Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

Cloud Computing For Masses Lucknow

advertisement 
The Cloud –
Computing for the Masses
Software as a Service (SaaS) and Cloud Computing
Association of Knowledge Workers, Lucknow; Indian Industries Association
Lucknow, 13 March 2010
Asoke K. Talukder, Ph.D
Corporate Advisor, Sahara Next, Lucknow
Director, Geschickten Solutions, Bangalore
Adjunct Professor, National Institute of Technology, Warangal
Adjunct Professor, Indian Institute of information Technology & Management, Gwalior
Adjunct Faculty,
National Institute of Technology Cloud
Karnataka,
Surathkal
© Asoke K Talukder
13th March 2010
Computing - 1/50
Picture of the Cloud: Wikipedia
The Cloud
© Asoke K Talukder
13th March 2010
Cloud Computing
- 2/50
Source:
Wikipedia
About the Speaker
•
© Asoke K Talukder
Dr. Asoke K. Talukder worked for companies like Fujitsu-ICIM,
Microsoft, Oracle, Informix, Digital, Hewlett Packard, ICL,
Sequoia, Northern Telecom, NEC, KredietBank, iGate, Cellnext,
etc. Dr. Asoke authored two textbooks and edited two books; he
also published many peer-reviewed research papers. He is
recipient of many international awards including All India
Radio/Doordarshan award, ICIM Professional Excellence Award,
ICL Excellence Award, IBM Solutions Excellence Award,
Simagine GSMWorld Award etc. Dr. Asoke has been listed in
“Who’s Who in the World”, “Who’s Who in Science and
Engineering”, and “Outstanding Scientists of 21st Century”. He
did M.Sc (Physics) and Ph.D in Engineering. He was the
DaimlerChrysler Chair Professor at IIIT, Bangalore; currently an
Adjunct Professor, Department of Computer Science &
Engineering, NIT Warangal, Adjunct Professor, ABV Indian
Institute of Information Technology & Management, Gwalior, and
Adjunct Faculty Department of Computer Engineering, NITK,
Surathkal. He is Corporate Advisor to SaharaNext and Chief
Scientific Officer, Geschickten Solutions, Bangalore.
13th March 2010
Cloud Computing - 3/50
Cloud Computing in India
Economic Times,
11th February 2010
© Asoke K Talukder
13th March 2010
Cloud Computing - 4/50
What is Cloud Computing?
© Asoke K Talukder
13th March 2010
Cloud Computing - 5/50
Computing in the Cloud
Source: http://www.free-pictures-photos.com/
© Asoke K Talukder
13th March 2010
Cloud Computing - 6/50
Cloud Computing Defined
•
Cloud computing is an emerging
computing paradigm where data and
applications reside in the cyberspace, it
allows users to access their data and
information through any web-connected
device be it fixed or mobile.
•
Source: John B. Horrigan, Use of Cloud Computing
Applications & Services, Data memo, PEW Internet &
American Life project, September 2008
© Asoke K Talukder
13th March 2010
Cloud Computing - 7/50
We all (?) use The Cloud
© Asoke K Talukder
13th March 2010
Cloud Computing - 8/50
Characteristics of Cloud
Computing
• Virtual – Physical location and underlying infrastructure
details are transparent to users
• Scalable – Able to break complex workloads into pieces
to be served across an incrementally expandable
infrastructure
• Efficient – Services Oriented Architecture for dynamic
provisioning of shared compute resources
• Flexible – Can serve a variety of workload types – both
consumer and commercial
© Asoke K Talukder
13th March 2010
Cloud Computing - 9/50
Types of the Cloud
• Private Cloud
– Cloud Computing private to an enterprise
• Public Cloud
– Cloud Computing where the cloud services are
offered by Cloud Vendors and anybody can use
& deploy their services in this cloud
• Hybrid Cloud
– Combination of Private & Public Cloud
© Asoke K Talukder
13th March 2010
Cloud Computing - 10/50
Private Cloud
• Private cloud will be implemented by enterprises
for their own private use. This will mainly be
available to enterprise’s customers, employees,
partners, and suppliers. This will mainly be to
reduce the cost and have a centralized
management of the data. Private cloud will be a
extension of the data centre within the control of
the enterprise; in private cloud an enterprise can
implement a security policy and control people
and hardware resource with respect to privacy and
access. Amazon book store is an example of
private cloud.
© Asoke K Talukder
13th March 2010
Cloud Computing - 11/50
Public Cloud
• The public cloud can be defined as the
outsourcing model for computing,
hardware, and storage functions to a third
party service provider, which hosts
applications on cyberspace through linked
services.
• Source: Cristos Velasco San Martin, Jurisdictional Aspects
of Cloud Computing, February 28, 2009
© Asoke K Talukder
13th March 2010
Cloud Computing - 12/50
Hybrid Cloud
Source: Wikipedia
© Asoke K Talukder
13th March 2010
Cloud Computing - 13/50
Commercial Clouds
© Asoke K Talukder
13th March 2010
Cloud Computing - 14/50
Cloud Computing User – I (Amir)
© Asoke K Talukder
13th March 2010
Cloud Computing - 15/50
Cloud Computing User – II (Fakir)
© Asoke K Talukder
13th March 2010
Cloud Computing - 16/50
Next Generation Internet
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Multi-user-agent
Multi-service
Multi-access
Multi-provider
Multi-protocol networks
Web 2.0 and Web 3.0
Innovation moving from Technology Companies to the Consumer space
IPv6 with IPsec
Universal seamless roaming
Support mobility at vehicular state
Intelligent and programmable networks
Definable service quality
Definable security level
On demand scalability
API in the network to obtain context information (spatial, environmental, and temporal
attributes)
API in the network to enforce QoS and security
© Asoke K Talukder
13th March 2010
Cloud Computing - 17/50
Intel's New SCC (Single Chip Cloud
Computer) – a 48-core Processor
•
Intel debuted and demonstrated its
Single-chip Cloud Computer (SCC)
processor on 2nd December 2009. The
processor has 48 cores – 24 dual-core
"tiles"--connected with a high-speed
mesh network. Intel wants the
experimental chip, at least 100 of
which it will distribute to researchers
in 2010, to lead to new attempts to
tackle multicore system and software
design. Ultimately, Intel believes its
aggressive multicore approach will be
the way computers get enough power
for tasks such as vision and speech
comparable to what humans have.
© Asoke K Talukder
13th March 2010
Cloud Computing - 18/50
Benefits of the Cloud
• Helping Green computing by lending out idle
resources through Cycle Scavenging
• Unlimited Resource
– Unlimited Computing power
– Unlimited storage (Filestore & online memory)
– Scale UP or Scale Down On-demand
• Users can use resources without owning anything
– converting Capex to Opex
• Enterprises can use Supercomputers/HPC without
owning them
• Pay as you go
© Asoke K Talukder
13th March 2010
Cloud Computing - 19/50
Virtual Infrastructure
© Asoke K Talukder
13th March 2010
Cloud Computing - 20/50
Key Technology: Virtualization
App
App
App
App
App
App
OS
OS
OS
Operating System
Hypervisor
Hardware
Hardware
Traditional Stack
Virtualized Stack
© Asoke K Talukder
13th March 2010
Cloud Computing - 21/50
Virtualization
• Virtualization is a framework or methodology of dividing the
resources of a computer into multiple execution environments,
by applying one or more concepts or technologies such as
hardware and software partitioning, time-sharing, partial or
complete machine simulation, emulation, quality of service, and
many others.
• It allows abstraction and isolation of lower-level functionalities
and underlying hardware. This enables portability of higherlevel functions and sharing and/or aggregation of the physical
resources.
• There are lots of virtualization products, all mainframe OS of
the past were virtual like MVS, VMS, VME etc
• Today’s virtual environments are VMware1, Xen - an open
source Linux-based product developed by XenSource2 etc
© Asoke K Talukder
13th March 2010
Cloud Computing - 22/50
Virtual Infrastructure Management
SaaS
PaaS
IaaS
© Asoke K Talukder
13th March 2010
Cloud Computing - 23/50
Cloud Computing Stack
Presentation Modality
Presentation Platform
User/
Customer/
Device
Next
Generation
Network/Internet
API
S
E
C
U
R
I
T
Y
Q
o
E
&
Q
o
S
M
I
D
D
L
E
W
A
R
E
Data
Metadata
© Asoke K Talukder
Next Gen
Network
Content
Integration & Middleware
Integration & Middleware
API
API
Connectivity & delivery
Facilities
Cloud User
Software as
a Service
Application
Connectivity & delivery
Facilities
Hardware
Hardware
Facilities
Facilities
Cloud Vendor
13th March 2010
Platform as a
Service
Infrastructure
as a Service
Original Cloud Provider
Cloud Computing - 24/50
Original Cloud Providers
• Application Services (services on demand)
– Gmail, GoogleCalender
– Payroll, HR, CRM etc
– Sugarm CRM, IBM Lotus Live
• Platform Services (resources on demand)
– Middleware, Intergation, Messaging, Information,
connectivity etc
– AWS, IBM Virtual images, Boomi, CastIron, Google
Appengine
• Infrastructure Services (physical assets as services)
– IBM Blue house, VMWare, Amazon EC2, Microsoft Azure
Platform, Sun Parascale and more
© Asoke K Talukder
13th March 2010
Cloud Computing - 25/50
Cloud Vendor
• “Cloud Vendor” is a virtual organization (may/may not
own any infrastructure, platform or software) – it will
use resources from various vendors and original
providers (OCP – Original Cloud Providers) to offer
services that meet certain service level agreements
(SLA) with guaranteed Quality of Expectation (QoE)
and Quality of Service (QoS)
• Source: Asoke K Talukder, Lawrence Zimmerman, and Prahalad H.A, Cloud
Economics: Principles, Costs and Benefits, book chapter in the book titled
Cloud Computing: Principles, Systems and Applications, Edited by Nick
Antonopoulos and Dr Lee Gillam, Published by Springer London, to appear
2010
© Asoke K Talukder
13th March 2010
Cloud Computing - 26/50
Clouds and SOA
• SOA is the architecture of Cloud Computing
• Physical infrastructure like SOA must be discoverable,
manageable and governable
© Asoke K Talukder
13th March 2010
Cloud Computing - 27/50
IaaS
• Rather than purchasing servers, software, data center space
or network equipment, clients instead buy those resources
as a fully outsourced service. The service is typically billed
on a utility computing basis and amount of resources
consumed (and therefore the cost) will typically reflect the
level of activity. It is an evolution of virtual private server
offerings
• Cloud infrastructure services or "Infrastructure as a Service
(IaaS)" delivers computer infrastructures like,
–
–
–
–
Processors/CPUs
Memory
Storages
Networking
Source: Wikipedia
© Asoke K Talukder
13th March 2010
Cloud Computing - 28/50
Datacenter (real IaaS)
Maximilien Brice, © CERN
© Asoke K Talukder
13th March 2010
Cloud Computing - 29/50
PaaS
• Cloud platform services or "Platform as a
Service (PaaS)" deliver a computing
platform and/or solution stack as a service,
often consuming cloud infrastructure and
sustaining cloud applications. It facilitates
deployment of applications without the cost
and complexity of buying and managing the
underlying hardware and software layers
Source: Wikipedia
© Asoke K Talukder
13th March 2010
Cloud Computing - 30/50
SaaS
• Cloud application services or "Software as a Service (SaaS)" deliver
software as a service over the Internet, eliminating the need to install
and run the application on the customer's own computers and
simplifying maintenance and support. Key characteristics include:
– Network-based access to, and management of, commercially available
(i.e., not custom) software
– Activities that are managed from central locations rather than at each
customer's site, enabling customers to access applications remotely via the
Web
– Application delivery that typically is closer to a one-to-many model
(single instance, multi-tenant architecture) than to a one-to-one model,
including architecture, pricing, partnering, and management
characteristics
– Centralized feature updating, which obviates the need for downloadable
patches and upgrades.
Source: Wikipedia
© Asoke K Talukder
13th March 2010
Cloud Computing - 31/50
Cloud Challenges
© Asoke K Talukder
13th March 2010
Cloud Computing - 32/50
Parallelization Problems
•
•
•
•
•
•
How do we assign work units to workers?
What if we have more work units than workers?
What if workers need to share partial results?
How do we aggregate partial results?
How do we know all the workers have finished?
What if workers die?
What is the common theme of all of these problems?
© Asoke K Talukder
13th March 2010
Cloud Computing - 33/50
Divide and Conquer
“Work”
w1
w2
w3
“worker”
“worker”
“worker”
r1
r2
r3
“Result”
© Asoke K Talukder
Partition
13th March 2010
Combine
Cloud Computing - 34/50
MapReduce
• Generalized Framework
Master
Split 1
Split 2
Split 3
Split 4
Worker
Worker
k1:v1
k3:v2
k1:v1,v2
© Asoke K Talukder
Worker
Output 2
Worker
Output 3
k3:v2
k2:v5
k4:v6
Input Files
Output 1
k2:v4,v5
k1:v3
k2:v4
Worker
Map
Worker
k4:v6
Sort/Group
Intermediate files
13th March 2010
Reduce
Output files
back
Cloud Computing - 35/50
Open Source MapReduce
• Hadoop
– Implemented in Java enabled on Amazon
• Twister
– Lightweight New arrival in town
© Asoke K Talukder
13th March 2010
Cloud Computing - 36/50
Security in the Cloud
• Security in the cloud needs to answer few
specific questions like,
1. How much trust do you have on virtualized
environment or the hypervisors in the cloud as against
your own physical hardware?
2. How much trust do you have on cloud vendor versus
your own infrastructure?
3. How do you address regulatory and compliance
requirement in an environment when your application
might be running on an infrastructure in a foreign
country?
© Asoke K Talukder
13th March 2010
Cloud Computing - 37/50
Security & Scalability-aware
Software Development Life Cycle
(SaSDLC)
•
Security Requirement Analysis
–
–
–
–
–
–
–
–
–
–
–
•
•
•
•
Step 1 – Functional Requirements using UML
Step 2 – Identification of Assets
Step 3 – Separation of Concerns
Step 4 – Decision on Deployment and Interfaces
Step 5 – Minimizing the Attack Surface
Step 6 – Security Requirements
Step 7 – Threat and Attack Tree
Step 8 – Rating of Risks
Step 9 – Decision on In-vivo Security versus In-vitro Security
Step 10 – Nonfunctional to Functional Requirement
Step 11 – Iterate
Security Design
Secure and Safe Construction/Programming
Security Testing (Fuzz, Negative, Recovery, Ethical Hacking)
Secure Deployment (Firewall, IPS, Malware Catcher, OVAL, NVD, AVDL)
© Asoke K Talukder
13th March 2010
Cloud Computing - 38/50
Service Quality and Charging
• Journaling is necessary to record usage history
• Journaling is a critical part of any secured and reliable
system
• Journaling helps a system to recover from failure
through either roll-back or roll-forward
• Usage records are used at a later time to charge and
bill a consumer
• Journaling is also used for forensic purposes to
recreate the crime scene of a security attack
© Asoke K Talukder
13th March 2010
Cloud Computing - 39/50
Scalability and Availability
• Scalability in the cloud applications needs to be
dynamic
• Applications need to react to external events such
as increased load, augmented reliability etc
• In the cloud, there will be no association between
the service and the underlying platform and
infrastructure
• The cloud user / customer may like to use some
resource somewhere in the world that offers the
best price performance advantage
© Asoke K Talukder
13th March 2010
Cloud Computing - 40/50
Location of Data
•
This is important issue that should be
considered in the cloud environment.
There are laws related to both what can be
stored and what can be transferred (into
and out of) countries. Some country’s
laws say that the data should not be stored
outside of the country.
© Asoke K Talukder
13th March 2010
Cloud Computing - 41/50
Multi Tenancy
•
This is resultant of virtualization, where
two or more cloud vendors share the same
resource from an original cloud provider.
There should be clean and clear way to
ensure that other tenants are not gaining
access to other parties’ data. This is also
called data anonymity.
© Asoke K Talukder
13th March 2010
Cloud Computing - 42/50
Business Continuity and Data
Retention
•
Cloud vendors have data recovery and
business continuity plans in place to
ensure that service can be maintained in
case of a disaster or an emergency and
that any data lost will be recovered. These
plans are shared with and reviewed by
their customers so that business continues
even if the cloud vendor/provider goes out
of business.
© Asoke K Talukder
13th March 2010
Cloud Computing - 43/50
Data Protection
•
•
•
•
•
•
•
This is to ensure that only the authorized and legitimate users access or
stored data in the cloud. Also, if necessary, the country where the data is
hosted can be examined by the law enforcement agencies.
HIPPA (Health Insurance Portability and Accountability Act) in the US
also prohibits certain types of access on healthcare data.
Sarbanes Oxley demands certain types of accounting practices to be
followed be enterprises.
On 5th February 2010, the European Commission has adopted a decision
updating the standard contractual clauses for the transfer of personal data to
processors established in non-EU countries that are not recognised as
offering an adequate level of data protection.
The USA Patriot Act was passed that allows certain government
organizations to examine any data within USA.
RIPA (The Regulation of Investigatory Powers Act) can be invoked by the
UK government officials specified in the Act on the grounds of national
security. Compliance environments that experts cite as important for cloud
computing included auditing-related standard SAS 70,
Payment Card Industry Data Security Standards (PCI DSS) and FISMA.
© Asoke K Talukder
13th March 2010
Cloud Computing - 44/50
Accounting Logs & Audit Trails
•
In addition to producing logs and audit
trails, cloud vendors (providers) work with
their customers to ensure that these logs
and audit trails are properly secured,
maintained for as long as the customer
requires, and are accessible for the
purposes of forensic investigation (e.g.,
eDiscovery).
© Asoke K Talukder
13th March 2010
Cloud Computing - 45/50
Which Laws Apply
•
Another considerable issue is which laws apply?
An example a client based in USA, using cloud
services of a company registered in Europe and
having services in Asia. These are issues that
need to be clarified and understood clearly. It
will be difficult for a service provider to provide
conformance to all international standards and
be economical at the same time. Further there
might be instances when it will just not be
possible to confirm to all as there may
contrasting views.
© Asoke K Talukder
13th March 2010
Cloud Computing - 46/50
Legal and Contractual Issues
•
Aside from the security and compliance
issues enumerated above, cloud providers
and their customers will negotiate terms
around liability (stipulating how incidents
involving data loss or compromise will be
resolved, for example), intellectual capital,
and end-of-service (when data and
applications are ultimately returned to the
customer).
© Asoke K Talukder
13th March 2010
Cloud Computing - 47/50
Taxation & Regulatory Issues
•
•
•
•
The Cloud-vendor will be a company with Tax
registration on the country of operation
The Original Cloud Provider will be taxed on
the country of operation – some tax benefits will
be there for export of service
Regulatory authorities will ensure that data
privacy and data transportation related policies
are enforced
No matter what the customers want, Cloud
Provider must conform to the law of the land
© Asoke K Talukder
13th March 2010
Cloud Computing - 48/50
Policy Enforcement
T ro u b le T ic k e t
C lo ud
D e c isio n
P o nt
C us to m e r C a re
C lie nt
(re q u e s te r 1 )
S e lf-c a re
●●●
●
C lo ud
Vendor
SaaS
C lie nt
(re q u e s te r 2 )
A cc ess
R e q u es ter
L a ye r
C lo ud V e nd o r
S e ns o rs (A la rm ,
P ro be s,
P e rfo rm a n ce ,
B a nd w id th , F lo w ,
E rro r,
M a lw a re ca tche r
ID S , e tc)
CSQM
Inventory for
Services,
Resources
P o lic y S e rve r
S L A /K Q I/K P I
P o lic y
D e c isio n P o int
P o lic y
D e c is io n
L a ye r
P o lic y R e p o s ito ry
PaaS
Ia a S
Vendor &
P ro v id e r
Layer
© Asoke K Talukder
C lo ud
D e c isio n
P o nt
Q o S a nd
S e c u rity
Layer
V irtua liza tio n
C o nfig ura tio n
C ha rg ing
C o nfig ura tio n
S y s te m
C o nfig ura tio n
S e rv ic e
C o nfig ura tio n
P ro v is io ning
B illing
S y s te m
S y s te m s
S e rv ic e s
13th March 2010
P o lic y
E n forcem e nt
L a ye r
●●●
Cloud Computing - 49/50
Thank You
Email:
© Asoke K Talukder
13th March 2010
Cloud Computing - 50/50
Related documents
Slide - People
Slide - People
Lisa Neal-Graves, Director Technology Insights, Intel
Lisa Neal-Graves, Director Technology Insights, Intel
Document
Document
More on the project
More on the project
Document
Document
Enrique Herrera
Enrique Herrera
Scott Brown, Octoshape - Distributed Computing Industry Association
Scott Brown, Octoshape - Distributed Computing Industry Association
Download
advertisement