International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882

Volume 5, Issue 2, February 2016

REVIEW OF CLOUD COMPUTING

Gurjinder singh
Department of Computer Science And Engineering, Guru Kashi University Talwandi Sabo, Bathinda, Punjab

ABSTRACT
Cloud computing has formed the conceptual and
infrastructural basis for tomorrows computing. The
global computing infrastructure is rapidly moving
towards cloud based architecture. While it is important
to take advantages of could based computing by means
of deploying it in diversified sectors, the security aspects
in a cloud based computing environment remains at the
core of interest. Cloud based services and service
providers are being evolved which has resulted in a new
business trend based on cloud technology. With the
introduction of numerous cloud based services and
geographically dispersed cloud service providers,
sensitive information of different entities are normally
stored in remote servers and locations with the
possibilities of being exposed to unwanted parties in
situations where the cloud servers storing those
information are compromised. If security is not robust
and consistent, the flexibility and advantages that cloud
computing has to offer will have little credibility. This
paper presents a review on the cloud computing concepts
as well as security issues inherent within the context of
cloud computing and cloud infrastructure.
Keywords- cloud computing, cloud security, cloud
network, cloud services

1. INTRODUCTION
1.1 CLOUD COMPUTING
Cloud computing, also known as 'on-demand
computing', is a kind of Internet-based computing, where
shared resources, data and information are provided to
computers and other devices on-demand. It is a model
for enabling ubiquitous, on-demand access to a shared
pool of configurable computing resources.[1] Recent
developments in the field of could computing have
immensely changed the way of computing as well as the
concept of computing resources. In a cloud based
computing infrastructure, the resources are normally in
someone else's premise or network and accessed
remotely by the cloud users. Processing is done remotely
implying the fact that the data and other elements from a
person need to be transmitted to the cloud infrastructure
or server for processing; and the output is returned upon
completion of required processing. In some cases, it

might be required or at least possible for a person to

store data on remote cloud servers. These gives the
following three sensitive states or scenarios that are of
particular concern within the operational context of
cloud computing: The transmission of personal
sensitive data to the cloud server, The transmission of
data from the cloud server to clients' computers and
The storage of clients personal data in cloud servers
which are remote server not owned by the clients. All
the above three states of cloud computing are severely
prone to security breach that makes the research and
investigation within the security aspects of cloud
computing practice an imperative one. There have been a
number of different blends that are being used in cloud
computing realm, but the core concept remain same
the infrastructure, or roughly speaking, the resources
remain somewhere else with someone else's ownership
and the users 'rent' it for the time they use the
infrastructure.[2]

1.2 CLOUD DEPLOYMENT MODELS

There are three commonly-used cloud deployment
models: private, public, and hybrid. An additional model
is the community cloud, which is less-commonly used.
Private cloud is built and managed within a
single organization. Organizations use software
that enables cloud functionality, such as
VMWare, Cloud Director, or Open Stack.
Public cloud is a set of computing resources
provided by third-party organizations. The most
popular public clouds include Amazon Web
Services, Google App Engine, and Microsoft
Azure.
Hybrid cloud is a mix of computing resources
provided by both private and public clouds. A
community cloud shares computing resources
across several organizations, and can be
managed by either organizational IT resources
or third-party providers.[3]

2. CLOUD SERVICE MODELS

Cloud-computing providers offer their "services"
according to different models, which happen to form a
stack: infrastructure-, platform- and software-as-aservice.

www.ijsret.org

74

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Volume 5, Issue 2, February 2016

cloud user does not have to allocate resources manually.

The latter has also been proposed by an architecture
aiming to facilitate real-time in cloud environments.[5]

2.3 Software as a service (SaaS)

Figure: cloud service models

2.1 Infrastructure as a service (IaaS)

In the most basic cloud-service modeland according
to the IETF (Internet Engineering Task Force)
providers of IaaS offer computersphysical or (more
often) virtual machinesand other resources. IaaS
refers to online services that abstract user from the
detail of infrastructure like physical computing
resources, location, data partitioning, scaling, security,
backup etc. A hypervisor, such as Xen, Oracle
VirtualBox, KVM, VMware ESX/ESXi, or Hyper-V
runs the virtual machines as guests. Pools of
hypervisors within the cloud operational system can
support large numbers of virtual machines and the
ability to scale services up and down according to
customers' varying requirements. IaaS clouds often
offer additional resources such as a virtual-machine
disk-image library, raw block storage, file or object
storage, firewalls, load balancers, IP addresses, virtual
local area networks (VLANs), and software bundles.[4]

2.2 Platform as a service (PaaS)

PaaS vendors offer a development environment to
application developers. The provider typically develops
toolkit and standards for development and channels for
distribution and payment. In the PaaS models, cloud
providers deliver a computing platform, typically
including operating system, programming-language
execution environment, database, and web server.
Application developers can develop and run their
software solutions on a cloud platform without the cost
and complexity of buying and managing the underlying
hardware and software layers. With some PaaS offers
like Microsoft Azure and Google App Engine, the
underlying computer and storage resources scale
automatically to match application demand so that the

In the software as a service (SaaS) model, users gain

access to application software and databases. Cloud
providers manage the infrastructure and platforms that
run the applications. SaaS is sometimes referred to as
"on-demand software" and is usually priced on a payper-use basis or using a subscription fee. In the SaaS
model, cloud providers install and operate application
software in the cloud and cloud users access the software
from cloud clients. Cloud users do not manage the cloud
infrastructure and platform where the application runs.
This eliminates the need to install and run the
application on the cloud user's own computers, which
simplifies maintenance and support. Cloud applications
differ from other applications in their scalabilitywhich
can be achieved by cloning tasks onto multiple virtual
machines at run-time to meet changing work demand.[6]

3. CLOUD CLIENT
Users access cloud computing using networked client
devices,
such
as desktop
computers, laptops, tablets and smart phones and any
Ethernet enabled device such as Home Automation
Gadgets. Some of these devicescloud clients rely on
cloud computing for all or a majority of their
applications so as to be essentially useless without it.
Examples are thin clients and the browser-based Chrome
book. Many cloud applications do not require specific
software on the client and instead use a web browser to
interact
with
the
cloud
application.
With Ajax and HTML5 these Web user interfaces can
achieve a similar, or even better, look and feel to native
applications. Some cloud applications, however, support
specific client software dedicated to these applications
(e.g., virtual desktop clients and most email clients).
Some legacy applications (line of business applications
that until now have been prevalent in thin client
computing) are delivered via a screen-sharing
technology. [7]

4. CLOUD COMPUTING BENIFITS

Enterprises would need toalign their applications, so as
to exploit the architecture models that Cloud Computing
offers. Some of the typical benefits are listed below:
Reduced Cost
There are a number of reasons to attribute Cloud
technology with lower costs. The billing model
is pay as per usage; the infrastructure is not

www.ijsret.org

75

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Volume 5, Issue 2, February 2016

purchased thus lowering maintenance.Initial

expense and recurring expenses are much lower
than traditional computing.
Increased Storage
With the massive Infrastructure that is offered
by Cloud providers today, storage &
maintenance of large volumes of datais a reality.
Sudden workload spikes are also managed
effectively & efficiently, since the cloud can
scale dynamically.
Flexibility
This is an extremely important characteristic.
With enterprises having to adapt, even more
rapidly, to changing business conditions, speed
to deliver is critical. Cloud computing stresses
on getting applications to market very quickly,
by using the most appropriate building blocks
necessary for deployment[8]

5. SECURITY AND PRIVACY

5.1 Identity management
Every enterprise will have its own identity management
system to control access to information and computing
resources. Cloud providers either integrate the
customers identity management system into their own
infrastructure,using federation or SSO technology, or a
biometric-based identification system, or provide an
identity management solution of their own. CloudID, for
instance, provides a privacy-preserving cloud-based and
cross-enterprise biometric identification solutions for
this problem. It links the confidential information of the
users to their biometrics and stores it in an encrypted
fashion. Making use of a searchable encryption
technique, biometric identification is performed in
encrypted domain to make sure that the cloud provider
or potential attackers do not gain access to any sensitive
data or even the contents of the individual queries.

employment activities such as security screening

potential recruits, security awareness and training
programs,
proactive
security
monitoring
and
supervision, disciplinary procedures and contractual
obligations embedded in employment contracts, service
level agreements, codes of conduct, policies etc.
5.4 Availability
Cloud providers help ensure that customers can rely on
access to their data and applications, at least in part
(failures at any point - not just within the cloud service
providers' domains - may disrupt the communications
chains between users and applications).
5.5 Application security
Cloud providers ensure that applications available as a
service via the cloud (SaaS) are secure by specifying,
designing, implementing, testing and maintaining
appropriate application security measures in the
production environment. Note that - as with any
commercial software - the controls they implement may
not necessarily fully mitigate all the risks they have
identified, and that they may not necessarily have
identified all the risks that are of concern to customers.
Consequently, customers may also need to assure
themselves that cloud applications are adequately
secured for their specific purposes, including their
compliance obligations.
5.6 Privacy
Providers ensure that all critical data (credit card
numbers, for example) are masked or encrypted and that
only authorized users have access to data in its entirety.
Moreover, digital identities and credentials must be
protected as should any data that the provider collects or
produces about customer activity in the cloud.[9]

6. CONCLUSION
5.2 Physical security
Cloud service providers physically secure the IT
hardware (servers, routers, cables etc.) against
unauthorized access, interference, theft, fires, floods etc.
and ensure that essential supplies (such as electricity) are
sufficiently robust to minimize the possibility of
disruption. This is normally achieved by serving cloud
applications from 'world-class' (i.e. professionally
specified, designed, constructed, managed, monitored
and maintained) data centers.
5.3 Personnel security
Various information security concerns relating to the IT
and other professionals associated with cloud services
are typically handled through pre-, para- and post-

To summarize, the cloud provides many options for the

everyday computer user as well as large
and small businesses. It opens up the world of
computing to a broader range of uses and increases the
ease of use by giving access through any internet
connection. However, with this increased ease also come
drawbacks. You have less control over who has access to
your information and little to no knowledge of where it
is stored. You also must be aware of the security risks of
having data stored on the cloud. The cloud is a big target
for malicious individuals and may have disadvantages
because it can be accessed through an unsecured internet
connection. Cloud computing is relatively new topic for

www.ijsret.org

76

International Journal of Scientific Research Engineering & Technology (IJSRET), ISSN 2278 0882
Volume 5, Issue 2, February 2016

research in the field of computer science and

engineering.

REFFERENCES
[1] Hassan, Qusay (2011). "Demystifying Cloud
Computing" The Journal of Defense Software
Engineering (Cross Talk) 2011 (Jan/Feb): 1621.
Retrieved 11 December 2014.
[2] Monjur Ahmed and Mohammad Ashraf Hossain
International Journal of Network Security & Its
Applications (IJNSA), Vol.6, No.1, January 2014
[3]http://en.wikipedia.org/wiki/Cloud_computing
[4] Amies, Alex; Sluiman, Harm; Tong, Qiang Guo; Liu,
Guo Ning (July 2012). "Infrastructure as a Service Cloud
Concepts". Developing and Hosting Applications on the
Cloud
[5]Boniface, M.; et al. (2010), Platform-as-a-Service
Architecture for Real-Time Quality of Service
Management in Clouds, 5th International Conference on
Internet and Web Applications and Services (ICIW),
Barcelona,
Spain:
IEEE,
pp. 155160,
doi:10.1109/ICIW.2010.91
[6] Hamdaqa, Mohammad. A Reference Model for
Developing Cloud Applications
[7]"https://en.wikipedia.org/wiki/Cloud_computing"
[8]Torry harris"Cloud Computing An Overview"
[9] "Identity Management in the Cloud" Information
Week. 2013-10-25. Retrieved 2013-06-05.

www.ijsret.org

77