Security standards define the processes, procedures, and practices necessary for implementing a security program. These standards also apply to cloud related IT activities and include specific steps that should be taken to ensure a secure environment is maintained that provides privacy and security of confidential information in a cloud environment. Security standards are based on a set of key principles intended to protect this type of trusted environment. Messaging standards, especially for security in the cloud, must also include nearly all the same considerations as any other IT security endeavor. A basic philosophy of security is to have layers of defense, a concept known as defense in depth. This means having overlapping systems designed to provide security even if one system fails. An example is a firewall working in conjunction with an intrusion- detection system (IDS). Defense in depth provides security because there is no single point of failure and no single entry vector at which an attack can occur. For this reason, a choice between implementing network security in the middle part of a network (i.e., in the cloud) or at the endpoints is a false dichotomy. Some protocols used for cloud security are:
technology enables a vendor’s cloud software to automatically move data from a piece of hardware that goes bad or is pulled offline to a section of the system or hardware that is functioning or operational. Therefore, the client gets seam- less access to the data. Separate backup systems, with cloud disaster recov- ery strategies, provide another layer of dependability and reliability. Finally, cloudcomputing also promotes a green alternative to paper-intensive office functions. It is because it needs less computing hardware on premise, and all computing-related tasks take place remotely with minimal computing hard- ware requirement with the help of technological innovations such as virtual- ization and multitenancy. Another viewpoint on the green aspect is that cloudcomputing can reduce the environmental impact of building, shipping, hous- ing, and ultimately destroying (or recycling) computer equipment as no one is going to own many such systems in their premises and managing the offices with fewer computers that consume less energy comparatively. A consolidated set of points briefing the benefits of cloudcomputing can be as follows: 1. Achieve economies of scale: We can increase the volume output or pro-
As an emerging state-of-the-art technology, cloudcomputing has been applied to an extensive range of real-life situations. Health care service is one of such important application fields. We developed a ubiquitous health care system, named HCloud, after comprehensive evaluation of requirements of health care applications. It is provided based on a cloudcomputing plat- form with characteristics of loose coupling algorithm modules and powerful parallel computing capabilities that compute the details of those indicators for the purpose of preventive health care service. First, raw physiological sig- nals are collected from the body sensors by wired or wireless connections and then transmitted through a gateway to the cloud platform, where storage and analysis of the health status are performed through data-mining tech- nologies. Last, results and suggestions can be fed back to the users instantly for implementing personalized services that are delivered via a heteroge- neous network. The proposed system can support huge physiological data storage; process heterogeneous data for various health care applications, such as automated electrocardiogram (ECG) analysis; and provide an early warn- ing mechanism for chronic diseases. The architecture of the HCloud platform for physiological data storage, computing, data mining, and feature selections is described. Also, an online analysis scheme combined with a Map-Reduce parallel framework is designed to improve the platform’s capabilities. Performance evaluation based on testing and experiments under various conditions have demonstrated the effectiveness and usability of this system.
Abstract The surging demand for inexpensive and scalable IT infrastructures has led to the widespread adoption of Cloudcomputing architectures. These architec- tures have therefore reached their momentum due to inherent capacity of simplifi ca- tion in IT infrastructure building and maintenance, by making related costs easily accountable and paid on a pay-per-use basis. Cloud providers strive to host as many service providers as possible to increase their economical income and, toward that goal, exploit virtualization techniques to enable the provisioning of multiple virtual machines (VMs), possibly belonging to different service providers, on the same host. At the same time, virtualization technologies enable runtime VM migration that is very useful to dynamically manage Cloud resources. Leveraging these fea- tures, data center management infrastructures can allocate running VMs on as few hosts as possible, so to reduce total power consumption by switching off not required servers. This chapter presents and discusses management infrastructures for power- effi cient Cloud architectures. Power effi ciency relates to the amount of power required to run a particular workload on the Cloud and pushes toward greedy con- solidation of VMs. However, because Cloud providers offer Service-Level Agreements (SLAs) that need to be enforced to prevent unacceptable runtime per- formance, the design and the implementation of a management infrastructure for power-effi cient Cloud architectures are extremely complex tasks and have to deal with heterogeneous aspects, e.g., SLA representation and enforcement, runtime reconfi gurations, and workload prediction. This chapter aims at presenting the cur- rent state of the art of power-effi cient management infrastructure for Cloud, by care- fully considering main realization issues, design guidelines, and design choices. In addition, after an in-depth presentation of related works in this area, it presents some novel experimental results to better stress the complexities introduced by power-effi cient management infrastructure for Cloud.
Cloudcomputing is a method for delivering information technology services in which resources are retrieved from internet through web based tools and applications, as opposed to a direct connection to a server. It is called cloudcomputing because the information being accessed is found in the cloud and doesnot require a user to be specified place to gain access to it. Companies providing cloud services enable users to store files and applications on remote servers .Cloud compting recently developing paradigm of distributed computing. In 1969  L. Kleinrock anticipated, “As of now, computer networks are still in their infancy. But as they grow up and become more sophisticated, we will probably see the spread of ’computer utilities’ which, like present electric and telephone utilities, will service individual homes and oﬃces across the country.” The term Cloudcomputing was given prominence ﬁrst by Google’s CEO Eric Schmidt in So the birth of cloudcomputing is very recent phenomena although its root belongs to some old ideas with new business, technical and social perspectives. From the architectural point of view cloud is naturally build on an existing grid based architecture and uses the grid services and adds some technologies like virtualization and some business models.
The Cloud model has been criticized by privacy advocates for the greater ease in which the companies hosting the Cloud services control and can monitor lawfully or unlawfully, the communication and data stored between the user and the host company. Instances such as the secret NSA program, working with AT&T, and Verizon, which recorded over 10 million phone calls between American citizens, causes uncertainty among privacy advocates, and the greater powers it gives to telecommunication companies to monitor user activity.
The next layer within ITaaS is Platform as a Service, or PaaS. At the PaaS level, what the service providers offer is packaged IT capability, or some logical resources, such as databases, ﬁle systems, and application operating environment. Currently, actual cases in the industry include Rational Developer Cloud of IBM, Azure of Microsoft and AppEngine of Google. At this level, two core technolo- gies are involved. The ﬁrst is software development, testing and running based on cloud. PaaS service is software developer-oriented. It used to be a huge difﬁculty for developers to write programs via network in a distributed computing environ- ment, and now due to the improvement of network bandwidth, two technologies can solve this problem: the ﬁrst is online development tools. Developers can directly complete remote development and application through browser and remote console (development tools run in the console) technologies without local installation of development tools. Another is integration technology of local development tools and cloudcomputing, which means to deploy the developed application directly into cloudcomputing environment through local development tools. The second core technology is large-scale distributed application operating environment. It refers to scalable application middleware, database and ﬁle system built with a large amount of servers. This application operating environment enables appli- cation to make full use of abundant computing and storage resource in cloudcomputing center to achieve full extension, go beyond the resource limitation of single physical hardware, and meet the access requirements of millions of Internet users.
It is foreseen that cloudcomputing could become a disruptive technology for mobile multimedia applications and services . In order to meet mul- timedia’s QoS requirements in cloudcomputing for multimedia services over the Internet and mobile wireless networks, Zhu et al.  proposed a multimedia cloudcomputing framework that leverages cloudcomputing to provide multimedia applications and services over the Internet. The prin- cipal conceptual architecture is shown in Figure 1.5. Zhu et al. addressed multimedia cloudcomputing from multimedia-aware cloud (media cloud) and cloud-aware multimedia (cloud media) perspectives. The media cloud (Figure 1.5a) focuses on how a cloud can perform distributed multimedia processing and storage and QoS provisioning for multimedia services. In a media cloud, the storage, CPU, and GPU are presented at the edge (i.e., MEC) to provide distributed parallel processing and QoS adaptation for various types of devices. The MEC stores, processes, and transmits media data at the edge, thus achieving a shorter delay. In this way, the media cloud, composed of MECs, can be managed in a centralized or peer-to-peer (P2P) manner. The cloud media (Figure 1.5b) focuses on how multimedia ser- vices and applications, such as storage and sharing, authoring and mashup, adaptation and delivery, and rendering and retrieval, can optimally utilize cloudcomputing resources to achieve better quality of experience (QoE). As depicted in Figure 1.5b, the media cloud provides raw resources, such as hard disk, CPU, and GPU, rented by the media service providers (MSPs) to serve users. MSPs use media cloud resources to develop their multime- dia applications and services, for example, storage, editing, streaming, and delivery.
In other cases, the loss of control of where your virtual IT infrastructure resides could open the way to other problematic situations. More precisely, the geographical location of a datacenter gen- erally determines the regulations that are applied to management of digital information. As a result, according to the specific location of data, some sensitive information can be made accessible to government agencies or even considered outside the law if processed with specific cryptographic techniques. For example, the USA PATRIOT Act 5 provides its government and other agencies with virtually limitless powers to access information, including that belonging to any company that stores information in the U.S. territory. Finally, existing enterprises that have large computing infra- structures or large installed bases of software do not simply want to switch to public clouds, but they use the existing IT resources and optimize their revenue. All these aspects make the use of a public computing infrastructure not always possible. Yet the general idea supported by the cloudcomputing vision can still be attractive. More specifically, having an infrastructure able to deliver IT services on demand can still be a winning solution, even when implemented within the private premises of an institution. This idea led to the diffusion of private clouds, which are similar to pub- lic clouds, but their resource-provisioning model is limited within the boundaries of an organization.
This book comprehensively debates on the emergence of mobile cloudcomputing from cloudcomputing models. Various technological and architectural advancements in mobile and cloudcomputing have been reported. It has meticulously explored the design and architecture of computational offloading solutions in cloud and mobile cloudcomputing domains to enrich mobile user experience. Furthermore, to optimize mobile power consumption, existing solutions and policies toward green mobile computing, green cloudcomputing, green mobile networking, and green mobile cloudcomputing are briefly discussed. The book also presents numerous cloud and mobile resource allo- cation and management schemes to efficiently manage existing resources (hardware and software). Recently, integrated networks (e.g., WSN, VANET, MANET) have sig- nificantly helped mobile users to enjoy a suite of services. The book discusses existing architecture, opportunities, and challenges, while integrating mobile cloud comput- ing with existing network technologies such as sensor and vehicular networks. It also briefly expounds on various security and privacy concerns, such as application security, authentication security, data security, and intrusion detection, in the mobile cloud com- puting domain. The business aspects of mobile cloudcomputing models in terms of resource pricing models, cooperation models, and revenue sharing among cloud pro- viders are also presented in the book. To highlight the standings of mobile cloud comput- ing, various well-known, real-world applications supported by mobile cloudcomputing models are discussed. For example, the demands and issues while deploying resource- intensive applications, including face recognition, route tracking, traffic management, and mobile learning, are discussed. This book concludes with various future research directions in the mobile cloudcomputing domain to improve the strength of mobile cloudcomputing and to enrich mobile user experience.
Commonly, agility, delivery speed, and cost savings entice companies to public clouds. Public cloud, for example, can free a company from having to invest in consolidating, expanding, or building a new data center when it outgrows a current facility, Kavis says. IT really doesn’t “want to go back to the well and ask management for another several mil- lion dollars,” thus it dives into the public cloud, he says. Stadtmueller says the public cloud is the least ex- pensive way to access compute and storage capacity. Plus, it’s budget- friendly because up-front infra- structure capital investments aren’t required. Businesses can instead align expenses with their revenue and grow capacity as needed. This is one reason why numerous startups choose all- public-cloud approaches.
One of the critical questions for channel companies to answer is whether or not cloud makes sense from an ROI perspective and if so, in what capacity and in which customer scenarios. This basic “economics of the cloud” discussion has been front-‐and-‐center in the channel for the better part of the last three to five years. The conversation is complicated, due in large part to the wide variety of cloud business model options and potential revenue structures to explore as well as differing customer needs. And yet, we are seeing solution providers move more decisively. Nearly 6 in 10 said they proactively pursued multiple segments of the various cloud business models in an attempt to quickly and comprehensively enter the cloud market, with medium and larger firms more likely to have gone this route than the smallest channel player (see Section 3 of this report for a detailed discussion of business models). As a result, a segment of companies have assembled quantifiable tracking metrics on revenue and profit margin, which can serve as a guidepost for channel companies moving more slowly into cloud.
Despite the tremendous business and technical advantages, what we shall always keep in mind is that cloudcomputing would not be our wonderland until users’ outsourced sensitive data could hide from the prying eyes. Privacy concern is one of the primary hurdles that prevent the widespread adoption of the cloud by potential users, especially if the private data of users used to reside in the local storage are to be outsourced to and computed in the cloud. Imagine that CSPs host the services looking into your personal emails, financial and medical records, and social network profiles. Although these sensitive data could be protected by deploying intrusion detection systems, firewalls, or even segmenting data in a virtualized environment, CSP possesses full control of the cloud infrastructure including the system hardware and lower levels of software stack. Privacy breach is still likely to occur owing to the existence of disgruntled, profiteered or curious employees from CSP [25, 37]. Encrypting-then-outsourcing [28,48] provides us strong guarantee that no one could mine any useful information from the ciphertext of users’ data. Many people argue that sensitive data has to be encrypted before outsourcing in order to provide user data privacy against the cloud service providers. However, encrypted data makes data utilization a very challenging task. One example is keyword search functions on the documents stored in the cloud. Without those usable data services, the cloud will become merely a remote storage which provides limited value to all parties.
It’s also critical to avoid thinking of cloudcomputing as a drive to reduce your operational headcount or costs. Although lowering costs is a valid business goal, it’s also a way of taking a lot of the day-to-day repetitive work out of your operations through automation. Automation enables IT staff to do something that adds benefi t to the business, allowing them more time to focus on projects rather than business as usual. This may sound like a well-used truism that is trotted out by management, and it is often overused to justify technology spending. However, if you think about the way the IT industry is moving—increasingly making use of lower-cost headcount to perform operational tasks, often through offshoring or outsourcing—you should see an opportunity to implement cloudcomputing as a way of developing your career and mov- ing up the stack to stay relevant in a changing world rather than being left to compete with a cheaper workforce.
The ﬁ rst step is the development phase. An App Provider implements a service following the guidelines described in chapter “ Empirical Qualitative Analysis of the Current CloudComputing Market for Logistics ” . The hard requirements are that RESTful interfaces and service calls must be implemented. Additionally, the BO- stack including BODs and Mini-BODS, of the Logistics Mall environment must also be used for communication and the BO Instance Repository must be used for storage of processed information and data shared by different apps of a process. Furthermore, an end-user and the service App has to contain the workbasket mechanism. Additionally, points are just suggestions to the provider, like the usage of the Java enterprise stack. The developers are free to choose their own pro- gramming language, but must make sure that their apps are executable within the cloud environment. This is ensured and veri ﬁ ed during the next phase of the Logistics Mall App Life-Cycle. The development phase ﬁ nishes with submitting the created App and integrating it into the Logistics Mall Marketplace (MMP). For the integration the app ’ s description, its price model and the date of availability are registered in the MMP. A Business App is only available until the speci ﬁ ed date. But ﬁ rst of all the App is not visible or purchasable for any customer as long as the Logistics Mall Veri ﬁ cation has not been successfully completed.
John McCarthy was a visionary in computer science; in the early 1960s he formulated the idea that computation may be organized as a public utility, like water and electricity. In 1992 Gordon Bell was invited to and delivered an address at a conference on parallel computations with the provocative title Massively parallel computers: why not parallel computers for the masses? ; he argued that one-of-a- kind systems are not only expensive to build, but the cost of rewriting applications for them is prohibitive. Google Inc. was founded by Page and Brin, two graduate students in computer science at Stanford University; in 1998 the company was incorporated in California after receiving a contribution of $100, 000 from the co-founder and chief hardware designer of Sun Microsystems, Andy Bechtolsheim. Amazon EC2 was initially released as a limited public beta cloudcomputing service on August 25, 2006. The system was developed by a team from Cape Town, South Africa. In October 2008 Microsoft announced the Windows Azure platform; in June 2010 the platform became commercially available. iCloud, a cloud storage and cloudcomputing service from Apple Inc., stores content such as music, photos, calendars, and documents and allows users to access it from Apple devices. The system was announced on June 6, 2011. In 2012 the Oracle Cloud was announced (see www.oracle.com/us/ corporate/features/oracle-cloud/index.html )
Abstract:- By using Internet technology cloud provides virtualized IT resources as a service. CloudComputing is a combination of Grid computing and Cluster computing. By using the Internet a computer grid is created whose purpose is only utilizing shared resources such as on a pay- per-use model, computer software and hardware. The main moto of cloudcomputing is that you can access your data in any corner of the world by using internet. Cloudcomputing is a general term for delivering through the internet. Cloudcomputing is a virtualized computer power and storage delivered via platform-agnostic infrastructures of abstracted hardware and software access over internet. Cloudcomputing systems usually work on various models like public, private, hybrid, and community models.
The cloud is not only an enabler for enterprises but it is a great enabler for cyber-criminals as well for two reasons. First, cloudcomputing is still very immature and lacking standards at this time. There are not a lot of engineers with years of hands-on experience securing applications in the cloud. The end result is that many cloud services are being deployed by today’s corporations without the necessary security and controls and are very vulnerable to all kinds of attacks and breaches. The second reason why the cloud is an enabler for cyber-criminals is that the cloud vendors are a huge target because they house compute resources and data for a large number of companies. The cloud providers typically provide high levels of perimeter security, but it is up to the companies deploying their services to build the appropriate level of application security. For example, an Infrastructure as a Service (IaaS) cloud provider like Amazon Web Services (AWS) has world-class secure data centers, white papers on how to build highly secure services on its platform, and provides a suite of application programming interfaces (APIs), making it easier to design for security. However, it is up to the architects building the software on AWS to encrypt the data, manage the keys, implement good password policies, and so forth.
Thus providing Infrastructure as a Service essentially means that the cloud provider assembles the building blocks for providing these services, including the computing resources hardware, networking hardware and storage hardware. These resources are exposed to the consumers through a request management system which in turn is integrated with an automated provisioning layer. The cloud system also needs to meter and bill the customer on various chargeback models. The concept of virtualization enables the provider to leverage and pool resources in a multi-tenant model. Thus, the features provided by virtualization resource pooling, combined with modern clustering infrastructure, enable efficient use IT resources to provide high availability and scalability, increase agility, optimize utilization, and provide a multi-tenancy model.