Cloud Computing

Question 1

Describe Cloud Computing

Answer 1

Cloud computing is the on-demand delivery of compute power, database storage, applications, and other IT resources through a cloud services platform via the internet with pay-as-you-go pricing.

The service being sold is ‘utility computing’ (like gas), and by sharing IT resources, coherence and economies of scale is achieved.

• Cloud = data centre hardware + software
• Cloud Computing = SaaS + Utility computing
  
  • Does not include small or medium-sized data centres

Question 2

Benefits of Cloud Computing

Answer 2

• The company can focus on higher-value work instead of focusing on IT infrastructure.
• No big upfront capital investment to prepare for peak capacity. Instead more flexible operational expenditure.
• Cloud computing offers automatic back-ups.
  
  • Small to medium sized businesses rarely set aside costs for disaster recovery.
• Because it is a proven system (e.g., AWS), development and maintenance costs are reduced, stability and security improved, compared to not using cloud computing or internal computing.
• Less reliance on one OS
• Economic advantage
  
  • ​Pay as much as you use; useful for start-ups
  • multi-tenancy
  • less physical space required for server rooms — virtualisation
  • cloud computing offers low variable expenses opposed to high-fixed capital costs
  • Reduce need for employees (system administration and support staff)
• Benefits companies that generate large amounts of data, or do significant data processing.
• Easy and ubiquitous data access, often at a lower cost.
• Enhanced collaboration, integration, and analysis on a shared platform - third-parties are allowed (usually).
• Business with variable demand, it makes sense to use cloud computing because you can add or take away severs (e.g. video streaming services).
• However, when an organisation becomes large enough, usually more than 10,000 employees, then it makes more sense to have an in-house cloud computing system, instead of outsourcing the compution
• Automation of routine systems administration processes
  
  • Less reliance on internal IT department
  • applications must still adhere to organisational guidelines

Question 3

Limitations of Cloud Computing

Answer 3

• Reliance on the provider — an outsourcing issue
  
  • no control over your data; if the system fails, all you can do is call the provider
• Security and reliability issues
  
  • using more than one/backup cloud computing service reduces that risk
  • 100% uptime still does not exist
• data storage in other physical locations can cause legal issues; data protection laws
• TCO Total Cost of Ownership - hardware, maintenance costs, software, peopleW
• Vendor lock-in; potentially no data portability
• Data transfer costs
  
  • Is bulk transfer of data between data centres prohibitive?
  • AWS allows Import/Export from portable devices
  • No standardised methods of doing this

Question 4

One Response to Cloud Computing Limitations

Answer 4

• most companies have a hybrid solution using both private and public IT services;
• for core activities, it makes sense to host data on private servers

Question 5

Types of Cloud Computing

Answer 5

SaaS - Software as a Service

• WAN-enabled application services (via Internet)
• Google Docs

PaaS - Platform as a Service

• foundational elements to develop new applications
• platform for software development and deployment
• Google App Engine

IaaS - Infrastructure as a Service

• providing computational and storage infrastructure in a centralized, location-transparent service
• most flexible cloud computing model
• allows for automated deployment of servers, processing power, storage, and networking.
• true control over infrastructure
• Amazon Web Services

Question 6

Persistent Storage Services

Answer 6

• Can be accessed by ALL virtual instances (unlike a local hard drive)
• Table or Blob (binary large object) (not all providers offer all types of storage)

Question 7

Elastic Compute Services

Answer 7

– Can scale dynamically with application’s workload

– Virtual instances that run customer’s application

Elasticity is the degree to which a system is able to adapt to workload changes by provisioning and de-provisioning resources in an autonomic manner, such that at each point in time the available resources match the current demand as closely as possible.

Question 8

Intra-Cloud Networks

Answer 8

– Connect virtual instances and services

– Connect application’s components

Question 9

Roles of Wide-Area Networks (WAN) in Cloud Computing

Answer 9

• Connect cloud providers (data centres) to cloud users
• Must ensure that customers are accessing the nearest cloud data centre

Question 10

What is persistent storage

and name 2 types (+ examples)

Answer 10

Persistent Storage is data in the cloud might be replicated in several places around the globe.

Two types of global data synchronisation:

Strong consistency

• e.g. stock exchange market
• requires more computing power

Eventual consistency

• e.g. music charts updates don’t have to be rapid
• achieves high availability
• generally are short time lags but in those periods you will receive different answers from different data centres

Question 11

Features that could be used to compare cloud providers

Answer 11

• Elasticity
• Consistency (types of persistent storage)
• Pricing model
• Intra-cloud network
• Wide-area network​
• Computation​
• Storage
• Auto-scaling
• Target applications

Question 12

3 Messaging Services that use Cloud Computing

Answer 12

Virtual Private Cloud

• Allows the user to control the connection to and between the compute and storage services

Direct Connect

• Enables dedicated network between user premises and Amazon locations
• Aim: consistent network performance

Message queues

Amazon Simple Queue Service (Amazon SQS) offers a reliable, highly-scalable hosted queue for storing messages as they travel between applications or microservices. It moves data between distributed application components and helps you decouple these components.

Question 13

In information security, how can you think about security?

Answer 13

• Confidentiality (disclosed data)
• Integrity (correctness of data)
• Availabality (no disruptions)

Question 14

Security Risks in Cloud Computing

Answer 14

• Unauthorised access to the system and data.
• Web service vulnerabilities.
• Virtual machine vulnerabilities.

Question 15

Securing Confidentiality:

Encryption and/or Gateway Products

Answer 15

Confidentiality is at risk only if providers or others can access users’ data in intelligible form.

Encryption

• encryption needs much processing; expensive
  
  • In practice, the advantages of processing in the cloud can only be realised if data is unencrypted
• encrypted data cannot be analysed (but maybe soon)
• Where to apply encryption: beginning, middle or end of transfer?
• Who carries out the encryption: customer or cloud provider?

Gateway Products

• Store sensitive data in secure vault locally
• Generate a token corresponding to the sensitive data
• Store the token in the cloud together with the data that is not sensitive
• Tokenisation services compatible with many cloud applications:
  
  • Gmail, Amazon AWS
  • Searching and sorting now possible

Question 16

Securing Confidentiality:

Data Deletion and Cloud Providers

Answer 16

• most operating systems do not actually delete files
• just mark files as deleted
• multiple overriding required
• deleting data on cloud:
  
  • hard to track all copies and backups
  • files may be reconstructed
  • hard to check wether actually deleted

Question 17

Measures to ensure integrity in cloud computing

Answer 17

Is the data accurate and complete?

• Access control
  
  • User accounts
  • Associate each user account with a role that is allowed to perform a subset of system functions
• Back ups and use them for comparison
• Audit and control what the cloud provider can access
  
  • is the bottom/plumbing layer secure?
  • e.g., Systems administration level access to databases.

Question 18

How to secure availability in cloud computing?

Answer 18

Securing against disruption of services and ensuring timely and reliable access to and use of data.

• network-level attacks (e.g., Distributed Denial of Service (DDOS) attacks)
• users’ own networks might fail (non-cloud)
• Service Level Agreements will cover minimal requirements for performance and availability
• restricted data portability (vendor ‘lock-in’)
  
  • customer or provider terminates service
  • need to retrieve data in a form that is:
  • accessible, readable, in a format possible to import into another application
• will vendor assist with moving data to other services?
  
  • how much will they charge?
  • test portability rather than rely on provider assurances

Question 19

Cloud Computing Enablers

(cloud computing is on a rise because…)

Answer 19

• cheap, very large data-centres
  
  • cheaper construction
  • cheaper operation
  • use of commodity computers
• virtualisation: the ability to run several instances of a server on the same hardware
• cheaper electricity, network bandwidth, operations, software and hardware
• smarter use of computing power: statistical multiplexing increases utilisation

Question 20

Virtualisation and Instances

Answer 20

Virtualisation refers to the creation of a virtual machine that acts like a real computer with an operating system.

Instances are VMs with the associated systems software and application software (see image below).

Question 21

What’s new in cloud computing?

Answer 21

• The appearance of infinite computing on demand
  
  • Accommodate large load surges in minutes
• Elimination of up-front commitment by users
• Ability to pay for resources on a short term basis (fine-grained billing)

Question 22

Elastic Computing Charging Models

Answer 22

IaaS: Amazon AWS, Microsoft Azure and Rackspace CloudServers

• Charge per server for the time that you use it

PaaS: AppEngine

• Charge how many CPU cycles the application consumes

Question 23

Cost Models for reading/writing persistent storage

Answer 23

• AWS & AppEngine — CPU cycles consumed
• Azure & Cloudservers — fixed, per operation cost
• Cost per operation: Can be used to compare cost-effectiveness across providers.
• Table, blob, queue

Metrics

Operation response time

• Time taken to complete read, write and query operations.

Time to consistency

• Time between a write and subsequent reads to return consistent results.

Question 24

Metrics for intra-cloud networks

Answer 24

What is the throughput?

• Aiming to answer ‘Is the size of the pipe sufficient for the applications’.

Latency

• Time taken to transfer information.

Cost

• No charges made for data transfer within a data centre
• Providers charge similar amounts for transferring data between data centres

Question 25

Metrics for wide-area networks

Answer 25

Optimal wide-area network latency

• The delay from a client to the nearest server operated by the cloud provider.

Question 26

Public vs. Private Clouds

Answer 26

Public Cloud: When a cloud is made available in a pay-as-you-go manner to the general public; selling utility computing.

Private Cloud: Internal data centres of a business or other organization, not made available to the general public.