information for
The <Header> element in a SOAP message is optional, serving to convey application-specific
as header blocks, act as
SOAP nodes along the message flow. These child elements of <Header>, known
designated XML elements created by the application.
to recipient
* They logically group data to targ et SOAP nodes encountered on the message's journey trom sender
receiver nodes, but in practice, not all nodes
SOAP header blocks can be utilized by intermediary and ultimate
blocks, while each block is intended for
process every block. Instead, each node is designed to handle specific
processing by certain nodes.
features in a SOAP message, without needing
* The SOAP header provides a convenient way | o include additional
of specific attributes, SOAP clearly outlines
agreement beforehand from the p arties involved. Through the use
or not. Such crucial information includes directives and
how a feature will be handled and whether it is re quired
sing. By incorporating these ele ments, SOAP messag
es can be
context that are relevant to the messag e's proces
lar application
tailored to meet the unique needs of a particu
Unlike the extensive
for encoding components 0 f a SOAP message.
Encoding style refers to the guidelines
set of rules for encoding data.
flexibility of XML, SOAP has a more restricted
(in SOAP 1.1).
ute (in SOAP 1.2) and the actor attribute
This can be seen in its use of the role attrib
TechKnowledge
Publications
Cloud Computi : ices
Puting and Web Serv 1-26 Web Services
. : —
In SOAP 1.2,
the role attribute Specifies whether a particular
node is involved in processing the messape, If the
i
node's s rol e matches the role assign
r ches ed to the header block, it will pr
i ocess the header. Howeve
r, if the roles do Not
Match, the node will not process the header block.
Similarly, in SOAP 1.1, the actor attribute serves the |
Same
|
Purpose,
The mustUnderstand attribute serves the purpose of ensuring that SOAP nodes do not overlook importane
header blocks in an application. If a SOAP node plans to handle
a header block based on its designated role or
actor, it must adhere to the value of "true" for the mustUnderstand attribute. This means that the node Must
either process the header block according to its specifications or not at all, resulting in an error.
° However, if the attribute is set to "false", the node has the option to disregard the header block entirely, [,
€ssence, the mustUnderstand attribute dictates whether the processing of the header block is requireg or
optional. This attribute has different values depending on the version of SOAP being used: "true" for SOAP 12
and "1" for SOAP 1.1. In both cases, the node must follow the specified action for the header block.
* IfmustUnderstand="1" to a child element of the Header element then it indicates that the receiver processing the
Header must recognize the element. If the receiver does not recognize the element it will fail when Processing
the Header.
<?xml version="1.0"?>
<soap:Envelope
xmlns:soap="URL of soap-envelope"
soap:encodingStyle="<Encoding URI>">
<soap:Header>
<m:Trans xmIns:m="URL of SOAP transaction"
soap:mustUnderstand="<0 OR 1>">234
-Soap:actor="<URI>">234 -->
Client-Side SOAP Handlers
lient-side SOAP handlers in JAX-WS allows to intercept and manipulate SOAP messages before they are sent by
client. This functionality is useful for tasks such as logging, security, or modifying the SOAP message content
ore it's transmitted to the server.
Steps to create a client-side SOAP handler in JAX-WS
Create a Handler Class : Implement a handler by extending javax.xml.ws.handler.soap.SOAP
Handler<T extends SOAPMessageContext>.
This class should implement the necessary methods such as handleMessage() to process the SOAP
message.
“Tech Knowledge
Publications
Cloud Computing and Web Services 1.27 Web Services
Code
import javax.xml.ws.handler.soap.SOAPHandler:
import javax.xml.ws.handler.soap.SOAPM es8ageContext;
public class CustomSOAPHandler implements SOAPHandler<SOAPMessageContext> {
// Implement required methods like handleMessage, close, ctc.
//
}
Step 2: Ifplement Handler Methods : Within the handler class, implement the handleMessage() method to
specify the logic for intercepting and processing the SOAP message. This method is invoked when a SOAP
message is sent.
Code
@Override
public booleanhandleMessage(SOAPMessageContext context) {
// Logic to intercept and process the SOAP message before sending
[I
return true; // Return true to continue processing the message
}
Step 3: Configure the Handler : Attach the handler to the client's service port. This can be done
programmatically or through configuration using annotations or a HandlerResolver.
Code
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;
import javax.xml.ws.handler.Handler;
// Obtain service instance
Service service = Service.create(...);
// Get the handler chain from the service port
List<Handler>handlerChain = ((BindingProvider) service.getPort(...)).getBinding().getHandlerChain();
// Add the custom SOAP handler to the handler chain

handlerChain.add(new CustomSOAPHandler());
// Set the updated handler chain back to the port

((BindingProvider) service.getPort(...)).getBinding().setl landlerChain(handlerChain);
Step 4: Handle SOAP Message : Inside the handleMessage() method, to access and modify the SOAP message
useSOAPMessageContext. For example, the SOAP message can be retrieved

by inspecting or moditying
headers, body, or any other part of the message.
TechKnowledge
Publications
|e

1-28
Code
@Override
Public booleanhandleM
essa ge( SOAPMessageContext context) {
// Access the SOAP messag
e
SOAPMessagesoapMes
sage = context.getMessage();
// Modify or inspect the SOAP message here

LL
return true; // Return true to continue processing the message
* By implementing a client-side SOAP handler in JAX-WS, you can intercept

i and d manip
manipulate outgoing 8 $ SOAp
. . : Gili regs
messages, enabling various functionalities like logging, adding security headers, or modifying message content
based on specific requirements before sending it to the server.
1.6 REST- What is REST?
REST
REST is the acronym for Representational State Transfer, and it serves as an architectural style for developing
orked applications, particularly for web services. This approach effectively harnesses the functions and
ols of the internet to enable seamless communication.
|
rinciples of REST include :
Client-Server Architecture : REST separates the client and Server,

enabling them to evolve independently. This
Separation allows for better scalability and flexibility.
Statelessness : Each request from a client to a server
must contain all the information necessary to unders
tand
and process the request. The server doesn't
store any client state between requests, makin
g it easier to scale and
manage the system.
Cacheability : Responses from the server

can be labeled as cacheable or non-cacheabl
e. This improves network
efficiency and reduces server load by
allowing clients to cache responses
when appropriate.
Uniform Interface : REST emphasiz
es a uniform interface be twee
n components, promoting simplicity
decoupling. It typically includes and
these constraints:
of the resource (e.g., JSO

N or XML). The server
sends r
manipulate those resources,
7. Self-descriptive Messages
: Messages sent between
the client and server should be
all the information needed Self-descriptive and contain
to understand them.
TechKnowledg®
Publications
8. Layered System : REST allows for a layered architecture where components (e.g. proxies, gateways) can hie
added between the client and server to improve scalability, security, or other concerns without affecting the
overall system.
9. Code on Demand (Optional) : This constraint is optional and allows the server to temporarily extend or
customize the functionality of a client by sending code that the client can execute.
1.6.1 HTTP Methods
RESTful web services use HTTP methods to perform operations on resources.

Following HTTP methods are used:
|Method
| Action
GET Requests a document from the server
HEAD Requests information about a document but not the document itself.
POST Sends some information from the client to the server
PUT Sends a document from the server to the client
TRACE Echoes the incoming request

CONNECT | Reserved
| OPTION | Ing uires about a available options
1.6.2 Java API for RESTful Web Services (JAX-RS)
It is a Java programming language API that provides support for creating RESTful web services. It is a part of the
Java EE (Enterprise Edition) platform and is used to develop web applications following the REST architectural
style.
JAX-RS defines a set of APIs and annotations that simplifies the development of RESTful web services in Java. The
main components of JAX-RS are :
1, Annotations : JAX-RS provides annotations that can be used to define resources, HTTP methods,
parameters, and other aspects of a RESTful service. The javax.ws.rs package contains JAX-RS annotations.
| Annotation Description
Path It identifies.
the URI path. It can be specified on class or method.
PathParam It represents the parameter of the URI path. |
GET it responds to GET request. |
POST it responds to POST request. |
PUT | It responds to PUT request. — |
| HEAD | | itresponds to HEAD request.

DELETE it responds to DELETE request.
“OPTIONS: it responds to OPTIONS request.
It represents the parameter of the form.
Tech! Knowledge
Publications
c
On .
Putin and We
h Services
Woh 5,
pol
It reprresents the parameter
i of the query
ry string ofa nURe
s
Itrepresents the parameter of theh eader.
/
| CookieParam 7
It represents the
parameter of the cookie.
-
| Produces = I
the response such a s XML, PLAIN,

It defines media type for
|| ISON etc.
/ Consumes It defines the media type that the
/
methods of a resource clCIASS

| or MessageBodyR
|
eader can produce.

Resource Classes» = non to denine ve
Theee
Java classes that are er
resources, These cla an no ta ted with JAX-RS an
sses contain method nota
s that handle HTTP
3. Client API: JAX-RS includ requests and p erform operations on resources
es a client API that allows —— =
JaVax.ws.rs client Java applications to consum
packa e
g e provi ides
classes
Sen ices,
and 1
Inte I faces toc reate and send HTTP requests to REST Fy
* Providers : JAX-RS supports
Providers for handling Seri
exception Mapp alizat.ion/deserial
aliizzatationion ofof data
ing, and oth
er aspect s. Providers can be used to (e..g, JSON, x1, (eg
runtime. customiz; e the behavi i
or of f thth e JAX-JaRs
x.
© Jersey Reference implem

entation
of JAX-RS provid
JAX-RS APIs. ed by Oracle. It'
s widely used an
0 RESTEasy: Anothe d eMPPOrts the
r popular JAX-RS core
implementation Pr
© Apache CXF . An ovided by JBoss/
open-source web Red Hat.
Protocols and se rv ic es framework that al
Standards. so Supports JAX-
Example : JAX- RS among other
RS resour ce class
Code
import Javax.
WS.FS.GET:
import javax.
Ws.rs.Path;
import javay.
WS.FS.Produces
;
Import javay.
WS.rs.core Me
diaType:
PPath("/hello
")
Ublic class He
lloResourc e {
IGET
Prod uces(M
edia Type.TF XT
PLA] N)
blic String sa
YHello() {
turn “Hello, Wo
rld! =
S class defi
nes a reso
urce aCCess
"Hello, World!" in ible at the
Plain text forma. path "/hell
g" that Te
Sponds ty
HTTp GE
T request
s by return
ing the
ee
Tech Knowledge
Publicatio
ns
Web Services
1-31
Services to create, deploy,
Cloud Computing and Web ing , 4 sta nd ardized wa y
by provid
RESTful services in Java
JAX -RS sim pli fie s the development of
e
and consume web services.
Review Questions nnd
itecture.
ted system and its arch
Describe about distribu
©
ted systems.
racteristics of distribu
List and explain the cha
s.
s about its component
©
dis tri but ed sys tem s and hence discus

3 Describe
©
computing.
styles for distributed
Explain Architectural
ed Computing.
the technologies for Distribut
Ppo© o
Exp lai n brie fly abo ut

5
6 Explain RPC in detail.

frameworks in detail.
Explain Distributed object
processing.
cribe about parallel
ep D
be par all el com put ing and hence des

8 Descri
cessing.
ecture for Parallel Pro
Explain hardware Archit
PB
.
of distributed computing
Explain the concept
PB
parallelization.
41 Explain the level of
©
©
ment structure.
12 Explain WSDL docu
of SOAP message-
©
©
lain the architecture

13 Whatis SOAP? Exp
©
©
header.
Explain the SOAP dlers.
44 ent-side SOAP han
steps to create Cli
©
9
le r? Exp lai n the

SOAP hand
15 Whatis Client-side
©
9
n cipals.
ng with its key pri
46 Explain REST alo
DD
b Services.
for RESTful We
lain Java API
Virtualization
">.
Characteristics of Virtualized Environments. Pros and Cons of Virtualization. Virtualization using KVM, Creating Virtual
machines, oVirt - management tool for virtualization environment.
2.1 Introduction to Virtualization
Virtualization is a technique of abstracting physical resources into logical view. It increases the utilization 4,
capability of IT resource.
It also simplifies resource management by pooling and sharing resources. Virtualization helps to significantly
reduce downtime. It can be of various categories such as planned and unplanned and it also improveq
performance of IT resources.
Virtualization
| “Virtualization indicates that an applications can use a resource without any concern for where it resides, |
| what the technical interface is, how it has been implemented, which platform it uses, and how much of it is
available.”
-Rick F. Van der Lans

Five major reasons of virtualization are as follows :
1. Sharing: Break up a large resource which enables large capacity or high-speed.
E.g. Servers.
2, Isolation : Protection from other tenants. E.g. Virtual Private Network (VPN).
3. Aggregating : Combine many resources into one. E.g., storage.
4. Dynamics: Fast allocation, Change/Mobility, load balancing. E.g., virtual machines.

5 Ease of Management : Easy distribution, deployment and testing.
Advantages of Virtualization
Minimize hardware costs (Capital Expenditure : CapEx).

P
Multiple virtual servers on one physical hardware.

wn
Easily move VMs to other data centers.
Provide disaster recovery.

>
Hardware maintenance.
anu
Follow the sun (active users) or follow the moon (cheap power).
Consolidate idle workloads. Usage is bursty and asynchronous.
orn
Increase device utilization.

Virtualization
9. Conserve power.
10. Free up unused physical resources.
11. Easier automation (Lower OpEx : Operating Expenditure).

12. Simplified provisioning /administration of hardware and software.
13. Scalability and flexibility ofmultiple operating systems.
2.1.1 Virtualization Basics
or request for a service from the

The term virtualization broadly describes the separation of a resource
example, computer software gains access
underlying physical delivery of that service. With virtual memory, for
of data to disk storage.
to more memory than is physically installed, via the background swapping
cture layers - including networks, storage,
Similarly, virtualization techniques can be applied to other IT infrastru
laptop or server hardware, operating systems and applications.
between computing, storage and
This blend of virtualization technologies provides a layer of abstraction
deployment of virtual infrastructure is non-
networking hardware, and the applications running on it. The
disruptive, since the user experiences are largely unchanged.
across the
However, virtual infrastructure gives administrators the advantage of managing pooled resources
organizational needs and to better leverage
enterprise, allowing IT managers to be more responsive to dynamic
infrastructure investments.
2.1.2 Virtualization Approaches
decades, it is only recently(in 1998) that VMware

While virtualization has been a part of the IT landscape for
platforms, which now form the majority
delivered the benefits of virtualization to industry-standard x86-based
of desktop, laptop and server shipments.
on a single physical system and share the
A key benefit of virtualization is the ability to run multiple operating systems
applied to a range of system layers,
underlying hardware resources - known as partitioning. Virtualization can be
and high-level language virtual
including hardware-level virtualization, operating system level virtualization,
machines.
typically used with software-based
For Unix/RISC and industry-standard x86 systems, the two approaches
partitioning services on top of
partitioning are hosted and hypervisor architectures. A hosted approach provides
a standard operating system and supports the broadest range of hardware configurations.
installed on a clean
In contrast, a hypervisor architecture is the first architecture is the first layer of software
has direct access to the
x86-based system (hence it is often referred to as a'bare metal” approach). Since it
resources, a hypervisor is more efficient than hosted architectures, enabling greater scalability,
hardware
robustness and performance.
2.1.3 Characteristics of Virtualized Environment
Some of the important characteristics of virtualization include the following :
1. Increased Security
opens new
e The ability to control the execution of a guest programs in a completely transparent manner
possibilities for delivering a secure, controlled execution environment.
TechKnowledge
Publications
Cloud Computing and Web Services 2-3 Virtualiz,, thes
* All the operations of the guest programs are generally performed against the virtual machine, whi, ch th
of
translates and applies them to the host programs. A virtual machine manager can control ang filter ,"
activity of the guest programs, thus preventing some harmful operations from being performed,
* — Resources exposed by the host can then be hidden or simply protected from the guest. Increased “eur,
a requirement when dealing with untrusted code.
2. Managed Execution
In particular, sharing, aggregation, emulation and isolation are the most relevant features.
Virtual
J 0 4 Resources
1919
|
as” . . itualizati
[Emutation| | isotation | Virtualization
1 HI 1 0 [==
Resources
Fig. 2.1.1 : Characteristics of virtualization
(a) Sharing
e Virtualization allows the creation of a separate computing environments within the same host.
© This basic feature is used to reduce the number of active servers and limit power consumption.
(b) Aggregation
* — Not only it is possible to share physical resource among several guests, but virtualization also allows aggregation,
which is the opposite process. A group of separate hosts can be tied together and represented to guests as a
single virtual host.
© This functionality is implemented with cluster management software, which harnesses the physical resources of a
homogeneous group of machines and represents them as a single resource.
(c) Emulation
* Guest programs are executed within an environment that is controlled by the virtualization layer, which
ultimately is a program.
* Also a completely different environment with respect to the host can be emulated, thus allowing the
execution of guest programs requiring specific characteristics that are not present in the physical host.
(d) Isolation
* — Virtualization allows providing guests such as whether they are operating systems, applications, or other
entities with a completely separate environment, in which they are executed.
e The guest program performs its activity by interacting with an abstraction layer, which provides access the
underlying resources. The virtual machine can filler the activity of the guest and prevent harmful operations
against the host.
© Besides these characteristics, another important capability enabled by virtualization is performance tuning:
This feature is a reality at present, given the considerable advances in hardware and Software Supporting
virtualization.
Techſnowledye
publications
_
Cloud Computing and Web Services 2-4 Virtualization
¢ — It becomes easier to control the performance of the guest by finely tuning the properties of the resources
exposed through the virtual environment. This capability provides a means to effectively implement a
quality-of-service (QoS) infrastructure.
3. Probability
* The concept of portability applies in different ways according to the specific type of virtualization
considered. In the case of a hardware virtualization solution, the guest is packaged into a virtual image that,
in most cases, can be safely moved and executed on top of different virtual machines.
¢ In programming-level virtualization which is implemented by the JVM or the .NET runtime, the binary code
representing application components (jars or assemblies) can run without any recompilation on any
implementation of the corresponding virtual machine.
Along with these characteristics, it also incorporates the basic characteristics of cloud computing such as :
1. Automatic service on Demand : Computational services are provided automatically, without human
intervention over the service provider.
2. Rapid Elasticity : Services must be fast and made available whenever necessary. Users of them must feel as they
have unlimited resources, which can be acquired in any amount, anytime. The elasticity property appears in
three components : linear scalability, use by demand, and payment of what is consumed.
3, Measurable Services : The management systems used by the cloud must control and monitor each resource,
automatically, for each kind of service (storage, processing, and bandwidth). This monitoring must be
transparent for both entities involved
(service provider and user).
Multiple Tenants : In a cloud environment services owned by multiple providers can be located in a single data-
center. With this approach the issues with performance and management of these services can be dealt by all
service and the infrastructure providers. The layered architecture offers a natural division of duties, that is, the
owner of each layer will have to deal only with the specific goals associated with that layer. Unfortunately, the
multiple tenancies also create problems in the understanding and management of the interactions between
parts.
Sharing of the Pool of Resources : The infrastructure provider offers a pool of resources that can be
dynamically allocated to the resource consumers. This capability creates a great flexibility to the cost-effective
management of resources. As an example, a service provider can take advantage of the technique of VM
migration in order to maximize resource utilization, what implies in the reduction of costs associated with
cooling and power consumption.
Access through a Worldly Distributed Network : Clouds are usually accessible from the Internet, therefore,
Even more, in
any device connected to it, either a cell phone or a desktop, is capable of using the cloud services.
by several
order to achieve a high performance and availability, many of the current clouds are composed
datacenters distributed over the world.
putting a strong emphasis in
Service Oriented : Cloud computing adopts a service-oriented operational model,
Level Agreement (SLA),
service management. Each provider offers his service trying to guarantee a Service
which is negotiated with the users of that service.
where resources are fixed, in clouds
Dynamic Resource Provisioning : Differently from conventional systems,
s by the acquisition and publishing of
we have the capability of dynamically adjust the amount of offered resource
extra resources by the service provider, guided by current demands.
i _— _ TechKnowledge
Publications
m me — ~
Cloud Computing and Web Services 2-5 Virtualization,
implies in the ability of providers and client

9. Self-organization : The property of dynamic resource provisioning, 5
dem and. Resources can be allocated or returned to the pool depending on th
to adjust their resources upon e
properly.
current needs. This flexibility results in the elasticity
model based in "pay what you use”. The exact price
10. Price-based Utilities : Cloud computing uses an economical
provider may rent a VM in , by
of processing may be different for different services. For example, a software
services priced by-tuseI
hour basis, while other may charge the service by the number of clients served. Although
of the whole operation.
may reduce client's costs, they introduce difficulties in the management
2.2 Pros and Cons of Virtualization
2.2.1 Pros of Virtualization
1. It is cheaper : Because virtualization doesn't require actual hardware components to be used or installed, jo
infrastructures find it to be a cheaper system to implement. There is no longer a need to dedicate large areas of
space and huge monetary investments to create an on-site resource. Users have to purchase the license or the
access from a third-party provider and begin to work, just as if the hardware were installed locally.
2. It keeps costs predictable : Because third-party providers typically provide virtualization options, individuals
and corporations can have predictable costs for their information technology needs.
3. It reduces the workload : Most virtualization providers automatically update their hardware and software that
will be utilized. Instead of sending people to do these updates locally, they are installed by the third-party
provider. This allows local IT professionals to focus on other tasks and saves even more money for individuals or
corporations.
4. It offers a better uptime : Because of virtualization technologies, uptime has improved dramatically. Some
providers offer an uptime that is 99.9999%. Even budget-friendly providers offer uptime at 99.99% today.
5. It allows for faster deployment of resources: Resource provisioning is fast and simple when virtualization is
being used. There is no longer a need to set up physical machines, create local networks, or install other
information technology components. As long as there is at least one point of access to the virtual environment, it
can be spread to the rest of the organization.
digital entrepreneurship : Before virtualization occurred on a large scale, digital
6. It promotes
it possible
entrepreneurship was virtually impossible for the average person. Sites like Fiverr and UpWork make
for anyone to set a shingle and begin finding some work to do.
7. It provides energy savings : For most individuals and corporations, virtualization is an energy-efficient system
Because there aren't local hardware or software options being utilized, energy consumption r ates can be
func is
lowered. Instead of paying for the cooling costs of a data center and the operational costs of equipment,
can be used for other operational expenditures over time to improve virtualization's overall ROL
2.2.2 Cons of Virtualization
l or business when virtualization

1. It can have a high cost of implementation : The cost for the average individua
ent, however, the
is being considered will be quite low. For the providers of a virtualization environm
some point and that means
implementation costs can be quite high. Hardware and software are required at
implementation.
devices must either be developed, manufactured, or purchased for
TechKnowleds? S
publicatter
—_—
Cloud Computing and Web Services 2-6 Virtualization
It still has limitations : Not every application or server is going to work within an environment of virtualization.
That means an individual or corporation may require a hybrid system to function properly. This still saves time
and money in the long run, but since not every vendor supports virtualization and some may stop supporting it
after initially starting it, there is always a level of uncertainty when fully implementing this type of system.
It creates a security risk : Information is our modern currency. Because data is crucial to the success of a
business, it is targeted frequently. Just like physical machines, virtual machines also contain a lot of critical,
sensitive data such as personal data, user profiles, passwords, license
keys, and history. While the risk of data
loss is immense with both physical and virtual machines, the risk is much greater with virtual
machines as it is
much easier to move files and images from virtual machines than it is to hack into physical
machines via network
links.Many images and snapshots are captured by virtual machines in order to deploy or restore system restores,
and they can be prone to data theft.
It creates an availability issue : If an organization cannot connect to their data for an extended period of time,
they will struggle to compete in their industry. And, since availability is controlled by third-party providers, the
ability to stay connected in not in one’s control with virtualization.
It creates a scalability issue : Virtualization enables rapid creation and addition of new virtua] machines.
Without total automation, this dynamic growth capacity can destabilize security management activities such as
system configuration and updates, resulting in vulnerability to security incidents.
It requires several links in a chain that must work together cohesively : If you have local equipment, then
you are in full control of what you can do. With virtualization, you lose that control because several links must
work together to perform the same task. Consider the example of saving a document file. With a local storage
device, like a flash drive or HDD, you can save the file immediately and even create a backup. Using virtualization,
your ISP connection would need to be valid. Your LAN or Wi-Fi would need to be working. Your online storage
option would need to be available. If any of those are not working, then you're not saving that file.
It takes time : Although you save time during the implementation phases of virtualization, it costs users time
over the long-run when compared to local systems. That is because there are extra steps that must be followed to
generate the desired result.
Virtualization using KVM
KVM is short for Kernel-based Virtual Machine, and currently it has developed one of the most popular Virtual
Machines in the world. KVM is a full virtualization solution for Linux on x86 hardware containing virtualization
extensions (Intel VT or AMD-V).
It consists of a loadable kernel module, kvm.ko, that provides the core virtualization infrastructure and a
processor specific module, kvm-intel.ko or kvm-amd.ko. KVM also requires a modified QEMU although work is
underway to get the required changes upstream.
Using KVM, one can run multiple virtual machines running unmodified Linux or Windows images. Each virtual
machine has private virtualized hardware: a network card, disk, graphics adapter, etc. With KVM, multiple virtual
machines can run under the unmodified Linux or Win-dows images. Every single virtual machine has its own
virtualized hardware, containing network interface card (NIC), storage devices, graphical user interface (GUI),
etc. (Red Hat, Inc. 2016.).
TechKnowledge
Publications
Cl oud Computinj g
and Web Services we
©.
Compared with VMware and Hyper-V, KVM is open source soft ware. The kernel Hat, component of KYM, is inch
Inc. 2016.).
7 &
q
f the kernel. (Red
in mainline Linux, in 2.6.20 and has since been fixed as a part 0
Benefits of using KVM:
1. It support for any kind of guest OS.

2. Efficient code.
3. KVM is open source and flexible.
4 User doesn’t have to pay for license.
2.4 Creating Virtual Machine
2.4.1 To create a Virtual Machine using VMware Workstation
1. Launch VMware Workstation.
2. Click New Virtual Machine.
3. Select the type of virtual machine you want to create and click Next:
Note: Your choice depends partially on the har: dware version you want your virtual machine to have. For
more information
see Virtual machine hardware versions (1003746). Sa

You can
© Custom : This gives you an option to create a virtual machine and choose its hardware compatibility.
choose from ‘Workstation 14.x, Workstation 12x, Workstation 11x, Workstation 10.x, Workstation 9x,
4.
Workstation 8.x, Workstation 6.5 -7.x, Workstation 6, Workstation 5 and Workstation
you
Typical :This creates a virtual machine which has the same hardware version as the version of Workstation
8. If you are using
are using. If you are using Workstation 8.x, it creates a virtual machine with hardware version
Workstation 6.5.x or 7.x, a virtual machine with hardware version 7 is created.
1. Click Next.
2. Select your guest operating system (0S), then click Next. You can install the OS using :
(1) An installer disc (CD/DVD)
(11) An installer disc image file (ISO)
(i) Click Next.
(ii) Enter your Product Key.
(iii) Create a user name and password.
(iv) Click Next.
(v) Enter a virtual machine name and specify a location for virtual machine files to be saved, click Next.
file oF split
(vi) Establish the virtual machine's disk size, select whether to store the virtual disk as a single
the virtual disk into 2GB files, click Next.
(vii) Verify the other configuration settings for your virtual machine.
* Memory : Change the amount of memory allocated to the virtual machine.

, and the virtualization engine.
* Processors : Change the number of processors, number of cores per processor
Tech Knowleds?
TELL
2-8 Virtualization
CD / DVD : With advanced settings where you can choose between SCSI, IDE.
or customize where you Can choose between 0
Network adapter : Configure it to bridge. NAT, or Host-only mode,
to 9 adapters.
USB Controller.
Sound card.
Display : enable 3D graphics.
1. Click Finish.
starts. You are prompted to restart
2, When the virtual machine is powered on, the VMware Tools installation
your virtual machine once the Tools installation completes.
_
2.5 oVirt Management Tool for Virtualization Environment
2.5.1 What is oVirt?

oVirt
m, licensed and developed as open source software.
oVirt is a complete virtualization management platfor
server
or, an d on the RHEV-M management
builds on the powerful Kernel-based Virtual Machine (KVM) hypervis
for server and
is a large scal e, centralized management
released by Red Hat to the open source community. oVirt
key components in oVirt are :
Provide an open source alternative to vCenter/vS phere. Two
” desktop virtualization.
(a) Hypervisor - oVirt Node
(b) Management Server - oVirt Engine

are servers using
that directly runs the virtual machine. oVirt nodes
(a) oVirtNode : It computes virtualization units
ement) services.
Linux x86_64 with the inst alled libvirt daemo
n and VDSM (Virtual Desktop and Server Manag
of virtualiza tion.
es that are required for the rapid deployment
These are the set of packages and support servic
nodes is Red Hat Linux.
The most preferred distribution to build the
of the global configuration
e : It is a contro l unit used for administrative tasks related to the management
(b) oVirt Engin
rk settings.
ge and netwo
the management of virtual machines, stora
of the entire virtualization infrastructure,
central control
that implements the functionali ity of the
oVirt Eng ine is a set of software and services
tor can run the whole setup ins! ide oVirt.
infrastructure. Using oVirt Engine interfaces, the administra
oVirt Engine
ae
=a
| ovinNNode Eo ode oVirt Node
(on
_ |
Fig. 2.5.1 : oVirt architecture overview
TechKnowledge
Publications
2-9 Vi "IO
2.5.2
alia
Goals of the oVirt
Build a community around all levels of the

virtualization stack - hypervisor, manager,
GUI, API, etc.
To deliver both a cohesive complete stack and discretely reusable components for open Virtualizat,,
management.
Provide a release of the project on a well-defined
schedule.
Focus on management of the KVM hypervisor, with
exceptional
guest Support beyond Linux.
Provide a venue for user and developer
communication and coordination.
Review Questions
Q. 1 Explain Characteristics of Virt

ualized environment.
Q.2 List and explain the advant
ages and disadvantages of
virtualization.
Q.3 Explain in detail about KVM
.
Q.4 Write a note on oVirt.
Q.5 Explain the process of creating

virtual machine.
QQ0
Introduction to Cloud
Computing
Introduction to Cloud Computing : Definition, Types of Clouds, Deployment of software solutions and web applications,
Types of Cloud Platforms, Essential characteristics - On-demand self-service, Broad network access, Location independent
resource pooling,Rapid elasticity, Measured service, Comparing cloud providers with traditional IT service providers.
3.1 Cloud Computing
e Cloud computing refers to delivering computing resources as a service over the Internet, on a pay-as-you-go
pricing. This type of computing relies on sharing a pool of physical and virtual resources, rather than deploying
local or personal hardware and software.
The name “cloud” was inspired by the cloud symbol that is often used to represent the Internet in diagrams.
Today, many large and small businesses use cloud computing, either directly or indirectly. The big players in the
cloud space are Amazon (AWS), Microsoft (Azure), Google (Google CloudPlatform), and Rackspace (OpenStack).
Costs reduction is probably the main driver of the wide use of cloud computing among businesses. Cloud computing
helps businesses reduce overall IT costs in multiple ways. First, cloud providers enjoy massive economies of scale.
Effective use of physical resources due to statistical multiplexing brings prices lower, 5-7 times.
Then, multiple pricing models, especially, the pay-per-use model, allow customers to optimize costs. Cloud
computing brings down IT labor costs and gives access to a full-featured platform at a fraction of the cost of
traditional infrastructure. Universal access is another advantage of cloud computing.
It allows remote employees to access applications and work via the Internet. Other important benefits include a choice
of applications, flexible capacity, up-to-date software, potential for greener communication, and speed and agility.
With flexible capacity, the organizations need not be concerned about over/under-provisioning for a service.
3.1.1 Cloud Services Models
Services in cloud computing have different levels of support, according to what is offered to clients. There are
three classes of services, named laaS (Infrastructure as a Service), PaaS (Platform as a Service) and Saas
(Software as a Service).
In general, X (everything) as a Service (XaaS) is a collective term used to refer to any services that are delivered
over the Internet, rather than locally.
Infrastructure as a Service (laaS) : In this type of service clients are provided with processing, storage,
network bandwidth, and other computing resources, being able to reconfigure them as needed.
The clients do not own, manage, or control the underlying infrastructure; instead, they rent it, as a service by
paying only for what is used. This eliminates the need for customers to set up and maintain their physical
| resources. The service provider supplies virtual hardware resources (e.g., CPU, memory, storage, load balancer,
virtual LANs, etc.). Amazon Elastic Compute Cloud (Amazon EC2), Eucalyptus, OpenNebula, and OpenStack are
- examples of providers in this class.
2 ns = NUXA ties
Clo
ud .
Computing and Web Services
3-2 Introduction to Cloug Com
(b) Platform as a Service (PaaS) : In this Puti,,
class clients get an environment for the
development, eng Cloud Comp
®Ployment of their applications, disregarding
the needs of infrastructure (memory, Storage, Inq
The Customer has control Processors .
over the applications and some of
the
configuration of the platform envi
Not over the infrastructure; this ronme
is the main difference between
PaaS and laaS. Hence, unlike laas nt by
Sel ect their operating system, Where
application software, server size, etc, Us
and maintain complete responsibility
Maintenance of the system, PaaS for t
operating system updates, versions,
implemented by the and patches are Controlleg
vendor. and
Google Apps and Microsoft Azure are exam

ples of services in this class.
Software as a Service (SaaS)
: here the applications are the
service provided, with clients dema
execution of specific programs. The appl nding ‘
ications are accessible to the customer
s, at any time, from any locat
and with any device, through a simple interface such
as a web browser. The client has no contro] On,
infrastructure or even the appli over
cation. the
3.2 Types of Cloud
The cloud can be deployed in four

types private, public, hybrid, and comm
community cloud, which is
unity cloud. An additional tYpe is the
less commonly used.
(a) Private cloud
(b) Public cloud
(ii) Hoste.
(c) Hybrid cloud
(d) Community cloud
gle organization. Organization

s use software that enables cloud
functionality, such as VMWare
, vCloud Director, or OpenStac
k.
(b) A public cloud is a set of comp
uting resources provided by
third-party organizations. The
clouds include Amazon Web most Popular public
Services, Google AppEngine, and
Microsoft Azure.
(c) Ahybrid cloud is a mix of
computing resources provided
by both private and public clouds.
(d) A community cloud shares (b) Publi
computing resources across several
organizations, and can be managed
organizational IT resources by either The x
or third-party providers,
servic
(a) Private Cloud
as Mi
¢ Private clouds are those that are built

publi
exclusively for a single business. For
many companies considering cloud
computing, private clouds are a good
starting point. They allow the organ
ization to host applications,
development environments, and infra
structure in a cloud, while addressing
con cerns regarding data security and
control that can arise in the public cloud envir
onment.
* — There are two kinds of private clouds :
(i) On-Premises Private Cloud:
* This model, also known as an “Internal Cloud,” iis is host ip oe

ed within an organiza tion's own data center. T he
benefits of a virtualized, scalable, flexible private
cloud infrastructure are undeniable.
NETS
Tech Knowledg*
Pubiicatier®
Cloud Computing and Web Services 3-3 Introduction to Cloud Computing
e Building and managing a private cloud enables you to pool hardware, storage, network, Web, and
virtualization resources for more cost-effective, flexible, dynamic, and on-demand requirements. Advances
in virtualization and distributed computing have allowed company network and data center administrators
to effectively become service providers that meet the needs of their “customers” within the business.
* Users across the company can have self-service access and increased scalability. Also like a public cloud, a
private cloud also makes provisioning an automated service request rather than a manual task processed by
IT. It provides a much more standardized set of processes and protection than a traditional in-house IT
infrastructure provides, On-Premises Private Clouds are very effective for applications that require
complete control and configurability of the infrastructure and security.
* Inan On-Premises or Internal Private Cloud environment, the customer owns all of the equipment powering
the private cloud, has complete responsibility for the IT resources as well as the data, and is fully
accountable for securing it. So, unlike a public cloud, setting up shop in a private cloud requires expertise
with network integration as well as with sophisticated virtualization and cloud platform technologies; you'll
have to run your hardware, storage, networking, hypervisor for virtualization, and cloud software.
© Typically, the internal IT department sets up, tests, and manages the cloud infrastructure. Thus, costs can be
larger than choosing a public cloud. You still need to pay for servers and to deal with infrastructure,
Security, and backup, which in a public cloud is the provider's job. The result is that large enterprises are the
ones most likely to have both the expertise and budget to implement internal private clouds.
(ii) Hosted Virtual Private Cloud :
* This private cloud model is hosted by a third-party Cloud Service Provider. The provider creates an
exclusive private cloud environment and takes responsibility for implementing, securing, and managing the
Cloud infrastructure.
¢ This approach is recommended for organizations that want the benefits of moving their infrastructure,
systems, and data off-site but prefer not to use a pure public cloud infrastructure with the multi-tenancy
sharing of applications.
¢ An excellent example of an externally Hosted Virtual Private Cloud is DynaSis’ ITility Cloud Solution for
small businesses.
Public Cloud
The public cloud is a series of computing services available on the public Internet. tt includes Software-as-a-
serviceapplications such as Salesforce.com or Google’s Gmail, software development Platforms as a Service, such
as Microsoft’s Azure, and Infrastructures as a Service from a wide range of vendors. The major benefits of the
public cloud are that it can:
* Reduce costs
* — Itcan improve cash flow by converting capital investments to operating expenses
* — Itis highly scalable.
¢ — It provides universal accessibility, and
¢ Applications and data are automatically backed up and upgraded.

* However, the public cloud simply isn't the ultimate best choice for every small business.
* With the exceptions of some new businesses and a handful of existing companies who
have implemented
brand new systems - no business data and computer resources reside completely in the public cloud
today.
One reason is that most Public Cloud applications run on a multi-tenant basis.
— a =
ON
Cloud Computing and Web Services troduction to Cloud ¢
— 3-4 Intro OmMPutiy,
* — What this means is that, though your data is segregated from others’ data, it is being processed by the Sams
instance of application software code that is also being used by dozens, hundreds, or even thousang, nf
other companies.
While this architecture provides many of the efficiencies and benefits of public Software as a Service, jt ma
raise concerns for some businesses. So, leading Cloud Service Providers, such as DynaSis, understanq thas
some companies may prefer to keep certain applications or data on-premises. This preference May stem
from having legacy software installed in-house - especially if it requires specialized hardware or Operatin
systems not available in the public cloud. It also could result from having R&D or other highly confidentiz
data that a business is reluctant to process off-site.
This is why private clouds are an attractive solution for many small businesses. Private clouds provide the
ability to more directly manage resources that require a higher level of control than is normally available
from the public cloud. Yet they still offer many of the benefits of cloud computing.
(c) Hybrid Cloud
A hybrid cloud be an interesting opportunity for taking advantage of the best of the private and public cloug
You can choose to maintain some systems and data in-house while using external services where they will
be more effective for your business.
Such a combined sclution is called a Hybrid Cloud. It combines the comfort level of a private cloud with the
flexibility and versatility of the public cloud. Hybrid platforms use either public clouds or
off-site Hosted
Virtual Private Clouds for some applications and processes. They merge these
with on-premises Private
clouds for high-security application environments to leverage the best of both worlds.
As with the private model, in a hybrid cloud, an organization may choose to continue
to use their existing
data center equipment and keep sensitive data secured on their network.
And like the public cloud, a hybrid
model lets an organization take advantage of a cloud's Scalability, accessibi
lity, backup, and disaster
recovery. It's a way to address some of the limitations of the public cloud
while still gaining many of the
public cloud’s benefits.
b nvate Cloud |
+ rm] Dynamic
©
i
Provistonin
laaS(M) ee ee -
vs 1 .
hey
Public Cloud
' {Datacenter Cluster | | Desktop Grids/
: NOWs
Fig. 3.2.1 H Hvbrid / Heteronenaenic Claud

Cloud Computing and Web Services 35 Introduction to Cloud Computing
=_—_
.{d) Community Cloud
Community clouds are the integration of services of different clouds to achieve the specific needs of an
industry, a community, or a business sector.
The cloud infrastructure is shared by several organizations and supports a specific community that has
shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be
managed by the organizations or a third party and may exist on premise or off-premise.
Community cloud arises from concerns over Cloud Computing, specifically control by vendors and lack of
environmental sustainability.
\
The Community Cloud aspires to combine distributed resource provision from Grid Computing, distributed
control from Digital Ecosystems, and sustainability from Green Computing, with the use cases of Cloud
Computing, while making greater use of self-management advances from Autonomic Computing. Replacing
vendor Clouds by shaping the underutilized resources of user machines to form a Community Cloud, with
nodes Potentially fulfilling all roles, consumer, producer and most importantly coordinator.
Application 4
Services | +:
= a
Private Cloud
"A 7 nail
a
~ ae all +
Federal and ©
Government Bodies
Private ;
ty Users hal
& Public Services
Fig. 3.2.2 : Community Cloud
The conceptualisation of the Community Cloud draws upon Cloud Computing, Grid Computing, Digital
Ecosystems, Green Computing, and Autonomic Computing.
A paradigm for Cloud Computing in the community, without dependence on Cloud vendors, such as Google,
Amazon, or Microsoft.
Advantages of Community cloud
1. Openness
Removing dependence on vendors makes the Community Cloud the open equivalent to vendor Clouds, and
therefore identifies a new dimension in the open versus proprietary struggle that has emerged in code,
standards, and data, but has yet to be expressed in the realm of hosted services.
TechKnowledge
Publlcations
Cloud Computing and Web Services 3. Introduction to Cloud Computing
ae |
I
(d) Community Cloud
* Community clouds are the integration of services of different clouds to achieve the specific needs of an
¢ The cloud infrastructure is shared by several organizations and supports a specific community that has
shared concerns (e.g., mission, security requirements, policy, and compliance considerations). [t may be
© Community cloud arises from concerns over Cloud Computing, specifically control by vendors and lack of
0
vendor Clouds by Shaping the underutilized resources of user machines to form a Community Cloud, with
nodes potentially fulfilling all roles, consumer, producer and most importantly coordinator.
Community Cloud ;
geo
oot ft
a wt
Application
Services
Private Cloud ay
on £
Private Cloud
es 2
Wart of g
Federal and ©
: * of Government Bodies | |
. Apo? i
|i ;» Private
\y Users £009 w i ?
Wh ie Ne “ice | Y Industries
% 7 . . WP Enterprises
Public Services
e A paradigm for Cloud Computing in the community, without dependence on Cloud vendors, such as Google,
1. Openness
= TechKnowledge
Publications
Computing and Web Services 3 Introduction to Cloud Computing
ant
Community Cloud
Community clouds are the integration of services of different clouds to achieve the specific needs of an
The cloud infrastructure is shared by several organizations and supports a specific community that has
Community cloud arises from concerns over Cloud Computing, specifically control by vendors and lack of
nodes Rerentally fulfilling all roles, consumer, producer and most importantly coordinator.
3 JEN
Home 4
Services }
Private Cloud |
Federal and 7
"Y Government Bodies
, Private
iy Users
Enterprises
Public Services
e A paradigm for Cloud Computing in the community, without dependence on Cloud vendors, such as Google,
1. Openness
TechKnowledge
Publications
d Computing and Web Services 3-5 Introduction to Cloud Computing
oud Compu
(d) Community Cloud
* Community clouds are the integration of services of different clouds to achieve the specific needs of an
industry, a community, or a business sector. .
e The cloud infrastructure is shared by several organizations and supports a specific eormguntly that has
* ;
Community cloud arises from concerns over Cloud Computing, ;
specifically control by vendors and la ck of
* The Community Cloud aspires to combine distributed resource provision from Grid Computing, distributed
nodes potentially fulfilling all roles, consumer, producer and most importantly coordinator.
Community Cloud
a Application | ¢
: Services }
Third-Party Cloud Py
Private Cloud oF
" £
—_ 2 oe
Pall $6
~ et Public Cloud”
vate Cloud
Industries
Enterprises
The conceptualisation of the Community Cloud draws upon Cloud

Computing, Grid Computing, Digital
A paradigm for Cloud Computing in the community, without depende
nce on Cloud vendors, such as Google,
1. Openness
Removing dependence on vendors makes the Commu

nity Cloud the open equivalent to vendor Clouds,
and
therefore identifies a new dimension in the open
versus proprietary struggle that has emerged
in code,
standards, and data, but has yet to be expres
sed in the realm of hosted services.
|TechKnowledge
Pub lications
A _—_ >
Cloud Computing and Web Services 3-6 Introduction to Cloud Comp,
2. Community
* The Community Cloud is as much a social structure as a technology paradigm, because of the commu
If
ownership of the infrastructure.
e Carrying with it a degree of economic scalability, without which there would be diminished competition
an
potential stifling of innovation as risked in vendor Clouds.
3. Individual Autonomy
* In the Community Cloud, nodes have their utility functions in contrast with data centers, in which
dedicate q
machines execute software as instructed. So, with nodes expected to act in their self-interest, centralize,
control would be impractical, as with consumer electronics like game consoles.
Attempts to control user machines counter to their self-interest results in cracked systems, from black
market hardware modifications and arms races over hacking and securing the software
(routinely lost by
the vendors).
In the Community Cloud, where no concrete vendors exist, it is even more important
to avoid antagonizing
the users, instead embracing their self-interest and harnessing it
for the benefit of the community wit,
measures such as a community currency.
4. Identity
In the Community Cloud each user would inherently possess a unique

identity, which combined with the
structure of the Community Cloud should lead to an inversion
of the currently predominant membership
model. So, instead of users registering for each website (or service) anew,
they could simply add the website
to their identity and grant access.
Allowing users to have multiple services connected to their identity, instead

of creating new identities for
each service. This relationship is reminiscent of recent applicat
ion platforms, such as Facebook's and
Apple's App Store, but decentralized and so free from vendor
control. Also, it allows for the reuse of the
connections between users, akin to Google’s Friend Connect, instead
of re-establishing them for each new
application.
5. Graceful Failures
The Community Cloud is not owned or controlled by any one organization,

and therefore not dependent on
the lifespan or failure of any one organization.
* It therefore ought to be robust and resilient to failure, and immune to the system-wide
cascade failures of
vendor Clouds, because of the diversity of its supporting nodes. When occasionally failing to do 50
gracefully, non-destructively, and with minimal downtime, the unaffected nodes mobilize to
compensate for
the failure.
"Techſnowlelyt
publications
__ at
47 Introduction to Cloud Computing
6. Convenience and Control
e The Co mmunityi Cloud, unlike vendor Cloud

s, has no inherent conflict between convenience and contr
ol,
resultin g from its communitRy ownership providing distr
ibuted control, which would be more democratic..
° Howevever, whether the . -
Community Cloud can provide technically quality equivalent or superior
to Its
centrali ; : .
lized counterparts is an Issue that will require further research.
7. Community Currency
e The Community Cloud would require its currency to support the sharing of resources,
a community
currency, which in economics is a medium (currency), not backed by a central authority (e.g.
national
government), for exchanging goods and services within a communi
ty.
* — It does not need to be restricted geographically, despite
sometimes being called a local currency.
8. Quality of Service
e Ensuring acceptable quality of service (QoS) in a heterogeneous system will be a challenge.

Not least
because achieving and maintaining the different aspects of QoS will require reaching critical
mass in the
participating nodes and available servic
es.
The community currency could support long-term promises by resource providers and allow the
higher
quality providers, through market forces, to command a higher price for their service provision.
Interestingly, the Community Cloud could provide a better QoS than vendor Clouds, utilizing time-based
and
geographical variations advantageously in the dynamic scaling of resource provision.
9. Environmental Sustainability
We expect the Community Cloud to have a smaller carbon footprint than vendor Clouds, on the assumption
that making use of underutilized user machines requires less energy than the dedicated data centers
required for vendor Clouds.
The server farms within data centers are an intensive form of computing resource provision, while the
Community Cloud is more organic, growing and shrinking in a symbiotic relationship to support the
demands of the community, which in turn supports it.
10. Service Composition
The great promise of service-oriented computing is that the marginal cost of creating the nth application
will be virtually zero, as all the software required already exists to satisty the requirements of other
applications.
Only their composition and orchestration are required to produce a new application. Within vendor Clouds
it is possible to make services that expose themselves for composition and compose these services, allowing
the hosting of a complete service-oriented architecture.
However, current service composition technologies have not gained widespread adoption.
Digital Ecosystems advocate service composability to avoid centralized control by large service providers,
because easy service composition allows coalitions of SMEs to compete simply by composing simpler
services into more complex services that only large enterprises would otherwise be able to deliver.
TechKnowledge
Publications
mm AAat cs ©.0.
J.,, furs oi I ira —
Cloud Computing and Web Services 3-8 Introduction to Cloud Computing

= os service layer, t
* So, we should extend decentralization beyond resource provision and up to the yer, to enable
service composition within the Community Cloud.
(e) Multi-Cloud
, ; i
Multi-cloud refers to the use of multiple cloud computing services, often from different ie iders. Organizat;
Banization;
: ; : ‘ali i ifferent i
opt for multi-cloud strategies to avoid vendor lock-in, leverage specialized services from different providers, and
| a .
improve redundancy and disaster recovery. [t involves managing workloads and applications across Multiple
cloud environments
3.3 Deployment of Software Solutions and Web Applications
The deployment of software solutions and web applications involves the process of making them available and
operational for users. Following steps are performed in the deployment process :
1. Pre-Deployment Planning
© Define clear objectives and goals for the deployment process.
¢ — Ensure that the software or web application is thoroughly tested and ready for production.
2. Infrastructure Setup
¢ Prepare the required infrastructure, including servers, databases, networking, and storage resources,
¢ Choose an appropriate deployment environment, whether it's on-premises, cloud-based, or a hybrid setup.
3. Configuration Management
¢ Configure the necessary software components, dependencies, and settings for the application
to function
correctly.
¢ Set up environment variables, database connections, security configurations, and

other relevant parameters,
4. Version Control and Release Management
» * Use version control systems (such as Git) to manage code versions

and track changes.
* Follow release management practices to ensure a smooth deploym
ent process.
5. Deployment Strategy Selection
Choose an appropriate deployment strategy, such as blue-green deployment, canary deployment, rolling
deployment, or others based on the specific needs of
the application.
6. Automated Deployment
Tools
Utilize deployment automation tools like Jenkins, Ansible, Puppet, or Kubernetes

to automate the deployment
P rocess, Automation
i reduces errors , s
and streamline deployment.
7. Deployment Execution
Execut!
xecute the deployment Process according to the
chosen strategy. This may involve deploying to
a subset of
Servers, gradually shifting tr affic, or deploying updates without
downtime.
TachKnowledge
Publications
NOT MERTEN 11 "17 23014 AER
mputi j
— cloud Computing and Web Services 3-9 Introduction to Cloud Computing
8. Monitoring and Validation
. Monitor the de ployment process inj real-time

; i progress and identify any issues or errors that
to ensure its
arise.
e Validate the deployed application or solution to confirm its functionality and integrity.
Rollback Plan
Prepare a rollback plan in case of deployment failures or unexpected issues. This plan should enable reverting to
the previous stable version quickly.
10. Post-Deployment Tasks

e Perform post-deployment tasks, such as database migrations, cache warming, or configuration adjustments.
Conduct performance testing and User Acceptance Testing (UAT) to ensure that the application functions as
expected in the production environment.
11. Documentation and Knowledge Transfer
e Document the deployment process, configurations, and any troubleshooting steps for future reference.
¢ Conduct knowledge transfer sessions with the operations team to familiarize them with the deployed
solution.
12. Continuous Monitoring and Maintenance
e [Implement continuous monitoring tools to monitor the application's performance, security, and health.
fixes and feature
e Regularly maintain and update the application, including applying security patches, bug
enhancements.
3.4 Types of Cloud Platform/Reference Models
e to clients. Most fundamental service

Cloud service models describe how cloud services are made availabl
as a service), and SaaS
models include a combination of IaaS (infrastructure as a service), PaaS (platform
(software as a service).
betwe en each other and be interdependent - for example, PaaS is

These service models may have synergies
. PaaS deals with whole
dependent on laaS because application platforms require physical infrastructure
as operating system environments.
computing platforms provided as a service such
E.g. Google Chrome OS running 0 n Google

Chrome Books. laaS aims to provide the whole computing power
to worry about the physical machines and how
(compute r clusters) for the applicatio n domain so we don't have
they are deployed.
as a Service)
3.4.1 IaaS/Haas (Infrastructure / Hardware
access, routing services and storage.
Infrastructure as a Service is a form of hosting. It includes network
TechKnowledga
Publications
=
3-10 Introduction to Cloud Computing

Presentation ;
' Presentation
1 Modality Platform 1
‘ mmm
i
;
i ll APIs i
_J ‘
5
ll Applications
; [ Data Metadata | | conten

a
'
Cloud details
| Core connectivity
Abstraction |
Hardware
Facilities
laaS Presentation Presentation

Modality Platform
| Core connectivity | | ; ;
; APIs
i Abstraction þ _
Applications
;
: þ
; Hardware | ; Z
| = i : Data Metadata || Content | |
| Facilities : Z Z
Fig. 3.4.1 : Cloud Service Models
applications
The laaS provider will generally provide the hardware and administrative services needed to store
and a platform for running applications.
compete on the performance
Scaling of bandwidth, memory, and storage are generally included, and vendors
resources (e-8»
and pricing offered on their dynamic services. The service provider supplies virtual hardware
CPU, memory, storage, load balancer, virtual LANs, etc.).
and maintaining it. laaS can be
The service provider owns the equipment and is responsible for housing, running,
purchased with either a contract or on a pay-as-you-go basis.
y of the pricing, since you should only
How ever, most buyers consider the key benefit of laaS to be the flexibilit
Amazon Elastic Compute Cloud (Amazon
need to pay for the resources that your application delivery requires.
providers in this class.
EC2), Eucalyptus, OpenNebula, and OpenStack are examples of
Tech Knowledge
Publications
cloud Computing and Web Services
=
3.4.2 PaaS (Platform as a Service)
operating systems, storage, and network capacity over
Platform as a Service (PaaS) is a way to rent hardware, s
service
customer to rent virtualized servers and associated
the Internet. The service delivery model allows the
testing new ones.
for running existing applications or developing and
usually virtualizing the hardware layer
abstracting and
The infrastructure layer is the lower level layer,
ing systems, hardware, CPUs and embedded systems,
Different virtualization concepts are targeting operat
networks and storage.
on which to install and execute specific software.
These enable a homogenous virtualized environment
«
ed to
If required, extra infrastructure nodes can be deploy
Furthermore, this is the scale-in and scale-out layer.
can again be decommissioned. The infrastructure can
overcome computing needs. When not needed, these nodes
access to virtualized servers.
be made available as a service, where users may gain
software stack. This is
spawn an infrastructure and run his selected
« This service allows a user to provision and client’s
or shrink with the load fluctuations. It is usually the
an on-demand service, as the infrastructure can grow cloud can
make sure that the applica tion running on the
responsibility to manage most of the software stack and
scale horizontally with the addition of new nodes.
a web service). When ina
nodes is requested via an interface (usually
« Thestartup and shutdown process of extra iated
A storage service is usually assoc
commercial business model, the charges are calculated on C PU/h usage.
per month.
with an IaaS, where charges are based on GB transferred and/or stored
PaaS provides IT organizations with significant benefits :

Developers can accelerate the production of new cloud
« Improved time to market. with minimal capital costs. and
to design
ated tools and technologies that enable them
applications through access to a broad set of autom
new products to
Reduced development cycle time enables more
deploy cloud-aware applications more quickly.
IT also
and deploy software projects dramatically reduced,
reach the market faster. With the ability to start, test,
ing campaigns.
can support limited-duration projects such as market
integrate Software
cloud. Developers can customize, extend, and
* Access to services that are available only in the
providers by selecting specific functionality to be delivered as a
as a Service (SaaS) offe rings from public cloud
f-Business (LOB)
is tailored to user needs so that Line-O
service through the Pa aS platform. The solution
IT initiatives.
managers are less likely to pursue shadow
s. Porting
to run in the cloud, often with minimal change
* Ability to rehost or re-architect legacy applications developers to focus
and enable
tional costs, i ncrease agility, broaden reach,
existing applications can cut IT opera
exities of legacy infrastructure.
on core competencies rather than the compl
3.4.3 SaaS (Software as a Service)

is hosted on servers and is
and it essentially refers to software that
* SaaS stands for “Software as a Service”,
provided as a service.
content management systems,
mer relationship management offerings,
* Some initial uses for SaaS included custo
il communication systems.
video conferencing, and e-ma
computer without any
which means they can be accessed from any
* SaaS applications are provided over the web,
designed to run through a standard web browser. When
d. Many applications are
special software installe on the server, which immediate
ly
alled
to be installed, they are simply inst
updates to a SaaS application need
running the latest version.
ensures that all users are
TechKnowledge
Publications
Int roduction to Cloud Comput,
Cloud Computing and Web Services g
3-12
applicat ions typically Offer
© Unli ike traditional
iti software applications that require an upfront pur ch ase, SaaS a
od for delivering Softwa,
er basis SaaS is a met ©
ervice can be purchased wit, a
subs¢ I ipt ion-based ricin |
are usually licensed ona per -us 1S:
P 1 [4 and
that provides remote access to software as a web-based serv ice. The soft
monthly fee and paid as you go.
(a) Advantages of SaaS

r to run.
© FEasy to use : Most SaaS applications do not require more than a web browse
sinesses and individuals,
to small bu
© Cheap: The pay-as-you-go pricing model of SaaS makes i t affordable
r demand. Consumers FR J
© Scalability : SaaS applications can be easily scaled up or d own to meet consume
not need to worry about additional computing infrastructure to scale up.
since data is being stored in the cloud.
* Applications are less prone to data loss
e Compared to traditional applications, SaaS applications are less clunky. They do not require users t,
install/uninstall binary code on their machines.
rie ty of devices,
run ona wide va
© Due to the delivery nature of Sass through the internet, SaaS applic ations can
and. Most
Velocity of change in SaaS applications is much faster. Software chan
ges and frequent and on-dem
e nges.
unaware of these cha
SaaS services are updated about every 2 weeks and users are MN ost time
(b) Drawbacks of SaaS

ations
traditi onal software applic
e Robustness : SaaS software may not be as robust (functionality wise) as
due to browser limitations. Consider Google Doc & Microsoft Office.
& privacy concern s. SaaS providers are
Privacy : Having all of a user’s data sit in the cloud raises security
usually the target of hack exploits.
Security : Attack detection, malicious code detection.
range of dependent
attacks a Sa aS provider going down, a wide
Reliability : In the rare event, such as DDoS
clients could be affected.
classification
Table 3.4.1 : Cloud Computing Services
_
Category Characteristics Product Type Vendors and Products
Sr.
No.
and | SalesForce.com (CRM)
1. SaaS Customers are provided with Web applications
2.0) Clarivencom
applications that are accessible | services (Web
here. .
j
anytime and
froma
from anyw (project management)
Google Apps
PaaS Customers are provided with a Programming APIs and | Google AppEngine Microsoft
Z.
frameworks Azure Manjrasoft Aneka Data
platform for developing
systems. Synapse
applications hosted in the cloud. | Deployment
=
SS
Amazon EC2 and $3
are provided with Virtual machine
3. laaS/HaaS | Customers
virtualized hardware and | management GoGridNirvanix
storage on top of which they can | infrastructure storage
build their infrastructure. management Network
ee eee
management.
—
TechKnowleds?
publications
ane 0008
Services
Joud Computing and Web
'5 Essential Characteristics of Cloud Computing

y to both Cloud S ervice Consumers
interes ting characteristics that are beneficiar
Cloud computing has some
). These characteristics are :
CSCs) and Cloud Service Providers (CSPs
==
a _—
Computing
Characteristics of Cloud
demand |
= 1. Automatic service on
md 2. Rapid Elasticity
>| 3. Measurable Services
|
=>! 4. Multiple tenants
s |
le! 5. Sharing of the pool of resource
distributed
6. Access through a worldly
network
> 7. Service Oriented
|
8. Dynamic resource provisioning
:
=| 9. Self-organization
es
40. Price-based utilities
Cloud Computing
Fig. 3.5.1: Characteristics of
automatically, without human
services are provide d
on demand : Computational
Automatic service
vice provider;
intervention over the ser ssary. Users of them must
feel as they
fast and mad e a vailable whenever nece
Rapid Elastici ty : Services
mus t be property appears in
uir ed i n any amou nt, anytime. The elasticity
which can be acq
have unlimited resources, ment 0 f what is consumed;
line ar scal abil ity, use by demand, and pay
three components: resource,
control and monitor each
used by the clou d must
mana gement systems t be
Measurable Services : The dth). This monitoring
mus
kin d of ser vic e (storage, processing, an d bandwi
automatically, for each provider and user).
nsp are nt for bot h enti ties involved (service be located in a single
tra multiple providers C an
owned by
: In a cloud environment services es can be dealt by
Multiple tenants
wit h per for man ce and management of these servic
roach t he issues ral division of duties, that is,
datacenter. With this app T he lay ere d architecture offers a natu
ider s. y,
all service and th e infr
astructure prov ated with that layer. Unfortunatel
to deal only with the specific goals associ
will have actions between
the owner of each la yer ms in the understanding
and man agement of the inter
also crea te pro ble
the multiple tenancies
be
parts. a pool of resources that can
ce s - The infrastructure provider offers
of the pool of re ffective
so ur
Sharing consumers. Thi
s capability creates a great flexibility to the cost-e
so ur ce
to the re
take advantage of the technique of VM
dynamically allocated a service provider can
an example,
resources. A s reduction of costs associated with
management of utilizatio n, wha
t implies in the
resource
to maxim ize
migration in order
coolin g and power consumption.
TechKnowledge
Publications
_ Z S. / Y N__n ete Y
duction to Cloud— Compyy;
Cloud Computing and Web Services 1.14 INOC ——
: ble m the : Internet,t, therefore. .
ITC, any
6. Access through a worldly dist
creributed network : Clouds are usual | y
theblecloufro
saally ly é 4 cessi d services: Even more, in ora,
;
device connected to it,. either
: NV
a cell phone or a desktop, is capable of using
. F : i Are com posed by several datacente,.
to achieve a high performance and availability, many of the current clouds
distributed over the world.
ing a strong emphazj; in
7. Service Oriented : Cloud computing adopts a service-oriented operat jonal model, putt
. rvice Level Agreement (Shay
Service management. Each provider offers his service trying to guarantee @ °°
which is negotiated with the users of that service.
j j
8. Dynamic resource provisioning : Differently from conventional systems, where reson ~ we Clouds
we have the capability of dynamically adjust the amount of offered resources by the acquisit
ion and Publishing of
extra resources by the service provider, guided by current demands.
9. Self-organization : The property of dynamic resource provisio
ning implies in the ability of providers ES
to adjust their resources upon demand. Resources can be allocate
d or returned to the pool depending WP curren
needs. This flexibility results in the elasticity property
.
10. Price-based utilities : Cloud computing uses an economical model based in “pay what you use”. The exact price
of processing may be different for different services. For example, a software provider may rent a VM in a by-
|
hour basis, while other may charge the service by the number of clients served. Although services priced by-use
|
may reduce client's costs, they introduce difficulties in the management of the whole operation. |
On-Demand
Self Service
Broad
Measured
Network
Service
Access
Cloud
Computing
Rapid Resource
Elasticity Pooling
Fig. 3.5.2
Cloud computing systems and technologies reduced maintenance costs and operational costs related to IT
software and resources. This is mainly because users have to pay for these resources as long as they are using and not
paid for up front.
Users can access their IT resources whenever and wherever they want to. At consumer's side resources are not
stored on actual physical system, hence it reduced maintenance costs: by renting the infrastructure and the
application services, organizations are no longer responsible for their maintenance.
3.6 Cloud Provider with Traditional IT Service Provider
Cloud providers and traditional! IT service providers offer distinct approaches to delivering computing services,
each with its advantages and limitations. Here's a comparison between the two :
A. Cloud Provider
1. Scalability : Cloud providers offer scalability, allowing users to quickly scale re sources up or down based on
demand. This elasticity is beneficial for businesses experiencing fluctuating workloads,
TechKnowledge
Publications
uting and Web Services I
cloud com puting
you-go model, where users pay for the
Pay-Per-Use Model : Cloud services generally operate on a pay-as-
upfront investments and allows for cost
resources they consume. This can be cost-effective as it avoids large
optimization.
data centers distributed worldwide. This
Global Reach : Cloud providers often have a global presence, with
performance and
enables users to access services from different geographical locations, improving
redundancy.
ing
Flexibility and Innovation : Cloud platforms frequently introduce new services and features provid
users with access to the latest technological advancements. This allows for innovation and agility in
developing and deploying applications.
Managed Services : Cloud providers often offer managed services, such as database management, security
burdens.
services, and AI/ML tools, relieving users of certain operational
Traditional IT Service Provider

control and customization
Control and Customization : Traditional IT service providers may offer greater
es with specific compliance or
options, especially for on-premises solutions. This can be critical for business
security requirements.
systems that might not easily migrate to the
2. Legacy Systems Support : Some businesses rely on legacy
these systems, ensuring their continued
cloud. Traditional IT service providers can support and maintain
operation.
y, tradi tional IT services might offer more
3. Predictable Costs : While cloud services offer scalabilit er-use
investments, without the variability of pay-p
predictable costs, especially for long-term infrastructure
models.
might offer a
or scenarios, traditional IT service providers
4, Security and Complia nce : In certain industries ons.
adherence due to dedicated on-premises soluti
perceived higher level of security and compliance
d expertise in
ical Exper tise and Suppo rt : Tradi tiona l IT service providers often have specialize
5. Techn
.
support tailored to the organization's needs
specific areas and can provide hands-on
the choice between the two
service providers have their strengths, and
Both cloud providers and traditional IT regulatory compliance, data
vario us fact ors such as organ izati onal goals, existing infrastructur e,
pends on
a comb ination of both to leverage the
workload. Many organizations use
nsitivity, budget, and the nature of the
vantages of each approach (hybrid IT)
and achieve their business objectives.
puting
7 Open Challenges of Cloud Com
apps, data,
l pools of resources such as services,
d comp utin g is used for enabling global access to mutua
Clou tely-
y server located in a data center or a priva
servers, and computer networks
. It is done on either a third-part tion
efficient, with nominal admin istra
This mak es data -acc essi ng contrivan ces more re liable and
owned cloud.
effort.
to attain consistency and economy of scale,
Because cloud technolo gy dep
ends on the allocation of resources
ce for many small businesses and firms.
utilit y, it is al $0 fair ly cos t-effective, making it the choi
similar to a s that every
, here are six common challenge
es involved in cloud computing
But there are also many challeng ing technology.
before implementing cloud comput
organization must consider
TechKnowledge
Publications
Cloud Computing
and Web Services
316
rity nd
promicy
Robby ind
# Intoroporabilit
Avatlabuity y !
{
}
' Challenges |
( po
n Computing \
\ | { Portability
Performance / /
Ea
J
yer
\
(gerne Quality )
\
we
Fig. 3.7.1: Challenges of Clo

1. Security ang ud Computing
Privacy
. Security and
Privacy of da
ta are the ma
using security in challenge in cloud computing. These
Pplications, en challenges can reduce by
cr yp te d fil
that is kept in
the cloud shou
e system s, data loss softwa re. Sensit ive and personal informatio,
ld be define
Businesses d as being for internal use only, not to be
Must ha ve a
plan to securely shared with third Parties
Industricus and effici ently manag e the data they gather.
Password supervision
Plays a vital role in clo
accessing your cl ud security. However,
oud account, the les the more People you
s se cu re it is. Anybody hays
the information aware of your pass
you store there. words will be abl
e to access
Interoperability
* The application on
one platform should
be able to incor por
known as Interoperabi ate services from the
lity. other platform. This is
It is becoming Possib
le through web ser
vices , but to develo
Portability
* The applications run

ning on one cloud
Platform can be mo
corre ctly without making ved to new c loud
any change sin design platform and it Sho
coding. uld operate
The portability is not
possible, because eac
h of the cloud provid
their platform, ers uses different Sta
ndard lan guages for
Service Quality
* The Service-Level Agr

eements (SLAS) of the
Providers are not enough
Scalability. to guarantee the availa
bility and
¢ The businesses disinclin
ed to switch to cloud wit
hout a strong se
rvice quality
Comp Buarantee,
uting Performance
* Highnetwork bandwidth
is needed for data intensive
Ce applications on
cloud, this resu
lt in high cost
oe .
Publication)
ud Computing and Web Services 3-17 Introduction to Cloud Computing
« In cloud computing, low bandwidth does not meet the desired computing performance. Cloud computing
itself is affordable, but tuning the platform according to the company's
can be expensive. needs
Furthermore, the expense of transferring the data to public clouds can prove to be a problem for short-lived
and small-scale projects.
e Companies can save some money on system maintenance, management, and acquisitions. But they also have
to invest in additional bandwidth, and the absence of routine control in an infinitely scalable computing
platform can increase costs,
Reliability and Availability
e Most of the businesses are dependent on services provided by third-party hence it is mandatory for the
cloud systems to be reliable and robust.
© The capacity and capability of a technical service provider are as important as price. The service provider
must be available when you need them.
© The main concern should be the service provider's sustainability and reputation. Make sure you
comprehend the techniques via which a provider observes its services and defends dependability claims.
Downtime
© Downtime is a significant shortcoming of cloud technology. No seller can promise a platform that is free of
possible downtime.
e Cloud technology makes small companies reliant on their connectivity, so companies with an untrustworthy
internet connection probably want to think twice before adopting cloud computing.
Vendor lock-in
© Entering a cloud computing agreement is easier than leaving it. “Vendor lock-in” happens when altering
providers is either excessively expensive or just not possible. It could be that the service is nonstandard or
that there is no viable vendor substitute.
it comes down to buyer carefulness. Guarantee the services you involve are typical and transportable to
other providers, and above all, understand the requirements.
Cloud computing is a good solution for many businesses, but knowing what you are getting into is important.
aving plans to address these six prominent challenges first will help ensure a successful experience.
.8 Cloud Computing Software Security Fundamentals
Security is a principal concern when entrusting an organization's critical information to geographically dispersed
oud platforms not under the direct control of that organization. In addition to the conventional IT information
‘stem security procedures, designing security into cloud software during the software development lite cycle can
reatly reduce the cloud attack surface.
Cloud computing software security involves a set of fundamental practices andconsiderations aimed at
rotecting data, applications, and infrastructure ina cloud environment. Here are some key fundamentals :
Encryption : Utilize encryption techniques to safeguard sensitive data both in transit and at rest. Employ strong
encryption algorithms to protect data from unauthorized access.
TechKnowledge
pe ———
Publications
BB oo W > _ S. _
=} ro) a) = —_
i
Introduction to Cloud C Ompu
Up
Cloud Computing and Web Services $ 3-16 5 ls.
controls. Utili 1ze mechan;
«Jentity and acces = My
2. Identity and Access Management (IAM) : Implement robus on RBAC) and least privilege
‘ , contro Principles to
like multi-factor authentication (MFA), role-based access
manage user access to resources and prevent unauthor ized access. | .
3. Data Privacy and Compliance : Ensure compliance with

1 releevant data protection regulations (e.g, copy
; i men t measures to maintain data Privacy and
HIPAA). Understand the data residency requirements and imple
integrity.
i
0 o track and analyze system behavior. Collect ang
4, Security Monitoring and Logging : Employ monitoring tools t ent real-time alerts to responq ts
and anomalies. Implem
analyze logs to identify potential security incidents
security threats promptly.
5. .
Secure Devel opment Practices 5 ;
:: Embrace secure coding BP practices dur
ing _ ent to mitj gate
: software developm
1 vulnerability assessments 1
vulnerabilities at the code level. Implement security testing, code reviews, an
identify and address security flaws.
., : .
6. Network Security : Implement robust network security measures, such as firewalls, intrusion tect a
prevention systems (IDPS), and virtual private networks (VPNs), to P ps gainst unauthorized access ang
attacks.
7. Disaster Recovery and Redundancy : Design a robust disaster recovery plan to ensure business continuity in
case of system failures or cyberattacks. Utilize redundant systems and backups to minimize downtime and data
loss.
8. Cloud Provider Security Controls : Understand the shared responsibility model and ensure the cloud service
provider (CSP) implements strong security measures. Verify the security controls provided by the CSP and
configure them appropriately.
3.9 Cloud Information Security
Information security objectives within a cloud computing environment are established to ensure the protection,
confidentiality, integrity, availability, and privacy of data and resources. Here are key objectives:
1. Confidentiality : Protect sensitive data from unauthorized access or disclosure. Employ encryption, access
controls, and data classification to ensure that only authorized individuals or systems can access specific
information.
2. Integrity : Guarantee the accuracy and trustworthiness of data by preventing unauthorized alterations,
tampering, or corruption. Implement data validation, checksums, and digital signatures to maintain data
integrity.
3. Availability : Ensure that information and services are accessible and available when needed. Implement
redundancy, failover mechanisms and disaster recovery plans to minimize downtime and service interruptions.
Review Questions
Q.1 Discuss about cloud computing.
Q.2 List and explain types of cloud.
Q.3 Explain private and public clouds.
Q. 4 Explain hybrid and community cloud.

-19 Introduction to Cloud Computing
cloud Computing and Web Services
3 1 j i
—
What is cloud reference model? List and explain three different models.
a. 5
.
a.6 Explain laaS in detail
Q.7 Explain PaaS in detail.
Q. 8 Explain SaaS in detail.
g. Explain essential characteristics of cloud computing.

Q.9 Define cloud computin
Q. 10 Explain open challenges of cloud computing.
000
\
n=
Cloud Computing software C'
Security Fundamentals
LK
—_— —_— ity Obj ectives, Confidentiality, Integrity

Cloud Computing Software Security fundamentals : Cloud Information Security V0)
by; Security |
Design as
Principles, Sec ure Clo nud Software Requirements
Availability, Cloud Security Services, Relevant Cloud
, ineering, cloud Security Policy
Secure Development practices, Approaches to Cloud Software Requirement Eng!
Implementation.
4.1 Cloud Information Security : Confidentiality
In the context of cloud computing, ensuring confidentiality of information is crucial to protect sensitive data from
unauthorized access, disclosure, or theft. Here are some key aspects and strategies related to maintaining
confidentiality in cloud information security :
1. Data Encryption : Employ strong encryption techniques to protect data both at rest (stored in databases
storage) and in transit (while being transmitted between users and cloud servers). Use robust encryption
algorithms and proper key management practices to safeguard data.
Access Controls : Implement stringent access controls and authentication mechanisms to ensure that only
authorized users have access to sensitive information. Utilize strong authentication methods like multi-factor
authentication (MFA) to add an extra layer of security.
Role-Based Access Control (RBAC) : Employ RBAC to define and enforce access privileges based on user roles
and responsibilities. Limit access to sensitive data to only those users who require it for their job functions.
Data Segregation and Isolation : Utilize logical and physical controls to segregate and isolate sensitive data
from other less critical data. Employ virtual private clouds (VPCs) or secure compartments to separate different
types of data.
Cloud Provider Security Measures : Choose cloud service providers (CSPs) that implement strong security
measures and offer features like encryption, access controls, and compliance certifications. Ensure that the CSP
follows security best practices and provides necessary tools for data protection.
Secure Transmission Protocols : Use secure communication protocols (e.g, TLS/SSL) to ensure encrypted
communication channels between users, applications, and cloud servers, thereby preventing eavesdropping and
data interception.
Incident Response Plan : Develop and regularly test an incident response plan to effectively respond to security
incidents or breaches that could compromise confidentiality. Define procedures for containment, mitigation, and
recovery in case of a data breach.
= Y
mputing and W i
Joud sony S eb Services 4-2 Cloud Computing Software Security Fundamentals
Cloud Information Security : Integrity
loud computin i Ee at : _—_

Inc ity. " & ensuring the integrity of data and information is crucial for maintaining trust, reliability, and
iality.
onfidentiality
Inte ‘
grity refers to the assurance that data remains accurate, consistent, and unchanged throughout its
fecycle. Here are key aspects of ensuring integrity in cloud information security :
Hash Functions and Digital Signatures : Use cryptographic hash functions and digital signatures to verify the
mate Bry of data. Hashing algorithms generate unique hashes for data, allowing verification of any alterations.
Digital signatures provide authentication and non-repudiation, ensuring data integrity and origin validation.
Data Validation and Error Checking : Implement data validation mechanisms, such as checksums or cyclical
redundancy checks (CRC), to detect and mitigate data corruption or tampering. These mechanisms verify data
integrity by identifying discrepancies or alterations in data.
Logging and Monitoring : Maintain comprehensive logs and monitoring systems to track data access,
modifications, and system activities. Analyze logs regularly to detect any suspicious activities or unauthorized
changes to data.
Backup and Recovery Measures : Establish robust backup and recovery procedures to create redundant copies
of data. Regularly back up data and validate the integrity of backups to ensure data can be restored accurately in
case of corruption or loss.
Compliance and Auditing : Adhere to regulatory compliance requirements and industry standards relevant to
data integrity. Regularly conduct audits and compliance checks to ensure adherence to security policies and
standards.
Vendor Security Assurance : For cloud service users, ensure that the cloud service provider (CSP) implements
adequate security measures and controls to maintain data integrity. Review CSP security practices, certi fications.
and compliance frameworks.
Employee Training and Awareness : Educate employees about security best practices, emphasizing the
importance of maintaining data integrity. Ensure they understand their role in preserving data accuracy and
report any suspicious activities.
.3 Cloud Information Security : Availability
Availability in the context of cloud information security refers to the assurance that resources and services are
triad
cessible and usable whenever needed by authorized users. It's one of the fundamental pillars of the CIA
several aspects in
onfidentiality, Integrity, and Availability) in information security. Ensuring availability involves
oud computing :
across multiple data centers
Redundancy and Fault Tolerance : Cloud providers often implement redundancy
or server fails, services and data remain
and geographic regions. This redundancy ensures that if one data center
Fault-tolerant systems can continue operating even when some
available through alternative resources.
components fail.
Service Level Agreements (SLAs) : Cloud service providers typically offer SLAs that specity the guaranteed
uptime and availability of services. These SLAs define the level of service reliability that users can expect,
including compensation or penalties for downtime.
evenly across
Load Balancing : Cloud e nvironments use load balancing mechanisms to distribute workloads
ading of specific server s and ensure s optima l resource
multiple servers or re sources. This helps prevent overlo
utilization, contributing to availability.
~TechiKnowledge
Publications
Cloud Computing and . tin g 99
Software Security Fundaments 5 |
Web Services
A Cond OE pon recovery plans are *58enti,
4. Backup and Disaster , is
Recovery : Robust backup strategies ame _
long with procedures for quiry
components of ensuring availability. Regular a
backups of data and lity
recovery in case of outages or disasters, help maintain continuous aval ; =
5.
ices
jisrupt services byby overwhal,.
e helmin
Distributed Denial of Service (DDoS) Protection : DDoS attacks “am vaeasures
servers or networks with in place to mitigate y,.
excessive traffic. Cloud providers “Sa
aio
=
attacks and ensure service
availability.
Cy
6. mn
Scalability - in g users to scale resource.
and Elasticity : Cloud environments ai asticity,
offer scalability and ela lable allow t cha
up or down dynamically. This flexibility
. to mee nging demands, 4,
ensures that resources are ava
AQ
i a ©
maintaining service availability. fe
Geographic Redundancy cy and data replication across multipj,

and Data Replication : Geographic
regions or data centers ensu redundan
r e that data and services remain available e ven in the event of regional outage, 1
disasters.
4.4 Cloud Security Services
.
Cloud security services encompass a range of tools, technologies, and solutio i ns Deeligned to alprotect data,
ae .
applications, and infras tructure hosted in cloud environments. These service 2 s aim : itigate risks, e Nsure
to mitlg
: .
compliance, and safeguard agains t various cyber threats. Some key cloud securi . ices i e:
ty services includ
1. Data Encryption Services : These . ;
: .
services ensure data security by encrypting data at rest and in transinsit
.
Encryption mechanisms safeguard sensitive information, preventing unauthoriz; ed access e ven if the data isi
intercepted or breached.
2. Security Information and Event Management (SIEM) : SIEM tools
collect, analyze, and correlate log data from
>
various sources to identify and respond to security threats and
incidents. They provide real-time monitoring and
incident response capabilities.
3. Vulnerability Assessment and Management : These

services scan cloud environments to identify
vulnerabilities and weaknesses in systems and applications. They often
include automated tools that assess the
security posture and provide remediation recommenda
tions.
4, Security Compliance and Governance : Services focused on
compliance ensure adherence to industry-specific
regulations (such as GDPR, HIPAA) and internal policies. They provide tools for auditing, reporting, and
enforcing compliance measures.
5. Threat Intelligence and Detection : Cloud-based threat intelligence

services gather information about
emerging threats and attack patterns. These services use Al and machine learning
to detect and respond to
threats in real-time.
6. Container Security : As containerized applications become more prevalent, services focusing

on container
security offer solutions to secure container environments, ensuring the integrity and isolation
of containerized
workloads.
ms
7. Cloud Access Security Broker (CASB) : CASB solutions provide visibility and control
ove r cloud services used
within an organization. They enforce security policies, monitor user activity, and secure
d ata across multiple
cloud platforms.
8. Serverless Security : With the rise of serverless computing, security services specitically designed for serverless
\ architectures protect against unique threats and vulnerabilities in serverless environments.
TechKnowledge
Publications
Computing and Web Service
“Jou
= 4-4 Cloud Computing Software Security Fundamentals
:
5 Cloud Security Design Principles
Designing a SURG Godly environment involves adhering to specific principles and best practices to mitigate
jsks and safeguard sensitive data. Here are some relevant cloud security design principles :
to
Least Privilege Apply the principle of least privilege by granting users the minimal level of access required
perform their tasks. This reduces the risk of unauthorized access and limits the potential damage caused by
compromised accounts.
at various levels within the
Defense in Depth : Implement multiple layers of security controls and defenses
other security measures remain in place
cloud infrastructure. This strategy ensures that if one layer is breached,
to protect the system.
Immutable Infrastructure : Employ immutable infrastructure practices where components and configurations
are unchangeable. This reduces the risk of unauthorized modifications and enhances system reliability.
respond to security
Continuous Monitoring and Logging : Implement robust monitoring tools to detect and
threats in real-time. Collect and analyze logs to identify potential security incidents and anomalies, enabling
quick incident response.
Resilience and Redundancy : Design cloud systems with redundancy and failover mechanisms to ensure high
availability and resilience. This helps mitigate the impact of hardware failures, outages, or disruptions.
Automated Security Measures : Leverage automation to enforce security controls, perform regular security
a
scans, patch systems, and respond to security incidents promptly. Automated security measures help maintain
consistent security posture.
the cloud
Cloud Provider Security Controls : Understand and configure the security controls provided by
and access management,
service provider (CSP) appropriately. Utilize built-in security features, such as identity
encryption, and network security tools.
Align cloud security measures with industry standards, regulations, and
Compliance and Governance :
e frameworks and conduct regular
compliance requirements relevant to your organization. Implement governanc
audits to ensure adherence to security policies.
4.6 Secure Cloud Software Requirements
various requirements to ensure the protection of data,

Securing cloud software involves considering
environments. Here are some essential secure cloud Software
applications, and infrastructure hosted in cloud
requirements :
are secure and properly
1. Secure APIs and Interfaces : Ensur e that APIs and interfaces used in cloud software
unauthorized access
authenticated. Apply security best prac tices when designing and exposing APIs to prevent
or data breaches.
Secure Software Development Lifecycle (SDLC) : Incorporate security measures throughout the software
securepractices, conduct
coding regular security reviews, and perform
development process. Follow
vulnerability assessments to mitigate security risks in the software.
Patch Management : Maintain up-to-date software by regularly applying security patches and updates
Implement a robust patch mana gement strategy to address vulnerabilities and protect against known security
threats.
eo eo
TechKnowledge
Publications
Cloud Computing and Web Services 4-5 Cloud Computing Software Security Fundamey,,,,
4. Compliance and Regulatory Requirements : Ensure that the software complies with relevant induce, st cl
oe ae of
standards, regulations, and data protection laws. Implement controls and measures to meet specific complian,, , aff o
requirements applicable to your organization's industry.
. . . .
= 2| 55
of
E ‘ at
5. Secure Configuration Management : Configure cloud software securely by following best practice, Yd
.
recommended by the cloud service provider. Ensure that default settings are changed, unnecessary services ,,,
. (4 th
of ate
disabled, and security configurations are appropriately set.
i nt '
6. Incident Response and Recovery Planning : Develop and regularly test an incident response plan to efficient,
o
i id It
fi gr
respond to security incidents. Define procedures for detecting, containing, mitigating, and recovering from
Z
ig? ing0 |
security breaches.
.
"ag gd
; and penetration
, : Conduct periodic security assessments, audits,
i Assessments and Audits Ts
7. Regular Security 290 oS
testing to identify and address vulnerabilities and weaknesses in the software. Regular assessments help in
. o .
Jo,»
ist ° Hl
maintaining a strong security posture.

. o .
| se
“
8. User Training and Awareness : Provide comprehensive security training to users and administrators to ; prio
educate them about security best practices, phishing prevention, and handling sensitive information securely, » too"? )
4.7 .
Secure Development Practices gt
-
ape”
Secure development practices are essential methodologies and principles integrated into the software requiremen!
development lifecycle (SDLC) to mitigate security risks and vulnerabilities in software applications. These practices he system. [
aim to build secure, resilient, and reliable software. Here are key elements of secure development practices : urements
1. Secure Configuration Management : Configure software, servers, and applications securely by applying . Traceability:
recommended security settings and disabling unnecessary services or features that could pose security risks. ' tools oF T
2. Threat Modeling : Begin by identifying potential threats and vulnerabilities in the early stages of the software zrelopment|
development process. Create threat models to understand potential attack vectors and risks associated with the “ite and
Neurity an
application. .
*eclie to the
3. Secure Coding Guidelines : Follow secure coding principles and guidelines to write Secure code. This includes oY
ee ~Cother secy
input validation, output encoding, proper error handling, avoiding insecure coding patterns, and using secure
« Perf
libraries and functions. "is
*Wd-has
4. Regular Security Training : Educate developers about secure coding practices, security best practices, and ’ ‘ed 3)
| “OKloade
common vulnerabilities. Regular training helps developers stay informed about evolving security threats and ads
how to address them. k Analysis
5. Code Reviews and Static Analysis : Conduct code reviews to identify security flaws, vulnerabilities, and coding "ment [
o ji j if j K
errors. Use static analysis tools to analyze code for potential security issues automatically, "tgp coy
il
6. Security Testing : Conduct regular security testing, including penetration testing, vulnerability scanning, and
. . j j inc j 101 i il; j 7
ns
Mt y
security assessments, to identify and address security weaknesses or loopholes in the application. “oom |
. . . a ent
7 |i
7. Continuous Improvement : Emphasize continuous improvement by learning from security incidents and “hag
. f 6
vulnerabilities encountered during development. Incorporate lessons learned to enhance security measures IN “ly, ah
future development cycles. in e "a
7 %, Alyjit
ee "hy
TechKnowledge
Publications \
cloud Computing and Web Services 4-6 Cloud Computing Software Security Fundamentals
Approaches to Cloud Software Requirement Engineering
Cloud software requirement engineering involves the systematic elicitation, analysis, documentation, and
management of requirements specific to cloud-based applications or systems. Several approaches can be utilized in
this process :
1. Stakeholder Collaboration and Feedback : Engage stakeholders early in the requirement engineering process.
Collaborate with users, developers, operations teams, and other stakeholders to gather diverse perspectives and
understand their needs, expectations, and constraints regarding cloud software.
Agile and Iterative Methodologies : Adopt agile methodologies such as Scrum or Kanban for requirement
engineering in cloud software development. These approaches encourage iterative development, continuous
feedback, and flexibility in adapting to changing requirements.

User Stories and Use Cases : Use user stories or use cases to capture functional requirements from the
perspective of end-users. These narrative formats help in understanding user needs and defining system
behaviors.
Prototyping and Mockups : Develop prototypes or mockups of the cloud software to visualize requirements
and gather feedback from stakeholders. Prototyping allows for better understanding and validation of user
expectations.
Requirements Prioritization : Prioritize requirements based on their criticality, business value, and impact on
the system. Use techniques like MoSCoW (Must have, Should have, Could have, Won't have) to prioritize
requirements effectively.
Traceability and Documentation : Ensure traceability of requirements by documenting them systematically.
Use tools or requirements management systems to trace and manage requirements throughout the software
development lifecycle.
Security and Compliance Requirements Analysis : Identify and analyze security and compliance requirements
specific to the cloud environment. Consider data protection, encryption, access controls, regulatory compliance,
and other security aspects.
Performance and Scalability Requirements : Consider performance and scalability requirements unique to
cloud-based systems. Define metrics for response times, throughput, and scalability to accommodate varying
workloads.
Risk Analysis and Mitigation : Perform risk analysis to identify potential risks associated with the cloud
environment. Develop strategies to mitigate these risks, such as backup and recovery plans, redundancy, and
disaster recovery solutions.
Continuous Validation and Adaptation : Continuously validate and adapt requirements throughout the
development lifecycle. Incorporate feedback, iterate on requirements, and make necessary adjustments as the
vroject progresses.
with cloud service providers to understand their
Collaboration with Cloud Service Providers : Engage
offerings, limitations and best practices. Leverage their expertise to align requirements with the capabilities and
constraints of the chosen cloud platform.
se
— SS
Tech Knowledge
Publications
ing S oftware Security Fundament,
. 4-7 Cloud ComP
‘om uting
ls
Cloud Computing and Web Services lk CC
—
_
4.9 Cloud Security Policy Implementation
l
- —— ee. l
urity objectives and requirements int;
.
Implementing ; anslating S€ Cc. 4
a robust re
cloud security policy invol ves transla
. nd infrastructure inin clou
cloud environments, He. a \
lere', ,
actionable measures and controls to safegu le -
ard data, applic ications, a 4
i
guide i
on how to imple>ment a cloud
> securityy | policy y effectively:
Securit ey
curity .
objectives and goals for your cloug 3
1. —_—
Define Clear Security Objectives : . ining specific se
Start by outlining 5] requirements, and desired security Posture
; : : Ww
Se
eavironm eC
ent. Consider e IO
the organizat "NIE INTE
ion's risk >rFance, compliance . yt
tolera narod responsibility model provided by the
dap EX
2. Understand Shared Responsibility
Model : Understand the s
25
service provider (CSP). Clarify responsib oan ilities between d

the CS P an your organization concerning Security Ext
controls and measures. a ,
hcw'that EX
3. Create a Comprehensive Security Policy : Develop . i a7
a comprehensive cloud security
—_
policy that en compass es all
exol
aspects of security, including data protection, access controls, encryp tion, incident response, compliance, and
more. 7 exple
Risk Assessment and Compliance : Conduct a thorough ; + —_—

risk assessment to 1identi fy ” otential risks and
vulnerabi lities. Ensure compliance with industry standards (such as GDPR, HIPAA)
and ininternal security ly policies,
policj
5. Access Controls and Identity Management : Implement robust identity and access management (IAM)
practices. Use strong authentication mechanisms, role-based access control (RBAC), and least Privilege
principles to ma Nage user access
to resources.
6. Encryption and Data Protection : Utilize encrypti
on techniques to protect data at rest and in
transit. Encrypt
sensitive data, manage encryption keys securely, and
employ encryption solutions offered by the CSP.
7. Network Security Measures : Implement
network security controls such as firewalls,
intrusion detection and
Prevention systems (IDPS), and virtual
private networks (VPNs) to protect against
unauthorized access and
network-based threa ts.
activities. Establish incident resp

onse procedures to detect, contain,
and respond to security incident
9. Regular Security Audits and Asse s promptly.
ssments : Conduct periodic security
audits, vulnerability assessments,
penetration testing to identify and and
address security weaknesses in the
cloud environment.
10. Employee Training and Awar
eness : Provide comprehensive
security training and awareness
educate employees about Security programs to
best practices, phishing Prevention,
cl faa) oY
and the importance of handling

securely. data
11.
Backup and Disaster Recovery :
Develop a backup strategy and disas
ter recovery plan to ensure data
and business continuity in case resiliency
of data loss, system failures, or
other disasters
12. Continual Improvement
and Updates : Continuously
based on evolving threats technolo evaluate and update Secur
gy advancements, and lessons lear as ity policieseS & and measures
; 3, :
v1 learned trom securityity incid
secur in; ents.
13. Third-Party Vendor Assessment
: Assess and vet third-party vendors
or partners that h 5 to your
cloud environment. Ensure they ‘ S Mat
comply with your security polic
ies
have acces
and standards
wee < S.
14. Documentation and Governance : Document Security policies
‘
governance frameworks and assign * Procedures, , and gia); tablis: h
responsibilities for implementing an guide lines. Es
acing
d enfor i measures.
Security
TechKnowledse Ss
Publicat!o”
clo
ud Computing and Web Services 4-8 Cloud Computing Software Security Fundamentals
g_
Review Questions
Explain cloud computing security fundamentals.

Q.1
Q.2 Write a note on Confidentiality with respect to cloud information security.
Q.3 Write a note on Integrity with respect to cloud information security.
Q.4 Write a note on Availability with respect to cloud information Security.
Q.5 Explain the cloud security design principles.
Q.6 Explain the requirements for secure cloud software.
Q.7 Explain secure development practice with respect to cloud computing.
Q.8 Explain the approaches to Cloud Software Requirement Engineering
Q.9 Explain Cloud Security Policy Implementation.
= 000
Cloud Applications -
ol K CloudSim
|Sylabus |
CloudSim : Introduction to Simulator, understanding CloudSim simulator, CloudSim Architecture (User code, CloudSim,
GridSim, SimJava) Understanding Working platform for CloudSim.
5.1 Introduction to Simulator
Simulation provides a powerful platform for conducting research experiments with greater efficiency and
accuracy. Creating a virtual environment allows for testing and verification of solutions that can greatly optimize
applications. This innovative technique involves constructing a model or real-time system, resulting in reduced costs
associated with computing resources. CloudSim simulation tool is one such simulator that can benefit researchers in
their pursuits.
5.2 Understanding CloudSim Simulator
CloudSim is a widely used, open-source simulation framework specifically designed for modeling and simulating
cloud computing infrastructures and services. It enables researchers, developers, and cloud computing
enthusiasts to simulate cloud environments and experiment with various scenarios without the need for physical
infrastructure. CloudSim provides a comprehensive platform to model and evaluate the behavior, performance,
and scalability of cloud-based applications and services.
© Key concepts and features of CloudSim include :
1. Cloud Infrastructure Modeling : CloudSim allows the creation of a virtual cloud infrastructure comprising
data centers, hosts, VMs (Virtual Machines) and cloud users.
2. Resource Provisioning : It provides mechanisms to allocate and manage resources like CPU cores.
memory, storage, and bandwidth to VMs based on different policies and algorithms.
3. Time-Based Simulation : CloudSim operates on discrete-event simulation principles, allowing the

simulation of cloud environments over time. Users can simulate various events and activities occurring IN
the cloud ecosystem.
4. Networking and Communication Modeling : CloudSim enables the modeling of network topologies, data
transfer, and communication patterns among cloud components,
5. Energy Consumption Modeling : It includes facilities for modeling power consumption and energy-aware
algorithms to simulate the impact of different resource allocation strategies on energy usage.
cloud Computing and Web Services 5-2 Cloud Applications : CloudSim
— CloudSim Architecture
53
“eee
CloudSim Architecuture
User Code
Simulation U Application
sp ecification | Cloud Scenarioi | | SS
requirements a
configuration
Scheduling
policy User or data center broker |
CloudSim
User aa
Interface Cloudlet irtua
LR Cloudlet VM
SUED execution management |
Cloud VM . CPU Memory Storage Bandwidth

Services Provisioning Allocation Allocation Allocation Allocation |
Cloud Events Cloud Data

Resources handling Sensor coordinator Center
Network
0 Network
SL | Message delay |
topology calculation
ColudSim core Simulation Engine
Fig. 5.3.1 : CloudSim Architecture
CloudSim is a versatile simulation tool composed of three integral layers. The first layer, referred to as the "User
Code" Jayer, encompasses the fundamental components of the cloud, including the definition of the simulation
parameters such as the number of virtual machines, users, and the desired scheduling policy, such as Round Robin. At
this layer, the simulation experiments are tailored to the specific needs of the user, including the location of the data
center. The second layer, aptly named "CloudSim", offers a robust support system for creating a comprehensive
cloud-based environment. This includes the implementation of a user interface that encompasses crucial elements
Such as Cloudlets and Virtual Machines. Within this layer, users can configure important aspects of the cloud
Omponent, such as bandwidth, memory and CPU usage.
3.1 User Code
The User Code acts as the interface through which the user controls the system. Within this layer, the developer
can specify the hardware requirements based on the specific scenario at hand.
The user code layer exposes basic entities such as the number of machines, their specifications, etc, as Well as
applications, VMs, number of users, application types, and scheduling policies.
ee
TechKnowledge
Publications
Cloud Computing and Web Services 5.3 Cloud Applications : Cloudsi,,
° Following are the major classes used in CloudSim User code :
o DatacenterBroker is an entity acting on behalf of the user/customer. It is responsible for the functioning -
VMs, including VM creation, management, destruction, and submission of cloudlets to the VM.
o The broker class acts on behalf of applications. Its prime role is to query the CIS to discover Suitable
resources/services and undertakes negotiations for the allocation of resources/services that can fulfil] the
application’s QoS needs. This class must be extended for evaluating and testing custom brokering policies
o DatacenterCharacteristics : This class contains configuration information of data center resources like the
available host list, the fine-grained cost for each resource type, etc.
o CloudletScheduler : This is responsible for the implementation of different policies that determine the
share of processing power among Cloudlets in a VM. There are two types of provisioning policies Offered.
space-shared (using CloudetSchedulerSpaceShared class) and time-shared (using
CloudletSchedulerTimeShared class).
5.3.2 CloudSim Layer
The different layers of cloudsim are shown in the Fig. 5.3.1.

© Network Layer : This layer of CloudSim has the responsibility to make communication possible between
different layers. This layer also identifies how resources in cloud environment are placed and managed.
© Cloud Resources : This layer includes different main resources like datacenters, cloud coordinator (ensures that
different resources of the cloud can work in a collaborative way) in the cloud environment.
© Cloud Services : This layer includes different service provided to the cloud service users. The various services of
clouds include Information as a Service (laaS), Platform as a Service (PaaS), and Software as a Service (SaaS).
© VM Services : This layer is responsible to manage virtual machinesby providing data members defining a VM's
bandwidth, RAM, mips (million instructions per second), size while also providing setter and getter methods for
these parameters.
© Cloudlet : It represents any task that is run on a VM, like a processing task, or a memory access task, or a file
updating task etc. It stores parameters defining the characteristics of a task such as its length, size, mi (million
instructions) and provides methods similarly to VM class while also providing methods that define a task's
execution time, status, cost and history.
© User Interface : This layer provides the interaction between the user and the simulator.
5.3.3 GridSim
© GridSim is an earlier version of the simulation framework designed for modeling distributed computing
infrastructures, including grids and clusters.
e |t focuses on simulating resource sharing and scheduling in distributed computing environments, enabling the
modeling of heterogeneous resources, task scheduling, and data transfer.
© GridSim was used primarily in the context of grid computing, where resources from multiple administrative
domains are shared and utilized to solve large-scale computational problems.
5.3.4 SimJava
* Simjava is the underlying simulation library that both CloudSim and GridSim are built upon
* It provides a discrete-event simulation framework, offering classes and functionalities to facilitate the
development of simulation models in Java.
Cloud Computing and Web Services 5-4 Cloud Applications : CloudSim
—
>SimJava
Jation offers features
scenarios. It f or mod eling
i vents
events, ;
managing ‘
event-driven i
simulations, and i
handling time-based
. It Serves as the foundation
i ildi
for building i j
simulation i
frameworks like i and GridSim.
CloudSim
5.4 Understanding Working Platform for CloudSim
: : .
= m
Ct oudSi is ae i cy ‘lized
ized inj conjunction with Java as its primary working platform. As an open-source
imulation framew a — ; and its APIs (Application
, *_ for cloud computing, CloudSim is implemented in Java,
ogramming 8 Inter aces) are desig Pree Java-based applications for creating, running and
| ned to be used within
rog
analyzing cloud simulations.
CloudSim operations within the Java working platform are as follows :
1. Java Language : CloudSim is written in Java, and its core functionalities, classes, and APIs are available as
Java libraries. To utilize CloudSim, a basic understanding of Java programming is needed.

2. Integration with Java IDEs: Users can develop CloudSim-based simulations using Integrated Development
Environments (IDEs) such as Eclipse, IntelliJ IDEA, NetBeans, etc., which support Java development.
and
3. Java-Based Simulation Development : CloudSim provides Java APIs that enable developers to create
define simulation scenarios, model various cloud components, and
manipulate cloud infrastructures,
simulate diverse cloud-related activities.
: To execute CloudSim-based simulations, Java Virtual Machine (JVM)
4. Java Virtual Machine (JVM)
run. JVM allows Java applications, including
compatibility is required on the system where the simulation is
those using CloudSim, to be executed on different platforms.
with other Java-based libraries and frameworks,
5. Java Libraries and Frameworks : CloudSim can be integrated
required for specific simulation scenarios.
extending its functionality or incorporating additional features
: CloudSim simulations run within the Java Runtime
6. Execution in Java Runtime Envir onment (JRE)
es or
and observe simulations on their local machin
Environment (JRE), allowing users to execute
distributed systems supporting Java.
Java :
rerequisites to work with CloudSim using
(JDK) on your system.
Setup : Install Java Development Kit
in
Plus (an extended version) and include it
Download CloudSim : Obtain the CloudSim library or CloudSim
your Java project.
APIs to create the desired cloud simulation scenarios.
Developmen t : Write Java code utilizing CloudSim
(JRE) to simulate the
Execution : Run the Java-based simulati
on code within a Java-compatible environment
cloud environment based on your defined

scenarios.
your Java application for performance evaluation
ct and analyze simul ation results within
Data Analysis : Colle
or research purposes.
Java :
eps to work with CloudSim using
Toolkit
Directory structure of the CloudSim
ectory
cloudsim/ -- top level CloudSim dir
docs/ -- CloudSim API Documentation
examples/ -- CloudSim examples
Jars/ -- CloudSim jar archives

Tech Knowledge
Publications
——_—
Cloud Computing and Web Services 5-5 Cloud Applications ; Clougg;
mn
sources/ -- CloudSim source code
tests/ -- CloudSim unit tests
Software requirements : Java version 8 or newer
N
¢ CloudSim has been tested and run on Sun's Java version 8 or newer.
© Older versions of Java are not compatible.
¢ Fornon-sun Java version, such as gcj or J++, they may not be compatible.
e You also need to install Ant to compile CloudSim.
Installation and running the CloudSim Toolkit

© Unpack the CloudSim file to install.
© To remove CloudSim, remove the whole cloudsim directory.

© You do not need to compile CloudSim source code. The JAR files are provided to compile and to Tun
CloudSim applications :
-- contains the CloudSim class files
* jars/cloudsim-<VERSION>.jar
* jars/cloudsim-<VERSION>-sources.jar -- contains the CloudSim source code files
*jars/cloudsim-examples-<VERSION>.ja
r -- contains the CloudSim examples class files
* jars/cloudsim-examples-<VERSION>-sources.jar -- contains the CloudSim examples source code files
Running the CloudSim examples

To run the CloudSim examples follow the following steps.
In Windows :
1. cd <PATH TO CLOUDSIM PACKAGE>\jars
2. java -classpathcloudsim-<VERSION>.jar;cloudsim-examples-<VERSION>.jar
org.cloudbus.cloudsim.examples.CloudSimExample<EXAMPLE NUMBER>
In Unix/Linux:
1. cd <PATH TO CLOUDSIM PACKAGE>/jars
2: java-classpathcloudsim-<VERSION> jar:cloudsim-examples-<VERSION>.jar
org.cloudbus.cloudsim.examples.CloudSimExample<EXAMPLE NUMBER>
Replace the following details :
<PATH TO CLOUDSIM PACKAGE? - by the path to a directory where you have unpacked the CloudSim package.
<VERSION> - by the version of the downloaded CloudSim package.
<EXAMPLE NUMBER: - by the of number of the example you want to run.
Review Questions
Q.1 Write a note on CloudSim simulator.
Q.2 Explain CloudSim architecture with a diagram.
Q.3 Write a note on GridSim and SimJava.
Q.4 Explain the Java working platform operations for CloudSim BS

ee
god

CCW Unit1 and 2 TXTBK

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCW Unit1 and 2 TXTBK

Uploaded by

Copyright:

Available Formats

New S llabus

As per the New Choice Based Credit System (CBCS) Syllabus of

Cloud Computing and

---seep Kamble Sayali Parab Chayan Bhattacharjee

Web Services - Distributed Computing, Parall

Cloud Computing Software Security fundamenta

USCSP602 [cows Computing and Web Services - Practical 1 3

5 | Installation and Configuration of virtualization using KVM. |

7 Implement FOSS-Cloud Functionality VSI (Virtual Server Infrastructure)

8 | Implement FOSS-Cloud Functionality - VSI Platform as a Service (PaaS), |

| Implementation of Openstack with user and private network creation.

1.1 porter emer mmm ene menenrerertmene rent 1-1

1.1.1 Distributed System Architecture.....oooororrt torr r odor rn preteen tt eep teen

1.1.2 Characteristics of a Distributed SyStem ..essssssesssscssssssssssssssesesteenasessusssesseesnsssctesssersusseeasssesnessesinasssatee 1-3

1.2.1 General Concepts and Definitions Distributed Computing IANA 1-5

1.2.4(A) Remote Procedure Call 1-14

1.2.4(B) Distributed Object Frameworks “ A IN 1-15

1.3 Parallel Computing 1-17

1.3.1 Elements of Parallel Computing. 1-17

1.3.2 Hardware Architectures for Parallel Processing 1-18

13.3 Levels of Parallelism : osccosnensonnnnanenncrecnsarsavaansnsseensenenusotsenisnsesiitenchiviisdheassaseccssnunsnsataseasuaees 1-20

ORC EE NEE 1-21

1.5 SOAP sssissisinisssorsssrssnacessusesesssssesssees ssssereneecncussessutsussssessunseasseceeeeccessnssssssssuscsssegenennsnenasansenes

15:1 Structure of SOAP Message (In OT

1.5.2 SOAP Messaging Architecture.erscmmmosnnmmmntiiittnmnintiatsnnnnunnstniinissinmenatitiineseaccace

15.3 SETA FELT EE IE

REST What is REST. mmm

Chapter 2: Virtualization 2-1 to 2-9

22.1 Pros Of Virtualization __RRWW_W_A NT 2-5

22:2 COIL _U_WWCW_—_—_—_—_———— OOO 2-5

2.3 Virtualization USING KVM......ccsssssscssssssssssssssssssssssssssssecsssssscesssessecsesssciesesssse SE 2-6

2.4.1 To create a Virtual Machine using VMware Workstation m 2-7

2.5.1 What is oVirt?. ene 208

Chapter 3: Introduction to Cloud Computing 3-1 to 3-19

Cloud Computing and Web Services 3 Table of Contents

3.8 Cloud Computing Software Security Fundamentals.......:c:o:ssscsssnennseueuenetssininsieinunenenaenuenenitstiteee, 3-17

3.9 Cloud Information Security .....sssssnessanenseianenansnanananinsansnsenansnueienetieissiiisisietstsseieicsneienitieceve 3-18

4.2 Cloud Information Security : Integrity 4-2

4.5 Cloud Security Design Principles 4-4

4.6 Secure Cloud Software Requirements _

4.7 Secure Development Practices . | 4-5

4.8 Approaches to Cloud Software Requirement Engineering 4-6

4.9 Cloud Security Policy Implementation 4-7

Chapter5: Cloud Applications : CloudSim 5-1 to 5-5

GridSim, SimJava) Understanding Working platform for CloudSim.

5.2 Understanding CloudSim Simulator ...._corrmeorrmrnrrmrtret retreat eters 5-1

5.3 CloudSim Architecture : sees 7D

5.3.1 User Code... oecerreenerrarreeneecpreeence srossscossseensussccsusssssssecsssssessescsscarsusesensees 5-2

5.3.2 CloudSim LayCr...mmmomceomermeemo erence nee meter eee er A Aenean 5-3

$33 GridSIM eeeesesssssssesessesersensettnnnnsnnessnvennnnnnnnnsnnnnnnne ee 5-3

3-18 Table of Contents

3-17 Chapter6: Cloud Applications : OpenStack 6-1 to 6-33

6.1.1 OpenStack for Cloud Environment .ccccsssssssssssssssessssessssssesssssssssssesssssssssssessssssussesessinissnnsssessssuanescestiueessereetionen 6-1

6.1.2 Component of OpenStack.....cccsessesesssessessessssnsessissssessssesiasssssesssssuesesssssssssiessssnsessteniesssesiieeetseeee 6-2

62.1 OpenStack Software and APIs 6-3

6.2.2 Up amd NNN 6-4

6.5 Tenant Model Operations 6-8

6.5.1 Tenant Networks 6-8

6.5.2 Provider Networks. 6-9

6.6 Quotas 6-10

6.7 OpenStack Private Cloud 6-14

6.7.1 OpenStack Private Cloud Benefits 6-15

6.8 Private Cloud Building Blocks 6-16