Cloud computing Applications & Security

Nishank Mahore (nishankmahore@gmail.com) Himanshu Mahajan(himanshumahajan1892@gmail.com) University:- Rajiv Gandhi Technical University(R.G.T.U),Bhopal College:-Shree Dadaji Institute of Technology and Science(S.D.I.T.S),Khandwa

ABSTRACT Cloud computing is the latest effort in delivering computing resources as a service. It represents a shift away from computing as a product that is purchased, to computing as a service that is delivered to consumers over the internet from large-scale data centres or clouds. Press coverage can be vague or may not fully capture the extent of what cloud computing entails or represents, sometimes reporting how companies are making their solutions available in the cloud or how cloud computing is the way forward, but not examining the characteristics, models, and services involved in understanding what cloud computing is and what it can become. There are a number of security issues/concerns associated with cloud computing but these issues fall into two broad categories: Security issues faced by cloud providers and security issues faced by their customers. In most cases, the provider must ensure that their infrastructure is secure and that their clients data and applications are protected while the customer must ensure that the provider has taken the proper security measures to protect their information. Keyword:-Cloud, Architectures, Application, Security. INTRODUCTION Cloud computing is the next stage in the Internet's evolution, providing the means through which everything from computing power to computing infrastructure, applications, business processes to personal collaboration can be delivered to you as a service wherever and whenever you need. Cloud computing emmergoing style of computing where application, data and resources are provided to user as services over the web. Cloud computing has following main characteristics:

On-demand self-service: A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each services provider.

Broad network access: Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs). Resource pooling: The providers computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand Rapid elasticity: Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for Measured service: Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service.

TYPES OF CLOUD Public cloud Public cloud describes cloud computing in the traditional mainstream sense, whereby resources are dynamically provided to the general public on a fine-grained, selfservice basis over the Internet, via web applications web services, from an off-site third-party provider who bills on a fine-grained utility computing basis.

Private cloud Private cloud is infrastructure operated solely for a single organization, whether manage internally or by a third-party and hosted internally or externally. Private cloud is a term used to denote a proprietary computing architecture providing hosted services on private networks. It allows the corporate network and data centre administrators to effectively become in-house service providers catering to customers within the corporation.

Community cloud Community cloud shares infrastructure between several organizations from a specific community with common concerns, whether managed internally or by a third-party and hosted internally or externally. Hybrid cloud A hybrid cloud is a combination of two or more cloud such as public or private cloud. In this models users typically outsources non-business critical information and processing to the public cloud while keeping business critical services and data in their control. It is an intermediate state in the evolution process, providing businesses with an on-ramp from their current IT environment into the cloud.

ARCHITECTURES Software as a Service (SaaS) Consumers purchase the ability to access and use an application or service that is hosted in the cloud. At the SaaS level, users do not have control or access to the underlying infrastructure being used to host the software.

Platform as a Service (PaaS) Consumers purchase access to the platforms, enabling them to deploy their own software and applications in the cloud. The operating systems and network access are not managed by the consumer, and there might be constraints as to which applications can be deployed. It facilitates deployment of applications without the cost and complexity of buying and managing the underlying hardware and software layers. Infrastructure as a Service (IaaS) Consumers control and manage the systems in terms of the operating systems, applications, storage, and network connectivity, but do not themselves control the cloud infrastructure. This is where users acquire computing resources such as processing power, memory and storage from an IaaS provider and use the resources to deploy and run their applications.

APPLICATIONS:Next-generation data center management: The business case behind data center strategies is changing. Data centers represent a very logical starting point for a new consumer of cloud services, with relatively low risk and potentially significant cost savings and efficiencygains. Transitioning existing systems to the cloud offers to outsource non-core functions for most businesses. At the same time, it provides experience with a cloud-oriented way of organizing and accessing digital technology that is necessary to build out a roadmap for sensible cloud adoption.

Cloud market types Software as a service

Apps-component as a service

Platform as a service

Infrastructure as a service

Types of offering 1. Rich internet application web sites. 2. Application as web sites. 3. Collaboration and email. 4. Office productivity. 5. Client apps that connect to services in the cloud. 1. APIs for specific access for integration. 2. Web based software service than can combine to create new sevices, as in a mishap. 1. Development platform as a service. 2. Database 3. Message queue 4. App servicer 5. Blob or object data stores. 1. Virtual servers. 2. Logical disks 3. VLAN networks. 4. Systems management.

Examples 1. Flickr. 2. Myspace.com 3. Cisco WebEx office 4. Gmail 5. IBM blue house

1. Amazon flexible payments service and deva. 2. Salesforce.coms AppExchange. 3. Yahoo! Maps API. 4. Google calendar API 5. seemly 1. Google app engine and bitable 2. Microsoft SQL server data services 3. Engine yard 4. Salesforce.coms force.com 1. 2. 3. 4. 5. 6. Akamai Amazon EC2 cohesive moss(from Rackspace) joint accelerators nirvanix storage delivery network Godaddy.com Rackspace Savvis

Physical infrastructure

1. Managed hosting. 2. Collocation 3. Internet service provider. 4. Unmanaged hosting.

1. 2. 3.

SECURITY Cloud computing security (sometimes referred to simply as "cloud security") is an evolving sub-domain of computer security, network security, and, more broadly, information security. It refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing. CS2.- CS2 is a cloud storage system that provides confidentiality, integrity and verifiability of client data against an untrusted cloud provider. A key feature of CS2 is that it is semantic, i.e., data can be accessed by search (even though the data is encrypted). Homomorphic: - Homomorphic encryption is the conversion of data into cipher text that can be analyzed and worked with as if it were still in its original form. Holomorphic encryptions allow complex mathematical operations to be performed on encrypted data without compromising the encryption. Holomorphic encryption is expected to play an important part in cloud computing, allowing companies to store encrypted data in a public cloud and take advantage of the cloud providers analytic services. Proofs of storage:-Using a proof of storage (also known as a proof of data possession or a proof of irretrievability) a client can verify whether the cloud operator has tampered with its data. In particular, this can be done without the client storing a local copy of the data and without it having to retrieve any of the data. Multitenancy:-The lower risk get better security then the higher risk client, the cloud provider must design the security to meets the needs of higher risk line and the lower risk line get the benefit. Security assessment:-Over time,organization tend to relax their security posture to combact the relaxation of security,the cloud provider should perform regular security assesment .the asssemment sholud be done by some one who is experienced and able to identify an d able to fix them. Policies :- Any organisation that says it has never had a security insident is either being deceptive or is unaware of the insident it has held.Therefore it an unrealsitic to assume a cloud provider will never have a incident.Cloud proveider sholud have insident response policies,and they sholud have procedure for every line that feed into their over all incident response plan.

CONCLUSION This paper introduces internet-based cloud computing, exploring the characteristics, service models, and deployment models in use today, as well as the benefits and challenges associated with cloud computing. Also discussed are the communications services in the cloud (including ways to access the cloud, such as web APIs and media control interfaces) and the importance of scalability and flexibility in a cloudbased environment. Several groups have recently been formed, such as the Cloud Security Alliance or the Open Cloud Consortium, with the goal of exploring the possibilities offered by cloud computing and to establish a common language among different providers. In this boiling pot, cloud computing is facing several issues in gaining recognition for its merits. Its security deficiencies and benefits need to be carefully weighed before making a decision to implement it. However, the future looks less cloudy as far as more people being attracted by the topic and pursuing research to improve on its drawbacks.

REFERENCES 1. PCmag, www.pcmag.com/article2/0,2817,2372163,00.asp. 2. Cloud Tweaks, http://www.cloudtweaks.com/2012/03/5-major-types-ofcloud-infrastructure-options/. 3. En Wikipedia, http://en.wikipedia.org/wiki/Cloud_computing_architecture 4. CareerRide, http://www.careerride.com/cloud-computing-architecture.aspx 5. SyBase, http://www.sybase.com/manage/cloud-computing 6. http://cloudcomputing.blogspot.in/ 7. ItWorld, www.itworld.com/cloud-computing. 8. Cloud computing,Dr.Kumar Saurabh. Insights Into New-Era Infrastructure. 9. The cloud at your Service, Jothy Rosenberg and Arthur Mateos. Foreword by Anne Thomas Manes 10. Cloud Computing for Dummies, Judith Hurwitz, Robin Bloor, Marcia Kaufman, Fern Halper.