Introduction to Cloud Computing - 02 Iván Carrera Institute of Informatics - UFRGS September 2013
Outline Platform as a Service Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers IaaS Threats and Security Challenges IaaS Security Challenges
Section 1 Platform as a Service
Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers References Badger, Lee, et al. "Cloud computing synopsis and recommendations."nist special publication 800 (2012): 146. Barr, Je. Host Your Web Site in the Cloud: Amazon Web Services Made Easy. Sitepoint. 2010 Ciurana, Eugene. Developing with Google App Engine. Firstpress. 2009 An Overview of the Amazon PaaS. Transcend Computing. 2012 Google's Approach to IT Security - A Google White Paper. 2012
Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers References Gillen, Rob. A Comparison of AWS and Azure. Codestock 2011. A Java Developer's Guide to PaaS InfoQ Google App Engine vs Windows Azure - Geeknizer The great debate: Windows Azure vs. Amazon Web Services - Gigaom Technical comparisons of AWS and Azure To Azure or not to Azure - ideanotion
Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers Characteristics Platform as a Service Service Model for Cloud Computing provides a toolkit for conveniently developing, deploying, and administering application software to support large numbers of consumers, process very large quantities of data, and potentially be accessed from any point in the Internet. provide a set of software building blocks
Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers Characteristics Platform as a Service a set of development tools such as programming languages and supporting run-time environments Deploying a new application in PaaS is not much more dicult than uploading a le to a Web server. PaaS will also generally provide and maintain the required computing resources. PaaS clouds are similar to any computing system in that software applications can be developed for them and run on them.
Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers Characteristics Consumers App developers, App testers (cloud-based testing environments), App deployers (publish into the cloud and manage conicts from multiple versions), App administrators, App end users (subscribe to the applications deployed on a PaaS cloud)
Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers PaaS Component Stack and Scope of Control
Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers Characteristics Usage fees based on the number of consumers, storage, processing, or network resources consumed by the platform, requests serviced, and the time the platform is in use.
Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers PaaS Consumer/Provider Interaction Dynamics
Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers Benets A cloud provider is free to locate cloud infrastructure in low-cost areas Providers are able to manage the lower layers Infrastructure charges are implicitly present in PaaS oerings (e.g., CPU, bandwidth, storage). PasS shares many of the benets of SaaS: Centralized Management and Data, Savings in Up-front Costs Scalable deployment
Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers Benets Scalable deployment Toolkits for developing apps and for their support at the server side Server-side processing frameworks Provide organizations centralized control over app operation and the processed data Provide support to a high level of scalability Enabling apps to operate smoothly through large uctuations in demand. In on-site, scalability will be limited In outsourced scenarios more resources may be available
Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers Issues As with SaaS clouds: Browser-based risks Network Dependence Isolation vs. Eciency Lack of Portability between PaaS Clouds Event-based Processor Scheduling Security Engineering of PaaS Applications
Subsection 2 PaaS Architecture - Problem*
Subsection 3 PaaS NIST Recommendations
Characteristics PaaS Architecture - Problem* PaaS NIST Recommendations PaaS Providers NIST Recommendations Generic Interfaces Standard Languages and Tools Data Access Data Protection Application Frameworks Component Testing Security Secure Data Deletion
Subsection 4 PaaS Providers
Section 2
IaaS Threats and Security Challenges IaaS Security Challenges References Panorama du Cloud Computing, Didier Donsez, Noël de Palma, Alain Tchana, LIG ERODS. ICAR 2013 Cloud Computing. Badger, Lee, et al. "Cloud computing synopsis and recommendations."nist special publication 800 (2012): 146. IaaS Clouds: Which Security for VMs and Hypervisors?, Marc Lacoste - Orange Labs, ICAR Summer School. Grenoble, August 28th, 2013.
Subsection 1 IaaS Threats and Security Challenges
IaaS Threats and Security Challenges IaaS Security Challenges
IaaS Threats and Security Challenges IaaS Security Challenges
IaaS Threats and Security Challenges IaaS Security Challenges
IaaS Threats and Security Challenges IaaS Security Challenges
IaaS Threats and Security Challenges IaaS Security Challenges 10 Biggest Cloud Outages Of 2012 Tumblr - down for several hours Dec. 3 by a bug, aected more than 8,600 users GoDaddy - on Sept. 10 lost service for six hours by a series of internal network events (Anonymous) - One month later, GoDaddy announced it would close its cloud business Salesforce.com - on July 10, some services interrupted by a power outage in their data centers, for up to two days Dropbox - on Oct. 26 experienced an outage for several hours. Interruptions led many to link the issues to an undetermined slowdown of Internet availability "Error: Something went wrong. Don't worry, your les are still safe and the Dropboxers have been notied." Google Talk - down for almost ve hours on July 27
IaaS Threats and Security Challenges IaaS Security Challenges 10 Biggest Cloud Outages Of 2012 Google App Engine - on Oct. 26 lost service for about four hours, 50 percent of requests to the App Engine failed. Microsoft Oce 365 - twice in November by outages that knocked out their email service Microsoft Windows Azure - down for about 2.5 hours on July 26, cutting service to the company's Western European customers Microsoft Windows Azure, Again - on Feb.28-29, a worldwide outage that lasted more than 24 hours, caused by leap year
IaaS Threats and Security Challenges IaaS Security Challenges 10 Biggest Cloud Outages Of 2012 Amazon, Again And Again - two outages in 2012, and one in 2011 On Oct. 22, down in its Northern Virginia market, causing website outages in an unknown number of companies On June 14, data centers stopped operations for about six hours On April 21, 2011, down for several hours, and in some cases days, in its same North Virginia data center
Subsection 2 IaaS Security Challenges
IaaS Threats and Security Challenges IaaS Security Challenges Challenges Endpoint Security - Hypervisor Security Network Security - Network Security Data Protection - Identity, Traceability and Privacy Trust Enablers - Openness and Transparency
Section 3
High Performance Computing Virtualization introduces a considerable overhead Virtualization does not separate well all types of resources HPC apps tend to take full advantage from resources, but not virtualized How can HPC be done in a Cloud context?
High Performance Computing Some clues Reduction of VMMs to reduce overhead Build lightweight VMs Allocate virtual resources over physical resources Hardware assisted virtualization Gauge hardware resources for each VM
Performance Evaluation Distributed Platform - System Under Test Workload modelling Probing
Performance Evaluation Dynamic allocation of VMs Exploit Cloud advantages
VM Consolidation VMs do not use all of their resources Un-used VMs form holes in servers Consolidate to reduce the number of physical servers Hot migration of VMs is necessary Minimize the impact of migration
VM Consolidation Some clues When to consolidate? Prediction Planning On the y How to consolidate?
Big Data How to do it?
Green IT - FaaS Failure management Power outages, failures Cooling systems optimization
Questions?