Intro to Cloud Computing

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

8 hours 33 minutes
Video Transcription
In this section, we will introduce the concept of cloud computing
first. It's important to define cloud computing because many vendors and many people use the phrase cloud computing. And it's not always clear that cloud computing is what they think called computing is.
Basically we are storing in accessing data and resource is remotely instant of locally.
typically, a qual provider will provide some kind of service and some kind of metered way. Then a consumer will purchase that server, server or data or whatever solution is being offered as the cloud in some kind of measured way so they may pay up per gigabyte. They may purr
Pei er for the network vein with whatever they agreed on. Rate is between the consumer and the provider is what will be paid.
So we're sharing. Our resource is for economy of scale that allows providers to spend up vast bulk. Resource is of processors of hard drive space of whatever resource is that could be where is consumers be a individuals or small businesses
and purchase a section of those resources for use
without having to spend their resources and time to spend up their own solutions?
Weld The cloud has five basic characteristics, including on demand self service, so users should be able to provisioned. Cloud resource is on demand. They shouldn't have to go through a lengthy wait process to get additional resource is or to return. Resource is that they are not using.
There should be broad network access for the cloud. So, in other words, the car has to be available wherever network access can be found with any kind of standard connection. So a cloud should not have to require a super expensive connection. Just be able to connect.
It should be available over standard residential connections.
Resource pulling. This is where the multi tenant model comes into play because more than one pennant, much like an apartment building, will share. The resource is so everyone will share the heating bill. Everyone will share the air conditioning bill. The water belt.
It becomes more like a group resource rather than an individual. Be source
rapid elasticity. That means that the capabilities that a consumer needs can be expanded and released as needed, an on demand from the consumer side of things. That resource pool should appear to be completely unlimited
from the cloud provider. It will not be unlimited. There is a finite amount of resources,
but it will appear to the consumer to be completely unlimited.
And finally, a cloud solution will be a measured service. So there would be some way Thio monitor and Bell on that consumer, much like having a meter barter bell or a meter electric or gas bill. Same thing with the cloud.
There are some benefits toe into going to the cloud interface, as opposed to a more traditional interface. We have additional agility because we can increase and decrease resources as required. Small businesses won't have to purchase. Resource is for 100% peak load
when they don't use 100% peak load all the time.
So, in other words, that small business will pay for what they actually use, rather than paying to have a bunch of resource is sitting there that aren't even being used.
So that leads to cheaper infrastructure because we start sharing those resource is that cheaper? Infrastructure does come with some less available features because it's not a costume. Mines a bowl because we're sharing among multiple corporations were sharing among mournful small businesses on multiple individuals
The cloud also can offer multi user document UH, collaboration as well as document version ing. Much like SharePoint, multiple people can offer collaborate on the same document at once, and all those changes are tracked and controlled through Microsoft's solution.
The infrastructure maintenance is streamlined because there's not as much of the physical hardware space. There's not as much infrastructure maintenance to perform applications. Those aren't stored on work stations, so they're stored on the servers, all the backups and the fail overs
again. Those aren't stored on user work stations. They're stored on the cloud servers,
so that's easier to centrally control and centrally manage, which also leads to a reduction in space requirements for the physical servers themselves.
But the other side of the coin is some disadvantages, because the cloud does require a constant connection. There's no wheel offline capability here. You have to be connected to the cloud in order to use the resource is in the cloud.
Then there's the question of the data that is actually stored in the cloud. That data, how secure is it? Because even though a particular organization can still own the data, it is being completely controlled by some kind of third party. So how secure is that data? What's the legal considerations for that data?
If that data is protected, health information
is that data still meeting hippo requirements by being stored in the cloud?
There can be privacy issues again. We're sharing those Resource is among many different pendants, much like an apartment building. So if someone breaks into apartment to being, does that mean they're also breaking into apartment to see
on those air questions that are still being explored?
And sometimes a quality based application will have limited functionality, unlimited features at supposed to a full best top version, so it will be more streamlined or stripped down. It won't have all the bells and whistles as a best hop application,
and finally, especially if 1/3 party cloud provider is used, the service provided. As always, subject Thio changes a CZ defined by that cloud provider.
Here is a more basic comparison of conventional versus cloud computing.
Sometimes the conventional way is the way to go, because if you have any data security concerns or if you have specific legal ramifications surrounding the data such as that hippo protected information, maybe it's government classified information that may be the more conventional approach is still the correct approach.
Where is the cloud we have that shared hardware? We have elastic capability. The management is slightly different. System administrators for says AP eyes
So not different or not better not worse, just different.
The cloud relies on the concept of virtual ization on virtual computers have operating systems and applications, just like physical computers. Don't catch is that there could be multiple virtual computers on a shared single physical host.
And that's where we get that shared resource. Because that one physical computer
can have many different virtual computers. Those virtual computers can be sand boxed out so they cannot communicate each with each other except through standard network protocols.
Eso This does have some additional security benefits because about shared physical space, eyes reduced
S O. The physical computer is required to run a hyper visor to control the virtual machines. So that way the physical computer can power on the virtual machines, take snapshots, power them off, adjust the resource is required.
Um, however, with this virtualization, we have to add in security to all of the virtualized layers. That depends on how much of the infrastructure has been virtualized. It could just be the virtual machines.
The virtual machines have additional security that is required to address the fact that their virtual machines a CZ well as a virtual server, a cz well as a virtual data center can all be contained in a single physical host.
There are two basic virtualization models. The first type is more an enterprise level
model. That's where AH hyper Visor Won's directly on the physical hardware like Oracle's BM server, like IBM. Where's yes, excited servers? Um,
the hyper visor controls the hardware directly and manages the guest operating systems.
And as far as those guests operating systems are concerned, they are operating directly on that physical hardware
that ***, the second type on Type two room, does a process within an existing operating system. So there's the layer of physical hardware and then an operating system, then the hyper visor and then the guest operating systems.
To put this in a diagram,
here's the type one. This is gonna be your more enterprise level model, so you have the bear hardware, followed by the hyper visor, followed by the operating system.
Where is with type two.
We have the hardware. We have the operating system we could have multiple operating systems on. It depends on how the boots set up is ordered.
And then on top of the operating system, we have the hyper visor, and then we have the additional guest operating systems
again. Not better. Not worse, just different. It depends on how the resource is. Need a need? Ascend.
There are three common service models. The first is software, As a service on this model is extremely common. This is where all of your Web based mail applications come from that its software as a service. This is where Microsoft Office 3 65 comes from if it's software as a service,
so you pay for a pusher
AA subscription to a particular piece of software, and then you have access to that software's functionality
so that the provider be it Google or Yahoo or Microsoft, manages all the patches of that software they manage. The compatibility of the version ing it will get updated. According to the provider,
Um, here the application is not installed on the user's best top itself. You have to access that application through a Web browser.
Next model is platform, as a service on this is really aimed at software development. So the cloud provider will provide the infrastructure, the operating system and the development in environment, and will essentially rent that out to any organization or any individual
that wants that service.
So the power provider will control the programming languages available. The library's the service is on. All of the tools will be provided as part of that cloud infrastructure.
The last model is infrastructure as a service, and this is where the virtualized computing resource is are completely controlled through a hyper visor
on This is where it can replace day today. Operational infrastructure. So instead of standing up your own network or your own organization own network, you can rent ah, cloud based infrastructure of the service and you have all of your servers. You have all of your network infrastructure,
and then you control the Web server. You control the database server,
but it's actually physically sitting at the cloud provider. All the copper rider does is control eyes, control the hyper visor and controls the bare metal physical hardware.
So here and dark blue is what, uh, the cloud consumer will have control over so for infrastructure as a service, the cloud provider controls the Holstein.
The cloud consumer controls, the storage platform, the development application and the service is so that's model is most intense for the cloud consumer, because the call provider doesn't really control much. Just the hosting
versus platform is a service the cloud consumer will have control over the development application on service is on a particular server but will not have any control over the platform, the storage or the hosting. All of that will be provided to the consumer from the provider.
Then finally, with software as a service, all the consumer will be able to control or the service is ending application. Everything will be everything else is controlled by the quad provider.
So to go into a low. But more detail about each model
with software is a servers. The customers get on on demand application like, uh, like a word processor, like a spreadsheet S o the data management. So all of the files are typically included in those usage fees so users can create, um,
create a modify an update files to their heart's content based on their usage fees so they pay their monthly subscription or they're really or their yearly subscription fee. And then they get that storage. They get that software and they're able to store those files
so the provider has to test and support that application. So any time a customer has an issue, the provider has to support that application. So if the customers piles completely, go missing, it's on the provider. Thio perform some kind of customer service to replace or authorized with
aren't with store those files.
It's also on the provider to scale their infrastructure to meet customer demand.
So the benefits here is that the consumer doesn't have to install software on the machine.
Ah, Bacon used licenses very efficiently. If we talk a small business, maybe the business only has the money to purchase 12 licenses for a particular piece of software, but they have way more than 12 employees. Maybe they have 100 employees, and they all work different chefs.
But essentially they can work and share those licenses across the chefs
based on the software, the service model. So you end up purchasing less software licenses under this bottle.
However, the hearse, um, issues on, such as network dependence. You have to be connected to a network in order for you to use the service. You can't just call up a file on your local desktop a mark on that file with no network connection,
There are always browser based rests. You can have main in the middle attacks. You could have man in the browser attacks. Anything that can attack a browser will also affect the software of the service.
And finally, not every piece of software is a painted it to be a service. Some software packages are more intense than others and require more resources than others. So not everything makes sense to offer as a service.
Next up, we have platform as a service, and this is where, like I said, customers get the tools, and the execution resource is to develop and test and deploy applications
so this could be part of a software as a service cloud. But consumers have a little bit more control on. They're able to develop their own applications. They're not dependent on the applications provided to them by the provider,
So the providers have to maintain that application inventory they have to maintain the development tools they have to patch the development environments have to patch the execution environments so that they can be used by the customers.
Then we have infrastructure of the service. This is where consumers have to do the most work because they get access to the virtual computers, the virtual network storage in the virtual infrastructure devices. All the configuration of those items is completely left up to the consumer.
The provider main pins control over the physical hardware and maintains control over how the resource is our assigned.
But once the researches are assigned to the customer, it's under the customers control. It's how to actually configure and utilize those resource is
so under infrastructure of the service, the consumer has full control over those computing. Resource is only They have flexible hardware rentals. So when they first spend up a Web server, if you only need, say, 20 gigabytes of memory on four gigabytes of ram,
then that could be what you purchase. But in six months, when a business grows and you need, say, a pear bite of memory on 16 gigabytes of ram instead of having to go out on purchase, that an upgrade the infrastructure. You could just rent more hardware so you have more control there and you have that hardware flexibility
and you can scale your hardware as your business skills.
There are some issues here, um,
primarily considering on data and data. Erase your practices again. What kind of laws and regulations or governing? Ah, particular businesses data
with a HEPA or with financial information. There may be strict rules and regulations over how, but out of a store on what must happen to a hard drive once a particular brand of data has been stored on it.
Some laws require that a hard drive be destroyed when the data is destroyed so that the data can be no longer accessible.
So you have Thio rely on the hardware provider on the cloud provider Thio, help us the business To perform those data, you rate your practices.
Thank you.
Up Next