JEPPIAAR ENGINEERING COLLEGE

Jeppiaar Nagar ,Gandhi salai,chennai-119

DEPARTMENT OF INFORMATION TECHNOLOGY

A PRESENTATION ON

CLOUD COMPUTING

BY: MOSES.A IInd Year / B- Sec DEPTMENT OF IT

Introduction: Cloud computing has become famous in recent years. The basics of cloud computing is defined as computer and software services necessary for computing works provided via the internet is called cloud computing.

2.Platform as a service: In this type,the service provider provides the necessary softwares and the tools for creating softwares which are installed in their server to an organisation for a specified amount.The organisation creates the necessary softwares on his platform and uses them.Its like renting in a house which has all the necessary things.

Its basically a virtual server available over the Internet. But others says very broadly, arguing anything you consume outside the firewall is "in the cloud," including conventional outsourcing Why is it named so.....Because all the services are provided via the internet and cloud symbol is used to represent internet in flowchart and diagrams.

3.Software as a service: In this type the applications hosted in the service provider s server are made available to customers via the internet.The provider also interacts with the user through a front end panel.The provider provides the necessary support to the customer.The services range from e-mail to data processing.

Types of cloud computing: There are three types of services offered. 1. Infrastructure as a service 2. Platform as a service 3. Software as a service 1.Infrastructure as a service: In this type,the service provider provides the necessary servers,hardware and networking components to an organisation for a fee.The organisation in turn installs the necessary programs in the service provider's server and uses them.The service provider is responsible for the maintenance of the servers.

What is It and How Does It Work? Cloud computing is becoming a buzzword. It refers to a computing system in which tasks are assigned through a combination of connections, service and software over a network. This collective of connections is known as the cloud. Computing at this level allows users to sort through a vast amount of data. For example, Google is currently the forerunner of cloud computing due to its need to produce accurate and instant results for the millions of search queries it receives every day. Other companied have developed web based operating systems that look and feel like Windows.

where everything has to be launched. Optimization is based on two fronts: the local hardware capacity and the software security. Through optimized hardware with security, the application will launch seamlessly. A cloud client consists of computer hardware and/or computer software that relies on cloud computing for application delivery, or that is specifically designed for delivery of cloud services and that, in either case, is essentially useless without it. Examples include some computers, phones and other devices, operating systems and browsers. Application: Cloud application services or "Software as a Service (SaaS)" deliver software as a service over the Internet, eliminating the need to install and run the application on the customer's own computers and simplifying maintenance and support. Network-based access to, and management of, commercially available software * Activities that are managed from central locations rather than at each customer's site, enabling customers to access applications remotely via the Web * Application delivery that typically is closer to a one-to-many model (single instance, multitenant architecture) than to a one-to-one model, including architecture, pricing, partnering, and management characteristics * Centralized feature updating, which obviates the need for downloadable patches and upgrades. Platform:

Basic components of cloud computing:

client: Everything ends with the client. The hardware components, the application and everything else developed for cloud computing will be used in the client. Without the client, nothing will be possible. The client could come in two forms: the hardware component or the combination of software and hardware components. Although its a common conception that cloud computing solely relies on the cloud (internet), there are certain systems that requires pre-installed applications to ensure smooth transition. The hardware on the other hand will be the platform

Cloud platform services or "Platform as a Service (PaaS)" deliver a computing platform and/or solution stack as a service, often consuming cloud infrastructure and sustaining cloud applications.It facilitates deployment of applications without the cost and complexity of buying and managing the underlying hardware and software layers. Infrastructure: Cloud infrastructure services or "Infrastructure as a Service (IaaS)" delivers computer infrastructure, typically a platform virtualization environment as a service. Rather than purchasing servers, software, data center space or network equipment, clients instead buy those resources as

a fully outsourced service. The service is typically billed on a utility computing basis and amount of resources consumed (and therefore the cost) will typically reflect the level of activity. It is an evolution of virtual private server offerings. server: The servers layer consists of computer hardware and/or computer software products that are specifically designed for the delivery of cloud services, including multi-core processors, cloudspecific operating systems and combined offerings.Example google server is given below.

For now, cloud computing could be easily identified with grid computing wherein the cloud become the application for business purposes. Although grid computing is more focused on the server capabilities of the application, their similarities are based on the focus on providing online and on-time services to the enterprise. But cloud computing is so much more than simplified cloud processing. The business aim of getting things done no matter where they are without the necessary of a local or desktop software is realized. The ease of data processing with real time interaction and company-wide availability of data in an instant could be done through proper implementation of cloud computing. Best of all, these processes are aimed to be available with very little to no downtime. The future of cloud computing should be highly considered by businesses in any industry. The possibility of full adaptation of cloud computing by almost any industry is slowly starting to happen. If a business will not consider their future in cloud computing, the challenges as well as the advantages of cloud computing may not be addressed and fully harnessed.

Eco-Friendly Incentives for Cloud Computing : Of course another incentive to option for cloud computing is that it is more environmentally friendly. Reducing the number of hardware components and replacing them with cloud computing systems reduces energy costs for running hardware and cooling as well as reducing carbon dioxide emissions and conserving energy. Moving applications to the cloud can potentially reduce energy costs for running and cooling hardware. This can also work in combination with government tax incentives to go green and power companies added incentives. How Could the Future of Cloud Computing Work for You? In theory the process is very simple. Cloud computing could allow you to have only a small and inexpensive computer, processor and monitor in front of you. You would have no need for a hard drive or a CD/DVD drive. Instead you would need only an Internet connection, which would hook you up to a central supercomputer that would host all your programs and files. This presents and advantage to both storage and security issues.

Cloud Computing Security: Security is one of the biggest concerns of businesses in any form. Whether a business is a small brick-and-mortar or a multi-million online ventures, security should be implemented. Exposing the company to different security flaws is always inviting to different elements with malicious intent. A single security strike could mean millions of dollars for businesses and might single handedly close the business down. Proper implementation of security measures is highly recommended for cloud computing. The mere fact that the application is launched through internet makes it vulnerable to any time of attack. An application available in LAN (Local Area Network) only could even be infiltrated from the outside so placing an application over the internet is always a security risk. This is the unique situation of cloud computing. Implementation of cloud computing could require millions of dollars in infrastructure and applications development but it still places itself at risk for different types of attacks.

But this has to be sacrificed to ensure the security of their users. Data Security Aside from user protection against different types of attacks, the data itself should be protected. In this aspect, the hardware and software linked to cloud computing should be scrutinized. Again, a certification is highly desired in this part of cloud computing. The hardware component for cloud computing on the other hand requires a different type of security consideration. The location of data center should not only be selected because of its proximity to controllers and intended users but also on its security (and even secrecy) from external problems. The data center should be protected against different types of weather conditions, fire and even physical attacks that might destroy the center physically. With regards to the hardware component in relation to the application, certain manual components have to be available for increased security. Among them is manual shutdown to prevent further access of the information. Although data could be controlled with another application that data could be infiltrated unless the application is shutdown immediately. Recovery and Investigation Cloud computing security should not only focus itself on prevention. Ample resources should also be focused on recovery if the unfortunate event really strikes. Even before disaster happens, certain plans have to be in place to ensure that everyone will be working in unison towards recovery. The plans do not have to be focused on software attacks alone certain external disasters such as weather conditions should have separate recovery plans. When everything has been recovered, developers and the company handling the application should have the means to investigate the cause of the problem. Through investigation, certain conditions that lead to the event could be realized and insecurities could be discovered. Even legal actions could be done if security has been breached on purpose. Security is one of the most difficult task to implement in cloud computing. It requires constant vigilance against different forms of attacks not only in the application side but also in the hardware components. Attacks with catastrophic effects only needs one security flaw so its always a challenge for everyone involved to make things secured.

Protecting the Users

Above everything else, cloud computing or any type of online application format should consider protecting its users. Developers should make sure that data related to the user should not be mishandled and could be extracted just by one. There are two ways to ensure cloud computing security: restrictive user access and certifications. Restrictive access could come from simple username/password challenge to complicated CAPTCHA log in forms. But applications in cloud computing should not only base itself on these challenges. IP specific applications and user time-outs are only some of the security measures that should be implemented. The challenge in restrictive user access is to limit the access privilege of the user. Each user will have to be assigned manually with security clearance to ensure limitation of access to different files. Certifications are also important for user certification. Developers have to open their application to security specialists or companies that provide certifications for security. This is one way of assuring users that the application has been fully tested against different types of attacks. This is often the dilemma for cloud computing as external security checks might open the company secrets on cloud computing.

Advantages: The advantage of this is,the customer after paying the amount can get the service at any time. Also there are no problems of computer crash or server down.it is the responsibility of the service provider. There is no investment cost for computers,servers,software,etc.. Amount can be payed according to usage Now a days, the service providers provide the service on a monthly basis.The provider and the customer can cancel the agreement at any time.So ther is no loss for anyone. Access your data at all times not just while in the office A physical storage center is no longer needed Most have a pay structure that only calls for payment only when use Relieves burden on IT Professionals and frees up their time in the office Easily scalable so companies can add or subtract storage based on their own needs

If your cloud host disappears, where does your information go? If you are a small business, or even a Fortune 500 company, cloud computing can take a large technology professionals can be a real burden and finding cost-efficient means through cloud hosting can be very beneficial. With Amazon moving into the cloud computing environment, everyone has access to what could be a major change in business intelligence. Amazons Elastic Compute Cloud is a dedicated, high performance, analytic database cluster that is open to businesses, on a pay-per-use scale, for a monthly fee. This sounds like an excellent business deal, if you are prepared to hand over your personal data and information. The Real Problems with Cloud Computing: There is a great deal of truth that Google can maintain the security of systems better than individual companies. While I may be critical of some aspects of Google Apps security, I firmly believe that Google is significantly more likely to maintain the security of individual systems than companies would themselves. CSO The recent Twitter hack, where a French hacker compromised internal Twitter documents by accessing the account of administrative assistant, among others, was essentially an attack on Google Docs. The reason is that Twitter outsourced their infrastructure by contracting with Google, and the accounts in question were on Google's infrastructure. The ensuing reports questioned the security of Google Apps and cloud security in general. In the process, Google claimed that their security was better and less expensive than the security that companies could provide for themselves. At the same time, people (including me) persisted in their statements that exposed information is exposed information. This position takes the stand that companies want to protect their information, and not the computers themselves. This can be extremely confusing for CSOs trying to decide whether or not to implement cloud computing. This issue is at the forefront, especially given Los Angeles County's stated intention to migrate to Google Apps. Let's first acknowledge that Google Apps was not specifically "hacked" in the traditional sense of the word during the Twitter hack. A hacker did not break into Google computers through some technical vulnerability in the Google infrastructure.

This service is suitable for small business groups. Servers in a CloudOne of the advantages of cloud computing is that both small and medium sized businesses can instantly obtain the benefits of the enormous infrastructure without having to implement and administer it directly. This also permits accessibility to multiple data centers anywhere on the globe. It also means that as the need for resources increases, companies can add additional service as and when needed from the cloud computing vendor without having to pay for additional hardware. Negatives: If you are going to move all of your information to data centers situated outside your company, then security should be of utmost importance. Lost control comes with handing over your data and information Depending on third-party to ensure the security and confidentiality of data and information

A hacker found a personal e-mail account for the administrative assistant previously mentioned. Similar to the Sarah Palin Yahoo! account hack, the hacker researched social networking sites to find the answer to the "secret question" required to reset the account's password. In going through the e-mails in the account, the hacker apparently found the password used by the administrative assistant on other sites, and correctly assumed that person used that password on their Twitter corporate account at Google Apps. This gave the person access to e-mails and files. Other information available to the account also allowed the attacker to compromise the Twitter corporate accounts of other employees. While the initial reaction would be to blame the guessability of the security questions on the freemail account, as well as the reuse of the password, that is akin to saying people drown because of water. Clearly, there are many other vulnerabilities in cloud computing implementation that enabled the compromise of the accounts on Google Apps. For example, the fact is Google Apps allowed for anyone in the world to attempt to log into any account at Twitter. In this case, the account holder was in the San Francisco area and the hacker logged in from France. If the accounts were maintained internally, Twitter would have had the ability to deny remote access. Similarly, if there was misuse and abuse detection, even allowed accesses would have been flagged given the location as well as the scope of the data access. There are also data leak prevention (DLP) tools that could have been in place. Google Apps doesn't provide for add-on security tools, such as those mentioned above. They do provide for SAML 2.0 authentication integration. However, that is a footnote, and organizations who are using Google Apps because they don't want to maintain the internal technical staff required to run office applications are not likely to maintain staff to manage a SAML compliant tool, which can be even more complicated. Using an automobile analogy, it is like saying you will bring your car to a repair shop for everything, even simple oil changes -- except for the ignition system, which you agree to maintain entirely on your own. There is a great deal of truth that Google can maintain the security of systems better than individual companies. This specifically involves server security, not data security. For example, hackers target vulnerable operating systems that don't have properly applied patches. While I may be critical of some aspects of Google Apps

security, I firmly believe that Google is significantly more likely to maintain the security of individual systems than companies would themselves. Google also implements sharding, which means that an individual file could be divided among hundreds of systems in theory. This way, if someone actually does break into a server, they will not likely get a useful amount of information out of individual documents. However, the fact is that attackers want your information and will get it however they have to. For example, the recent Heartland hacks resulted from SQL injection which targeted the database applications, not the servers. While Google Apps may better maintain fundamental security of the office applications, that again does not help with the access, and sniffing potential. Cloud computing puts your data outside of your organization. Also when you use a cloud computing service, you are limiting yourself to the amount of advanced security tools that you can put on the system. I already gave the examples of DLP and misuse and abuse detection, which is not available to Google Apps users. Likewise, you cannot limit the access to only internal staff. There are many other security tools that cannot be put in place in cloud environments, unless the cloud environment is specifically designed for them. There are also other issues to consider. You have little control over how much audit information is collected. For example, you likely do not have access to failed log-in attempts, so you cannot proactively look for attack reconnaissance. Likewise, while you may maintain ownership of your own data, you do not likely own all of the access log data. That potentially creates legal problems. For example, if someone does illicitly access your information, you might need to get a court order to see where they are coming from. If however you maintained your data internally, you would have instant access to all of this information. Once a term only used by governments, cloud hosting is making its way to businesses both large and small. According to Wikipedia, cloud computing "is a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the internet." Image a multitude of servers that are connected through networks to create a cloud where companies are able to store data. Essentially, this cloud acts as an outsourcing agent for server and storage needs.

conclusion: The Cloud Computing is one kind of emerging business accounting model which in the grid computation, the public computation and the SaaS foundation develops. It will calculate the duty to distribute on the resource pool which the massive computers will constitute, will enable each kind of application system according to need to gain the computation strength, the storage space and each kind of software service. This paper presentation introduced the Cloud Computing evolution process, has analyzed the Cloud Computing essence, but this article key point studies the industrial world 3 concrete Cloud Computing example,includes Google the cloud to calculate the platform, IBM Corporation specifically Blue Cloud .I conclued that in this century cloud computing is one of the great technology which is be most useful technology in this world..

(Will Explain the Real world Problem with block diagram and their solutions in Power point Presentation)

THANK YOU.