Cloud Computing: Is my organisation ready for the cloud?
Name: Dilshan FonsekaStudent ID: 40273660Supervisor: Prof Michael Johnson
1
Contents
Business Considerations: Introduction (2-3mins) Types of the Clouds (2mins) Nature of Cloud Computing (3-5mins) Yesterday, Today & Tomorrow (1 min) Organizational Impact & Risk (3-4mins)
Technical Considerations: Cloud Security (5mins) Service Integration of the cloud (5-10mins)
Conclusion Question Time
2
Introduction
What is Cloud Computing? “…is internet based development and use of
computer technology…” So what does this mean to an
organization? Organizations looking to make innovations their
priority. They seek new ideas to keep competitive Find means to cut costs.
3
Characteristics of Cloud Computing
Cloud computing builds on established market trends Survey carried out by F5 Networks Inc indicated
that:▪ 80% of large enterprise IT managers are at least in trial
stage for cloud computing initiatives.▪ IT managers are aggressively adopting cloud computing. ▪ Half of respondents reported that they have already
deployed a public cloud computing implementation ▪ 45% of respondents currently using private clouds.▪ 66 % of respondents indicating that they have a dedicated
budget for cloud computing initiatives.
Source: F5 Networks Inc. Research [2009], Cloud Computing Study Research Report, 5
Characteristics of Cloud Computing
Virtual Machines used as standard deployment objects Virtualization enhanced flexibility because it
isn’t tied to a specific physical server. Enables a dynamic datacenter for resources. Virtualization allows applications to be
deployed and scaled rapidly. Can be configurable.
6
Benefits of the Cloud
Cost Infrastructure rented rather than bought CAPEX can be zero
Business Continuity Server patching, backup, data redundancy is taking care off by external sources Leaves the organization to carry on with its day-to-day business.
Flexibility Ability to scale on demand Ability to test and prototype applications
Time Reduce runtime Reduce response time
Resources Free organization from supporting high costs, time consuming IT functions when taking
subscription to the cloud. Pay-As-You-Go
Pay on a monthly or subscription fee Others
8
Organizational Impact & Risk When considering a move to the Cloud, we must
first understand the impact it will have to the existing infrastructure of the organization.
Organizations cannot simply decide to take on the cloud overnight. They must be ready for it. How have organizational architectures evolved over the
past 10 years and how will it continue to evolve? Organizations must carry out its own feasibility analysis.
Cloud computing will impact an organization on at least two levels: the department, and the employees.
11
Organizational Impact & Risk There are many forms of risk to an
organization that the organization must be aware of: Security Privacy concerns Data integrity Availability Business acceptability.
12
Cloud Security
Perhaps the biggest concerns about cloud computing are security and privacy. Privacy is a major issue.
Organizations can compensate this dilemma by implementing stricter security measures, such as: VPNs (SSL and IPSec) for transport security Two-factor authentication between services, clouds, and
users and applications. Data encryption Digital signatures.
13
Cloud Computing Infrastructure Models
Organizations must consider which infrastructure model best suits them when considering the move to the cloud.
Cloud computing infrastructure models: Public Cloud
▪ Run by Third Parties, and applications from different customers are likely to be mixed together on the clouds servers, storage systems, and networks.
▪ A public cloud provides services to multiple customers, and is typically deployed at a co-location facility.
15
Cloud Computing Infrastructure Models
Private Cloud▪ Private clouds are built for the exclusive use of one client,
providing the utmost control over data, security, and quality of service.
▪ Private clouds may be hosted at a co-location facility or in an enterprise datacenter. They may be supported by the company, by a cloud provider, or by a third party such as an outsourcing firm.
17
Architectural Layers
Cloud Computing can describe services being provided at any of the traditional layers from hardware to applications.
Cloud services is grouped into three categories: Software-as-a-Service (SaaS) Platform-as-a-Service (PaaS) Infrastructure-as-a-Service (IaaS)
19
Architecture considerations – Behind the firewall
Securing browser based Internet applications Secure Sockets Layer (SSL) Forms Authentication (2FA) Session Cookies
Layered architecture Firewalled Network Perimeter Web Tier (Presentation) Application Tier (BL) Data Tier Internal Ancillary Services
23
Existing Architectural layer
24
Defense in Depth – Layered Security Architecture (Current)
Network PerimeterNetwork Perimeter
Internet
Web TierWeb Tier
Application TierApplication Tier
DataData ServicesServices
PR
IVA
TE
SECRETS
Authenticate first, operate second
25
Public Authentication LayerPublic Authentication Layer
Outside the Firewall – Authenticate First, Operate Second
Bank staff manage identity and access control
Customers authenticate to the bank
Authentication ServicesAuthentication Services
Application1Application1 Application 2Application 2
Cloud ServiceCloud Service
Access presented as credential to “federated” cloud services
Cloud ServiceCloud Service
Cloud ServiceCloud Service
Security access returned
Authentication Overview
26
Application Web Integration LayerApplication Web Integration Layer
CAAS - Overview
Bank staff manage identity and access control
ApplicationApplicationeBankeBank
ApplicationApplication
Authentication ServicesAuthentication Services
Session Management
Single Identity Store
Hardware Security Module (crypto)
Authentication Services also provide:
Trading AppTrading AppSuperann AppSuperann App
Authentication SSO LayerAuthentication SSO Layer
Customers “single sign-on (SSO) to eBank affiliated applications
Integrating Applications
Integrating Applications
CAASCAAS
Legend
Application1Application1 Application 2Application 2
Architecture well Primed to secure the cloud
Augmenting Active Directory: Is a relatively simple extension exercise Will be a core AD feature
Service Integration SSB services already provide basic SAML ticketing functions:
▪ Provides SAML transformation services today to support various applications SSO▪ Built on “Zermatt”, therefore Microsoft “Geneva” will not be too difficult
Newly built cloud assets Trust banks (Authentication) signed tokens using standard claim-based integration
patterns SAML tokens are as secure as eBanks cookies are today. Trusted separation of function vs. security
27
Internal Channel Authentication for staff based cloud services
28
Authentication External Integration Channel
Authentication External Integration Channel
Authentication ServicesAuthentication Services
Bank’sENet
Integrating Applications
Integrating Applications
CAASCAAS
Legend
“Geneva” STS“Geneva” STS
MicrosoftMicrosoft
Authentication InternalIntegration Channel
Authentication InternalIntegration Channel
“Geneva” Web Connector“Geneva” Web Connector
IPNet
IPNet ServicesIPNet Services
“Geneva” STS“Geneva” STS
SAML token generation could be as applicable for bank staff as it is for external clients…
•MyEmailAnywhere•Access to externally hosted instrumentation logs
Cloud Computing Standards Cloud computing emphasizes efficiency.
Helps reduce maintenance Deployment costs
Cloud computing raises the level of abstraction. All components are virtualized Fast composition of higher-level applications or platforms
Testing applications in the cloud is an important aspect to an organization. Functional Non-Functional
29
Conclusion
The cloud will continue to evolve over the coming decade and there is no one approach that will become the standard.
The cloud is primarily an economic proposition that will require careful evaluation. Organizations need to understand what their business is, what the value and role of the datacenter is and what the best set of services available are.
The good news is that with the evolution of the cloud, organizations will have lots of good options.
So in conclusion, large organizations should invest in Cloud computing. Considering the cloud is not only beneficial one, but also a practical one.
An organization should consider the cloud as the benefits definitely outweigh the costs in the long term.
I have also provided three examples of real organizations, that have successfully taken the cloud on board, in my report.
30
References
T Mather, S Kumaraswamy, S Latif [2009], Cloud Security and Privacy: An Enterprise Perspective on Risk and Compliance, O’Reilly, California
L Herbert, J Erickson [2009], The ROI of Software-as-a-Service, Forrester, July 2009
IBM Research [2007], IBM Unveils “Blue Cloud” – Analyst briefing, IBM, November 2007
I Sorbello [2009], Security in the Cloud – CAAS, Commonwealth Bank of Australia Literature, Sydney
F5 Networks Inc. Research [2009], Cloud Computing Study Research Report, http://www.f5.com/news-press-events/press/2009/20090824a.html, Seattle
R Katz [2008], “Tower and the cloud: Higher education in the age of Cloud Computing”;Educause, USA
Accenture Research, The Enterprise Cloud Stack:Gauging the True Enterprise Impact of Cloud Computing, Accenture, 2008
IBM Research [2009], IBM Service Management: Fulfilling the SOA Vision, http://www-01.ibm.com/software/tivoli/governance/action/06182009.html, IBM, July 2009
31
Top Related