Cloud Computing is the trend of the day. Owing to various benefits, organizations are moving towards cloud applications and services. To cope up with the changing market scenario, knowledge on cloud computing has become a necessity. A cloud computing certification is a globally acknowledge credential that validates one’s knowledge on cloud applications and services. Simplilearn brings to you online cloud computing training program that lets you prepare for the Cloud Computing foundation exam at your pace and from your own place. This presentation on Cloud Computing covers all the basic cloud topics. This is prepared by our highly qualified and certified trainers. Each slide covers important topics like types of cloud services, applications and advantages of cloud implementation in industries. Get an understanding of Cloud Computing topics through these slides. Also get better training insights from the cited examples and practice questions. Improve your knowledge on Cloud Computing with Simplilearn and make us a part of your success story.

1. Cloud Computing Foundation
An Introduction to Could Computing Training by Simplilearn

2. Agenda
• Introduction
• History of Cloud computing
• Foundational Elements of Cloud Computing
• Principles of Cloud Computing
• Cloud Computing Security
• Secure Cloud Migration Paths
• Using the Cloud
• Implementing and Supporting the Cloud
• Managing Cloud Computing
• Evaluation of Cloud Computing
• Cloud Computing Case Studies and Security Models

3. 1. Introduction

4. Course objectives
• Fundamental concepts of the cloud computing platform:
– Deployment
– Architecture
– Design
• What made cloud possible
• Pro’s and cons, benefits and risks
• Standards and best practices

5. What you will learn?
After completing this course, you will be able to:
•Identify essential elements
•Describe the pros and cons
•Understand the business case for going to the cloud
•Describe how to build a cloud network
•Understand virtualization architecture
•Describe security and privacy issues
•Understand federation and presence
•Describe cloud computing standards and best practices
•Describe how mobile devices can be used in the cloud

6. Overview
6

7. The NIST Cloud Definition Framework
Hybrid Clouds
Deployment
Models Private Community
Public Cloud
Cloud Cloud
Service Software as a Platform as a Infrastructure as a
Models Service (SaaS) Service (PaaS) Service (IaaS)
On Demand Self-Service
Essential
Broad Network Access Rapid Elasticity
Characteristics
Resource Pooling Measured Service
Massive Scale Resilient Computing
Common Homogeneity Geographic Distribution
Characteristics Virtualization Service Orientation
Low Cost Software Advanced Security
Based upon original chart created by Alex Dowbor - http://ornot.wordpress.com
7

8. History of Cloud Computing
Objective:
•Exploring the history of shared computing and the technological,
economic, organizational enablers for Cloud Computing
•To learn about how technologies evolved from cluster , grid and
virtualization into cloud computing
•To learn about datacenter architectures of grid, utility and
virtual machines
8

9. History of Cloud computing
In principle, there were
 Cluster Computing
 for load balancing
 Grid computing
 many computers in a network solve a single problem
 Utility computing
 packaging of computing resources, such as computation, storage
and services, as a metered service
 Virtualization
 decouple software and hardware

10. Trends
* distributed
* grid computing * utility computing * cloud computing
computing
* distributed computing * grid computing * utility computing * cloud computing
10

12. EXAMPLES
• Amazon
• Elastic Compute Cloud (EC2)
• Simple Storage Service (S3)
• Google’s App Engine
• Microsoft
• Windows Azure
• Microsoft SQL Services
• Microsoft .NET Services
• Live Services
• Microsoft SharePoint Services and Microsoft Dynamics CRM
Services
12

13. Example 1: Amazon Cloud
• Amazon cloud components
• Elastic Compute Cloud (EC2)
• Simple Storage Service (S3)
• SimpleDB
• New Features
• Availability zones
• Place applications in multiple locations for failovers
• Elastic IP addresses
• Static IP addresses that can be dynamically remapped to point to
different instances (not a DNS change)
13

14. Amazon Cloud Users:
New York Times and Nasdaq (4/08)
• Both companies used Amazon’s cloud offering
• New York Times
– Didn’t coordinate with Amazon, used a credit card!
– Used EC2 and S3 to convert 15 million scanned news articles to PDF (4TB data)
– Took 100 Linux computers 24 hours (would have taken months on NYT
computers
– “It was cheap experimentation, and the learning curve isn't steep.” – Derrick
Gottfrid, Nasdaq
• Nasdaq
– Uses S3 to deliver historic stock and fund information
– Millions of files showing price changes of entities over 10 minute segments
– “The expenses of keeping all that data online *in Nasdaq servers+ was too high.” –
Claude Courbois, Nasdaq VP
– Created lightweight Adobe AIR application to let users view data
14

15. Example 2: IBM-Google Cloud
• “Google and IBM plan to roll out a worldwide network of servers for a cloud
computing infrastructure” – Infoworld
• Initiatives for universities
• Architecture
– Open source
• Linux hosts
• Xen virtualization (virtual machine monitor)
• Apache Hadoop (file system)
– “open-source software for reliable, scalable, distributed computing”
– IBM Tivoli Provisioning Manager
15

16. Example 3: Microsoft Azure Services
Source: Microsoft Presentation, A Lap Around Windows Azure, Manuvir Das
16

17. Windows Azure Applications,
Storage and Roles
n m
LB
Web Role Worker Role
Cloud Storage (blob, table, queue)
Source: Microsoft Presentation, A Lap Around Windows Azure, Manuvir Das
17

18. Grid Computing
• Distributed parallel processing across a network
• Key concept: “the ability to negotiate resource-sharing arrangements”
• Characteristics of grid computing
– Coordinates independent resources
– Uses open standards and interfaces
– Quality of service
– Allows for heterogeneity of computers
– Distribution across large geographical boundaries
– Loose coupling of computers
18

19. Grid Computing

20. 20

21. Utility computing
•Originally, time-sharing access to mainframe (1960’s)
•“Rediscovered” in late 1990’s as alternative to building and running your
own datacenter – build large datacenter and rent access to customers
Sun, IBM, HP, Intel, and many others built datacenters and rented
access to servers
•1990’s usage model:
Long legal negotiations with strong service guarantees
Long-term contracts (monthly/yearly)
Approx. $1/hour pricing per physical computer
•Overall, this model was not commercially viable!

22. Utility Computing
• “Computing may someday be organized as a public utility” - John
McCarthy, MIT Centennial in 1961
• Huge computational and storage capabilities available from utilities
• Metered billing (pay for what you use)
• Simple to use interface to access the capability (e.g., plugging into an
outlet)
22

23. Virtualization
• Creation of a virtual (rather than actual) version of something, such as
a hardware platform, operating system, a storage device or network
resources.
o Abstraction layer that decouples computation from physical
resource
• Motivations
o Resource sharing with security and isolation
 Similar to multi-user/multi-programming
o Ease of management
 Virtual machines (bits) vs.. physical resources (hardware)
 E.g.: start/stop, clone, migrate, suspend an entire virtual
machine
 As flour is to a cookie, virtualization is to a cloud
23

24. Cloud Enabling Technology: Virtualization
Traditional and Virtualized stack
App App App
App App App OS OS OS
Operating System Hypervisor
Hardware Hardware
Traditional Stack Virtualized Stack

25. Many Types of Virtualization
• Full virtualization
• Hardware-assisted virtualization (IBM S/370, Intel VT, or AMD-V)
• Para-virtualization
• Operating System virtualization

26. Modern OS Virtualization
• Hardware-assisted virtualization is a key technological enabler for Cloud
Computing
– Provides complete isolation on commodity (low-cost) platforms
– Enables multiplexing of many users onto single server
• Key contribution is minimal performance overhead (few percent) versus
non-virtualized
– However, high I/O applications incur many VM traps (high CPU
overhead), limiting scalability and efficiency
• Challenge: true performance isolation for multiple applications
– Many dimensions! (more in research discussion)

27. Enterprise Software Revolution
Software as a Service (SaaS)
• SaaS is hosting applications on the Internet as a service (both
consumer and enterprise)
• Jon Williams, CTO of Kaplan Test Prep on SaaS
– “I love the fact that I don't need to deal with
servers, staging, version maintenance, security, performance”
• Eric Knorr with Computerworld says that “*there is an+ increasing
desperation on the part of IT to minimize application deployment and
maintenance hassles”
27

28. Three Features of
Mature SaaS Applications
• Scalable
– Handle growing amounts of work in a graceful manner
• Multi-tenancy
– One application instance may be serving hundreds of companies
– Opposite of multi-instance where each customer is provisioned their
own server running one instance
• Metadata driven configurability
– Instead of customizing the application for a customer (requiring code
changes), one allows the user to configure the application through
metadata
28 28

29. SaaS Maturity Levels
• Level 1: Ad-Hoc/Custom
• Level 2: Configurable
• Level 3:
Configurable, Multi-
Tenant-Efficient
• Level 4:
Scalable, Configurable, Mu
lti-Tenant-Efficient
29 29
Source: Microsoft MSDN Architecture Center

30. Examples of Companies offering SaaS
There are dozens of companies offering SaaS.
•Intuit QuickBooks
•conventional application for tracking business accounting. With the
addition of QuickBooks online, accounting has moved to the cloud.
•Google Apps
•suite of applications that includes Gmail webmail services, Google
Calendar shared calendaring, Google Talk instant messaging and Voice
over IP

31. QUESTIONS
1. What is cloud computing?
2. What are the differences between grid, virtualization and
cloud computing.
31

32. Foundational Elements of Cloud Computing
Objective: To learn about the Technological enablers and Economic
enablers of cloud computing
32

33. Foundational Elements
of Cloud Computing
Primary Technologies Other Technologies
• Virtualization • Autonomic Systems
• Grid technology • Web application frameworks
• Service Oriented Architectures • Service Level Agreements
• Distributed Computing
• Broadband Networks
• Browser as a platform
• Free and Open Source Software
33

34. Service Level Agreements (SLAs)
• Contract between customers and service providers of the level of service to
be provided
• Contains performance metrics (e.g., uptime, throughput, response time)
• Problem management details
• Documented security capabilities
• Contains penalties for non-performance
34

35. Autonomic System Computing
• Complex computing systems that manage themselves
• Decreased need for human administrators to perform lower level tasks
• Autonomic properties: Purposeful, Automatic, Adaptive, Aware
• IBM’s 4 properties: self-healing, self-configuration, self-optimization, and
self-protection
IT labor costs are 18 times that of equipment costs.
The number of computers is growing at 38% each year.
35

36. Platform Virtualization
• Host operating system provides an abstraction layer for running virtual
guest OSs
• Key is the “hypervisor” or “virtual machine monitor”
– Enables guest OSs to run in isolation of other OSs
– Run multiple types of OSs
• Increases utilization of physical servers
• Enables portability of virtual servers between physical servers
• Increases security of physical host server
36

37. Web Services
• Web Services
– Self-describing and stateless modules that perform discrete units of
work and are available over the network
– “Web service providers offer APIs that enable developers to exploit
functionality over the Internet, rather than delivering full-blown
applications.” – Info world
– Standards based interfaces (WS-I Basic Profile)
• e.g., SOAP, WSDL, WS-Security
• Enabling state: WS-Transaction, Choreography
– Many loosely coupled interacting modules form a single logical system
(e.g., legos)
37 37

38. Service Oriented Architectures
• Service Oriented Architectures
– Model for using web services
• service requestors, service registry, service providers
– Use of web services to compose complex, customizable, distributed
applications
– Encapsulate legacy applications
– Organize stove piped applications into collective integrated services
– Interoperability and extensibility
38

39. Web application frameworks
• Coding frameworks for enabling dynamic web sites
– Streamline web and DB related programming operations (e.g., web services
support)
– Creation of Web 2.0 applications
• Supported by most major software languages
• Example capabilities
– Separation of business logic from the user interface (e.g., Model-view-
controller architecture)
– Authentication, Authorization, and Role Based Access Control (RBAC)
– Unified APIs for SQL DB interactions
– Session management
– URL mapping
• Wikipedia maintains a list of web application frameworks
39

40. Free and Open Source Software
• External ‘mega-clouds’ must focus on using their massive scale to reduce
costs
• Usually use free software
– Proven adequate for cloud deployments
– Open source
– Owned by provider
• Need to keep per server cost low
– Simple commodity hardware
• Handle failures in software
40

41. Public Statistics on Cloud Economics
41

42. Cost of Traditional Data Centers
• 11.8 million servers in data centers
• Servers are used at only 15% of their capacity
• 800 billion dollars spent yearly on purchasing and maintaining enterprise
software
• 80% of enterprise software expenditure is on installation and maintenance
of software
• Data centers typically consume up to 100 times more per square foot than a
typical office building
• Average power consumption per server quadrupled from 2001 to 2006.
• Number of servers doubled from 2001 to 2006
42

43. Energy Conservation and Data Centers
• Standard 9000 square foot costs $21.3 million to build with $1 million in
electricity costs/year
• Data centers consume 1.5% of our Nation’s electricity (EPA)
– .6% worldwide in 2000 and 1% in 2005
• Green technologies can reduce energy costs by 50%
• IT produces 2% of global carbon dioxide emissions
43

44. Cloud Economics
• Estimates vary widely on possible cost savings
• “If you move your data Centre to a cloud provider, it will cost a tenth of the
cost.” – Brian Gammage, Gartner Fellow
• Use of cloud applications can reduce costs from 50% to 90% - CTO of
Washington D.C.
• IT resource subscription pilot saw 28% cost savings - Alchemy Plus cloud
(backing from Microsoft)
• Preferred Hotel
– Traditional: $210k server refresh and $10k/month
– Cloud: $10k implementation and $16k/month
44

45. 2. Principles of
Cloud Computing

46. 2.1
THE CONCEPT OF CLOUD
COMPUTING

47. Overview
47

48. Cloud Computing: Examples
• Examples
– webmail, web based office tools
– customer relation management tools (CRM), backup
services
– drop box, slide share, Wikispaces, social media
– online games

49. What is Cloud Computing
“Clouds are a large pool of easily usable and accessible virtualized resources
(such as hardware, development platforms and/or services).
These resources can be dynamically reconfigured to adjust to a variable load
(scale), allowing also for an optimum resource utilization.
This pool of resources is typically exploited by a pay-per-use model in which
guarantees are offered by the Infrastructure Provider by means of customized
SLAs.”
(ACM, Association of Computing Machinery)

50. Key notions in Cloud Computing
• Service based
• Uses internet technologies
• Scalable and elastic
• Shared
• Metered by use
• Virtualized resources
“Cloud computing is not a product you buy. It’s not a SKU. It’s not
a technology. It’s an IT delivery model.”
(Mike Martin, Director of Cloud Computing for Logicalis)

51. Virtualization
It does not matter where hardware, applications
or data is located in the cloud, as long as we can
access and use it.

52. Key Features of Virtualization
• Flexibility
• Deployability
• Elasticity
• Centralization of resources
• Memory and processor requirements
• Failover capabilities
• Features continue to emerge

53. The Cloud and Collaboration
• Reach extender
– to suppliers and customers
• Communication enabler, enhancing communication with:
– suppliers
– customers
– employees
• Employee enabler
– less travel time
– virtual office access
– just-in-time access

54. Public, Private and Hybrid Clouds

55. 2.2
THE EVOLUTION OF
CLOUD COMPUTING

56. Overview

57. Standalone Mainframes
Benefits Limitations
• Dedicated Hardware for • Limited memory
single tasks • Limited storage
• Multitasking and time- • Expensive
sharing • Difficult deployment
• Early virtualization and
multi-processing

58. Communication Systems
Two forms Uses
• Dedicated leased line • Time sharing services
• Dial-up • Multitasking operating
systems
• Dumb tubes
• Communication controllers
• Remote terminal access
• Remote Job Entry

59. Minicomputers
• Smaller
• Less expensive
• Multi-user
• Mulri-tasking
• Proprietary and
‘standard’ operating
systems (UNIX)
• Expanded
communication
(including LANs)

60. Local Area Networking

61. Microcomputers
• Even smaller
• Single user
• Rudimentary operating
system
• Limited memory and
storage

62. Internet
• Initial goals
– Reliable communication
• Even in the event of partial equipment or network failure
– Connectivity
• With different types of computer and operating systems
– Cooperative effort
• Not a monopoly
• International, world-wide network

63. Virtualization
• Virtualization is not a new concept
• Around since the 1970s in mainframe environments
Example: 1972 IBM VM/370

64. The Cloud

65. Internet Vision
“As of now, computer networks are still in their infancy. But as they
grow up and become more sophisticated, we will probably see the
spread of computer utilities which, like present electric and telephone
utilities, will service individual homes and offices across the country’’
Leonard Kleinrock, 1969

66. Managed Services Provider Model
to Cloud Computing and SaaS
Early managed networks Evolution
• Frame Relay • High-speed
• ATM • High-bandwidth internet
• Proprietary protocols • Standard protocols
• Standard services

67. What’s Next in Cloud Computing?
• The cloud may never mature
• Thin client based access
• General purpose applications in the cloud

68. 2.3
CLOUD COMPUTING
ARCHITECTURES

69. Overview

70. Cloud Computing Architecture

71. Single Purpose Architectures Migrate to
Multipurpose Architectures
Single-purpose Multipurpose
• Mainframe • Any application on any
• General applications server
• Time-sharing • Interface to large storage
• Airline reservations • Interface to large
computers

72. Service-Oriented Architectures
• Single service functions
• Services loosely coupled
• Services can be used by different applications

73. Cloud Services
Cloud service offerings:
– CaaS
(Communication-as-a-Service)
– SaaS
(Software-as-a-Service)
– PaaS
(Platform-as-a-Service)
– IaaS
(Infrastructure-as-a Service)
– MaaS
(Monitoring-as-a-Service)

74. Communication-as-a-Service
• Offsite communications
service provider
• Voice over IP
• Instant messaging
• Video teleconferencing

75. Software-as-a-Service
• Software hosted offsite • Little or no change to
• As-is software package application
• Vendor has high • User has little flexibility
knowledgeable level • User locked into
• Mash-up or plug-in vendor
• External software used
with internal
applications (hybrid
cloud)

76. Platform-as-a-Service
• Remote application
development
• Remote application
support
• Portability among
vendors
• Lower cost of
development

77. Infrastructure-as-a-Service
• Hardware service
providers (HaaS)
• Rent what you need
• Servers
• Network equipment
• (Virtual) CPU
availability
• Storage
• Hosting companies

78. Monitoring-as-a-Service
• External monitoring
services
• Servers
• Disk utilization
• Applications
• Networking
• Specialized skill set

79. Tiered Architecture

80. Server Virtualization Architectures
• The Hypervisor
• Virtualization as the Operating System
• Virtualization with a host Operating System

81. The Hypervisor
• AKA: Virtual Machine Monitor (VMM)
• The foundation of virtualization
• Interfaces with hardware
– Replace the operating system
– Intercept system calls
– Operate with the operating system
– Hardware isolation
– Multi-environment protection

82. Virtualization as the ‘Operating System’
Application Application Application
Programs Programs Programs
Guest Operating Guest Operating Guest Operating
System System System
Hypervisor
Virtual Operating Environment
Hardware
Type 1 Hypervisors are seen as the principle operating system.

83. Virtualization with a Host Operating System
Application Application Application
Programs Programs Programs
Guest Operating Guest Operating Guest Operating
System System System
Hypervisor
Virtualization Layer
Host Operating System
Hardware

84. Data Center Architecture for Cloud
• Communications capacity
• Public Internet
• Private Intranet & Private Cloud
• Routing to the
datacenter
• Moving data within
the local datacenter
• Bandwidth
• Security

85. 2.4
BENEFITS AND LIMITATIONS
OF CLOUD COMPUTING

86. Overview

87. Cloud Computing Benefits
• Reduced Costs
• Increased storage
• Highly automated
• Flexibility
• More mobility
• Allows IT to shift focus
• Going Green
• Keeping things up to date

88. Cloud Computing Limitations
• Security
– Is data adequately protected?
– Is it hacker proofed?
• Data location and privacy
– Where is it stored?
– Regulatory concerns
• Internet dependency
– Bandwidth and latency
• Availability and service levels
– SLA requirements
• Enterprise application migration

89. Exercises – Quiz
1. Which of the following is not a cloud deployment model?
a) Private
b) Protected
c) Public
d) Hybrid
e) Community
2. Which of the following is not an essential characteristic of
cloud computing?
a) Free
b) Scalable
c) Virtualized
d) On demand
e) Metered

90. Exercises – Quiz
3. Which of the following is not a cloud architecture?
a) IaaS
b) PaaS
c) HaaS
d) SaaS
4. Which of the following is a benefit of using cloud computing?
a) Security
b) Availability
c) Compliance
d) Bandwidth guarantees
e) Reduced costs

91. Exercises – Quiz
5. In this model, formerly known as hardware as a service
(HaaS), an organization outsources business components such
as servers, storage and networking equipment. What is it?
a) Infrastructure as a Service (IaaS)
b) Platform-as-a-Service (PaaS)
c) Software-as-a-Service (SaaS)
d) None of the above
6. Infrastructure as a Service (IaaS) provides:
a) Servers
b) Storage
c) Network equipment
d) All the above

92. Exercises – Quiz
7. What is Cloud Computing replacing?
a) Corporate data centers
b) Expensive personal computer hardware
c) Expensive software upgrades
d) All of the above
8. The hypervisor is also know as
a) Virtual Machine Monitor
b) Middleware
c) Both of the above
d) None of the above
9. The "Cloud" in cloud computing represents what?
a) Wireless
b) Hard drives
c) People
d) Internet

93. Cloud Computing Security
Objective : to learn about the security risks and advantages of the cloud
93

94. Security is the Major Issue
94

95. Cloud Security Challenges
• Data dispersal and international privacy laws
• EU Data Protection Directive and U.S. Safe Harbor program
• Exposure of data to foreign government and data subpoenas
• Data retention issues
• Need for isolation management
• Multi-tenancy
• Logging challenges
• Data ownership issues
• Quality of service guarantees
• Dependence on secure hypervisors
95

96. Cloud Security Challenges ..
• Attraction to hackers (high value target)
• Security of virtual OSs in the cloud
• Possibility for massive outages
• Encryption needs for cloud computing
• Encrypting access to the cloud resource control interface
• Encrypting administrative access to OS instances
• Encrypting access to applications
• Encrypting application data at rest
• Public cloud vs. internal cloud security
• Lack of public SaaS version control

97. Cloud Security Advantages
• Data Fragmentation and Dispersal
• Dedicated Security Team
• Greater Investment in Security Infrastructure
• Fault Tolerance and Reliability
• Greater Resiliency
• Hypervisor Protection Against Network Attacks
• Possible Reduction of C&A Activities (Access to Pre-Accredited Clouds)
97

98. Cloud Security Advantages..
• Simplification of Compliance Analysis
• Data Held by Unbiased Party (cloud vendor assertion)
• Low-Cost Disaster Recovery and Data Storage Solutions
• On-Demand Security Controls
• Real-Time Detection of System Tampering
• Rapid Re-Constitution of Services
• Advanced Honeynet Capabilities
98

99. Security Relevant Cloud Components
• Cloud Provisioning Services
• Cloud Data Storage Services

100. Security Relevant Cloud Components..
• Cloud Processing Infrastructure
• Cloud Support Services
• Cloud Network and Perimeter Security
Elastic Elements: Storage, Processing, and Virtual Networks
100

101. Additional Issues
• Issues with moving PII and sensitive data to the cloud
– Privacy impact assessments
• Using SLAs to obtain cloud security
– Suggested requirements for cloud SLAs
– Issues with cloud forensics
• Contingency planning and disaster recovery for cloud implementations
• Handling compliance
– FISMA
– HIPAA
– SOX
– PCI
– SAS 70 Audits
101

102. Comparisons

103. Examples of cloud advantage
• Social networking systems will evolve into collaborative management
systems.
• Homesourcing becomes mainstream.
• Corporate processes become decentralized.
• Smart phones evolve with cloud apps
• access to wireless broadband.
• productivity apps over the cloud for corporate use.

104. The Business Case for Going to the Cloud -
Examples
•Eli Lilly and Company is one company that has moved to Amazon EC2 as
part of their IT operations.

105. Secure Migration Paths
for Cloud Computing
Objective:
The reasons ‘Why’ migration to cloud is a good idea
and ‘How’ to implement secure Cloud Migration
105

106. Balancing Threat Exposure and Cost
Effectiveness
• Private clouds may have less threat exposure than community clouds
which have less threat exposure than public clouds.
• Massive public clouds may be more cost effective than large community
clouds which may be more cost effective than small private clouds.
106

107. Cloud Migration and Cloud Security
Architectures
• Clouds typically have a single security architecture but have many
customers with different demands
– Clouds should attempt to provide configurable security mechanisms
• Organizations have more control over the security architecture of private
clouds followed by community and then public
– This doesn’t say anything about actual security
• Higher sensitivity data is likely to be processed on clouds where
organizations have control over the security model
107

108. Migration Paths for Cloud Adoption
• Use public clouds
• Develop private clouds
– Build a private cloud
– Procure an outsourced private cloud
– Migrate data centers to be private clouds (fully virtualized)
• Build or procure community clouds
– Organization wide SaaS
– PaaS and IaaS
– Disaster recovery for private clouds
• Use hybrid-cloud technology
– Workload portability between clouds
108

109. Migration standards
Cloud Standards Mission: Provide guidance to industry and government
for the creation and management of relevant cloud computing standards
allowing all parties to gain the maximum value from cloud computing

110. NIST and Standards
• NIST wants to promote cloud standards:
– We want to propose roadmaps for needed standards
– We want to act as catalysts to help industry formulate their own
standards
• Opportunities for service, software, and hardware providers
– We want to promote government and industry adoption of cloud
standards
110
11

111. Goal of NIST Cloud Standards Effort
• Fungible clouds
– (mutual substitution of services)
– Data and customer application portability
– Common interfaces, semantics, programming models
– Federated security services
– Vendors compete on effective implementations
• Enable and foster value add on services
– Advanced technology
– Vendors compete on innovative capabilities
111

112. A Model for Standardization
and Proprietary Implementation
• Advanced features
Proprietary Value
Add Functionality
• Core features
Standardized Core
Cloud Capabilities
112

113. Proposed Result
• Cloud customers knowingly choose the correct mix for their organization of
– standard portable features
– proprietary advanced capabilities
113

114. A proposal: A NIST Cloud
Standards Roadmap
• We need to define minimal standards
– Enable secure cloud integration, application portability, and data
portability
– Avoid over specification that will inhibit innovation
– Separately addresses different cloud models
114
11

115. Towards the Creation of a Roadmap (I)
• Thoughts on standards:
– Usually more service lock-in as you move up the SPI stack (IaaS->PaaS->SaaS)
– IaaS is a natural transition point from traditional enterprise datacenters
• Base service is typically computation, storage, and networking
– The virtual machine is the best focal point for fungibility
– Security and data privacy concerns are the two critical barriers to adopting
cloud computing
115

116. Towards the Creation of a Roadmap (II)
• Result:
– Focus on an overall IaaS standards roadmap as a first major deliverable
– Research PaaS and SaaS roadmaps as we move forward
– Provide visibility, encourage collaboration in addressing these standards
as soon as possible
– Identify common needs for security and data privacy standards across
IaaS, PaaS, SaaS
116

117. A Roadmap for IaaS
• Needed standards
– VM image distribution (e.g., DMTF OVF)
– VM provisioning and control (e.g., EC2 API)
– Inter-cloud VM exchange (e.g., ??)
– Persistent storage (e.g., Azure Storage, S3, EBS, GFS, Atmos)
– VM SLAs (e.g., ??) – machine readable
• uptime, resource guarantees, storage redundancy
– Secure VM configuration (e.g., SCAP)
117

118. A Roadmap for PaaS and SaaS
• More difficult due to proprietary nature
• A future focus for NIST
• Standards for PaaS could specify
– Supported programming languages
– APIs for cloud services
• Standards for SaaS could specify
– SaaS-specific authentication / authorization
– Formats for data import and export (e.g., XML schemas)
– Separate standards may be needed for each application space
118

119. Security and Data Privacy Across
IaaS, PaaS, SaaS
• Many existing standards
• Identity and Access Management (IAM)
– IdM federation (SAML, WS-Federation, Liberty ID-FF)
– Strong authentication standards (HOTP, OCRA, TOTP)
– Entitlement management (XACML)
• Data Encryption (at-rest, in-flight), Key Management
– PKI, PKCS, KEYPROV (CT-KIP, DSKPP), EKMI
• Records and Information Management (ISO 15489)
• E-discovery (EDRM)
119

120. 3. Using the Cloud

121. Overview

122. 3.1
ACCESSING THE CLOUD

123. Overview

124. Web Browsers

125. Web Applications
Applications Issues
• Google Gmail • Security
• Yahoo Mail • Interoperability
• Twitter • Bandwidth
• Zimbra • Latency
• Salesforce • Design
• Dropbox
• Skype
•…

126. Cloud Access Architecture
• Client software for emulation
• Networking protocol with security features
• Server software to intercept and interpret client requests
• Keyboard access
• Mouse access
• Peripheral device support
– Sound
– Printing
– Others

127. Thin Clients
• What makes them thin?
• Network connectivity (wired and wireless)
• No moving parts (possibly a fan)
• Keyboard, monitor, and USB connections
• Sound card
• Embedded terminal services client
– RDP, VNC, etc.
• Green features: Small footprint
– Low heat; Low power consumption
(starting at 6 Watt)
– Low disk space

128. 3.2
MOBILITY IN THE CLOUD

129. Overview

130. Smartphones

131. Collaboration Applications for Mobile platforms
• Text messaging
• iPhone applications
• BlackBerry applications
• Android applications

132. Text Messaging
• Universal communication path, two forms:
– SMS
– MMS
• Communicate:
– Phone to phone
– Computer to phone
• Hidden costs:
– Loss of productivity
– Loss of security
– Loss of safety

133. Basic Mobile Application Issues
• Limited landscape
• Security
– Data security on the phone
– Phone access protection
– Eavesdropping or shoulder surfing
– Must have application enforced encryption
– WAP gap
• Similar but not always equal
• Usefulness vs. fun to have

134. Location Independence
• Don’t care where it is, as long as we can get to it
• Depends on
– Network
– Security
– Vendor or internal IT
– Application meeting needs
• Location independence promotes
an environment that is
– Flexible
– Fail-save
– Fail-soft

135. Exercises – Quiz
1. Example of Web application is
a) Google mail
b) Twitter
c) Skype
d) All the above
2. Platform as a service is
a) Google App engine
b) Salesforce CRM
c) Rackspace servers
d) Google mail
3. Which of these companies is not a leader in cloud computing?
a) Google
b) Amazon
c) Blackboard
d) Microsoft

136. Exercises – Quiz
4. Which is not a major cloud computing platform?
a) Google 101
b) IBM Deep blue
c) Microsoft Azure
d) Amazon EC2
5. Which one of these is not a key notion in cloud computing?
a) Free
b) Service based
c) Scalable
d) shared
e) Virtualized resources
6. Which of these is not a major type of cloud computing usage?
a) Hardware as a Service
b) Platform as a Service
c) Software as a Service
d) Infrastructure as a Service

137. Exercises – Quiz
7. An Internet connection is necessary for cloud computing interaction.
a) True
b) False
8. Mobile platforms are supporting
a) Iphone applications
b) Blackberry applications
c) Android applications
d) All the above
9. What enables Thin Clients to work?
a) Network connectivity
b) Keyboard
c) USB connections
d) All the above

138. Exercises – Quiz
10. Location independence promotes an environment that is
a) Flexible
b) Fail-save
c) Fail-soft
d) All the above

139. 4. Security and Identity Management

140. Overview

141. 4.1
SECURITY AND THE CLOUD

142. Overview

143. Confidentiality, Integrity and Availability
• Confidentiality
– No unauthorized access
– Privacy and data protection
– Encryption
– Physical security
• Integrity
– Information is accurate and authentic
• Availability
– When needed, where needed by authorized users
– 5 nines standard: 99.999%

144. Authentication, Authorization and Accountability
• Authentication
– Authorized user?
– Prove identity with something you
• Know (password)
• Have (RSA token device)
• Are (fingerprint or retina scan)
• Authorization
– What can an authorized person do?
• Accountability
– Audit access and applications
– Review logs periodically

145. Virus Infections on Virtualized Environments
Virus infections on
• Type 1 virtualized
environment
• Type 2 virtualized
environment
• Client Operating System

146. Virus Infections on Type 1 Virtualized Environments
• Viruses invade below the hypervisor layer
• Viruses intercept and react with hypervisor request to hardware
Application Application Application
Programs Programs Programs
Guest Operating Guest Operating Guest Operating
System System System
Hypervisor
Virtual Operating Environment
Virus
Hardware

147. Virus Infections on Type 2 Virtualized Environments
• Viruses infect host OS below the hypervisor layer
• Viruses intercept an react with hypervisor requests to hardware
Application Application Application
Programs Programs Programs
Guest Operating Guest Operating Guest Operating
System System System
Hypervisor
Virtualization Layer
Virus
Host Operating System
Hardware

148. Client Operating System Virus Infections
• Viruses infect Guest OS
• Need Antivirus software
on each guest
• Benefits:
– Guests are separated
from each other
– No impact to hypervisor
– No impact to host OS

149. 4.2
IDENTITY MANAGEMENT

150. Overview

151. Cloud-based Identity Management
• Federation Management
• Using multi-system identity information for a ‘global’, single-sign-
on environment
• Based on trust relationships
• Often standards-based
– Ensure compliance
– Allows interoperability

152. Federation: Example
One federated or trusted login is
sufficient for all three parties in
this example: each trust the
other to identify the user.

153. Federation: Implementation
• Information card components:
– Subject is identity holder
– Digital identities are issued for subject by identity providers
– Relying parties accept identity
– Similar to a personal digital credit card
• Using a PKI and Digital Certificate
• Microsoft CardSpace
– More flexible than username and password
– Consistent user experience
• OpenID
– Emerging

154. Federation Levels
• Permissive: no verification
• Verified: DNS and domain keys verified
– Not encrypted
– DNS poison
• Encrypted: TLS and digital certificates
– Certificates may be self-signed
– Weak identity verification
• Trusted: TLS and digital certificates from root CA
– Encrypted
– Strong authentication

155. Presence in the Cloud
• Individual presence: Foundation for Information Management
– Are you here?
– Are you logged in?
– Are you busy?
• Hardware services
– Hardware type
– Hardware feature
• Location: GPS
• Pub-Sub: Publish and Subscribe
– Facebook has friends and fans
– IM has buddies

156. Leveraging Presence
• Subscribe from anywhere
• Publish from anywhere
• Wide range of options
• Many development possibilities

157. Presence Protocols
• IMPS
– Cell phones
• SIP
– Subscribe
– Notify
• SIMPLE
– Messaging
• XMPP
– XML based

158. Presence Enabled
• Instant Messaging (IM)
• Soft Phone
• Hard Phone
• Web page logins

159. The Future of Presence
• Continual development
• Location Centric Cloud Services
– Access based on where you are
– Service depending on where you are
• Using standards for full integration

160. The interrelation of Identity, Presence and Location
• Digital Identity
– Traits
– Attributes
– Preferences
• Digital identity, presence and location determine available
services and capabilities

161. Identity Management Solutions
• Claim-based solutions
• Identity-as-a-Service (IDaaS)
• Compliance-as-a-Service (CaaS)

162. Claim-based Solutions
• Method to introduce a
claim to a resource
• Recall previous
information on a claim
• Extended to include
multiple point of truth
– Active Directory controller
for a domain is single point
of truth for a domain
– Federated identity is
multiple points of truth
• Hotel
• Airline
• Rental Car

163. Identity-as-a-Service
• Provider based identity services
• SSO for web
• Strong authentication
• Across boundary federation
• Audit and compliance

164. Compliance-as-a-Service
• Regulatory compliance
• Difficult to establish audit compliance in third-party contracts
• New service possibilities:
– Multi-regulation compliance verification
– Continuous audit
– Threat intelligence

165. Privacy
• Confidentiality of personal information is paramount
• Must comply with laws and regulations
– HIPAA
– GLBA
– EU, Canadian, Australian, … privacy statutes/acts
• Clouds are international in nature, making privacy issues difficult

166. Personal Identifiable Information (PII)
• Forms of identification
• Contact information
• Financial information
• Health care information
• Online activity
• Occupational information
• Demographic information

167. Privacy Related Issues
• Notice: The user is given a privacy notice
• Choice: The user can choose which information to enter
• Consent: The use accept terms and conditions
The user should be informed about:
– Use: What is the intended use of information?
– Access: Who will have access?
– Retention: How long is the information stored?
– Disposal: When and how will the information be disposed?
– Security: How is security provided?

168. International Privacy
• European Union
– EU Data Protection Directive (1998)
– EU Internet Privacy Law (DIRECTIVE 2002/58/EC, 2002)
– Laws an privacy standards of the member states
• Japan
– Personal Information Protection Law
– Law for Protection of Computer Processed Data Held by
Administrative Organs (1988)
• Canada
– Privacy Act (1983)
– PIPEDA (Bill C-6)

169. Safeguards
• Effective Access Control and Audit
– Single Sign On (SSO)
– Strong authentication
– Audit log
• Secure Storage
– Encryption
– Integrity
• Secure Network Infrastructure
– Encryption protocols
– Integrity protocols

170. Exercises – Quiz
1. Which of these should a company consider before implementing cloud computing
technology?
a) Employee satisfaction
b) Potential cost reduction
c) Information sensitivity
d) All of the above
2. What is the most important drawback of cloud computing?
a) Compliance
b) Regulation
c) Security
d) Availability
3. The CIA triangle is made up of
a) Correctness, Integrity and Availability
b) Confidentiality, Integrity and Availability
c) Confidentiality, Infrastructure and Availability
d) Confidentiality, Integrity and Authentication

171. Exercises – Quiz
4. The CIA triangle is implemented using
a) Encryption
b) Access control lists
c) Auditing
d) All the above
5. Which of the following is true about viruses
a) Viruses invade below the hypervisor layer
b) Viruses intercept and react with hypervisor request to hardware
c) Viruses infect Guest OS
d) All the above
6. Federation is implemented using
a) PKI and Digital certificate
b) Biometric login
c) Username and password
d) None of the above

172. Exercises – Quiz
7. Which of the following is not a federation level?
a) Verified
b) Signed
c) Encrypted
d) Trusted
8. Which of the following is not an Identity Management Solutions
a) Claim-based solutions
b) Presence as a Service
c) Identity-as-a-Service (IDaaS)
d) Compliance-as-a-Service (CaaS)
9. Which of the following standards is not used for handling security and compliance
a) FISMA
b) HIPAA
c) X.800 standard
d) SAS 70 Audits

173. Exercises – Quiz
10. Cloud computing has the following advantage over in-house computing
a) Requires little or no capital investment
b) No need to deploy backup and disaster recovery
c) Does not require IT staff to attend to servers, applications etc.
d) All the above

174. 5. Implementing and Managing Cloud Computing

175. Overview

176. 5.1
BUILDING LOCAL CLOUD
NETWORKS

177. Overview

178. Local Database Center-based Cloud
• Standards based
• Independent components
• Message based
• Location independence
• Seamless replication across sites
• Seamless disaster recovery across sites

179. Independent Components

180. Message Base
• Assures consistency and portability between components
• Uses messaging protocols
– Object Oriented: SOAP, JSON, REST
– Support Websites: HTTP and HTML
– E-mail: SMTP, POP3, IMAP
• Requires middleware for message protocol conversion

181. Communications Capacity
• Requires plenty of bandwidth
– Difficult to measure without detailed analysis
• Measuring network utilization:
– Transaction-based
– Process-based
– Application-based

182. Private Intranet and Private Cloud
• Under control of the own organization
– Your own infrastructure
– Engineered to your needs
• Cost factors
– Hardware
– Circuits
– Global reach
– Engineering
– On going support
– Outages
• Internal Security

183. Routing to the Data Center
• Sufficient routing hardware
• Sufficient circuits
• High bandwidth
• Low latency
• Advanced routing processes such as MPLS
• Quality of Service
• Data vs. Voice

184. Moving Data within the Local Data Center
• High-speed internal circuits
• VLAN for traffic isolation and security
• Campus area networks
• Wide area Ethernet
• Wireless
• Internal security

185. Storage Capacity
• Exactly how much do you need?
• How much can you afford?
• What features do you need?
– Speed vs. capacity
– Green is great
– Lower cost options
• SAS
• SATA
• Virtual (networked) disk

186. Network Attached Storage
• Disk storage used to store file-based records such as:
– Documents
– Pictures
– Scanned images
• Server software simplified
• Disk access and security
• Multiple access methods:
– CIFS (Windows)
– NFS (Unix)

187. Multi-site
• Multiple sites assists with disaster recovery and avoidance
– Multiple access routes
– Streamline user pathways

188. Monitoring
• Monitoring disk usage and performance
• Build baseline and trend analysis
• Expand as needed
• Consider physical plant requirements
– Electrical
• UPS
• Generator
– HVAC
– Floor space

189. Server Software Environments
That Support Cloud Computing
• Server capacity
• Virtualization
• Clustering and High Availability (HA)
• Expansion
• Server functions

190. Server Capacity
• Services being provided
– Applications
– Processes
• Speed and features
– Processors: SMP vs. Cores
– Memory
– Local disk and Network disk
• Vendor support

191. Cloud Applications

192. Open Source Software in Data Centers
• Cost reduction vs. reliability
• Not necessarily for free
– Free based support
– Hidden costs
• Server software
– Apache
– Jetty
– Zend
• Databases
– MySQL
– postgresSQL

193. Establishing a Baseline for Cloud Performance
• Connection speed
• Datastore (delete and read times)
• Deployment latency
• Lag time

194. Connection Speed
• If the network is fast, the cloud succeeds
• Bandwidth: Measure of network throughput
– bps/Bps: bits/Bytes per second
– Rating: network capacity or throughput?
– 54Mbps wireless is really 22 Mbps
• Latency: Delay
– Firewalls, routers, servers
– Congestion factors

195. Public Internet
• Using the public internet can be risky:
– Target of DDOS
– Recent attacks show vulnerabilities
– No way to regulate bandwidth consumption
– Now way to regulate bandwidth availability
– Criticality vs. cost
– External security

196. Data Protection and Partitioning
Brewer Nash Fibre Channel
Security Model Security
• Information barriers • Zoning
• Eliminating conflict of • LUN Masking
interest
Protection across operating systems and virtual servers

197. 5.2
SUPPORTING THE USE OF
CLOUD COMPUTING

198. Overview

199. Virtual Private Network
• Remote access gives participant full network use
• Tunnel mode
– Transparent connection, clients not aware of tunnel
– All traffic encrypted
• Transport mode
– Requires use of VPN client software
– IP addresses not encrypted
• Security risks in both modes

200. Content Management Systems
• Collaboration tool
• Allows large number of people to share stored data
• Controls access to data, based on user roles
• Aids in easy storage and retrieval of data
• Reduces repetitive duplicate input
• Improves the ease of report writing
• Improves communication between users

201. Scripting Languages

202. Content Formatting Languages
HTML XML JSON

203. Backup and Recovery
Backup Recovery
• Short term and • Frequent planned
archival storage exercises
• Compliance • Master the process!
• May use replication
locations

204. Disaster Recovery Solutions
Methods Coverage Solutions
• Multi-site locations • Failover
• Long distance
‘clustering’ • Fail-safe
• Specialized
software and • Fail-soft
dedicated ‘pipes’

205. 5.3
STANDARDS IN CLOUD
COMPUTING

206. Overview

207. Standards and Best Practices
Information Management
– COBIT, ISO/IEC 38500
– BiSL
Service Management
– ITIL
– ISO/IEC 20000
Security Management
– ISO/IEC 27001
Application Management
– ASL
Technical Standards
– IEEE, OSI, ISO/IEC

208. The Case for Standards
Common
ground
Multiple
General
Standards providers and
accepted
provide multiple
practices
applications
Portability

209. Using Industry and International Standards
• Standards assist in
– Portability
– Uniformity
• Standards organizations are not standard
– IEEE and others for physical networks
– ISO and IETF for logical networking
– Consortia and others for applications and middleware
– ISO and others for management and security
• Commonality of standards regardless of source

210. Open Cloud Consortium
• Supports the development of standards and interoperability
frameworks
• Develops cloud computing benchmarks
• Supports open source reference implementations
• Manages cloud computing test beds
• Manages infrastructure to support scientific research

211. Web-based Enterprise Management
• WBEM is a set technologies
– Unifying management of computing environments
• Core set of standards
– CIM, CIM-XML, CIM Query Language
– SLP and URI mapping
• Extensible
– Facilitating the development of reusable and platform-neutral
tools and applications

212. Web Services Management
• WS-MAN specification promotes interoperability between
applications and resources
• Features:
– Discover managed devices
– Get and put information from and to managed devices
– Create and delete dynamic settings and values
– Enumerate contents
– Subscribe to generated log records
– Execute management processes

213. Distributed Management Taskforce
• Facilitates a collaborative effort within the IT industry to
develop, validate and promote standards for systems
management
• 4000 active participants from 43 countries
• 160 member companies and organizations

214. Storage Management Initiative Specification ( SMI-S)
• Solves the problem of managing standardized Storage Area
Networks (SANs)
• Allows a Web-based enterprise management system to bridge
the gap among the various vendors and provide a consistent
management capability regardless of hardware source

215. System Management Architecture
for System Hardware
• An application suite that consolidates several aspects of data
center management
• CLP provides standardized server management in the data
center
• Provides standard-based Web server management, regardless
of
– Machine state
– Operating system state
– Server system topology
– Access method

216. Standards for Application Developers
Content
formatting
Scripting
Protocols languages
standards
and
languages

217. Standards for Security in the Cloud
• Privacy regulations
– HIPAA
– GLBA
– International Privacy
• Security protocols
• International laws:
www.informationshield.com/intprivacylaws.html
•US Federal and state privacy laws and regulations:
www.informationshield.com/usprivacylaws.html

218. Health Assurance Portability and Accountability
• HIPAA
• Privacy Rule
– Allows disclosure of personal health
information when required
– Protects personal health information
– Gives patients rights
• Security Rule
– Allows implementation of the privacy Rule
– Specifies safeguards to assure CIA of
patient information
– Provides administrative, technical and
physical security controls

219. Financial Services Modernization Act
• GLBA, also known as the Financial Services Modernization Act
of 1999
• Financial Privacy Rule
– Governs information collection and disclosure
– Applies to financial and non-financial entities
• Safeguard Rule
– Receivers of financial information must protect it
– Design, implement and maintain standards
• Pre-texting protection
– Protects against deceptive information gathering practices

220. Payment Card Industry
• Goal of managing the confidential payment card information
– Debit
– Credit
– Prepaid
– E-purse
– ATM and POS
– Associated businesses
• Issue:
How to secure PCI-based information?

221. Security Protocols
SSH
SSL and TLS
IPSec
VPN
OpenID
Kerberos
PCI

222. Internet Protocol Security
• Data encryption in two modes
– Tunnel
– Transport
• ESP performs
– Authentication
– Encryption

223. OpenID
• Single credential system
• The goal
– Simplify multiple website logins
• Adopters
– Yahoo
– Google
– AOL
• OpenID Federation

224. 6. Evaluation of Cloud Computing

225. Overview

226. 6.1
THE BUSINESS CASE

227. Overview

228. Should Your Company Invest in Cloud Computing?
Does it do what we want or need? Can we adjust?
• Provide services we need
• Appropriate applications available
Can we accept? Is the move justified?
• Decision makers vs. users • Economic value
• Operational value

229. Business Benefits of Cloud Computing
• Operational
– Efficiency in: servers, workers, power,
disaster recovery, training
– Flexibility
• Economic
– Save money
– Reduce overhead
– Become ‘green’
• Staffing
– Reduce or redeploy staff

230. Operational Benefits
• Incremental investment
• Storage availability
• Automation
• Flexibility
• Increased mobility

231. More Operational Benefits
• Optimum use of staff
• Centralization and management of systems and desktops
• Archiving of systems simplified
• Disaster recovery simplified and manageable across sides

232. Deliver What You Want Quicker
• Can the cloud provide your users the resource being utilized in
the cloud faster than if the resource was hosted locally at your
company?
• What do we give up?
• What do we gain?
• Is your organization willing to compromise?

233. Economical Benefits
• Hardware:
– Buying less or less complex equipment
• Budget:
– Pay as you go
– Improved budget control
– Buy what you need when you need it
• Time-to-market
– Quicker deployment using standardized products

234. More Economical Benefits
• Little or no software installation or maintenance
• Shorter deployment time
• Worldwide availability
• SLA adherence
• Upgrades
• Make life easier on your IT staff
• More money

235. Meeting Short-term Needs
Are you going to the cloud permanent or for a short term goal?
Example
• Need to develop major software package
• Need to access to additional development hardware
• Budget restrictions exclude buying hardware
• Cloud PaaS solution is ideal:
– Acquire
– Use
– Loose

236. Staffing Benefits
• Optimum use of staff
• People fewer or better deployed
• Accomplishment
• Less stress in operational environment
• Make life easier on your IT staff

237. Cloud Implementations impact
• Power savings • Service
• Floor space savings • Wiser investment
• Network infrastructure • Security
• Maintenance reductions • Quick delivery
• Software licensing • Reduced capital expense
• Time to value • Meeting shot-term needs
• Trial period

238. Power Savings
• Reduce overall power requirements
– Limited servers and data platforms
– Simpler desktop platforms
• HVAC reduction
– Server farm
– Storage farm
– Workspace cooling and heating
• Simpler UPS and Generator needs
• Offset by cloud provider cost increase
– Virtualization and shared storage

239. Floor Space Savings
• Smaller overall footprint in the enterprise
• Displace to Cloud provider
• Reduced lease and rental costs
• Less maintenance
• Less cleaning costs

240. Maintenance Reductions
• Reduction of maintenance costs:
– Hardware
– Software
– Facility
• New maintenance costs
– Uploaded and downloaded data
– Update software if PaaS environment

241. Software Licensing
• Depending on implementation, a reduction in the number of
licenses required
• Requires analysis of demand for software
• Per seat vs. per user

242. 6.2
EVALUATING
IMPLEMENTATIONS

243. Overview

244. Wiser Investment
• Is the cloud investment smarter than in-house?
• Cost factors
• Performance factors
• Management factors
• Satisfaction factors
• Can the cloud be defended?
• Who are the stakeholders?

245. Network Infrastructure Changes
• Need high bandwidth Internet connections
• Internal infrastructure may be simplified
• Less complexity in switching and routing network

246. Reduced Capital Expense
• Reduce inventory
• Reduce taxes (some jurisdictions)
• Cost of money over time
• Recurring costs handled differently than
capital expenditures for tax and budgeting
purposes

247. Vendor Access and Support
• Does the provider support my needs?
• Is the vendor easy to work with?
• What is the vendor’s remote monitoring and management
strategy?
• Can the vendor provide references?
• Is it easy to access and update the data?
• Can you use the vendor’s dataflow processes?

248. Time to Value
• How long does it take to get value from the cloud
implementation?
OR
• How soon can I start using it to make money?
• If you need ten new servers online tomorrow, consider:
– What does it take to do it in-house
– What does it take to provision them in the cloud?

249. Trial Period
• Make sure you get a ‘try it, then buy it’ clause
• Do not commit until you are sure it works the way you want
• Especially true if you are using a new software package or new
service you have not seen before!

250. Service: what you get for the money
• What services are provided?
– Installation
– Conversion
• Are the SLA terms reasonable?
• What are the penalties?
• What type of support is provided?
• Do you have alternative or backup plan?
• Do you fully understand the offering and the expected outcome?

251. Security
• All in-house security requirements must be present in the cloud
• Regulatory and statutory requirements
• Industry accepted practices
• Privacy
• Eliminate data leakage
• Understand the internal server structures
– One tier
– Two tier
– Three tier

252. Evaluating Cloud Implementations Summary
• Power savings • Service
• Floor space savings • Wiser investment
• Network infrastructure • Security
• Maintenance • Delivers what you want
• Software licensing quicker
• Time to value • Reduced capital
• Trial period expense
• Meeting short-term
needs

253. Cloud Computing examples for migration
253

254. Google Cloud User:
City of Washington D.C.
• Vivek Kundra, CTO for the District (now OMB e-gov administrator)
• Migrating 38,000 employees to Google Apps
• Replace office software
– Gmail
– Google Docs (word processing and spreadsheets)
– Google video for business
– Google sites (intranet sites and wikis)
254

255. Case Study: Facebook’s Use of Open
Source and Commodity Hardware (8/08)
• Jonathan Heiliger, Facebook's vice president of technical operations
• 80 million users + 250,000 new users per day
• 50,000 transactions per second, 10,000+ servers
• Built on open source software
– Web and App tier: Apache, PHP, AJAX
– Middleware tier: Memcached (Open source caching)
– Data tier: MySQL (Open source DB)
255

256. Case Study:
Salesforce.com in Government
• 5,000+ Public Sector and Nonprofit Customers use Salesforce Cloud
Computing Solutions
• President Obama’s Citizen’s Briefing Book Based on Salesforce.com Ideas
application
– Concept to Live in Three Weeks
– 134,077 Registered Users
– 1.4 M Votes
– 52,015 Ideas
– Peak traffic of 149 hits per second
• US Census Bureau Uses Salesforce.com Cloud Application
– Project implemented in under 12 weeks
– 2,500+ partnership agents use Salesforce.com for 2010 decennial census
– Allows projects to scale from 200 to 2,000 users overnight to meet peak
periods with no capital expenditure 256

257. Case Study:
Salesforce.com in Government
• New Jersey Transit Wins InfoWorld 100 Award for its Cloud Computing
Project
– Use Salesforce.com to run their call center, incident
management, complaint tracking, and service portal
– 600% More Inquiries Handled
– 0 New Agents Required
– 36% Improved Response Time
• U.S. Army uses Salesforce CRM for Cloud-based Recruiting
– U.S. Army needed a new tool to track potential recruits who visited its
Army Experience Center.
– Use Salesforce.com to track all core recruitment functions and allows the
Army to save time and resources.
257