Cloud Computing
Group 1
991601 王語瑄
991602 譚學勇
991603 李瑞哲
991625 陳奕潔
991627 高君毅
991630 張毓珊
991638 馬美莊
991639 楊琇婷
991650 張耀宗
991651 蔡宇翔
Question (a)
Describe its possible definitions
991651 蔡宇翔
000101101010111101011010101110000101010010101110010010010000100001110101101010010
Definition
Basically, cloud computing is to deal with a large amount of
data and share IT infrastructure. The number of computers
links together in a large database to provide IT application
cloud services, cloud computing is to emphasize the spirit of
service, and to provide in accordance with the needs of
users customized services.
Reference[1-1]
What is Cloud Computing ?
Reference [1-2]
Definition
In fact, the so-called cloud computing is the network.
The name came from an engineer who usually used a
cloud to represent the meaning of Internet.
To make it easier, the cloud allows different computers
on the network at the same time help us to do one
thing, and greatly improve processing speed.
Reference[1-3]
History Chart
Reference[2-1]
Introduction
1. Centralized computing
It is to use only one computer to handle all of the
operation, if the operation is more heavy, the more
advanced computer we must have.
2. Distributed computing
It allows different computers to assist you in
processing operations at the same time. Once there
are more than two computers that help you deal the
work, it is a basic distributed computing.
Reference [2-2]
Introduction
3. SAAS(Software as a service)
SAAS is not only a new type of service model that
provides business applications software through the
Internet, but also a service model that stores
software and data in the provider-side.
4. Grid computing
Grid computing virtually gathers multiple computers
that the owners of these computers are from all
sides, linking with the Internet, and allows users to
share computing power.
Reference [2-2]
Comparsion between grid and cloud
There are some aspects in common.
Both of them adopt the concept of
“serving the public.“ The grid tends to
offer free services, while the cloud
adopts the "just pay how much you use"
concept.
Reference [2-3]
Question (b)
Provide its possible architectures
and designs
991601 王語瑄
• Architecture – Deployment Models
000101101010111101011010101110000101010010101110010010010000100001110101101010010
4 Kinds of Deployment
Models of Cloud Computing
NIST (National Institute of Standards and Technology)
defines four kinds of deployment models
of cloud computing :
•
•
•
•
Public Cloud
Private Cloud
Community Cloud
Hybrid Cloud
Reference [3],[4-2]
Deployment Model - Public Cloud
What is Public Cloud?
• “The cloud infrastructure is provisioned for open
use by the general public.”
• “It may be owned, managed and operated by a
business, academic, or government organization,
or some combination of them.”
• “It exists on the premises of the cloud provider.”
Reference [3],[4-1]
Deployment Model - Public Cloud
• Merits
– Low cost (or Free)
– Easy to access
– Flexibility and elasticity
– Users only need to take time and some electric bill cost
• Demerit
– Security Concerns
Reference [5-1]
Deployment Model Examples of Public Cloud
• Amazon Web Services (AWS)
• Google App Engine (GAE)
• Windows Azure
Reference [5-1]
Deployment Model - Private Cloud
What is Private Cloud?
• “The cloud infrastructure is provisioned for exclusive use by
a single organization comprising multiple consumers. (e.g.,
business units)”
• “It may be owned, managed, and operated by the
organization, a third party, or some combination of them.”
• “It may exist on or off premises.”
Reference [3],[4-1]
Deployment Model - Private Cloud
• Merits
– Adopt virtualization
– Save the budget of IT investment
– Environment protection & energy conservation
– Realize the centralized management of software and hardware
– Downsize staff
– Opportunities of partial open to private cloud
• Demerits
– The enterprise still need to take huge amount of cost to build the
hardware environment
– Relative to public cloud, private cloud is inflexibility
Reference [5-1]
Deployment Model Examples of Private Cloud
• IBM Blue Cloud
• Microsoft Mcloud
Reference [5-1]
Deployment Model Community Cloud
What is Community Cloud?
• “The cloud infrastructure is provisioned for exclusive use by a
specific community of consumers from organizations that have
shared concerns.(e.g., mission, security requirements, policy, and
compliance considerations)”
• “It may be owned, managed, and operated by one or more of the
organizations in the community, a third party, or some
combination of them.”
• “It may exist on or off premises.”
Reference [3],[4-1]
Deployment Model Community Cloud
• Merits
– Multi-tenancy billing
– Maintain high standards of privacy
– Services can be provided by participative organizations
or third party managers
• Demerit
– Broad adoption has been slow
Reference [5-1],[5-2]
Deployment Model - Hybrid Cloud
What is Hybrid Cloud?
• “The cloud infrastructure is a composition of two or more
distinct cloud infrastructures. (public, private, or
community)”
• “Remain unique entities, but are bound together by
standardized or proprietary technology that enables data
and application portability.(e.g., cloud bursting for load
balancing between clouds)”
Reference [3],[4-1]
Deployment Model - Hybrid Cloud
• Merits
– Reduce the cost
– Reduce energy consumption
– Downsize IT staff
– Can help companies utilize internal and external IT
resources
• Demerits
– Dependency over internal IT infrastructure
– Complex SLAs(Service Level Agreement): “You need to have
detailed SLAs drawn for both your private and public cloud
providers to ensure that they can meet your expectations.
At the same time you also need to have a realistic approach
towards distribution of workload. Look for potential
integration issues that can disrupt services.”
– Complex networking
– Data Protection: “Compliance is a difficult parameter to
achieve in hybrid configuration.”
Reference [5-1],[5-3]
Question (b)
Provide its possible architectures
and designs
991625 陳奕潔
• Architecture – Service Models
000101101010111101011010101110000101010010101110010010010000100001110101101010010
Service Modes
•
Three common service modes：
IaaS
• Infrastructure as a Service
PaaS
• Platform as a Service
SaaS
• Software as a Service
Reference [6]
Service Modes
What is IaaS?
• Infrastructure as a Service.
- Users hire processors, storage capacity, network,
and other basic computing resources through the
cloud service providers.
- No need to purchase hardware and build basic
facility.
Reference [6]
Service Modes
IaaS - Feature
• Saving hardware purchase costs and set-up costs.
• Do not need to worry about hardware upgrades
and maintenance issues.
• Charges based on volume of use.
• Free to deploy and run the software.
Reference [6],[8],[9]
Service Modes
IaaS – Example
• A laboratory provide student a server to run
programs.
– Usually running smoothly.
– Server is busy because of the heavy workload.
 Buy a new server？
 Rent a Virtual Server？
Reference [7]
Service Modes
What is PaaS?
• Platform as a Service.
– Users use the supported platforms, tools and
programming languages to develop and test
software.
– Vendors will be responsible for the execution of
the program on the platform.
Reference [6]
Service Modes
PaaS – Example
Traffic
Management
Reference [7]
Service Modes
PaaS – Feature
• Application deployment easier.
• Reduce hardware and software procurement
and management costs.
• Save manpower, material and time costs.
• Suppliers must ensure the availability and
stability of the platform.
• Charges based on volume of use.
Reference [6],[8],[9]
Service Modes
What is SaaS?
• Software as a Service.
– SaaS providers deploy applications on their own
servers.
– Only need to connect to the Internet, users can
use these cloud softwares.
Reference [6]
Service Modes
SaaS – Feature
• Lease rather than buy.
• Decrease cost.
• Curb pirate version of software.
• Facilitate software deployment and upgrades.
• Provides a set of username and password.
• Anytime, anywhere access to services.
Reference [6],[8],[9]
Service Modes
SaaS – Example
Reference [9]
Question (c)
Its possible strengths, weaknesses,
opportunities and threats
991650 張耀宗
• Strength
• Weakness
000101101010111101011010101110000101010010101110010010010000100001110101101010010
SWOT Analysis
Strengths
1. Hardware manufacturing technology
– Taiwan is currently the server hardware and
mobile devices foundry producing countries.
Hardware manufacturing technology is mature,
with a cloud data center servers, storage,
network hardware equipment manufacturing and
maintenance of their own capabilities.
2. Enough resources
– Taiwan's large enterprises generally complete
intranet related equipment and architecture.
With the hardware manufacturing technology is
mature, We have enough resources to import the
new cloud system.
Reference [10]
SWOT Analysis
Strengths
3. Government program
– Government promoted large-type network
communications program, establishing an
information society and information and
development capabilities, making information
infrastructure, information comprehensive,
Taiwan suitable as experimental and
innovative cloud services base.
4. Location
– Taiwan is located in Southeast Asia and
Mainland China's network of external
connection through the center location, and
the infrastructure set up almost covers the
entire network, Internet penetration is high.
Reference [10]
SWOT Analysis
Weakness
1. Experience
– Taiwan is currently the server hardware and
mobile devices foundry producing countries, not
only lack of large-scale software development
system software development technology and
talent, but also the lack of large-scale system
software product development plans and
management experience.
2. Money
– Cloud computing needs to invest large amounts of
money , equipment and human, for a long time.
– So that , Taiwan's general business is not easy to
get into the cloud services market alone.
Reference [11]
SWOT Analysis
Weakness
3. Key of cloud technologies
– The key of cloud technologies is currently
dominated by foreign manufacturers,
Taiwanese manufacturers inadequate
technology and scale, visibility is not as
Europe, America, Japan and other
manufacturers.
4. Started late
– Cloud computing technology research and
development started late, is not easy to
catch up with others countries.
Reference [11]
SWOT Analysis
Weakness
5. The market is small
‒ Taiwan’s domestic market is insufficient to
support large service platform, enterprise
demand is not clear yet, the cost is high, the
market is small, It's hard to reach market size,
potential users and software vendors to
maintain industry sidelines.
Reference [11]
Question (c)
Its possible strengths, weaknesses,
opportunities and threats
991627 高君毅
• Opportunity
• Threat
000101101010111101011010101110000101010010101110010010010000100001110101101010010
SWOT Analysis
Opportunity
1. Develop high quality data center in Taiwan
– Taiwan is the biggest production base of
component for cloud data center.
– If we can pick up the skills of the framework
of cloud system , the management software
of large scale system, the computing system
of data center , ect , we'll hold the superiority
of cost in the market of data center.
– People can invest the resources and develop
reasonable price and high quality data center
in Taiwan.
Reference [12]
SWOT Analysis
Opportunity
2. Advance additional value of terminal device
– Base on the superiority of manufacturing terminal
device and the knowledge of service in
information industry of Taiwan, to imitate the
successful model of markets in application
software and to push forward the software with
the hardware.
– Import the innovate application software with
small and medium-sized software enterprises, it
can advance the additional value of manufacturing
terminal device in Taiwan
– and push forward the development of software
industry.
Reference [12]
SWOT Analysis
Opportunity
3. Establish the cloud computing center
– In addition to two of the above, Networked
Communications Program and Industrial
Technology Research Institute establish the cloud
computing center.
– Hardware companies transform the service
strategy into service industry development such
as Foxconn and ASUS and the technique of cloud
computing has been putting emphasis with IT
industry.
Reference [12]
SWOT Analysis
Opportunity
4. Introduce B2B cloud and SaaS
– The cooperation with both sides of the
Taiwan straits broaden the market of cloud
computing. Companies in Taiwan can develop
the solution for value chain and assist small
and medium-sized enterprises in both sides of
the Taiwan straits to introduce B2B cloud and
SaaS.
Reference [12]
SWOT Analysis
Threat
1. Standard of technique
– Big companies in the world control the standard
of technique and bash on competitor by strategic
alliance and patent litigation.
– If the companies in Taiwan can't unite with each
other to integrate the resources, it's difficult to
compete with big companies in the world.
2. Companies in China develop cloud computing
– The companies in China has been developing
cloud computing, cooperating with big
companies in the world such as IBM and establish
the cloud computing center.
Reference [13]
SWOT Analysis
Threat
3. Easy to introduce cloud computing
– The companies in China strengthen their ability of
integrating system.
– Their telecommunication and Internet operators
are experienced with large scale maintenance
services. It's easy to introduce cloud computing in
the future.
4. Manufacture cloud data center
– The companies in Taiwan don't have the ability to
manufacture cloud data center by their self. The
data will be controlled by big companies in the
world and they will drive straight in to domestic
demand market.
– The information industry will decline in Taiwan.
Reference [13]
Question (d)
Explain its possible applications
in various IT related areas and
their possible vendors
991630 張毓珊
• Google App Engine
• Amazon Web Services
• Salesforce.com
000101101010111101011010101110000101010010101110010010010000100001110101101010010
Case 1: Google App Engine
• PaaS
• Concept：Give me a nice API and take
care of the implementation
• “Google App Engine lets you run web
applications on Google's infrastructure.”
• App Engine applications are easy to
build, easy to maintain, and easy to scale
as your traffic and data storage needs
grow.
Reference [14]
Case 1: Google App Engine
• Provide：
– 500MB of storage
– up to 5 million page views a month
– 10 applications per developer account
• Services ：
– URL Fetch & Mail
“Applications can access resources on the Internet, such as web
services or other data, and send email messages using App
Engine's mail service.”
– Memcache
“a high-performance, distributed memory object caching system,
primarily intended for fast access to cached results of datastore
queries.”
– Google accounts
App Engine supports integrating an app with Google Accounts for
user authentication.
Reference [14]
Case 1: Google App Engine
• Limit：
– Language： Python、Java
“You can develop your application for the Java runtime
environment using common Java web development tools
and API standards or using the Python programming
language, and run it on an optimized Python interpreter.”
• Signature Features：
– No assembly required
– It's easy to scale
– It's free to get started
• Google offers the same reliability, availability and
scalability at par with Google’s own applications
Reference [14]
Case 2: Amazon Web Services
• IaaS
• Concept：Paying for What You Use
• “Amazon Web Services offers a complete
set of infrastructure and application
services that enable you to run virtually
everything in the cloud”
Reference [15]
Case 2: Amazon Web Services
• Replace upfront infrastructure investment
with low monthly costs
– “Building on-premises infrastructure can be
slow and expensive. There is expensive
hardware that needs to be ordered, paid for,
installed and configured - and all of this needs
to happen long before you actually need it.
With Cloud Computing, you don’t have to
spend time on these activities; instead you
just pay for the resources you consume on a
variable basis.”
“We avoided significant costs including
$800,000 in CapEx costs and $5,000 $8,000 per month in OpEx costs.”
Reference [15]
Case 2: Amazon Web Services
• Elastic Compute Cloud (EC2)
– “Web service that provides resizable
compute capacity in the cloud.”
– Rent computing resources by the hour
– Additional costs for bandwidth
• Simple Storage Service (S3)
– “Highly-scalable, reliable, and low-latency
data storage.”
– Charge by the GB/month
– Additional costs for bandwidth
Reference [15]
Case 2: Amazon EC2
• “Have the choice of multiple instance types,
operating systems and software packages. “
– EC2 allows you to select a configuration of
memory, CPU, instance storage, and the boot
partition size that is optimal for your choice of
operating system and application. For example,
your choice of operating systems (instances)
includes numerous Linux distributions, and
Microsoft Windows Server.
Reference [15]
Case 2: Amazon EC2
• “Amazon EC2 reduces the time required,
allowing you to quickly scale capacity,
both up and down, as your computing
requirements change. “
• Elastic：user can create, launch, and
terminate server instances as needed,
paying by the hour for active servers
Reference [15]
Case 3: Salesforce.com
• SaaS
• Concept：Just run it for me
• “Salesforce.com is a global enterprise
software company. The best known is
it’s customer relationship
management (CRM) product”
• World’s Most Innovative Company
in 2011 and 2012
Reference [17]
Case 3: Salesforce.com
• Charges：
– $65 per month per user license
• Signature Features：
– Multitenancy
“the fundamental technology that clouds
use to share IT resources cost-efficiently
and securely.”
– 100% cloud computing
– Mobility
– Community
Reference [18]
Case 3: Salesforce.com
• Upgrades：
– releases three new upgrades each year
based on customer feedback
• Sustainability
Reference [16]
Case 3: Salesforce.com
Why Salesforce CRM？
 Low cost
- No longer need to install software or
hardware
 Build application more fast
- Only need to spend about half the cost of
traditional software platforms, it can use 5
times faster speed construction applications
than traditional software platforms.
Reference [16]
Case 3: Salesforce.com
Why Salesforce CRM？
 Ability to support cross-border
- Support for multiple languages, multiple time
zones, multi-currency
 World-class security Mechanism
- In Salesforce trust Web site to access
completely open and transparent approach to
security and system status.
Reference [16]
Question (d)
Explain its possible applications
in various IT related areas and
their possible vendors
991639 楊琇婷
• PC-cillin Internet Security
• Taiwan Mobile Cloud Data Center
000101101010111101011010101110000101010010101110010010010000100001110101101010010
Case 4: PC-cillin Internet Security
• Previous - Traditional Antivirus
– Virus pattern files saved on the client
Malware appears
Malware
discovered
Pattern file
available
User
downloads
pattern file
→ delay time
→ security vulnerability
Reference [20]
Case 4: PC-cillin Internet Security
• Nowadays - Cloud Antivirus
– Virus pattern files saved on the cloud
Reference [19]
Case 4: PC-cillin Internet Security
• Benefit
 Reduce the resource consumption of the client
• Save memory usage
• Shorten the scan time
• Speed ​up the boot
 Immediate access to protection
Reference [19]
Case 5: Taiwan Mobile
The Green Cloud Data Center
Taiwan Mobile built the first high specification
green cloud IDC in Neihu District, Taipei. It provide
a secure and stable virtual computing environment.
So that enterprises do not need to build their own
data center or buy server appliance, they can install
or deploy software or application projects online,
rapid completion of system provisioning and
migration.
Reference [21][22]
Case 5: Taiwan Mobile
The Green Cloud Data Center
• Service :
Reference [23]
Question (e)
provide a cost and benefit
evaluation for any of the cloud
applications listed in (d)
991639 楊琇婷
• Taiwan Mobile Cloud Data Center
000101101010111101011010101110000101010010101110010010010000100001110101101010010
Evaluation of costs and benefits
(Take case 5 for example)
• Cost
–
–
–
–
Spend NT$5 billion building
Purchase Network and hardware equipment
Hire IT staff, engineers
Maintenance, repair equipment
• Benefit
– Estimated 2014 production will reach NT$13.3 billion
– More efficient allocation of resources
– Promote enterprise development: enterprises can
focus on the development of their industry
– Reduce environmental pollution
Reference [21][22]
Comparison Between Cloud
Computing and Traditional IT
991638 馬美莊
000101101010111101011010101110000101010010101110010010010000100001110101101010010
Comparison of Traditional and Cloud CRM
Reference [24]
Comparison of traditional and cloud POS
• What’s POS ?
POS= Point of Sale
One kind of information system used to record
the retail industry sales information.
Reference [25]
From a structural comparison
with the cost side
Reference [25]
Reference [25]
Function from the service side
comparison
• Service object
Customization v.s. Modular
“Traditional POS required by different
industries, the development of different
system services, and provide customized
services.”
“Cloud POS only according to different
industries, providing modular services,
unable to provide customized services.”
Reference [25]
Function from the service side
comparison
• Copyright and Services
Purchase v.s. Hire
“Copyright traditional POS once
purchased, update or require the purchase of
different modules to be charged separately.”
“Cloud POS Copyright hire, duration of the
contract to pay, but also according to the
actual needs of any additions required
modules, and if it updates the system will
automatically update at no extra cost.”
Reference [25]
Function from the service side
comparison
• Interface and import
Highly functional v.s. Simplistic, humane
“Traditional POS operator interface is
designed for users to make change in demand,
so the function is strong, but often need
someone to help import.”
“POS in the cloud-based online service, it
seeks to simplify operation and humane. Also
offer online video job description to help users
successfully imported, and diversified data
input.”
Reference [25]
Function from the service side
comparison
• Data reads and mobile applications
One-dimensional bar code v.s. One-dimensional,
two-dimensional bar code (can be used with mobile
devices)
“Identification of a traditional POS-dimensional bar codebased, does not work with mobile devices such as smart phones,
iPad, iPod, tablet PCs and other mobile devices operate; need
extra charge if required.”
“Cloud POS can read 1D and 2D bar codes, and can be used
with mobile devices”
Reference [25]
Function from the service side
comparison
• Data storage and management
Responsible v.s. Trusteeship
“ The user's responsibility to traditional POS data
storage responsibility rests with the user data
corruption or expand managed.”
“POS data mining cloud cloud hosting system, a
professional backup and security mechanisms, do
not worry about data corruption or hacking and
other issues.”
Reference [25]
Cloud Security
991603 李瑞哲
• Infrastructure Security
• Data Storage Security
000101101010111101011010101110000101010010101110010010010000100001110101101010010
Infrastructure Security:
The Network Level
• Ensuring Data Confidentiality and Integrity
– Use of HTTPS (instead of HTTP) would have mitigated
the integrity risk
• Ensuring Proper Access Control
– “Cloud providers do not sufficiently “age” IP addresses
when they are no longer needed for one customer.
Addresses are usually reassigned and reused by other
customers as they become available.”
Reference [26]
Infrastructure Security:
The Network Level
• Ensuring the Availability of Internet-Facing
Resources
– BGP† prefix hijacking
– The event of YouTube
• Network-Level Mitigation
– Reduce your confidentiality risks by using encryption
Preventive
controls
“Network access control supplied by provider,
encryption of data in transit “
Detective
controls
“Provider-managed aggregation of security event
logs, network-based intrusion detection system,
intrusion prevention system “
Reference [26]
Infrastructure Security:
The Application Level
• DoS
– “Application-level DoS attacks could manifest
themselves as high-volume web page reloads, or
protocol-specific requests supported by a cloud service”
– DoS attacks on pay-as-you-go cloud applications will
result in a dramatic increase in your cloud utility bill.
This type of attack is also being characterized as
economic denial of sustainability (EDoS).
Reference [26]
Infrastructure Security:
The Application Level
• SaaS Application Security
– SaaS providers are largely responsible for
securing the applications and components they
offer to customers. Customers are usually
responsible for operational security functions.
Preventive “Identity management, access control assessment,
controls
browser hardened with latest patches”
Detective
controls
“Login history and available reports from SaaS
vendors”
Reference [26]
Infrastructure Security:
The Application Level
• PaaS Application Security
– Since PaaS applications may use third-party
applications, components, or web services, the
third-party application provider may be responsible
for securing their services
Preventive
controls
“User authentication, account management,
browser hardened with latest patches, endpoint
security measures including antivirus and IPS”
Detective
controls
“Application vulnerability scanning”
Reference [26]
Infrastructure Security:
The Application Level
• IaaS Application Security
– Customers of IaaS clouds are responsible for all
aspects of their application security and should take
the steps necessary to protect their application
Preventive
controls
“Least-privileged configuration, timely patching of
application, user authentication, access control,
account management, browser hardened with
latest patches, antivirus, host firewall”
Detective
controls
“Logging, event correlation, application
vulnerability scanning and monitoring”
Reference [26]
Data Security and Storage：Storage
• Confidentiality
– Individuals or groups of data can't be obtained by
outsiders
– Asymmetric encryption
Reference [28]
Data Security and Storage：Storage
• Integrity
– “Refers to the transmission, storage,
information or data in the process, to
ensure that the information or data from
unauthorized tampering or tampered can
be quickly found”
– Message Authentication codes (MACs)
• Adding Cipher Block Chaining (CBC)
• Adding One-Way Hash
Reference [27]
Data Security and Storage：Storage
• Availability
– “That can be accessed at any time and obtain
information”
– “A number of high-profile cloud provider
outages have occurred”
– “Prospective cloud storage customers must be
certain to ascertain just what services their
provider is actually offering”
Reference [26]
Cloud Security
991602 譚學勇
• Identity and Access Management (IAM)
• Privacy Concerns
000101101010111101011010101110000101010010101110010010010000100001110101101010010
Identity and Access Management (IAM)
• Why IAM?
– Improve operational efficiency
– Regulatory compliance management
• IAM Challenges
– Users whose roles often change for
business reasons
– Access policies for information are
seldom centrally and consistently applied
Reference [26]
IAM Definitions
• Authentication
– “Authentication is the process of verifying the identity of
a user or system.”
• Authorization
– “Authorization is the process of determining the
privileges the user or system is entitled to once the
identity is established.”
• Auditing
– “Auditing entails the process of review and examination
of authentication, authorization records, and activities
to determine the adequacy of IAM system controls, to
verify compliance with established security policies and
procedures, to detect breaches in security services, and
to recommend any changes that are indicated for
countermeasures.”
Reference [26]
What are the key privacy
concerns in the cloud?
• Access
– Data subjects have a right to know what personal
information is held and can make a request to stop
processing it.
• Compliance
– Data may be stored in multiple countries. What is the
relevant jurisdiction that governs an entity’s data in the
cloud and how is it determined?
• Storage
– Privacy laws in various countries place limitations on
transfer some types of personal information to other
countries.
– When the data is stored in the cloud, such a transfer
may occur without the knowledge of the organization,
resulting in a potential violation of the local law.
”
Reference [26]
What are the key privacy
concerns in the cloud?
• Retention
– How long is personal information retained? Which
retention policy governs the data?
• Destruction
– Did the CSP really destroy the data, or just make it
inaccessible to the organization?
• Audit and monitoring
– How can organizations monitor their CSP that privacy
requirements are met?
• Privacy breaches
– How do you know that a breach has occurred, how do
you ensure that the CSP notifies you when a breach
occurs, and who is responsible for managing the breach
notification process?
Reference [26]
Changes to Privacy Risk Management and
Compliance in Relation to Cloud Computing
• Collection Limitation Principle
– “collection of personal data should be limited to the
minimum amount of data required for the purpose for
which it is collected.”
• Use Limitation Principle
– “personal data should not be disclosed, made available,
or otherwise used for purposes other than those with the
consent of the data subject, or by the authority of law.”
• Security Principle
– “Personal data should be protected by reasonable
security safeguards against such risks as loss or
unauthorized access, destruction, use, modification, or
disclosure of data.”
Reference [26]
Changes to Privacy Risk Management and
Compliance in Relation to Cloud Computing
• Retention and Destruction Principle
– “personal data should not be retained for longer than
needed to perform the task for which it was collected, or
as required by laws or regulations.”
– “Data should be destroyed in a secure way at the end of
the retention period.”
• Transfer Principle
– “data should not be transferred to countries that don’t
provide the same level of privacy protection as the
organization that collected the information.”
• Accountability Principle
– “an organization is responsible for personal information
under its control and should designate an individual or
individuals who are accountable for the organization’s
compliance with the remaining principles.”
Reference [26]
Reference
1-1
http://www.cc.ntu.edu.tw/chinese/epaper/0008/20090320_8008.h
tm
1-2
http://www.google.com/search?q=%E9%9B%B2%E7%AB%AF%E4%B8
%89%E5%B1%A4&source=lnms&tbm=isch&sa=X&ei=lX_B
UcP2HcfkkgXNuYCwBA&ved=0CAkQ_AUoAQ&biw=1304&bih=707#fa
crc=_&imgrc=mwU-nrNGUvJFLM%3A%3BKNE_x-RxkVhgM%3Bhttp%253A%252F%252Figt.dxhs.tyc.edu.tw%252Fsystem%
252Fuploads%252F599d2b62d98d865ba23064006f0fdc7c4267debe.
png%3Bhttp%253A%252F%252Figt.dxhs.tyc.edu.tw%252Fsections%2
52F553%252Fpages%252F1405%253Flocale%253Dzh_tw%3B300%3B
272
1-3
http://tw.myblog.yahoo.com/johand920/article?mid=61&next=60&l=
f&fid=1
Reference
2-1
http://www.google.com/search?biw=1304&bih=707&tbm=isch&
sa=1&q=cloud+history&oq=cloud++his&gs_l=img.1.1.0i19l2j0i5i1
9.61914.69543.0.71581.19.14.4.1.1.0.181.1605.1j11.12.0...0.0...1
c.1.17.img.LcbGcHMlLtU#facrc=_&imgrc=Fi33FXix1LRMPM%3A%
3B4Qp9t1JEuPp3AM%3Bhttp%253A%252F%252Fei.marketwatch
.com%252FMultimedia%252F2011%252F04%252F26%252FPhot
os%252FCody%252520charts%252Fcloud-computinggrowth.jpg%3Bhttp%253A%252F%252Fblogs.marketwatch.com%
252Fcody%252F2011%252F04%252F30%252Fbest-stocks-forthe-cloud-revolution%252F%3B470%3B516
2-2
http://tnrc.ncku.edu.tw/100report/class/100.09.02-1.pdf
2-3
http://sls.weco.net/blog/bryan0314/14-jan-2009/12497
Reference
3.
The NIST definitions of deployment models of cloud
computing,
http://csrc.nist.gov/publications/nistpubs/800-145/SP800145.pdf
4-1. The diagrams of deployment models
http://www.cloudopenlab.org.tw/ccipo_industryDefinition.do
4-2. The figure of deployment models of cloud computing,
http://www.ubiry.com/en/services/cloud-consulting/
5-1. The characteristic of deployment models,
http://tmue.edu.tw/~cyang/class/Intro_CS_M/Intro_Cloud.pdf
5-2. The pros and cons of Community Cloud,
dcia.info/activities/ccw2012/11-8%20Greenberg.ppt
5-3. The pros and cons of Hybrid Cloud,
https://exploreb2b.com/articles/pros-and-cons-of-hybrid-cloud
Reference
6. 雲端服務架構_IAAS/PAAS/SAAS
http://eblog.cisanet.org.tw/80366493/article/content.aspx?Artic
leID=996
7. 國家科學委員會-雲端計算
http://web1.nsc.gov.tw/ct.aspx?xItem=14873&ctNode=40
8. 財經知識庫-雲端運算
http://www.moneydj.com/kmdj/wiki/wikiviewer.aspx?keyid=b2a
16b54-77ee-4a1d-8feb-a3d0366e55c8
9. 網管人-認識雲端運算架構與框架
http://www.netadmin.com.tw/article_content.aspx?sn=1201310
001
10. http://www.aceredc.com/eDC/download/cloud_trend.pdf
Reference
11. http://investtaiwan.nat.gov.tw/doc/20100820_2.pdf
12. http://www.ey.gov.tw/policy8/cp.aspx?n=5187513675EB4E69
13.http://newsletter.ascc.sinica.edu.tw/news/read_news.php?nid
=2385
14. Google developers
https://developers.google.com/appengine/docs/whatisgoogle
appengine
15. Amazon
http://aws.amazon.com/
Reference
16. Salesforce
http://www.salesforce.com/
17. MBA智庫百科
http://wiki.mbalib.com/zhtw/Salesforce.com%E5%85%AC%E5%8F%B8
18 . 天新資訊
http://fiti.force.com/web/page?pageid=a0n20000000zB8SAAU
19. Trend Micro Taiwan─Smart Protection Network介紹影片
http://www.trendmicro.com.tw/spn/movie/index.asp
20. 雲端運算智庫─「如果雲知道」 雲端安全防護技術
http://www.runpc.com.tw/content/cloud_content.aspx?id=103
984
Reference
21. U-3C.com─「台哥大跨足雲端市場 50億元興建綠色機房」
http://computer.u-3c.com/article1404.htm
22. 台灣大哥大─新聞中心
http://corp.taiwanmobile.com/pressrelease/news/press_20120509_558828.html
23. 谷元宏─全方位的雲端服務
http://www.digitimes.com.tw/tw/B2B/Seminar/Service/do
wnload/053A109240/053A109240_YFOMH35XTLKLCFGSC5I
H.pdf
24. http://sficloud.blogspot.tw/2010/02/crm.html
25. http://www.gs1tw.org/twct/gs1w/pubfile/2012_sUMMER_
P17- 33.pdf
Reference
26. Tim Mather & Subra Kumaraswamy & Shahed Latif. Cloud
Security and Privacy. O'Reilly Media.
27. Wiki百科
http://zh.wikipedia.org/wiki/%E5%AE%8C%E6%95%B4%E6
%80%A7
28. https://www.google.com.tw/search?hl=zhTW&site=imghp&tbm=isch&source=hp&biw=1366&bih=66
7&q=%E9%9D%9E%E5%B0%8D%E7%A8%B1%E7%B7%A8%
E7%A2%BC&oq=%E9%9D%9E%E5%B0%8D%E7%A8%B1%E7
%B7%A8%E7%A2%BC&gs_l=img.3...1114.3143.0.3401.18.1
1.0.6.0.0.108.565.10j1.11.0...0.0.0..1ac.1j4.17.img.dOTMBQ
T9whE#facrc=_&imgrc=ZZ7sVKwr4F_EvM%3A%3BuOMY40_Xx1zOM%3Bhttp%253A%252F%252Fwww.asiapeak.com
%252Fimg%252Fasymmetric.JPG%3Bhttp%253A%252F%25
2Fwww.asiapeak.com%252FPGPTheory.php%3B655%3B330