3.

Cloud Services
 Reference
Contents for this PPT is taken from the following
books
1. Buyya R., Vecchiola C., & Selvi S. T. (2013).
Mastering cloud computing: foundations and
applications programming,
2. Cloud Computing Black Book by Kailash
Jayaswal, Jagannath Kallakurchi, Donald J.
Houde and Dr. Deven Shah. Dreamtech
Publications
3. “Cloud computing bible” by Sosinsky, Barrie.
John Wiley & Sons, 2010.
2
SPI Model
Cloud Computing System
 Infrastructure as a Service

IaaS allows you to “rent” resources such as

• Server space
• Network equipment
• Memory
• CPU cycles
• Storage space
 IaaS
• IaaS must include.
– Utility computing
– Superior IT infrastructure and support
– Virtualized resources
– Dynamic scalability of memory, Bandwidth,
Storage, and servers to meet user demands in
real-time
– Scalability
– Automation of administrative tasks
– Ability to view and manage resource utilization
 IaaS workloads
• The fundamental unit of virtualized client in
an iaas deployment is called a workload.
• Can be measured by the number of
transactions per minute (tpm).
Attributes
– Disk I/os measured in input/output per second
IOPS
– RAM consumed under load in MB
– Network throughput and latency
A virtual private server partition in an IaaS cloud
 Pods, aggregation, and silos
• A group of users within a particular instance
is called a pod. Pods are managed by a Cloud
Control System (CCS). In AWS, the CCS is the
AWS Management Console.
• Sizing limitations for pods need to be
accounted for if you are building a large cloud-
based application.
• Pods are aggregated into pools within an IaaS
region or site called an availability zone
• A failover system between zones gives IaaS
private clouds a very high degree of
availability.
 Pods, aggregation, and silos
• When a cloud computing infrastructure isolates
user clouds from each other so the management
system is incapable of interoperating with other
private clouds, it creates an information silo, or
simply a silo.
• They are processing domains that are sealed off
from the outside.
• Silos impose restrictions on interoperability that
runs counter to the open nature of build-
componentized service-oriented applications
Pods, aggregation, and failover in IaaS
 Benefits of Cloud Computing to
SMB’S
• Better resource utilization
• Converting CaPex to OpEx
• Scalability
• Backups
• Business continuity for SMB’s
• Level of playing field with the enterprise.
• Use of mobile computing.
Understanding Platform as a
Service
 Introduction
• The Platform as a Service model provides the
tools within an environment needed to create
applications that can run in a Software as a
Service model
• PaaS environments can offer integrated
lifecycle management or anchored lifecycle
applications
 Comparison of traditional environment Vs PaaS
Feature In-House Application development PaaS for Application development

Multi-Tenancy Intended for Single or small group of Supports Hundreds of users, each with
users multiple active projects
User End Application based tools, browsers Web browser based tools.
Points
Deployment Deployment and scalability are left for Scalability, failover, and load balancing
installation and go live phases are the basic building blocks
Runtime Development solutions are usually not Built in monitoring available with the
Monitoring associated with runtime monitoring development platform
Virtual Multiple options are available and can Need to work with the infrastructure
machines, be customized to meet any user offered by pass providers
Servers, requirement
Storage,
Databases
Integrated May have separate environment and Same environment for all phases
development infrastructure for development testing
environments and debugging
 Categories of PaaS
Category Description Examples
I • Developers Prefer to use current tools and locally Force.com, Google,
develop software. LongJump, Magic
• After Compile and test applications are loaded to Software, Microsoft
Cloud NetSuite, TIBCO and
Wavemaker
II • PaaS vendors provide a cloud based development Force.com, Intuit,
environment. Trackvia and wolf
• Browser based access. framework
• Development and testing is done at PaaS provider site.

III • Main targets are Business experts Caspio, Cordys,

• PaaS vendors provide tools and templates to build Mendix, WorkXpress
applications. and Zoho
IV • Application can be developed locally or in cloud. Amazon, CLoudBees,
• Developers use the cloud to stage, deploy, scale and Engine Yard,
manage Application Gigaspace, IBM,
Joyent, Microsoft,
Redhat and Cloud
Foundry(VMWae)
 Leveraging PaaS for productivity
Key features to increase developer productivity in PaaS
• Ubiquitous access and Quick deployment
• Caching
• Integrated development environment(IDE)
• Database
• Integration (with external databases and services)
• Logging
• Identity management
• Messaging
• Job Processing
• Session Management
• Service Discovery
Guidelines for selecting PaaS Provider
• Two types of PaaS providers
– Large IT operating system and Software Vendors
– Small and independent vendors.
• Guidelines for choosing suitable PaaS Vendors
– Compatibility with another cloud
– Target customers
– Avoid Vendor Lock-In
– Platform Management
– The test of Time
– Reliable
 Concerns With PaaS
Drawbacks of PaaS
– Lack of Visibility
– Portability/ Interoperability with application on another Cloud.
– Security
– Security for development code
Language and PaaS
• Provide right orientation and support for various
software languages.
– Programming language specific PaaS
– Language-Agnostic Providers
– Hybrid PaaS
 Services
• IaaS offers a service that is akin to installing an
application on a computer
• With Platform as a Service systems, you are
given a toolkit to work with, a virtual machine
to run your software on SaaS services
 Services
PaaS models span a broad range of services,
including these, among others:
• Application development
• Collaboration
• Data management
• Instrumentation, performance, and testing
• Storage
• Transaction management
 Services
Characteristics of a good PaaS system
• Separate of data management from the user
interface
• Reliance on cloud computing standards
• An integrated development environment (IDE)
• Lifecycle management tools
• Multi-tenant architecture support, security, and
scalability
• Performance monitoring, testing, and
optimization tools
 Application development
Common application types:
• Composite business applications
• Data portals
• Mashups of multiple data sources
 Application development
An integrated lifecycle platform includes the
following:
• The virtual machine and operating system (often
offered by an IaaS)
• Data design and storage
• A development environment with defined
Application Programming Interfaces
• Middleware
• Testing and optimization tools
• Additional tools and services
 PaaS Application Frameworks
• Unified development environment or an
integrated development environment (IDE).
• Content management systems (cms).
– Example: the drupal cms
• Point and click CMS
– Example: salesforce.Com
• Developer-oriented services
– Eccentex appbase, longjump, and wolf
– It aims to create web-based applications based on
service oriented architecture protocols and services.
• Generation level(3gl,4gl,5gl)
 PaaS Application Frameworks
Characteristics of the services are:
• They separate data-handling from presentation
(user interface).
• They offer tools for establishing business objects
or entities and the relationships between them.
• They support the incorporation of business rules,
logic, and actions.
• They provide tools for creating data entry
controls (forms), views, and reports.
• They provide instrumentation, tools for
measuring application performance.
• They support packaging and deployment of
applications.
Software as a Service
 Overview
• SaaS (Software as a Service) is an application
hosted on a remote server and accessed
through the Internet.
• SaaS can be divided into two major categories:
– Line of business services
– Customer-oriented services
 Advantages
• Faster time to value and improved productivity
• Lower software licensing costs
• Eliminates need for enterprises to install and
maintain hardware, pay labor costs, and maintain
the applications.
• Avoids the custom development cycles to get
applications to the organization quickly.
• Meticulous security audits
• Saas vendors have the capabilities to let
customers comply with various guiding
organizations
• Saas vendors allow companies to have the most
current version of an application as possible
 Application service Provider(ASP) VS
SaaS
Feature ASP SaaS
Ownership Single tenant with client-server • Multi-tenant.
architecture • Application hosted by developer
• Regular updates from developer
Infrastructure • Possibility of Non-Virtualized • Shared
Environment • Virtualized Resources
• Dedicated server and storage for • Server and storage is shared
Application among other services

Web-based • Not written to be web based and Built-In web based and used over
used over internet public internet
• Performance degradation
 Software Considerations
• User purchases a software package and license by
paying a one-time fee.
• Support and updates are provided by the vendor
• Saas has no licensing
• Biggest advantage is that software is not installed on
the user’s computer
 Vendor Advantages
• The advantages flow both ways.
• vendors get a constant stream of income,
often what is more than the traditional
software licensing setup
• The more resources are used to capacity, the
more the provider can clear as margin.
 Limitations
• Technical obstacles to saas have included an
effective, multitenant architecture.
• Software companies are being asked to
become service companies, and the two don’t
necessarily mesh well.
• A business model that is built on selling
licensed software does not easily transform
into a subscription model very cleanly
• Some applications are ideal for saas, others
are not good to use employing an saas model.
 SaaS: Driving Forces
• Popularity
– Software Vendor friendly
– Enterprises Friendly
– Plenty of SaaS Platforms
SaaS

A modern implement of
SaaS using an Enterprise
Service Bus and
architected with SOA
components
 Mashups
Shows data and supports features from two or
more sources. It requires 3 separate
components.
• An interactive user interface,
• Web services that can be accessed using an
API.
• Data transfer in the form of XML, KML, JSON
 Security as a Service(SECaaS)
• Services offered by SECaaS
– Email filtering
– Web content filtering
– Vulnerability management
– Standards and compliance management
– Identifying security risk patterns
– Identity management as a Service
• Two kinds of cloud-based security providers.
– Leading security product vendors
– Emerging small and medium sized security vendors
Web Content filtering
 Traditional security VS SECaaS
Criteria Traditional Appliance or software SECaaS
based security
Upfront capital Buy, install and implement servers No upfront expenses
expenses and application
Ease of threat Time consuming and difficult to Efficient threat detection via
detection detect threat on host cloud based servers
Software Each host needed to e updated 24/7, real-time update based on
updates host availability
Operational IT resources are required to manage No need to manage applications
onus hardware, software, database and or software, need to enforce
policies policies at SaaS provider.
IT staff Significant team and talent required Few IT staff required
requirement
Latency Low latency High latency
Control Full control Less control
Green IT More power and cooling required for Shared servers consume less
dedicated security power and cooling
 Benefits of SECaaS
• Provides security staff and talent.
• Advanced security tools
• Relevant, timely expertise from provider
• SECaaS can be a business enabler

• Examples of SECaaS Vendors

– Proofpoint
– MacAfee
– Symantec
– Trend micro
 Concerns with SECaaS
• Shared infrastructure.
• Portability
• Payment transparency
• Access by provider
• Compliance
• Access by internet users
 Identity as a Service (IDaaS)
• stores the information associated with a
digital entity in a form that can be queried and
managed for use in electronic transactions.
• core functions:
– a data store,
– a query engine, and
– a policy engine that maintains data integrity.
 IDaaS
• The name servers that run the various
Internet domains (.COM, .ORG, .EDU, .MIL,
.TV, .RU, and so on) are IDaaS servers
 Identity
• In-house or Cloud application requires user
Identity
• In-house applications rely on services like
Active Directory to provide this information.
• Clouds, however, have to use their own
identity services.
• Identity services need not be proprietary.
 Identity
An identity can belong to a person and may include the
following:
• Things you are: Biological characteristics such as age,
race, gender, appearance, and so forth.
• Things you know: Biography, personal data such as
social security numbers, PINs, where you went to
school, and so on.
• Things you have: A pattern of blood vessels in your
eye, your fingerprints, a bank account you can access, a
security key you were given, objects and possessions,
and more.
• Things you relate to: Your family and friends, a
software license, beliefs and values, activities and
endeavors, personal selections and choices, habits and
practices, an iGoogle account.
 IDaaS/IdMaaS
Identity as a Service (IDaaS) or Identity Management as a
service(IdMaaS) may include any of the following:
• Authentication services (identity verification)
• Directory services
• Federated identity
• Identity governance
• Identity and profile management
• Policies, roles, and enforcement
• Provisioning (external policy administration)
• Registration
• Risk and event monitoring, including audits
• Single sign-on services
 IDaaS (Identity system codes of conduct)
IDaaS software, evaluate IDaaS applications on
the following basis.
– User control for consent
– Minimal Disclosure
– Justifiable access
– Directional Exposure
– Interoperability
– Unambiguous human identification
– Consistency of Service
 OpenId
• OpenID is an open, decentralized, single sign-
on standard that allows users to log in to
many services using the same digital identity.
• OpenID is in the form of
a uniform resource
locator (URL) and does
not rely on a central
authority to authenticate
a user’s identity

• specific type of
authentication is not
required
Open Standards for IDaaS
Single sign-on Service
 Identity management as a
service(IdMaas)
Phase Task
Phase 1 Assessment and architecture
Phase 2 Password administration

Phase 3 Automated provisioning with roles

Phase 4 Add more services and systems to IdM

Phase 5 Customizations

Implementation phases to migrate your enterprise authentication to an IdM solution provider

 Benefits of IdMaaS(IDaaS)
• Cloud-Native architecture
• Low upfront cost.
• Business agility
• Cloud hub
• Easy to start
• Low risk Try-and-Buy Offers
• 24/7 Availability of service and expertise
 IdMaaS
Factors to consider while selecting IdMaaS providers
– SLA Support and it is in sync with your internal and external
customers.
– Review compliance and regulatory liabilities
– Control between IdM service provider and their customers.
– Define role-based access for users and administrators
within the service providers team and organization internal
team and interfaces
– Decide which application will be authenticated by the IdM.
– What security measures the provider has implemented to
tighten control over the data of each customer.
– Explore the viability, process and risks if you need to move
your IdM solution to your internal or to another service
provider.
 Attributes of IdMaaS Providers
1. Compliance
2. Access provisioning and De-provisioning
3. User self-service
4. Single Sign-On(SSO)
5. Integration with in-house IdM or directories
6. Security around IdMaaS
7. Setup and running cost
 Compliance as a Service (CaaS)
• Cloud computing by its very nature spans
different jurisdictions
• Compliance is much more than simply
providing an anonymous service token to an
identity so they can obtain access to a
resource
• A Compliance as a Service application would
need to serve as a trusted third party, because
is a man-in-the-middle type of service
 CaaS
A CaaS would need to be able to manage
• Cloud relationships
• Understand security policies and procedures
• Know how to handle information and
administer privacy
• Provide an incidence response and archives.
• Allow for the system to be queried, all to a
level that can be captured in a service level
agreement.
 Database as a Service(DBaaS)
• The term “Database-as-a-Service” (DBaaS)
refers to software that enables users to
provision, manage, consume, configure, and
operate database software using a common
set of abstractions (primitives).
• All of the administrative tasks and
maintenance are taken care of by the service
provider.
• DBaaS consists of a database manager
component, which controls all underlying
database instances via an API
Database as a Service(DBaaS)
 Database as a Service(DBaaS)
• Factors to consider for DBaaS
– Research
– Estimate your needs
– Vendor and community support
– API for databases
– Price
– Tuned for cloud
– Compatibility with on-premise database
 How does cloud storage work?
• Redundancy
• Core of cloud
computing
• Equipment
• Data servers
• Power supplies
• Data files
• Replication
 Storage as a Service
“Storage as a service (StaaS) is a business model in
which a company leases or rents its storage
infrastructure to another company or individuals to
store data”.
• SaaS is marketed as an excellent technique to
mitigate risks in disaster recovery by providing
long-term data storage and enhancing business
stability.
• Major Storage as a service providers
– Amazon simple storage service (Amazon S3), Google
Drive, Microsoft’s OneDrive, Dropbox, Apple’s iCloud
 Storage as a Service
A typical StaaS includes
– Backup and archive for on-premises or cloud data
– Content, media, and software storage and
distribution
– Big data analytics
– Static website hosting
– Cloud-native mobile and Internet application
hosting
– Database profiling
– Disaster recovery(DR)
 Advantages and Disadvantages of
Cloud Storage as a Service
Advantages
– Usability
– Bandwidth
– Accessibility
– Disaster Recovery
– Cost Savings
Disadvantages
– Usability
– Bandwidth
– Accessibility
– Data Security
– Software
Concerns with Storage as a Service
• Cloud storage must be used for non critical
purposes.
• Vendors such as Google, Amazon doesn’t
leave much portability options.
• QOS is not always assured.
• Many Legal issues with respect to user content
• User must examine the accountability of
storage provider.
• Data Security.
 Collaboration as a Service
“COaaS solutions should combine best-of-breed
existing technologies to enable communication
between geographically dispersed individuals at
an on-demand and interactive level not possible
by using a single software tool, or multiple
software tools separately”
• Major collaboration as a service providers
– MicrosoftLive
– LotusLive
– GoogleApps
– Cisco Webex Collaboration
– Zoho
– Citrix GotoMeeting
 Collaboration as a Service
• Three major types of collaboration
– Pure Collaboration
– Functional Collaboration
– Flexible Collaboration
 Collaboration tools
• Real-time Commenting and messaging tools.
• Track Integrity of data
• Set permission and manage activities
• Activity feed and alerts
• Collaborate and share files outside security
boundary of organization.
• Compliance with organizational security and
compliance framework.
• Ensure complete Auditing within and outside
organization
• Reduce workarounds for sharing and managing
large files
 Advantages of Collaboration as a
Service
• Universal User access
• IP voice and Video
• Sharing and conferencing
• Presence
• Instant messaging
• Group chat
• Unified messaging
• Single number reach
• Click to dial (eg. Outlook)
• Group video conferencing
 Monitoring as a Service
• Monitoring-as-a-Service (MaaS)
– Various Benefits for both Cloud users and service
providers
• Cloud monitoring services
– E.g. Cloud Watch, Command Center
• State Monitoring is one of the most widely used
monitoring services
– Continuously checking if a certain state of the
monitored application/system violates a given condition
– Examples:
• Hotspot detection
• Auto-scaling
• DDoS detection
 Monitoring as a Service
• Core functional components in state
monitoring services
– Violation Detection
– State Information Collection
– Multi-Tenancy Support
• Challenges
– Violation detection
• Accuracy, efficiency, scalability
– State information collection
• overhead-utility tradeoff
– Multi-tenancy support
• Isolation, resource management
Monitoring as a Service
 Traditional On-Premise Monitoring
Framework
• In-House Monitoring Infrastructure
• Higher Levels of Security
• Inherent Connectivity to Internal Assets
• Real Time Monitoring Data
• Customization and Extensions
 Monitored using MaaS
MaaS is capable of monitoring all aspects
of IT infrastructure assets
• Servers and Systems Monitoring
• Database Monitoring
• Network Monitoring
• Storage Monitoring
• Applications Monitoring
• Cloud Monitoring
• Virtual Infrastructure Monitoring
 Benefits of Monitoring as a Service
(MaaS)
• Ready to Use Monitoring Tool Login
• Inherently Available 24x7x365
• Easy Integration with Business Processes
• Cloud Aware and Cloud Ready
• No maintenance overheads
 Communication as a Service
• Communications as a service (CaaS) is a
collection of different vendor services that
facilitate business communications.
• CaaS can include a range of communications
services, including voice over IP (VoIP), instant
messaging, message routing, call recording and
video conferencing.
• Examples Communication as a Service solutions
are Skype, FaceTime and instant messaging tools
such as Facebook Messenger
 Communication as a Service
Advantages
• CaaS offers the potential to manage multiple
services – voice, video, data – over multiple
devices – landline telephone, mobile or
smartphone, PC – in a controlled environment.
• Collaboration: It offers great potential for small
businesses.
• Scalability
• Self-Service
• Global Accessibility
• Business Continuity
 Network as a Service
• Network-as-a-Service allows us to access to
network infrastructure directly and securely.
NaaS makes it possible to deploy custom
routing protocols.
• NaaS uses virtualized network
infrastructure to provide network services
• NaaS offers network as a utility.
• NaaS uses API
 Benefits of NaaS
• Independence
• Bursting
• Resilience
• Analytics
• Ease of Adding New Service Elements
• Support Models
• Isolation of Customer Traffic
 Disaster recovery as a service
• System crashes and power failure leads to various
problems like availability and financial loss.
• Several reasons for system crashes.
• In case of disaster, organization must protect
itself from various losses.
• Disaster at cloud will lead to data loss.
• Causes of Data loss.
– Natural disasters
– Mission critical application failure
– Network failure
– Network intrusions
– Hacking or malicious code
– System failure
 Disaster recovery as a service
“DRaaS: A category of cloud computing used for
protecting an application or data from various
disasters at one location by enabling a full
recovery of cloud”.
• DRaaS is different from backup services.
• DRaaS is delivered on Cloud model(ie. You pay
only when they are used).
• DRaaS architectural models.
– To-Cloud DRaaS.
– In-Cloud DRaaS.
– From-Cloud DRaaS.
 Advantages of DRaaS
• IT team can focus on core operations
• Organization will be up and running quickly.
• Cost efficient
• DRaaS is charged only when used.
• Recovery time is faster
• User will maintain in-house control
• No user responsibility of maintaining Hardware.
• Secure data centers
• Excellent Service support
 Analytics as a Service
• Provides analytic services and operations
• Service provider offer access to remote
analytics platform.
• Flexible in operation specific analytics
applications
• Users can select Hybrid systems.
• Availability of Big data.
• Permits users to explore and analyze data,
High value activity.
 Integration
• Applications communicate among themselves,
the type of these communications ranges from
message queues to complex Integration Servers.
• Integration services are specifically designed to
accomplish this task.
• Example: Amazon’s Simple Queue Service (SQS)
• Another cloud based integration are BizTalk
services
 Mapping
• Maps are getting more popularity and are
highly integrated with applications
• Rapid development is not possible if the map
application is to be developed from scrach.
• Example: Google Maps and Microsoft’s Virtual
Earth
 Other Services
• Payment Services
• Search
– The ability to embed search options in a web site
– Example: Microsoft’s Live Search
– Searchability is limited only to the organization
and what it does