Cloud Computing Report: Architecture, Risks, and Security Measures
VerifiedAdded on 2021/05/31
|13
|2656
|264
Report
AI Summary
This report explores various aspects of cloud computing, including Platform as a Service (PaaS), Software as a Service (SaaS), and Infrastructure as a Service (IaaS) architectures, along with their justifications, benefits, and associated issues. It delves into the risks of hybrid cloud and microservices, offering control measures for architecture design, data management, and privacy/security concerns. The report outlines steps to secure a hybrid cloud environment, covering encryption, API protection, and security log utilization. It also addresses application resilience issues, emphasizing the importance of backup, disaster recovery, remote server administration, resource management, and Service Level Agreement (SLA) management. Finally, the report details the steps involved in mitigating the AWS cloud, including preparation, portfolio planning, migration, and operation, along with potential issues in each phase.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: CLOUD COMPUTING
CLOUD COMPUTING
Name of the Student
Name of the University
Author Note
CLOUD COMPUTING
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
2CLOUD COMPUTING
Table of Contents
Question 1..................................................................................................................................3
Question 2..................................................................................................................................4
Question 3..................................................................................................................................5
Question 4..................................................................................................................................5
Question 5..................................................................................................................................6
Question 6..................................................................................................................................6
Table of Contents
Question 1..................................................................................................................................3
Question 2..................................................................................................................................4
Question 3..................................................................................................................................5
Question 4..................................................................................................................................5
Question 5..................................................................................................................................6
Question 6..................................................................................................................................6
3CLOUD COMPUTING
Question 1
In order to assist the Regional Garden to meet the board strategy the cloud
architecture which can be deployed is the Platform as a Service (PaaS).
Part 1
The following are the architectures which can be deployed along with the justification of the
deployment.
Architecture 1: PaaS (Platform as a Service)
Justification: The main reason for the implementation of the PaaS model is due to the factor
that the model provides a platform of software applications as a service to the end users.
Some of the advantage which can be related to the aspect is in the sector of lower of the
administrative overheads, more current system of software, scalable solutions and lowering
of the cost which is related to the ownership (Gai et al., 2015).
Architecture 2: SaaS (Software as a Service)
Justification: The main aspect which is related to the deployment of the SaaS architecture is
that it would be directly providing the organization with a platform of software application
service for the end users. The main sector of the advantage which can be achieved from the
concept is the improvement in the customer relation management (CRM), human resource
solution and invoicing and billing system (Sanaei et al., 2014)
Architecture 3: IaaS (Infrastructure as a Service)
Justification: The fundamental aspect which is related to the aspect of the deployment of the
IaaS provides an access to the resources which are stated as fundamental such as virtual
machine, physical machine and virtual storage. Apart from the following concept the main
Question 1
In order to assist the Regional Garden to meet the board strategy the cloud
architecture which can be deployed is the Platform as a Service (PaaS).
Part 1
The following are the architectures which can be deployed along with the justification of the
deployment.
Architecture 1: PaaS (Platform as a Service)
Justification: The main reason for the implementation of the PaaS model is due to the factor
that the model provides a platform of software applications as a service to the end users.
Some of the advantage which can be related to the aspect is in the sector of lower of the
administrative overheads, more current system of software, scalable solutions and lowering
of the cost which is related to the ownership (Gai et al., 2015).
Architecture 2: SaaS (Software as a Service)
Justification: The main aspect which is related to the deployment of the SaaS architecture is
that it would be directly providing the organization with a platform of software application
service for the end users. The main sector of the advantage which can be achieved from the
concept is the improvement in the customer relation management (CRM), human resource
solution and invoicing and billing system (Sanaei et al., 2014)
Architecture 3: IaaS (Infrastructure as a Service)
Justification: The fundamental aspect which is related to the aspect of the deployment of the
IaaS provides an access to the resources which are stated as fundamental such as virtual
machine, physical machine and virtual storage. Apart from the following concept the main
4CLOUD COMPUTING
sectors of advantage from the deployment is the enhancement of the IP addresses, Load
balancer and Software bundles (Avram, 2014).
Part 2
The benefits and issue which are related to the deployment are stated below:
PaaS (Platform as a Service)
Benefit
Overhead of the administrative process
More current system of software
Scalable solutions
Lowering of the cost of ownership
Issues
Processor scheduling is event based
The security aspect which is related to the PaaS is not optimal
Lack of portability (Rittinghouse & Ransome, 2016)
SaaS (Software as a Service)
Benefit
Software license efficient use
Modest tools of software
Solution of multitenant
Platform responsibility which are directly managed by the providers.
Issue
sectors of advantage from the deployment is the enhancement of the IP addresses, Load
balancer and Software bundles (Avram, 2014).
Part 2
The benefits and issue which are related to the deployment are stated below:
PaaS (Platform as a Service)
Benefit
Overhead of the administrative process
More current system of software
Scalable solutions
Lowering of the cost of ownership
Issues
Processor scheduling is event based
The security aspect which is related to the PaaS is not optimal
Lack of portability (Rittinghouse & Ransome, 2016)
SaaS (Software as a Service)
Benefit
Software license efficient use
Modest tools of software
Solution of multitenant
Platform responsibility which are directly managed by the providers.
Issue
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
5CLOUD COMPUTING
Risk based on browser based
Lack of portability
Dependencies of network
IaaS (Infrastructure as a Service)
Benefit
Efficient and flexible renting of the hardware of the computers.
Control over the computing resources through the concept of the administrative
access directly to the Virtual machine
Interoperability and portability with the legacy applications.
Issue
Data erase practices
Robustness of the virtual memory isolation
Virtual machine Sprawl
Question 2
The risk factors which are associated with the new hybrid cloud and micro services are stated
below:
Risk 1
Architecture design – The design of the IT architecture is very much complex. This
basically involves a varying combination of the private, public and on premises it cloud. It
order to achieve the desired standard of working IT experts have to be appointed which
would be very much helpful in the aspect of the delivering the service which is related to the
concept.
Risk based on browser based
Lack of portability
Dependencies of network
IaaS (Infrastructure as a Service)
Benefit
Efficient and flexible renting of the hardware of the computers.
Control over the computing resources through the concept of the administrative
access directly to the Virtual machine
Interoperability and portability with the legacy applications.
Issue
Data erase practices
Robustness of the virtual memory isolation
Virtual machine Sprawl
Question 2
The risk factors which are associated with the new hybrid cloud and micro services are stated
below:
Risk 1
Architecture design – The design of the IT architecture is very much complex. This
basically involves a varying combination of the private, public and on premises it cloud. It
order to achieve the desired standard of working IT experts have to be appointed which
would be very much helpful in the aspect of the delivering the service which is related to the
concept.
6CLOUD COMPUTING
Control: The main aspect of the control is the appointment of a sophisticated IT
professional who would be deploying the system directly. The person should be very much
expert in the field of the working with the different aspects which are related to it
(Rittinghouse & Ransome, 2016).
Risk 2
Data management – Most of the organization are using the concept of the storage
automation in the data center to directly route the data to tier which is related to medium, fast
or seldom used storage. This directly depends on the type of data and the access need. The
stewardship and the rules of this type of data can get very much riskier and very much
complex when the data gets ticketed for the non-data center destination and must be
earmarked and tracked (Puthal et al., 2015).
Control: The main aspect which is related to the concept is that IT would have to
rethink of the data deployment and the stewardship of the rules of the automation to
encompass not how the data would be accessed by also when and the frequency by which the
data would be accessed.
Risk 3
Privacy and security – The aspect of the security of the data is very much improving
in the framework of the cloud. But on the other hand it can be stated that the direct control of
the data is in the hand of the cloud providers.
Control: The main aspect which is taken into consideration is that the cloud
providers gives an overview of all the measures of the security of the data which would be
enforced into the data (Hashem, et al., 2015).
Control: The main aspect of the control is the appointment of a sophisticated IT
professional who would be deploying the system directly. The person should be very much
expert in the field of the working with the different aspects which are related to it
(Rittinghouse & Ransome, 2016).
Risk 2
Data management – Most of the organization are using the concept of the storage
automation in the data center to directly route the data to tier which is related to medium, fast
or seldom used storage. This directly depends on the type of data and the access need. The
stewardship and the rules of this type of data can get very much riskier and very much
complex when the data gets ticketed for the non-data center destination and must be
earmarked and tracked (Puthal et al., 2015).
Control: The main aspect which is related to the concept is that IT would have to
rethink of the data deployment and the stewardship of the rules of the automation to
encompass not how the data would be accessed by also when and the frequency by which the
data would be accessed.
Risk 3
Privacy and security – The aspect of the security of the data is very much improving
in the framework of the cloud. But on the other hand it can be stated that the direct control of
the data is in the hand of the cloud providers.
Control: The main aspect which is taken into consideration is that the cloud
providers gives an overview of all the measures of the security of the data which would be
enforced into the data (Hashem, et al., 2015).
7CLOUD COMPUTING
Question 3
Steps to secure hybrid cloud are stated below:
Encryption: The data must be encrypted whenever it is necessary. Most of the data
encryption achievement can be very much difficult to be done. But it can be stated
that to achieve higher standard of security encryption can be considered one of the
most vital aspects.
APIs protection: The server of the cloud directly run on the APIs let directly lets
application to access the service which are achieved in the different servers. The main
aspect of the API can be achieved in the concept by means of protection of the access
which is authorized.
Use and collect of security logs: Each of the cloud providers have a security log
which directly explains what are the processes which are taking place in the concept
of the cloud. It should be taken into consideration that the avoidance of the security
silos should be done and the internal team has the tools which would be helping to
oversee the security which is related in the public cloud (Rittinghouse & Ransome,
2016).
Question 4
Issues of application resilience: The issue which is related to the resilience can be
managed if proper functionality of the operation is taken into consideration by an IT
professional person. It should be always a role of the IT professional to get the overall system
working and most overcoming of the difficult issues in the internal working of the
organization.
Backup: There should be a backup of the data due to the factor that the data would
not be lost if there is any problem in the database. Back up can be considered one of the most
Question 3
Steps to secure hybrid cloud are stated below:
Encryption: The data must be encrypted whenever it is necessary. Most of the data
encryption achievement can be very much difficult to be done. But it can be stated
that to achieve higher standard of security encryption can be considered one of the
most vital aspects.
APIs protection: The server of the cloud directly run on the APIs let directly lets
application to access the service which are achieved in the different servers. The main
aspect of the API can be achieved in the concept by means of protection of the access
which is authorized.
Use and collect of security logs: Each of the cloud providers have a security log
which directly explains what are the processes which are taking place in the concept
of the cloud. It should be taken into consideration that the avoidance of the security
silos should be done and the internal team has the tools which would be helping to
oversee the security which is related in the public cloud (Rittinghouse & Ransome,
2016).
Question 4
Issues of application resilience: The issue which is related to the resilience can be
managed if proper functionality of the operation is taken into consideration by an IT
professional person. It should be always a role of the IT professional to get the overall system
working and most overcoming of the difficult issues in the internal working of the
organization.
Backup: There should be a backup of the data due to the factor that the data would
not be lost if there is any problem in the database. Back up can be considered one of the most
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
8CLOUD COMPUTING
vital aspect in the working in the concept due to the fact that if any type of data is lost then
this back up would be very much beneficial in the aspect. In most of the cases it can be stated
that since most of the time the data of the organization are stored which are very much crucial
it can be a big loss if there is loss of the data (Rittinghouse & Ransome, 2016)
.
Disaster recovery: In case of any disaster the recovery action should be implemented
very much in time. This can be considered very much important due to the factor that the
issue should not impact the overall working. In present time there should be a disaster
recovery plan which mainly aim at recovering from a disaster as soon as the problem is
encountered so that it does not possess any type of threat to the internal as well as external
working of the organization.
Question 5
Remote server Administration: The remote service administration should be done
by an expert person due to the factor that it directly involves the internal and external
working of the organization. Any type of changes in the remote server could lead to problem
in different sectors which may alter the normal functionality of the organization. In most of
the cases IT professionals are appointed in this role as they should be well adverse with the
different conditions it may face. In such a sector problem may be a common issue but it must
be stated that the problem should be resolved before it could impact the normal functionality
of the organization.
Resource Management: The management of the resources should be done most with
most priority. This is due to the factor that loss of resources should not take place anytime.
Resource management can be directly linked with the budget and it may be stated as directly
vital aspect in the working in the concept due to the fact that if any type of data is lost then
this back up would be very much beneficial in the aspect. In most of the cases it can be stated
that since most of the time the data of the organization are stored which are very much crucial
it can be a big loss if there is loss of the data (Rittinghouse & Ransome, 2016)
.
Disaster recovery: In case of any disaster the recovery action should be implemented
very much in time. This can be considered very much important due to the factor that the
issue should not impact the overall working. In present time there should be a disaster
recovery plan which mainly aim at recovering from a disaster as soon as the problem is
encountered so that it does not possess any type of threat to the internal as well as external
working of the organization.
Question 5
Remote server Administration: The remote service administration should be done
by an expert person due to the factor that it directly involves the internal and external
working of the organization. Any type of changes in the remote server could lead to problem
in different sectors which may alter the normal functionality of the organization. In most of
the cases IT professionals are appointed in this role as they should be well adverse with the
different conditions it may face. In such a sector problem may be a common issue but it must
be stated that the problem should be resolved before it could impact the normal functionality
of the organization.
Resource Management: The management of the resources should be done most with
most priority. This is due to the factor that loss of resources should not take place anytime.
Resource management can be directly linked with the budget and it may be stated as directly
9CLOUD COMPUTING
proportional due to the factor that if proper utilization of the resource are done it would
directly help in the sector of the minimizing the budget (Rittinghouse & Ransome, 2016)
.
SLA Management: SLA management should be included so that it does not force
any sort of unwanted error related to the SLA aspect. Some of the aspects which may be
related to the SLA are stated below:
Benchmark specific performance to which the actual performance can be compared.
Response time allocation
Statistic of usage which would be provided.
The notification of the schedule in the sector of network that may directly affect the user
(Puthal et al., 2015).
Question 6
The steps which are included in the concept of the mitigation of the AWS cloud are
stated below:
Phase 1: Mitigation Preparation and planning of the business
In this phase the determination of the right objectives are done and the beginning of
the process of the mitigation of the process is started (Dembla, Flack & Petter, 2015).
Planning can be considered one of the most important sector in this aspect due to the factor
that of the planning is not done properly it may directly alter the working of the project.
Phase 2: Portfolio planning and discovery
The next phase which is related to the concept is the portfolio planning and discovery.
In this phase the main aspect which is taken into consideration is the identification of the
proportional due to the factor that if proper utilization of the resource are done it would
directly help in the sector of the minimizing the budget (Rittinghouse & Ransome, 2016)
.
SLA Management: SLA management should be included so that it does not force
any sort of unwanted error related to the SLA aspect. Some of the aspects which may be
related to the SLA are stated below:
Benchmark specific performance to which the actual performance can be compared.
Response time allocation
Statistic of usage which would be provided.
The notification of the schedule in the sector of network that may directly affect the user
(Puthal et al., 2015).
Question 6
The steps which are included in the concept of the mitigation of the AWS cloud are
stated below:
Phase 1: Mitigation Preparation and planning of the business
In this phase the determination of the right objectives are done and the beginning of
the process of the mitigation of the process is started (Dembla, Flack & Petter, 2015).
Planning can be considered one of the most important sector in this aspect due to the factor
that of the planning is not done properly it may directly alter the working of the project.
Phase 2: Portfolio planning and discovery
The next phase which is related to the concept is the portfolio planning and discovery.
In this phase the main aspect which is taken into consideration is the identification of the
10CLOUD COMPUTING
dependencies between the application and how to move to different planning phases and its
discovery. Each of the planning phase has a different functionality and it can be stated here
that each of the sector may be dependent on each other for their proper working. If one of the
phases go wrong it would be directly affecting the overall functionality of the project
(Whaiduzzaman et al., 2014)..
Phase 3: Migrating, designing and validating application
It can be stated here that in this phase the foundational experience of the migration is
fixed and the migration process is accelerated and the main aim after the process is the
achievement of the scalability.
Phase 4: Operate
At this stage the mitigation process is completed and the old system are turned down
and the advantage with the new system is achieved. It is the main part due to the factor that it
would directly show weather the new system would was implemented successfully or not. In
most of the cases it can be seen that it directly involve the working of the system and changes
should be noticeable in this aspect (Puthal et al., 2015).
Issue in mitigation
In Phase 1: This phase can be considered very much important due to the factor that
the setting of the objective are done in this process. If any type of problem is done in the
process it can lead to big problem.
In Phase 2: Planning phase there can be different sectors or options which can be
implemented. The main decision aspect is taken into consideration and the progress towards
the step of the mitigation is done.
dependencies between the application and how to move to different planning phases and its
discovery. Each of the planning phase has a different functionality and it can be stated here
that each of the sector may be dependent on each other for their proper working. If one of the
phases go wrong it would be directly affecting the overall functionality of the project
(Whaiduzzaman et al., 2014)..
Phase 3: Migrating, designing and validating application
It can be stated here that in this phase the foundational experience of the migration is
fixed and the migration process is accelerated and the main aim after the process is the
achievement of the scalability.
Phase 4: Operate
At this stage the mitigation process is completed and the old system are turned down
and the advantage with the new system is achieved. It is the main part due to the factor that it
would directly show weather the new system would was implemented successfully or not. In
most of the cases it can be seen that it directly involve the working of the system and changes
should be noticeable in this aspect (Puthal et al., 2015).
Issue in mitigation
In Phase 1: This phase can be considered very much important due to the factor that
the setting of the objective are done in this process. If any type of problem is done in the
process it can lead to big problem.
In Phase 2: Planning phase there can be different sectors or options which can be
implemented. The main decision aspect is taken into consideration and the progress towards
the step of the mitigation is done.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
11CLOUD COMPUTING
In Phase 3: The designing aspect should be very much oriented within the framework
of the business. In most of the cases it can be stated that the aspect of the design should be
towards the goal and the objective of the organization.
In Phase 4: It can be stated here that the overall aspect which is related to the
mitigation is done in this process. There are different types of issue which can be faced which
can alter the normal working of the organization (Hashem, et al., 2015).
In Phase 3: The designing aspect should be very much oriented within the framework
of the business. In most of the cases it can be stated that the aspect of the design should be
towards the goal and the objective of the organization.
In Phase 4: It can be stated here that the overall aspect which is related to the
mitigation is done in this process. There are different types of issue which can be faced which
can alter the normal working of the organization (Hashem, et al., 2015).
12CLOUD COMPUTING
References
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Avram, M. G. (2014). Advantages and challenges of adopting cloud computing from an
enterprise perspective. Procedia Technology, 12, 529-534.
Dembla, P., Flack, C., & Petter, S. (2015). Extending the DeLone and McLean IS Success
Model to Cloud Computing.
Gai, K., Qiu, M., Zhao, H., Tao, L., & Zong, Z. (2016). Dynamic energy-aware cloudlet-
based mobile cloud computing model for green computing. Journal of Network and
Computer Applications, 59, 46-54.
Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The
rise of “big data” on cloud computing: Review and open research issues. Information
Systems, 47, 98-115.
Puthal, D., Sahoo, B. P. S., Mishra, S., & Swain, S. (2015, January). Cloud computing
features, issues, and challenges: a big picture. In Computational Intelligence and
Networks (CINE), 2015 International Conference on (pp. 116-123). IEEE.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation,
management, and security. CRC press.
Sanaei, Z., Abolfazli, S., Gani, A., & Buyya, R. (2014). Heterogeneity in mobile cloud
computing: taxonomy and open challenges. IEEE Communications Surveys &
Tutorials, 16(1), 369-392.
References
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Avram, M. G. (2014). Advantages and challenges of adopting cloud computing from an
enterprise perspective. Procedia Technology, 12, 529-534.
Dembla, P., Flack, C., & Petter, S. (2015). Extending the DeLone and McLean IS Success
Model to Cloud Computing.
Gai, K., Qiu, M., Zhao, H., Tao, L., & Zong, Z. (2016). Dynamic energy-aware cloudlet-
based mobile cloud computing model for green computing. Journal of Network and
Computer Applications, 59, 46-54.
Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The
rise of “big data” on cloud computing: Review and open research issues. Information
Systems, 47, 98-115.
Puthal, D., Sahoo, B. P. S., Mishra, S., & Swain, S. (2015, January). Cloud computing
features, issues, and challenges: a big picture. In Computational Intelligence and
Networks (CINE), 2015 International Conference on (pp. 116-123). IEEE.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation,
management, and security. CRC press.
Sanaei, Z., Abolfazli, S., Gani, A., & Buyya, R. (2014). Heterogeneity in mobile cloud
computing: taxonomy and open challenges. IEEE Communications Surveys &
Tutorials, 16(1), 369-392.
13CLOUD COMPUTING
Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., & Vasilakos, A. V. (2014). Security
and privacy for storage and computation in cloud computing. Information Sciences,
258, 371-386.
Whaiduzzaman, M., Sookhak, M., Gani, A., & Buyya, R. (2014). A survey on vehicular
cloud computing. Journal of Network and Computer Applications, 40, 325-344.
Xia, Z., Wang, X., Zhang, L., Qin, Z., Sun, X., & Ren, K. (2016). A privacy-preserving and
copy-deterrence content-based image retrieval scheme in cloud computing. IEEE
Transactions on Information Forensics and Security, 11(11), 2594-2608.
Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., & Vasilakos, A. V. (2014). Security
and privacy for storage and computation in cloud computing. Information Sciences,
258, 371-386.
Whaiduzzaman, M., Sookhak, M., Gani, A., & Buyya, R. (2014). A survey on vehicular
cloud computing. Journal of Network and Computer Applications, 40, 325-344.
Xia, Z., Wang, X., Zhang, L., Qin, Z., Sun, X., & Ren, K. (2016). A privacy-preserving and
copy-deterrence content-based image retrieval scheme in cloud computing. IEEE
Transactions on Information Forensics and Security, 11(11), 2594-2608.
1 out of 13
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.