Cloud Management and Security E-Book

CLOUD MANAGEMENT AND SECURITY

This edition first published 2014 © 2014 John Wiley & Sons, Ltd

Registered officeJohn Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex, PO19 8SQ, United Kingdom

For details of our global editorial offices, for customer services and for information about how to apply for permission to reuse the copyright material in this book please see our website at www.wiley.com.

The right of the author to be identified as the author of this work has been asserted in accordance with the Copyright, Designs and Patents Act 1988.

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, except as permitted by the UK Copyright, Designs and Patents Act 1988, without the prior permission of the publisher.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books.

Designations used by companies to distinguish their products are often claimed as trademarks. All brand names and product names used in this book are trade names, service marks, trademarks or registered trademarks of their respective owners. The publisher is not associated with any product or vendor mentioned in this book.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. It is sold on the understanding that the publisher is not engaged in rendering professional services and neither the publisher nor the author shall be liable for damages arising herefrom. If professional advice or other expert assistance is required, the services of a competent professional should be sought.

Library of Congress Cataloging-in-Publication Data

Abbadi, Imad M., author.     Cloud management and security / Imad M. Abbadi.         pages cm     Includes bibliographical references and index.     ISBN 978-1-118-81709-4 (hardback)   1. Cloud computing. 2. Web services. 3. Computer security. I. Title.     QA76.585.A23 2014     004.67′82–dc23

2014011409

A catalogue record for this book is available from the British Library.

ISBN: 9781118817094

Contents

About the Author

Preface

Guide to Using this Book

Notes

References

Acknowledgments

Acronyms

1 Introduction

1.1 Overview

1.2 Cloud Definition

1.3 Cloud Evolution

1.4 Cloud Services

1.5 Cloud Deployment Types

1.6 Main Challenges of Clouds

1.7 Summary

1.8 Exercises

References

Part One CLOUD MANAGEMENT

2 Cloud Structure

2.1 Introduction

2.2 Infrastructure Components

2.3 Cloud Layers

2.4 Cloud Relations

2.5 Cloud Dynamics

2.6 Data Types

2.7 Summary

2.8 Exercises

Notes

References

3 Fundamentals of Cloud Management

3.1 Introduction

3.2 Clouds Management Services

3.3 Virtual Control Center

3.4 Prerequisite Input Data for Management Services

3.5 Management of User Requirements

3.6 Summary

3.7 Exercises

Notes

References

4 Cloud Properties

4.1 Introduction

4.2 Adaptability Property

4.3 Resilience Property

4.4 Scalability Property

4.5 Availability Property

4.6 Reliability Property

4.7 Security and Privacy Property

4.8 Business Model

4.9 Summary

4.10 Exercises

References

5 Automated Management Services

5.1 Introduction

5.2 Virtual Layer Self-managed Services

5.3 Virtual Services Interdependency

5.4 Application Layer Self-managed Services

5.5 Application Services Interdependency

5.6 Security and Privacy by Design

5.7 Multi-tier Application Deployment in the Cloud

5.8 Main Challenges and Requirements

5.9 Summary

5.10 Exercises

Notes

References

Part Two CLOUD SECURITY FUNDAMENTALS

6 Background

6.1 Topics Flow

6.2 Trusted Computing

6.3 Summary

Notes

References

7 Challenges for Establishing Trust in Clouds

7.1 Introduction

7.2 Effects of Cloud Dynamism on Trust Relationships

7.3 Challenges

7.4 Summary

7.5 Exercises

References

8 Establishing Trust in Clouds

8.1 Introduction

8.2 Organization Requirements

8.3 Framework Requirements

8.4 Device Properties

8.5 Framework Architecture

8.6 Required Software Agents

8.7 Framework Workflow

8.8 Discussion and Analysis

8.9 Summary

8.10 Exercises

References

9 Clouds Chains of Trust

9.1 Introduction

9.2 Software Agents Revision

9.3 Roots of and Chains of Trust Definition

9.4 Intra-layer Chains of Trust

9.5 Trust Across Layers

9.6 Summary

9.7 Exercises

Notes

References

10 Provenance in Clouds

10.1 Introduction

10.2 Motivating Scenarios

10.3 Log Records Management and Requirements

10.4 Framework Domain Architecture

10.5 Framework Software Agents

10.6 Framework Workflow

10.7 Threat Analysis

10.8 Discussion and Future Directions

10.9 Summary

10.10 Exercises

References

11 Insiders

11.1 Introduction

11.2 Insiders Definition

11.3 Conceptual Models

11.4 Summary

11.5 Exercises

References

Part Three PRACTICAL EXAMPLES

12 Real-Life Examples

12.1 OpenStack

12.2 Amazon Web Services

12.3 Component Architecture

12.4 Prototype

12.5 Summary

Notes

References

13 Case Study

13.1 Scenario

13.2 Home Healthcare Architecture in the Cloud

13.3 Insiders Analysis for Home Healthcare

13.4 Cloud Threats

References

Index

End User License Agreement

List of Tables

Chapter 12

Table 12.1

List of Illustrations

Chapter 1

Figure 1.1

Cloud services

Chapter 2

Figure 2.1

Cloud taxonomy: 3-D view

Figure 2.2

Clouds and federated Clouds taxonomy

Figure 2.3

Multi-tier example using the provided Cloud structure

Figure 2.4

Intra-layer relations

Figure 2.5

Across-layer relations

Figure 2.6

Dynamics of Cloud computing

Chapter 3

Figure 3.1

Application deployment architecture

Figure 3.2

A conceptual model of the Cloud’s VCC

Figure 3.3

Requirement process workflow in current Cloud management tools

Chapter 4

Figure 4.1

A simplified business model illustrating the importance of Cloud properties

Chapter 5

Figure 5.1

ADaaVS

Figure 5.2

SAaaVS and RSaaVS

Figure 5.3

SCaaVS

Figure 5.4

AVaaVS

Figure 5.5

RLaaVS

Figure 5.6

Virtual layer self-managed services interdependency

Figure 5.7

ADaaAS

Figure 5.8

RSaaAS

Figure 5.9

SCaaAS

Figure 5.10

AVaaAS

Figure 5.11

RLaaAS

Figure 5.12

Interactions of the application layer self-managed services

Figure 5.13

Security and privacy service

Figure 5.14

A typical multi-tier application architect in the Cloud

Figure 5.15

Types of self-managed services in the Cloud

Chapter 6

Figure 6.1

Trust components relationship

Chapter 7

Figure 7.1

Load balancing and trust relationship

Figure 7.2

Horizontal scalability and trust relationship

Figure 7.3

Redundancy and trust relationship

Figure 7.4

Trust relationship for a cluster

Chapter 8

Figure 8.1

Protection levels in the discussed framework

Figure 8.2

Framework architecture

Chapter 9

Figure 9.1

Cloud computing – layering conceptual model

Figure 9.2

Example of a partial RCoT of a physical resource

Figure 9.3

Clouds trust anchors

Chapter 10

Figure 10.1

Provenance scenario

Figure 10.2

Provenance DB scheme design

Figure 10.3

High-level architecture of LaaS DBMS

Figure 10.4

Domains and software agents in Cloud taxonomy

Figure 10.5

Software agents for Cloud provenance and management services

Chapter 11

Figure 11.1

Factors affecting the definition of an insider

Figure 11.2

High-level organizational view of the Cloud

Figure 11.3

A view around the client

Figure 11.4

A breakdown of Cloud resources

Figure 11.5

Potential insiders and insiders identification process

Chapter 12

Figure 12.1

Sample of OpenStack releases – a new release is added every six-months

Figure 12.2

Current OpenStack structure.

Source:

http://docs.openstack.org/

Figure 12.3

Current OpenStack scheduler.

Source:

http://docs.openstack.org/

Figure 12.4

The main components of OpenStack Swift

Figure 12.5

Amazon storage systems

Figure 12.6

High-level architecture

Figure 12.7

Nova-api updates

Figure 12.8

Updates on nova-database to include part of the identified Cloud relations

Figure 12.9

Compute node architecture

Chapter 13

Figure 13.1

Home healthcare application architecture

Figure 13.2

Model instance for the home healthcare scenario

Figure 13.3

Physical infrastructure

Figure 13.4

Hypervisor component breakdown

Figure 13.5

VM access

Figure 13.6

Application access

Guide

Cover

Table of Contents

Preface

Pages

xi

xiii

xiv

xv

xvi

xvii

xix

xxi

xxii

1

2

3

4

5

6

7

8

9

10

11

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

167

168

169

170

171

172

173

174

175

176

177

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

About the Author

Dr. Imad Abbadi is an Associate Professor of Information Security with more than 18 years' experience of leading enterprise-scale projects. He works at Oxford University, leading activities to establish the next-generation trustworthy Cloud infrastructure. He has pioneered a novel, worldwide course in Cloud security which has been adopted at the university.

Dr. Abbadi currently teaches his Cloud security course as part of Oxford University's M.Sc. in Software and Systems Security. In addition to his teaching role he is also a principal consultant and senior project manager for enterprise-scale projects spanning several domains, such as finance and healthcare. Dr. Abbadi is a strategic planner who helps several organizations to define their Cloud adoption strategy. Further, he has invented several tools to enhance Cloud trustworthiness and authored more than 40 scientific papers.

Preface

Cloud computing is a new concept, building on well-established industrial technologies. The interactions between the technologies behind Cloud computing had never been of great interest in the academic domain before the Cloud era. The emergence of Cloud computing as an Internet-scale critical infrastructure has greatly encouraged the collaboration between industry and academia to analyze this infrastructure. Such collaborations would help in understanding the vulnerabilities of Cloud and defining research agendas to address the identified vulnerabilities. In fact, funding bodies and governments have already allocated generous grants to encourage both academic and industrial collaboration on research activities in Cloud computing. In addition, some universities have very recently introduced Cloud computing-related subjects as part of their undergraduate and postgraduate degrees to advance the knowledge in this domain.

Cloud computing has emerged from industry to academia without transferring the knowledge behind this domain. This results in confusion and misunderstanding. Most of the available trusted resources are industrial and scattered around hundreds of technical manuals and white papers. These cover different complex domains (e.g., infrastructure management, distributed database management systems, clustering technology, software architecture, security management, and network management). These domains are not easy to understand, as integrated science, for many people working both in the industry and academia. This book does not discuss the complex details of each technical element behind Cloud computing, as these are too complicated to be covered in a single textbook. In addition, discussing these will not help non-technical readers to understand Cloud computing. This book rather provides a conceptual and integrated view of the overall Cloud infrastructure; it covers Clouds structure, operation management, property and security. It also discusses trust in the Cloud – that is, how to establish trust in Clouds using current technologies – and presents a set of integrated frameworks for establishing next-generation trustworthy Cloud computing. These elements have never been discussed before in the same way. The book is rich in real-life scenarios, currently used in a Cloud production environment. Moreover, we provide practical examples partly clarifying the concepts discussed throughout the book.

The main objective of this book is to establish the foundations of Cloud computing, building on an in-depth and diverse understanding of the technologies behind Cloud computing. The author has more than 15 years of senior industrial experience managing and building all technologies behind Cloud computing. The book is also based on strong scientific publication records at international conferences and in leading journals [1–17]. That is to say, this book presents a neutral view of the area, supported by solid scientific foundations and a strong industrial vision. Oxford University has adopted this book as part of its MSc in Software and Systems Security.

Guide to Using this Book

This section discusses the organization of the book and the required background when reading different chapters of the book. It also aims to help instructors seeking to adopt this book for their undergraduate or postgraduate course levels.

Organization of the Book

This book starts with an introduction, followed by three parts: Cloud management; Cloud security; and practical examples.

The introduction is presented in Chapter 1. It discusses the fundamental concepts of Cloud computing. That is, Cloud definition, Cloud services, Cloud deployment types, and the main challenges in Clouds.

The first part (i.e., Cloud management) consists of four chapters. Chapter 2 presents the main components of the Cloud infrastructure. It also discusses the relationship between the components of Cloud and their interactions. This chapter is key to understanding the properties of Cloud, the real challenges of Cloud, and the differences between different deployment types of Cloud. Chapter 3 analyzes Cloud’s management platforms. The chapter starts by identifying and discussing the main services which are required to automatically manage Cloud resources. It then presents a unified view of Cloud’s management platforms and discusses their required inputs. Following that, the chapter presents the process workflow of managing user requirements and identifying weaknesses in the management process. Chapter 4 identifies and analyzes the main properties of the Cloud infrastructure. Such properties are important for Cloud users when comparing different Cloud providers. They are also important for Cloud providers when assessing their infrastructure and introducing various Cloud business models. Moreover, realizing the Cloud properties is very important when conducting research in the Cloud computing domain. Finally, Chapter 5 discusses Clouds automated management services: virtual and application resource management services.

The second part (i.e., Cloud security) consists of six chapters. Chapter 6 introduces Part Two and highlights its relation to Part One of the book. It also briefly outlines the trusted computing principles. Chapter 7 discusses the problem of establishing trustworthy Cloud. The chapter concludes with a set of research directions for establishing trust in Cloud. The remaining chapters in this part extend the identified directions and draw a set of integrated frameworks for establishing next-generation trustworthy Cloud computing. Chapter 8 lays a foundation framework to address the question of how users can establish trust in Cloud without the need to get involved in complex technical details. Chapter 9 discusses mechanisms for remote attestation in Cloud and addresses the question of how to establish trust in a composition of multiple entities in which the entities could change dynamically. Chapter 10 presents a framework for establishing a trustworthy provenance system. This helps in monitoring, verifying, and tracking the operation management of the Cloud infrastructure, that is it helps in the direction of proactive service management, finding the cause of incidents, customer billing assurance, security monitoring (as in the case of lessening the effects of insider threats), security and incident reporting, and tracking both management data and customer data across the infrastructural resources. Chapter 11 discusses the problem of insiders; it provides a systematic method to identify potential and malicious insiders in a Cloud environment.

The last part (i.e., practical examples) consists of two chapters. Chapter 12 presents real-life commercial and open-source examples of some of the concepts discussed in this book. It also presents a possible implementation of some of the concepts in the book. Chapter 13 presents a case study which helps in understanding the concepts discussed throughout the book.

Required Background

Readers of this book should have a basic understanding of computer security principles and some understanding of computer systems architecture and network connectivity. Each chapter in Part Two is composed of three main components: problem analysis, a framework, and implementation protocols. The first two components require careful understanding of Part One, while the third component requires, in addition, an extensive understanding of trusted computing principles and cryptographic protocols. We introduce trusted computing principles in Chapter 6.

Suggestions for Course Organization

The layout of this book has been carefully designed for postgraduate studies. Specifically, most chapters cover the teaching material of the Cloud security module1 of Oxford University’s MSc in Software and Systems Security. This degree is specifically designed to fit the needs of industrial professionals. The book could also be of great benefit for undergraduate studies. We suggest the following layout in both cases.

Postgraduate Study

This could follow the Oxford University curriculum in teaching the book (available on its website), in which we cover selected parts from all chapters. Alternatively, the book could be taught as two modules: Cloud management and advanced Cloud security. The Cloud management module would need to complete the first part of the book and part of the third part of the book. The advanced Cloud security module would need to start with a high-level introduction to the first part of the book and then cover the details of the second and third parts of the book. In addition, it would need to cover federated identity management and key management in Cloud and federated Clouds, which we do not cover here.

Undergraduate Study

As in the case of postgraduate studies, an undergraduate course could cover the Cloud computing subject in two modules: Cloud management and Cloud security. Cloud management could cover selected sections from all chapters of the first part of the book. The Cloud security module would assume that students had already studied information security and Cloud management. Cloud security could cover the problem analysis and framework components of the second part of the book. Undergraduate students would also benefit from the third part of the book as laboratory-based exercise work.

Notes

1

http://www.cs.ox.ac.uk/softeng/subjects/CLS.html

(accessed March 2013).

References

Imad M. Abbadi. Middleware services at cloud application layer. In

IWTMP2PS ’11: Proceedings of Second International Workshop on Trust Management in P2P Systems

. Kochi, India, July 2011.

Imad M. Abbadi. Clouds infrastructure taxonomy, properties, and management services. In Ajith Abraham, Jaime Lloret Mauri, John F. Buford, Junichi Suzuki, and Sabu M. Thampi (eds),

Advances in Computing and Communications

, vol. 193 of

Communications in Computer and Information Science

, pp. 406–420. Springer-Verlag: Berlin, 2011.

Imad M. Abbadi. Middleware services at cloud virtual layer. In

DSOC 2011: Proceedings of the 2nd International Workshop on Dependable Service-Oriented and Cloud Computing

. IEEE Computer Society, August 2011.

Imad M. Abbadi. Operational trust in clouds’ environment. In

MoCS 2011: Proceedings of the Workshop on Management of Cloud Systems

. IEEE, June 2011.

Imad M. Abbadi. Self-Managed services conceptual model in trustworthy clouds’ infrastructure. In

Workshop on Cryptography and Security in Clouds

. IBM, Zurich, March 2011.

http://www.zurich.ibm.com/

cca/csc2011/program.html.

Imad M. Abbadi. Toward trustworthy clouds’ internet scale critical infrastructure. In

ISPEC ’11: Proceedings of the 7th Information Security Practice and Experience Conference

, vol. 6672 of

LNCS

, pp. 73–84. Springer-Verlag: Berlin, 2011.

Imad M. Abbadi, Muntaha Alawneh, and Andrew Martin. Secure virtual layer management in clouds. In

The 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-10)

, pp. 99–110. IEEE, November 2011.

Imad M. Abbadi, Mina Deng, Marco Nalin, Andrew Martin, Milan Petkovic, Ilaria Baroni, and Alberto Sanna. Trustworthy middleware services in the cloud. In

CloudDB’11

. ACM Press: New York, 2011.

Imad M. Abbadi and John Lyle. Challenges for provenance in cloud computing. In

3rd USENIX Workshop on the Theory and Practice of Provenance (TaPP ’11)

. USENIX Association, 2011.

Imad M. Abbadi and Andrew Martin. Trust in the cloud.

Information Security Technical Report

, 16(3–4):108–114, 2011.

Imad M. Abbadi and Cornelius Namiluko. Dynamics of trust in clouds – challenges and research agenda. In

6th International Conference for Internet Technology and Secured Transactions (ICITST-2011)

, pp. 110–115. IEEE, December 2011.

Imad M. Abbadi, Cornelius Namiluko, and Andrew Martin. Insiders analysis in cloud computing focusing on home healthcare system. In

6th International Conference for Internet Technology and Secured Transactions (ICITST-2011)

, pp. 350–357. IEEE, December 2011.

Muntaha Alawneh and Imad M. Abbadi. Defining and analyzing insiders and their threats in organizations. In

2011 IEEE International Workshop on Security and Privacy in Internet of Things (IEEE SPIoT 2011)

. IEEE, November 2011.

Imad M. Abbadi. Clouds trust anchors. In

11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-11)

. IEEE, June 2012.

Imad M. Abbadi. A framework for establishing trust in cloud provenance.

International Journal of Information Security

, 11:1–18, 2012.

Imad M. Abbadi and Muntaha Alawneh. A framework for establishing trust in the cloud.

Computers and Electrical Engineering Journal

, 38:1073–1087, 2012.

Imad M. Abbadi and Anbang Ruan. Towards trustworthy resource scheduling in clouds.

Transactions on Information Forensics & Security

, in press.

Acknowledgments

The author would like to thank Andrew Martin for taking the initiative and introducing the Cloud security module within the University of Oxford, as part of the Department of Computer Science part-time MSc in Systems and Software Engineering. Andrew was the source of encouragement to complete this book, which is designed specifically to support this program of study.

Acronyms

ACaaS

Access Control as a Service

ADaaAS

Adaptability as an Application Service

ADaaVS

Adaptability as a Virtual Service

AIK

Attestation Identity Key

AVaaAS

Availability as an Application Service

AVaaVS

Availability as a Virtual Service

CCA

Cloud Client Agent

CCoT

Collaborating Domain Chain of Trust

CMD

Cloud Collaborating Management Domain

COD

Organization Collaborating Outsourced Domain

CoT

Chain of Trust

CRTM

Core Root of Trust for Measurement

CSA

Cloud Server Agent

DBMS

Database Management System

DC-C

Domain Controller Client Side

DCoT

Domain Chain of Trust

DC-S

Domain Controller Server Side

DR

Disaster Recovery

HD

Organization Home Domain

IaaS

Infrastructure as a Service

IR

Integrity Report

LaaS

Log as a Service

LaaSD

Log as a Service Domain

LCA

LaaS Client Agent

LSA

LaaS Server Agent

MD

Management Domain

MTT-Deploy

Mean Time to Deploy

MTBF

Mean Time Between Failure

MTTD

Mean Time to Discover

MTTF

Mean Time to Failure

MTTI

Mean Time to Invoke

MTTPHW

Mean Time to Procure Hardware Resources

MTTR

Mean Time to Recover

MTTS-Down

Mean Time to Scale Down

MTTS-UP

Mean Time to Scale Up

NAS

Network Attached Storage

NIST

National Institute of Standards & Technology

OD

Organization Outsourced Domain

OS

Operating System

PaaS

Platform as a Service

PTS

Platform Trust Service

PCR

Platform Configuration Register

PKL

Public Key List

RAC

Real Application Cluster

RBAC

Role-Based Access Control

RCoT

Resource Chain of Trust

RLaaAS

Reliability as an Application Service

RLaaVS

Reliability as a Virtual Service

RSaaAS

Resilience as an Application Service

RSaaVS

Resilience as a Virtual Service

SAaaVS

System Architect as a Virtual Service

SaaS

Software as a Service

SAN

Storage Area Network

SCaaAS

Scalability as an Application Service

SCaaVS

Scalability as a Virtual Service

SLA

Service Level Agreement

TCB

Trusted Computing Base

TCG

Trusted Computing Group

TCS

Trusted Computing Services

TCSD

Trusted Core Service Daemon

TP

Trusted Platform

TPM

Trusted Platform Module

VCC

Virtual Control Center

VM

Virtual Machine

VMA

Virtual Machine Agent

VMI

Virtual Machine Image

VMM

Virtual Machine Manager

vTPM

Virtual TPM

1Introduction

This chapter introduces Cloud computing. The introduction helps the reader to get an overview of Cloud computing and its main challenges. Subsequent chapters of this book assume the reader understands the content of this chapter.

1.1 Overview

Cloud computing originates from industry (commercial requirements and needs). Governments and leading industrial bodies involved academia at early stages of adopting Cloud computing because of its promising future as an Internet-scale critical infrastructure. Involving academia would ensure that Cloud computing is critically analyzed, which helps in understanding its problems and limitations. This would also help in advancing the knowledge of this domain by defining and executing research road maps to establish next-generation trustworthy Cloud infrastructure. Moreover, academia would provide the required education in Cloud computing by developing undergraduate and postgraduate courses in this domain.

Cloud comes with enormous advantages; for example, it reduces the capital costs of newly established businesses, it reduces provisioning time of different types of services, it establishes new business models, it reduces the overhead of infrastructure management, and it extends IT infrastructures to the limits of their hosting Cloud infrastructure. Although Cloud computing is associated with such great features, it also has critical problems preventing its wider adoption by critical business applications, critical infrastructures, or even end-users with sensitive data. Examples of such problems include: security and privacy problems, operational management problems, and legal concerns. The immaturity of Cloud and the generosity of its allocated funds have made Cloud computing, in a relatively short period of time, one of the most in-demand research topics around the world.

Cloud computing is built on complex technologies which are not easy to understand, as an integrated science, for many people working in the industry and academia. A fundamental reason behind this is the lack of resources analyzing current Cloud infrastructure, its properties and limitations [1, 2]. The main objective of this book is to establish the foundations of Cloud computing, which would help researchers and professionals to understand Cloud as an integrated science. Understanding the Cloud structure and properties is key for conducting practical research in this area that could possibly be adopted by industry.

Most current research assumes Cloud computing is a black-box that has physical and virtual resources. The lack of careful understanding of the properties, structure, management, and operation of the black-box results in confusion and misunderstanding. In terms of misunderstanding, this relates to Cloud’s limitations and the expectations of what it could practically provide. For example, some people claim that Cloud has immediate and unlimited capabilities, that is immediate and unlimited scalability. This is not practical considering present-day technologies, such as the limitations of hardware resources. There are also many other factors that have not been considered in such strong claims, for example should Cloud provide unlimited resources in case of application software bugs? Should resources be available immediately upon request without users' prior agreement? This book discusses these issues in detail.

This chapter is organized as follows. Section 1.2 discusses the definition of Cloud computing. Section 1.3 clarifies the evolution of Cloud computing. Section 1.4 discusses Cloud services. Section 1.5 discusses Cloud deployment types. Section 1.6 discusses the main challenges of Clouds. Finally, we summarize the chapter in Section 1.7 and provide a list of exercises in Section 1.8.

1.2 Cloud Definition

Cloud computing is a new buzzword in computing terms and it is associated with various definitions. In this book we focus on two definitions: the first is provided by the National Institute of Standards & Technology (NIST) [2] and the second is provided by an EU study of the future directions of Clouds [3]. The main reasons for analyzing these definitions in particular are:

The good reputation of the organizations behind the definitions. For example, the EU study was edited by representatives of leading universities and industrial bodies such as Oracle, Google, Microsoft, and IBM.

We found thsse definitions to be unique, such that their combination provides the most important elements of Cloud as covered throughout this book.

NIST defines Cloud as a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction [2].

In contrast:

An EU study defines Cloud as an elastic execution environment of resources involving multiple stakeholders and providing a metered service and multiple granularities for specified level of quality [3].

Although both definitions come from reputable organizations, they are not consistent. This is not to say that either of them is wrong, but they are incomplete. Both definitions reveal many important keywords reflecting Clouds capabilities; however, a careful analysis of these definitions shows they only have one keyword in common. The first definition uses ‘rapidly provisioned and released’ while the second definition uses ‘elastic execution.’ These two keywords have the same objective. However, other keywords are not the same, for example ‘minimal management effort’ as stated by the NIST definition is not stated anywhere in the EU definition. Similarly, the EU definition uses the keyword ‘metered service’ which is again not stated anywhere in the NIST definition.

Cloud computing is in fact a combination of both definitions as each definition provides a partial view of the Cloud attributes. Therefore, we could redefine Cloud computing as follows:

Cloud computing is a model involving multiple stakeholders and enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. The model provides a metered service and multiple granularities for a specified level of quality.

This book focuses primarily on the details behind the elements in the definition which would clarify the Cloud computing black-box.

1.3 Cloud Evolution

Enterprise infrastructures witnessed three major fundamental changes, which were a result of major innovations in computer science. These are as follows:

Traditional enterprise infrastructure

. This is the foundation of the virtualization era. Initially, it starts with a few powerful servers (what used to be called mainframes). With advances in technologies and an increased number of required applications, the number of servers increases rapidly. This results in a huge number of resources within an enterprise infrastructure. Despite the complexity of the traditional enterprise infrastructure, the relationship between customers and their resources is simple. Within this, the requirements of customers are carefully analyzed by system analysts. The system analysts forward the analyzed results to enterprise architects. The enterprise architects deliver an architecture which is designed to address the needs of a specific customer application requirement. The resources required by the delivered architecture in most cases run a specific customer applications. This process results in a one-to-one relationship between architecture and customer. Such a relationship causes huge wastage of resources including, for example, computational resources, power consumption, and data-center spaces. In contrast, this relationship results in a relatively more secure and customized design than the other evolution models of enterprise infrastructure.

Virtual enterprise infrastructure.

This is the foundation of today's Cloud infrastructure. The problems of the traditional enterprise infrastructure, which affect the green agenda, require novel innovations enabling customers to share resources without losing control or increasing security risks. This was the start of the virtualization era, which brings tremendous advantages in terms of consolidating resources and results in effective utilization of power, data-center space, etc. A virtual enterprise infrastructure suffers from many problems, such as security, privacy, and performance problems, which restricts many applications from running on virtual machines. As a result, virtual infrastructures for many enterprises support applications that run on virtual resources and those that run directly on physical resources.

The virtualization era changes the mentality of enterprise architects as the relationship between users and their physical resources is no longer one-to-one. This raises a big challenge in terms of how such a consolidated virtualized architecture could satisfy users’ dynamic requirements and unique application nature. Enterprise architects address this by studying the environment inherited from the traditional enterprise infrastructure, to find that different architectures have some similarities. The similarities between independent applications enable enterprise architects to split the infrastructure into groups. Each group has architecture-specific static properties. The properties enable the group to address common requirements of a certain category of applications. For example, a group could be allocated to applications that tolerate a single point of failure; another group could be allocated to applications that require full resilience with no single point of failure; a third group could be allocated to applications that are highly computational; a group for archiving systems; and so on.

The second part of the challenging question is how such a grouping, which is associated with almost static properties, could be used to address users’ dynamic requirements and their unique application nature. Enterprise architects realize that virtualization can be fine-tuned and architected to support the dynamic application requirements which cannot be provided by the physical group static properties. In other words, a combination of static physical properties and dynamic virtual properties is used to support customer expectations in a virtual enterprise infrastructure.

Cloud infrastructure

. This has evolved from the virtual enterprise infrastructure. Chapters 2 and 4 cover the details of Cloud structure and its attributes. Clouds come with many important and promising features, such as direct interaction with customers via supplied APIs, automatically managed resources via self-managed services, and support for a pay-per-use model. In addition, Cloud computing comes with new promising business models that would enable more efficient utilization of resources and quicker time-to-market. Cloud computing inherits the problems of the virtual infrastructure and in addition, it comes with more serious problems including security problems, operational and data management problems. The problems associated with Cloud prevent its wider adoption, especially by critical organizations. This chapter discusses the most important problems in Clouds.

1.4 Cloud Services

Cloud services are also referred to as Cloud types in some references. These are served by Cloud providers to their customers following a pre-agreed service level agreement (SLA). Figure 1.1 illustrates the commonly agreed Cloud services in the context of a Cloud environment. Understanding these services requires understanding the structure of the Cloud, which is discussed in detail in Chapter 2. As illustrated in the figure, the Cloud structure could be viewed based on the hosting relationship as the following hierarchical layers: physical layer, virtual layer, software platform and software application layer. The physical layer is composed of all physical components and their management software components, including the operating system and the hypervisor. The virtual layer is composed of virtual machines, virtual storage, and a virtual network managed by the physical layer. The software application and software platforms are self-explanatory, and could be served either by the virtual layer or directly by the physical layer.

Figure 1.1 Cloud services

The management of Cloud services is a shared responsibility between the Cloud provider and their customers. The level of responsibility is Cloud service specific, as explained next. Cloud computing has the following main services.

Infrastructure as a service (IaaS).

IaaS provides virtual compute and store resources as a service to customers. Cloud providers in IaaS manage the physical resources and their hypervisors. Cloud customers run their software stack and manage the content of their allocated virtual resources, including guest operating system. Customers in this type should, in principle, have overall control of their data. At the time of writing, Cloud providers have ultimate control of customer data.

Platform as a service (PaaS).

PaaS provides the environment and software platforms that Cloud customers can use to develop and host their own software applications. Unlike IaaS, PaaS customers do not manage the software platforms provided by the Cloud, but only need to manage their own software stack. Cloud providers of PaaS expose their own APIs, which are used directly by customer applications. The exposed APIs, at the time of writing, do not follow any standard. As a result, Cloud customers of PaaS cannot move their applications transparently across competing Cloud providers.

Software as a service (SaaS).

SaaS provides ready-to-consume software applications which address the needs of specific business functions and processes. Cloud providers manage the software applications and the hosting environment completely. Cloud customers might need to manage their specific configurations within the supported software application.

We conclude from the above that Cloud computing provides full outsourcing support for SaaS, partial outsourcing support for PaaS, and minimal outsourcing support for IaaS. That is, IaaS in theory provides customers with the greatest control over their resources, while SaaS provides Cloud providers with the greatest control over their customers' data and Cloud customers with the least control over their resources.

The above services are the main services a Cloud provider supports. Some references discuss other services, such as backup as a service, log as a service, etc. These services would be categorized under the above main services. For example, backup as a service could be viewed as SaaS. A Cloud customer does not necessarily need to stick to one service. It is, rather, likely for a Cloud customer to have a combination of different services. The selection of the service should be based on different complex factors, such as: the nature of the hosted application that will be using the service, the customer level of competence in using IT, the desired level of control, security and privacy requirements, cost factors, and legal requirements. We discuss these in detail throughout the book.

1.5 Cloud Deployment Types

Clouds have the following main deployment types (also referred to as deployment models in some references):

Public Cloud.

The infrastructure of a public Cloud is owned by the Cloud provider, but leased to Cloud customers. The Cloud provider typically manages its physical infrastructure, but it could outsource specific functions to a third party as in the case of outsourcing hardware maintenance. Example of this type includes Amazon and RackSpace.

Private Cloud.

A private Cloud deployment type is owned and used by a specific enterprise. That is, the enterprise employees are the only customer of the private Cloud. The private Cloud could either directly manage its own infrastructure or it could outsource the management to a third party. Example of a private Cloud deployment type includes most banks and telecoms infrastructure.

Community Cloud.

Organizations sharing common business functions and/or objectives could collaborate and establish their own specific community Cloud infrastructure. Example of this include Associated Newspapers which is a group of newspapers and publishing media that establish a community Cloud infrastructure to serve their common needs.

Hybrid Cloud.

This deployment type is a mixture of private, community, and/or public Cloud. This is important to support higher resilience, availability, and reliability.

Public Cloud has many more customers than private and community Clouds. As a result, public Cloud hosts more services and has intensive interactions with customers. Managing the huge customer base of public Cloud necessitates the public Cloud only hosting services that could be fully managed automatically with minimal human intervention. Automation hides the complexity of the infrastructure and increases its resilience. At the current time fully automated management services are not yet available for most types of applications and virtual resources. Such a lack of automated management services forces public Cloud providers to mainly support basic services which can be automated. These basic services currently cover the needs of casual users, small businesses, and uncritical applications.

Community and private Cloud deployment types, however, establish strong relations with their customers. That is, customers typically have a relationship of mutual benefit or shared goals with the Cloud provider; customers may also be contractually bound to good behavior. These characteristics give rise to a substantial degree of trust in the Cloud; its architecture is also important, but perhaps less so. By contrast, users of public Clouds are much more reliant on infrastructure properties in order to establish trust.

The hybrid Cloud model is different from the above as it is a mixture of different Cloud deployment types. Carefully managing it could result in higher reliance, reliability or even a reduction in costs. For example, a hybrid Cloud could be composed of a public and private Cloud such that the private Cloud hosts the critical and dependent application and the public Cloud acts as a web front-end or stores protected backup. The hybrid Cloud could also result in higher risk if badly configured and managed. For example, if a hybrid Cloud is composed of a highly secure private Cloud and a public Cloud, an attacker could attack the weakest link (i.e., the public Cloud) and from there get into the private Cloud. Therefore, careful risk analysis and management would need to be conducted not only when outsourcing services into public and community Cloud types, but importantly when moving into a hybrid Cloud type.

1.6 Main Challenges of Clouds

The EU study of Cloud [3] states the following:

Cloud technologies and models have not yet reached their full potential and many of the capabilities associated with Clouds are not yet developed and researched to a degree that allows their exploitation to the full degree, respectively meeting all requirements under all potential circumstances of usage.

This strong statement implicitly indicates that Cloud is still at an early stage of development and there are lots of challenges that still need to be addressed in this domain. In this section we highlight the most commonly discussed challenges in Clouds. This book discuss the challenges and how they could be managed using today's technologies. The main challenges in Clouds are as follows:

Operational management

. The scale, heterogeneity, and number of services and users of Cloud computing are by far more complex than traditional enterprise infrastructure. This requires automating the process of managing the Cloud environment as the management of Cloud computing is beyond the capabilities of typical human administrations and current system management tools. Providing fully automated management services is one of the key challenges in Cloud, which is discussed in great detail throughout this book. The following are example of cases which currently require excessive human intervention:

–

Automated and effective elasticity property.

This means that resources which are used by a service should reflect the real needs of the service. For example, running applications should immediately utilize allocated virtual computation, storage, and memory resources without the need to do further updates and/or restarts. This is not provided effectively at the current time, which results in an increase in operational management costs and, in addition, affects the green agenda. Such a case would require an optimized scheduler which considers the green agenda, SLA and QoS. For example, it is more efficient to not power up resources and delay execution if (i) utilized resources will be available shortly and (ii) SLA/QoS are maintained.

–

Self-detection of failure and automated recovery.

Failure management within enterprise infrastructures is provided manually with support from the limited available management tools. Such a semi-automatic process reduces the resilience and availability of the infrastructural resources.

Data management

. The amount of stored data in the Cloud is huge and increasing massively. Controlling the distribution of data is a big challenge that requires full consideration of legislation, security, privacy, and performance factors. This problem is considered in the first part of this book. The following are examples of data management problems:

– The huge volume of Cloud data affects data availability and transmission, as the greater the size of data the more complex it is to control its movement across the distributed elements of Clouds.

– The lack of automated data management mechanisms has a direct effect on the provided QoS.

– Data management is a major concern when scaling and shrinking resources, which is a result of Cloud elasticity. Cloud elasticity requires ensuring consistency and security of data when replicated and shrunk.

– Classical DBMS may break in Cloud considering the latency of accessing disks and the cache coherency across a very large number of nodes.

Privacy, security, and trust

. Establishing trust in Clouds is the ultimate objective of most research in this domain. Other discussed challenges will eventually help in establishing trust in the Cloud. Privacy, security, and trust is a top challenge of Cloud that directly prevents its wider adoption, especially by critical infrastructure. Clouds suffer from major security concerns, for example: physical resources shared by many (possibly competing) customers – what is known as the

multi-tenant architecture

; vulnerability to the insiders threat of traditional enterprises; complex and heterogeneous architecture increasing security vulnerabilities. In addition, the Cloud elasticity results in security vulnerabilities when replicating, distributing, and shrinking data. This process must validate the non-existence of security holes in remote servers. Equally importantly, in current Cloud users do not have control over their resources, for example users cannot be assured about the way Cloud manages resources, about the integrity of their bills, and about Cloud’s compliance with the greed SLA.

Forensic and provenance in Clouds

. This is one of the main issues in Clouds, and it helps in addressing many other challenges. A key fundamental requirement for establishing trust in Cloud is having a trustworthy provenance mechanism. Provenance helps in supporting proactive service management, assuring the integrity of bills, providing incident management, and lessening the impacts of insider threats, which increase Cloud trustworthiness. We devote Chapter 10 to this important topic.

Federation and interoperability

. The future vision of Cloud computing is to be the Internet-scale critical infrastructure. This strong vision requires trustworthy and resilient Cloud infrastructure that can survive even with failures of multiple Cloud providers. Addressing such a requirement requires establishing a Cloud-of-Clouds (what is also referred to as federated Clouds). The future vision of Cloud computing also enables customers to switch transparently between Cloud providers. Such visions (i.e., federated Clouds and flexibility in changing Cloud providers) are not available at the current time. One of the main reasons for this is the lack of standardization in this domain. The first part of this book presents the taxonomy of federated Clouds and briefly discusses this challenge.

Performance management

. This is a key subject for the success of Clouds, especially when considering the complexity, enormous customer base, and criticality of the Cloud. For example, high performance is a key for: managing the operation of the Cloud (e.g., scalability and resource scheduling), copying large amounts of data within the Cloud infrastructure and across federated Clouds, copying large amounts of data between Cloud customers and the Cloud infrastructure, and copying large amounts of data across distant locations within the Cloud infrastructure and across federated Clouds.

Legislation and policies

. Different countries have their own legislation in terms of where data could be hosted and which data is allowed. Cloud computing has many limitations for complying with different legislations. For example, current Cloud does not have the capabilitly to allow users to enforce the location of where their data could be stored and/or processed. In addition, current Cloud computing does not provide users with the capability to enforce their requirements (e.g., data privacy and security) and neither does it provide the assurance of their enforcement. This book does not cover the details of legal issues in Clouds; however, the frameworks which are discussed in the second part of the book look at how it addresses some of the legal requirements.

Economical aspects

. It is not always the case that switching to Cloud would provide the most economical approach. This is especially the case for well-established businesses that already have an enterprise infrastructure. Organizations would need to carefully balance and understand the risk and economical values when switching to Clouds. This book discusses the factors that would need to be considered when switching to Cloud, what services to outsource into Cloud, and the Cloud type that best suits an organization's needs.

Cloud computing helps in supporting green IT. For example, it offers possibilities to reduce carbon emission through more efficient resource usage; however, this needs to be counterweighed with the indirect carbon footprint arising from more experimental and thus more overall usage of resources, and the pressure on Cloud providers to update their infrastructure more regularly and faster than the average user.

1.7 Summary

Cloud computing is a recent term in IT, which started in 2006 with Amazon EC2. Cloud computing has emerged from commercial requirements and thus it draws an enormous amount of attention from both industry and academia, because of its promising future. Cloud comes with great advantages to help with economic growth, such as supporting the green agenda, reducing operational man-power, and providing effective utilization of resources. The lack of widely accepted academic studies that formally analyze the current Cloud infrastructure results in confusion over realizing its potential features, misunderstanding of some Cloud properties, and underestimating the challenges involved in achieving some of the potential features of Cloud. Discussing these was one of the main objectives of this chapter. The chapter also discussed Cloud services, deployment types, and main challenges. Subsequent chapters of the book build on the concepts presented in this chapter.

1.8 Exercises

References