Bright and Gray areas of Clound ComputingPresentation Transcript
Cloud Computing By Pallavi Khandekar & Jacob Bennett
Cloud Service Models• Software as a Service (SaaS) – It is a software product that is provided to you when you logon to the cloud – These services are meant to be accessible to everyone with a computer and an internet provider – Unless you have dialup. – It is used for creating, storing, accessing, and manipulating your files from any internet connection. – Some examples are: Boise State Gmail, Google Docs, or any other application you access exclusively through the internet.
Cloud Service Models• Infrastructure as a Service (IaaS) – It is a computer/s that exist on the cloud. – It is used for adding virtual machines to a network or for the capacity to expand and contract dynamically as you need it. – As a user, my computer becomes nothing but the means to access another more powerful computer. • Do NOT need corporate software installed on the company PC! • Do NOT need a specific operating system!
Cloud Service Models• Platform as a Service (PaaS) – Like IaaS, PaaS is geared towards providing a platform on which a developer may develop, publish, and maintain their source code. – It can be defined as an IaaS that will connect to a PC instead of the other way around. – Think, email that is pushed to your phone and not pulled.
Cloud Service Models
Current Concerns and Challenges• Security• Dependency• Legal Issues• Decreased flexibility
Security Security of Cloud Computing refers to policies, technologies and controls deployed to protect data, application and the associated infrastructure. Security and PrivacySecurity Issues faced by Cloud providers Security Issues faced by Cloud customers• Data Loss / Data theft • Data/ Service Access• System Boundaries • Data confidentiality
Traditional System Cloud Architecture architecture App App Server Server virtualization port Network Network
Mobility App App AppServer Server 1 Server 2 virtualization virtualization portNetwork Network Network Do they share same policy/security layer?
Are they interacting? Co-existenceApp 1 App 2 App 1 App 2Server 1 Server 2 Server 1 virtualization port portNetwork Network Network
Multiple Level SecurityDatacenter facility security Operating systems and application level• Physical controls • Directory Federation (SAML)• Access controls • Access control and monitoring• Video surveillance • Anti malware and anti-Spam• Background checks • Patch and configuration management • Secure engineering.Network Level Data Level• Edge routers • Access control lists• Multiple-layer firewalls • User level access and authorization.• Intrusion detection • Field and data integrity.• Vulnerability scanning• Encryption
Dependency (loss of control)• No or little insight in CSP contingency procedures. Especially backup, restore and disaster recovery.• No easy migration to an other CSP.• Measurement of resource usage and end user activities lies in the hands of the CSP• Tied to the financial health of another Company.• Quality problems with CSP(Cloud Service Providers).• No influence on maintenance levels and fix frequency when using cloud services from a CSP
Legal and Contractual issues around Cloud ComputingFew important legal issues that must be taken care before signing up with the CSP:1. Physical Location of data: • Customer should know actual physical location of their data. • In case of dispute arises between vendor and customer which country’s court system will settle the conflict? (e.g. customer is in China and vendor is in US.)2. Responsibility of your data: • What if data center is hit by a disaster? • Is there any liability coverage for breach of data? • What can be done if data center gets hacked?3. Intellectual Property Rights: • Is your data protected under the intellectual property rights? • Third party access