Add to collection(s) Add to saved
  1. No category
Uploaded by Dima Taha

Cloud Computing ASSIGNMENT 2 nguyenbnmgcd17018.docx

advertisement 
ASSIGNMENT 2 FRONT SHEET
Qualification
BTEC Level 5 HND Diploma in Computing
Unit number and title
Unit 9: Cloud Computing
Submission date
7/7/2019
Date Received 1st submission
Re-submission Date
Date Received 2nd submission
Student Name
Bui Nguyen Minh Nguyen
Student ID
GCD17017
Class
GCD0819
Assessor name
Dang Quang Hien
Student declaration
I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that
making a false declaration is a form of malpractice.
Student’s signature
Grading grid
P5
P6
P7
P8
M3
M4
D2
D3
 Summative Feedback:
Grade:
 Resubmission Feedback:
Assessor Signature:
Date:
Internal Verifier’s Comments:
Signature & Date:
UNIVERSITY of GREENWICH
(VIET NAM)
Alliance with FPT Education
Faculty of Information Technology
Assignment 2
Cloud Computing
Advisers: Mr. Dang Quang Hien.
By: Bui Nguyen Minh Nguyen.
GCD17017
Content
Content..............................................................................................................................4
Introduction........................................................................................................................5
Table of Figure...................................................................................................................6
Detail of article...................................................................................................................7
Chapter 1 Develop Cloud Computing solutions using service provider’s frameworks and open source tools (LO3).
7
P5 Configure a Cloud Computing platform with a cloud service provider’s framework. 7
P6 Implement a cloud platform using open source tools........................................7
Chapter 2 Analyze the technical challenges for cloud applications and assess their risks (LO4). 19
I. Analyze the most common problems which arise in a Cloud Computing platform and discuss appropriate
solutions to these problems (P7).............................................................................19
II. Assess the most common security issues in cloud environments (P8).......23
III. Discuss how to overcome these security issues when building a secure cloud platform (M4).
Conclusion.......................................................................................................................28
Reference........................................................................................................................29
25
Introduction
Continuing with the requirement to build a cloud computing system for ATN, I will make a report so that the company
can see more about Cloud Computing if they apply to their operation in real life. sacrifice.
In this report, I will clarify the issues and have the following items:




A demo sample report can show the implementation functions.
How to configure, deploy, and test services (Web Applications, Database Servers, Source Code Management,
Server Logs) using service provider frameworks and open source tools.
Images for built functions.
Source code for the application is built.
Besides, there will be annexes to clarify the issues:




Analysis of the most common problems of cloud computing platform.
Possible solutions to these problems.
Analyze the most common security issues in the cloud environment.
Discuss how to fix these problems.
Table of Figure
Figure 1 Login Website Heroku according to the link: https://id.heroku.com/login....................................7
Figure 2 Create new App.............................................................................................................................8
Figure 3 Select database management service.............................................................................................8
Figure 4 Sign Up account Github................................................................................................................9
Figure 5 Create new Repository...................................................................................................................9
Figure 6 Connect heroku and github repository.........................................................................................10
Figure 7 Add file from desktop to github in website..................................................................................10
Figure 8 Get credentials database to link server postgresql......................................................................11
Figure 9 Create new and configuration settings for the database...............................................................11
Figure 10 server configuration...................................................................................................................12
Figure 11 Create Table...............................................................................................................................12
Figure 12 Insert Data.................................................................................................................................13
Figure 13 Create Colums...........................................................................................................................13
Figure 14 Use Sublime Text 3 to build website.........................................................................................14
Figure 15 Overview use Github desktop vs Sublime Text 3......................................................................14
Figure 16 Deploy application to Heroku....................................................................................................15
Figure 17 Upload source code of website to github...................................................................................15
Figure 18 Automatics Deploys app............................................................................................................16
Figure 19 Over view after complete upload website to heroku..................................................................16
Figure 20 Add home.php then heroku receive Page...................................................................................17
Figure 21 Heroku does not receive the file when the home page name is home.php.................................17
Figure 22 When change file page home.php to index.php then heroku auto receive.................................18
Detail of article
Chapter 1 Develop Cloud Computing solutions using service provider’s frameworks and open source tools (LO3).
P5 Configure a Cloud Computing platform with a cloud service provider’s framework.
P6 Implement a cloud platform using open source tools.
In order to be able to deploy the application to the cloud platform, we need to select a cloud service provider and
include a cloud service provider. I chose Heroku as a cloud platform to provide application drivers and github as a data
storage service provider.
Below I will show you the steps to take:
You need to create a Heroku account to be able to use this service. If you already have an account, please log in. If
you do not have one, you must register an account to use the free Heroku service.
Figure 1 Login Website Heroku according to the link: https://id.heroku.com/login.
After successfully logging into Heroku website, the next step is to create a new App.
Figure 2 Create new App.
Figure 3 Select database management service.
Figure 4 Sign Up account Github.
You need to create a Github account to use the service at the address: http://github.com/
After logging into Github, you need to create Repository to store the file.
Figure 6 Add file from desktop to github in website.
Figure 5 Create new Repository.
Figure 7 Connect heroku and github repository.
You can upload the application source file to your repository directly on the website or upload it via the github
desktop application.
Next we need to configure and link from postgresql to Heroku. We do this based on PgAdmin's support.
Figure 8 Create new and configuration settings for the database.
Figure 9 Get credentials database to link server postgresql.
Figure 10 server configuration.
maintenance
and password we will
postgresql.
Figure 11 Create Table.
Host name / Address,
database, username
get from Heroku
Figure 12 Create Colums.
Figure 13 Insert Data.
After we have configured and deployed the cloud services framework, we can start deploying the app to Heroku.
Because I chose to deploy the application as a website, I used the external editor, Sublime Text 3, to connect to
Github Desktop to edit the code. After completing the steps, I put my website on Heroku. This is the website address:
https://nguyen1minute.herokuapp.com/
16 Upload source code of website to github.
Figure 14 Overview use Github desktop vs Sublime Text Figure
3.
Figure 15 Use Sublime Text 3 to build website.
Figure 17 Deploy application to Heroku.
Figure 18 Over view after complete upload website to heroku.
Figure 19 Automatics Deploys app.
The automatic installation will help the application page automatically update whenever there is a change in information
and data in real time.
Some problems and constraints: During the process of deploying the application web to Heroku, it is necessary to have a
composer.json file, then Heroku can read the uploaded files and deploy it. Besides, the homepage must leave the name to
Figure 20 Heroku does not receive the file when the home page name is home.php.
Figure 21 Add home.php then heroku receive Page.
index. * If the name is not changed to an index when the application is deployed, it will not display the website but must
enter the site name * .php at the end of the address before accessible.
Figure 22 When change file page home.php to index.php then heroku auto receive.
Chapter 2 Analyze the technical challenges for cloud applications and assess their risks (LO4).
I. Analyze the most common problems which arise in a Cloud Computing platform and discuss appropriate
solutions to these problems (P7).
In the process of developing, Cloud Computing's platform has many problems that arise but I will summarize some
common issues and solutions as well as prevent it.
Problem
Lack of
capacity
Solution
IT  It is necessary to set up a section to investigate the necessary ITrelated factors that the company needs to supplement.
 There is a high-quality technical department at the facility to be
able to solve and assess immediate issues.
 Improve IT capability from hardware to software as well as
individual capacity of each employee in the company.
Investment
 Properly assess the needs and capabilities of the company to be
costs
are
able to select the appropriate model to start using. And after
limited
gaining profits, continue to evaluate to expand the model or apply
other models in accordance with the current model of the
company.
 Calling investors from the beginning and showing them the
potential of the project.
Technical
 It is necessary to take a team to learn the necessary experience
barriers
and technical knowledge in the company.
 There are periodic plans for employees as well as technicians to
reinforce, improve and update new skills and technologies for the
development process.
 The first step can be to use full-service packages to minimize the
technical requirements to be able to manage the service (hiring
management support or technical support packages), when it is
sufficient. New features converted through the company's selfcontrol and cloud management.
Safety
 Hire a third party to take care of security and information security.
information
 But besides, it also needs a permanent department to monitor
continuously and can control the situation arising immediately,
minimizing errors or serious errors to the system.
Capital
to  There is a clear and detailed plan of the investments.
modernize

the business
process


Flexibility and 
scalability of
resources

Policy issues

Transmission 
problems

Business
awareness

IT staff skills




The plan should have a forecast of the capital needed and should
have an excess of capital to ensure that problems arising from
budget issues can be addressed.
Divide the entire plan into a continuous year plan to minimize the
budget.
In addition, there should be a plan to carry out the upgrade,
maintenance, or replacement of damaged or obsolete parts
periodically.
A suitable deployment model is needed to support future flexibility
and scalability (recommendation: Hybrid Cloud).
The company needs to be proactive and ready to expand and
enhance its flexibility from planning to factors such as employees,
systems, hardware, ...
The policies of storage and manual data processing will have a
lot of difference compared to the application of Cloud Computing.
Therefore, it is also necessary for the company to make changes
or replace policy provisions to meet and match the requirements
and current situation of the company.
Transmission is an important issue when using Cloud Computing,
so invest heavily to use a high-quality, stable and high-speed
transmission to meet the demand. Real-time nature of aggregate
reporting tables as well as data.
And there is a need to have preventive measures because they
can always access the Internet (user).
Enterprises need to have proper awareness about Cloud
Computing to be able to get assessments and make future
implementation plans that are right and bring the highest profit for
the company.
Supplementing knowledge and assisting employees to acquire
knowledge and skills to use new technology.
Implement open IT support courses in employees.
Add the requirement of recruiting necessary IT skills when
applying to reduce retraining time from scratch.
There is a standing support department to be able to timely help
with problems that arise or cannot be processed to ensure the
current progress and carry out the following.
Depends on 
the Internet

Security




Privacy



Reliability
Legal issue





Enforcement

As for transmission issues, Cloud Computing relies heavily on the
Internet. Therefore, it is necessary to have a good internet
connection system and the devices connected to the cloud need
alternative methods to connect to the internet such as wifi, direct
cable, 3G, 4G, ...
And besides, it is necessary to pre-check the internet connection
problem first because it is not always possible to access the
internet or have phone waves to access 3G, 4G (for example, in
high mountains or in lost areas wave).
Effective measures are needed in the security of the system.
Signing cooperation with third parties to take care of security
issues.
Use services from reputable providers and high security
capabilities.
There is a team of experts to perform the management and
handling of security-related issues.
There is a need for authorization to access (private or confidential
information only accounts with access to newly established
features).
Compliance with the signed and approved privacy elements in the
required agreements and service use is required.
Comply with legal regulations on privacy and privacy protection of
companies and customers.
Use services from reputable suppliers.
Always comply with agreements and service requirements as well
as comply with legal regulations.
Build credibility in the process of operation and development.
There will be different regulations in each country, so before
applying it, you should understand the law at the place where you
intend to proceed and make reasonable changes in the
agreements and requests to use the service.
There are required agreements and use of services with partners
to protect the interests of companies and users before the law.
Need to ensure technology and applications can be appropriate
and enforceable in the environment of their business by surveying
methods and making appropriate choices.
Freedom


Long-term
viability

Suitability of 
the platform
Hacking




Lost data




Real-time
control



Cloud
management



The control of data storage infrastructure should be delegated to
ensure the integrity of the data.
Allow freedom to perform actions that each account has been
decentralized and will be responsible for each of those actions.
Need to have a long-term development plan of Cloud Computing
in the operation of the company (financial planning, construction,
consolidation, development, system updates, cloud, ...)
Consider the needs and capabilities of the company to make the
right choice on the platform to invest (public cloud, private cloud,
hybrid cloud, community cloud).
Hire DDoS protection tools.
Sign contracts with service providers that have a high level of
security and reputation in securing their security and their ability
to protect their systems.
There must always be a department capable of handling
situations involving hackers.
Need to regularly and have investors to update and enhance the
security and self-protection of the system and apply new
technologies to improve the system more.
Sign a contract with a reputable service provider.
There are back up servers to store important information.
Regularly back up information.
Regularly check the hardware system, grid, network, ... of servers
(if Private Cloud) to avoid failure or physical errors leading to data
confidentiality.
Use stable and high-speed network system.
Updating data continuously.
Use useful technologies to speed up data management and
aggregation.
Use a service with real-time support from distributors.
Using a tool that supports common and useful cloud
management, while ensuring security and security to support
cloud management (Apache CloudStack, OpenStack, Microsoft
Azure Cost Management).
Collaborate with 3rd parties to support and undertake cloud
management.
Move data

Current,
reliable
technology




Service
provider's
request




Different
customs
in 


Viewing

rights
and
confidentialit
y of data

Prepare step by step strategies (discover-design-build-testimplementation-audit)
Check modernity and functions of technology.
Testing and checking errors can appear and implement demo
with small-scale projects in a certain time.
Need to select reputable partners and long-standing traditions in
Cloud Coputing array such as AWS or Google Cloud, ... to
cooperate.
Evaluate the efficiency and relevance of the current needs and
capabilities of the stakeholders (company resources, users, ...).
Read carefully SLA (service level agreement).
Read carefully the terms of use and requirements from the
service provider.
Detailed requests should be made to and provided and a review
of their ability to respond and test of their ability to meet the
requirements of the service provider.
There is clarity about the requirements in the contract table and a
thorough check before signing.
A survey of customs at the place where it is expected to be
conducted (preferably a native speaker for reference).
Conduct field surveys before implementing.
After the survey, it is necessary to conduct an assessment and
review to change some details to suit the local customs
(sometimes climate, weather and intellectual levels can also
affect the this element).
Use an automated system to constantly review and destroy
possible viruses and have a department to handle, check and
handle situations.
Clear permissions for each type of account (regular accounts
cannot access documents with high security, only the director's
account can be viewed).
II. Assess the most common security issues in cloud environments (P8).
Here are some common security issues in Cloud field and measures to solve and prevent that I have
synthesized.
Security
issues
Shared
cloud
service
Solve the issues
 Know and control who can access documents in the cloud.
 Need for users (the company and the cloud users) know the risk
of sharing records so that they are more careful in deciding to share the
file in the cloud.
 Regularly update the operating system as well as application
software compatible with the most suitable and latest versions possible.
 Combining operational models instead of individual models
increases flexibility and alternative uses to avoid stagnation in
operation.
 Clearly assign and save important data in a private cloud or use
Private Cloud to store those important data.
Distributed
 Enhance the combination of operational model frameworks.
-Denial-of Prepare your spirit and tools (both hardware and software) to
Service
combat DDoS.
Attacks
 Purchase more data transmission.
(DDoS)
 Ensure the initial security and security of your server is the best
possible.
 There is a human resources department and is available for
DDoS retrospectives.
 Send the history as well as the methods of attack that have
occurred to the department or company that has the function and take
care of the analysis and processing, to create an effective prevention
and protection plan.
Data loss
 Information security according to circle method.
or
 Copy periodically and have a copy log. This gives us the ability
incomplete to recover information at a time.
data
 Need to constantly check the backup and have a backup plan
backup
for losing data.
 Setting out the circumstances may lead to data loss and a
preventive plan.
 There is a team that can quickly process and recover data if a
problem occurs that minimizes the loss of data and its harmful effects.
Swindle
 Using the two-factor authentication method (there are
alternatives to connecting external verification most of the contributions
support SAML-based authentication conventions).
Sifting
 There is an automatic filtering system as well as preventing
spam
spam receiving.
 Regularly filter spam of the system.
 Limit suspicious connections from strange objects or accounts.
Employee's
 Check carefully messages or attachments when there are
negligence suspicious signs such as strange characters, strange links, unusually
large data, ...
 Limit sharing personal security information through means such
as phone, email, ...
 Check the location of the sender and reply to the email to
confirm the identity and reputation of the interacting person.
 Improve the security of secret phrases with uppercase,
lowercase letters, special characters, ...
 Reinforcement of regular and regular operation models.
 Use SIEM device to distinguish and alarm when USB drives are
linked to the server.
 Use endpoint coverage to track, identify and destroy threats
from the server.
Take over
 An effective security system is needed.
control
 Need a permanent team is to constantly monitor and check the
system.
III. Discuss how to overcome these security issues when building a secure cloud platform (M4).
To build a secure cloud environment, companies need to make the right choices about security methods that suit
their requirements and capabilities. Below is a brief introduction to some of the recently published basic safety and
encryption algorithms that companies can refer to.
 Model of three layers of data protection on cloud computing[ CITATION Một \l 1033 ]:
Layer 1: The solution for users to ensure security when accessing that cloud is to use a one-time
password (One Time Password- OTP). Depending on the level and security of each system, it will determine
whether there is a one-way or two-way authentication from both users and suppliers.
Layer 2: This layer covers the following elements: Data Encryption, Data Integrity, Private User
Protection through a symmetric encryption algorithm.
Layer 3: User data is used to serve fast data recovery based on decoding speed.
 Security model based on Encryption Proxy[ CITATION Một \l 1033 ]:
User data before being uploaded to the cloud will be encrypted by a pre-set system.
In this model, Encryption Proxy is a useful tool in encrypting, decrypting and validating user data,
ensuring security and confidentiality in the two main activities between users and the cloud. : Transmission
and Storage. For this process, the user's confidential information will be stored at Secure Storage.
But besides that, an application that is being studied in this model is that there is no need to decode but
the ciphertexts are still processed and stored by two algorithms: homomorphic encryption algorithm and fully
homomorphic.
 Data protection model using VPN Cloud[ CITATION Một \l 1033 ]:
VNP cloud has a line encryption function, and for companies that require high security and use Private
cloud, VNP also ensures the safety and security in the connection between users and the cloud and the
middle. clouds together through IPSec standard. In order to fit into the cloud computing technology, there
are two techniques that are dynamic VPN and elastic VPN. Besides, there are two models that are of
interest: Hub - and - Spoke and Full - Mesh.
In addition, companies need to pay attention to the following requirements when building cloud systems as well as
cloud security:
 Appropriate Firewall configuration: helps control connection actively and conveniently in management.
 Enhance system closure: the system needs to be complete, but it should not be as much customizable as
possible for users to limit exploits of bad objects or hackers.
 Encryption and data protection: there must be a separate way of encrypting data to ensure user data
protection.
 Install virus-blocking program: should use good antivirus software but still use reasonable resources to
ensure the safety of virus attack from unintentional or intentional sources.
 Update the appropriate patch: help correct errors and improve the exploitation of hackers.
 Closed system and application development: as an effect of enhancing system closures, this requirement
will help limit the user's ability to intervene but still provide full functionality for their use.
 Limit access (according to the assigned role): Help ensure the safety and security of different types of
information of important importance.
 There are strict password policies: security and security, and even if a user loses his or her password, he or
she can still ensure time to change and protect their data.
In addition, companies and organizations need to take measures to proactively prevent and enhance the security of
their systems and clouds. Need to expand and focus on security systems must be compatible with the current platform.
It is necessary to regularly check the security principles, data center location, access rights so as to promptly detect
vulnerabilities and patch in time.
In addition, companies and organizations need quick response scenarios in unexpected cases. Need to ensure the
interaction of data with security systems and applications used. In addition, checking who is entitled to access data and
applications and checking the developer 's history and reputation is also one of the important issues in enhancing the
security of the system and the crowd. cloud of my company.
Finally, security strategies should pay attention to the following points:
 Ensure applications are built on security algorithms to avoid buffer overflow, intrusion and attack on SQL.
 Use multi-layer security measures and monitor the intrusion of security layers.
 For internal attacks, ensure employees are trained and have tools to prevent emerging threats such as
antivirus, IPS, HIPS, firewalls, etc.
 For instant or segmented attacks, there must be security solutions in place. And besides, it must also
strengthen and utilize the security technology of data centers.
 Customers and partners, users need to understand the cloud security process and vendor agreements.
Customers should have a contingency plan to prevent the interruption of any service and report to the system as soon
as possible.
Conclusion
After the report I clarified the problem:




A demo sample report can show the implementation functions.
How to configure, deploy, and test services (Web Applications, Database Servers, Source Code
Management, Server Logs) using service provider frameworks and open source tools.
Images for built functions.
Source code for the application is built.
Besides, there will be annexes to clarify the issues:



Analysis of the most common problems of cloud computing platform.
Possible solutions to these problems.
Analyze the most common security issues in the cloud environment.
Discuss how to fix these problems
Reference
[1] "Một số vấn đề an toàn cho Điện toán đám mây," antoanthogntin.vn, [Online]. Available: http://antoanthongtin.vn/Detail.aspx?
NewsID=cb3199bd-6808-4c57-8463-ec96da90b29a&CatID=e331ba31-e217-462d-8bd5-4b6d69ae5ec1&MenuID=.
Related documents
ELEMENTS OF WEATHER SUMMARY
ELEMENTS OF WEATHER SUMMARY
One of the lead activities assigned to ITU-T Study Group... presentation gives an overview on the ongoing work of Study... SG13 Activities and Achievements Related to Cloud Computing
One of the lead activities assigned to ITU-T Study Group... presentation gives an overview on the ongoing work of Study... SG13 Activities and Achievements Related to Cloud Computing
Cloud Based Business Growth Support Processes
Cloud Based Business Growth Support Processes
Security Position
Security Position
Download
advertisement