Professional Documents
Culture Documents
(Solutions)
1. Defining attributes
2. Deployment Models
A public cloud is basically the Internet. Service providers use the internet to make resources, such as
applications (also known as Software-as-a-service) and storage, available to the general public, or on
a public cloud. Examples of public clouds include Amazon Elastic Compute Cloud (EC2), IBMs Blue
Cloud, Sun Cloud, Google AppEngine and Windows Azure Services Platform.
Private clouds are data center architectures owned by a single company that provides flexibility,
scalability, provisioning, automation and monitoring. The goal of a private cloud is not sell as-aservice offerings to external customers but instead to gain the benefits of cloud architecture
without giving up the control of maintaining your own data center.
By using a hybrid cloud, companies can maintain control of an internally managed private cloud
while relying on the public cloud as needed. For instance during peak periods individual
applications, or portions of applications can be migrated to the Public Cloud. This will also be
beneficial during predictable outages: hurricane warnings, scheduled maintenance windows, rolling
brown/blackouts.
3. Delivery Models
3.1 Software-as-a-Service (SaaS)
Applications are supplied by the service provider and the user does not manage or control the
underlying cloud infrastructure or individual application capabilities.
Enterprise services such as: workflow management, group-ware and collaborative, supply
chain, communications, digital signature, customer relationship management (CRM),
desktop software, financial management, geo-spatial, and search
Web 2.0 applications such as: metadata management, social networking, blogs, wiki
services, and portal services.
This model is not suitable for real-time applications or for those where data is not allowed to be
hosted externally. Some examples are the Google Apps (Drive, Gmail,...).
4. Cloudonomics
4.1 Classical VS Cloud Computing
5. Issues 35-40
5.1 Ethics
Control is a third party service and data is stored on multiple sites producing interoperability accros
the network
This also may include unauthorized access, data corruption, infrastructure failure, and service
unavailability
5.2 De-perimeterisation
Systems can span the boundaries of multiple organizations and cross the security border. Who is
responsible?
5.3 Privacy
Privacy is affected by cultural difference. Which policies should be applied?
5.4 Vulnerabilities
Vendor lock-in
Clouds are affected by malicious attacks and failures of the infrastructure, e.g. power failures
Such events can affect the Internet domain name servers and prevent access to a cloud or
can directly affect the clouds:
in 2009, Google was the target of a denial of service attack which took down Google
News and Gmail for several days;
In 2012 lightning caused a prolonged down time at Amazon.
Instagram reporting about the outage; several problems uncovered.
Electrical: Back up Electric generators.
Software: Switching to resources In another AWS region didnt work.
Software: Bug in Load balancing (Elastic Load Balancer)
6. Challenges
Availability of service; what happens when the service provider cannot deliver?
Diversity of services, data organization, user interfaces available at different service
providers limit user mobility; once a customer is hooked to one provider it is hard to move
to another.
Standardization efforts at NIST!
Data confidentiality and auditability, a serious problem.
Data transfer bottleneck; many applications are data-intensive.