SlideShare a Scribd company logo

Cloud Federation: Why It's Important and How It Works

Download as PPTX, PDF
Y
Ybhh

Nothin

Technology
1 of 26
Cloud Federation
Why Cloud Federation? • Capacity Management • Load Balancing • Efficient use of Surplus Resources • Prevention from Power Outages & Failures • Prevention from Vendor Lock-ins • Scaling Data to Other CSPs(Cloud Service Provider)
Why Cloud Federation?
Cloud Federation
Cloud federation Cloud federation manages consistency and access controls when two or more independent geographically distinct Clouds share either authentication, files, computing resources, command and control or access to storage resources.
Federated Cloud • Federated cloud is also called as cloud Federation. • Federation means the union of small parts that do common work. • It is the concept of brining different services offered by various providers under a single platform. • It is a multi-national cloud system that integrates community , private , public clouds into scalable computing platform. • It is the deployment and management of multiple external and internal cloud computing services to match business needs.
Cloud federation • It is the practice of interconnecting the cloud computing environments of two or more service providers for the purpose of load balancing traffic and accommodating spikes in demand. • It requires one provider to wholesale or rent computing resources to another cloud provider. • Those resources become a temporary or permanent extension of the buyer’s cloud computing environment, depending on the specific federation agreement between providers.
Federation in the Cloud • One challenge in creating and managing a globally centralized cloud computing environment is maintaining consistent connectivity between untrusted components while remaining fault-tolerant. • A key opportunity for the emerging cloud industry will be in defining a federated cloud ecosystem by connecting multiple cloud providers using a common standard
Federation in the Cloud • A notable research project being conducted by Microsoft, called the Geneva Framework, focuses on issues involved in cloud federation. • Many believe that those barriers can be overcome by eXtensible Messaging and Presence Protocol(XMPP), also called Jabber, as the protocol that will fuel the Software – as – a – Service(SaaS) models of tomorrow. • Google, Apple, AOL,IBM,Livejournal, and Jive have all incorporated this protocol into their cloud-based solutions in the last few years.
• XMPP’s advantage: – It is decentralized, meaning anyone may set up an XMPP server. – It is based on open standards – It is mature – multiple implementations of client and servers exist – Robust security is supported via Simple Authentication and Security Layer(SASL) and Transport Layer Security(TLS) – It is flexible and designed to be extended.
Federation in the Cloud • XMPP is good fit for cloud computing because – It allows for easy two way communication – It eliminates the need for polling – It has rich publish subscribe(pub-sub) functionality built in – It is XML-based and easily extensible, perfect for both new IM features and custom cloud services. – It is efficient and has been proven to scale to millions of concurrent users on a single service(such as Google’s Gtalk) – It also has a built-in world wide federation model
Cloud Federation Stack
Four levels of Federation • Permissive federation • Verified federation • Encrypted federation • Trusted federation
Permissive federation • Permissive federation occurs when server accepts a connection from a peer network server without verifying its identity using DNS lookups or certificate checking. • The lack of verification or authentication may lead to domain spoofing( the unauthorized use of a third-party domain name in an email message in order to pretend to be someone else), which opens the door to widespread spam and other abuses. • With the release of the open source jabbered 1.2 server in October 2000, which included support for the Server Dialback protocol( fully supported in Jabber XCP), permissive federation met its demise on the XMPP network.
Verified federation • This type of federation occurs when a server accepts a connection from a peer after the identity of the peer has been verified. • It uses information obtained via DNS and by means of domain-specific keys exchanged beforehand • The connection is not encrypted, and the use of identity verification effectively prevents domain spoofing • To make this work, federation requires proper DNS setup, and that is still subject to DNS poisoning attacks • Verified federation has been the default service policy on the open XMPP since the release of the open-source jabbered 1.2 server.
Encrypted Federation • In this mode, a server accepts a connection from peer if and only if the peer supports Transport Layer Security(TLS) as defined for XMPP in Request for Comments(RFC) 3920 • The peer must present a digital certificate • The certificate may be self-signed , but this prevents using mutual authentication • If this is the case, both parties proceed to weakly verify identity using Server Dialback • XEP-0220 defines the Server Dialback protocol, which is used between XMPP servers to provide identity verfication.
Encrypted federation • Server Dialback uses the DNS as the basis for verifying identity; the basic approach is that when a receiving server receives a server to server connection request from an originating server, it does not accept the request until it has verified a key with an authoritative server for the domain asserted by the originating server. • Although Server Dialback does not provide strong authentication or trusted federation, and although it is subject to DNS poisoning attacks, it has effectively prevented most instances of address spoofing on the XMPP network since its release in 2000 • This results in an encryp ted connection with weak identity verification
Trusted federation • Here, a server accepts a connection from peer only under the stipulation that the peer supports TLS and the peer can present a digital certificate issued by a root certification authority(CA) that is trusted by the authenticating server. • The list of trusted root CA s may be determined by one or more factors, such as the operating system, XMPP server software, or local service policy. • In trusted federation, the use of digital certificates results not only in a channel encryption but also in strong authentication • The use of trusted domain certtificates effectively prevents DNS poisoning attacks but makes federation more difficult, since such certificates have traditionally not been easy to obtain.
Cloud Federation: Why It's Important and How It Works
Cloud Federation: Why It's Important and How It Works
Cloud Federation: Why It's Important and How It Works
Cloud Federation: Why It's Important and How It Works
Cloud Federation: Why It's Important and How It Works
Cloud Federation: Why It's Important and How It Works
Cloud Federation: Why It's Important and How It Works
Cloud Federation: Why It's Important and How It Works

Recommended

Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
CS8791 Unit 2 Cloud Enabling Technologies
CS8791 Unit 2 Cloud Enabling TechnologiesCS8791 Unit 2 Cloud Enabling Technologies
CS8791 Unit 2 Cloud Enabling Technologieskarthikajegadeesan
 
Comet Cloud
Comet CloudComet Cloud
Comet Cloudpradeepas7
 
Migration into a Cloud
Migration into a CloudMigration into a Cloud
Migration into a CloudDivya S
 
Unit 4
Unit 4Unit 4
Unit 4Ravi Kumar
 
Eucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaEucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaAmar Myana
 
CLOUD COMPUTING UNIT-5 NOTES
CLOUD COMPUTING UNIT-5 NOTESCLOUD COMPUTING UNIT-5 NOTES
CLOUD COMPUTING UNIT-5 NOTESTushar Dhoot
 
What is Virtualization and its types & Techniques.What is hypervisor and its ...
What is Virtualization and its types & Techniques.What is hypervisor and its ...What is Virtualization and its types & Techniques.What is hypervisor and its ...
What is Virtualization and its types & Techniques.What is hypervisor and its ...Shashi soni
 

Recommended

Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
CS8791 Unit 2 Cloud Enabling Technologies
CS8791 Unit 2 Cloud Enabling TechnologiesCS8791 Unit 2 Cloud Enabling Technologies
CS8791 Unit 2 Cloud Enabling Technologieskarthikajegadeesan
 
Comet Cloud
Comet CloudComet Cloud
Comet Cloudpradeepas7
 
Migration into a Cloud
Migration into a CloudMigration into a Cloud
Migration into a CloudDivya S
 
Unit 4
Unit 4Unit 4
Unit 4Ravi Kumar
 
Eucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaEucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaAmar Myana
 
CLOUD COMPUTING UNIT-5 NOTES
CLOUD COMPUTING UNIT-5 NOTESCLOUD COMPUTING UNIT-5 NOTES
CLOUD COMPUTING UNIT-5 NOTESTushar Dhoot
 
What is Virtualization and its types & Techniques.What is hypervisor and its ...
What is Virtualization and its types & Techniques.What is hypervisor and its ...What is Virtualization and its types & Techniques.What is hypervisor and its ...
What is Virtualization and its types & Techniques.What is hypervisor and its ...Shashi soni
 
Communication in Distributed Systems
Communication in Distributed SystemsCommunication in Distributed Systems
Communication in Distributed SystemsDilum Bandara
 
Deployment Models of Cloud Computing.pptx
Deployment Models of Cloud Computing.pptxDeployment Models of Cloud Computing.pptx
Deployment Models of Cloud Computing.pptxJaya Silwal
 
Unit5 Cloud Federation,
Unit5 Cloud Federation,Unit5 Cloud Federation,
Unit5 Cloud Federation,Integral university, India
 
Virtual machine security
Virtual machine securityVirtual machine security
Virtual machine securityJacob Zvirikuzhe
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureThanakrit Lersmethasakul
 
Coda file system
Coda file systemCoda file system
Coda file systemSneh Pahilwani
 
Distributed Server
Distributed ServerDistributed Server
Distributed ServerRajan Kumar
 
Replication in Distributed Systems
Replication in Distributed SystemsReplication in Distributed Systems
Replication in Distributed SystemsKavya Barnadhya Hazarika
 
Third party cloud services cloud computing
Third party cloud services cloud computingThird party cloud services cloud computing
Third party cloud services cloud computingSohailAliMalik
 
Distributed Coordination-Based Systems
Distributed Coordination-Based SystemsDistributed Coordination-Based Systems
Distributed Coordination-Based SystemsAhmed Magdy Ezzeldin, MSc.
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security ChallengesYateesh Yadav
 
Synchronization in distributed systems
Synchronization in distributed systems Synchronization in distributed systems
Synchronization in distributed systems SHATHAN
 
Characteristics of cloud computing
Characteristics of cloud computingCharacteristics of cloud computing
Characteristics of cloud computingGOVERNMENT COLLEGE OF ENGINEERING,TIRUNELVELI
 
Common Standards in Cloud Computing
Common Standards in Cloud ComputingCommon Standards in Cloud Computing
Common Standards in Cloud Computingmrzahidfaiz.blogspot.com
 
Publish subscribe model overview
Publish subscribe model overviewPublish subscribe model overview
Publish subscribe model overviewIshraq Al Fataftah
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing ArchitectureAnimesh Chaturvedi
 
Concurrency Control in Distributed Database.
Concurrency Control in Distributed Database.Concurrency Control in Distributed Database.
Concurrency Control in Distributed Database.Meghaj Mallick
 
Cloud Computing and Data Centers
Cloud Computing and Data CentersCloud Computing and Data Centers
Cloud Computing and Data Centersbega karadza
 
Block Level and File Level
Block Level and File LevelBlock Level and File Level
Block Level and File LevelIntegral university, India
 
Fault tolerance in distributed systems
Fault tolerance in distributed systemsFault tolerance in distributed systems
Fault tolerance in distributed systemssumitjain2013
 
Citrix Day 2014: NetScaler 10.5
Citrix Day 2014: NetScaler 10.5Citrix Day 2014: NetScaler 10.5
Citrix Day 2014: NetScaler 10.5Digicomp Academy AG
 
Proxy servers
Proxy serversProxy servers
Proxy serversKumar
 

More Related Content

What's hot

Communication in Distributed Systems
Communication in Distributed SystemsCommunication in Distributed Systems
Communication in Distributed SystemsDilum Bandara
 
Deployment Models of Cloud Computing.pptx
Deployment Models of Cloud Computing.pptxDeployment Models of Cloud Computing.pptx
Deployment Models of Cloud Computing.pptxJaya Silwal
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureThanakrit Lersmethasakul
 
Distributed Server
Distributed ServerDistributed Server
Distributed ServerRajan Kumar
 
Third party cloud services cloud computing
Third party cloud services cloud computingThird party cloud services cloud computing
Third party cloud services cloud computingSohailAliMalik
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security ChallengesYateesh Yadav
 
Synchronization in distributed systems
Synchronization in distributed systems Synchronization in distributed systems
Synchronization in distributed systems SHATHAN
 
Publish subscribe model overview
Publish subscribe model overviewPublish subscribe model overview
Publish subscribe model overviewIshraq Al Fataftah
 
Concurrency Control in Distributed Database.
Concurrency Control in Distributed Database.Concurrency Control in Distributed Database.
Concurrency Control in Distributed Database.Meghaj Mallick
 
Cloud Computing and Data Centers
Cloud Computing and Data CentersCloud Computing and Data Centers
Cloud Computing and Data Centersbega karadza
 
Fault tolerance in distributed systems
Fault tolerance in distributed systemsFault tolerance in distributed systems
Fault tolerance in distributed systemssumitjain2013
 

What's hot (20)

Communication in Distributed Systems
Communication in Distributed SystemsCommunication in Distributed Systems
Communication in Distributed Systems
 
Deployment Models of Cloud Computing.pptx
Deployment Models of Cloud Computing.pptxDeployment Models of Cloud Computing.pptx
Deployment Models of Cloud Computing.pptx
 
Unit5 Cloud Federation,
Unit5 Cloud Federation,Unit5 Cloud Federation,
Unit5 Cloud Federation,
 
Virtual machine security
Virtual machine securityVirtual machine security
Virtual machine security
 
NIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference ArchitectureNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference Architecture
 
Coda file system
Coda file systemCoda file system
Coda file system
 
Distributed Server
Distributed ServerDistributed Server
Distributed Server
 
Replication in Distributed Systems
Replication in Distributed SystemsReplication in Distributed Systems
Replication in Distributed Systems
 
Third party cloud services cloud computing
Third party cloud services cloud computingThird party cloud services cloud computing
Third party cloud services cloud computing
 
Distributed Coordination-Based Systems
Distributed Coordination-Based SystemsDistributed Coordination-Based Systems
Distributed Coordination-Based Systems
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
 
Synchronization in distributed systems
Synchronization in distributed systems Synchronization in distributed systems
Synchronization in distributed systems
 
Characteristics of cloud computing
Characteristics of cloud computingCharacteristics of cloud computing
Characteristics of cloud computing
 
Common Standards in Cloud Computing
Common Standards in Cloud ComputingCommon Standards in Cloud Computing
Common Standards in Cloud Computing
 
Publish subscribe model overview
Publish subscribe model overviewPublish subscribe model overview
Publish subscribe model overview
 
Cloud Computing Architecture
Cloud Computing ArchitectureCloud Computing Architecture
Cloud Computing Architecture
 
Concurrency Control in Distributed Database.
Concurrency Control in Distributed Database.Concurrency Control in Distributed Database.
Concurrency Control in Distributed Database.
 
Cloud Computing and Data Centers
Cloud Computing and Data CentersCloud Computing and Data Centers
Cloud Computing and Data Centers
 
Block Level and File Level
Block Level and File LevelBlock Level and File Level
Block Level and File Level
 
Fault tolerance in distributed systems
Fault tolerance in distributed systemsFault tolerance in distributed systems
Fault tolerance in distributed systems
 

Similar to Cloud Federation: Why It's Important and How It Works

Proxy servers
Proxy serversProxy servers
Proxy serversKumar
 
98 366 mva slides lesson 6
98 366 mva slides lesson 698 366 mva slides lesson 6
98 366 mva slides lesson 6suddenven
 
Attribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud SecurityAttribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud SecurityMphasis
 
Demystifying SharePoint Infrastructure – for NON-IT People
Demystifying SharePoint Infrastructure – for NON-IT People Demystifying SharePoint Infrastructure – for NON-IT People
Demystifying SharePoint Infrastructure – for NON-IT People SPC Adriatics
 
Network security chapter 6 and 7 internet architecture
Network security chapter 6 and 7 internet architectureNetwork security chapter 6 and 7 internet architecture
Network security chapter 6 and 7 internet architectureMuhammad ismail Shah
 
An introduction to AWS Direct Connect
An introduction to AWS Direct ConnectAn introduction to AWS Direct Connect
An introduction to AWS Direct ConnectJulien SIMON
 
Fallsem2021 22 ita2012-eth_vl2021220101938_reference_material_i_06-aug-2021_m...
Fallsem2021 22 ita2012-eth_vl2021220101938_reference_material_i_06-aug-2021_m...Fallsem2021 22 ita2012-eth_vl2021220101938_reference_material_i_06-aug-2021_m...
Fallsem2021 22 ita2012-eth_vl2021220101938_reference_material_i_06-aug-2021_m...DineshKumar746335
 
10135 a xb
10135 a xb10135 a xb
10135 a xbBố Su
 
SYN224: Best practices for migrating from Web Interface to StoreFront Services
SYN224: Best practices for migrating from Web Interface to StoreFront ServicesSYN224: Best practices for migrating from Web Interface to StoreFront Services
SYN224: Best practices for migrating from Web Interface to StoreFront ServicesCitrix
 

Similar to Cloud Federation: Why It's Important and How It Works (20)

Citrix Day 2014: NetScaler 10.5
Citrix Day 2014: NetScaler 10.5Citrix Day 2014: NetScaler 10.5
Citrix Day 2014: NetScaler 10.5
 
Proxy servers
Proxy serversProxy servers
Proxy servers
 
MVA slides lesson 6
MVA slides lesson 6MVA slides lesson 6
MVA slides lesson 6
 
98 366 mva slides lesson 6
98 366 mva slides lesson 698 366 mva slides lesson 6
98 366 mva slides lesson 6
 
6421 b Module-05
6421 b Module-056421 b Module-05
6421 b Module-05
 
Citrix Day 2015 Net Scaler Release 10.5 Update v10
Citrix Day 2015 Net Scaler Release 10.5 Update v10Citrix Day 2015 Net Scaler Release 10.5 Update v10
Citrix Day 2015 Net Scaler Release 10.5 Update v10
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Attribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud SecurityAttribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud Security
 
Cloud Networking
Cloud NetworkingCloud Networking
Cloud Networking
 
Mcse 2012
Mcse 2012Mcse 2012
Mcse 2012
 
Demystifying SharePoint Infrastructure – for NON-IT People
Demystifying SharePoint Infrastructure – for NON-IT People Demystifying SharePoint Infrastructure – for NON-IT People
Demystifying SharePoint Infrastructure – for NON-IT People
 
Vpnppt1884
Vpnppt1884Vpnppt1884
Vpnppt1884
 
applayer.pptx
applayer.pptxapplayer.pptx
applayer.pptx
 
Shradhamaheshwari vpn
Shradhamaheshwari vpnShradhamaheshwari vpn
Shradhamaheshwari vpn
 
Network security chapter 6 and 7 internet architecture
Network security chapter 6 and 7 internet architectureNetwork security chapter 6 and 7 internet architecture
Network security chapter 6 and 7 internet architecture
 
An introduction to AWS Direct Connect
An introduction to AWS Direct ConnectAn introduction to AWS Direct Connect
An introduction to AWS Direct Connect
 
10135 b 13
10135 b 1310135 b 13
10135 b 13
 
Fallsem2021 22 ita2012-eth_vl2021220101938_reference_material_i_06-aug-2021_m...
Fallsem2021 22 ita2012-eth_vl2021220101938_reference_material_i_06-aug-2021_m...Fallsem2021 22 ita2012-eth_vl2021220101938_reference_material_i_06-aug-2021_m...
Fallsem2021 22 ita2012-eth_vl2021220101938_reference_material_i_06-aug-2021_m...
 
10135 a xb
10135 a xb10135 a xb
10135 a xb
 
SYN224: Best practices for migrating from Web Interface to StoreFront Services
SYN224: Best practices for migrating from Web Interface to StoreFront ServicesSYN224: Best practices for migrating from Web Interface to StoreFront Services
SYN224: Best practices for migrating from Web Interface to StoreFront Services
 

Recently uploaded

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

Recently uploaded (20)

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

Cloud Federation: Why It's Important and How It Works

  • 2. Why Cloud Federation? • Capacity Management • Load Balancing • Efficient use of Surplus Resources • Prevention from Power Outages & Failures • Prevention from Vendor Lock-ins • Scaling Data to Other CSPs(Cloud Service Provider)
  • 5. Cloud federation Cloud federation manages consistency and access controls when two or more independent geographically distinct Clouds share either authentication, files, computing resources, command and control or access to storage resources.
  • 6. Federated Cloud • Federated cloud is also called as cloud Federation. • Federation means the union of small parts that do common work. • It is the concept of brining different services offered by various providers under a single platform. • It is a multi-national cloud system that integrates community , private , public clouds into scalable computing platform. • It is the deployment and management of multiple external and internal cloud computing services to match business needs.
  • 7. Cloud federation • It is the practice of interconnecting the cloud computing environments of two or more service providers for the purpose of load balancing traffic and accommodating spikes in demand. • It requires one provider to wholesale or rent computing resources to another cloud provider. • Those resources become a temporary or permanent extension of the buyer’s cloud computing environment, depending on the specific federation agreement between providers.
  • 8. Federation in the Cloud • One challenge in creating and managing a globally centralized cloud computing environment is maintaining consistent connectivity between untrusted components while remaining fault-tolerant. • A key opportunity for the emerging cloud industry will be in defining a federated cloud ecosystem by connecting multiple cloud providers using a common standard
  • 9. Federation in the Cloud • A notable research project being conducted by Microsoft, called the Geneva Framework, focuses on issues involved in cloud federation. • Many believe that those barriers can be overcome by eXtensible Messaging and Presence Protocol(XMPP), also called Jabber, as the protocol that will fuel the Software – as – a – Service(SaaS) models of tomorrow. • Google, Apple, AOL,IBM,Livejournal, and Jive have all incorporated this protocol into their cloud-based solutions in the last few years.
  • 10. • XMPP’s advantage: – It is decentralized, meaning anyone may set up an XMPP server. – It is based on open standards – It is mature – multiple implementations of client and servers exist – Robust security is supported via Simple Authentication and Security Layer(SASL) and Transport Layer Security(TLS) – It is flexible and designed to be extended.
  • 11. Federation in the Cloud • XMPP is good fit for cloud computing because – It allows for easy two way communication – It eliminates the need for polling – It has rich publish subscribe(pub-sub) functionality built in – It is XML-based and easily extensible, perfect for both new IM features and custom cloud services. – It is efficient and has been proven to scale to millions of concurrent users on a single service(such as Google’s Gtalk) – It also has a built-in world wide federation model
  • 13. Four levels of Federation • Permissive federation • Verified federation • Encrypted federation • Trusted federation
  • 14. Permissive federation • Permissive federation occurs when server accepts a connection from a peer network server without verifying its identity using DNS lookups or certificate checking. • The lack of verification or authentication may lead to domain spoofing( the unauthorized use of a third-party domain name in an email message in order to pretend to be someone else), which opens the door to widespread spam and other abuses. • With the release of the open source jabbered 1.2 server in October 2000, which included support for the Server Dialback protocol( fully supported in Jabber XCP), permissive federation met its demise on the XMPP network.
  • 15. Verified federation • This type of federation occurs when a server accepts a connection from a peer after the identity of the peer has been verified. • It uses information obtained via DNS and by means of domain-specific keys exchanged beforehand • The connection is not encrypted, and the use of identity verification effectively prevents domain spoofing • To make this work, federation requires proper DNS setup, and that is still subject to DNS poisoning attacks • Verified federation has been the default service policy on the open XMPP since the release of the open-source jabbered 1.2 server.
  • 16. Encrypted Federation • In this mode, a server accepts a connection from peer if and only if the peer supports Transport Layer Security(TLS) as defined for XMPP in Request for Comments(RFC) 3920 • The peer must present a digital certificate • The certificate may be self-signed , but this prevents using mutual authentication • If this is the case, both parties proceed to weakly verify identity using Server Dialback • XEP-0220 defines the Server Dialback protocol, which is used between XMPP servers to provide identity verfication.
  • 17. Encrypted federation • Server Dialback uses the DNS as the basis for verifying identity; the basic approach is that when a receiving server receives a server to server connection request from an originating server, it does not accept the request until it has verified a key with an authoritative server for the domain asserted by the originating server. • Although Server Dialback does not provide strong authentication or trusted federation, and although it is subject to DNS poisoning attacks, it has effectively prevented most instances of address spoofing on the XMPP network since its release in 2000 • This results in an encryp ted connection with weak identity verification
  • 18. Trusted federation • Here, a server accepts a connection from peer only under the stipulation that the peer supports TLS and the peer can present a digital certificate issued by a root certification authority(CA) that is trusted by the authenticating server. • The list of trusted root CA s may be determined by one or more factors, such as the operating system, XMPP server software, or local service policy. • In trusted federation, the use of digital certificates results not only in a channel encryption but also in strong authentication • The use of trusted domain certtificates effectively prevents DNS poisoning attacks but makes federation more difficult, since such certificates have traditionally not been easy to obtain.