Pravin Karthick Ravichandran Santhosh Keerthi Balmuri · I, Pravin Karthick Ravichandran would like...
Transcript of Pravin Karthick Ravichandran Santhosh Keerthi Balmuri · I, Pravin Karthick Ravichandran would like...
Pravin Karthick Ravichandran
Santhosh Keerthi Balmuri
School of Technology Malmo University SE-205 06-Malmo Sweden
Master Thesis
Computer Science
August 2011
This thesis is submitted to the School of Technology at Malmö University in partial fulfillment of
the requirements for the degree of Master of Science in Computer Science. The thesis is
equivalent to 20 weeks of full time studies.
Contact Information:
Author(s):
Pravin Karthick RaviChandran
E-mail: [email protected]
Santhosh Keerthi Balmuri
E-mail: [email protected]
University Advisor:
Annabella Loconsole
E-mail: [email protected]
School of Technology
External Advisor(s) :
Swedish Armed Forces (SWAF), Enköping
Dan Ahlström
E-mail: [email protected]
Ross W Tsagalidis
E-mail: [email protected]
University Examiner:
Jan Persson
E-mail: [email protected]
School of Technology
Malmo University
SE-205 06, Malmo
Sweden
Phone: +46 (0) 40 - 665 70 00 Internet: http://www.mah.se/english/Schools-and-faculties/School-of-Technology/
i
ABSTRACT
Cloud Computing (CC) is one of the fast growing computer network technologies and many
companies offer their services through cloud network. Cloud Computing has many properties
with respect to the existing traditional service provisions like scalability, availability, fault
tolerance, capability and so on which are supported by many IT companies like Google,
Amazon, Salesforce.com. These IT companies have more chances to adapt their services into
a new environment, known as Cloud computing systems. There are many cloud computing
services which are being provided by many IT companies.
The purpose of this thesis is to investigate which cloud environment (public, private and
hybrid) and services (Infrastructure as a Service, Software as a Service, and Platform as a
Service) are suitable for Swedish Armed Forces (SWAF) with respect to performance,
security, cost, flexibility and functionality. SWAF is using private (internal) cloud for
communications where both sensitive and non-sensitive information are located in the internal
cloud. There are problems like maintenance of hardware, cost issues and secure
communication while maintaining the private cloud. In order to overcome those problems we
have suggested a hybrid and community cloud environment and SaaS, IaaS, PaaS services for
SWAF.
For suggesting these cloud environments and cloud services we have performed a literature
study and two empirical studies (survey and interviews) with different organizations.
A new cloud model is designed based on the suggested cloud environment, separate storage
spaces for sensitive and non-sensitive information, suitable services and an effective
infrastructure for sharing the internal information for SWAF.
Keywords: Cloud computing, private cloud, public cloud, hybrid cloud, Infrastructure as a
Service (IaaS), Software as a Service (SaaS), Platform as a Service (PaaS), and VPN.
iii
ACKNOWLEDGEMENT
First of all we thank to holy God who showered their blessing on us. We would also like to
express our heartiest gratitude to our academic supervisor Senior Lecturer Annabella
Loconsole at Malmö University of Computer Science Department, for the invaluable insights,
motivation and guidance throughout the thesis work. We must be thankful for her suggestions,
comments and the way of supervision that lead to present our thesis at Malmö University,
2011. We would also thank Dan Ahlström and Ross W Tsagalidis from Swedish Armed
Forces (SWAF) for giving us an opportunity to work on this interesting as well as challenging
topic under their keen guidance and support through the end of this thesis work.
I, Santhosh Keerthi Balmuri would be very thankful to my father B.Kamalakar Rao, mother
B.Jyothi and my sisters B.Sandeepthi, J.Mounika for supporting me throughout the carrers.
Finally I thank my lovely husband Ashok Nimmala, who had encouraged and supported me in
my thesis work during Master's Programme.
I, Pravin Karthick Ravichandran would like to thank my mother Vijayalakshmy
RaviChandran and my sister Ind Pradha RaviChandran for supporting me all through the
years. I also thank all my friends for influencing me in a positive way towards my education.
v
CONTENTS
ABSTRACT................................................................................................................................i
ACKNOWLEDGEMENT......................................................................................................iii
ABBREVATIONS.................................................................................................................viii
LIST OF TABLES……...........................................................................................................ix
LIST OF FIGURES……………………………………………………………………..........x
1 INTRODUCTION……………………………………………………………1
1.1 Problem Description……………………...……………………………………..................1
1.2 Related Work ...……………………………………………………………………………1
1.3 Objective…………………………………………………………………………...……....2
1.4 Motivation………………………………………………………………………………….3
1.5 Research Questions………………………………………………………………………...3
1.6 Expected Results…………………………………………………………………………...3
1.7 Contribution of our work…………………………………………………………………..3
1.8 Outline of Thesis…………………………………………………………………………...4
2 CONTEXT OF THE MASTER THESIS PROJECT……………………...5
2.1 About SWAF……………………………………………………………………………….5
2.1.1 Product ……….…………………………………………………………....5
2.1.2 Process ……….……………………………………………………………5
2.1.3 Practices ……….…………………………………………………………..6
2.1.4 People ……….…………………………………………………………….6
2.1.5 Organization ……….……………………………………………………...6
2.2 Selection of Topic…………………………………………………………………………7
2.3 Problems in the Present Environment………………………………………………….....6
2.4 Requirements of SWAF………………………………………………………………...…7
vi
3 THEORETICAL BACKGROUND…………………………………………9
3.1 Introduction to Cloud Computing……….…………………………………………………9
3.1.1 Definitions of cloud computing …..…………………………….…………9
3.1.2 Public cloud……………………….…………………………….……..…11
3.1.3 Private cloud……………………………………………………………...11
3.1.4 Hybrid cloud………………………………………………………….…..12
3.1.5 Community cloud………………………………………………………...12
3.2 VPN tunnels……………………………………………………………………..………..13
3.3 Cloud services………………………………………………………………………….…13
3.3.1 IaaS…………………………………………………………………..…...15
3.3.2 PaaS………………………………………...……..……………………...16
3.3.3 SaaS…………………………………………...………………………….17
3.3.4 Properties of cloud services………………………………………………18
3.3.5 Benefits of Cloud computing services…………………………………....20
3.4 Comparison of cloud environments………………………………………………………20
3.4.1 Definition of requirements……………………………………………….21
3.4.2 Comparison of the cloud environments with the requirements…………..21
3.5 Benefits of cloud computing…………………………………………………………...…23
3.6 Limitation of cloud computing…………………………………….……………………..23
3.7 Source Selections…………………………………………………………………………24
3.8 Summary of Literature Study……………………………………………………………..24
4 RESEARCH METHODOLOGY…………………………….…………….26
4.1 Research Design…….…………………………………………………………………….26
4.2 Survey process…………………………………………………...……………………….28
4.2.1 Survey objective……………………………………………………..…...28
4.2.2 Survey preparation………………………….……………………………28
4.2.3 Survey participants……………………………………………………….28
vii
4.2.4 Execution…………………………………………………………………28
4.3 Interview process………………………………………...……………………………….29
4.3.1 Interview objective……………………………………………………….29
4.3.2 Interview preparation…………………………………………………….29
4.3.3 Interview participants…………………………………………………… 29
4.3.4 Execution……………………………...………………………………….29
4.4 Instruments used for survey and interview……………………………………………….30
4.5 Threats to validity…………………………………………………..…………………….30
5 RESULTS OF THE EMPIRICAL STUDY……………………………….32
5.1 Results of the survey………………………………………...……………………………32
5.1.1 Summary of the survey……………...……………………………………39
5.2 Results of Interview study…………………………………………………………….…..40
5.2.1 Summary of the interview………………………………………………..42
5.3 Discussion……………………………………………………………………….….…….43
5.3.1 Discussion of Qualitative and Quantitative data ..................….…............44
5.3.2 Discussion of survey and interview………………………………………44
5.3.3 Suggesting the cloud environment……………………………………….45
6 PROPOSED MODEL FROM THE ACHIEVED RESULTS……………49
6.1 Inputs used for designing the new cloud model........................................................49
6.2 Model design……………………………………………………...………………………49
6.3 Analysis of design model………………………………………...……………………….52
6.4 Suggestion given by SWAF……………………………………………………………....53
7 CONCLUSION AND FUTURE WORK……………………………...…...55
7.1 Summary………………………………………………………………………………….55
7.2 Answering the research questions………………………………………………………...56
7.3 Future work……………………………………………………………………………….57
viii
References……………………………………………………………………..58
Appendix 1…………………………………………………………………….65
Appendix 2…………………………………………………………………….71
ix
ABBREVATIONS
IT - Information Technology
SWAF -SWedish Armed Forces (Försvarsmakten)
FMKE - FörsvarsMaktens enhet för Konceptutveckling
(Armed Forces Unit for concept development).
CC - Cloud Computing
IaaS - Infrastructure as a Service
PaaS - Platform as a Service
SaaS - Software as a Service
VPN - Virtual Private Network
VINCI -Virtual Interacting Network CommunIty
ICT - Information and Communication Technology infrastructure
SOAP - Simple Object Access Protocol
REST - Representational State Transfer
XML - eXtensible Markup Language
PHP - Hypertext Preprocessor
HTTP - HyperText Transfer Protocol
x
LIST OF TABLES
Table 1: Classification of Requirements/Problem/Motivation………………………………...7
Table 2: Comparison between Traditional software and software as a service………………17
Table 3: Properties and different cloud computing service providers………………………..20
Table 4: Comparison of cloud environments…………………………………………………22
Table 5: Mapping of Research Process and Research Methodology…………………………27
Table 6: Instruments used in our research…………………………………………….….......30
Table 7: Employees working on CC in the organizations…………………………………....33
Table 8: Values for the factors according to the rank scale......................................................36
Table 9: Interview Results……………………………………………………………………43
Table 10: Comparison of the results of Survey and Interview ………………….……...…….45
Table 11: Comparing the requirements of SWAF with empirical study…..…………………46
xi
LIST OF FIGURES
Figure 1: Basic block Diagram for Cloud Computing Environments and Services..…...……10
Figure 2: Companies providing Cloud Computing Services………………………………....14
Figure 3: Useful of different Clouds with the services……………………………………….18
Figure 4: Research Methodology …………………………………………………………….26
Figure 5: Excerpt of the online survey…………………………………………………...…...32
Figure 6: Rating the reasons for shifting to CC....…………………………………………....34
Figure 7: Usage of Cloud Environments………………………………………………….......34
Figure 8: Priority of cloud environments……………………………………………………..35
Figure 9: Rating for the factors of public cloud………………………………………………36
Figure 10: Rating for the factors of private cloud………………………………………….....37
Figure 11: Rating for the factors of hybrid cloud…………………………………………….37
Figure 12: Usage of Cloud Service Models…………………………………………………..38
Figure 13: Rating for IT Services/Applications to be outsourced by Cloud Providers………39
Figure 14: Proposed Cloud model…………………………………………………………....50
1
CHAPTER 1
INTRODUCTION
Cloud computing is the internet-based computing, where users can share resources, information and
software. The recent development of Cloud Computing provides a motivation for organizations to
outsource their Information and Communication Technology infrastructure (ICT). The data centers
required for Cloud Computing are growing exponentially. This work describes how the large scale
organizations like SWedish Armed Forces (SWAF) can use cloud computing effectively by
suggesting them the services and cloud environments with respect to performance, security, cost,
flexibility and functionality.
1.1 Problem Description Cloud Computing plays a vital role in most of the internet based technologies, where we need secure
transmission of data. Cloud Computing is changing the IT architectural solutions which are kept
forward by means of data storage, local networks and software. In cloud computing technology, it is
a challenge to manage security issues, high performance and to have different functionalities for
cloud environments. It is also a challenge to provide a cloud service with high security, affordable
cost, and high performance. Furthermore, an important decision is which type of cloud environment
could be used (internal, external, hybrid, or community cloud environment) [14].
SWAF is currently using private cloud environment, where the same infrastructures, platforms and
software are placed in all the centers (Ex: Stockholm, Malmö, Enköping, etc.) of SWAF. This leads
to several processors, servers, security and network communication to be maintained by SWAF, thus
resulting high cost. In order to overcome these issues, we are going to suggest a suitable cloud
environment with respect to cost, security, performance, flexibility and functionality. In this work,
we also propose a design of a cloud model for SWAF, which can also be used by other large scale
organizations. With this new model, data and applications in SWAF can be managed and maintained
securely with better performance and functionality.
SWAF is also handling several problems like troubleshooting software, extending the license of the
product, hiring more employees to recover the technical problems, etc. caused by the internal cloud
services. To maintain and manage these services, SWAF needs to have more funding and increased
man power. In order to overcome these issues we have done a literature and empirical study on
different cloud environments (public, private and hybrid cloud) and cloud services (Infrastructure as
a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (PaaS)) and described
different cloud service providers with respect to their properties. In this way, SWAF can consider
one or more services to be outsourced from cloud service providers. The services could be
maintained and managed by the cloud providers securely.
1.2 Related work Much of the focus in this report was the study of different cloud environments such as public cloud,
private cloud and hybrid cloud. Ruan Gaofeng [16] tells how public cloud computing infrastructure
could be used at low cost (is one of the factor used to suggest the cloud environment), low technical
barriers and high diversity with multimedia technology. Lori M. Kaufman [17] explained the security
and privacy issues of public cloud and mentioned that, because of thwart attacks in public clouds,
many of the organizations ultimately need to move the traditional perimeter security approaches to
the private virtual machines. Alexandra Loosup et al. [55] tells that Cloud computing services were
designed to replace the small-to-medium size enterprise data centers; performance wise, workloads
often require High-Performance Computing (HPC) or High-Throughput Computing (HTC)
2
capabilities. Another report on private cloud is described in [21], in which Jingyu Ding proposed a
framework of data center consolidation by comparing the different VPN (Virtual Private Network)
implementation technologies. For national security purposes, Anya Kim et al. [2] had proposed a
national security hybrid cloud architecture that consists of private cloud, public cloud and
community cloud. Sang-Ho Na [22] proposed a generalized security framework for hybrid cloud
computing using hybrid cloud model. A hybrid cloud is composed of online storage (reliable and
secure place to store data), online desktop (access anywhere we can connect to the Internet) and web
based applications (like Google docs) for fast processing and to free up resources when needed.
While designing a new cloud model, the main constraint is the placing of database in particular layer
of the data model. In general, there are three levels of data modeling such as conceptual data model
(identifies the highest-level relationships between the different entities), logical data model (includes
all entities and relationships among them), and physical data model (represents how the model will
be built in the database and shows all table structures, including column name, column data type,
column constraints, primary key, foreign key, and relationships between tables) [78]. Lomet [57] has
proposed an approach, where the storing of data in database is done with two layers called as
“transactional component” (works in logical level) and “data component” (works in physical level).
These two components support a record oriented interface that provides atomic operations.
Separating Transactional component functionality from Data component functionality enables cloud
platforms to support transactions with much greater flexibility. Another report presented by Hassan
Takabi et al. [3] gives an overview of cloud computing and its features with their security
implications. They discussed some of the security threats and proposed a security framework for
cloud computing environments.
Ramgovind et al. [1] describes the different types of clouds, services (IaaS, SaaS, PaaS) and the
security concerns that should be properly addressed and managed. By comparing the cloud models
and delivery models with respect to cost, performance, functionality and security requirements, the
vendors and organizations become more confident in promoting highly protected safe cloud
framework. Zhibin Chen et al. [4] have discussed security issues and defined a solution to encrypt
the data and make it secured. Rather than acquiring and managing own physical infrastructure, a
community defines a virtual Information and Communication Technology (ICT) infrastructure, by
instantiating and interconnecting virtual machines (VMs) defined from a small set of standards.
While using internal cloud services of the organization, servers and memory systems are almost
always purchased to meet projected capacity needs, not current needs. At last, an ample percentage
of acquired resources are always wasted until the company grows into them [56]. Instead,
outsourcing infrastructure enables IT departments to focus on strategic ideas that add value and
create competitive advantage, rather than getting delayed in the daily information of managing
servers. As a result this provides greater flexibility while outsourcing the services.
In the above related literature, authors had explained about specific cloud environment with specific
factor and about the developed framework in particular cloud environment. In this thesis, cloud
environments and cloud services will be explained with all the factors such as cost, security,
performance, functionality and flexibility. Based on this description we will be deciding the suitable
cloud environment for SWAF.
1.3 Objective The main goal of our project is to suggest a suitable cloud environment and services for the large
scale organization, here we have chosen SWedish Armed Forces (SWAF) by considering the
requirements (performance, security, cost, flexibility and functionality) given by SWAF and to do a
detailed study on cloud environments and cloud services.
3
Sub goal 1: Suggest a suitable cloud environment (Public cloud, Private cloud and Hybrid cloud).
Sub goal 2: Suggest the suitable cloud services (IaaS, PaaS, and SaaS).
Sub goal 3: Propose a new cloud model to substitute the existing model, after identifying the above
cloud environments and services.
1.4 Motivation For SWAF, it is needed to have a suitable cloud environment and a model to implement this cloud
environment. By doing this research we would propose a secure computing environment by
considering all the requirements for large amount of computing and storage data for SWAF.
1.5 Research Question RQ 1: Which environment (public cloud, private cloud and hybrid cloud) would be suitable
for SWAF with respect to performance, security, cost, flexibility and functionality?
RQ 2: How the services Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS),
Platform-as-a-Service (PaaS) could be used and how these services could be firmly
integrated with the suggested cloud environment by SWAF?
[Note: Above RQ1 and RQ2 are suggested by SWAF, apart from that we will also
make a study on other cloud environments]
1.6 Expected Results
The expected results of our research will be a suitable cloud environment and cloud services that will
be suggested to SWAF. This solution will be derived by performing the literature study and
empirical study (from survey and interview). After analyzing the statistic results of empirical study,
literature study and getting the requirements from SWAF, a proposal of a cloud model for SWAF
will be designed to satisfy the requirements of affordable cost, greater performance, higher flexibility
and functionality.
1.7 Contribution During this thesis we made our contribution,
By presenting a literature study (section 3.8) on various cloud environments and services,
large organizations like SWAF can be aware of those concepts. This study helped us to
integrate the findings for designing the new cloud model. During our literature study we had
enough number of articles, which motivated to do our literature work. From that we have
gathered a lot of information about cloud environment, services, applications, service
providers, cloud architecture and cloud management. Among several articles we have found
one article discussing about the cloud environment related to defense. To be specific, the
article on “Security and Architectural Issues for National Security Cloud Computing” [2] tells
how the cloud computing can be used for large organizations by having a secure hybrid
cloud architecture that consists of private cloud, public cloud and community cloud. But here
in our research we have studied on cloud environments, cloud services, service providers and
4
about the security requirements; also we have compared all the different environments and
services related to the given requirements with suitable examples.
By doing the survey and interview we will identify the suitable cloud environment and cloud
services, this also answers the first research question. Several surveys and interviews are
taken on cloud computing in order to manage cloud environment, cloud services and other
services. But there is no survey/ interview, which contains the information about the usage of
cloud environments, reason for shifting to cloud environment from this existing environment,
priority of choosing Cloud Environments, selection of SPI (Software, Platform, and
Infrastructure) model and about the outsourcing of IT services/applications. But, all the above
mentioned information is discussed in our empirical study. This gives a suitable solution to
choose the cloud environment and services with respect to performance, security, cost,
functionality and flexibility for SWAF. This empirical study can also be applied for other
organizations those who use/not use cloud computing.
By presenting the possible solution to the problem given by SWAF. After making it clear
they can make use of those suggested cloud environment and services at their place. This
solution can also be used for the other large scale organizations, those who were planning to
shift their current environment into cloud.
By presenting a new cloud model, provides possible solution to a problem related to the
research question. We can also use this proposed cloud model to other large scale
organizations that have same or less requirements as SWAF.
1.8 Outline of Thesis
Chapter 2 describes the context of master thesis project, problems in the present environment and
about the requirements/inputs given by the SWAF.
Chapter 3 describes the theoretical background of CC, and the different kinds of cloud environments
and services. We also describe the benefits and limitations of CC and different cloud environments
are compared to each other.
Chapter 4 explains the research methodology is used in this thesis and the reason why those specific
research methods are selected. The process of survey and interview are also explained.
Chapter 5 explains the results of survey and interviews which we had conducted with several
organizations, which is followed by the analysis of the results and a suggestion of a suitable cloud
environment.
Chapter 6 describes the specifications and analysis of the model designed in the suggested cloud
environment. And also discusses about the suggestions given by SWAF for improving the designed
model.
Chapter 7 presents the conclusion, results and future work of our research thesis.
5
CHAPTER 2
CONTEXT OF THE MASTER THESIS PROJECT
The first part of this chapter contains general information about the company and their contexts. The
second part describes the research work done at the organization and about how the thesis topic has
been selected. The third part describes the problems in the present environment. The fourth part
describes the requirements given by SWAF.
2.1 About SWAF Cloud computing is a vast area, where it is used at profit/non-profit organizations, government,
health care, defense, hospitals, businesses and for commercial(iCloud) use to store music, videos,
photos, applications, documents. Among those places defense is a fascinating area, where SWAF
officials are looking to move away from its decentralized network of computer servers and data
centers into “cloud computing”. By start doing the research for SWAF, will also help to make use for
other large scale organizations.
The SWedish Armed Forces (SWAF) is a Swedish government agency, responsible for the operation
of the armed force of the realm; they are one of the biggest authorities in Sweden and are headed by
a supreme commander [40]. SWAF is allocated an annual budget of about SEK 40 billion to perform
its responsibilities. Around half of this goes to unit operations and the rest to research, development
and the purchasing of new materials systems [41]. FMKE (FörsvarsMaktens enhet för
konceptutveckling) is located at the Armed Forces development center in Enköping but receive their
assignments directly from the Headquarters. The company details of SWAF are explained in the
following sub sections, by complying the guidelines from [81].
2.1.1 Product
Product is the software system developed with help of the object study. In SWAF, there is no in
house development process. They just buy and outsource the software and services from different
service providers.
2.1.2 Process
SWAF is a large scale organization, where several processes are undertaken and dispatched by
themselves. The authors of this report have been informed about the existing cloud environment,
while they have not been informed about the cloud model used at the company because of security
reasons. Currently company makes use of private cloud for the telephony calls, emails, and several
different software systems to communicate with their peer users. They are maintaining and managing
all the services inside their organization.
SWAF are maintaining and managing some of the services (like logistics, Payroll, Human resource,
Supply chain management, Accounting and finance, installations of needed licensed software)
internally. Because of maintaining/managing the larger infrastructure inside their organization, they
have some problems in terms of cost; man power (with more technical support) and flexibility.
However the services are provided from service providers, SWAF will have their own security
features. Now, all the information has been placed within the firewalls. The Logistics is maintained
with separate branch of technicians. At present, all the services had been centralized (maintenance
and installations) by SWAF in the internal cloud.
6
2.1.3 Practices
Practices context describes the systematic approaches that are used in the organizations and also the
tools and techniques which are used for the development. SWAF, do not develop software or using
the CASE tools, practices, and techniques in their organization.
2.1.4 People
There are about 20000 employees working in the Swedish Armed Forces, and their units consist of
500-1000 people of which about 75 plus of employees working with IT administration. SWAF have
many camps, canton and branches at Afghanistan, Kosovo and other countries (names are not
specified because of some security reasons), the work of IT administration with these countries are of
telecommunication and exchanging data. They manipulate all these data through the internal cloud.
2.1.5 Organization
The organization model describes how the company is organized. Here SWAF works on several
units like Mechanized unit, Cavalry unit, Artillery unit, Air defense unit, Command and Control
Unit, Engineer unit, Logistics unit, CBRN units, where all these units are connected to IT
administration for different kind of works. All these units are operated both in Sweden and abroad.
2.2 Selection of Topic In three occasions we interviewed the external supervisor of SWAF at Malmo University. In the first
interview we were discussing the primary tasks of SWAF and the interviewee was telling that how
they organize, train, and deploy military forces, domestically and internationally. The interviewee
described the different research projects in which SWAF is involved, SWAF were undergoing
several research under different topics like, Communication Security, Virtualization, Mobility, Web
Security, IAM-AC (Identification Authentication Management, Access Control), MMI/MCI (Man-
Machine/ Computer Interaction), Password Management, Automation, Logging, Market analysis,
Security Management, INFO War, Data media UPS (Uninterruptable power supply), Cloud
Computing, Risk Management, Cyber Security, Social media, Interoperability, Awareness,
Information assessment, Information Quality, IT administration, Security Architecture/Design,
Communication between security domains, Business Intelligence and more.
And another project is undergoing that is, PRIO by IBM. By this project they can maintain the
Working time, payments, travelling etc. For these services SWAF will be getting the applications,
infrastructure, and help-desk from IBM. Thus all these above topics have several research works
with different research question. These research works are carried out by the Researchers of SWAF
and from the students of various universities in Sweden.
After looking over the given topics we decided to choose Cloud Computing, where we have good
study background and also taking into consideration that this topic could be related to our Master‟s
Program. In general Cloud Computing is a broad/vast topic; it provides computation, software, data
access, storage and services. On cloud computing many research works are undergoing for SWAF,
among those works we were assigned for evaluating different cloud environments and services with
respect to the requirements. The requirements are explained in the following,
2.3 Problems in the present environment Then in the second interview we collected information about the problems at SWAF. SWAF is a
large scale organization, where several processes are undertaken and dispatched by themselves. We
got the information about the existing cloud environment and the services to be outsourced, but not
the cloud model because of some security reasons. Currently SWAF are using private cloud for
communication, where both sensitive and non-sensitive Information are located in the internal cloud.
7
Also they are maintaining and managing all the services inside their organization. They are having
25 to 30 data-centers located in Sweden. Most of the local data centers are moving to central places.
SWAF is also handling with other problems like troubleshooting software, extending the license of
the product, hiring more employees to recover the technical problems, etc. caused by the internal
cloud services. In the existing cloud environment, SWAF had a specific functionality but they
require in-sourcing (Finance, ERP and Human Resource) and outsourcing (email, conferencing,
social media and travel) functionality in one cloud environment.
This following table describes the problems of current cloud environment (private cloud),
input/requirements and motivation for selecting the requirement.
TABLE 1: Classification of Requirements/Problem/Motivation PROBLEM INPUT/ REQUIREMENT MOTIVATION
The cost of maintaining the
current cloud environment at
SWAF is too high.
AFFORDABLE COST
To reduce the cost of
computing and maintenance
by selecting a suitable cloud
environment, and services for
the available resource.
Maintaining the security for
data exchanging and while
communicating through
network is low when it is
outsourced; in current cloud
environment at SWAF.
HIGH SECURITY
To have good security for
exchanging data and network
communications while it‟s
outsourced to other
organizations.
Performance of the current
cloud environment is low
because the users have some
problems with hardware and
services that are handled by
the users at SWAF.
HIGH PERFORMANCE
To have high performance in
order to execute all the
security devices and cloud
services effectively
Flexibility is less in the
current cloud environment
where SWAF can use the
available services only in
private cloud environment
GREATER FLEXIBLITY
To have greater flexibility in
order to communicate easily
with all the cloud services and
cloud environments
There are few functionalities
like finance, payroll and
Human Resource are present
in the current private cloud
environment.
GREATER FUNCTIONALITY
To have greater functionality
for enhancing many capable
applications to the suggested
cloud environment.
2.4 Requirements of SWAF Then during the third interview we collected the requirements for suggesting the cloud environment
and services. Currently SWAF is using Private cloud; there are some problems (table1) like hardware
maintenance, cost issues, and flexibility in the environment. In order to overcome those problems
SWAF has given requirements (like High Performance, High Security, Affordable Cost, Greater
Flexibility and More functionality) for suggesting a suitable cloud environment for their
organization.
8
REQ1: To decrease the cost of maintenance of the cloud environment compared to the actual
maintenance cost
REQ2: The security of the cloud environment shall not degrade if the company changes to
the new cloud model and outsource services.
REQ3: The cloud model shall have higher performance when outsourcing the services,
compared to the performance of the current cloud model. This can be done by outsourcing
high speed processors for the computer systems.
REQ4: The cloud model shall offer more functionalities compared to the model used today,
for instance by archiving information, backing up functions and by allowing local data to
replicate a public cloud.
REQ5: The cloud model shall offer higher flexibility compared to the flexibility offered with
the actual cloud model. This can be done by outsourcing the infrastructure, instead of
managing and monitoring the services inside the organization.
However the services are provided from service providers (section 2.3), SWAF will have their own
security features. Now, all the information is placed within the firewalls. The Logistics is maintained
with separate branch of technicians. At present, in the private cloud everything had been centralized
(maintained and installed) by SWAF. External Advisor specified that, SWAF wants public net,
restricted net (private), security net in one server which is maintained by SWAF users. They have
also asked to implement the VPN tunnels (see chapter 2.2) in our new proposed system. The
following characteristics are listed for selecting the CC-environment such as, Conceptional
characteristic – service oriented, Economic characteristic – pay-per-use model, where the user can
pay for processing, storage and network on their usage, Virtualization and Security characteristics
9
CHAPTER 3
THEORETICAL BACKGROUND
This chapter describes the definitions of cloud computing (under section 3.1.1), it explains the
different types of cloud environments (such as public, private, hybrid and community clouds, see
section 3.1.2, 3.1.3, 3.1.4, 3.1.5), cloud services (IaaS, PaaS and SaaS) under section 3.3 and VPN
tunnels (for connecting to a private local area network at remote location) which is used for security
purpose. VPN tunnels are used to connect the systems located in remote or local area through a
secured communication. VPN tunnels are described in this chapter (see section 3.2) because it will
be used in our proposal of cloud architecture, in chapter 5. In section 3.3.4 properties of cloud
services are explained briefly and different cloud providers (like Amazon Web Services, GoGrid and
more) are compared with the properties of cloud services. Thereafter, different cloud environments
are compared (see section 3.4); benefits and limitations of CC are listed (see sections 3.5 and 3.6).
3.1 Introduction to Cloud Computing
Cloud Computing delivers services dynamically over the internet. Storage, Operating system,
Hardware, Software and other resources helps in keeping the company‟s IT budget to bare minimum
cost [15]. CC also refers to both the applications delivered as services over internet and the hardware
and software systems in the data centers. It provides services like IaaS (Infrastructure as a Service),
SaaS (Software as a Service), and PaaS (Platform as a Service). CC clients have to trust 3rd party
cloud providers on many sides, especially on the availability of cloud service as well as data security.
The main focus of the thesis is on public, private and hybrid clouds. However there is other kind of
cloud environment like community cloud. These models are explained in the following sections.
To summarize, in the cloud deployment model, networking, platform, storage, and software
infrastructure are provided as services that scale up or down depending on the demand. By deciding
which type of Cloud to deploy, SWAF needs to assess different parameters (like cost, flexibility,
security, performance and functionality) from an architectural point of view.
3.1.1 Definitions of cloud computing The data center‟s hardware and software is what we call “cloud”. Cloud computing is a new model
of computer infrastructure and application services. CC has gained rapid improvement on a global
scale. A cloud offers customers the ability to start businesses without having to pay huge upfront
capital expenses to the services provided by different cloud providers [17]. Major Service providers
in this field are Amazon's EC2 [8], IBM's Smart Business cloud offerings [10], Microsoft's Azure
[11], and Google's AppEngine [9]. There are many definitions of CC given by cloud experts and
organizations, such as the following,
“Gartner”- Cloud computing is a style of computing where massively scalable IT-related
capabilities are provided as a service across the Internet to multiple external customers [51].
“IBM” - A cloud computing platform dynamically provides, configures, reconfigures, and
deprivations servers as needed. Cloud applications use large data centers and powerful servers that
host web applications and web services [52].
“Wikipedia” - A style of computing in which dynamically scalable and often virtualized resources
are provided as a service over the Internet [53].
“451 Group”- The cloud is IT as a service, delivered by IT resources that are independent of location
[54].
10
“National Institute of Standards and Technology” - A model for enabling convenient, on-demand
network access to a shared pool of configurable computing resources (e.g., networks, servers,
storage, applications and services) that can be rapidly provisioned and released with minimal
management effort or service provider interaction [2].
In this section, we describe the benefits of cloud computing, that is, the application of cloud
computing for SWAF by analyzing the work done by the U.S military cloud environment. Their
cloud computing definition is much broader, which only refers to “the use of cloud computing
technology and techniques for the support of localized and short-lived information access and
processing requirements” [12]. They concentrates on cloud computing in a military environment,
supporting series of tasks and/or engagements in real-time within a tight Observe, Orient, Decide,
and Act (OODA) loop [18]. Cloud computing will also be valuable to use in the military operational
and strategic level defense processes, but the environment‟s special limitations and constraints pose a
more difficult problem requiring special consideration.
The following figure 1 shows the basic blocks for computing the cloud environment and services.
They have three delivery models (Cloud Infrastructure as a Service (IaaS), Cloud Platform as a
Service (PaaS), and Cloud Software as a Service (SaaS), and four deployment models Private cloud,
Public Cloud, and Hybrid Cloud and Community cloud computing.
Figure 1: Basic block for Cloud Computing environment and services
Cloud computing builds on the advancements in virtualization technology, grid computing, SOA
(Service Oriented Architecture) and web services technologies. Apart from proposing a design model
we need to evaluate how cloud computing can increase the effectiveness of the military missions.
This evaluation may be done by collecting relevant data from different environments and comparing
with each other, then proposing a suitable infrastructure and deployment model for SWAF.
11
3.1.2 Public cloud Public cloud (which is also called external cloud) allows users to access the cloud via interfaces.
Public clouds are less secure than the other cloud models and one has to ensure that all applications
and data accessed on the public cloud are not subjected to malicious attacks [1]. Performance is one
of the main concern in public cloud computing. Key issues when subscribing to a public cloud is that
we have little control over the public cloud architecture, performance (which can be variable -
capable to change) [58] and sharing resources compared to other cloud environments. By using
public cloud we can avoid the costs of building and maintaining a private storage infrastructure,
opting instead to pay a service provider for the services which are accessed by the users. This feature
enables a greater functionality by providing the benefits of availability (access data from anywhere)
and reliability (not to worry about the backup of data).
Ruan Gaofeng [16] tells how public cloud computing infrastructure could be used at low cost, low
technical barriers and high diversity with Multimedia technology and concludes that by achieving
“the resources and procedures storing and running on cloud share the same human-computer
interaction interface” and this approach is clearly more flexible to achieve, it is easier and cheaper.
Public-cloud providers typically provide the environment; applying traditional perimeter-security
approaches will increase their potential for exploitation. Due to thwart attacks in public clouds [17],
we need to move the security from the edge of the public cloud to the Virtual Machines. The public
cloud offers user access via the Internet, and cloud subscribers perform administrative activities
(knowledge management, e-record service, payroll, accounting and finance, human resource, and
project management) in this environment. This paradigm in itself introduces security risks because
this remote access provides exposure to potential cyber attackers. Although these vulnerabilities
increase the threat space, other concerns pose an equal, if not greater, security threat. For instance, in
public Cloud organizations no need to pay a large upfront cost (e.g., for hardware purchase) before
launching services, or over-provision to accommodate future or peak demand. Instead, the cloud‟s
pay-as-you-go charging model enables the customer to pay for what he/she actually uses and
promises to scale with demand [19].
3.1.3 Private Cloud A private cloud (which is also called internal cloud) is set up within an organization‟s internal project
datacenter. Private computing is easier to align with security, compliance, and a regulatory
requirement, compared to other cloud environments, and provides more enterprise control over
deployment and use. In private cloud computing the performance levels of the application services
such as Windows Azure, Office 365, Xbox Live and Bing services can be optimized. This benefit of
Private cloud can be useful to every IT environment and has the new features like processing
troubleshooting, immediate deployment and general visibility of the services [59].
Private cloud computing is used by many organizations. Private small-cloud computing is based on
three concepts: small clusters, virtualization, and general graphics processor. Private cloud can be
replaced instead of cluster computing, grid computing and distributed computing to avoid the high
cost of data delivery [20]. Jingyu Ding [21] proposed a framework of data center consolidation by
comparing the different VPN implementation technologies. This cloud infrastructure is owned or
leased by a single organization and is operated solely for that organization. Here the Private cloud is
composed by two types of resources: the resource manager and the network resource manager. These
resources extend private cloud to enterprise cloud computing (is a controlled, internal place that
offers the rapid and flexible provisioning of compute power, storage, software, and security services
by meeting the organization requirements) by adding virtual private computing and virtual private
network resource [79]. Where the virtual private computing is mostly kept in public cloud companies
and virtual private computing resources are connected securely to the enterprise infrastructure via
virtual private network provided by telecom carriers.
12
High Scalability and Flexibility for Private Cloud Computing are provided by Eucalyptus 2.0
(infrastructure software that enables organizations to deploy scalable private and hybrid cloud
computing environments within a secure IT infrastructure) [60]. Amazon extends the functionality of
private cloud by widening the networking options and allows customers to specify which of their
VPC (Virtual Private Cloud) resources they wish to access directly through the Internet [61].
3.1.4 Hybrid Cloud In the hybrid cloud (which is also called personal cloud), scalable resources and virtual application
provide virtual IT solutions through a mix of both public and private clouds. Hybrid Clouds provide
more secure control for data and applications and allow various parties to access information over
the Internet. It also has an open environment that allows to interfaces with other management system.
Hybrid cloud makes the customers agree to a viable and cost-saving methodology to make a great
use of public cloud services along with their private cloud services. The cost factors are measured by
considering the bandwidth, storage, power, cooling, physical plant, and operations of the
organization [62].
The composition of two or more clouds in which one has to be public and another has to be private
cloud (private, public or community) is called Hybrid cloud. Most of the users believe that personal
clouds are private clouds. But a Personal Cloud is the hybrid deployment model that combines a
private cloud and a public cloud [22]. Sang-Ho Na proposed a generalized security framework for
personal cloud computing using personal cloud model. Personal cloud is of online storage (which is a
reliable and secure place to store data), online desktop (which allows access anywhere we can
connect to the Internet) and web based applications (Google docs). These connections free up
resources and processing power.
In this environment the performance will be neutral while accessing the applications and services.
Also the hybrid cloud exploits flexibility in the organization, as it can be a composition and
combination of at least one private cloud and at least one public cloud. This environment provides
more prominent functionality by archiving information, backup functions and allowing local data to
be replicated to a public cloud.
Many organizations and Defense departments are using hybrid cloud which consisting of private and
public clouds. For national security purposes, Anya Kim et al. [2] had proposed a national security
hybrid cloud architecture that consists of private clouds for sensitive, non-shared information; public
clouds for information gathering, dissemination of public information; community clouds for
information sharing and collaboration needs. And Anya Kim discussed private and public clouds, but
focus here is on national security community clouds, the security requirements and features of
community cloud.
3.1.5 Community Cloud A Community Cloud is not open to the general public; it is available only to the followed members
of a community, it can be set up where the organization has similar requirement at all their branches
and for sharing their infrastructures. Community Cloud Computing has the advantage of no control
of vendors in Cloud Computing. Compared to other cloud, Community Cloud is as much a social
structure as a technology paradigm, because of the community ownership of the infrastructure [43].
An example is Wikipedia adopts Community CC; it would be dispersed throughout the Community
Cloud alongside other services, which in this environment can be as simple as a webpage or
complex. Examples of complicated tasks, such as editing a Wikipedia page, will require an update to
the distributed storage of the Community Cloud, achieved by transmitting the new data through its
network of nodes, most likely resulting in an eventual consistency mode. We can secure the
13
community cloud by using Virtual Interacting Network Community (Vinci) [46]. Vinci is a software
architecture that aims to increase the shared applications to be secured on a cloud. Vinci architecture
exploits multi-core processors and virtualization to share in a secure way an ICT infrastructure
among users with distinct trust levels and reliability requirements. Vinci partitions users into several
communities, according to the user privileges and to the trust level of the applications the user
executes. For each community, Vinci defines a distinct security policy for accessing the resources.
Instead of acquiring and managing own physical infrastructure, a community defines a virtual
Information and communication Technology (ICT) infrastructure. Vinci includes template to run
user applications protect shared resources and control traffic among communities to filter out
malware or distributed attacks, each of these templates are related to a specific application or system
functionality.
Community cloud computing do not consider the monetary cost when accessing resources, it is made
in a pay-as-you-go manner [45]. When a service is needed to fulfill a request, even without proper
instantiation on a suitable node, a copy should be retrieved from the repository and instantiated as
needed. This allows for flexible responsiveness and resilience to irregular traffic spikes (a transient
variation) [43]. Community cloud-based applications and resources can reduce costs, improve
performance, ease troubleshooting, and enhance privacy and control [63]. Community clouds have a
significant performance over the public cloud by providing their associates with both high-
performance bandwidth and latency.
Community cloud is a resources community formed by services, hardware resources and other
network resources for organizations such as enterprises and institutions. Community cloud users can
easily use the services of resources from different members, without knowing the specific location
where the service is running [45]. Community Clouds will probably require more bandwidth than
vendor Clouds (such as Google, Amazon and Microsoft), but can take advantage of the ever-
increasing bandwidth and deployment of broadband.
3.2 VPN Tunnels The study of VPN Tunnels is made in this section because it is used to gather the security
requirements for designing new cloud model with different cloud environments and services, in
chapter 5.
A Virtual Private Network (VPN) is a private network on a public network infrastructure (Internet).
We can use VPN connectivity for connecting to a private local area network at remote location. It is
frequently used in the organization with remote offices to share network resources and private data.
A VPN can be a good security solution for a large company; especially its IT department can
preinstall VPN clients on the employees‟ laptops. The VPN secures the network connections from
the laptops all the way to the VPN server on the company network.
The basic building block of VPN is the tunnel. “VPN tunnels are often used to connect employees to
their organizations intranet. One end of the tunnel is a VPN software client on the employee‟s laptop
while the other end is the VPN server software running on the organizations computer” [49]. Secure
socket layer (SSL) VPN is a secure remote access solution based on SSL [47] protocol, and performs
rapidly. SSL tunnel is the overlay networking facility for creating a SSL VPN on top of existing
Internet or IP based network. The key factor of using VPN is for minimizing the cost [48].
3.3 Cloud services Cloud computing is an on demand service. The client just need to have a computer and internet
access, everything from services to the maintenance of the services are managed by the provider.
Cloud computing has new services which provides benefits, such as cost reduction, high availability,
14
scalability, fault-tolerance capability and so on. The cloud computing services involves three roles,
such as
Cloud provider - Some organizations (like Amazon) [30] rent or lease the resources like
storage, servers, etc. for their needs, such organizations are known as cloud providers.
Service provider or cloud consumer - The organizations who rent these resources become
cloud consumer and some of the organizations will build applications based on the rented
resources which further offer different services to end users, then they are known as service
providers.
Service consumer - The end user using the services are known as service consumer.
There are many services that are provided by cloud computing providers, such as Infrastructure as a
Service (IaaS), Network as a Service (NaaS), Platform as a Service (PaaS), Data as a Service (DaaS)
and Software as a Service (SaaS). These services are further divided into three levels, such as
hardware level - IaaS, NaaS; application level – DaaS, SaaS and system level - PaaS. There are many
companies like Google, Amazon EC2, salesforce.com and many more that provide the services of
cloud computing.
Figure 2: Example of Companies providing Cloud Computing Services [38]
In this thesis, we had selected three services such as Infrastructure as a Service (IaaS), Platform as a
Service (PaaS) and Software as a Service (SaaS) which are mostly used by different organizations
and could also be used by SWAF. While computing the cloud, SaaS is broadly used when compared
to PaaS, DaaS and NaaS. Network as a Service is a more recent term, originally used in the IT and
cloud computing context but now being increasingly applied in the mobile world. As SWAF is a
defense organization, it could be difficult to maintain the entire infrastructure and to build the
software applications on different platforms as needed to SWAF. By outsourcing the IaaS, SaaS and
PaaS to different IT organizations like Microsoft, IBM and more, SWAF can reduce the technical
work and cost. DaaS is not mostly considered because the service providers offering SaaS are also
offering a layer known as DaaS. Like example, providers such as Salesforce.com, which offer CRM
Software-as-a Services (SaaS), over the internet, have been building out their own cloud platform to
offer new services including a new DaaS layer called Database.com and other emerging platforms
15
are designed to allow apps to run natively on any device. Apart from that SWAF are having their
own data center in Sweden, also they are having their own localized database at all their branches
with database managing and monitoring group. Whether it is a sensitive or non-sensitive data they
want to maintain their data by themselves. In figure 2, we can see some companies which use the
above mentioned cloud computing services for the organizations.
3.3.1 Infrastructure as a Service (IaaS) Infrastructure as a service is an IT solution which tackles the hardware concerns (like reducing
infrastructure cost, maintenance of different resources and security) of an organization. IaaS is the
delivery of computer hardware as a service. It is a one of the cloud layer in CC which minimizes the
need for investments in computing hardware components like servers, storage capacity, memory
capacity, network, load balancing, firewalls and so on. It is characterized by the concept of resource
virtualization which allows customers to deploy and run their own guest operating system on top of
the virtualization software offered by the provider [23]. Virtualization meaning is that the user or
consumer can select a configuration of CPU, memory and storage which could be optimal for their
application. There are many companies that provide infrastructure as a service such as Amazon EC2,
Mosso, Sun, VMware, etc.
Advantage and Disadvantage
The advantage of infrastructure-as-a-service is that companies can access the expensive data center
resources by a rental arrangement and do not need to worry in managing, replacement of disk drives
and networking issues. The disadvantage of IaaS is there is less granular on-demand expandability of
the resource (organizations cannot instantly increase the resources like storage, memory and more).
Some of the providers of Infrastructure-as-a-service are briefly explained, such as Amazon and
GoGrid [75].
Amazon Web Services
Amazon Web Services (AWS) provides the infrastructure web services platform in the cloud to
different organizations. Some of the infrastructure services offered by amazon are: Amazon
CloudFront – it is a web service that provides a high performance and delivers the content globally;
Amazon EC2 (Elastic Compute cloud) – provides the computing capacity; Amazon SimpleDB
(Database); Amazon S3 (Simple Storage Service); Amazon VPD (Virtual Private Cloud) – these are
secure and seamless bridge between a company‟s existing IT infrastructure and AWS cloud.
Examples of services offered to different organizations by AWS are the following: a pharmaceutical
company can rent computing power to execute large-scale simulations, Media Company can serve
unlimited videos and music, an enterprise can deploy bandwidth-consuming services, an e-commerce
web site can be developed without any difficulty and more examples are found in [29]. By using
AWS, companies or IT developers have some benefits like; cost effectiveness, scalable, flexible, and
secure. But for AWS they is no service level agreements (SLA‟s), it is only of instance service.
Among the benefits, security is the important issue for all cloud service providers. In AWS, each
service as different layers of security in which all the data of the customers could be more secured in
all service offerings mentioned above. Amazon EC2 has multilevel security strategies, like security
for host operating system, security for virtual instance or guest operating system, security for a
firewall and network communication [25].
GoGrid
GoGrid [31] is the Infrastructure-as-a-service provider which manages the IT infrastructure, data
centers – it shares power, cooling, security, fire suppression infrastructure with different version and
2 Megawatt generators. It provides the hosting services with secure and reliable cloud platform for
the customers, who can deploy and manage the existing or new applications on servers. It provides
infrastructure components like, cloud storage, cloud servers, dedicated servers and load balance
16
between servers for organizations or enterprises on on-demand access. Organizations or customers
can manage and operate the infrastructure services of GoGrid through web-based interface or
Application Programming Interfaces (APIs). GoGrid [31] is not responsible for any physical access
or copies of software, data or content stored on GoGrid system by third parties, so the level of
security and privacy is very low. When compared to Amazon EC2, GoGrid provides service on
Service Level Agreements (SLA‟s) to the customers and it is less secured than Amazon EC2.
3.3.2 Platform as a Service (PaaS) Platform as a service is the delivery of a computing platform and solution stack as a service without
software downloads or installation for developers, IT managers or end users [24]. It provides self-
contained platforms with all the resources that are needed for application development and
operational hosting. There are some major features of platform as a service that should be delivered
by the service providers in PaaS, such as design, development, deployment, integration, storage and
operations. Some of the platform provider‟s will provide with full stack including an operating
system, programming language, security, storage, version control, collaborative tools and tools to
build web interaction. The companies that provide platform-as-a-service are for example Microsoft,
Google App Engine, Force.com and Engine Yard.
Advantage and Disadvantage
The advantage [75] of platform-as-a-service is that companies or users can access a complete
enterprise development environment at a low cost and build applications. The disadvantage [37] is
that many of the platform-as-a-service providers purchase proprietary programming language (the
programming language owned by the particular service provider) and interfaces, so once the
application is there it may be difficult to move it to an on-premise server (server within the
organization) or another PaaS provider. Some of the providers of platform-as-services are briefly
explained, such as Google App Engine and Window Azure.
Google App Engine
Google App Engine [10] provides platform as a service, that lets the users or customers to run web
application on Google‟s infrastructure, in which applications are easy to build and maintain. There is
no need to maintain servers, only upload the applications to app Engine and starts to serve the users.
Google App Engine supports applications written in several programming languages like, Java
technologies using Java Virtual Machine (JVM), Java servlets and any other language using JVM-
based interpreter such as JavaScript or Ruby and also Python interpreter. All the applications that are
built on App Engine [10] are run in a secure and reliable environment. Google App Engine uses
sandbox for security for separating the running programs from third party or untrusted users.
Sandbox is a computer security mechanism for separating running programs and is used to execute
untrusted programs from unverified third-parties and untrusted users.
Windows Azure
Windows Azure is a Microsoft cloud computing platform. It is a cloud service operating system and
flexible platform that provides the developers to build, manage and store the application and run it on
Microsoft data centers [11]. It supports popular standards, protocols and languages including Simple
Object Access Protocol (SOAP) – it is a simple XML based protocol which lets the applications to
exchange the structure information over (HTTP) [71]; Representational State Transfer (REST) – it is
a software architecture for distributed hypermedia systems such as World Wide Web (WWW) [72],
eXtensible Markup Language (XML) – is used to transport and store data, Java – programming
language; Hypertext Preprocessor (PHP) – it is a general purpose scripting language that is especially
suited for web development [73]; and Ruby – it is a dynamic, interpreted and open source
programming language [74]. In Windows Azure, servers will be behind firewalls to keep the service
17
and data in a secured state. Some of the benefits of Azure are agility, efficiency, simplicity and
trustworthy [11].
3.3.3 Software as a Service (SaaS) The first implementation in cloud services was software-as-a-service. It is a multi-tenant platform
and it is also knows as software on demand. It is an application hosted on a remote server which is
accessed through Internet and is a low-cost way for businesses to have specialized software that
multiple users can operate. It is also a model of software, where a provider licenses an application to
customers as pay-per-use model [25]. SaaS runs on the hardware from the licensor or somewhere in
the cloud and provides the maintenance, installation and management of the software. We can also
say it is a software application functionality offered/consumed over the internet with minimal or no
software installation that is required to access. Some of the providers of SaaS are Force.com, AT&T,
and Media Temple and so on; most of these organizations provide hosting services.
Table 2 explains the difference between traditional packaged software and software as a service.
Table 2: Comparison between Traditional software and software as a service [77] Traditional software (Perpetual licensing) Software as a Service (SaaS)
Traditional software licensing, which
involves the organizations purchasing a
perpetual use of license from the software
publisher and then making additional
investments for hardware, installation, and
maintenance.
SaaS is a service, which organizations buy a
subscription to the software from service
provider and the software provider runs and
maintains the software on the provider‟s
hardware.
Software upgrades will be done depending
upon the organization usage and expenses.
Upgrades where done automatically by the
service provider.
In traditional software, the data will be
secured within the organizations.
In SaaS, data security is an issue because
organizations or users data are stored on the
service provider‟s hardware and systems.
Repeatable functionality via web services,
open API‟s and standard connectors.
Use open API‟s and web services to facilitate
integration.
Advantage and Disadvantage
An advantage of SaaS is that it has the ability to leverage an application without having to buy and
install the software. The disadvantage is that, the security burden falls on the hosting company
(service provider). So, the organizations should trust the service providers to properly secure the
servers on which the virtualized applications runs and the firewall controlling network security [75].
Salesforce.com
Salesforce is an organization that delivers software as a service. Salesforce [35] has a multi-tenant
architecture (it provides both PaaS and SaaS) that each user‟s private source code is stored in a
separate container (it has several containers maintained by sales force for different users) and is
isolated from the others containers. The servers are hosted, managed and maintained by the sales
force. It also includes capabilities such as middleware, security, database management, performance
management and monitoring. It provides integration of a set of standardized web services APIs that
enable the applications to have a common approach to access the information from one application to
another. Salesforce is also a partner for Platform-as-a-Service known as Force.com.
18
Figure 3: Usefulness of different Cloud with the services [39]
Figure 3 presents the transition services and tools, different applications like test and development,
financial, collaboration and many more with different cloud services such as SaaS, PaaS and IaaS.
The cloud environments are preferred according to the applications and also have security and
compliance services maintained by cloud providers and organizations in private environment.
3.3.4 Properties of cloud computing services CC services have different properties such as scalability, reliability, availability, storage, load
balancing, interoperability and pay-per-use model. Organizations consider all these properties before
outsourcing the service from cloud service provider. This section gives brief information on each
property and compares different service providers with these properties.
Scalability
Scalability is the ability to distribute the work of the application/resources through multiple servers
in order to serve more users. It also means that an application can scale when additional users are
added and when the application requirements change. The ability to scale is achieved by providing
elasticity (which is used to increase and decrease the storage capacity of applications with different
users). In cloud computing services, the service consumer cannot control resources (like memory,
network and so on) which are utilized by the services because the service provider is responsible for
rescaling the resources according to the customer‟s requests [24]. Cloud computing services are
divided into two scalabilities, such as horizontal scalability – in which cloud provides services
through load balancing and application delivery and vertical scalability – related to the resources
used by the organizations [25].
Reliability
Reliability is a measure of fault tolerance. Cloud vendors offer specialized hardware and software
services in order to deliver higher reliability. The reliability in services can be given to consumers or
users as a service-level-agreement. Service-level-agreement is the contract between the service
provider and service consumer with all the requests of the consumer. In cloud computing, services
are available on internet and can be accessed through web browser.
19
Storage
In cloud computing services, the software, hardware and data centres can be stored, maintained and
managed by the service provider. For example, Amazon web service has Simple Storage Service
(S3) which provides a semi-structured data store with querying capability.
Security
Security is an important issue in cloud computing services. In terms of services, security is important
concern for data, infrastructure and applications of an organization. When the services are provided
by the cloud service providers, the information of organizations are maintained and hosted by the
service provider. Therefore, cloud computing services become more secure by securing the data and
applications of the organizations.
Load Balancing
Load balancing will allow the services to be offered even if there is a failure. They are used to
activate the routing to split the traffic between the multiple servers and failure servers i.e., if one
component becomes non responsive, it is informed to load balancer and it will no longer send traffic
to it. Load balancing [26] not only serves to keep costs low, but also less stress on the
circuits/components and enables other important features such as scalability.
Interoperability
In general, interoperability means the ability of two or more systems to exchange the information and
to be used with the information that has been exchanged. Cloud computing interoperability allows
the applications to be ported between the clouds before the business applications are delivered from
the cloud [27]. To adopt the wider adoption of CC technology and services, the organization named
Cloud Computing Interoperability Forum (CCIF) has formed to enable the interoperability of
applications with different services between the organizations [34].
Pay-per-use Model
Many of the cloud computing services are provided from different service providers as mentioned
above. In the traditional model, the customer pays monthly even the services that were not used
frequently. But, in this pay-per-use model, the customers pay whenever the service is used by the
customer or enterprise.
In table 3, properties of different service providers of cloud computing services are compared [30,
32, 33 and 35] and from these different options we can choose the best provider for SWAF which
meet their requirements (as described in section 2.3).
20
Table 3: Properties and different cloud computing service providers Service Pro-
-viders
Features
Amazon Web
Services
GoGrid Google App
Engine
Windows
Azure
Salesforce.com
Computing
Architecture
Elastic Compute
Cloud (EC2)
Architecture
-Public Cloud
Data Centre
Architecture
which is
designed to
deliver QoS
level for the
exported
services
Google‟s geo-
distributed
Architecture
Internet scale
cloud services
platform hosted
in Microsoft
data centers
-Private cloud
Multitenant
Architecture –
Allowing single
application to
serve many
customers
Service IaaS IaaS PaaS PaaS SaaS
Load Balancing Load Balancing
algorithms used are
Round-robin load
balancing,
HAProxy
F5 load
balancing,
Round robin,
Sticky Session,
Source address
Automatic scaling
and load balancing
Built-in
hardware load
balancing
Load balancing
among tenants
Fault tolerance System will
automatically alert,
failover and re-
sync
Instantly
scalable and
reliable
Managed by App
Engine Cron
Service
If failure occurs,
SQL Data
services will
automatically
begin using
another replica
of containers
Self management
and self tuning
Interoperability Interoperability
among EC2,
Eucalyptus, etc
-Horizontal
interoperability
Committed to
furthering
interoperability
Interoperability
between platforms
and different
programming
languages
Interoperable
platform can be
used to build
new application
from the cloud
Application level
integration
between clouds
Storage Simple storage
Service (S3) and
SimpleDB
Connecting each
server to private
network or
different
protocols to
transfer data to
and from cloud
storage
Proprietary
database
SQL Server
Data Services
(SSDS)
Database stored in
terms of different
fields
Security Type II (SAS70
Type II)
certification,
firewall,X.509
certification
It does not
provide
guarantee of
security
SDC uses
RSA/128bit or
higher AES
CBC/SHA,
Google secure
data connector
STS (Token
Service) creates
Security
Assertion
Markup
Language
SysTrust SAS 70
Type II
Programming
Framework
Amazon Machine
Image (AMI) and
Amazon Map
reduce framework
Its API supports
Java, Python,
Ruby and uses
REST like
Query interfaces
Support Python,
Java, Java Servlet
API, JDO and
JPA
Microsoft .NET Apex language for
database service
and supports
.NET, C#, Java,
C++
3.3.5 Benefits of Cloud Computing Services Now-a-days cloud computing services are increasingly becoming a popular service models for using
the IT resources that are provided by cloud service providers. There are many cloud services like
Iaas, Saas and Paas which have the following benefits: virtualization of IT infrastructure,
minimization of the business expenses by enabling the users to select the applications needed for
organizations, configuration and modification of services, pay-per-use method, reduction of human
work, and finally integration services and change in technology and internet.
21
3.4 Comparison of cloud Environments This section describes the general concept of the requirements such as cost, security, flexibility,
performance and functionality and comparison of four different cloud environments such as public,
private, hybrid and community clouds with the requirements as specified above.
3.4.1 Definition of requirements
Cost: In cloud computing, the cost depends upon the cloud environments used by the organizations.
Cost is an approach to evaluate the overall costs that are associated with conducting the projects of
an organization or business. Generally, based on standard accounting practices [68], cost accounting
is one of the tools that managers utilize to determine what type and how many expenses are involved
for maintaining the services for current and upcoming projects for organizations.
Security: Computer security is the protection for the information and data. Computer security allows
the information to be accessible for the intended users. Cloud computing security is a sub-domain of
computer security, network security and information security [69]. It refers to a set of policies and
controls deployed to protect the data, applications and related infrastructure of CC.
Flexibility: Flexibility means the property of being flexible. It means, the applications and services
provided from cloud service providers can be flexible (i.e., organizations can select the operating
systems, memory, instant storage or other resources needed) to the organizations.
Performance: The performance of the cloud can be improved by using high frequency processors.
The cloud applications can have more impact on user adoption of different cloud services.
Monitoring and maintaining performance in the cloud requires uninterrupted visibility across the
entire application delivery such as data centre, internet, cloud service provider and end users own
device [70].
Functionality: The main purpose of moving to the cloud is to increase the access to greater
functionality within the limits of fixed funds of the organization. This feature allows business to
increase IT capacity, in real time (Internet-enabled), without investing in new infrastructure,
licensing software and new training professionals. These functions provide more ability to respond
the organization applications [7].
3.4.2 Comparison of the cloud environments with the requirements
Table 3 represents the comparison of the three different cloud environments such as public, private
and hybrid cloud based on the factors such as cost, security, flexibility, performance and
functionality [3, 4, 15, 20, 22, 43, 46, and 48].
22
Table 4: Comparison of cloud environment Factors Public cloud Private cloud Hybrid cloud Community Cloud
General
Aspect
Public cloud or external
cloud describes cloud
computing in the
traditional mainstream
sense
Goggle Apps Engine and
Amazon Web Services –
Public Cloud
Private cloud or internal
cloud is a cloud computing
which is maintained and
managed by the
organization itself and this
cloud is used by most of
the organizations.
Microsoft and IBM Blue
Cloud – Private Cloud
Hybrid cloud is a cloud
computing environment
in which an organization
provides and manages
some resources in-house
(internally) and some of
the resources are
provided externally.
IBM Blue Cloud –
Hybrid Cloud
It is a cloud which
shares the same
infrastructure and as
set of users,
applications and set of
services within the
organizations.
Logica – Community
Cloud
Cost Acceptable for small
organizations, because
maintaining/managing
the larger infrastructure
consumes more cost
with public cloud.
The cost of private cloud is
higher when comparing it
with public cloud. It is
acceptable for large scale
organizations and it costs
less because the
infrastructure will be
maintained by the
organization itself.
The cost of hybrid cloud
depends upon the
services and applications
used in public and private
clouds of an
organization.
The cost of the
community cloud will
be more than other
clouds because the
organization is using
the infrastructure with
all the users within
organization where it
is more secured
Security Public clouds are less
secured when comparing
it with private and
hybrid clouds because
the data will be hosted
on the computer which
is external.
Data and applications are
more secured in private
cloud because in private
cloud the data and
applications are maintained
and managed by the
internal Firewalls by an
organization itself.
Hybrid cloud is also
secured because the
important data and
applications will be
stored in the private
cloud (internally).
Community cloud
consists set of users
and cloud system
shared among the
users is secured with
different security
levels and reliability
requirements.
Flexibility In public cloud, services
and applications will be
more flexible and users
can access all the
applications through and
by pay-per-use model.
Applications and services
are flexible only to the
organization users with
more security because
private cloud is maintained
by organization itself.
Hybrid cloud is more
flexible than other two
cloud environments
where the users can use
and access both
applications and services.
It is more flexible and
can increase the
resources like storage
capacity, bandwidth
and more according to
the users in the
organizations.
Performa
nce
Performance will be less
when compared to
private, hybrid and
community clouds
because; as it is a public
use many users will be
accessing applications
through online.
In private cloud,
organizations can improve
the performance by gaining
the quick access of data
and applications. It has
better performance than the
public and hybrid clouds.
In hybrid cloud,
performance will be
neutral when you access
applications and services
through public and
private cloud
environments.
Performance depends
upon the maintenance
of the infrastructure in
the organizations
Functiona
lity
Functionality of public
cloud has more ability to
respond the applications
needs of external
resources and provide
high availability for
critical applications.
It has better functionality
of data and different
private cloud applications
with more security.
It has better functionality
in which it has
advantages to move
services to public cloud
and it‟s easier for doing
developing and testing on
a private cloud.
Functionality depends
upon the applications
and services that are
maintained by the
organization. Because
the information is
shared inside their
organization.
23
3.5 Benefits of cloud computing Based on the detailed study of CC, we have listed some of the benefits of CC:
Cloud computing is cheaper compared to other architectures and services can be offered on
pay-per-use model. There is no need to buy and install an expensive software or
infrastructure needed by the organization because these are already installed on online
remotely and can be accessed through the applications. In CC, organizations only need to pay
for the services/applications when they are needed by the organizations [27].
CC offers more flexibility compared to other architectures (like client-server, P2P and more).
The staff of the organization can access the files and data that they need, even when they are
working remotely from home or from clients office. Organizations can work collaboratively
on files and documents which can be viewed and edited from multiple locations [76].
CC is dynamically scalable in which organizations can access as much as computing power
necessarily on hourly basis. In an organization the demand for internal users and external
customers‟ increases and decreases, therefore the necessary storage and network capacity can
be added or subtracted on hourly basis [27].
It is highly automated. The software updates, server updates and other computing issues are
performed automatically [27].
In CC, there are many cloud providers that provide cloud services to different organizations.
If the cloud provider is not delivering acceptable performance, an organization can move to
another cloud provider which is offering better service with fewer prices [37].
Users in the Community Cloud will have a node (connecting point at which several lines
come together) on their machine, when it is activated together with other community
exchange by providing resources on fulfilling service requests from other nodes. These
service requests are as simple as instantiating an HTML page or executing a server side
Script [43].
3.6 Limitations of Cloud Computing In our literature study, we had listed some of the limitations of CC below and each limitation of CC
is explained briefly:
The main concern of CC is the security. Many of the organizations are not hosting the
internal data on a computer that is external to their organization because of security issues
[5].
The cloud services which have been provided by cloud providers may be unavailable for
hours or days. Because of this, the applications may be offline until the problem is solved
[17].
A VPN tunnel is ideal if a laptop client wants to communicate with only one server. If the
client want to communicate with multiple servers, it is necessary to launch a VPN tunnel to
each server. If a user wants to browse a Web site, he/she must frequently turn off the VPN
because most Web servers do not support it. This problem can be solved by letting all traffic
from a laptop client go through a company‟s VPN server [47].
The Community Cloud is not owned or controlled by any one organization, and therefore not
dependent on the lifespan or failure of any one organization. It will be robust and resilient to
24
failure, and immune to the system-wide cascade failures of vendor Clouds, because of the
diversity of its supporting nodes. When occasionally failing it will do so gracefully, non-
destructively, and with minimal downtime, as the unaffected nodes compensate for the failure
[43].
3.7 Selection of sources
The objective of this section is selecting the literature where the primary studies had been discussed.
Sources selection criteria and definition are,
We will use peer reviewed articles, Keyword search on web search engines and Referring
references used in the articles for performing the literature study.
We will use general method to achieve the goal by reading the articles, understanding the
concept and writing about the study.
By this general study we will be identifying the input for performing the empirical study.
From the results of literature study and empirical study we will be designing a new cloud
model for SWAF.
Referring references used in the articles
We used only English language for selecting the articles through web search engine. The most used
source for gathering information is books, search engines, white papers and grey literatures.
Following list contains the details of search engines which are used to find the articles.
ACM Digital Library
IEEE Computer Science Digital Library
Springer Link
Science Direct
Engineering Village
By using keywords we searched in the listed search engines. For selecting the initial set of literature,
Abstract of the papers were read out. To refine the selected studies, full texts had been read out.
3.8 Summary of Literature study
For performing this literature study we collected various articles by consulting peer reviewed
articles, empirical studies, searching with keywords on web search engines and referring references
used in the articles. Search engines, books, grey literatures and white papers are identified as the
sources of information. We used the following search engines to find the articles
ACM Digital Library
IEEE Computer Science Digital Library
Springer Link
Science@Direct
Engineering Village
Public Cloud - Provides services to general public. It is used in the small scale and medium
scale organization.
Private Cloud - A setup within the organization internal datacenters. It is used in the medium
scale and large scale organization.
Hybrid Cloud - Scalable resources and virtual application provide virtual IT solutions through
a mix of both public and private clouds. This environment is mostly operated at the Large
scale organizations.
25
Community Cloud - Instead of acquiring and managing own physical infrastructure, a
community defines a virtual Information and Communication Technology (ICT)
infrastructure.
Cloud computing has new services (SaaS, PaaS, IaaS) , which provides benefits such as cost
reduction by use of pay-per-use model, high availability by activating the routing to split the
traffic between the multiple servers and failure servers, scalability by distributing the work of
application/resources through multiple servers in order to serve more users, reliability by
measuring the fault tolerance and by making the data available over the internet which can be
accessed through any web browser.
Infrastructure as a service is an IT solution which tackles the hardware concerns (like
reducing infrastructure cost, maintenance of different resources and security) of an
organization. IaaS provider‟s will provide hardware components like servers, processors,
storage capacity, memory capacity, firewalls and load balancing to the users. It also
minimizes the need of huge investment in computing.
Example:Amazon Web Services, GoGrid
Platform as a Service provides the entire infrastructure needed to run applications over the
internet. PaaS provider‟s will provide with full stack including an operating system,
programming language, security, storage, version control, collaborative tools and tools to
build web interaction. It offers a faster and cost-effective model for application development
and delivery.
Examples: Google App Engine, Windows Azure
Software-as-a-Service is offered/consumed over the internet with minimal or no software
installation that is required to access. DaaS is not mostly considered because the service
providers offering SaaS are also offering a layer known as DaaS.
Examples: Salesforce.com, AT&T and Media Temple.
A VPN (Virtual Private Network) is a private network on a public network infrastructure
(Internet), this connectivity is used for connecting to a private local area network at remote
location. It‟s frequently used in the organization with remote offices to share network
resources and private data.
Example: To connect employees to their organizations intranet.
We have included and excluded many articles during the study. Many articles that had been
studied but excluded, as they not were being related to the research topic.
The article written by Anya Kim et al.[2] completely fits into this research work, where they
have proposed a national security hybrid cloud architecture, that contains of private clouds
for sensitive information; public clouds for information gathering, dissemination of public
information; community clouds for information sharing and collaboration needs.
26
CHAPTER 4
RESEARCH METHODOLOGY
Research is a systematic way to find solution to the problems. Qualitative, quantitative and mixed
methods are the basic types of research methods. In this chapter, the methods used to accomplish the
work are presented, together with the process of survey and interview.
4.1 Research Design The research approach used in this thesis is mixed research method. Mixed research method is based
on both qualitative and quantitative method. Quantitative research involves the collection of data so
that the information can be quantified and subjected to statistical treatment in order to support or
refute “alternate knowledge claims” [64]. In our thesis, we had been conducted a statistical survey
with a set of questionnaire to the organization's experts in cloud computing and by analyzing the
results of the CC experts we will suggest a quantitative solution for SWAF. Shank [66] defines
qualitative research as “a form of systematic empirical inquiry into meaning”. By systematic, it
means “planned, ordered and public”, following rules agreed upon by the members of the qualitative
research community. By empirical, it means that this type of inquiry is grounded in the world of
experience. Inquiry into meaning says researchers try to understand how others make sense of their
experience. In our thesis, the data is collected through text by conducting the empirical study (survey
(open ended questions) and interviews) on CC, cloud environments and cloud services. We will
conduct direct interviews (Face to Face interviews) and indirect interviews (Telephone interview) in
which we had prepared a set of questionnaire based on our research questions.
During the literature review, related research on CC has been studied focusing on different cloud
environments (public cloud, private cloud, hybrid cloud and community cloud) and cloud services
(IaaS, SaaS and PaaS). Different material had been used during the literature review such as:
1. Conference papers
2. Journal and articles
3. Online websites
Also the main selection of sources is described in section 3.7.
Figure 4: Research methodology used in our thesis
27
We designed the research of our thesis study as described in Figure 4. The requirements
Performance, Security, Cost, Flexibility and Functionality are collected from SWAF (section 2.3) by
conducting interview with the external supervisor and finally it has been used as the input for our
research. We began our work by implementing the research question (RQ1 and RQ2), as an initial
step of research we started performing the literature study. During this qualitative research, we
studied about different cloud environment, cloud services with examples, security measurements and
compared the different cloud environments, services with respect to the requirements given by
SWAF. Also this study helped us to start our empirical study for framing the questionnaires for
interview and survey. As a part of quantitative research we surveyed and interviewed the companies
those who use and not use cloud computing. By conducting the survey and interview with parallel to
the literature study, we suggested the suitable cloud environment and services for SWAF. Finally, we
proposed a new cloud model by getting a different set of security requirements (section 6.1) from
SWAF, literature study and with the use of suggested cloud environments and services. The research
methodology and research process of this project is described in table 5.
Table 5: Mapping of Research Process and Research Methodology
By analysing the data collected from survey and interviews we will suggest suitable cloud
environment from public, private, hybrid and community clouds based on different parameters like
cost, security, scalability, flexibility, performance and functionality of CC for SWAF. We will design
a model in the suggested cloud environment by considering the requirements like data transfer,
storage, security and communication for SWAF.
Research Process Research Methodology
Literature Review
Answers: RQ1 and RQ 2
Literature review helps in gathering information and we have found the
related reports based on the CC and different cloud environments (public,
private and hybrid clouds). Also it helps to find the relevant data on
cloud services.
The literature study has been done on the cloud computing environments
which are explained in section 3.2 and services such as IaaS, SaaS &
PaaS in which the features and service offerings are explained in section
3.4. Based on this literature study we prepared the questionnaire for
survey and interviews.
Survey
Answers: RQ1 and RQ 2
Survey is conducted for the purpose of identifying the most frequently
cloud environment and services used by the organizations. These survey
questions are generated after making the literature study. Its explained
detailed in Section 5.1.
Interview
Answers: RQ1 and RQ 2
Interview is conducted for the purpose of identifying and gathering
opinion from IT experts on cloud environments, services and limitations
of CC. We conducted both direct (Face-to-face) and indirect interview
(Telephone). These interviews help us to answer the RQ1.
As it is a semi-structured interview, more questions had been extracted
from the prepared questionnaire [Appendix 2] to get overall knowledge
of the topic. The interview conducted by each organization is explained
in Section 5.2
Design Science Research Method (Build and Evaluate): We have used design Science research
method for designing a cloud model. We will propose a new cloud model after answering the RQ1
and RQ2. This proposed cloud model will be evaluated by the advisors at SWAF. After that, the cloud
model will be improved with their suggestions.
28
4.2 Survey Process A survey is a non-experimental, descriptive research method [67]. Survey is a method, when a
researcher wants to collect data on phenomena that cannot be directly observed. Survey is conducted
for the purpose of identifying the most frequently used cloud environment and services used by
organizations. By conducting this survey, we will suggest a suitable cloud environment for large
scale organization (SWAF).
4.2.1 Survey Objective
The goal of our survey is to gather the information on cloud environments (public, private, and
hybrid clouds) and cloud services from different organizations that are using CC and evaluate the
cloud environment that could be suitable for SWAF. The goal of the survey can be achieved by
collecting the opinions and experiences of the participants on the different aspects such as flexibility,
performance, security, cost and functionality of different cloud environments.
4.2.2 Survey Preparation
For the survey, a set of questions has been prepared based on the literature study of cloud
environments and cloud services. Questions are based on the requirements such as performance, cost,
security, flexibility and better functionality of cloud environments that were specified by SWAF. For
conducting the survey in beginning we have prepared nearly 10 questions which were extended to 18
questions based on the suggestions from our academic and SWAF supervisors. In average, it takes
20mins to answer the survey. Before publishing the survey link in online, we as the participants
conducted a pilot-test in order to indicate the time needed for the participant to answer the survey
and accordingly we had also changed some questions in the questionnaire and layout of the survey.
Questions are framed based on the CC, requirements of cloud environments, few questions are based
on the priority of cloud environments. There are also questions on the motivations why organizations
shift to cloud computing architecture from their previous architecture (like Client-server, P2P and
many more). To approach the organization, a covering letter has been given by our academic
supervisor with specifying our names and small description of our thesis topic.
4.2.3 Survey Participants
The survey is conducted through online, known as online survey to different organizations that are
using CC. The link of the survey (https://www.kwiksurveys.com?s=IMKKON_efa9e4bf) had been
posted to 20 participants through e-mails to different cloud experts in different organizations and also
published in social networking forums. By taking the covering letter from our supervisor, we have
also approached some organizations using CC and CC services such as Oracle, Swedbank, TCS,
IBM and Sun micro systems. Oracle is an open and integrated hardware and software organization
and conducted survey with CC expert in IT department working as database analysts. Swedbank is
bank and send an online survey to the developer in IT department. Tata Consultancy Services (TCS)
is an IT services, business solutions and outsourcing organization and survey had answered by the IT
manager having good experience in CC. IBM is an information processing organization with
thousands of technology and survey is conducted with the system developer who has experience in
CC. Sun Microsystems is a multinational vendor of computers, computer software and hardware and
information technology services and survey is answered by the system developer. Later, we also
published the survey link through online in social networking forums like LinkedIn.
4.2.4 Execution
As it was an online survey, the link of the survey had been mailed to different cloud experts
(participants) working at different organizations. From the 20 participants, 14 participants had
responded to the survey. Among these 14 participants, 11 participants responded through emails and
3 participants answered through social networking forums. From these 14 answers, the analysis of
the results of survey had been done which is explained in chapter 5.
29
4.3 Interview Process As a part of our research we have conducted direct and indirect interviews to gather the qualitative
information [64]. The purpose of the interviews is to know the opinion about CC, limitations of CC
and other architectures currently used in their organizations (like client server, P2P and more). There
are different kinds of interviews; the interviews conducted in our research are semi structured
interviews. There are different types of interview structure such as structured, unstructured and semi-
structured interviews. Structured interview is a limited set of questions and get specific answers
related to the prepared questionnaire. Unstructured interview is flexible and allows new questions
(other than prepared questions) to be brought up during the interview depending upon the
interviewee. Semi-structured is the mix of both structured and unstructured interviews. In our
research, we used semi-structured interview in which we had asked more questions from the
prepared questionnaire.
4.3.1 Interview Objective
The goal of our interview is to know the opinion on cloud environments, services and limitations of
CC of the IT experts of the interviewed organizations. From these interviews, we will also find the
pros and cons of CC from the organizations that are using other architectures.
4.3.2 Interview Preparation
From the detailed study of our literature review, we had decided to conduct direct and indirect
interviews with the organizations using CC and organizations using other architectures like client-
server, P2P and more.
To conduct the direct (face to face) and indirect (telephone) interviews a set of questions is prepared
and it consists of 9 questions. The interview topics had been sent to the interviewee before the day of
interview because the interviewee can be prepared well in advance. Before conducting the
interviews, the covering letter had been written by our academic supervisor (as specified above) to
approach the organization. With this covering letter we had approached the organizations and got
appointment for interview. The prepared questionnaire for the interview is based on CC and different
architectures (like client-server, P2P and more).
4.3.3 Interview Participants
We had conducted interviews with different organizations by approaching them with a covering
letter given by our supervisor. We had got appointment with some organizations like Accenture, City
Network Hosting (CNH), Sandvik and ST Ericsson to conduct the direct and indirect interviews.
Interviewee 1 is working in Accenture as a Research Analyst in cloud computing. The company is
working on global management consulting, technology and outsourcing services. Interviewee 2 is
working in City Network Hosting (CNH) as Computer System Engineer; they are the leading
providers of hosting services and offers Service Level Agreement (SLA) with 100% uptime
guarantee (according to the interviewee). Interviewee 3 is from Sandvik AB who is working as IT
Manager, they are related to mining and construction. Interviewee 4 is working at ST Ericsson as
Technician; they work on mobile communications. Before conducting the interview, we have done a
pilot-test, to determine the time for a participant to be answered and to test the understandability of
the questions. Based on the pilot test we made corrections and improvements in the questions.
4.3.4 Execution
The interview was conducted with four organizations based on CC and other architectures. During
the interview, as it was direct interview the data was collected by taking notes on paper and time
taken for conducting the interview was 30 minutes. The interview was taken by 2 interviewers with
one interviewee (related to IT department) of the organization. The main focus was to know the
30
opinions of the interviewee on CC, cloud environments and draw backs of CC. The main points had
been taken from the empirical study and discussed.
4.4 Instruments Used during the Survey and Interview study For conducting the survey and interview study, we had used a covering letter from university,
questionnaire for survey (Appendix2) and questionnaire for interview (Appendix3). Description and
time taken for accomplishing the instrument are discussed in the table 6.
Table 6: Instruments used in our research Instrument Name Description Time needed
Questionnaire for survey Questionnaire to be filled by
participants
20 mins (For each participant
to answer)
Questionnaire for
interview
Questionnaire to be answered by
the participants
25 mins (For each interview)
Results of survey
(including interviews)
Results are explained in the form
of graphs
Depends upon results
4.5 Threats to Validity This section describes the possible threats to validity of the empirical study (survey and interview
study) during the research, such as internal validity, conclusion validity, construct and external
validity and reliability. We had explained all the possible threats to validity of the survey and
interview study and also explained how to minimize the threats to validity.
Threats to validity for Survey: During our research, due to the limited number of article collection,
the data related to the topic may not be sufficient for preparing the questionnaire. Because of this we
may miss some important data from the other articles which could be internal validity. So, to
overcome this validity we had collected all the articles related to our research and prepared a
questionnaire for conducting the survey with the CC experts of different organizations.
The number of participants in the evaluation of survey results may not be enough for the
generalization of the results. This may be the threat for the conclusion validity of the evaluation
results, because the participants for answering the survey may not be enough in order to generalize
our results. To minimize this risk we had approached more CC organizations for answering our
survey.
During the preparation of questionnaire, the questions and words may not be framed correctly which
could be possible threat to construct validity. As it is the online survey, participants may give wrong
answers because of misunderstanding of the questions. To overcome this threat, after finishing the
questionnaire all the questions had been investigated by the supervisors and changed accordingly.
So, by framing the questions in a correct way the questionnaire could be understandable for the
participants in the survey.
After finishing the questionnaire for survey, we started approaching the organizations. We have
found the threat to external validity, which is to find the organizations using CC and cloud experts of
the organizations. To overcome this threat, we had taken the reference from our supervisors and
colleagues to approach the organizations cloud experts and completed our survey.
Reliability is to examine the stability and constituency of the approach used by the researchers.
Sometimes the results will not be appropriate of what we were expecting, this occurs only because if
the participant answers the survey without the knowledge of topic. In order to overcome this
situational reliability [65] we have approached the organization using cloud computing and also not
31
the person who knows anything about cloud computing. Reliability is measured by simplifying the
results given from the participants.
Threats to validity for Interview study: In our research we had conducted both direct and indirect
interviews in which we had found some of threats to validity. Such as external and construct validity
and reliability.
Interviews had been conducted with the organizations using CC and not using CC. We had found
some difficulty for preparing the questionnaire for interviews because, we need to frame questions
for the organizations using CC and not using CC. To overcome this threat to construct validity, we
had referred more articles and framed the questions accordingly.
In our interview study we found the threat to external validity for contacting the organizations not
using CC and approaching particular person from the organization for interview. To minimize this
threat, we had taken the reference of our supervisors and approached the organizations.
Some time the low quality of the interview phone calls and/or the difficulty of understanding the
interviewee accent, could lead to a threat of misinterpreting the interview information. In order to
mitigate the above Instrument reliability (research instrument we used) threat [65] we used to record
the interviews and listen it again.
32
CHAPTER 5
RESULTS OF THE EMPIRICAL STUDIES
This chapter is dedicated to the results of the survey and interviews conducted in this research. The
sections CC environments and cloud services will present the quantitative data from the survey and
qualitative data collected from interviews. This chapter also contains discussion section, based on the
analysis of the results of the survey and interviews and also the discussion for suggesting the cloud
environment.
5.1 Results of the Survey The online survey conducted in this research consists of 18 questions, which have been prepared
based on the research questions and the requirements (cost, security, flexibility, performance and
functionality) suggested by SWAF. Each question in the survey will provide a possible and suitable
solution for suggesting the best cloud environment to SWAF. An excerpt of the online survey is
shown in figure 5.
Figure 5: Excerpt of the online survey
In this survey, questions are formed according to the goals of SWAF. As it is an online survey, the
link of the survey has been distributed to many organizations that are using CC and 14 cloud experts
of different organizations have responded to our survey. Some of the participants that responded our
survey have been described in section 4.3.3. Other participants responded since our survey was
published on social networks like LinkedIn. But due to secrecy requirements we cannot reveal the
names of the participant and of few organizations. From the 14 participants, almost 9 participants
answered all the questions but 5 participants had answered only 12 questions in the survey. This may
be caused by misunderstanding of the questions. Below are the analysed results of the different
organizations which are explained in the separate sub-sections regarding CC and cloud services.
33
Employees working on CC: As CC has been used by small, medium and large organizations, there
may be few employees working in the organization. Therefore, the first question requires the number
of employees working on CC in the particular organizations. In general, CC may be used by small
organizations and employees working in the organizations can be between 10 to 50 employees.
There are also some large organizations using CC and providing services to different organizations.
The employees working in large organizations in CC can be more than 200 employees.
One of the questions asked in the survey is, „How many employees are working on cloud computing
in your organization? Table 7 presents the employees working in the particular organizations on CC.
Table 7: Employees working on CC in the Organizations No. of Employee No. of Participants Answered Total %
1 to 10 Employee 3 33.33%
10 to 50 Employee 2 22.22%
50 to 100 Employee 1 11.11%
100 to 200 Employee 1 11.11%
200+ Employee 2 22.22%
Benefits of CC: With the CC architecture, many organizations have more benefits (like cost
effective, better functionality, flexibility and more) when compared to other architectures. Therefore,
many of the organizations use CC and the organizations which are not using CC are shifting to CC
because of the benefits specified above. Nine participants answered this question, and eight of them
are more satisfied with the benefits of CC compared to other architecture. One participant is not
satisfied with CC with the reason of „security‟ (because if the services are provided by cloud service
providers, the data of the organizations will be maintained by the provider. So, the data can be
hacked by the third party users). There are many other architectures like client-server, P2P, Grid, etc.
that have been used by the organizations that answered our survey. But, after knowing the benefits of
CC architecture 60% of the organizations have shifted to CC architecture. From the answers
presented in the survey, 6 participants shifted from „client-server architecture and dedicated
servers‟ to CC and 3 participants are using CC from the launch period.
Reasons for shifting to CC architecture: In CC there are many reasons (like pay-per-use model,
good performance, flexibility, security, data centres, storage capacity and more) for the organizations
for shifting from Client-server, P2P or Grid architecture to CC architecture. A question in the survey
asks to rate the reasons for shifting to CC architecture. Figure 6 shows the ratings given by the
participants. From the answer presented by participants, the main reasons for shifting to CC
architecture are reduce administration cost (20%), reduce hardware infrastructure cost (18%), data
centres and storage capacity (18%), flexibility (15%) and next are availability (9%) performance
(5%), pay-per-use model (7%) and security (6%). Other reasons are also presented by the
participants such as:
„Pay by Hour and provided security is guaranteed‟
34
Figure 6: Rating the reasons for shifting to CC architecture
Selection and reasons of Cloud environments: The above sub sections were related to the CC
architecture. This sub section presents the answers given by the participants on cloud environments
such as public cloud, private cloud and hybrid cloud. The question asked is „which cloud
environment is used by the organization?‟ Participants have selected the cloud used by the
organization and figure 7 shows the use of public, private and hybrid cloud by different
organizations. Public and private clouds are equally used by the organizations and hybrid cloud is
used by only one organization. Hence, selecting the cloud environment depends upon the
applications and services used by the organization.
Figure 7: Usage of Cloud Environments
Participants also explained why the particular cloud is used by the organization. Here are the reasons
given by the different participants:
35
I think Unisys needs to be visible to gain clients, so they would have much gain from public
cloud. Mobile Technology, R&D is main part & in Today's Environment.
It is very important for security. Flexibility - To be able to power on and off or add new or
remove old hardware in a instance.
Reduce IT admin cost and less infrastructure costs.
Better service for the clients at a reduced price.
Easy and cost effective.
Because of Customers demand and Security private is used‟.
Priority of cloud environments and cost of public, private and hybrid cloud: Though the
organizations are using a particular cloud, they also give priority to other clouds. Participants were
asked to give the priority for the clouds according to their opinion and knowledge. Figure 8
represents the priority of each cloud, according to the answers of the participants. Public and private
clouds have the 1st priority with 32%, hybrid cloud as 27% and other clouds mentioned by
participants is community cloud chosen by 9% of participants. They were also asked about the cost
of the computing in different cloud environments. But, only the cost of public cloud was given by
three participants of different organizations. The cost of public cloud according to the participants is:
Participant 1(Medium Organization) - 130-2500+ Kr/Month
Participant 2 (Small Organization) - $250 /Month
Participant 3 (Large Organization) - $1200/ Month
Figure 8: Priority of cloud environments
Factors of public, private and hybrid clouds: According to SWAF, the important factors to be
considered for deciding the cloud environment for an organization are security, cost, performance,
flexibility and better functionality. In survey for question (SQ) number 10, 11 and 12 we have used
the ranking method. The five factors (Security, Cost, Functionality, flexibility and Performance) are
the inputs given by SWAF, we have used these inputs in our survey to identify how the organizations
36
are selecting the cloud environment based on the giving ranking to each factors according to the
opinion and experience. Table 8 describes the ranking factors in detail.
Table 8: Values for the factors according to the rank scale
The factors above are not unique, they have different meaning. If the cost is very important that is
equal to the cheap cost. If the security is unimportant that is equal to low security feature. Some
participants (survey answerer) have not selected the option of „Hybrid cloud‟ because, they gave
ratings based on the use of the current and existing system. This is all based upon the user
understandability.
Example: Assume that: - Organization 1 Answer for Survey Questions (SQ), refer to Appendix1 for
survey questions.
SQ10: Security=3; Cost=4; Functionality=2; Flexibility=4; Performance=5;
SQ11: Security=2; Cost=3, Functionality=4; Flexibility=2; Performance=5;
SQ12: Security=4; Cost=5; Functionality=5; Flexibility=3; Performance=3;
In this scenario the participant says that, Security is normal, cost is low, functionality is low,
flexibility is high and performance is very high for public cloud (SQ10); Security is low, cost is
moderate, functionality is high, flexibility is low and performance is very high for private cloud
(SQ11); Security is good, cost is very low, functionality is very high, flexibility is moderate and
performance is very high for hybrid cloud (SQ12).
Figure 9, 10, 11 shows the ranking of the factors of each cloud environment done by the
participants.
Factors /
Scale
1-Very
Unimportant
2-Unimportant 3-Neutral 4-Important 5-Very
Important
Security No Security Low Security Normal Security Good Security Very good Security
Functionality Very Low Low Moderate High Very High
Cost Very High High Moderate Low Very Low
Performance Very Low Low Moderate High Very High
Flexibility Very Low Low Moderate High Very High
37
Figure 9: Rating for the factors of public cloud
Figure 10: Rating for the factors of private cloud
Figure 11: Rating for the factors of hybrid cloud
According to the ratings of cloud environments, hybrid cloud is preferable for the organizations. By
using hybrid cloud, organizations data could be secured in private cloud and the cost depends upon
the computing (internal or external resources) with good performance, flexibility and better
functionality. The reasons for the preference of hybrid cloud are described in the following question.
Importance of hybrid cloud: From the above analyses, most of the organizations are using private
and public cloud environment. But, now-a-days few organizations also prefer the hybrid cloud
environment which is a mix of both public and private cloud. By using hybrid cloud, organization
can use the internal and external resources. The question asked to the participants is weather the
38
organization will shift to the hybrid cloud in future if necessary. 38% of the participants would like
to shift to the hybrid cloud and 62% of the participants answered that they will not shift to the hybrid
cloud. Participants have given the reasons for shifting to the hybrid cloud, such as:
Security (This means hybrid cloud is more secured than the private and public clouds)
The ability to use your software and saved files with different servers would be strong factor
Some services can be provided some resources internally while choosing to outsource some
externally.
Selections and reasons of cloud service models: The previous sections described CC and cloud
environments. There are also three different cloud service models such as Infrastructure as a Service
(IaaS), Software as a Service (SaaS) and Platform as a Service (PaaS) as described in section 3.3.1,
3.3.2 and 3.3.3. Many organizations are outsourcing different services to cloud service providers.
The questions asked to the participant is „what are the services used by the organization?‟ Analysing
the results, Iaas and SaaS are mostly used and PaaS is only used by few organizations. Figure 12
shows the usage of different service models used in the cloud computing companies.
Figure 12: Usage of Cloud Service Models
Participants have given the reasons for the selected services:
Because this is what the service providers can provide without outsourcing. Service providers
have to get the software from micro-soft‟
The ability to have full control and add what I want
We are a software service providers, so SaaS suits our offerings
Customers requirement
Standardization, Business process Management(BPM)
IT services/applications to be outsourced from cloud providers: When an organization
outsources a service from a service provider, the IT services/applications can be preferred by them.
Examples of IT services are mail servers, knowledge management infrastructure, electronic record
service, pay roll, human resource, Supply Chain Management (Logistics), Accounting and Finance,
Project Management and many more. Some of the IT services and applications have been ranked by
the participants depending if these are used in their organization. Figure 13 shows the percentage of
each IT service/applications that are used by the participants in their organizations. One of the
participants had specified other service that is, „Web servers‟.
39
Figure 13: Rating for IT Services/Applications to be outsourced by Cloud Providers
5.1.1 Summary of the survey
This survey has been conducted with organizations to know the use of CC, cloud services and cloud
environments such as public, private, community and hybrid cloud environments based on
parameters like cost, security, performance, flexibility and functionality. By analysing the survey, we
found that most of the organizations have shifted to CC architecture and many organizations are
using private and public cloud environments. But most of the organizations prefer to shift to the
hybrid cloud environment because of more functionality. And other reasons for shifting to CC
architecture are reduce administration cost, reduce hardware infrastructure cost, data centres and
storage capacity, flexibility and availability, performance, pay-per-use model and security.
According to the ratings given to factors of different cloud environments, private cloud (figure 9) is
mostly used because of security, flexibility and performance. But, few of the organizations prefer
public cloud environment (figure 10) because of low cost, flexibility and security. Based on the
ratings of the factors of cloud environments, hybrid cloud is better than the public and private clouds.
Hybrid cloud (figure 11) is preferred because of security, cost, performance, flexibility and its better
functionality. Organizations are also ready to move to hybrid cloud environment which is a mix of
both private (internal) cloud and public (external) cloud. By using hybrid cloud environment, the
organization can provide some resources internally and can also choose to outsource some resources
externally.
Most of the organizations need to outsource SaaS and IaaS from different cloud service providers.
Besides SaaS, PaaS and IaaS some of the other applications or services are been suggested by the
participants in the survey that are could be outsourced from cloud providers such as mail servers,
supply chain management, pay roll, web servers and many more.
5.2 Results of the Interview study As described in section 4.4.1, interviews have been conducted with the organizations those who were
using and not using CC. We have also considered the interviews of the organizations not using CC in
order to find the limitations of CC architecture. It has been a difficult task to find organizations for
conducting the interviews, we succeeded to find four different organizations described in section
4.4.3. Interviewees were asked about the architecture used in the particular organization, opinion of
cloud environments and cloud services. Limitations of CC architecture were asked to the
organizations that are using other architecture (like client-server, P2P and more). Below are
interview questions and results which are explained according to each interviewee.
40
Is the organization using cloud computing? If not, what is the other architecture the
organization is using?
Organizations are using different architectures like CC, client-server, P2P, grid and many [21]. The
interviewees described the architecture that is used by their organization. Interviewee 1 is using CC
architecture, the organization uses a hybrid cloud environment and it is also a cloud provider, cloud
implementer and cloud consumer, in which they provide services to different organizations.
Interviewee 2 is using CC architecture and uses private cloud environment and it is one of the
leading providers for hosting services. The interviewee 3 and 4 are not using CC architecture
presently and the architecture used by them is client-server architecture.
If the organizations are using other architectures, is it useful than CC? If yes, what is the
reason?
The different architectures are used according to the requirements of the organizations. The
interviewees have given different opinions on the reasons of the architecture used by them.
Interviewees 1 and 2 say, as they are using CC architecture, this is better and useful than other
architectures, because it is more flexible, good performance, cost effective and secured. Interviewee
3 says that, since they are using client-server architecture, it depends upon the satisfaction of the
customers and the applications needed by the organization may change according to the customers.
Interviewee 4 says that, according to the demands of the customers, the client-server architecture is
used by their organization and it is client for Unisys and HP where the entire infrastructure is
maintained by the Unisys and HP.
Why is the organization not using CC? Do you find any drawbacks in CC?
There are many benefits for using the CC architecture and there are also some drawbacks. As
interviewees 1 and 2 are using CC architecture, they did not find any drawback of CC. Interviewee 3
says that the main reason of the organization for not moving to CC is the security issue and because
of failures in the cloud (when using services from different cloud provider). According to
interviewee 4, there may be the possibility of moving the client-server architecture to CC, but
because of other demands from the organization and from the clients, they have not yet decided to
change architecture.
There are some parameters (like scalability, flexibility, security, performance and cost) in CC
which organizations are more concerned. So, can you see these parameters in the architecture
used by your organization?
Based on interviewees 1 and 2, the CC architecture is used because of flexibility, security, and
performance and reduces the cost of infrastructure. According to interviewee 3, security is an
important attribute for the sensitive information i.e., the details of the products, quality and more are
maintained and managed by ERP (Enterprise Resource Planning) that assures more security of
Sandviken. ERP integrates internal and external management information across an entire
organization like Finance/accounting, manufacturing, sales and services. The data and applications
are well secured within the organization behind the firewalls. But the cost of ERP is higher when
compared to CC architecture because the organization itself should maintain the entire infrastructure,
servers, different services like network, storage and more. Interviewee 4 says that the applications
and services are scaled according to the users and as the organizations are using client-server
architecture the data is maintained securely inside the organization.
41
Are the data centres and services like IaaS, SaaS, PaaS maintained and managed by the
organization itself?
Data centres depend upon the size of the organizations. As we interviewed large organizations with
more than 200 employees, all the organizations are maintaining and managing their own data centres.
Interviewee 1 says that, since he works in a large organization, data centres and service are
maintained by the organization itself and also provide services (service provider) to different
organizations. Interviewee 2 also said that the data centres and services are maintained by the
organisation which also acts as cloud service providers. According to interviewee 3, the services
depend upon the projects given by the clients. Based on interviewee 4, since the company is a client
for Unisys and HP, data centres and services are maintained by the Unisys and HP
If you prefer CC for your organization, which cloud environment (public cloud, private cloud
or hybrid cloud) do you prefer? Why?
As there are different cloud environments, the priority of cloud environment depend upon the
applications and services used by the organization. According to interviewee 1, most of the
organizations prefer private cloud but if the organizations want to use external resources they may
also prefer hybrid cloud. Therefore, the organization of interview 1 is using hybrid cloud because the
organization is using and providing both internal and external resources. According to interviewee 2,
for small organizations public cloud environment is preferred because the main reason is lower cost
(purchasing own servers, maintaining hardware and software‟s, power consumption and maintenance
problems, recruiting more technicians for maintenance), flexibility (to be able to power on and off or
add new or remove old hardware in an instance). According to interviewee 2, large organization
prefer hybrid cloud environment because it combines the both private and public services for an
organization. Interviewee 3 says that it depends on the applications and services used by the
organization. Interviewee 4 prefers private cloud environment in future because it is a mobile
organization and think that hybrid cloud could only be used for large scale organizations using
external resources.
What is your opinion on hybrid cloud?
Based on all interviewees, hybrid cloud could be used by large organizations where they can use
both internal (private) and external (public) services securely. Hybrid cloud is more flexible and has
higher performance when compared to public and private cloud environments. Interviewees 3 and 4
may shift to hybrid cloud in future because the financially applications, administration and
confidential data have been managed internally in private cloud. Other applications which are used
by the clients can be managed externally in public cloud.
What is your opinion about cloud services that are provided by different cloud providers?
Now-a-days there are many cloud service providers like Microsoft, Google, Amazon and more. All
the providers are providing the services that could be used by the organizations. The interviewees
have stated different opinions on cloud services providers. The organizations of interviewees 1 and 2
are cloud providers and provide different applications, infrastructure as a service, software as a
service and business process to achieve high performance. By using the services from cloud
providers, organizations are reducing their cost, and services are well maintained and managed by
the providers. Interviewee 3 states that there is a disadvantage of the services, i.e., the organization
cannot trust all the cloud providers because there may be a break in the cloud services and the
organization should wait until the problem is solved by the provider. Interviewee 4 says that,
according to his knowledge of cloud service providers, these are most useful, cost effective and
flexible.
42
Will the organization shift to CC in the future?
This is asked to interviewees that are not using CC architecture. Interviewees 3 and 4 state that,
shifting the architecture depends upon the customers and employees working in the organization.
Therefore depending on the structure of the organization, applications and services, they may shift
from client-server architecture to CC architecture.
Is the organization using the CC architecture from launch period?
As CC is a new architecture, there may be organization shifting from other architecture to the CC.
Interviewee 1 says that, in his company they have used client-server architecture from the launch
period of their company, but now they shifted to cloud computing because of flexibility, access to
data for pay-by hour method, performance, reduce IT administration cost and reduce hardware
infrastructure cost. Interviewee 2 says that, they are using CC architecture from the launch period of
the organization.
What are the cloud services used and provided by the organizations?
The organizations of interviewee 1 and 2 are cloud services providers and there are some services
that are provided by them to different organizations. Interviewee 1 provides and uses SaaS
(Windows 2008 Data centre, MqSql, Ms-SQL, etc.), IaaS (CPU, memory and storage, etc.) and PaaS
(operating system, programming language, security, storage, version control, etc.). They maintain all
these services in public cloud, because cost of computing is nearly 250-400 SEK/month
comparatively less to other environments. Also in terms of security they have their in-built firewall
for protecting the data. City Network Hosting (CNH) is one of the leading providers where more
than 10,000 of customers are getting service from CNH. Accenture is also providing the services like
infrastructure, business process applications and SaaS to different organizations through public
cloud. Interviewee 2 is also providing IaaS, SaaS, and DaaS (Database as a Service) for several
organizations.
5.2.1 Summary of the Interviews
In our interview, two organizations were using CC architecture and other two organizations are using
client-server architecture. According to the interviewees, public clouds could be more useful for
small organizations because they can outsource the infrastructure in which, it could be cost effective
and maintained by the service provider. Private cloud could be more useful by large organizations,
where the CC infrastructure can be used by more users and it can be maintained and managed by
organization itself. According to the results of the interviews, some of the organizations will shift to
the hybrid cloud environment in future depending upon the organizations applications. All
interviewees specified that, hybrid cloud environment can be used for the organizations using
external resources and for large scale organizations. One of the interviewed organizations is using
hybrid cloud, where the financial applications, administration data are managed internally in private
cloud and applications used by clients are managed externally in public cloud. The limitations
provided by two interviewees are security, breakdowns in cloud and they may not shift to CC
architecture due to the demands of clients. The following table 9 summarizes the main questions and
answers of the interviews.
43
Table 9: Interview results Questions Interview 1- Accenture Interview 2 – CNH
AB
Interview 3 –
Sandvik AB
Interview 4 - ST
Ericsson
Kind of
Architecture
used
CC architecture CC architecture Client-server
architecture
Client-server
architecture
Requirements
of the CC
architectures
Cost, scalability,
flexibility, performance,
security
Better functionality,
less cost, reduce
infrastructure,
flexibility, security
and performance
Security and data is
maintained by ERP
(Enterprise Resource
Planning)
Applications and
services are scaled
according to the users
and security
Data Centres
and Services
maintained by
own
organization
Has it is large organization
, data centres and service
are maintained by the
organization itself and also
provide services (service
provider) to different
organizations
Data centres and
services are
maintained by CNH
and also act as cloud
service providers
Data centres are
maintained by the
Sandvik and services
depends upon the
projects
Data centres and
services are
maintained by the
Unisys and HP
Preference
given by the
organizations
to cloud
environments
Hybrid cloud is used
because this cloud can be
used by large organizations
where internal and external
resources are used.
Hybrid cloud is used
as it provides both
internal and external
resources.
Depends upon the
applications and
services
As it is a mobile
organization, only
Private cloud could be
preferred
Are the cloud
services
provided by
cloud
providers are
preferable
Accenture is a cloud
provider and provides IaaS,
SaaS, DaaS (Database as a
Service). The services
provided by them are most
preferable and been used
by hundreds of
organization to achieve
good performance and
functionality
CNH AB is a cloud
provider and provides
IaaS, SaaS, PaaS and
hosting services. IT is
also most preferable
and had 10,000
customers using these
services.
Sandvik AB does not
depend upon the
services provided by
cloud providers.
For ST Ericsson the
services provided by
cloud providers are
most useful and
flexible.
Drawbacks of
CC
architecture
No drawbacks.
No drawbacks
Security and Break
down of cloud
services
Due to the
requirements of
clients they are not
able to shift to CC
architecture and main
reason is security.
5.3 Discussion The main focus of this research was to investigate the different cloud environments (from public,
private hybrid and community cloud) and cloud services through survey and interviews with
different CC organizations. From this investigation, we will suggest a cloud environment for SWAF
based on the requirements such as cost, security, performance, functionality and flexibility. In the
following section, we will discuss and summarize the results of the survey and interview study in
table 10. As SWAF is a large organization which is using CC, the survey and interviews have been
conducted with small (25%), medium (25%) and large (50%) organizations using CC architecture.
According to the overall percentage of the empirical study, we compared the results of medium and
large organisation with SWAF. But, SWAF accepted the results of all small, medium and large scale
organizations because; they considered the security, cost, functionality, performance and flexibility
of different cloud environments with all the organizations.
44
5.3.1 Discussion of Qualitative and Quantitative data: We gathered qualitative and quantitative
data from different organisations. For the quantitative data we had conducted the online survey on
CC with different organizations like Oracle, TCS, IBM, and Microsoft and also published in social
networking sites (LinkedIn). The qualitative data had been gathered by conducting the interviews
with four different organizations those who use (Accenture and City Network Hosting) and not using
(ST Ericsson and Sandvik) CC. We had prepared the different questionnaire for the survey (consists
of 18 questions), which has been sent to 20 participants and 14 of them were responded to the
survey. The interview section (consists of 9 questions) was conducted with the above mentioned
organizations.
5.3.2 Discussion of Survey and Interview: The survey and interview study have been conducted to
organizations to know their use and requirements of CC, cloud services and cloud environments such
as public, private and hybrid cloud environments based on different factors like cost, security,
performance, flexibility and functionality. Based on the results of the survey and interviews, we can
conclude that:
CC architecture is used by the organizations because of cost, flexibility, performance,
security, functionality, reduces infrastructure cost and different services are provided by
cloud providers.
Most of the organizations working on CC prefer private and public cloud equally but the
private (32%) cloud environment is used because of security, functionality, performance and
privacy reasons. But, few of the organizations prefer public (32%) cloud environment
because of low cost, flexibility and scalability.
If we consider the above statistics many companies are using public and private cloud, but
among them most of the organizations are also ready to move to hybrid (27%) cloud
environment, which is a mix of both private (internal) cloud and public (external) cloud. 9%
of the organizations prefer community cloud, in which they can share the infrastructure with
organizations having same requirements.
As a result of the survey, most of the participants prefer hybrid cloud for security and in this way
they can use internal and external resources. Factors mentioned in the survey (such as cost, security,
performance, flexibility and better functionality) of cloud environments depend upon the services
and applications needed by the organizations. Participants have given priority to factors depending
on their experience and opinion of cloud environments. However, the cost factor depends on the
selected cloud environment of the organization.
By comparing the results of the survey, public cloud is used by 44.4% of organizations. And
it is preferred by 32% of organizations because of performance, flexibility, functionality and
less cost. Public cloud is used by small-scale organizations because they can share the
infrastructure and other services from service provider for limited number of users.
Private cloud is used by 44.4% of organizations. But it is preferred by 32% of organizations
because of security, performance, flexibility and functionality. Private cloud costs more
because the infrastructure is maintained by the organization itself, therefore medium (if the
organizations want their data to be secured) and large-scale organizations can use private
cloud, which is also more secured.
Hybrid cloud is used by 11.1% of the organization. If we consider the factors in hybrid cloud
environments, large scale organizations can use internal and external resources depending on
their needs. Hybrid cloud is cost effective (depends upon computing), flexible, secured, has
45
good performance and have better functionality. Because of these requirements hybrid cloud
is preferred by 27% of organizations for their future use.
The interview participants specified some limitations of CC such as security issues and breaks of
the cloud. Some interviewees specified that some of the organizations that are using alternative
architectures to CC may shift to CC architecture and select the cloud environment depending on
their applications. If the organizations use hybrid cloud environment, they can use the services
from different cloud provider and maintain their security for services and data behind the internal
firewalls of the organization. The following Table 10 summarizes and compares the results of the
survey and of the interview study with all the requirements (cost, security, performance,
flexibility and functionality) of different cloud environments.
Table 10: Comparison of the results of survey and interview study General Questions Survey Interviews
Reasons for using the CC
architecture
Pay-per-use model,
performance, reduces
administration cost; reduce
infrastructure, security, and
flexibility.
Cost, scalability, flexibility,
functionality, performance and
security
Organizations using cloud
environments
44.4% are using public cloud,
44.4% are using private cloud
and 11.1% are using hybrid
cloud
50% are using hybrid cloud and
other two organizations are not
using CC architecture
Priority of cloud Private
Environments Public
Hybrid
Community
32%
32%
27%
9%
25%
25%
50%
0%
Factors of private cloud Security-42%, Flexibility-40%,
performance-40%, cost-40%,
better functionality-40%
Security, performance and
functionality are preferred
according to the interviewee‟s
Factors of public cloud Security-32%, cost-33%, better
functionality-30%, performance
and flexibility-30%
Functionality and flexibility are
most preferred.
Factors of hybrid cloud Security-26%, cost-27%,
performance-30%, flexibility-
30%, better functionality-30%
Security, performance,
flexibility and better
functionality are preferred.
Organizations preferring
hybrid cloud
38% want to prefer hybrid
cloud and 62% will not shift to
hybrid cloud
50% prefer hybrid cloud and
50% prefer private cloud.
Reasons for preferring
hybrid cloud
Use of internal and external
resources, security.
Large organizations can use
hybrid cloud to use internal and
external resources.
Cloud services used and
provided by the organizations
SaaS-35.5%, IaaS-35.6% and
PaaS-28.9%
SaaS, IaaS, DaaS and hosting
services.
5.3.3 Suggesting the cloud environment
SWAF is a large scale organization, where they are having several processes which are undertaken
and dispatched by themselves. Currently they keep both sensitive and non-sensitive information in
the internal cloud, because of this the maintenance and cost issues increases. In order to overcome
this we can use hybrid cloud, where we can keep the sensitive information in private cloud and non-
46
sensitive information in public cloud.Hybrid cloud is having more functionality with better
performance compared to other cloud environment also by the integration of public and private cloud
it is more secured. Cost is also affordable for computing the whole environment. According to the
survey, Hybrid cloud is been selected because of the flexibility of services, use of internal and
external resources and security. Survey had been conducted with small, medium and large
organizations. From this, small and medium scale organizations are using public cloud and private
cloud. Because small scale organizations have less number of users, so to maintain and manage the
infrastructure and other services will be more expensive. So, instead they can outsource the services
from different cloud providers according to their usage with less cost. Medium scale organizations
do not want to use any external resources, do not want to outsource the services from cloud providers
and want to store and secure their data within the organization so they prefer private cloud. But, in
the survey we found that, small and medium scale organizations prefer Hybrid cloud for large scale
organizations because they can use both internal and external resources, they also provide some of
the cloud services to different organizations and can afford for less cost.
We suggest the cloud environments by matching the results of interview and survey from the
requirements (security, flexibility, functionality, cost and performance) given by SWAF; this is
explained in table 11. The results of the empirical study have been recognized by SWAF.
Table 11: Comparing the requirements of SWAF with the empirical studies
Requirements Given By SWAF
Suggestion of Cloud Environment
SURVEY
INTERVIEW STUDY
Security
Security is one of the factors to be
considered for SWAF; SWAF needs
high security for their data and
applications to be processed within
the organization. So, hybrid cloud is
more secured when compared to
public and private clouds, because
they can have the sensitive
information within their organization.
From the survey 26% of people
prefer hybrid cloud because on the
security.
According to the
interviews results hybrid
cloud is preferred based on
the following
Requirements
High Security
High Performance
Greater Flexibility
Better Functionality
Cost
Cost is one of the factors to be
considered for SWAF; because it is
measured based on the use of services
in hybrid cloud environments, which
provides affordable cost to SWAF.
And from the survey 27% of people
prefer hybrid cloud based on the cost.
Functionality
Functionality is one of the factors to
be considered for SWAF; Hybrid
cloud provides greater functionality
when compared to public and private
cloud. Where they can outsource the
47
functions like E-mail, Travel, Payroll,
Conferencing, Social media and in
source the functions like ERP,
Finance, Human Resource. From the
survey 30% of people prefer hybrid
cloud based on greater functionality.
Flexibility
Flexibility is one of the factors to be
considered for SWAF; where hybrid
cloud is more flexible than other
cloud because we can
add/change/update the services
according to the use of organizations.
From the survey 30% of people
prefer hybrid cloud based on the
flexibility.
Performance
In hybrid cloud, both internal and
external resources are used where the
organizations are having sensitive
information in one system and non-
sensitive information in another
system. So it makes the system to
have high performance. From the
survey 30% of people prefer hybrid
cloud based on the performance.
Community cloud could be used for SWAF for sharing infrastructure like network, storage capacity,
servers, information sharing, message transfers and for logistic purpose. Community cloud do not offer
the same cost savings as a public cloud because here fewer users sharing the infrastructure cost, but it is
less expensive than a private cloud, and works much like a public cloud, except that it is restricted to
only members of the community. Community cloud is also mostly used only by the large organizations
like government, educational institutions, and non-profit organization. Hereby SWAF can also share
their infrastructure and use internal and external resources.
“As a result we suggest Hybrid and Community Cloud to SWAF”
By analyzing the empirical study and by considering the requirements, the cloud environments have
been suggested. From our survey result (33.33%) we found that the large scale organizations (100+
employees) like (IBM, Oracle, Sales force) are using hybrid cloud environment and rest of the small
scale and medium scale organizations are using other cloud environments. First of all SWAF wants
to use Cloud computing(meeting the requirements) for their future use, so in survey and interview we
mainly concentrated on the organizations those who are shifting to new environment. By comparing
the SWAF (large scale organization) with other large scale companies (survey results) we analyzed
and suggested the hybrid cloud environment
As a result of our thesis we were suggesting Hybrid cloud environment for SWAF, During the
literature study we have described about all the cloud environments and now in the following point
we mentioned how the inputs((High Performance, High security, Affordable cost, Greater flexibility
and more functionality)) from SWAF is used in our work(from literature and empirical study).
48
A hybrid cloud is composed of online storage (reliable and secure place to store data), online
desktop (access anywhere we can connect to the Internet) and web based applications (like
Google docs) in this way it is possible to free up resources and processing power
Hybrid cloud makes the customers agree to a viable and cost-saving methodology to make a
great use of public cloud services along with their private cloud services
Here the data is been secured in hybrid cloud architecture, that consists of private clouds for
sensitive, non-shared information; public clouds for information gathering, dissemination of
public information.
By outsourcing infrastructure, it enables IT departments to focus on strategic ideas that add
value and create competitive advantage, rather than getting delayed in the daily information
of managing servers. As a result this provides greater performance while outsourcing the
services.
The hybrid cloud exploits flexibility in the organization, as it can be a composition and
combination of at least one private cloud and at least one public cloud.
This hybrid cloud environment provides more prominent functionality by archiving
information, backup functions and allowing local data to be replicated to a public cloud.
In public cloud, the services and data will be used by the general public and different users. So, this
data will be stored in the system which is external. In private cloud, the applications and data will be
stored and accessed securely with the users of the organization. Because, the private cloud
environment is created by the organization itself, by different services, application and data. Hybrid
cloud is a mix of both private and public cloud environments. So, it is more secured than public
cloud and similar to private cloud environment. So, the information which is sensitive to the
organization (like Finance, Administration, Details of staff and more) can be stored securely in
private cloud environment. The data in this private environment will be used and accessed only by
the users of the organization. In public cloud environment, they can use external services (email,
travel and social media).
The percentages (Security-26%, cost-27%, performance-30%, flexibility-30%, better functionality-
30%) given in the table 9 are the factors of choosing hybrid cloud. We have not chosen based only
on those values. In fact 62% of the participants do not use Hybrid cloud, only 38% of the participants
prefer to hybrid cloud. Here also the question may arise why other environment has been chosen!
There may be many organizations using private or public cloud, but if we raise a question about what
will be your future scope? Most of them prefer hybrid cloud as their future use because of the use of
both internal and external resources. Also for large scale organizations , government organizations
and defense organizations hybrid cloud will be the suitable environment as said by Anya Kim[2].By
comparing the SWAF (large scale organization) with other large scale companies (survey results) we
analyzed and suggested the hybrid cloud environment.
49
CHAPTER 6
PROPOSED MODEL FROM THE ACHIEVED RESULTS
This chapter describes the requirements and the design of a cloud environment that can be suitable to
SWAF. This model is designed in hybrid and community cloud environments which are used for
sharing the infrastructure like network, storage, servers and more resources for SWAF and with
security requirements which are explained in the further sections. Also each block of this model is
explained in the following sub-sections and the designed cloud model is compared with the existing
model at SWAF
6.1 Inputs used for designing the new cloud model The content of this section was framed after making the discussion with SWAF external supervisor
and by making the literature study. We have designed a new cloud model in hybrid and community
cloud environment by considering the following security requirements.
Inputs from SWAF
There will be a lot of requirements depending on how sensitive and non-sensitive information
will be. Swedish Armed Forces has separated networks for each (security) level. These levels are,
Public information (Secret/Restricted , Secret/confidential)
Internal information (Secret)
Privacy information (Secret/Top Secret)
The requirements is about things related to (for example) organization, method,
Administrative actions, user training, physical protection, but mostly different types of
Security features.
Inputs from Literature Study
Building internal firewall, by ensuring the security inside the organization.
Maintaining different servers for different applications (Mail server, Web server, Network
server, SSL-VPN server, etc.)
Secure web filtering
VPN tunnels for connecting to a private local area network at remote location
Inputs from Empirical study
Community and Hybrid cloud environments.
High speed Internet
6.2 Model design Cloud Computing is specially known in the aspect of fast internet collaboration condition [45]. Here
we propose a model (see figure 14) where each user of the cloud will be connected to the system via
an Asymmetric SSL Tunnels (AST) which passes through the Secure Socket Layer VPN (SSL VPN)
server. In earlier cloud model for security purpose, people were connecting through SSL-based
Virtual Private Network (symmetric method) [47].
Also there is a popular form of security model by having Cloud firewall inside the cloud model [80],
this provides the information of how and where the firewall works and to be installed in the system.
In general there is a problem with the data that are encrypted at one end and decrypted at the other
end, or contrariwise for the reverse direction and all the data flows of VPN are relayed by VPN
50
server via SSL tunnels, those symmetric SSL tunnels cause a lot of computational load concentrated
in VPN server, and make it the bottleneck of VPN [48]. In order to eliminate that bottleneck for
larger scale SSL, VPNs and AST have been used. Each block of this model is explained below.
i) User
SWAF employees are the users of this system, where they can operate with this cloud network from
any of their branches by Asymmetric SSL Tunnel (AST) through internet and this feature provides a
safe and secure access to the user.
ii) Internal Firewall
A single firewall at the Internet gateway is no longer sufficient. In some cases if we want to build an
internal firewall; it is better to have firewall between two separate organizations that share a
network, rather than between a single organization and the Internet. In this context the internal
firewall differs from personal firewall [50]. This internal firewall is maintained inside SWAF.
Figure 14: Proposed Cloud model
iii) SSL VPN server
Computer networks use a tunnelling protocol, where protocol provides a secure path through an un-
trusted network. Secure Sockets Layer (SSL) is presented in the transport layer of Open Systems
Interconnection model (OSI) model, where this cryptographic protocol provides communication
security over internet. SSL VPN is a secure remote access solution based on SSL/TLS [28] protocol.
According to the prediction of Gartner Company [33], SSL VPN market will grow more than 170%
51
per year. Compared with other virtual private network technologies, SSL VPN has the following
outstanding advantages: low cost, easy-to- deploy, fine-grained access control, etc. But its
performance and scalability are also hampered by the computation overhead of SSL protocol. VPN
server is the key equipment to construct an asymmetric SSL VPN.
iv) Personal firewall
A personal firewall is defined as a software service running in an operating system that provides
simple firewall capability for a personal computer. Most personal firewalls support static packet
filters.
All users should install a personal firewall on their systems, not only to help/prevent others at nearby
hotspots from accessing their devices, but also as part of a broad-based defence against hackers
residing on other parts of the Internet.
v) Private Cloud
A private cloud is one in which the services and infrastructure are maintained on a private network. It
has greater level of security and control but the organizations require purchasing all software,
platform and infrastructure, where it reduces the cost savings. We can use private clouds to maintain
the security and control by the same organization instead of outsourcing to other providers.
vi) Public Cloud
A public cloud is one in which the services and infrastructure are provided off-site over the Internet.
We can use public cloud to add computer capacity for peak times, doing collaboration projects,
doing ad-hoc software development project using PaaS and workload for applications is used by lots
of people, such as e-mail.
vii) Hybrid Cloud
A hybrid cloud includes a variety of public and private options with multiple providers. We have to
keep track of multiple different security platforms and ensure that all aspects of our business can
communicate with each other. We can use hybrid clouds for our organization to use a SaaS
application but is concerned about security. And company offers services that are tailored for
different vertical markets. You can use a public cloud to interact with the clients but keep their data
secured within a private cloud.
viii) Community cloud
Community cloud can be implemented where several organizations have similar requirements and
where they can share the infrastructure. The sharing can be like general information of the
organization, messaging and other applications. In this model, community cloud is used for sharing
the information with users of SWAF, accessing applications, sharing infrastructure, mail and web
servers and logistics purpose. Here the computing cost of community cloud is more than the public
cloud, but it offers of higher level of privacy and security.
ix) Storage
Here in this architecture we kept two different databases. One DB is to store the sensitive
information from the private cloud and other DB to maintain the non-sensitive information from the
public cloud. The hybrid storage cloud uses a combination of public and private storage clouds; they
are often used for archiving, backup functions and allowing local data to be replicated to a public
cloud.
x) Asymmetric SSL Tunnel (AST)
Secure socket layer based virtual private network (SSL VPN) provides a safe and easy approach for
remote accessing. SSL provides CIA (Confidentiality, Integrity, Availability), also provides
permission to be used with any protocol that uses TCP as the transport layer. Symmetric SSL tunnels
52
cause a lot of computational load concentrated in VPN server, and make it the bottleneck of VPN
[47].
In order to eliminate that bottleneck for larger scale SSL VPNs, Asymmetric SSL Tunnels (AST
came) are been used. Where AST computational load is distributed to detached internal application
servers. AST solution improves the overall VPN throughput radically and this solution doesn‟t need
any modification on internal server programs. In this model we have used two firewalls one is
maintained inside and other is maintained outside the organization.
The first firewall (Personal firewall) is installed on all the user systems. This firewall is not only to
help/prevent others at nearby hotspots from accessing their devices, but also as part of a broad-based
defense against hackers residing on other parts of the Internet. The internal firewall differs from
personal firewall [50]. This internal firewall is maintained inside SWAF.
Personal firewalls support static packet filters. This static packet filter provides network packet
filtering based only on packet information in the current packet and administrator rules. Static packet
filtering filters packets are based on [79]:
Administrator defined rules governing allowed ports and IP addresses at the network
and transport layers of the OSI network model.
Packet contents including the network and transport layer contents
So by these two firewalls we can run the model effectively. Also we are not depending only on
firewalls, for communication purpose we make use of SSL VPN server. SSL provides CIA
(Confidentiality, Integrity, Availability), also provides permission to be used with any protocol that
uses TCP as the transport layer. This cryptographic protocol provides communication security over
internet.
6.3 Analysis of designed model In the existing system, SWAF are using Private cloud which they created for their own internal use.
A private cloud is typically hosted on the company‟s own servers, within their own network
infrastructure. After gathering the information from SWAF we started our literature, survey and
interview study regarding the improvement of existing system and how could we overcome the
problem of SWAF (see section 1.1). Most of the experts gave similar answers about the problem in
using private cloud, i.e. since the private cloud is hosted on sight, the organization needs to provide
adequate power, cooling, and general maintenance. And the organization needs to invest a lot for
purchasing own hardware. Private clouds also require system administrators. With these pre
requirements we have designed a new model that can be used by SWAF with the combination of
public and private cloud. This means that we suggest the hybrid cloud environment with the use of
community cloud where they can also share their infrastructure with the other branches of SWAF
located in various parts of the world. This makes SWAF more comfort and the model is ease to use.
For connecting to the cloud we have designed the cloud with AST connectivity. This asymmetric
SSL Tunnel,
Avoids from the bottleneck problem and provides a safe and easy approach for remote
accessing.
Provides a secure path through an un-trusted network.
It is necessary to launch a VPN tunnel to each server, if the client wants to communicate with
multiple servers. If a user wants to browse Web sites, he/she must frequently turn off the VPN
53
because most Web servers do not support VPN. This problem can be solved by letting all traffic from
a laptop client go through a company‟s VPN server.
After connecting to the cloud, a user gets the permission to share SWAF infrastructure (Mail servers,
web servers, E-record service, Supply chain management and etc.) via community cloud. The survey
tells that 27% of the users would like to shift towards hybrid cloud, which is a combination of Public
and private cloud. The main reason for shifting to hybrid cloud is security and ability of using
software and saved files with different servers. All the sensitive information of private cloud is stored
in a separate database and non-sensitive information of public cloud is stored in separate database.
Therefore, by using our model SWAF can improve their services.
6.4 Suggestion given by SWAF The model has been designed in the suggested cloud environments with the requirements given by
SWAF and some from literature study (section 6.1). After designing the cloud model, we had a
meeting with the external advisor at SWAF. During that session we had explained and presented the
new cloud model. SWAF has analyzed and given some suggestions to make it more secured by using
the following listed security requirements. The advisors of SWAF have also given their opinion and
suggestions to improve the designed model with respect to their existing model and the technology
advancement. The following security requirements will be added/modified (if any requirement has
its better version) to our proposed model.
1. Enterprise-class stateful firewall
2. IPSec VPN
3. SSL-based OpenVPN
4. Network intrusion prevention system
5. Secure web filtering
6. Dynamic routing and more to enable per customer or per server security and connectivity.
The model we designed (section 6.2) will be slightly changed after modifying/updating the
suggestions given by SWAF. The Security requirements that were suggested by SWAF are briefly
explained in the following section, but the investigation of these requirements will be done as future
work.
Enterprise-class stateful firewall
Enterprise class stateful firewall is a security feature that supports authentication proxy / 802.1x for
wireless network and split tunnelling. This firewall will be added to our designed model by placing
inside the SWAF for the purpose of network authentication.
IPSec VPN
IPSec is located in the network layer of the OSI model. This network protocol supports encryption
and authentication. IPSec is frequently used in so-called "tunnel mode" with a Virtual Private
Network (VPN). However, IPSec also supports a "transport mode" for direct connection between
two computers. This IPSec VPN will not affect the designed model, because this part of SSL VPN
server module which is to be added with the model. So no modifications will be done after
implementing this suggestion.
SSL-based OpenVPN
SSL based OpenVPN is explained in section 3.2. This SSL-based open VPN will not make any
change in the model, because we have already implemented the Asymmetric SSL Tunnel (AST) in
our design which provides greater security and higher functionality compared to this SSL-based
Open VPN.
54
Network intrusion prevention system
This Intrusion Prevention system (IPS) is a network security control that monitors system and
network from the malicious activity. This system is also called as Intrusion Detection and prevention
System (IDPS). This intrusion detection system is like a device/software application that monitors all
network system activities; it will not cause much affection in our model. This device is been kept in
the client side(at SWAF).
Secure web filtering
Secure web filtering is very important for all the organization also SWAF to consider the following
steps in order to be safe from the attacker. First the IT manager need to guard against the security
risks and bandwidth drains of unrestricted access to peer-to-peer (P2P) sites, illegal file downloads,
or visits to sites where PCs and networks can be exposed to viruses and malicious software. There is
a product called SmartFilter, which meets all the requirement of the organization also its simple to
manage, highly inexpensive and easy to use. This web filter will be placed after the internal firewall
in our designed model, this requirement is been used in order to block the malicious web sites, file
types, MIME (Multipurpose Internet Mail Extensions) types and blocking pages from IP, allow only
hosts.
Dynamic routing
Dynamic routing is the location of the remote resource that is decided at run time. It also determines
the next-best paths if the best path to a destination becomes unused. It uses dynamic protocols to find
the optimal path and update the routing table between the source and the destination computers. The
best possible path to transfer information across two computers in a network is determined by the
data entered in the routing table. There will be no much changes will be occurred in our designed
model because the routing table is stored in the form of a database or simply like a file stored in the
router. These information stored in database/router are changed dynamically by the router itself.
These suggestion are been given by SWAF because, as technologies are changing day-by-day we
need more security for data and in future SWAF may need more security requirements in the model.
Implementing the suggested security requirements the model in the figure 14 does not change a lot.
But one or two security requirements will be added accordingly. For instance, Enterprise class
stateful firewall and web filter will be added newly to the model. Before fixing them in the current
model again we have to make a literature study, whether by including this it will affect the other
component or not, check about the cost requirement, analyzing the pros & cons and to find whether it
makes any fault in the system by use of web filter. So, as our future work these researches will be
done for the suggested security requirements.
55
CHAPTER 7
CONCLUSION AND FUTURE WORK 7.1 Summary In this thesis, we have done a detailed study on different definitions of cloud computing, cloud
environments and cloud services. The main goal of our thesis is to suggest a suitable cloud
environment from public, private, hybrid and community clouds to SWAF. For suggesting a cloud
environment to SWAF, two empirical studies (a survey and an interview study) have been conducted
with different organizations using and not using CC (in order to know the drawbacks of CC). From
an analysis of the results of the empirical studies, most of the organizations prefer private and hybrid
cloud. This is because private clouds are secure and maintained by medium and large organizations
while hybrid clouds are used by large organizations which can use both internal and external
resources in a secured way.
As SWAF is a large organization and have both internal and external resources, both Hybrid and
Community cloud environments are suggested and also they can implement for their future use. In
general perspective, most of the organizations are using both public and private cloud but
organizations would prefer hybrid clouds because, this could be flexible to use both internal and
external resources. Therefore, we suggest hybrid cloud environment could be suitable and flexible
for SWAF. SWAF have similar requirement at all their branches, therefore we also suggest
Community cloud, because it allows sharing the infrastructures.
From an analysis of the results of the survey and interview study, the hybrid cloud environment is
more preferable for large organization. If we consider the factors in hybrid cloud environment:
Cost – Hybrid cloud is cost effective and depends upon the computing and use of
internal/external resources,
Security – though the services are provided from different cloud provider, security can be
maintained inside the organizations by taking the Service Level Agreement (SLA)from cloud
provider,
Performance and Functionality – it depend upon the applications and services used by the
organization,
Flexibility - by outsourcing the infrastructure it enables IT departments to focus on strategic
ideas that add value and create competitive advantage, rather than getting delayed in the daily
information of managing servers. As a result this provides greater flexibility while
outsourcing the services.
We have proposed a model to SWAF for improving and making better changes of their existing
system. This model is designed by making a literature study, interviews and a survey with the IT
companies that using cloud computing and not using cloud computing. The model has been designed
in the suggested Hybrid and Community cloud environment which can overcome the issues of
SWAF internal cloud.
56
7.2 Answering the research questions In chapter 1 we have formatted the research questions, in this section we have provided the results
for those research questions by answering them separately according to the achieved results.
RQ 1: Which environment (public cloud, private cloud and hybrid cloud) could be suitable to SWAF
with respect to performance, security, cost, flexibility and functionality?
After completing the literature study, we have conducted a survey and an interview study.
The literature study tells how the hybrid cloud makes the organization to keep safe of both
sensitive and non-sensitive data.
The information shared can be like general information of the organization, messaging and
other applications. The cost of community cloud is affordable because the infrastructure is
shared with all the users of the organization. Here the computing cost of community cloud is
more than the public cloud, but it offers higher level of privacy and security.
Based on the survey results, 32% of the organizations prefer Public clouds, 32% of the
organizations prefer Private cloud, 27% of the organizations prefer Hybrid cloud and 9% of
the organizations prefer Community cloud.
From the interview study we found that:
Public cloud could be useful for small organizations so that they can outsource the
infrastructure in which, it could be cost effective and maintained by the service provider. This
also provides with greater functionality and flexibility
Private cloud could be useful for large organizations, where the infrastructure can be used by
more users and it can be maintained and managed by organization itself. This also provides
greater security, reduction in cost and good performance.
Some of the organizations are willing to shift to hybrid cloud environment in future,
depending upon the size of applications in which they use. The companies specified that,
hybrid cloud environment can be used for the organizations using external resources and for
large scale organizations.
RQ 2: How the services Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS),
Platform- as-a-Service (Paas) could be used by SWAF?
The second research question RQ2, is focused on the cloud services such as IaaS,
SaaS and PaaS. In this research, a detailed study has been done about cloud services,
different cloud service providers and their features. As a conclusion, there is a
possibility for SWAF to outsource one or more services to the cloud providers like
Microsoft Azure, Amazon Web Services and to other providers specified during this
research.
The hybrid cloud environment in an organization provides more benefits of using
IaaS, SaaS and PaaS. If the services are outsourced from different cloud provider,
SWAF can have an agreement for maintaining the security for data, servers and
applications from inside the SWAF. SWAF can get the services from the service
providers as mentioned in Figure 2. It is better for SWAF having similar requirement
at all their offices, so that we suggest using the Community cloud, which plays the
vital role of sharing the infrastructure.
57
SWAF is currently using only private cloud, in this thesis we have proposed hybrid
and community cloud environment which provides High Security, High Performance,
Greater Flexibility and Better Functionality. This combination of hybrid and
community cloud environment can be applied to other IT organizations which are
similar to SWAF. By modifying the services according to their requirements by and
generalizing our cloud model.
7.3 Future work Our goal is to improve the new proposed design in future. During this thesis work we found the
suitable cloud environment and services for SWAF, next step is to investigate on different security
requirements and provide the framework details of the designed model, and also by physically
implementing and testing the model at SWAF. After the successful outcome, we can test and apply
the model for other large scale IT organizations by modifying services to their inputs. The model
proposed in chapter 5 will be generalized after implementing the proposed cloud model at SWAF, So
that we can consider specific modules from more general modules.
58
REFERENCES
1. Ramgovind.S, Eloff.M, and Smith.E, “The management of security in Cloud computing,” in
Information Security for South Africa (ISSA), 2010, pp. 1-7, 2010.
2. Anya kim, John McDermott, and Myong Kang, “Security and Architectural Issues for
National Security Cloud Computing”, IEEE 30th International Conference on Distributed
Computing Systems, 2010
3. Hassan Takabi, James B. D. Joshi, Gail-Joon Ahn,SecureCloud: Towards a Comprehensive
Securiy Framework for Cloud Computing Environments‟, in Information Science at
Pittsburgh, USA, 2010.
4. Zhibin Chen, Jianfeng Yang, Cloud Computing Research and Security Issues‟, in Computer
Science and Technology, China
5. Chunye Gong, Jie Liu, Qiang Zhang, Haitao Chen and Zhenghu Gong, „The Characteristics
of Cloud Computing‟, Department of Computer Sciences, China, 2010.
6. Malcolm.D, “The five defining characteristics of cloud computing”,
http://news.zdnet.com/2100-9595_22-287001.html.
7. “The Functionality of Cloud Computing | Cloud Computing World.” [Online]. Available:
http://www.cloudcomputingworld.org/cloud-computing-for-businesses/the-functionality-of-
cloud-computing.html. [Accessed: 06-Jul-2011].
8. “Amazon Elastic Compute Cloud (Amazon EC2).” [Online]. Available:
http://aws.amazon.com/ec2/. [Accessed: 02-Jun-2011].
9. “GoodRelations & RDFa for Deep Comparison Shopping on a Web Scale.” [Online].
Available: http://www.slideshare.net/mhepp/goodrelations-rdfa-for-deep-comparison-
shopping-on-a-web-scale. [Accessed: 17-Apr-2011].
10. “IBM Cloud Computing - United States.” [Online]. Available: http://www.ibm.com/cloud-
computing/us/en/. [Accessed: 02-Jun-2011].
11. “Windows Azure | Microsoft PaaS | Cloud Services | Application Hosting.” [Online].
Available: http://www.microsoft.com/windowsazure/. [Accessed: 02-Jun-2011].
12. “Deploying SOA and Cloud Computing with a Tactical Approach | GovIT News.” [Online].
Available: http://govitnews.sys-con.com/node/1134716. [Accessed: 02-Jun-2011].
59
13. Mell.P and Grance.T, Draft NIST Working Definition of Cloud Computing. .” [Online].
Available: http://info.apps.gov/sites/default/files/NIST_Cloud_Definition.doc
[Accessed: 02-Jun -2011]
14. “Facts and figures - Försvarsmakten.” [Online]. Available:
http://www.forsvarsmakten.se/sv/About-the-Armed-Forces/The-Swedish-Armed-Forces-in-
figures/. [Accessed: 19-Feb-2011].
15. Syam Kumar.P, Subramanian. R, and Thamizh Selvam.D, “Ensuring data storage security in
cloud computing using Sobol Sequence,” in Parallel Distributed and Grid Computing
(PDGC), 2010 1st International Conference on, pp. 217-222, 2010.
16. Ruan Gaofeng and Cai Jing, “Online course development based on a public cloud computing
infrastructure,” Networking and Digital Society (ICNDS), 2010 2nd International Conference
on, 2010, pp. 47-50.
17. Kaufman.L, “Can Public-Cloud Security Meet Its Unique Challenges?,” Security & Privacy,
IEEE, vol. 8, 2010, pp. 55-57.
18. Foster.K, Shea.J, Michael.J, Otani.T, Peitso.T, and Man-Tak Shing, “Cloud Computing for
Large-Scale Weapon Systems,” Granular Computing (GrC), 2010 IEEE International
Conference on, 2010, pp. 161-166.
19. Li.A, Yang.X, Kandula.S, and Zhang.M, “CloudCmp: comparing public cloud providers,”
Proceedings of the 10th annual conference on Internet measurement, New York, NY, USA:
ACM, 2010, pp. 1–14.
20. Bao Rong Chang, Hsiu Fen Tsai, Chien-Feng Huang, and Hsi-Chung Huang, “Private Small-
Cloud Computing in Connection with Linux Thin Client,” Pervasive Computing Signal
Processing and Applications (PCSPA), 2010 First International Conference on, 2010, pp. 82-
87.
21. Jingyu Ding, Jiajin Le, Rui Xie, and Yaohui Jin, “Data center consolidation with virtualized
private network: A step towards enterprise cloud,” Computer Application and System
Modeling (ICCASM), 2010 International Conference on, 2010, pp. V4-563-V4-567.
22. Sang-Ho Na, Jun-Young Park, and Eui-Nam Huh, “Personal Cloud Computing Security
Framework,” Services Computing Conference (APSCC), 2010 IEEE Asia-Pacific, 2010, pp.
671-675.
23. Radu Prodan, Simon Ostermann, „A Survey and Taxonomy of Infrastructure as a Service and
Web Hosting Cloud Providers‟, in Institute of Computer Science, University of Innsbruck,
Austria. 10th
IEEE/ACM International Conference,2009.
24. Wenhong Tian, Sheng Su, Guoming Lu, „A framework for Implementing and managing
platform as a service in a virtual cloud computing lab‟, school of Computer Science and
Software Engineering, Chengdu, China.
60
25. Minqi Zhou, Rong Zhang, Dadan Zeng, Weining Qian, „Services in the Cloud Computing
Era: A Survey‟, Software Engineering Institute, East China Normal University, Shanghai,
China. National Institute of Information and communications Technology, Kyoto, Japan.
26. Jae Yoo Lee, Jung Woo Lee, Du Wan Cheun, Soo Dong Kim, „A Quality Model for
Evaluating Software-as-a-Service in Cloud Computing‟, Department of Computer Science,
Soongsil University, Korea. 7th
ACIS International Conference on Software Engineering
Research, 2009.
27. Michael Armbrust, Armando Fox, rean Griffith, Anthony D. Joseph, Randy Katz, Andy
Konwinski, Gunho Lee, David Patterson, Ariel Rabkin, Ion Stoica, Matei Zaharia, „A View
of Cloud Computing‟, Communications of the ACM, vol.53 No.4, April 2010.
28. Dierks.T and Allen.C, “RFC2246: The TLS Version 1.0”, [Online]. Available:
http://www.ietf.org/rfc/rfc2246.txt . [Accessed: 02-Jun-2011].
29. “Elastic Load Balancing.” [Online]. Available: http://aws.amazon.com/elasticloadbalancing/.
[Accessed: 02-Jun-2011].
30. “Amazon Simple Storage Service (Amazon S3).” [Online]. Available:
http://aws.amazon.com/s3/. [Accessed: 02-Jun-2011].
31. “Cloud Hosting, Cloud Servers, Hybrid Hosting, Cloud Infrastructure from GoGrid.”
[Online]. Available: http://www.gogrid.com/. [Accessed: 02-Jun-2011].
32. “Google App Engine - Google Code.” [Online]. Available:
http://code.google.com/appengine/. [Accessed: 02-Jun-2011].
33. “Technology Research & Business Leader Insight | Gartner Inc.” [Online]. Available:
http://www.gartner.com/technology/home.jsp. [Accessed: 03-Jun-2011].
34. “Cloud Computing Interoperability Forum (CCIF): Home.” [Online]. Available:
http://www.cloudforum.org/. [Accessed: 02-Jun-2011].
35. “CRM - ledaren inom SaaS (Leader In Software-as-a-Service) - salesforce.com SE.”
[Online]. Available: http://www.salesforce.com/se/?ir=1. [Accessed: 02-Jun-2011].
36. Bhaskar Prasad Rimal, Eunmi Choi, Ian Lumb, „A Taxonomy and Survey of Cloud
Computing‟, School of Business IT, Kookmin University, Korea. Computing and Network
services, York University, Canada.
37. Judith Hurwitz, Robin Bloor, Marcia Kaufman, Fern Halper, „Cloud Computing for
Dummies.
61
38. “CloudClip.Net - Light Through the Clouds of Computing.” [Online]. Available:
http://cloudclip.net/. [Accessed: 23-Apr-2011].
39. “How Does the Cloud Work? « wrLapinsky‟s Blog.” [Online]. Available:
http://wrlapinsky.wordpress.com/2010/09/26/how-does-the-cloud-work/. [Accessed: 23-Apr-
2011].
40. “About the Armed Forces - Försvarsmakten.” [Online]. Available:
http://www.forsvarsmakten.se/en/About-the-Armed-Forces/. [Accessed: 02-May-2011].
41. “Facts and figures - Försvarsmakten.” [Online]. Available:
http://www.forsvarsmakten.se/en/About-the-Armed-Forces/The-Swedish-Armed-Forces-in-
figures/. [Accessed: 02-Jun-2011].
42. Garfinkel.T, Pfaff.B, Chow.J, Rosenblum.M, and Boneh.D, “Terra: a virtual machine-based
platform for trusted computing,” in Proceedings of the 19th ACM Symposium on Operating
Systems Principles 2003, SOSP 2003, Bolton Landing,
43. NY, USA. ACM, October 2003, pp. 193–206.G. Briscoe and A. Marinos, “Digital
ecosystems in the clouds: towards community cloud computing,” 02-Oct-2009. [Online].
Available: http://eprints.lse.ac.uk/26664/. [Accessed: 02-Jun-2011].
44. “Eventually Consistent - ACM Queue.” [Online]. Available:
http://queue.acm.org/detail.cfm?id=1466448. [Accessed: 02-Jun-2011].
45. Wenhao.L, “A community cloud oriented workflow system framework and its scheduling
strategy,” in 2010 IEEE 2nd Symposium on Web Society, Beijing, China, 2010.
46. Baiardi.F and Sgandurra.D, “Securing a Community Cloud,” in Proceedings of the 2010
IEEE 30th International Conference on Distributed Computing Systems Workshops,
Washington, DC, USA, 2010, p. 32–41.
47. Zhou.J, Xia.H, Wang.X, and Yu.J, “A New VPN Solution Based on Asymmetrical SSL
Tunnels,” in Frontier of Computer Science and Technology, Japan-China Joint Workshop on,
Los Alamitos, CA, USA, 2006, vol. 0, pp. 71-78.
48. Huan Liang, O. Kabranov, D. Makrakis, and L. Orozco-Barbosa, “Minimal cost design of
virtual private networks,” in Electrical and Computer Engineering, 2002. IEEE CCECE
2002. Canadian Conference on, 2002, vol. 3, pp. 1610-1615 vol.3.
49. Hole. K. J, Dyrnes.E, and Thorsheim.P, “Securing Wi-Fi networks,” Computer, vol. 38, no.
7, pp. 28-34, 2005.
50. Brent Chapman.D & Elizabeth D. Zwicky, “Building Internet Firewalls,” 04-Feb-1999.
[Online]. Available: http://sjoel.home.xs4all.nl/the-networking-cd-
bookshelf/firewall/ch04_05.htm. [Accessed: 02-Jun-2011].
62
51. Gartner Says Cloud Computing Will Be As Influential As E-business.” [Online]. Available:
http://www.gartner.com/it/page.jsp?id=707508. [Accessed: 11-Jun-2011].
52. “Pensacola Junior College : MAC 1106 : CLOUD Computing.” [Online]. Available:
http://www.coursehero.com/file/6228948/CLOUD-Computing/?v0=1. [Accessed: 11-Jun-
2011].
53. Rajkumar Buyya, Market-Oriented Cloud Computing: Vision, Hype, and Reality for
Delivering IT Services as Computing Utilities. Department of Computer Science and
Software Engineering, University of Melbourne, Australia.
54. “Julio_Guijarro.pdf.” [Online]. Available:
http://ants.inf.um.es/ict2010/pdf/Julio_Guijarro.pdf/ . [Accessed: 02-May-2011].
55. Losup.A, Ostermann.S, Yigitbasi. M. N, Prodan. R, Fahringer. T, and Epema. D. H. J,
“Performance Analysis of Cloud Computing Services for Many-Tasks Scientific
Computing,” Parallel and Distributed Systems, IEEE Transactions on, vol. 22, no. 6, pp.
931-945, 2011.
56. “WhatCloudComputingMeanstoYou.pdf.” [Online]. Available:
http://www.vmware.com/appliances/directory/uploaded_files/WhatCloudComputingMeansto
You.pdf . [Accessed: 02-May-2011].
57. Lomet.D, Fekete.A, Weikum.G, and Zwilling. M, “Unbundling Transaction Services in the
Cloud,” 0909.1768, Sep. 2009.
58. Mell, P. & Grance, T., 2009. The NIST Definition of Cloud Computing. National Institute of
Standards and Technology, 53(6), p.50. Available at: http://csrc.nist.gov/groups/SNS/cloud-
computing/cloud-def-v15.doc.
59. “Microsoft Improves Performance Through Private Cloud Computing | CloudTweaks.com -
Cloud Computing Community.” [Online]. Available:
http://www.cloudtweaks.com/2011/03/microsoft-improves-performance-through-private-
cloud-computing/. [Accessed: 19-Jun-2011].
60. “Developers Callout | Eucalyptus Community.” [Online]. Available:
http://open.eucalyptus.com/. [Accessed: 19-Jun-2011].
61. “Amazon extends private cloud functionality - News - supplychainstandard.com.” [Online].
Available:http://www.supplychainstandard.com/Articles/3441/Amazon+extends+private+clo
ud+functionality.html. [Accessed: 19-Jun-2011].
62. Zhang. H, Jiang. G, Yoshihira.K., Chen. H, and Saxena. A, “Intelligent Workload Factoring
for a Hybrid Cloud Computing Model,” in Proceedings of the 2009 Congress on Services - I,
2009, pp. 701–708.
63
63. “Spotlight on Cloud Computing Series-Community Clouds” [Online]. Available:
http://net.educause.edu/ir/library/pdf/LIVE1017b.pdf [Accessed: 02-May-2011].
64. J.W. Creswell, Research Design: Qualitative, Quantitative, and Mixed Methods Approaches,
Sage Publications, 2008.
65. “Measurement: Reliablity and Validity measures” [Online]. Available:
http://ocw.jhsph.edu/courses/hsre/PDFs/HSRE_lect7_weiner.pdf [Accessed: 02-May-2011].
66. Shank, G. (2002). Qualitative Research. A Personal Skills Aproach. New Jersey: Merril
Prentice Hall
67. “Survey Methods.” [Online]. Available:
http://www.ischool.utexas.edu/~palmquis/courses/survey.html. [Accessed: 06-Jul-2011].
68. “What is Cost Accounting?” [Online]. Available: http://www.wisegeek.com/what-is-cost-
accounting.htm. [Accessed: 06-Jul-2011].
69. ''Security in Cloud computing'' [Online]. Available:
http://en.wikipedia.org/wiki/Cloud_computing_security . [Accessed: 04-July-2011]
70. “Cloud Computing.” [Online]. Available: http://www.compuware.com/application-
performance-management/cloud-computing-solutions.html. [Accessed: 06-Jul-2011].
71. “Simple Object Access Protocol (SOAP) 1.1.” [Online]. Available:
http://www.w3.org/TR/2000/NOTE-SOAP-20000508/. [Accessed: 06-Jul-2011].
72. “Fielding Dissertation: CHAPTER 5: Representational State Transfer (REST).” [Online].
Available: http://www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm. [Accessed:
06-Jul-2011].
73. “PHP: Hypertext Preprocessor.” [Online]. Available: http://www.php.net/. [Accessed: 06-Jul-
2011].
74. “Ruby Programming Language.” [Online]. Available: http://www.ruby-lang.org/en/.
[Accessed: 06-Jul-2011].
75. David S. Linthicum, ''Cloud computing and SOA Convergence in your Enterprise'', A step-
by-step guide.
76. Smith, Roger, ''Computing in the Cloud'', Industrial Research Institute, Research Technology
Management, Sep – Oct 2009.
77. Vidyanand Choudhary, “Comparison of Software Quality under Perpetual Licensing and
Software as a Service,‟‟ Journal of Management Information Systems, 2007. Volume 24,
pages 141-165.
64
78. “Conceptual, Logical, and Physical Data Models.” [Online]. Available:
http://www.1keydata.com/datawarehousing/data-modeling-levels.html. [Accessed: 06-Jul-
2011].
79. “Enterprise cloud computing gathers steam | ZDNet.” [Online]. Available:
http://www.zdnet.com/blog/hinchcliffe/enterprise-cloud-computing-gathers-steam/191.
[Accessed: 06-Jul-2011].
80. Weili Huang; Jian Yang; , "New Network Security Based on Cloud Computing," Education
Technology and Computer Science (ETCS), 2010 Second International Workshop on , vol.3,
no., pp.604-609, 6-7 March 2010
81. Kai Petersen and Claes Wohlin. 2009. Context in industrial software engineering research.
InProceedings of the 2009 3rd International Symposium on Empirical Software Engineering
and Measurement (ESEM '09).
65
Appendix 1
Questionnaires used for survey
1. How many employees are working on cloud computing in your organization ?
1 to 10 Employee
10 to 50 Employee
50 to 100 Employee
100 to 200 Employee
200+ Employee
2. Do you having your own definition of cloud computing?
Yes (Please define it)
No
If yes? You can define it.
3. Is cloud computing architecture useful for your organization?
Yes
No
If no, please specify the other architecture that is mostly used at your organization.
4. Is your organization using cloud computing from the launch period?
Yes
No
66
If no, please specify from which architecture you have shifted [Ex:Client-server, P2P, Grid
Computing,etc.]
5. Select the major reasons of shifting to cloud computing architecture from the options given below.
Reduce Hardware infrastructure costs
Flexibility
Reduce IT administration cost
Access to data for pay-per-use method
Performance
Privacy
Availability of services/Data
Integrity of services/Data
Confidentiality of services/Data
Data center and storage capacity
Others(Please specify)
6. Cloud Environment: Which cloud environment (public, private or hybrid) are you using for your
organization?
Public
Private
Hybrid
67
Other
If you are using another cloud what is the name of the cloud?
7. Can you explain why you are using the above selected cloud environment?
8. Can you rank the following cloud environments, according to the priority of your selection?
[Note: Do not give same rank for multiple cloud]
1 2 3 4
Public Cloud
Private Cloud
Hybrid Cloud
Other Cloud
Other Cloud(Please Specify)
9. Cloud Computing Cost: What is the approximate cost of the cloud environment that you are using
currently at your organization? If possible you can also specify the cost of computing in other
environment (which you are not using).
Public Cloud
Private Cloud
68
Hybrid Cloud
Other Cloud
10. Here are some of the factors of "Public cloud" environments mentioned below. You can mark
them according to the given scale.
Scale: [ 1-Very Unimportant ; 2-Unimportant ; 3-Neutral ; 4-Important ; 5-Very Important ]
Security
Cost
Performance
Flexibility
Better functionality
11. Here are some of the factors of "Private cloud" environments mentioned below.You can mark
them according to the given scale.
Scale: [ 1-Very Unimportant ; 2-Unimportant ; 3-Neutral ; 4-Important ; 5-Very Important ]
Security
Cost
Performance
Flexibility
Better functionality
12. Here are some of the factors of "Hybrid cloud" environments mentioned below.You can mark
them according to the given scale.
Scale: [ 1-Very Unimportant ; 2-Unimportant ; 3-Neutral ; 4-Important ; 5-Very Important ]
Security
69
Cost
Performance
Flexibility
Better functionality
13. Many organizations, now-a-days are moving towards hybrid cloud which is a mix of both public
and private cloud. Would you like to prefer hybrid cloud for your organization?
Yes
No
14. If you prefer Hybrid cloud for your organization, what could be your opinion about this
environment?
15. In SPI (Software, Platform, Infrastructure) cloud service model, which service is used in your
organization ?
Software as a Service
Infrastructure as a Service
Platform as a Service
Other Service (Please Specify)
16. Why the above selected service is used at your organization?
17. Are you willing to outsource the services to multiple providers?
Yes
70
No
Others
18. What are the IT services/Applications you prefer to be outsourced to a cloud computing service
provider for supporting business processes?
Mail servers
Knowledge management infrastructure
Electronic record service
Pay roll
Human resource
Supply Chain Management (Logistics)
Accounting and Finance
Project Management
Call center
Others
Others (Please specify)
71
Appendix 2
Interview Guide
1. Is the organization using cloud computing? If not, what is the other architecture the
organization is using?
2. If the organizations are using other architecture, is it useful than CC? If yes, what is the
reason?
3. Why organization is not using CC? Do you find any drawbacks in CC?
4. There are some parameters (like scalability, flexibility, security, performance and cost) in CC
which organizations are more concerned. So, can you see these parameters in the architecture
that your organization is using?
5. Are the data centers and services like IaaS, SaaS, PaaS are maintained and managed by the
organization itself?
6. If you prefer CC for your organization, which cloud environment (public cloud, private cloud
or hybrid cloud) do you prefer? Why?
7. What is your opinion on hybrid cloud?
8. What is your opinion about cloud services that are provided by different cloud providers?
9. Will the organization shift to the CC in future?