The History Of Cloud Computing Information Technology Essay

The History Of profane Computing Information Technology EssayCloud Computing argon data and applications that ar recoverible through legions around the world (Clouds), and it posterior be reached at every time, from any device with off installing that specific application to your computer. info management within befog involves extreme parallelization and distri providedion of data. Its goals are to provide quickness in which applications are deployed, increase the engineering, and lower costs, all while increase business agility. The different types of proceedss including IaaS, PaaS, SaaS have been projected for b litterch reason. But, consumers want efficient and efficient security for their virtual machines. in that respect is some cloud providers that spree security-as-a-service based on VM introspection that promise the best of both worlds efficient centralization and effective protection. Since customers skunk move data and apps from one cloud to another, an effec tive solution requires learning what providers to work with and what they secure.This report allow provide detailed understanding of cloud computing and its major security issues. This will include the fib of Cloud Computing, the models, its characteristics, deployment models, applications, advantages and disadvantages, security issues and other concerns.Key WordsAccess ControlCloud ComputingCloud SecurityDelivery ModelsDeployment ModelsSPIThis Report is organized the followingChapter 1 IntroductionsChapter 2 Defining Cloud ComputingChapter 3 Cloud SecurityChapter 4 Conclusion/ upcoming ResearchIntroductionClouds is a metaphor for the Internet, the term Cloud Computing for computation all over the Internet. It allows implementrs to recover resources database and Internet applications from anywhere as long as needed without worrying about criminal maintenance or management of real resources. In addition, the databases in the cloud are very dynamic and evolving.Cloud Computing is unlike grid computing, utility computing, or autonomic computing. In fact, it is a very independent platform in terms of computing. The best example of cloud computing if Google Apps where any application can be accessed utilise a browser and it can be deployed on thousands of computer through the earnings. Most of the data is stored on local lucres with servers that may be clustered and sharing storage. This approach has had time to be developed into stable architecture, and provide decent redundancy when deployed right. Pinal Dave. Introduction to Cloud Computing Published 10 Apr 2009This new technology, cloud computing, requires the attention and it changes rapidly the direction of the technology. Whether it is Googles file system or Microsoft Azure, it is clear that cloud computing has arrived with practically to learn. In dealing with the digest concept of the cloud, it is easy to misunderstand the structure and function.Defining Cloud ComputingWhat is Cloud Computing ?Cloud computing is a type of computation over the Internet. It shares resources instead of victimisation a software or hardware on a physical computer. Cloud computing can be software and infrastructure. And, it can improve collaboration, mobility, size and availability features.It also improves cost reduction by offering a centralized platform for use when needed, and the reduction of energy consumption. contrary grid computing, cloud computing can be hosted externally, but also internally, oddly for companies who have businesses around the world.Consumers will no longer have to download and install memory-hogging applications and software on their device and will instead have access to everything they need via the browser. With this model, most of the computing software will be rented on an as-needed basis rather than being bought as an expensive one-off purchase. what is cloud computing and how to use it. February 11, 2010 .There are many definitions that try to answer the cl ouds of todays point of capture of developers, researchers, administrators, engineers and consumers. This report focuses on a definition that is specifically tailored to the unique perspectives of IT network and security professionals.2.2. History of Cloud ComputingOriginally, Cloud Computing was an unclear term for a vague and distant future in which computing would occur in a few remote locations without the need for very much human intervention. Infinite computing resources would be available for every need at prices approaching zero. Certainly, users would not care about how the computers, their software, or the network functioned.The root word of an intergalactic computer network was introduced in the 60s by J.C.R. Licklider, who was responsible for enabling the development of ARPANET (Advanced Research Projects Agency Network) in 1969.His vision was for everyone on the globe to be interconnected and accessing programs and data at any site, from anywhere, explained Margaret Lewis, product marketing director at AMD. It is a vision that sounds a lot like what we are business cloud computing. History of cloud computing Computer Weekly (2009).Computer scientist John McCarthy, who attributed the cloud concept, proposed the idea of computation being delivered as a world utility, similar to the service bureaus which date back to the 60s. Since the 60s, cloud computing has developed along a number of lines, with Web 2.0 being the most recent evolution. However, since the internet only started to offer significant bandwidth in the 90s, cloud computing for the masses has been something of a late developer.In the past, the computers were connected from a larger computer. It was a universal technique in industry. The technique enabled you to configure the computer to talk to each other with specially designed protocols to balance the computational load across machines. As a user you didnt care about what CPU was running the program, and cluster management softw are ensured that the best CPU at that time was used to commit the code.In the early 1990s Ian Foster and Carl Kesselman came up with a new concept of The Grid. The analogy used was of the electricity grid where users could plug into the grid and use a metered utility service. If companies dont have their own powers stations, but rather access a third party electricity supply, why cant the same don to computing resources? Plug into a grid of computers and pay for what you use. Cloud Expo Article A Brief History of Cloud Computing Is the Cloud There Yet? Paul Wallis August 22, 2008 One of the first milestones for cloud computing was the arrival of Salesforce.com in 1999, which pioneered the concept of delivering enterprise applications via a simple entanglementsite. The services fast(a) paved the way for both specialist and mainstream software firms to deliver applications over the internet. The next development was Amazon Web service in 2002, which provided a cortege of cloud-ba sed services including storage, computation and even human intelligence through the Amazon Mechanical Turk. Then in 2006, Amazon launched its Elastic Compute cloud (EC2) as a commercial web service that allows small companies and individuals to rent computers on which to run their own computer applications. Amazon EC2/S3 was the first widely accessible cloud computing infrastructure service, said Jeremy Allaire, CEO of Brightcove, which provides its SaaS online video platform to UK TV stations and newspapers. A history of cloud computing ArifMohamed Friday 27 March 2009 another(prenominal) big milestone came in 2009, as Web 2.0 hit its stride, and Google and others started to offer browser-based enterprise applications, though services such as Google Apps.Today, many companies are shot up data centers, sometimes as an extension of their own needs, sometimes only to serve customers. Originally, the idea of these clouds was to provide power and storage capacity. Everything else will be taken up by the customer. Now providers offer many services depending on the consumer needs. mention http//www.fuzeboxinc.com/Extras/Blog/2.3. SPI for Cloud ComputingSPI. This abbreviation stands for the three major services in the cloud. Software-as-a-Service, Platform-as-a-Service, and al-Qaida-as-a-Service. computer address http//texdexter.files.wordpress.com/2009/09/figure-1-cloud-computing-architecture.jpg2.4. Delivery Models base of operations as a Service (IaaS)- Instead of wasting money on servers, software, hardware, racks..etc. the provider would resource the service. This will be on demand computing and whatever the amount is consumed that what the consumer will be charged. This service can be hosted or via VPS(virtual private servers)Major Infrastructure Vendors Below are companies that provide infrastructure servicesGoogle (GOOG) Managed hosting, development environmentInternational Business Machines (IBM) Managed hostingSAVVIS (SVVS) Managed hostingTerremark Wo rldwide (TMRK) Managed hostingAmazon.com (AMZN) Cloud storageRackspace Hosting (RAX) Managed hosting cloud computingCloud platform services (PaaS)- delivers a platform or a solution hatful as a service. This makes the delivery of applications easier without the cost of hardware or software. equivalent Salesforce.coms, which lets subscribers access their applications over the cloud. Amazon, Google, and Microsoft have also allow the users access their applications from centralized servers.Software as a service (SaaS)- issoftware in the cloud. This deployment model is short through the web browser. This eliminates the installation of applications on the consumers computer making it easy to access as simplifying maintenance and support.Characteristic of SaaSAvailability via a web browseron demand availabilitypayment terms based on usageminimal IT demands2.5. Deployment ModelsPrivate cloud- This is used only for organizations. Can be managed by the organization or to third parties and can exist on premise or off premise.Community cloud- This is used by many organizations working together, and is matched with a particular community, which shared the concerns (eg, mission, security requirements, policy and compliance). It can be managed by organizations or third parties and can exist on premise or off premise.Public cloud- This is owned by cloud providers and is used by a larger organization or the general public. Hybrid cloud- Cloud Infrastructure is composed of two or much clouds (private, community or the public), that remain unique entities, but are caused by a stockized or branded technology that enables data and applications.2.6. Essential Characteristics What is Cloud Computing? On-demand self-service- A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each services provider.Broad network access- Capabilities are available over the ne twork and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, lap outperforms, and PDAs).Resource pooling- The providers computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that, the customer largely has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of synopsis (e.g., country, state, or datacenter). This includes storage, processing, memory, network bandwidth, and virtual machines.Rapid elasticity- Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time.Measured Service- Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported providing transparency for both the provider and consumer of the utilized service.Source www.katescomment.com/images/CloudCube.pngCloud Security3.1. Pros and ConsThe main question is whether users are prepared to use the service from your local computer and are moving into the cloud because cloud computing has advantages and disadvantages to all potential users, but may have different meanings for different users.ProsReduced Cost Cloud technology is paid incrementally (you pay only for what you need), redemptive organizations money in the short run. Money saved can be used for other important resources.Increased Storage Companies can save more data than on servers.Highly Automated IT staff not needed to keep software up to date as maintenance is the job of the service provider on the cloud.More Mobility Employees can access entropy wherever they are.Allows IT to Shift Focus No longer having to worry about constant server updates and other computing issues, government organizations will be free to concentrate on innovation.ConsSecurity standards depending on company and global locationReliance on 3rd Party Control over own data is lost in the hands of an difficult-to-trust providerCost of transition Is it feasible for me to move from the breathing architecture of my data center to the architecture of the cloud?Uncertainty of benefits Are there any long term benefits?Today, customers are looking expand their on-premises infrastructure, but cannot afford the risk of compromising the security of their applications and data.In this survey of IDC, security ranked first as the greatest challenge or issue in cloud computing.So urce IDC Enterprise PanelWhat is Cloud Security?Security in the cloud, is not different than security control. But, because of the cloud models for contractual services, business models and technologies are used to cloud services, cloud computing different risks of a traditional organization of IT solutions can have. Cloud Computing is to lose control and accountability at the same time, but operational responsibility lies with one or more other parties.Not all services are the same. This depends on the provider you choose. This envision below illustrates the issue in SaaS where the contracts are negotiable service levels, privacy, and compliance are all issues to be dealt with legally in contracts. In an IaaS, the remainder of the stack is the responsibility of the costumer. PaaS offers a balance in between, where the provider is in charge of securing the platform, but securing the application developed against the platform and developing them securely, both belong to the consumer .Source http//www.rationalsurvivability.com/blog/wp-content/media/2009/07/CloudRefModel.htmlThe technology has many advantages for employers. It is a simple solution that is cost effective, and can be updated easily and as quickly as the business grows, especially during peak sales. Many entrepreneurs do not do their homework when registering with a provider of cloud, and neglect to ask whether sensitive data can be uninvolved or not, or what layers of security is available.Cloud Security Top ThreatsAccording to CSA (Cloud Security Alliance) The report, titled Top Threats to Cloud Computing V1.0, These are the following threats in cloud computingAbuse and Nefarious use of Cloud Computing Attackers can find a way to upload malware to thousands of computers and use the power of the cloud infrastructure to attack other machines.Insecure Application Programming Interfaces The reuse and combination of existing code to rapidly build applications often sacrifices quality potency for agili ty and quick turnaround, resulting in insecure APIs.Malicious Insiders One that gains in importance as many providers still dont reveal how the hire people, how they grant them access to assets or how they monitor them. Transparency is, in this case, vital to a secure cloud offering, along with compliance reporting and breach notification.Shared Technology Vulnerabilities share infrastructure is a way of life for IaaS providers. Unfortunately, the components on which this infrastructure is based were not designed for that. To ensure that customers dont thread on each others territory, monitoring and inviolate compartmentalization is required, not to mention scanning for and patching of vulnerabilities that might jeopardize this coexistence.Data Lose/Leakage Using security control to protect the inside(a) data in a company. This control is hard to apply to new environment. There is a lack of having the ability to monitor and control what is going on.Accounting, Services and Traffi c Hijacking The cloud is vulnerable to hacking. Like being redirected to malicious sites.Unknown risk profile The customer are not well intercommunicate on where their applications are being reside, nor the configurations of the systems.Access Control in the CloudIn a traditional network, access control focuses on protecting from illegitimate users based on host-based attributes. Which sometimes is inadequate, this can cause inaccurate accounting. In the cloud, the access control works as a cloud firewall policy. This is by using rules using TCP/IP parameters, including the source of IP, the source port, the IP destination and the port destination. Unlike the network-based access control, the access should be strongly focused in the cloud by binding the users identity to the resource in the cloud and will help protect access control, data protection and users accounts.ISO/IEC 27002 has defined cardinal access control objectives that cover end user, privileged user, network, appli cation, and information access control.The objective is to ensure that the authorized user have access the right information and unauthorized users are prevented from accessing the systems. A procedure should take place and should cover all stages in the lifecycle of the user access, staring from the registration of the new user to the terminal step which is denying the user who will no longer need to access the information in the system.The following are the six control statements Control access to information. Manage user access rights. Encourage good access practices. Control access to network services. Control access to operating systems. Control access to applications and systems.The reasons for this six control statements from the view of IT security, is providing access to information and applications to authorized users. The objective of this task is to provide the right users the right services, while preventing access to unauthorized users.Conclusion/Future Research4.1. C onclusionCloud computing is increasingly popular. Industry leaders like Microsoft, Google and IBM, have been promoting cloud computing and have gain a lot of costumer. But the rest of the public that are still doing research on the topic are still doubting and afraid to migrate to the cloud.There are still many questions left without any answer and the most important one is security. On the other hand, Cloud Computing is the most amazing technology that has happened recently. It is easy to use, cheaper, faster, and convenient. The question is whether the users are ready to move and if so, what providers to move to.Security technology must be developed specifically for the protection of the business in the cloud. The technology has changed and security needs to keep up with it.Future WorkAccording to btsecurethinking.com, Breach Security is working with partners, such as Akamai, to provide web application security in the cloud. Example, when deployed with Akamais Web Application Fire wall service, Breachs WebDefend Global Event Manager is the first web application security management solution to put up against global application security threats by enabling customers to make distributed cloud and data center defense-in-depth architectures operational.CSA and HP are still doing research on top threats and intended to alert businesses to current and future cloud computing risks.