Cloud Computing

Module 1 : Fundamentals of Cloud Computing

CO1 – Explain the various cloud computing models and services
TOPICS
Traditional computing- Limitations. Overview of Computing Paradigms-Grid Computing,
Cluster Computing, Distributed Computing, Utility Computing, Cloud Computing. NIST
reference Model-Basic terminology and concepts. Cloud characteristics, benefits and
challenges, Roles and Boundaries. Cloud delivery (service) models-Infrastructure-as-a-Service
(IaaS), Platform-as-a-Service(PaaS),Software-as-a-Service (SaaS), XaaS (Anything-as-a-
service)-Cloud deployment models- Public cloud, Community cloud, Private cloud, Hybrid
cloud.
………………………………………………………………………………………………………………………………………………

• Cloud computing is the delivery of hosting services that are provided to a client over
the Internet. - Enable large-scale services without up-front investment.
• Resources are made available through the Internet and offered on a pay-per-use basis
from cloud computing vendors.
• Cloud computing has changed the way computation happens. It provides the means
for smarter ways to do business and accordingly it makes life simple.
• Cloud computing provides the means for users to easily avail computing facilities
whenever and wherever required. They need not worry about setting up
infrastructure, purchasing new equipment or investing in the procurement of licensed
software.
• Rather they can access any volume, large or small, of computing facilities in exchange
for some nominal payment.
• It is a new model of computing which has become possible through integration of
advanced computing models, sophisticated web technologies and modern network
communication technologies (especially high-speed Internet).
• Cloud computing is the delivery of computing services over the Internet.

• Cloud computing is Utility Computing - Cloud services are controlled and monitored
by the cloud provider through a pay-per-use business model.

• Cloud computing is the delivery of computing as service rather than as a product.

• Storing and accessing data and programs over the internet instead of your computers
hard drive.

•An ideal cloud computing platform is:

- efficient in its use of resources
- scalable
- elastic
- self-managing
 - highly available and accessible
- inter-operable and portable

Cloud computing is different from your traditional web service because of the principles
behind cloud computing.

These principles are

• Resource pooling:
Cloud computing providers harness large economies of scale through resources
pooling. They put together a vast network of servers and hard drives and apply the
same set of configurations, protection and the works for them.
• Virtualization:
Users do not have to care about the physical states of their hardware nor worry about
hardware compatibility.
• Elasticity:
Addition of more hard disk space or server bandwidth can be done with just a few
clicks of the mouse on-demand. Geographical scalability is also available in cloud
computing - one can choose to replicate data to several data centres around the
world.
• Automatic/easy resource deployment:
The user only needs to choose the types and specifications of the resources he
required and the cloud computing provider will configure and set them up
automatically.
• Metered billing:
Users are charged for only what they use.

Traditional Computing :
Traditional Computing, as name suggests, is a possess of using physical data centers for
storing digital assets and running complete networking system for daily operations. In this,
access to data, or software, or storage by users is limited to device or official network they
are connected with. In this computing, user can have access to data only on system in which
data is stored.

Difference between Cloud Computing and Traditional Computing

Cloud Computing Traditional Computing

Periodically.
Overview of Computing Paradigms

Over the years different computing paradigms have been developed and used. In fact
different computing paradigms have existed before the cloud computing paradigm.

1. Distributed Computing :
Distributed computing is defined as a type of computing where multiple computer
systems work on a single problem. Here all the computer systems are linked
together and the problem is divided into sub-problems where each part is solved by
different computer systems
• The goal of distributed computing is to increase the performance and efficiency of the
system and ensure fault tolerance.

2. Cluster Computing :

• Computing clusters are made of multiple nodes (computers) connected via network which
perform similar tasks. Thus, execution of a task can be faster as it can be distributed and
executed in parallel across multiple machines inside a cluster. All the nodes of a cluster
together give impression of a single system
• The idea was to create a cluster (or group) of homogeneous (similar type) computer systems
performing similar functionalities. In each cluster, one computer is assigned the job of
controlling the cluster. That particular computer (or node) is known as cluster head. The
head’s responsibility in such a simple cluster is to divide and distribute jobs among different
nodes in that cluster when matching computing tasks appear.
• In an actual cluster computing system, multiple clusters are linked together through a LAN. In
such, when a particular job appears, the cluster head divides and distributes it among
matching clusters for faster execution. The distribution and assignment of job depends on the
nature of the job. This way, the cluster head starts to utilize the resources in a clustered
computing environment.
• Computers are clustered together to achieve reliability, greater processing power and
produce supercomputer like performance.
3. Grid Computing :

An advanced computing model was required to eliminate the cluster head problem
of cluster computing model.
In the process of finding a solution to this problem, technologists came up with an
idea where each node belonging to a cluster would have same priority. It was
required that all of them could perform similar functions and no particular node had
to be assigned the role of ‘head’ among them.

• Grid computing is defined as a type of computing where it is constitutes a

network of computers that work together to perform tasks that may be
difficult for a single machine to handle.
• All the computers on that network work under the same umbrella and are
termed as a virtual super computer.
• The tasks they work on is of either high computing power and consist of large
data sets.
• All communication between the computer systems in grid computing is done
on the “data grid”.
• The goal of grid computing is to solve more high computational problems in
less time and improve productivity.
4. Utility Computing :

• Utility computing is defined as the type of computing where the service

provider provides the needed resources and services to the customer and
charges them depending on the usage of these resources as per requirement
and demand, but not of a fixed rate.
• Utility computing involves the renting of resources such as hardware,
software, etc. depending on the demand and the requirement.
• The goal of utility computing is to increase the usage of resources and be more
cost-efficient.

5. Cloud Computing :

• Cloud is defined as the usage of someone else’s server to host, process or store
data.
• Cloud computing is defined as the type of computing where it is the delivery
of on-demand computing services over the internet on a pay-as-you-go basis.
It is widely distributed, network-based and used for storage.
• Types of cloud includes public, private, hybrid and community and some cloud
providers are Google cloud, AWS, Microsoft Azure and IBM cloud.

Cloud computing has introduced a real paradigm shift in the scope of computing.
Unlike the conventional uses of computer technology, it facilitates computing as a
 utility service which is delivered on demand. The computing facility is managed by
providers and can be measured in usage volume or usage time.
All these features of cloud computing provide several benefits. It has the flexibility
where users can have as much or as little of it as they want at any given time. The
advantages influence the adoption of cloud computing over the traditional computing
process.
Comparison of Cluster, Grid and Cloud Computing

Why is grid computing considered the predecessor of cloud computing?

Cloud computing is developed based on the distributed model of computing. There are
several methodologies those in cloud computing have been combined together to realize
itself but grid computing model was the first major breakthrough towards realizing the
dream of cloud computing system. This advanced mode of computing has inherited
important characteristics like creation of resource pool or system scalability from the grid
computing model. This is why grid computing is considered as the predecessor of cloud
computing.

Benefits of Cloud Computing

• Cloud computing has introduced a real paradigm shift in the scope of computing.
• It facilitates computing as a utility service which is delivered on demand.
 • The computing facility is managed by providers and can be measured in usage volume
or usage time.
1. Less Acquisition/Purchase Cost
• In traditional computing, users have to purchase or procure computing resources
in significant amount at very beginning.
• In Cloud Computing vendor arranges all necessary resources. So the subscribers’
initial investment for acquiring hardware or software drops down drastically.
• They need not to arrange anything apart from client systems to access cloud
services. Thus, initial capital expenditure of user gets reduced considerably
2. Reduced Operational Cost
• With the outsourcing model of utility computing the cost of running any systems
round the clock moves towards the provider’s end. Subscribers get rid of the
responsibility of system administration, maintenance, and 24 × 7 energy support
as well as its cooling support.
• This is a basis for cost savings because subscribers can use the service by paying
very nominal.
• The provider on the other hand can offer the service at nominal fee to subscribers
because of their volume of business
3. Reduced System Management Responsibility
• Cloud computing model shifts majority of the infrastructure and other system
management tasks towards cloud vendors. Dedicated teams at the vendor’s end
takes care of all of these activities.
4. Use-basis Payment Facility
• Cloud computing does not charge its subscribers when they do not use it. Even the
charge is not fixed; it depends on the duration of usage. Rather, any use is metered
and users are charged a reasonable fee according to their consumption. This
reduces the cost of computing.
5. Unlimited Computing Power and Storage
• In cloud computing, users can easily access supercomputer like computing power
at reasonable cost, if necessary.
• Storage is another important issue for users. Cloud provides as much storage as
required. It is virtually unlimited which is viewed as a big benefit for users.
6. Quality of Service
• In cloud computing, high quality of service (QoS) is ensured as it is provided by
renowned computing vendors having well-trained staffs and expertise exclusively
in the field of computing.
7. Reliability
• The ability to deliver the quality service and support load balancing, backup and
recovery in cases of failure makes the reputed cloud vendors highly reliable
8. Continuous Availability
• Reputed cloud vendors assure almost 24 × 7 service availability.
• The guaranteed continuous availability of cloud service is a big enabler for any
business.
9. Locational Independence/Convenience of Access
• Cloud computing is available everywhere via Internet. Users can access it through
any computing device like PCs, or portable computing devices like tablet, laptop
or smart phone.
10. High Resiliency
• Resiliency is the ability of reducing the magnitude and/or period of disruptions
caused by undesirable circumstances.
• Higher level of resiliency has great value in computing environment.
• Cloud computing is developed based on resilient computing infrastructure, and
thus cloud services are more resilient to attacks and faults.
• Infrastructure resiliency is achieved through infrastructure redundancy combined
with effective mechanism to anticipate, absorb and adapt.
• The cloud consumers can increase the reliability of their businesses by leveraging
the resiliency of cloud-based IT resources.
11. Quick Deployment
• Deployment time in cloud environment has significantly reduced than what is was
in traditional computing environment. This is possible since resource provisioning
is rapid and automatic in cloud environment
12. Automatic Software Updates
• In cloud computing environment, upgrade of software happens automatically.
• Cloud vendors always deliver the latest available version of any software (if not
asked for otherwise).
• Upgraded environment gets available to users almost immediately after it
releases, and whenever user logs in next time.
13. No License Procurement
• Here, users need not procure any periodic license for using applications; rather,
they are allowed to pay (post-payment) according to their use of any software.
14. Safety against Disaster
• Breakdown of systems due to sudden technical failure or natural disaster is a major
concern for users. Specially, any damage to physical storage devices may cause
huge commercial loss.
• Cloud computing delivered by reputed vendors have robust recovery systems
incorporated in their set up. Thus, systems and data remain more protected in
cloud computing in terms of safety and security than previous ones.
15. Environment Friendly
• Cloud computing promotes green computing. Proper utilization of resources
minimizes overall electronic resource requirement, hence reduces generation of
e-waste too. This is beneficial for environment as e-wastes are harmful for eco-
system if not being processed properly.
Challenges in Cloud Computing
1. Limited Portability between Cloud Providers
• Different vendors are coming up with cloud computing facility for public use which
is mostly proprietary to various extents.
• Applications developed on these proprietary clouds are difficult to move to other
cloud platform due to vendor lock-in.
• This problem limits portability of applications. Hence, many times it becomes a
challenge to move from one cloud provider to another.
2. Inter-operability Problem
• Interoperability is the ability of a system to work with other systems. The proprietary issue
restricts applications of two different clouds to interoperate with each other. This is known
as the problem of interoperability.
• Applications of two different proprietary clouds do not interoperate since they follow
different standards.
• Subscribers may find two different applications from two different cloud vendors suitable
for their requirement. For example, some enterprise may like payroll management
application of one cloud vendor while accounts management application of another. But it is
difficult to establish link between these two applications if they are not interoperable.
3. Data Security
• In cloud computing, users or enterprises need to store data outside their network
boundary protected by firewalls.
• Thus the trust boundary of enterprises expands up to the external cloud. Security
of users’ data largely depends on the cloud vendors. This may introduce some
extent of vulnerabilities to the security of data.
4. Reduced Control over Governance
• Cloud computing is built and governed by the policies of computing vendor or service
provider.
• Consumers are relieved of the tiring responsibility of managing the computing system.
 • While this turns out as a major benefit, the low control over the governance or authority of
computing environment sometimes raises concerns among consumers who used to enjoy
full control over self owned traditional data centers.
• The main concern is regarding how a vendor operates the cloud.
• Although low but a certain degree of operational control is given to the subscribers
depending on the type of service and service level agreement plays an important role in this
regard.

5. Multi-Regional Compliance and Legal Issues

• Multi-regional legal issues raise concern over information privacy and compliance
related problems in cloud computing.
• Cloud computing vendors build data centers at locations of their convenience,
both geographical and economical.
• A vendor may even have more than one data centers dispersed over multiple
geographic locations.
• Since subscribers remotely access cloud computing over the Internet, they may
not be aware of the actual location of the resources they consume.
• More importantly, the storage location of subscriber’s data may not be within the
country or region of the subscriber. This sometimes poses serious legal concerns.
• The privacy or compliance rule generally differs across different legal jurisdictions.
The rules for degree of disclosure of personal data to government agencies differ
from country to country, or even state to state within a country.
• Situation may arise where the law of the country of a cloud subscriber asks for
some data to be disclosed where the law of hosting region of the does not allow
such disclosure.
Bandwidth Cost

• Cost of network bandwidth is an additional expense in cloud computing.

The NIST Model

The most appreciated and accepted model of cloud computing was provided by the National
Institute of Standards and Technology (NIST) of U.S.

• The model was published in a document titled as ‘NIST Cloud Computing Reference
Architecture’ by Information Technology Laboratory of NIST in 2011.
• Following is the statement by the NIST:
“Cloud computing is a model for enabling ubiquitous, convenient, on-demand network
access to a shared pool of configurable computing resources (e.g., networks, servers, storage,
applications and services) that can be rapidly provisioned and released with minimal
management effort or service provider interaction.

• This cloud model is comprised of five essential characteristics, three service models, and
four deployment models.”
After analyzing this definition, we have the following salient points:
■■ Cloud computing is a model and not a technology.
■■ Cloud computing enables the users’ access pools of computing resources via network.
■■ The resources are shared among users and made available on-demand.
■■ The prime benefit is the ease of use with very little management tensions for the users.

• The first two among the four points are self-explanatory. The third point says that no user
can hold any resource exclusively unless required for computational or associated tasks.
Computing resources are delivered to a user as and when required and any user need not
to own resources exclusively to use them.
• The last point states that the whole thing will basically be managed by a third party
referred as provider party and users will simply use it without the responsibility of
managing it.
The cloud computing initiative at NIST started in November 2010. The goal of the initiative
was to boost the US Government’s effort to incorporate cloud computing to enhance the
traditional approach of information system maintenance, wherever applicable. .
Deployment and Service Models

• The NIST model of cloud computing separates cloud computing in two categories.
• One category is based on the operational or deployment pattern of the cloud and the
other one is based on the nature of service that the cloud provides.
■■ Cloud modeling based on deployment: It focusses on the access boundary and location of
the cloud establishment. The access boundary defines the purpose of using the cloud to some
extent.

• There are four categories of cloud deployment: public cloud, private cloud, community
cloud and hybrid cloud.
■■ Cloud modeling based on service delivery: This model describes the type of computing
service that is offered to users by the service provider.

• There are three prime categories of service delivery models, namely Infrastructure as a
Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS).
• Apart from cloud deployment and service models, the NIST model mentions five essential
characteristics of cloud computing which are broad network access, rapid elasticity,
measured service, on-demand self service and resource pooling.
• Thus, the NIST defines cloud computing by describing five essential attributes or
characteristics, three cloud service models and four cloud deployment models.
• The model is a generic one and not tied to any specific reference implementation or
vendor’s product.
• In addition to this, the model defines the actors, standard activities and functions
associated with the cloud computing.

Essential Characteristics
The NIST model of cloud computing comprises five essential characteristics or requirements,
which differentiates the cloud model from traditional computing approach.
On-demand self-service:

• It is the most attractive feature that users like about this computing model.
• The on-demand service feature refers to the ability that empowers users to consume
the computing facility as much they need at any moment.
• Being self-service, cloud computing can arrange the on-demand facility for users
without any need of human intervention at vendor’s end.
• A user himself/herself can request cloud services as needed through some interface
(generally through web forms) and resources become available within seconds. This
feature is known as self-service.
• The self-service interface must be user-friendly in order to be effective and appealing.
Cloud computing service is delivered by third-party service provider as per users’ demand.
Resource pooling:

• Computing requires resources like processor, memory, storage and network.

• Cloud computing arranges these resources for users at vendor’s end.
• Users can access and use these resources to satisfy their computing needs as and
when required.
 • Unlike traditional computing approach where every enterprise or user possesses its
own physical computing resources, here pools of computing resources are maintained
at remote locations by the provider which is accessed by all of the users.
• The resource pools must be reasonably large, flexible and capable of supporting many
users simultaneously without any failure.
Broad network access:
• Cloud computing provides economic advantage to users as it releases them from the
inconvenience of setting-up expensive in-house data centers.
• Instead, the cloud service facility developed and installed at the provider’s end is
remotely accessed by users through the network.
• To serve this purpose, strong network infrastructure has to be in place for effort-less
and fast delivery of the computing services.
• Thus, high bandwidth communication links spread over the service area are the
essential attributes of cloud computing so that users can access computing from any
location and anytime.
Rapid elasticity:
• Provisioning of adequate and frequently changing demand of resources for a large
number of users is a major technical concern in cloud computing.
• The computing environment must create an impression of limitless repository of
resources to users, and they should be able to consume any volume of resources any
time.
• Again when a user no more uses the resources, those have to be taken back
immediately so that there is no wastage of valuable resources through idle
possessions.
• From users’ point of view, the system has to be elastic enough. It should be able to
grow and shrink according to the requirement.
• Rapid elasticity refers to this ability of the cloud where a computing system can
expand or reduce itself rapidly in accordance with the actual resource requirement
at runtime.

Measured service:
• As users use computing services provided by cloud vendor, they must pay for it.
• In cloud computing model, this payment is determined by measuring the usages of
computing resources by a user.
• Hence, the provider must employ some mechanism to measure the actual consumption by
each individual user or organization.
• This means that the usage of the pooled resources has to be calculated and stated (or billed)
to every user based on a metering,system.
• Generally this is done on some known metric such as amount of processing power
consumed, use of storage volume, network bandwidth used, number of network transactions
etc.
• Any user is billed based only on the actual consumption of cloud resources or for resources
which were allotted to him/her.

Multi-tenancy

• Multi-tenancy in simple form implies that a single set of resources can have multiple
tenants who are not linked with each other.
• This statement about multi-tenancy perfectly fits in public cloud environment but
does not apply in private deployments with its full essence or ability since all of the
users there are internal to a single organization or remains under a single
body.
• This is the reason why multi-tenancy is not mentioned as an essential attribute of
cloud computing by NIST.
• Community cloud stays in between public and private clouds in terms of supporting
multi-tenancy .
• From provider’s perspective, multi-tenancy enables operational efficiency and makes
the service economical.
The Reference Architecture
• The NIST cloud reference architecture is a logical extension to the NIST cloud
computing definition.
• The reference architecture was published in September 2011.
• The aim of the institute was to develop a neutral architectural model.
• The reference architecture of NIST does not model system architecture of any
particular cloud.
• Rather it intends to simplify the conception of the operational details of cloud
computing.
• The architecture focusses on ‘what’ cloud services need to provide but not ‘how to’
do that.
• Figure represents the NIST reference-based architecture.
 • The diagram depicts a generic high-level architecture and represents an actor or role-
based model.
• The five major actors of the model are cloud consumer, cloud provider, cloud
broker, cloud auditor and cloud carrier.
• Along with the actors, the model also identifies their activities and functions. This
helps in understanding the responsibilities of the actors.

The Actors and Their Roles

• The NIST cloud computing model describes five major actors.

• Each actor in the reference model is actually an entity; that is, either a person or an
organization.
• The entities perform some tasks by participating in transactions or processes.
Cloud Consumer:

• According to the definition of NIST, ‘The cloud consumer is the principal stakeholder
for the cloud computing service.
• A cloud consumer represents a person or an organization that maintains a business
relationship with, and uses the service from a cloud provider.
• The cloud consumer uses cloud service and may be billed for the service by the
provider.

Cloud Provider:
• According to NIST, ‘A cloud provider is a person or an organization; it is the entity
being responsible for making a service available to interested parties.
• A Cloud Provider acquires and manages the computing infrastructure required for
providing the services,.
• Here the interested parties who want service from cloud provider are the
consumers.
Cloud Service Owner
• The person or organization that legally owns a cloud service is called a cloud
service owner. The cloud service owner can be the cloud consumer, or the
cloud provider that owns the cloud within which the cloud service resides.

• A cloud consumer that owns a cloud service hosted by a third-party cloud

does not necessarily need to be the user (or consumer) of the cloud service.

• Several cloud consumer organizations develop and deploy cloud services in

clouds owned by other parties for the purpose of making the cloud services
available to the general public.

• The reason a cloud service owner is not called a cloud resource owner is
because the cloud service owner role only applies to cloud services

Cloud Resource Administrator

• A cloud resource administrator is the person or organization responsible for

administering a cloud-based IT resource (including cloud services). The cloud
resource administrator can be (or belong to) the cloud consumer or cloud provider
of the cloud within which the cloud service resides. Alternatively, it can be (or belong
to) a third-party organization contracted to administer the cloud based IT resource.
• For example, a cloud service owner can contract a cloud resource administrator to
administer a cloud service
Cloud Auditor:
 • The cloud services provided by cloud provider to the cloud consumer must comply to
some pre-agreed policies and regulations in terms of performance, security etc.
• The verification of these agreed conditions can be performed by employing a third-
party auditor.
• The cloud auditor is a party who can conduct independent assessment of cloud
services and report it accordingly.
Cloud Broker:
• Usually, there are enormous numbers of service providers and many similar type of
services are available from different providers.
• This may raise confusion among the consumers regarding the uses and management
of the services.
• Moreover, consumers may not be aware about all of the available services and their
performances.
• Even, consumers may find two different services useful from two different providers
which would have to be integrated as well.
• According to NIST, ‘A cloud broker is an entity that manages the use, performance,
and delivery of cloud services and negotiates the relationships between cloud
providers and cloud consumers.
• Consumers can avoid the responsibilities of those complex tasks by requesting
services from brokers instead of consuming services from providers directly.
Cloud Carrier:
• Cloud computing services are delivered from cloud provider to cloud consumer
either directly or via some cloud broker.
• Cloud carrier acts as an agent in this delivery process.
• They are the organizations who provide the connectivity and transport facility of
services through their network.
• The role of each actor can be played by a single person; by a group of people or an
organization.
• The actors work in close association with each other
• The four actors cloud consumer, cloud provider, cloud auditor and cloud broker
interacts via the fifth actor, the cloud carrier.
• A cloud consumer may directly request for service to a cloud provider. The provider
then delivers the requested services to the consumer. This communication between
consumer and provider occurs through the carriers
• Instead of contacting a cloud provider directly, a cloud consumer also has the option
of requesting for services to some cloud broker.
• Cloud broker usually integrates the required services from provider and delivers it to
the consumer.
 • For independent assessment of operations and other measures, the auditor needs
to interact with the cloud provider, cloud consumer, and cloud broker too.
• The carriers for these interactions are shown through pipeline paths numbered as 6,
4 and 5 respectively.

Cloud Provider
• The cloud provider plays a major role in cloud computing.
• According to NIST model, cloud provider takes care of five types of activities-service
deployment, service orchestration, service management, management of security
and privacy.
• Service deployment decides the deployment model (among the four models) of
cloud infrastructure
• The Service Management component of cloud provider takes care of the functions
needed for the management and operation of cloud services.
• There are three modules of cloud service management as business support,
provisioning/configuration and portability/interoperability.
• Security and privacy are two major concerns for building confidence and trust among
the stakeholders.
• Security management in the NIST reference architecture refers towards developing a
secure and reliable system.
• It means protecting the system and its information from unauthorized access.
• Privacy management aims to keep personal or sensitive information secret and saves
them from revealing out.
Service Orchestration:

• Service orchestration is an important part for the cloud providers.

• According to the NIST document, service orchestration refers to the ‘composition of
system components to support the cloud providers’ activities in arrangement,
coordination and management of computing resources in order to provide cloud
services to cloud consumers.
 • Service orchestration has three layers in it (Figure 4.6) and each layer represents a
group of system components that cloud provider needs to deliver the services.
• At the top, there is the service layer. Here, cloud provider puts interfaces that
enables the service consumers to access various computing services.
• Thus the access interfaces for different types of cloud services (SaaS, PaaS and IaaS)
are represented in this layer.
• The middle layer is the resource abstraction and control layer. At this layer, the
abstraction of physical resources are implemented (through the software).
• Access to any hardware resources goes through this layer and the layer secures the
system by controlling resource allocation and access.
• It also integrates underlying physical resources and monitors the resource usage by
the consumers. This layer is also responsible for resource pooling and dynamic
allocation of resources.
• The physical resource layer is the lowest layer in the stack that houses all of the
physical computing resources.
• Hardware resources include computers (with processor and memory components),
storage components (hard disks), network entities (routers, firewalls, switches,
network links and interfaces) and other physical computing devices.
• Apart from hardware resources, this layer also includes the facilities for the
computing infrastructure which includes power supply, ventilation, cooling,
communications and other aspects of a physical plant.
Organizational Boundary

• An organizational boundary represents the physical perimeter that surrounds a set

of IT resources that are owned and governed by an organization. The organizational
boundary does not represent the boundary of an actual organization, only an
organizational set of IT assets and IT resources. Similarly, clouds have an
organizational boundary
Trust Boundary
 • When an organization assumes the role of cloud consumer to access cloud-based IT
resources, it needs to extend its trust beyond the physical boundary of the
organization to include parts of the cloud environment.
• A trust boundary is a logical perimeter that typically spans beyond physical
boundaries to represent the extent to which IT resources are trusted.
• When analyzing cloud environments, the trust boundary is most frequently
associated with the trust issued by the organization acting as the cloud consumer.

• An organizational boundary represents the physical scope of IT

resources owned and governed by an organization.
• A trust boundary is the logical perimeter that encompasses the IT resources trusted
by an organization.

CLOUD DEPLOYMENT MODELS

• Cloud services can be arranged or deployed in a number of ways.
• The deployment choice depends on the requirements of the consumer organization.
• The deployment model describes the utility of a cloud and also specifies its access
boundary.
• The model also indicates the relative location of the cloud with respect to the location
of consumer organization.
• The NIST definition mentions about four common deployment models as public,
private, community and hybrid deployments.
• All of the clouds fall under either of these four categories.
Public Cloud
• The public cloud deployment model provides the widest range of access to consumers
among all cloud deployments.
• Anyone who subscribes it gets open access to this cloud facility. The consumer can
either be an individual user or a group of people representing some organization or
an enterprise.
• Public cloud is also referred as external cloud as physical location-wise it remains
external or off-premises and the consumers can then remotely access the service.
• A public cloud is hosted and managed by some computing vendors who establishes
data centers to provide the service to consumers.
• The consumers under this cloud deployment model are entirely free from any tensions
of infrastructure administration and system management related issues.
• But, at the same time they (consumers) would have low degree of control over the
cloud. Amazon Web Services, Google Cloud, Microsoft Azure and Salesforce.com are
some of the popular public clouds.
• Public cloud deployment promotes multi-tenancy at its highest degree. Same physical
computing resource can be shared among multiple unrelated consumers. This
provides major advantages as it becomes possible for a single cloud vendor to serve a
large number of consumers.
• When a large number of consumers dispersed around the world share resources from
data center of a single vendor that automatically increases resource utilization rates
and decreases vendor’s cost of service delivery.
• Thus for the consumers, the key benefit of using public cloud is its financial advantage.
The public cloud providers on the other hand, make advantage of the magnitude of
their operation. Being large in volume and business, they can afford state-of-the-art
technology and skilled people. This ensures better quality of service.
• Through this model, consumers can access potentially superior service at a lower cost.
Since different consumers (from different parts of the world) have variable workload
demands during a course of a day, week, month or year, a cloud provider can always
support loads efficiently during high demand

Private Cloud
• The private cloud deployment does not provide open access to all. It is mainly for
organizational use and access to a private cloud deployment is restricted for general
public.
• Private cloud is also referred as internal cloud since it is built to serve internal purpose
of the organizations.
• While public clouds are equally useful for both individual users and organizations,
private cloud generally serves the purposes of organizations only.
• For high-security and critical systems, like systems of defense organizations, private
cloud is the suggested approach.
• While a public cloud cannot physically reside at any consumer’s location (physical
boundary), private clouds may reside either inside consumer organization’s premises
(on-premises) or outside (off-premises) at any neutral location.
• On-premises private clouds physically reside under consumer organization’s own
physical as well as inside the network boundary.
 • Off-premises private clouds reside outside organization’s own network boundary but
remains under the control or supervision of the consumer organization.
• A private cloud may be established and managed by the consumer organization itself
or they (the consumer) may outsource the responsibility to some other computing

vendor.

Community Cloud
• The community cloud deployment model allows access to a number of organizations
or consumers belonging to a community and the model is built to serve some common
and specific purpose.
• It is for the use of some community of people or organizations who share common
concerns in business functionalities, security requirements etc.
• This model allows sharing of infrastructure and resources among multiple consumers
belonging to a single community and thus becomes cheaper compared to a private
cloud.
• Community cloud deployment can be on-premises or off-premises. Physically it may
reside on any community member’s premises or it may be located in some external
location.
• Like Private cloud, this cloud can also be governed by some participating
organization(s) (of the community) or can be outsourced to some external computing
vendor.
• This cloud deployment may be identified as a generalized form of private cloud. While
a private cloud is accessible only to one consumer, one community cloud is used by
multiple consumers of a community.
• Thus, this deployment model supports multi-tenancy although not in the same degree
as public cloud which allows multiple tenants not related with each other.
 • Thus, the tenancy model of community cloud falls in between that of private cloud
and public cloud.
• The goal of community cloud deployment is to provide the benefits of public cloud,
like multi-tenancy, pay-per-use billing etc. to its consumers along with added level of
privacy and security like the private cloud.
• One familiar example of community cloud is some services launched by government
of a country with the purpose of providing cloud services to national agencies. The
agencies are consumers in this case belonging to a single community (the government)

Hybrid Cloud

• A hybrid cloud is generally created by combining private or community deployment

with public cloud deployment together.
• This deployment model helps businesses to take advantage of private or community
cloud by storing critical applications and data.
• There at the same time, it provides the cost benefit by keeping shared data and
applications on the public cloud.
• Figure demonstrates a hybrid cloud model combining public cloud with on-premises
private cloud.
• In practice, the hybrid cloud can be formed by combining two elements from a set of
five different cloud deployments as on-premises private cloud, off-premises private
cloud, on-premises community cloud, off-premises community cloud and public
cloud, where one among the first four deployments is combined with the last one
(public cloud).

CHOOSING THE APPROPRIATE DEPLOYMENT MODEL

• The choice of appropriate cloud deployment depends on several factors.

• It largely depends on the business needs and also on the size and its maturity of
consumer organization.
• Consumers should analyze the pros and cons of on-premises and off-premises
deployment options and must be careful before selecting a cloud deployment model
as different deployments are best fitted for serving different requirements.
• Business need and security need (especially that of data) are two important factors
which play significant role in the decision making.
• For general users, any reputed public cloud service is a good option. The issue
regarding the appropriate choice of cloud deployment mainly stands before
organizations (and communities also). Any reputed public cloud can be a choice for
them but private (or community) deployment becomes the likely option when
concern is about the privacy of sensitive or importance of some vital business-
related data.
• Even in case of setting up, an in-house cloud, organization (or community) must
consider the capability of their in-house technical team; otherwise they
have the choice of outsourcing the (private or community cloud) service.
 • While outsourcing, the expertise or reputation of the service provider has to be
verified.
• Budget is another important issue. The cost of migration into cloud and the total cost
of ownership have to be considered before selecting a deployment. Generally, for a
critical application that has security issues, a private or hybrid cloud model may suit
well.
Economies of Scale

• In the study of Economics, the ‘economies of scale’ means the cost advantages that
enterprises use to obtain due to size or volume of their businesses.
• The scenario can be observed in various business situations, like manufacturing,
service industries etc.
• Large scale production in manufacturing units cuts down the cost per item. Item cost
goes up as the volume of business goes down. The same is relevant in cloud
computing also.
• Cloud economy mainly depends on the number of consumers of a cloud deployment
along with the level of permissible multitenancy of resources. Figure represents the
variations in cost-effectiveness offered by different cloud deployments.

• Among different cloud deployments, as public cloud fully supports multi-tenancy and
are generally consumed by large number of consumers, the vendors can offer
services at cheaper rates.
• The private cloud lies which does not support multi-tenancy and is used by single
enterprise or organization. Thus, it does not provide the cost benefit like public
clouds because of economies of scale.
• The community cloud and hybrid cloud deployments stay in between these two in
terms of economy of scale.
• Public cloud deployment is most economical for consumers among different
deployments.
Consumer’s Authority
 • Consumer’s authority or control over a cloud computing environment varies with
choice of cloud deployment.

• Consumers can have maximum control over a private cloud deployment. In case of
private cloud, a single consumer or enterprise remains the owner of the whole thing.
In off-premises private cloud, although the management of the cloud is outsourced
to some third-party vendor, consumer holds the ultimate control over the cloud
environment.

• Consumers’ control over cloud deployment is minimum in public cloud environment.

There, the service provider is an independent body who holds authority over its
cloud and hence, consumers hold very little control over the environment.
Consumers can only use the service and control their part having limited
functionalities.

CLOUD SERVICES

• The NIST model of cloud computing treats the computing methodology from two
perspectives as deployment and as service.
SERVICE DELIVERY MODELS

• Three categories of computing services that people consume from the days of
traditional computing are:
■■ Infrastructure Service
■■ Platform Service
■■ Software Application Service
Cloud computing talks about delivering these facilities to consumers as computing
services through network/internetwork. The benefit for the consumers is that they can
avail these facilities over Internet anytime, as much as required, sitting at their own
locations in a cost-effective manner. They only need to have a simple and suitable access
device (like PC, laptop, tablet, mobile etc.) to access these services.

• Using these simple devices anyone can access any kind of computing infrastructure,
platform or software application on payment-as-per-actual usage basis.
• Cloud computing offers computing infrastructure, platform and application delivered
‘as-a service’.
• Those services are considered as primary cloud computing services and are referred
to as:
 ■■ Infrastructure-as-a-Service (IaaS)
■■ Platform-as-a-Service (PaaS)
■■ Software-as-a-Service (SaaS)

• These services are generally pronounced as ‘i-a-a-s’, ‘pass’, and ‘saas’ respectively.
• They are the driving forces behind the growth of cloud computing.
• Clubbed together these three service models are commonly referred as SPI (Service-
Platform-Infrastructure) model.
• Cloud service providers arrange these services for the cloud consumers.
• Service layer is the topmost layer of cloud service orchestration over the resource
abstraction and control layer.
• The service layer includes three major cloud services as SaaS, PaaS and IaaS.
• The PaaS layer resides over IaaS and SaaS layer resides over PaaS. In this layered
architecture, the service of a higher layer is built upon the capabilities offered by the
underlying layers.
• IaaS, PaaS and SaaS refer to the delivery of computing services to consumers over
the network
Infrastructure-as-a-Service
• Cloud computing allows access to computing resources in a virtualized environment
popularly referred as ‘the Cloud’.
• Infrastructure-as-a-Service delivers virtualized-hardware (not physical, but
simulated software) resources to consumers known as virtual resources or virtual
components.
• It provides the facility of remotely using virtual processor, memory, storage and
network resources to the consumers.
• These virtual resources can be used just like physical (hardware) resources to build
any computing setup (like virtual machine or virtual network).
• For this reason, IaaS is also referred as Hardware-as-a-Service (HaaS).
• Consumers no longer need to manage or control the underlying computing
infrastructure that they consume as IaaS.
• IaaS is the bottommost layer of cloud computing service model.

• The IaaS component stack is shown above.

• It is a computing solution where the complexities and expenses for managing the
underlying hardware are outsourced to some cloud service providers.
• Here the meaning of outsourcing is different from its conventional interpretation.
• In traditional system, outsourcing of computing hardware means some other party
will provide and manage hardware resources as per the user’s requirement. Users
there can directly access that hardware and can utilize those resources by installing
necessary software over them.
• In cloud computing IaaS model, provider arranges and manages hardware resources
for users but users cannot access those hardware resources directly.
• The hardware resources are represented as simulated software components
(implemented through resource virtualization technique) and are delivered to
consumers via Internet (or network) using web services.
• Consumers can use those simulated components just like real hardware devices and
can build computing system with necessary processor, memory, storage and
network facilities.
• Hardware resources in cloud computing are not directly accessible to users. IaaS
mode provides all hardware components in virtual mode as virtual processor, virtual
storage, virtual switches etc.
• Thus, the simulated (or virtual) hardware component delivered as per consumers’
requirement is the uniqueness of IaaS model.
• Consumers can access these virtual hardware resources on-demand and any time
from any location over the network.
• They can build computers (virtual computers) using those virtual (or virtualized)
hardware components and can even install operating systems and other software
over that system.
• Major computing vendors like Amazon, Google, GoGrid, RackSpace provide IaaS
facility.
• All of these vendors offer virtualized hardware resources of different types.
• Apart from offering resource components separately for building any computing
setup, the IaaS vendors generally offer custom made virtual machines (made of
those virtual components) for consumers.
• For example, Amazon EC2 and Google Compute Engine are popular server
environments. Consumers can install OS and start working over these servers.
• Other than virtual machine, the storage is a very common IaaS offering. Amazon S3
is a popular storage service available as IaaS.
• Cloud vendors deliver customized and ready-made virtual machines via IaaS
offerings which are empty computers (even without OS) being made of virtual
components.
Platform-as-a-Service
• In computing, platform means the underlying system on which software applications
can be installed (and also developed).
• A computing platform comprises hardware resources, operating system,
middleware (if required) and runtime libraries.
• Application programs are also installed over this platform.
• Application development and deployment in traditional computing require the users’
participation in managing hardware, operating system, middleware, web servers and
other components. For instance, users must install appropriate framework (like J2EE,
.NET) before working in any application platform.
PaaS facility, on the other hand, relieves users from all these tensions and delivers
ready-made platform to consumers via internetwork/Internet.
• PaaS component stack, in addition, provides application (development and
deployment) platform over IaaS component stack. A PaaS provider not only delivers
 fully-managed application development and deployment environment but also takes
care of the lower level (infrastructure level) resource management and provisioning.
• PaaS comes with IaaS capability integrated into it.

• PaaS is created by adding additional layers of software over IaaS.

• With the use of PaaS, collaborative application development becomes easier where
multiple users can work from different geographical locations.
• PaaS also reduces the total cost of ownership (TCO) as computing platform becomes
available on rent basis.
• PaaS model lets the users focus only on development and deployment of application
without having the tension of arranging and managing the underlying hardware and
software.
• There are many PaaS offerings available in market. Google App Engine, Microsoft
Azure Platform, GoGrid Cloud Center, Force.com are very popular among them.
• Open-source PaaS offerings are also available in the market. Cloud foundry is one
such which is developed by VMware.
• One problem with PaaS model is that it fixes the developed applications with the
platform. This causes portability problem.
• For instance, application developed on Google App Engine using any programming
language (supported by Google PaaS) uses Google’s APIs, and hence,
it cannot be run over PaaS facility of other vendors.
PaaS–IaaS Integration
• PaaS layer must integrate with underlying IaaS for seamless access to hardware
resources.
• Such integration is carried out using the application program interface (APIs) that an
IaaS layer provides to the PaaS developers.
• APIs are set of the functions and protocols which can be used to build the
applications.
• IaaS developers build and offer these APIs along with their respective
 services so that PaaS facility can be developed above it.
The integration model has been shown

Software-as-a-Service
• Software-as-a-Service (SaaS) is a way of delivering application as a service over the
network/ Internet that users can directly consume without the tension of installing
or configuring an application.
• In traditional computing, consumers had to pay not only the software licensing fee
but also spend a large portion of their budget in setting up the infrastructure and
platform over which the application would run.
• SaaS eliminates this problem and promises easier as well as a
cheaper way of using application.
• SaaS is hosted by SaaS vendors and delivered to the consumers over
network/Internet.
• Unlike traditional packaged applications that users install on their own computing
setup, SaaS vendors run it in their data centers.
• Customers do not need to buy software licenses or any additional computing
resources to support the application and can access applications against
some rental fee on usage basis.
• SaaS applications are sometimes referred as web-based software,
or hosted software.
• SaaS is built by adding layers over PaaS component stack
• It is the facility of using applications administered and delivered by service provider
over a cloud infrastructure.
• In SaaS model, everything is managed by vendor including application upgrade or
updates; even the data and application acts upon are also managed (storage in
database or file etc.) by SaaS.
• Users can access the applications through a thin client interface (usually a browser)
from any location.
• SaaS was most primitive among different types of cloud services. SaaS started to gain
the popularity form the beginning of the current decade with solutions offered both
for general users as well as for the enterprises.
• E-mail facility is one common example of SaaS application that is used by everyone.
• The CRM (customer relationship management) package of Salesforce. com gained
popularity among enterprises since early 2000s.
• SAP (Systems, Application and Products) as the solution provider of Enterprise
Resource Planning (ERP) entered into the SaaS
• CRM and ERP markets with its ‘Business ByDesign’ solution. Oracle launched its CRM
SaaS ‘On Demand’.
• There are also many popular SaaS offerings for general users in the market today like
Google Apps, Microsoft Office 365 and else.
• Cloud based software services (SaaS) was matured before the inception of the cloud
platform or infrastructure services.
 Other Category of Cloud Service

• As cloud computing matured, vendors started sub categorizing services of SPI model
and introduced new services. Some among those services dealt with specific
computing issues like storage, database, backup and other services which managed
business functionalities like security, compliance, identity etc. All these new
‘<Something> as a Service’ fell into the category of XaaS (pronounced ‘zass’), a
generalization of all cloud-related services.
• These new cloud services often provide great results and facilities to consumers. A
particular service is managed by experts of that domain and consumers get the
options of choosing more robust facilities.
Security Management-as-a-Service
• Security is a prime concern in cloud computing services , especially in public cloud
services.
• Adoption of cloud computing challenges the security as the consumers lose control
over the computing environment.
• To ensure security for the environment, tasks like timely virus definition updates,
maintaining logs and regular security audits are important.
• Security management is an integral part of any cloud service offering like SaaS and
PaaS. But, at the same time, the vendors having expertise on security management,
offer the service as separate cloud service. This cloud service is known as ‘Security
Management-as -a- Service’.
• Cloud service consumers can opt for some Security Management-as-a-Service
offering to delegate the responsibilities of all of the security related issues of their
computing environments. Eminent vendors providing this service include Cisco,
McAfee, Symantec and others.
Identity Management-as-a-Service (IDaaS)
• Identity management in cloud computing is a critical job. Identity management for
any application requires robust authentication, authorization and access-control
mechanisms.
• Authentication and authorization are maintained through some user-identification
techniques and passwords respectively. Many advanced techniques like federated
identity, identity governance, auditing, single sign-on etc. are used with applications
nowadays for the purpose.
• Although, the identity management is an integral part of all of the cloud services, a
number of vendors separately offer identity management-as-a-service that can be
incorporated with other cloud services for managing user identity.
• Examples of such services include Symplified, Ping Identity and other
Storage-as-a-Service
• Data storage comes under IaaS offering. All of the IaaS service vendors offer storage
services as an important part of their service. Data can be stored in cloud where the
storage works like a disk drive and one can store files there like text, audio, video
etc.
 • Cloud storage services of Amazon and Rackspace have gained significant popularity
among others. They enable provisioning of storage space efficiently.
• Consumers can rent storage space on a cost-per-gigabyte-stored or cost-per-data-
transfer basis. Storage-as-a-Service is seen as a good option for consumers as it is
cost-effective and mitigates risks in disaster recovery.
4. Database-as-a-Service
• In cloud computing model, the database offering comes under the PaaS layer.
But, the cloud service vendors have come up with exclusive cloud computing
solution for database and it is called as Database-as-a-Service (DBaaS).
• DBaaS offers a unique platform with on-demand and self-service capability
where even non-DBAs can easily fulfill their requirements. It relieves consumers
from all of the worries of critical database management issues and also reduces
the cost of production. Amazon RDS, Microsoft SQL Azure are example of DBaaS
offerings available in the market.
5.Backup-as-a-Service (BaaS)
• Data is core element of any business. Backing up and recovery of data is
considered extremely important in computing but at the same time the system
backup is also necessary to overcome uncertain circumstances like disaster and
others.
o Backup is considered as a specialized service that asks for expertise and
many cloud computing vendors offer backup-as-a-service (BaaS) that
turns out to be most useful and cost-effective for the consumers

6. Compliance-as-a-Service
• Compliance is an issue of concern that appears with cloud computing. It is
related with the fulfillment of the laws of the countries or regions where
business is somehow linked through the cloud. Managing the compliance issues
is a complex matter and needs for considerable expertise.
• Some vendors offer cloud service in order to take care of these compliance issues
for businesses. Such service called as Compliance-as-a-Service (CaaS) enables the
organizations to meet the regulatory requirements effortlessly.
• A Compliance-as-a-Service provider can be a trusted third party who acts at an
intermediate layer between a cloud service and its consumer. CaaS helps
organizations to concentrate more on their business without worrying about
violation of laws and regulations.
• CaaS service providers are expert in specific business domains. For this reason,
CaaS service is sometime referred as ‘vertical cloud’ service which depicts an
alternate vertical (related to some specific trade or industry) business domain.
Desktop-as-a-Service
• Cloud services can be accessed through a suitable access devices (PC, tablet etc.)
without
installing the applications locally.
• Cloud applications remain independent of the local devices and thus consumers
can access computing from any such device.
• Although a consumer’s cloud environment remains same with change in access
device but the desktop environment changes as it is local device dependent.
• For instance, the customized look of the desktop with shortcut icons to access
applications are only stored locally.
• Here comes the use of Desktop-as-a-service (DaaS). There are cloud service
providers who delivers personalized desktop environments to users as service.
This allows users to enjoy the benefits of their personal desktop environment
irrespective of the cloud access devices.
• This is also referred to as virtual desktop or hosted desktop.
• Readers must not get confused between SaaS and DaaS. SaaS makes applications
available which are accessed through their respective interfaces. Through DaaS,
the user can keep all of those interfaces together at one place (the desktop).
Several well known Desktop-as-a-Service providers include Amazon, Citrix and
Desktone (a VMware company).
Monitoring-as-a-Service
• Performance monitoring is another important aspect of computing systems.
Cloud vendors offer this as a service known as Monitoring-as-a-Service (MaaS). It
monitors functionalities and performances of various cloud services.
• MaaS can be used to track some specified states of applications, storage,
network etc. Enterprises even employ multiple MaaS solutions for the interest of
business.
• Adopting performance monitoring as a service allows enterprises to take
appropriate measures to maximize performance and business.
• For example, the average response time measured during a period might be
evaluated to see if this deviates from an acceptable value.
• Administrators can later take action to rectify the issue or even respond in real
time scenario.