Scribd
Upload
7 views11 pages

Lecture 9

Uploaded by

safarinyakundi21
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
7 views11 pages

Lecture 9

Uploaded by

safarinyakundi21
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

The type1 hypervisor does not have any host operating system because they are installed on a bare

system.
Type 2 hypervisor is a software interface that emulates the devices with which a system normally
interacts. Containers, KVM, Microsoft Hyper V, VMWare Fusion, Virtual Server 2005 R2, Windows Virtual
PC and VMWare workstation 6.0 are examples of Type 2 hypervisor. The following diagram shows the Type 2
hypervisor.

TUTORIALS POINT
Simply Easy Learning
Types of Hardware Virtualization
Here are the three types of hardware virtualization:

1. Full Virtualization

2. Emulation Virtualization

3. Paravirtualization

FULL VIRTUALIZATION
In Full Virtualization, the underlying hardware is completely simulated. Guest software does not require any
modification to run.

TUTORIALS POINT
Simply Easy Learning
EMULATION VIRTUALIZATION
In Emulation, the virtual machine simulates the hardware and hence become independent of the it. In this, the
guest operating system does not require modification.

TUTORIALS POINT
Simply Easy Learning
PARAVIRTUALIZATION
In Paravirtualization, the hardware is not simulated. The guest software run their own isolated domains.

TUTORIALS POINT
Simply Easy Learning
VMware vSphere is highly developed infrastructure that offers a management infrastructure framework for
virtualization. It virtualizes the system, storage and networking hardware.

TUTORIALS POINT
Simply Easy Learning
CHAPTER

18
Cloud Computing Security

S ecurity in cloud computing is a major concern. Data in cloud should be stored in encrypted form. To restrict

client from direct accessing the shared data, proxy and brokerage services should be employed.

Security Planning
Before deploying a particular resource to cloud, one should need to analyze several attributes about the resource
such as:

 Select which resources he is going to move to cloud and analyze its sensitivity to risk.

 Consider cloud service models such as IaaS, PaaS, and SaaS. These models require consumer to be
responsible for security at different levels of service.
 Consider which cloud type such as public, private, community or hybrid.

 Understand the cloud service provider's system that how data is transferred, where it is stored and how to
move data into and out of cloud.

Mainly the risk in cloud deployment depends upon the service models and cloud types.

Understanding Security of Cloud


SECURITY BOUNDARIES
A particular service model defines the boundary between the responsibilities of service provider and
consumer. Cloud Security Alliance (CSA) stack model defines the boundaries between each service model and
shows how different functional units relate to each other. The following diagram shows theCSA stack model:

TUTORIALS POINT
Simply Easy Learning
KEY POINTS TO CSA MODEL:
 IaaS is the most basic level of service with PaaS and SaaS next two above levels of service.

 Moving upwards each of the service inherits capabilities and security concerns of the model beneath.

 IaaS provides the infrastructure, PaaS provides platform development environment and SaaS provides
operating environment.

 IaaS has the least level of integrated functionalities and integrated security while SaaS has the most.

 This model describes the security boundaries at which cloud service provider's responsibility ends and the
consumer's responsibilities begin.

 Any security mechanism below the security boundary must be built into the system and above should me
maintained by the consumer.

Although each service model has security mechanism but security needs also depends upon where these services
are located, in private, public, hybrid or community cloud.

UNDERSTANDING DATA SECURITY


Since all the data is transferred using Internet, data security is of major concern in cloud. Here are key
mechanisms for protecting data mechanisms listed below:

 Access Control

TUTORIALS POINT
Simply Easy Learning
 Auditing

 Authentication

 Authorization

All of the service models should incorporate security mechanism operating in all above-mentioned areas.

ISOLATED ACCESS TO DATA


Since data stored in cloud can be accessed from anywhere, therefore to protect the data, we must have a
mechanism to isolate data from direct client access.

Brokered Cloud Storage Access is one of the approaches for isolating storage in cloud. In this approach, two
services are created:

 A broker with full access to storage but no access to client.

 A proxy with no access to storage but access to both client and broker.

WORKING OF BROKERED CLOUD STORAGE ACCESS SYSTEM


When the client issue request to access data:

 The client data request goes to proxy's external service interface.

 The proxy forwards the request to the broker.

 The broker requests the data from cloud storage system.

 The cloud storage system returns the data to the broker.

 The broker returns the data to proxy.

 Finally the proxy sends the data to the client.

All of the above steps are shown in the following diagram:

TUTORIALS POINT
Simply Easy Learning
Encryption
Encryption helps to protect data from being compromised. It protects data that is being transferred as well as data
stored in the cloud. Although encryption helps to protect data from any unauthorized access, it does not prevent
from data loss.

TUTORIALS POINT
Simply Easy Learning
CHAPTER

19
Cloud Computing Operations
Overview

C loud Computing operation refers to delivering superior cloud service. Today, cloud computing operations

have become very popular and widely employed by many of the organizations just because it allows to perform all
business operations over the Internet.

These operations can be performed using a web application or mobile based applications. There are a number of
operations that are performed in cloud, some of them are shown in the following diagram:

Managing Cloud Operations


There are several ways to manage day-to-day cloud operations, as shown in the following diagram:

TUTORIALS POINT
Simply Easy Learning
 Always employ right tools and resources to perform any function in the cloud.

 Things should be done at right time and at right cost.

 Selecting an appropriate resource is mandatory for operation management.

 The process should be standardized and automated to avoid repetitive tasks.

 Using efficient process will eliminate the waste and redundancy.

 One should maintain the quality of service to avoid re-work later.

TUTORIALS POINT
Simply Easy Learning

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy