CLOUD SECURITY (UNIT-1)

Definition: Cloud computing is a virtualization-based technology that allows us to create,

configure, and customize applications via an internet connection. The cloud technology includes
a development platform, hard disk, software application, and database.
What is Cloud Computing
The term cloud refers to a network or the internet. It is a technology that uses remote servers on
the internet to store, manage, and access data online rather than local drives. The data can be
anything such as files, images, documents, audio, video, and more.
There are the following operations that we can do using cloud computing:
o Developing new applications and services

o Storage, back up, and recovery of data

o Hosting blogs and websites

o Delivery of software on demand

o Analysis of data

o Streaming videos and audios

Why Cloud Computing?

Small as well as large IT companies, follow the traditional methods to provide the IT
infrastructure. That means for any IT company, we need a Server Room that is the basic need
of IT companies.
In that server room, there should be a database server, mail server, networking, firewalls, routers,
modem, switches, QPS (Query Per Second means how much queries or load will be handled by
the server), configurable system, high net speed, and the maintenance engineers.
To establish such IT infrastructure, we need to spend lots of money. To overcome all these
problems and to reduce the IT infrastructure cost, Cloud Computing comes into existence.

1
CLOUD SECURITY (UNIT-1)

Evolution of Cloud Computing

The phrase “Cloud Computing” was first introduced in the 1950s to describe internet-related
services, and it evolved from distributed computing to the modern technology known as cloud
computing. Cloud services include those provided by Amazon, Google, and Microsoft. Cloud
computing allows users to access a wide range of services stored in the cloud or on the Internet.
Cloud computing services include computer resources, data storage, apps, servers, development
tools, and networking protocols.

Distributed Systems
Distributed System is a composition of multiple independent systems but all of them are depicted
as a single entity to the users. The purpose of distributed systems is to share resources and also

2
CLOUD SECURITY (UNIT-1)

use them effectively and efficiently. Distributed systems possess characteristics such as
scalability, concurrency, continuous availability, heterogeneity, and independence in failures. But
the main problem with this system was that all the systems were required to be present at the
same geographical location. Thus to solve this problem, distributed computing led to three more
types of computing and they were-Mainframe computing, cluster computing, and grid
computing.
Mainframe Computing
Mainframes which first came into existence in 1951 are highly powerful and reliable computing
machines. These are responsible for handling large data such as massive input-output operations.
Even today these are used for bulk processing tasks such as online transactions etc. These
systems have almost no downtime with high fault tolerance. After distributed computing, these
increased the processing capabilities of the system. But these were very expensive. To reduce
this cost, cluster computing came as an alternative to mainframe technology.
Cluster Computing
In 1980s, cluster computing came as an alternative to mainframe computing. Each machine in
the cluster was connected to each other by a network with high bandwidth. These were way
cheaper than those mainframe systems. These were equally capable of high computations. Also,
new nodes could easily be added to the cluster if it was required. Thus, the problem of the cost
was solved to some extent but the problem related to geographical restrictions still pertained. To
solve this, the concept of grid computing was introduced.
Grid Computing
In 1990s, the concept of grid computing was introduced. It means that different systems were
placed at entirely different geographical locations and these all were connected via the internet.
These systems belonged to different organizations and thus the grid consisted of heterogeneous
nodes. Although it solved some problems but new problems emerged as the distance between the
nodes increased. The main problem which was encountered was the low availability of high
bandwidth connectivity and with it other network associated issues. Thus. cloud computing is
often referred to as “Successor of grid computing”.
Virtualization
Virtualization was introduced nearly 40 years back. It refers to the process of creating a virtual
layer over the hardware which allows the user to run multiple instances simultaneously on the
hardware. It is a key technology used in cloud computing. It is the base on which major cloud
computing services such as Amazon EC2, VMware vCloud, etc work on. Hardware virtualization
is still one of the most common types of virtualization.
Web 2.0

3
CLOUD SECURITY (UNIT-1)

Web 2.0 is the interface through which the cloud computing services interact with the clients. It
is because of Web 2.0 that we have interactive and dynamic web pages. It also increases
flexibility among web pages. Popular examples of web 2.0 include Google Maps, Facebook,
Twitter, etc. Needless to say, social media is possible because of this technology only. It gained
major popularity in 2004.
Service Orientation
A service orientation acts as a reference model for cloud computing. It supports low-cost,
flexible, and evolvable applications. Two important concepts were introduced in this computing
model. These were Quality of Service (QoS) which also includes the SLA (Service Level
Agreement) and Software as a Service (SaaS).

Utility Computing
Utility Computing is a computing model that defines service provisioning techniques for services
such as compute services along with other major services such as storage, infrastructure, etc
which are provisioned on a pay-per-use basis.

Characteristics of Cloud Computing

There are many characteristics of Cloud Computing here are few of them :
1. On-demand self-services: The Cloud computing services does not require any human
administrators, user themselves are able to provision, monitor and manage computing
resources as needed.
2. Broad network access: The Computing services are generally provided over standard
networks and heterogeneous devices.
3. Rapid elasticity: The Computing services should have IT resources that are able to scale
out and in quickly and on a need basis. Whenever the user require services it is provided
to him and it is scale out as soon as its requirement gets over.
4. Resource pooling: The IT resource (e.g., networks, servers, storage, applications, and
services) present are shared across multiple applications and occupant in an uncommitted
manner. Multiple clients are provided service from a same physical resource.
5. Measured service: The resource utilization is tracked for each application and occupant,
it will provide both the user and the resource provider with an account of what has been

4
CLOUD SECURITY (UNIT-1)

used. This is done for various reasons like monitoring billing and effective use of
resource.
6. Multi-tenancy: Cloud computing providers can support multiple tenants (users or
organizations) on a single set of shared resources.
7. Virtualization: Cloud computing providers use virtualization technology to abstract
underlying hardware resources and present them as logical resources to users.
8. Resilient computing: Cloud computing services are typically designed with redundancy
and fault tolerance in mind, which ensures high availability and reliability.
9. Flexible pricing models: Cloud providers offer a variety of pricing models, including
pay-per-use, subscription-based, and spot pricing, allowing users to choose the option
that best suits their needs.
10. Security: Cloud providers invest heavily in security measures to protect their users’ data
and ensure the privacy of sensitive information.
11. Automation: Cloud computing services are often highly automated, allowing users to
deploy and manage resources with minimal manual intervention.
12. Sustainability: Cloud providers are increasingly focused on sustainable practices, such
as energy-efficient data centers and the use of renewable energy sources, to reduce their
environmental impact.

Fig – characteristics of cloud computing

What is a Cloud Deployment Model?

5
CLOUD SECURITY (UNIT-1)

Cloud Deployment Model functions as a virtual computing environment with a deployment

architecture that varies depending on the amount of data you want to store and who has access to
the infrastructure.
Types of Cloud Computing Deployment Models
The cloud deployment model identifies the specific type of cloud environment based on
ownership, scale, and access, as well as the cloud’s nature and purpose. The location of the
servers you’re utilizing and who controls them are defined by a cloud deployment model. It
specifies how your cloud infrastructure will look, what you can change, and whether you will be
given services or will have to create everything yourself. Relationships between the
infrastructure and your users are also defined by cloud deployment types. Different types of
cloud computing deployment models are described below.
 Public Cloud
 Private Cloud
 Hybrid Cloud
 Community Cloud
 Multi-Cloud
Public Cloud
The public cloud makes it possible for anybody to access systems and services. The public cloud
may be less secure as it is open to everyone. The public cloud is one in which cloud
infrastructure services are provided over the internet to the general people or major industry
groups. The infrastructure in this cloud model is owned by the entity that delivers the cloud
services, not by the consumer. It is a type of cloud hosting that allows customers and users to
easily access systems and services. This form of cloud computing is an excellent example of
cloud hosting, in which service providers supply services to a variety of customers. In this
arrangement, storage backup and retrieval services are given for free, as a subscription, or on a
per-user basis. For example, Google App Engine etc.

6
CLOUD SECURITY (UNIT-1)

Public Cloud
Advantages of the Public Cloud Model
 Minimal Investment: Because it is a pay-per-use service, there is no substantial upfront
fee, making it excellent for enterprises that require immediate access to resources.
 No setup cost: The entire infrastructure is fully subsidized by the cloud service
providers, thus there is no need to set up any hardware.
 Infrastructure Management is not required: Using the public cloud does not
necessitate infrastructure management.
 No maintenance: The maintenance work is done by the service provider (not users).
 Dynamic Scalability: To fulfill your company’s needs, on-demand resources are
accessible.
Disadvantages of the Public Cloud Model
 Less secure: Public cloud is less secure as resources are public so there is no guarantee
of high-level security.
 Low customization: It is accessed by many public so it can’t be customized according to
personal requirements.
Private Cloud
The private cloud deployment model is the exact opposite of the public cloud deployment model.
It’s a one-on-one environment for a single user (customer). There is no need to share your
hardware with anyone else. The distinction between private and public clouds is in how you
handle all of the hardware. It is also called the “internal cloud” & it refers to the ability to access
systems and services within a given border or organization. The cloud platform is implemented
in a cloud-based secure environment that is protected by powerful firewalls and under the

7
CLOUD SECURITY (UNIT-1)

supervision of an organization’s IT department. The private cloud gives greater flexibility of

control over cloud resources.

Private Cloud
Advantages of the Private Cloud Model
 Better Control: You are the sole owner of the property. You gain complete command
over service integration, IT operations, policies, and user behavior.
 Data Security and Privacy: It’s suitable for storing corporate information to which only
authorized staff have access. By segmenting resources within the same infrastructure,
improved access and security can be achieved.
 Supports Legacy Systems: This approach is designed to work with legacy systems that
are unable to access the public cloud.
 Customization: Unlike a public cloud deployment, a private cloud allows a company to
tailor its solution to meet its specific needs.
Disadvantages of the Private Cloud Model
 Less scalable: Private clouds are scaled within a certain range as there is less number of
clients.
 Costly: Private clouds are more costly as they provide personalized facilities.

8
CLOUD SECURITY (UNIT-1)

Hybrid Cloud
By bridging the public and private worlds with a layer of proprietary software, hybrid cloud
computing gives the best of both worlds. With a hybrid solution, you may host the app in a safe
environment while taking advantage of the public cloud’s cost savings. Organizations can move
data and applications between different clouds using a combination of two or more cloud
deployment methods, depending on their needs.

Hybrid Cloud
Advantages of the Hybrid Cloud Model
 Flexibility and control: Businesses with more flexibility can design personalized
solutions that meet their particular needs.
 Cost: Because public clouds provide scalability, you’ll only be responsible for paying for
the extra capacity if you require it.
 Security: Because data is properly separated, the chances of data theft by attackers are
considerably reduced.
Disadvantages of the Hybrid Cloud Model
 Difficult to manage: Hybrid clouds are difficult to manage as it is a combination of both
public and private cloud. So, it is complex.
 Slow data transmission: Data transmission in the hybrid cloud takes place through the
public cloud so latency occurs.

9
CLOUD SECURITY (UNIT-1)

Community Cloud
It allows systems and services to be accessible by a group of organizations. It is a distributed
system that is created by integrating the services of different clouds to address the specific needs
of a community, industry, or business. The infrastructure of the community could be shared
between the organization which has shared concerns or tasks. It is generally managed by a third
party or by the combination of one or more organizations in the community.

Community Cloud
Advantages of the Community Cloud Model
 Cost Effective: It is cost-effective because the cloud is shared by multiple organizations
or communities.
 Security: Community cloud provides better security.
 Shared resources: It allows you to share resources, infrastructure, etc. with multiple
organizations.
 Collaboration and data sharing: It is suitable for both collaboration and data sharing.
Disadvantages of the Community Cloud Model
 Limited Scalability: Community cloud is relatively less scalable as many organizations
share the same resources according to their collaborative interests.
 Rigid in customization: As the data and resources are shared among different
organizations according to their mutual interests if an organization wants some changes
according to their needs they cannot do so because it will have an impact on other
organizations.

10
CLOUD SECURITY (UNIT-1)

Multi-Cloud
We’re talking about employing multiple cloud providers at the same time under this paradigm, as
the name implies. It’s similar to the hybrid cloud deployment approach, which combines public
and private cloud resources. Instead of merging private and public clouds, multi-cloud uses many
public clouds. Although public cloud providers provide numerous tools to improve the reliability
of their services, mishaps still occur. It’s quite rare that two distinct clouds would have an
incident at the same moment. As a result, multi-cloud deployment improves the high availability
of your services even more.

Advantages of the Multi-Cloud Model

 You can mix and match the best features of each cloud provider’s services to suit the
demands of your apps, workloads, and business by choosing different cloud providers.
 Reduced Latency: To reduce latency and improve user experience, you can choose cloud
regions and zones that are close to your clients.
 High availability of service: It’s quite rare that two distinct clouds would have an
incident at the same moment. So, the multi-cloud deployment improves the high
availability of your services.
Disadvantages of the Multi-Cloud Model
 Complex: The combination of many clouds makes the system complex and bottlenecks
may occur.
 Security issue: Due to the complex structure, there may be loopholes to which a hacker
can take advantage hence, makes the data insecure.
What is the Right Choice for Cloud Deployment Model?
As of now, no such approach fits picking a cloud deployment model. We will always consider the
best cloud deployment model as per our requirements. Here are some factors which should be
considered before choosing the best deployment model.
 Cost: Cost is an important factor for the cloud deployment model as it tells how much
amount you want to pay for these things.
 Scalability: Scalability tells about the current activity status and how much we can scale
it.
 Easy to use: It tells how much your resources are trained and how easily can you manage
these models.

11
CLOUD SECURITY (UNIT-1)

 Compliance: Compliance tells about the laws and regulations which impact the
implementation of the model.
 Privacy: Privacy tells about what data you gather for the model.
Each model has some advantages and some disadvantages, and the selection of the best is only
done on the basis of your requirement. If your requirement changes, you can switch to any other
model.
Overall Analysis of Cloud Deployment Models
The overall Analysis of these models with respect to different factors is described below.

Community
Factors Public Cloud Private Cloud Cloud Hybrid Cloud

Complex, Complex, Complex,

requires a requires a requires a
Initial Setup Easy
professional professional professional
team to setup team to setup team to setup

Scalability
and High High Fixed High
Flexibility

Between public
Cost- Distributed cost
Cost-Effective Costly and private
Comparison among members
cloud

Reliability Low Low High High

Data Security Low High High High

Data Privacy Low High High High

Cloud Based Services

12
CLOUD SECURITY (UNIT-1)

Cloud Computing can be defined as the practice of using a network of remote servers hosted on
the Internet to store, manage, and process data, rather than a local server or a personal computer.
Companies offering such kinds of cloud computing services are called cloud providers and
typically charge for cloud computing services based on usage. Grids and clusters are the
foundations for cloud computing.

Types of Cloud Computing

Most cloud computing services fall into five broad categories:
1. Software as a service (SaaS)
2. Platform as a service (PaaS)
3. Infrastructure as a service (IaaS)
4. Anything/Everything as a service (XaaS)
5. Function as a Service (FaaS)
These are sometimes called the cloud computing stack because they are built on top of one
another. Knowing what they are and how they are different, makes it easier to accomplish your
goals. These abstraction layers can also be viewed as a layered architecture where services of a
higher layer can be composed of services of the underlying layer i.e, SaaS can provide
Infrastructure.

Software as a Service(SaaS)
Software-as-a-Service (SaaS) is a way of delivering services and applications over the Internet.
Instead of installing and maintaining software, we simply access it via the Internet, freeing
ourselves from the complex software and hardware management. It removes the need to install
and run applications on our own computers or in the data centers eliminating the expenses of
hardware as well as software maintenance.
SaaS provides a complete software solution that you purchase on a pay-as-you-go basis from a
cloud service provider. Most SaaS applications can be run directly from a web browser without
any downloads or installations required. The SaaS applications are sometimes called Web-based
software, on-demand software, or hosted software.

Advantages of SaaS
1. Cost-Effective: Pay only for what you use.
2. Reduced time: Users can run most SaaS apps directly from their web browser without
needing to download and install any software. This reduces the time spent in installation
and configuration and can reduce the issues that can get in the way of the software
deployment.

13
CLOUD SECURITY (UNIT-1)

3. Accessibility: We can Access app data from anywhere.

4. Automatic updates: Rather than purchasing new software, customers rely on a SaaS
provider to automatically perform the updates.
5. Scalability: It allows the users to access the services and features on-demand.
The various companies providing Software as a service are Cloud9 Analytics, Salesforce.com,
Cloud Switch, Microsoft Office 365, Big Commerce, Eloqua, dropBox, and Cloud Tran.

Disadvantages of Saas :
1. Limited customization: SaaS solutions are typically not as customizable as on-premises
software, meaning that users may have to work within the constraints of the SaaS
provider’s platform and may not be able to tailor the software to their specific needs.
2. Dependence on internet connectivity: SaaS solutions are typically cloud-based, which
means that they require a stable internet connection to function properly. This can be
problematic for users in areas with poor connectivity or for those who need to access the
software in offline environments.
3. Security concerns: SaaS providers are responsible for maintaining the security of the
data stored on their servers, but there is still a risk of data breaches or other security
incidents.
4. Limited control over data: SaaS providers may have access to a user’s data, which can
be a concern for organizations that need to maintain strict control over their data for
regulatory or other reasons.

Platform as a Service
PaaS is a category of cloud computing that provides a platform and environment to allow
developers to build applications and services over the internet. PaaS services are hosted in the
cloud and accessed by users simply via their web browser.
A PaaS provider hosts the hardware and software on its own infrastructure. As a result, PaaS
frees users from having to install in-house hardware and software to develop or run a new
application. Thus, the development and deployment of the application take place independent of
the hardware.
The consumer does not manage or control the underlying cloud infrastructure including network,
servers, operating systems, or storage, but has control over the deployed applications and
possibly configuration settings for the application-hosting environment. To make it simple, take
the example of an annual day function, you will have two options either to create a venue or to
rent a venue but the function is the same.

Advantages of PaaS:

14
CLOUD SECURITY (UNIT-1)

1. Simple and convenient for users: It provides much of the infrastructure and other IT
services, which users can access anywhere via a web browser.
2. Cost-Effective: It charges for the services provided on a per-use basis thus eliminating
the expenses one may have for on-premises hardware and software.
3. Efficiently managing the lifecycle: It is designed to support the complete web
application lifecycle: building, testing, deploying, managing, and updating.
4. Efficiency: It allows for higher-level programming with reduced complexity thus, the
overall development of the application can be more effective.
The various companies providing Platform as a service are Amazon Web services Elastic
Beanstalk, Salesforce, Windows Azure, Google App Engine, cloud Bees and IBM smart cloud.

Disadvantages of Paas:
1. Limited control over infrastructure: PaaS providers typically manage the underlying
infrastructure and take care of maintenance and updates, but this can also mean that users
have less control over the environment and may not be able to make certain
customizations.
2. Dependence on the provider: Users are dependent on the PaaS provider for the
availability, scalability, and reliability of the platform, which can be a risk if the provider
experiences outages or other issues.
3. Limited flexibility: PaaS solutions may not be able to accommodate certain types of
workloads or applications, which can limit the value of the solution for certain
organizations.

Infrastructure as a Service
Infrastructure as a service (IaaS) is a service model that delivers computer infrastructure on an
outsourced basis to support various operations. Typically IaaS is a service where infrastructure is
provided as outsourcing to enterprises such as networking equipment, devices, database, and web
servers.
It is also known as Hardware as a Service (HaaS). IaaS customers pay on a per-user basis,
typically by the hour, week, or month. Some providers also charge customers based on the
amount of virtual machine space they use.
It simply provides the underlying operating systems, security, networking, and servers for
developing such applications, and services, and deploying development tools, databases, etc.

15
CLOUD SECURITY (UNIT-1)

Advantages of IaaS:
1. Cost-Effective: Eliminates capital expense and reduces ongoing cost and IaaS customers
pay on a per-user basis, typically by the hour, week, or month.
2. Website hosting: Running websites using IaaS can be less expensive than traditional web
hosting.
3. Security: The IaaS Cloud Provider may provide better security than your existing
software.
4. Maintenance: There is no need to manage the underlying data center or the introduction
of new releases of the development or underlying software. This is all handled by the
IaaS Cloud Provider.
The various companies providing Infrastructure as a service are Amazon web services,
Bluestack, IBM, Openstack, Rackspace, and Vmware.

Disadvantages of laaS :
1. Limited control over infrastructure: IaaS providers typically manage the underlying
infrastructure and take care of maintenance and updates, but this can also mean that users
have less control over the environment and may not be able to make certain
customizations.
2. Security concerns: Users are responsible for securing their own data and applications,
which can be a significant undertaking.
3. Limited access: Cloud computing may not be accessible in certain regions and countries
due to legal policies.

Anything as a Service
It is also known as Everything as a Service. Most of the cloud service providers nowadays offer
anything as a service that is a compilation of all of the above services including some additional
services.
Advantages of XaaS:
1. Scalability: XaaS solutions can be easily scaled up or down to meet the changing needs
of an organization.
2. Flexibility: XaaS solutions can be used to provide a wide range of services, such as
storage, databases, networking, and software, which can be customized to meet the
specific needs of an organization.

16
CLOUD SECURITY (UNIT-1)

3. Cost-effectiveness: XaaS solutions can be more cost-effective than traditional on-

premises solutions, as organizations only pay for the services.
Disadvantages of XaaS:
1. Dependence on the provider: Users are dependent on the XaaS provider for the
availability, scalability, and reliability of the service, which can be a risk if the provider
experiences outages or other issues.
2. Limited flexibility: XaaS solutions may not be able to accommodate certain types of
workloads or applications, which can limit the value of the solution for certain
organizations.
3. Limited integration: XaaS solutions may not be able to integrate with existing systems
and data sources, which can limit the value of the solution for certain organizations.

Function as a Service
FaaS is a type of cloud computing service. It provides a platform for its users or customers to
develop, compute, run and deploy the code or entire application as functions. It allows the user to
entirely develop the code and update it at any time without worrying about the maintenance of
the underlying infrastructure. The developed code can be executed with response to the specific
event. It is also as same as PaaS.
FaaS is an event-driven execution model. It is implemented in the serverless container. When the
application is developed completely, the user will now trigger the event to execute the code.
Now, the triggered event makes response and activates the servers to execute it. The servers are
nothing but the Linux servers or any other servers which is managed by the vendor completely.
Customer does not have clue about any servers which is why they do not need to maintain the
server hence it is serverless architecture.
Both PaaS and FaaS are providing the same functionality but there is still some differentiation in
terms of Scalability and Cost.
FaaS, provides auto-scaling up and scaling down depending upon the demand. PaaS also
provides scalability but here users have to configure the scaling parameter depending upon the
demand.
In FaaS, users only have to pay for the number of execution time happened. In PaaS, users have
to pay for the amount based on pay-as-you-go price regardless of how much or less they use.

Advantages of FaaS
Highly Scalable: Auto scaling is done by the provider depending upon the demand.
 Cost-Effective: Pay only for the number of events executed.

17
CLOUD SECURITY (UNIT-1)

 Code Simplification: FaaS allows the users to upload the entire application all at once. It
allows you to write code for independent functions or similar to those functions.
 Maintenance of code is enough and no need to worry about the servers.
 Functions can be written in any programming language.
 Less control over the system.
The various companies providing Function as a Service are Amazon Web Services – Firecracker,
Google – Kubernetes, Oracle – Fn, Apache OpenWhisk – IBM, OpenFaaS,

Disadvantages of FaaS
1. Cold start latency: Since FaaS functions are event-triggered, the first request to a new
function may experience increased latency as the function container is created and
initialized.
2. Limited control over infrastructure: FaaS providers typically manage the underlying
infrastructure and take care of maintenance and updates, but this can also mean that users
have less control over the environment and may not be able to make certain
customizations.
3. Security concerns: Users are responsible for securing their own data and applications,
which can be a significant undertaking.
4. Limited scalability: FaaS functions may not be able to handle high traffic or large
number of requests.

Advantages and Disadvantages of Cloud Computing

Here, we are going to discuss some important advantages of Cloud Computing-
Advantages:
Business operations are being transformed by the transformational technology known as cloud
computing. With its extensive advantages and possibilities, cloud computing has emerged as a
crucial strategic tool for businesses in a range of sectors. Businesses can take advantage of
various benefits that promote development, innovation, and operational effectiveness by
leveraging the power of the cloud.

18
CLOUD SECURITY (UNIT-1)

Let's explore the advantages that cloud computing has to offer:

Data Backup and Restoration:
Cloud computing offers a quick and easy method for data backup and restoration. Businesses
may simply access and restore their data in the event of any data loss or system failure by
keeping it in the cloud.
Improved Collaboration:
Collaboration is improved because cloud technologies make it possible for teams to share
information easily. Multiple users may work together on documents, projects, and data thanks to
shared storage in the cloud, enhancing productivity and teamwork.
Excellent Accessibility:
Access to information stored in the cloud is made possible. Users can access their data from
anywhere in the world with an internet connection, making remote work, flexibility, and
effective operations possible.

Cost-effective Maintenance:
Organizations using cloud computing can save money on both hardware and software upkeep.
Because cloud service providers manage the maintenance and updates, businesses no longer need
to make costly infrastructure investments or set aside resources for continuous maintenance.
Upkeep and Updates:

19
CLOUD SECURITY (UNIT-1)

Cloud service providers take care of infrastructure upkeep, security patches, and updates, freeing
organizations from having to handle these duties themselves.
This frees up IT teams' time and resources to work on higher-value projects like application
development, data analysis, or strategic initiatives rather than wasting them on rote upkeep and
updates.
Mobility:
Cloud computing makes it simple for mobile devices to access data. Utilizing smartphones and
tablets, users can easily access and control their cloud-based applications and data, increasing
their mobility and productivity.
Pay-per-use Model:
Cloud computing uses a pay-per-use business model that enables companies to only pay for the
services they really utilize. This method is affordable, eliminates the need for up-front
investments, and offers budget management flexibility for IT.
Scalable Storage Capacity:
Businesses can virtually store and manage a limitless amount of data in the cloud. The cloud
offers a scalable and centralized storage option for all types of data, including documents,
photos, audio, video, and other kinds of files.
Enhanced Data Security:
Cloud computing places a high focus on data security. To guarantee that data is handled and
stored safely, cloud service providers offer cutting-edge security features like encryption, access
limits, and regular security audits. Businesses can rest easy knowing that their important data is
secure.
Disaster Recovery and Business Continuity:
Cloud computing provides reliable options for these two issues. Businesses can quickly bounce
back from any unforeseen disasters or disruptions thanks to data redundancy, backup systems,
and geographically dispersed data centers.
Agility and Innovation:
Businesses can continue to be innovative and nimble thanks to cloud computing. Organizations
may quickly embrace new solutions, test out emerging trends, and promote corporate growth
with access to a variety of cloud-based tools, services, and technology.
Green Computing:
By maximizing the use of computer resources, lowering energy use, and minimizing e-waste,
cloud computing may support environmental sustainability.

20
CLOUD SECURITY (UNIT-1)

By utilizing technologies like virtualization and load balancing to maximize the use of computer
resources, cloud providers can operate large-scale data centers built for energy efficiency,
resulting in lower energy usage and a smaller carbon footprint.
These benefits of cloud computing give companies the ability to use cutting-edge technology
offered by cloud service providers while maximizing productivity, cost savings, scalability, and
data security. They also enable them to concentrate on their core capabilities.
Disadvantages of Cloud Computing
When we talk about the "disadvantages of cloud computing," we're talking about any potential
drawbacks or difficulties that businesses might have when utilizing cloud computing services.
These drawbacks draw attention to some restrictions or risks related to cloud computing that
businesses should take into account before making a choice.
Some of the Disadvantages of Cloud Computing are as follows:
o Vendor Reliability and Downtime:

Because of technological difficulties, maintenance needs, or even cyberattacks, cloud service

providers can face outages or downtime. Users may not be able to access their data or
applications during these times, which can interfere with business operations and productivity.
o Internet Dependency:

A dependable and fast internet connection is essential for cloud computing. Business operations
may be delayed or interrupted if there are connectivity problems or interruptions in the internet
service that affect access to cloud services and data.
o Limited Control and Customization:

Using standardized services and platforms offered by the cloud service provider is a common
part of cloud computing. As a result, organizations may have less ability to customize and control
their infrastructure, applications, and security measures. It may be difficult for some
organizations to modify cloud services to precisely match their needs if they have special
requirements or compliance requirements.
o Data Security and Concerns about Privacy:

Concerns about data security and privacy arise when sensitive data is stored on the cloud.
Businesses must have faith in the cloud service provider's security procedures, data encryption,
access controls, and regulatory compliance. Unauthorized access to data or data breaches can
have serious repercussions, including financial loss, reputational harm, and legal obligations.

21
CLOUD SECURITY (UNIT-1)

o Hidden Costs and Pricing Models:

Although pay-as-you-go models and lower upfront costs make cloud computing more affordable,
businesses should be wary of hidden charges. Data transfer fees, additional storage costs, fees for
specialized support or technical assistance, and expenses related to regulatory compliance are a
few examples.
o Dependency on Service Provider:

When an organization depends on a cloud service provider, it is dependent on that provider's

dependability, financial security, and longevity. Users may have disruptions and difficulties
switching to alternate options if the provider runs into financial difficulties, changes their pricing
policy, or even closes down their services.
o Data Location and Compliance:

When data is stored in the cloud, it frequently sits in numerous data centers around the globe that
may be governed by multiple legal systems and data protection laws. This may pose compliance
issues, especially if some sectors of the economy or nations have stringent data sovereignty laws.
Organizations should carry out a comprehensive risk assessment, thoroughly examine the
dependability and security procedures of possible cloud service providers, and build backup and
disaster recovery strategies to counteract these drawbacks.

Cloud Computing Architecture

Architecture of cloud computing is the combination of both SOA (Service Oriented
Architecture) and EDA (Event Driven Architecture). Client infrastructure, application, service,
runtime cloud, storage, infrastructure, management and security all these are the components of
cloud computing architecture.
The cloud architecture is divided into 2 parts, i.e.
1. Frontend
2. Backend
The below figure represents an internal architectural view of cloud computing.

22
CLOUD SECURITY (UNIT-1)

Architecture of Cloud Computing

1. Frontend
Frontend of the cloud architecture refers to the client side of cloud computing system. Means it
contains all the user interfaces and applications which are used by the client to access the cloud
computing services/resources. For example, use of a web browser to access the cloud platform.
2. Backend
Backend refers to the cloud itself which is used by the service provider. It contains the resources
as well as manages the resources and provides security mechanisms. Along with this, it includes
huge storage, virtual applications, virtual machines, traffic control mechanisms, deployment
models, etc.

Components of Cloud Computing Architecture

Following are the components of Cloud Computing Architecture
1. Client Infrastructure – Client Infrastructure is a part of the frontend component. It
contains the applications and user interfaces which are required to access the cloud
platform. In other words, it provides a GUI( Graphical User Interface ) to interact with
the cloud.
2. Application : Application is a part of backend component that refers to a software or
platform to which client accesses. Means it provides the service in backend as per the
client requirement.

23
CLOUD SECURITY (UNIT-1)

3. Service: Service in backend refers to the major three types of cloud based services
like SaaS, PaaS and IaaS. Also manages which type of service the user accesses.
4. Runtime Cloud: Runtime cloud in backend provides the execution and Runtime
platform/environment to the Virtual machine.
5. Storage: Storage in backend provides flexible and scalable storage service and
management of stored data.
6. Infrastructure: Cloud Infrastructure in backend refers to the hardware and software
components of cloud like it includes servers, storage, network devices, virtualization
software etc.
7. Management: Management in backend refers to management of backend components
like application, service, runtime cloud, storage, infrastructure, and other security
mechanisms etc.
8. Security: Security in backend refers to implementation of different security mechanisms
in the backend for secure cloud resources, systems, files, and infrastructure to end-users.
9. Internet: Internet connection acts as the medium or a bridge between frontend and
backend and establishes the interaction and communication between frontend and
backend.
10. Database: Database in backend refers to provide database for storing structured data,
such as SQL and NOSQL databases. Example of Databases services include Amazon
RDS, Microsoft Azure SQL database and Google CLoud SQL.
11. Networking: Networking in backend services that provide networking infrastructure for
application in the cloud, such as load balancing, DNS and virtual private networks.
12. Analytics: Analytics in backend service that provides analytics capabilities for data in the
cloud, such as warehousing, business intelligence and machine learning.

Benefits of Cloud Computing Architecture

 Makes overall cloud computing system simpler.
 Improves data processing requirements.
 Helps in providing high security.
 Makes it more modularized.
 Results in better disaster recovery.
 Gives good user accessibility.

24
CLOUD SECURITY (UNIT-1)

 Reduces IT operating costs.

 Provides high level reliability.
 Scalability.

Virtualization in Cloud Computing and Types

Virtualization is used to create a virtual version of an underlying service With the help of
Virtualization, multiple operating systems and applications can run on the same machine and its
same hardware at the same time, increasing the utilization and flexibility of hardware. It was
initially developed during the mainframe era.
It is one of the main cost-effective, hardware-reducing, and energy-saving techniques used by
cloud providers. Virtualization allows sharing of a single physical instance of a resource or an
application among multiple customers and organizations at one time. It does this by assigning a
logical name to physical storage and providing a pointer to that physical resource on demand.
The term virtualization is often synonymous with hardware virtualization, which plays a
fundamental role in efficiently delivering Infrastructure-as-a-Service (IaaS) solutions for cloud
computing. Moreover, virtualization technologies provide a virtual environment for not only
executing applications but also for storage, memory, and networking.

Virtualization
 Host Machine: The machine on which the virtual machine is going to be built is known as
Host Machine.
 Guest Machine: The virtual machine is referred to as a Guest Machine.

25
CLOUD SECURITY (UNIT-1)

Work of Virtualization in Cloud Computing

Virtualization has a prominent impact on Cloud Computing. In the case of cloud computing,
users store data in the cloud, but with the help of Virtualization, users have the extra benefit of
sharing the infrastructure. Cloud Vendors take care of the required physical resources, but these
cloud providers charge a huge amount for these services which impacts every user or
organization. Virtualization helps Users or Organisations in maintaining those services which are
required by a company through external (third-party) people, which helps in reducing costs to the
company. This is the way through which Virtualization works in Cloud Computing.
Benefits of Virtualization
 More flexible and efficient allocation of resources.
 Enhance development productivity.
 It lowers the cost of IT infrastructure.
 Remote access and rapid scalability.
 High availability and disaster recovery.
 Pay peruse of the IT infrastructure on demand.
 Enables running multiple operating systems.
Drawback of Virtualization
 High Initial Investment: Clouds have a very high initial investment, but it is also true
that it will help in reducing the cost of companies.
 Learning New Infrastructure: As the companies shifted from Servers to Cloud, it
requires highly skilled staff who have skills to work with the cloud easily, and for this,
you have to hire new staff or provide training to current staff.
 Risk of Data: Hosting data on third-party resources can lead to putting the data at risk, it
has the chance of getting attacked by any hacker or cracker very easily.
For more benefits and drawbacks, you can refer to the Pros and Cons of Virtualization.
Characteristics of Virtualization
 Increased Security: The ability to control the execution of a guest program in a
completely transparent manner opens new possibilities for delivering a secure, controlled
execution environment. All the operations of the guest programs are generally performed
against the virtual machine, which then translates and applies them to the host programs.
 Managed Execution: In particular, sharing, aggregation, emulation, and isolation are the
most relevant features.

26
CLOUD SECURITY (UNIT-1)

 Sharing: Virtualization allows the creation of a separate computing environment within

the same host.
 Aggregation: It is possible to share physical resources among several guests, but
virtualization also allows aggregation, which is the opposite process.
For more characteristics, you can refer to Characteristics of Virtualization.
Types of Virtualization
1. Application Virtualization
2. Network Virtualization
3. Desktop Virtualization
4. Storage Virtualization
5. Server Virtualization
6. Data virtualization

Types of Virtualization
1. Application Virtualization: Application virtualization helps a user to have remote access to
an application from a server. The server stores all personal information and other characteristics
of the application but can still run on a local workstation through the internet. An example of this
would be a user who needs to run two different versions of the same software. Technologies that
use application virtualization are hosted applications and packaged applications.
2. Network Virtualization: The ability to run multiple virtual networks with each having a
separate control and data plan. It co-exists together on top of one physical network. It can be
managed by individual parties that are potentially confidential to each other. Network
virtualization provides a facility to create and provision virtual networks, logical switches,
routers, firewalls, load balancers, Virtual Private Networks (VPN), and workload security within
days or even weeks.

27
CLOUD SECURITY (UNIT-1)

Network Virtualization
3. Desktop Virtualization: Desktop virtualization allows the users’ OS to be remotely stored on
a server in the data center. It allows the user to access their desktop virtually, from any location
by a different machine. Users who want specific operating systems other than Windows Server
will need to have a virtual desktop. The main benefits of desktop virtualization are user mobility,
portability, and easy management of software installation, updates, and patches.
4. Storage Virtualization: Storage virtualization is an array of servers that are managed by a
virtual storage system. The servers aren’t aware of exactly where their data is stored and instead
function more like worker bees in a hive. It makes managing storage from multiple sources be
managed and utilized as a single repository. storage virtualization software maintains smooth
operations, consistent performance, and a continuous suite of advanced functions despite
changes, breaks down, and differences in the underlying equipment.
5. Server Virtualization: This is a kind of virtualization in which the masking of server
resources takes place. Here, the central server (physical server) is divided into multiple different
virtual servers by changing the identity number, and processors. So, each system can operate its
operating systems in an isolated manner. Where each sub-server knows the identity of the central
server. It causes an increase in performance and reduces the operating cost by the deployment of
main server resources into a sub-server resource. It’s beneficial in virtual migration, reducing
energy consumption, reducing infrastructural costs, etc.

28
CLOUD SECURITY (UNIT-1)

Server Virtualization
6. Data Virtualization: This is the kind of virtualization in which the data is collected from
various sources and managed at a single place without knowing more about the technical
information like how data is collected, stored & formatted then arranged that data logically so
that its virtual view can be accessed by its interested people and stakeholders, and users through
the various cloud services remotely. Many big giant companies are providing their services like
Oracle, IBM, At scale, Cdata, etc.
Uses of Virtualization
 Data-integration
 Business-integration
 Service-oriented architecture data-services
 Searching organizational data

Service level agreements in Cloud computing

A Service Level Agreement (SLA) is the bond for performance negotiated between the cloud
services provider and the client. Earlier, in cloud computing all Service Level Agreements were
negotiated between a client and the service consumer. Nowadays, with the initiation of large
utility-like cloud computing providers, most Service Level Agreements are standardized until a
client becomes a large consumer of cloud services. Service level agreements are also defined
at different levels which are mentioned below:
 Customer-based SLA

29
CLOUD SECURITY (UNIT-1)

 Service-based SLA
 Multilevel SLA
Few Service Level Agreements are enforceable as contracts, but mostly are agreements or
contracts which are more along the lines of an Operating Level Agreement (OLA) and may not
have the restriction of law. It is fine to have an attorney review the documents before making a
major agreement to the cloud service provider. Service Level Agreements usually specify some
parameters which are mentioned below:
1. Availability of the Service (uptime)
2. Latency or the response time
3. Service components reliability
4. Each party accountability
5. Warranties
In any case, if a cloud service provider fails to meet the stated targets of minimums then the
provider has to pay the penalty to the cloud service consumer as per the agreement. So, Service
Level Agreements are like insurance policies in which the corporation has to pay as per the
agreements if any casualty occurs. Microsoft publishes the Service Level Agreements linked
with the Windows Azure Platform components, which is demonstrative of industry practice for
cloud service vendors. Each individual component has its own Service Level Agreements. Below
are two major Service Level Agreements (SLA) described:
1. Windows Azure SLA – Window Azure has different SLA’s for compute and storage. For
compute, there is a guarantee that when a client deploys two or more role instances in
separate fault and upgrade domains, client’s internet facing roles will have external
connectivity minimum 99.95% of the time. Moreover, all of the role instances of the
client are monitored and there is guarantee of detection 99.9% of the time when a role
instance’s process is not runs and initiates properly.
2. SQL Azure SLA – SQL Azure clients will have connectivity between the database and
internet gateway of SQL Azure. SQL Azure will handle a “Monthly Availability” of
99.9% within a month. Monthly Availability Proportion for a particular tenant database is
the ratio of the time the database was available to customers to the total time in a month.
Time is measured in some intervals of minutes in a 30-day monthly cycle. Availability is
always remunerated for a complete month. A portion of time is marked as unavailable if
the customer’s attempts to connect to a database are denied by the SQL Azure gateway.
Service Level Agreements are based on the usage model. Frequently, cloud providers charge
their pay-as-per-use resources at a premium and deploy standards Service Level Agreements
only for that purpose. Clients can also subscribe at different levels that guarantees access to a

30
CLOUD SECURITY (UNIT-1)

particular amount of purchased resources. The Service Level Agreements (SLAs) attached to a
subscription many times offer various terms and conditions. If client requires access to a
particular level of resources, then the client need to subscribe to a service. A usage model may
not deliver that level of access under peak load condition.
SLA Lifecycle

Steps in SLA Lifecycle

1. Discover service provider: This step involves identifying a service provider that can
meet the needs of the organization and has the capability to provide the required service.
This can be done through research, requesting proposals, or reaching out to vendors.
2. Define SLA: In this step, the service level requirements are defined and agreed upon
between the service provider and the organization. This includes defining the service
level objectives, metrics, and targets that will be used to measure the performance of the
service provider.
3. Establish Agreement: After the service level requirements have been defined, an
agreement is established between the organization and the service provider outlining the
terms and conditions of the service. This agreement should include the SLA, any
penalties for non-compliance, and the process for monitoring and reporting on the service
level objectives.
4. Monitor SLA violation: This step involves regularly monitoring the service level
objectives to ensure that the service provider is meeting their commitments. If any
violations are identified, they should be reported and addressed in a timely manner.
5. Terminate SLA: If the service provider is unable to meet the service level objectives, or
if the organization is not satisfied with the service provided, the SLA can be terminated.

31
CLOUD SECURITY (UNIT-1)

This can be done through mutual agreement or through the enforcement of penalties for
non-compliance.
6. Enforce penalties for SLA Violation: If the service provider is found to be in violation
of the SLA, penalties can be imposed as outlined in the agreement. These penalties can
include financial penalties, reduced service level objectives, or termination of the
agreement.
Advantages of SLA
1. Improved communication: A better framework for communication between the service
provider and the client is established through SLAs, which explicitly outline the degree of
service that a customer may anticipate. This can make sure that everyone is talking about
the same things when it comes to service expectations.
2. Increased accountability: SLAs give customers a way to hold service providers
accountable if their services fall short of the agreed-upon standard. They also hold service
providers responsible for delivering a specific level of service.
3. Better alignment with business goals: SLAs make sure that the service being given is in
line with the goals of the client by laying down the performance goals and service level
requirements that the service provider must satisfy.
4. Reduced downtime: SLAs can help to limit the effects of service disruptions by creating
explicit protocols for issue management and resolution.
5. Better cost management: By specifying the level of service that the customer can
anticipate and providing a way to track and evaluate performance, SLAs can help to limit
costs. Making sure the consumer is getting the best value for their money can be made
easier by doing this.
Disadvantages of SLA
1. Complexity: SLAs can be complex to create and maintain, and may require significant
resources to implement and enforce.
2. Rigidity: SLAs can be rigid and may not be flexible enough to accommodate changing
business needs or service requirements.
3. Limited service options: SLAs can limit the service options available to the customer, as
the service provider may only be able to offer the specific services outlined in the
agreement.
4. Misaligned incentives: SLAs may misalign incentives between the service provider and
the customer, as the provider may focus on meeting the agreed-upon service levels rather
than on providing the best service possible.

32
CLOUD SECURITY (UNIT-1)

5. Limited liability: SLAs are not legal binding contracts and often limited the liability of
the service provider in case of service failure.

Real World Applications of Cloud Computing

In simple Cloud Computing refers to the on-demand availability of IT resources over internet. It
delivers different types of services to the customer over the internet. There are three basic types
of services models are available in cloud computing i.e., Infrastructure As A Service (IAAS),
Platform As A Service (PAAS), Software As A Service (SAAS). On the basis of accessing and
availing cloud computing services, they are divided mainly into four types of cloud i.e Public
cloud, Private Cloud, Hybrid Cloud, and Community cloud which is called Cloud deployment
model. The demand for cloud services is increasing so fast and the global cloud computing
market is growing at that rate. A large number of organizations and different business sectors are
preferring cloud services nowadays as they are getting a list of benefits from cloud computing.
Different organizations using cloud computing for different purposes and with respect to that
Cloud Service Providers are providing various applications in different fields. Applications of
Cloud Computing in real-world : Cloud Service Providers (CSP) are providing many types of
cloud services and now if we will cloud computing has touched every sector by providing
various cloud applications. Sharing and managing resources is easy in cloud computing that’s
why it is one of the dominant fields of computing. These properties have made it an active
component in many fields. Now let’s know some of the real-world applications of cloud
computing.
1. Online Data Storage : Cloud computing allows storing data like files, images, audios,
and videos, etc on the cloud storage. The organization need not set physical storage
systems to store a huge volume of business data which costs so high nowadays. As they
are growing technologically, data generation is also growing with respect to time, and
storing that becoming problem. In that situation, Cloud storage is providing this service
to store and access data any time as per requirement.
2. Backup and Recovery : Cloud vendors provide security from their side by storing safe
to the data as well as providing a backup facility to the data. They offer various recovery
application for retrieving the lost data. In the traditional way backup of data is a very
complex problem and also it is very difficult sometimes impossible to recover the lost
data. But cloud computing has made backup and recovery applications very easy where
there is no fear of running out of backup media or loss of data.
3. Bigdata Analysis : We know the volume of big data is so high where storing that in
traditional data management system for an organization is impossible. But cloud
computing has resolved that problem by allowing the organizations to store their large
volume of data in cloud storage without worrying about physical storage. Next comes
analyzing the raw data and finding out insights or useful information from it is a big

33
CLOUD SECURITY (UNIT-1)

challenge as it requires high-quality tools for data analytics. Cloud computing provides
the biggest facility to organizations in terms of storing and analyzing big data.
4. Testing and development : Setting up the platform for development and finally
performing different types of testing to check the readiness of the product before delivery
requires different types of IT resources and infrastructure. But Cloud computing provides
the easiest approach for development as well as testing even if deployment by using their
IT resources with minimal expenses. Organizations find it more helpful as they got
scalable and flexible cloud services for product development, testing, and deployment.
5. Anti-Virus Applications : Previously, organizations were installing antivirus software
within their system even if we will see we personally also keep antivirus software in our
system for safety from outside cyber threats. But nowadays cloud computing provides
cloud antivirus software which means the software is stored in the cloud and monitors
your system/organization’s system remotely. This antivirus software identifies the
security risks and fixes them. Sometimes also they give a feature to download the
software.
6. E-commerce Application : Cloud-based e-commerce allows responding quickly to the
opportunities which are emerging. Users respond quickly to the market opportunities as
well as the traditional e-commerce responds to the challenges quickly. Cloud-based e-
commerce gives a new approach to doing business with the minimum amount as well as
minimum time possible. Customer data, product data, and other operational systems are
managed in cloud environments.
7. Cloud computing in education : Cloud computing in the education sector brings an
unbelievable change in learning by providing e-learning, online distance learning
platforms, and student information portals to the students. It is a new trend in education
that provides an attractive environment for learning, teaching, experimenting, etc to
students, faculty members, and researchers. Everyone associated with the field can
connect to the cloud of their organization and access data and information from there.
8. E-Governance Application : Cloud computing can provide its services to multiple
activities conducted by the government. It can support the government to move from the
traditional ways of management and service providers to an advanced way of everything
by expanding the availability of the environment, making the environment more scalable
and customized. It can help the government to reduce the unnecessary cost in managing,
installing, and upgrading applications and doing all these with help of could computing
and utilizing that money public service.
1. Cloud Computing in Medical Fields : In the medical field also nowadays cloud
computing is used for storing and accessing the data as it allows to store data and access
it through the internet without worrying about any physical setup. It facilitates easier

34
CLOUD SECURITY (UNIT-1)

access and distribution of information among the various medical professional and the
individual patients. Similarly, with help of cloud computing offsite buildings and
treatment facilities like labs, doctors making emergency house calls and ambulances
information, etc can be easily accessed and updated remotely instead of having to wait
until they can access a hospital computer.
2. Entertainment Applications : Many people get entertainment from the internet, in that
case, cloud computing is the perfect place for reaching to a varied consumer base.
Therefore different types of entertainment industries reach near the target audience by
adopting a multi-cloud strategy. Cloud-based entertainment provides various
entertainment applications such as online music/video, online games and video
conferencing, streaming services, etc and it can reach any device be it TV, mobile, set-top
box, or any other form. It is a new form of entertainment called On-Demand
Entertainment (ODE). With respect to this as a cloud, the market is growing rapidly and it
is providing various services day by day. So other application of cloud computing
includes social applications, management application, business applications, art
application, and many more. So in the future cloud computing is going to touch many
more sectors by providing more applications and services.

35