The document discusses cloud computing and service models including SaaS, PaaS, and IaaS. It then describes challenges with multitenant databases and proposes two solutions. The first proposes an efficient shared schema approach with authentication and authorization. The second proposes a non-intrusive database for large-scale SaaS with data isolation, security, and scalability. It compares the solutions and recommends backup strategies, encrypted data storage, and unique ID generation.

2. Cloud Computing
Service Models
SaaS Multitenant DB Architecture
Proposed Solutions
Comparison
Recommendations

3.  Cloud Computing refers to “Computing over the Internet”
 The use of new or existing computing hardware and virtualization
technologies to form a shared infrastructure that enables web-based
value added services.
 End users access cloud-based applications through a web browser or
a light-weight desktop or mobile app
 The business software and user's data are stored on servers at a
remote location
 a way to increase capacity or add capabilities on the fly
CLOUD COMPUTING

4. CLOUD COMPUTING

5. CLOUD COMPUTING
• Readily available on demand
On-demand self-
service
• Service is available via network
independent of user end device
Broad network
access
• Accomplished through virtualization and
multi-tenancy
Resource
pooling
• Provisioning/releasing of resourcesRapid elasticity
• Provides “pay-as-you-go” service
Measured
service

6. SERVICE MODELS

7. SERVICE MODELS
 The use of server, storage and virtualization to enable utility like
services for users
 Pre-configured hardware is provided via a virtualized interface or
hypervisor.
 Cloud users install operating-system images and their application
software on the cloud infrastructure
 Examples:
• Amazon EC2
• Azure Services Platform
• DynDNS
• Google Compute Engine
• Joyent
• LeaseWeb
• Rackspace Cloud, etc

8. SERVICE MODELS
 Delivers platform including operating system, programming
language execution environment, database, and web server
 Provides application hosting, development, testing and deployment
environment
 Alleviates the need to buy and maintain the underlying
hardware, software and hosting facilities
 Middle layer between SaaS and IaaS
 Examples:
• AWS Elastic Beanstalk
• Heroku
• Force.com,
• Google App Engine
• OrangeScape, etc

9. SERVICE MODELS
 Delivers applications/services over the web
 No upfront investment in servers or software licensing for users
 “pay-as-you-go” model
 Data and the software application are hosted centrally
 Software application can be accessed without need to use
additional hardware or software
 Examples:
• Google Docs
• Dropbox
• Salesforce.com
• Hotmail or Gmail
• Microsoft Skydrive
• Google Analytics, etc

10. SaaS MULTENANT DB ARCHITECTURE
MULTITENANCY
 A technology that clouds use to share IT resources cost-efficiently
and securely among multiple tenants
 Software architecture where a single instance of a software
application serves multiple customers
 Ensures that one tenant operates in isolation from all others

11. Separate
databases
Shared
database, separa
te schema
Shared
database, shared
schema
SaaS MULTENANT DB ARCHITECTURE

12. Simplest approach to data isolation with data being stored in
separate databases
SaaS MULTENANT DB ARCHITECTURE

13. It involves housing multiple tenants in the same database,
with each tenant having its own schema
SaaS MULTENANT DB ARCHITECTURE

14. It involves using the same database and the same set of
tables to host multiple tenants' data
SaaS MULTENANT DB ARCHITECTURE

15. PROPOSED SOLUTIONS
Solution 1
• AN EFFICIENT SCHEMA SHARED APPROACH FOR CLOUD BASED
MULTITENANT DATABASE WITH AUTHENTICATION &
AUTHORIZATION FRAMEWORK
Solution 2
• A NON-INTRUSIVE MULTI-TENANT DATABASE FOR LARGE SCALE
SAAS APPLICATIONS

16. PROPOSED SOLUTION 1
Multi-tenancy supported
architecture
Issues identification with
traditional apprach
Data isolation among
tenants’ data
Authentication and
authorization framework
for security
GOALS

17. PROPOSED SOLUTION 1
 Decision for pre-defined number of columns (for custom fields)
 Greater number of NULL values lead to wastage of space
 Data type of columns

18. PROPOSED SOLUTION 1
Drawbacks
• Size of Extension table is too large which may lead to performance
problems while data fetching from the database
• Increased query processing time for insert, update and delete operations

19. PROPOSED SOLUTION 1
Dataisolation
model
Shared
database,
shared
schema that
supports large
number of
tenants
Optimizeddatabase
schema
Modified
extension
table for
efficient use of
space
Datasecurity
Kerberos is
used for
authentication
and
authorization

20. PROPOSED SOLUTION 1
• XML objects are used in the
extension table
• reduced table size
• eliminated primary table
• XML document is dynamically
generated
• XML object contains data of
entire row
• Tags in XML object refers to the
name of table fields
• Allows multiple table creation
for tenants
• Table ids are used to associate
extension table data with its
respective table

21. PROPOSED SOLUTION 1
1. CRYPTOGRAPHY
For keys generation and
messages cryptography
class of .NET platform has
been used
2. VIEWS FOR TENANTS
Creation of views for
tenants to display
relevant information or
data

22. PROPOSED SOLUTION 1
3. KERBEROS PROTOCOL
 For authentication and authorization
1) Getting the TGT from AS (authentication server)
2) Getting the SGT from TGS (ticket granting server)
3) Getting access to the server
 A table is maintained for user permissions and is used for
authorization when user wants to perform some operation

23. PROPOSED SOLUTION 2
Cost effective database
sharing model
Gaps identification in
traditional databases
Data security among
tenants
Database scalability
GOALS

24. PROPOSED SOLUTION 2
Challenges Requirements Gaps
Low Cost
Low hardware, software & human resources
No cost-effective sharing and
isolation mechanism
Development cost – developer to focus on logic
No logical view to easily access the
database
Flexibility
Customization – database should be customizable Database does not support
customization mechanisms
Diverse SLA – contain all concerns about security,
encryption, backup techniques, etc.
SLA does not detail about any
access control mechanisms
Security Isolation
Security models to prevent access to other
tenants’ data;
Strict security isolation
Hierarchical ACL
Hybrid tenant types
Free sharing
Database does not support
security/control mechanisms
Scalability and
Availability
Applications should be scalable to support large
number of customers without affecting the existing
tenants’ services
Databases does not support
mechanisms for scalability,
availability and load balancing

25. PROPOSED SOLUTION 2

26. • Separate databases
• Shared database, separate schemas
• Shared database, shared schema
Data Isolation
• Filter-based pattern in application level
• Permission-based pattern in DBMS level (Row
level access control mechanism because of
shared schema)
Data Security
• Reserved field pattern is used for custom
fields
• Template based approach is used for SLA to
fulfill tenant’s requirements
Flexibility
PROPOSED SOLUTION 2

27. •Architecture leverages (for dynamic request routing)
•database clustering
•routing mechanisms
•load balancing
Large Scale
Scalability
•Leverage Data Clustering: improves data retrieval
performance
•Caching Mechanism: improves metadata repository
access mechanism with low cost
•Load Balancing: improves the tenants’ request serving
by effective resources utilization
Performance
Optimization
PROPOSED SOLUTION 2

28. COMPARISON
DATA ISOLATION
Solution
1
• Supports only “shared schema”
• Does not provide full isolation
• Needs more powerful security mechanisms
2
• Supports all three db models
• Supports from full isolated dbs to shared dbs
DATA SECURITY
Solution
1
• Uses Kerberos protocol for authentication and authorization
managing a table for permissions
2
Application level security
Filter the request based on the tenant identification
DBMS level security
Table/row level access control mechanism db models

29. COMPARISON
DATA STORAGE
Solution
1
• Uses XML based data storage
• consumes less space (single row per record)
2
• Uses normal extension table approach
• consumes more space in comparison with XML based version
FLEXIBILITY
Solution
1
• Uses XML extended table field pattern that allows for any
number of custom fields to be added by the tenant
2
• It uses reserved extended table field pattern that pre-defines a
fixed number of table columns

30. COMPARISON
SCALABILITY
Solution
1 • Not supported
2
It supports;
• Database clustering
• Routing mechanisms
• Load balancing
PERFORMANCE OPTIMIZATION
Solution
1 Optimized performance for insert/update/delete operations
2
Implemented;
• Data clustering
• Caching mechanism
• Tenant based load balancing

31. RECOMMENDATIONS
 Backup strategies should be implemented to provide
immediate restoration in case of failure.
Ex: Full backup, Differential backup, Incremental
backup, Continuous backup
 Data that needs greater security should be saved in
encrypted form so that no one can access the information
easily
 Some key generation algorithm should be used for
generating the unique ids used within the tables (TenantID,
TableID)