Issues in cloud computing


Published on

Cloud computing means using multiple server computers via a digital network, as though they were one computer.

We can say , it is a new computing paradigm, involving data and/or computation outsourcing.

it has many issues like security issues, privacy issues, data issues, energy issues, bandwidth issues, cloud interoperability.

there are solutions like scaling of resources, distribute servers etc.

Published in: Technology, Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Trusted Platform Module. :- To provide stronger computer security than software alone can provide, TCG(Trusted Computing Group) has defined the specification for the widely implemented Trusted Platform Module (TPM). The TPM is an international standard, hardware security component built into many computers and computer-based products. The TPM includes capabilities such as machine authentication, hardware encryption, secure key Storage. Encryption is well-known technique, but the TPM makes it stronger by storing keys in protected hardware storage. Machine authentication is a core principle that allows clouds to authenticate to a known machine to provide this machine and user a higher level of service as the machine is known and authenticated.
  • Issues in cloud computing

    2. 2. Flow of presentation : <ul><li>Introduction </li></ul><ul><li>Security issues </li></ul><ul><li>Data issues </li></ul><ul><li>Performance issues </li></ul><ul><li>Energy related issues </li></ul><ul><li>Bandwidth related issues </li></ul><ul><li>Fault tolerance </li></ul><ul><li>Conclusion </li></ul>
    3. 3. WHAT IS CLOUD COMPUTING? <ul><li>Cloud computing means using multiple server computers via a digital network, as though they were one computer. </li></ul><ul><li>We can say , it is a new computing paradigm, involving data and/or computation outsourcing, with </li></ul><ul><li>– Infinite and elastic resource scalability </li></ul><ul><li>– On demand “just-in-time” provisioning </li></ul><ul><li>– No upfront cost … pay-as-you-go </li></ul><ul><li>The name cloud computing was inspired by the cloud symbol that's often used to represent the Internet in flowcharts and diagrams. </li></ul>
    4. 4. BENEFITS <ul><li>Traditionally, without a cloud, a web server runs as a single computer or a group of privately owned computers </li></ul><ul><li>If the computer's website or web application suddenly becomes more popular, and the amount of requests are far more than the web server can handle, the response time of the requested pages will be increased due to overloading. On the other hand, in times of low load much of the capacity will go unused. </li></ul><ul><li>If the website, service, or web application is hosted in a cloud, however, additional processing and compute power is available from the cloud provider. </li></ul><ul><li>If the website suddenly becomes more popular, the cloud can automatically direct more individual computers to work to serve pages for the site, and more money is paid for the extra usage. If it becomes unpopular, however, the amount of money due will be less. Cloud computing is popular for its pay-as-you-go pricing model. </li></ul>
    5. 5. <ul><li>In the past computing task there were not possible without the installation of application software on a user's computer. A user bought a license for each application from a software vendor and obtained the right to install the application on one computer system. </li></ul><ul><li>With the development of local area networks (LAN) and more networking capabilities, the client-server model of computing was born, where server computers with enhanced capabilities and large storage devices could be used to host application services and data for a large workgroup.  </li></ul>
    6. 6. Difference between client-server and cloud computing : <ul><li>Typically, in client-server computing, a network-friendly client version of the application is required on client computers which utilized the client system's memory and CPU for processing. even though resultant application data files were stored centrally on the data servers. Multiple user licenses of an application were purchased for use by many users on a network. </li></ul><ul><li>Cloud computing differs from the classic client-server model by providing applications from a server that are executed and managed by a client's web browser, with no installed client version of an application required. </li></ul>
    7. 7. Architecture The two most significant components of cloud computing architecture are known as the front end & the back end .
    8. 8. <ul><li>The front end is the part seen by the client, i.e., the computer user. This includes the client’s network (or computer) and the applications used to access the cloud via a user interface such as a web browser. </li></ul><ul><li>The back end of the cloud computing architecture is the cloud itself, comprising various computers, servers and data storage devices. </li></ul><ul><li>Cloud architecture, the systems architecture of the software systems involved in the delivery of cloud computing, typically involves multiple cloud components communicating with each other over loose coupling mechanism such as messaging queue. </li></ul>
    9. 9. Data storage <ul><li>Cloud storage is a model of networked computer data storage where data is stored on multiple virtual servers, in general hosted by third parties, rather than being hosted on dedicated servers.  </li></ul><ul><li>Hosting companies operate large data centers; and people who require their data to be hosted buy or lease storage capacity from them and use it for their storage needs. </li></ul><ul><li>The data center operators, in the background, virtualizes the resources according to the requirements of the customer and expose them as virtual servers, which the customers can themselves manage. In the physical sense, the resource may span across multiple servers. </li></ul>
    10. 10. Cloud computing services are broadly divided into three categories: <ul><li>Infrastructure as a Service (IaaS) : </li></ul><ul><li>This is the base layer of the cloud stack. It serves as a foundation for the other two layers, for their execution. The keyword behind this stack is Virtualization. </li></ul><ul><li>your application will be executed on a virtual computer (instance). You have the choice of virtual computer, where you can select a configuration of CPU, memory & storage that is optimal for your application. </li></ul><ul><li>The whole cloud infrastructure viz. servers, routers, hardware based load-balancing, firewalls, storage & other network equipments are provided by the IaaS provider. </li></ul><ul><li>Some common examples are Amazon, GoGrid, 3 Tera, etc. </li></ul>
    11. 11. Platform as a Service (PaaS) <ul><li>Here, a layer of software, or development environment is encapsulated & offered as a service, upon which other higher levels of service can be built. </li></ul><ul><li>The customer has the freedom to build his own applications, which run on the provider‟s infrastructure. </li></ul><ul><li>To meet manageability and scalability requirements of the applications, PaaS providers offer a predefined combination of OS and application servers. </li></ul><ul><li>such as LAMP platform (Linux, Apache, MySql and PHP), Google‟s App Engine,, etc are some of the popular PaaS examples </li></ul>
    12. 12. Software as a Service (SaaS) <ul><li>In this model, a complete application is offered to the customer, as a service on demand. A single instance of the service runs on the cloud & multiple end users are serviced. </li></ul><ul><li>On the customers‟ side, there is no need for upfront investment in servers or software licenses, while for the provider, the costs are lowered, since only a single application needs to be hosted & maintained. </li></ul><ul><li>Today SaaS is offered by companies such as Google, Salesforce, Microsoft, etc. </li></ul>
    13. 13. DEPLOYMENT MODELS <ul><li>Private cloud: </li></ul><ul><li>The cloud infrastructure is owned or leased by a single organization and is operated solely for that organization. </li></ul><ul><li>Community cloud: </li></ul><ul><li>The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy). </li></ul><ul><li>Public cloud: </li></ul><ul><li>The cloud infrastructure is owned by an organization selling cloud services to the general public or to a large industry group. </li></ul><ul><li>Hybrid cloud: </li></ul><ul><li>The cloud infrastructure is a composition of two or more clouds that remain unique entities but are bound together by standardized orproprietary technology. </li></ul>
    14. 15. ISSUES IN CLOUD COMPUTING <ul><li>Security issues </li></ul><ul><li>- Physical security </li></ul><ul><li>- Operational security </li></ul><ul><li> - Programmatic security </li></ul><ul><li>Data issues </li></ul><ul><li>- Data backup </li></ul><ul><li>- Data usage </li></ul><ul><li>- Data loss </li></ul><ul><li>- Data integrity </li></ul><ul><li>- Data theft </li></ul>
    15. 16. <ul><li>Performance issue </li></ul><ul><li>Design issues </li></ul><ul><li>- Energy management </li></ul><ul><li>- Novel cloud architectures </li></ul><ul><li>- Software Licensing </li></ul><ul><li>Reliability   </li></ul><ul><li>Legal issuues </li></ul><ul><li>- The Physical Location of your Data </li></ul><ul><li>- Responsibility of your Data </li></ul><ul><li>- Intellectual Property Rights </li></ul>
    16. 17. SECURITY ISSUES <ul><li>Security is generally perceived as a huge issue for the cloud </li></ul><ul><li>The survey found that while 58 percent of the general population and 86 percent of senior business leaders are excited about the potential of cloud computing, more than 90 percent of these same people are concerned about the security, access and privacy of their own data in the cloud. </li></ul><ul><li>There is a possibility where a malicious user can penetrate the cloud by impersonating a legitimate user, there by infecting the entire cloud thus affecting many customers who are sharing the infected cloud. </li></ul>
    17. 18. Security Is the Major Challenge
    18. 19. <ul><li>Some of the security problem which is faced by the Cloud computing, </li></ul><ul><li>Data Integrity </li></ul><ul><li>When a data is on a cloud anyone from any location can access those data’s from the cloud. Cloud does not differentiate between a sensitive data from a common data thus enabling anyone to access those sensitive data’s. Thus there is a lack of data integrity in cloud computing </li></ul><ul><li>Data Theft </li></ul><ul><li>Most of the cloud Vendors instead of acquiring a server tries to lease a server from other service providers because they are cost affective and flexible for operation. </li></ul><ul><li>The customer doesn’t know about those things, there is a high possibility that the data can be stolen from the external server by a malicious user. </li></ul>
    19. 20. <ul><li>Security on Vendor level </li></ul><ul><li>Vendor should make sure that the server is well secured from all the external threats it may come across. A Cloud is good only when there is a good security provided by the vendor to the customers. </li></ul><ul><li>Security on User level </li></ul><ul><li>Even though the vendor has provided a good security layer for the customer, the customer should make sure that because of its own action, there shouldn’t be any loss of data or tampering of data for other users who are using the same Cloud. </li></ul><ul><li>Information Security </li></ul><ul><li> Security related to the information exchanged between different hosts or between hosts and users. This issues pertaining to secure communication , authentication , and issues concerning single sign on and delegation . </li></ul>
    20. 21. THERE MAY BE <ul><li>Physical security : </li></ul><ul><li>- Physical location of data centers; protection of data centers against disaster and intrusion. </li></ul><ul><li>How much safe is data from Natural disaster? </li></ul><ul><li>- Data can be redundantly store in multiple physical location. </li></ul><ul><li>- Physical location should be distributed across world. </li></ul><ul><li>Data Location </li></ul><ul><li>- When user use the cloud, user probably won't know exactly where your data is hosted, what country it will be stored in? </li></ul>
    21. 22. <ul><li>Traditional Security </li></ul><ul><li>- These concerns involve computer and network intrusions or attacks that will be made possible or at least easier by moving to the cloud. </li></ul><ul><li>Concerns in this category include: </li></ul><ul><li>Authentication and Authorization : </li></ul><ul><li>- The enterprise authentication and authorization framework does not naturally extend into the cloud. How does a company meld its existing framework to include cloud resources? Furthermore, how does an enterprise merge cloud security data (if even available) with its own security metrics and policies? </li></ul><ul><li>VM-level attacks. </li></ul><ul><li>- Potential vulnerabilities in the VM technology used by cloud vendors are a potential problem in multi-tenant architectures. </li></ul>
    22. 23. <ul><li>Third-party data control </li></ul><ul><li>Cloud computing facilitates storage of data at a remote site to maximize resource utilization. As a result, it is critical that this data be protected and only given to authorized individuals. </li></ul><ul><li>This essentially amounts to secure third party publication of data that is necessary for data outsourcing, as well as external publications. </li></ul><ul><li>The legal implications of data and applications being held by a third party are complex and not well understood. There is also a potential lack of control and transparency when a third party holds the data. </li></ul><ul><li>All this is prompting some companies to build private clouds to avoid these issues and yet retain some of the advantages of cloud computing. </li></ul>
    23. 24. Operational security <ul><li>Who has access? </li></ul><ul><li>- Access control is a key concern, because insider attacks are a huge risk. A potential hacker is someone who has been entrusted with approved access to the cloud. </li></ul><ul><li>- Anyone considering using the cloud needs to look at who is managing their data and what types of controls are applied to these individuals. </li></ul><ul><li>What type of training does the provider offer their customers ? </li></ul><ul><li>- This is actually a rather important item, because people will always be the weakest link in security. Knowing how your provider trains their customers is an important item to review. </li></ul>
    24. 25. <ul><li>What is the long-term viability of the provider? </li></ul><ul><li>- How long has the cloud provider been in business and what is their track record. If they go out of business, what happens to your data? Will your data be returned, and if so, in what format? </li></ul><ul><li>What is the disaster recovery/business continuity plan ? </li></ul><ul><li>- While you may not know the physical location of your services, it is physically located somewhere. All physical locations face threats such as storms, natural disasters, and loss of power. </li></ul><ul><li>- In case of any of these events, how will the cloud provider respond, and what guarantee of continued services are they promising? </li></ul>
    25. 26. Cloud Computing Attacks <ul><li>As more companies move to cloud computing, look for hackers to follow. Some of the potential attack vectors criminals may attempt include: </li></ul><ul><li>Denial of Service (DoS) attacks </li></ul><ul><li>- Some security professionals have argued that the cloud is more vulnerable to DoS attacks, because it is shared by many users, which makes DoS attacks much more damaging. </li></ul><ul><li>- Twitter suffered a devastating DoS attack during 2009. </li></ul><ul><li>Side Channel attacks </li></ul><ul><li>– An attacker could attempt to compromise the cloud by placing a malicious virtual machine in close proximity to a target cloud server and then launching a side channel attack. </li></ul>
    26. 27. <ul><li>Authentication attacks </li></ul><ul><li>– Authentication is a weak point in hosted and virtual services and is frequently targeted. There are many different ways to authenticate users; for example, based on what a person knows, has, or is. </li></ul><ul><li>- The mechanisms used to secure the authentication process and the methods used are a frequent target of attackers. </li></ul><ul><li>Man-in-the-middle cryptographic attacks </li></ul><ul><li>– This attack is carried out when an attacker places himself between two users. Anytime attackers can place themselves in the communication’s path, there is the possibility that they can intercept and modify communications. </li></ul>
    27. 28. <ul><li>AUTHENTICATION </li></ul><ul><li>In the cloud environment, authentication and access control are more important than ever since the cloud and all of its data are accessible to anyone over the Internet. The TPM(see note) can easily provide stronger authentication than username and passwords. </li></ul><ul><li>When a user is fired or reassigned, the customer’s identity management system can notify the cloud provider in real-time so that the user’s cloud access can be modified or revoked within second. </li></ul><ul><li>If the fired user is logged into the cloud, they can be immediately disconnected. Trusted Computing enables authentication of client PCs and other devices, which also is critical to ensuring security in cloud computing. </li></ul>
    28. 29. key guidelines :- <ul><li>Carefully plan the security and privacy aspects of cloud computing solutions before engaging them . </li></ul><ul><li>Planning helps to ensure that the computing environment is as secure as possible and is in compliance with all relevant Organizational policies and that data privacy is maintained. </li></ul><ul><li>To maximize effectiveness and minimize costs, security and privacy must be considered from the initial planning stage at the start of the systems development life cycle. </li></ul><ul><li>Attempting to address security after implementation and deployment is not only much more difficult and expensive, but also more risky. </li></ul>
    29. 30. <ul><li>Understand the cloud computing environment offered by the cloud provider and ensure that a cloud computing solution satisfies organizational security and privacy requirements. </li></ul><ul><li>Cloud providers are generally not aware of a specific organization’s security and privacy needs. </li></ul><ul><li>Organizations should require that any selected public cloud computing solution is configured, deployed, and managed to meet their security, privacy, and other requirements. </li></ul><ul><li>Critical data and applications may require an agency to undertake a negotiated service agreement in order to use a public cloud. </li></ul><ul><li>Other alternatives include cloud computing environments with a more suitable deployment model, such as a private cloud, which offers an organization greater oversight and control over security and privacy. </li></ul>
    30. 31. <ul><li>Ensure that the client-side computing environment meets organizational security and privacy requirements for cloud computing. </li></ul><ul><li>Cloud computing encompasses both a server and a client side . </li></ul><ul><li>Maintaining physical and logical security over clients can be troublesome, especially with embedded mobile devices such as smart phones. </li></ul><ul><li>Built-in security mechanisms often go unused or can be overcome or circumvented without difficulty by a knowledgeable party to gain control over the device. </li></ul><ul><li>Because of their ubiquity, Web browsers are a key element for client-side access to cloud computing services. Clients may also entail small lightweight applications that run on desktop and mobile devices to access services. </li></ul><ul><li>The various available plug-ins and extensions for Web browsers are notorious for their security problems. Many browser add-ons also do not provide automatic updates, increasing the persistence of any existing vulnerabilities. </li></ul>
    31. 32. Maintain accountability over the privacy and security of data and applications implemented and deployed in public cloud computing environments <ul><li>Organizations should employ appropriate security management practices and controls over cloud computing. Strong management practices are essential for operating and maintaining a secure cloud computing solution. </li></ul><ul><li>Establishing a level of confidence about a cloud service environment depends on the ability of the cloud provider to provision the security controls necessary to protect the organization’s data and applications. </li></ul>
    32. 33. Server-Side Protection. <ul><li>Virtual servers and applications, need to be secured both physically and logically. </li></ul><ul><li>organizational policies and procedures, hardening of the operating system and applications should occur to produce virtual machine images for deployment. </li></ul><ul><li>Care must also be taken to provision security for the virtualized environments in which the images run. </li></ul><ul><li>virtual firewalls can be used to isolate groups of virtual machines from other hosted groups, such as production systems from development systems or development systems from other cloud-resident systems </li></ul><ul><li>Carefully managing virtual machine images is also important to avoid accidentally deploying images under development or containing vulnerabilities. </li></ul>
    33. 34. <ul><li>Some issues and the precautions that apply as a set of recommendations for organizations to follow when planning, reviewing, negotiating, or initiating a public cloud service outsourcing arrangement. </li></ul><ul><li>Governance : </li></ul><ul><li>Extend organizational practices pertaining to the policies, procedures, and standards used for application development and service provisioning in the cloud, as well as the design, implementation, testing, and monitoring of deployed or engaged services. </li></ul><ul><li>Put in place audit mechanisms and tools to ensure organizational practices are followed throughout the system lifecycle. </li></ul><ul><li>Compliance : </li></ul><ul><li>Understand the various types of laws and regulations that impose security and privacy obligations on the organization. </li></ul><ul><li>Review and assess the cloud provider’s offerings with respect to the organizational requirements to be met and ensure that the contract terms adequately meet the requirements. </li></ul>
    34. 35. <ul><li>Data Protection : </li></ul><ul><li>Evaluate the suitability of the cloud provider’s data management solutions for the organizational data concerned. </li></ul><ul><li>Availability : </li></ul><ul><li>Ensure that during an intermediate or prolonged disruption or a serious disaster, critical operations can be immediately resumed and that all operations can be eventually reinstituted in a timely and organized manner. </li></ul><ul><li>Trust : </li></ul><ul><li>Incorporate mechanisms into the contract that allow visibility into the security and privacy controls and processes employed by the cloud provider, and their performance over time. </li></ul><ul><li>Institute a risk management program that is flexible enough to adapt to the continuously evolving and shifting risk landscape. </li></ul><ul><li>Identity and Access </li></ul><ul><li>Management Ensure that adequate safeguards are in place to secure authentication, authorization, and other identity and access management functions. </li></ul>
    35. 36. DATA ISSUES <ul><li>Data Loss :- </li></ul><ul><li>Data loss is a very serious problem in Cloud computing. If the vendor closes due to financial or legal problems there will be a loss of data for the customers. The customers won’t be able to access those data’s because data is no more available for the customer as the vendor shut down. </li></ul><ul><li>Data Location :- </li></ul><ul><li>When it comes to location of the data nothing is transparent even the customer don’t know where his own data’s are located. The Vendor does not reveal where all the data’s are stored. The Data’s won’t even be in the same country of the Customer, it might be located anywhere in the world. </li></ul>
    36. 37. <ul><li>Data Lock-In :- </li></ul><ul><li>Software stacks have improved interoperability among platforms, but the APIs for Cloud Computing itself are still essentially proprietary, or at least have not been the subject of active standardization. </li></ul><ul><li>Thus, customers cannot easily extract their data and programs from one site to run on another. </li></ul><ul><li>For example, an online storage service called The Linkup shut down on August 8, 2008 after losing access as much as 45% of customer data [12]. The Linkup, in turn, had relied on the online storage service Nirvanix to store customer data, and now there is finger pointing between the two organizations as to why customer data was lost. </li></ul><ul><li>The obvious solution is to standardize the APIs so that a SaaS developer could deploy services and data across multiple Cloud Computing providers so that the failure of a single company would not take all copies of customer data with it. </li></ul>
    37. 38. <ul><li>Data segregation :- </li></ul><ul><li>  Data in the cloud is typically stored in a shared environment whereby one customer’s data is stored alongside another customer’s data. hence it is difficult to assure data segregation. </li></ul><ul><li>  customers should review the cloud vendor’s architecture to ensure proper data segregation is available and that data leak prevention (DLP) measures are in place. </li></ul><ul><li>Nearly all service providers now support SSL(secure socket layer-protocol) connections to ensure that the provider is encrypting the data traversing the network. </li></ul><ul><li>When the service provider provides encryption for the consumer’s data, the consumer should be concerned with the protocols and implementation of the encryption system, as these two factors dictate the effectiveness of the encryption system. </li></ul>
    38. 39. <ul><li>Data Confidentiality and Auditability :- </li></ul><ul><li>Current cloud offerings are essentially public (rather than private) networks, exposing the system to more attacks. </li></ul><ul><li>Auditability could be added as an additional layer beyond the reach of the virtualized guest OS (or virtualized application environment), providing facilities arguably more secure than those built into the applications themselves and centralizing the software responsibilities related to confidentiality and auditability into a single logical layer. </li></ul><ul><li>Data integrity and data theft :- </li></ul><ul><li>(as we have shown it as a part of security issues) </li></ul>
    39. 40. <ul><li>Deletion of data :- </li></ul><ul><li>An essential point is that data that has to be deleted by the user because he or she no longer needs it or may no longer process it for another reason is also deleted by the provider and no more copies of data are available.  </li></ul><ul><li>This can lead to problems, in particular in connection with backups that are created by the provider if these contain data belonging to a number of his customers and targeted deletion of individual data items proves financially unreasonable or technically inappropriate in terms of feasibility. </li></ul><ul><li> Data deletion is also of prime importance when terminating the contract with the provider. </li></ul>
    40. 41. <ul><li>Restitution of data :- Upon termination of the contract, the orderly return of data to the user has to be ensured. This requires sufficiently long periods of notice for the user to be able to take the necessary measures to ensure the availability and constant further processing of data after termination of the contract. The form in which the data is to be delivered to the user by the provider must also be ascertained. </li></ul><ul><li>Service level agreements :- According to the purpose for which the data is processed it is important to agree on binding service levels for availability and data recovery and if necessary, safeguarded by supporting fixed penalties in the event of non-compliance with the agreed service levels. </li></ul>
    41. 42. Topics covered till now… <ul><li>Introduction </li></ul><ul><li>Types of services and architecture </li></ul><ul><li>Security issues </li></ul><ul><li>Data related issues </li></ul>
    42. 43. Topics will be covered… <ul><li>Performance issues </li></ul><ul><li>Bandwidth related issues </li></ul><ul><li>Cloud interoperability </li></ul><ul><li>Energy related issues </li></ul><ul><li>Fault tolerance </li></ul><ul><li>Conclusion </li></ul>
    43. 44. PERFOMANCE ISSUES <ul><li>WHY PERFOMANCE ? </li></ul><ul><li>Poor application performance causes companies to lose customers, </li></ul><ul><li>reduce employee productivity, and reduce bottom line revenue. </li></ul><ul><li>Application crashes due to poor performance cost money and impact morale. If applications cannot adequately perform during an increase in traffic, businesses lose customers and revenue </li></ul><ul><li>Sluggish access to data, applications, and Web pages frustrates </li></ul><ul><li>employees and customers alike, and some performance problems and bottlenecks can even cause application crashes and data losses. </li></ul><ul><li>Positive employee productivity relies on solid and reliable application performance to complete work accurately and quickly. </li></ul>
    44. 45. <ul><li>In general the issues may be… </li></ul><ul><li>Poor application performance or application hang-ups : </li></ul><ul><li>Usually the application is starved for RAM or CPU cycles, and faster processors or more RAM is added. </li></ul><ul><li>Slow access to applications and data : </li></ul><ul><li>Bandwidth is usually the cause, and the most common solution is to add faster network connections. </li></ul><ul><li>When companies or cloud vendors take the simplistic “more hardware solves the problem” approach to cloud performance, they waste money. </li></ul><ul><li>Hence, Adding virtual machines may be a short-term solution to the problem, but adding machines is a manual task. If a company experiences a sudden spike in traffic, how quickly will the vendor notice the spike and assign a technician to provision more resources to the account? </li></ul>
    45. 46. <ul><li>Storage, CPU, memory, and network bandwidth all come into play at various times during typical application use. </li></ul><ul><li>For example, Application switching places demands on the CPU as one application is closed, flushed from the registers, and another application is loaded. If these applications are large and complex, they put a greater demand on the CPU. </li></ul><ul><li>Serving files from the cloud to connected users stresses a number of </li></ul><ul><li>resources, including disk drives, drive controllers, and network </li></ul><ul><li>connections when transferring the data from the cloud to the user. </li></ul><ul><li>Therefore, one of the most common and costly responses to scaling issues by vendors is to over-provision customer installations to accommodate a wide range of performance issues. </li></ul>
    46. 47. <ul><li>To system performance through hardware and software throughput gains is defeated when a system is swamped by multiple, simultaneous demands. </li></ul><ul><li>That 10 gigabit pipe slows considerably when it serves hundreds of requests rather than a dozen. The only way to restore higher effective throughput and performance in such a “swamped resources” scenario is to scale – add more of the resource that is overloaded. </li></ul><ul><li>Horizontal and Vertical Scalability : </li></ul><ul><li>When increasing resources on the cloud to restore or improve </li></ul><ul><li>application performance, administrators can scale either horizontally </li></ul><ul><li>(out) or vertically (up), depending on the nature of the resource </li></ul><ul><li>constraint. </li></ul>
    47. 48. <ul><li>VERTICAL SCALING : </li></ul><ul><li>Vertical scaling (up) entails adding more resources to the </li></ul><ul><li>same computing pool. -- for example, adding more RAM, disk, to handle an increased application load. </li></ul><ul><li> Vertical scaling can handle most sudden, temporary </li></ul><ul><li>peaks in application demand on cloud infrastructures since they are not </li></ul><ul><li>typically CPU intensive tasks. </li></ul><ul><li>HORIZONTAL SCALING : </li></ul><ul><li>Horizontal scaling (out) requires the addition of more machines </li></ul><ul><li>devices to the computing platform to handle the increased demand </li></ul><ul><li>Sustained increases in demand, however, require horizontal </li></ul><ul><li>scaling and load balancing to restore and maintain peak performance. </li></ul>
    48. 49. Administrative and Geographical Scalability <ul><li>While adding computing components or virtual resources is a logical </li></ul><ul><li>means to scale and improve performance, few companies realize that </li></ul><ul><li>the increase in resources may also necessitate an increase in </li></ul><ul><li>administration </li></ul><ul><li>Hence, Companies with critical cloud applications may also consider </li></ul><ul><li>geographical scaling as a means to more widely distribute application </li></ul><ul><li>load demands or as a way to move application access closer to </li></ul><ul><li>dispersed communities of users or customers. </li></ul><ul><li>Geographical scaling may also be necessary in environments where it is impractical to host all data or applications in one central location. </li></ul>
    49. 50. Bandwidth requirement <ul><li>Security concerns have long dominated much of the cloud conversation and caused many companies to deliberate about getting started in the cloud </li></ul><ul><li>But while the focus has been on cloud security, another potential bottlenecks are on the way like – bandwidth requirement. </li></ul><ul><li>Since bandwidth is rarely a problem for companies exploring the cloud in a small way,  But as they start expanding their cloud footprint and running production-oriented applications, data movement takes on a completely different scale. </li></ul><ul><li>As enterprises start to move real workloads out to the cloud look for bandwidth to become top of mind. </li></ul>
    50. 51. The problem arise when… <ul><li>when you have dozens of developers all trying to use cloud resources? </li></ul><ul><li>When you put high-transaction processes in the cloud that need to “talk back” to your data center?  </li></ul><ul><li>When you are trying to move a lot of video or graphics between your business users and the cloud?  </li></ul><ul><li>Hence , Network usage is about to get much more </li></ul><ul><li>demanding, and the traffic will need to flow without bottlenecks (or </li></ul><ul><li>saturating the network) for an organization’s cloud strategy to work. </li></ul>
    51. 52. <ul><li>The scenario in most cloud is, at low load, App Engine will not dedicate much server resource to an application, letting a single server monitor the application. </li></ul><ul><li>When this server is subjected to an extremely heavy load, the single App Engine server appears to make connection and service every request that arrives to an application at least partially, regardless of the number and size. </li></ul><ul><li>In the meantime, it appears to be calling for assistance from the other servers in the cluster in order to distribute the load efficiently. </li></ul><ul><li>This would probably result in a delay in servicing a request for the client. </li></ul><ul><li>According to the Network Performance Frustration Research Report by Dimension Data ,The Internet traffic that includes cloud services of 2015 will be at least 50 times larger than it was in 2006. </li></ul><ul><li>Thus the network growth at these levels will require a dramatic expansion of bandwidth, storage, and traffic management </li></ul>
    52. 53. The proposed solutions are… <ul><li>With the increase of cloud traffic, some cloud service providers direct their client’s traffic to the geographically closest available servers. </li></ul><ul><li>Use of High Speed Edge Routers : - </li></ul><ul><li>Another requirement for traffic problem elimination is installing high-performance, intelligent routers at the edge of the network, through which operators can efficiently manage bandwidth while delivering cloud services over cable infrastructure. </li></ul><ul><li>Edge routers focus on processing large numbers of cloud packets </li></ul><ul><li>with simplified per packet logic. </li></ul>
    53. 54. <ul><li>To be effective edge routers also need to offer support advanced-load balancing to guarantee the optimization of network infrastructure assets. </li></ul><ul><li>There is also a proposed solution to use optical fiber to connect all the nodes to improve bandwidth. But the problem is increase in cost. </li></ul><ul><li>Other problem is that this will not be going to happen globally in near future since replacement of these technologies will cost high and cannot be employed globally in one day. </li></ul><ul><li>So , some cloud vendors applied this technology only for connecting cloud servers and has improve up to some extent </li></ul>
    54. 55. Cloud interoperability <ul><li>There may be situations where an organization or enterprise needs to be able to work with multiple cloud providers. </li></ul><ul><li>Cloud interoperability and the ability to share various types of information between clouds become important in such scenarios. </li></ul><ul><li>This broad area of cloud interoperability is sometimes known as cloud federation. </li></ul><ul><li>&quot;Cloud federation manages consistency and access controls when two or more independent geographically distributed clouds share either authentication, files, computing resources, command and control, or access to storage resources.&quot; </li></ul>
    55. 56. <ul><li>The following are some of the considerations in cloud federation: </li></ul><ul><li>1. An enterprise user wishing to access multiple cloud services would be better served if there were just a single sign-on scheme. This scheme may be implemented through a central trusted authentication server to which all the cloud services interface could be used. </li></ul><ul><li>2. An often-ignored concern for cloud confederation is charging or billing and reconciliation. Management and billing systems need to work together for cloud federation to be a viable option. This reality is underlined by the fact that clouds rely on per-use billing. </li></ul><ul><li>Cloud federation is a relatively new area in cloud computing. It is likely that standards bodies will first need to agree upon a set of requirements before the service interfaces can be defined and subsequently realized.  </li></ul>
    56. 57. ENERGY RELATED ISSUES <ul><li>Cloud computing is rapidly growing in importance as increasing numbers of enterprises and individuals are shifting their workloads to cloud service providers. Services offered by cloud providers such as Amazon, Microsoft, IBM, and Google are implemented on thousands of servers spread across multiple geographically distributed data centers. </li></ul><ul><li>The electricity costs involved in operating a large cloud infrastructure of multiple data centers can be enormous. In fact, cloud service providers often must pay for the peak power they draw, as well as the energy they consume. </li></ul>
    57. 58. <ul><li>Lowering these high operating costs is one of the challenges facing cloud service providers. </li></ul><ul><li>Moreover, there are other crucial problems that arise from high power consumption. Insufficient or malfunctioning cooling system can lead to overheating of the resources reducing system reliability and devices lifetime. </li></ul><ul><li>In addition, high power consumption by the infrastructure leads to substantial carbon dioxide (Co 2 ) emissions contributing to the greenhouse effect. </li></ul>
    58. 59. Solutions :- <ul><li>Geographical distribution of the data centers exposes many opportunities for cost savings due to more energy consumption. </li></ul><ul><li>First, the data centers are often exposed to different electricity markets, meaning that they pay different energy and peak power prices. </li></ul><ul><li>Finally, the data centers may be located in areas with widely different outside temperatures, which have an impact on the amount of cooling energy used. </li></ul>
    59. 60. Solutions :- <ul><li>Geographical distribution of the data centers exposes many opportunities for cost savings due to more energy consumption. </li></ul><ul><li>the data centers are often exposed to different electricity markets, meaning that they pay different energy and peak power prices. </li></ul><ul><li>Finally, the data centers may be located in areas with widely different outside temperatures, which have an impact on the amount of cooling energy used. </li></ul>
    60. 61. <ul><li>Given the different characteristics of the data centers’ energy consumptions, energy prices, and peak power prices, it becomes clear that we can lower operating costs by intelligently placing (distributing) the computational load across the wide area. </li></ul><ul><li>Load distribution policy for distributing client load across multiple data centers to minimize electricity cost. </li></ul><ul><li>To reduce energy consumption and cost, each data center only keeps as many servers active as necessary to service the current workload. </li></ul>
    61. 62. FAULT TOLERANCE <ul><li>Fault Tolerance is one of the key issues of cloud computing. Fault tolerance is concerned with all the techniques necessary to enable a system to tolerate software faults. </li></ul><ul><li>These software faults may or may not manifest themselves during systems operations, but when they do, software fault tolerant techniques should provide the necessary mechanisms of the software system to prevent system failure occurrences. </li></ul><ul><li>Fault tolerance techniques are employed during the procurement, or development, of the software. When a fault occurs, these techniques provide mechanisms to the software system to prevent system failure from occurring </li></ul>
    62. 63. <ul><li>FAULT TOLERANCE POLICIES : </li></ul><ul><li>Fault tolerance (FT) policies can typically be listed into two sets: reactive fault tolerance policies and proactive fault tolerance policies. </li></ul><ul><li>While reactive fault tolerance policies reduces the effect of failures on application execution when the failure effectively occurs; proactive fault tolerance policies keeps applications alive by avoiding failures through preventative measures. </li></ul><ul><li>The principle of proactive action is to avoid clouds from faults, errors and failures by predicting them and proactively replace the suspected components by other correctly working components providing the same function. </li></ul>
    63. 64. <ul><li>There are some approach like. . . </li></ul><ul><li>- Micro reboot techniques </li></ul><ul><li>- Filtering malicious input </li></ul><ul><li>Another approach is HA PROXY. </li></ul><ul><li>HA Proxy stands for High Availability Proxy and is used by companies for load balancing and server fail over in the cloud. Companies do not want their website to go down, or worse, for users to notice the site is down. </li></ul><ul><li>In HA Proxy there is typically a load balancer to distribute the load among a pool of web servers. </li></ul>
    64. 65. <ul><li>Whenever a server goes down it is taken out of the pool until it is once again ready to handle requests. </li></ul><ul><li>HA Proxy has the ability to perform this task by doing periodic health checks on all the servers in a cluster. Even if one of the application servers is not working, users will still have the availability to the application. </li></ul><ul><li>HA Proxy will properly handle the request from users by redirecting them to the second server, giving the impression that all is well. </li></ul><ul><li>It monitors all the flow on the network and also health of different servers whenever any server fails it will redirect user request to another server and inform administrator about that faults. </li></ul>
    65. 66. Conclusion : <ul><li>cloud computing is technology which enables the user to access resources using front end machines , there is no need to install any software. </li></ul><ul><li>It helps in convert CapEx into Opex . But every technology has pros and cons cloud computing has also various issues associated with it. . cloud computing provides many services like PaaS,IaaS,SaaS. </li></ul><ul><li>There are many issues and solutions are highlighted in this topic like security issues, privacy issues, data related issues, energy related issues etc. We are using one of them services like Google docs, Gmail but we do not find such issues related with it. </li></ul>
    66. 67. <ul><li>Hence I conclude that this issues comes consider whenever we consider it with big level companies , they are not going to affect much more as single user. </li></ul><ul><li>Some of the issues like bandwidth problems will not be longer due to technology are increasing and speed will not affect longer. So there are good scope in this field. </li></ul>
    67. 68. <ul><li>THANK YOU…! </li></ul>