Ø
Cloud
computing in general
Cloud computing
in general can be portrayed as a synonym for distributed computing over a network, with the ability to run a program or
application on many connected computers at the same time. It specifically
refers to a computing hardware machine or group of computing hardware machines
commonly referred as a server connected through a communication network such as the Internet, an intranet, a local area network (LAN) or wide area network (WAN) and individual users or user who
have permission to access the server can use the server's processing power for
their individual computing needs like to run an application, store data or any
other computing need. Therefore, instead of using a personal computer
every-time to run the application, the individual can now run the application
from anywhere in the world, as the server provides the processing power to the
application and the server is also connected to a network via internet or other
connection platforms to be accessed from anywhere. All this has become possible
due to increasing computer processing power available to humankind with
decrease in cost as stated in Moore's law.
In
common usage, the term "the cloud" is essentially a metaphor for the
Internet.Marketers have further popularized the phrase "in the cloud"
to refer to software, platforms and infrastructure that are sold "as a service", i.e. remotely through the Internet.
Typically, the seller has actual energy-consuming servers which host products
and services from a remote location, so end-users don't have to; they can
simply log on to the network without installing anything. The major models of
cloud computing service are known as software as a service, platform as a service, and infrastructure as a service. These cloud services may be offered in a public,
private or hybrid network.[2] Google, Amazon,
IBM, Oracle Cloud,
Rackspace, Salesforce, Zoho and Microsoft Azure are some well-known cloud vendors.
Network-based
services, which appear to be provided by real server hardware and are in fact
served up by virtual hardware simulated by software running on one or more real
machines, are often called cloud computing. Such virtual servers do not
physically exist and can therefore be moved around and scaled up or down on the
fly without affecting the end user, somewhat like a cloud becoming larger or
smaller without being a physical object.
Ø Cloud Computing Advantages
The advantages and benefits of cloud
computing are well documented – low to no upfront infrastructure investments,
just in time deployment, and a more efficient resource utilization model are
all benefits of the cloud. It’s these very drivers which are creating a significant
demand for cloud based services. Major advantages of cloud computing include:
Major
cloud computing advantages include:
·
Less maintenance: Hardware, applications and bandwidth are managed by the
provider.
·
Continuous availability:
Public cloud services are available wherever you are located.
·
Scalability: Pay only for the applications and
data storage you need.
·
Elasticity: Private clouds can be scaled to
meet your changing IT system demands
·
Expert service: Expedient’s
cloud computing services are continuously monitored and maintained by our
onsite staff of expert data center technicians.
Ø Cloud Computing Architecture
When
talking about a cloud computing system, it's helpful to divide it into two
sections: the front end
and the back end.
They connect to each other through a network, usually the Internet. The front end is the side the
computer user, or client, sees. The back end is the "cloud" section
of the system.
The
front end includes the client's computer
(or computer network) and the application required to access the cloud
computing system. Not all cloud computing systems have the same user interface.
Services like Web-based e-mail programs leverage existing Web
browsers like Internet Explorer or Firefox. Other systems have unique
applications that provide network access to clients.
On
the back end of the system are the various computers, servers and data storage
systems that create the "cloud" of computing services. In theory, a
cloud computing system could include practically any computer program you can
imagine, from data processing to video games. Usually, each application will
have its own dedicated server.
A
central server administers the system, monitoring traffic and client demands to
ensure everything runs smoothly. It follows a set of rules called protocols and uses a
special kind of software called middleware.
Middleware allows networked computers to communicate with each other. Most of
the time, servers don't run at full capacity. That means there's unused
processing power going to waste. It's possible to fool a physical server into
thinking it's actually multiple servers, each running with its own independent
operating system. The technique is called server virtualization. By maximizing
the output of individual servers, server virtualization reduces the need for
more physical machines.
If
a cloud computing company has a lot of clients, there's likely to be a high
demand for a lot of storage space. Some companies require hundreds of digital
storage devices. Cloud computing systems need at least twice the number of
storage devices it requires to keep all its clients' information stored. That's
because these devices, like all computers, occasionally break down. A cloud
computing system must make a copy of all its clients' information and store it
on other devices. The copies enable the central server to access backup
machines to retrieve data that otherwise would be unreachable. Making copies of
data as a backup is called redundancy.
Ø Cloud
Computing Service Models
Ø Security issues associated with the cloud
Organizations
use the Cloud in a variety of different service models (SaaS,
PaaS, IaaS)
and deployment models (Private, Public, Hybrid). There are a number of security
issues/concerns associated with cloud computing but these issues fall into two
broad categories: Security issues faced by cloud providers (organizations
providing software-,
platform-,
or infrastructure-as-a-service via the cloud) and security issues faced by their
customers. In most cases, the provider must ensure that their infrastructure is
secure and that their clients’ data and applications are protected while the
customer must ensure that the provider has taken the proper security measures
to protect their information.
The
extensive use of virtualization in implementing cloud infrastructure brings
unique security concerns for customers or tenants of a public cloud service. Virtualization
alters the relationship between the OS and underlying hardware - be it
computing, storage or even networking. This introduces an additional layer -
virtualization - that itself must be properly configured, managed and secured. Specific
concerns include the potential to compromise the virtualization software, or
"hypervisor". While these concerns are largely theoretical, they do
exist.[4] For example, a breach in the
administrator workstation with the management software of the virtualization
software can cause the whole datacenter to go down or be reconfigured to an
attacker's liking.
Ø Cloud security controls
Cloud
security architecture is effective only if the correct defensive
implementations are in place. An efficient cloud security architecture should
recognize the issues that will arise with security management. The security
management addresses these issues with security controls. These controls are
put in place to safeguard any weaknesses in the system and reduce the effect of
an attack. While there are many types of controls behind a cloud security
architecture, they can usually be found in one of the following categories:
·
Deterrent controls
These
controls are set in place to prevent any purposeful attack on a cloud system.
Much like a warning sign on a fence or a property, these controls do not reduce
the actual vulnerability of a system.
·
Preventative controls
These
controls upgrade the strength of the system by managing the vulnerabilities.
The preventative control will safeguard vulnerabilities of the system. If an
attack were to occur, the preventative controls are in place to cover the
attack and reduce the damage and violation to the system's security.
·
Corrective controls
Corrective
controls are used to reduce the effect of an attack. Unlike the preventative
controls, the corrective controls take action as an attack is occurring.
·
Detective controls
Detective
controls are used to detect any attacks that may be occurring to the system. In
the event of an attack, the detective control will signal the preventative or
corrective controls to address the issue.
Referensi
:
http://computer.howstuffworks.com/cloud-computing/cloud-computing.htm