What is Cloud Computing

The term cloud refers to a network or the internet. It is a technology that uses remote
servers on the internet to store, manage, and access data online rather than local
drives. The data can be anything such as files, images, documents, audio, video, and
more.

Advantages and Disadvantages of Cloud

Computing
Advantages of Cloud Computing
As we all know that Cloud computing is trending technology. Almost every company
switched their services on the cloud to rise the company growth.

Here, we are going to discuss some important advantages of Cloud Computing-

1) Back-up and restore data

Once the data is stored in the cloud, it is easier to get back-up and restore that data
using the cloud.

2) Improved collaboration

Cloud applications improve collaboration by allowing groups of people to quickly and

easily share information in the cloud via shared storage.

3) Excellent accessibility

Cloud allows us to quickly and easily access store information anywhere, anytime in
the whole world, using an internet connection. An internet cloud infrastructure
increases organization productivity and efficiency by ensuring that our data is always
accessible.

4) Low maintenance cost

Cloud computing reduces both hardware and software maintenance costs for
organizations.
5) Mobility

Cloud computing allows us to easily access all cloud data via mobile.

6) IServices in the pay-per-use model

Cloud computing offers Application Programming Interfaces (APIs) to the users for
access services on the cloud and pays the charges as per the usage of service.

7) Unlimited storage capacity

Cloud offers us a huge amount of storing capacity for storing our important data such
as documents, images, audio, video, etc. in one place.

8) Data security

Data security is one of the biggest advantages of cloud computing. Cloud offers many
advanced features related to security and ensures that data is securely stored and
handled.

Disadvantages of Cloud Computing

A list of the disadvantage of cloud computing is given below -

1) Internet Connectivity

As you know, in cloud computing, every data (image, audio, video, etc.) is stored on
the cloud, and we access these data through the cloud by using the internet
connection. If you do not have good internet connectivity, you cannot access these
data. However, we have no any other way to access data from the cloud.

2) Vendor lock-in

Vendor lock-in is the biggest disadvantage of cloud computing. Organizations may

face problems when transferring their services from one vendor to another. As
different vendors provide different platforms, that can cause difficulty moving from
one cloud to another.

3) Limited Control

As we know, cloud infrastructure is completely owned, managed, and monitored by

the service provider, so the cloud users have less control over the function and
execution of services within a cloud infrastructure.

4) Security
Although cloud service providers implement the best security standards to store
important information. But, before adopting cloud technology, you should be aware
that you will be sending all your organization's sensitive information to a third party,
i.e., a cloud computing service provider. While sending the data on the cloud, there
may be a chance that your organization's information is hacked by Hackers.

NIST: (National Institute of Standards and Technology)

The NIST (National Institute of Standards and Technology) model for

cloud computing is like a guide that helps us understand what cloud
computing is all about. Here are the main points in simple language:

Essential Characteristics:

NIST’s Five Characteristics of Cloud Computing

The five essential characteristics of a cloud service create the cloud
computing infrastructure. It includes a physical layer of hardware
resources and an abstraction layer which consists of the software
deployed across the physical layer. These attributes are:

1. On-Demand Self-Service
Self-service means that the cloud user can acquire the service
independently: without going through an IT department, call center, or
other middle man. To support self-service:

• The cloud provider must have an automated interface, such as a

web portal or mobile app.

• The user should be able to access the interface at any time.

 • The user should also be able to cancel the cloud service at any
time.

2. Broad Network Access

The cloud service must be broadly available over the communication
network. Users should be able to access it from any location and
internet-enabled device.

3. Resource Pooling
Multiple customers share the cloud service resources in a multi-tenancy
model. This model raises privacy and security concerns, so users must
protect their cloud data and assets by taking necessary security
precautions.

The cloud provider uses a bunch of computers together to help many people at the
same time.

4. Rapid Elasticity
Elasticity refers to the flexibility of the cloud service to scale up or down
automatically to meet the user’s needs. That allows the user to access
the right level and kind of resources, including processing power,
memory, network bandwidth, and storage, to accommodate the user’s
varying workloads.

Imagine the cloud can quickly stretch or shrink to handle more or fewer users, like a
rubber band.

5. Measured Service
A measured cloud service provides a metering capability that underpins
the provider’s pay-as-you-go pricing model. This model provides users
with greater transparency and control over their cloud costs.
The cloud keeps track of how much you use, kind of like a utility bill. You pay for
what you use.

Service Models:

1.Infrastructure-as-a-Service (IaaS)
Users can rent the cloud IT infrastructure, such as servers, networking,
and storage, from an IaaS provider on a pay-as-you-go basis, so the
user doesn’t incur the cost of on-premises installation or maintenance.

Iaas is also known as Hardware as a Service (HaaS). It is one of the

layers of the cloud computing platform. It allows customers to outsource
their IT infrastructures such as servers, networking, processing, storage,
virtual machines, and other resources. Customers access these resources
on the Internet using a pay-as-per use model.

IaaS cloud computing platform layer eliminates the need for every
organization to maintain the IT infrastructure.

IaaS is offered in three models: public, private, and hybrid cloud. The
private cloud implies that the infrastructure resides at the customer-
premise. In the case of public cloud, it is located at the cloud computing
platform vendor's data center, and the hybrid cloud is a combination of
the two in which the customer selects the best of both public cloud or
private cloud.

Characteristics of IaaS

There are the following characteristics of IaaS -

o Resources are available as a service

o Services are highly scalable
o Dynamic and flexible
o GUI and API-based access
 o Automated administrative tasks

Example: DigitalOcean, Linode, Amazon Web Services (AWS),

Microsoft Azure, Google Compute Engine (GCE), Rackspace, and
Cisco Metacloud.

IaaS provider provides the following services -

1. Compute: Computing as a Service includes virtual central

processing units and virtual main memory for the Vms that is
provisioned to the end- users.
2. Storage: IaaS provider provides back-end storage for storing files.
3. Network: Network as a Service (NaaS) provides networking
components such as routers, switches, and bridges for the Vms.
4. Load balancers: It provides load balancing capability at the
infrastructure layer.

2.Platform as a Service | PaaS

Platform as a Service (PaaS) provides a runtime environment. It
allows programmers to easily create, test, run, and deploy web
applications. You can purchase these applications from a cloud
service provider on a pay-as-per use basis and access them using
the Internet connection. In PaaS, back end scalability is managed
by the cloud service provider, so end- users do not need to worry
about managing the infrastructure.

PaaS includes infrastructure (servers, storage, and networking)

and platform (middleware, development tools, database
management systems, business intelligence, and more) to
support the web application life cycle.
Example: Google App Engine, Force.com, Joyent, Azure.

Characteristics of PaaS

There are the following characteristics of PaaS -

o Accessible to various users via the same development

application.
o Integrates with web services and databases.
o Builds on virtualization technology, so resources can easily
be scaled up or down as per the organization's need.
o Support multiple languages and frameworks.
o Provides an ability to "Auto-scale".
Accessible Development:
Simplified: PaaS lets different people use the same tools to build things.
Integration with Web Services and Databases:
Simplified: PaaS easily connects with the internet and databases.
Built on Virtualization for Scalability:
Simplified: PaaS uses a smart technology that can easily adjust the amount of
resources based on what's needed.
Supports Multiple Languages and Frameworks:
Simplified: PaaS understands and works with many different computer
languages and ways of building things.
Auto-scaling Capability:
Simplified: PaaS can automatically adjust itself to handle more or fewer tasks
without needing someone to do it manually.

Services Include:
• Development Tools: Frameworks, databases, and middleware.
• Runtime Environment: Execution environment for applications.
• Deployment Tools: Tools for application deployment and scaling.
Software-as-a-Service (SaaS)
In the SaaS model, the cloud provider manages the underlying software
and IT infrastructure. Users access the SaaS offering via a web browser.
Local installation is not required, and organizations don’t have to worry
about managing data centers, IT operations, or maintenance.

Characteristics of SaaS

There are the following characteristics of SaaS -

o Managed from a central location

o Hosted on a remote server
o Accessible over the internet
o Users are not responsible for hardware and software updates.
Updates are applied automatically.
o The services are purchased on the pay-as-per-use basis

Example: BigCommerce, Google Apps, Salesforce, Dropbox, ZenDesk,

Cisco WebEx, ZenDesk, Slack, and GoToMeeting.

NIST Models for Deployment

The NIST cloud computing definition includes four cloud deployment
models representing four types of cloud environments. Users can
choose the model with features and capabilities best suited to their
needs.

Public Cloud
Public cloud is open to all to store and access information via the Internet using the
pay-per-usage method.

In public cloud, computing resources are managed and operated by the Cloud Service
Provider (CSP). The CSP looks after the supporting infrastructure and ensures that the
resources are accessible to and scalable for the users.

Due to its open architecture, anyone with an internet connection may use the public
cloud, regardless of location or company size. Users can use the CSP's numerous
services, store their data, and run apps. By using a pay-per-usage strategy, customers
can be assured that they will only be charged for the resources they actually use, which
is a smart financial choice.

Example: Amazon elastic compute cloud (EC2), IBM SmartCloud Enterprise,

Microsoft, Google App Engine, Windows Azure Services Platform.

Private Cloud
Private cloud is also known as an internal cloud or corporate cloud. It is used by
organizations to build and manage their own data centers internally or by the third
party. It can be deployed using Opensource tools such as Openstack and Eucalyptus.

Examples: VMware vSphere, OpenStack, Microsoft Azure Stack, Oracle Cloud at

Customer, and IBM Cloud Private.

Based on the location and management, National Institute of Standards and

Technology (NIST) divide private cloud into the following two parts-

o On-premise private cloud: An on-premise private cloud is situated within the

physical infrastructure of the organization. It involves setting up and running a
specific data center that offers cloud services just for internal usage by the
company.

o Outsourced private cloud: An outsourced private cloud involves partnering

with a third-party service provider to host and manage the cloud
infrastructure on behalf of the organization.
Hybrid Cloud
Hybrid Cloud is a combination of the public cloud and the private cloud. we can say:

Hybrid Cloud = Public Cloud + Private Cloud

Hybrid cloud is partially secure because the services which are running on the public
cloud can be accessed by anyone, while the services which are running on a private
cloud can be accessed only by the organization's users. In a hybrid cloud setup,
organizations can leverage the benefits of both public and private clouds to create a
flexible and scalable computing environment. The public cloud portion allows using
cloud services provided by third-party providers, accessible over the Internet.

Example: Google Application Suite (Gmail, Google Apps, and Google Drive), Office
365 (MS Office on the Web and One Drive), Amazon Web Services.

Community Cloud
Community cloud allows systems and services to be accessible by a group of several
organizations to share the information between the organization and a specific
community. It is owned, managed, and operated by one or more organizations in the
community, a third party, or a combination of them.

In a community cloud setup, the participating organizations, which can be from the
same industry, government sector, or any other community, collaborate to establish a
shared cloud infrastructure. This infrastructure allows them to access shared services,
applications, and data relevant to their community.

Example: Health Care community cloud

Basis of Private Cloud Public Cloud

Difference
Cost Private Clouds tend to cost Public Clouds tend to
more than Public Clouds for cost less than Private
Clouds, as you use
 reserving/constructing the data
pre-made data
center. centers.
Security Connection is possible only via
Connection is open on
a private network, which the internet, making
makes them extremely secure them more vulnerable
and less secure.
Performance Very high performance because Performance is
of private networks moderate
Reliability Reliability is very high Low to Moderate
Reliability
Architecture Hosted by the company on Hosted by the
their infrastructure Provider
Scalability Limited Scalability, you may Practically Unlimited
need to upgrade/expand the Scalability since the
hardware. cloud provider has
near infinite
resources.
Servers Dedicated Servers Shared Servers
Control Your enterprise owns the Very little control, as
infrastructure, hence very high the computers are
control. shared between
enterprises.

Cloud Cube Model

In Cloud computing, the Cloud Cube Model(CCM) is developed by the Jericho
forum. This model helps to classify network into four demensional parts as
follows:
• Internal/External
• Insourced/ Outsourced
• Proprietary/Open
• Perimeterized/ de-perimeterized
The main goal of cloud cube model is to provide the security to the cloud network
and protect it. This model helps to different organizations, IT managers and
various buisiness leaders by providing secure cloud network with the help of
cloud cube model. In cloud computing security plays an important part for
different cloud users. Cloud cube model also enables secure collaboration of
cloud formations that is helpful for different types of organizations and
businesses.
Dimensions of Cloud Cube Model
Internal/External: The information of physical location of data is given by
Internal/External type. This is common form of cloud cube model. The data
which is present inside the cloud is known as internal and the data resides
outside the cloud known as external.
Insourced/Outsourced: This is the second dimension of cloud cube model. In
this form of dimension different services are offered, the third-party services
offered are known as Outsourced and the services which are self-offered is called
Insourced.
Proprietary/Open: This is the third dimension of cloud cube model. The
proprietary dimension means that the organization is offering the service which
is secure and protected under their ownership. It defines the incomparability
between data during transformation.
Perimeterized/de-perimeterized: This is the fourth form of dimension which
requires collaboration oriented architecture. Perimeterized dimension always
work within the traditional boundary, the customer can increase the
organization’s boundary into the external cloud computing domain with the help
of operation of virtual server in domain(IP) and also with the use of VPN support
De-perimeterized is the data is encapsulated with metadata and structure, which
will again support to secure the data and control the misuse of data.

Identity As A Service In Cloud Computing

ChatGPT
Identity as a Service (IDaaS) is a cloud-based service that provides identity and access
management (IAM) functionalities for users and devices. In the context of cloud computing,
IDaaS is a convenient way for organizations to manage user identities and control access to
resources without the need for extensive on-premises infrastructure.

Here are key aspects of Identity as a Service in cloud computing:

 1. Authentication and Single Sign-On (SSO): IDaaS typically offers authentication services,
allowing users to access multiple applications and services with a single set of credentials.
Single Sign-On capabilities streamline the user experience by reducing the need for
multiple logins.
2. Authorization and Access Control: IDaaS solutions enable organizations to define and
enforce access policies. Administrators can control who has access to specific resources
and what actions they can perform. This helps enhance security and compliance.
3. User Lifecycle Management: IDaaS assists in managing the entire lifecycle of user
identities, including provisioning (creating and managing user accounts), de-provisioning
(disabling or deleting accounts), and updating user attributes.
4. Multi-Factor Authentication (MFA): Many IDaaS solutions support multi-factor
authentication to enhance security by requiring users to provide additional verification
beyond passwords, such as a code sent to their mobile device.
5. Directory Services: Cloud-based directory services are often a part of IDaaS, providing a
centralized repository for user identities, groups, and attributes. This information is crucial
for authentication and authorization processes.
6. Integration with Cloud Applications: IDaaS platforms integrate seamlessly with various
cloud-based applications and services, making it easier for organizations to extend
identity management controls to their cloud environments.
7. Security and Compliance: IDaaS solutions often incorporate security measures, such as
encryption and audit trails, to help organizations comply with industry regulations and
internal security policies.
8. Scalability and Flexibility: Cloud-based identity services can scale easily based on the
organization's needs. This scalability is particularly beneficial for businesses experiencing
growth or fluctuating user demands.

Popular IDaaS providers include Okta, Microsoft Azure Active Directory, Ping Identity, and Auth0.
Organizations choose IDaaS solutions to simplify identity management, enhance security, and
adapt to the dynamic nature of cloud-based environments.

Implementing Identity as a Service in cloud computing can contribute to a more secure and user-
friendly environment, especially as businesses increasingly rely on cloud-based applications and
services.

Compliance as a Service (CaaS)

Compliance as a Service (CaaS) is a service model that allows
third-party compliance experts to offer compliance implementation,
management and maintenance services to regulated companies in
various industries, often such as healthcare, financial and
government.
 1. Regulatory Compliance Management: CaaS platforms typically provide
tools and services to help organizations manage and adhere to various
regulatory compliance requirements relevant to their industry. This may
include standards such as GDPR, HIPAA, PCI DSS, or industry-specific
regulations.
2. Automated Monitoring and Reporting: CaaS solutions often automate the
monitoring of compliance-related activities and generate reports that
demonstrate adherence to regulatory requirements. This can streamline the
auditing process and provide evidence of compliance.
3. Policy Enforcement: CaaS platforms may assist in the enforcement of security
policies and procedures necessary for compliance. This helps organizations
consistently apply and maintain the required security controls.
4. Risk Management: CaaS offerings may include risk assessment tools to help
organizations identify, assess, and mitigate risks associated with non-
compliance. This proactive approach can contribute to a more resilient
compliance posture.
5. Data Protection and Privacy: With the increasing focus on data protection
and privacy regulations, CaaS solutions often include features to help
organizations manage and safeguard sensitive data, ensuring compliance with
relevant privacy laws.
6. Scalability and Flexibility: CaaS services, being cloud-based, offer scalability
and flexibility. Organizations can adapt their compliance management
resources based on changing business needs and compliance requirements.
7. Continuous Monitoring and Updates: Compliance requirements are
dynamic and may change over time. CaaS platforms often provide continuous
monitoring of regulatory changes and updates to help organizations stay
current with evolving compliance standards.

It's important to note that specific features and capabilities of CaaS offerings may
vary among providers. Additionally, the regulatory landscape and compliance
requirements may change, so organizations should regularly assess their compliance
strategies and tools.

As technology and compliance needs evolve, CaaS can be a valuable approach for
organizations seeking efficient and effective ways to manage and demonstrate
adherence to regulatory standards. If there have been significant developments in
the field since my last update, I recommend checking more recent sources for the
latest information on Compliance as a Service.
what is cloud platform
A cloud platform refers to a set of computing resources and services delivered
over the internet. Instead of owning and maintaining physical servers and
infrastructure, users can access and use computing resources, such as servers,
storage, databases, networking, analytics, software, and more, on a pay-as-
you-go basis.

Cloud platforms offer several advantages, including:

1. **Scalability:** Users can easily scale their resources up or down based on

demand. This flexibility is particularly useful for businesses with fluctuating
workloads.

2. **Cost-Efficiency:** Users pay only for the resources they consume, avoiding
the upfront costs and complexity associated with owning and maintaining
physical infrastructure.

3. **Accessibility:** Users can access their data and applications from

anywhere with an internet connection. This enables remote work and
collaboration.

4. **Reliability:** Cloud providers typically offer high levels of reliability and

uptime through redundant systems and data backup.

5. **Managed Services:** Cloud platforms often provide a variety of managed

services, allowing users to offload certain tasks, such as database management,
to the service provider.
6. **Security:** Cloud providers invest heavily in security measures to protect
data and infrastructure. However, users are also responsible for securing their
own data and applications.

Major cloud providers include Amazon Web Services (AWS), Microsoft Azure,
Google Cloud Platform (GCP), IBM Cloud, and others. These platforms offer a
wide range of services, catering to different needs, such as computing power,
storage, machine learning, and internet of things (IoT) services. Users can
choose the cloud provider and services that best suit their requirements.

Composability in the context of cloud computing refers to the ability to assemble

and integrate various cloud services, resources, and applications to create a unified
and customized solution that meets specific business needs. It involves combining
different components in a modular and flexible way, allowing users to create, modify,
and scale their IT infrastructure dynamically. Composability is a key concept in the
evolution of cloud computing, and it brings several benefits:

1. Flexibility and Customization: Composability allows organizations to tailor

their IT infrastructure to meet specific requirements. Users can mix and match
different cloud services, APIs, and components to create a solution that
precisely fits their needs, without being limited to predefined packages.
2. Rapid Innovation: Composability enables quick experimentation and
innovation by providing the ability to easily integrate new technologies and
services. Organizations can adopt new features, tools, or services without
overhauling their entire infrastructure.
3. Resource Optimization: Composable systems allow for efficient use of
resources. Users can allocate and reallocate resources dynamically based on
changing workloads, optimizing the use of computing power, storage, and
other resources to improve cost-effectiveness.
4. Scalability: Composability supports scalability by allowing users to scale
individual components independently. This flexibility is crucial for handling
varying workloads and ensuring that specific parts of the system can scale
horizontally or vertically as needed.
Communication protocols in cloud computing refer to
the set of rules and conventions that enable the exchange of information between
different components, services, or systems within a cloud environment. These
protocols facilitate seamless communication and interoperability, ensuring that
various elements can work together efficiently. Here are some key communication
protocols used in cloud computing:

1. HTTP/HTTPS (Hypertext Transfer Protocol/Secure): These are the

fundamental protocols for communication over the World Wide Web. They
are commonly used for communication between clients and web-based
services in the cloud.
2. REST (Representational State Transfer): REST is an architectural style for
designing networked applications. It often uses HTTP for communication and
is widely employed in cloud services for its simplicity and scalability.
3. SOAP (Simple Object Access Protocol): SOAP is a protocol for exchanging
structured information in web services. It uses XML for message formatting
and can operate over various transport protocols, including HTTP and SMTP.
4. MQTT (Message Queuing Telemetry Transport): MQTT is a lightweight and
efficient protocol for communication between devices and services in the
Internet of Things (IoT) and cloud environments.
5. WebSockets: WebSockets provide full-duplex communication channels over
a single, long-lived connection, allowing for real-time communication
between clients and servers in cloud applications.
6. TCP/IP (Transmission Control Protocol/Internet Protocol): The
foundational suite of protocols for communication on the internet, TCP/IP is
essential for data transfer and networking in cloud environments.
7. FTP (File Transfer Protocol): FTP is used for transferring files between
systems in a cloud environment, providing a standard mechanism for file
sharing.

Single Sign-On (SSO):- SSO has single authentication server, managing multiple
accesses to other systems.

1. User logs into the authentication server using a username and password.

2. The authentication server returns the user’s ticket.

3. User sends the ticket to intranet server.

4. Intranet server sends the ticket to the authentication server.

5. Authentication server sends the user’s security credentials for that server back to the intranet
server. If an employee leaves the company, then it just required to disable the user at the
authentication server, which in turn disables the user’s access to all the systems.

MODULE----2

Virtualization:-
A technique, which allows to share single physical instance of an application or
resource among multiple organizations or tenants (customers). Creation of a
virtual machine over existing operating system and hardware is known as
Hardware Virtualization. A Virtual machine provides an environment that is
logically separated from the underlying hardware. The machine on which the
virtual machine is going to create is known as Host Machine and that virtual
machine is referred as a Guest Machine.

8. Define Virtualizations and also mention the advantages of it?

• Virtualization uses hypervisors to create multiple virtual machines (VMs) on one

physical computer. These VMs can access all parts of the computer, like
processors, memory, and storage.
• Each VM runs its own operating system and acts as a separate machine, even
though they share one physical computer. This means one computer can do many
tasks at once on different VMs, instead of having many computers each doing one
task.
• Think of it like a block of office buildings. Without virtualization, each department
is in its own separate building, which isn't very efficient. With virtualization, each
department has its own office in the same building. They still work independently,
like in separate buildings, but now they share the same resources of one building.

Advantages:
Advantages of Virtualization:
 1. Cost Savings: Use your existing hardware efficiently, saving on hardware, operation,
cooling, and maintenance costs.
2. Efficiency: Run multiple applications on different virtual machines within one
physical
server, reducing IT management tasks and improving resource utilization.
3. Reduced Maintenance: Manage multiple virtual machines through a single console,
freeing
up IT teams for more strategic tasks.
4. Disaster Recovery: Easily replicate and move virtual machines in case of hardware
failure,
and create quick backups for recovery.
5. Scalability and Flexibility: Quickly create or remove virtual machines to adapt to
changing business needs.
6. Better Environmental Impact: Reduced hardware leads to lower energy
consumption, benefiting the environment and your business.

Virtualization comes in various types, each addressing different aspects of IT

infrastructure. Here are some common types of virtualization:

1. Server Virtualization:
• Definition: Involves dividing a physical server into multiple virtual
servers, each running its own operating system (OS) and applications.
• Purpose: Increases server efficiency, reduces hardware costs, and
enables better resource utilization.
2. Desktop Virtualization:
• Definition: Virtualization of desktop environments, allowing multiple
desktop instances to run on a single physical machine or in a data
center.
• Purpose: Simplifies desktop management, enhances security, and
provides flexibility for end-users.
3. Network Virtualization:
• Definition: Abstracts network resources, enabling the creation of
virtual networks on top of physical networks.
• Purpose: Enhances network flexibility, simplifies network management,
and supports the creation of isolated virtual networks.
4. Storage Virtualization:
• Definition: Combines multiple physical storage devices into a single
virtualized storage unit.
• Purpose: Improves storage management, enhances data mobility, and
provides a more efficient use of storage resources.
5. Application Virtualization:
• Definition: Separates the application layer from the underlying OS,
allowing applications to run in isolated environments.
• Purpose: Simplifies application deployment, improves compatibility,
and enhances system security.

Classification of Hypervisor:
There are 2 types of Hypervisors, as detailed below:

Type-1, Native or Bare-Metal Hypervisors

• These hypervisors run directly on the host’s hardware to control the hardware and
to
manage guest operating systems.
• For this reason, they are sometimes called “bare metal” hypervisors.
• This type of hypervisor is most common in an enterprise data center or other
serverbased environments. Example: Nutanix AHV, VMware ESXi, Citrix Hypervisor.

Type-2 or Hosted Hypervisors

• These hypervisors run on a conventional operating system (OS) just as other
computer
programs do.
• A guest operating system runs as a process on the host.
• Type-2 hypervisors abstract guest operating systems from the host operating
system.
• A type 2 hypervisor is better for individual users who want to run multiple operating
systems on a personal computer. Example: Installing Linux over Windows using
VirtualBox

WHAT IS CLOUD LOAD BALANCING?

• Cloud load balancing is the process of
distributing workloads across computing
resources in a cloud computing environment
and carefully balancing the network traffic
accessing those resources.
• It takes advantage of the cloud’s scalability and
agility to meet the demands of distributed
workloads with high numbers of client
connections.
• It also provides fault tolerance when coupled
with a failover mechanism.

HOW LOAD BALANCING WORKS?

• The request generator generates user requests
which are user tasks that need computing
resources for their execution.
• Data center controlleris in-charge of task
management.
• The load balancer checks which VM to assign for a
given user task.
• The first level load balancer balances the given
workload on individual Physical Machines by
distributing the workload among its respective
associated Virtual Machines.
• The second level load balancer balances the
workload across different Virtual Machines of
different Physical Machines.

Full Virtualization:-
• The VM is installed as a Type 1 Hypervisor
directly onto the hardware.
• All operating systems in full virtualization
communicate directly with the VM hypervisor,
so guest operating systems do not require any
modification.
• Guest operating systems in full virtualization
systems are generally faster than other
virtualization schemes.

Paravirtualization:-
• It requires that the host operating system
provide a virtual machine interface for the guest
operating system and that the guest access
hardware through that host VM.
• An operating system running as a guest on a
paravirtualization system must be ported to
work with the host interface.
Process Level Virtualization:
• Definition: Process level virtualization, also known as application-level
virtualization, involves creating isolated environments for individual
applications or processes to run independently.
• Characteristics:
• Each application or process runs in its own virtual environment, isolated
from other processes.
• The virtualization occurs at the application level, allowing different
applications to run on the same host without interfering with each
other.

System Level Virtualization:

• Definition: System level virtualization, also known as hardware virtualization,
involves creating multiple virtual machines (VMs) on a single physical machine.

Mobility patterns
Certainly! Mobility patterns in the context of virtualization refer to various
ways in which workloads, applications, or data can be moved or
transferred within and between different IT environments. Here are the
mobility patterns you mentioned:

1. **P2V (Physical to Virtual):**

- **Description:** Involves migrating a physical server or machine to a
virtual machine (VM).
- **Use Case:** Legacy systems or applications running on physical
hardware can be virtualized for improved resource utilization and
management.

2. **V2V (Virtual to Virtual):**

- **Description:** The process of moving a virtual machine from one
hypervisor or virtualization platform to another.
 - **Use Case:** Useful when organizations switch or upgrade their
virtualization infrastructure.

3. **V2P (Virtual to Physical):**

- **Description:** Moving a virtual machine back to a physical server.
- **Use Case:** Less common but may be necessary in specific scenarios
where virtualization is no longer suitable or cost-effective.

4. **P2P (Physical to Physical):**

- **Description:** Migrating a physical system to another physical
machine.
- **Use Case:** Useful for hardware upgrades, replacements, or data
center reorganization.

5. **D2C (Datacenter to Cloud):**

- **Description:** Transferring workloads and resources from an on-
premises data center to a cloud environment.
- **Use Case:** Organizations adopting cloud services for scalability,
flexibility, and cost-efficiency.

6. **C2C (Cloud to Cloud):**

- **Description:** Migrating applications and data between different
cloud service providers.
- **Use Case:** Companies may switch cloud providers for various
reasons, and this pattern facilitates the migration.

7. **C2D (Cloud to Datacenter):**

- **Description:** Moving applications or data from a cloud
environment to an on-premises data center.
 - **Use Case:** Occurs when organizations decide to bring certain
workloads back in-house due to compliance, security, or cost
considerations.

8. **D2D (Datacenter to Datacenter):**

- **Description:** Migrating resources and workloads between different
data centers.
- **Use Case:** Useful for disaster recovery, load balancing, or
relocating resources to different geographical locations.

These mobility patterns offer organizations flexibility and agility in

managing their IT infrastructure. They enable efficient resource utilization,
scalability, and adaptability to changing business requirements and
technological landscapes.

Advanced Load Balancing:

• Application Delivery Controller (ADC):
• Definition: A specialized device or software that provides advanced traffic
management, including load balancing, security, and application optimization.
• Purpose: Optimizes application performance and ensures availability by
intelligently distributing traffic.
• Application Delivery Network (ADN):
• Definition: A network infrastructure that focuses on the efficient delivery of
applications and services to end-users.
• Purpose: Enhances the overall user experience by optimizing the delivery of
applications and services.
Example: Google Cloud Load Balancing:
• Google Cloud Load Balancing:
• Description: Google Cloud provides load balancing services that distribute
incoming traffic across multiple instances to ensure high availability and
performance.
• Use Case: Handles traffic for applications and services hosted on Google
Cloud Platform.

•
• HTTP(S) Load Balancing: Distributes HTTP and HTTPS traffic
among instances.
• TCP/UDP Load Balancing: Distributes TCP and UDP traffic
among instances.
 • Internal TCP/UDP Load Balancing: Load balancing for internal
(within a VPC) TCP and UDP traffic.
• Key Features:
• Global Load Balancing: Allows distributing traffic across multiple
regions, directing users to the nearest or most available instance
globally.
• Content-Based Load Balancing: Distributes traffic based on the
content of the requests, optimizing for specific types of applications.
• Cross-Region Load Balancing: Enables load balancing across different
regions for improved global performance.

VMware:

• Description: VMware is a leading provider of virtualization and cloud

computing solutions.
• Key Products:
• ESXi: Bare-metal hypervisor for virtualization.
• vCenter Server: Centralized management platform.
• vSAN: Software-defined storage solution.
• NSX: Network virtualization and security platform.
• vRealize Suite: Cloud management tools.

vSphere:

• Description: VMware vSphere is a comprehensive virtualization platform.

• Components:
• ESXi Hypervisor: Bare-metal hypervisor for virtualization.
• vCenter Server: Centralized management for multiple ESXi hosts.

Simple Cloud API:

• Definition: A standardized interface that simplifies the process of developing
applications for various cloud platforms. It abstracts the complexities of
different cloud providers, allowing developers to write code that can run on
multiple cloud services.
• Purpose: Facilitates portability and interoperability across different cloud
environments.

Google's Indexed Search:

Description: Google's indexed search is the cornerstone of the company's services
and is at the heart of its mission to organize the world's information and make it
universally accessible and useful. The indexed search methodology involves crawling
and indexing the vast expanse of the internet to retrieve and present relevant
information to users when they enter queries.

Dark Web:

The Dark Web refers to a part of the internet that is intentionally hidden and
inaccessible through standard web browsers. It operates on encrypted networks and
requires specific tools and software to access. Here are key aspects of the Dark Web:

Characteristics:

1. Anonymity:
• Use of Tor Network: The most common way to access the Dark Web
is through the Tor (The Onion Router) network, which anonymizes users
by bouncing their connection through a series of volunteer-operated
servers.
2. Encrypted Content:
• Encryption Techniques: Dark Web content is often encrypted, making
it challenging to trace the origin and destination of communication.
This contributes to a high level of privacy for users.
3. Non-Indexed by Search Engines:
• Intentional Exclusion: Dark Web content is intentionally excluded
from indexing by traditional search engines like Google. This intentional
obscurity adds an extra layer of secrecy.

Activities on the Dark Web:

Drugs, Weapons, and Stolen Data: The Dark Web is known for hosting marketplaces where illegal
goods and services, such as drugs, weapons, and stolen data, are bought and sold.

Discussion of Hacking Techniques: Cybercriminals often use the Dark Web to discuss and share
hacking techniques, tools, and vulnerabilities.
Secure Communication: Some individuals use the Dark Web for secure communication, particularly
whistleblowers and privacy advocates seeking to protect their identities.

Aggregation:

Definition: Aggregation refers to the collection, organization, and presentation of

information or content from various sources into a centralized platform. It simplifies
the consumption of information by providing users with a single, easily accessible
source for a specific type of content.

Examples of Aggregation:

1. Google News:
• Description: Google News aggregates news articles from a wide range
of sources, presenting them in a unified interface.
• Purpose: Enables users to access news content from multiple
publishers without visiting individual websites.
2.Social Media Feeds:
• Description: Social media platforms aggregate posts, images, and updates
from users and pages that a person follows.
• Purpose: Provides a centralized location for users to view content shared by
their network.

Disintermediation:

Definition: Disintermediation involves the removal of intermediaries or middlemen

from a process, supply chain, or transaction. It streamlines the interaction between
producers and consumers, often leveraging technology to connect them directly.

Examples of Disintermediation:

1. Direct-to-Consumer (DTC) Sales:

• Description: Manufacturers sell products directly to consumers,
bypassing traditional retail channels.
 • Purpose: Reduces costs, allows for better control over pricing, and
enables direct interaction with customers.
2. Online Travel Booking:
• Description: Travelers can book flights, accommodations, and
transportation directly through online platforms.
• Purpose: Eliminates the need for travel agents, providing consumers
with more control and often lower prices.

AdWords
Google AdWords, now known as Google Ads, is an online advertising platform developed
by Google. It allows businesses to create and run advertisements that appear on
Google's search engine results pages (SERPs), websites within the Google Display
Network, and other Google properties. Advertisers bid on specific keywords, and their
ads are displayed to users based on search queries and other criteria.

Key Features:
• Targeted Advertising: Based on keywords, demographics, and user behavior.
• Cost-Per-Click (CPC): Advertisers pay when users click on their ads.
Global Reach:
AdWords enables businesses to reach a global audience and expand their
market reach beyond geographical constraints.
Flexibility:
• Advertisers can adjust budgets, bids, and targeting options in real-time,
providing flexibility and control over ad campaigns

Google Analytics:

Description: Google Analytics is a comprehensive web analytics service offered by

Google. It provides detailed statistics and analytics for websites and applications,
offering insights into user behavior, website performance, and the effectiveness of
marketing efforts.

Key Features:

1. Traffic Analysis:
 •Functionality: Tracks website and app traffic, providing data on the
number of visitors, pageviews, and user interactions.
• Insights: Helps website owners understand where their traffic is
coming from and how users navigate through the site.
2. Conversion Tracking:
• Purpose: Measures the effectiveness of marketing efforts by tracking
specific user actions or conversions, such as completing a purchase or
filling out a form.
• Insights: Enables businesses to evaluate the success of their marketing
campaigns and optimize strategies for higher conversions.
3. Custom Reports:
• Flexibility: Allows users to create customized reports tailored to their
specific business needs.
• Data Exploration: Provides a deeper analysis of data beyond standard
reports, offering insights into specific metrics and dimensions.

Google Translate:

Description:

• Google Translate: A machine translation service that translates text or speech

from one language to another.
• Key Features:
• Multilingual Support: Translates text among a vast array of languages.
• Real-time Translation: Provides instant translation for text and
speech.

Google Toolkit (Google APIs):

Description:

• Google Toolkit: Encompasses a range of APIs (Application Programming

Interfaces) that developers can integrate into their applications.
• Examples:
• Google Maps API: Embeds Google Maps into applications.
• YouTube API: Allows integration of YouTube functionalities.
 • Gmail API: Enables developers to access Gmail features
programmatically.

Google App Engine:

Description:

• Google App Engine: A fully managed Platform as a Service (PaaS) offering for
building and deploying applications in the cloud.
• Key Features:
• Automatic Scaling: Scales applications based on demand.
• Managed Services: Includes managed databases and storage.
• Support for Multiple Languages: Supports Java, Python, Go, and
more.
• Serverless Deployment: Developers focus on code, and Google
manages infrastructure.
• Integrated Security Features: Provides security features for
applications.

Microsoft Azure Overview:

Definition: Microsoft Azure is a comprehensive cloud computing platform that

provides a variety of services, including infrastructure as a service (IaaS), platform as a
service (PaaS), and software as a service (SaaS). It enables businesses and developers
to build, deploy, and manage applications and services through Microsoft's global
network of data centers.

Key Features and Components:

1. Compute Services:
• Virtual Machines (VMs): On-demand scalable computing resources.
• Azure App Service: Platform for building, deploying, and scaling web
apps.
2. Storage Services:
 •Blob Storage: Scalable object storage for unstructured data.
• Table Storage: NoSQL data store for semi-structured data.
• Queue Storage: Messaging store for reliable messaging.
3. Networking:
• Azure Virtual Network: Allows users to create private, isolated
networks in the cloud.
• Azure Load Balancer: Distributes incoming network traffic across
multiple servers.
4. Databases:
• Azure SQL Database: Fully managed relational database service.
• Azure Cosmos DB: Globally distributed, multi-model database for
various data types.

Amazon Web Services (AWS) is a comprehensive and widely

used cloud computing platform provided by Amazon.com. AWS offers a vast array of
cloud services, including computing power, storage, databases, machine learning,
analytics, content delivery, Internet of Things (IoT), security, and more. It allows
businesses and individuals to access and use computing resources without the need
to invest in and maintain their own physical infrastructure.

Key components and services of AWS include:

1. Compute Services:
• Amazon EC2 (Elastic Compute Cloud): Provides resizable compute
capacity in the cloud, allowing users to run virtual servers.
• AWS Lambda: A serverless computing service that lets you run code
without provisioning or managing servers.
2. Storage Services:
• Amazon S3 (Simple Storage Service): Offers scalable object storage
for data storage and retrieval.
• Amazon EBS (Elastic Block Store): Provides block-level storage
volumes for use with EC2 instances.
3. Database Services:
 Amazon RDS (Relational Database Service): Manages relational
•
databases, supporting multiple database engines like MySQL,
PostgreSQL, Oracle, and SQL Server.
• Amazon DynamoDB: A fully managed NoSQL database service.
4. Networking:
• Amazon VPC (Virtual Private Cloud): Allows users to provision a
logically isolated section of the AWS Cloud where they can launch AWS
resources.
• Amazon Route 53: A scalable domain name system (DNS) web service.
5. Machine Learning and AI:

Amazon EC2 (Elastic Compute Cloud) Overview (5 Marks):

Amazon EC2 is a core service within Amazon Web Services (AWS), providing resizable compute
capacity in the cloud. Key features include:

1. Virtual Servers (Instances): EC2 allows users to deploy virtual servers, known as
instances, with a variety of instance types catering to different computing needs.
2. Instance Types: Users can choose from diverse instance types, optimized for specific
purposes such as general computing, memory-intensive tasks, or storage-optimized
applications.
3. Amazon Machine Images (AMIs): AMIs are pre-configured templates enabling users to
launch instances quickly. Users can choose from public AMIs or create custom ones.
4. Pricing Models: EC2 operates on a pay-as-you-go model, offering flexibility in pricing.
Options include on-demand instances, reserved instances (with commitments), and spot
instances (bid-based pricing for unused capacity).
5. Scalability and Auto Scaling: EC2 provides scalability through Auto Scaling, allowing
automatic adjustment of instance counts based on demand. This ensures optimal
performance and cost efficiency.

In summary, Amazon EC2 is a versatile cloud computing service offering a range of virtual servers,
instance types, and pricing models, making it a fundamental component for deploying and
managing applications in the cloud.

OR ans
Amazon Elastic Compute Cloud (EC2) is a web service provided by Amazon Web
Services (AWS) that allows users to rent virtual computers, known as instances, on
which they can run their own applications. These instances can be scaled up or down
depending on the computing requirements.
With EC2, users have the flexibility to choose the instance type, operating system,
storage, and networking configuration that best fits their needs. They can also select
from various pricing models, such as On-Demand Instances, Reserved Instances, and
Spot Instances, each offering different cost structures.

EC2 instances can be used for various purposes like hosting websites, running
applications, performing data processing, machine learning, and much more. It
provides a scalable and customizable environment for deploying and managing
applications in the cloud.

SQL Azure
As of my last knowledge update in January 2022, "SQL Azure" generally refers to
Microsoft Azure SQL Database, which is a fully managed relational database service
provided by Microsoft Azure. It is part of the Azure cloud platform and is based on
Microsoft SQL Server.

Here are key points about SQL Azure:

1. Fully Managed Service: Azure SQL Database is a fully managed database

service, which means Microsoft takes care of many aspects of database
management, such as patching, backups, and high availability.
2. Scalability: Azure SQL Database allows for easy scalability, enabling users to
adjust resources based on workload requirements. It supports both horizontal
and vertical scaling.
3. Compatibility: It is compatible with on-premises SQL Server, making it easier
for organizations to migrate their existing applications to the cloud.
4. Security: Azure SQL Database provides robust security features, including
encryption at rest and in transit, firewall rules, and authentication mechanisms.
5. High Availability: It offers high availability with features like automatic
backups, geo-replication, and failover groups to ensure that your database
remains available and recoverable.
6. Deployment Options: Users can choose between a single database model or
an elastic pool model for managing multiple databases with a shared set of
resources.
7. Development Tools: Azure SQL Database is compatible with popular
development tools such as SQL Server Management Studio (SSMS), Azure
Data Studio, and various programming languages.
8. Integration with Azure Services: It can be seamlessly integrated with other
Azure services, such as Azure Logic Apps, Azure Functions, and Power BI,
allowing for the development of comprehensive solutions.
9. Elastic Query: Allows querying across multiple databases, both on-premises
and in the cloud, using standard T-SQL.
10. Pay-as-You-Go Pricing: Azure SQL Database follows a pay-as-you-go pricing
model, allowing users to pay for the resources they consume.

Next page module -3

 MODULE-3

Certainly! The lifecycle management of cloud services

involves several stages, similar to how you manage and take care of
something throughout its existence. Here's a breakdown of the key stages:

1. Planning: iuiu
• What it involves: Figuring out what you need from the cloud, like
storing data or running applications.
• Key activities: Setting goals, deciding what to move to the cloud,
and creating a strategy.
• Tools/Processes: Cloud adoption frameworks, strategy documents.

2. Provisioning:
• What it involves: Putting your things (like data and applications)
into the cloud.
• Key activities: Creating virtual spaces for your data and applications,
setting up resources.
• Tools/Processes: Using tools like AWS CloudFormation or Azure
Resource Manager.

3. Configuration and Management:

• What it involves: Making sure everything in the cloud is set up
correctly and working well.
• Key activities: Adjusting settings, keeping an eye on performance,
and using tools to manage configurations.
• Tools/Processes: Tools like Ansible, Puppet for configurations, and
CloudWatch or Azure Monitor for monitoring.

4. Monitoring and Optimization:

• What it involves: Keeping an eye on how well your things are doing
in the cloud and making them work better.
 • Key activities: Watching for any issues, fixing problems, and
optimizing resources for better performance.
• Tools/Processes: CloudWatch, Azure Monitor, and tools to manage
costs like AWS Cost Explorer.

5. Scaling:
• What it involves: Adjusting the amount of space or resources your
things use based on how much they need.
• Key activities: Automatically changing resources to match demand
and balancing the workload.
• Tools/Processes: Auto-scaling features provided by cloud platforms,
load balancing.

6. Decommissioning:
• What it involves: Removing things you don't need in the cloud
anymore.
• Key activities: Identifying and retiring old or unnecessary resources.
• Tools/Processes: Cloud resource management tools, automated
scripts for decommissioning.

Cloud Management:-
Auditing System Backups –
It is required to audit the backups from time to time to ensure restoration of randomly
selected files of
different users.
Flow of data in the system –
The managers are responsible for designing a data flow diagram that shows how the data
is supposed
to flow throughout the organization
Vendor Lock-In –
The managers should know how to move their data from a server to another in case the
organization
decides to switch providers.
Knowing provider’s security procedures –
The managers should know the security plans of the provider, especially Multitenant use,
E-commerce
processing, Employee screening and Encryption policy.
The Cloud Security Alliance (CSA) is a non-profit
organization that is dedicated to promoting best practices for securing cloud
computing environments. It was formed in 2008 and has since become a globally
recognized authority on cloud security. The CSA provides a platform for industry
professionals to collaborate and develop guidelines, frameworks, and best practices
to ensure the security of cloud computing.

Key objectives and activities of the Cloud Security Alliance include:

1. Research and Education: CSA conducts research to identify and address

current and emerging threats to cloud security. It also provides educational
resources, training, and certifications to help individuals and organizations
understand and implement secure cloud practices.
2. Development of Best Practices: The CSA collaborates with industry experts
to develop best practices, guidelines, and frameworks for securing various
aspects of cloud computing, including data protection, identity and access
management, compliance, and more.
3. Certifications: CSA offers certification programs such as the Certificate of
Cloud Security Knowledge (CCSK) to validate the skills and knowledge of
professionals in cloud security.
4. Security Guidance: The CSA publishes documents and guidance on cloud
security, aiming to assist organizations in making informed decisions about
adopting and implementing cloud services securely.
5. Community Engagement: The organization fosters a community of
professionals, including security experts, practitioners, vendors, and
researchers, to share knowledge and experiences related to cloud security.

The cloud security service boundary is a conceptual and

practical line between secure and non-secure areas within a cloud computing
environment. It represents the extent to which security measures are implemented to
protect the confidentiality, integrity, and availability of data and resources in the
cloud. Key elements of the cloud security service boundary include:

1. Access Controls: Defining and enforcing access policies to ensure that only
authorized users and systems can interact with cloud resources. This includes
 measures such as identity and access management (IAM) and role-based
access control (RBAC).
2. Data Encryption: Employing encryption mechanisms to secure data both in
transit and at rest. This helps safeguard sensitive information from
unauthorized access, interception, or tampering.
3. Network Security: Implementing firewalls, intrusion detection and prevention
systems, and other network security measures to control and monitor traffic
flowing in and out of the cloud environment.
4. Authentication and Authorization: Verifying the identity of users and
devices accessing cloud services, and determining their permissions based on
predefined roles and policies.
5. Monitoring and Logging: Continuously monitoring activities within the cloud
environment and maintaining detailed logs. This facilitates the detection of
security incidents, auditing, and compliance with security policies.

A cloud audit refers to the process of evaluating and examining the

security, compliance, performance, and overall management of cloud-based systems
and services. This assessment is conducted to ensure that cloud resources are being
utilized effectively, and that they meet the organization's requirements for security,
privacy, and regulatory compliance.

Here are key aspects of a cloud audit:

1. Security Assessment: This involves reviewing the security measures in place

for cloud services. It includes examining access controls, encryption practices,
identity and access management, network security, and other security features
to identify and address vulnerabilities.
2. Compliance Check: Ensuring that the cloud environment complies with
relevant regulations, industry standards, and internal policies. This may involve
confirming adherence to data protection laws, industry-specific regulations, or
corporate governance requirements.
3. Performance Evaluation: Assessing the performance of cloud-based
applications, services, and infrastructure to ensure they meet the
organization's performance standards. This includes considerations like
response times, availability, and scalability.
4. Cost and Resource Management: Reviewing the cost-effectiveness of the
cloud resources and verifying that they align with the organization's
budgetary and resource allocation plans. This may involve identifying unused
or underutilized resources and optimizing costs.
 5. Data Governance and Privacy: Ensuring that data stored and processed in
the cloud is handled in compliance with data governance policies and privacy
regulations. This includes evaluating data handling practices, data residency,
and privacy controls.

why is encryption important in cloud computing

ChatGPT
ChatGPT
Encryption is crucial in cloud computing for several reasons:

1. Data Security: It ensures that sensitive information stored or transmitted through the
cloud remains confidential and protected from unauthorized access. Encryption converts
data into an unreadable format for anyone without the decryption key.
2. Compliance Requirements: Many industries have strict regulations (like HIPAA, GDPR)
regarding data protection. Encryption helps companies comply with these regulations by
securing sensitive data.
3. Privacy Concerns: Users often have concerns about their data privacy in the cloud.
Encryption assures them that their information is secure, fostering trust between users
and cloud service providers.
4. Data Integrity: Encryption not only protects data from unauthorized access but also
helps maintain data integrity. It ensures that data remains unchanged during storage or
transmission, preventing tampering or unauthorized modifications.
5. Risk Mitigation: In case of a security breach or unauthorized access, encrypted data is
significantly harder for attackers to decipher. This adds an extra layer of protection,
reducing the risk of data breaches.

compliance in cloud computing in simple language

ChatGPT
ChatGPT
Sure, think of compliance in cloud computing like following the rules to keep your stuff safe and
private when using someone else's storage or services on the internet.

It's like making sure:

1. Your Secrets Stay Secret: You follow certain rules (like passwords, locks) to keep your
private things, like photos or documents, safe when you store them with a company
online.
2. Playing by the Laws: Just like there are rules to drive a car, there are rules about how
companies must handle your information online. Companies need to follow these rules to
protect your information.
 3. Checking the Safety: It's like regularly checking that your house or your room's door is
locked properly to make sure no one who shouldn’t be there can get in and take your
things.
4. Keeping Promises: Companies promise to keep your stuff safe and follow the rules.
Compliance means they're doing what they said they would to keep your information
safe and private.
5. Getting a Stamp of Approval: Sometimes, companies get a stamp or certificate to show
they're doing a good job of following the rules. It's like a gold star saying, "Hey, they're
doing things the right way!"

Overall, compliance is about making sure everyone's information stays safe, private, and
protected when using cloud services.

An identity control protocol is a set of rules and standards used to

manage and authenticate users' identities within a system or network. It establishes a
framework for verifying and granting access to resources based on a user's identity,
ensuring that only authorized individuals or entities can access specific information
or services.

These protocols typically include mechanisms for:

1. Authentication: Verifying the identity of users or devices trying to access a

system. This could involve passwords, biometrics, two-factor authentication, or
other methods to confirm identity.
2. Authorization: Determining what level of access users or devices have within
the system or network once their identity is confirmed. This involves specifying
permissions and privileges based on roles or other criteria.
3. Account Management: Handling user accounts, including creation,
modification, and deletion, while ensuring security measures like password
policies and access controls are maintained.
4. Single Sign-On (SSO): Allowing users to access multiple applications or
services with a single set of login credentials, reducing the need for multiple
passwords and enhancing user convenience while maintaining security.

Some common identity control protocols include:

• OAuth (Open Authorization): Often used for allowing third-party

applications limited access to a user's resources without sharing their
credentials.
• OpenID Connect: Built on OAuth, it's used for authentication, allowing users
to log in to different websites using their preferred identity providers (like
Google or Facebook).
• SAML (Security Assertion Markup Language): Facilitates single sign-on
(SSO) by exchanging authentication and authorization data between identity
providers and service providers.
• LDAP (Lightweight Directory Access Protocol): Used for accessing and
maintaining distributed directory information services, often used for user
authentication.
MODULE-4 Concepts of Services and Applications :

Introduction to SOA:-

(SOA) describes a standard method for requesting services from

distributed componentsand managing the results.

Because the clients requesting services, the components providing

the services, the protocols used to deliver messages, and the
responses can vary widely, SOA provides the translation and
management layer in an architecture that removes the barrier for a
client obtaining desired services.

With SOA, clients and components can be written in different

languages and can use multiple messaging protocols and
networking protocols to communicate with one another. SOA
provides the standards that transport the messages and makes the
infrastructure to support it possible.

There are two major roles within Serviceoriented Architecture:

Service provider: The service provider is

the maintainer of the service and the
organization that makes available one or
more services for others to use. To
advertise services, the provider can
publish them in a registry, together with a
service contract that specifies the nature
of the service, how to use it, the
requirements for the service, and the fees
charged.

Service consumer: The service consumer

can locate the service metadata in the
registry and develop the required client
components to bind and use the service.
ADVANTAGES OF SOA :

Service reusability: In SOA, applications

are made from existing services. Thus,
services can be reused to make many
applications.

 Easy maintenance: As services are

independent of each other they can be
updated and modified easily without
affecting other services.
 Availability: SOA facilities are easily
available to anyone on request.
 Reliability: SOA applications are more
reliable because it is easy to debug small
services rather than huge codes
 Scalability: Services can run on different
servers within an environment, this
increases scalability

 Disadvantages of SOA:
 High overhead: A validation of input
parameters of services is done
whenever services interact this
decreases performance as it
increasesload and response time.

 High investment: A huge initial

investment isrequired for SOA.

 Complex service management:

When services interact they
exchange messages to tasks. The
number of messages may go in
millions. It becomes a cumbersome
task to handle a large number of
messages.

protocol stack for soa in very brief with diagram

ChatGPT
ChatGPT
Sure, in brief, a protocol stack for Service-Oriented Architecture (SOA) might include:

1. Service Description:
• WSDL (Web Services Description Language) or Swagger/OpenAPI for
defining service interfaces.
2. Service Transport:
• HTTP/HTTPS for communication between services.
3. Message Format:
• SOAP or REST or XML for structuring and exchanging messages.
4. Service Discovery and Composition:
• UDDI or WS-Discovery for service discovery.
5. Security:
• WS-Security, OAuth, or JWT for ensuring secure communication.
6. Orchestration:
• BPEL for defining and orchestrating business processes.
•
Event Driven SOA
ChatGPT
ChatGPT
Event-driven Service-Oriented Architecture (SOA) combines the principles of SOA with event-
driven architecture, emphasizing the exchange of events among services. In this setup, services
communicate primarily through events rather than direct request-response interactions. Here's a
brief overview:

1. Events as the Core:

• Event-driven architecture (EDA) focuses on the production, detection,
consumption, and reaction to events.
• Events represent significant changes or occurrences in the system.
2. Event Brokers/Message Bus:
• Message Brokers or Event Bus act as intermediaries that receive, route, and
distribute events among services.
• They facilitate decoupling between event producers and consumers.
3. Publish-Subscribe Mechanism:
• Publish-Subscribe pattern is often used where event publishers send events to a
central hub (broker), and subscribers receive the events they are interested in.
4. Asynchronous Communication:
• Communication between services is asynchronous, enabling services to react to
events at their own pace without direct dependencies.
5. Event Processing:
• Services react to events by processing them and triggering appropriate actions,
which can include invoking other services or updating their own state.
6. Scalability and Responsiveness:
• Event-driven architecture supports scalability and responsiveness by allowing
services to react immediately to relevant events without waiting for synchronous
responses.
7. Examples of Technologies:
• Message brokers: Apache Kafka, RabbitMQ, Amazon SNS/SQS.
• Event processing platforms: Apache Flink, Apache Spark, and specific event-
driven frameworks.

Enterprise Service Bus (ESB)

In cloud computing, an Enterprise Service Bus (ESB) plays a crucial role in facilitating
communication and integration among various applications and services. The ESB in
a cloud environment serves several functions:

1. Integration Hub:
• Acts as a central integration hub where various applications, services,
and systems can connect and communicate regardless of their location
in the cloud or on-premises.
2. Message Routing and Transformation:
• Routes messages between different services or applications within the
cloud environment.
• Performs data transformation to ensure compatibility between different
message formats or protocols.
3. Service Orchestration:
• Orchestrates the flow of data and services across multiple systems in
the cloud.
• Manages complex workflows and business processes by coordinating
interactions between different services.
4. Protocol Translation and Mediation:
• Provides protocol mediation, allowing services using different
communication protocols to interact seamlessly.
• Ensures interoperability between services using diverse protocols or
standards.
5. Security and Governance:
• Enforces security measures such as authentication, authorization, and
encryption for data in transit within the cloud environment.
• Implements governance policies and monitors service interactions for
compliance purposes.
6. Scalability and High Availability:
• Offers scalability to handle increased message traffic and system
demands in the cloud.
• Ensures high availability by distributing services across multiple cloud
instances or regions.

Functionality mapping:- [and from organizer page-81]

Some applications can be successfully ported to the cloud, while
others suffer from the translation.
Understanding whether your particular application can benefit
from cloud
deployment requires that you deconstruct your application’s
functionality into its basic components and identify which
functions are critical and can be supported by the cloud.
Online or offline Access methods determines the nature of your
application’s interaction with both cloud and local data stores.
Allowing both online and local data access means that you must
create a hybrid application with a cloud component and a local
component.
If only online access is required then a cloud based data store is
what required. The application could be entirely in the cloud and
browser based.
If only offline access required provisions for local data stores is
mandatory. Still client side support is needed.

Concepts of cloud transactions very briefly

Cloud transactions involve the exchange of data, services, or

resources over a cloud infrastructure. They encompass
interactions between users and cloud providers, occur in
various service and deployment models (IaaS, PaaS, SaaS,
public, private, hybrid), and demand robust security
measures. They offer scalability, flexible payment models,
and emphasize compliance with regulations for data
protection and privacy.
Cloud service attributes for cloud storage
ChatGPT
ChatGPT
When it comes to cloud storage specifically, several attributes define its functionality and appeal:

1. Scalability: Cloud storage allows users to scale their storage needs rapidly, either
increasing or decreasing capacity as required without the constraints of physical
hardware limitations.
2. Accessibility: Users can access cloud storage from anywhere with an internet connection,
using various devices such as computers, smartphones, or tablets.
3. Redundancy and Reliability: Cloud storage providers typically offer redundant systems
and data replication across multiple servers or locations, ensuring data availability even in
the event of hardware failures or outages.
4. Cost-Effectiveness: Cloud storage often operates on a pay-as-you-go model, where
users only pay for the storage they use. This model eliminates the need for investing in
and maintaining physical hardware.
5. Security Measures: Robust security features, including encryption, access controls, and
authentication mechanisms, are implemented to protect data stored in the cloud from
unauthorized access or breaches.
6. Data Transfer and Backup: Cloud storage services facilitate easy data transfer and
backup, allowing users to upload, download, and back up their data seamlessly.
7. Integration and Compatibility: Cloud storage can integrate with various applications
and systems, enabling seamless data sharing and collaboration among users and across
different platforms.

1. System Abstraction:
System abstraction refers to the process of hiding complex underlying details of a
system's infrastructure, software, or services to simplify their use or interaction. In cloud
computing, system abstraction enables users to interact with cloud resources without
needing to understand or manage the intricate technical aspects of the underlying
infrastructure.
• Example: Virtualization is a common technique used for system abstraction in
cloud computing. It abstracts physical hardware resources, allowing multiple
virtual machines or instances to run on a single physical server. Users interact with
these virtualized resources without needing to handle the complexities of the
physical hardware.
2. Cloud Bursting:
Cloud bursting is a deployment model that allows organizations to seamlessly scale their
computing resources from a private cloud to a public cloud to handle sudden spikes in
demand. When the workload surpasses the capacity of the private cloud infrastructure,
the excess workload is redirected or "burst" into the public cloud to ensure continued
performance and availability.
• Usage Scenario: For instance, a company might primarily operate its applications
and services in a private cloud. During times of high demand, such as seasonal
peaks or sudden spikes in user activity, the excess workload is automatically
 directed to a public cloud provider. This enables the organization to efficiently
handle temporary increases in demand without investing in additional on-
premises infrastructure.
Cloud bursting requires integration between private and public cloud environments,
automated workload management, and careful orchestration to ensure a seamless
transition of resources.

In the context of cloud-based storage, the terms "manned" and "unmanned" are not typically
used to define or differentiate the storage itself. Cloud storage refers to the practice of storing
data on remote servers accessed over the internet rather than on local storage devices.

However, if we were to loosely interpret these terms in relation to managing or overseeing cloud-
based storage:

1. Manned Cloud Storage:

This could refer to cloud storage systems or solutions that require human intervention or
active management by individuals or teams. Manned cloud storage might involve
constant monitoring, administration, and maintenance by IT personnel or administrators.
It could involve tasks such as configuring access controls, monitoring storage usage,
performing backups, and ensuring security measures are in place.
2. Unmanned Cloud Storage:
Unmanned cloud storage could imply systems or solutions that operate autonomously or
with minimal human intervention. This could involve highly automated cloud storage
services where most tasks are handled by software, artificial intelligence, or predefined
processes without requiring constant human oversight. Automated backups, self-healing
storage systems, and automated scaling based on usage could be examples of features in
unmanned cloud storage solutions.

However, it's essential to note that in the typical context of cloud storage, the terms "manned"
and "unmanned" are not standard descriptors. Instead, the focus is on aspects like accessibility,
security, scalability, reliability, and cost-effectiveness regardless of whether human intervention is
necessary or automated processes manage the storage infrastructure.

1. Google Gmail (Google Mail):

Google's Gmail is one of the most widely used cloud-based email services. It
offers an intuitive interface, robust spam filtering, ample storage space, and
seamless integration with other Google services. Gmail provides features like
categorizing emails, powerful search functionality, and customizable tabs for
organizing emails efficiently.
2. Mail2Web:
 Mail2Web is an online email access service that allows users to access their
email accounts from various providers using a web interface. It supports
access to different email platforms, providing a unified access point for
managing multiple email accounts.
3. Windows Live Hotmail (Outlook.com):
Formerly known as Hotmail, it was rebranded to Outlook.com by Microsoft.
It's a cloud-based email service that offers integration with other Microsoft
services like OneDrive, Office Online, and Skype. Outlook.com provides
features such as automatic organization through folders, customizable inbox
layouts, and seamless integration with other Microsoft applications.
4. Yahoo Mail:
Yahoo Mail is another prominent cloud-based email service offering features
like a user-friendly interface, customizable themes, and a significant amount of
storage space. It provides integration with other Yahoo services like Yahoo
Calendar and Yahoo Messenger.