Abstract: Cloud computing is basically an Internet-based network made up of large numbers of servers-mostly based on open standards, modular and inexpensive. Clouds contain vast amounts of information and provide a variety of services to large numbers of people. The benefits of Cloud computing are Reduced Data Leakage, Decrease evidence acquisition time, they eliminate or reduce service downtime, they Forensic readiness, they Decrease evidence transfer time. The main facto to be discussed is security of cloud computing, which is a risk factor involved in major computing fields.
CLOUD COMPUTING: * Cloud computing is internet (‘CLOUD”) based development and use of computer technology (“computing”). * Cloud computing is a general term for anything that involves delivering hosted services over the Internet. * It is used to describe both a platform and type of application.
* Cloud computing also describes applications that are extended to be accessible through the Internet. * These cloud applications use large data centres and powerful servers that host Web applications and Web services. * Anyone with a suitable Internet connection and a standard browser can access a cloud application.
HISTORY: The term “cloud” is used as a metaphor for the Internet, based on the cloud drawing used in the past to represent the telephone network, and later to depict the Internet in computer network diagrams as an abstraction of the underlying infrastructure it represents. The availability of high capacity networks, low cost computers and storage devices as well as the widespread adoption of virtualization, service oriented architecture, autonomic and utility computing have led to a tremendous growth in cloud computing.
The underlying concept of cloud computing dates back to the 1960s, when john McCarthy opined that “computation may someday be organized as a public utility.” Since the sixties, cloud computing has developed along a number of lines, with Web 2.0 being the most recent evolution. However, since the internet only started to offer significant bandwidth in the nineties, cloud computing for the masses has been something of a late developer. CATEGORIES:
The Cloud Computing is driving in two categories they are as follows. * Customer perspective * Vendor perspective CUSTOMER PERSPECTIVE: * In one word: Economics. * Faster, simpler, cheaper to use cloud computation. * No upfront capital required for servers and storage. * No ongoing for operational expenses for running datacenter. * Application can be run from anywhere. VENDOR PERSPECTIVE: * Easier for application vendors to reach new customers. * Lowest cost way of delivering and supporting applications. * Ability to use commodity server and storage hardware. * Ability to drive down data centre operational costs. TYPES OF SERVICES. • Software as a Service (SaaS) — Consumers purchase the ability to access and use an application or service that is hosted in the cloud. A benchmark example of this is Salesforce.com, where necessary information for the interaction between the consumer and the service is hosted as part of the service in the cloud. Also, Microsoft is expanding its involvement in this area, and as part of the cloud computing option for Microsoft®Office 2010, its Office Web Apps are available to Office volume licensing customers and Office Web App subscriptions through its cloud-based Online Services.
• Platform as a Service (PaaS) — Consumers purchase access to the platforms, enabling them to deploy their own software and applications in the cloud. The operating systems and network access are not managed by the consumer, and there might be constraints as to which applications can be deployed. • Infrastructure as a Service (IaaS) — Consumers control and manage the systems in terms of the operating systems, applications, storage, and network connectivity, but do not themselves control the cloud infrastructure.
Also known are the various subsets of these models that may be related to a particular industry or market. Communications as a Service (CaaS) is one such subset model used to describe hosted IP telephony services. Along with the move to CaaS is a shift to more IP-centric communications and more SIP trunking deployments. With IP and SIP in place, it can be as easy to have the PBX in the cloud as it is to have it on the premise. In this context, CaaS could be seen as a subset of SaaS.
Deployment Models: Deploying cloud computing can differ depending on requirements, and the following four deployment models have been identified, each with specific characteristics that support the needs of the services and users of the clouds in particular ways. • Private Cloud — the cloud infrastructure has been deployed, and is maintained and operated for a specific organization. The operation may be in-house or with a third party on the premises. • Community Cloud — the cloud infrastructure is shared among a number of organizations with similar interests and requirements. This may help limit the capital expenditure costs for its establishment as the costs are shared among the organizations. The operation may be in-house or with a third party on the premises.
• Public Cloud — the cloud infrastructure is available to the public on a commercial basis by a cloud service provider. This enables a consumer to develop and deploy a service in the cloud with very little financial outlay compared to the capital expenditure requirements normally associated with other deployment options.
• Hybrid Cloud — the cloud infrastructure consists of a number of clouds of any type, but the clouds have the ability through their interfaces to allow data and/or applications to be moved from one cloud to another. This can be a combination of private and public clouds that support the requirement to retain some data in an organization, and also the need to offer services in the cloud.
Public, Private, and Hybrid Cloud Deployment Example. How cloud computing works?
For an executive at a large corporation, particular responsibilities include making sure that all of their employees have the right hardware and software they need to do their jobs. Buying computers for everyone isn't enough -- also have to purchase software or software licenses to give employees the tools they require. Whenever they have a new hire, they have to buy more software or make sure their current software license allows another user. there may be an alternative for executives, Instead of installing a suite of software for each computer, they'd only have to load one application.
That application would allow workers to log into a Web-based service which hosts all the programs the user would need for his or her job. Remote machines owned by another company would run everything from e-mail to word processing to complex data analysis programs. It's called cloud computing, and it could change the entire computer industry. In a cloud computing system, there's a significant workload shift. Local computers no longer have to do all the heavy lifting when it comes to running applications. The network of computers that make up the cloud handles them instead. Hardware and software demands on the user's side decrease.
The only thing the user's computer needs to be able to run is the cloud computing systems interface software, which can be as simple as a Web browser, and the cloud's network takes care of the rest. There's a good chance you've already used some form of cloud computing. If you have an e-mail account with a Web-based e-mail service like Hotmail, Yahoo! Mail or Gmail, then you've had some experience with cloud computing. Instead of running an e-mail program on your computer, you log in to a Web e-mail account remotely. The software and storage for your account doesn't exist on your computer -- it's on the service's computer cloud.
CLOUD COMPUTING ARCHITECTURE: Cloud computing system is divided into two sections: the front end and the back end. They connect to each other through a network, usually the Internet. The front end is the side the computer user, or client, sees. The back end is the "cloud" section of the system. The front end includes the client's computer (or computer network) and the application required to access the cloud computing system. Not all cloud computing systems have the same user interface. Services like Web-based e-mail programs leverage existing Web browsers like Internet Explorer or Firefox.
Other systems have unique applications that provide network access to clients. On the back end of the system are the various computers, servers and data storage systems that create the "cloud" of computing services. In theory, a cloud computing system could include practically any computer program you can imagine, from data processing to video games. Usually, each application will have its own dedicated server
A central server administers the system, monitoring traffic and client demands to ensure everything runs smoothly. It follows a set of rules called protocols and uses a special kind of software called middleware. Middleware allows networked computers to communicate with each other. Most of the time, servers don't run at full capacity. That means there's unused processing power going to waste. It's possible to fool a physical server into thinking it's actually multiple servers, each running with its own independent operating system.
The technique is called server virtualization. By maximizing the output of individual servers, server virtualization reduces the need for more physical machines. If a cloud computing company has a lot of clients, there's likely to be a high demand for a lot of storage space. Some companies require hundreds of digital storage devices. Cloud computing systems need at least twice the number of storage devices it requires to keep all its clients' information stored. That's because these devices, like all computers, occasionally break down.
A cloud computing system must make a copy of all its clients' information and store it on other devices. The copies enable the central server to access backup machines to retrieve data that otherwise would be unreachable. Making copies of data as a backup is called redundancy.
Benefits: The following are some of the possible benefits for those who offer cloud computing-based services and applications: • Cost Savings — Companies can reduce their capital expenditures and use operational expenditures for increasing their computing capabilities. This is a lower barrier to entry and also requires fewer in-house IT resources to provide system support.
• Scalability/Flexibility — Companies can start with a small deployment and grow to a large deployment fairly rapidly, and then scale back if necessary. Also, the flexibility of cloud computing allows companies to use extra resources at peak times, enabling them to satisfy consumer demands.
• Reliability — Services using multiple redundant sites can support business continuity and disaster recovery. • Maintenance — Cloud service providers do the system maintenance, and access is through APIs that do not require application installations onto PCs, thus further reducing maintenance requirements. • Mobile Accessible — Mobile workers have increased productivity due to systems accessible in an infrastructure available from anywhere. Challenges:
The following are some of the notable challenges associated with cloud computing, and although some of these may cause a slowdown when delivering more services in the cloud, most also can provide opportunities, if resolved with due care and attention in the planning stages. • Security and Privacy — Perhaps two of the more “hot button” issues surrounding cloud computing relate to storing and securing data, and monitoring the use of the cloud by the service providers. These issues are generally attributed to slowing the deployment of cloud services.
These challenges can be addressed, for example, by storing the information internal to the organization, but allowing it to be used in the cloud. For this to occur, though, the security mechanisms between organization and the cloud need to be robust and a Hybrid cloud could support such a deployment. • Lack of Standards — Clouds have documented interfaces; however, no standards are associated with these, and thus it is unlikely that most clouds will be interoperable. The Open Grid Forum is developing an Open Cloud Computing Interface to resolve this issue and the Open Cloud Consortium is working on cloud computing standards and practices.
The findings of these groups will need to mature, but it is not known whether they will address the needs of the people deploying the services and the specific interfaces these services need. However, keeping up to date on the latest standards as they evolve will allow them to be leveraged, if applicable.
• Continuously Evolving — User requirements are continuously evolving, as are the requirements for interfaces, networking, and storage. This means that a “cloud,” especially a public one, does not remain static and is also continuously evolving. • Compliance Concerns — The Sarbanes-Oxley Act (SOX) in the US and Data Protection directives in the EU are just two among many compliance issues affecting cloud computing, based on the type of data and application for which the cloud is being used.
The EU has a legislative backing for data protection across all member states, but in the US data protection is different and can vary from state to state. As with security and privacy mentioned previously, these typically result in Hybrid cloud deployment with one cloud storing the data internal to the organization.
APPLICATION: A Cloud application leverages cloud computing in software architecture, often eliminating the need to install and run the application on the customer’s own computer, thus alleviating the burden of software maintenance, ongoing operation and support. For example: * Peer-to-peer/volunteer computing (BOINC, SKYPE)
* Web applications(webmail, facebook,twitter,youtube) * Security as a service( message labs, purewise, scanscafe, Zscaler) * Software as a service (google apps, salesforce, learn.com, bigGyan.com) * Software plus services ( Microsoft online services)
* Storage (distributed) * Content distribution (Bit torrent, Amazon CloudFront) * Synchronisation (Dropbox, Live Mesh, SpiderOak, ZumoDrive)
CONCLUSION: in my view, there are some strong technical arguments in favour of cloud computing- assuming we can find ways to manage risks. Some benefits depend on the cloud service used and therefore do not apply across the broad. We believe that cloud offers small and medium businesses major potential security benefits. Not all cloud providers will offer the same security
REFERENCES: http://www.webguild.org http://www.communication.howstuffworks.com http://www.cloudsecurity.org http://www.ibm.com/developerswork/webshpere/zones/hipods/ http://www.google.com/webhp?complete=1&h1=en