Cloud Computing represents the best solution for companies, taking into consideration that the budgets of almost all countries shrink. The Cloud is based on the idea of generating computing facility on demand.
The capability of the Cloud is as a centralized resource that can match to industrial scales. This means that there will be involved lots of machines implanted in a network which has surpassed the capability of a high performance computer.
But what does Cloud computing means? Cloud computing perform a modern concept and it is the best solution regarding the economic ability on the side of IT and dynamic flexibility on the side of the consumer.
It is a model made available to consumers in a pay-as-you-go model and it enables convenient and on-demand network access to computing resources (e.g., servers, networks,services,application,and storage,) with little management effort, taking into consideration the scalability of the environment, allowing a vast service with no human intervention.
The main/basics resources that Cloud computing provide and delivers over the internet to the companies are: servers, applications (e.g. e-mails, voice, back-up), security, all IT services which are supposed to improve the turn-around-time of all companies and also a low budget and efficient solution.
This IT solution is often seen as a great solution for all the customers but also as a way to advertise and making use of it on marketing scope.
Cloud Computing is based on SLA (Service Level Agreements), between the customers and the service providers. The SLA includes pricing, quality of service, obligations and also penalties in case the agreements are violated.
Cloud services are both flexible and reliable and the SLA violations are prevented by the provider because they would represent a high cost for them. In order to void SLA violation threats, the user can interact with the system in a trustworthy and malleable way, which is based on -on demand- computing. This way, the user long lasting internet connection makes possible that all the data can move from a user to another just “on demand”, as any other common service like water or electricity.
How does this work? Cloud computing applies both traditional supercomputing and also high capability computing power. Using CPUs (Central Processing Unit), internal or external hard drives, CD/DVDs, a computer will be able to recover, archive and elaborate the data.
If there are various computers connected in a local network or a wide area network, the recovery, archiving or data elaboration can be extended also to other computers, representing a great advantage for the users. The users can make use of this cloud computing technology only with a simple internet browser.
Another advantage of using cloud computing is the fact that there is no need for the users to have installed on their own computer, but you can save your date remote, and it will be saved online by the provider.
Of course, the user can only take advantages of all these only with the help of a large group of servers and the shared IT infrastructures. The users do not know were these servers are located, but the fact that they can take full use of the power of cloud computing, satisfies and meets the provider objectives.
If the cloud computer interface is made available to the user in a proficient way, then it will not be necessary for the user to be an expert on the technology and infrastructure he uses (e.g. there will be no need for the user to update his software, because this will be managed centrally by the provider).
Regarding the methodologies used for Cloud Computing, these are referred to Service Oriented Architecture (SOA), Virtualisation, Goal-Question-Metric (GQM), and Security Metrics Hierarchy.
Why SOA? The name comes from the fact that all services are seen as a task which is provided to the end users. This kind of architecture comprises a flexible set of design principles which are used during the phases of system development and implementation.
The implementation of SOA- based architecture will provide to the end user a suite of services that can be used within multiple domains. SOA will allow services both to be discovered and implemented. When the user desires to process a task, a service can be employed in order to discover the required resources for the task.
A composition service will follow to it, then a toad map will be planned in order to provide the desired functionality and the desired quality of service.
Why Virtualization? This methodology relieves the user from the burden of purchasing and installing the system. This means that the resources will be brought to the users by the Cloud. Of course, virtualization may refer to Hardware, Memory, Storage, Software, Data and Network. Virtualization represents the main asset of Cloud Computing due to the below advantages:
Advantages of Cloud Computing
1.Server and application consolidation: the resources can be used in a much more efficient way, even if the resources are be used in the same time, running on the same server;
2.Configurability: the resource requirements usually differ for each application and that is why with the help of the virtualization it is offered an efficient solution for customized configuration and aggregation of resources, not achievable at a hardware level;
3.Increased application availability: if there is an unplanned outrage, the virtualization makes possible the quick recovery of all the information;
4.Improved reaction: resource provisioning, monitoring and maintenance can be automated and all common resources can be reused after being cached.
These benefits will ensure that Cloud meets SLA (Service Level Agreement) requirements in a very efficient way, saving costs. If there hadn’t been for the virtualization, the systems would have wasted valuable resources and they would not be able to manage high workloads.
The GQM method (Goal-Question-Metric) has been designed in order to identify and to move software defects to a realistic model, where the issues found will be analysed and based on the analysis, there will be found the root cause of the problem and the objective of solving it will be met.
There are three levels that are defined by the GQM methodology:
1. Conceptual level- issues is analysed taking into consideration different reasons why the quality was not met for example and it is also taken into consideration the environment.
2. Operational level- there will be a set of questions that will be asked in order for the object under study to be defined. This way, there will be done an assessment in order for the specific goals to be met.
3. Quantitative level –there will be taken into consideration a set of metrics, which will be based on different models. Each model will be associated with each question in order to answer it in a measurable way.
Regarding the security metrics hierarchy, it has to be mentioned that it is directly generated from the GQM Definition process. This means that the security features are embodied in the corresponding security metrics.
Security Metrics Hierarchy is a result of the GQM method.
Please find below the differences between the SMH and GQM levels:
GQM Levels SMH levels
Conceptual level Group Metric
Operational level Metric
Quantitative level Sub-Metric
If a goal statement will be identified in the conceptual level, this will trigger a group metric.
The operational level will search for the activities and objects which have to be collected in order to see the amount the individual components, which are part of the of the goal statement.
In the end, the quantitative level will define the metric which will remain in line with the higher level goal statement.
The main components of Security Metrics Hierarchy are
1.Security index- have the highest values from the security items
2.Group metrics-have the highest values from the metrics items
3.Metrics- the value of a metric group has the highest value from a set of sub-metrics
4.Sub-Metrics- the value of a metric has the highest value from a set of sub-metrics. It represents a small part of a metric and it can be used as a specialized metric and consequently will have an influence on the overall metric.
Conversion of Security Metrics
The conversion of Security Metrics is done in order to extract a meaning for the primitive metrics which have already been measured. These metrics can be sorted taking into consideration the absolute value of it.
There is the possibility for the security metrics to have difficult instances difficult to be compared to each other and in order to prevent this thing and to simplify the computational model it will be used a method in order to convert the value of each primitive metric to a common scale of values.
The highest value will represents a security level which is less reliable and which has the risk of containing an issue that will have to be solved. On the other hand, the lowest value (0) is the safest and it means that there is no issue to worry about; therefore no action will be needed.
There are few important characteristics, which make Cloud Computing an important solution for the consumers and they define the need of all the users who chose to take benefit from this concept:
Improves business agility: the users are able to make use of the technological infrastructure resources which are provisioned in minutes.
Accelerate time to value: Legacy data centres have become costly, complex, lots of choreography and there are too many people involved. The processes to get things done are both time consuming and unsustainable.
It can be very complicated to deliver an application infrastructure and the fact that it would require many processes and teams coordinating to order the system, locate equipment, secure approvals, set up the servers, storage, networking, load and patch the OS, virtualisation and application software, and bring it all online. That is why cloud computing solves this problem, through efficient steps, accelerated service delivery and improved service quality.
Virtualisation: makes possible the transfer of information from one server to another, and this way the user can share the needed information with other consumers.
Reduce costs: is another important characteristic. Companies with large workloads will have substantial cost savings and there are not necessary advanced IT skills in order to have implemented Cloud computing for the consumer’s business.
Develop once, run anywhere: the device/ location independence makes possible for the user to connect from anywhere, using only his own device and an internet browser, this way the users will be able to access their information no matter their location.
Trustworthiness: is another characteristic which ensures business continuity and data recovery in case of a disaster (e.g. lost data etc).
Multi- tenancy: is a principle in software architecture and it makes possible cost and resources sharing within the users.
On demand self-services: human interaction will not be necessary and all services will be provided by the service provider. Examples of on demand self service providers are Amazon, Google, Saleforce.com, and Microsoft.
Security: has increased a lot, even if there are still concerns regarding an eventual data control loss. Using computer clouding makes available to the users complex security systems, which consumers could not afford.
Scalability: dynamic provisioning of data which helps to avoid any occurring issue.
Maintenance: end-users do not have so much work to do when it comes both to resources upgrades and to management. These will be handled by the Cloud Computing service providers
Service models of cloud computing
There are three fundamentals service model of cloud computing
SaaS (Software as a service) refers to different programs installed on a remote server, therefore they are not installed on the user’s computer and the local network is not used, but instead, it is used a web server.
DaaS (Data as a service) refers to the service model which helps the user to access his own data as if it were saved on his own computer with the help of an application, which represents a high advantage for the user.
HaaS(Hardware as a Service)refers to the service that the user uses in order to send data to a computer and then the data will come back to the initial user.
There are other two services that could be added to the above services:
PaaS (Platform as a Service) refers to a software computer platform, where there could be included services, libraries, programs etc.
IaaS (Infrastructure as a Service) refers to the use of the remote hardware services. This kind of cloud could be associated to Grid computing, but IaaS provides instead services “on demand” to the consumer.
If needed, an automatic back-up is done and then the data is transferred online while the saved information is kept on a server farm, which is usually localized in the country of the service provider.