Hybrid Cloud Computing
VerifiedAdded on 2023/04/04
|11
|1827
|104
AI Summary
This document provides an overview of hybrid cloud computing and its advantages for businesses. It discusses the risks and security measures associated with hybrid cloud and provides expert recommendations for implementing hybrid cloud and microservices strategy. The document also includes information on general information security steps and controls for hybrid cloud.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: HYBRID CLOUD COMPUTING
Hybrid Cloud Computing
Name of the Student
Name of the University
Author Note
Hybrid Cloud Computing
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1HYBRID CLOUD COMPUTING
Table of Contents
Introduction:....................................................................................................................................2
Hybrid Cloud and Microservices Strategy:.....................................................................................2
Hybrid Cloud:..............................................................................................................................2
Risks:...........................................................................................................................................2
Microservices:..............................................................................................................................4
Risk:.............................................................................................................................................4
General Information Security Steps and Controls:..........................................................................5
Recommendation:........................................................................................................................6
Conclusion:......................................................................................................................................8
References:......................................................................................................................................9
Table of Contents
Introduction:....................................................................................................................................2
Hybrid Cloud and Microservices Strategy:.....................................................................................2
Hybrid Cloud:..............................................................................................................................2
Risks:...........................................................................................................................................2
Microservices:..............................................................................................................................4
Risk:.............................................................................................................................................4
General Information Security Steps and Controls:..........................................................................5
Recommendation:........................................................................................................................6
Conclusion:......................................................................................................................................8
References:......................................................................................................................................9
2HYBRID CLOUD COMPUTING
Introduction:
Cloud computing strategy is very much important in current aspects as it provides various
of business functionality to the business organization (Rittinghouse & Ransome, 2016). In this
aspect hybrid cloud computing is very much crucial for gaining various of business advantages.
DTGOV has taken the step of moving their business on Hybrid Cloud and in this report it will be
demonstrated how they can successfully achieve this.
Hybrid Cloud and Microservices Strategy:
Hybrid Cloud:
The hybrid cloud is a typical type of environment for cloud computing which comprises
different types of cloud services model which include mix model of private cloud, on premises
and third party public clouds service with orchestration between two of the platforms (Farokhi et
al., 2016). Through the hybrid cloud model workloads can be interchanged between the public
cloud and private cloud as there can some business requirement of cost changes and computing
needs. Through this technology of hybrid cloud computing businesses will be able to gain greater
flexibility and with that more data deployment options will be gained by the businesses.
It has been assessed that the hybrid type of cloud faces various of risks regarding their
operations. In the following table these risks related with the hybrid cloud will be presented and
with that possible solution for mitigating those risks will be evaluated.
Risks:
Risk Name Risk Description Possible control for the Risk
Introduction:
Cloud computing strategy is very much important in current aspects as it provides various
of business functionality to the business organization (Rittinghouse & Ransome, 2016). In this
aspect hybrid cloud computing is very much crucial for gaining various of business advantages.
DTGOV has taken the step of moving their business on Hybrid Cloud and in this report it will be
demonstrated how they can successfully achieve this.
Hybrid Cloud and Microservices Strategy:
Hybrid Cloud:
The hybrid cloud is a typical type of environment for cloud computing which comprises
different types of cloud services model which include mix model of private cloud, on premises
and third party public clouds service with orchestration between two of the platforms (Farokhi et
al., 2016). Through the hybrid cloud model workloads can be interchanged between the public
cloud and private cloud as there can some business requirement of cost changes and computing
needs. Through this technology of hybrid cloud computing businesses will be able to gain greater
flexibility and with that more data deployment options will be gained by the businesses.
It has been assessed that the hybrid type of cloud faces various of risks regarding their
operations. In the following table these risks related with the hybrid cloud will be presented and
with that possible solution for mitigating those risks will be evaluated.
Risks:
Risk Name Risk Description Possible control for the Risk
3HYBRID CLOUD COMPUTING
Lack of Encryption Due to lack of proper
encryption network
transmission becomes
vulnerable to attack of Man in
the Middle and
eavesdropping (Shabir et al.,
2016).
Reliable type of VPN and
proxy server can be used.
Also, all types of
transmission can be encrypted
using the TLS/SSL server
authentication.
Poor type of Compliance Poor compliance is also a
factor in this case.
Maintaining and
demonstrating compliance
can be problem in hybrid
model. Due diligence factor
become weak for this.
There must be a good
coordination among two
clouds for mitigating the
problem. The coordinated
cloud also needs to meet
industry standards.
Data Leakage Data leakage can occur in the
system due to the improper
security protocols of the
cloud providers (Chou, 2015).
Infrastructure malfunctions
and security breaches need to
be countered. Customer also
need to be responsible for
protecting their data.
DDoS Attack DDoS attack is performed
over the network by sending a
high amount of traffic to the
victim’s computer (Yan &
A DDoS mitigation device is
required in this case for
processing all the incoming
and outgoing traffic. Through
Lack of Encryption Due to lack of proper
encryption network
transmission becomes
vulnerable to attack of Man in
the Middle and
eavesdropping (Shabir et al.,
2016).
Reliable type of VPN and
proxy server can be used.
Also, all types of
transmission can be encrypted
using the TLS/SSL server
authentication.
Poor type of Compliance Poor compliance is also a
factor in this case.
Maintaining and
demonstrating compliance
can be problem in hybrid
model. Due diligence factor
become weak for this.
There must be a good
coordination among two
clouds for mitigating the
problem. The coordinated
cloud also needs to meet
industry standards.
Data Leakage Data leakage can occur in the
system due to the improper
security protocols of the
cloud providers (Chou, 2015).
Infrastructure malfunctions
and security breaches need to
be countered. Customer also
need to be responsible for
protecting their data.
DDoS Attack DDoS attack is performed
over the network by sending a
high amount of traffic to the
victim’s computer (Yan &
A DDoS mitigation device is
required in this case for
processing all the incoming
and outgoing traffic. Through
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4HYBRID CLOUD COMPUTING
Yu, 2015). this all the fake network
traffic can be blocked easily.
Poorly Defined SLAs Due to this risk factor
customer fails to govern their
own sets of data and for that
customers are forced to rely
on the service providers for
proper data security within
the public sector.
Here perfect clarification is
needed for the access
protections and permission
and with that service level
agreement need to be defined
very well. Clear detail is
required for the reasonable
expectation of service.
Microservices:
In this context, the microservice is also very important for the businesses. The
microservice is considered as distinctive method of software system development (Balalaie,
Heydarnoori & Jamshidi, 2016). The main aim of this type of microservices is focusing on
creation of single function modules with having some well-defined operations and interfaces.
Adoption of the microservice has become a trend in some recent years as most of the enterprises
are looking to become more agile towards continuous testing and DevOps.
Risk:
Risk Name Description of the Risk Possible control for the Risk
Major Operation Overhead The number of all processes
grows with the load balancing
All the processes need to be
reviewed perfectly for
Yu, 2015). this all the fake network
traffic can be blocked easily.
Poorly Defined SLAs Due to this risk factor
customer fails to govern their
own sets of data and for that
customers are forced to rely
on the service providers for
proper data security within
the public sector.
Here perfect clarification is
needed for the access
protections and permission
and with that service level
agreement need to be defined
very well. Clear detail is
required for the reasonable
expectation of service.
Microservices:
In this context, the microservice is also very important for the businesses. The
microservice is considered as distinctive method of software system development (Balalaie,
Heydarnoori & Jamshidi, 2016). The main aim of this type of microservices is focusing on
creation of single function modules with having some well-defined operations and interfaces.
Adoption of the microservice has become a trend in some recent years as most of the enterprises
are looking to become more agile towards continuous testing and DevOps.
Risk:
Risk Name Description of the Risk Possible control for the Risk
Major Operation Overhead The number of all processes
grows with the load balancing
All the processes need to be
reviewed perfectly for
5HYBRID CLOUD COMPUTING
and middle messaging added. mitigating the risk.
DevOps Microservices becomes
improper without
implementation of the
DevOps (Ebert et al., 2016).
DevOps need to be
implemented perfectly so that
it will be able to assist the
microservices.
Interface Mismatch Changing the service
interface becomes makes all
the services depending on that
improper as mismatch of the
interface occurs.
While changes occur in a
single service’s interface,
other interface also need to be
changed to fix the issue of
interface mismatch.
Distributed System Due to the distributed system
the overall microservices
becomes very much complex
and due to this factor
inefficiency occurs within the
system (Wu, 2017).
Several of things need to be
taken care of for reducing the
overall complexity of the
device which includes fault
tolerance, network latency,
unreliable networks and
message serialization.
General Information Security Steps and Controls:
Hybrid cloud related security is very much important for the DTGOV organization. Due
to this factor Board of the DTGOV organization is very much anxious about this factor.
Considering this factor some general information security steps and control is recommended in
this case for the security purpose of hybrid cloud.
and middle messaging added. mitigating the risk.
DevOps Microservices becomes
improper without
implementation of the
DevOps (Ebert et al., 2016).
DevOps need to be
implemented perfectly so that
it will be able to assist the
microservices.
Interface Mismatch Changing the service
interface becomes makes all
the services depending on that
improper as mismatch of the
interface occurs.
While changes occur in a
single service’s interface,
other interface also need to be
changed to fix the issue of
interface mismatch.
Distributed System Due to the distributed system
the overall microservices
becomes very much complex
and due to this factor
inefficiency occurs within the
system (Wu, 2017).
Several of things need to be
taken care of for reducing the
overall complexity of the
device which includes fault
tolerance, network latency,
unreliable networks and
message serialization.
General Information Security Steps and Controls:
Hybrid cloud related security is very much important for the DTGOV organization. Due
to this factor Board of the DTGOV organization is very much anxious about this factor.
Considering this factor some general information security steps and control is recommended in
this case for the security purpose of hybrid cloud.
6HYBRID CLOUD COMPUTING
Recommendation:
Developing a Strategic Plan: While the hybrid cloud is deployed, it is very much
important to migrating all of the data to the hybrid cloud environment (Lu et al., 2015).
For this reason of migration a comprehensive plan is also need to be developed so that all
the data can be secured. By developing this strategic plan worst case scenario can be
avoided in this case. Due to this reason the Board should consider this this
recommendation for securing the hybrid cloud.
Self-Awareness: Self-awareness of the organization is needed in this case for the cloud
environment on which the organization is currently aiming to operate. Through this
understanding potential risk in the cloud service provider can be understood and thus
proper security steps can be taken earlier. As the self-awareness is capable of securing the
organization from various of hybrid cloud related risk the Board must acknowledge this
and for a more secure hybrid cloud.
Performing Internal Security Audit: Internal security audit is very much important for
unearth the security policies that are currently placed for both of the cloud servers and the
on premise servers (Islam, Farah & Stafford, 2018). Through this audit, the technological
barriers can be assessed through note discrepancies. As through the internal security audit
all the present flaw in the hybrid cloud environment can be identified and can be
mitigated this recommendation of performing the internal security audit must be
implemented by the Board of DTGOV.
Proper Encryption: Proper encryption need to be leveraged as much as possible in most
of the cases. Through proper type of encryption process the data can be easily secured
while it is transit. In this aspect some secure connection and VPN connection can be
Recommendation:
Developing a Strategic Plan: While the hybrid cloud is deployed, it is very much
important to migrating all of the data to the hybrid cloud environment (Lu et al., 2015).
For this reason of migration a comprehensive plan is also need to be developed so that all
the data can be secured. By developing this strategic plan worst case scenario can be
avoided in this case. Due to this reason the Board should consider this this
recommendation for securing the hybrid cloud.
Self-Awareness: Self-awareness of the organization is needed in this case for the cloud
environment on which the organization is currently aiming to operate. Through this
understanding potential risk in the cloud service provider can be understood and thus
proper security steps can be taken earlier. As the self-awareness is capable of securing the
organization from various of hybrid cloud related risk the Board must acknowledge this
and for a more secure hybrid cloud.
Performing Internal Security Audit: Internal security audit is very much important for
unearth the security policies that are currently placed for both of the cloud servers and the
on premise servers (Islam, Farah & Stafford, 2018). Through this audit, the technological
barriers can be assessed through note discrepancies. As through the internal security audit
all the present flaw in the hybrid cloud environment can be identified and can be
mitigated this recommendation of performing the internal security audit must be
implemented by the Board of DTGOV.
Proper Encryption: Proper encryption need to be leveraged as much as possible in most
of the cases. Through proper type of encryption process the data can be easily secured
while it is transit. In this aspect some secure connection and VPN connection can be
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7HYBRID CLOUD COMPUTING
established for more security of the data in the hybrid cloud environment. By properly
encrypting all of the data organizational data can be secured properly which is actually
important for the DTGOV organization. For this extra layer of the data security the Board
of the DTGOV must consider this recommendation for security of data.
Collection of Security Logs: For migrating to a hybrid cloud environment it is very
much important to choose a proper cloud service provider. Almost every of the cloud
service provider provides a log file which demonstrates what is currently happening on
the within the cloud (Lee et al., 2016). In these aspects these data achieved from the logs
can be used in the hybrid cloud situations making a highly secure environment for the
data that is stored within the hybrid cloud service. Here the SIEM or the security
information and event management tool can be utilized for analyzing all of the internal
logs. Also, threats can be identified and can be mitigated easily for using these SIEM
tools of the hybrid cloud environments. Due to this factor the security logs must be
collected by the DTGOV.
Standardization of the Security Policies: For a hybrid type of cloud environment it is
very much important to ensure that all the solution of the cloud environment is working
flawlessly. Only depending on the default security policy and setting of the cloud service
provider can be a big mistake in this case for the organizations as this might be some
basic type of security steps which might not be proper for the organizations for securing
of the internal data. Thus the organization must develop some of the security polices
which will be able to meet the organizational security aspects. For this reason the
DTGOV must consider this recommendation.
established for more security of the data in the hybrid cloud environment. By properly
encrypting all of the data organizational data can be secured properly which is actually
important for the DTGOV organization. For this extra layer of the data security the Board
of the DTGOV must consider this recommendation for security of data.
Collection of Security Logs: For migrating to a hybrid cloud environment it is very
much important to choose a proper cloud service provider. Almost every of the cloud
service provider provides a log file which demonstrates what is currently happening on
the within the cloud (Lee et al., 2016). In these aspects these data achieved from the logs
can be used in the hybrid cloud situations making a highly secure environment for the
data that is stored within the hybrid cloud service. Here the SIEM or the security
information and event management tool can be utilized for analyzing all of the internal
logs. Also, threats can be identified and can be mitigated easily for using these SIEM
tools of the hybrid cloud environments. Due to this factor the security logs must be
collected by the DTGOV.
Standardization of the Security Policies: For a hybrid type of cloud environment it is
very much important to ensure that all the solution of the cloud environment is working
flawlessly. Only depending on the default security policy and setting of the cloud service
provider can be a big mistake in this case for the organizations as this might be some
basic type of security steps which might not be proper for the organizations for securing
of the internal data. Thus the organization must develop some of the security polices
which will be able to meet the organizational security aspects. For this reason the
DTGOV must consider this recommendation.
8HYBRID CLOUD COMPUTING
Conclusion:
From the above discussion it can be concluded that data security is huge concern for
almost every organization and with the security of the data flexible and scalable business process
is also very much important in this case. Here the DTGOV is trying to achieve a flexible and
scalable type of business process and for that they have decided to use a hybrid type of cloud
service and have agreed to implement microservices. In this context this document has described
risk linked with the hybrid cloud and microservices strategy. Also, in the further discussion
security steps and controls has been described to protect the hybrid cloud.
Conclusion:
From the above discussion it can be concluded that data security is huge concern for
almost every organization and with the security of the data flexible and scalable business process
is also very much important in this case. Here the DTGOV is trying to achieve a flexible and
scalable type of business process and for that they have decided to use a hybrid type of cloud
service and have agreed to implement microservices. In this context this document has described
risk linked with the hybrid cloud and microservices strategy. Also, in the further discussion
security steps and controls has been described to protect the hybrid cloud.
9HYBRID CLOUD COMPUTING
References:
Balalaie, A., Heydarnoori, A., & Jamshidi, P. (2016). Microservices architecture enables devops:
Migration to a cloud-native architecture. IEEE Software, 33(3), 42-52.
Chou, D. C. (2015). Cloud computing risk and audit issues. Computer Standards &
Interfaces, 42, 137-142.
Ebert, C., Gallardo, G., Hernantes, J., & Serrano, N. (2016). DevOps. Ieee Software, 33(3), 94-
100.
Farokhi, S., Jamshidi, P., Lakew, E. B., Brandic, I., & Elmroth, E. (2016). A hybrid cloud
controller for vertical memory elasticity: A control-theoretic approach. Future
Generation Computer Systems, 65, 57-72.
Islam, M. S., Farah, N., & Stafford, T. F. (2018). Factors associated with security/cybersecurity
audit by internal audit function: An international study. Managerial Auditing
Journal, 33(4), 377-409.
Lee, J., Jeon, J., Lee, C., Lee, J., Cho, J., & Lee, K. (2016, February). A Study on Efficient Log
Visualization Using D3 Component against APT: How to Visualize Security Logs
Efficiently?. In 2016 International Conference on Platform Technology and Service
(PlatCon) (pp. 1-6). IEEE.
Lu, P., Sun, Q., Wu, K., & Zhu, Z. (2015). Distributed online hybrid cloud management for
profit-driven multimedia cloud computing. IEEE Transactions on Multimedia, 17(8),
1297-1308.
References:
Balalaie, A., Heydarnoori, A., & Jamshidi, P. (2016). Microservices architecture enables devops:
Migration to a cloud-native architecture. IEEE Software, 33(3), 42-52.
Chou, D. C. (2015). Cloud computing risk and audit issues. Computer Standards &
Interfaces, 42, 137-142.
Ebert, C., Gallardo, G., Hernantes, J., & Serrano, N. (2016). DevOps. Ieee Software, 33(3), 94-
100.
Farokhi, S., Jamshidi, P., Lakew, E. B., Brandic, I., & Elmroth, E. (2016). A hybrid cloud
controller for vertical memory elasticity: A control-theoretic approach. Future
Generation Computer Systems, 65, 57-72.
Islam, M. S., Farah, N., & Stafford, T. F. (2018). Factors associated with security/cybersecurity
audit by internal audit function: An international study. Managerial Auditing
Journal, 33(4), 377-409.
Lee, J., Jeon, J., Lee, C., Lee, J., Cho, J., & Lee, K. (2016, February). A Study on Efficient Log
Visualization Using D3 Component against APT: How to Visualize Security Logs
Efficiently?. In 2016 International Conference on Platform Technology and Service
(PlatCon) (pp. 1-6). IEEE.
Lu, P., Sun, Q., Wu, K., & Zhu, Z. (2015). Distributed online hybrid cloud management for
profit-driven multimedia cloud computing. IEEE Transactions on Multimedia, 17(8),
1297-1308.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10HYBRID CLOUD COMPUTING
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management,
and security. CRC press.
Shabir, M. Y., Iqbal, A., Mahmood, Z., & Ghafoor, A. (2016). Analysis of classical encryption
techniques in cloud computing. Tsinghua Science and Technology, 21(1), 102-113.
Wu, J. (2017). Distributed system design. CRC press.
Yan, Q., & Yu, F. R. (2015). Distributed denial of service attacks in software-defined
networking with cloud computing. IEEE Communications Magazine, 53(4), 52-59.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management,
and security. CRC press.
Shabir, M. Y., Iqbal, A., Mahmood, Z., & Ghafoor, A. (2016). Analysis of classical encryption
techniques in cloud computing. Tsinghua Science and Technology, 21(1), 102-113.
Wu, J. (2017). Distributed system design. CRC press.
Yan, Q., & Yu, F. R. (2015). Distributed denial of service attacks in software-defined
networking with cloud computing. IEEE Communications Magazine, 53(4), 52-59.
1 out of 11
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.