CLOUD COMPUTING
Cloud computing is a type of computing that relies on sharing computing resources rather than having local servers or personal devices to handle applications.
In cloud computing, the word cloud (also phrased as "the cloud") is used as a metaphor for "the Internet," so the phrase cloud computing means "a type of Internet-based computing," where different services -- such as servers, storage and applications -- are delivered to an organization's computers and devices through the Internet.
Cloud computing is comparable to grid computing, a type of computing where unused processing cycles of all computers in a network are harnesses to solve problems too intensive for any stand-alone machine.
The goal of cloud computing is to apply traditional supercomputing, or high-performance computing power, normally used by military and research facilities, to perform tens of trillions of computations per second, in consumer-oriented applications such as financial portfolios, to deliver personalized information, to provide data storage or to power large, immersive computer games.
To do this, cloud computing uses networks of large groups of servers typically running low-cost consumer PC technology with specialized connections to spread data-processing chores across them. This shared IT infrastructure contains large pools of systems that are linked together. Often, virtualization techniques are used to maximize the power of cloud computing.
There are many types of public cloud computing:
·
Infrastructure
as a service (IaaS)
·
Platform as a service (PaaS)
·
Software as a service (SaaS)
·
Network as a service (NaaS)
·
Storage as a service (STaaS)
·
Security as a service (SECaaS)
·
Data as a service (DaaS)
·
Database
as a service (DBaaS)
·
Test environment
as a service (TEaaS)
·
Desktop virtualization
·
API as a service (APIaaS)
·
Backend as a service (BaaS)
The Cloud
Computing Architecture of a cloud solution is the structure of the
system, which comprise on-premise and cloud resources, services, middleware,
and software components, geo-location, the externally visible properties of
those, and the relationships between them. The term also refers to
documentation of a system's cloud computing architecture. Documenting
facilitates communication between stakeholders, documents early decisions about
high-level design, and allows reuse of design components and patterns between
projects.
Security
Cloud computing opens up a new world of opportunities for businesses, but mixed in with these opportunities are numerous security challenges that need to be considered and addressed prior to committing to a cloud computing strategy. Cloud computing security challenges fall into three broad categories:
Implementing a cloud computing strategy means placing critical data in the hands of a third party, so ensuring the data remains secure both at rest (data residing on storage media) as well as when in transit is of paramount importance. Data needs to be encrypted at all times, with clearly defined roles when it comes to who will be managing the encryption keys. In most cases, the only way to truly ensure confidentiality of encrypted data that resides on a cloud provider's storage servers is for the client to own and manage the data encryption keys.
Data resting in the cloud needs to be accessible only by those authorized to do so, making it critical to both restrict and monitor who will be accessing the company's data through the cloud. In order to ensure the integrity of user authentication, companies need to be able to view data access logs and audit trails to verify that only authorized users are accessing the data. These access logs and audit trails additionally need to be secured and maintained for as long as the company needs or legal purposes require. As with all cloud computing security challenges, it's the responsibility of the customer to ensure that the cloud provider has taken all necessary security measures to protect the customer's data and the access to that data.
With the cloud serving as a single centralized repository for a company's mission-critical data, the risks of having that data compromised due to a data breach or temporarily made unavailable due to a natural disaster are real concerns. Much of the liability for the disruption of data in a cloud ultimately rests with the company whose mission-critical operations depend on that data, although liability can and should be negotiated in a contract with the services provider prior to commitment. A comprehensive security assessment from a neutral third-party is strongly recommended as well.
Companies need to know how their data is being secured and what measures the service provider will be taking to ensure the integrity and availability of that data should the unexpected occur. Additionally, companies should also have contingency plans in place in the event their cloud provider fails or goes bankrupt. Can the data be easily retrieved and migrated to a new service provider or to a non-cloud strategy if this happens? And what happens to the data and the ability to access that data if the provider gets acquired by another company?
Cloud computing is achieving increased
popularity, concerns are being voiced about the security issues introduced
through adoption of this new model. The effectiveness and efficiency of
traditional protection mechanisms are being reconsidered as the characteristics
of this innovative deployment model can differ widely from those of traditional
architectures. An alternative perspective on the topic of cloud security
is that this is but another, although quite broad, case of "applied
security" and that similar security principles that apply in shared
multi-user mainframe security models apply with cloud security.
Cloud computing offers many benefits, but it
also is vulnerable to threats. As the uses of cloud computing increase, it is
highly likely that more criminals will try to find new ways to exploit
vulnerabilities in the system. There are many underlying challenges and risks
in cloud computing that increase the threat of data being compromised. To help
mitigate the threat, cloud computing stakeholders should invest heavily in risk
assessment to ensure that the system encrypts to protect data; establishes
trusted foundation to secure the platform and infrastructure; and builds higher
assurance into auditing to strengthen compliance. Security concerns must be
addressed in order to establish trust in cloud computing technology.
Cloud computing exhibits the following key
characteristics:
·
Agility improves with users' ability to
re-provision technological infrastructure resources.
·
Application
programming interface (API) accessibility to software that enables
machines to interact with cloud software in the same way the user interface
facilitates interaction between humans and computers. Cloud computing systems
typically use REST-based APIs.
·
Cost is claimed to be reduced and in a public cloud
delivery model capital expenditure is converted to operational expenditure. This is
purported to lower barriers to entry, as infrastructure is typically provided by
a third-party and does not need to be purchased for one-time or infrequent
intensive computing tasks. Pricing on a utility computing basis is fine-grained
with usage-based options and fewer IT skills are required for implementation
(in-house). The e-FISCAL project's state of the art repository contains
several articles looking into cost aspects in more detail, most of them
concluding that costs savings depend on the type of activities supported and
the type of infrastructure available in-house.
·
Device and location
independence enable
users to access systems using a web browser regardless of their location or
what device they are using (e.g., PC, mobile phone). As infrastructure is
off-site (typically provided by a third-party) and accessed via the Internet,
users can connect from anywhere.
·
Virtualization technology allows servers and storage
devices to be shared and utilization be increased. Applications can be easily
migrated from one physical server to another.
·
Multitenancy enables sharing of resources and costs
across a large pool of users thus allowing for:
- Centralization of infrastructure in locations with lower costs (such as real estate, electricity, etc.)
- Peak-load capacity increases (users need not engineer for highest possible load-levels)
- Utilisation and efficiency improvements for systems that are often only 10–20% utilised.
·
Reliability is improved if
multiple redundant sites are used, which makes well-designed cloud computing suitable
for business continuity and disaster recovery.
·
Scalability and elasticity via dynamic
("on-demand") provisioning of resources on a fine-grained,
self-service basis near real-time,without users having to engineer for peak
loads.
·
Performance is monitored, and
consistent and loosely coupled architectures are constructed using web services as the system interface.
·
Security could improve due to centralization of
data, increased security-focused resources, etc., but concerns can persist
about loss of control over certain sensitive data, and the lack of security for
stored kernels.Security is often as good as or better than other traditional
systems, in part because providers are able to devote resources to solving
security issues that many customers cannot afford.However, the complexity of
security is greatly increased when data is distributed over a wider area or
greater number of devices and in multi-tenant systems that are being shared by
unrelated users. In addition, user access to security audit logs may be difficult or impossible. Private
cloud installations are in part motivated by users' desire to retain control
over the infrastructure and avoid losing control of information security.
·
Maintenance of cloud computing
applications is easier, because they do not need to be installed on each user's
computer and can be accessed from different places.
This was a very well informative posting, thanks for sharing it! I think that cloud computing technology is, has been, and will be the future of how we work as a a society. When most of our work can now be done on computers, this is definitely a big development in that.
ReplyDelete