Unit V

Cloud in Information Technology

Cloud computing is a modern IT approach where data, software, and services are stored on
remote servers and accessed through the internet. It helps companies save time, money, and
energy by avoiding the need to buy and maintain their own hardware. Cloud also supports
real-time updates, teamwork from different locations, and reduces carbon emissions through
efficient resource use. Many businesses prefer cloud solutions because they are fast, cost-
effective, easy to use, and environment friendly.

Cloud computing offers many benefits, but it also comes with challenges. The major issues
include setting proper threshold policies to manage sudden changes in demand,
interoperability problems when moving applications between different cloud providers,
hidden costs such as network or latency charges, and unexpected behavior of applications
when scaling or releasing resources. These challenges must be handled carefully for smooth
cloud operations.

Security Aspects in Cloud Computing

Cloud computing introduces new security challenges because data and applications are
stored with an external provider, often in shared and distributed environments. Lack of
direct control makes compliance and trust more complicated. The major security aspects are
explained below.

1. Trust in Distributed Cloud Applications

Cloud applications like e-commerce depend on secure communication and trust between
users and servers. As applications are distributed across multiple data centers, strong
authentication and encryption are required.

2. Need for Secure and Scalable Data Centers

Because millions of users depend on cloud services, data centers must be highly scalable,
reliable, and secure. Future cloud systems must ensure guaranteed service levels while
protecting user data.

3. Secure Virtualization and Resource Allocation

Clouds use virtualization to assign CPU, storage, and network resources to users. Secure
isolation between tenants and controlled access to virtual resources are essential to avoid
data leakage.

Data Security

Organizations face major challenges when data is stored outside their premises.
Key Challenges

• Protecting sensitive business or government data

• Multi-tenant sharing of infrastructure

• Legal issues related to storing data in different countries

• Absence of uniform standards for deleting or recycling storage

• Difficulty in auditing and compliance

• Loss of security logs and monitoring visibility

• New insider threats from CSP employees

There are also concerns about data safety during migration and data remnants when
switching providers.

Important Data Security Issues

1. Breach Notification & Data Residency

Organizations must classify data and ensure the cloud provider meets legal requirements.
They must also establish procedures for handling law-enforcement requests.

2. Data Management at Rest

Businesses should verify:

• How data is separated in multitenant environments

• If backup/archival data is encrypted

• How encryption keys are stored and destroyed

Deleting encryption keys can securely erase stored data ("digital shredding").

3. Data Protection in Motion

All data moving to and from the cloud should be encrypted using SSL/TLS or VPN.
In IaaS, CSPs should provide network separation so tenants cannot view others’ traffic.

Data Center Security

Cloud data centers present additional challenges due to virtualization.

Major Issues

1. Performance Problems:
I/O-heavy applications may slow down due to virtualization layers.
 2. Application Unawareness:
Applications do not know they run on virtual hardware, causing unpredictable
performance.

3. Unexpected Costs:
Required upgrades to storage, networks, and management tools can increase
expenses.

4. Unused Virtual Features:

Some virtual networking features may fail to scale in real production environments.

5. Storage Issues:
VM disk images are large and can overload the storage network. Migration may
cause congestion.

6. Management Complexity:
Both hypervisors and hosts must be managed. VM, network, and storage
management become interlinked and harder to control.

Access Control
Access control in cloud computing ensures that only authorized users can access critical data
stored in data centers. Organizations must enforce strict access rights, supported by CSP
features like IP subnet restrictions to limit access to known IP ranges. Additionally, strong
authentication methods (e.g., two-factor authentication), proper management of user
permissions, and separation of administrative duties help enhance data security and prevent
unauthorized access.

Encryption and Decryption:

In cloud computing, data should be stored in encrypted form since it resides outside the
user’s control. Enterprises must manage their own encryption keys or ensure strong access
controls when keys are managed by the CSP. Hardware-based key management systems,
strict monitoring of snapshots, and protection against memory analysis are essential.
Additionally, the CSP should provide detailed logging, restrict access to sensitive
management tools, and secure all captured images or snapshots like other sensitive data.

Virtualization Security:
Virtualization introduces security challenges because multiple virtual machines (VMs) share
the same physical hardware.

Risks include hypervisor attacks, data leakage when storage or memory is reallocated, and
hidden network traffic between VMs on the same server.
To ensure security, data should be cleared before resource reuse, access and privilege
controls must be strengthened, and VM traffic should be monitored or isolated using
techniques like VLANs or virtual firewalls.

Proper network, storage, and server virtualization controls help maintain secure multi-
tenant cloud environments.

Network Security:
Cloud networking faces challenges such as ensuring application performance, where
inadequate bandwidth causes latency and SLA violations. Enterprises also need flexible
deployment of security appliances like firewalls and IDSs in the cloud. Additionally, policy
enforcement becomes complex due to multiple routing protocols and vendor-specific
technologies. Cloud networks also suffer from topology-dependent issues, where changing
traffic patterns require complex L2/L3 reconfiguration, and sometimes applications must be
rewritten to adapt to cloud IP addressing and network limitations.

SaaS Security Issues:

In SaaS, enterprise data is stored outside the organization and accessed through the web,
making data privacy and browser security critical. Key issues include securing data in transit
using SSL/TLS, ensuring data locality to meet legal and compliance requirements, and
preventing data mixing in multitenant environments through proper data segregation. SaaS
providers must also enforce strict access controls, protect against data breaches, manage
identity and user access effectively, and ensure secure, encrypted backups to maintain
overall data security.

PaaS Security Issues:

In PaaS, applications and user components run on cloud provider–controlled infrastructure,
creating risks due to the distribution of user objects across multiple hosts. Securing access to
these resources, enforcing strong authorization, and ensuring secure communication are
major concerns. Privacy must be protected in a shared public cloud environment, and
reliable, fault-tolerant systems are needed to ensure service continuity and prevent
disruptions for enterprises using PaaS platforms.

IaaS Security Issues:

In IaaS, most services run on virtualized environments, making hypervisor security a major
concern since any vulnerability can compromise multiple VMs. Multitenancy also poses
risks, as users may feel unsafe sharing infrastructure even within the same organization.
Strong identity and access management (IdAM) is needed to control authentication,
authorization, and administrative delegation. Additionally, network security becomes
complex because communication occurs over virtual networks, requiring strict access
controls and QoS to maintain confidentiality, integrity, and availability.
Advanced Concepts in Cloud Computing

1. Intercloud

Definition

Intercloud refers to a “cloud of clouds”, where multiple cloud providers interconnect to share
resources and services. It helps meet increasing user demands when a single cloud provider
cannot fulfill all requirements. Intercloud can exist as a federation of clouds or a multicloud
model.

Types of Intercloud

1. Federation of Clouds:
Cloud providers collaborate and share infrastructure. One cloud can rent resources
from another, and users receive a seamless service without knowing multiple clouds
are involved.

2. Multicloud:
Users or applications intentionally use more than one cloud provider. Here, the user
manages interoperability across clouds.

Benefits of Intercloud

1. Geographical Flexibility:
Enables storing data across different regions to meet legal and compliance
requirements.

2. Improved Resilience:
Fault tolerance, reliability, and availability increase by placing data and applications
across multiple data centers.

3. Avoids Vendor Lock-in:

Users are not restricted to a single provider, increasing freedom and reducing
dependency.
 4. Flexibility and Power Saving:
Resource allocation becomes more flexible, and energy can be saved through VM
migrations across data centers.

Challenges of Intercloud

Intercloud requires standardization, trust between cloud providers, and compatibility in

terms of technology, policies, and SLAs. Issues also include authentication, scalability, VM
migration support, resource sharing, security, and monitoring.

2. Cloud Management:
Cloud management refers to the tools and technologies used to monitor, control, and
optimize cloud services and resources. It ensures proper functioning of cloud infrastructure
through tasks like resource allocation, regular monitoring, auditing, and disaster-recovery
planning. Cloud management systems also handle user authentication, encryption, and cost
management, providing a secure portal for customers to manage their services efficiently.

3. Mobile Cloud Computing (MCC):

Mobile Cloud Computing combines cloud computing with mobile networks, where data
storage and processing occur in the cloud instead of the mobile device. MCC overcomes
mobile devices’ limitations—such as low processing power and storage—by offloading tasks
(e.g., image processing, NLP, multimedia search) to cloud servers. It enables resource-
intensive applications on mobile devices but faces challenges like VM migration overhead,
security, privacy, mobility support, energy efficiency, and additional costs due to network
distance.

4. Media Cloud:
A Media Cloud is a cloud-based platform designed to store, process, and deliver multimedia
data such as audio and video. It provides distributed processing and high Quality of Service
(QoS) for streaming content using protocols like TCP, UDP, and RTP. Media clouds support
buffering, rendering, recording, and sharing of multimedia data across devices. Key
challenges include handling heterogeneous media formats, ensuring scalability, providing
efficient storage, and delivering high-performance streaming.

5. Interoperability and Standards:

Interoperability means the ability to shift work easily from one cloud provider to another.
This is difficult because each cloud provider uses different standards, leading to vendor lock-
in where users cannot switch providers easily. Without common standards, clouds cannot
work together smoothly. Standardization—especially in IaaS—can make it easier to move
applications, data, and VMs between different clouds.

6. Cloud Governance

Cloud governance refers to the set of policies, rules, and processes used to control and
manage cloud services in an organization. It ensures proper use of cloud resources,
maintains security, follows laws, and delivers good quality of service. Cloud governance
helps organizations avoid risks, protect data, and adapt to changes in cloud technology.

7. Computational Intelligence in Cloud

Computational Intelligence (CI) uses nature-inspired algorithms like genetic algorithms and
swarm optimization to solve complex problems. In cloud computing, CI helps in tasks such as
resource scheduling, provisioning, and migration, which are difficult (NP-hard) to solve using
normal algorithms. CI provides fast, near-optimal solutions for managing cloud resources
efficiently.

8. Green Cloud

Green cloud computing refers to techniques used to reduce the energy consumption of data
centers. Since data centers use a lot of power for running servers and cooling systems, green
cloud aims to make cloud operations energy-efficient and eco-friendly. It focuses on
lowering operational costs (OPEX) and reducing carbon emissions by improving data center
efficiency using metrics like PUE (Power Usage Effectiveness) and DCiE (Data Center
Infrastructure Efficiency).

9. Cloud Analytics

Cloud analytics refers to performing data analysis using cloud computing services instead of
local systems. It allows companies to analyze large amounts of data (big data) by renting
cloud resources on a pay-per-use basis, avoiding the cost of buying hardware. Cloud
analytics can be done using public or private clouds, and users can also use SaaS-based
analytical tools provided on the cloud.