Cloud Management and Security
eBook - ePub

Cloud Management and Security

  1. English
  2. ePUB (mobile friendly)
  3. Available on iOS & Android
eBook - ePub

Cloud Management and Security

About this book

Written by an expert with over 15 years' experience in the field, this book establishes the foundations of Cloud computing, building an in-depth and diverse understanding of the technologies behind Cloud computing.

In this book, the author begins with an introduction to Cloud computing, presenting fundamental concepts such as analyzing Cloud definitions, Cloud evolution, Cloud services, Cloud deployment types and highlighting the main challenges. Following on from the introduction, the book is divided into three parts: Cloud management, Cloud security, and practical examples.

Part one presents the main components constituting the Cloud and federated Cloud infrastructure
(e.g., interactions and deployment), discusses management platforms (resources and services), identifies and analyzes the main properties of the Cloud infrastructure, and presents Cloud automated management services: virtual and application resource management services. Part two analyzes the problem of establishing trustworthy Cloud, discusses foundation frameworks for addressing this problem
ā€“ focusing on mechanisms for treating the security challenges, discusses foundation frameworks and mechanisms for remote attestation in Cloud and establishing Cloud trust anchors, and lastly provides a framework for establishing a trustworthy provenance system and describes its importance in addressing major security challenges such as forensic investigation, mitigating insider threats and operation management assurance. Finally, part three, based on practical examples, presents real-life commercial and open source examples of some of the concepts discussed, and includes a real-life case study to reinforce learning ā€“ especially focusing on Cloud security.

Key Features

ā€¢ Covers in detail two main aspects of Cloud computing: Cloud management and Cloud security

ā€¢ Presents a high-level view (i.e., architecture framework) for Clouds and federated Clouds which is useful for professionals, decision makers, and students

ā€¢ Includes illustrations and real-life deployment scenarios to bridge the gap between theory and practice

ā€¢ Extracts, defines, and analyzes the desired properties and management services of Cloud computing and its associated challenges and disadvantages

ā€¢ Analyzes the risks associated with Cloud services and deployment types and what could be done to address the risk for establishing trustworthy Cloud computing

ā€¢ Provides a research roadmap to establish next-generation trustworthy Cloud computing

ā€¢ Includes exercises and solutions to problems as well as PowerPoint slides for instructors

Trusted byĀ 375,005 students

Access to over 1 million titles for a fair monthly price.

Study more efficiently using our study tools.

1
Introduction

This chapter introduces Cloud computing. The introduction helps the reader to get an overview of Cloud computing and its main challenges. Subsequent chapters of this book assume the reader understands the content of this chapter.

1.1 Overview

Cloud computing originates from industry (commercial requirements and needs). Governments and leading industrial bodies involved academia at early stages of adopting Cloud computing because of its promising future as an Internet-scale critical infrastructure. Involving academia would ensure that Cloud computing is critically analyzed, which helps in understanding its problems and limitations. This would also help in advancing the knowledge of this domain by defining and executing research road maps to establish next-generation trustworthy Cloud infrastructure. Moreover, academia would provide the required education in Cloud computing by developing undergraduate and postgraduate courses in this domain.
Cloud comes with enormous advantages; for example, it reduces the capital costs of newly established businesses, it reduces provisioning time of different types of services, it establishes new business models, it reduces the overhead of infrastructure management, and it extends IT infrastructures to the limits of their hosting Cloud infrastructure. Although Cloud computing is associated with such great features, it also has critical problems preventing its wider adoption by critical business applications, critical infrastructures, or even end-users with sensitive data. Examples of such problems include: security and privacy problems, operational management problems, and legal concerns. The immaturity of Cloud and the generosity of its allocated funds have made Cloud computing, in a relatively short period of time, one of the most in-demand research topics around the world.
Cloud computing is built on complex technologies which are not easy to understand, as an integrated science, for many people working in the industry and academia. A fundamental reason behind this is the lack of resources analyzing current Cloud infrastructure, its properties and limitations [1, 2]. The main objective of this book is to establish the foundations of Cloud computing, which would help researchers and professionals to understand Cloud as an integrated science. Understanding the Cloud structure and properties is key for conducting practical research in this area that could possibly be adopted by industry.
Most current research assumes Cloud computing is a black-box that has physical and virtual resources. The lack of careful understanding of the properties, structure, management, and operation of the black-box results in confusion and misunderstanding. In terms of misunderstanding, this relates to Cloudā€™s limitations and the expectations of what it could practically provide. For example, some people claim that Cloud has immediate and unlimited capabilities, that is immediate and unlimited scalability. This is not practical considering present-day technologies, such as the limitations of hardware resources. There are also many other factors that have not been considered in such strong claims, for example should Cloud provide unlimited resources in case of application software bugs? Should resources be available immediately upon request without users' prior agreement? This book discusses these issues in detail.
This chapter is organized as follows. Section 1.2 discusses the definition of Cloud computing. Section 1.3 clarifies the evolution of Cloud computing. Section 1.4 discusses Cloud services. Section 1.5 discusses Cloud deployment types. Section 1.6 discusses the main challenges of Clouds. Finally, we summarize the chapter in Section 1.7 and provide a list of exercises in Section 1.8.

1.2 Cloud Definition

Cloud computing is a new buzzword in computing terms and it is associated with various definitions. In this book we focus on two definitions: the first is provided by the National Institute of Standards & Technology (NIST) [2] and the second is provided by an EU study of the future directions of Clouds [3]. The main reasons for analyzing these definitions in particular are:
  • The good reputation of the organizations behind the definitions. For example, the EU study was edited by representatives of leading universities and industrial bodies such as Oracle, Google, Microsoft, and IBM.
  • We found thsse definitions to be unique, such that their combination provides the most important elements of Cloud as covered throughout this book.
NIST defines Cloud as a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction [2].
In contrast:
An EU study defines Cloud as an elastic execution environment of resources involving multiple stakeholders and providing a metered service and multiple granularities for specified level of quality [3].
Although both definitions come from reputable organizations, they are not consistent. This is not to say that either of them is wrong, but they are incomplete. Both definitions reveal many important keywords reflecting Clouds capabilities; however, a careful analysis of these definitions shows they only have one keyword in common. The first definition uses ā€˜rapidly provisioned and releasedā€™ while the second definition uses ā€˜elastic execution.ā€™ These two keywords have the same objective. However, other keywords are not the same, for example ā€˜minimal management effortā€™ as stated by the NIST definition is not stated anywhere in the EU definition. Similarly, the EU definition uses the keyword ā€˜metered serviceā€™ which is again not stated anywhere in the NIST definition.
Cloud computing is in fact a combination of both definitions as each definition provides a partial view of the Cloud attributes. Therefore, we could redefine Cloud computing as follows:
Cloud computing is a model involving multiple stakeholders and enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. The model provides a metered service and multiple granularities for a specified level of quality.
This book focuses primarily on the details behind the elements in the definition which would clarify the Cloud computing black-box.

1.3 Cloud Evolution

Enterprise infrastructures witnessed three major fundamental changes, which were a result of major innovations in computer science. These are as follows:
  • Traditional enterprise infrastructure. This is the foundation of the virtualization era. Initially, it starts with a few powerful servers (what used to be called mainframes). With advances in technologies and an increased number of required applications, the number of servers increases rapidly. This results in a huge number of resources within an enterprise infrastructure. Despite the complexity of the traditional enterprise infrastructure, the relationship between customers and their resources is simple. Within this, the requirements of customers are carefully analyzed by system analysts. The system analysts forward the analyzed results to enterprise architects. The enterprise architects deliver an architecture which is designed to address the needs of a specific customer application requirement. The resources required by the delivered architecture in most cases run a specific customer applications. This process results in a one-to-one relationship between architecture and customer. Such a relationship causes huge wastage of resources including, for example, computational resources, power consumption, and data-center spaces. In contrast, this relationship results in a relatively more secure and customized design than the other evolution models of enterprise infrastructure.
  • Virtual enterprise infrastructure. This is the foundation of today's Cloud infrastructure. The problems of the traditional enterprise infrastructure, which affect the green agenda, require novel innovations enabling customers to share resources without losing control or increasing security risks. This was the start of the virtualization era, which brings tremendous advantages in terms of consolidating resources and results in effective utilization of power, data-center space, etc. A virtual enterprise infrastructure suffers from many problems, such as security, privacy, and performance problems, which restricts many applications from running on virtual machines. As a result, virtual infrastructures for many enterprises support applications that run on virtual resources and those that run directly on physical resources.
    The virtualization era changes the mentality of enterprise architects as the relationship between users and their physical resources is no longer one-to-one. This raises a big challenge in terms of how such a consolidated virtualized architecture could satisfy usersā€™ dynamic requirements and unique application nature. Enterprise architects address this by studying the environment inherited from the traditional enterprise infrastructure, to find that different architectures have some similarities. The similarities between independent applications enable enterprise architects to split the infrastructure into groups. Each group has architecture-specific static properties. The properties enable the group to address common requirements of a certain category of applications. For example, a group could be allocated to applications that tolerate a single point of failure; another group could be allocated to applications that require full resilience with no single point of failure; a third group could be allocated to applications that are highly computational; a group for archiving systems; and so on.
    The second part of the challenging question is how such a grouping, which is associated with almost static properties, could be used to address usersā€™ dynamic requirements and their unique application nature. Enterprise architects realize that virtualization can be fine-tuned and architected to support the dynamic application requirements which cannot be provided by the physical group static properties. In other words, a combination of static physical properties and dynamic virtual properties is used to support customer expectations in a virtual enterprise infrastructure.
  • Cloud infrastructure. This has evolved from the virtual en...

Table of contents

  1. Cover
  2. Titlepage
  3. Copyright
  4. About the Author
  5. Preface
  6. Acknowledgments
  7. Acronyms
  8. 1 Introduction
  9. Part One CLOUD MANAGEMENT
  10. Part Two CLOUD SECURITY FUNDAMENTALS
  11. Part Three PRACTICAL EXAMPLES
  12. Index
  13. End User License Agreement

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 990+ topics, weā€™ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere ā€” even offline. Perfect for commutes or when youā€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Cloud Management and Security by Imad M. Abbadi in PDF and/or ePUB format, as well as other popular books in Technology & Engineering & Electrical Engineering & Telecommunications. We have over one million books available in our catalogue for you to explore.