UNIT 1

Cloud Computing: Cloud service models (IaaS, PaaS, SaaS) – Deployment

models (public, private, hybrid)
- Cloud-based -enterprise solutions – Cost-benefit analysis and scalability –
Security and Governance – Data security and compliance in the cloud – Cloud
governance frameworks

Cloud computing refers to the use of hosted services, such as data

storage, servers, databases, networking, and software over the internet.
The data is stored on physical servers, which are maintained by a cloud
service provider. Computer system resources, especially data storage
and computing power, are available on-demand, without direct
management by the user in cloud computing.

What Is Cloud Computing?

Cloud Computing means storing and accessing the data and programs
on remote servers that are hosted on the internet instead of the
computer’s hard drive or local server. Cloud computing is also referred
to as Internet-based computing, and it is a technology where the
resource is provided as a service through the Internet to the user. The
data that is stored can be files, images, documents, or any other storable
document.
The following are some of the Operations that can be performed with
Cloud Computing
• Storage, backup, and recovery of data
• Delivery of software on demand
• Development of new applications and services
• Streaming videos and audio

The concept of cloud computing involves accessing IT resources as a

service. Cloud computing provides access to resources such as
compute, memory, networking, databases, and data storage over the
Internet rather than having to buy, install, and maintain your own
computing infrastructure.
Cloud Computing Architecture

In cloud computing, frontend stages include the client infrastructure, for example,
user interfaces, client-side applications, and the devices or networks accessed by
the public over the public network. This includes applications like web browsers
Google Chrome, Safari, and Internet Explorer. For example, utilizing a web
browser on a cell phone, computer, or laptop to edit a Microsoft Word document
or PDF document involves these front-end components. The gadgets, apps, and
services all live on the backend. The backend is responsible for managing all the
programs that power the front end applications. The backend implies the
foundational parts of the actual cloud like computing resources, storage, services,
security mechanisms, management tools, and more.

Applications inside cloud design refer to the backend software or services

accessed by clients through the front end to manage user requests and their needs.
Based on the requirement, the application provides output to the end user.
Service is the main component in the cloud architecture. Services form the core
of cloud architecture, taking care of all tasks inside a cloud computing system.
Service deals with the various types of services that end users can access based
on their specific needs. They manage access to resources such as web
applications, storage, and development environments.
Runtime gives virtual machines an environment to execute and run projects
simultaneously. Runtime uses virtualization technologies, for example,
hypervisors, to address all services, including applications, servers, storage, and
networking.

Storage services are used to store and manage data in the cloud architecture. The
data stored in the cloud can be accessed by multiple people at the same time.
Cloud service providers offer scalable storage choices like hard drives, solid-state
drives, or persistent disks, intended to manage huge volumes of data efficiently.
Popular cloud storage options include Amazon Simple Storage Service (S3),
Microsoft Azure Blob Storage, and Google Cloud Platform (GCP).
Another component of the backend design is the infrastructure. Included in this
is the hardware that is vital for the operation of the system, such as central
processing units, graphics processing units, network interface cards, and other
components needed to power cloud services. It additionally incorporates the
necessary software to manage and operate these components

Management software, or middleware, is fundamental for correspondence

among frontend and backend components of cloud architecture. While carrying
out some tasks related to the cloud environment, it also specifies how the front-
end and back-end will work together. It guarantees that resources are distributed
dynamically in response to user needs. Additional functions include application
deployment, disaster recovery, monitoring of consumption and resources, and the
process of merging data from many sources.

Security efforts are important in cloud computing adoption, enveloping tools and
features to protect data, applications, and platforms. Security carries out various
safety efforts in the back end to secure cloud systems, applications, IP addresses,
files, infrastructure, and services. These actions include data security planning,
network security provisions, regular backups, debugging, and virtual firewall
implementations to prevent data loss and downtime, and guarantee redundancy

Types of Cloud Computing

Cloud computing can either be classified based on the deployment model or the
type of service. Based on the specific deployment model, we can classify cloud
as public, private, and hybrid cloud. At the same time, it can be classified as
infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS), and software-as-
a-service (SaaS) based on the service the cloud model offers.
Service Models

Infrastructure as a service (IaaS)

Infrastructure as a service or IaaS is a type of cloud computing in which a service

provider is responsible for providing servers, storage, and networking over a
virtual interface. In this service, the user doesn’t need to manage the cloud
infrastructure but has control over the storage, operating systems, and deployed
applications.
Instead of the user, a third-party vendor hosts the hardware, software, servers,
storage, and other infrastructure components. The vendor also hosts the user’s
applications and maintains a backup.

Platform as a service (PaaS)

Platform as a service or PaaS is a type of cloud computing that provides a

development and deployment environment in cloud that allows users to develop
and run applications without the complexity of building or maintaining the
infrastructure. It provides users with resources to develop cloud-based
applications. In this type of service, a user purchases the resources from a vendor
on a pay-as-you-go basis and can access them over a secure connection.
PaaS doesn’t require users to manage the underlying infrastructure, i.e., the
network, servers, operating systems, or storage, but gives them control over the
deployed applications.
This allows organizations to focus on the deployment and management of their
applications by freeing them of the responsibility of software maintenance,
planning, and resource procurement.
Software as a service (SaaS)

SaaS or software as a service allows users to access a vendor’s software on cloud

on a subscription basis. In this type of cloud computing, users don’t need to install
or download applications on their local devices. Instead, the applications are
located on a remote cloud network that can be directly accessed through the web
or an API.
In the SaaS model, the service provider manages all the hardware, middleware,
application software, and security. Also referred to as ‘hosted software’ or ‘on-
demand software’, SaaS makes it easy for enterprises to streamline their
maintenance and support.

Deployment Models

Private cloud based systems

Private cloud hosting’s are systems that use cloud computing services from a
dedicated infrastructure that is accessible only by a single customer or
organization. The infrastructure can be hosted on-premises or off-premises by a
third-party provider. These systems offer more control, security, and
customization than public cloud-based hosting.
However, they may also require more investment, maintenance, and expertise
than public cloud-based platforms. Some examples of private cloud platforms are
VMware vSphere, Red Hat OpenStack, and Oracle Cloud Infrastructure.

Public cloud based systems

Public cloud-based computings are systems that use cloud computing services
from a third-party provider over the public internet. The provider owns and
manages the infrastructure and offers shared resources to multiple customers.
Public cloud hostings are typically easy to use, cost-effective, and scalable.
However, they may have less control, security, and customization than other
types of cloud-enabled systems. Some examples of public cloud providers are
Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure,
and IBM Cloud.

Hybrid cloud based systems

Hybrid cloud computings are systems that use a combination of public and private
cloud services to run their applications. These systems enable customers to
leverage the best features of both types of cloud-enabled systems.
For example, customers can use private cloud for sensitive data and workloads,
and public cloud for scalability and innovation. These systems also allow
customers to migrate and manage workloads across different environments
seamlessly. Some examples of hybrid cloud platforms are Google Anthos, IBM
Cloud Pak, and Microsoft Azure Stack.

What are the Benefits of Cloud Computing?

Cloud computing can be beneficial to your business for the following reasons:
• Scalable data storage
• Easier and less expensive maintenance cost
• Eliminates disaster recovery concerns
• Better security
• Fewer compliance concerns
• Business continuity is guaranteed
• Less IT staff needed in-house
• Reduced costs
• Rapid cross-border expansion of business
• On-demand access to additional resources for rapid scaling

Benefits of cloud based systems

Cloud computing offers many benefits for businesses and organizations that want
to leverage the latest technologies and innovations quickly and efficiently. Some
of the benefits of cloud-based systems are:

Scalability

They allow customers to scale their resources up or down according to their

demand without having to invest in additional hardware or software. Customers
can also access global resources from different regions and zones to meet their
needs.
Flexibility

These systems allow customers to choose from a variety of services and features
that suit their requirements and preferences. Customers can also customize their
applications and environments according to their business goals and strategies.

Cost-efficiency
Cloud computing services allow customers to pay only for what they use and
avoid upfront capital expenses. Customers can also save on operational costs such
as maintenance, power, cooling, and security.

Security

These systems provide customers with various security features such as

encryption, firewalls, identity management, access control, backup, and recovery.
Cloud providers also comply with various standards and regulations to ensure
data privacy and protection.

Innovation

These systems provide customers with access to the most advanced technologies
and innovations such as artificial intelligence (AI), machine learning (ML), big
data analytics, the internet of things (IoT), blockchain, serverless computing, and
more. Customers can also benefit from the continuous updates and improvements
offered by the cloud providers.

What are the challenges in implementing a cloud based system an

enterprise?
Challenges of cloud based systems

Despite the many benefits of cloud based systems, there are also some challenges
that customers may face when adopting or using them. Some of the challenges of
cloud hosting are:

Compatibility

Cloud-based systems may not be compatible with some legacy applications or

platforms that customers have already invested in or rely on. Customers may need
to modify or migrate their existing applications or data to make them compatible
with the cloud environment.

Performance
Due to network latency or congestion, they may not guarantee consistent
performance across different regions or zones. Customers may need to optimize
their applications or data for better performance in the cloud environment.
Usability
These systems may not be easy to use or understand for some customers who lack
the necessary skills or knowledge. Customers may need to learn new tools or
processes to use cloud services effectively and efficiently.

Maintenance

Cloud-based systems may not be fully reliable or available at all times due to
technical issues or outages. Customers may need to monitor and troubleshoot
their cloud services and applications regularly and have contingency plans in case
of failures.

Security

Cloud-based computing may not be fully secure or compliant with some industry
or government regulations that customers have to follow. Customers may need to
implement additional security measures or policies to ensure data confidentiality,
integrity, and availability in the cloud environment.

Cost-benefit analysis and scalability

A cloud cost analysis is the process of identifying, understanding, and tracking

the costs connected to cloud computing and IT Infrastructure. By performing a
cloud cost analysis, businesses can find opportunities to reduce costs, optimize
how cloud is used across the organization, and invest their budget effectively.

A "cost-benefit analysis" in cloud computing involves systematically evaluating

and comparing the financial costs associated with utilizing cloud services against
the potential benefits gained, such as increased scalability, flexibility, cost
savings, and improved operational efficiency, to determine if migrating to the
cloud is a worthwhile investment for an organization.

Key aspects of a cloud computing cost-benefit analysis:

• Identifying costs:
o Direct costs: Subscription fees for cloud services (compute, storage,
network), data transfer charges, licensing costs, professional
services for migration and optimization.
o Indirect costs: Increased network bandwidth needs, potential data
security concerns, staff training for cloud technologies.
• Identifying benefits:
o Cost savings: Reduced hardware and software maintenance costs,
pay-as-you-go model for resource utilization, potential for
economies of scale.
o Operational efficiency: Faster deployment of applications, easier
scaling to meet demand fluctuations, improved disaster recovery
capabilities.
o Business agility: Access to new technologies and services, ability to
rapidly innovate and adapt to market changes.

Understanding the Components of a Cloud Cost Analysis

Different costs and elements make up a cloud cost analysis, including

infrastructure, networking, storage, and licensing. The more a business
understands the parts of a cloud cost analysis, the more likely they are to
account for all necessary components in their analysis.

Infrastructure Cost

In cloud computing, "infrastructure cost" refers to the expenses associated

with the underlying hardware, networking, and storage systems used to
deliver cloud services, including the cost of servers, data centers, network
bandwidth, and related maintenance, which are typically billed based on
usage (like per hour for compute power or per GB for storage) by cloud
providers to their customers.

Data Transfer Cost

Data transfer is mainly concerned with the cost of moving data between cloud
resources, or from an on-premises framework to cloud infrastructure. The amount
of data that is transferred will impact the cost, as well as the distance of the
transfer and the type of cloud service or cloud provider that is being used.

Cloud service providers typically offer different pricing options for data transfer
services. For example, a provider may charge for transfers across multiple regions
or between cloud providers while offering free/discounted data transfer fees
within certain zones.

Storage Cost

Data that is stored on cloud infrastructure comes with a cost. If a business is

storing data that is no longer necessary to retain in the cloud, they may be tacking
added expenses to their bill without realizing it. The type of storage and the region
where data is stored can also affect the cost.
As with data transfer costs, cloud providers typically provide different storage
pricing models across different regions. With that, it’s important to consider
location-specific pricing and data residency requirements when generating
storage cost estimates.

Licensing Cost

Licensing costs may include any software licenses used in the cloud environment.
This is a piece that can be overlooked because businesses tend to focus more on
the upfront costs of moving to the cloud and less at the pieces necessary to maintain
the environment. Certain cloud services providers empower customers to bring
their own software licenses into the cloud. However, before doing so, IT teams
would need to run an analysis to understand their:
• Licensing terms
• Costs for running the licensed software on cloud infrastructure
This evaluation is helpful in determining if it’s more cost-effective to use existing
licenses or transition to cloud-native alternatives.

Additional Services Cost

There are many cloud expenses that go beyond infrastructure and basic support
and maintenance. These costs can include machine learning, serverless
computing, and managed services that help you operate in the cloud. Backups,
disaster recovery, and compliance measures can also be a source of additional
costs.

Why is Cloud Cost Analysis Important?

Cloud cost analysis is essential for businesses today since it greatly impacts the
bottom line. Understanding and minimizing cloud expenses is critical for
financial efficiency and strategic decision-making as businesses progressively
transfer their activities to the cloud. Businesses can gain significant insights into
their cloud spending patterns by doing a complete cloud cost analysis, allowing
them to discover overspending areas, optimize resource utilization, and
eventually lower overall costs.

Furthermore, cloud cost analysis offers proactive cost management initiatives,

ensuring that enterprises remain under budget while maximizing the value of
cloud services. Given the complexities of cloud pricing schemes and the dynamic
nature of cloud environments, doing regular cost analyses enables businesses to
make informed decisions about resource allocation, scalability, and service
selection. Finally, by incorporating cloud cost analysis into their operational plan,
organizations can improve financial efficiency, increase competitiveness, and
accelerate business growth.
What is Scalability in Cloud Computing?

Cloud scalability is cloud infrastructure’s capability to expand or shrink

dynamically in response to changing demand for computing resources, such as
storage, processing power, or bandwidth.

Cloud scalability is the ability of cloud computing infrastructure to dynamically

adjust resources to meet changing demand. This means that as your business
grows, your cloud environment can quickly adapt to provide additional resources,
such as processing power, storage, or bandwidth, without the need for costly
hardware upgrades or infrastructure changes.

Cloud scalability offers a number of key benefits, including improved flexibility,

better cost control, increased performance, and enhanced reliability. It allows you
to scale your IT resources up or down quickly in response to changing business
needs, which can help you optimize your operations, minimize downtime, and
improve the overall performance of your IT infrastructure.
Overall, cloud scalability is a crucial aspect of cloud computing and an essential
tool for any organization looking to manage its IT resources effectively.

What Are The Benefits Of Cloud Scalability?

1. Cost Savings:
One of the primary benefits of cloud scalability is that it can help you reduce
costs. By only paying for the resources you need, you can avoid overspending on
unnecessary hardware or infrastructure. Additionally, cloud scalability allows
you to optimize your resources, which can help you save money on maintenance
and energy costs.

2. Improved Performance:

Cloud scalability allows you to scale up or down resources in real time, which
means you can respond quickly to changing computing power or bandwidth
demands. This can help you avoid bottlenecks and ensure that your applications
and services are always performing at their best.
3. Flexibility and Agility:

Cloud scalability allows you to respond quickly to changing business needs,

which can help you stay ahead of the competition. In addition, cloud scalability
can help you adapt to new market conditions or customer demands by providing
on-demand resources that can be scaled up or down quickly.

4. Improved Availability and Reliability:

Cloud scalability allows you to distribute workloads across multiple resources,

which can help you avoid downtime and ensure that your applications and
services are always available. This can be especially important for mission-
critical applications that require high availability and reliability.

5. Enhanced Security:

Cloud scalability allows you to implement security measures such as load

balancing, firewalls, and other security features, which can help you protect your
data and applications from cyber threats.
Overall, by adopting a scalable cloud infrastructure, you can position your
business for success and achieve better overall business results.

Security and Governance of cloud

Cloud governance is the process of managing an organization's cloud services

through policies, controls, and processes. It includes defining, implementing, and
monitoring these policies.

A cloud governance framework is critical for ensuring cloud services are

deployed and used consistently, efficiently, and effectively. Organisations can
manage their cloud resources to correspond with their business objectives while
also following regulations, preserving security, and reducing expenses.

Importance of cloud governance in modern businesses

By implementing a comprehensive cloud governance framework, organisations

gain better visibility across all business units and cloud environments. This
visibility enables the development of clear action plans and strategies to address
data breaches, system downtime, or other disruptive events, ensuring business
continuity and minimising the impact of such incidents.
Here are a few more points that drive the importance of cloud governance in
modern businesses:

• Optimised resource utilisation and cost efficiency: Cloud governance

enables organisations to monitor and control their cloud resources and
infrastructure effectively. By implementing strict monitoring and
governance processes, businesses can optimise resource utilisation,
identify and eliminate inefficiencies, and keep cloud costs under control.

• Enhanced operational efficiency and performance: With a holistic view

of their cloud environment, organisations can identify and resolve
performance bottlenecks, streamline management processes, and improve
overall operational efficiency. Cloud governance facilitates the
identification of areas for improvement, enabling businesses to maximise
the performance and productivity of their cloud-based systems and
applications.

• Improved compliance and adherence to policies and standards: Cloud

governance frameworks incorporate stringent compliance monitoring
mechanisms, ensuring that organisations adhere to all relevant policies and
standards, minimising the risk of non-compliance and potential legal or
financial consequences.

• Enhanced security and risk mitigation: Cloud governance models

include robust identity and access management strategies and
comprehensive security monitoring processes. By implementing these
measures, organisations can proactively identify and mitigate potential
vulnerabilities, reducing the likelihood of data breaches, cyber-attacks, and
other security threats.

Cloud Security

Cloud security is the whole bundle of technology, protocols, and best practices
that protect cloud computing environments, applications running in the cloud,
and data held in the cloud. Securing cloud services begins with understanding
what exactly is being secured, as well as, the system aspects that must be
managed.

The full scope of cloud security is designed to protect the following, regardless
of your responsibilities:
• Physical networks — routers, electrical power, cabling, climate controls,
etc.
• Data storage — hard drives, etc.
• Data servers — core network computing hardware and software
• Computer virtualization frameworks — virtual machine software, host
machines, and guest machines
• Operating systems (OS) — software that houses
• Middleware — application programming interface (API) management,
• Runtime environments — execution and upkeep of a running program
• Data — all the information stored, modified, and accessed
• Applications — traditional software services (email, tax software,
productivity suites, etc.)
• End-user hardware — computers, mobile devices, IOT etc.

Data security and compliance in the cloud

Cloud Data Security

Cloud data security is the practice of protecting data and other digital information
assets from security threats, human error, and insider threats. It leverages
technology, policies, and processes to keep your data confidential and still
accessible to those who need it in cloud-based environments.

Assignment - Why companies need cloud security? Why it is important in today’s

era?

Importance of cloud data security?

In the 1990s, business and personal data lived locally — and security was local
as well. Data would be located on a PC’s internal storage at home, and on
enterprise servers, if you worked for a company.
Introducing cloud technology has forced everyone to reevaluate cyber security.
Your data and applications might be floating between local and remote systems
— and always internet-accessible. If you are accessing Google Docs on your
smartphone, or using Salesforce software to look after your customers, that data
could be held anywhere. Therefore, protecting it becomes more difficult than
when it was just a question of stopping unwanted users from gaining access to
your network. Cloud security requires adjusting some previous IT practices, but
it has become more essential for two key reasons:
1. Convenience over security. Cloud computing is exponentially growing as
a primary method for both workplace and individual use. Innovation has
allowed new technology to be implemented quicker than industry security
standards can keep up, putting more responsibility on users and providers
to consider the risks of accessibility.
2. Centralization and multi-tenant storage. Every component — from core
infrastructure to small data like emails and documents — can now be
located and accessed remotely on 24/7 web-based connections. All this
data gathering in the servers of a few major service providers can be highly
dangerous. Threat actors can now target large multi-organizational data
centers and cause immense data breaches?

Cloud Compliance

Cloud compliance is the adherence to a set of standards and regulations mandated

for cloud computing services. These standards, often set by governmental bodies,
industry groups, or internal policies, ensure that data stored and managed in the
cloud is protected and used responsibly. Cloud compliance safeguards sensitive
information, ensures data privacy, and maintains trust between cloud service
providers and their clients.

Importance of Cloud Compliance

Cloud compliance is crucial for any business operating in the cloud. It ensures
that cloud services are used responsibly and align with both legal and ethical
standards. For businesses, cloud compliance is not just about following rules; it’s
about safeguarding their operations, reputation, and customer trust.

• Data protection and privacy: Effective cloud compliance measures are

essential for protecting sensitive data from unauthorized access and
breaches. By adhering to compliance standards, businesses ensure that
personal and sensitive information is handled securely, reducing the risk of
data leaks and the associated legal and reputational repercussions.

• Legal and regulatory adherence: Compliance with laws and regulations

such as the GDPR is mandatory for businesses operating in the cloud. This
adherence prevents legal penalties and fines, which can be substantial and
damaging to a company’s financial health and public image.

• Business continuity and risk management: Cloud compliance plays a

key role in risk management and business continuity planning. It helps in
identifying and mitigating risks associated with cloud usage, ensuring that
business operations are not disrupted by compliance failures or data
security breaches.

• Customer trust and loyalty: Customers increasingly demand

transparency and security regarding their data. Adhering to cloud
compliance requirements reassures customers that their information is
being handled responsibly, fostering trust and loyalty.

• Competitive advantage: In a market where many businesses leverage

cloud services, compliance can be a differentiator. Companies that
demonstrate robust compliance practices can gain a competitive edge,
attracting customers and partners who value data security and ethical
practices.

Cloud governance frameworks

A cloud governance framework is a set of policies and controls that guide an

organization's cloud operations. It helps ensure that cloud services run
consistently and securely.

Framework for cloud governance

A Cloud Governance Framework is like a set of rules and best practices that
help organizations manage their cloud services effectively. It ensures that cloud
usage is secure, cost-efficient, and aligned with business goals.

Think of it as a traffic system for the cloud—just like traffic rules keep roads
safe and organized, a cloud governance framework keeps cloud operations under
control.
Key Elements of a Cloud Governance Framework
1. Security & Compliance – Ensuring that data is protected and follows
legal regulations (e.g., GDPR, HIPAA).

The General Data Protection Regulation (GDPR) is a legal framework that sets
guidelines for the collection and processing of personal information from
individuals who live in and outside of the European Union (EU).

HIPAA stands for Health Insurance Portability and Accountability Act. It's a
federal law in the United States that protects the security and confidentiality of
health information .HIPAA also gives patients more control over their health
information.

2. Cost Management – Controlling cloud expenses to prevent overspending.

3. Performance Optimization – Making sure cloud applications run
efficiently.
4. Access Control – Deciding who can access what data and services.
5. Data Management – Organizing and securing data storage, backups, and
recovery.
By following a cloud governance framework, companies avoid risks, reduce
costs, and make the most of their cloud investments while maintaining control
over their IT environment.