Cloud Computing: Models, Benefits, and Limitations

Cloud Computing: Models, Benefits, and Limitations

Cloud Computing

Organizations tend to develop an entrepreneurial culture through a strong orientation toward innovation. Cloud computing refers to a computer-enabled architecture that provides flexible and scalable IT-enabled capabilities as a virtual service through the internet. Cloud computing technology is characterized by resource pooling, broad network access, on-demand self-service, rapid elasticity, and measured services (Mohamed, 2018). Consumers that use cloud computing technology strive to integrate many services from a central point that is conveniently accessible from any device linked to the system. Some of the resources include virtual storage units, processors, and network bandwidth. It is a developing technological trend that was adopted in the late 1990s. The pay-as-you-go on-demand computer infrastructure and resources are owned, operated, and managed by various service providers (Mohamed, 2018). Some of the renowned cloud computing service providers include Amazon, Oracle, SoftLayer, and Microsoft.

The History of Cloud Computing

JCR Licklider pioneered the development of ARPANET (Advanced Research Projects Agency Network) in 1969. He had a vision of interconnecting everyone across the globe to enable them to access data and programs remotely with convenience through an intergalactic computer network (Mohamed, 2018). The cloud computing concept was first realized through a loosely coupled network known as grid computing. Licklider’s vision was boosted by the development of utility computing, the advancement of grid computing. John McCarthy is also one of the renowned computer scientists that championed for cloud computing by proposing that computation should be delivered as a public utility. Cloud computing for the masses, however, did not realize significant milestones in the 1960s due to the low internet bandwidth by then.

The arrival of Salesforce.com in 1999 marked the initial milestone in cloud computing by pioneering the delivery of enterprise applications through simple websites. This paved the way for various software firms that later began to deliver their applications via the internet. Salesforce is currently one of the key players in the SaaS (Software-as-a-Service) market. The SaaS model achieved another commendable milestone in 2009 through the development of Web 2.0. Stakeholders such as Google adopted this model and started offering browser-based enterprise applications through services such as Google Apps, better known as the G Suite. Microsoft Corporation also developed a cloud-based Office 365 suite to remain relevant in the business applications market.

The launch of Amazon Web Services (AWS) in 2002 marked another significant milestone in cloud computing history. Through AWS, Amazon offered customers a cloud-based infrastructure services suite that included computation, storage, as well as human intelligence courtesy of the Amazon Mechanical Turk. Amazon went ahead to launch a commercial web service dubbed Elastic Compute Cloud (EC2, to enable consumers to rent computers for running their applications. The multi-billion-dollar firm is currently the undisputed leader in offering the IaaS (Infrastructure-as-a-Service) cloud computing model to its consumers.

Cloud Computing Models

Cloud computing services are classified according to their flexibility, architecture, and mode of service. The primary goal for consumers that pay for cloud computing is to get the services; hence, most models have the ‘as a Service (PaaS)’ phrase as their suffix. The various cloud computing models include: DBaaS (database), DRaaS (disaster recovery), NaaS (networking), SECaaS (security), SaaS (storage), MBaaS (mobile backend), and FaaS (function). However, all these fall under either of the three major cloud computing models, as discussed below.

Software-as-a-Service (SaaS)

The SaaS model grants its consumers they access to various applications and software on a monthly or annual subscription basis. User data is usually stored in the vendor’s cloud application and can be accessed from any internet-enabled device (Barabas, 2019). The service provider is in charge of all the software upgrades, and consumers only get to access the application. The leading vendors that offer SaaS include Cisco, Salesforce.com, Oracle, Microsoft, Google, Microsoft, IBM, SAP, Intuit, and ADP.

Platform-as-a-Service (PaaS)

Developers usually use PaaS as it often comes with content management systems, an operating system, database, development tools, and a server that an organization can utilize to configure its web applications. The PaaS model offers a computing platform based on specific tools, programming languages, and applications. It is convenient for organizations that prefer writing, deploying, and running their business applications independently. Leading vendors include Microsoft Azure, Google App Engine, Amazon Web Services, and IBM Blue mix.

Infrastructure-as-a-Service (IaaS)

In the IaaS model, service providers offer computing infrastructures such as storage units, server-less computing, containers, networks, and virtual computers (Rountree & Castrillo, 2014). It is similar to using networking devices or servers, only that IaaS is managed remotely. Amazon Web Services dominate the list of IaaS vendors. The other vendors are Microsoft Azure, IBM, SoftLayer, and Google Cloud. Firms such as NetApp, Cisco, HPE, Lenovo, and Dell Technologies used by organizations to set up private IaaS services.

Cloud computing services can also be classified according to the deployment model. The deployment options include public, private, and hybrid clouds.

Public Clouds

Public clouds offer services to a variety of customers, and the information is always available to be accessed equally by both parties. It is suitable for large business enterprises that use remote services frequently, and are usually managed by third-party vendors. The cloud vendor data center is the primary storage that holds all the user data. The vendor handles most functions, such as deployment and hardware maintenance, on behalf of the business. However, since the consumers do not have control over the public cloud infrastructure, this factor may be a significant security concern for the user’s privacy.

Private Clouds

A single organization can either use a privately-hosted cloud or build its cloud in its internal data centers. Private cloud users do not share resources and servers with other entities. Each user gets a dedicated infrastructure and enjoys the agility and scalability benefits. A private cloud is, however, more expensive and difficult to maintain.

Hybrid Clouds

The hybrid cloud infrastructure managed as a single environment that offers some resources to the public and reserves others for internal use. It is a complex computing architecture that requires special tools and expertise to manage properly.

From the above models, various significant factors accommodate the needs of different cloud computing consumers. Based on flexibility, infrastructure, and service model, all the three infrastructures come in handy, according to the consumer’s specific needs. The SaaS model offers users seamlessly updated applications, IaaS provides consumers with virtual hardware services to save the latter’s physical storage space by only acquiring what they need, while PaaS gives consumers a platform for developing their application programs. Based on their deployment, private clouds stand out as the best option as they provide customized services to meet the user’s specific needs. Public clouds are popular and cheaper to maintain, though the consumers have limited privileges to the system, which raises crucial security concerns.

Benefits of Cloud Computing

• Service providers regularly update the servers, software, and computer processing power.
• The scalability benefits enable firms to scale up or down according to service demands.
• Most service providers maintain a 24/7 uptime, and resources are always readily available to users.
• Flexibility enables users to adjust resources such as storage only to address current needs.
• It reduces IT costs on, expert staff, system upgrades, hardware, and software purchases.
• Users can access the applications from any internet-enabled device at convenience.
• It minimizes loss of productivity by ensuring continuity even in cases of natural disasters.
• It enhances collaboration between various users sharing common resources (Abhilasha, 2015).
• in Cloud, ComputingApplications run on servers that provide resources to other organizations simultaneously. The shared resource can lower performance if the other users experience DDOS attacks.
• Despite maintaining high-performance standards, cloud technology is not exempted from technical challenges, which interrupts the application’s performance.
• Cloud service providers may equally face challenges such as poor internet connectivity or blackouts, resulting in downtime on the consumer’s side.
• Since consumers share sensitive information with third-party service providers, this data is subjected to threats since it can easily be hacked.
• Since cloud service providers offer the same resources to different organizations, they usually lower their bandwidth to accommodate these numbers. Organizations that surpass the given limit incurs significant additional charges.
• Cloud computing service providers do not guarantee real-time support to customers that may need urgent assistance. They mostly refer users to the FAQs section, which non-technical clients may find to be inconvenient.
• Concerns in Cloud Computing

Servers and Applications Access

Administrative access to the servers in traditional data centers was restricted to on-premise connections, which a different case in cloud computing architecture. Administrative access in cloud computing must be done through the internet, and this exposure is a potential risk factor that can undermine data integrity. Cloud users do not see administrative changes that take place in the infrastructure, which might be a violation of privacy in some instances. Large organizations have strict privacy policies, and only specific levels of management can access some data sets.

On the contrary, the cloud computing architecture has a sole administrator with privileges to access all this data (Eken, 2014). Companies that retrench employees have to deactivate the accounts of former workers and create new ones for the incoming workforce. Most cloud admins make these modifications outside the company’s firewall, which violates the privacy of the employees.

Transmission of Data

In traditional architecture, data is usually encrypted using TLS/SSL protocols during transmission, and only the intended recipient has the decryption key to access the sent message. The transmission medium, in this case, does not have privileges to modify the transmitted signals. In cloud computing, data is usually transmitted without observing such security protocols. The cloud architecture allows data to be processed and altered without being decrypted (Hoofnagle, 2010). This may corrupt data integrity and authenticity.

Virtual Computer security

The Virtual Machine Monitor (VMM) provides virtual processors, memory, I/O devices, and other resources to be used by virtual machines in a cloud environment. VMM shared folders grants guest users access to read and write on other guests’ or the host’s file systems. Full virtualization replicates the entire hardware architecture virtually. The case is different in para-virtualization, which only modifies the operating system so that it runs concurrently with other systems. The dynamic nature of virtual computers means that they can easily be paused, reverted to previous instances, or restarted quickly (Gupta, 2011). The machines can as well be cloned and moved seamlessly between the physical layers, making it difficult to establish and maintain standardized security protocols.

Network Security

Network-level security issues are mainly associated with reusing IP addresses, sniffer attacks, and DNS (Domain Name System) attacks. Domain Name Servers translate the domain names of client computers on a network into IP addresses. In a cloud environment, the user can be routed to some random servers as opposed to the one they had initially requested to be redirected. Cloud servers usually reuse IP addresses, meaning that if one user exists the system, the incoming user will be assigned the previous user’s IP. This happens without the former user’s consent; hence, it violates their privacy rights. The Network Interface Card (NIC) has a sniffer program that records all the data being transmitted in a cloud infrastructure. The program also records data from other systems sharing the same network, meaning that clients’ privacy is always at the mercy of their service providers.

Data Security

Cloud computing architecture grants general users access to its root storage. The Hypertext Transfer Protocol (HTTP) and Secure Shell (SSH) protocols in traditional on-premise setups do not allow unauthorized users to view some sensitive information. In a cloud setup, the enterprise data usually resides on the service provider’s servers, meaning that malicious employees from the other end can easily compromise the data. Providers such as Amazon have made significant efforts to curb this issue by prompting enterprises to encrypt their data before transmission and only gain access to the host using their encrypted SSH keys.

Data Privacy

Since data in cloud architecture is distributed globally, many enterprises using these services risk being exposed to potential attackers. The exposure of such data may also put these organizations at risk of not complying with government policies regarding privacy jurisdictions. The cloud service providers also risk legal liabilities for exposing people’s sensitive data without a proper procedure.

Data Integrity

A single database in standalone systems enhances data integrity by following ACID (atomicity, consistency, isolation, and durability) properties when processing all transactions. Data integrity in these setups is guaranteed since users have control of all the ACID procedures when performing any operation on the database. In cloud computing, users have no control over such measures, and this may end up corrupting their sensitive data.

Data Segregation

In a cloud setup, data is usually shared with those from other consumers using the same resources. Some users prefer not to encrypt their data because of the possible loss of the same in case the decryption process is unsuccessful. The segregated data is, therefore, prone to manipulation by unauthorized users. Cloud service providers should establish necessary transmission protocols to ensure that data is encrypted at every level.

Data Availability

Most enterprises strive to avail their customers with the data they request at convenience. Cloud computing means that this data only resides on the vendor’s servers. In case the vendor experiences technical issues, this problem will directly affect the customer.

Solving the Security Issues in Cloud Computing

The security challenges discussed above are mainly associated with data transmission, unrestricted access to information, third party trustworthiness, violation of privacy policies, and consumer reliability. There are also issues with potential server downtimes, which can be addressed by deploying resource distribution at different levels to avoid relying on a single server (Hoofnagle, 2010). The underlying challenges can be solved by adopting specific security measures, as discussed in the paragraphs below.

Data Encryption

For better security during transmission, both the consumer and service providers should encrypt the data being transmitted. Multistage encryption ensures that users first encrypt their data before sending it to the cloud servers. The cloud vendor encrypts the data again to enhance its security and protect it from possible insider attacks. Multistage encryption will improve data integrity by ensuring that only authorized users can access, modify, or delete specific data sets.

Legal Jurisdiction

The cloud computing architecture does not adhere to legal jurisdictions of various countries regarding privacy policies. In Europe, for instance, the law requires all business entities to be aware of where the personal information of all their employees is stored. Cloud vendors should establish a framework that allows specific entities access to physical servers where the latter’s sensitive data reside. Sharing resources in the distributed cloud environment end up confusing clients who find it complicated, trying to comprehend the specific path of tracking their data.

Fog Layers

DDOS (Distributed Denial of Service) attacks occur when hackers use multiple zombie machines to infect servers. When servers get exhausted, some resources such as storage units, become unavailable to users. DDOS attacks can be eradicated by placing fog layers between users and the server to filter all the requests being sent to servers (Sabir, 2018).

Digital Signatures

Users should protect their data in cloud servers using digital signatures. The signature should be used along with AES encryption algorithms and the Diffie Hellman key exchange facilities. The combination of these three security mechanisms gives hackers no room for intercepting sensitive information in cloud servers.

In summary, though it faces significant security challenges, cloud computing remains to be the ultimate solution to most large scale enterprises globally. The technology leverages big data analysis and ensures that consumers can access on-demand services from any internet-enabled device. Vendors can come into a consensus with their consumers and adopt necessary security mechanisms to enhance trust, accountability, and transparency between these two parties.

References

Abhilasha, A. (2015). A Survey on Cloud Computing and Its Benefits. INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY, 15(2), 6499-6503

Barabas, J. (2019). IaaS PaaS SaaS Cloud Service Models. Retrieved from https://www.ibm.com/cloud/learn/iaas-paas-saas

Benefits of cloud computing | Business Queensland. (2017). Retrieved from https://www.business.qld.gov.au/running-business/it/cloud-computing/benefits

Eken, H. (2014). Cloud Computing Security Issues and Recommendations. International Journal of Intelligent Computing Research, 5(1), 398-404

Gupta, P. (2011). Cloud Computing- Issues and Challenges. Indian Journal Of Applied Research, 4(3), 100-102.

Harrison, D. (2015). The Economics Of Cloud Computing Are, In A Word, Confusing. Retrieved from https://www.forbes.com/sites/ciocentral/2015/06/10/the-economics-of-cloud-computing-are-in-a-word-confusing/#25009c4e7d50

Hoofnagle, C. (2010). Consumer Protection in Cloud Computing Services: Recommendations for Best Practices from a Consumer Federation of America Retreat on Cloud Computing. SSRN Electronic Journal.

Mohamed, A. (2018). A history of cloud computing. Retrieved from https://www.computerweekly.com/feature/A-history-of-cloud-computing

Neto, M. (2014). A brief history of cloud computing – Cloud computing news. Retrieved from https://www.ibm.com/blogs/cloud-computing/2014/03/18/a-brief-history-of-cloud-computing-3/

Rountree, D., & Castrillo, I. (2014). The basics of cloud computing. Waltham, Mass.: Syngress.

Sabir, S. (2018). Security Issues in Cloud Computing and their Solutions: A Review. International Journal Of Advanced Computer Science And Applications, 9(11).