A term like Cloud computing can be used to mean almost anything, and to a layman, the term can completely misleading. The term however has nothing to do with the art of weather prediction, and in fact it actually describes greatly scalable computing resources that are provided by an external service through the internet, and can be used by customers on a pay-as-you-go basis. Here the term "cloud" allegorizes the internet. The cloud is also the symbol that represents internet connectivity in flowcharts and diagrams. This radical service allows customers to utilize remote servers that are housed in highly secure data centres for the purposes of data storage and management.
The USP of cloud computing is that customers have the option to use only what they require and pay only for the resources that they actually use. The resources are all available on the worldwide web, and can be accessed by the customer at any time or location through the internet. The customer does not have to worry about behind the scenes maintenance of the software/ service, having to only purchase the required IT service, as with any other utility. It is for this reason that cloud computing is also called as utility computing, or sometimes, `IT on demand'.
Composition of cloud computing:
To explain the concept pictorially, cloud computing can be represented as a pyramid consisting of three layers: Cloud Application, cloud platform and the cloud infrastructure.
Cloud application forms the topmost or apex section of the cloud pyramid, wherein the applications run from a web browser, remote server or hosted desktop. Instead of having to purchase expensive software licenses, users can utilize these remotely hosted services for a small subscription fee. With a cloud application, there is no need to install or run software from the customer's computer, thereby requiring no maintenance, upgradation, ongoing operation or support.
Cloud Platform refers to the second or central layer of the pyramid that forms the framework in the form of a computing platform as a service. The function of a cloud computing platform is to dynamically configure provision, reconfigure and de-provision remote servers depending upon the need for the same. In other words, cloud computing is basically a distributed computing model many services running on many different servers come together to run the application or service requested by the customer.
The third and most basic layer of the cloud pyramid is the cloud infrastructure. The cloud infrastructure components are the nuts and bolts that hold the cloud pyramid together. Herein, the hardware setup that is needed for an application to run, are delivered through virtualization. Virtualisation allows a single piece of hardware to be split into independent units like CPU, RAM, Disk or other components. The infrastructure may consist of networks, servers or any other hardware appliances delivered by either infrastructure "Web Services" or cloud centers , also popularly called as "farms", as they are popularly called. This infrastructure is then interlinked with other services for flexibility and additional capacity.
Types of Cloud Computing
Public cloud is also sometimes called as "external cloud". It describes the conventional kind of cloud computing whereby for a subscription fee, scalable resources are available to customers via the internet from a remote server. One such example is ThinkGrid which is a company that provides the framework architecture for services such as remotely hosted Desktops, Platforms and software. Other examples of cloud vendors are Salesforce.com, Flexiscale and Amazon EC2.
Private cloud on the other hand denotes computing architecture and hosted services within a private network, such as internal LAN systems. In this type of cloud computing, the administrators manning the internal network of the organization are effectively the in-house service providers who cater to the employees working in the organization who are the "customers". However, companies will still have to acquire and maintain the cloud network, thereby negating the very purpose of cloud computing .
Since both Public and Private clouds come with their own advantages and disadvantages, a hybrid cloud environment which uses elements and resources from both internal and external providers is thought to be a popular choice for businesses.
Depending upon its requirements, a company could choose a public cloud for purposes of general computing or working on specific platforms, but store important data within its own data centre. This makes sense for larger organizations that are concerned about data security or those that have already invested heavily in the infrastructure needed to provide in-house resources. (see page 9 for further details).
What are the services that can be used in the cloud?
There are numerous services that can be delivered through the distributed cloud computing model. Given below are brief notes about some popular cloud-based computing solutions:
Hosted Desktops Hosted desktops do away with the need for individual PCs, and reduce the cost of the services. A hosted desktop looks and works like a regular desktop PC, except that the software that the customers use are actually housed in from remote severs instead of the individual machines. Users can access such hosted desktops via an internet connection from any location, with the help of a PC, laptop, or for maximum efficiency, a specially designed device called a thin client.
Hosted Email With rising costs of setting up and maintaining IT infrastructure, organisations are looking for reliable, secure and affordable email solutions for their business needs. Microsoft Exchanger email plan fulfills this very need. This service allows organizations world wide to benefit from the world's premier email platform, without the need to invest in capital infrastructure. The mail and data are stored on central servers, reducing redundancy and enabling fast connectivity irrespective of the location. Email, contacts and shared files can be accessed by users through Outlookr, Outlook Mobile Access or Outlook Web Access.
Hosted Telephony (VOIP)
VOIP (Voice Over IP) enables users to make phone calls and other telephonic services through the internet. Though VOIP offers the same services as an ordinary telephone, in terms of cost, it works out to be much cheaper, and is available on a monthly subscription basis. All it requires is a simple pre-configured handset that can be plugged into your internet or office network, enabling users to access features such as voicemail, IVR and more.
Ease of use, anywhere accessibility and low investment have led to the rise in popularity of Cloud storage . In cloud storage, data varying from small to very large can be stored at a remote server maintained by a third party service provider, and can be via the internet. The user pays a subscription fee calculated based on the capacity used in a certain period of time say a month or so.
Dynamic servers are nothing but virtual servers with fully scalable resources, that allow users to access resources that are exactly similar to the ones offered by a dedicated server. The user can control the amount of processing power and space he or she uses, and consequently does not have to pay for any hardware he does not require.
The advantages of shifting from traditional networks to the cloud:
For a variety of reasons organizations large and small are taking to this model of IT with ease. There are many benefits associated with it after all. Cloud computing enables organizations to increase their capacity or add new capabilities quickly without having to invest in new infrastructure. It is also used for trial purposes and for training new personnel or for licensing new software. Since there is no capital expenditure, and the only expense is a more manageable monthly or yearly subscription fee, organizations can save a considerable amount of money.
In addition, there is no need to pay for additional resources in-house, especially when companies are catering to fluctuating demands. Reduced administration costs are another distinct advantage. Also IT solutions can be deployed very quickly and are managed and maintained by your service provider. Most providers also offer technical support for little or no extra charge, allowing the company IT staff to focus on business-critical tasks.
Cloud computing enables businesses to streamline procurement and operational processes, and eliminates the need for administrative support. It also helps improved utilization of resources, delivering resources irrespective of time or location. Smaller companies can fit higher, expensive resources into their budgets.
Moving general applications, infrastructure, and support into a cloud can help companies better utilize their time, effort and budgets. It gives people anywhere anytime accessibility without the necessity of having to be physically present at the workplace. Since the computing power is shared by multiple tenants, it results in greater utilization as servers are seldom idle.
Because the servers are already geared up for peak loads, there is no congestion in the data traffic, resulting in maximum computing capacity.
Affordable resource capacity
Providers typically use very large-scale data centers that operate at high levels of efficiency, and sharing of these expensive resources between many different customers enables them to pass on these savings to the end users.
Scalability as per requirement
Scalability and flexibility of this model allows customers to respond immediately to changing needs, adding or discarding capacity as required, responding to real needs rather than ones that are projected. Because cloud computing is a utility model, where the cost of services are based on actual requirements, Customers can benefit from greater flexibility of available resources, without having to needlessly invest on a large scale.
Quick and easy implementation
For a low fee, providers like ThinkGrid offer services to Small and medium businesses that could otherwise cost a lot of money. Customers do not have to wait for hardware, software licences or implementation services, and a cloud-computing arrangement can hit the ground running, this allows smaller businesses to compete on equal grounding with much bigger players.
Quality of service
Because of the much higher operational capacity of the vendor, customers can rely on quality of service. Most vendors offer 24/7 customer support and immediate response to emergencies. Customers need to ask a prospective provider about reliability, service levels, Guaranteed uptime and SLAs before signing on a vendor.
Customers can access their applications and data securely anywhere anytime, with only an internet connection. Collaboration with application and data stored in the cloud becomes easy. Multiple users can work on the same project at the same time. `Anywhere access' allows for flexible / remote working, allowing organizations to cut overheads while keeping employees happy.
Disaster recovery / backup
Many businesses do not have effective disaster recovery or business continuity plans, and are subject to much hardship and disruptions when emergency situations occur. Providers like ThinkGrid provide an specialized disaster recovery services through cloud backup, wherein, you can store important files from your desktop or office network in their data centres, so that you can recover the data when needed. Hosted Desktops (or Hosted VDI) from ThinkGrid offer disaster recovery and data backup as part of the service. Files are saved at two different locations to ensure that backup is available 24 X 7.
Customer privacy and security is of utmost concern when opting for cloud services. This part seeks to examine what privacy actually means, the different kinds of data and information that might have to be secured in cloud computing and the challenges that are thrown up in the process of preserving and protecting customer privacy.
2.1 What does privacy mean?
Privacy is a fundamental right of every human being, and there are various aspects of privacy such as the "right to be left alone" and "Control of information about ourselves" . Violation of privacy is considered a serious crime.
Some aspects of the personal information available about a customer may be in the public domain, and others may be private. So what kind of information need to be protected? The term personal information may be used to refer to any number of things, from name to particular trais that are identifiable with a person. However, for the purposes of this document, the term "personal information" represents sensitive information like PII or personally identifiable information that can be used to identify or trace out a person i.e., information like name, address or any other information like credit card, zip code, IP address etc.,
Sensitive information may also refer to information about race, religion, health or any other such information that is considered private by the customer. Such sensitive information requires additional precautions to prevent it from falling into the wrong hands. Other information like financial information, job performance, usage info (the data collected from printers and the internet , behavioral information such as the viewing habits of users, or product history, Unique device identities etc., are also considered as private. IP addresses, UDIs (Unique device identities),Radio frequency identities, or unique hardware identity codes.
The public nature of cloud computing poses significant challenges in privacy protection. Cloud service providers need to strive for both reduced privacy risk and legal compliance when handling personal information of customers. Strict privacy laws and stringent restriction on collection and transfer of private and sensitive information are limiting the reach and use of cloud services in their current design.
To state a recent example, a UK based company that had stored data relating to individual customers with a cloud service vendor is now being sued for violation of UK's data protection law. Thus any breach in privacy and data protection laws can create legal hassles for service providers, and even otherwise damage their reputation. It is therefore not surprising that most service vendors undertake stringent measures to ensure customer privacy and data security.
With a number of high profile privacy breaches making headlines, there are serious concerns that customers have about how their personal information is being stored in remote servers. The end user is often not aware about the need and processing of personal information, having very little control over it, once it leaves his or her hands, and lack of understanding and lack of control leads to mistrust and suspicion. .
3. Privacy threats and risks for cloud computing
In this part of the document, privacy concerns that are particular to cloud computing are to be analysed along with different cloud computing scenarios in order to throw light on how the privacy requirements may differ for different providers and also give an overall assessment of challenges faced by cloud service providers in as much as protecting customer privacy is concerned.
There are very real concerns that the speed and accessibility of cloud computing comes at a certain cost, and that cost is often data security. In cloud computing, the technology, platform or service shared by the organizations is based remotely, and with greater virutalisation and sharing of a common platform or service by different users, there is a very real threat that a customer's privacy may be breached. It is therefore very important to ensure that confidential or sensitive data related to the customer that has been held in the cloud is given adequate protection.
Since cloud computing operates in a dynamic environment in comparison to conventional e-commerce scenarios, with services changed dynamically by customers and service providers, personal data can travel within and outside organization, and therefore there is a pressing need to ensure that this does not infringe or violate privacy or other legal laws of the land. Maintaining a consistent standard of security, providing business continuity and data backup can become a challenge for vendors.
Features of cloud computing
Cloud Infrastructure: Service Production and Service Delivery:
Cloud computing enables organizations to increase their capacity or add new capabilities quickly without having to invest in new infrastructure. Infrastructure is the foundation that makes it possible for organisations and individuals to do business on the web. However, most people do not understand its significance, missing it only when it does not work. Cloud infrastructure can comprise of a range of computing, networking, storage applications and other expertise that are housed in in secure data centers and service vendors.
Cloud infrastructure fulfills two main functions namely Service Production and Service Delivery. Service production concerns that part of the cloud infrastructure that is concerned with the development, deployment and management of application and services. Usually, the data centers that serve as the engine room of the cloud are concerned with this function.
The delivery of service on the other hand is carried out by the internet, that serves as a delivery channel, conveying the applications and services to the end users for access and sharing.
The cloud infrastructure also needs to have the capacity to deliver to multiple clients , delivering speedy access across varied network protocols to a range of fixed or mobile receivers and meet the realtime requirements of clients and organizations. Cloud computing does not fall in the same category as hosting services in the traditional sense because, multiple users, also called multiple tenants make use of it at the same time. The capacity to deliver customized, partitioned the ability to deliver personalized or partitioned services catering to different customers from a common shared infrastructure is what sets apart cloud computing from traditional hosting services.
Considering the above requirements, cloud infrastructure should have the following features to successfully be deployed.
â€¢ Scalability is an important feature of any cloud infrastructure. Cloud infrastructure should have the ability to support large populations of customers, running into millions of users across the world, without encountering any major difficulty.
â€¢ Infrastructure should be able to deliver efficiency, which is the ability to standardize consolidate and share infrastructure to bring down the cost of the services. Efficiency is an extremely critical factor, given the huge scale of operations involved in cloud computing.
â€¢ Flexibility is yet another critical feature, with the infrastructure needing to automatically assign and reassign resource depending upon the application loads and customer requirements. Dynamic allocation of resources, ensures that services are delivered faster, as there is instant addition or substraction of resources depending upon the load and requirements of the customer population.
The biggest distinguishing factor for cloud infrastructure lies in how customers experience the services that they utilize. Customers go to a cloud service for their requirements, and these are met instantly, but the customers are not made aware of the complexities involved in the delivery of service. It is similar to how we perceive the delivery of electricity. We have it available in our houses at the flip of a switch, but are not at all in the know about the huge and complex process that goes into the generation of electricity and its transport through great distances to our homes. .
â€¢ It is better to consider a minimum of three vendors when evaluating cloud services, and even then ask for trial options before commiting.
â€¢ Not all the features of the Cloud infrastructure may be listed in the website. Always contact the vendor and speak to the sales department before signing up.
â€¢ Evaluate solutions on a total cost of ownership basis. Ensure that you capture the differences in employee time, licensing schemes and risk mitigation; don't just compare the cloud with your hardware costs.
â€¢ Each cloud infrastructure service comes with a different framework, pricing and customer support model.
â€¢ This is an evolving field, and the changes are rapid. It is better to choose a provider who can fulfill the current needs of the customers, and a couple of years down the line when the needs evolve, the customer may have to change vendors.
Every cloud service provider offers a different USP, and when choosing a cloud service, customers need to take into consideration, cost, operational stability and scalability. Customers should also analyse properly as to how well the application suits your requirements, and whether the standard of customer service support is acceptable, and whether the vendor meets your needs of privacy, security and legal compliance.
The four common storage architectures present in cloud infrastructure are as follows:
â€¢ Storage area network (SAN) storage which is a block-level storage system wherein data stored can be collectively shared across a number of servers. This solution offers the highest performance, and is the most flexible.
â€¢ Network-attached storage (NAS) in which files and data can be accessed through a protocol like Network File System (NFS) or Common Internet File System (CIFS).
â€¢ "Local" storage where in the data stored can be accessed only by one server at a time. In . Block-level storage that can be used by only one server at a time. In some cases, such as Amazon's Elastic Block Store, the stored data is actually housed on a device in the network, and is not directly attached.
. Web storage where data can be accessed through HTTP. This is particularly useful for creating direct URL links . This kind of storage can be obtained from cloud vendors. The reliability and performance levels varies from vendor to vendor An example of this would be Amazon's Simple Storage Service (S3) or Rackspace's Cloud Files and Nirvanix.
Backup and recovery solutions may or may not be included, and you have to ask specifically for it, before you sign on. . If backup services are available, you will need to ask about back up intervals, type of backup disks, and whether the backups are stored off-site and about compliance needs. Further details are available on "The Storage Utility: From Outsourcing to the Cloud," "A Look at Amazon's S3 Cloud-Computing Storage Service" and "Iron Mountain Archiving Service May Ease Cloud Storage Concerns."
Cloud Application Layer
Cloud application layer is that part of the cloud that is most visible to the end user. It can be accessed through web portals and therefore is the front end of the cloud. A service in this layer will usually be mixture of various other services offered by the cloud, but to the customer, it appears to be a seamless single service. This model is also refereed to as Software-as-a-Service (SaaS), is popular with many customers due to its low costs and maintenance requirements. There is also a significant advantage that the cloud service provider has over traditional software licensing models.
There is reduced need for software upgrades as patches are periodically deployed by the provider in shorter cycles.
However, this model has some security and availability aspects that need to be dealt with.. Examples of this kind of models include Customer Relationships Management (CRM) system2 or Google's Apps, which include word-processing, spreadsheet and calendaring3.
Cloud Software Environment Layer
This layer creates a programming language platform for the development of cloud applications. It also offers a set of defined APIs or application program interfaces to use and interact with other cloud applications.
This comes with features like automatic scaling, dynamic balancing of load, authentication services and GUI components. An example of this kind of cloud software platform is Google's App Engine4, which provides a Phyton runtime environment and customised APIs to users for developing applications suited to google.. Salesforce's AppExchange platform5 .is another such example.
Cloud Computing Open Architecture
Cloud Computing has to do with a group of key technologies that address resource sharing by vast customer populations, based on individual or business requirements.
The two key technologies could that could play very important roles in this revolutionary phase of cloud computing are virtualization technology and Service-Oriented Architecture (SOA).
The virtualization technology has to do with the images of the operating systems, middleware, and applications created and allotted to physical machines or servers. The images can be moved around and produced on demand. Once a user releases his services from the cloud computing platform, the lincenses of operating systems and middleware can be reused.
The SOA is the system or architecture used for meeting the needs of componentization, reusability and flexibility of the cloud computing platforms. However, building a unified, scalable and reusable Cloud Computing infrastructure capable of supporting the sharing of all kinds of resources still remains a challenge that is awaiting technological breakthrough.
"OSI" Model for Cloud Computing
There are three basic objectives for defining a good open architecture for Cloud Computing.
The first one is to create a process for reusing scalable and configurable platform for Cloud Computing.
This paper brings together Service-Oriented Architecture (SOA) and virtualization to offer value to new software applications, hardware, process provisioning services with regard to Cloud Computing.
The second objective is to create a set of common and shared services for creating Cloud Computing platforms providing business services or other cloud services to its users in a homogeneous manner.
The third goal is to increase the potential value of cloud computing with an extensible technological infrastructure and administrative system. As we know, OSI standards for Open System Interface  has faced a number of issues with regard to generic open systems.
In this paper, we have tried to limit the span of the open system to a specialized context ro help create a module of open architecture for cloud computing. The following section presents an Open Architecture for cloud computing based on seven principles.
Seven Principles of Cloud Computing Architecture
We propose an integrated framework where cloud vendors, cloud partners, and cloud clients can work together based on seven principles. These seven principles are used to define ten major architectural modules and their relationships shown in Figure 1.
The Cloud Computing Open Architecture so presented includes cloud ecosystem enablement, cloud infrastructure and its management, cloud information architecture, compostable cloud offerings, cloud quality analytics cloud core on provisioning and subscription, service-orientation, and management. This separation helps identify concerns of each module during the design process. In the rest of the section, we will elaborate on the details of each principle
Integrated Ecosystem Management for Cloud
An integrated architecture must have the capacity to support and manage the ecosystem of Cloud Computing. This ecosystem comprises of every component from applications and services to vendors, partners and endusers who come together to share resources in the Cloud Computing environment.
Cloud vendors take care of the interaction interfaces of its internal operations and product development capability to the cloud. On the other hand Cloud partners deploy components to cloud vendors or act as agents providing value-added services to the end users.