Cloud Computing Overview Databases & Data Stores

Introduction Large Scale Data Processing

Cloud Security
Definition of Computing: ACM Computing Curricula 2005 defines computing as any goal-oriented
activity involving computers, including hardware/software design, information processing, scientific
Infrastructure Security
studies, and intelligent system behavior.
Data Security and Storage
Cloud Computing Course Overview
Identity and Access Management
Access Control, Trust, Reputation, Risk
Introduction to Cloud Computing
Case Studies

Overview of Computing
Open Source and Commercial Clouds
NIST Model of Cloud Computing
Cloud Simulator
Properties, Characteristics & Disadvantages
Research Trends
Role of Open Standards
Cloud Computing Architecture
Cloud Computing
Fog Computing
Cloud Computing Stack
Trends in Computing
Service Models (XaaS)
Infrastructure as a Service (IaaS)
Distributed Computing
Platform as a Service (PaaS)
Grid Computing
Software as a Service (SaaS)
Cluster Computing
Deployment Models
Utility Computing
Service Management in Cloud Computing
Cloud Computing
Distributed Computing
Service Level Agreements (SLAs)
Cloud Economics
Definition: Field studying distributed systems to solve computational problems using multiple
Resource Management in Cloud Computing
autonomous entities with local memory communicating through message passing.
Examples: Internet, ATM machines, Intranets, ubiquitous network-connected devices.
Data Management in Cloud Computing
Properties: Fault tolerance, resource sharing, load sharing, easy expansion, and performance.
Grid Computing
Scalability & Cloud Services
Definition: Utilizes unused processing cycles of networked computers to solve intensive problems.
Analogy: Similar to an electrical power grid where resources are accessed without knowledge of Software as a Service (SaaS): Applications accessed via the web, managed by the provider.
their location.
Platform as a Service (PaaS): Platform for developing applications without managing infrastructure.
Types:
Infrastructure as a Service (IaaS): Provisioning of fundamental computing resources on demand.
Computational Grid
Deployment Models
Data Grid
Collaboration Grid
Private Cloud
Network Grid
Community Cloud
Utility Grid
Public Cloud
Cluster Computing
Hybrid Cloud
Advantages of Cloud Computing
Definition: A system of interconnected standalone computers working as a single resource.
Benefits: Improved speed, reliability, cost-effectiveness, and scalability.
Lower costs
Types: High Availability, Load Balancing, Parallel/Distributed Processing Clusters.
Improved performance
Utility Computing
Instant software updates
Unlimited storage capacity
Definition: Service model providing computing resources as needed, charging based on usage.
Universal access
Characteristics: Pay-for-use, data center virtualization, and automation.
Easier collaboration
Risks: Data backup, security, partner competency, SLA definitions.
Disadvantages of Cloud Computing
Cloud Computing Definition (NIST)

Requires constant internet connection

Model: Enables on-demand network access to a shared pool of configurable resources with minimal
Limited features compared to desktop applications
management effort.
Potential security risks
Essential Characteristics of Cloud Computing
Dependency on service provider reliability
Conclusion
On-demand self-service
Cloud computing represents a significant evolution in IT infrastructure, offering scalability, flexibility,
Broad network access
and cost-effectiveness while posing challenges related to security and dependency on internet
Resource pooling connectivity. Understanding its various models, characteristics, and implications is crucial for
effective adoption and utilization. Cloud Computing Architecture Summary
Measured service
Major Building Blocks
Rapid elasticity
Technical Architecture:
Cloud Service Models
Structuring according to XaaS stack PaaS: Platform for developing applications without managing underlying infrastructure, supports
collaboration and rapid development.
Adoption of cloud computing paradigms
IaaS: Infrastructure provided as an on-demand service, allowing dynamic scaling and utility pricing.
Organization of cloud services and components
Networking in Cloud Computing
Definition of relationships and external endpoints
Dynamic provisioning of network resources is essential.
Middleware and communication management
Concepts include Virtual Local Area Networks (VLANs) and Virtual Private Networks (VPNs).
Security management
Tools like OpenSSH and OpenVPN facilitate network configuration.
Deployment Operation Architecture:
Network Function Virtualization (NFV)
Aims to transform network architecture by consolidating various network equipment onto standard
Geo-location checks (legal issues, export control)
servers, allowing for flexible deployment and management of network functions in software.
Operations and monitoring
This summary encapsulates the key aspects of cloud computing architecture, including its building
XaaS (Anything as a Service) blocks, service models, comparisons with traditional models, and the role of networking. Cloud
Definition: XaaS generalizes cloud-related services delivered over the Internet. Computing: Web Services and Service-Oriented Architecture

Examples: What are Web Services?

Software as a Service (SaaS) Definition: Software applications identified by a URI, capable of being defined, described, and
discovered as XML artifacts (W3C).
Platform as a Service (PaaS)
Characteristics:
Infrastructure as a Service (IaaS)
Programmable application logic accessible via standard internet protocols (Microsoft).
Other services include Business Process as a Service (BPaaS), Security as a Service (SECaaS),
Database as a Service (DaaS), and more. Interfaces describing operations that are network-accessible through standardized XML messaging
(IBM).
Requirements of Cloud Service Providers (CSP)
Software components that can be discovered, combined, and recombined to solve user problems
Increase productivity, user satisfaction, innovation, and agility. (SUN).
Service Models Comparison Historical Context
Classical Model: Users manage all layers (hardware, OS, applications) with high costs and Evolution from structured programming to object-oriented programming, distributed computing,
complexity. and Electronic Data Interchange (EDI) leading to the development of web services.
XaaS Model: Simplifies IT infrastructure, allowing for shared resources and reduced management Distributed Computing
overhead.
Involves N-tier applications where different tasks are performed on different computers (e.g., user
Client-Server vs. Cloud Architecture interface, business logic, database).
Client-Server: Simple service model with limited scalability and no virtualization. Requires interoperability for components to communicate, which was limited in proprietary
Cloud Model: Supports complex service models (IaaS, PaaS, SaaS), is load-balanced, and offers technologies.
theoretical infinite scalability through virtualization. Electronic Data Interchange (EDI)
Cloud Service Models Computer-to-computer exchange of business data using standard formats.
SaaS: Software delivered over the web, managed centrally, suitable for applications with significant Advantages include lower operating costs, improved accuracy, increased productivity, and
external interaction. streamlined processes.
Benefits of Web Services WSDL (Web Services Description Language)
Enable modular application development using existing software components. XML vocabulary for describing web services.
Enhance interoperability through open standards, allowing diverse software components to Specifies request and response message structures, service availability, and communication
communicate. protocols.
Simplify integration with EDI systems, providing a more cost-effective solution. UDDI (Universal Description, Discovery, and Integration)
Web Services Architecture Framework for XML-based registries where businesses can publish and discover services.
Components: Functions like a directory for service descriptions.
Deployment Models in Cloud Computing
Service Provider: Owner of the service, hosting the service. Public Cloud: Open use by the general public, managed by a provider (e.g., Google App Engine,
Amazon EC2).
Service Requestor: Business or application needing specific functions.
Private Cloud: Exclusive use by a single organization, can be on-site or outsourced.
Service Registry: A searchable registry of service descriptions.
Community Cloud: Shared by organizations with common concerns.
Operations:
Hybrid Cloud: Combination of two or more distinct cloud infrastructures.
IaaS (Infrastructure as a Service)
Publish: Service descriptions are published for requestors.
Provides access to virtual computers, storage, and network components.
Find: Requestors retrieve service descriptions from the registry.
Usage fees are typically based on resource consumption (e.g., CPU hours, data stored).
Bind: Requestors invoke services at runtime.
Virtualization
Web Service Components
Allows multiple operating systems to run on a single hardware platform.
XML: Data representation and exchange mechanism.
Types include full virtualization, para-virtualization, and hardware-assisted virtualization.
SOAP: Protocol for sending messages over the Internet, using XML.
Conclusion
WSDL: Describes the services offered by a web service.
Web services and service-oriented architecture (SOA) provide a framework for building
UDDI: Mechanism for registering and locating web services.
interoperable, modular applications using open standards. They facilitate communication between
Steps of Operation diverse systems and improve efficiency in data exchange and application integration. Understanding
Client queries UDDI registry to locate a service. these concepts is essential for leveraging cloud computing technologies effectively. Hypervisor and
Virtual Machine Monitor Overview
Registry refers the client to a WSDL document.
Definition and Functionality
Client accesses the WSDL document for interaction details.
Hypervisor (Virtual Machine Monitor): A software layer that allows multiple operating systems (OS)
Client sends a SOAP request, and the web service responds with a SOAP message. to run concurrently on a host machine by managing the guest OS instances directly on the CPU.
SOAP (Simple Object Access Protocol) Execution Context: The guest OS must use the same instruction set as the host OS. The guest OS
An XML-based protocol for exchanging messages. operates in user mode, meaning that privileged instructions (which require higher access) must be
intercepted or replaced by the hypervisor.
Characteristics: extensible, neutral (can use various transport protocols), and independent of
programming models. Goals for Virtual Machine Architecture (Popek and Goldberg)

Structure includes an envelope, header, body, and optional fault. Equivalence: The virtual machine (VM) should be indistinguishable from the underlying hardware,
providing a seamless experience for applications.
Resource Control: The VM must have complete control over any virtualized resources, ensuring that
it can manage its environment effectively.
Description: The guest OS is modified to be aware of the virtualization, allowing it to communicate
Efficiency: Most VM instructions should execute directly on the underlying CPU without requiring directly with the hypervisor without needing to trap privileged instructions.
hypervisor intervention, minimizing performance overhead.
Advantages:
Instruction Classification
Improved performance as the need for instruction trapping is reduced.
Privileged Instructions: Instructions that can only be executed in a higher privilege mode (e.g., Ring
Disadvantages:
0). If executed in user mode, they cause a trap.
Requires modification of the guest OS, which may not be feasible for all systems.
Sensitive Instructions: These include:
Hardware-Assisted Virtualization:
Control Sensitive: Instructions that change underlying resources (e.g., I/O operations).
Behavior Sensitive: Instructions that observe the current privilege level, revealing that the guest OS
is not running directly on hardware. Description: Utilizes processor extensions (e.g., Intel VT, AMD-V) to allow guest OS to run at higher
privilege levels (Ring 0).
Key Insight
Advantages:
For a VM to achieve the three goals, sensitive instructions must be a subset of privileged
instructions. This allows most instructions to run directly while trapping sensitive ones to the Supports unmodified OSs, allowing legacy systems to run without issues.
hypervisor for emulation. Drawbacks:
Limited flexibility, as the unmodified OS cannot leverage specific virtualization features.
Virtual Machine Monitor (VMM) and Virtual Machines (VM) Network Virtualization
A VMM can be constructed for conventional third-generation computers if sensitive instructions are Concept: Creating multiple logical networks from a single physical network infrastructure, allowing
a subset of privileged instructions. multiple service providers to operate independently.
A computer is recursively virtualizable if it can support a VMM without timing dependencies. Benefits:
Evolution of Server Virtualization Approaches Improved resource utilization.
Full Virtualization: Flexibility in network management.
Enhanced security and isolation between virtual networks.
Description: The first generation of virtualization, where an emulation layer allows a guest OS to XML: eXtensible Markup Language
operate as if it were running on physical hardware.
Overview: XML is a markup language designed for encoding documents in a format that is both
Advantages: human-readable and machine-readable.
Isolation of VMs from the host OS and each other, preventing performance impacts from unstable Key Features:
VMs.
Extensible: Users can define their own tags.
Total VM portability; VMs can move between different hardware platforms without issues.
Universal: Ensures consistent handling across different systems.
Drawbacks:
XML Processing
Performance overhead due to hardware emulation.
Parsers: Tools that read XML data and check for syntactic correctness.
Guest OS kernels must run at lower privilege levels, requiring instruction trapping and emulation.
Types:
Para-Virtualization:
SAX (Simple API for XML): Event-driven, memory efficient but less flexible for modifications.
DOM (Document Object Model): Tree-based, allows dynamic modifications but requires more Differences Between Cloud SLA and Web Service SLA
memory.
QoS Parameters:
JDOM: Java-specific, provides an object-oriented interface for XML processing.
XML Messaging
Traditional Web Services: Focus on response time, reliability, availability, and cost.
Usage: XML is commonly used for data exchange between systems.
Cloud Computing: Includes security, privacy, trust, and management aspects.
Standards:
Automation:
XML-RPC: Simple remote procedure call encoding.
SOAP (Simple Object Access Protocol): A protocol for exchanging structured information in web
Traditional Web Services: SLA processes are often manual.
services.
Cloud Computing: Automation is essential for dynamic and scalable service consumption.
Conclusion
Resource Allocation:
Understanding hypervisors and virtualization is crucial for deploying effective cloud computing
solutions. The evolution of virtualization technologies has led to more efficient and flexible systems,
while XML serves as a foundational technology for data exchange and messaging in modern Traditional Web Services: Uses UDDI for service discovery.
applications. Cloud Computing: Service Level Agreement (SLA)
Cloud Computing: Resources are allocated globally without a central directory.
What is a Service Level Agreement (SLA)?
Types of SLA
Definition: A formal contract between a Service Provider (SP) and a Service Consumer (SC) that
establishes the expected level of service. Off-the-shelf SLA:

Purpose: To define the performance and availability guarantees that the SP commits to deliver,
fostering consumer trust. Non-negotiable, created by the provider.
Components: Includes Service Level Objectives (SLOs) that are objectively measurable conditions Covers standard criteria such as contract period, billing, and response times.
for the service.
Negotiable SLA:
Contents of an SLA
Services Provided: A detailed list of services the provider will deliver.
Allows for negotiation through external agents.
Service Definitions: Specific definitions for each service offered.
Service Level Objectives (SLOs)
Responsibilities: Clearly outlined responsibilities for both the provider and consumer.
Definition: Measurable conditions for service performance, encompassing various QoS parameters
Metrics: A set of metrics to measure service performance against the guarantees. like availability and response time.
Auditing Mechanism: Processes to monitor service delivery. Examples:
Remedies: Actions available to both parties if SLA terms are not met. "Availability of service X is 99.9%."
Change Management: Procedures for how the SLA may evolve over time. "Response time for database query Q is between 3 to 5 seconds."
Web Service SLA Service Level Management
WS-Agreement: An XML-based protocol for negotiating, establishing, and managing service Monitoring: Continuous measurement of service performance based on SLOs.
agreements at runtime.
Provider Perspective: Decisions based on business objectives and technical realities.
WSLA (Web Service Level Agreement Framework): An XML-schema based language to express SLAs
Consumer Perspective: Decisions on how to effectively use cloud services.
and monitor Quality of Service (QoS) parameters.
Considerations for SLA performance, ensuring accountability, and fostering trust in cloud services. Understanding the
components, types, Cloud Computing: Economic Viewpoint and OpenStack Overview
Business Objectives: Understand the rationale for using cloud services.
Cloud Properties: Economic Viewpoint
Responsibilities: Define the balance of responsibilities between provider and consumer.
Key Properties
Business Continuity: Ensure adequate disaster recovery measures are in place.
Common Infrastructure:
System Redundancy: Utilize redundant systems to prevent outages.
Maintenance: Consider the impact of maintenance on service availability.
Definition: Pooled and standardized resources that leverage statistical multiplexing to optimize
Data Location: Ensure compliance with data location regulations.
performance and cost.
Provider Reliability: Assess the financial health of the provider and have contingency plans.
Benefits: Economies of scale lead to reduced overhead costs and improved resource utilization.
SLA Requirements
Location-Independence:
Security: Understand necessary controls and federation patterns.
Data Encryption: Specify encryption and access control policies.
Definition: Services are available globally, enhancing user experience while meeting performance
Privacy: Ensure data isolation in a multi-tenant environment. requirements.
Data Retention: Understand legal requirements for data retention and deletion. Benefits: Reduces latency and allows for ubiquitous access to cloud resources.
Auditability: Ensure the ability to audit the provider's systems and procedures. Online Connectivity:
Key Performance Indicators (KPIs)
Metrics that provide insight into service performance, including: Definition: Ensures continuous access to services, enabling other cloud properties.
Downtime, uptime, throughput, response time, and service-level violation rates. Benefits: Costs and performance impacts of network architectures can be analyzed using traditional
Example Cloud SLAs methods.

Amazon EC2: Guarantees 99.95% availability. Utility Pricing:

Microsoft Azure: Offers 99.95% availability with defined metrics for service credits.
Limitations of SLAs Definition: Pay-per-use pricing model that aligns costs with actual usage, beneficial for
environments with variable demand.
Service Measurement: Often restricted to uptime percentages, ignoring other critical parameters.
Benefits: Allows consumers to pay only for what they use, making cloud services more economical.
Bias Towards Vendors: Measurement parameters may favor providers.
On-Demand Resources:
Lack of Active Monitoring: Consumers may not have access to necessary monitoring data.
Expected SLA Parameters
Definition: Resources that can be provisioned and de-provisioned dynamically without delay or
IaaS: Metrics related to CPU capacity, storage, availability, and response time. additional costs.
PaaS: Metrics on integration, scalability, and deployment environments. Benefits: Provides scalability and elasticity, accommodating fluctuating workloads efficiently.
SaaS: Metrics on reliability, usability, and customizability. Value of Common Infrastructure
Conclusion Economies of Scale: Reduced costs through bulk purchasing and resource sharing.
Service Level Agreements are crucial in defining the expectations and responsibilities between Statistics of Scale:
service providers and consumers in cloud computing. They establish a framework for measuring
Higher utilization rates through multiplexing demand. Software as a Service (SaaS): Browser or thin client access.
Lower costs per delivered resource compared to unconsolidated workloads. Platform as a Service (PaaS): Built on top of IaaS, e.g., Cloud Foundry.
Reduced unserved demand and lower potential revenue loss from SLA violations. Infrastructure as a Service (IaaS): Provisioning of compute, network, and storage resources.
Coefficient of Variation (CV) Key Components of OpenStack
Definition: A statistical measure of dispersion, calculated as the ratio of the standard deviation (σ) Compute (Nova): Manages the lifecycle of compute instances, including spawning and scheduling
to the mean (μ). virtual machines.
Importance: A lower CV indicates a smoother demand curve, leading to better resource utilization. Networking (Neutron): Provides network connectivity and allows users to define networks and their
attachments.
Application: Aggregating independent demands can reduce CV, thereby minimizing penalties
associated with resource provisioning. Object Storage (Swift): Stores and retrieves unstructured data objects, ensuring fault tolerance
through replication.
Workload Considerations
Block Storage (Cinder): Offers persistent block storage to running instances, with a pluggable driver
Negative Correlation: Selecting customer segments with negatively correlated demand can optimize
architecture.
resource allocation.
Identity (Keystone): Handles authentication and authorization for OpenStack services.
Perfectly Correlated Demands: Understanding the implications of simultaneous peaks in demand is
crucial for resource management. Image Service (Glance): Manages virtual machine disk images for instance provisioning.
Location Independence Telemetry (Ceilometer): Monitors and meters cloud usage for billing and performance tracking.
Significance: The shift from accessing computers to accessing services and applications through Dashboard (Horizon): Provides a web-based portal for users to interact with OpenStack services.
networks enhances user experience.
OpenStack Architecture
Latency Considerations: Latency is influenced by distance and network routing, impacting service
User Interaction: Users log into Horizon to specify VM parameters and initiate resource
delivery.
provisioning.
Utility Pricing in Practice
Workflow: Involves authentication via Keystone, resource management through Nova, networking
Demand Variability: Real-world demands can be highly variable, necessitating flexible pricing via Neutron, and storage management through Cinder and Swift.
models.
Summary
Hybrid Models: Combining ownership and rental strategies can optimize costs based on usage
OpenStack provides a comprehensive cloud operating system that enables the management of
patterns.
various cloud services through a unified platform. Its architecture supports scalability, flexibility, and
On-Demand Services efficiency, making it a powerful tool for organizations looking to leverage cloud computing.
Penalty Costs: Costs incurred when resources do not match demand, which can lead to either
paying for unused resources or service delivery failures.
Conclusion
Exponential Demand: For rapidly increasing demand, fixed provisioning can lead to significant
Cloud Computing: Private Cloud Implementation using OpenStack and Google Cloud Platform
penalties.
Overview
OpenStack Overview
Private Cloud Implementation using OpenStack
What is OpenStack?
Overview of Meghamala @ IITKgp Cloud
Definition: An open-source cloud operating system that manages large pools of compute, storage,
Horizon Login Page: The user interface for accessing OpenStack services.
and networking resources in a data center, accessible through a web interface.
Compute Nodes: Graphical representation of resource usage across various compute nodes.
Capabilities:
Key Components Performance: Consistent CPU, memory, and disk performance across applications.
Instances: Details of virtual machine instances running in the cloud.
Cinder: Block storage details, managing persistent volumes. Support: Access to a global community and premium support packages.
Glance: Overview of available images for creating instances.
Neutron: Network access rules and security group configurations. Google Cloud Platform Services
Nova: Information on vCPUs, RAM, and storage details of hypervisors and flavors of VMs. Compute Services: Fully managed platforms and flexible virtual machines.
VM Creation Process Storage Services: Various options for maintaining easy access to data.
Creating a VM: Users can create virtual machines on demand using the OpenStack dashboard. APIs and Services: Quick integration of functionality for applications.
Accessing the VM: Users access their newly created VM through a client like X2Go. Example: Hosting a Web Page on GCP
VM Termination Create a Cloud Storage Bucket: Open the Cloud Storage browser and create a bucket.
Users can terminate their virtual machines when they are no longer needed, freeing up resources. Configure Website Settings: Set main and error pages for the bucket.
Google Cloud Platform (GCP) Overview Upload Files: Store website files in the bucket.
What is Google Cloud Platform? Access the Site: Obtain a public URL to view the hosted webpage.
Definition: A suite of cloud computing services that enables developers to build, test, and deploy Example: Building a Web App using Google App Engine
applications on Google’s reliable infrastructure.
Create a Project: Use the Google Cloud Platform Console to create a new project.
Benefits: Offers a modular approach to cloud services, allowing for the creation of everything from
Select Region and Language: Choose the region and programming language for the app.
simple websites to complex applications.
Clone Sample App: Use Cloud Shell to clone a sample app repository.
Key Advantages
Run Locally: Test the app locally before deploying.
Run on Google’s Infrastructure: Utilize the same infrastructure that powers Google services.
Deploy to App Engine: Use gcloud commands to deploy the application.
Access the Deployed App: View the app using the provided URL.
Global Network: Ensures redundancy and innovative infrastructure.
References and Resources
Focus on Product Development: Rapidly develop and deploy applications without worrying about
system administration. Google Cloud Platform Documentation: Comprehensive guides and tutorials available on the official
Google Cloud website.
Community and Support: Access to forums, user groups, and support channels for assistance.
Managed Services: Google manages the underlying infrastructure.
Conclusion
Mix and Match Services: Flexibility in choosing services based on application needs.
Both OpenStack and Google Cloud Platform provide robust solutions for cloud computing needs.
OpenStack allows for the implementation of private clouds with flexible resource management,
Compute, Storage, and Services: Offers a wide range of services to meet diverse application while GCP offers a wide array of services that leverage Google's infrastructure for scalable and
requirements. efficient application development and deployment. Cloud Computing: Service Level Agreement
(SLA) Tutorial and Resource Management
Scale to Millions of Users: Automatically scales applications to handle varying workloads.
Service Level Agreement (SLA)
Definition
Cost Efficiency: Pay only for the resources used.
Service Level Agreement (SLA): A formal contract between a Service Provider (SP) and a Service
Consumer (SC) that defines the expected level of service.
5 hours
Purpose: To provide a clear understanding of service performance and availability that the provider
30 minutes
guarantees to deliver.
1 hour 30 minutes
Foundation of Trust: The SLA serves as the basis for the consumer’s trust in the provider.
15 minutes
Components of SLA
2 hours 25 minutes
Service Level Objectives (SLOs): These are the objectively measurable conditions for the service that
are included in the SLA. They help consumers assess the reliability of the service provider. Calculations:

Problem Scenarios
Problem 1: Availability Guarantee Violation Total Outage Duration: [ 5 + 0.5 + 1.5 + 0.25 + 2.41667 = 9.66667 \text{ hours} ]

Scenario: A cloud service guarantees 99% availability. A third-party application runs for 12 hours a Total Service Hours: [ 30 \text{ days} \times 12 \text{ hours/day} = 360 \text{ hours} ]
day, and the total outage over a month is 10.75 hours. Actual Uptime: [ 360 \text{ hours} - 9.66667 \text{ hours} = 350.33333 \text{ hours} ]
Availability Percentage: [ \left( \frac{350.33333}{360} \right) \times 100 \approx 97.30% ]
Calculations: Service Credit Calculation: Since availability < 99.95%, the service credit is 10%.
Total Cost: [ 30 \times 50 = 1500 \text{ USD} ]
Total Hours in a Month: [ 30 \text{ days} \times 12 \text{ hours/day} = 360 \text{ hours} ] Service Credit: [ 0.10 \times 1500 = 150 \text{ USD} ]
Guaranteed Uptime: [ 99% \text{ of } 360 \text{ hours} = 356.4 \text{ hours} ] Effective Cost: [ 1500 - 150 = 1350 \text{ USD} ]
Actual Uptime: [ 360 \text{ hours} - 10.75 \text{ hours} = 349.25 \text{ hours} ] Cloud Properties: Economic Viewpoint
Availability Percentage: [ \left( \frac{349.25}{360} \right) \times 100 \approx 97.02% ] Key Properties
Conclusion: The provider has violated the SLA since 97.02% < 99%. Common Infrastructure: Pooled, standardized resources that benefit from statistical multiplexing.
Location-Independence: Services are available globally, enhancing user experience while meeting
Problem 2: Effective Cost Calculation with Service Credits performance requirements.

Scenario: Company X wants to use cloud service from provider P with the following SLA: Online Connectivity: Ensures continuous access to services, enabling other cloud properties.
Utility Pricing: Pay-per-use pricing model that aligns costs with actual usage.

Availability Guarantee: 99.95% On-Demand Resources: Scalable, elastic resources that can be provisioned and de-provisioned
dynamically.
Service Period: 30 days
Utility Pricing in Detail
Maximum Service Hours per Day: 12 hours
Cost Comparison:
Cost: $50 per day
Cloud Cost (CT) and Baseline Cost (BT) are compared to determine when cloud services are cheaper
Service Credits:
than owning resources.
10% for <99.95% uptime
Resource Management
25% for <99% uptime
Resource Types
Outages:
Physical Resources: Include computers, disks, databases, networks , etc.
Logical Resources: Include execution, monitoring, and communication capabilities. SLA: Essential for defining the expected level of service and ensuring trust between the service
provider and consumer. Summary of Cloud Computing and Cloud Security
Objectives of Resource Management
Scalability: Ability to efficiently manage resources as demand increases.
1. Basic Security Components
Quality of Service (QoS): Maintaining service standards.
Cost-Effectiveness: Minimizing expenses while maximizing utility.
Confidentiality: Protecting data and resources from unauthorized access.
Challenges in Resource Management
Hardware Challenges: Management of CPU, memory, storage, workstations, network elements,
sensors/actuators. Integrity: Ensuring data accuracy and authenticity.
Logical Resource Challenges: Management of operating systems, energy, network
throughput/bandwidth, load balancing mechanisms, information security, delays, APIs, protocols.
Availability: Guaranteeing access to data and resources when needed.
Resource Management Aspects
Resource Provisioning: Allocation of a service provider's resources to a customer.
2. Security Attacks
Resource Allocation: Distribution of resources economically among competing groups of people or
programs.
Types of Attacks:
Resource Adaptation: Ability or capacity of the system to adjust resources dynamically to fulfill user
requirements. Interruption: Disrupts availability.

Resource Discovery and Selection: Identification of authenticated resources available for job
submission and choosing the best among them. Interception: Breaches confidentiality.
Resource Brokering: Negotiation of resources through an agent to ensure necessary resources are
available at the right time.
Modification: Compromises integrity.
Resource Scheduling: Determining when an activity should start or end, depending on its duration,
predecessor activities, predecessor relationships, and resources allocated.
Performance Metrics for Resource Management Fabrication: Affects authenticity.

Reliability: Ability of the system to perform its required functions under stated conditions for a
specified period. 3. Classes of Threats
Ease of Deployment: How easily resources can be deployed and managed.
QoS: Maintaining service standards. Disclosure: Unauthorized access to information (e.g., snooping).
Delay: Time taken for a resource to be allocated or a task to be completed.
Control Overhead: The overhead associated with managing and controlling resources. Deception: Manipulation of data (e.g., spoofing).
Conclusion
Cloud Computing: Offers a scalable, on-demand, and cost-effective way to manage resources. Disruption: Interference with services.
Resource Management: Critical for ensuring efficient use of resources, maintaining QoS, and
minimizing costs.
Usurpation: Unauthorized control over resources.
4. Security Goals 9. Security Services

Prevention: Stop attackers from violating policies. Confidentiality, Authentication, Integrity, Non-repudiation, Access Control, Availability:
Fundamental services to protect data and systems.

Detection: Identify when a violation occurs.

10. Network Security Process

Recovery: Restore services and mitigate damage after an attack.

Involves determining security policies, implementing them, conducting reconnaissance,
vulnerability scanning, penetration testing, and post-attack investigations.
5. Trust and Assumptions

11. Cloud Computing Overview

Security policies must clearly define what is permissible and mechanisms must enforce these
policies effectively.
Cloud computing allows data and computation outsourcing with scalability, on-demand
provisioning, and pay-as-you-go pricing.
6. Types of Security Mechanisms

12. Security Risks in Cloud Computing

Secure Mechanisms: Ensure safety and proper functioning of systems.

Privileged User Access, Regulatory Compliance, Data Location, Data Segregation, and Long-term
Assurance: Involves specification, design, and implementation to meet security requirements. Viability are critical concerns.

7. Operational and Human Issues 13. Virtualization and Security

Cost-Benefit Analysis: Evaluate whether prevention or recovery is more cost-effective. Virtualization introduces unique risks such as hypervisor vulnerabilities, co-residency issues, and
data leakage.

Human Factors: Address organizational problems and insider threats.

14. Access Control & Identity Management

8. Passive vs. Active Attacks

Proper access control is crucial for preventing identity theft and ensuring data privacy.

Passive Attacks: Eavesdropping and traffic analysis without altering data.

15. Application Security

Active Attacks: Involve data modification or denial of service.

Cloud applications are susceptible to various attacks, including injection attacks and cross-site
scripting.
Questions arise about identifying the physical location of instances and whether two instances
share the same hardware.
16. Data Life Cycle Management Techniques include network probing and analyzing IP address patterns.
Exploitation of Co-residency:
Ensures confidentiality, integrity, and availability of data throughout its life cycle, addressing
concerns over unauthorized access and data loss.
Attacks can involve measuring resource usage, creating covert channels, and timing keystrokes.
Cache and load-based techniques can be used to leak information from co-resident instances.
Conclusion
Preventive Measures:
Cloud security involves a complex interplay of policies, technologies, and human factors. The
framework outlined emphasizes the need for robust security measures to protect against a variety
of threats in both traditional and cloud environments. Summary of New Risks in Cloud Computing Suggestions include randomized IP allocation, blocking probing tools, and avoiding co-residency.
and Security Issues Summary:
New Risks in Cloud Computing
Trust and Dependence: Shared infrastructure in cloud computing introduces significant security challenges, necessitating
effective countermeasures.

Establishing trust between customers and cloud providers is essential. Security Issues in Collaborative SaaS Cloud

Customers must rely on providers to protect data privacy and computation integrity. Unique Security Features:

Security Challenges (Multi-tenancy):

Co-tenancy and lack of control over outsourced data raise concerns.

Multiple customers share the same physical hardware, increasing risks. Customers face inadequate policies and insufficient security controls.

Potential for side-channel attacks and cross-VM information leakage, which can compromise SaaS Cloud Collaboration:
sensitive data (e.g., RSA and AES keys).
Attack Model: APIs facilitate resource sharing, but integrity of shared data can be compromised.
Choosing reliable vendors is crucial for secure collaboration.
Focus on practical cross-VM attacks in third-party clouds like Amazon EC2. Motivations and Challenges:
Attacks involve two steps: placement of a malicious VM and extraction of confidential information.
Threat Model: Lack of control in SaaS models and the absence of active monitoring increase security risks.
The need for a reliable selection process for SaaS providers is emphasized.
Assumes a trusted provider and infrastructure, focusing on non-provider-affiliated attackers. Frameworks for Security:
Attackers can run multiple instances, potentially co-residing with victims, leading to data breaches.
Co-residency Determination: Development of frameworks like SelCSP for selecting trustworthy service providers.
Risk-based access control (RAC) to balance access risk and security uncertainty. Examples include Amazon Silk browser and Apple iCloud, which enhance mobile capabilities
through cloud services.
Inter-Domain Role Mapping (IDRM):
Definition of Mobile Cloud Computing:

Aims to find minimal roles encompassing requested permissions.

MCC combines cloud computing, mobile computing, and wireless networks to provide rich
Challenges include multiple minimal role sets and the need for effective conflict detection and
computational resources to mobile users.
removal.
It allows resource-intensive computing to occur in the cloud, reducing the need for powerful mobile
Conflict Detection and Removal:
devices.
Benefits of MCC:
Mechanisms are proposed to dynamically detect and resolve access policy conflicts.
Focus on ensuring both security and availability in collaborative environments.
Speed and flexibility in application development.
Conclusion:
Shared resources enable data-intensive processes to run in the cloud.
Integrated data from various sources enhances user experience.
Addressing security in collaborative SaaS clouds involves selecting trustworthy providers, managing
Key Features:
access risks, and ensuring data integrity through robust frameworks.
Overall Implications
Quick delivery and management of mobile apps.
The evolving landscape of cloud computing introduces new security challenges, particularly in
multi-tenant environments. Establishing trust, ensuring data integrity, and implementing robust Reduced device resource usage due to cloud support.
security frameworks are essential for safeguarding sensitive information in cloud services. Summary
Reliability through cloud-based data storage.
of Mobile Cloud Computing and Fog Computing
Challenges:
Mobile Cloud Computing (MCC)
Motivation:
Security and privacy concerns for mobile users.
Network latency can affect performance.
Rapid growth in smartphone usage and mobile apps.
Dynamic runtime offloading requires efficient application profiling and synchronization.
Increased mobile device capabilities and internet access via mobile devices.
Key Components:
Challenges include battery life, storage, and bandwidth, which cloud computing can address by
providing resources elastically and at low cost.
Mobile Backend-as-a-Service (MBaaS): Profiler: Monitors application execution.
Solver: Determines which parts of an app run on mobile vs. cloud.

Connects mobile applications to backend cloud services, simplifying infrastructure management for Synchronizer: Manages results from split execution.
developers. Applications of MCC:
Allows developers to focus on front-end development while leveraging cloud resources.
Augmentation of Mobile Devices: Mobile health care, gaming, commerce, and assistive technologies.
Context-aware services like dynamic parking management.
Fog Computing Addressing issues related to data availability and workload management.
Definition: Conclusion
Both Mobile Cloud Computing and Fog Computing represent significant advancements in leveraging
cloud resources to enhance mobile applications and services. They address various challenges
Fog computing extends cloud computing to the network edge, enabling data processing and
related to performance, security, and resource management, making them essential in the evolving
applications to run closer to end users.
landscape of mobile and IoT technologies. Summary of Cloud Computing and Geospatial Cloud
It aims to reduce latency and improve the performance of real-time applications.
Cloud Computing Overview
Motivation:
Definition:

Addresses the limitations of cloud computing, particularly for latency-sensitive applications.

Cloud computing enables on-demand self-service, allowing users to access resources as needed
Provides data, compute, storage, and application services at the edge of the network. with minimal human interaction with the cloud service provider (CSP).
Key Features: Key Characteristics:

Low latency and location awareness. Ubiquitous Network Access: Services are accessible over the internet using web applications.
Supports mobility and a large number of nodes. Resource Pooling: Resources are pooled to serve multiple consumers, allowing efficient and optimal
Enhances quality of service (QoS) for real-time applications. resource allocation.

Challenges: Location Independence: Resources can be located at various geographical locations.

Rapid Elasticity: Resources can be dynamically scaled up or down based on demand.

Proper resource allocation and management among fog nodes. Measured Services: Customers are charged based on their actual usage of cloud resources.

Security issues related to authentication and data privacy. Geographic Information

Ensuring reliable performance despite network variability. Definition:

Use Cases:
Geographic information is explicitly linked to locations on the Earth's surface and can be either
static (e.g., city locations) or dynamic (e.g., population changes).
Emergency response systems, natural disaster management, and IoT applications.
Types of Geospatial Information:
Connected vehicles and smart traffic management.
Security Concerns:
Legal, political, cultural, climatic, topographic, biotic, medical, economic, infrastructure, and social
data.
Authentication at multiple gateways and fog nodes. Data Sources:
Risks of man-in-the-middle attacks and data privacy issues.
Resource Management: Social surveys, natural surveys, remotely sensed data, reporting networks, and field data collection.
Geographic Information Systems (GIS)
Efficiently utilizing fog nodes to improve system throughput and meet latency requirements. Definition:
 Scaling spatial databases, ensuring multi-tenancy, and managing data security.
GIS is a computer system used for capturing, storing, querying, analyzing, and displaying geospatial Interoperability among different GIS layers developed by various departments.
data.
Security Concerns:
Components of GIS:

Multi-tenancy and lack of control over data and applications pose significant security risks.
Hardware, software, data management procedures, spatial data, and personnel for operation.
Concerns for Deployment:
Challenges:

Identifying which assets to deploy in the cloud, their value, and potential vulnerabilities.
GIS is data and computation-intensive, requiring dynamic resource scaling and high reliability.
Conclusion
Need for Geospatial Cloud
Cloud computing, particularly in the context of geospatial applications, offers significant advantages
Rationale: in terms of resource management, scalability, and accessibility. However, it also presents challenges
related to data integration, security, and the management of heterogeneous systems. The
development of a geospatial cloud can facilitate better decision-making and enhance the efficiency
Organizations need to share spatial data efficiently while managing varying requirements for data of spatial data usage across various sectors. Summary of Cloud Computing, Docker, Green Cloud,
space and bandwidth. Sensor Cloud, and IoT Cloud
Geospatial cloud computing offers a platform for integrating and sharing spatial data, reducing Introduction to Docker
infrastructure needs and enhancing decision-making.
Overview:
Advantages:

Docker is a container management service launched in March 2013, designed to facilitate the
Resource pooling, reduced costs, enhanced data availability, and improved security for shared data. development, shipping, and running of applications anywhere.
Geospatial Cloud Architecture It promotes a seamless workflow for developers, especially in Agile-based projects.
Architecture: Key Features:

Comprises enterprise GIS instances, resource services, data services, and user interfaces. Reduces the size of development environments by using lightweight containers.
Enables integration of heterogeneous data from various sources and facilitates service Enables collaboration among software teams (development, QA, operations) across different
orchestration. applications.
Service Integration: Containers can be deployed on any physical or virtual machine, including cloud environments.
Components:
Supports querying and processing of spatial data through cloud-based services, allowing for
applications like shortest path calculations and merging of data from different sources.
Docker for Mac, Linux, and Windows: Platforms to run Docker containers.
Challenges in Geospatial Cloud
Docker Engine: The core component for building and running Docker containers.
Implementation Issues:
Docker Hub: A registry for hosting Docker images.
Docker Compose: A tool for defining multi-container applications.
Architecture: Definition:

Unlike traditional virtualization, Docker containers share the host OS kernel, making them Sensor Cloud Computing integrates large-scale sensor networks with cloud infrastructures, enabling
lightweight and faster to start compared to virtual machines (VMs). efficient data collection, processing, and sharing.
Terminology: Key Features:

Image: A lightweight package that contains everything needed to run a piece of software. Supports the entire sensor data lifecycle from collection to decision-making.
Container: A runtime instance of an image. Facilitates collaboration among users and applications across the cloud.
Dockerfile: A script for automating the creation of Docker images. Architecture:
Green Cloud Computing
Definition: Comprises a Sensor-Cloud Proxy that manages sensor connectivity and data processing, allowing for
dynamic virtual sensor creation.
Virtual Sensors:
Green cloud computing focuses on environmentally responsible and eco-friendly practices in the
use of computing resources.
It aims to minimize energy consumption while maximizing efficiency in cloud operations. Virtual sensors emulate physical sensors and provide customized data views, enhancing scalability
and flexibility in sensor networks.
Challenges:
IoT Cloud
Definition:
Data centers contribute significantly to CO2 emissions and energy consumption.
The need for energy-efficient designs and practices in cloud computing is critical.
The IoT Cloud integrates IoT devices with cloud computing to provide scalable and flexible services
Advantages:
for managing and analyzing vast amounts of data generated by connected devices.
Components:
Reduces operational costs and environmental impact through efficient resource management.
Encourages the adoption of renewable energy sources in data centers.
Things: IoT devices and sensors collecting data.
Green Cloud Architecture:
Gateway: Facilitates communication between IoT devices and the cloud.
Network and Cloud: Provides the infrastructure for data storage and processing.
Involves a green broker for managing cloud services while considering carbon footprints and
Challenges:
operational costs.
Sensor Cloud Computing
Scalability, real-time processing, security, and privacy issues in managing IoT data.
Motivation:
Use Cases:

The increasing adoption of sensing technologies and the need for real-time data integration with
cloud services. Applications in smart cities, healthcare, logistics, and vehicular data services.
Conclusion
Cloud computing, Docker, Green Cloud, Sensor Cloud, and IoT Cloud represent significant
advancements in technology, providing scalable, efficient, and flexible solutions for modern
computing needs. The integration of these technologies enhances data management, reduces
environmental impact, and fosters innovation across various sectors.