Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
CLOUD
COMPUTING
Ans.-
Essential Characteristics:-
1.On-demand self-service- A consumer can unilaterally provision computing
capabilities, such as server time and network storage, as needed automatically
without requiring human interaction with each service provider.
2.Broad network access-Capabilities are available over the network and
accessed through standard mechanisms that promote use by heterogeneous
thin or thick client platforms (e.g., mobile phones, tablets, laptops, and
workstations).
3.Resource pooling-The provider’s computing resources are pooled to serve
multiple consumers using a multi-tenant model, with different physical and
virtual resources dynamically assigned and reassigned according to consumer
demand. There is a sense of location independence in that the customer
generally has no control or knowledge over the exact location of the provided
resources but may be able to specify location at a higher level of abstraction
(e.g., country, state, or datacenter). Examples of resources include storage,
processing, memory, and network bandwidth.
4.Rapid elasticity- Capabilities can be elastically provisioned and released, in
some cases automatically, to scale rapidly outward and inward commensurate
with demand. To the consumer, the capabilities available for provisioning often
appear to be unlimited and can be appropriated in any quantity at any time.
5.Measured service-Cloud systems automatically control and optimize
resource use by leveraging a metering capability1 at some level of abstraction
appropriate to the type of service (e.g., storage, processing, bandwidth, and
active user accounts). Resource usage can be monitored, controlled, and
reported, providing transparency for both the provider and consumer of the
utilized service.
Service Models:-
1.Software as a Service (SaaS)-The capability provided to the consumer is to
use the provider’s applications running on a cloud infrastructure2. The
applications are accessible from various client devices through either a thin
client interface, such as a web browser (e.g., web-based email), or a program
interface. The consumer does not manage or control the underlying cloud
infrastructure including network, servers, operating systems, storage, or even
individual application capabilities, with the possible exception of limited user-
specific application configuration settings.
2.Platform as a Service (PaaS)- The capability provided to the consumer is to
deploy onto the cloud infrastructure consumer-created or acquired
applications created using programming languages, libraries, services, and
tools supported by the provider.3 The consumer does not manage or control
the underlying cloud infrastructure including network, servers, operating
systems, or storage, but has control over the deployed applications and
possibly configuration settings for the application-hosting environment.
3.Infrastructure as a Service (IaaS)- The capability provided to the consumer is
to provision processing, storage, networks, and other fundamental computing
resources where the consumer is able to deploy and run arbitrary software,
which can include operating systems and applications. The consumer does not
manage or control the underlying cloud infrastructure but has control over
operating systems, storage, and deployed applications; and possibly limited
control of select networking components (e.g., host firewalls).
Deployment Models:-
1.Private cloud- The cloud infrastructure is provisioned for exclusive use by a
single organization comprising multiple consumers (e.g., business units). It may
be owned, managed, and operated by the organization, a third party, or some
combination of them, and it may exist on or off premises.
2.Community cloud-The cloud infrastructure is provisioned for exclusive use
by a specific community of consumers from organizations that have shared
concerns (e.g., mission, security requirements, policy, and compliance
considerations). It may be owned, managed, and operated by one or more of
the organizations in the community, a third party, or some combination of
them, and it may exist on or off premises.
3.Public cloud- The cloud infrastructure is provisioned for open use by the
general public. It may be owned, managed, and operated by a business,
academic, or government organization, or some combination of them. It exists
on the premises of the cloud provider.
4.Hybrid cloud- The cloud infrastructure is a composition of two or more
distinct cloud infrastructures (private, community, or public) that remain
unique entities, but are bound together by standardized or proprietary
technology that enables data and application portability (e.g., cloud bursting
for load balancing between clouds).
Cloud deployment models indicate how the cloud services are made available
to users. The four deployment models associated with cloud computing are as
follows:
•Public cloud- As the name suggests, this type of cloud deployment model
supports all users who want to make use of a computing resource, such as
hardware (OS, CPU, memory, storage) or software (application server,
database) on a subscription basis. Most common uses of public clouds are for
application development and testing, non-mission-critical tasks such as file-
sharing, and e-mail service.
With public clouds, the cost is typically low for the end user and there is no
capital expenditure involved. Use of private clouds involves capital
expenditure, but the expenditure is still lower than the cost of owning and
operating the infrastructure due to private clouds' greater level of
consolidation and resource pooling. Private clouds also offer more security and
compliance support than public clouds. As such, some organizations may
choose to use private clouds for their more mission-critical, secure applications
and public clouds for basic tasks such as application development and testing .
Ans.-
The major differences between cloud computing and traditional IT
infrastructure are:-
1.Elasticity and resilience:-First of all, you do not need to buy the hardware
and maintain it with your own team. The information in the cloud is stored on
several servers at the same time. It means that even if 1 or 2 servers are
damaged, you will not lose your information. It also helps to provide the high
uptime, up to 99.9%.
When we talk about their traditional infrastructure, you will have to buy and
maintain the hardware and equipment. If something happens, you can lose the
data and spend a lot of time and money to fix the issues.
The traditional infrastructure required the own team to maintain and monitor the
system. It requires a lot of time and efforts.
4.Cost:-With cloud computing, you do not need to pay for the services you
don’t use: the subscription model means you choose the amount of space,
processing power, and other components that you really need.
With traditional infrastructure, you are limited to the hardware you have. If your
business is growing, you will regularly have to expand your infrastructure. At
the same time, you will have to support and maintain it.
5.Security:-Many people are not sure about the security of cloud services. Why
can it be not so secure? As the company uses the third party solution to store
data, it’s reasonable to think that the provider can access the confidential data
without permission. However, there are good solutions to avoid the leaks.
As for traditional infrastructure, you and only you are responsible for who will
be able to access the stored data. For the companies who operate the
confidential information, it’s a better solution.
Customer-based SLA
Service-based SLA
Multilevel SLA
Few Service Level Agreements are enforceable as contracts, but mostly are
agreements or contracts which are more along the lines of an Operating Level
Agreement (OLA) and may not have the restriction of law. It is fine to have an
attorney review the documents before making a major agreement to the cloud
service provider. Service Level Agreements usually specify some parameters
which are mentioned below:
Ans.-
A DEFINITION OF CLOUD STORAGE SECURITY:-
While cloud storage is convenient and gives employees access to their data
anywhere, at any time, on nearly any device, cloud storage security is a top
concern for organizations’ IT and security departments. The benefits brought
by cloud storage – from scalability and accessibility to decreased IT overhead –
are driving rapid adoption at enterprises around the world, and there are steps
that companies should take to improve cloud storage security and keep
sensitive data safe and secure in the cloud.
THE NEED FOR CLOUD STORAGE SECURITY:-
Businesses and enterprises use cloud services because they provide cost-
effective and flexible alternatives to expensive, locally-implemented hardware.
But conducting business in the cloud means that confidential files and sensitive
data are exposed to new risks, as cloud-stored data resides outside of the
limits of many safeguards used to protect sensitive data held on-premise. As
such, enterprises must take additional measures to secure cloud storage
beyond the sometimes basic protections offered by providers.
The rise of Internet of Things (IoT) technology and the connected office has
also made enterprises more reliant on cloud technology, albeit while driving
security risks. Even smart printers have been found vulnerable to data leakage,
and as more corporate devices become internet-connected, the potential for
compromise or unintended leakage increases.
As enterprises move further along the cloud adoption curve, cloud storage
security is becoming a top priority – both in enterprises’ IT architecture and
information security strategies. Companies now recognize that it’s critical to
protect sensitive data while enabling employees to enjoy the performance and
flexibility of the cloud.Cloud storage providers and enterprises share
responsibility for cloud storage security. Cloud storage providers implement
baseline protections for their platforms and the data they process, such
authentication, access control, and encryption. From there, most enterprises
supplement these protections with added security measures of their own to
bolster cloud data protection and tighten access to sensitive information in the
cloud.
One of the biggest challenges with cloud storage security is that employees use
free file sharing and cloud storage services that are not approved by the
organization and may not meet minimum security standards. Knowingly or not,
employees can put company data at risk by using these services, particularly
without the IT department’s knowledge or approval.
In addition to implementing security solutions to protect sensitive data against
unauthorized access or egress and enforce cloud security policies, it is critical
that organizations educate their employees on the risks posed by sharing and
storing information in the cloud. Additionally, organizations must take the
appropriate security measures to mitigate cloud storage security risks
introduced by employees who may inadvertently use services and applications
that don’t meet the company’s security standards.
Data protection solutions for cloud storage security provide complete visibility
and policy-based control over how data can be moved to and from the cloud,
ensuring that only authorized data leaves the company’s environment and that
data access is limited to authorized parties. In doing so, companies can enforce
stricter protections around sensitive data than what many cloud storage
providers offer and provide a second line of defense in the event that a
provider has a security compromise.
When choosing a cloud storage security solution, enterprises should be sure
that it provides continuous monitoring and visibility for all data interactions
with cloud storage applications, provides granular control over file movement
based on browser and OS events involving file sharing and cloud storage
sites, integrates with leading cloud storage providers to be able to extend data
protection measures to data stored in the cloud, automatically encrypts
sensitive data prior to egress, accurately classifies any data downloaded from
web applications, and delivers forensic event logs for effective alerting,
reporting, and policy creation.