• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Introduction au Cloud computing
 

Introduction au Cloud computing

on

  • 1,086 views

Cours donné dans le cadre d'infosafe en mars 2013

Cours donné dans le cadre d'infosafe en mars 2013

Statistics

Views

Total Views
1,086
Views on SlideShare
1,086
Embed Views
0

Actions

Likes
0
Downloads
75
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

CC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • CAPEX: capital expenses, OPEX: operational expenses -> much lower initial cost Meilleure sécurité, car spécialité du cloud provider
  • USA Patriot Act: les US ont le droit d’aller voir toutes les données se trouvant sur leur territoire

Introduction au Cloud computing Introduction au Cloud computing Presentation Transcript

  • Cloud Computing Transversale du 22/3/2013 Transversale du 22/3/2013 Jean-Noël Colinjean-noel.colin@fundp.ac.be Jacques Folon Jacques.folon@ichec.be
  • Definition“A style of computing where scalable and elastic IT-relatedcapabilities are provided “as-a-service” using internettechnologies to multiple external customers.” (Gartner)“Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurablecomputing resources (e.g., networks, servers, storage,applications, and services) that can be rapidly provisioned andreleased with minimal management effort or service providerinteraction.” (National Institute of Standards and Technology)
  • Cloud Services Definition - updated Cloud Services Consumer and Business products, services and solutions delivered and consumed in real-time over the Internet  Shared, standard service – built for a market (public), not a single customer  Solution-packaged – a “turnkey” offering, integrates required resources Key  Self-service – admin, provisioning; may require some “on-boarding” support  Elastic scaling – dynamic and fine-grainedAttributes  Use-based pricing – supported by service metering  Accessible via the Internet/IP – ubiquitous (authorized) network access  Standard UI technologies – browsers, RIA clients and underlying technologies  Published service interface/API – e.g., web services APIs Public - open to a largely unrestricted universe of potential users; designed for Deployment a market, not a single enterprise Models [Note: large gray zones Private - designed for, and access restricted to, a single enterprise (or extended between these enterprise); an internal shared resource, not a commercial offering; IT two broad categories] Org is the “vendor” of the shared/std service to its users© 2009 IDC 3
  • Five key characteristics,explained by the Gartner (Plummer, et al., 2009) and the National Institute of Standards and Technologies (Mell, et al., 2009) :¢ • A service-oriented technology, where consumer concerns are abstracted from provider concerns, and that is ready-to-use SERVICE BASED;¢ • Services scale on-demand to add or remove resources as needed RAPID ELASTICITY AND SCALABILITY;¢ • Services share a pool of resources to build economies of scale SHARED RESOURCES;¢ • Services are tracked with usage metrics to enable the “pay-as-you-go model” PAY PER USE;¢ • Services are delivered through use of Web identifiers, standards, formats and protocols and with an identical access UBIQUITOUS NETWORK ACCESS;Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora,http://www.slideshare.net/cedricmora/cloud-computing-in-france
  • 3 types of servicesCloud Computing in France – A model that will transform companies, Thesis by Cedric Mora,http://www.slideshare.net/cedricmora/cloud-computing-in-france
  • Software as a service (SAAS)  The service provided makes use of the provider’s applications accessible through a client interface, such as a web browser (ex: Gmail).  The consumer doesn’t manage or control the infrastructure, the network, the servers, the operating system, the storage and cannot add specific development (even if there are limited user specific application configuration settings).  Offers: Billing, Financials, Legal, Sales, Desktop productivity, Human Resources, Content Management, Backup & Recovery, CRM (Customer Relationship Management), Document Management, Collaboration Tools, Social Networks.Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora,http://www.slideshare.net/cedricmora/cloud-computing-in-france
  • Platform as a service (PAAS) The service provided consists in the deployment of consumercreated applications on the provider’s infrastructure and the use of programming languages and tools supported by the platform (ex: Java or Python available on Google App Engine).  The consumer doesn’t manage or control the infrastructure, the network, the servers, the operating system and the storage but he has control over the deployed applications, and occasionally application hosting environment configurations.  Offers: General purpose, Business intelligence, Integration, Development & Testing, Database.Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora,http://www.slideshare.net/cedricmora/cloud-computing-in-france
  • Platform as a Service (PaaS)Now you don’t need to invest millions of $$$ to get that developmentfoundation ready for your developers.The PaaS provider will deliver the platform on the web, and in most ofthe cases you can consume the platform using your browser, i.e. noneed to download any software.It has definitely empowered small & mid-size companies or even anindividual developer to launch their own SaaS leveraging the power ofthese platform providers, without any initial investment.PaaS ExamplesGoogle App Engine and Windows Azure are examples of Cloud OS.OrangesScape & Wolf PaaS are cloud middleware. http://www.techno-pulse.com/
  • INFRASTRUCTURE AS A SERVICE (IAAS) The service provided gives the possibility to rent resources, such as processing, storage or bandwidth, and allows the consumer to deploy and run anysoftware (operating systems and/or applications). The consumer doesn’t manage and control the infrastructure but he controls the operating system, the storage, the deployed applications, and occasionally networking components (firewall, load balancing). Some providers offer to manage the application if the latter is not too specific and is compatible with the perimeter of their offer. o Offers: Storage, Compute, Services Management.Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora,http://www.slideshare.net/cedricmora/cloud-computing-in-france
  • Different type of cloud•Public clouds•External private clouds•Private clouds•Hybrid clouds•Community clouds
  • Public clouds Infrastructures are shared with a “Pay-as- you-go” model. This off-premise virtualized infrastructure is easily accessible and can be managed through a portal of the provider. The provider can make economies of scale: the homogeneous infrastructures are shared with all the consumers and managed and updated by the Cloud provider. Consumer can choose the infrastructure they need, and choose all the security elements and the uptime (SLA).Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora,http://www.slideshare.net/cedricmora/cloud-computing-in-france
  • External private cloud  We are also seeing an increase number of External Private Clouds offerings (off-premises):  This provides a way for companies to create a logically separated set of virtual machines, a secure VPN connection to their own networks (Virtual Private Network is a secure tunnel through the Internet from a corporate network to provider’s servers).  It also enables the use of existing security and management policies.Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora,http://www.slideshare.net/cedricmora/cloud-computing-in-france
  • Private clouds Internal pool of resources inside the Date Centers of a company. Internal Private Clouds are sometimes seen as a simple evolution of the classic Information System of an organization but have some characteristics of Public Clouds (they use the virtualization and dynamic provisioning). Private Clouds are companies who only want to use services that are hosted in-house and do not want to share their infrastructure. This type of Cloud respect the standard process and security policy of the company but doesn’t not offer as much benefits and flexibility to the CIO: he always have to invest in the hardware and software.
  • Hybrid cloud Combination of different clouds (for example Public and Private Clouds) that allow for transitive information exchange and possibly application compatibility and portability across disparate Cloud service offerings and providers utilizing standard or proprietary methodologies regardless of ownership or location.Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora,http://www.slideshare.net/cedricmora/cloud-computing-in-france
  • COMMUNITY CLOUDInfrastructures, shared by severalorganizations, support a specificcommunity that has shared concerns(e.g., mission, security requirements,policy, and compliance considerations).The US Government and NASA createda community cloud for all USgovernment agencies.This type of cloud combines two worlds:Public Cloud (different entities sharingtheir infrastructure) and Private Cloud(specific organizations use their ownData Centers and know with whom theyshare their infrastructure).Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora,http://www.slideshare.net/cedricmora/cloud-computing-in-france
  • Impact on the organization
  • Impact on the organizationStrategy: What are the impacts on the strategy when it goes fromcontrolling an infrastructure to controlling a process? What new strategiesare possible now?• Systems: What happen to the processes of the IT department? (ITIL,Build versus Run, contract management)• Structure: How can the IT department be aligned with the businessstrategy? Does a company need a new organization? What happens tothe CIO and the decision making?• Shared values: Can an organization be still working in silos? A keyelement will be developed in the corporation culture• Style: Does the managers have to behave differently?• Staff: What happens to the actual employees? New jobs created?• Skills: What skills does the employees need in this new model?
  • Cloud Computing • Le système d’information, un modèle en couches Données Utilisateur Application Architecte Logiciel de service Project Manage Système dexploitation r Analyste Infrastructure (matériel/réseau) TesteurInfoSafe 18 2012-2013
  • Cloud Computing • Gestion du système d’information ★ Recourir à des services externes ‣ Manque de compétences internes ‣ Maîtrise des coûts ‣ Manque de flexibilité interne ★ Outsourcing ‣ Sous-traiter une activité à un partenaire - Développement - Gestion SI - … ★ On-demand computing/Utility computingInfoSafe 19 2012-2013
  • Cloud Computing • Modèles de gestion IT ★ IT Interne ‣ Entièreté du SI est sous la gestion directe de l’organisation - Équipement, logiciel, hébergement, personnel ★ Colocation ‣ Entièreté du SI est sous la gestion directe de l’organisation, MAIS hébergement confié à un partenaire ★ Managed services ‣ Couches hautes du SI sous la gestion directe de l’organisation, MAIS infrastructure (évt. Logiciel système) et hébergement confiés à un partenaire ★ Cloud Computing ‣ Idem managed services, mais en incluant des mécanismes de flexibilité, virtualisation, automatisation…InfoSafe 20 2012-2013
  • Cloud Computing • Modèles de gestion – coûts ★ CAPEX: Capital expenses – investissements ★ OPEX: Operational ExpensesInfoSafe 21 2012-2013
  • Cloud Computing • Définition ★ « Environnement dans lequel les services d’infrastructure (calcul, stockage…) et applicatifs sont fournis au travers d’Internet et accédés via un navigateur. » (Information Systems, Stair & Reynolds, Cengage, 2012) • Principes ★ Pool de ressources ★ Virtualisation ★ Elasticité ★ Automatisation ★ Per-usage business modelInfoSafe 22 2012-2013
  • Cloud Computing • Résultat d’un processus d’évolution ★ Evolution du paradigme ‣ Du mainframe au C/S au Web au Grid au Cloud ★ Evolution du matériel ‣ Performances accrues (CPU, stockage, réseau) ‣ Baisse du coût ‣ Partage, mutualisation ★ Evolution du logiciel ‣ Accès à distance ‣ Virtualisation ‣ SOA, approche ‘composants’ du logicielInfoSafe 23 2012-2013
  • VirtualisationInfoSafe 24 2012-2013
  • Virtualisation • Avantages ★ Flexibilité ‣ Provisioning rapide (comparé à des machines physiques) ‣ Ajustement des ressources ★ Sécurité ‣ Isolation ‣ DRP ★ Reporting ★ Facturation ‣ Pay-per-usage • Hyperviseurs ★ VMWare, MS HyperV, KVM, Xen, IBM…InfoSafe 25 2012-2013
  • Cloud Computing Business Cloud Provider IT Applications Logiciels de service Système d’exploitation InfrastructureInfoSafe 26 2012-2013
  • Cloud ComputingInfoSafe 27 2012-2013
  • Cloud Computing Platform IaaS Paas Saas SalesForce.com (http://www.salesforce.com/) Amazon Elastic Compute Cloud (http://aws.amazon.com/ec2/) Google App Engine (http://cloud.google.com/appengine/) DropBox (https://www.dropbox.com/) Microsoft Dynamics Online (http://crm.dynamics.com/) WorkXpress (http://www.workxpress.com/) Office 365 Online (http://office365.microsoft.com) Google Docs (http://docs.google.com)InfoSafe 28 2012-2013
  • Cloud Computing Platform IaaS Paas Saas SalesForce.com (http://www.salesforce.com/) ✔ Amazon Elastic Compute Cloud (http://aws.amazon.com/ec2/) ✔ Google App Engine (http://cloud.google.com/appengine/) ✔ DropBox (https://www.dropbox.com/) ✔ Microsoft Dynamics Online (http://crm.dynamics.com/) ✔ WorkXpress (http://www.workxpress.com/) ✔ Office 365 Online (http://office365.microsoft.com) ✔ Google Docs (http://docs.google.com) ✔InfoSafe 29 2012-2013
  • Cloud Computing Avantages Inconvénients Intérêt économique Modèle ‘pay as you go’ One size fits all? CAPEX ➟ OPEX Flexibilité/Agilité Perte de maîtrise/contrôle Sécurité (as a Service) Sécurité et protection des données Coût de migration vers un modèle Cloud Efficacité/Rentabilité (adaptation, transfert de données) Complexité contractuelle (SLA) Dépendance vis-à-vis de tiers Mécanisme de sortie?InfoSafe 30 2012-2013
  • Cloud Computing • Sécurité ★ Aujourd’hui, premier frein à l’adoption du Cloud (IDC Study, 2009) ★ Lié au partage des ressources ★ Impératifs légaux et réglementaires ‣ Auditabilité: SOX, HIPAA ‣ Accès par les autorités: USA Patriot Act ‣ Localisation des données: EU Directive ★ Des solutions techniques existent ‣ VPN, VLAN, DB Chiffrées…InfoSafe 31 2012-2013
  • Risques et opportunités du Cloud Source: Wikipedia
  • Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora,http://www.slideshare.net/cedricmora/cloud-computing-in-france
  • Domaines critiques à étudier pour la gouvernance Choc culturel - Résistance au changement Gestion des risques de l’entreprise Problèmes légaux  Fuites de données  Accès aux données par les organismes gouvernementaux  Protection de la vie privée Mise en conformité et audit Gestion du cycle de vie de l’information  Création, identification, stockage, utilisation, partage, archivage et destruction  Définition des responsabilités Portabilité et interopérabilité Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves10 LE ROUX
  • Domaines critiques à étudier pour lasécurité Plan de continuité et de reprise d’activités Opérations du ou des centre(s) informatique(s) Réponse, notifications et traitement des incidents Sécurité des applications Chiffrement et gestion des clés Identités et contrôle d’accès Technologie de virtualisation Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX10
  • Les avantages du Cloud Computingdu point de vue sécurité &gouvernance (1/2) Possibilité de mettre les données publiques dans un Cloud et de mieux protéger les données sensibles Fragmentation et dispersion des données Equipe de sécurité dédiée Plus grand investissement dans l’infrastructure de sécurité Tolérance aux fautes et fiabilité améliorées Meilleure réaction aux attaques Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves10 LE ROUX
  • Les avantages du Cloud Computing du point de vuesécurité & gouvernance (2/2) Réduction possible des activités de mise en conformité et d’audit  Statement on Auditing Standards No. 70: Service Organizations  Automated Audit, Assertion, Assessment, and Assurance API (A6) Données détenues par un tiers impartial Solutions de stockage et de récupération de données à moindre coût Contrôles de sécurité à la demande Détection en temps réel des falsifications du système (System Tampering) Reconstitution rapide des services Possibilité accrue de créer des réseaux leurres (honeynet)  La capture d’une machine virtuelle ne compromet pas l’hôte Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves10 LE ROUX
  • Les défis du Cloud Computing du pointde vue sécurité & gouvernance (1/4)  Confiance dans le modèle de sécurité du fournisseur souvent opaque  Réponse par le client aux recommandations des audits  Aide aux enquêtes après incidents  Responsabilité des administrateurs appartenant au fournisseur  Perte du contrôle physique  Gestion de l’isolement des machines virtuelles  Présence de multi-location (multi-tenancy)  Gestion des versions de logiciels Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX 11
  • Les défis du Cloud Computing dupoint de vue sécurité & gouvernance (2/4) Protection des données personnelles  Traitement dans l’E.E.E. ou la Suisse, le Canada, l’Argentine, Guernesey, Jersey, Man et le Safe Harbour (US)  Règles internes d’entreprise / Corporate Binding rule  Clauses contractuelles types  Autorisation de transfert Droit d’accès des organismes gouvernementaux  Patriot Act, Regulation of Investigatory Powers Act, LOPPSI, etc. Conservation légale des documents et leur production Garantie de la qualité de service Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX11
  • Les défis du Cloud Computing dupoint de vue sécurité & gouvernance (3/4) Attirance des hackers Possibilité d’une panne massive Intégration avec l’informatique interne Besoins de chiffrement  Problèmes légaux (import, export, utilisation)  Accès chiffré à l’interface de contrôle du Cloud  Accès chiffré aux applications  Chiffrement des données stockées Permanence / rémanence des données Agrégation et inférence des données Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX
  • Les défis du Cloud Computing dupoint de vue sécurité & gouvernance (4/4) Sécurisation des OS virtuels dans le Cloud Dépendance de la sécurité des hyperviseurs Gestion des identités dans le Cloud  Provisioning / déprovisioning  Authentification  Fédération  Gestion des profils utilisateurs et des autorisations d’accès Gouvernance et Sécurité dans le Cloud Computing : Avantages et Défis. Yves LE ROUX
  • Sources & credits Some material adapted from  slides by Christophe Bisciglia, Aaron Kimball, & Sierra Michels- Slettvet, Google Distributed Computing Seminar, 2007  Jimmy Lin, The iSchool, University of Maryland  B.Singh, www.technopulse.com  http://www.andyharjanto.com  Gouvernance et sécurité dans le Cloud Computing : avantages et défis, Yves LE ROUX, CISSP CISM, Principal Consultant; Yves.leroux@ca.com  Cloud Computing in France – A model that will transform companies, Thesis by Cedric Mora, http://www.slideshare.net/cedricmora/cloud-computing-in-france