CLOUD COMPUTING: EMERGING TECHNOLOGY AND SECURITY CHALLENGES

March 2012

OMOKE Emmanuel

AGENDA

Evolution of Cloud computing What is cloud Computing?

FirstBank

Characteristics, Service and deployment

Models Benefits and Challenges Security concerns Summary
2

Evolution of Cloud Computing

Cloud computing evolved from: Grid computing, Utility computing

Virtualization

FirstBank

Evolution of Cloud Computing

Virtualization Utility Computing Grid Computing

Solving large problems with Parallel computing Ability to negotiate resource-sharing arrangement. Offering computing resources as a metered service. Huge computational and storage capabilities available from utilities. Host operating system provides an abstraction layer for running virtual guest OSs Key is the hypervisor or virtual machine monitor. Cloud computing enabler

FirstBank

HISTORY OF CLOUD COMPUTING

1970s

1980s

1990s

Today

2009+

FirstBank

What is Cloud Computing? Broad Network Access

FirstBank

What is clouding Computing?

A style of computing where massively scalable IT-enabled Broad Network Access capabilities are provided "as a service" over the network

FirstBank

What is new?
Acquisition Model Based on purchasing of services Based on pay for use Over the Internet to ANY device Scalable, elastic, dynamic, multi-tenant, & sharable

Business Model Access Model

Broad Network Access

Technical Model

FirstBank

What is new?
Classical Computing
Every 18 months?

Cloud Computing

Buy & Own Hardware, System

Software, Applications often to meet peak needs. Install, Configure, Test, Broad Network Access Verify, Evaluate Manage .. Finally, use it $$$$....$(High CapEx)

Subscribe Use

$ - pay for what you

use, based on QoS

FirstBank

Characteristics, Service and deployment Models

Essential Characteristics On Demand Self-Service Broad Network Access Rapid Elasticity Resource Pooling Software as a Service (SaaS) Measured Service Infrastructure as a Service (IaaS)

Service Models

Platform as a Service (PaaS) Hybrid Clouds

Deployment Models

Private Cloud

Community Cloud

Public Cloud Resilient Computing Geographic Distribution Service Orientation Advanced Security

Common Characteristics
FirstBank

Massive Scale Homogeneity Virtualization Low Cost Software

SaaS

Applications (word processor, CRM, etc.) or application services (schedule, calendar, etc.) execute in the cloud using the interconnectivity of the internet to propagate data Custom services are combined with 3rd party commercial services via orchestration (SOA) to create new applications Requires investment to build an enabling layer with governance, security and data management functionality May require integration with back-office systems Pay-as-you-go model
FirstBank

SaaS
Benefits Challenges

Speed Reduced up-front cost,

potential for reduced lifetime cost Transfer of some/all support obligations Elimination of licensing risk Elimination of version compatibility Reduced hardware footprint
FirstBank

Extension of the security

model to the provider (data privacy and ownership) Governance and billing management Synchronization of client and vendor migrations Integrated end-user support Scalability

PaaS Applications are built in the cloud on the

platform using a variety of technologies Simplifies orchestration of cloud services Development, testing, and production environments (servers, storage, bandwidth, etc.) are billed monthly like hosting Pay-as-you-go model Environments scale up & down at the click of a button Concerns include code & data privacy, security and scalability
FirstBank
13

PaaS
Benefits Pay-as-you-go for development, test, and production environments Enables developers to focus on application code Instant global platform Elimination of H/W dependencies and capacity concerns Inherent scalability Simplified deployment model
FirstBank

Challenges Governance Tie-in to the vendor Extension of the security model to the provider Connectivity Reliance on 3rd party SLAs

14

IaaS
Compute resources (processors, memory, storage,
bandwidth, etc.) are provided in an as-needed, pay-as-you-go model Able to provide from single server up to entire data centers Creates new opportunities such as Cloud bursting: shifting usage spike traffic to alternate resources Infrastructure scales up and down quickly to meet demand Built on a utility computing architecture to host a SOA application layer
FirstBank
15

IaaS
Benefits Systems managed by SLA should equate to fewer breaches Higher return on assets through higher utilization Reduced cost driven by Less hardware Less floor space from smaller hardware footprint Higher level of automation from fewer administrators Lower power consumption Able to match consumption to demand
FirstBank

Challenges

Portability of applications Maturity of systems

management tools Integration across the Cloud boundary Extension of internal security models

16

SaaS, PaaS and IaaS Comparison

SaaS
Easy first step to adopt alternative desktop office Application. Requires nothing more than a credit card to start. Will drive home the SOA value reposition.

PaaS
Aimed primarily at small & new companies but models apply to all. Large companies will benefit as services scale up and model is driven into internal software development tools and processes.

IaaS
Galvanizing approach to Utility Computing to drive high ROA. Overflow to external provider to avoid cap-ex to meet peaks. Longer term play due to immature tools and resistance to change.

FirstBank

Effects of Deployment Models

Small enterprises use public SaaS and public clouds and

minimize growth of data centers

Large enterprise data centers may evolve to act as private

clouds

Large enterprises may use hybrid cloud infrastructure

software to leverage both internal and public clouds

Public clouds may adopt standards in order to run

workloads from competing hybrid cloud infrastructures
FirstBank

Cloud Security Architectures

Clouds typically have a single security architecture but have
many customers with different demands Clouds should attempt to provide configurable security mechanisms Organizations have more control over the security architecture of private clouds followed by community and then public This doesnt say anything about actual security Higher sensitivity data is likely to be processed on clouds where organizations have control over the security model

FirstBank

19

Key Issues

Trusting vendors security model Where is the data stored and who is securing it Inability to respond to audit requirements Indirect administrator accountability Loss of physical control Data retention / backup standards Redundancy / Disaster Recovery Handling Compliance
FirstBank

Summary

Most clouds will require very strong security controls All models of cloud may be used for differing
tradeoffs between threat exposure and efficiency

There is no one cloud. There are many models and

architectures.

Get educated first, identify pilot opportunities second Software as a Service is the short term opportunity,
Infrastructure as a Service the long term, Platform as a
FirstBank

Service has limited value

Solutions and Vendors

PaaS (Platform as a Service) IaaS (Infrastructure as a Service)

SaaS (Software as a Service)

Applications, typically available via the browser: Google Apps Salesforce.com

Hosted application environment for building and deploying cloud applications: Salesforce.com Amazon E2C Microsoft Azure

Utility computing data center providing on demand server resources: HP Adaptive Infrastructure as a Service Rackspace Amazon E2C & S3

FirstBank

Questions?

FirstBank

23