The Cloud Computing for the Masses

صفحه 1:


صفحه 2:


صفحه 3:
(Bbout the Gpeuker Dr. Asoke K. Talukder worked for companies like Fujitsu- ICIM, Microsoft, Oracle, Informix, Digital, Hewlett Packard, ICL, Sequoia, Northern Telecom, NEC, KredietBank, iGate, Celinext, etc’ Dr. Asoke authored two textbooks and edited two books; he also published many peer-reviewed research papers. He is recipient of many international awards including All India Radio/Doordarshan award, ICIM Professional Excellence Award, ICL Excellence Award, IBM Solutions Excellence Award, Simagine GSMWorld Award etc. Dr. Asoke has been listed in “Who's Who in the World”, “Who's Who in Science and Engineering”, an “Outstanding Scientists of 21st Century”. He did M.Sc (Physics) and Ph.D in Engineering. He was the DaimlerChrysler Chair Professor at IIIT, Bangalore; currently an Adjunct Professor, Department of Computer Science & Engineering, NIT Warangal, Adjunct Professor, ABV Indian Institute of Information Technology & Management, Gwalior, and Adjunct Faculty Départment of Computer Engineering, NITK, Surathkal He is Corporate Advisor to SaharaNext and Chief Scientific Officer, Geschickten Solutions, Bangalore. 13" March 2010 Cloud Computing - 3/50 © Asoke K Talukder 

صفحه 4:
Claud Covwwputicrey ia ‏له‎ ‎“Govt plans ‏بو‎ ‎services via cloud momputing soon rea Economic Times, 11” February 2010 © Asoke K Talukder 13" March 2010 Cloud Computing - 4/50 

صفحه 5:
© Asoke K Talukder 13" March 2010 Cloud Computing - 5/50 

صفحه 6:
عدا جل 5 كد ‎Oe‏ 

صفحه 7:
‎DePiced‏ بوشم‌ممن رصا ‎* Cloud computing is an emerging computing paradigm where data and applications reside in the cyberspace, it allows users to access their data and information through any web- connected device be it fixed or mobile. ‎٠ Source: John B. Horrigan, Use of Cloud Computing Applications & Services, Data memo, PEW Internet & American Life project, September 2008 ‎© Asoke K Talukder 13" March 2010 Cloud Computing - 7/50 

صفحه 8:
Ged cette Clad © Asoke K Talukder 13" March 2010 Cloud Computing - 8/50 

صفحه 9:
لمصان) ۲اه سومان ) ‎Virtual - Physical location and underlying‏ * infrastructure details are transparent to users * Scalable - Able to break complex workloads into pieces to be served across an incrementally expandable infrastructure * Efficient - Services Oriented Architecture for dynamic provisioning of shared compute resources * Flexible - Can serve a variety of workload types - both consumer and commercial © Asoke K Talukder 13" March 2010 Cloud Computing - 9/50 

صفحه 10:
Dyppes oP the Cloud * Private Cloud - Cloud Computing private to an enterprise ٠ Public Cloud - Cloud Computing where the cloud services are offered by Cloud Vendors and anybody can use & deploy their services in this cloud ¢ Hybrid Cloud - Combination of Private & Public Cloud © Asoke K Talukder 13" March 2010 Cloud Computing - 10/50 

صفحه 11:
(Private Clout * Private cloud will be implemented by enterprises for their own private use. This will mainly be available to enterprise’s customers, employees, partners, and suppliers. This will mainly be to reduce the cost and have a centralized management of the data. Private cloud will be a extension of the data centre within the control of the enterprise; in private cloud an enterprise can implement a security policy and control people and hardware resource with respect to privacy and access. Amazon book store is an example of private cloud. © Asoke K Talukder 13" March 2010 Cloud Computing - 11/50 

صفحه 12:
(Public Cloud * The public cloud can be defined as the outsourcing model for computing, hardware, and storage functions to a third party service provider, which hosts applications on cyberspace through linked services. * Source: Cristos Velasco San Martin, Jurisdictional Aspects of Cloud Computing, February 28, 2009 © Asoke K Talukder 13" March 2010 Cloud Computing - 12/50 

صفحه 13:
Private/ Intemal Public/ On Premises / Internal Off Premises / Third Party Cloud Computing Types ‏سرس د‎ Cone: Dhaeabe © Asoke K Talukder 13" March 2010 Cloud Computing - 13/50 

صفحه 14:
0 0 3 ۰۳۰ و ۳1 es a) vmware ‏لي‎ ‏عضت‎ 190 Qlayers GOGRID mw. Mosso ®b-hive © Path’ CA CYCLECOMPUTING Cd ORACLE VERIO TAP INTOTHE @Sun ۱ POWER OF NETWORK.COM © Asoke K Talukder 13" March 2010 ‘Cloud Computing - 14/50 

صفحه 15:


صفحه 16:
Clad 6 Oser - ۱ (ukir) © Asoke K Talukder 13" March 2010 Cloud Computing - 16/50 

صفحه 17:
Oext Ceueratiog Iotercet + Multi-user-agent + Multi-service + Multi-access + Multi-provider + Multi-protocol networks * Web 2.0 and Web 3.0 * Innovation moving from Technology Companies to the Consumer space + IPv6 with IPsec + Universal seamless roaming Support mobility at vehicular state Intelligent and programmable networks Definable service quality Definable security level On demand scalability API in the network to obtain context information (spatial, environmental, and temporal attributes) + API in the network to enforce QoS and security © Asoke K Talukder 13" March 2010 Cloud Computing - 17/50 

صفحه 18:
لعال) منان) علب) 00 ‎Dew‏ عاصه؟ ‎PO-core Provessvr‏ و ‎Cowputer)‏ + Intel debuted and demonstrated its Single-chip Cloud Computer (SCC) processor on 2" December 2009. The processor has 48 cores - 24 dual-core "tiles"-- connected with a high-speed mesh network. Intel wants the experimental chip, at least 100 of which it will distribute to researchers in 2010, to lead to new attempts to tackle multicore system and software design. Ultimately, Intel believes its aggressive multicore approach will be the way computers get enough power for tasks such as vision and speech comparable to what humans have. © Asoke K Talukder 13" March 2010 Cloud Computing - 18/50 

صفحه 19:
Oructits oP the Cloud * Helping Green computing by lending out idle resources through Cycle Scavenging * Unlimited Resource - Unlimited Computing power - Unlimited storage (Filestore & online memory) - Scale UP or Scale Down On-demand * Users can use resources without owning anything - converting Capex to Opex * Enterprises can use Supercomputers/HPC without owning them * Pay as you go © Asoke K Talukder 13" March 2010 Cloud Computing - 19/50 

صفحه 20:
6 TeRrostructure 00۳3 xP Virtual Infrastructure Compute © Asoke K Talukder 13" March 2010 Cloud Computing - 20/50 

صفحه 21:
د لل مس ‎oF owe cu‏ مس و عام: © بمب ‎Grad‏ له © Asoke K Talukder 13" March 2010 Cloud Computing - 21/50 

صفحه 22:
Oi li 5 * Virtualization is a framework or methodology of dividing the resources of a computer into multiple execution environments, by applying one or more concepts or technologies such as hardware and software partitioning, time-sharing, partial or complete machine simulation, emulation, quality of service, and many others. It allows abstraction and isolation of lower-level functionalities and underlying hardware. This enables portability of higher-level functions and sharing and/or aggregation of the physical resources. * There are lots of virtualization products, all mainframe OS of the past were virtual like MVS, VMS, VME etc * Today’s virtual environments are VMwarel, Xen - an open source Linux-based product developed by XenSource2 etc © Asoke K Talukder 13" March 2010 Cloud Computing - 22/50 

صفحه 23:
pen = ۳ ‏میم‎ virtualization Services anagernent c= Comma ٩ “ and ‏موی 1 اا‎ Certification Teri © Asoke K Talukder 13" March 2010 Cloud Computing - 23/50 

صفحه 24:
a م © Asoke K Talukder 13" March 2010 Cloud Computing - 24/50 

صفحه 25:
‎Cloud (Providers‏ دوبن ‎* Application Services (services on demand) - Gmail, GoogleCalender - Payroll, HR, CRM etc - Sugarm CRM, IBM Lotus Live ¢ Platform Services (resources on demand) - Middleware, Intergation, Messaging, Information, connectivity etc - AWS, IBM Virtual images, Boomi, CastIron, Google Appengine * Infrastructure Services (physical assets as services) - IBM Blue house, VMWare, Amazon EC2, Microsoft Azure Platform, Sun Parascale and more ‎© Asoke K Talukder 13" March 2010 Cloud Computing - 25/50 

صفحه 26:
Olan Orso * “Cloud Vendor” is a virtual organization (may/may not own any infrastructure, platform or software) - it will use resources from various vendors and original providers (OCP - Original Cloud Providers) to offer services that meet certain service level agreements (SLA) with guaranteed Quality of Expectation (QoE) and Quality of Service (QoS) * Source: Asoke K Talukder, Lawrence Zimmerman, and Prahalad H.A, Cloud Economics: Principles, Costs and Benefits, book chapter in the book titled Cloud Computing: Principles, Systems and Applications, Edited by Nick Antonopoulos and Dr Lee Gillam, Published by Springer London, to appear 2010 © Asoke K Talukder 13" March 2010 Cloud Computing - 26/50 

صفحه 27:
Olas unl GOW ۳ ‘Software platforms as a service [optimized middleware - application servers, database servers, portal servers, etc. ) Infrastructure as a service (virtualized servers, storage, networking) * SOA is the architecture of Cloud Computing * Physical infrastructure like SOA must be discoverable, manageable and governable © Asoke K Talukder 13" March 2010 Cloud Computing - 27/50 

صفحه 28:
وم ¢ Rather than purchasing servers, software, data center space or network equipment, clients instead buy those resources as a fully outsourced service. The service is typically billed on a utility computing basis and amount of resources consumed (and therefore the cost) will typically reflect the level of activity. It is an evolution o virtual private server offerings * Cloud infrastructure services or "Infrastructure as a Service (IaaS)" delivers computer infrastructures like, - Processors/CPUs - Memory - Storages - Networking طسوالا © Asoke K Talukder 13" March 2010 Cloud Computing - 28/50 

صفحه 29:
3 © Asoke K Talukder 13% March 2010 Cloud Computing - 29/50 

صفحه 30:
Pua * Cloud platform services or "Platform as a Service (PaaS)" deliver a computing platform and/or solution stack as a service, often consuming cloud infrastructure and sustaining cloud applications. It facilitates deployment of applications without the cost and complexity of buying and managing the underlying hardware and software layers © Asoke K Talukder 13" March 2010 Cloud Computing - 30/50 

صفحه 31:
65 * Cloud application services or "Software as a Service (SaaS)" deliver software as a service over the Internet, eliminating the need to install and run the application on the customer's own computers and simplifying maintenance and support. Key characteristics include: - Network-based access to, and management of, commercially available (ie., not custom) software - Activities that are managed from central locations rather than at each customer's site, enabling customers to access applications remotely via the Web - Application delivery that typically is closer to a one-to- many model (single instance, multi-tenant architecture) than to a one-to-one model, including architecture, pricing, partnering, and management characteristics - Centralized feature updating, which obviates the need for downloadable patches and upgrades. طسوالا © Asoke K Talukder 13" March 2010 Cloud Computing - 31/50 

صفحه 32:
©) © Asoke K Talukder 13" March 2010 Cloud Computing - 32/50 

صفحه 33:
Pardketzaioa Probkecs ٠ How do we assign work units to workers? ٠ What if we have more work units than workers? ° What if workers need to share partial results? * How do we aggregate partial results? * How do we know all the workers have Finished? 0). othe cocoon howe of ol of tome probe? * What if workers die? © Asoke K Talukder 13" March 2010 Cloud Computing - 33/50 

صفحه 34:
Cloud Computing - 34/50 1 ol. 13" March 2010 © Asoke K Talukder Bs, سه كه ‎mz‏ = ۳ دك =o ‏ی‎ a = لسع و Oivide ond Coaquer 

صفحه 35:
OupReduce * Generalized Framework : Oe ROM Gad ۳ ۱ ‏فحت إم[‎ ‏بر‎ 7 pt how [ [Our 5 3 e ‏منز۱‎ ‎Cae 5 ۱ ‏و(‎ | Oupa 8 KP Ow ۳ (Sorrow ‏فپ‎ Pies ‏ت7۳‎ Plow Ovpu Per © Asoke K Talukder 13" March 2010 Cloud Computing - 

صفحه 36:
Opes Gouve OupReduce * Hadoop - Implemented in Java enabled on Amazon ¢ Twister - Lightweight New arrival in town © Asoke K Talukder 13" March 2010 Cloud Computing - 36/50 

صفحه 37:
Geounity io the Cloud * Security in the cloud needs to answer few specific questions like, 1.How much trust do you have on virtualized environment or the ervisors in the cloud as against your own physical hardware? 2.How much trust do you have on cloud vendor versus your own infrastructure? 3.How do you address regulatory and compliance requirement in an environment when your application might be running on an infrastructure in a foreign country? © Asoke K Talukder 13" March 2010 Cloud Computing - 37/50 

صفحه 38:
Seourity & Goalabilip-aware OpPiware Oevetbppweat LPe Oprle (GaS@MLC) * Security Requirement Analysis - Step 1 - Functional Requirements using UML - Step 2 - Identification of Assets - Step 3 - Separation of Concerns - Step 4 - Decision on Deployment and Interfaces - Step 5 - Minimizing the Attack Surface - Step 6 - Security Requirements - Step 7 - Threat and Attack Tree - Step 8 - Rating of Risks - Step 9 - Decision on In-vivo Security versus In-vitro Security - Step 10 - Nonfunctional to Functional Requirement Step 11 - Iterate ۰ Security Design * Secure and Safe Construction/Programming * Security Testing (Fuzz, Negative, Recovery, Ethical Hacking) * Secure Deployment (Firewall, IPS, Malware Catcher, OVAL, NVD, AVDL) © Asoke K Talukder 13" March 2010 Cloud Computing - 38/50 

صفحه 39:
Genioe Quality an ‏ان‎ ¢ Journaling is necessary to record usage history ¢ Journaling is a critical part of any secured and reliable system ¢ Journaling helps a system to recover from failure through either roll-back or roll- forward ¢ Usage records are used at a later time to charge and bill a consumer * Journaling is also used for forensic purposes to recreate the crime scene of a security attack © Asoke K Talukder 13" March 2010 Cloud Computing - 39/50 

صفحه 40:
تانماهانهر) امه رنلنطهامظ) ۰ Scalability in the cloud applications needs to be dynamic ¢ Applications need to react to external events such as increased load, augmented reliability etc ٠ In the cloud, there will be no association between the service and the underlying platform and infrastructure * The cloud user / customer may like to use some resource somewhere in the world that offers the best price performance advantage © Asoke K Talukder 13" March 2010 Cloud Computing - 40/50 

صفحه 41:
Location ve Duta ¢ This is important issue that should be considered in the cloud environment. There are laws related to both what can be stored and what can be transferred (into and out of) countries. Some country’s laws say that the data should not be stored outside of the country. © Asoke K Talukder 13" March 2010 Cloud Computing - 41/50 

صفحه 42:
Oultt Pera ¢ This is resultant of virtualization, where two or more cloud vendors share the same resource from an original cloud provider. There should be clean and clear way to ensure that other tenants are not gaining access to other parties’ data. This is also called data anonymity. © Asoke K Talukder 13" March 2010 Cloud Computing - 42/50 

صفحه 43:
QOusitess Cocticruity ued Duta Retectioa * Cloud vendors have data recovery and business continuity plans in place to ensure that service can be maintained in case of a disaster or an emergency and that any data lost will be recovered. These plans are shared with and reviewed by their customers so that business continues even if the cloud vendor/provider goes out of business. © Asoke K Talukder 13" March 2010 Cloud Computing - 43/50 

صفحه 44:
Duta Protection + This is to ensure that only the authorized and legitimate users access or stored data in the cloud. Also, if necessary, the country where the data is hosted can be examined by the law enforcement agencies. + HIPPA (Health Insurance Portability and Accountability Act) in the US also prohibits certain types of access on healthcare data. + Sarbanes Oxley demands certain types of accounting practices to be followed be enterprises. * On 5th February 2010, the European Commission has adopted a decision updating the standard contractual clauses for the transfer of personal data to processors established in non-EU countries that are not recognised as offering an adequate level of data protection. + The USA Patriot Act was passed that allows certain government organizations to examine any data within USA. + RIPA (The Regulation of Investigatory Powers Act) can be invoked by the UK government officials specified in the Act on the grounds of national security. Compliance environments that experts cite as important for cloud computing included auditing-related standard SAS 70, ۰ Payment Card Industry Data Security Standards (PCI DSS) and FISMA. © Asoke K Talukder 13" March 2010 Cloud Computing - 44/50 

صفحه 45:
09 ‏كناد صوص‎ Lows 6 )( Praise ٠ In addition to producing logs and audit trails, cloud vendors (providers) work with their customers to ensure that these logs and audit trails are properly secured, maintained for as long as the customer requires, and are accessible for the purposes of forensic investigation (e.g., eDiscovery). © Asoke K Talukder 13" March 2010 Cloud Computing - 45/50 

صفحه 46:
Okick buws Opp Another considerable issue is which laws apply? An example a client based in USA, using cloud services of a company registered in Europe and having services in Asia. These are issues that need to be clarified and understood clearly. It will be difficult for a service provider to provide conformance to all international standards and be economical at the same time. Further there might be instances when it will just not be possible to confirm to all as there may contrasting views. © Asoke K Talukder 13" March 2010 Cloud Computing - 46/50 

صفحه 47:
Lex ‏ان هون لو‎ Issues ۰ Aside from the security and compliance issues enumerated above, cloud providers and their customers will negotiate terms around liability (stipulating how incidents involving data loss or compromise will be resolved, for example), intellectual capital, and end-of-service (when data and applications are ultimately returned to the customer). © Asoke K Talukder 13" March 2010 Cloud Computing - 47/50 

صفحه 48:
Poaxativa & (Rexutatory ‏جصجو|»‎ The Cloud-vendor will be a company with Tax registration on the country of operation The Original Cloud Provider will be taxed on the country of operation - some tax benefits will be there for export of service Regulatory authorities will ensure that data privacy and data transportation related policies are enforced No matter what the customers want, Cloud Provider must conform to the law of the land © Asoke K Talukder 13" March 2010 Cloud Computing - 48/50 

صفحه 49:
‘Trestle Deke Ton Gf Orta Core 0 Cheat — cn. = ‏اس |[ | میم‎ cee Lover Coad یت | ۳ تس ی سای تساه ‎rer,‏ ۵90 |e-. ‏مایق‎ ۲ سح 2 | سم ‎Conver‏ مدنت ‎Toman RED‏ ی تج ی ‎(Rove 5‏ مس | تن رتاس اي = بصا | ممع سس || سس | شمه ‎Baforoewect‏ | مصتصدضسة | إمستصخدضسة] | ممتصحفسة)| |دمتصوقمين | ۳ ۳ = bayer 1 1 1 1 7 ‏سس ماه سسسب‎ Consors ‏سا سس سل‎ eee Laver bover © Asoke K Talukder 13% March 2010 Cloud Computing - 49/50 

صفحه 50:
Thank You @next wat asoke talukder @ saharanext.com | © Asoke K Talukder 13" March 2010 Cloud Computing - 50/50