Transcript Document 7445234

Cloud Computing:
Is my organisation ready for the cloud?
Name: Dilshan Fonseka
Student ID: 40273660
Supervisor: Prof Michael Johnson
1
Contents

Business Considerations:
 Introduction (2-3mins)
 Types of the Clouds (2mins)
 Nature of Cloud Computing (3-5mins)
 Yesterday, Today & Tomorrow (1 min)
 Organizational Impact & Risk (3-4mins)

Technical Considerations:
 Cloud Security (5mins)
 Service Integration of the cloud (5-10mins)


Conclusion
Question Time
2
Introduction

What is Cloud Computing?
 “…is internet based development and use of computer
technology…”

So what does this mean to an organization?
 Organizations looking to make innovations their priority.
 They seek new ideas to keep competitive
 Find means to cut costs.
3
Types of Cloud
Source: Gauging the True Enterprise of Cloud Computing, Accenture
4
Characteristics of Cloud Computing

Cloud computing builds on established market
trends
 Survey carried out by F5 Networks Inc indicated that:
▪ 80% of large enterprise IT managers are at least in trial stage for cloud
computing initiatives.
▪ IT managers are aggressively adopting cloud computing.
▪ Half of respondents reported that they have already deployed a public
cloud computing implementation
▪ 45% of respondents currently using private clouds.
▪ 66 % of respondents indicating that they have a dedicated budget for cloud
computing initiatives.
Source: F5 Networks Inc. Research [2009], Cloud Computing Study Research
Report,
5
Characteristics of Cloud Computing

Virtual Machines used as standard deployment
objects
 Virtualization enhanced flexibility because it isn’t tied to a
specific physical server.
 Enables a dynamic datacenter for resources.
 Virtualization allows applications to be deployed and
scaled rapidly.
 Can be configurable.
6
Example
7
Benefits of the Cloud

Cost



Business Continuity





Free organization from supporting high costs, time consuming IT functions when taking subscription to the cloud.
Pay-As-You-Go


Reduce runtime
Reduce response time
Resources


Ability to scale on demand
Ability to test and prototype applications
Time


Server patching, backup, data redundancy is taking care off by external sources
Leaves the organization to carry on with its day-to-day business.
Flexibility


Infrastructure rented rather than bought
CAPEX can be zero
Pay on a monthly or subscription fee
Others
8
Various Cost Comparison
9
Return on Investment (ROI)
10
Organizational Impact & Risk
When considering a move to the Cloud, we must
first understand the impact it will have to the
existing infrastructure of the organization.
 Organizations cannot simply decide to take on the
cloud overnight. They must be ready for it.

 How have organizational architectures evolved over the
past 10 years and how will it continue to evolve?
 Organizations must carry out its own feasibility analysis.

Cloud computing will impact an organization on at
least two levels: the department, and the
employees.
11
Organizational Impact & Risk

There are many forms of risk to an organization that
the organization must be aware of:
 Security
 Privacy concerns
 Data integrity
 Availability
 Business acceptability.
12
Cloud Security

Perhaps the biggest concerns about cloud computing
are security and privacy.
 Privacy is a major issue.

Organizations can compensate this dilemma by
implementing stricter security measures, such as:
 VPNs (SSL and IPSec) for transport security
 Two-factor authentication between services, clouds, and users and
applications.
 Data encryption
 Digital signatures.
13
Cloud Security
14
Cloud Computing Infrastructure Models


Organizations must consider which infrastructure model
best suits them when considering the move to the cloud.
Cloud computing infrastructure models:
 Public Cloud
▪ Run by Third Parties, and applications from different customers are likely to
be mixed together on the clouds servers, storage systems, and networks.
▪ A public cloud provides services to multiple customers, and is typically
deployed at a co-location facility.
15
Public Cloud structure
16
Cloud Computing Infrastructure Models
 Private Cloud
▪ Private clouds are built for the exclusive use of one client, providing the
utmost control over data, security, and quality of service.
▪ Private clouds may be hosted at a co-location facility or in an enterprise
datacenter. They may be supported by the company, by a cloud provider, or
by a third party such as an outsourcing firm.
17
Private Cloud structure
18
Architectural Layers


Cloud Computing can describe services being provided at
any of the traditional layers from hardware to applications.
Cloud services is grouped into three categories:
 Software-as-a-Service (SaaS)
 Platform-as-a-Service (PaaS)
 Infrastructure-as-a-Service (IaaS)
19
Architectural Layers - SaaS

Software-as-a-Service
20
Architectural Layers - PaaS

Platform-as-a-Service
21
Architectural Layers – IaaS

Infrastructure-as-a-Service
22
Architecture considerations – Behind the
firewall

Securing browser based Internet applications
 Secure Sockets Layer (SSL)
 Forms Authentication (2FA)
 Session Cookies

Layered architecture
 Firewalled Network Perimeter
 Web Tier (Presentation)
 Application Tier (BL)
 Data Tier
 Internal Ancillary Services
23
Existing Architectural layer
Defense in Depth – Layered Security Architecture (Current)
PUBLIC
Internet
Network Perimeter
PRIVATE
Web Tier
Application Tier
SECRETS
Data
Services
24
Outside the Firewall – Authenticate First, Operate Second
Authenticate first, operate second
Customers
authenticate
to the bank
Security
access
returned
Access
presented as
credential to
“federated”
cloud services
Public Authentication Layer
Cloud Service
Cloud Service
Authentication Services
Cloud Service
Bank staff manage
identity and access
control
Application1
Application 2
25
CAAS - Overview
Legend
Authentication Overview
Integrating
Applications
CAAS
Customers “single sign-on (SSO) to
eBank affiliated applications
Application Web Integration Layer
eBank
Application
Application
Authentication SSO Layer
Superann App
Trading App
Authentication Services also provide:
Session
Management
Authentication Services
Single Identity
Store
Bank staff manage
identity and access control
Application1
Application 2
Hardware
Security Module
(crypto)
26
Architecture well Primed to secure the
cloud

Augmenting Active Directory:
 Is a relatively simple extension exercise
 Will be a core AD feature

Service Integration
 SSB services already provide basic SAML ticketing functions:
▪ Provides SAML transformation services today to support various applications SSO
▪ Built on “Zermatt”, therefore Microsoft “Geneva” will not be too difficult

Newly built cloud assets
 Trust banks (Authentication) signed tokens using standard claim-based integration patterns
 SAML tokens are as secure as eBanks cookies are today.
 Trusted separation of function vs. security
27
Internal Channel Authentication for staff
based cloud services
Legend
Integrating
Applications
Microsoft
Authentication External
Integration Channel
Authentication Internal
Integration Channel
“Geneva” Web Connector
Authentication Services
SAML token generation could be as
applicable for bank staff as it is for external
clients…
•MyEmailAnywhere
•Access to externally hosted
instrumentation logs
IPNet Services
“Geneva” STS
Bank’sENet
CAAS
“Geneva” STS
IPNet
28
Cloud Computing Standards

Cloud computing emphasizes efficiency.
 Helps reduce maintenance
 Deployment costs

Cloud computing raises the level of abstraction.
 All components are virtualized
 Fast composition of higher-level applications or platforms

Testing applications in the cloud is an important aspect to an
organization.
 Functional
 Non-Functional
29
Conclusion






The cloud will continue to evolve over the coming decade and there is no
one approach that will become the standard.
The cloud is primarily an economic proposition that will require careful
evaluation. Organizations need to understand what their business is,
what the value and role of the datacenter is and what the best set of
services available are.
The good news is that with the evolution of the cloud, organizations will
have lots of good options.
So in conclusion, large organizations should invest in Cloud computing.
Considering the cloud is not only beneficial one, but also a practical one.
An organization should consider the cloud as the benefits definitely
outweigh the costs in the long term.
I have also provided three examples of real organizations, that have
successfully taken the cloud on board, in my report.
30
References








T Mather, S Kumaraswamy, S Latif [2009], Cloud Security and Privacy: An
Enterprise Perspective on Risk and Compliance, O’Reilly, California
L Herbert, J Erickson [2009], The ROI of Software-as-a-Service, Forrester, July
2009
IBM Research [2007], IBM Unveils “Blue Cloud” – Analyst briefing, IBM, November
2007
I Sorbello [2009], Security in the Cloud – CAAS, Commonwealth Bank of Australia
Literature, Sydney
F5 Networks Inc. Research [2009], Cloud Computing Study Research Report,
http://www.f5.com/news-press-events/press/2009/20090824a.html, Seattle
R Katz [2008], “Tower and the cloud: Higher education in the age of Cloud
Computing”;Educause, USA
Accenture Research, The Enterprise Cloud Stack:Gauging the True Enterprise
Impact of Cloud Computing, Accenture, 2008
IBM Research [2009], IBM Service Management: Fulfilling the SOA Vision,
http://www-01.ibm.com/software/tivoli/governance/action/06182009.html, IBM,
July 2009
31
Thank You & Questions
32