Cloud computing
Cloud computing is the
use of computing resources
(hardware and software) that are delivered as a service over a network (typically
the Internet).
The name comes from the use of a cloud-shaped symbol as an
abstraction for the complex infrastructure it contains in system diagrams.
Cloud computing entrusts remote services with a user's data, software and
computation.
End users access cloud-based applications through a web browser or a
light-weight desktop or mobile app while the
business and user's data are stored on servers at a
remote location. Proponents claim that cloud computing allows companies to
avoid upfront infrastructure costs, and focus on projects that differentiate
their businesses instead of infrastructure.[1] Proponents
also claim that cloud computing allows enterprises to get their applications up
and running faster, with improved manageability and less maintenance, and
enables IT to more rapidly adjust resources to meet fluctuating and
unpredictable business demand.[1][2][3]
In the business model using
software as a service, users are provided access to application software and
databases. Cloud providers manage the infrastructure and platforms that run the
applications. SaaS is sometimes referred to as "on-demand software" and
is usually priced on a pay-per-use basis. SaaS providers generally price
applications using a subscription fee.
Proponents claim that the SaaS
allows a business the potential to reduce IT operational costs by outsourcing
hardware and software maintenance and support to the cloud provider. This
enables the business to reallocate IT operations costs away from
hardware/software spending and personnel expenses, towards meeting other IT
goals. In addition, with applications hosted centrally, updates can be released
without the need for users to install new software. One drawback of SaaS is
that the users' data are stored on the cloud provider's server. As a result,
there could be unauthorized access to the data.
Cloud computing relies on sharing
of resources to achieve coherence and economies of scale similar
to a utility (like the
electricity) over a network.[4] At the
foundation of cloud computing is the broader concept of converged infrastructure and shared services.
History
The origin of the term cloud
computing is obscure, but it appears to
derive from the practice of using drawings of stylized clouds to denote
networks in diagrams of computing and communications systems. The word cloud is used
as a metaphor for the Internet, based on the standardized use of a cloud-like
shape to denote a network on telephony schematics and later to depict the
Internet in computer network diagrams as an
abstraction of the underlying infrastructure it represents. The cloud symbol
was used to represent the Internet as early as 1994.[5][6]
The underlying concept of cloud
computing dates back to the 1950s, when large-scale mainframe became
available in academia and corporations, accessible via thin clients / terminal computers,
often referred to as "dumb terminals", because they were used for
communications but had no internal computational capacities. To make more
efficient use of costly mainframes, a practice evolved that allowed multiple
users to share both the physical access to the computer from multiple
terminals as well as to share the CPU time.
This eliminated periods of inactivity on the mainframe and allowed for a
greater return on the investment. The practice of sharing CPU time on a
mainframe became known in the industry as time-sharing.[7]
In the 1990s,
telecommunications companies, who previously offered primarily dedicated
point-to-point data circuits, began offering virtual private network (VPN)
services with comparable quality of service, but at a lower cost. By
switching traffic as they saw fit to balance server use, they could use
overall network bandwidth more effectively. They began to use the cloud
symbol to denote the demarcation point between what the provider was
responsible for and what users were responsible for. Cloud computing extends
this boundary to cover servers as well as the network infrastructure.[8]
As computers became more
prevalent, scientists and technologists explored ways to make large-scale
computing power available to more users through time sharing, experimenting
with algorithms to provide the optimal use of the infrastructure, platform
and applications with prioritized access to the CPU and efficiency for the
end users.[9]
John McCarthy opined
in the 1960s that "computation may someday be organized as a public utility." [17] Almost
all the modern-day characteristics of cloud computing (elastic provision,
provided as a utility, online, illusion of infinite supply), the comparison
to the electricity industry and the use of public, private, government, and
community forms, were thoroughly explored inDouglas Parkhill's
1966 book, The Challenge of the Computer
Utility. Other scholars have shown that cloud computing's roots go all
the way back to the 1950s when scientist Herb Grosch (the
author of Grosch's law)
postulated that the entire world would operate on dumb terminals powered by
about 15 large data centers.[10] Due to
the expense of these powerful computers, many corporations and other entities
could avail themselves of computing capability through time sharing and
several organizations, such as GE's GEISCO, IBM subsidiary The Service Bureau Corporation (SBC,
founded in 1957), Tymshare (founded in 1966), National CSS (founded in 1967
and bought by Dun & Bradstreet in 1979), Dial Data (bought by Tymshare in
1968), and Bolt, Beranek and Newman (BBN)
marketed time sharing as a commercial venture.
The development of the Internet
from being document centric via semantic data towards more and more services
was described as "Dynamic Web".[11] This
contribution focused in particular in the need for better meta-data able to
describe not only implementation details but also conceptual details of
model-based applications.
The ubiquitous availability of
high-capacity networks, low-cost computers and storage devices as well as the
widespread adoption of hardware virtualization, architecture,
autonomic, and utility computing have led to a tremendous growth in cloud
computing.[12][13][14]
After the dot-com bubble, Amazon played
a key role in the development of cloud computing by modernizing their data centers,
which, like most computer networks, were using as little as 10% of
their capacity at any one time, just to leave room for occasional spikes.
Having found that the new cloud architecture resulted in significant internal
efficiency improvements whereby small, fast-moving "two-pizza
teams" (teams small enough to feed with two pizzas) could add new
features faster and more easily, Amazon initiated a new product development
effort to provide cloud computing to external customers, and launched Amazon Web Service (AWS) on a
utility computing basis in 2006.[15][16]
In early 2008, Eucalyptus became
the first open-source, AWS API-compatible platform for deploying private
clouds. In early 2008, OpenNebula,
enhanced in the RESERVOIR European Commission-funded project, became the
first open-source software for deploying private and hybrid clouds, and for
the federation of clouds.[17] In the
same year, efforts were focused on providing quality guarantees
(as required by real-time interactive applications) to cloud-based
infrastructures, in the framework of the IRMOS European Commission-funded
project, resulting to areal-time cloud environment.[18] By
mid-2008, Gartner saw an opportunity for cloud computing "to shape the
relationship among consumers of IT services, those who use IT services and
those who sell them"[19] and
observed that "organizations are switching from company-owned hardware
and software assets to per-use service-based models" so that the
"projected shift to computing ... will result in dramatic growth in
IT products in some areas and significant reductions in other areas."[20]
On March 1, 2011, IBM announced
the Smarter Computing framework
to support Smarter Planet.[21] Among
the various components of the Smarter Computing foundation, cloud computing
is a critical piece.
[edit]Similar systems and concepts
Cloud Computing is the result
of evolution and adoption of existing technologies and paradigms. The goal of
Cloud Computing is to allow users to take benefit from all of these
technologies, without the need for deep knowledge about or expertise with
each one of them. The Cloud aims to cut costs, and help the users focus on
their core business instead of being impeded by IT obstacles .[22]
The main enabling technologies
for Cloud Computing are virtualization and autonomic computing. Virtualization abstracts the
physical infrastructure, which is the most rigid component, and makes it
available as a soft component that is easy to use and manage. By doing so,
virtualization provides the agility required to speed up IT operations, and
reduces cost by increasing infrastructure utilization.
On the other hand, autonomic computing automates the process through which
the user can provision resources on-demand.
By minimizing user involvement, automation speeds up the process and reduces
the possibility of human errors.[22]
Users face difficult business
problems every day. Cloud Computing adopts concepts from SOA that
can help the user break these problems into services that
can be integrated to provide a solution. Cloud Computing provides all of its
resources as services, and makes use of the well-established standards and
best practices gained in the domain of SOA to allow global and easy access to
cloud services in a standardized way.
Cloud Computing also utilizes
concepts from utility computing in
order to provide metrics for the
used services, based on the benefits gained. These metrics are at the core of
the pay-per-usemodel in public Clouds. Having measured
services is also an essential part of completing the feedback loop in
autonomic computing, which is required for fully automating services so that
they can scale on-demand and automatically recover from failures.
Cloud Computing is a kind of Grid Computing;
it has evolved from Grid by addressing the QoS and reliability problems.
Cloud Computing provides the tools and technologies to build data/compute
intensive parallel applications with much affordable prices compared to
traditional parallel computing techniques.[22]
Cloud computing shares
characteristics with:
·
Client–server model — Client–server
computing refers broadly to any distributed application that
distinguishes between service providers (servers) and service requesters
(clients).[24]
·
Grid computing —
"A form of distributed and parallel computing, whereby a 'super and virtual
computer' is composed of a cluster of
networked, loosely coupled computers
acting in concert to perform very large tasks."
·
Mainframe computer —
Powerful computers used mainly by large organizations for critical
applications, typically bulk data processing such as census,
industry and consumer statistics, police and secret intelligence services, enterprise resource planning, and financial transaction processing.[25]
·
Utility computing — The
"packaging of computing resources, such as computation and
storage, as a metered service similar to a traditional public utility, such
as electricity."[26][27]
·
Peer-to-peer means
distributed architecture without the need for central coordination.
Participants are both suppliers and consumers of resources (in contrast to
the traditional client–server model).
·
Cloud gaming—also
known as on-demand gaming—is a way of delivering games to computers. Gaming
data is stored in the provider's server, so that gaming is independent of
client computers used to play the game.
[edit]Characteristics
Cloud computing exhibits the
following key characteristics:
·
Agility improves
with users' ability to re-provision technological infrastructure resources.
·
Application programming interface (API)
accessibility to software that enables machines to interact with cloud
software in the same way that a traditional user interface (e.g., a computer
desktop) facilitates interaction between humans and computers. Cloud
computing systems typically use Representational State Transfer (REST)-based APIs.
·
Cost is
claimed to be reduced, and in a public cloud delivery model capital expenditure is
converted to operational expenditure.[28] This is
purported to lower barriers to entry, as infrastructure is typically
provided by a third-party and does not need to be purchased for one-time or
infrequent intensive computing tasks. Pricing on a utility computing basis is
fine-grained with usage-based options and fewer IT skills are required for
implementation (in-house).[29] The
e-FISCAL project's state of the art repository[30] contains
several articles looking into cost aspects in more detail, most of them
concluding that costs savings depend on the type of activities supported and
the type of infrastructure available in-house.
·
Device and
location independence[31] enable
users to access systems using a web browser regardless of their location or
what device they are using (e.g., PC, mobile phone). As infrastructure is
off-site (typically provided by a third-party) and accessed via the Internet,
users can connect from anywhere.[29]
·
Virtualization technology
allows servers and storage devices to be shared and utilization be increased.
Applications can be easily migrated from one physical server to another.
·
Multitenancy enables
sharing of resources and costs across a large pool of users thus allowing
for:
·
Centralization of
infrastructure in locations with lower costs (such as real estate,
electricity, etc.)
·
Peak-load capacity increases
(users need not engineer for highest possible load-levels)
·
Reliability is
improved if multiple redundant sites are used, which makes well-designed
cloud computing suitable for business continuity and disaster recovery.[32]
·
Scalability and elasticity via
dynamic ("on-demand") provisioning of resources
on a fine-grained, self-service basis near real-time,[33] without
users having to engineer for peak loads.[34][35]
·
Performance is
monitored, and consistent and loosely coupled architectures are constructed
using web services as the
system interface.[29]
·
Security could
improve due to centralization of data, increased security-focused resources,
etc., but concerns can persist about loss of control over certain sensitive data,
and the lack of security for stored kernels.[36] Security
is often as good as or better than other traditional systems, in part because
providers are able to devote resources to solving security issues that many
customers cannot afford.[37] However,
the complexity of security is greatly increased when data is distributed over
a wider area or greater number of devices and in multi-tenant systems that
are being shared by unrelated users. In addition, user access to security audit logs may be
difficult or impossible. Private cloud installations are in part motivated by
users' desire to retain control over the infrastructure and avoid losing
control of information security.
·
Maintenance of
cloud computing applications is easier, because they do not need to be
installed on each user's computer and can be accessed from different places.
The National Institute of
Standards and Technology's definition of cloud computing identifies
"five essential characteristics":
On-demand
self-service. A
consumer can unilaterally provision computing capabilities, such as server
time and network storage, as needed automatically without requiring human
interaction with each service provider.
Broad network access. Capabilities
are available over the network and accessed through standard mechanisms that
promote use by heterogeneous thin or thick client platforms (e.g., mobile
phones, tablets, laptops, and workstations).
Resource pooling. The
provider's computing resources are pooled to serve multiple consumers using a
multi-tenant model, with different physical and virtual resources dynamically
assigned and reassigned according to consumer demand. ...
Rapid elasticity. Capabilities
can be elastically provisioned and released, in some cases automatically, to
scale rapidly outward and inward commensurate with demand. To the consumer,
the capabilities available for provisioning often appear unlimited and can be
appropriated in any quantity at any time.
Measured
service. Cloud systems automatically
control and optimize resource use by leveraging a metering capability at some
level of abstraction appropriate to the type of service (e.g., storage,
processing, bandwidth, and active user accounts). Resource usage can be
monitored, controlled, and reported, providing transparency for both the
provider and consumer of the utilized service.
—National
Institute of Standards and Technology[4]
[edit]On-demand self-service
See
also: Self-service provisioning for cloud computing services and Service catalogs for cloud computing services
On-demand self-service allows
users to obtain, configure and deploy cloud services themselves using cloud
service catalogues, without requiring the assistance of IT.[38][39] This
feature is listed by the National
Institute of Standards and Technology (NIST)
as a characteristic of cloud computing.[4]
The self-service requirement of
cloud computing prompts infrastructure vendors to create cloud computing
templates, which are obtained from cloud service catalogues. Manufacturers of
such templates or blueprints include BMC Software (BMC),
with Service Blueprints as part of their cloud management platform[40] Hewlett-Packard (HP),
which names its templates as HP Cloud Maps[41] RightScale[42] and Red Hat,
which names its templates Cloud Forms.[43]
The templates contain
predefined configurations used by consumers to set up cloud services. The
templates or blueprints provide the technical information necessary to build
ready-to-use clouds.[42] Each
template includes specific configuration details for different cloud
infrastructures, with information about servers for specific tasks such as
hosting applications, databases, websites and so on.[42] The
templates also include predefined Web service, the operating system, the
database, security configurations and load balancing.[43]
Cloud consumers use cloud
templates to move applications between clouds through a self-service portal.
The predefined blueprints define all that an application requires to run in
different environments. For example, a template could define how the same
application could be deployed in cloud platforms based on Amazon Web Service,
VMware or Red Hat.[44] The
user organization benefits from cloud templates because the technical aspects
of cloud configurations reside in the templates, letting users to deploy
cloud services with a push of a button.[45][46] Cloud
templates can also be used by developers to create a catalog of cloud
services.[47]
[edit]Service models
Cloud computing providers offer
their services according to several fundamental models:[4][48] infrastructure
as a service (IaaS), platform as a service (PaaS), and software as a service
(SaaS) where IaaS is the most basic and each higher model abstracts from the
details of the lower models. Other key components in XaaS are described in a
comprehensive taxonomy model published in 2009,[49] such as
Strategy-as-a-Service, Collaboration-as-a-Service, Business
Process-as-a-Service, Database-as-a-Service, etc. In 2012, network as a
service (NaaS) and communication as a service (CaaS) were officially included
by ITU (International Telecommunication Union) as part of the basic cloud
computing models, recognized service categories of a
telecommunication-centric cloud ecosystem.[50]
 [edit]Infrastructure as a service (IaaS)
In the most basic cloud-service
model, providers of IaaS offer computers - physical or (more often) virtual
machines - and other resources. (A hypervisor,
such as Xen or KVM, runs the virtual machines as guests. Pools of
hypervisors within the cloud operational support-system can support large numbers
of virtual machines and the ability to scale services up and down according
to customers' varying requirements.) IaaS clouds often offer additional
resources such as images in a virtual-machine image-library, raw (block) and
file-based storage, firewalls, load balancers, IP addresses, virtual local area networks (VLANs),
and software bundles.[51] IaaS-cloud
providers supply these resources on-demand from their large pools installed
in data centers.
For wide-area connectivity,
customers can use either the Internet or carrier clouds (dedicated
virtual private networks).
To deploy their applications,
cloud users install operating-system images and their application software on
the cloud infrastructure. In this model, the cloud user patches and maintains
the operating systems and the application software. Cloud providers typically
bill IaaS services on a utility computing basis[citation needed]: cost reflects the
amount of resources allocated and consumed.
Examples of IaaS providers
include: Amazon EC2, Azure Services Platform, DynDNS, Google Compute Engine, HP Cloud, iland,Joyent, LeaseWeb, Linode, NaviSite, Oracle Infrastructure as a Service, Rackspace Cloud, ReadySpace Cloud Services, ReliaCloud,SAVVIS, SingleHop,
and Terremark
[edit]Platform as a service (PaaS)
In the PaaS model, cloud
providers deliver a computing platform typically
including operating system, programming language execution environment,
database, and web server. Application developers can develop and run their
software solutions on a cloud platform without the cost and complexity of
buying and managing the underlying hardware and software layers. With some
PaaS offers, the underlying computer and storage resources scale
automatically to match application demand such that cloud user does not have
to allocate resources manually.
Examples of PaaS include: AWS Elastic Beanstalk, Cloud Foundry, Heroku, Force.com, EngineYard, Mendix, OpenShift, Google App Engine, Windows Azure Cloud Services and OrangeScape.
[edit]Software as a service (SaaS)
In the SaaS model, cloud
providers install and operate application software in the cloud and cloud
users access the software from cloud clients. Cloud users do not manage the
cloud infrastructure and platform where the application runs. This eliminates
the need to install and run the application on the cloud user's own
computers, which simplifies maintenance and support. Cloud applications are
different from other applications in their scalability—which can be achieved
by cloning tasks onto multiple virtual machines at
run-time to meet changing work demand.[52]Load balancers distribute
the work over the set of virtual machines. This process is transparent to the
cloud user, who sees only a single access point. To accommodate a large
number of cloud users, cloud applications can be multitenant, that
is, any machine serves more than one cloud user organization. It is common to
refer to special types of cloud based application software with a similar
naming convention: desktop as a service, business process as a
service, test environment as a service, communication as a
service.
The pricing model for SaaS
applications is typically a monthly or yearly flat fee per user,[53] so price
is scalable and adjustable if users are added or removed at any point.[54]
Examples of SaaS include: Google Apps, Microsoft Office 365, Onlive, GT Nexus, Marketo,
and TradeCard.
[edit]Network as a service (NaaS)
A category of cloud services
where the capability provided to the cloud service user is to use
network/transport connectivity services and/or inter-cloud network
connectivity services.[55] NaaS
involves the optimization of resource allocations by considering network and
computing resources as a unified whole.[56]
Traditional NaaS services
include flexible and extended VPN, and bandwidth on demand.[55] NaaS
concept materialization also includes the provision of a virtual network
service by the owners of the network infrastructure to a third party (VNP –
VNO).[57][58]
[edit]Cloud clients
Users access cloud computing
using networked client devices, such as desktop computers, laptops, tablets and smartphones.
Some of these devices - cloud
clients - rely on cloud computing for
all or a majority of their applications so as to be essentially useless
without it. Examples are thin clients and the
browser-based Chromebook.
Many cloud applications do not require specific software on the client and
instead use a web browser to interact with the cloud application. With Ajax and HTML5 these Web user interfaces can
achieve a similar or even better look and feel as
native applications. Some cloud applications, however, support specific
client software dedicated to these applications (e.g., virtual desktop clients
and most email clients). Some legacy applications (line of business
applications that until now have been prevalent in thin client Windows
computing) are delivered via a screen-sharing technology.
[edit]Deployment models
Cloud
computing types
[edit]Public cloud
Public cloud applications,
storage, and other resources are made available to the general public by a
service provider. These services are free or offered on a pay-per-use model.
Generally, public cloud service providers like Amazon AWS, Microsoft and
Google own and operate the infrastructure and offer access only via Internet
(direct connectivity is not offered).[29]
[edit]Community cloud
Community cloud shares
infrastructure between several organizations from a specific community with
common concerns (security, compliance, jurisdiction, etc.), whether managed
internally or by a third-party and hosted internally or externally. The costs
are spread over fewer users than a public cloud (but more than a private
cloud), so only some of the cost savings potential of cloud computing are
realized.[4]
[edit]Hybrid cloud
Hybrid cloud is a composition
of two or more clouds (private, community or public) that remain unique
entities but are bound together, offering the benefits of multiple deployment
models.[4] Such
composition expands deployment options for cloud services, allowing IT
organization to use public cloud computing resources to meet temporary needs.[59] This
capability enables hybrid clouds to employ cloud bursting for scaling across
clouds.[4]
Cloud bursting is an
application deployment model in which an application runs in a private cloud
or data center and "bursts" to a public cloud when the demand for
computing capacity increases. A primary advantage of cloud bursting and a
hybrid cloud model is that an organization only pays for extra compute
resources when they are needed.[60]
Cloud bursting enables data
centers to create an in-house IT infrastructure that supports average
workloads, and use cloud resources from public or private clouds, during
spikes in processing demands.[61]
By utilizing "hybrid
cloud" architecture, companies and individuals are able to obtain
degrees of fault tolerance combined with locally immediate usability without
dependency on internet connectivity. Hybrid cloud architecture requires both
on-premises resources and off-site (remote) server-based cloud
infrastructure.
Hybrid clouds lack the
flexibility, security and certainty of in-house applications.[62] Hybrid
cloud provides the flexibility of in house applications with the fault
tolerance and scalability of cloud based services.
[edit]Private cloud
Private cloud is cloud
infrastructure operated solely for a single organization, whether managed
internally or by a third-party and hosted internally or externally.[4] Undertaking
a private cloud project requires a significant level and degree of engagement
to virtualize the business environment, and requires the organization to
reevaluate decisions about existing resources. When done right, it can have
improve business, but every step in the project raises security issues that
must be addressed to prevent serious vulnerabilities.[63]
They have attracted criticism
because users "still have to buy, build, and manage them" and thus
do not benefit from less hands-on management,[64] essentially
"[lacking] the economic model that makes cloud computing such an
intriguing concept".[65][66]
[edit]Architecture
Cloud
computing sample architecture
Cloud architecture,[67] the systems architecture of the software systems involved
in the delivery of cloud computing, typically involves multiple cloud
components communicating
with each other over a loose coupling mechanism such as a messaging queue.
Elastic provision implies intelligence in the use of tight or loose coupling
as applied to mechanisms such as these and others.
[edit]The Intercloud
The Intercloud[68] is an
interconnected global "cloud of clouds"[69][70] and an
extension of the Internet "network of networks" on which it is
based.[71][72][73]
[edit]Cloud engineering
Cloud engineering is the
application of engineering disciplines
to cloud computing. It brings a systematic approach to the high-level
concerns of commercialisation, standardisation, and governance in conceiving,
developing, operating and maintaining cloud computing systems. It is a
multidisciplinary method encompassing contributions from diverse areas such
as systems, software, web,performance, information, security, platform, risk, and quality engineering.
[edit]Issues[edit]Threats and opportunities of the Cloud
Cloud computing offers the
enterprise enormous opportunities: 56% of European decision-makers estimate
that the Cloud is a priority between 2013 and 2014.[74] Even
better: the Cloud budget should reach 30% of the overall IT budget. But
several deterrents to the Cloud remain: reliability, availability of services
and data, security, complexity, costs, regulations and legal issues,
performance, migration, reversion, the lack of standards, limited
customization, etc. The Cloud also offers several benefits, however: infrastructure
flexibility, faster deployment of applications and data, cost control,
adaptation of Cloud resources to real needs, improved productivity, etc.
Today's Cloud market is dominated by software and services in SaaS mode and
IaaS (infrastructure), especially the private Cloud. PaaS and the public
Cloud are further back.
[edit]Privacy
Privacy advocates have
criticized the cloud model for hosting companies' greater ease can
control—and thus, can monitor at will—communication between host company and
end user, and access user data (with or without permission). Instances such
as the secret NSA
program, working with AT&T,
and Verizon,
which recorded over 10 million telephone calls between American citizens,
causes uncertainty among privacy advocates, and the greater powers it gives
to telecommunication companies to monitor user activity.[75] Using a
cloud service provider (CSP) can complicate data privacy because of the
extent of virtualization (virtual machines) and cloud storage used to
implement cloud service.[76] CSP
operations, customer or tenant data may not remain on the same system, or in
the same data center or even within the same provider's cloud; this can lead
to legal concerns over jurisdiction. While there have been efforts (such as US-EU Safe Harbor) to "harmonise" the
legal environment, providers such as Amazon still cater to major markets (typically
the United States and the European Union)
by deploying local infrastructure and allowing customers to select
"availability zones."[77] Cloud
computing poses privacy concerns because the service provider may access the
data that is on the cloud at any point in time. They could accidentally or
deliberately alter or even delete information.[78]
Postage and delivery services
company Pitney Bowes launched
Volly, a cloud-based, digital mailbox service to leverage its communication
management assets. They also faced the technical challenge of providing
strong data security and privacy. However, they were able to address the same
concern by applying customized, application-level security, including
encryption. [79]
[edit]Compliance
To comply with regulations
including FISMA, HIPAA, and SOX in the
United States, the Data Protection Directive in the
EU and the credit card industry's PCI DSS, users may have
to adoptcommunity or hybrid deployment
modes that are typically more expensive and may offer restricted benefits.
This is how Google is able
to "manage and meet additional government policy requirements beyond
FISMA"[80][81] and
Rackspace Cloud or QubeSpace are able to claim PCI compliance.[82]
Many providers also obtain a SAS 70 Type II audit,
but this has been criticised on the grounds that the hand-picked set of goals
and standards determined by the auditor and the auditee are often not
disclosed and can vary widely.[83] Providers
typically make this information available on request, under non-disclosure agreement.[84][85]
Customers in the EU contracting
with cloud providers outside the EU/EEA have to adhere to the EU regulations
on export of personal data.[86]
U.S. Federal Agencies have been
directed by the Office of Management and Budget to use a process called
FedRAMP (Federal Risk and Authorization Management Program) to assess and
authorize cloud products and services. Federal CIO Steven VanRoekel issued a
memorandum to federal agency Chief Information Officers on December 8, 2011
defining how federal agencies should use FedRAMP. FedRAMP consists of a
subset of NIST Special Publication 800-53 security controls specifically
selected to provide protection in cloud environments. A subset has been
defined for the FIPS 199 low categorization and the FIPS 199 moderate
categorization. The FedRAMP program has also established a Joint
Accreditation Board (JAB) consisting of Chief Information Officers from DoD,
DHS and GSA. The JAB is responsible for establishing accreditation standards
for 3rd party organizations who perform the assessments of cloud solutions.
The JAB also reviews authorization packages, and may grant provisional
authorization (to operate). The federal agency consuming the service still
has final responsibility for final authority to operate.[87]
[edit]Legal
As with other changes in the
landscape of computing, certain legal issues arise with cloud computing,
including trademark infringement, security concerns and sharing of
proprietary data resources.
The Electronic Frontier Foundation has
criticized the United States government for
considering during the Megaupload seizure
process that people lose property rights by
storing data on a cloud computing service.[88]
One important but not often
mentioned problem with cloud computing is the problem of who is in
"possession" of the data. If a cloud company is the possessor of the
data, the possessor has certain legal rights. If the cloud company is the
"custodian" of the data, then a different set of rights would
apply. The next problem in the legalities of cloud computing is the problem
of legal ownership of the data. Many Terms of Service agreements are silent
on the question of ownership.[89]
[edit]Vendor lock-in
Because cloud computing is
still relatively new, standards are still being developed.[90] Many
cloud platforms and services are proprietary, meaning that they are built on
the specific standards, tools and protocols developed by a particular vendor
for its particular cloud offering.[90] This
can make migrating off a proprietary cloud platform prohibitively complicated
and expensive.[90]
Three types of vendor lock-in
can occur with cloud computing:[91]
·
Platform lock-in: cloud services tend to be
built on one of several possible virtualization platforms, for example VMWare
or Xen. Migrating from a cloud provider using one platform to a cloud provider
using a different platform could be very complicated.
·
Data lock-in: since the cloud is still new,
standards of ownership, i.e. who actually owns the data once it lives on a
cloud platform, are not yet developed, which could make it complicated if
cloud computing users ever decide to move data off of a cloud vendor's
platform.
·
Tools lock-in: if tools built to manage a
cloud environment are not compatible with different kinds of both virtual and
physical infrastructure, those tools will only be able to manage data or apps
that live in the vendor's particular cloud environment.
Heterogeneous cloud computing
is described as a type of cloud environment that prevents vendor lock-in, and
aligns with enterprise data centers that are operating hybrid cloud models.[92] The
absence of vendor lock-in lets cloud administrators select his or her choice
of hypervisors for specific tasks, or to deploy virtualized infrastructures
to other enterprises without the need to consider the flavor of hypervisor in
the other enterprise.[93]
A heterogeneous cloud is
considered one that includes on-premise private clouds, public clouds and
software-as-a-service clouds. Heterogeneous clouds can work with environments
that are not virtualized, such as traditional data centers.[94] Heterogeneous
clouds also allow for the use of piece parts, such as hypervisors, servers,
and storage, from multiple vendors.[95]
Cloud piece parts, such as
cloud storage systems, offer APIs but they are often incompatible with each
other.[96] The
result is complicated migration between backends, and makes it difficult to
integrate data spread across various locations.[96] This
has been described as a problem of vendor lock-in.[96] The
solution to this is for clouds to adopt common standards.[96]
Heterogeneous cloud computing
differs from homogeneous clouds, which have been described as those using
consistent building blocks supplied by a single vendor.[97] Intel
General Manager of high-density computing, Jason Waxman, is quoted as saying
that a homogenous system of 15,000 servers would cost $6 million more in
capital expenditure and use 1 megawatt of power.[97]
[edit]Open source
Open-source software has
provided the foundation for many cloud computing implementations, prominent
examples being the Hadoop framework[98] and VMware's Cloud Foundry.[99] In
November 2007, the Free Software Foundation released
the Affero General Public License, a version of GPLv3 intended
to close a perceived legal loophole associated
with free software designed
to run over a network.[100]
[edit]Open standards
Most cloud providers expose
APIs that are typically well-documented (often under a Creative Commons license[101])
but also unique to their implementation and thus not interoperable. Some
vendors have adopted others' APIs and there are a number of open standards
under development, with a view to delivering interoperability and
portability.[102] As of
November 2012, the Open Standard with broadest industry support is probably OpenStack,
founded in 2010 by NASA and Rackspace,
and now governed by the OpenStack Foundation.[103] OpenStack supporters
includeAMD, Intel, Canonical, SUSE Linux, Red Hat, Cisco, Dell, HP, IBM, Yahoo and now VMware.[104]
[edit]Security
As cloud computing is achieving
increased popularity, concerns are being voiced about the security issues
introduced through adoption of this new model. The effectiveness and
efficiency of traditional protection mechanisms are being reconsidered as the
characteristics of this innovative deployment model can differ widely from
those of traditional architectures.[105] An
alternative perspective on the topic of cloud security is that this is but
another, although quite broad, case of "applied security" and that
similar security principles that apply in shared multi-user mainframe
security models apply with cloud security.[106]
The relative security of cloud
computing services is a contentious issue that may be delaying its adoption.[107] Physical
control of the Private Cloud equipment is more secure than having the
equipment off site and under someone else's control. Physical control and the
ability to visually inspect data links and access ports is required in order
to ensure data links are not compromised. Issues barring the adoption of
cloud computing are due in large part to the private and public sectors'
unease surrounding the external management of security-based services. It is
the very nature of cloud computing-based services, private or public, that
promote external management of provided services. This delivers great incentive
to cloud computing service providers to prioritize building and maintaining
strong management of secure services.[108] Security
issues have been categorised into sensitive data access, data segregation,
privacy, bug exploitation, recovery, accountability, malicious insiders,
management console security, account control, and multi-tenancy issues.
Solutions to various cloud security issues vary, from cryptography, particularly
public key infrastructure (PKI), to use of multiple cloud providers,
standardisation of APIs, and improving virtual machine support and legal
support.[105][109][110]
Cloud computing offers many
benefits, but is vulnerable to threats. As cloud computing uses increase, it
is likely that more criminals find new ways to exploit system
vulnerabilities. Many underlying challenges and risks in cloud computing
increase the threat of data compromise. To mitigate the threat, cloud
computing stakeholders should invest heavily in risk assessment to ensure
that the system encrypts to protect data, establishes trusted foundation to
secure the platform and infrastructure, and builds higher assurance into
auditing to strengthen compliance. Security concerns must be addressed to
maintain trust in cloud computing technology.[citation needed]
[edit]Sustainability
Although cloud computing is
often assumed to be a form of green computing, no
published study substantiates this assumption.[111] Citing
the servers' effects on the environmental effects of cloud computing, in
areas where climate favors natural cooling and renewable electricity is readily
available, the environmental effects will be more moderate. (The same holds
true for "traditional" data centers.) Thus countries with favorable
conditions, such as Finland,[112] Sweden and Switzerland,[113] are
trying to attract cloud computing data centers. Energy efficiency in cloud
computing can result from energy-aware scheduling and
server consolidation.[114] However,
in the case of distributed clouds over data centers with different source of
energies including renewable source of energies, a small compromise on energy
consumption reduction could result in high carbon footprint reduction.[115]
[edit]Abuse
As with privately purchased
hardware, customers can purchase the services of cloud computing for
nefarious purposes. This includes password cracking and launching attacks
using the purchased services.[116] In
2009, a banking trojan illegally
used the popular Amazon service as a command and control channel that issued
software updates and malicious instructions to PCs that were infected by the
malware.[117]
[edit]IT governance
The introduction of cloud
computing requires an appropriate IT governance model to ensure a secured
computing environment and to comply with all relevant organizational
information technology policies.[118][119] As
such, organizations need a set of capabilities that are essential when
effectively implementing and managing cloud services, including demand
management, relationship management, data security management, application
lifecycle management, risk and compliance management.[120] A
danger lies with the explosion of companies joining the growth in cloud
computing by becoming providers. However, many of the infrastructural and
logistical concerns regarding the operation of cloud computing businesses are
still unknown. This over-saturation may have ramifications for the industry
as whole.[121]
[edit]Consumer end storage
The increased use of cloud
computing could lead to a reduction in demand for high storage capacity consumer
end devices, due to cheaper low storage devices that stream all content via
the cloud becoming more popular.[citation needed] In a
Wired article, Jake Gardner explains that while unregulated usage is
beneficial for IT and tech moguls like Amazon, the anonymous nature of the
cost of consumption of cloud usage makes it difficult for business to
evaluate and incorporate it into their business plans.[121]
[edit]Ambiguity of terminology
Outside of the information
technology and software industry, the term "cloud" can be found to
reference a wide range of services, some of which fall under the category of
cloud computing, while others do not. The cloud is often used to refer to a
product or service that is discovered, accessed and paid for over the
Internet, but is not necessarily a computing resource. Examples of service
that are sometimes referred to as "the cloud" include, but are not
limited to, crowd sourcing, cloud printing, crowd funding, cloud manufacturing.[122][123]
[edit]Research
Many universities, vendors and
government organizations are investing in research around the topic of cloud
computing:[124][125]
·
In October 2007, the Academic Cloud
Computing Initiative (ACCI) was announced as a multi-university project
designed to enhance students' technical knowledge to address the challenges
of cloud computing.[126]
·
In April 2009, UC Santa Barbara released
the first open source platform-as-a-service, AppScale,
which is capable of running Google App Engine applications at scale on a
multitude of infrastructures.
·
In April 2009, the St Andrews Cloud
Computing Co-laboratory was launched, focusing on research in the important
new area of cloud computing. Unique in the UK, StACC aims to become an
international centre of excellence for research and teaching in cloud
computing and provides advice and information to businesses interested in
cloud-based services.[127]
·
In October 2010, the TClouds (Trustworthy
Clouds) project was started, funded by the European Commission's 7th
Framework Programme. The project's goal is to research and inspect the legal
foundation and architectural design to build a resilient and trustworthy
cloud-of-cloud infrastructure on top of that. The project also develops a
prototype to demonstrate its results.[128]
·
In December 2010, the TrustCloud research
project [129][130] was
started by HP Labs Singapore to address transparency and accountability of
cloud computing via detective, data-centric approaches[131] encapsulated
in a five-layer TrustCloud Framework. The team identified the need for
monitoring data life cycles and transfers in the cloud,[129] leading
to the tackling of key cloud computing security issues such as cloud data
leakages, cloud accountability and cross-national data transfers in
transnational clouds.
·
In July 2011, the High Performance
Computing Cloud (HPCCLoud) project was kicked-off aiming at finding out the
possibilities of enhancing performance on cloud environments while running
the scientific applications - development of HPCCLoud Performance Analysis
Toolkit which was funded by CIM-Returning Experts Programme - under the coordination
of Prof. Dr. Shajulin Benedict.
·
In June 2011, the Telecommunications Industry
Association developed
a Cloud Computing White Paper, to analyze the integration challenges and
opportunities between cloud services and traditional U.S.
telecommunications standards.[132]
[edit]See also
·
|
||||||||||||||||||||||||||||
No comments:
Post a Comment