What is cloud computing?
Cloud computing refers to accessing all the software and hardware resources over the internet instead of having them on-premise. These resources can be servers, databases, storage, applications, and networking. A distinguishing feature of cloud computing is that the user is not responsible for computer resources. Instead, these resources are provided and managed by cloud service providers. The user subscribes to the cloud services on an as-needed basis. Cloud computing saves the user from buying, owning, and maintaining physical data centres and servers. Examples of common cloud computing platforms are Google Cloud, Amazon Web Services (AWS), Microsoft Azure, IBM Cloud, Alibaba Cloud.
The word “cloud” came from an analogy for the internet and the symbol of cloud was used to represent the internet in the architecture design.
History of Cloud Computing
Cloud computing became popular when Amazon developed Elastic Compute Cloud in 2006. It all started with the theory of time-sharing created by John McCarthy in 1955. According to this theory resources should be shared among different users and they can use these resources at the same time. This specially helped small companies who could not afford to buy their datacentres and other resources.
With the evolution of technology, the revolutionary idea of internet was developed in 1960s when ARPANET (Advanced Research Projects Agency Network) was developed for defence purposes. It gave a kickstart to the internet connecting users at remote locations while sharing data and resources. This idea has evolved to connect everyone in the whole world and is now known as cloud computing. Form then onwards there was an exponential increase in the growth of cloud technology. Salesforce.com in 1999, Amazon in 2002, Google in 2009 and Microsoft in 2009 proved to be the biggest players in this evolution.
Cloud Usage in Daily Life
We are using cloud computing in our daily lives without giving a thought to it. Whether we are doing online shopping or creating a presentation for our next class we are using cloud computing in one way or another. Following are some common examples:
- Soundcloud: Users can access their favourite music on any device, anywhere anytime through real-time streaming.
- Google: Most of us use Google to search for anything in the world.
- Web-based email: Web-based email such as Hotmail use the cloud to provide email service.
- Google Workspace: A compendium of important apps including Gmail, Docs, Drive, Calendar, Meet and more.
- Zoom, Skype, WhatsApp, Email use cloud computing to provide remote data access to their users.
Basic Features of Cloud Computing
To understand the distinctive characteristics of cloud computing, it is important to know what computer resources are required by an organization to run its business. First and foremost is data storage. All companies, big or small, flourish on their data. A massive amount of money is spent on equipment as well as the IT team to maintain this data. Other resources include server, storage, networking, virtualization, operating system, applications. This comprise a complete IT infrastructure.
Not all businesses have time and budget to set up in-house infrastructure and manage all these resources. Cloud computing comes to the rescue. It provides all the resources and services over the internet while the company can focus solely on their progress. All the employees can access shared resources from any device like mobile, laptop, tab, desktop while the back-end infrastructure is invisible to the company.
Following are the distinctive features of cloud computing:
- The user is not responsible for anything except payment. Cloud computing is provided and managed by someone else.
- Users buy subscriptions according to their requirements. This “pay-as-you-go” feature helps when your business is a start-up and you don’t need gigantic systems. Users can upgrade the services as their businesses grow.
- Cloud computing gives full control over usage, so it comes with two basic themes, i.e., public and private, just like the Internet and Intranets.
- Cloud Computing specifically caters to the needs of small business, who want to save their set-up and maintenance tasks while focusing on their niche.
- With cloud computing, the resources are pooled and delivered to multiple users according to their needs. This improves multi-tasking and time-sharing abilities of the systems.
- Since the resources are shared and assigned on demand, there is no downtime or disruption in services. The users can access round the clock.
Service Models of Cloud Computing
There are mainly three types of cloud computing:
- Infrastructure as a Service (IaaS)
- Platform as a Service (PaaS)
- Software as a Service (SaaS)
1. Infrastructure as a Service (IaaS)
IaaS is simplest form of cloud computing. It is used by system administrators who get virtual data storage along with a platform for the software development life cycle. The server, network, storage, and virtualization are controlled by IaaS providers. It provides access to IT infrastructure with maximum flexibility and control. The client gets to manage the operating system, middleware, runtime, applications, and data.
It is a complete bundle especially for the small businesses who like to cut the cost of IT set-up. Iaas also eliminates the maintenance costs for buying new resources as the system grows. This is called utility computing because users buy what they need and pay accordingly. The most commonly used Iaas Providers are Google Compute Engine (GCE), Amazon Web Services (AWS), Google Cloud Platform-Iaas component (GCP) and Microsoft Azure.
An example of IaaS is Web hosting service where the users pay a monthly or annual subscription charges to a hosting company to save their website.
2. Platform as a Service (PaaS)
Platform as a Service (PaaS) provides the integrated environment for development of software applications, including server, data centre, virtualization, networking, operating system, middleware and runtime. It is used by developers who only need to control the applications and data. PaaS includes everything required for a complete software development lifecycle, such as developing, testing, hosting, storage, maintenance and support. The users can quickly develop applications using Web-based tools without having to worry about setting up or managing the required infrastructure of servers.
An example of PaaS is developing a website in an environment provided over the internet. Google App Engine and App Cloud are examples of PaaS.
3. Software as a Service (SaaS)
Software as a Service (SaaS) provides the users with access to software applications across the internet. Instead of purchasing the software, the user can subscribe to it and get the services delivered over a web browser. The user doesn’t need to install the software on a local computer. The SaaS provides access to a complete product to carry out business tasks. The end-user does not have to control anything. The datacentres, networks, virtualization, servers, operating system, apps, data, runtime, middleware, all are managed by the cloud service provider.
Example of SaaS is Google Documents and Web-based email.
Deployment Models of Cloud Computing
There are three ways to deploy cloud computing according to user requirements:
- Public Cloud,
- Private Cloud, and
- Hybrid Cloud
1. Public Clouds
In public clouds all software and hardware resources are managed by the provider and accessed by multiple clients over the internet. Owned by third-party cloud service providers, public clouds are the most commonly used model of cloud computing because they are cheaper than the private and hybrid models. The resources are added or reduced according to the user demand which makes the model scalable. The public cloud is reliable because it is available all the time.
The public cloud has shared resources so it is insecure for sensitive and confidential data.
Examples of public clouds Microsoft Azure, Google and Amazon. Following are some advantages and disadvantages of public clouds:
2. Private cloud
Private clouds are owned by a single business company and can be located on the physical site of the company’s datacentre. It is accessed over a secure internet connection. Companies can also hire cloud service providers as a third party to manage their private cloud. It is mostly used by businesses that want to keep their data private while enjoying the agility of cloud computing. The single-user feature of the private cloud makes it additionally expensive than the public cloud. Since the resources in private clouds are not shared, it gives comprehensive control over data storage and security. The performance and quality are better than the public cloud thus making it more reliable for businesses.
Examples of private cloud include Microsoft, VMWare, KVM.
3. Hybrid cloud
Hybrid clouds combine the characteristics of both private and public clouds to varying degrees. They share the technology to provide access to data and applications between them. A hybrid cloud is used where the business owners like to have more flexibility while having optimum security and compliance. They can use features of the public cloud for shared resources and features of the private cloud for data security. Although the clouds operate independently, they communicate with each other over a secure connection. It gives the advantage of the public cloud by using services on demand while giving 100% control over private data. It is cost-effective because you save on the public part of the cloud.
Hybrid cloud can sometimes have chances of data breaches due to communication with the public cloud. Therefore, it is used with proper security policies in place.
Examples of hybrid cloud include VMWare vCloud, HP, Eucalyptus and IBM.
Cloud Computing Architecture
A cloud computing architecture is shown in Figure-4. The Back-end or server part is controlled by the cloud provider. It consists of servers, data storage, virtual machines, security mechanism etc. Multiple hard disks and servers have the backup data stored in them so if any component is down, the other one quickly takes over. Cloud architecture relies heavily on efficient resource allocation algorithms.
Virtualization and Cloud Computing
Dividing a single physical server into several logical servers is called virtualization. All logical or virtual servers function like a physical server and carry out the system tasks independently. Virtualization is the fundamental idea behind cloud computing technology. It makes the cloud service economical, reliable and time-saving.
There are 3 types of virtualization:
1. Storage Virtualization
Storage Virtualization is a method of integrating all the physical data storage from several networks and presenting it as a single unit. This makes the storage managed by a single interface instead of multiple consoles. Examples of Storage Virtualization are RAID groups, Logical volume (LV), LUN’s (Logical unit number), etc.
2. Server Virtualization
Server Virtualization is a method to hide the server details from the end-users. These details include server resources like operating system and processors etc. This maximizes resource sharing while simplifying things for end-users. The user need not to worry about the complex details. Examples of server virtualization are OpenVZ and FreeVPS.
3. Network Virtualization
Network Virtualization is a method of integrating multiple physical networks into a single virtual network. The idea behind network virtualization is to divide the total bandwidth and allocate each part independently to a particular device. An example of network virtualization is virtual LAN (VLAN).
Virtualization is the key idea on which cloud computing works to provide us with efficient and economical systems. The software components are independent of hardware components.
Advantages of Cloud Computing
Cloud computing is economical and hassle-free. This is why the number of businesses migrating to cloud computing is increasing at a fast rate. Following is a list of the most common advantages of cloud computing:
Cost – Cloud computing eliminates both the setting up and maintenance costs for an organization. This includes the cost of buying software and hardware, running physical data centres, the round-the-clock use of electricity, and hiring IT professionals for management of the infrastructure. It is particularly economical for small businesses who don’t have the capital to set the infrastructure and hire a whole team to manage it.
Accessibility – Cloud-based applications and data are accessible from any device connected with the internet be it laptop, mobile or tab. Also this service is available anytime from anywhere in the world. This level of portability cannot be achieved with in-house IT infrastructure.
Collaboration – Since cloud service is accessible worldwide, it means that the teams can collaborate from remote locations. People can share information fast. There is no need to go on-site, which also implies that globally distributed teams can set the business up and running from anywhere in the world within no time.
Productivity – With cloud computing, the organization can focus on achieving important business goals instead of working on IT management tasks.
Global scale – Cloud computing can scale elastically. This means the organizations can reap the benefits according to their company size as they grow.
Reliability – When unforeseen disasters strike, cloud computing saves the users from substantial losses. The data backups are made at multiple sites. Disaster recovery and continuity of corporate operations become easier and less expensive.
Security – Cloud providers offer advanced security features on their platforms such as encryption, verification, and access control. Their working environment is safer than local servers.
Storage – Cloud service providers offer a huge amount of storage capacity for data in one place.
Flexibility – Businesses often have peak hours and low usage hours. With cloud computing, there is no need to use the same bandwidth for both maximum and minimum usage. Scalability is the key to success.
Automatic Software Updates – With cloud computing users are free of installations and updates hassle. This is done by cloud service behind the scenes, thereby saving lots of time.
Document Management System – The cloud storage of documents gives configuration control as well as data integrity so that there are no chances of redundancy or duplication.
Environment-Friendly – Cloud computing is based on the idea of virtualization. This leads to shared resources and combining multiple systems into single units. This infrastructure consists of lesser machines which make it more environment friendly.
Security Risks of Cloud Computing
Cloud computing is beneficial in so many ways. But it comes with its limitations. It’s not the cloud service, but the way clients use it makes it risky. Following are some threats that come with the migration to the cloud.
- Data breaches:
Data breaches pose heavy financial losses. Cloud users need vigorous, and verified risk management and response plans in collaboration with their cloud service providers.
- Account hijacking:
Lack of secure accounts, unprotected credentials, incompetent policies for passwords and authentication certificates can lead to account hijacking. Once an attacker gains access to the system using a legitimate account, they can access sensitive data and manipulate information.
- Insider Threat:
Employees can use their credentials to misuse the data such as customer information, financial information etc.
- Denial of Service Attacks:
Denial of service attack does not harm your data. But it is used as a cover to make the servers and websites unavailable to the user and destroy the firewalls.
- Data Loss:
Losing data due to a malicious attack or a natural disaster can be upsetting. This can be avoided by carefully checking the cloud provider’s policies and procedures for data storage and access
- Insecure APIs
The growth of Application Programming Interfaces (API) brings added security risks. The communication between these APIs can be vulnerable
Cloud security controls
To combat the security threats related to cloud computing the cloud service provides need an efficient and robust safety mechanism. There should be security controls in place to address the security issues to reap the benefits of cloud computing. These security controls identify the loopholes, manage the risks and reduce the overall effect in case of attack. Following are the most common security controls for cloud architecture:
- Deterrent controls
These are proactive measures to avoid any attack to happen. They don’t protect the data but they warn the attackers that there will be adverse consequences if they try to proceed with their malicious intentions. For example, warning signs can act as a signal to notorious users.
- Preventive controls
Preventive controls make the cloud resilient by using software for intrusion detection and software tools for monitoring the security of the cloud network. It generally reduces the overall loopholes and vulnerabilities.
- Detective controls
Detective controls tell what to do if an attack occurs or some malicious activity is detected. The security protocols and procedures are already initiated in the system which are when the attack occurs.
- Corrective controls
Corrective controls lead to actions necessary to be taken after a threat has been detected. For example, terminate a process, isolate the virus, make data backups to minimize the effect of the attack.
The idea of cloud computing is now emerging as a multi-cloud infrastructure that can be seen widely across cloud users. The Internet of Things, artificial intelligence and blockchain are some of the trends that will add more data to the cloud. The migration to cloud computing is growing at an exponential rate. The cloud challenges considerably declined in the last few years. So, more and more organisations are ready to store their data in a remote place. It is considered the best solution for increasing the productivity of an organization. The benefits of Cloud computing far compensate for the shortcomings, so it’s easier than ever to implement and use.