ITEC 810 Project Proposal

1
ITEC 810 Project Proposal

• Cloud Computing
• Is my organisation ready for the cloud?
• Name Dilshan Fonseka
• Student ID 40273660
• Supervisor Prof Michael Johnson

2
Contents

• Business Considerations
• Introduction (2-3mins)
• Types of the Clouds (2mins)
• Nature of Cloud Computing (3-5mins)
• Yesterday, Today Tomorrow (1 min)
• Organizational Impact Risk (3-4mins)
• Technical Considerations
• Cloud Security (5mins)
• Service Integration of the cloud (5-10mins)
• Conclusion
• Question Time

3
Introduction

• What is Cloud Computing?
• is internet based development and use of
  computer technology
• So what does this mean to an organization?
• Organizations looking to make innovations their
  priority.
• They seek new ideas to keep competitive
• Find means to cut costs.

4
Types of Cloud
5
Characteristics of Cloud Computing

• Cloud computing builds on established market
  trends
• Survey carried out by F5 Networks Inc indicated
  that
• 80 of large enterprise IT managers are at least
  in trial stage for cloud computing initiatives.
• IT managers are aggressively adopting cloud
  computing.
• Half of respondents reported that they have
  already deployed a public cloud computing
  implementation
• 45 of respondents currently using private
  clouds.
• 66 of respondents indicating that they have a
  dedicated budget for cloud computing initiatives.
  

6
Characteristics of Cloud Computing

• Virtual Machines used as standard deployment
  objects
• Virtualization enhanced flexibility because it
  isnt tied to a specific physical server.
• Enables a dynamic datacenter for resources.
• Virtualization allows applications to be deployed
  and scaled rapidly.
• Can be configurable.

7
Example
8
Benefits of the Cloud

• Cost
• Infrastructure rented rather than bought
• CAPEX can be zero
• Business Continuity
• Server patching, backup, data redundancy is
  taking care off by external sources
• Leaves the organization to carry on with its
  day-to-day business.
• Flexibility
• Ability to scale on demand
• Ability to test and prototype applications
• Time
• Reduce runtime
• Reduce response time
• Resources
• Free organization from supporting high costs,
  time consuming IT functions when taking
  subscription to the cloud.
• Pay-As-You-Go
• Pay on a monthly or subscription fee
• Others

9
Various Cost Comparison
10
Return on Investment (ROI)
11
Organizational Impact Risk

• When considering a move to the Cloud, we must
  first understand the impact it will have to the
  existing infrastructure of the organization.
• Organizations cannot simply decide to take on the
  cloud overnight. They must be ready for it.
• How have organizational architectures evolved
  over the past 10 years and how will it continue
  to evolve?
• Organizations must carry out its own feasibility
  analysis.
• Cloud computing will impact an organization on at
  least two levels the department, and the
  employees.

12
Organizational Impact Risk

• There are many forms of risk to an organization
  that the organization must be aware of
• Security
• Privacy concerns
• Data integrity
• Availability
• Business acceptability.

13
Cloud Security

• Perhaps the biggest concerns about cloud
  computing are security and privacy.
• Privacy is a major issue.
• Organizations can compensate this dilemma by
  implementing stricter security measures, such as
• VPNs (SSL and IPSec) for transport security
• Two-factor authentication between services,
  clouds, and users and applications.
• Data encryption
• Digital signatures.

14
Cloud Security
15
Cloud Computing Infrastructure Models

• Organizations must consider which infrastructure
  model best suits them when considering the move
  to the cloud.
• Cloud computing infrastructure models
• Public Cloud
• Run by Third Parties, and applications from
  different customers are likely to be mixed
  together on the clouds servers, storage systems,
  and networks.
• A public cloud provides services to multiple
  customers, and is typically deployed at a
  co-location facility.

16
Public Cloud structure
17
Cloud Computing Infrastructure Models

• Private Cloud
• Private clouds are built for the exclusive use of
  one client, providing the utmost control over
  data, security, and quality of service.
• Private clouds may be hosted at a co-location
  facility or in an enterprise datacenter. They may
  be supported by the company, by a cloud provider,
  or by a third party such as an outsourcing firm.

18
Private Cloud structure
19
Architectural Layers

• Cloud Computing can describe services being
  provided at any of the traditional layers from
  hardware to applications.
• Cloud services is grouped into three categories
• Software-as-a-Service (SaaS)
• Platform-as-a-Service (PaaS)
• Infrastructure-as-a-Service (IaaS)

20
Architectural Layers - SaaS

• Software-as-a-Service

21
Architectural Layers - PaaS

• Platform-as-a-Service

22
Architectural Layers IaaS

• Infrastructure-as-a-Service

23
Architecture considerations Behind the firewall

• Securing browser based Internet applications
• Secure Sockets Layer (SSL)
• Forms Authentication (2FA)
• Session Cookies
• Layered architecture
• Firewalled Network Perimeter
• Web Tier (Presentation)
• Application Tier (BL)
• Data Tier
• Internal Ancillary Services

24
Existing Architectural layer
Defense in Depth Layered Security Architecture
(Current)
PUBLIC
Network Perimeter
Web Tier
PRIVATE
Application Tier
SECRETS
Data
Services
25
Authenticate first, operate second
Outside the Firewall Authenticate First,
Operate Second
Customers authenticate to the bank
Security access returned
Access presented as credential to federated
cloud services
Public Authentication Layer
Cloud Service
Cloud Service
Authentication Services
Cloud Service
Bank staff manage identity and access control
Application1
Application 2
26
Authentication Overview
CAAS - Overview
Legend
Integrating Applications
CAAS
Customers single sign-on (SSO) to eBank
affiliated applications
eBank
Application Web Integration Layer
Authentication SSO Layer
Superann App
Trading App
Application
Application
Authentication Services also provide
Session Management

Authentication Services
Single Identity Store

Bank staff manage identity and access control
Hardware Security Module (crypto)
Application1
Application 2
27
Architecture well Primed to secure the cloud

• Augmenting Active Directory
• Is a relatively simple extension exercise
• Will be a core AD feature
• Service Integration
• SSB services already provide basic SAML ticketing
  functions
• Provides SAML transformation services today to
  support various applications SSO
• Built on Zermatt, therefore Microsoft Geneva
  will not be too difficult
• Newly built cloud assets
• Trust banks (Authentication) signed tokens using
  standard claim-based integration patterns
• SAML tokens are as secure as eBanks cookies are
  today.
• Trusted separation of function vs. security

28
Internal Channel Authentication for staff based
cloud services
Legend
Integrating Applications
CAAS
Microsoft

• SAML token generation could be as applicable for
  bank staff as it is for external clients
• MyEmailAnywhere
• Access to externally hosted instrumentation logs

Authentication External Integration Channel
Authentication InternalIntegration Channel
Geneva Web Connector
Authentication Services
IPNet Services
Geneva STS
Geneva STS


BanksENet
IPNet
29
Cloud Computing Standards

• Cloud computing emphasizes efficiency.
• Helps reduce maintenance
• Deployment costs
• Cloud computing raises the level of abstraction.
• All components are virtualized
• Fast composition of higher-level applications or
  platforms
• Testing applications in the cloud is an important
  aspect to an organization.
• Functional
• Non-Functional

30
Conclusion

• The cloud will continue to evolve over the coming
  decade and there is no one approach that will
  become the standard.
• The cloud is primarily an economic proposition
  that will require careful evaluation.
  Organizations need to understand what their
  business is, what the value and role of the
  datacenter is and what the best set of services
  available are.
• The good news is that with the evolution of the
  cloud, organizations will have lots of good
  options.
• So in conclusion, large organizations should
  invest in Cloud computing. Considering the cloud
  is not only beneficial one, but also a practical
  one.
• An organization should consider the cloud as the
  benefits definitely outweigh the costs in the
  long term.
• I have also provided three examples of real
  organizations, that have successfully taken the
  cloud on board, in my report.

31
References

• T Mather, S Kumaraswamy, S Latif 2009, Cloud
  Security and Privacy An Enterprise Perspective
  on Risk and Compliance, OReilly, California
• L Herbert, J Erickson 2009, The ROI of
  Software-as-a-Service, Forrester, July 2009
• IBM Research 2007, IBM Unveils Blue Cloud
  Analyst briefing, IBM, November 2007
• I Sorbello 2009, Security in the Cloud CAAS,
  Commonwealth Bank of Australia Literature, Sydney
• F5 Networks Inc. Research 2009, Cloud Computing
  Study Research Report, http//www.f5.com/news-pres
  s-events/press/2009/20090824a.html, Seattle
• R Katz 2008, Tower and the cloud Higher
  education in the age of Cloud ComputingEducause,
  USA
• Accenture Research, The Enterprise Cloud
  StackGauging the True Enterprise Impact of Cloud
  Computing, Accenture, 2008
• IBM Research 2009, IBM Service Management
  Fulfilling the SOA Vision, http//www-01.ibm.com/s
  oftware/tivoli/governance/action/06182009.html,
  IBM, July 2009

32
Thank You Questions