(3 Hours) [ Total Marks : 80 N.B. (1) Question no. 1 is compulsory. (2) Attempt any three from remaining five questions. (3) Assumessuitable data, ifnecessary. 1. (@) Whatis cloud? Explain its features, service and deployment models. Mo {b) What is virtualization? Whet are benefits and mechanisms used fox - py virwalization? 2. (@) Whatarethe features ofAmazon SimpleDB? 10 (b) Explain Big Table as Google's NoSOL system indetis 10 3. (a) Explain concepnual Architecture of Open Stack and its modes of operation. 10 (b) What ie CS? Bain rc wih els 10 », § 4 @) Mare pi clot graph ge Won coe ene 10 roles and responsibilities towards SMBs? (0) ExpleinAAA model in detail Song with its industry implementation? 10 5. @) What are hess sociated fn eloud computing? 10 (b) What are the fundamental soguirements for cloud application architecture? 10 6. Write anoteon Pas w 1 Factors for successful cloud deployment 2. Cloud Service Gateway 3. Google App Engine 4. SaaS maturity mode!in various new industry verticals, forcing the existing conglomerates to acclimatize and adapt uchy osuvivein bora ever ‘Ao har fen write on Clond Competing on iin newsppes, and son and trgucs Tere se many whores tt comp pt ep a ed basses trepretandng uel fr sovingepean Sever ecg errand ssp wan! go he Siu wey tpt om tein wn ot as ot on compete Senet cre ed the dlrs of doa cenpeting on buscar, es ma sre of wha tans Tse (as abc ati arco wih Getting to Know the Cloud Cloud i mode! where users havea convenient on-demand accesso share poo! of resources, sucha servers, storage and applications over the Intent. Users dot havea contol af underlying hardware infrastructure that is owned and managed by the provider. They acess the services or allocated resources by using a Web browser. “Tn most conan aetna Ws ane By Ts Natana alte a Sandards ana Teannobay (ST USA" nth Spec Puleston 800-148 wneh sates oud Conputng model fr eabing convent ‘remand neta access fo 9 shared po! of conpurablecompuing resourees (69. networks se Sree sptetor a sev) el an be apy protean od rocased wth url manazerent Sot or sein prover itemcton” (Cloud Computing has several definitions According o NIST the ive sient featres of cloud ar 13 OnDemand Self Service—A consumer can setup computing capabilities, such as server Hoe ad network rage, at nese, alomaticaly without having any direct comeniation with ‘exch service provider 12 Bend Network Acteat—Capabitie are avaiable over the network and acesed though normal mechanisms that are used by various devices such at mati phoney, tablets, apps workstations. ‘2 Resource Pooting~The provide’s computing resources, such a storage, procesing, memory and network bandwidth are pooled to serve mullpl consumer by using a multi-tenant mode Further, on the basis of the consumers demand, various physical and virtual rsoures are sytematcally assigned and resigned, There f seme of loealion independence, in that the ‘lstomer generally has no control or knowledge over the exact localon of the provided resources but may well be able to specify the locaton ata higher level of absrecton, for ‘xample county, state, or datacenter of ud Computing 12 Rapid Flasticty—Cloud computing capablies can be systematically provisioned to meet demand and lod requirements, To the consumer, the capabilites avalable for provisioning. blten appear to Be unimited and can be appropriated in any any tay time, 12 Meatired Service Cloud sytem can automatically contro ad optimize the use of recurces by leveraging a materng capability a some level of abstraction tha is appropriate for Ue type of sevice (eg. storage, processing, bandwidth and ative user acount) Resource usage canbe ‘monitored, controled, and reported, providing traparency for both the provider and the Cloud and Other Similar Configurations ‘There ae several mult-erant implementations that are sim to coud computing, The models are simular and for one, an confuse the related concept, clear understanding ofthe flowing ter ‘will help you in dainguishng thes om lou Computing (Sc Figure Von ext par) 1D Application Service Provider (ASP) —Jostin Bkeand, the lounder of Telecomputing, clea the term ASP in 1996. An ASP was defined as an organization that hosts and manages one oF more applications and its underlying infatructure. Customers could use these applications ver the Internet, and would be billed forthe amount of liao, ‘ASP ware 3 DRCURD: TB COEDNGD SaaS (SOTWareaE®SOVEG) he Te MOWTRNATDN OT Sead onputinig. However. ASPs are cerent fom Saas prowaers a8 ASP apeiatans are ol wren (re ‘atte fmat, are thgietonan! spteatons Peted by 8 thapary, and have 8 poor pararmance ae ee ee ene ae ee oe ee, ae ee ee ene‘Cows comping resources canbe accessed ovr the network wing sana acess mech {von at rn plaforndeent acces hep he we of epee Che tesco pootng “oped te pyaar. Nrus forme of vation procs sh a all “Shula. urea od rare viaaton re debe i Chae? opi ty {erect up orden natn oman Typ sai tons en 1 Herat Sling cling 0) Heriot ang seagate aoe 2 Cnoracterses of Cloud Computing 21 + Yet Seating saling up: Vera scaig or aig ap ioives hanging the SecharaneenefCPU cj ned snore eee pc es sce E ‘sce are ace hag pes rt he ces nado dee fe ctl charter of ond comping ie chris trae ht vag et cae retoemence Cd comping prvies ingore proms plcos ine he res ‘tthe apa ca bet spor dwn tnd cee Janae cso ens eciced cons sage resources tried ca be pve sami, uptime acts of cmpaig csc wre gure tra Tse ipo tf orpanzion adn. Apleaons an exper lng nso te “ola wichcan ew ese oo fer, Fr angles ye Sn epee were a iy ome 'eethe ends of peed worn lel ade tame tin ns see lel Orinoco Management ous comping allows te wer Gndviils apeoranizatins. sll td mdm ‘terres nd government) wo oxboue the IT iat req eee /erc/evcalyous/tpta ‘Open-Source OpenStack Cloud Architecture Openstack is one among several opensource doud building software through whieh various organizations oer their loud sevice to clon. An OpenStack cl leverages the preexisting, Infrasractar ofthe organization. The coud can run onthe commodity hardware that are avaiable st ceomcmial cons Thabo provides fatty of scaling the oud resources 0 that whenever ‘organizations need to add more computing and storage resources, it could be done easly without Interrupting the operations or hampering the performance. OpenStack based. public cloud is implemented by some top-level organizations ineudng Hewlett Packard and Rackspace, 129 The OpeaStack cloud follows two distinc arctectures: conceptual architecture and Joga rchitecture ‘The conceptual architecture of atypical OperStack oud envzonment is shown in Figure 3: fa Baap vanes gure Concept! Opersinck Architecture ‘The ogcal architecture of typical Operack oud environment i shown in Figure 4 130430 159/487 ‘Pigure Logis Opnsiak Arentactre Inthe following seton, we discuss the feature ofthe OpenStack cloud: Features of OpenStack COpenstack software provides you the leiilty of integrating various technologies witht that helps you in building the cloud environment according to your choice and news. OpenStack cloud has ‘evealestures tha stand out from the competitors, Some of he features ae explained as flows ve Upgrades (Openstack previously didnot have ay supper for live upgredes. Any upgrades would require you to shut the ence cloud down. Now, you can upgrade you cloud by frst upgrading the conte {infrastructure and then upgrading the compute nodes one by one ina sence. This wl ep your cloud system running and will require only individual components tobe shut Federated Identity COpenstack provides you a federated identity system, called Shibboleth which can be used for Jogging into multiple OperStack nodes through a single user 1. OpenStac include ths feature on special eguest by the European Organization fr Neclear Research (CERN) 434‘Alter studying the components of OpenStack cloud environment, let us study the modes of ‘operation in the fellowing section. 435 ee Modes of Operation (Opentack an operate many in two modes, One isthe single-host made and the others multichst ‘mode The operation is called a mult-host operation if a copy ofthe network is run on each ofthe compute sds and the nodes are used asthe Internet gateway bythe inaiances that ere rensing on Individual nodes. The Floating IPs and the security groups are also hosed on these compute nodes foreach of the instances, ‘You can cal ita single host made of operation ifthe network srvice based an a contal saver (CLC. fer ceample). CLC reeves trafic from all the compute rods. Tis wai i thn, forwarded by CLC w the Invert. All nodes used for computational purpss in the cloud have thei Floating IPs and Security (Groups beng hostel on theclous corre Both the modes hve their own advantages. Where the single-host mode has limitation of one- point fallure in which the unavailability of the cloud controller will stop the instances fom communicating onthe network. the malt chst mode overcomes thi itation by providing «copy to every compute node. However, the multhost mode of operation requires the nodes to have 2 public IP address for commuricating on the Internet. If obtaining ast of public IP addresses isnot posable, you might be unable to use the mull-ost mode of operation in your setup. Ate the completion of OpenStack cloud network's modes of operation, we discuss the instalation and configuration of OperStackin the following ection. Installation and Configuration Process For incling Opertck, you noe to perform can steps The OperStck ons can be ntl in the folowing Installing OpenStack Clients with pip Installing OpenStack clients through pip is easy. You can use the pip command for installing Opeastack on Windows, MacOS, or Linux Updating the setup or removing it fom your system s also erable by pip. “The following ietractons are use for ciferent Set intl Opentack cent onthe: “The MacOS X of Linas user ned odo the following pip tnseallpyehoncPRazecreT ene {pelhicrosate Wodows tners need to do the following Giopip tnseatT pyehon-mmonecTeviene Here, you need to replace PROJECT with the name of your Openstack let such a nov You can take help from thefllowing isto identity the replacement for PROJECT. ‘You will use eilometer for Telemetry APL cinder for Block Storage API and extensions, glance for Image Service APL, heat for Orchestration API, keystone fr Identity Service API and extensions neutron for Networking APL nova for Compute API and extensions, swilt for Object Storage API tnd trove forthe Database Service AL 436(Sructure. SY CXARUAINg the Cala quaky anc eiizalon pabery Bis eile (0 point’ out me polenna’ problems, any, within a database. This improves the performance of the datas. Cloud Services Brokerage (CSB) ‘A Cou Series Brokerage (CSB) isan organization that plays a roe asa facilitator or intermediate for delivering cloud services. The CSB is usally a tlecommunication or datacenter hosting service provider witha large numberof customers. In the cloud provider consumer relationship, C58 are an optional eniy involved with mediating between the two. However in the proces, the C58 als fer additional valu tothe provider and Thay help providers by relieving them of acquiring customers ling, and enabling integrated access to multiple coud services. Te cloud consumers get integrated acess to one or mor cloud and valueadied services suchas cloud backups, Su, a entity Management (kM). Figure 2 shows the consumer directly accessing public loud services end a model where a C58 offers portal to acess multiple clouds. These clouds can be resident of CSB datacenter, he cloud Provider's promises ora hosting provider site ‘Bicast aad Modal So | se. Consumer 1 = Consumer 2 Pe igure The Dre ea Models the Rae of SB a an rirmedlany Figure 3 shows how a CS® can use partner portals to urify or aggregate the accesso various clouds Points to Remember 1. Building a private or public cloud reyuires various technologies such a6 virtualization,2 Ongoing system administration of he serves {Review monthly bil fom the provider and ler rite as per SLA violations. © Thsing om best practices and optinizing the we of ow resources. Microsoft has sever! consulting partes for its Azure services sted at Inip/presicofnnfeindeearparirs, Amazon has ite partners listed at ‘np ies amazon comets lution provides. Google has Google Enterprise Partner CEP] rogac wit nore det at ipo gg confor Meat CEP merbers are software ‘etry, VARs, Sl, constants and ditto. They eller sation, customizaion integration of Google sevice to corpse pplication teinng and compleentrypredacts ‘The Road Ahead for Cloud Service Brokerages Cloud Service Brokereges (CSB) isan emerging rae in which a compeay provides a intermediary function between the cloud provider and the consume. The need fF this has evolved because ‘consumer sek help o manage the oud eneronmen they wan! fowse According to Garter “Triton IP serie provid ayo may tec este ung out C58 ies: Hwee, dou apn conte gunn, ding 5 wl come moe frequent tu pt” Many I service providers wl adopt CSB roles 1 pve themselves a dlleetation from other providers. The hve key CSB oes areas lows 1 Aggreation—The C58 bring maliple cloud service together to rove a une an relevant service to a group of cloud consumers For empl, a proup of fee services can he for 2 certain ndestry vertical such as manufacturing o pharmaceutical companio. Alternately, ‘ante grouped by busine process such at material procurement IT scurty,oF manpower © ntepation—The CSBe can sro all levels of intron auch at i-touse and coud ppleatons on-premise and cloud data, Thera various ype of CSB sich as “+ Appliation integration, such as data symcvonization between applications, workow, ‘naples, AP and data ansation 1+ Technology ination, sch as wer authentication for various lds, secur of inrant ata between clouds and management of variouslouds *+ Governance issues, such as SLAS,compllance to regulations an standards and process monioring {2 Customiation—Many CSts afer a new set of services or capabilites beyond wht is being fered bythe dou! provider. These capabilites ince ol o manage and simplify the we of ‘oud resoures, which are avalable to various coud consumers. The customization canbe a Simple modification to an existing sevice ar new ste of wer interlace, applications, of process, Simp service provider have taitonally provided aggregation integration and customization for Commer OF-The Shelf (COTS stare However, tase have farther evolves! 4 incude ot ‘computing. In the future, many Sk and VARs will adopt CSB roles to enrich tee traditional Capsblites ploncerint oud markets, and diferente ter offerings cel. ia tleethia Ceiiientit Tine Cineeloeeapplications large organizations have a sharply shrinking audience, On the other hand, SMBs (an get 24/7 aces fo thei outed aplicaions from any device or location. Ts lows ‘emo eal ierease the catomer ech nd eves. Public Cloud Adoption Phases for SMBs ‘Asurvey by McKinsey e Company shows that two-thirds ofthe cloud purchase sade by SMe ‘re meant o replace an existing spptiation or sostion. Ts ostons the ud a an ae to “on-premise” F soliton. The remaining ovethind i geared towards mala expansion, reli ‘he dsr of SMBs to aces aplication they cold ot alo in ose When ase in which appication ares they could se cls tons being we within the ‘onganizations, survey rapondents expressed the greatest need for storage space and data backup/reliency. Overall the respondents were willing to consder purchasing oud ston for 1 broal range of IT inrasiracare and tsne pplication neds: however, tal consideration levels emuin ustover 0%, 2a onto = “Tharsis « siang danard Wor Goud scopion by SUB Yor Gout Based sana, capac, Piomaton ar _Sesbene manageran, recy syeem and una eos menegener, ERP, CP, snd cipboreon (2k The following are few guidelines or MB to ensure tha tey ge the ont ut ft oud: 12 Stat Small=FProvie tie for your employees to fanaliarzethemactves withthe services Provided by the cloud Stat with one application at tie and give some weck fo employees to get accustomed tothe environment Once ey area ese, add more cloud services. Keep the ld ystemavalabefor use as backup incase you encounter a showstopper impediment. 12 Bul Think Big Make nue tha! the cout service you apt canbe scaled up to des! evel sos time anes Spee of servis, and can verve employees and customers alk. I they eannot keep oki 12 Ability to Export Your Dat in Standard Formats—You will wan tobe abe o export your data to common applications such as Microsoft WordExcel or database fies for Oracle, MS SQL, of [MySQL This will allow you to have backup of your data and move to another cloud, if segpied 12 SLAWthe Service Level Agreement (LA) describes the fund for service outage, termination procedures, fc, Diater Recovery (DR), backup and Business Conia Planing (BCP) that Wl be provided bythe vendor. You must ead and understand the terms and Know how it ‘impacts your bosnes 12 Look for Free or Inexpensive Cloud Options Several ee cloud computing options exit oe ‘emails document management, and even CRM ard ERP. You nee to pay only ifyou exceed 3 numberof user cours o storage space. Tete are fe rial periods. Make sure you review the service before diigo buy, For SMB cost and convenience ae deving motivators to coir the loud for various applications sch as DR and fo king bckape and sharing decumets, “Toe skal og a ood Wal ad ay as i seer Satoalve avarapes athe Cod Fas (oor. Nay boshesses we moving eppets) over he cud Bu ou mus arson Goud fs Benne manner Figure 3 shows the pha hat one asf go through while selling and trantioning the eves ‘othe dod, Throughout the adoption process, you need to focus onthe ares of tus, secunty, egal ‘ompliance, and orgnizationl iesSee numberof user count or storage space. Thee are eet periods Make sure you review the sevice before ding to buy. For SMa cos and convenience re ving otras to coder te cloud for vious applicant suchas DR, and for aking bockupsand sharing dcumen “Tom rk nol ig ha Cod il you hay iss 0d oh srl conpeive svarages it eGo Pas (2 oer Many bushesses we mowy ogre) towards he eB ou Mon! anton fo cud ht Blamed manner Figure 3 shows the phases that one ha fo go through whe selecting and Wansioning the services ‘othe cloud, Throughout the adoption procs you nee to fouson the areas of trust, secu legal compare, and expanizatinal es A cpton we nt of Clo by Stand Men Boece (MBE) lar gone co acteaon coats Pe ae ‘img te cs no on soon ow oesing sen. ‘cabs ang buanes passe le in ara fs eae pecan toe ou. The wes ‘Sot ung ms dnd secon The rmragaron’ ust rere ara i i ee |_SeEsSS ss | erty comment ant wants et races The cud itor (me semen onto oneatey mania) aca rte tea }] ERS esene ire 3: Chow Adopon Pann by SMB Cloud Vendor Roles and Responsibilities Towards SMBs Both the consumer athe provider nec to kno the orl sine environment Providers mst appreciate the ned ofthe consumers and lo customers must be aware of the tations thatthe rowers work under. The ay reairmens of the consumers are ‘Sect to save cloud data an appition and deni of acces to unathorss sers Use of standards sed API, langage, and plaorms "Evironment hat users can customize to improve ete, Intenainaiation and we of acl language if pate at feces clo a igh pine rower onthe ther hand work prove the be faire and convenience their unos Inclding 1 Offering the mos compete price Scalability and east. Sl-ervice portal for users to automate the provision of resources. ata storage with regular backups Provision for DR froma diferent datacenter, —However they need to be designed to beable to exploit the benefits in the Future, “The cud appt WoRROGUre Tus Da abe Tose Para Gla an a Te saree, eae oe caratony must bo modular upper paral and ake advantage of Scaubity ard easety, SOA nda doa sparaton of arose uae are equre 0 beret ron te Fundamental Requirements for Cloud Application Architecture “Most ofthe teitional assumptions on architecture may not be documented within the entrpis. Bat sinc they hve worked wel or decades, internal application architet contin to rly om her tn extend their se for ous. However, the lou inastractare and use has fundamental dlferences from tredtonal environment, Architects cannot ignore the lifeences. Cloud pplications must be designed lo maximize the epportunities and minimize sas, which cant be bound by or ollow taditonalasumpsons 207 hap 2 Here area few practices for aplication architecture for clouds: 2 Cloud Applications Must be Fleble, Dysamle, and Distribuable—For applications hosted ‘on teal environment the developers assume a consistent et of computer hardware with table features and behavior. However, this can be « dangerous assumption in a eloud. The processing data may shift lection Inflight and the amount of avalabe processing power, ‘memory, nd bandwidth ate unknown and unprsitabe San “Zapleatons mabe archtecied fo werk W eneronert of high degree of Fteroqenely, where partons Tre lunaerjing system run on afferent inrestucture et diverse ecatons ef aferet ties. The eppeaion must ‘be able f flere and respond to changes. The application must know whet te envionment wil nt fake Serbo and nat ft Cloud Applications Must be Architected and Installed for Unknown and Varying Geographic Locations Architects traditionally assume that once an application is installed and configured it will rnin the same datacenter, the same corporate network, ae same security and regulatory domain, if rot on the same server, Inthe cloud with uses aross the globe its advantageous thatthe data and application processing i divided along geographical lines ‘Some developers or Independent Software Vendors (ISVs) may also like to offer choice of loud service providers tothe end usr. Tis will remove unwanted cloud-ock-in and give the ‘option to the user to continue to use its preferred cloud provider. Another common choice ‘would be to host the application froma private cloud and use public clouds for development, pilot runs and testing. “Prvatecoude wil wart use CGoa uring. Dal erended fo pubis Goud dha pareds oT ROH veer {ced vine cemards an epoiaton ia esRned era fom mato eatons of chads be Con rere Sr otpramse With malt-Lcation, new issues such as parallel access and data consisteney and integrity ms te edrese The aplication mus thes be location-aware, which tum blurs the line between dlstrbuted applieaton and muliple instances running in diferent location. The ache ‘must consider the data to be ether lal or remote fom the application an be able to ran in rll rom liferent locations, while keeping tal synchronize. 2 Cloud Applications Must Account for Pricing of Resource Access and Utilization ~The pay- peruse cloud model requins applications to optimize thee use of resources Data will nee 10 ‘be partoned to optimize ulization and lower operating cost Thsis ule a plo internal infrastructure whore the available recurs are taken for grant. Also some ld providers say have viable pecing at diferent es ofthe day which nen oe factored int the code land processes suchas epication, backups, and running poetsPET TETETeT Terrie riteieceeeeteeteretereeeneeeeeeeeeeeeneeenee Aepleatonhrdactrfor C018 Cloud Applicstions Mast Take Care of Data Integrity and Consstency—Traitional ppictions ase that the aneactonal outcomes can be atomic can be made so by wing Some eppliation Functionality or mechanism such as a middleware server, a database o a sins proces engine The common machanism i usually a database. On the other hind, fe loud applications, the datas distribute acoss many locations ad databases, and therefore a ‘common mechani mst he creat fo maintain dat inert. Sa _st7pes nthe cous cannot be usede enforce catemegrty ‘Securlty in the cloud must be enhanced to enable automated configuration changes. Application lifecycle management inte cloud mast be capable of running parallel versions, ning tests cn ive systems, and seamlessly cutover to new versions when needed Applications in the cloud run over networks over which the provider or consumer has no contol of latency integrity or proces outcomes. The architecture must be centered on event-based processing models to folate its of fntepity. At the same time, the application must be capable of handling undesirable outcomes resulting from data inconsistency. In the cloud, the application must be designed to not rely on ightly-coupled integrity mechanisms. The application must be architected to partially fal, with a bulltin ability 10 manage around the failure, thereby mitigating adverse Impact. It must be fault-tolerant, with the ability to accommodate a wide range of faults, where each fault has diverse and large set of appropriate responses, 2 Cloud Applications Must Process Various Information Types—the ability of applications to process unstructured data, video, aio, images, etc have been around since the start ofthe Web However with cloud-based applications it has hecome more imminent and inevitable, In the future it will be necessary and a competitive convenience for an application to be aware of is users location. For example, if a salesperson is ata customer's office and accesses his online store to order something forthe customer, the aplication can pre-populat the lds with what the customer had last ordered and how he had pai The media types and other adc-ons for applications need to be central (and not as additions) to the cloud application design. For this to happen the application must teat the nor-structred 2 Cloud Applications Must be More Mobile-Aware—It will save effort and time, if cloud applications are intially developed and tested for use from smart phones, tablets and other mobile devices rather than from laptops or desktop. By 2014, more than 50% access to cloud applications wil be from handheld devies. This too has heen a longstanding requirement but more exigent fr cloud applicationspacts. t must be fault-tolerant, with the ability to accommodate a wide range of faults, where each faulthaca diverse an lange st of apprise responses 2 Cloud Applications Must Process Various Information Types—The ability of applications to proces ursructured data, vido, audio, images ct have boen aroun since the start ofthe Wel However with doud-based applations, thas become more imines! apd inevitable In the future, will be necessary and a competiive convenience for an application o be aware ofits wr’ lation. For example if a slesperson is ata customer’ office and accesses is online store to order something fr the customer, the application an pre-populat the is with what the customer ha last rere ae hw he had paid “The media types and ther add-on for applications need to be ental (and not as ations) to the cloud aplication design Fr this to happen, the aplication must treat the norsructared data tobe discoverable and seatchable ke numbers and text. 2 Cloud Applications Must be More Mobile-Aware—It will sve efor and time, #f cloud applications are inially developed and tested for use from smartphones, tablets and other rmoblle devices rather than from laptops or desktop. By 2014, moe than 50% azcess to coud, applications will be from handheld devices This too hasbeen a long-standing requirement but ior exigent for eloud applications 200 erat tt 2 Applictions Must Do Lot More Than Just Accepting and Storing Input—Tradtonal ‘applications were primarily meant to accept preserve, and process use inputs and ae used for ‘cent recordAeeping. Cloud applications cannot be designed as a vault to just store and retrieve information apd fciiate business processes. Soil, mobile and cloud concepts have insiled a new expectation that applications are primarily meant to communicate with other applications Traditional applications are immensely handicapped by their inal to expedite ‘convenient communication, ‘Cloud applications mus incorporate human communication as pat ofits asc reglrement For ‘example, if an appointment i schedule with a doctor, the sehedaling application should be bleto snd an emai and SMS to the patient tthe time of making te appointment a wel a on the moming ofthe appointment. Commnication is a dynamic atvity with an audience that ‘extends to Include internal staf, vendors, partners, customers and others at the customers ‘organizations. A good way to sictue the ratonship beheren applications and ceil ‘communication iso adopt an event-driven architecture ‘echtoctng 2 applet er Cand ard frase ae Tbe Geveee Tea PHOTGUE ay aperoaCN must ares ssyes such as molar of eatres win te appleaton, ard rey 09 capable Such as. Imamoryprosesang and us of shared amor and eve sresma. mast erable os! separation of ‘Sotmare components 50 Dat be da end applcaton canbe easly sald up roplcated ar moved fig fo nother beaten Relevance and Use of Client-server Architecture for Cloud Applications Applicaton architecture has, over the yeus, rebalanced amongst monolithic, modular, objec ‘oriented and servceorientedachtectue Also there has been a sving between centlized v= decentralized application architecture. ‘Goud computing and the proliferation of powerful mobile devices used on the clint side has brought about a neve dynamics. The powerful Intent connected user devices combined ith the ‘cost benefits of the cloud have led to & new applicaion architecture called cent-cloud architect. “The developers have o write the allowing two applications 2 Server Application forthe Cowd™—This sachs fra private lous or a public clo sich as ‘Amazon AWS, Microsoft Azure, Google App Engine or any of the various cloud application plore Client Application fr the Cent Devices—Thiineldes smart phones, bles laptops es The application could be deployed via a ratve 108 or Android application ora Web brower on & laptop or desktop. Cloed vandors pouride Inicgeaied Development Enwvisonmment (ITE) ao that‘The AAA Model [AAA Gr ipl) has tainly proven ob het! model for usa muy, The thbresonis tas th nur of what happens when se loge in Th ts os ‘tert undertnd and remember Tekno scty sve fit chek he gin ae nk Paco ae kgm, tar uteri” an permit I Hh dd te ‘The server kp alogor acount of al he sures lin nd he races Authentication Valding 2 uss nti to permit ort ogi clathrate ai he se Fores pol tthe wer who Bese cline Be. Thin of cons an be ried rt sem @ ous soage tes rete am apa, «datas, Authnaton eres annie ns oes An Meni col be gt ae gh 1. The credence be a pasword gt eet, aang cll phone nba oF ‘teh the ner allowed aur the appcation or they I hy de a mach, he ert ‘ee cen Authorization er ar appa, ser uc oman The AAA Sever dels whether eer shoul Compare to sateteatonauthranton mach more comple an wih several tpt. Aer cco eee, the ANA or ace server Prove Several ure inert ts te totowing ‘The lfrmatin cn be sro In evra ways sch a 4 Rese Acie Cota BAC) nba, Atborsatoncan ln bo te a of ay, th ator, regu Qo, be uber ofagetin wes Authorsaon for ousted wars ep eee seuty pli for rent coud manu All contaied datas of permission for each use and for each resource (arcware or sppcton} pe Leh the athentcbon and autor prt for alo er ‘Accounting of Goud Resource Utization Accor dus mot aloo deny anything ut espa logfresouc consumption ach the‘Accounting of Goud Resource Utization Acorn does mt aloo deny ayting ut eps gf recur consumption ach the 2 enti othe use eee 2 Langhoteomecton lowing ae th two yes ancourtng ports (eal Time “Accounting Information Ths dinewd corre wah recuse ‘comumplon Ths sua fr Goud wer wack supe and pr the Bl pet oe ‘ofthe payer (© ‘Bath Accounting Inarmatln ~The normaon eae an ln at ter i Sch {ital eeu ee rok orb a he nf pay yc Te ata sowed esting azn rend nap Pig [single example af AAA i alt paring Many tart ote hat you vt may Rave 2 re ates them fo lake Jour vce sway. Howey, or uy em You Maye {hem alt ay Gf hope yo Te valet ny rat eit caret be ‘sed open the gove compartment Gf he) ether des, You re hs iting re {tonsa i oping be diverse do nd vig Te by aos te vee ob ven ough fort ged wor ‘Single Sign-On for Clouds Srl Sign-On (50) a property ofan col fr svelte ut pendent nto [Wah 50, wer loge re tl oie men lhe ate intendo eng prompted rin ‘re npr rach ote On he te had gle gal isthe even wher gang ‘ute anyoplaton ede nant he ser 1550 myparaied bys CRs Forse aber waa aa aT AGE as and re Imitating ied ae ch Alera dntiy manage prove te bt oan SSD ace ras me la Proves ha certain advange sch at ng pt la Farber ot Proviso corr cnn etheriatn Hower fa sve eet cho laws aco ees om dle clo provi ag ge athena, 1M inprovs wer etieny aml uy ete ty rawuces aval from te ond eve proverRee aaa eee eee eee terete ‘nd totypein an OTT, delivered to ther cell phone or corporate e-mail server, Industry Implementations for AKA Industry implementations for AAA services are provided by @ AAA server, which i an application software ona dedicated appliance or «shared server. Applicaions of network devices such a serves routers switches or firewalls can be configured as AAA cents. The nts query ne oF more AAA servers validate wer euens ‘The AAA servers operate on one the allowing protocols: 4 Remote Authentication isn User Service Protocol (RADIUS) RADIUS is common wed by Inet Service Providers (SP) an ener to manage acces othe Inter, neal ‘etworks, wireless networs or application. It sa centaerver whee the cent component ‘ans onthe network device or the serve. The cent communicates with the RADIUS server to utenti or devin before ranting them acews authors howe ers or evi fo Cerin services oF data al accounts fo the resources and service lized, However, RADIUS has several limitations I doesnot del effectively with remote aces, IP mit, an policy contol mates. It has isues with problems ike reibiity (ti Based on User Datsgram Protocol (UDP), aay, ar wells city. Diameter Protocols a successor to RADIUS with a execs set of commands abuts, an features, There san parade path from RADIUS to Dame. thas several ferences uch te lowing + Uses Traine Contr Protcol (IC) or Steam Cer Traemisson Protocol (SCTE) instead of UDP 4+ Uses Se or Tanaport Layer Security (TS) which tre secure than RADIUS 1+ Conti lage adds space for Atte Value Pa (AVP) os well a 3288 enters (rawat otis) 1+ Uses oth states and complete models “+ Contains as support for user session as wel a source scouting, + Contains improved rot eparting facity “+ Bnabes dynamic discovery of pers sing Domain Name System (DNS) service ecards and INAPTR (Name Authority Pointer resource eords used in DNS) ‘crea appiaions use Diameter. These include the felling + Diameter Mobile IPs appicaton Srmprrs9 “+ Diameter Network Acces Serve (NAS) aplication ‘+ Diameter Eaten Authentication Protocol (EAP) apliation ‘Diameter Cre Control applction & TACACS+ (Terminal Acces Controller Aces-Control System) Frotocol=It is developed! by and is a Cico-proprictary protocol. n addon tall he features of RADIUS (such as dain secuniy), i has greater levels of authorization and accounting for eich user. Moreover, TACACS+ uses TCP, whereas RADIUS wses UDP. TCP is seen as a more relate protoea Another diffrence that RADIUS combines authentication a suthorzaton ina user pro, while TACACS¢ separates the two tats, Cloud service providers can use TACACS+ fr thet srs to guarantee reliably and move Neil |. Kerberos Protcol=It is » network authentication protocol that enables two nodes connected ‘ver a non-secure network to communicate with eich other Ina secure manner. Its galning Populanty in environments with sensilve dala. I also beneficial for oud user where ‘uthenttion happera over an open and unaccured network. The poled and mewages re protected agains eavesdropping and replay attach. The passwords ae ot transite over the network Instead t passes Uke to authentate and authorize user. Another feasa for televance to clouds isis compatiblity with several ther security protocol. The Kerberos Profocl his teen developed t Masschusctts lite of Techrnlogy (MFT) and wis DES (Data Encryption Standard) sits exyptographic algorithm. Authentication Management in the Cloud ‘Cloud users and applications can authenticate by either using an intemal Identity Provider (IdP)SE Eee EERE Tere Tere rere ieeTeieerr eerie rete reteee eeeeeeeeceetenrtenetenetee Merten according to Gartner: [Table Ue loud Computing Risks andianwenby Garner Rick oriesue —Descrition wn ious — a = 1 | Privileged | Sensitive data procesed outside the enterprise brings with it an inkerent User Acces | level of risk, because outsourced services bypat the ‘physical, logical and personnel controls" FT shops ext over inhouse programs. Get as mach information 20 you ean about the people who sanage your dil. "Ad providers to supply specific information on the hiring and oversight of Privileged administrator and the contol ver ther aces Garner y= 2 | Regulatory | Customers are ultimately responsible forthe security and integrity oftheir Compliance | own data, even when i is eld by 2 service provider. Tradition) service providers are subjected to extemal audits and secunty certifications, Cloud, computing providers who refse to undergo this scrutiny are "signaling that customers can only use them forthe most trivial Functions,” aconling 1 Garter 18 iss, Consequences, and Cons for Coud Computing “Tub Lit of oud Computing Rik andianues by Garner [lek or eave Descripton ith loud 3 | Dela Location | When you use the cloud, you probably wont knew extetly where your data |s hosted Infact, you might ot even know what country it wl be stored in ‘Ask providers if they wil commit to storing and processing data inspec juristitions, and whether they wil make a contractual commitment to obey local privacy reuirements on bah oftheir customers. «| Daw ‘ata inthe coud i typically in a shared environment alongside data from Segregation | othercustomers. Encryption iffctive but is acureal "Find out whats done te sereyae data at rest” Garner advnes The cloud provider should provide evidence that encryption schemes were designed and tested by. experienced specials. “Encryption accidens can make data toally unusable, and ever ronal encrypion can complicate. avalbility.” Garner sys 5 | Recovery | Evemifyou dont know whee your data isa clood provider should tl you ‘what wl gyn to your data eel service in came fa inser. "Ay oer, ‘hat doesnot replicate the data and application infrastructure across multiple sites is vunerable toa tal faire” Garner says Ask your provider fits "ho abit odo a complete restoration. and how log it wl take © | investigative | Investigating inappropriate or ilgal activity may be imposible in dowd ‘Suppor computing, Gartner ware “Cloud services are expecially lfc 1 investigate, because logging and data for multiple customers may be co located and may also be spread across an everchanging set of hosts and datacenters If you cannot get a contractual commitment to support spec forms of investigation along with evidence thatthe vendor has already succesfully supported such actives, then your only sae assumption i that lnvestigation and discovery requests willbe imposible" 7 | Longaem | Ideally, your coud computing provider will never go broke or get acquired Visbilty | and swallowed up by a larger company. But you most be sure your data will remain available even afer sich an event. “Ask pote provders Row Yu would gt your data Back and ft would be ina format tt you coud import nm areplacment pplication” Carter sysFactors for successful cloud deployment men 42yea8 agoby + modified 26year ago BB teamquesi0.© 40k cloud computing FoLLOW suaRE ET Answer ten 42 yeas agoby Cloud migraton assessments comprise assessments to understand the issues involved inthe specific case of migration at te application level or the code, the design, the architecture, or usage levels The fist step ofthe iterative process ofthe seven step model of migration is basically t the assessment level, Proof of concepts or prototypes for various approaches to the migration along with the leveraging of pricing parameters enables one to make appropriate assessments, These assessments are about the costof migration as wells about the ROI that can be achieved in the case ofproduction version. sae | a 9 Figure 8: The teratve Seven Step Migration Mode! The nent process steps in isolating all systemic and environmental dependencies of the enterprise application components within the captive data center. Ths, in tun, yields a picture of the level of complexity of the migration. After tolation is complete, one then goes about generating the mapping constructs between what shall possibly remain in the local captive data center and what goes onto the cloud. Soa substantial part ofthe enterprise application needs to bere architected, redesigned, and re implemented on the cloud. This getsin just about the functionality ofthe original enterprise application, Due to this migration, itis possible perhaps thatsome functionality i lost. Inthenext process step we leverage the intrinsic features ofthe coud computing service to ‘augmentour enterprise application ints own small ways. Having done the augmentation, We validate and test the new form of the enterprise application with an extensive test suite that comprise testing the components ofthe enterprise application on the cloud as well. These test results could be positive or mixed.Cloud Storage Gateways (CSGs) To addres the performance and socuityisues in public clouds, consumer organizations can use (CSGe The CSG isan appllance residing nthe customer’ premises and provides dala protection by neryptng compestng and archiving datasets before moving the data to a cloud. (CSG ia storage appliance, healed ha Corer GalacoTi TimeTepi athe VO between The Cusamer {ataconter anda te publ coud 'A CSG could be inthe frm of a hardware appliance with a cache that canbe installed within your corporate office or datacenter, as shown in Figure Cloud Storage Provider A Road-shesd ‘Data and Initia metadata oniigraion Cloud Storage Provider ® ‘A.CSG at the corporate office intercepts and manages al the 1/0 between the users and the cloud ‘storage providers. A CSG could also be a downloadable software program that can be stalled on server atthe customer lation. CSG have a local cache to store data tempor. Users can download 2 CSG software and configure a local storage device a the cache, CSGs eliminate the nae of vendor lackin, because they suppor various formats nd faiitate data backup In Figure 5, the CSG is located inthe customer premises It may contact the CSG vender to get credenil foreach cloud provider a user makes use of and for the call-home features (i enable) ‘The calthome features allow the C5G to automatically report ister, wats, problems, and agnostic reports tothe CSG vendor to erable preventive maintenance or accelerate problem 195 apr ‘solution It should be able to send dat via email, SMS, or by posting them on the wer ntrace of ‘themonitoring application. The CSG provides data protection in steps: 12 The CSC cache accelerates 1/0 rates and enables convenient replication procedure (Files that are to-becopied oth cloud are fist stored inthe CSG cache (Altera certain pre-e! ime interval the cache datas pushes to the cloud, (2 Data thats read from the ud scoped tothe cache, eam ec a aeshue resolution. It should be able to send data via email, SMS, or by posting them onthe user interface of the monitoring spplcalion. The CSG provides data protection in steps 2 The CSG cache accelerates 1/0 rates and enables a convenient replication proces 2. Files that are to-be-cpled tothe cloud at fr stredin the CSC cache 2 Afra certain preset time interval, the cache data i pushed tothe coud 2. Data thats rea fom the cloud is copie to the cache. "oimproweperformaney, the C3G caches data as well as met the following features or beni: 3 Caching Algorithms—The cache in a CSG provides a bulfer of vital data to speed access and reads, instead of having to reach ou tothe orignal servers to ead data each time itis required The CSG must see cen algorithms, such asthe Leastocentiy Used (LRU) algorithm, to enhance the cache ht ate. Using LRU, the CSG keeps ait of al reently-used data in itscache. Data that is not used fora certain period of time is removed from the cache. IF they are referenced later, the CSG retrieves the data from the cloud and reinstates it in the cache If the requested file alge pce ofthe file is requested from the cloud and provided tothe tex. In the mation, the someting pws of fhe Ble are ques fren the dove. The ‘vantage is that the weer i able to acess parts ofthe lin lw time and does not have fo wait for the time roqired to pull the entire fle. Afr the ene file ereved it stored inthe cache an the user asthe advantage of wirespeed 1/O rates, 2 Intelligent Prefetching Algoiths—The CSG must monitor rd pattrna and intligently reich dat from the cloud! to the cache before the ser raquat the data, Inst ue the read [story to establish a pat to predict what the user may request nex and proactively fetch the data into the cache. The CSG must measure its success rte and regulate its algorithm in ral= time to improve cache hit aes 2 Caching Time Periods —Some CSCs allow uses to sctup a caching time duration. In other cases, ‘must be aggressive in removing oi-cached data in preference to newlycached data. Small cachetimeperiod provides enough space to ore all the newly-wrten data and read-ahead eontent and metadata, 2 Synchronous Snapshots —The CSG must ake a synchronous snapshot ofthe use fle tee and data, This an instantaneous, sub-second picture ofthe customer's le sytem at a particular Instant It allows the CSG to identity new and modified data, which are tagged as det and saved to the cloud 2 Data Replication Process—The CSG must have an eclent data transfer mechanism Mealy, it ‘must spl les into chunks 2s shown in gure & The C5G you elect mut provide 1969 Synchronous Snapshots—The CSG must take a synchronous snapshot of the user file tree and data, This i an instantaneous, subsecond picture of the customer's filesystem at a particular instant It allows the CSG to identify new and modified data, which are tagged as dity and moved to the dowd 2 Data Replication Process—The CSG must have an efficient data transer mechanism. deal, it ‘must split files into chunks, as shown in Figure 6 196 Date Secury Inthe Cloud oy Be csowncaon Figure €: Ute of €86 to Copy and Save Data lna Cloud ‘The data must be de-luplicated, compressed, and encrypted before sending to the cloud, De- duplication reduces the amount to data that must be copied to the cloud. Compression reduces storage and bandiwidth utilization, and hence, the fes tothe cloud provider. 12 End-to-end Encryption This protects data from being read by unauthorized users and hackers. ‘The CSG must use strong data encryption for the content as well as the metadata. The encryption algorithm must use random keys to avoid anyone from intocopling a series of encrypted data and reverse-engineering the keys, Someone intercepting any data should not be able to decipher any content or metadata 1] Secure Channels—Ideally, the data in-transit between the CSG and the cloud is double encrypled; its enerypted before itis transmitted and also when itis sent over a Virtual Private [Network (VPN) tunnel tothe cloud. At the other end of the VPN tunnel, the cloud provider's employees cannot decipher the dat, because it is encrypted Data Compression —It helps reduce bandwidth and storage space utilization, CSG Tuning Parameters—The CSG must allow its administrator to tune certain parameters such as maximum bandwidth utilization during certain time periods and cache push intervals For example, if the cloud bandwidth utilization is high from 10 a.m. to 12 a.m, the CSG ean be regulated to use a maximum of 10 kbps during that time interval. A CSG can be tuned to create ‘ew instances of virtual machines and data copies to moet peak loads in real-time Advantages of Using a CSG “The advantages of using a CSG at your datacenter are evident. You buy the CSG as a data staging area to facilitate the use of unlimited storage space inthe cloud. This relieves the internal storage systems, because you move your dats to the cloud. You no longer need to plan or purchase storage for expansion. These are eliminated in favor of a pay-per-use cloud billing. Backups of your corporate e-mail database, source code etc. are now easier and with faster acces, enhanced security, and snapshot-based protection,Google App Engine Cloud Computing Google App Engine is An example of Platform as a Service (PaaS). Google App Engine provides Web app developers and enterprises with access to Google's scalable hosting and tier 1 Internet service. Google App Engine provides a scalable runtime based on the Java and Python programming language. Applications in Google app engine stores data in Google BigTable. Application in Google app engine uses Google query language. If applications are non-compatible to Google app engine, than application needed to be make compatible with Google app engine. All application are not supported by Google app engine. Google App Engine also removed some system administration and developmental tasks to make it easier to write scalable applications.vue Cost of Google App Engine: 1. Google app engine provides limited resource usage as free of cost. 2. After free resource usage limit users can per day or per minute basis. Why to use Google App Engine ? There are following reasons to use Google app engine: 1. Google app engine allows you to build web applications on the same stable and extendable platform which having support facility of Google's large number of applications. 2. Google app engine gives facility to use and run applications in Google's data center. 3. Google app engine's language Java and Python are easy to understand and implement. 4. This platform is absolutely free; you can purchase additional resources if needed, 5, Using Google accounts you can use Google app engine's services. 6. Itis easy to scale up as your data storage and traffic needs grows with time. 7. Google also provides marketing facility to our apps. 8, User can easily write the application code, and can test it on own local system and upload it to Google at the click of a button of with a few lines of command script. 9, There is no need to take approval from system administration to upload or launch a new version of the application. 10. Google takes care of all the apps maintenance and allows users/developers to focus on the features of the application.