Beruflich Dokumente
Kultur Dokumente
http://crc.aut.ac.ir
ITU-T Y3500 (ISO/IEC 17788): Cloud Definition
2
Examples of resources
Servers
Operating systems
Networks
Software
Applications
Storage
3
Characteristics
4
Broad network access
Users can access physical and virtual resources from wherever they need to
work, as long as it is network accessible, using a wide variety of clients
including devices such as mobile phones, tablets, laptops, and workstations.
5
Measured service
6
Multi-tenancy
Within the context of multi-tenancy, the group of cloud service users that
form a tenant will all belong to the same cloud service customer
organization. Multiple tenants and their computations and data are isolated
from and inaccessible to one another.
7
On-demand self-service
8
Rapid elasticity and scalability
9
Resource pooling
10
Deployment models
Public
Private
Hybrid
Mobile
Community
Federated
P2P
11
Many Cloud services categories
Software as a Service: SaaS
Platform as a Service: PaaS
Infrastructure as a Service: IaaS
Compute as a Service:CompaaS
Data Storage as a Service: DSaaS
Network as a Service: NaaS
Communications as a Service: CaaS
Database as a Service: installation and maintenance of the databases are performed by the cloud service provider.
Desktop as a Servic: Service: ability to build, configure, manage, store, execute, and deliver users' desktop functions remotely.
Email as a Service: complete email service including related support services such as storage, receipt, transmission, backup, and recovery.
Identity as a Service: Service: Identity and Access Management that can be extended and centralized into existing operating environments.
Management as a Service: including application management, asset and change management, capacity management, problem management
(service desk), project portfolio management, service catalog, and service level management.
Security as a Service: integration of a suite of security services with the existing operating environment by the cloud service provider. This may
include authentication, anti-virus, anti-malware/spyware, intrusion detection, and security event management, among others.
12
3 Data categories
Customer Data: Class of data objects under the control, by legal or other
reasons, of the cloud service customer that were input to the cloud service,
or resulted from exercising the capabilities of the cloud service.
Provider Data: Class of data objects, specific to the operation of the cloud
service, under the control of the cloud service provider .
Derived Data: Class of data objects under cloud service provider control that
are derived as a result of interaction with the cloud service by the cloud
service customer (e.g. log data, configuration or customization data, )
13
Cloud Deployment Models
Community Cloud
Public Cloud
Mobile Cloud
Hybrid Cloud
Private Cloud
Federated Cloud
Mobile Cloud Computing
Main Cloud Computing Roles
Role that is in a business relationship
for the purpose of using cloud services
Customer Cloud
Cloud service customer (CSC)
Provider service
partner
Partner (CSN)
Cloud service provider (CSP)
Scale
Out
17
CSP:
CSN: Service CSP: Service
Deployment CSP: Operations Manager
Developer Manager
Manager
ISO/IEC 17789: Cloud Reference Architecture
Implementation Deployment
User View Function View
view View
18
Legend
Party
Role
Sub-Role
Functional
Activity
component
Aspect
19
User view Functional view
Aspect
Party
Role Multi-Layer
Functional Layer
Role functions
component
Sub- Functional
Sub- Layer
Role component
Role
Functional
component
Activity Functional Layer
Activity Activity component
Activity
20
Access to cloud
services
Access Layer
Operation Business
Provide cloud Security Development
Integration Support Support
services plus Systems Support
Systems Systems
administration and Service Layer
business capabilities
Resource Layer
Resources for the
support of cloud
services
Authentication, Development of service 21
Service access
Authorization
and security
Service Layer policy
management
Service
capabilities
Service
Integration
Resource Layer
Resource abstraction
and control
22
Physical resources
CSC: cloud
Desktop as a Service
service user
Use cloud
service
Authentication
Access Layer and identity
management
Connection
Manager /
Broker
Authorization
and security
Service Layer policy
management
Virtual Desktop
Delivery
Messaging
Service
Resource Layer
Resource Pool
23
Virtualization
Infrastructure
Example: Infrastructure as a Service
Computing service User Layer
functions allow CSC to
provision and use Access Layer
processing resources.
storage service functions Service Layer
Auditability Privacy
Availability Regulatory
Governance Resiliency
Interoperability Reversibility
Maintenance and versioning Security
Performance Service levels and service level agreement
Portability
26
Auditability
27
Availability
28
Business /
Process
Application S
Governance a
Data a
S
The system by which the provision and use of cloud Runtime / API
30
Maintenance and versioning
31
Performance
32
Portability
33
Protection of PII
34
Regulatory
vary by market sector and jurisdiction, and they can change the
responsibilities of both cloud service customers and cloud service providers.
Compliance with such requirements is often related to governance and risk
management activities;
35
Resiliency
36
Reversibility
A process for the cloud service customer to retrieve their cloud service
customer data and application artefacts and for the cloud service provider
to delete all cloud service customer data as well as contractually specified
cloud service derived data after an agreed period;
37
Security
38
Service levels and service level agreement
39
Main Cloud Computing Roles & Sub-Roles
Cloud service Cloud service customer (CSC)
partner (CSN)
CSC: Cloud
CSC: Service CSC: Cloud
CSC: Cloud service
CSN: Administer service
service user business
Cloud and Security integrator
manager
service
developer
Cloud service provider (CSP)
Access Layer
Service Catalog Product
Developer
Security Authentication catalogue
environment
Integration and identity
Connection management
Access Control Provisioning
management
Access
Monitoring and
management
Reporting
Monitoring
Service Layer Integration Authorization Service policy
management
and security
policy Subscription Build
Service Business Administration management Service management management
capabilities capabilities capabilities automation
Service level
Service management
Service Integration
Orchestration Billing
Incident and
problem
Encryption management
management
Platform and
Resource Layer Peer Service
virtualization Test
management Accounts
Integration management
Resource abstraction
and control Peer service
management
41
Physical resources
Role
Sub-Role
Activity
Single Layer
Function
Multi Layer
Function
42
Exercise 1.2
43
Example
Mobile/Tablet Web Portal Fax Device Cross
User Layer
Layer Function
Service Authorization
SaaS/CaaS: Fax
Layer
Messaging
Resource
Layer
PSTN
Fax Fax
Server Storage