Cloud Case Study
CLOUD CASE STUDY 13
Cloudcomputing is rather broad term describing a broad range of services,in the modern information technology (IT) environment, significantdevelopers and vendors are using the term ‘cloud’ especially forproducts that are even out of the common definition. The NationalInstitute of Standards and Technology (NIST) describes this computingmodel as a system ensuring easy, on demand set of connections linkinggroups of manipulate-able computing technological virtual andnone-virtual resources, this include, network connections, hostservers, required cloud storage, different applications, and otherneeds linked to the computing model. As such, it focuses on computingmodels that are easily provided and require minimal follow up effortsand interactions by the supplier. These technologies can beimplemented in different forms of architecture, in different servicesand models of deployment in addition, they will coexist with othertechnologies wherever they have been implemented. Cloud computingpresents alarming security challenges, this includes those faced bypublic clouds run by external parties that delivertothe common community through different occupant platforms.
Thenew trend in cloud computing are promising to bring about cons asmuch as it has pros on federal networks and related firms. This is inthe sense that the different components making the models seempromising have downsides especially to the existing security set-ups.As such this essay focuses on the different threats posed,technological risks, and issues relating to the safe guarding ofrelated cloud computing technologies. In addition, the essay examinesvarious models of cloud services, which include, Software as aService (SaaS), Platform as a service (PaaS), and Infrastructure as aService (IaaS).
Howis cloud computing model different from traditional structures ofoffering IT maintenance?
Thevital traits that come with cloud models setting it aside from othertraditional IT providers
Exampleof organizational uses for SaaS, PaaS, and IaaS
Comparingcloud service providers
Challengesfaced in identity guarantee and procedures to guarantee it
Why cloud computing differs from other traditional forms of providing IT support
Cloudcomputing has been defined to by NIST as the model of facilitatewell-situated, on-demand set-up utilization to be utilizing a pool ofconfigured computing infrastructure, these include servers, networks,storages, applications, plus services rendered with little follow upand supplier supervision. (Anandasivam & Weinhardt, 2010).Notably, cloud models have been confused or compared to differenttraditional models in IT. Some computing programs not related to thecloud models yet compared are for instance peer to peer networks,architecture relating to services and grid, and network assetsharing. A basic cloud computing comprises of servers, provisionalstorage, operational applications, and different services acquiredover a universal network. Cloud computing is used harmoniously byfirms and organizations, different application users can access it,whereby, these users can part of the firm all under the same network,or from outside but affiliated to the organization, or members ofpublic.
Thecloud models can be made available with ease and run with littleinterference from the service vendor thus, allowing independence tothe firm. This simply translates to an organization utilize as manyservers as it requires or just a few servers as it may please,utilize application and services, and configure those it uses to suitits requirements whenever it feels like do that. Cloud models havefive different vital characteristics, that is, they are on demandself-service, entail broad network access, resource pooling, rapidelasticity, and measured services are what set it apart from othercomputing models. Cloud models comprise of three basic networkmodels, and they include infrastructure as a service (IaaS), theplatform as a service (PaaS), and the software as a service (SaaS).Matters deployment, it entails four different forms, which are inreference to how it owned or operated, as such cloud models caneither be a classified cloud, a communal cloud, a community cloud, ora hybrid cloud (NIST, 2010).
Theessential characteristics of cloud computing setting it aside fromother traditional IT providers
Consumerscan manipulate different cloud resources automatically without theinvolvement of human interactions with the different serviceproviders (NIST, 2010). Therefore, clients must be in a position toacquire services from the infrastructure, associated stage, or theapplication level when they feel like it without calling for majorhelp. Since these applications are often purchased, the consumer hasto open profile account with the cloud service provider where theyset up security and billing certification, and finally, selecting aplan apply on the cloud model resource for vending. This process ismostly done through an online platform that is user friendly andeasily accessible. A case scenario of IaaS, it allows the clientestablish virtual equipment, be able to allocate network gateways,and be in a position to allocate addresses.
Indifferent instances especially those under provision of privatecompanies, compensation is not required, with the service vendorstill offering the user capability to manipulate the resources anddecide on suitable schedules of use. The provider plays an importantrole, as the on-demand self-service necessitate that procurement,account management, service installation, safety of the system,managing the service, billing, and payment procedures be put inplace. The established mechanisms are put in place integrating withOS services are established, operate, and stopped in harmony with theclient’s requests. Note that, cloud computing offers an illusion ofinfinite resources, but this reality is not in existence, what playsis how well the service lenders can predict demand and howefficiently they will provide the offered services to meet thedifferent customer expectations.
Broad Network Access
Thecapabilities are on network and easily accessible via typicalmechanisms promoting diverse client platforms such laptops,Smartphone, and PDAs. Network access is required to initiate provideclient’s link to utilization of various models services and otheradditional services that the purchaser might require the cloudservice. For instance, a business may use the offered services to runa website giving their consumers information on products and servicesthey offer, as such the business needs links to acquire and configurecloud allowing managing and operation of its site, while itscustomers require network access to use the website.
Usersof cloud services might access the services form different devicessuch as phones, PCs, and tablets using browsers on the device. Inaddition, network access can be through an integration of theconsumer’s IT structural design, having admission from wide andcomplicated computer structures. The access to the cloud servicesshould be via standardized means, introducing a vital deliberationfor the different cloud completion. For commercial companies, theydemand highest marketplace access, as such higher the level of accessthe higher potential for increase in sales. A greater network undercloud model translates to the business is in a position to implementadditional services accessible to anyone and anywhere through avariety of devices (Anandasivam & Weinhardt, 2010).
Thecloud vendor are gathered together to serve multiple consumers viadifferent models, entailing different resources that are importantand designed and they are assigned and reassigned depending on thedifferent consumer demands. The different resources include storages,processing, memory storage, the network bandwidth, and vitalequipment. The conventional IT models will provide general ITservices to one customer or enterprise since they assign pooledresources dynamically to meet demand. On the other hand, cloudcomputing vendors can offer maintain utmost services level with leastresources, this translate to the consumer to mean a high QoS at alower cost, which consequently allow for the success of cloudcomputing (Mell & Grance, 2011).
Thedifferent resources can be shared at different levels of cloudcomputing which include the infrastructure level, the platform, andapplication levels. Majority of cloud clients utilize the sameinfrastructure and similar platforms. Resource pooling may take upmulti-tenancy that implies a solitary case of computing resourcesserving manifold clients firms or tenants offering split settings forthe different tenant. Additionally, resource gathering entails sitesovereignty. A provider having facilities in a suitable locationtranslates to minimal costs, where resources are in diverselocations, it translates to ease of maintenance incase of data loss,power or network connectivity.
Competenceare quickly and elastically provisioned sometimes done by design,allowing quick scaling and quick release to rapidly level in. theuser may view the offered services as incomplete and can be acquiredat anytime and amount. Therefore, cloud computing benefits from theability to have flexible computing services that can either beexpanded or packed to meet rising demand. Elasticity comes with threemajor features, that is, linear scaling, on-demand utilization, andpay as you go. With this, resource gathering aids in the provisionensuring it attain elasticity make sure a resource that are no morerequired by one user is given to a different client (Mell &Grance, 2011).
Thisis to say cloud systems involuntarily manage and utilize resources bycapitalizing on metering capabilities at different levels ofabstraction that fits services being offered, such bandwidth, storageand operation of accounts. As such, usage of resources can besupervised, managed, and responses taken making sure there istransparency for both provider and consumer under the cloud computingservices. Patrons need sufficient measurements from their serviceprovider allowing them make purchasing operational judgments, assuch, the sellers must provide adequate information on their billingup-front to give the consumer to make informed decisions on purchase(Mell & Grance, 2011).
Example Of Organizational Uses For SaaS, PaaS, And IaaS
Organizational use for SaaS
Softwareas a Service (SaaS) applications are developed intended forconsumers, and they are sent over the network. SaaS allows networkadmission to different marketable software, with the software becontrolled from a single location, the users do not have to deal withsoftware improvement, and Application Programming Interfaces (APIs),allow for incorporation between dissimilar structures of software.SaaS makes sense where the organization intending to utilize itexperiences major interaction between the business and the exteriorworld, and in organizations that have software to be used forshort-term needs (Erl, Puttini, and Mahmood, 2013)
Anexample of an organization is Groupon a company that deal on, thefinest things to carry out, observe, eat, and purchase covering over500 markets and 50 countries across the globe. The company isutilizing an online software support solution to transact with hugevolume of consumers. As such, the group has over 150 employees whohandle nearly 16,000 tickets per day. The organization’s now findsit easy to integrate SaaS with other solutions ensuring it hasincreased productivity. The service provided by Zendesk is moresuitable for this organization since it allow room for integration asthe company reports integrating allowing it to grow beyond itslimits.
Platform as a Service
PaaSoffers the reimbursement provided by SaaS for applications via thesoftware advancement world. Therefore, PaaS can be put as the set oftools and services designed to make coding and operation of thisservices quickly and effectively. The service allow a web facilitatedconfiguration tool that helps to create modify, test, launchdifferent UI scenarios, allowing an incorporation with web servicesand records via the common standards, allow development teamcollaborations, and creation of tools to handle billing andsubscription management (Erl, Puttini, & Mahmood, 2013). As such,PaaS is most practical in instances that numerous developers are towork on an improvement scheme or where exterior parties requireinteracting with the growth process.
Anexample of an organization utilizing PaaS is Menu-mate whereby ituses PaaS to serve flavorsome requests. The company offers a point ofscale hardware and software used in the hospitality industry. Assuch, the company has take advantage of a platform offered by PaaS tomigrate over time a series of legacy applications that are employedin the business. The utilization of this platform has allowed thecompany be able to centralize, modernize, and integrate an in-housesoftware tool kit. An example of software developed is the LabelPrinting that creates fright labels used in sending consumables andhardware to consumers. Notably, the utilization of PaaS hasfacilitated the fast development of different applications than itwould have been without PaaS and lowering the cost of development, assuch it is more suitable for use by the firm.
Infrastructure as a Service
Thisprocess of growing cloud model infrastructures, that is, its servers,the storage, networks, and related operating systems, therefore, IaaScan be defined as the hardware that powers it all. The generaluniqueness of IaaS is that resources are disseminated as a serviceit gives for dynamic scaling, it bears changeable cost and a utilitypricing model, and it normally entails numerous clients on a solitarypiece of hardware. IaaS makes sense in new organizations withoutcapital to invest (Erl, Puttini, & Mahmood, 2013).
Anexample of a company utilizing IaaS is Live Smart Solutions thathelps dieters through taking an infrastructure diet. The company’ssite bears at least an average of 300,000 daily visits, and spikes upto a million unique views. The company moving to cloud computinginfrastructure has enable it focus on core business livinginfrastructure management to the experts, in addition, cloudinfrastructure has been reported to provide lower costs and offerelasticity than other related server. Live Smart Solution in highseasons while utilizing cloud servers has developed different webfront ends in a few minutes and bring them down when trafficdwindles. The witnessed elasticity in the firm, makes IaaS model ofcloud computing more suitable for the company to run on itsvirtualized environment.
Comparing cloud service providers
Cloudcomputing is a mixture of various services facilitating sharingthrough the web. Cloud computing offers three main service replicas,that is, the software as a Service (SaaS), the Platform as a Service(PaaS), and the Infrastructure as a Service (IaaS). The SaaS, is themost familiar and mostly used cloud service, with SaaS consumers donot concern themselves with their hardware, facilities, or even theoperating system they are using, all they do is just pay a fee forthis service. SaaS brings scalability with it as an advantage sinceconsumers do not have to buy additional servers or software it isjust a matter of adding new offerings or increases the capacity viatheir providers. Therefore SaaS limits the time an organizationspends in installations or redeployment of new features, allowing afirm to benefit quickly from adjustments. The dealer being in chargeof upgrades translates to mean features for upgrade are automaticallyavailable, and finally, the service to use the service on a shortterm basis via the pay for use model (Erl, Puttini, & Mahmood,2013).
ThePaaS services allow the consumer to rent servers to run and testapplication, therefore, the user can rent hardware, operating system,storages, and network capacities over the internet. PaaS provides aplatform service via which developers can developers can buildsoftware on the installed platforms and not have to worry aboutinstalling a maintaining operating system, or worry about the cost ofsuch an initiative, the storage, and load balance among other detailsthat worry developers. Therefore, PaaS initiative to provide theunderlying infrastructure reduces a firm’s over head cost. Notably,this service model is attractive to large organizations planning tocustomize applications (Anandasivam & Weinhardt, 2010).
TheIaaS service model represents the model where equipments are used foroperational support and it is offered the host service provider.Therefore, this service subjects the management of hardware and datacenters to the service provider, while the client IT managers controltheir own platforms. With the IaaS model a firm does not have tomaintain physical hardware, which can be a drain of the company’sfunds, notably, IaaS is where PaaS runs on, and a company does notrequire scaling of resources, instead they simply pay for theadditional infrastructure. This model is ideal for business requiringcomplete control over high performance in applications, or newcompany lacking resources to produces hardware, also, for a growingcompany expecting its system to go through an evolution, then IaaS isthe way to go. Nevertheless, it is important for the organization toselect carefully to ensure its information is kept safely and secure(Anandasivam &Weinhardt, 2010).
Theunderstanding of the services offered is that cloud computingservices can offer major advantages to firms taking time tounderstand the different models. As such superiority of a modelservices lies in the needs of an organization and the comprehensionof the advantages and disadvantages of the different models ensuringthe right business decisions.
Challenges with Identity Assurance and Techniques for Ensuring it
Identityproofing and authentication under identity management involves theuse, servicing, and safeguarding cloud models from clients. As such,the protection and anticipation of unlawful admission to cloudresources in the different models is a key consideration. One issuethat has been recurrent is that of directorial classification andverification structure which does not obviously expand to an opencloud and expand or altering the accessible structure to maintain thecloud offered services might be tricky. As such, option resolutionsare employ two dissimilar verification systems, one dealing with theinner organization and the second to deal with the external cloudbased systems, which may as turn into a complication over time (NSIT,2011).
Foridentity assurance to be successful, access management has to bebroken down cautiously and unmistakably protecting from theunderlying threats. An apparent division manages identities of theproduct client from the provider or facilitates genuine entities andthe other way round. Identity can be accomplished via SecurityAssertion Markup Language (SAML) standards or the OpenID standard.SAML offers a channel to exchange information among differentdomains. SAML on its own is not capable to offer a strong cloudidentity and access to the different services rendered cloudproviders to manage the right of entry to cloud resources can utilizeeXtensible Access Control Markup Language (XACML), (Yang and Chen,2010).
Anandasivam,A., & Weinhardt, C. (2010). Towardsan efficient decision policy for cloud service providers.
Erl,T., Puttini, R. & Mahmood, Z. (2013). Cloudcomputing : concepts, technology, & architecture.Upper Saddle River, NJ: Prentice Hall.
Mell,P., & Grance, T. (2011). The NIST definition of cloud computing.
USDepartment of Commerce National Institute of Standards and Technology(2011), Guidelines on Security and Privacy in Public Cloud Computing (SpecialPublication 800-144) Retrieved from NSIT Main Page viadatabase: http://csrc.nist.gov/publications/nistpubs/800-144/SP800-144.pdf.
Yang,J., & Chen, Z. (2010, December). Cloud computing research andsecurity issues. In ComputationalIntelligence and Software Engineering (CiSE), 2010 International Conference on(pp. 1-3). IEEE.