Cloud Computing Flashcards
Describe Cloud Computing
Cloud computing is the on-demand delivery of compute power, database storage, applications, and other IT resources through a cloud services platform via the internet with pay-as-you-go pricing.
The service being sold is ‘utility computing’ (like gas), and by sharing IT resources, coherence and economies of scale is achieved.
- Cloud = data centre hardware + software
- Cloud Computing = SaaS + Utility computing
- Does not include small or medium-sized data centres
Benefits of Cloud Computing
- The company can focus on higher-value work instead of focusing on IT infrastructure.
- No big upfront capital investment to prepare for peak capacity. Instead more flexible operational expenditure.
- Cloud computing offers automatic back-ups.
- Small to medium sized businesses rarely set aside costs for disaster recovery.
- Because it is a proven system (e.g., AWS), development and maintenance costs are reduced, stability and security improved, compared to not using cloud computing or internal computing.
- Less reliance on one OS
-
Economic advantage
- Pay as much as you use; useful for start-ups
- multi-tenancy
- less physical space required for server rooms — virtualisation
- cloud computing offers low variable expenses opposed to high-fixed capital costs
- Reduce need for employees (system administration and support staff)
- Benefits companies that generate large amounts of data, or do significant data processing.
- Easy and ubiquitous data access, often at a lower cost.
- Enhanced collaboration, integration, and analysis on a shared platform - third-parties are allowed (usually).
- Business with variable demand, it makes sense to use cloud computing because you can add or take away severs (e.g. video streaming services).
- However, when an organisation becomes large enough, usually more than 10,000 employees, then it makes more sense to have an in-house cloud computing system, instead of outsourcing the compution
- Automation of routine systems administration processes
- Less reliance on internal IT department
- applications must still adhere to organisational guidelines
Limitations of Cloud Computing
-
Reliance on the provider — an outsourcing issue
- no control over your data; if the system fails, all you can do is call the provider
-
Security and reliability issues
- using more than one/backup cloud computing service reduces that risk
- 100% uptime still does not exist
- data storage in other physical locations can cause legal issues; data protection laws
- TCO Total Cost of Ownership - hardware, maintenance costs, software, peopleW
- Vendor lock-in; potentially no data portability
-
Data transfer costs
- Is bulk transfer of data between data centres prohibitive?
- AWS allows Import/Export from portable devices
- No standardised methods of doing this
One Response to Cloud Computing Limitations
- most companies have a hybrid solution using both private and public IT services;
- for core activities, it makes sense to host data on private servers
Types of Cloud Computing
SaaS - Software as a Service
- WAN-enabled application services (via Internet)
- Google Docs
PaaS - Platform as a Service
- foundational elements to develop new applications
- platform for software development and deployment
- Google App Engine
IaaS - Infrastructure as a Service
- providing computational and storage infrastructure in a centralized, location-transparent service
- most flexible cloud computing model
- allows for automated deployment of servers, processing power, storage, and networking.
- true control over infrastructure
- Amazon Web Services
Persistent Storage Services
- Can be accessed by ALL virtual instances (unlike a local hard drive)
- Table or Blob (binary large object) (not all providers offer all types of storage)
Elastic Compute Services
– Can scale dynamically with application’s workload
– Virtual instances that run customer’s application
Elasticity is the degree to which a system is able to adapt to workload changes by provisioning and de-provisioning resources in an autonomic manner, such that at each point in time the available resources match the current demand as closely as possible.
Intra-Cloud Networks
– Connect virtual instances and services
– Connect application’s components
Roles of Wide-Area Networks (WAN) in Cloud Computing
- Connect cloud providers (data centres) to cloud users
- Must ensure that customers are accessing the nearest cloud data centre
What is persistent storage
and name 2 types (+ examples)
Persistent Storage is data in the cloud might be replicated in several places around the globe.
Two types of global data synchronisation:
Strong consistency
- e.g. stock exchange market
- requires more computing power
Eventual consistency
- e.g. music charts updates don’t have to be rapid
- achieves high availability
- generally are short time lags but in those periods you will receive different answers from different data centres
Features that could be used to compare cloud providers
- Elasticity
- Consistency (types of persistent storage)
- Pricing model
- Intra-cloud network
- Wide-area network
- Computation
- Storage
- Auto-scaling
- Target applications
3 Messaging Services that use Cloud Computing
Virtual Private Cloud
- Allows the user to control the connection to and between the compute and storage services
Direct Connect
- Enables dedicated network between user premises and Amazon locations
- Aim: consistent network performance
Message queues
Amazon Simple Queue Service (Amazon SQS) offers a reliable, highly-scalable hosted queue for storing messages as they travel between applications or microservices. It moves data between distributed application components and helps you decouple these components.
In information security, how can you think about security?
- Confidentiality (disclosed data)
- Integrity (correctness of data)
- Availabality (no disruptions)
Security Risks in Cloud Computing
- Unauthorised access to the system and data.
- Web service vulnerabilities.
- Virtual machine vulnerabilities.
Securing Confidentiality:
Encryption and/or Gateway Products
Confidentiality is at risk only if providers or others can access users’ data in intelligible form.
Encryption
- encryption needs much processing; expensive
- In practice, the advantages of processing in the cloud can only be realised if data is unencrypted
- encrypted data cannot be analysed (but maybe soon)
- Where to apply encryption: beginning, middle or end of transfer?
- Who carries out the encryption: customer or cloud provider?
Gateway Products
- Store sensitive data in secure vault locally
- Generate a token corresponding to the sensitive data
- Store the token in the cloud together with the data that is not sensitive
- Tokenisation services compatible with many cloud applications:
- Gmail, Amazon AWS
- Searching and sorting now possible
Securing Confidentiality:
Data Deletion and Cloud Providers
- most operating systems do not actually delete files
- just mark files as deleted
- multiple overriding required
- deleting data on cloud:
- hard to track all copies and backups
- files may be reconstructed
- hard to check wether actually deleted
Measures to ensure integrity in cloud computing
Is the data accurate and complete?
- Access control
- User accounts
- Associate each user account with a role that is allowed to perform a subset of system functions
- Back ups and use them for comparison
- Audit and control what the cloud provider can access
- is the bottom/plumbing layer secure?
- e.g., Systems administration level access to databases.
How to secure availability in cloud computing?
Securing against disruption of services and ensuring timely and reliable access to and use of data.
- network-level attacks (e.g., Distributed Denial of Service (DDOS) attacks)
- users’ own networks might fail (non-cloud)
- Service Level Agreements will cover minimal requirements for performance and availability
- restricted data portability (vendor ‘lock-in’)
- customer or provider terminates service
- need to retrieve data in a form that is:
- accessible, readable, in a format possible to import into another application
- will vendor assist with moving data to other services?
- how much will they charge?
- test portability rather than rely on provider assurances
Cloud Computing Enablers
(cloud computing is on a rise because…)
- cheap, very large data-centres
- cheaper construction
- cheaper operation
- use of commodity computers
- virtualisation: the ability to run several instances of a server on the same hardware
- cheaper electricity, network bandwidth, operations, software and hardware
- smarter use of computing power: statistical multiplexing increases utilisation
Virtualisation and Instances
Virtualisation refers to the creation of a virtual machine that acts like a real computer with an operating system.
Instances are VMs with the associated systems software and application software (see image below).
What’s new in cloud computing?
- The appearance of infinite computing on demand
- Accommodate large load surges in minutes
- Elimination of up-front commitment by users
- Ability to pay for resources on a short term basis (fine-grained billing)
Elastic Computing Charging Models
IaaS: Amazon AWS, Microsoft Azure and Rackspace CloudServers
- Charge per server for the time that you use it
PaaS: AppEngine
- Charge how many CPU cycles the application consumes
Cost Models for reading/writing persistent storage
- AWS & AppEngine — CPU cycles consumed
- Azure & Cloudservers — fixed, per operation cost
- Cost per operation: Can be used to compare cost-effectiveness across providers.
- Table, blob, queue
Metrics
Operation response time
- Time taken to complete read, write and query operations.
Time to consistency
- Time between a write and subsequent reads to return consistent results.
Metrics for intra-cloud networks
What is the throughput?
- Aiming to answer ‘Is the size of the pipe sufficient for the applications’.
Latency
- Time taken to transfer information.
Cost
- No charges made for data transfer within a data centre
- Providers charge similar amounts for transferring data between data centres
Metrics for wide-area networks
Optimal wide-area network latency
- The delay from a client to the nearest server operated by the cloud provider.
Public vs. Private Clouds
Public Cloud: When a cloud is made available in a pay-as-you-go manner to the general public; selling utility computing.
Private Cloud: Internal data centres of a business or other organization, not made available to the general public.
