1 2 3 Brief Contents Preface Chapter 1 Introducing Cloud Computing Chapter 2 Software as a Service (SaaS) Chapter 3 Platform as a Service (PaaS) Chapter 4 Infrastructure as a Service (IaaS) Chapter 5 Identity as a Service (IDaaS) Chapter 6 Data Storage in the Cloud Chapter 7 Collaboration in the Cloud Chapter 8 Virtualization Chapter 9 Securing the Cloud Chapter 10 Disaster Recovery and Business Continuity and the Cloud Chapter 11 Service-Oriented Architecture Chapter 12 Managing the Cloud 4 Chapter 13 Migrating to the Cloud Chapter 14 Mobile Cloud Computing Chapter 15 Governing the Cloud Chapter 16 Evaluating the Cloud’s Business Impact and Economics Chapter 17 Designing Cloud-Based Solutions Chapter 18 Coding Cloud-Based Applications Chapter 19 Application Scalability Chapter 20 The Future of the Cloud Glossary of Key Terms Index Credits 5 Contents Preface Chapter 1 Introducing Cloud Computing Web 2.0 and the Cloud Distinguishing Cloud Types Cloud Deployment Models Cloud Service Models Exploring Uses of the Cloud Introducing Scalability Introducing Virtualization Collecting Processing Power Through Grid Computing Chapter Summary Key Terms Chapter Review Chapter 2 Software as a Service (SaaS) Getting Started with SaaS Understanding the Multitenant Nature of SaaS Solutions Understanding OpenSaaS Solutions Understanding Mashups Understanding Service-Oriented Architecture (SOA) Chapter Summary Key Terms Chapter Review 6 Chapter 3 Platform as a Service (PaaS) IT Evolution Leading to the Cloud Benefits of PaaS Solutions Disadvantages of PaaS Solutions Chapter Summary Key Terms Chapter Review Chapter 4 Infrastructure as a Service (IaaS) Understanding IaaS Improving Performance Through Load Balancing Taking a Closer Look at Load Balancing System and Storage Redundancy Utilizing Cloud-Based NAS Devices Advantages of IaaS Solutions Server Types Within an IaaS Solution Chapter Summary Key Terms Chapter Review Chapter 5 Identity as a Service (IDaaS) Understanding Single Sign-On (SSO) Understanding How SSO Works Understanding Federated Identity Management Understanding Account Provisioning Understanding OpenID Mobile ID Management 7 Chapter Summary Key Terms Chapter Review Chapter 6 Data Storage in the Cloud Examining the Evolution of Network Storage Understanding Cloud-Based Data Storage Advantages and Disadvantages of Cloud-Based Data Storage Getting Past the Fear of Cloud-Based Data Cloud-Based Backup Systems Understanding File Systems Industry-Specific Cloud-Based Data Storage Cloud-Based Database Solutions Cloud-Based Block Storage Chapter Summary Key Terms Chapter Review Chapter 7 Collaboration in the Cloud Collaborating in the Clouds Questions to Ask About Collaborative Tools Web-Based Collaboration Began with Web Mail Instant Messaging Isn’t What It Used to Be Cloud-Based Phone and Fax Systems Revisiting File Sharing Editing Shared Files Within the Cloud Collaborating via Web Logs (Blogs) 8 Collaborative Meetings in the Cloud Virtual Presentations and Lectures Using Social Media for Collaboration Using Cloud-Based Calendar Management Using Streaming Video Content to Collaborate Cloud-Based TV Content Chapter Summary Key Terms Chapter Review Chapter 8 Virtualization Understanding Virtualization The History of Virtualization Leveraging Blade Servers Server Virtualization Desktop Virtualization Desktop Solutions on Demand Virtual Networks Data Storage Virtualization Not All Applications Are Well Suited for Virtualization Why Virtualize? Chapter Summary Key Terms Chapter Review Chapter 9 Securing the Cloud General Security Advantages of Cloud-Based Solutions 9 Introducing Business Continuity and Disaster Recovery Understanding Data Storage Wiping Understanding Distributed Denial-of-Service (DDoS) Attacks Packet Sniffing Man-in-the-Middle Attack Monitoring Device Screens Malicious Employees Hypervisor Attack Guest-Hopping Attack SQL-Injection Attack Physical Security Chapter Summary Key Terms Chapter Review Chapter 10 Disaster Recovery and Business Continuity and the Cloud Understanding the Threats Threat: Disk Failure Threat: Power Failure or Disruption Threat: Computer Viruses Threat: Fire Threat: Floods Threat: Disgruntled Employees Threat: Lost Equipment Threat: Desktop Failure Threat: Server Failure 10 Threat: Network Failure Threat: Database System Failure Threat: Phone System Failure Understanding Service-Level Agreements Measuring Business Impact: The Essence of Risk Mitigation Disaster Recovery Plan Template Chapter Summary Key Terms Chapter Review Chapter 11 Service-Oriented Architecture Understanding Service-Oriented Architecture Web Services Are Not Web Pages Many Companies Provide Web Services Discovering Web Services Understanding Web Service Performance Web Service and Reuse Scaling Web Services Web Services and Loose Coupling Treating a Web Service as a Black Box Web Service Interoperability Web Service Description Language Governing Web Services Chapter Summary Key Terms Chapter Review 11 Chapter 12 Managing the Cloud Know Your Service-Level Agreement Ensure and Audit System Backups Know Your System’s Data Flow Beware of Vendor Lock-In Source-Code Escrow Determine Technical Support and Help Desk Procedures Determine Training Procedures Know the Provider’s Security Policies and Procedures Define the Data Privacy Requirements Know Specifics About the Economics of the Cloud and Return on Investment Monitor Capacity Planning and Scaling Capabilities Monitor Audit-Log Use Solution Testing and Validation Chapter Summary Key Terms Chapter Review Chapter 13 Migrating to the Cloud Define the System Goals and Requirements Protect Your Existing Data Use an Experienced Cloud Consultant Know Your Application’s Current Characteristics Remember Vendor Lock-In Define Your Training Requirements Establish a Realistic Deployment Schedule 12 Review the Budget Factors Identify IT Governance Issues Understanding Cloud Bursting Chapter Summary Key Terms Chapter Review Chapter 14 Mobile Cloud Computing The Evolution of Mobile Computing Understanding the G in 3G and 4G The Mobile Cloud Ecosystem Introducing the Mobile Players Pages, Apps, and Widgets Revisiting the Role of HTML Mobile Development Considerations Chapter Summary Key Terms Chapter Review Chapter 15 Governing the Cloud Understanding Corporate Governance Understanding Business Strategy Measure What Is Important Inspect What You Expect Understanding Internal Controls Extending Governance to Information Technology Cloud Computing Governance 13 Chapter Summary Key Terms Chapter Review Chapter 16 Evaluating the Cloud’s Business Impact and Economics Business Economics Total Cost of Ownership Economies of Scale Capital Expenditures Operational Expenses Return on Investment Profit Margins Moore’s Law and the Cloud Understanding Right-Sizing Defining a Large Data Center Other Economic Key Performance Indicators Marketing the Cloud Chapter Summary Key Terms Chapter Review Chapter 17 Designing Cloud-Based Solutions Revisit the System Requirements When to Select a Development Environment Design Is a Give-and-Take Process Designing for Accessibility Designing for Audit 14 Designing for Availability Designing for Backup Designing for Existing and Future Capacity Designing for Configuration Management Designing for Deployment Designing for Disaster Recovery Designing for the Environment (Green Computing) Designing for Interoperability Designing for Maintainability Designing for Performance Designing for Price Designing for Privacy Designing for Portability Designing for Recovery Designing for Reliability Designing for Response Time Designing for Robustness Designing for Security Designing for Testability Designing for Usability Chapter Summary Key Terms Chapter Review Chapter 18 Coding Cloud-Based Applications Creating a Mashup Using Yahoo! Pipes 15 Creating a Simple Yahoo! Pipe Using Google App Engine Creating a Hello, World! Application with Google App Engine Downloading the Google App Engine Software Development Kit Deploying a Simple Google App Engine Example Creating a More Advanced Google App Engine Application Creating a Windows Azure “Hello, World!” Application Chapter Summary Key Terms Chapter Review Chapter 19 Application Scalability Reviewing the Load-Balancing Process Designing for Scalability Scaling Up, Scaling Out, or Both Minimize Objects on Key Pages Selecting Measurement Points Analyze Your Database Operations Evaluate Your System’s Data Logging Requirements Revisit Your Service-Level Agreement Capacity Planning Versus Scalability Scalability and Diminishing Returns Performance Tuning Complication Is the Enemy of Scalability Chapter Summary Key Terms 16 Chapter Review Chapter 20 The Future of the Cloud How the Cloud Will Change Operating Systems Location-Aware Applications Intelligent Fabrics, Paints, and More The Future of Cloud TV Future of Cloud-Based Smart Devices Cloud and Mobile How HTML5 Will Drive Mobile Applications Faster Time to Market for Software Applications Home-Based Cloud Computing Chapter Summary Key Terms Chapter Review Glossary of Key Terms Index Credits 17 Preface FOR YEARS, SOFTWARE DEVELOPERS and network administrators have used the image of a cloud to represent the myriad of communication details that occur as messages flow across the Internet from one computer network to another. This cloud abstraction has now exploded to include processors, both physical and virtual, data storage, software-as-a-service solutions, and mobile applications. Today, cloud-based applications and new capabilities are emerging daily and bringing with them lower cost of entry, pay-for-use processor and data-storage models, greater scalability, improved performance, ease of redundancy, and improved business continuity. With these advantages come increased security challenges and IT-governance concerns. This book examines these issues. As you will learn, two things are certain: The dynamic nature of the cloud will continue and we have only just begun to scratch the cloud’s surface. Chapter 1: Introducing Cloud Computing introduces the abstract nature of cloud computing and the factors that led to its evolution. The chapter examines software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS) and includes real-world examples of each. The chapter discusses the key advantages of cloud computing, including scalability, redundancy, low cost of entry, and virtualization. Chapter 2: Software as a Service (SaaS) examines browser-based SaaS solutions and their advantages. The chapter features real-world solutions such as SalesForce.com for customer relationship management, Taleo for human resources solutions, ADT for SaaS-based payroll processing, and many others. Chapter 3: Platform as a Service (PaaS) introduces cloud-based hardware and software platforms which allow companies, large and small, to move their applications to the cloud quickly and cost effectively. The chapter examines PaaS providers such as Amazon, Google, and Microsoft. Chapter 4: Infrastructure as a Service (IaaS) introduces the concept of a cloud-based data center which reduces or eliminates a company’s need for a large in-house data center. Because of the IaaS provider’s economies of scale, it can reduce a company’s cost of IT operations significantly. Chapter 5: Identity as a Service (IDaaS) examines cloud-based identity-management solutions that simplify user provisioning and resource 18 access. With more solutions distributed across the cloud, IDaaS facilitates the user’s sign-on process across solution providers. Chapter 6: Data Storage in the Cloud examines the integration of cloud-based data storage and the evolution of network-based storage, which led to its creation. The chapter presents several cloud-based data storage solutions that can be enabled at little or no cost. The chapter also examines several low-cost turnkey based backup solutions. Chapter 7: Collaboration in the Cloud looks at cloud-based technologies that allow two or more users to work together to accomplish a task. The chapter describes the evolution of collaboration technologies from instant messaging to virtual meetings to shared documents that support simultaneous editing by multiple users. Chapter 8: Virtualization introduces hardware and software used to create the perception that one or more entities exist, when they may not actually be physically present. The chapter examines solutions for virtual servers, virtual desktops, and virtual networks. Chapter 9: Securing the Cloud examines the real-world security issues that people (even some sophisticated IT users) are uncomfortable with when placing their personal data, or their company’s data, in the cloud. The chapter examines specific security threats and the measures that should be taken to minimize them. Chapter 10: Disaster Recovery and Business Continuity and the Cloud discusses ways that the cloud and its redundant resources improve a company’s ability to recover and continue to operate after a disaster or serious event. The chapter examines common threats to business operations and some cloud-computing solutions that can mitigate them. Chapter 11: Service-Oriented Architecture looks at how the availability of web-based services is changing how developers create programs and the speed at which they can deploy solutions. The chapter examines a variety of real-world web services that are available to programmers for integration into programs. Chapter 12: Managing the Cloud examines the tasks a manager must perform after a company migrates its applications to the cloud, including auditing logs, 19 monitoring system performance, and identifying bottlenecks within the data flow. Chapter 13: Migrating to the Cloud discusses managerial considerations to be evaluated before migrating to the cloud, such as avoiding vendor lock-in, identifying remote data backup operations and security considerations, preparing a budget, and integrating developer and user training. Chapter 14: Mobile Cloud Computing evaluates whether mobile computing is driving the growth of cloud computing or vice versa. The chapter examines the “ecosystem” that is mobile computing as well as how HTML5 will change computing models. Chapter 15: Governing the Cloud discusses the role of IT governance and its extensions for cloud-based computing. The chapter examines the need for and ways to implement cloud-based internal controls. Chapter 16: Evaluating the Cloud’s Business Impact and Economics examines how the cloud’s economy of scale and pay-for-use model will accelerate the ability for companies, large and small, to release cloud-based solutions. The chapter also evaluates the cloud’s impact on operational and capital expenses. Chapter 17: Designing Cloud-Based Solutions discusses the fact that developers will simply pick up and move many existing applications to the cloud. In the future, however, developers should design cloud-based solutions to utilize scalability and redundancy. The chapter examines many common design considerations and ways the cloud will impact them. Chapter 18: Coding Cloud-Based Applications looks at two PaaS providers, Google Apps and Windows Azure, and implements cloud-based applications with each. Developers will learn that creating and deploying cloud-based applications is fast, easy, and inexpensive. Chapter 19: Application Scalability examines how developers can scale applications—vertically, by using faster processors or more powerful servers and horizontally, by supporting the ability to distribute processing better. The chapter looks at design considerations to be evaluated when designing applications for scalability. 20 Chapter 20: The Future of the Cloud examines ways the cloud will extend its reach into cars, televisions, appliances, and even our clothes. By the end of the chapter, readers will realize that we have just scratched the cloud’s surface. 21 chapter 1 Introducing Cloud Computing FOR YEARS DEVELOPERS AND network administrators have represented the Internet within design documents as a cloud. By abstracting the Internet’s technologies and underlying protocols as simply a cloud, as shown in FIGURE 1-1, the developers could temporarily ignore the communication complexity and simply assume that messages would flow successfully from one Internet-connected network to another. Learning Objectives This chapter introduces cloud computing. By the time you finish this chapter, you will be able to do the following: • Understand the abstract nature of cloud computing. • Describe evolutionary factors of computing that led to the cloud. • Describe virtualization at both the desktop and the server level. • Describe and identify common cloud types, which include software as a service, platform as a service, and infrastructure as a service. • Know how businesses and individuals use the cloud. • Describe the benefits and disadvantages of cloud computing. • Understand common security considerations with respect to the cloud. • Describe ways cloud computing can improve system fault tolerance. • Describe Web 2.0 and its relationship to cloud computing. Today the term cloud computing describes the abstraction of web-based computers, resources, and services that system developers can utilize to implement complex web-based systems. Often these cloud-based resources are viewed as virtual, meaning that if a system or solution needs more resources, such as processors or disk space, the resources can simply be added on demand and usually transparently to the application that uses them. Through their virtual nature, cloud-based solutions can be scaled up or down in size, and the 22 companies whose solutions reside in the clouds normally pay only for the resources they consume. Thus, companies that once relied on expensive data centers to house their processing resources can now shift their costs and maintenance efforts to pay-as-you-go, scalable, cloud-based alternatives. FIGURE 1-1 For years developers and network administrators have represented the Internet as a cloud. CASE 1-1 THE APPLE ICLOUD Whether one is a PC user or a Mac evangelist, one must recognize Apple’s ability to introduce technology that changes industries and the way people work and communicate. Apple’s first entrée into the cloud was the iTunes virtual music store. Today iTunes offers millions of songs for download to PCs and Macs, as well as iPods, iPhones, iPads, and other handheld devices. More than just music on a web-based storage device, iTunes laid a foundation for scalable e-commerce, high-bandwidth download transactions, and user device independence. Apple’s iCloud extends the company’s existing functionality by providing users with a cloud-based storage facility for their phones, music, videos, books, and other documents. Using iCloud as a centralized virtual storage facility, users can quickly exchange digital content among their various devices. In fact, users can customize the iCloud settings to make the file exchange seamless and automatic. In other words, if a user stores a digital file within iCloud, behind the scenes iCloud software will push the content to each of the user’s registered devices, as shown in FIGURE 1-2. 23 FIGURE 1-2 Using iCloud, users can synchronize their content to a variety of devices. Exercise What industries might iCloud disrupt? What business services do you anticipate Apple to offer in order to drive revenue through the iCloud? Web Resources For more information on iCloud, see www.CloudBookContent.com/Chapter01/index.html. Web 2.0 and the Cloud For years, when companies wanted to place content on the web, they hired web developers, who created the underlying HTML documents. Through this process, the number of documents on the web exploded to billions worldwide. Web 2.0 is a term used to describe the set of tools and websites that allow users to publish content to the web without the direct use of HTML. Behind the scenes, the tools and sites build the HTML documents for the user and then upload the documents to a web server. TABLE 1-1 describes the common Web 2.0 applications. TABLE 1-1 COMMON WEB 2.0 SITES AND APPLICATIONS Application/Site Purpose Blog A web log that users can write and use to publish content directly to the web. 24 Wiki A software program that allows users to collaborate on shared web-based documents. Twitter A microblogging service that allows users to send messages of up to 140 characters to those who follow the users’ tweets. Facebook A social networking site to which users can post text, photos, and video-based content. YouTube A site to which users can upload video content for sharing with others. 25 FIGURE 1-3 Web 2.0 tools make it easy for users who do not possess web development skills to easily publish content on the web. As shown in FIGURE 1-3, with Web 2.0 tools and sites, users essentially publish content directly to the cloud for access by other users. Distinguishing Cloud Types Cloud-based applications provide a wide range of solutions to a very large number of users. To help us analyze and describe cloud-based systems, many people refer to a cloud solution in terms of its deployment model and services model. These two terms originated within a cloud computing document from the National Institute of Standards and Technology (NIST), as shown in FIGURE 1-4. 26 FIGURE 1-4 Users refer to cloud solutions based on the system’s deployment and services models. CASE 1-2 THE MICROSOFT WINDOWS AZURE PLATFORM When web developers create web pages, they need to host the corresponding HTML files on a web server before other users can access the content from across the web. Developers have two choices when it comes to publishing their content. First, they can host the pages on their own web server, which may require hardware support and maintenance. Second, the developers can host the files at a server that resides at an Internet service provider (ISP), which allows the developer to focus on web page development as opposed to server management. Today developers can host their web pages at an ISP for a few dollars per month. Windows Azure is a Microsoft platform that developers can use to move their applications to the cloud. Unlike support for a simple HTML page, which requires only the presence of a web server, Windows Azure provides operating-system support for .NET applications and a cloud-based SQL server (SQL Azure). You can think of Windows Azure as a cloud-based data center within which developers can house their applications. The Windows Azure platform, in turn, maintains servers, operating systems, database software, and other supporting applications. As a developer’s application grows in terms of users, processor demands, or disk storage, the Windows Azure environment grows to meet the developer’s needs. In this way, the Windows Azure platform provides the following: • Scalability: Windows Azure can scale up, or scale down, processor and storage resources on demand. • Redundancy: Windows Azure provides server, disk storage, and network redundancy. • Cost benefits from resource pooling: Windows Azure shares IT resources across a very large number of companies, which provides cost savings to each. • Outsourced server management: Microsoft provides Windows Azure IT staff who maintain operating systems and underlying support software. • Low cost of entry: To release a cloud-based solution, companies do not need to invest in their own IT data center. Exercise Discuss the pros and cons of hosting an application within one’s own data center as opposed to using a service provider such as Windows Azure. 27 Web Resources For more information on Windows Azure, see www.CloudBookContent.com/Chapter01/index.html. Cloud Deployment Models A cloud deployment model specifies how resources within the cloud are shared. As discussed in TABLE 1-2, there are four primary cloud deployment models: private cloud, public cloud, community cloud, and hybrid cloud. Each model influences the corresponding scalability, reliability, security, and cost. TABLE 1-2 CLOUD DEPLOYMENT MODELS Deployment Model Characteristics Private cloud Owned by a specific entity and normally used only by that entity or one of its customers. The underlying technology may reside on- or off-site. A private cloud offers increased security at a greater cost. Public cloud Available for use by the general public. May be owned by a large organization or company offering cloud services. Because of its openness, the cloud may be less secure. A public cloud is usually the least expensive solution. Community cloud The cloud is shared by two or more organizations, typically with shared concerns (such as schools within a university). Hybrid cloud A cloud that consists of two or more private, public, or community clouds. 28 Cloud Service Models A cloud can interact with a client (user or application) in a variety of ways, through capabilities called services. Across the web, three major types, or models, of services have emerged, which are defined in TABLE 1-3. Examining Software as a Service (SaaS) The software as a service (SaaS) model provides a cloud-based foundation for software on demand. In general, an SaaS solution is web-delivered content that users access via a web browser. The software can reside within any of the deployment-model clouds. FIGURE 1-5 illustrates the SaaS model. TABLE 1-3 COMMON CLOUD SERVICE MODELS Cloud Service Model Characteristics Software as a service (SaaS) A complete software application with a user interface. Platform as a service (PaaS) A platform within which developers can deploy their applications. A PaaS solution includes hardware (servers and disks), operating systems, development tools, and administrative tools. Infrastructure as a service (IaaS) Provides machines, storage, and network resources that developers can manage by installing their own operating system, applications, and support resources. 29 FIGURE 1-5 The SaaS model presents a cloud-based application with a user interface to users running only a web browser. The advantages of SaaS solutions are simplicity of integration (users need only a browser), cost (the data center resides within the cloud), and scalability (customers can add user licenses or seats as needed). The disadvantage of SaaS solutions is the perception of security issues. Users who are new to the cloud may not feel comfortable storing company data in a remote data-storage facility (the cloud). Well-known SaaS solution providers include Salesforce.com, Google Apps, TurboTax, and QuickBooks. Examining Platform as a Service (PaaS) The platform as a service (PaaS) model provides the underlying hardware technology, such as one or more servers (or virtual servers), operating systems, database solutions, developer tools, and network support, for developers to deploy their own solutions. The hardware and software within a PaaS solution is managed by the platform provider. Developers need not worry about performing hardware or operating system upgrades. Instead, developers can focus on their own applications. FIGURE 1-6 illustrates the PaaS model. Well-known PaaS solution providers include Windows Azure and Google App Engine. Examining Infrastructure as a Service (Iaas) The infrastructure as a service (Iaas) model provides a virtual data center within the cloud. IaaS provides servers (physical and virtualized), cloud-based data storage, and more. Within an IaaS solution, developers must install their 30 own operating system, database management software, and support software. Then the developers (or the company’s system administrators) must manage both the hardware and the software. FIGURE 1-7 illustrates the IaaS model. The Amazon Elastic Compute Cloud (Amazon EC2) is an IaaS solution. FIGURE 1-6 The PaaS model provides the underlying hardware and operating system a developer needs to launch an application. FIGURE 1-7 The IaaS model provides the underlying hardware (servers and storage). Clients must install and then manage their own operating system, database software, and support software. CASE 1-3 AMAZON WEB SERVICES (AWS) If you ask people to rank order the top e-commerce companies, Amazon.com will make the top of most lists. Amazon has grown from selling books to selling a virtually endless range of products. 31 As Amazon evolved its sales plan, the company recognized the value of extending its product base (the things they sell) to other sites. The other sites (Amazon affiliates), in turn, could offer links to products, the sales and fulfillment of which would be handled by Amazon, in a revenue-sharing model. This affiliate program was one of the first cloud-based sales partnerships. As Amazon continued to grow, its internal developers created a system architecture that was redundant, scalable, and robust. With these services fully operational, Amazon recognized that most software companies would need similar capabilities. To meet that demand, Amazon released Amazon Web Services (AWS), which companies can use to host their own systems. Today, AWS process hundreds of thousands of web-based requests for companies every second! One of Amazon’s primary cloud tools is the Amazon Elastic Compute Cloud (Amazon EC2), which lets companies rent cloud-based services for their applications. Using Amazon EC2, companies can pay by the hour for the processing they need and scale processor support up or down to meet user demands. To complement the processing power of Amazon EC2, Amazon Simple Storage Service (Amazon S3) provides cloud-based data-storage facilities, and companies pay only for the data storage they consume. Behind the scenes, Amazon provides data redundancy. To further support developers, Amazon offers virtual-network support, database support, and e-commerce capabilities. Exercise Assume your company wants to use Amazon as its disk-backup provider. What pros and cons would you consider? Discuss how you might leverage Amazon Web Services to bring an e-commerce site online. Web Resources For more information on Amazon Web Services, see www.CloudBookContent.com/Chapter01/index.html. Exploring Uses of the Cloud The cloud is now host to a wide range of large-scale and small-scale (custom) applications. The number and type of applications that users can deploy to the cloud is virtually limitless. Many software companies are now moving key applications from expensive internal data centers to cost-effective and resource-redundant cloud solutions. 32 As a user, you might already use cloud-based personal productivity software, such as TurboTax, bank-specific bill-pay software, or a stock tool such as E*TRADE. Or you may leverage a cloud-based collaboration tool, such as Google Calendar or Google Docs, to share information and documents with other users. Or you may store files, such as your music, photos, or videos, on cloud-based data storage. CASE 1-4 SALESFORCE.COM One of the first companies to launch a large-scale SaaS solution was Salesforce.com. The company recognized that as much as three-fourths of a salesperson’s day was spent on nonsales tasks (calendar management, contract management, presentation management, and contact management). Salesforce.com recognized that regardless of the items a company sold, the selling process was similar across companies and even industries. Salesforce.com automated these tasks and put the underlying data storage in the cloud—the sales cloud. In a similar way, Salesforce.com has recognized that after the sale, customer service is key. As a result, the company released a customer service cloud, which integrates common customer service operations. The software manages the process of responding to customer calls, e-mails, Facebook updates, live chats, and more. After customer cases are resolved, managers can monitor the results via cloud-based dashboards. Exercise Discuss the common sales and customer service tasks supported by Salesforce.com. Web Resources For more information on Salesforce.com, see www.CloudBookContent.com/Chapter01/index.html. Introducing Scalability When they launch a new website, many developers have visions of having created the next Google, Amazon, or Facebook. Unfortunately, the developers have no way of knowing what the actual user demand will be. Should the site become widely used, it may require additional servers or disk-storage capacity. Scalability defines a site or application’s ability to use additional resources on demand. The site or application may scale up to utilize additional resources when the system is experiencing high user demand and may later scale down its resource usage when the user demand declines. 33 Applications that run within the cloud are normally highly scalable. An application administrator can manually add or remove resources, or the application can be configured to scale automatically. As shown in FIGURE 1-8, applications scale through the use of additional servers (physical or virtual) or through the addition of disk-storage space. Introducing Virtualization Chapter 8, Virtualization, examines desktop and server virtualization in detail. For now think of virtualization as the use of hardware and/or software to create the perception of something. For example, most servers have a CPU that is capable of running a specific operating system, such as Windows or Linux. Using special software, the server can be made to appear as if it has multiple CPUs running the same or different operating systems, as shown in FIGURE 1-9. FIGURE 1-8 Sites or applications can scale up or down through the addition or removal of servers or disk-storage capacity. 34 FIGURE 1-9 Server virtualization makes a single server appear as multiple independent servers running the same or different operating systems. Behind the scenes, the server CPU switches its processing power rapidly among the various operating systems. In a similar way, most desktop PCs typically run one operating system. Again, using special virtualization software, a desktop PC, as shown in FIGURE 1-10, can be made to appear as if the system is simultaneously running different operating systems. Desktop virtualization provides an excellent solution for developers, application testers, and help desk support personnel who must support multiple operating systems. Rather than having multiple desktop systems on their desk, with each system running a specific operating system, the user can instead use a single desktop PC with multiple (virtual) operating systems. 35 FIGURE 1-10 Desktop virtualization allows a PC to run multiple operating systems simultaneously. CASE 1-3 GOOGLE CLOUD-BASED SOLUTIONS Google is one of the world’s most successful web-based businesses. Through its high-performing search engine, Google leverages high-margin automated advertising solutions. Beyond this, Google offers a variety of applications that leverage the cloud’s ease of access and device independence to a wide range of users. To start, Gmail, an early cloud-based solution, has become one of the most widely used e-mail services. By storing user e-mails within the cloud, Gmail provides ease of access to e-mail from any computer or handheld device, at any time and from any place. Google Docs, an online set of collaborative document editing tools, provides many of the common capabilities of Microsoft Office tools, such as Word, Excel, and PowerPoint, from within a web browser, with no software to install and no cost! Not only do the Google Docs tools make it easy for developers to share documents, they provide a preview of how future cloud-based solutions will allow users to perform their daily computing tasks without the need for a computer operating system such as Windows or Mac OS. As you might expect, Google is not conceding sole custody of the music market to Apple. Google is protective of its web domain and now offers services users can access for common cloud-based solutions. Exercise Explain how Google makes money. Describe the pros and cons of PCs that do not require an operating system. Web Resources For more information on Google cloud-based solutions, see www.CloudBookContent.com/Chapter01/index.html. Collecting Processing Power Through Grid Computing Through cloud computing, users leverage virtual processing power and data storage via Internet-based computing resources that reside in the cloud. Through CPU (or server) farms and load balancing, cloud-based applications can scale on the fly to meet user demands. Before the advent of the cloud, developers sought ways to leverage the potential processing power of networked computers. The concept of grid computing is 36 based on the fact that throughout the day most PCs have spiked use. This means that when a user is active, the CPU utilization may grow to 30 to 50 percent of the processor’s capacity. When the user is not active, the CPU is idle, often using 1 percent or less of its processing capabilities. By utilizing the fact that most computers are connected to a network, the grid-computing architects look to design applications that could hand off work across the network to idle CPUs. When the CPU completes its task, it simply returns its result. Shown in FIGURE 1-11, a grid-computing application is well suited for scientific and complex mathematical processing. FIGURE 1-11 Grid computing breaks a complex task into smaller pieces that are distributed to CPUs that reside within the network (grid). As you might anticipate, grid computing introduces a wide range of security issues. The applications that move across the grid must bring with them code to execute, data, and other state information. The University of California, Berkeley, is one of the leaders in grid computing. To facilitate computer interaction across grids, the university developed the Berkeley Open Infrastructure for Network Computing (BOINC). For specifics, visit http://boinc.berkeley.edu. A FEW GOOD CLOUD-CONTENT READS Across the web—OK, make that across the cloud—there are many sites that provide great information about cloud issues. The following sections describe several items you should 37 DISTRIBUTED MANAGEMENT TASK FORCE INC. (DMTF) CLOUD MANAGEMENT Distributed Management Task Force Inc. (DMTF) provides information technology standards, which exist to simplify computer system management and reduce related costs. Within DMTF, the Cloud Management Work Group (CMWG) and the Cloud Auditing Data Federation (CADF) provide standards for cloud architecture, environments, and interactions. You should take time, for example, to visit the Cloud Standards Wiki, shown in FIGURE 1-12. FIGURE 1-12 The Cloud Standards Wiki. STORAGE NETWORKING INDUSTRY ASSOCIATION (SNIA) One of the largest uses of the cloud is for remote data storage, perhaps for live data, music, video, or even backups. The Storage Networking Industry Association (SNIA) is a nonprofit organization that provides standards and solutions on matters related to disk storage. As you might expect, SNIA provides content on cloud-based data storage. At the SNIA website, you can find 38 overviews, podcasts, and standards on cloud-based storage issues. For specifics, visit the SNIA cloud site at www.snia.org/cloud. OBJECT MANAGEMENT GROUP The Object Management Group (OMG) is a nonprofit organization that provides standards for a wide range of technology, including real-time and embedded software, analysis and design, middleware, and more. Within the OMG, the Cloud Standards Customer Council (CSCC) is currently working on a variety of cloud computing initiatives, which will be consolidated into a user guide. For specifics on their research and publications, visit the CSCC website. CHAPTER SUMMARY The concept of a cloud and the Internet is not new. For years developers and network administrators have represented the Internet as a cloud. Using the cloud abstraction, developers could temporarily ignore the underlying communication complexity and simply assume that messages would flow successfully from one Internet-connected network to another. Cloud computing is an abstraction of web-based computers, resources, and services that system developers can utilize to implement complex web-based systems. Developers often view cloud-based resources as virtual. This means that if a system or solution need more resources, such as servers or disk space, the resources can simply be added on demand and usually transparently to the cloud-based application. Cloud-based solutions can normally scale up or down in size based on user demands. Companies whose solutions reside in the cloud normally pay only for the resources they consume. As a result, companies that once relied on expensive data centers to house their processing resources can now shift their costs and maintenance efforts to pay-as-you-go, scalable, cloud-based alternatives. KEY TERMS Amazon Web Services (AWS) Cloud computing Community cloud Grid computing Hybrid cloud 39 iCloud Infrastructure as a service (IaaS) Platform as a service (PaaS) Private cloud Public cloud Reliability Robust Scalability Software as a service (SaaS) Virtualization Web 2.0 Windows Azure CHAPTER REVIEW 1. Define and discuss cloud computing. 2. Discuss how cloud computing has changed how companies budget for software solutions. 3. Compare and contrast SaaS, PaaS, and IaaS, and provide an example of each. 4. Define scalability and discuss how the cloud impacts it. 5. List three advantages and three disadvantages of cloud computing. 6. Define virtualization and discuss how the cloud impacts it. 7. Describe three cloud-based solutions for individuals and three cloud-based solutions for businesses. 8. Discuss how Web 2.0 has driven the growth of the web. 9. Compare and contrast public, private, community, and hybrid clouds. 40 chapter 2 Software as a Service (SaaS) SOFTWARE AS A SERVICE (SaaS) is a solution model in which users use a web browser to access software that resides, along with the programs and user data, in the cloud. Companies that use SaaS solutions eliminate the need for in-house (data-center-based) applications, administrative support for the applications, and data storage. Because SaaS solutions reside within the cloud, the solutions can easily scale to meet customer needs. Further, most companies can pay for the SaaS solutions on demand—meaning that the companies pay only for the resources they consume, normally on a per-user basis. SaaS solutions exist for a wide range of applications and provide customers with a cost-effective way to get started and an affordable long-term solution. Learning Objectives This chapter examines SaaS solutions in detail. By the time you finish this chapter, you will be able to do the following: • Define and describe SaaS. • List the advantages and disadvantages of SaaS solutions. • Define and describe OpenSaaS. • Define and describe mashups. • Discuss the wide range of SaaS solutions and their providers. Getting Started with SaaS SaaS solutions offer the following advantages: • They reduce or eliminate the need for an on-site data center • They eliminate the need for application administration • They allow customers to pay on demand for software use, normally on a per-user basis • They offer application, processor, and data storage scalability 41 • They offer device-independent access to key applications • They increase disaster recovery and business continuity The biggest concern, or potential disadvantage, is that the data, like the applications, reside in the cloud. Many companies are concerned about letting go of their data. Also, because the company does not own the solution, it can be challenging or expensive to customize the application. CASE 2-1 SALESFORCE.COM SAAS FOR CUSTOMER RELATIONSHIP MANAGEMENT (CRM) Salesforce.com was one of the first companies to unlock the power of cloud-based SaaS. The site delivers cloud-based customer relationship management (CRM) solutions, which let companies accomplish the following: • Manage sales contacts and leads • Centralize contact information, presentations, and project details • Access sales information and reports from anyplace, at any time, with any device • Manage project quotes and project work flow • Sync sales contacts and meetings with existing tools, such as Microsoft Outlook Salesforce.com offers a variety of solutions that support not only the small business, but also the large enterprise. Exercise Salesforce.com was one of the companies to leverage the power of the cloud. Discuss the features Salesforce.com provides that are well suited for companies large and small. Web Resource For more information on Salesforce.com, see www.CloudBookContent.com/Chapter02/index.html. Understanding the Multitenant Nature of SaaS Solutions SaaS applications are often multitenant solutions; that is, within the cloud, two or more companies may share the same server resources, as shown in FIGURE 2-1. Depending on their size and fees, customers may also share database resources. Further, depending on the SaaS provider, customizing a multitenant solution may be difficult, expensive, or impossible. 42 FIGURE 2-1 Many SaaS solutions are multitenant, which means that behind the scenes customers may share computing resources. CASE 2-2 TALEO SAAS FOR HUMAN RESOURCES MANAGEMENT To achieve wide-scale use, an SaaS solution must have large market potential. Every business must recruit, hire, train, and compensate employees. The Taleo cloud-based talent management system provides applications and services to meet company human resources demands. Specifically, Taleo SaaS solutions provide the following: • Recruitment tools companies can use to attract, hire, and integrate talented individuals into the company culture • Performance-management tools companies can use to evaluate employees and plan their growth and eventual replacement • Compensation tools appropriate for companies with a global workforce • Workforce training and professional development tools companies can use to educate and train employees Exercise For an SaaS solution to be successful, the solution must be disruptive. Discuss whether or not you consider the Taleo cloud-based solutions disruptive. Web Resource For more information on Taleo cloud-based human resources solutions, see www.CloudBookContent.com/Chapter02/index.html. 43 Understanding OpenSaaS Solutions The application programs that run as SaaS solutions in the cloud were developed using a specific programming language and were designed to run on a specific operating system using a specific database management system. An OpenSaaS solution is an SaaS application created using an open source programming language and designed to run on an open source operating system and database. Many customers believe that if a solution is open source, it will be easier for them to move the data to a different application in the future if the current solution fails to meet their needs. Because customers do not own the SaaS software, they will not be able to move the application itself. Customers that are concerned about moving their data in the future should consider an OpenSaaS provider. That said, most SaaS solutions, open source or not, provide a way for customers to export their data if the need arises. CASE 2-3 ADP SAAS FOR PAYROLL PROCESSING AND HUMAN RESOURCES MANAGEMENT One of the first companies to leverage the power of the cloud was ADP—a payroll processing company. Reaching far beyond payroll today, ADP offers cloud-based solutions for time management, employee benefits processing, workers compensation, human resources issues, and more. Further, ADP has extended many of its services to mobile users, allowing payroll processing to occur any time, from any place. Exercise Discuss the market potential for ADP products beyond payroll processing. Web Resource For more information on ADP cloud solutions, see www.CloudBookContent.com/Chapter02/index.html. CASE 2-4 WEBEX SAAS FOR VIRTUAL MEETINGS To gain market share, an SaaS solution must be disruptive; it must change its industry. The WebEx solution not only changes how and when people meet, it disrupts the travel industry by reducing business trips, hotel stays, and business meals. Millions of users rely on WebEx to provide a virtual yet face-to-face meeting platform. A side effect of less travel is the greening of business, which means it has less impact on the environment. In fact, as shown in FIGURE 2-2, 44 WebEx provides an online calculator that shows the dollars saved and the carbon footprint reduced through WebEx-based meetings, as opposed to corporate travel. Beyond holding online meetings, companies use WebEx for the following: • Training webinars for hundreds or thousands of attendees, within the company and beyond • Press conferences • Product sales demonstrations • Remote technical support • And more FIGURE 2-3 shows a WebEx presentation on cloud computing. Exercise Assume that your company must invite 500 employees into the corporate office from states across the country (an average airline ticket cost of $350). Using the WebEx calculator, determine the potential company savings by hosting the meeting online. Web Resource For more information on WebEx, see www.CloudBookContent.com/Chapter02/index.html. 45 FIGURE 2-2 Calculation of cost savings and carbon footprint reduction resulting from WebEx meetings. Courtesy of Cisco Systems, Inc. Unauthorized use not permitted. www.webex.com/overview/environment.html. (6/1/11). FIGURE 2-3 WebEx leverages the cloud for face-to-face virtual meetings and presentations. Courtesy of Cisco Systems, Inc. Unauthorized use not permitted. http://theheadoftheclass.webex.com. (6/1/11). CASE 2-5 CARBONITE SAAS FOR FILE BACKUPS Businesses often rely on a process known as cloud-based colocation to duplicate their company resources at a remote site. If fire, theft, or some other disaster occurs, the business significantly reduces its risk of data loss. Most user-based computer books tell users that they, too, should perform regular disk and file backup operations. However, because the process is generally too time consuming, most users fail to back up their files on a regular basis. Worse yet, users who do perform backups often store the copies within the same facility (home or office) as their computer. The backups are at risk to many of the same factors that threaten the original data. 46 To provide users and companies with a backup solution, many SaaS providers have emerged to back up user data files to redundant storage facilities that reside within the cloud, as shown in FIGURE 2-4. The SaaS cloud-based backup systems provide reliable and secure storage. Users simply select the files or folders they want to back up and then schedule when and how often they want the backups to occur. The actual backup operations then happen behind the scenes, automatically. FIGURE 2-5 shows a screen for a Carbonite-based backup operation occurring as a background process while the user performs other tasks. Exercise Assume your company has 1,000 employees. Calculate the potential cost to integrate cloud-based backup operations through Carbonite. Do you have an alternative backup solution? Web Resource For more information on Carbonite cloud-based backups, see www.CloudBookContent.com/Chapter02/index.html. FIGURE 2-4 Cloud-based SaaS backup providers store secure copies of user and company files at data storage facilities that reside in the cloud. 47 FIGURE 2-5 The Carbonite software running as a background task to back up files to the cloud. FIGURE 2-6 A mashup is a collection of services joined to create an overall solution. Understanding Mashups 48 Many companies need a variety of SaaS solutions. Depending on the various solution providers, the company may create a mashup, a collection of services joined to create an overall solution. FIGURE 2-6 illustrates the concept of a solution mashup. Developers categorize mashups as web-based or server-based. In a web-based mashup, the user’s browser (perhaps via JavaScript) combines the various content sources to create a unified display. In server-based mashups, an application running on a server combines the data. Not surprisingly, the open philosophy has reached mashups. In fact, organizations are working on the Enterprise Markup Mashup Language (EMML) to simplify the design and implementation of mashup solutions while increasing their portability. For more information, visit www.openmashup.org. CASE 2-6 ONLINE SCHOOL SAAS SOLUTIONS Online education has remained one of the fastest growing segments within education markets. Millions of learners now take courses online. Using cloud-based learning management systems, universities offer courses in both synchronous (learners meet at a specific day and time) and asynchronous (learners make their own schedule) formats. By leveraging cloud-based systems, schools can reduce their IT resources and staffing costs, essentially paying for learning services on demand. Exercise Using the web, search for demographic information on the size of the online learning environment. Discuss how you expect this market to evolve over the next 10 years. Web Resource For more information on cloud-based online learning, see www.CloudBookContent.com/Chapter02/index.html. CASE 2-7 MICROSOFT OFFICE 365 SAAS FOR DOCUMENT CREATION, EDITING, AND SHARING For as long as most of us can remember, computer users have made extensive use of the Microsoft Office suite: Word, PowerPoint, Excel, Outlook, and more. Traditionally users have had to purchase and install Office, a relatively expensive investment. Then users have had to keep installing updates to the software as they became available from Microsoft. Businesses, in turn, would normally license Office for each of their employees. 49 Over the past few years, to reduce costs many users began to use products such as Open-Office (LibreOffice), an open source, free, Office-compatible solution. Recently users have found Google Docs, which can be used from any computer—a compelling tool. To meet user demands and to match competitor offerings, Microsoft released Office 365, a pay-by-the-month subscription to the Office applications, which, as shown in FIGURE 2-7, resides in the cloud. Using Office 365, users can access and edit their documents from any computer, as well as many handheld devices. If needed, users can save their documents to local devices. FIGURE 2.8, for example, shows a PowerPoint document in Office 365. Further, because the Office 365 documents are cloud based, users and teams can easily collaborate and share documents. Exercise Assume your company has 1,000 employees who need access to the Microsoft Office suite of products. Analyze the potential cost savings of using Microsoft Office 365 over purchasing seat licenses for each user. Web Resource For more information on Microsoft Office 365, see www.CloudBookContent.com/Chapter02/index.html. FIGURE 2-7 Office 365 provides cloud-based subscription access to the Office suite of applications. 50 FIGURE 2-8 Users can access cloud-based Office 365 documents from any PC as well as many handheld devices. Understanding Service-Oriented Architecture (SOA) Most SaaS solutions provide complete solutions, meaning an application that can be used within a web browser. For example, Salesforce.com provides a web application for customer relationship management, TurboTax provides a web application for filing taxes, and QuickBooks provides a web application for business accounting. Beyond providing a complete application with a user interface, many solution providers offer specific services that developers can access across the web from within programs they create. Developers refer to these services as web services. A developer might, for example, use web services to do the following: • Query the price of a stock • Check a warehouse for current product inventory levels • Get real-time road or weather conditions • Check airline flight departure or arrival information • Purchase a product or service • Perform credit card processing 51 FIGURE 2-9 Web services are solutions that programs can call across the web to perform specific tasks. As shown in FIGURE 2-9, an SaaS application interacts with a user, whereas a web service interacts with a program. Service-oriented architecture (SOA) is an application development methodology with which developers create solutions by integrating one or more web services. Think of a web service as a function or subroutine a program can call to accomplish a specific task. As shown in FIGURE 2-10, when a program running on 91 one computer calls a web service, a message, possibly containing parameter values, is sent across the network (or Internet) to the computer housing the web service. That computer, in turn, performs its processing and normally returns a result to the caller. Some developers refer to web services as remote-procedure calls. Further, developers refer to a set of web services as an application program interface (API). Amazon and eBay, for example, provide APIs that programmers can use to purchase products from across the web using the programs they create. To gain a better understanding of the processing that web services can perform, visit the XMethods website shown in FIGURE 2-11. XMethods provides a variety of web services that perform a wide range of tasks. 52 FIGURE 2-10 To call a web service, a program typically sends a message to the web service that resides on a remote computer and then waits for the web service to return a result. FIGURE 2-11 The XMethods website at www.xmethods.com provides web services that perform a wide range of tasks. 53 CASE 2-8 FACEBOOK: AN SAAS MEDIA SITE? If you ask 10 cloud experts if Facebook is an SaaS social media site, you will likely get 10 “maybe” answers. Facebook definitely has a variety of SaaS characteristics: • Ability to scale with respect to processor demands and data storage needs • No user software to purchase or install • Redundant server hardware and data storage • Accessibility through a myriad of devices Exercise Justify whether Facebook is an SaaS solution. Web Resource For more information on Facebook as an SaaS provider, see www.CloudBookContent.com/Chapter02/index.html. CASE 2-9 IS GOOGLE+ A BETTER, OR JUST ANOTHER, SOCIAL NETWORK? Google+ is a new social networking site that lets users define and manage various groups of people and how they interact with them. With Google+, users can define various circles, which might include people from work, good friends, and family, as well as casual acquaintances. Using such circle definitions, users can better control the posts they allow others to view. FIGURE 2-12 Shows the Google+ home page. Exercise Compare and contrast the Google+ features with those of other social networks, such as Facebook. Web Resource For more information on Google+, see www.CloudBookContent.com/Chapter02/index.html. 54 FIGURE 2-12 Google+ is a social network that resides in the cloud. CHAPTER SUMMARY SaaS provides a solution model that allows users to use a web browser to access software that resides in the cloud. SaaS solutions allow companies to eliminate or reduce their need for on-site, data-center-based applications. By eliminating in-house applications, companies can also reduce administrative support for the applications, as well as data storage. SaaS solutions reside within the cloud, which lets the solutions easily scale processors or disk storage to meet customer needs. Companies normally pay for SaaS solutions on demand for the resources they consume, usually on a per-user basis. SaaS solutions exist for a wide range of applications. Using SaaS solutions, customers have a cost-effective way to get started and an affordable, long-term solution to their data storage needs. Finally, this chapter examined web services, which are cloud-based services that developers can call from within the programs they create to accomplish specific tasks. Many SaaS solution providers offer their services directly to users via SaaS applications and to developer-created programs using web services. KEY TERMS Application program interface (API) Customer relationship management (CRM) Mashup 55 Multitenant solution Service-oriented architecture (SOA) Web services CHAPTER REVIEW 1. Define and describe SaaS. 2. Search the web and list an SaaS provider for each of the following industries: • Sales and customer relationship management • Accounting • Income tax filing • Web-based meetings • Human resources • Payroll processing • Backup automation • Office document creation • Social networking 3. Define and describe mashups. 4. List the advantages and disadvantages of SaaS solutions. 5. Describe the role of OpenSaaS. 6. Compare and contrast a web service and an SaaS solution. 7. Define and describe SOA. 56 chapter 3 Platform as a Service (PaaS) PLATFORM AS A SERVICE (Paas) solutions provide a collection of hardware and software resources that developers can use to build and deploy applications within the cloud. Depending on their needs, developers may use a Windows-based PaaS solution or a Linux-based PaaS. Using PaaS, developers eliminate the need to buy and maintain hardware, as well as the need to install and manage operating system and database software. Because the computing resources no longer reside in the data center, but rather in the cloud, the resources can scale up or down based on application demand, and the company can pay for only those resources it consumes. Further, because PaaS eliminates the developers’ need to worry about servers, they can more quickly deploy their web-based solutions. Learning Objectives This chapter examines the PaaS model in detail. By the time you finish this chapter, you will be able to do the following: • Define and describe the PaaS model. • Describe the advantages and disadvantages of PaaS solutions. • List and describe several real-world PaaS solutions. • List and describe cloud-based database solutions and describe their advantages. • Discuss the development history that led to PaaS. CASE 3-1 GOOGLE APP ENGINE AS A PAAS Google App Engine, sometimes called GAE, is a PaaS solution that lets developers create and host web-based applications that reside and run on services managed by Google, as shown in FIGURE 3-1. 57 Like many Google services and offerings, Google App Engine is a free service (until applications reach a large size and consume significant bandwidth). Google estimates that most developers can use Google App Engine free of charge. Once they have 5 million hits per month the developers must then pay, but only for the resources they use. Currently, Google App Engine provides platform support for a variety of programming languages, the three most common of which are Java, Python, and Go. The primary Google App Engine features include the following: • Support for dynamic web pages • Data storage and query support • Load balancing for application scalability • Application program interface (API) support for application-based e-mail through Google services • A local development, environment that simulates Google App Engine on the developer’s computer • Support for event scheduling and triggering • An application sandbox that limits access to the underlying operating system • Software development kits specific to programming languages • An administrative console for managing applications and databases For more information on Google App Engine, visit www.appengine.google.com. Exercise Assume your company must deploy Java and PHP solutions. Discuss how your company might use Google App Engine and the company’s potential cost. Web Resources For additional information on Google App Engine, see www.CloudBookContent.com/Chapter03/index.html. 58 FIGURE 3-1 Google App Engine helps developers create web-based applications and then hosts the applications in the cloud. IT Evolution Leading to the Cloud The evolution of information technology solutions has been defined by several distinct hardware and software models. To start, early IT solutions from the 1960s to mid-1980s were characterized by mainframe computers similar to that shown in FIGURE 3-2, which had the following characteristics: • Large capital investment for data-center-based computers • Large, expensive disk and tape storage systems that often provided only limited storage capacity • User interface to the system provided through dumb terminals • Limited computer–network interconnectivity • System security maintained through physical security (few users had direct access to the computer hardware) 59 FIGURE 3-2 Computing from the 1960s through the mid-1980s was mainframe driven. With the advent of the IBM PC in 1981, users shifted to local applications and data storage. Early network solutions provided in-house e-mail communication and limited printer and file sharing. System security was implemented primarily at the individual computer level because network simplicity did not yet provide an environment for sophisticated computer viruses. FIGURE 3-3 Early PC-based servers were tower-based systems with a large footprint. They consumed considerable power and generated considerable heat. As the use of the Internet became more widespread, companies extended their e-mail communication beyond company users to vendors, customers, and others. Things changed drastically with the commercialization of the web in 1995 and the release of company websites. Initially, many companies brought in expensive T1 or T3 Internet connections and housed their own web servers. These initial servers looked like large desktop systems, as shown in FIGURE 3-3. FIGURE 3-4 ISPs were the first to offer cloud-like remote computing services. 60 For smaller companies, however, the cost to connect to the Internet was prohibitive. As a result, Internet service providers (ISPs), which maintained web servers and high-speed, high-bandwidth connections, began to emerge. As shown in FIGURE 3-4, developers would use languages such as HTML, Perl, and active server pages (ASP) to develop content locally and then use a file transfer protocol (FTP) application to transfer the files to the server, which resides within the ISP. The advantages of hosting solutions at an ISP included the following: • Reduced cost: The ISP provided the high-speed, high-bandwidth Internet connection, which it shared across several companies. • Less server administration: The ISP managed the servers to which developers uploaded their solutions. • Less hardware to purchase and maintain: The ISP purchased and managed the hardware and managed the infrastructure software, such as the operating system. • Greater system uptime: Through the use of redundant hardware resources, the ISP provided high system uptime. • Potential scalability: The ISP had the ability to move a high-demand application to a faster bandwidth connection. As the use of the Internet and web continued to drive processing requirements, many data centers began to move to blade servers, similar to that shown in FIGURE 3-5, which required a smaller footprint, involved less cost, and could easily access shared network devices. By 2005, many companies used Windows- and Linux-based web servers that were housed at remote ISPs and laid the groundwork for the eventual creation of what we describe today as cloud-based PaaS solutions, as shown in FIGURE 3-6. 61 FIGURE 3-5 Blade computers allowed companies to reduce server footprint, power requirements, and heat within the data center. FIGURE 3-6 The evolution of technology leading to cloud PaaS solutions. CASE 3-2 FORCE.COM AS A PAAS One of the best known software as a service (SaaS) solutions is Salesforce.com. To extend its cloud capabilities to application developers, Salesforce.com has released the Force.com PaaS. Although it was originally developed to provide a home for business applications, Force.com now runs applications across most sectors. As shown in FIGURE 3-7, Force.com provides four different development environments that sit in a cloud-based data management facility. 62 FIGURE 3-7 Force.com provides four primary development products that leverage a cloud-based database. The following briefly describes the Force.com application interface: • Appforce: Provides a user interface that lets nonprogrammers create applications to support finance, human resources, project management, and more. Through a drag-and-drop interface, users can develop business solutions without writing code. • Siteforce: Provides the ability for nondevelopers to quickly create a data-rich website using the Salesforce.com customer relationship management (CRM) editor. Users do not need to know HTML or coding to produce powerful web pages. • VMforce: Provides a platform for Java-based solutions in which programmers can code locally using the Eclipse integrated development environment (IDE) and then drag and drop their solutions to VMforce.com for hosting. • ISVforce: Provides a platform that independent software vendors can use to distribute their applications and updates to users via the cloud. The platform includes access to an application storefront that developers can use to expose their application to potential customers. The Force.com applications sit on top of a cloud-based database provided by Salesforce.com at Database.com. The cloud-based database provides high performance, scalability, backups, and data redundancy. Database.com provides an API that developers can use within their programs to interact with the database. Exercise Assume your company’s vice president of sales wants to produce sales reports from your company’s cloud-based sales data. Unfortunately, your company does not have programming resources it can allocate to the project. Discuss how your company might leverage a Force.com solution to meet the requirement. 63 Web Resources For additional information on Force.com, see www.CloudBookContent.com/Chapter03/index.html. Benefits of PaaS Solutions By shifting computing resources from an on-site data center to the cloud, PaaS solutions offer many advantages: • Lower total cost of ownership: Companies no longer need to purchase and maintain expensive hardware for servers, power, and data storage. • Lower administrative overhead: Companies shift the burden of system software administration from in-house administration to employees of the cloud provider. • More current system software: The cloud administrator is responsible for maintaining software versions and patch installations. • Increased business and IT alignment: Company IT personnel can focus on solutions rather than on server-related issues. • Scalable solutions: Cloud-based solutions can scale up or down automatically based on application resource demands. Companies pay only for the resources they consume. CASE 3-3 LONGJUMP AS A PAAS LongJump provides a PaaS solution that includes cloud-based database management support. What makes LongJump unique is its focus on the entire software development life cycle. To start an application design, nonprogrammers can capture business requirements, forms, and data relationships without coding. The LongJump application development is Java based and supports key protocols such as SOAP and REST. After the developer hosts the site, LongJump provides release management and software maintenance support. Developers can try LongJump free of charge. Exercise Discuss the role of web services and specifically the use of the SOAP and REST protocols. Web Resources For additional information on LongJump, see www.CloudBookContent.com/Chapter03/index.html. Disadvantages of PaaS Solutions 64 Potential disadvantages of PaaS solutions include the following: • Concerns about data security: Some companies are hesitant to move their data storage off-site. • Challenges to integrating cloud solutions with legacy software: A company may need to support on-site solutions as well as cloud-based solutions. Communication between the two application types may be difficult to impossible. • Risk of breach by the PaaS provider: If the company providing the PaaS service fails to meet agreed-upon service levels, performance, security, and availability may be at risk, and moving the application may be difficult. CASE 3-4 NETSUITE AS A PAAS NetSuite is somewhat of a hybrid in that it is a provider of both SaaS and PaaS. On the SaaS side, NetSuite offers turnkey enterprise resource planning (ERP), customer relationship management (CRM), and accounting solutions. The benefits of using the NetSuite cloud-based solution include the following: • Reduced total cost of ownership compared with running on-site solutions within an IT data center • Reduced duplication of data entry through the use of integrated storage solutions • Enhanced distributed access to computer data • Simplified application updates because NetSuite maintains and manages software solutions On the PaaS side, NetSuite provides a development environment that sits on top of the Net-Suite business solutions. Using a drag-and-drop environment, developers can quickly build and deploy enterprise solutions. Exercise Visit the NetSuite website and then discuss the role and capability of drag-and-drop solutions that do not require a programmer to create and deploy applications. Web Resources For additional information on NetSuite, see www.CloudBookContent.com/Chapter03/index.html. 65 CASE 3-5 CLOUD FOUNDRY AS A PAAS Cloud Foundry is an open source project enabled by VMware. Developers have access to and contribute to the project. Cloud Foundry provides developers with a complete PaaS solution that supports programming languages including Spring for Java applications, Rails and Sinatra for Ruby, and other Java virtual machine (JVM) frameworks. Cloud Foundry supports various open source databases, such as MongoDB and MySQL. The primary Cloud Foundry is multitenant, but through the use of MicroCloud, developers can use a single instance of Cloud Foundry. Exercise Research cloud applications on the web. Discuss the programming languages that cloud developers use most often to implement the applications they create. Web Resources For additional information on Cloud Foundry, see www.CloudBookContent.com/Chapter03/index.html. CASE 3-6 OPENSHIFT AS A PAAS Red Hat is well known for providing and supporting open source solutions. Red Hat also distributes Red Hat Linux. OpenShift is the Red Hat PaaS offering, which lets developers quickly deploy browser-based and command-line-based applications. OpenShift has three primary development tools: • Express: A free platform for cloud-based solutions written in PHP, Python, and Ruby. • Flex: Well suited for cloud-based Java, JBoss, and PHP solutions. • Power: Designed for Linux-based solutions written in the C programming language. Exercise Discuss the pros and cons of using a Linux-based PaaS solution as opposed to a Windows-based environment. Web Resources For additional information on OpenShift, see www.CloudBookContent.com/Chapter03/index.html. 66 CASE 3-7 WINDOWS AZURE AND SQL AZURE AS A PAAS Microsoft.NET has driven the development of many dynamic web solutions and web services. Windows Azure is a PaaS running within Microsoft data centers. Users pay only for the scalable processor resources that they consume. SQL Azure provides a cloud-based database solution for applications running within Windows Azure. FIGURE 3-8 illustrates the Windows Azure PaaS environment. Windows Azure goes beyond .NET and includes support for Java, PHP, and Ruby. Developers can build and deploy their solutions to Azure using an IDE such as Visual Studio or Eclipse. Developers can interface to SQL Azure using much of the same code they would use to access a local database. Exercise Discuss advantages and disadvantages of using Microsoft as a PaaS solution provider. Web Resources For additional information on Windows Azure and SQL Azure, see www.CloudBookContent.com/Chapter03/index.html. FIGURE 3-8 The Windows Azure PaaS environment. CHAPTER SUMMARY A PaaS solution provides a collection of hardware and software resources that developers use to build and deploy cloud-based applications. PaaS solutions run a Windows- or a Linux-based operating system and normally support a specific programming environment, such as .NET or Java. 67 PaaS solutions eliminate the need for developers to buy and maintain hardware and install and manage operating system and database software. Because the PaaS computing resources reside in the cloud, the resources can scale up or down based on application demand, and the company pays only for the resources it consumes. Finally, because PaaS eliminates the developers’ need to worry about servers, they can more quickly deploy their web-based solutions. KEY TERMS Cloud-based database Integrated development environment (IDE) Platform CHAPTER REVIEW 1. Define and describe PaaS. 2. List the benefits of PaaS solutions. 3. Describe potential disadvantages of PaaS. 4. Describe how a cloud-based database management system differs from an on-site database. 5. List the computing resources normally provided with a PaaS. 6. Assume your company must deploy a .NET solution to the cloud. Discuss the options available to developers. Research on the web and estimate the costs associated with deploying a PaaS solution. 7. Assume your company must deploy a PHP or Java solution to the cloud. Discuss the options available to developers. Research on the web and estimate the costs associated with deploying a PaaS solution. 68 chapter 4 Infrastructure as a Service (IaaS) MANY COMPANIES THAT DEPLOY applications to the cloud will need a specific platform, such as Windows, .NET, and Microsoft SQL Server, or Linux, Perl, and MySQL. Utilizing a platform as a service (PaaS) solution eliminates the company’s need to administer the operating system and supporting software. Other companies, because of security needs or a desire to manage all resources, turn to infrastructure as a service (IaaS) providers. An IaaS provider makes all of the computing hardware resources available; the customers, in turn, are responsible for installing and managing the systems, which they can normally do over the Internet. Learning Objectives This chapter examines IaaS in detail. By the time you finish this chapter, you will be able to do the following: • Define and describe IaaS and identify IaaS solution providers. • Define and describe colocation. • Define and describe system and storage redundancy. • Define and describe cloud-based network-attached storage (NAS) devices and identify solution providers. • Define and describe load balancing and identify cloud-based solution providers. • Describe the pros and cons of IaaS solutions. Understanding IaaS Running a data center is an expensive and staff-intensive process. To start, one must create a facility with the following capabilities: • Access to high-speed and redundant Internet service • Sufficient air conditioning to eliminate the heat generated by servers and disk storage devices 69 • Conditioned power with the potential for uninterrupted power supply in the short term and long term through the use of on-site diesel-powered generators • Fire suppression systems • Administrative staffing to support hardware, networks, and operating systems FIGURE 4-1 illustrates a typical data center facility. After a company creates an operation data center, it has a second significant problem—the data center is a single point of failure. Should the data center be damaged by fire, flood, weather, or an act of terrorism, the company’s entire data processing capabilities will be shut down. To reduce the risk of a single point of failure, companies often create a duplicate data center at a remote location, as shown in FIGURE 4-2. Should one of the data centers fail, the other can immediately take over operations. Unfortunately, the second data center will increase the company’s costs—essentially doubling them—because there are duplicate servers, storage devices, network equipment, Internet access, and staffing. FIGURE 4-1 Racks of servers within a data center. 70 FIGURE 4-2 To eliminate a single point of failure, many companies colocate duplicate data centers. For many smaller companies with simpler data processing needs, a PaaS may eliminate the need for their own data center. As you will recall, a PaaS solution typically provides one or more virtual servers running a specific operating system, as shown in FIGURE 4-3. Most PaaS solutions eliminate the customer’s need to manage the operating system and supporting software. In contrast, larger companies or companies with specific server needs may require their own independent server hardware and data storage devices. For such situations, IaaS is ideal. An IaaS solution provides a customer with its own hardware resources. You can think of IaaS as a mini data center within a large data center facility. Most IaaS providers, as shown in FIGURE 4-4, house data centers for multiple companies. Because the IaaS provider spreads the cost of power, air conditioning, fire suppression, and staff across multiple customers, it can normally offer pricing that beats what each individual company would have to pay for its own facility. Further, just as with software as a service (SaaS) and PaaS solutions, customers pay IaaS providers only for the resources consumed. Simply put, IaaS solutions provide the least expensive (and fastest) way for companies to launch a data center or colocation facility. 71 FIGURE 4-3 PaaS solutions allow smaller companies to eliminate the need for their own on-site data center. FIGURE 4-4 IaaS providers normally house data centers for many companies. Improving Performance Through Load Balancing Across the web, sites experience a wide range of network traffic requirements. Sites such as Google, Yahoo!, Amazon, and Microsoft experience millions of user hits per day. To handle such web requests, the sites use a technique known as load balancing, as shown in FIGURE 4-5, to share the requests across multiple servers. For a simple web page, a client’s web browser requests an HTML page and then the related graphics, CSS, and JavaScript files from the web server, as shown in FIGURE 4-6. 72 FIGURE 4-5 Load balancing uses a server to route traffic to multiple servers which, in turn, share the workload. When the demand becomes too great for the server, the company can place a load-balancing server in front of two or more servers to which the load balancer distributes the web requests. Load balancing for simple applications is quite straightforward because either server can handle all requests. When server-based applications become more complex, such as accessing data within a database, the developers must provide shared access to the database. To eliminate a single point of failure, companies often replicate copies of the database on multiple servers. The database software, in turn, must then synchronize data updates across the systems, as shown in FIGURE 4-7. As an alternative, the company may choose to simplify the solution using a cloud-based database or a cloud-based network-attached storage (NAS) device, as shown in FIGURE 4-8. In this way, the applications do not need to worry about the data synchronization and replication—that task is handled within the cloud. 73 FIGURE 4-6 A client (browser) typically makes multiple requests to a server in order to download the HTML, CSS, JavaScript, and page graphics. Taking a Closer Look at Load Balancing To better understand load balancing, consider the processing that occurs when a user visits a site such as Yahoo! To start, the user types in a domain name, such as www.yahoo.com. The user’s web browser, in turn, sends the domain name to a special server on the web called a domain name server (DNS), which, in turn, returns the site’s (Yahoo!’s) Internet protocol (IP) address. As shown in FIGURE 4-9, the browser in then uses the IP address to contact the server. 74 FIGURE 4-7 Load-balanced systems, for data redundancy purposes, often replicate databases on multiple servers. Each database, in turn, will send data updates to the other to maintain data synchronization between the servers. FIGURE 4-8 Using a cloud-based NAS device and a cloud-based database to handle database replication and load balancing. When a site uses load balancing, the IP address returned by the DNS might correspond to the load-balancing server. When the load balancer receives the browser request, it simply sends the request to one of the servers on a round-robin basis. If demand on the site increases, additional servers can be added, to which the load balancer can distribute requests. Using a similar technique, most IaaS solutions provide on-demand scaling and load balancing. 75 FIGURE 4-9 Web browsers use the IP address they receive from a DNS to access a server on the web. System and Storage Redundancy One of the greatest benefits of cloud-based computing is that it does not matter where the physical computing resources and data storage devices are located. As a result, companies often employ duplicate off-site servers or disk storage devices through a process known as colocation. As shown in FIGURE 4-10, by employing duplicate resources, systems can fail over from one location to another or they can use the duplicate systems for load balancing. In this way, the colocated resources accomplish the following: • Makes the company less susceptible to fire, acts of God, and terrorism • Improves performance through a distributed workload • Makes the company less susceptible to downtime due to power loss from a blackout or brownout Over the past few years, the low-cost options offered by IaaS providers have made hardware redundancy a must-have item for companies that rely on the availability of key applications and data. Likewise, by leveraging cloud-based NAS devices and cloud-based database systems, companies can also easily replicate their data, as shown in FIGURE 4-11. IaaS providers allow companies to add servers, processors, and RAM to their applications on demand. FIGURE 4-12 shows an administrator window that allows an application administrator to select the resources the application needs—scaling resources up or down. Further, IaaS providers can also scale 76 resource allocation up or down automatically. Customers, in turn, pay only for the resources they require. FIGURE 4-10 Companies use colocated computing resources for system failover or load balancing. FIGURE 4-11 Using cloud-based NAS devices and cloud-based databases, companies can replicate key data within the cloud. 77 FIGURE 4-12 Using an administrator menu to allocate application resources. CASE 4-1 RACKSPACE IAAS Rackspace has emerged as one of the largest players in the IaaS market. Rackspace offers a set of solutions that include cloud hosting, managed hosting (including 24/7 data-centerlike management), and hybrid solutions that combine the cloud and managed services. Within minutes, from the Rackspace website an administrator can select a solution that deploys from 1 to 50 servers. Larger configurations are available. Today Rackspace offers cloud-based solutions to hundreds of thousands of clients. Rackspace houses its data centers at very large facilities located around the world. With respect to the cloud, Rackspace offers pay-as-you-go scalability, with on-demand storage and load balancing. Beyond cloud hosting, Rackspace provides solutions for cloud-based e-mail, Exchange hosting, file sharing, backups, and collaboration. 78 Rackspace storage on demand is provided through a service called Cloud Files, a high-performance file system that provides very inexpensive redundant storage. The Cloud Files system was developed using OpenStack, a new open source software initiative for building private and public clouds. The goal of OpenStack is to create a massively scalable cloud operating system to accomplish the following: • Leverage open standards to produce an environment less susceptible to vendor lock in (a situation in which a customer cannot easily move from an existing vendor) • Increase industry-wide cloud standards • Provide a platform that leverages performance and flexibility Exercise Assume your company is planning to release a new .NET-based website. The company’s developers estimate the application will require 10 servers to manage the workload. Visit the Rackspace website and recommend a solution for the company (you can use physical servers, virtual servers, or a combination of both). What start-up and monthly costs should your company expect? Web Resources For additional information on Rackspace and OpenStack, see www.CloudBookContent.com/Chapter04/index.html. Utilizing Cloud-Based NAS Devices Chapter 6, Data Storage in the Cloud, examines cloud-based data storage and database systems in detail. The chapter also presents several solution providers. For now, you should understand that companies can move their data storage to the cloud in a number of ways. One of the most innovative disk storage solutions utilizes cloud-based NAS devices, which present devices and applications as mountable drives and file systems. Normally customers can scale their cloud-based storage on demand and pay only for the storage they consume. 79 FIGURE 4-13 Cloud-based NAS devices present cloud-based storage as mountable devices, which may be replicated in the cloud to meet a company’s data redundancy needs. As shown in FIGURE 4-13, some cloud-based NAS devices provide behind-the-scenes data replication for data redundancy needs. CASE 4-2 NIRVANIX IAAS Nirvanix provides a wide range of cloud solutions, from public, private, and hybrid clouds to backup and off-site storage and CloudNAS, which is a cloud-based NAS solution. As shown in FIGURE 4-14, CloudNAS is a high-performance, scalable, secure, cloud-based file system that supports Linuxand Windows-based applications. By supporting both the Common Internet File System (CIFS) and the Network File System (NFS), CloudNAS seamlessly integrates into existing applications. In general, CloudNAS does not require programming or the development of an application program interface (API). Exercise Within the cloud, IaaS providers offer a variety of ways for users and applications to access storage. Discuss the importance of having a cloud-based mountable storage device. Web Resources For additional information on Nirvanix and CloudNAS, see www.CloudBookContent.com/Chapter04/index.html. 80 FIGURE 4-14 The Nirvanix IaaS provides cloud-based NAS, which is accessible through the CloudNAS file system. Advantages of IaaS Solutions In the simplest sense, IaaS is the process of providing the hardware necessary to run an application. By utilizing IaaS solutions, companies eliminate the need to house and maintain expensive data centers. Unlike PaaS, which also manages and administers the operating system and support software, an IaaS solution requires the customer to manage all software and take responsibility for maintaining system updates. Advantages of using an IaaS solution include the following: • Elimination of an expensive and staff-intensive data center • Ease of hardware scalability • Reduced hardware cost • On-demand, pay-as-you-go scalability • Reduction of IT staff • Ad hoc test environments suitability • Complete system administration and management Server Types Within an IaaS Solution 81 Within an IaaS environment, customers can acquire one or more servers. As shown in FIGURE 4-15, these servers fall under one of three types: • Physical server: Actual hardware is allocated for the customer’s dedicated use. • Dedicated virtual server: The customer is allocated a virtual server, which runs on a physical server that may or may not have other virtual servers. • Shared virtual server: The customer can access a virtual server on a device that may be shared with other customers. An IaaS physical server solution allocates one or more physical servers to the customer. The servers will not be shared with other customers. The physical server, because it is not shared by others, will be more expensive. However, the customer will have complete control over the system. A dedicated virtual server solution allocates to a customer one or more virtual servers, which, as discussed in Chapter 8, Virtualization, runs on a server that has special software installed to allow it to run multiple operating systems (which do not have to be the same). Each operating system is protected from others on the server and often can be configured by the customer. The virtual server is used by only one customer, which, again, will result in a slightly higher cost per month. 82 FIGURE 4-15 Within an IaaS environment, customers can allocate various server types. A shared virtual server solution allocates a shared virtual server to a customer. The server may, for example, provide web server capabilities to multiple users. The customer cannot configure the shared virtual server. CASE 4-3 LAYERED TECH IAAS Layered Tech supports grid, virtualization, and cloud computing platforms. With Layered Tech solutions customers can quickly launch cloud-based applications, satisfy backup and remote storage requirements, or utilize high-security, high-availability servers. Layered Tech provides traditional cloud-based services, such as dedicated servers, virtual servers, and managed server solutions. In addition, Layered Tech provides large-scale enterprise solutions, such as hosting, colocation, and virtualization. If a client performs e-commerce operations, Layered Tech provides a Payment Card Industry (PCI)-compliant hosting system. By examining the PCI Data Security Standard (DSS), you can gain considerable insight into cloud-based security issues. For more information on the PCI DSS, visit the PCI Security Standards Council website at www.pcisecuritystandards.org. Exercise Many cloud-based sites implement e-commerce operations. Discuss the purpose of and some of the standards involved in the PCI standards. Web Resources For additional information on Layer Tech and PCI standards, see www.CloudBookContent.com/Chapter04/index.html. CHAPTER SUMMARY Smaller companies that deploy applications to the cloud typically use a specific platform, such as Windows, .NET, and Microsoft SQL, or Linux, Perl, and MySQL. Companies that use a PaaS solution eliminate the need to administer the operating system and supporting software. Larger companies, because of security needs or a desire to manage all resources, turn to IaaS providers, which make all of the computing hardware resources available but leave the customer responsible for installing and managing the systems. This can normally be done over the Internet. You can think of an IaaS solution as a turnkey remote data center. 83 KEY TERMS CloudNAS Colocation Common Internet File System (CIFS) Load balancing Network-attached storage (NAS) Network File System (NFS) Redundancy CHAPTER REVIEW 1. Define and describe IaaS. 2. Define and describe system redundancy. Discuss how you might use IaaS to implement a redundancy plan. 3. Define and describe load balancing. Discuss how you might use IaaS to implement load balancing. 4. Define and describe NAS. Assume you must implement a shared file system within the cloud. What company would you select? Why? What costs should your client expect to pay for cloud-based data on a gigabyte (GB) basis? 5. Define and describe colocation. Discuss how you might use IaaS to implement colocation. 6. Compare and contrast a cloud-based disk storage device (with a file system) with a cloud-based database. 7. Compare and contrast physical, dedicated virtual, and shared virtual servers. Search the web for companies that provide each. What cost should a customer expect to pay for each? 84 chapter 5 Identity as a Service (IDaaS) TODAY, WITHIN MOST COMPANIES, users must log in to a variety of different systems in order to perform various tasks. Some of the systems may be cloud based, some may be based on local servers, and some may be accessible through different devices. The challenge of having multiple servers to access is that users must remember and manage multiple username and password combinations. Further, if an employee leaves the company, the IT staff must coordinate with the human resources department to ensure that each of the user’s accounts has been disabled. User identity management (ID management) is difficult, time consuming, and expensive. Over the past few years, companies have begun to emerge to provide identity (or identification) as a service (IDaaS), or cloud-based ID management. Learning Objectives This chapter examines cloud-based ID management in detail. By the time you finish this chapter, you will be able to do the following: • Describe challenges related to ID management. • Describe and discuss single sign-on (SSO) capabilities. • List the advantages of IDaaS solutions. • Discuss IDaaS solutions offered by various companies. Understanding Single Sign-On (SSO) As discussed, business users today must log in to a variety of applications, which may reside on many different servers. The users, therefore, must manage numerous username and password combinations. To simplify user access to multiple systems, many companies now use single sign-on (SSO) software, which, as shown in FIGURE 5-1, requires the user to sign on only one time. Behind the scenes, the SSO software manages the user’s access to other systems. The advantages of SSO software include the following: 85 • Fewer username and password combinations for users to remember and manage • Less password fatigue caused by the stress of managing multiple passwords • Less user time consumed by having to log in to individual systems • Fewer calls to help desks for forgotten passwords • A centralized location for IT staff to manage password compliance and reporting The primary disadvantage of SSO systems is the potential for a single source of failure. If the authentication server fails, users will not be able to log in to other servers. Thus, having a cloud-based authentication server with system redundancy reduces the risk of system unavailability. Understanding How SSO Works Although different implementations of SSO exist, many solutions employ a secure ticket. When a user logs in to the authentication server, he or she is given a secure ticket. Later, when the user accesses a server, that server, in turn, validates the ticket with the authentication server. The authentication server, as shown in FIGURE 5-2, not only confirms that the user is authorized to use the server, but may also provide the user’s access rights that are specific to that server. FIGURE 5-1 An SSO system lets a user log in to a system one time and then move freely among related servers and applications without having to authenticate him- or herself each time. 86 Step 1: User logs into the authentication server using a username and password Step 2: The authentication server returns the user’s ticket Step 3: User sends the ticket to the intranet server Step 4: Intranet server sends the ticket to the authentication server Step 5: Au...
Purchase answer to see full attachment