Beruflich Dokumente
Kultur Dokumente
6, July 2012
ISSN 2079-8407
ABSTRACT
Cloud computing environment provides a great flexibility and availability of computing resources at a lower cost. This emerging technology opens a new era of e-services in different disciplines. In this paper, we explore cloud computing services and applications, we give examples for cloud services provided by the most common Cloud Service Providers (CSPs) such as Google, Microsoft, Amazon, HP, and Sales force and we present innovative applications for cloud computing in e-learning, Enterprise Resource Planning (ERP) and e-governance. Our study helps individuals and organizations understand how cloud computing can provide them with customized, reliable and cost-effective services in a wide variety of applications.
Keywords: Cloud Computing, ERP, e-learning, e-government, Service-Oriented Architecture, Pay-Per-Use, SaaS, PaaS, IaaS.
1. INTRODUCTION
Cloud computing is a topic that received a great deal of attention by individuals and organizations from different disciplines in the last decade [1-20]. This new environment implies great flexibility and availability of computing resources at different levels of abstraction at a lower cost. Cloud Service Providers (CSPs) (e.g., Google, Microsoft, Amazon) are vendors who lease to their customers cloud computing resources and services that are dynamically utilized based on customers demand according to a certain business model [7]. General services in different application areas such as business, education and governance are provided to the customers online and are accessed through a web browser, while data and software programs are stored on the cloud servers located in the data centres [8]. These services are generally classified into three classes known as cloud service models and are shown in figure 1. Cloud service models [1,2,12,13,18,19,22,24,26-29,34] are a Service-Oriented Architecture (SOA) that describe cloud services at different levels of abstraction. These models are: Software as a Service (SaaS): In this model, CSPs are responsible for running and maintaining application software, operating system and computing resources. The customer views the SaaS model as a web-based application interface where services and complete software applications are delivered over the Internet and are accessed via a web browser. Customers can access hosted applications such as Gmail and Google Docs through different client devices such as laptops, iPads and cell phones. Unlike traditional software, SaaS has the advantage that the customer does not need to buy licences, install, upgrade, maintain or run software on his own computer [26]. It has also other advantages such as multitenant efficiency, configurability and scalability [27]. Examples of SaaS providers are Zoho, Google Apps and Salesforce.com. Platform as a Service (PaaS): In PaaS, a CSP provides, runs and maintains both system software (i.e., the operating system) and computing resources. The customer manages and runs the application software under the operating system and on the virtual resources provided by the CSP. The customer has little or no control over the operating system and hardware resources [26].Unlike SaaS that provides the customer with complete (ready to use) applications, PaaS gives him/her the opportunity to design, model, develop and test applications directly on the cloud; therefore, he/she can control the software lifecycle [27]. PaaS supports collaborative work between members of a project team. For instance, a number of users located in different countries can collaborate in developing a website using a PaaS cloud service. Examples of PaaS providers are windows Azure, Google Apps Engine and Aptana cloud. Infrastructure as a Service (IaaS): In this model, the CSP provides a set of virtualized computing resources (e.g., network bandwidth, storage capacity, memory, processing power) in the cloud. It is the responsibility of the customer to run and maintain the operating system and the software applications on these virtual recourses. IaaS uses virtualization technology [15-1723] to convert physical resources into logical resources that can be dynamically provisioned and released by customers as needed. Examples of IaaS providers are Drop Box, Amazon EC2 and Akamai. Table 1 shows the assignment of running and maintaining cloud resources to CSPs and cloud customers in different service models.
838
ISSN 2079-8407
SaaS Gmail, Google Doc, Finance, Collaboration, Communication, Business, CRM, ERP, HR Ex. Zoho, Salesforce, Google apps PaaS Web 2 application run time, Java 2 run time, Developer tools, Middleware Ex. Windows Azure, Aptana, Google apps engine IaaS Servers, Storage, Processing power, Networking, Bandwidth Ex. Amazon web service, Dropbox, Akamai Fig 1: services provided in cloud computing environment
services are public including Amazon EC2, Google App Engine and Salesforce.com. Private Cloud: In private clouds the computing resources are operated exclusively by one organization. It may be managed by the organization itself or a CSP. Private clouds are considered to be more secure than public clouds since their users are trusted individuals inside the organization. The other two deployment models, community clouds and hybrid clouds, fall between public and private clouds [12]. Community clouds: Community clouds are similar to private clouds but the cloud infrastructure and computing resources are shared by several organizations that have the same mission, policy and security requirements [24]. An example of a community cloud is the educational cloud used by universities and institutes around the world to provide education and research services. Hybrid Clouds: In hybrid clouds, the cloud infrastructure consists of a combination of two or more public, private or community cloud components. The cloud components are bound together by standardized technology and managed as a single unit, yet each cloud remains a unique entity [24, 28]. Hybrid clouds allow organizations to optimize their resources, so the critical core activities can be run under the control of the private component of the hybrid cloud while other auxiliary tasks may be outsourced to the public component. Figure 2 below shows different cloud deployment models and table 2 compares these models with each other [30].
Table 1: resource assignment in cloud service models Application Software CSP customer customer Operating System CSP CSP customer Virtual recourses/ HW CSP CSP CSP
The cloud services described above can be provided to cloud customers by CSPs through different applications. In this paper, we explore cloud computing services and applications, we give examples for cloud services provided by the most common CSPs such as Google, Microsoft, Amazon, HP, and Sales force and we present innovative applications for cloud computing in egovernment, e-learning and Enterprise Resource Planning (ERP). The objective of our study is to help individuals and organizations understand how cloud computing can provide them with customized, reliable and cost-effective services in a wide variety of applications.
839
ISSN 2079-8407
Table 2: A Comparison of Cloud Deployment Models Deployment model public private scope of services general public and large industry groups single organization owned by CSP single organization several organizations organizations and CSP managed by CSP single organization or CSP several organizations or CSP organizations and CSP security level low high location off premise off or on premise off or on premise off and on premise
community
hybrid
organizations that share the same mission, policy and security requirements organizations and public
high
medium
Cloud computing systems satisfy many interesting characteristics that make them promising for future IT applications and services. The National Institute of Standard and Technology (NIST) [14] has defined five essential characteristics for cloud computing systems [1, 19, 24, 25, 34] and we describe them below: On-demand self-service: cloud services such as web applications, server time, processing power, storage and networks can be provisioned automatically as needed by the consumers without requiring human interaction. Broad Network Access (mobility): consumers can access cloud resources over the Internet at anytime and from anywhere (i.e., ubiquitous) through different types of platform (e.g., mobile phones, laptops, and PDAs). Resource Pooling: physical and virtual computing resources are pooled into the cloud. These resources are location independent in the sense that the customer generally has no control or knowledge over their location. Rapid Elasticity: computing resources can be rapidly and elastically provisioned and released based on the demand of the consumer. Consumers view these resources as if they are infinite and can be purchased in any quantity at any time. Measured Services: cloud resources and services are monitored, controlled and optimized by the CSPs through a pay-per-use business model. Consumers utilize these services in a way similar to utilizing electricity, water and gas. Other cloud computing characteristics are [28, 29]:
Multitenancy: a cloud provides services to multiple users at the same time. Those users share cloud resources at the network level, host level and application level, however, each user is isolated within his customized virtual application instance. Scalability: the infrastructure of cloud computing is very scalable. Cloud providers can add new nodes and servers to cloud with minor modifications to cloud infrastructure and software. Reliability: is achieved in cloud computing by using multiple redundant sites. High reliability makes the cloud a perfect solution for disaster recovery and business critical tasks. Economies of scale: in order to take advantage of economies of scale, clouds are implemented to be as large as possible. Other considerations are also taken to reduce cost such as locating the cloud close to cheap power stations and in low cost real estate. Cost effectiveness: customers are allowed to lease computing resources and purchase IT services that match their needs instead of investing in complex and expensive computing infrastructure and services. This will lower the costs of the IT services for organization and individuals. Customization: a cloud is a reconfigurable environment that can be customized and adjusted in terms of infrastructure and applications based on user demand. Efficient resource utilization: delivering resources only for as long as they are needed allows for efficient utilization of these resources.
840
ISSN 2079-8407
and
Google Ad words and Ad Sense: which are advertising tools? Picasa: which is a tool used to exhibit product and uploading their images in the cloud.
Collaboration: PaaS allows for collaborative work between users within an organization or among different organizations. Virtualization: users do not need to worry about physical resources since the cloud isolates them at the virtual level. Green technology: cloud computing shares resources between users and does not require large resources that consume a lot of power. High performance: cloud computing technology provides users with a high performance computing environment due to extremely large storage and powerful computing resources of the cloud infrastructure.
841
ISSN 2079-8407
Amazon CloudFront: is a web service for content delivery that transfers customers data with high speed and minimum delay using a global network of edge locations. Amazon Route 53: is a scalable and highly available DNS service. Amazon Relational Database Services (Amazon RDS): is a web service that helps manage a relational database in the cloud. Amazon Simple DB: provides the core database functions. Amazon Simple Queue Service (Amazon SQS): is a scalable, reliable, hosted queue for storing messages. Amazon SNS: is a web service that helps manage and send notifications from the cloud. Amazon Elastic Map Reduce: is a web service that enables customers to process vast amount of data on the Cloud.
HP Cloud CDN: CDN refers to Content Delivery Networks and it is a web service that delivers data from HP Cloud Object Storage to customers around the world at high speed using global network of servers from HP and Akamai. HP Cloud Relational Databases for MySQL: is a web service that provides on-demand access to relational structured databases. HP Cloud Identity Service: provides a single method for managing HP cloud users identities and authentication.
d. HP Cloud Services
HP provides several services through its public beta and we describe these services below [21]: HP Cloud Compute: provides elastic scalable virtual servers that can be customized on users demand as the workload changes. It allows customers to save time wasted in resource configuration and to save money since customers only pay for resources they provisioned. It also provides an open standards environment that ensures portability and prevents vendor lock-in and allows for collaborative work. HP Cloud Object Storage: an online massive storage capacity that allows customers to store large amount of data such as audio and video files. It can be scaled up and down on-demand to meet storage change needs and it achieves reliability by replicating objects many times in multiple availability zones so that customers can access their data when they need it. HP Cloud Block Storage: allows customers to store data on HP Cloud resources for as long as they need and easily move it from one compute resource to another.
842
ISSN 2079-8407
Facult
Staff The Cloud Simulation Tools Files Broadcastin Education Forums Online
Digital
Virtual Labs
Multimedia Application
Collaborativ e
Researche
Students
Resources cannot scale up and down with the demands that change over time. This may result in insufficient or redundant resources SW and HW have to be frequently upgraded and maintained which costs time and money New SW licences have to be purchased
843
ISSN 2079-8407
System should be available 24x7 Limited data storage and recovery Need to provide secure environment authentication and access control Lack of accountability with highly available environment. It also relieves governments from the burden of upgrading, maintenance and licensing SW and allows them to focus on the core work. Scalable and cost effective data storage can also be provided and file replication and multiple installations in geographically separated locations can be used for data recover in case of disasters. Security approaches an techniques can be deployed on the Cloud to prevent malicious behaviour and protect data integrity and confidentiality [6,12,13,19,22,25,28,29,30,34]. Figure 5 shows services provided by e-governance Cloud.
Cloud computing technology can significantly improve the way a government functions, the services it provides to its citizens and institutions and its cooperation with other governments. It can help address these challenges by providing elastic scalable, customized and
Large Scale Organization The Cloud Supply Chain & Vendor Customer Relationship Management (CRM) Projects & HR Management Finance & Accounting Manufacturing, Production & Delivery
844
ISSN 2079-8407
Governments G2G
Business G2B
The Cloud
E-police, E-court
Consumers G2C
Enterprise G2E
845
ISSN 2079-8407
tenancy nature and resource and data outsourcing are the main reasons for the security issue in cloud computing. Organizations and individuals are still concerned about storing and processing their sensitive data and critical applications on the cloud. They continue to raise many questions for their CSPs such as [6, 34, 46, and 47]: Where is their data located and who manages and accesses it, why is their personal information requested and who uses it and what is the fate of their data in case of disasters or when the CSP went out of business. It is not surprising that much of the future work in cloud computing will focus on developing approach that are able to address its security issues. Many approaches now focus on identifying specific cloud security risks in different areas and providing recommendations and guidelines for security and privacy in public cloud computing such as: The Cloud Security Alliance [42], The Jericho Forum Self Assessment Scheme [43], The Shared Assessments questionnaires for vendor/service provider assessment [44], The ENISA Cloud Computing Risk Assessment Report [45] and the NIST [14]. In our future work, we would like to investigate the security problem in cloud computing and propose a framework and a security model that address the security threats and mitigate risks associated with cloud computing, we hope this work will encourage organizations and individuals on further adoption of this technology.
[6]
Kresimir Popvoic and Zeljko Hocenski, Cloud Computing Security Issues and Challenges, MIPRO, Opatijia, Croatia, May 24-28, 2010. Radu Prodan and Simon Ostermann, A Survey and Taxonomy of Infrastructure as a Service and Web Hosting Cloud Providers, 10th IEEE/ACM International Conference on Grid Computing, 2009 http://en.wikipedia.org/wiki/Cloud_computing M. Armbrust, A. Fox, R. Griffith, A. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, A View of Cloud Computing, Communication of the ACM, Vol. 53, No. 4, April 2010. K. Chard, S. Caton, O. Rana and K. Bubendorfer, Social Cloud: Cloud Computing in Social Networks, 3rd IEEE International Conference on Cloud Computing, Miami, FL, USA, July 5-10,2010. L. Tang, J. Dong, Y. Zhao and L. Zhang Enterprise Cloud Service Architecture, 3rd IEEE International Conference on Cloud Computing,Miami, FL, USA, July 5-10,2010. W. Jansen and T.Grance Guidelines on Security and Privacy in Public Cloud Computing, NIST Draft Special Publication 800-144, 2011. http://csrc.nist.gov/publications/drafts/800-144/DraftSP-800-144_cloud-computing.pdf N. Robinson, L. Valeri, J. Cave, T. Starkey, H. Graux, S. Creese and P. Hopkins, The Cloud: Understanding the Security, Privacy and Trust Challenges, RAND Corporation, 2010. http://cordis.europa.eu/fp7/ict/security/docs/thecloud-understanding-security-privacy-trustchallenges-2010_en.pdf NIST, http://www.nist.gov/itl/cloud/index.cfm CloudComputingvs.Virtualization http://www.learncomputer.com/cloud-computing-vsvirtualization/ Wikipedia http://en.wikipedia.org/wiki/Virtualization ,
[7]
[8] [9]
[10]
[11]
[12]
REFERENCES
[1]
GTSI Group, Cloud Computing - Building a Framework for Successful Transition, White Paper, GTSI Corporation, 2009.
[13]
[2]
L. Vaquero, L. Rodero-Merino, J. Caceres, and M. Lindner, A Break in the Clouds: Towards a Cloud Definition, ACM SIGCOMM Computer Communication Review, Volume 39 Issue 1, pages 50-55, January 2009. M. Boroujerdi and S. Nazem, Cloud Computing: Changing Cogitation about Computing, World Academy of Science, Engineering and Technology, 2009. Michael Miller, Cloud Computing Pros and Cons for End Users, microsoftpartnercommunity.co.uk, 2009.
[16] [14] [15]
[3]
[4]
[5]
M. Armbrust, A. Fox, R. Griffith, A. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, Above the Clouds: A Berkeley View of Cloud Computing, UC Berkeley Reliable Adaptive Distributed Systems Laboratory, 2009.
[17]
Y. Luo,"Network I/O Virtualization for Cloud Computing",IEEE Computer Society,Oct. 2010. W. Tsai, X. Sun, J. Balasooriya, Service-Oriented Cloud Computing Architecture, 7th IEEE International Conference on Information Technology, 2010.
[18]
846
ISSN 2079-8407
[19]
T. Dillon, C. Wu and E. Chang, Cloud Computing: Issues and Challenges, 24th IEEE International Conference on Advanced Information Networking and Appications, 2010. Introduction to Cloud Computing, Paper,Dialogic Corporation, 2010. https://www.hpcloud.com/ White
computing, Journal of Networks and Computer Applications 34, pp. 1-11, 2011. [31] Abdulaah Alshwaier, Ahmed Youssef and Ahmed Emam A New Trend for E-Learning in KSA Using Educational Cloud, Advanced Computing: An International Journal (ACIJ), Academy & Industry Research Collaboration Center (AIRCC), 2012. [32] Y. Chen, X. Li and F. Chen, Overview and Analysis of Cloud Computing Research and Application, International Conference on E -Business and E Government (ICEE), May 2011
[20]
[21] [22]
Ramgovind S, Eloff MM and Smith E. The Management of Security in Cloud Computing, Information Security for South Africa (ISSA), Sandton, Johannesburg, 2-4 Aug, 2010. V. Sarathy, P. Narayan, and R. Mikkilineni, Next generation Cloud Computing Architecture, 2nd International IEEE Workshop On collaboration & Cloud Computing, 2010. P. Mell and T. Grance, The NIST Definition of Cloud Computing Recommendation of NIST, Special Publication 800-145, 2011. http://csrc.nist.gov/publications/nistpubs/800145/SP800-145.pdf Z. Wang, Security and Privacy Issues Within Cloud Computing, IEEE Int. conference on computational and information sciences, Chengdu, China, Oct. 2011.
[23]
[33]http://media.amazonwebservices.com/AWS_Overview.p df [34] Ahmed Youssef and Manal Alageel Security Issues in Cloud Computing, in the GSTF International Journal on Computing , Vol.1 No. 3, 2011. http://aws.amazon.com/
[24]
[35]
[25]
[38]http://salesforce.vo.llnwd.net/o1/emea/cloudforce/eindh oven-pdfs/datasheets/ServiceCloudDatasheet.pdf [39]http://www.salesforce.com/assets/pdf/datasheets/DS_Sal esCloud.pdf [40]http://openarchive.cbs.dk/bitstream/handle/10398/8443/ SchubertAdisa2011.pdf?sequence=1 [41]http://search.iiit.ac.in/uploads/CloudComputingForEGov ernance.pdf [42]https://cloudsecurityalliance.org/research/initiatives/secu rity-guidance/ [43] [44] http://www.opengroup.org/jericho/ http://www.sharedassessments.org/value/ http://www.enisa.europa.eu/ J. Bordkin, Gartner:Seven Security Risks, 2008 Cloud-Computing
[26] Andrew Joint and Edwin Baker, Knowing the past to understand the present- issues in the contracting for cloud based services, Computer Law and Security Review 27, pp 407-415, 2011 [27] Vania Goncalves and Pieter Ballon, Adding value to the network: Mobile operators experiments with Software-as-a-Service and Patform-as-a-Service models, Telematics and Informatics 28, pp 12-21, 2011 Dimitrios Zissis and Dimitrios Lekkas, Addressing cloud computing security issues, Future Geberation Computer Systems 28, pp. 583-592, 2012. Rajnish Choubey, Rajshree Dubey and Joy Bhattacharjee, A Survey on Cloud Computing Security, Callenges and Threats, International Journal on Computer Science and Engineering (IJCSE), vol. 3, No. 3, 2011. S. Subashini and V. Kavitha, A survey on security issues in service delivery models of cloud
[28]
[29]
[45] [46]
[30]
[47] Cloud Security Alliance Top Threats toCloud Computing V1.0, March 2010.
847