The document outlines the key aspects of cloud service models (SaaS, PaaS, IaaS), focusing on deployment methods, service orchestration, and the interaction between cloud providers and consumers. It emphasizes the importance of service management, security, privacy, and the roles of cloud brokers and auditors in delivering and evaluating cloud services. Additionally, it discusses the need for interoperability, data portability, and effective customer relationship management in cloud environments.

1. MCA –V SEM
Ms. Meenal kakkar

3.  Five major participating actor in cloud
 Important service and their arrangement
 Service model or delivery models of cloud
 Deployment models
 Overall service management
 Portability and interoperability.
 Business support mechanisms
 Security and privacy requirements

6. Cloud Consumer

7. Cloud Provider

8.  For SaaS ,cloud provides deploys, configured, maintain and
update the operation of software applications on a cloud
infrastructure.
 For PaaS , cloud provider manages computing infrastructure
for the platform and run the cloud software that provides the
components of platform, such as runtime software execution
stack, databases and other middleware components.
 For IaaS cloud provider acquire the physical computing
resources underlying the services, including the server,
networks, storage and hosting infrastructure.

9.  Service Orchestration
 Through Service Orchestration, a cloud provider
operates the underlying cloud-service
infrastructure that supports its customers.
 NIST defined service orchestration as “the
composition of system components to support the
Cloud Providers activities in arrangement,
coordination and management of computing
resources in order to provide cloud services to
Cloud Consumers.”

10.  The Service Layer is where the cloud provider
defines the interface between the cloud
consumer and the cloud
 services of the cloud provider. The interface
points are grouped according to the three
service models (SaaS,PaaS, and IaaS).

12.  The layering of the service models in figure 2 indicates the
dependencies between the cloud services.
 In some cases a provider may implement a high-level service
model (i.e., SaaS) by using the interface points defined in the
lower layers.
 For example, SaaS may be built by using components from the
PaaS layer, and run operationally by using resource components
from the IaaS layer (i.e. virtual servers, cloud storage, virtual
firewalls, etc.).
 A real world example of this is Google's cloud offerings. They
offer a variety of SaaS products (Gmail, Google Search,
Google Maps, Google Apps, etc.) by using PaaS components
(Google App Engine) and are run operationally on
Google's cloud IaaS (Google Cloud Platform).

13.  In figure 2, the “angling” of the service models represents
when a cloud provider chooses to provide a service layer
without the support of the lower-layer interface points.
 For example, salesforace.com provides both SaaS
and PaaS products.
The SaaS layer is built by using the well-defined interface
components from the PaaS.
 However, in this case, there is no IaaS layer offered. They
run SaaS directly on the resource abstraction layer
 (hypervisor/virtual storage) with no explicit IaaS
components.

14.  This layer consists of two distinct but related areas:
resource abstraction and control layer. The Resource
Abstraction Layer primarily deals with virtualization.
 The Virtualization Essentials course defines the concept
of virtualization as "a set of techniques for hiding
hardware resources behind software abstractions to
simplify the way other software or end users interact
with those resources."
 This definition highlights the fact that the abstraction
layer “transforms” the hardware resources into software
objects, which make it is easier to manipulate.

15.  The Control Layer provides the resources
management capabilities that allow dynamic
resource allocation, scaling, dynamic
reconfiguration, and dynamic access control.
Commercial products such as vCloud from
VMware, and open source projects such as
OpenStack are prime examples.

16.  The Physical Resource Layer covers all of the traditional
hardware resources that underpin the IT infrastructure.
 This layer consists of physical servers (CPU, memory, bus
architecture), disks and storage arrays, network wiring,
switches, and routers.
 This layer also covers the physical data center facility
components such as heating, ventilation, air conditioning
(HVAC), electrical power, backup generators, and fuel;
 physical control of data centers by IT staff and contractors;
and cabling to outside cloud carriers, phone
communication, etc.

17.  Service deployment
 Service orchestration-: is a programming that manages the
inter connection and interaction among cloud based and on-
premises business unit
 Cloud service management-: cloud service management
tools allow cloud providers to ensure optimal performance,
continuity and efficiency in virtualized, on-demand
environments.
 Security
 privacy

19.  Business Support
 The Business Support processes are
business-oriented and focus on the business
operations of a cloud provider as they relate
to the delivery of cloud services to cloud
consumers. There are six key functions.

20.  Customer Management: This area covers the
activities necessary to manage and maintain the
relationship with the cloud consumer. It deals with
items such as customer accounts, complaints and
issues, customer contact information, history of
customer interactions, etc
 Contract Management: This process focuses on the
management of contracts between the cloud provider
and consumer. This is implemented via Service Level
Agreements (SLAs). Consumers generally pick the
level of SLA that meets their requirements and budget.

21.  Accounting and Billing: This function handles the financial
transactions between the provider and consumer. It generates the
invoices, sends them to the consumer, and collects the revenue.
This function supports the “pay-as-you-go” model as per NIST's
cloud definition.
 Reporting and Auditing: This function monitors, tracks, and
logs activities performed by the consumer, usually through the
management console. This helps to document what cloud
resources the consumer requests, who requested it, and when.
 Pricing and Rating: This process establishes the price points
and tiring for the cloud services of the cloud provider. It ensures
that the cloud provider is competitive by monitoring the
competition's pricing and making adjustments as required. The
cloud provider usually offers discounts or credits to the consumer
based on volume usage.

22.  Provisioning and Configuration: The Provisioning
and Configuration area deals with process activities
that the cloud provider must execute as part of its
internal operations.
 A) Rapid Provisioning: A cloud provider must be able
to quickly respond to varying workload demands. This
includes scaling up as well as scaling down. This must
be fully automated and requires a scriptable, virtualized
infrastructure.

23.  B) Resource Changing: To support rapid elasticity, the
provider must implement changes to its underlying
resources effectively and speedily, primarily through
automation. These changes include replacing broken
components, upgrading components, adding greater
capacity, and reconfiguring existing components.
 C) Monitoring and Reporting:
 Ongoing monitoring of the provider's operations and
cloud infrastructure is critical to ensure effective and
optimal quality of service. The handling and resolution
of events and incidents is ongoing 24 x 7 x 365.

24.  D) SLA Management:
 The cloud provider must ensure that it is meeting its
contractual obligations to its customers. Ongoing
management of SLA targets and operational level
targets are performed to maintain a high quality of
service.

25.  In order for cloud providers to attract customers, they must
make it as easy as possible to migrate existing data or
software to the cloud.
 In addition to alleviating customers' concerns about vendor
lock-in, cloud providers must provide a mechanism that
permits cloud consumers to move easily from one cloud
provider's environment to another, or to migrate cloud
services across several cloud providers to deploy a complex
cloud solution.
 Cloud consumers will not engage with cloud providers that
build their cloud platform on closed, proprietary,
nonstandard conforming technologies and standards

26.  Data Portability:
 A cloud provider must provide a mechanism to move
large amounts of data into and out of the provider's
cloud environment. For example, in a SaaS
environment, the cloud consumer must be able to
upload, in bulk, existing HR records into a HR SaaS
application.

27.  Service Interoperability:
 When a cloud provider adheres to well-known and
accepted technology standards, it is easier for
consumers to develop and deploy cloud solutions that
span across more than one cloud provider's
environment.
 For a cloud consumer, service interoperability delivers
greater disaster recovery resiliency by removing a
single point of failure (i.e. the cloud provider) and
greater resource capacity by spreading the workload
across several providers' IaaS resources.

28.  System Portability:
 This capability enables a consumer to move or migrate
infrastructure resources, like virtual machines and
applications, easily from one cloud provider to another.

29.  The traditional confidentiality-integrity-availability
(CIA) areas of security still need to be addressed in
each of the three service layers (IaaS, PaaS, SaaS).
 For example, an IaaS provider needs to ensure that the
hypervisor is secure and well-configured.
 In a multi-tenant hypervisor environment, the provider
must ensure that one virtual machine cannot be hacked
to acquire permission to another tenant's virtual
machine.

30.  Authentication: Provide a multi-factor authentication
by augmenting username/password credentials with a
Hardware or software.
 Identity management: Provide an effective identify
management solution to manage the consumer
usernames and/or integrate to an in-house system such
as Microsoft Active Directory.

31.  Security monitoring: Provider must have a strong
Intrusion Detection System (IDS)/Intrusion Prevention
System (IPS) tools to track and identify any potential
security issue.
 Incident response: A well-structured security process
to deal with breaches with strong communication
channels is necessary to minimize the impact of any
security incident.

32.  A cloud provider must ensure that consumer data stored
in the cloud environment is protected and private to the
consumer.
 If the cloud provider collects data about the consumer,
or the consumer's activities and behavior patterns, then
they must ensure that the collected data is fully
protected and remains private, and cannot be accessed
by anyone other than the consumer.

33.  A cloud broker is an optional cloud player in the
delivery of cloud services.
 NIST defines a cloud broker as an entity that acts as an
intermediary between the consumer and provider.
 A cloud broker is involved in a cloud service delivery
when a consumer chooses not to directly manage or
operate the usage of a cloud service.
 A cloud broker provides cloud services to a cloud
consumer from single or multiple cloud provider with
less complexity and better ease and quality of
services.

34.  Service Intermediation:
 Service Intermediation is when a broker performs value-add service
on behalf of the consumer.
 For example, in figure , the cloud broker performs some
administrative or management function on behalf of the consumer
for a particular cloud service.
 This value-add service may include activities such as invoice
management, invoice and usage reconciliation, and end-user
account management, etc.
 providing enhancement to a given services , by improving some
specific capabilities and proving itself better value added services in
managing access to cloud services, identify management,
performance and security etc.

35. Figure - Cloud Broker Service Intermediation

36.  Service Aggregation is when a broker integrates two or more
cloud services to provide a complex cloud solution to the
consumer.
 Figure illustrates a cloud service that is composed of three
different cloud provider's services.
 combines and integrates multiple services into one or more
new services. Integration of data is done and security is
provided between consumer and multiple cloud provider.

37. Cloud Broker Service Aggregation

38. Cloud Broker Complex Service Aggregation

39.  Service Arbitrage is when a broker dynamically
selects the best cloud service provider in real time.
 it is similar to service aggregation except that the
services being aggregated are not fixed. Service
arbitrage means broker has flexibility to choose
services from provider, managing lowest possible
costs for services to the consumer.

41.  A cloud Auditor can evaluate the services provided by a cloud
provider in terms of security controls, privacy impacts,
performance etc.
 Auditing is important to make a safety guide or safeguard to
protect the integrity, confidentiality, availability and reliability
of the system and its information.
 Security audit makes an assessment of the security controls in
the information system as well as verification of the
compliance with regulation and security policy.
 Privacy impact audit can help government agencies comply
with applicable privacy laws and regulations governing the
individual privacy.

42.  provides connectivity and transport of cloud services between
cloud consumers and cloud providers (network,
telecommunication, access devices )