UNIT III CLOUD ARCHITECTURE, SERVICES AND STORAGE

Layered Cloud Architecture Design – NIST Cloud Computing Reference Architecture –

Public, Private and Hybrid Clouds - IaaS – PaaS – SaaS – Architectural Design Challenges
– Cloud Storage – Storage-as-a-Service – Advantages of Cloud Storage – Cloud Storage
Providers – S3.
1. LAYERED CLOUD ARCHITECTURE DESIGN

 Explain the various Layered Cloud Architectural Development design for effective cloud
computing environment. (13)Nov/Dec 2020

Generic Cloud Architecture Design:

An Internet cloud is envisioned as a public cluster of servers provisioned on demand
to perform collective web services or distributed applications using data-center
resources.
 Cloud Platform Design Goals
 Enabling Technologies for Clouds
 A Generic Cloud Architecture
Cloud Platform Design Goals
 Scalability
 Virtualization
 Efficiency
 Reliability
 Security
Cloud management receives the user request and finds the correct resources.
Cloud calls the provisioning services which invoke the resources in the cloud. Cloud
management software needs to support both physical and virtual machines
Enabling Technologies for Clouds
 Cloud users are able to demand more capacity at peak demand, reduce costs,
experiment with new services, and remove unneeded capacity.
 Service providers can increase system utilization via multiplexing,
virtualization anddynamic resource provisioning.
 Clouds are enabled by the progress in hardware, software and networking
technologies
 Cloud users are able to demand more capacity at peak demand, reduce costs,
experiment with new services, and remove unneeded capacity.
  Service providers can increase system utilization via multiplexing,
virtualization anddynamic resource provisioning.

 Clouds are enabled by the progress in hardware, software and networking

technologies

A Generic Cloud Architecture

 The Internet cloud is envisioned as a massive cluster of servers.
 Servers are provisioned on demand to perform collective web services using data-
center resources.
 The cloud platform is formed dynamically by provisioning or deprovisioning servers,
software, and database resources.
 Servers in the cloud can be physical machines or VMs.
 User interfaces are applied to request services.
 The cloud computing resources are built into the data centers.
Data centers are typically owned and operated by a third-party
provider.Consumers do not need to know the underlying technologies
 In a cloud, software becomes a service.
 Cloud demands a high degree of trust of massive amounts of data retrieved from
largedata centers.
 The software infrastructure of a cloud platform must handle all resource
managementand maintenance automatically.
 Software must detect the status of each node server joining and leaving.
 Cloud computing providers such as Google and Microsoft, have built a large
numberof data centers.
 Each data center may have thousands of servers.
 The location of the data center is chosen to reduce power and cooling costs.
Layered Cloud Architectural Development

 The architecture of a cloud is developed at three layers

� Infrastructure
� Platform
� Application
  Implemented with virtualization and standardization of hardware and software
resources provisioned in the cloud.
The services to public, private and hybrid clouds are conveyed to users through
networkingsupport
Infrastructure Layer
 Foundation for building the platform layer.
 Built with virtualized compute, storage, and network resources.
 Provide the flexibility demanded by users.
 Virtualization realizes automated provisioning of resources and optimizes
theinfrastructure management process.
Platform Layer
 Foundation for implementing the application layer for SaaS applications.
 Used for general-purpose and repeated usage of the collection of software resources.
 Provides users with an environment to develop their applications, to test
operationflows, and to monitor execution results and performance.
The platform should be able to assure users that they have scalability, dependability,
andsecurity protection
Application Layer
 Collection of all needed software modules for SaaS applications.
 Service applications in this layer include daily office management work, such
asinformation retrieval, document processing, and authentication services.
 The application layer is also heavily used by enterprises in business marketing
andsales, consumer relationship management (CRM) and financial transactions.
 Not all cloud services are restricted to a single layer.
 Many applications may apply resources at mixed layers.
 Three layers are built from the bottom up with a dependence relationship.
Market-Oriented Cloud Architecture
 High-level architecture for supporting market-oriented resource allocation in a
cloudcomputing environment.
 Users or brokers acting on user’s behalf submit service requests to the data center.
 When a service request is first submitted, the service request examiner
interprets thesubmitted request for QoS requirements.
Accept or Reject the request.
  VM Monitor: Latest status information regarding resource availability.
 Service Request Monitor: Latest status information workload processing
 Pricing mechanism: Decides how service requests are charged.
 Accounting mechanism: Maintains the actual usage of resources by requests to
compute the final cost.
 VM Monitor mechanism keeps track of the availability of VMs and their
resourceentitlements.
 Dispatcher starts the execution of accepted service requests on allocated VMs.
Service Request Monitor mechanism keeps track of the execution progress of
servicerequests.
Multiple VMs can be started and stopped on demand
Quality of Service Factors
QoS parameters
 Time
 Cost
 Reliability
 Trust/security
QoS requirements cannot be static and may change over time.
 2. NIST CLOUD COMPUTING REFERENCE ARCHITECTURE
Definitions
 A model of computation and data storage based on “pay as you go” access to“unlimited”
remote data center capabilities.
 A cloud infrastructure provides a framework to manage scalable, reliable, on-demand
access to applications.
 Cloud� services� provide� the� “invisible”� backend� to� many� of� our� mobile� applications.
High level of elasticity in consumption.
NIST Cloud Definition:
The National Institute of Standards and Technology (NIST) defines cloud computing as a

"pay-per-use model for enabling available, convenient and on-demand network access to a
shared pool of configurable computing resources (e.g., networks, servers, storage,
applications and services) that can be rapidly provisioned and released with minimal
management effort or service provider interaction."

Architecture
1. Architecture consists of 3 tiers
a. Cloud Deployment Model
b. Cloud Service Model
c. Essential Characteristics of Cloud Computing .
 Essential Characteristics 1
On-demand self-service.
A consumer can unilaterally provision computing capabilities such as server time and network
storage as needed automatically, without requiring human interaction with a service provider.
Essential Characteristics 2
Broad network access.
Capabilities are available over the network and accessed through standard mechanisms that
promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and
PDAs) as well as other traditional or cloudbased software services.
Essential Characteristics 3
Resource pooling.
The� provider’s� computing� resources� are� pooled� to� serve� multiple� consumers using a multi-
tenant model, with different physical and virtual resources dynamically assigned and
reassigned according to consumer demand.
Essential Characteristics 4
Rapid elasticity.
Capabilities can be rapidly and elastically provisioned - in some cases automatically - to quickly
scale out; and rapidly released to quickly scale in.
To the consumer, the capabilities available for provisioning often appear to be unlimited and
can be purchased in any quantity at any time.
Essential Characteristics 5
Measured service.
Cloud systems automatically control and optimize resource usage by leveraging a metering
capability at some level of abstraction appropriate to thetype of service.
Resource usage can be monitored, controlled, and reported - providing transparency for
both the provider and consumer of the service.

NIST (National Institute of Standards and Technology Background)

The goal is to accelerate the federal government’s adoption of secure and effective cloudcomputing to
reduce costs and improve services.
 Cloud Computing Reference Architecture:

Actors in Cloud Computing

Interactions between the Actors in Cloud Computing

Example Usage Scenario 1:
 A cloud consumer may request service from a cloud broker instead of
contacting acloud provider directly.
 The cloud broker may create a new service by combining multiple services or
byenhancing an existing service.
Usage Scenario- Cloud Brokers
 In this example, the actual cloud providers are invisible to the cloud consumer.
 The cloud consumer interacts directly with the cloud broker.

Example Usage Scenario 2

 Cloud carriers provide the connectivity and transport of cloud services from cloud
providers to cloud consumers.
 A cloud provider participates in and arranges for two unique service level
agreements (SLAs), one with a cloud carrier (e.g. SLA2) and one with a cloud
consumer (e.g. SLA1).
Usage Scenario for Cloud Carriers
 A cloud provider arranges service level agreements (SLAs) with a cloud carrier.
 Request dedicated and encrypted connections to ensure the cloud services.

Example Usage Scenario 3

• For a cloud service, a cloud auditor conducts independent assessments of the
operation and security of the cloud service implementation.
 • The audit may involve interactions with both the Cloud Consumer and the
CloudProvider.

Cloud Consumer
 The cloud consumer is the principal stakeholder for the cloud computing service.
 A cloud consumer represents a person or organization that maintains a business
relationship with, and uses the service from a cloud provider.
The cloud consumer may be billed for the service provisioned, and needs to arrange
payments accordingly.
Example Services Available to a Cloud Consumer

 The consumers of SaaS can be organizations that provide their members with
accessto software applications, end users or software application administrators.
 SaaS consumers can be billed based on the number of end users, the time of use,
thenetwork bandwidth consumed, the amount of data stored or duration of stored
data.
  Cloud consumers of PaaScan employ the tools and execution resources provided
by cloud providers to develop, test, deploy and manage the applications.
 PaaS consumers can be application developers or application testers who run and
test applications in cloud-based environments,.
 PaaS consumers can be billed according to, processing, database storage and
network resources consumed.
 Consumers of IaaS have access to virtual computers, network-accessible storage
& network infrastructure components.
 The consumers of IaaS can be system developers, system administrators and IT
managers.
 IaaS consumers are billed according to the amount or duration of the resources
consumed, such as CPU hours used by virtual computers, volume and duration of
datastored.
Cloud Provider
 A cloud provider is a person, an organization;
 It is the entity responsible for making a service available to interested parties.
 A Cloud Provider acquires and manages the computing infrastructure required
forproviding the services.
 Runs the cloud software that provides the services.
Makes arrangement to deliver the cloud services to the Cloud Consumers through
networkaccess.

Cloud Provider - Major Activities

Cloud Auditor
 A cloud auditor is a party that can perform an independent examination of
cloudservice controls.
 Audits are performed to verify conformance to standards through review of
objectiveevidence.
 A cloud auditor can evaluate the services provided by a cloud provider in terms
ofsecurity controls, privacy impact, performance, etc.
Cloud Broker
 Integration of cloud services can be too complex for cloud consumers to manage.
 A cloud consumer may request cloud services from a cloud broker, instead of
contacting a cloud provider directly.
 A cloud broker is an entity that manages the use, performance and delivery of
cloud services. Negotiates relationships between cloud providers and cloud
consumers.
Services of cloud broker
Service Intermediation:
 A cloud broker enhances a given service by improving some specific capability
andproviding value-added services to cloud consumers.
Service Aggregation:
 A cloud broker combines and integrates multiple services into one or more
newservices.
 The broker provides data integration and ensures the secure data movement
betweenthe cloud consumer and multiple cloud providers.
Services of cloud broker
Service Arbitrage:
 Service arbitrage is similar to service aggregation except that the services being
aggregated are not fixed.
 Service arbitrage means a broker has the flexibility to choose services from
multipleagencies.
Eg: The cloud broker can use a credit-scoring service to measure and select an agency
withthe best score.
Cloud Carrier
 A cloud carrier acts as an intermediary that provides connectivity and
transport ofcloud services between cloud consumers and cloud providers.
  Cloud carriers provide access to consumers through network.
 The distribution of cloud services is normally provided by network
andtelecommunication carriers or a transport agent
 A transport agent refers to a business organization that provides physical
transport of storage media such as high-capacity hard drives and other access
devices.
Scope of Control between Provider and Consumer
The Cloud Provider and Cloud Consumer share the control of resources in a cloud system

 The application layer includes software applications targeted at end users or

programs.
The applications are used by SaaS consumers, or installed/managed/maintained by PaaS
consumers, IaaS consumers and SaaS providers.
 The middleware layer provides software building blocks (e.g., libraries, database,
andJava virtual machine) for developing application software in the cloud.
 Used by PaaS consumers, installed/ managed/ maintained by IaaS consumers or
PaaSproviders, and hidden from SaaS consumers.
 The OS layer includes operating system and drivers, and is hidden from SaaS
consumers and PaaS consumers.
 An IaaS cloud allows one or multiple guest OS to run virtualized on a single
physicalhost.
The IaaS consumers should assume full responsibility for the guest OS, while the
IaaSprovider controls the host OS
 3. PUBLIC, PRIVATE AND HYBRID CLOUDS
 What is a Hybrid cloud? (2) Nov/Dec 2021
 Outline the various deployment models of cloud with neat sketch and identify which among them
could be applied to formulate cloud structure for a small firm. (13) Nov/Dec 2021
 Differentiate Public cloud and Private Cloud.(2) Nov/Dec 2020

 Public Cloud
 Private Cloud
 Hybrid Cloud
 Community Cloud
Public cloud

 A public cloud is one in which the cloud infrastructure and computing

resources aremade available to the general public over a public network.
 A public cloud is meant to serve a multitude(huge number) of users, not
a singlecustomer.
 A fundamental characteristic of public clouds is multitenancy.
 Multitenancy allows multiple users to work in a software environment at
the sametime, each with their own resources.
 Built over the Internet (i.e., service provider offers resources, applications
storage tothe customers over the internet) and can be accessed by any user.
 Owned by service providers and are accessible through a subscription.
 Best Option for small enterprises, which are able to start their businesses
withoutlarge up-front(initial) investment.
 By renting the services, customers were able to dynamically upsize or
downsize theirIT according to the demands of their business.
 Services are offered on a price-per-use basis.
 Promotes standardization, preserve capital investment
 Public clouds have geographically dispersed datacenters to share the load of
users andbetter serve them according to their locations
 Provider is in control of the infrastructure
Examples:
 Amazon EC2 is a public cloud that provides Infrastructure as a Service
 Google AppEngine is a public cloud that provides Platform as a Service
 SalesForce.com is a public cloud that provides software as a service.
Advantage
 Offers unlimited scalability – on demand resources are available to meet
yourbusiness needs.
 Lower costs—no need to purchase hardware or software and you pay only
for theservice you use.
 No maintenance - Service provider provides the maintenance.
 Offers reliability: Vast number of resources are available so failure of a system
willnot interrupt service.
 Services like SaaS, PaaS, IaaS are easily available on Public Cloud platform as it
canbe accessed from anywhere through any Internet enabled devices.
 Location independent – the services can be accessed from any location
Disadvantage
 No control over privacy or security
 Cannot be used for use of sensitive applications(Government and Military
agencieswill not consider Public cloud)
 Lacks complete flexibility(since dependent on provider)
 No stringent (strict) protocols regarding data management

Private Cloud
 Cloud services are used by a single organization, which are not exposed to the public
 Services are always maintained on a private network and the hardware and
softwareare dedicated only to single organization
 Private cloud is physically located at
 Organization’s premises [On-site private clouds] (or)
 Outsourced(Given) to a third party[Outsource private Clouds]
 It may be managed either by
 Cloud Consumer organization (or)
 By a third party
 Private clouds are used by
  government agencies
 financial institutions
 Mid size to large-size organisations.
 On-site private clouds

Fig: On-site private clouds

Out-sourced Private Cloud

 Supposed to deliver more efficient and convenient cloud

 Offers higher efficiency, resiliency(to recover quickly), security, and privacy

 Customer information protection: In-house security is easier to maintain and
relyon.
  Follows its own(private organization) standard procedures and
operations(where as in public cloud standard procedures and
operations ofservice providers are followed )
Advantage
 Offers greater Security and Privacy
 Organization has control over resources
 Highly reliable
 Saves money by virtualizing the resources
Disadvantage
 Expensive when compared to public cloud
 Requires IT Expertise to maintain resources.

Hybrid Cloud
 Built with both public and private clouds
 It is a heterogeneous cloud resulting from a private and public clouds.
 Private cloud are used for
 sensitive applications are kept inside the organization’s network
 business-critical operations like financial reporting
 Public Cloud are used when
 Other services are kept outside the organization’s�network
 high-volume of data
 Lower-security needs such as web-based email(gmail,yahoomail etc)
 The resources or services are temporarily leased for the time required and
then released. This practice is also known as cloud bursting.
 Fig: Hybrid Cloud
Advantage
 It is scalable
 Offers better security
 Flexible-Additional resources are availed in public cloud when needed
 Cost-effectiveness—we have to pay for extra resources only when needed.
 Control - Organisation can maintain a private infrastructure for sensitive application

Disadvantage
 Infrastructure Dependency
 Possibility of security breach(violate) through public cloud

Cloud Service Models

� Software as a Service (SaaS)
� Platform as a Service (PaaS)
� Infrastructure as a Service (IaaS)
 These models are offered based on various SLAs between providers and
usersSLA of cloud computing covers
o service availability
o performance
 data protection
 Security
4. SOFTWARE AS A SERVICE(SAAS)( COMPLETE SOFTWARE OFFERING ON THE CLOUD)
1.SaaS is a licensed software offering on the cloud and pay per use
SaaS is a software delivery methodology that provides licensed multi-tenant access tosoftware
and its functions remotely as a Web-based service. Usually billed based on usage
a. Usually multi tenant environment
b. Highly scalable architecture
2.Customers do not invest on software application programs.
3.The capability provided to�the� consumer�is� to�use�the� provider’s�applications� running on a
cloud infrastructure.
4.The applications are accessible from various client devices through a thin clientinterface such
as a web browser (e.g., web-based email).
5.The consumer does not manage or control the underlying cloud infrastructure including
network, servers, operating systems, storage, data or even individual application capabilities,
with the possible exception of limited user specificapplication configuration settings.
6. On the customer side, there is no upfront investment in servers or software licensing.
7. It is a “one-to-many” software delivery model, whereby an application is sharedacross
multiple users
8. Characteristic of Application Service Provider(ASP)o Product
sold to customer is application access.
o Application is centrally managed by Service Provider.
o Service delivered is one-to-many customers
o Services are delivered on the contract
E.g. Gmail and docs, Microsoft SharePoint, and the CRM software(Customer Relationship
management)
SaaS providers
 Google’s Gmail, Docs, Talk etc
 Microsoft’s Hotmail, Sharepoint
 SalesForce,
 Yahoo
 Facebook
5. INFRASTRUCTURE AS A SERVICE (IAAS) ( HARDWARE OFFERINGS ON THE CLOUD)
IaaS is the delivery of technology infrastructure (mostly hardware) as an on demand,scalable
service .
 Usually billed based on usage
 Usually multi-tenant virtualized environment
 Can be coupled with Managed Services for OS and application support
 User can choose his OS, storage, deployed app, networking components
 The capability provided to the consumer is to provision processing, storage,
networks, and other fundamental computing resources.
 Consumer is able to deploy and run arbitrary software, which may include
operating systems and applications.
 The consumer does not manage or control the underlying cloud infrastructure
but has control over operating systems, storage and deployed applications.

 IaaS/HaaS solutions bring all the benefits of hardware virtualization:

 workload partitioning, application isolation, sandboxing, and hardware
tuning
 Sandboxing: A program is set aside from other programs in a separate
environmentso that if errors or security issues occur, those issues will not spread
to other areas onthe computer.
 Hardware tuning: To improve the performance of system
 The user works on multiple VMs running guest OS.
 the service is performed by rented cloud infrastructure
 The user does not manage or control the cloud infrastructure, but can specify
when to request and release the needed resources.

IaaS providers
 Amazon Elastic Compute Cloud (EC2)
◦ Each instance provides 1-20 processors, upto 16 GB RAM, 1.69TB storage
 RackSpace Hosting
◦ Each instance provides 4 core CPU, upto 8 GB RAM, 480 GB storage
 Joyent Cloud
◦ Each instance provides 8 CPUs, upto 32 GB RAM, 48 GB storage
 Go Grid
 ◦ Each instance provides 1-6 processors, upto 15 GB RAM, 1.69TB storage

6. PLATFORM AS A SERVICE (PAAS) ( DEVELOPMENT PLATFORM)

 Summarize the benefits and drawbacks of using “Platform as a Service”(2) Nov/Dec 2020
 PaaS provides all of the facilities required to support the complete life cycle of building,
delivering and deploying web applications and services entirely from the Internet.
 Typically applications must be developed with a particular platform in mind
• Multi tenant environments
• Highly scalable multi tier architecture
1. The capability provided to the consumer is to deploy onto the
cloud infrastructure consumer created or acquired applications
created using programming languages and tools supported by
the provider.
2. The consumer does not manage or control the underlying cloud
infrastructure including network, servers, operating systems, or
storage.
Have control over the deployed applications and possibly application hosting
environment configurations.

Customers are provided with execution platform for developing applications.

Execution platform includes operating system, programming language
executionenvironment, database, web server, hardware etc.
This acts as middleware on top of which applications built
The user is freed from managing the cloud Infrastructure
Application management is the core functionality of the
middlewareProvides runtime(execution) environment
Developers design their applications in the execution environment.
Developers need not concern about hardware (physical or virtual), operating
systems, andother resources.
PaaS core middleware manages the resources and scaling of applications on demand.
PaaS offers
 Execution environment and hardware resources (infrastructure) (or)
o software is installed on the user premises
PaaS: Service Provider provides Execution environment and hardware
resources(infrastructure)

Characteristics of PaaS
Runtime framework: Executes end-user code according to the policies set by the user
andthe provider.
 Abstraction: PaaS helps to deploy(install) and manage applications on the cloud.
Automation: Automates the process of deploying applications to the
infrastructure,additional resources are provided when needed.
Cloud services: helps the developers to simplify the creation and delivery
cloudapplications.
PaaS providers
 Google App Engine
◦ Python, Java, Eclipse
 Microsoft Azure
◦ .Net, Visual Studio
 Sales Force
◦ Apex, Web wizard
 TIBCO,
 VMware,
 Zoho
Cloud Computing – Services
 Software as a Service - SaaS
 Platform as a Service - PaaS
 Infrastructure as a Service - IaaS
 Category Description Product Type Vendors
and
Products
PaaS-I Execution platform is Middleware + Force.com,
provided along with Long jump
hardware resources Infrastructure
(infrastructure)
PaaS -II Execution platform is Middleware + Google App
provided with additional Infrastructure, Engine
components Middleware

PaaS- III Runtime environment for Middleware + Microsoft Azure

developing any kindof Infrastructure,
application development Middleware

7. ARCHITECTURAL DESIGN CHALLENGES

Challenge 1 : Service Availability and Data Lock-in
ProblemService Availability
Service Availability in Cloud might be affected because ofSingle Point Failure
Distributed Denial of Service
Single Point Failure
o Depending on single service provider might result in failure.
o In case of single service providers, even if company has multiple data
centres located in different geographic regions, it may have common
software infrastructure and accounting systems.
Solution:
 Multiple cloud providers may provide more protection from failures and they provide
HighAvailability(HA)
 Multiple cloud Providers will rescue the loss of all data.
Distributed Denial of service (DDoS) attacks.
 Cyber criminals, attack target websites and online services and makes services
unavailableto users.
 DDoS tries to overwhelm (disturb) the services unavailable to user by having more
trafficthan the server or network can accommodate.
Solution:
 Some SaaS providers provide the opportunity to defend against DDoS attacks by
usingquick scale-ups.
Customers cannot easily extract their data and programs from one site to run on
another.Solution:
 Have standardization among service providers so that customers can deploy
(install)services and data across multiple cloud providers.

Data Lock-in
It is a situation in which a customer using service of a provider cannot be moved to
anotherservice provider because technologies used by a provider will be incompatible
with other providers.
This makes a customer dependent on a vendor for services and makes customer
unable touse service of another vendor.
Solution:
 Have standardization (in technologies) among service providers so that
customers caneasily move from a service provider to another.

Challenge 2: Data Privacy and Security Concerns

Cloud services are prone to attacks because they are accessed through internet.
Security is given by
 Storing the encrypted data in to cloud.
 Firewalls, filters.
Cloud environment attacks include
 Guest hopping
 Hijacking
 VM rootkits.
Guest Hopping: Virtual machine hyper jumping (VM jumping) is an attack method
thatexploits(make�use�of)�hypervisor’s�weakness�that�allows�a�virtual�machine�(VM)�to�
be accessed from another.
Hijacking: Hijacking is a type of network security attack in which the attacker
takescontrol of a communication
 VM Rootkit: is a collection of malicious (harmful) computer software, designed to
enableaccess to a computer that is not otherwise allowed.
A man-in-the-middle (MITM) attack is a form of eavesdroppping(Spy) where
communication between two users is monitored and modified by an unauthorized
party.
 Man-in-the-middle attack may take place during VM migrations [virtual machine
(VM)migration - VM is moved from one physical host to another host].
Passive attacks steal sensitive data or passwords.
Active attacks may manipulate (control) kernel data structures which will cause
majordamage to cloud servers.

Challenge 3: Unpredictable Performance and Bottlenecks

Multiple VMs can share CPUs and main memory in cloud computing, but I/O sharing
isproblematic.
Internet applications continue to become more data-intensive (handles huge
amount ofdata).
Handling huge amount of data (data intensive) is a bottleneck in cloud environment.
Weak Servers that does not provide data transfers properly must be removed from
cloudenvironment

Challenge 4: Distributed Storage and Widespread Software Bugs

The database is always growing in cloud applications.
There is a need to create a storage system that meets this growth.
This demands the design of efficient distributed SANs (Storage Area Network of
Storagedevices).
Data centres must meet
 Scalability
 Data durability
 HA(High Availability)
 Data consistence
Bug refers to errors in software.

Debugging must be done in data centres.

Challenge 5: Cloud Scalability, Interoperability and Standardization
Cloud Scalability
Cloud resources are scalable. Cost increases when storage and network
bandwidthscaled(increased)
Interoperability
Open Virtualization Format (OVF) describes an open, secure, portable, efficient,
andextensible format for the packaging and distribution of VMs.
OVF defines a transport mechanism for VM, that can be applied to different
virtualizationplatforms
Standardization
Cloud standardization, should have ability for virtual machine to run on any
virtualplatform.

Challenge 6: Software Licensing and Reputation Sharing

Cloud providers can use both pay-for-use and bulk-use licensing schemes to widen
thebusiness coverage.
Cloud providers must create reputation-guarding�services�similar�to�the�“trusted�e-
mail”services
Cloud providers want legal liability to remain with the customer, and vice versa.

8. CLOUD STORAGE
 Outline the key challenges associated in the process of storing images in cloud (2)
Nov/Dec 2021
 Demonstrate the architectural design of compute and storage clouds. (2) Nov/Dec 2020

Storing your data on the storage of a cloud service provider rather than on a local
system.Data stored on the cloud are accessed through Internet.
Cloud Service Provider provides Storage as a Service

Storage as a Service
 Third-party provider rents space on their storage to cloud users.
 Customers move to cloud storage when they lack in budget for having their own storage.
 Storage service providers takes the responsibility of taking current backup,
replication,and disaster recovery needs.
 Small and medium-sized businesses can make use of Cloud Storage
 Storage is rented from the provider using a

 cost-per-gigabyte-stored (or)

cost-per-data-transferred
 The�end�user�doesn’t�have�to�pay�for�infrastructure�(resources),�they�have�to�pay�
only forhow much they transfer and save on�the�provider’s storage.

Providers
 Google Docs allows users to upload documents, spreadsheets, and
presentations toGoogle’s data servers.
 Those files can then be edited using a Google application.
 Web email providers like Gmail, Hotmail, and Yahoo! Mail, store email messages
ontheir own servers.
 Users can access their email from computers and other devices connected to the Internet.
 Flicker and Picasa host millions of digital photographs, Users can create their own
onlinephoto albums.
 YouTube hosts millions of user-uploaded video files.
 Hostmonster and GoDaddy store files and data for many client web sites.
 Facebook and MySpace are social networking sites and allow members to post
picturesand other content. That content is stored�on�the�company’s servers.
 MediaMax and Strongspace offer storage space for any kind of digital data.

i. Data Security
1. To secure data, most systems use a combination of techniques:
 Encryption
 Authentication
 Authorization
Encryption
 Algorithms are used to encode information. To decode the information keys are required.
Authentication processes
 This requires a user to create a name and password.
Authorization practices
 The client lists the people who are authorized to access information stored on the
cloudsystem.
If information stored on the cloud, the head of the IT department might have complete
andfree access to everything.

Reliability
 Service Providers gives reliability for data through redundancy (maintaining
multiplecopies of data).
Reputation is important to cloud storage providers. If there is a perception that the
provider isunreliable, they�won’t�have many clients.
Advantages
 Cloud storage providers balance server loads.
 Move data among various datacenters, ensuring that information is stored close
andthereby available quickly to where it is used.
 It allows to protect the data in case there’s�a disaster.
 Some products are agent-based and the application automatically
transfersinformation to the cloud via FTP
 Cautions
 Don’t commit everything to the cloud, but use it for a few, noncritical purposes.
 Large enterprises might have difficulty with vendors like Google or Amazon.
 Forced to rewrite solutions for their applications.
 Lack of portability.

Theft (Disadvantage)
 User data could be stolen or viewed by those who are not authorized to see it.
 Whenever user data is let out of their own datacenter, risk trouble occurs
from asecurity point of view.
 If user store data on the cloud, make sure user encrypts data and secures data
transitwith technologies like SSL.

9. CLOUD STORAGE PROVIDERS

 Describe the storage structure of S3 bucket with neat sketch and write rules in
order to make the bucket available for public access.(13)Nov/Dec 2021

Amazon Simple Storage Service (S3)

i. The best-known�cloud�storage�service�is�Amazon’s�Simple�Storage�
Service (S3),launched in 2006.
ii. Amazon S3 is designed to make computing easier for developers.
iii. Amazon S3 provides an interface that can be used to store and retrieve
any amount ofdata, at any time, from anywhere on the Web.
iv. Amazon S3 is intentionally built with a minimal feature set that
includes thefollowing functionality:
Write, read, and delete objects containing from 1 byte to 5 gigabytes of dataeach.
The number of objects that can be stored is unlimited.
 Each object is stored and retrieved via a unique developer-assigned key.
 Objects can be made private or public, and rights can be assigned to specific
users.
 Uses standards-based REST and SOAP interfaces designed to work with any
Internet-development toolkit.

Design Requirements
Amazon built S3 to fulfill the following design requirements:
• Scalable Amazon S3 can scale in terms of storage, request rate, and users to support
anunlimited number of web-scale applications.
 Reliable Store data durably, with 99.99 percent availability. Amazon says it does
notallow any downtime.

• Fast Amazon S3 was designed to be fast enough to support high-performance

applications. Server-side latency must be insignificant relative to Internet latency. Any
performance bottlenecks can be fixed by simply adding nodes to the system.
• Inexpensive Amazon S3 is built from inexpensive commodity hardware components.
As a result, frequent node failure is the norm and must not affect the overall system. It
must be hardware-agnostic, so that savings can be captured as Amazon continues to drive
down infrastructure costs.
• Simple Building highly scalable, reliable, fast, and inexpensive storage is difficult. Doing
so in a way that makes it easy to use for any application anywhere is more difficult.
Amazon S3 must do both.

Design Principles
Amazon used the following principles of distributed system design to meet Amazon S3
requirements:
• Decentralization It uses fully decentralized techniques to remove scaling bottlenecks
and single points of failure.
• Autonomy The system is designed such that individual components can make decisions
based on local information.
• Local responsibility Each individual component is responsible for achieving its
consistency; this is never the burden of its peers.
• Controlled concurrency Operations are designed such that no or limited concurrency
control is required.
• Failure toleration The system considers the failure of components to be a normal
mode of operation and continues operation with no or minimal interruption.
• Controlled parallelism Abstractions used in the system are of such granularity that
parallelism can be used to improve performance and robustness of recovery or the
introduction of new nodes.
• Small, well-understood building blocks Do not try to provide a single service that
does everything for everyone, but instead build small components that can be used as
building blocks for other services.
• Symmetry Nodes in the system are identical in terms of functionality, and require no
or minimal node-specific configuration to function.
• Simplicity The system should be made as simple as possible, but no simpler.
How S3 Works
Amazon keeps its lips pretty tight about how S3 works, but according to Amazon,
S3’sdesign aims to provide scalability, high availability, and low latency at commodity
costs. S3stores arbitrary objects at up to 5GB in size, and each is accompanied by
up to 2KB ofmetadata. Objects are organized by buckets. Each bucket is owned by an
AWS account and the buckets are identified by a unique, user-assigned key.

Buckets and objects are created, listed, and retrieved using either a REST-style or
SOAP interface.
Objects can also be retrieved using the HTTP GET interface or via BitTorrent. An
access control list restricts who can access the data in each bucket. Bucket names and
keys are formulated so that they can be accessed using HTTP. Requests are authorized
using an access control list associated with each bucket and object, for instance:

http://s3.amazonaws.com/examplebucket/examplekey
http://examplebucket.s3.amazonaws.com/examplekey
The Amazon AWS Authentication tools allow the bucket owner to create an
authenticatedURL with a set amount of time that the URL will be valid.