ASSIGNMENT OF

CLOUD
COMPUTING

Submitted to: Submitted by:

Mr. Ved prakash Drishti Gupta
Asst. Prof.(CSE Deptt.) CSE 8th sem.
Roll no.-8716113
 ASSIGNMENT
Ques.-1 Cloud Computing NIST Model?

Ans.-

The NIST Defination of Cloud Computing:-

Cloud computing is a model for enabling ubiquitous, convenient, on-demand
network access to a shared pool of configurable computing resources (e.g.,
networks, servers, storage, applications, and services) that can be rapidly
provisioned and released with minimal management effort or service provider
interaction. This cloud model is composed of five essential characteristics,
three service models, and four deployment models.

Essential Characteristics:-
1.On-demand self-service- A consumer can unilaterally provision computing
capabilities, such as server time and network storage, as needed automatically
without requiring human interaction with each service provider.
2.Broad network access-Capabilities are available over the network and
accessed through standard mechanisms that promote use by heterogeneous
thin or thick client platforms (e.g., mobile phones, tablets, laptops, and
workstations).
3.Resource pooling-The provider’s computing resources are pooled to serve
multiple consumers using a multi-tenant model, with different physical and
virtual resources dynamically assigned and reassigned according to consumer
demand. There is a sense of location independence in that the customer
generally has no control or knowledge over the exact location of the provided
resources but may be able to specify location at a higher level of abstraction
(e.g., country, state, or datacenter). Examples of resources include storage,
processing, memory, and network bandwidth.
4.Rapid elasticity- Capabilities can be elastically provisioned and released, in
some cases automatically, to scale rapidly outward and inward commensurate
with demand. To the consumer, the capabilities available for provisioning often
appear to be unlimited and can be appropriated in any quantity at any time.
5.Measured service-Cloud systems automatically control and optimize
resource use by leveraging a metering capability1 at some level of abstraction
appropriate to the type of service (e.g., storage, processing, bandwidth, and
active user accounts). Resource usage can be monitored, controlled, and
reported, providing transparency for both the provider and consumer of the
utilized service.

Service Models:-
1.Software as a Service (SaaS)-The capability provided to the consumer is to
use the provider’s applications running on a cloud infrastructure2. The
applications are accessible from various client devices through either a thin
client interface, such as a web browser (e.g., web-based email), or a program
interface. The consumer does not manage or control the underlying cloud
infrastructure including network, servers, operating systems, storage, or even
individual application capabilities, with the possible exception of limited user-
specific application configuration settings.
2.Platform as a Service (PaaS)- The capability provided to the consumer is to
deploy onto the cloud infrastructure consumer-created or acquired
applications created using programming languages, libraries, services, and
tools supported by the provider.3 The consumer does not manage or control
the underlying cloud infrastructure including network, servers, operating
systems, or storage, but has control over the deployed applications and
possibly configuration settings for the application-hosting environment.
3.Infrastructure as a Service (IaaS)- The capability provided to the consumer is
to provision processing, storage, networks, and other fundamental computing
resources where the consumer is able to deploy and run arbitrary software,
which can include operating systems and applications. The consumer does not
manage or control the underlying cloud infrastructure but has control over
operating systems, storage, and deployed applications; and possibly limited
control of select networking components (e.g., host firewalls).

Deployment Models:-
1.Private cloud- The cloud infrastructure is provisioned for exclusive use by a
single organization comprising multiple consumers (e.g., business units). It may
be owned, managed, and operated by the organization, a third party, or some
combination of them, and it may exist on or off premises.
2.Community cloud-The cloud infrastructure is provisioned for exclusive use
by a specific community of consumers from organizations that have shared
concerns (e.g., mission, security requirements, policy, and compliance
considerations). It may be owned, managed, and operated by one or more of
the organizations in the community, a third party, or some combination of
them, and it may exist on or off premises.
3.Public cloud- The cloud infrastructure is provisioned for open use by the
general public. It may be owned, managed, and operated by a business,
academic, or government organization, or some combination of them. It exists
on the premises of the cloud provider.
4.Hybrid cloud- The cloud infrastructure is a composition of two or more
distinct cloud infrastructures (private, community, or public) that remain
unique entities, but are bound together by standardized or proprietary
technology that enables data and application portability (e.g., cloud bursting
for load balancing between clouds).

Ques.-2 Cloud computing deployment model?

Ans.-

Cloud deployment models indicate how the cloud services are made available
to users. The four deployment models associated with cloud computing are as
follows:

•Public cloud- As the name suggests, this type of cloud deployment model
supports all users who want to make use of a computing resource, such as
hardware (OS, CPU, memory, storage) or software (application server,
database) on a subscription basis. Most common uses of public clouds are for
application development and testing, non-mission-critical tasks such as file-
sharing, and e-mail service.

•Private cloud- True to its name, a private cloud is typically infrastructure used

by a single organization. Such infrastructure may be managed by the
organization itself to support various user groups, or it could be managed by a
service provider that takes care of it either on-site or off-site. Private clouds
are more expensive than public clouds due to the capital expenditure involved
in acquiring and maintaining them. However, private clouds are better able to
address the security and privacy concerns of organizations today.

•Hybrid cloud- In a hybrid cloud, an organization makes use of interconnected

private and public cloud infrastructure. Many organizations make use of this
model when they need to scale up their IT infrastructure rapidly, such as when
leveraging public clouds to supplement the capacity available within a private
cloud. For example, if an online retailer needs more computing resources to
run its Web applications during the holiday season it may attain those
resources via public clouds.

•Community cloud- This deployment model supports multiple organizations

sharing computing resources that are part of a community; examples include
universities cooperating in certain areas of research, or police departments
within a county or state sharing computing resources. Access to a community
cloud environment is typically restricted to the members of the community.

With public clouds, the cost is typically low for the end user and there is no
capital expenditure involved. Use of private clouds involves capital
expenditure, but the expenditure is still lower than the cost of owning and
operating the infrastructure due to private clouds' greater level of
consolidation and resource pooling. Private clouds also offer more security and
compliance support than public clouds. As such, some organizations may
choose to use private clouds for their more mission-critical, secure applications
and public clouds for basic tasks such as application development and testing .

Ques.3-Comparision of cloud computing with traditional computing

architecture?

Ans.-
The major differences between cloud computing and traditional IT
infrastructure are:-

1.Elasticity and resilience:-First of all, you do not need to buy the hardware
and maintain it with your own team. The information in the cloud is stored on
several servers at the same time. It means that even if 1 or 2 servers are
damaged, you will not lose your information. It also helps to provide the high
uptime, up to 99.9%.

When we talk about their traditional infrastructure, you will have to buy and
maintain the hardware and equipment. If something happens, you can lose the
data and spend a lot of time and money to fix the issues.

2.Scalability and flexibility:-The cloud computing is the perfect Choice for

those who do not require a high performance constantly but use it time by time.
You can get a subscription and use the resources you paid for. Most providers
even let pause the subscription if you do not need it. and at the same time,
you’re able to control everything and get instant help from the support team.The
traditional infrastructure is not so flexible. You have to buy an equipment and
maintain it even if you do not use it. In many cases, it’s even more expensive
because you might need their own technical crew.

3.Automation:-One of the biggest differences between cloud and traditional

infrastructure is how they are maintained. Cloud service is served by the
provider’s support team. They take care of all the necessary aspects including
security, updates, hardware, etc.

The traditional infrastructure required the own team to maintain and monitor the
system. It requires a lot of time and efforts.

4.Cost:-With cloud computing, you do not need to pay for the services you
don’t use: the subscription model means you choose the amount of space,
processing power, and other components that you really need.

With traditional infrastructure, you are limited to the hardware you have. If your
business is growing, you will regularly have to expand your infrastructure. At
the same time, you will have to support and maintain it.

5.Security:-Many people are not sure about the security of cloud services. Why
can it be not so secure? As the company uses the third party solution to store
data, it’s reasonable to think that the provider can access the confidential data
without permission. However, there are good solutions to avoid the leaks.
As for traditional infrastructure, you and only you are responsible for who will
be able to access the stored data. For the companies who operate the
confidential information, it’s a better solution.

Ques.-4 Service level agreement in cloud computing?

Ans.- Service Level Agreement (SLA) is the bond for performance negotiated
between the cloud services provider and the client. Earlier, in cloud computing
all Service Level Agreements were negotiated between a client and the service
consumer. Nowadays, with the initiation of large utility-like cloud computing
providers, most Service Level Agreements are standardized until a client
becomes a large consumer of cloud services. Service level agreements are also
defined at different levels which are mentioned below:

 Customer-based SLA
 Service-based SLA
 Multilevel SLA

Few Service Level Agreements are enforceable as contracts, but mostly are
agreements or contracts which are more along the lines of an Operating Level
Agreement (OLA) and may not have the restriction of law. It is fine to have an
attorney review the documents before making a major agreement to the cloud
service provider. Service Level Agreements usually specify some parameters
which are mentioned below:

1. Availability of the Service (uptime)

2. Latency or the response time
3. Service components reliability
4. Each party accountability
5. Warranties
The following table describes the states of the service level agreement
lifecycle, and, for each state, names the transition that moves a service level
agreement forward to that state.
Transition State Description
(Initial SLA This state is entered as soon as a consumer,
state) identified represented by a capability version, requests a
dependency on a service version or other capability
version that offers the service level definition (SLD)
that they require.
Request SLA SLA The agreed endpoints relationship target has been
requested selected together with details of the required SLA
properties and policies. The provider of the selected
SLD must approve the request, reject it or ask for it
to be revised.
Approve SLA inactive The development team that want to consume the
SLA request service can continue their development based on
the consumption of this specific SLA, but they do not
yet have authorization to access any endpoints.
Revise SLA SLA As part of the negotiation of an SLA, the service
request identified provider requests a rework of the details of the SLA
by the service consumer. This is done by moving the
SLA back into the identified state, ready for a
Transition State Description
resubmission.
Activate SLA SLA active All the approved endpoints associated with the SLD,
that are online, can be invoked using the terms of
the SLA. There might be situations where the SLA is
deactivated, in which case the SLA enters the SLA
inactive state and any further interactions are
blocked until it is reactivated.
Deactivate SLA inactive For operational issues, the SLA is temporarily
SLA suspended by moving it back to the inactive state.
Once the operational issues have been removed, the
SLA can be reactivated.
Terminate SLA No interactions from this SLA are permitted.
SLA terminated

Ques.-5 Data security and storage in cloud computing?

Ans.-
A DEFINITION OF CLOUD STORAGE SECURITY:-

While cloud storage is convenient and gives employees access to their data
anywhere, at any time, on nearly any device, cloud storage security is a top
concern for organizations’ IT and security departments. The benefits brought
by cloud storage – from scalability and accessibility to decreased IT overhead –
are driving rapid adoption at enterprises around the world, and there are steps
that companies should take to improve cloud storage security and keep
sensitive data safe and secure in the cloud.
THE NEED FOR CLOUD STORAGE SECURITY:-

Businesses and enterprises use cloud services because they provide cost-
effective and flexible alternatives to expensive, locally-implemented hardware.
But conducting business in the cloud means that confidential files and sensitive
data are exposed to new risks, as cloud-stored data resides outside of the
limits of many safeguards used to protect sensitive data held on-premise. As
such, enterprises must take additional measures to secure cloud storage
beyond the sometimes basic protections offered by providers.

The rise of Internet of Things (IoT) technology and the connected office has
also made enterprises more reliant on cloud technology, albeit while driving
security risks. Even smart printers have been found vulnerable to data leakage,
and as more corporate devices become internet-connected, the potential for
compromise or unintended leakage increases.

CLOUD STORAGE SECURITY BASICS:-

As enterprises move further along the cloud adoption curve, cloud storage
security is becoming a top priority – both in enterprises’ IT architecture and
information security strategies. Companies now recognize that it’s critical to
protect sensitive data while enabling employees to enjoy the performance and
flexibility of the cloud.Cloud storage providers and enterprises share
responsibility for cloud storage security. Cloud storage providers implement
baseline protections for their platforms and the data they process, such
authentication, access control, and encryption. From there, most enterprises
supplement these protections with added security measures of their own to
bolster cloud data protection and tighten access to sensitive information in the
cloud.

CLOUD STORAGE SECURITY CHALLENGES:-

One of the biggest challenges with cloud storage security is that employees use
free file sharing and cloud storage services that are not approved by the
organization and may not meet minimum security standards. Knowingly or not,
employees can put company data at risk by using these services, particularly
without the IT department’s knowledge or approval.
In addition to implementing security solutions to protect sensitive data against
unauthorized access or egress and enforce cloud security policies, it is critical
that organizations educate their employees on the risks posed by sharing and
storing information in the cloud. Additionally, organizations must take the
appropriate security measures to mitigate cloud storage security risks
introduced by employees who may inadvertently use services and applications
that don’t meet the company’s security standards.

There are complex data security challenges in the cloud:

 The need to protect confidential business, government, or regulatory
data
 Cloud service models with multiple tenants sharing the same
infrastructure
 Data mobility and legal issues relative to such government rules as the
EU Data Privacy Directive
 Lack of standards about how cloud service providers securely recycle
disk space and erase existing data
 Auditing, reporting, and compliance concerns
 Loss of visibility to key security and operational intelligence that no
longer is available to feed enterprise IT security intelligence and risk
management
 A new type of insider who does not even work for your company, but
may have control and visible into your data.

CLOUD STORAGE SECURITY SOLUTIONS:-

Data protection solutions for cloud storage security provide complete visibility
and policy-based control over how data can be moved to and from the cloud,
ensuring that only authorized data leaves the company’s environment and that
data access is limited to authorized parties. In doing so, companies can enforce
stricter protections around sensitive data than what many cloud storage
providers offer and provide a second line of defense in the event that a
provider has a security compromise.
When choosing a cloud storage security solution, enterprises should be sure
that it provides continuous monitoring and visibility for all data interactions
with cloud storage applications, provides granular control over file movement
based on browser and OS events involving file sharing and cloud storage
sites, integrates with leading cloud storage providers to be able to extend data
protection measures to data stored in the cloud, automatically encrypts
sensitive data prior to egress, accurately classifies any data downloaded from
web applications, and delivers forensic event logs for effective alerting,
reporting, and policy creation.