The document discusses cloud computing models including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). IaaS provides virtual machines, PaaS provides APIs and building blocks, and SaaS provides software through a web front end. Hybrid cloud models combine public and private clouds. Strong security controls are necessary for all cloud models to process sensitive data while balancing threat exposure and cost effectiveness.

1. @sahnivi
www.vikassahni.com
Cloud 101
Vikas Sahni

2. What‟s Going On?
Ubiquitous wireless broadband
Devices that make it easy to connect to the web
Affordable services
Location Aware services
People Aware services

3. Some old-fashioned stuff…
3
We all take these for granted!

4. Big B to Big B
Started 40 years ago
4

5. Big B to small b
Started 53 years ago
5

6. Big B, small b and C!
6
Started 55 years ago!

7. Computer Centers
7
Since the beginning!

8. So what does „Cloud‟ really mean?
Infinite computing resources on demand
No capital expenditure
Pay for what you use
I pay ONLY for what I use ONLY when I use it with
the ability to SCALE capacity up and down ON
DEMAND
8

9. Available in three flavours
9
Infrastructure
As a Service
• Uses VMs
• Consumer manages, patches
and monitors machines
• Good for Legacy Apps
• Not great for scalability
Platform As
a Service
• Provides APIs
• Building Block Services
• Provider manages VMs
• Requires a migration of apps
• Great opportunity for scalability
Software As
a Service
• Web Front End to Software
• Multi-Tenant
• Logical Separation of data
• Very little customisation
• Commodity

10. The flavours mean…
Source: Microsoft
10

11. SaaS
Issues
Version Control
Multi Tenancy
Latency
Configuration
Data Security
Internal IT
11

12. IaaS
Issues
Provider Existence
Provisioning Time
Upgradation
Location
Bandwidth
Open Protocols
12

13. PaaS
Issues
All of the SaaS issues
All of the IaaS issues
Design Patterns
Test Environment
Roll back
Scaling
13

14. 14
4 Cloud Deployment Models
Private cloud
enterprise owned or leased
Community cloud
shared infrastructure for specific community
Public cloud
Sold to the public, mega-scale infrastructure
Hybrid cloud
composition of two or more clouds

15. 15
Common Cloud Characteristics
Cloud computing often leverages:
Massive scale
Virtualization
Non-stop computing
Free software
Geographic distribution
Service oriented software
Autonomic computing
Advanced security technologies

16. €10,000
machine
€1000
machine
Scale-up And Scale-outVolume
€500
machine
# Machines
Scale Up
€ 500
machine
€ 500
machine
€ 500
machine
Scale Out
Volume
€500
machine

17. Scaling Out
1 x 10GB database
10 x 1GB databases

18. Shared Individual
vs
Business model
Architectural model
Operational model
Regulatory constraints
Tenancy

19. The Share vs. Isolate Continuum
Economy of Scale
Simpler Management
SLA per tenant
Data Separation
Isolate Share
Considerations:
Business (Time to market, ROI)
Technical (Expected tenant size and load)
Operation (“Can you guarantee SLA without isolating?”)
Regulatory constraints (“Data must be physically separate”)

20. Multi-Tenant Data Continuum

21. 21
Threat Exposure and Cost Effectiveness
Private clouds may have less threat exposure
than community clouds which have less threat
exposure than public clouds.
All else being equal, massive public clouds may
be more cost effective than large community
clouds which may be more cost effective than
small private clouds.
Doesn’t strong security controls mean that I can
adopt the most cost effective approach?

22. 22
Cloud Migration and Security Controls
Clouds can contain strong security controls
Quantifying security advantages vs. challenges is
not currently possible
Reducing the threat exposure and implementing
strong security controls should lead to
processing higher sensitivity data
Thus, strong security controls are necessary for
all cloud models (even private clouds)

23. 23
Ownership and Security Architectures
Clouds typically have a single security architecture but
have many customers with different demands
Clouds should attempt to provide configurable security
mechanisms
Organizations have more control over the security
architecture of private clouds followed by community
and then public
This doesn‟t say anything about actual security
Higher sensitivity data is likely to be processed on
clouds where organizations have control over the
security model

24. 24
Putting it Together
Most clouds will require very strong security
controls
All models of cloud may be used for differing
tradeoffs between threat exposure and efficiency
There is no one “cloud”. There are many models
and architectures.
How does one choose?

25. Cloud Ready Workloads
25

26. 26
Migration Paths for Cloud Adoption
Use public clouds
Develop private clouds
Build a private cloud
Procure an outsourced private cloud
Migrate data centers to be private clouds (fully virtualized)
Build or procure community clouds
Organization wide SaaS
PaaS and IaaS
Disaster recovery for private clouds
Use hybrid-cloud technology
Workload portability between clouds

27. Why Hybrid Apps?
Need to connect back from the cloud to on premise data
Have to provide access to customers behind corporate
firewalls
Must remotely manage the cloud platform and on-
premise systems
Have to keep a big distributed communication
infrastructure running as it‟s safety related
Data Privacy and Security
Legal and Regulatory requirements

28. The Long Term Drivers
Larger datacentres can deploy computational
resources at significantly lower cost
Demand pooling improves the utilization of these
resources, especially in public clouds
Multi-tenancy lowers application maintenance
labor costs for large public clouds
Unparalleled levels of elasticity and agility that
will enable exciting new solutions and
applications.
28

29. 29
The Short Term scenarios
Small enterprises use public SaaS and public clouds
and minimize growth of data centers
Large enterprise data centers may evolve to act as
private clouds
Large enterprises may use hybrid cloud infrastructure
software to leverage both internal and public clouds
Public clouds may adopt standards in order to run
workloads from competing hybrid cloud infrastructures

30. Conclusion
SaaS is mature
IaaS will see consolidation
PaaS is the way forward, will provide the
platform for more and more of SaaS
Hybrid configurations will be the next step
ALL THESE NEED WORK TO TAKE
ADVANTAGE OF THE PLATFORM
30

31. Secure Global
On-demand
Computing
Always Available
Cloud Bursting and
Load-balancing
Global Application
and Data Delivery
The Global Cloud

32. Contact
Twitter: @sahnivi
Blog: www.vikassahni.com
32