- What is the ideal web session timeout? - 15/05/2023
- Why is it important for companies to plan for internal threats? - 09/02/2023
- How pentesting differs in various operating systems? - 09/02/2023
Cloud Fundamentals and Cyber Security Assessment
Cloud computing refers to a model in which computing resources and applications are accessed on demand, from anywhere in the world. Cloud computing provides a shared pool of resources such as data storage space, computer processing power, networks, corporate and user applications etc. In short is the abstraction of physical resources and presenting them as a virtual resource. The major technology used in Cloud is virtualization. Virtualization is a major benefit of cloud computing where the resources are shared among the applications with the objective of attaining better server utilization. Virtualization is basically a framework used in cloud computing to pool and share resources in a virtualized system.
According to the U.S. National Institute of Standards and Technology (NIST), cloud computing is defined as: “Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (for example, networks, 2 servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models and four deployment models”.
Cloud computing is a cost effective alternative to get reliable resources without owning any of the infrastructure. The growth of cloud computing reflects the growth of computing in general.
In the year 1950’s mainframe computers evolved gradually. Multiple users were able to access the central computer through terminals. However since the mainframe computers were costly and was a practical option for organizations to buy and maintain the same for each employee, sharing the access of mainframe computers was a better option then. With the rise of Virtual machines in the year 1970s, it became possible to run multiple operation systems simultaneously in an isolated environment using the Virtualization concept. Virtualization helped in executing multiple OS under a single underlying hardware. This took the 1950s shared access mainframe to a next level.
Along the years virtualization started to become important in communication and information evolution. In the 1990s, telecommunication companies started providing virtualized private network connections. Instead of providing a separate physical infrastructure for each user, telecommunication companies started providing users with shared access to the same physical infrastructure by using virtual private network connections.
Since 1995, the use of Internet became widespread. The timeline of 1996 and 1997 fit with the introduction of cloud computing concept.
The person behind the popularity of cloud computing is Eric Schmidt, former CEO of Google. At the Search Engine Strategies conference in San Jose, CA, on 9th August 2006, he said: “I don’t think people have really understood how big this opportunity really is. It starts with the premise that the data services and architecture should be on servers. We call it cloud computing as they should be in a cloud somewhere”.
Types of cloud
The cloud deployment model specifies the location and management of a cloud’s infrastructure. Based on the deployment, we can broadly classify cloud computing users into four categories – public cloud, private cloud, hybrid cloud and community cloud.
Large organizations that have data centers which manage their data use a private cloud, which has a high storage capacity and computing power; this type of private cloud infrastructure is used exclusively for a particular organization.
The public cloud infrastructure is available for public use and is owned by an organization which provides cloud services. Small and medium-sized businesses typically use a public cloud and large organizations use private clouds.
A hybrid cloud combines multiple types of clouds (private, community or public). A hybrid cloud uses both proprietary computing resources and private cloud resources that organizations manage directly. It uses a public cloud for some of the computing requirements, mainly the ones with varying demands on resources. Currently, two of the major hybrid cloud providers are VMware and HP.
A community cloud is where the cloud has been organized to serve a common function or purpose i.e., a community cloud is a type of public cloud that is limited to a particular group having a common interest.
Attributes of Cloud Computing
1. On-demand self-service: A client can access computer resources whenever they need it, without any interaction with a cloud service provider.
2. Broad network access: Cloud computing provides platform-independent access to clients of all types. Access to resources on the cloud is available over the network using standard methods.
3. Resource pooling: In cloud, resources are pooled together in a system by a cloud service provider. Multiple users can access these resources. Physical and virtual systems are dynamically allocated and re-allocated as needed. The location details of resources such as virtual machines, processing, memory etc. are hidden from the users.
4. Rapid elasticity: Resources can be supplied rapidly and elastically. A cloud computing system can add resources by scaling up systems by using more powerful computers or scaling out systems by using computers of the same kind. Scaling could either be automatic or manual. However, for a client, cloud resources should look unlimited and, which can be purchased at any time and in any quantity.
5. Measured service: Based on a metered system, the use of cloud system resources is measured, audited and reported to the user. Charges can vary based on the amount of storage used, number of transactions, bandwidth used or amount of processing power used. A client is charged based on the level of services provided.