CC_UNIT2_MERGED.pdf

Transcript

The cloud reference model
The physical infrastructure is managed by the core middleware, the
objectives of which are to provide an appropriate runtime environment
for applications and to best utilize resources.

At the bottom of the stack, virtualization technologies are used to
guarantee runtime environment customization, application isolation,
sandboxing, and quality of service.

Hardware virtualization is most commonly used at this level.
Hypervisors manage the pool of resources and expose the distributed
infrastructure as a collection of virtual machines.

By using virtual machine technology it is possible to finely partition the
hardware resources such as CPU and memory and to virtualize specific
devices, thus meeting the requirements of users and applications.
The combination of cloud hosting platforms and resources is
generally classified as a Infrastructure-as-a-Service (IaaS) solution.

We can organize the different examples of IaaS into two categories:
Some of them provide both the management layer and the physical
infrastructure;
others provide only the management layer (IaaS (M)).

In this second case, the management layer is often integrated with
other IaaS solutions that provide physical infrastructure and adds
value to them.
IaaS solutions are suitable for designing the system infrastructure
but provide limited services to build applications.

Such service is provided by cloud programming environments
and tools, which form a new layer for offering users a
development platform for applications.

The range of tools include Web-based interfaces, command-line
tools, and frameworks for concurrent and distributed
programming. In this scenario, users develop their applications
specifically for the cloud by using the API exposed at the
user-level middleware.

For this reason, this approach is also known as
Platform-as-a-Service (PaaS) because the service offered to the
user is a development platform rather than an infrastructure.

In the case of Pure PaaS, only the user-level middleware is
offered, and it has to be complemented with a virtual or physical
infrastructure.
The top layer of the reference model depicted in Figure 4.1 contains services
delivered at the application level.

These are mostly referred to as Software-as-a-Service (SaaS). In most cases
these are Web-based applications that rely on the cloud to provide service to end
users.

The horsepower of the cloud provided by IaaS and PaaS solutions allows
independent software vendors to deliver their application services over the
Internet.

Other applications belonging to this layer are those that strongly leverage the
Internet for their core functionalities that rely on the cloud to sustain a larger
number of users; this is the case of gaming portals and, in general, social
networking websites.
Infrastructure- and hardware-as-a-service
The main technology used to deliver and implement these solutions is

hardware virtualization: one or more virtual machines opportunely

configured and interconnected define the distributed system on top of

which applications are installed and deployed.

Virtual machines also constitute the atomic components that are

deployed and priced according to the specific features of the virtual

hardware: memory, number of processors, and disk storage. It is possible to distinguish three principal

layers:

the physical infrastructure,

the software management infrastructure,

the user interface.
At the top layer the user interface provides access to the
services exposed by the software management infrastructure.

Such an interface is generally based on Web 2.0 technologies:
Web services, RESTful APIs, and mash-ups.

These technologies allow either applications or final users to
access the services exposed by the underlying infrastructure.

Web 2.0 applications allow developing full-featured
management consoles completely hosted in a browser or a
Web page.

Web services and RESTful APIs allow programs to interact
with the service without human intervention, thus providing
complete integration within a software system.
The core features of an IaaS solution are implemented in
the infrastructure management software layer.

In particular, management of the virtual machines is the
most important function performed by this layer.

A central role is played by the scheduler, which is in charge
of allocating the execution of virtual machine instances.

The scheduler interacts with the other components that
perform a variety of tasks:
The pricing and billing component takes care of the cost of executing
each virtual machine instance and maintains data that will be used to
charge the user.

The monitoring component tracks the execution of each virtual
machine instance and maintains data required for reporting and
analyzing the performance of the system.

The reservation component stores the information of all the virtual
machine instances that have been executed or that will be executed
in the future.

If support for QoS-based execution is provided, a QoS/SLA
management component will maintain a repository of all the SLAs
made with the users; together with the monitoring component, this
component is used to ensure that a given virtual machine instance is
executed with the desired quality of service.
The VM repository component provides a catalog of virtual machine images
that users can use to create virtual instances. Some implementations also
allow users to upload their specific virtual machine images.

A VM pool manager component is responsible for keeping track of all the live
instances.

Finally, if the system supports the integration of additional resources
belonging to a third-party IaaS provider, a provisioning component interacts
with the scheduler to provide a virtual machine instance that is external to the
local physical infrastructure directly managed by the pool.
The bottom layer is composed of the physical infrastructure, on top of which
the management layer operates.

A service provider will most likely use a massive datacenter containing
hundreds or thousands of nodes.

A cloud infrastructure developed in house, in a small or medium-sized
enterprise or within a university department, will most likely rely on a
cluster.

At the bottom of the scale it is also possible to consider a heterogeneous
environment where different types of resources—PCs, workstations, and
clusters—can be aggregated.
Platform as a service
Platform-as-a-Service (PaaS) solutions provide a development and deployment platform for running
applications in the cloud.

They constitute the middleware on top of which applications are built.
Application management is the core functionality of the middleware. PaaS implementations pro vide
applications with a runtime environment and do not expose any service for managing the underlying
infrastructure.

They automate the process of deploying applications to the infrastructure, configuring application
components, provisioning and configuring supporting technologies such as load balancers and databases,
and managing system change based on policies set by the user.

Developers design their systems in terms of applications and are not concerned with hardware (physical or
virtual), operating systems, and other low-level services.

The core middleware is in charge of managing the resources and scaling applications on demand or
automatically, according to the commitments made with users. From a user point of view, the core
middleware exposes interfaces that allow programming and deploying applications on the cloud. These can
be in the form of a Web-based interface or in the form of programming APIs and libraries.
PaaS Development Model

The specific development model decided for applications determines the interface exposed to the user. Some
implementations provide a completely Web-based interface hosted in the cloud and offering a variety of services.

1. It is possible to find integrated developed environments based on 4GL and visual programming concepts, or
rapid prototyping environments where applications are built by assembling mash-ups and user-defined
components and successively customized.

2. Other implementations of the PaaS model provide a complete object model for representing an applica tion and
provide a programming language-based approach. This approach generally offers more flexibility and
opportunities but incurs longer development cycles. Developers generally have the full power of programming
languages such as Java,.NET, Python, or Ruby, with some restrictions to provide better scalability and
security.
PaaS solutions can offer middleware for developing applications together with the infrastructure or simply provide
users with the software that is installed on the user premises.

In the first case, the PaaS provider also owns large datacenters where applications are executed;

In the second case, referred to in this book as Pure PaaS, the middleware constitutes the core value of the offering.
The first category identifies PaaS implementations that completely follow the cloud computing style for
application development and deployment.

They offer an integrated development environment hosted within the Web browser where applications are
designed, developed, composed, and deployed.

This is the case of Force.com and Longjump. Both deliver as platforms the combination of middleware
and infrastructure.
In the second class we can list all those solutions that are focused on providing a scalable
infrastructure for Web application, mostly websites.

In this case, developers generally use the providers’ APIs, which are built on top of industrial
runtimes, to develop applications.

Google AppEngine is the most popular product in this category. It provides a scalable runtime based
on the Java and Python programming languages, which have been modified for pro viding a secure
runtime environment and enriched with additional APIs and components to support scalability
The third category consists of all those solutions that provide a cloud programming platform for any
kind of application, not only Web applications.

Among these, the most popular is Microsoft Windows Azure, which provides a comprehensive
framework for building service oriented cloud applications on top of the.NET technology, hosted on
Microsoft’s datacenters.

Other solutions in the same category, such as Manjrasoft Aneka, Apprenda SaaSGrid, Appistry Cloud
IQ Platform, DataSynapse, and GigaSpaces DataGrid, provide only middleware with differ ent
services.
essential characteristics that identify a PaaS solution:

Runtime framework. This framework represents the “software stack” of the PaaS model and the most intuitive aspect
that comes to people’s minds when they refer to PaaS solutions. The runtime framework executes end-user code
according to the policies set by the user and the provider.

Abstraction. PaaS solutions are distinguished by the higher level of abstraction that they provide. Whereas in the case
of IaaS solutions the focus is on delivering “raw” access to virtual or physical infrastructure, in the case of PaaS the focus
is on the applications the cloud must support. This means that PaaS solutions offer a way to deploy and manage
applications on the cloud rather than a bunch of virtual machines on top of which the IT infrastructure is built and
configured.
 Automation. PaaS environments automate the process of deploying applications to the
infrastructure, scaling them by provisioning additional resources when needed. This process is
performed automatically and according to the SLA made between the customers and the provider.
This feature is normally not native in IaaS solutions, which only provide ways to provision more
resources.

Cloud services. PaaS offerings provide developers and architects with services and APIs, helping
them to simplify the creation and delivery of elastic and highly available cloud applications. These
services are the key differentiators among competing PaaS solutions and generally include specific
components for developing applications, advanced services for application monitoring,
management, and reporting.
One of the major concerns of leveraging PaaS solutions for implementing applications is vendor lock-in.

PaaS environments deliver a platform for developing applications, which exposes a well-defined set of APIs
and, in most cases, binds the application to the specific runtime of the PaaS provider.

Even though a platform-based approach strongly simplifies the development and deployment cycle of
applications, it poses the risk of making these applications completely dependent on the provider.

The impact of the vendor lock-in on applications obviously varies according to the various solutions. Some of
them, such as Force.com, rely on a proprietary runtime framework, which makes the retargeting process very
difficult.
 Software as a service

The acronym SaaS was then coined in 2001 by the Software Information & Industry Association (SIIA)
with the following connotation: In the software as a service model, the application, or service, is deployed
from a centralized datacenter across a network—Internet, Intranet, LAN, or VPN—providing access and
use on a recurring fee basis. Users “rent,” “subscribe to,” “are assigned,” or “are granted access to” the
applications from a central provider. Business models vary according to the level to which the software is
streamlined, to lower price and increase efficiency, or value-added through cus tomization to further
improve digitized business processes.
The analysis carried out by SIIA was mainly oriented to cover application service providers (ASPs) and all
their variations, which capture the concept of software applications consumed as a service in a broader
sense. ASPs already had some of the core characteristics of SaaS:
The product sold to customer is application access.
The application is centrally managed.
The service delivered is one-to-many.
The service delivered is an integrated solution delivered on the contract, which means provided as
promised.
 Software-as-a-Service (SaaS) is a software delivery model that provides access to applications through the
Internet as a Web-based service.

It provides a means to free users from complex hard ware and software management by offloading such
tasks to third parties, which build applications accessible to multiple users through a Web browser.

In this scenario, customers neither need install anything on their premises nor have to pay considerable
up-front costs to purchase the software and the required licenses.

They simply access the application website, enter their credentials and billing details, and can instantly use
the application, which, in most of the cases, can be further customized for their needs.
Initially the SaaS model was of interest only for lead users and early adopters.

The benefits delivered at that stage were the following:
Software cost reduction and total cost of ownership (TCO) were paramount
Service-level improvements
Rapid implementation
Standalone and configurable applications
Rudimentary application and data integration
Subscription and pay-as-you-go (PAYG) pricing
 Common Application of software as service model

customer relationship management and identifies concerns related to interactions with custo mers and
prospect sales. CRM solutions are software systems that simplify the process of managing customers
and iden tifying sales strategies.

ERP, an acronym for enterprise resource planning, generally refers to an integrated computer-based
system used to manage internal and external resources, including tangible assets, materials, and
financial and human resources. ERP software provides an integrated view of the enterprise and
facilitates the management of the information flows between business functions and resources.
Types of clouds
Clouds constitute the primary outcome of cloud computing.

They are a type of parallel and distributed system harnessing physical and virtual computers presented as a
unified computing resource.

Such infrastructures can be of different types and provide useful information about the nature and the
services offered by the cloud.

A more useful classification is given according to the administrative domain of a cloud: It identifies the
boundaries within which cloud computing services are implemented, provides hints on the underlying
infrastructure adopted to support such services, and qualifies them. It is then possible to differentiate four
different types of cloud:
Public clouds. The cloud is open to the wider public.

Private clouds. The cloud is implemented within the private premises of an institution and
generally made accessible to the members of the institution or a subset of them.

Hybrid or heterogeneous clouds. The cloud is a combination of the two previous solutions and
most likely identifies a private cloud that has been augmented with resources or services hosted in a
public cloud.

Community clouds. The cloud is characterized by a multi-administrative domain involving different
deployment models (public, private, and hybrid), and it is specifically designed to address the needs
of a specific industry.
 Public clouds
Public clouds constitute the first expression of cloud computing.

They are a realization of the canonical view of cloud computing in which the services offered are made
available to anyone, from anywhere, and at any time through the Internet.

From a structural point of view they are a dis tributed system, most likely composed of one or more
datacenters connected together, on top of which the specific services offered by the cloud are
implemented.

Any customer can easily sign in with the cloud provider, enter her credential and billing details, and use
the services offered.
 A fundamental characteristic of public clouds is multitenancy. A public cloud is meant to serve a multitude
of users, not a single customer.

Any customer requires a virtual computing environment that is separated, and most likely isolated, from
other users.

This is a fundamental requirement to provide effective monitoring of user activities and guarantee the
desired performance and the other QoS attributes negotiated with users.

QoS management is a very important aspect of public clouds. Hence, a significant portion of the software
infrastructure is devoted to monitoring the cloud resources, to bill them according to the contract made
with the user, and to keep a complete history of cloud usage for each customer.

These features are fundamental to public clouds because they help providers offer services to users with
full accountability.
 From an architectural point of view there is no restriction concerning the type of distributed sys tem
implemented to support public clouds.

Most likely, one or more datacenters constitute the physical infrastructure on top of which the
services are implemented and delivered

Public clouds can be composed of geographically dispersed datacenters to share the load of users
and better serve them according to their locations.

For example, Amazon Web Services has datacenters installed in the United States, Europe,
Singapore, and Australia; they allow their customers to choose between three different regions:
us-west-1, us-east-1, or eu-west-1. Such regions are priced differently and are further divided into
availability zones, which map to specific datacenters.
Private clouds

Private clouds are virtual distributed systems that rely on a private
infrastructure and provide internal users with dynamic provisioning of
computing resources.

Instead of a pay-as-you-go model as in public clouds, there could be other
schemes in place, taking into account the usage of the cloud and
proportionally billing the different departments or sections of an enterprise.
The key advantages of using a private cloud computing
infrastructure:
Customer information protection. Despite assurances by the public cloud leaders about
security, few provide satisfactory disclosure or have long enough histories with their cloud
offerings to provide warranties about the specific level of security put in place on their
systems. In-house security is easier to maintain and rely on.

Infrastructure ensuring SLAs. Quality of service implies specific operations such as
appropriate clustering and failover, data replication, system monitoring and maintenance,
and disaster recovery, and other uptime services can be commensurate to the application
needs. Although public cloud vendors provide some of these features, not all of them are
available as needed.

Compliance with standard procedures and operations. If organizations are subject to
third-party compliance standards, specific procedures have to be put in place when
deploying and executing applications. This could be not possible in the case of the virtual
public infrastructure.
From an architectural point of view, private clouds can be implemented on more
heterogeneous hardware: They generally rely on the existing IT infrastructure already
deployed on the private premises.

This could be a datacenter, a cluster, an enterprise desktop grid, or a combination of them.
The physical layer is complemented with infrastructure management software (i.e., IaaS (M);
see Section 4.2.2) or a PaaS solution, according to the service delivered to the users of the
cloud.
 At the bottom layer of the software stack, virtual machine technologies such as
Xen , KVM , and VMware serve as the foundations of the cloud.

Virtual machine management technologies such as VMware vCloud, Eucalyptus
, and OpenNebula can be used to control the virtual infrastructure and
provide an IaaS solution.

Eucalyptus provides full compatibility with Amazon Web Services interfaces and
supports different virtual machine technologies such as Xen, KVM, and VMware.

OpenNebula is an open-source solution for virtual infrastructure management that
supports KVM, Xen, and VMware, which has been designed to easily integrate
third-party IaaS providers.

Its modular architecture allows extending the software with additional features
such as the capability of reserving virtual machine instances by using Haizea as
scheduler.
 Solutions that rely on the previous virtual machine managers and provide added
value are OpenPEX and InterGrid.

OpenPEX is Web-based system that allows the reservation of virtual machine
instances and is designed to support different back ends (at the moment only the
support for Xen is implemented).

InterGrid provides added value on top of OpenNebula and Amazon EC2 by allowing
the reservation of virtual machine instances and managing multiadministrative
domain clouds.
 PaaS solutions can provide an additional layer and deliver a high level service for private
clouds. Among the options available for private deployment of clouds we can consider
DataSynapse, Zimory Pools, Elastra, and Aneka.

DataSynapse provides a flexible environment for building private clouds on top of
datacenters.

Elastra Cloud Server is a platform for easily configuring and deploying distributed
application infrastructures on clouds.

Zimory provides a software infrastructure layer that automates the use of resource
pools based on Xen, KVM, and VMware virtualization technologies. It allows creating an
internal cloud composed of sparse private and public resources and provides facilities
for migrating applications within the existing infrastructure.
 Aneka is a software development platform that can be used to deploy a cloud
infrastructure on top of heterogeneous hardware: datacenters, clusters, and
desktop grids.

It provides a pluggable service-oriented architecture that’s mainly devoted to
supporting the execution of distributed applications with different
programming models: bag of tasks, MapReduce, and others.
Hybrid clouds
Public clouds are large software and hardware infrastructures that have a capability
that is huge enough to serve the needs of multiple users, but they suffer from
security threats and administrative pitfalls.

Private clouds are the perfect solution when it is necessary to keep the processing
of information within an enterprise’s premises or it is necessary to use the existing
hardware and software infrastructure. One of the major drawbacks of private
deployments is the inability to scale on demand and to efficiently address peak
loads.

Hence, a hybrid solution could be an interesting opportunity for taking advantage of
the best of the private and public worlds. This led to the development and diffusion
of hybrid clouds
 Hybrid clouds allow enterprises to exploit existing IT infrastructures, maintain
sensitive information within the premises, and naturally grow and shrink by
provisioning external resources and releasing them when they’re no longer needed.

Security concerns are then only limited to the public portion of the cloud that can be
used to perform operations with less stringent constraints but that are still part of
the system workload.. Figure 4.5 provides a general overview of a hybrid cloud: It is a heterogeneous
distributed system resulting from a private cloud that integrates additional services or
resources from one or more public clouds. For this reason they are also called
heterogeneous clouds.

As depicted in the diagram, dynamic provisioning is a fundamental component in this
scenario.

Hybrid clouds address scalability issues by leveraging external resources for exceeding
capacity demand. These resources or services are temporarily leased for the time
required and then released. This practice is also known as cloudbursting.. In an IaaS scenario, dynamic provisioning refers to the ability to acquire on
demand virtual machines in order to increase the capability of the resulting
distributed system and then release them.

Infrastructure management software and PaaS solutions are the building blocks for
deploying and managing hybrid clouds.

In particular, with respect to private clouds, dynamic provisioning introduces a
more complex scheduling algorithm and policies, the goal of which is also to
optimize the budget spent to rent public resources.
Community clouds

Community clouds are distributed systems created by integrating the services of
different clouds to address the specific needs of an industry, a community, or a
business sector.

The infrastructure is shared by several organizations and supports a specific
community that has shared concerns (e.g., mission, security requirements, policy,
and compliance considerations). It may be managed by the organizations or a third
party and may exist on premise or off premise.
Candidate sectors for community clouds are as follows:

Media industry. In the media industry, companies are looking for low-cost, agile, and
simple solutions to improve the efficiency of content production.

Most media productions involve an extended ecosystem of partners. In particular, the
creation of digital content is the outcome of a collaborative process that includes
movement of large data, massive compute-intensive rendering tasks, and complex
workflow executions.

Community clouds can provide a shared environment where services can facilitate
business-to-business collaboration and offer the horsepower in terms of aggregate
bandwidth, CPU, and storage required to efficiently support media production.
 Healthcare industry. In the healthcare industry, there are different scenarios in
which community clouds could be of use.

In particular, community clouds can provide a global platform on which to share
information and knowledge without revealing sensitive data maintained within the
private infrastructure.

The naturally hybrid deployment model of community clouds can easily support
the storing of patient-related data in a private cloud while using the shared
infrastructure for noncritical services and automating processes within hospitals
Energy and other core industries. In these sectors, community clouds can bundle
the comprehensive set of solutions that together vertically address management,
deployment, and orchestration of services and operations.

Since these industries involve different providers, vendors, and organizations, a
community cloud can provide the right type of infrastructure to create an open
and fair market
Public sector. Legal and political restrictions in the public sector can limit the adoption of
public cloud offerings.

Moreover, governmental processes involve several institutions and agencies and are aimed
at providing strategic solutions at local, national, and international administrative levels.

They involve business-to-administration, citizen-to-administration, and possibly
business-to-business processes. Some examples include invoice approval, infrastructure
planning, and public hearings.

A community cloud can constitute the optimal venue to provide a distributed environment
in which to create a communication platform for performing such operations.
Scientific research. Science clouds are an interesting example of community
clouds.

In this case, the common interest driving different organizations sharing a large
distributed infrastructure is scientific computing.
The benefits of these community clouds are the following:

Openness. By removing the dependency on cloud vendors, community clouds are open
systems in which fair competition between different solutions can happen.

Community. Being based on a collective that provides resources and services, the
infrastructure turns out to be more scalable because the system can grow simply by expanding
its user base.

Graceful failures. Since there is no single provider or vendor in control of the infrastructure,
there is no single point of failure.

Convenience and control. Within a community cloud there is no conflict between
convenience and control because the cloud is shared and owned by the community, which
makes all the decisions through a collective democratic process.

Environmental sustainability. The community cloud is supposed to have a smaller carbon
footprint because it harnesses underutilized resources. Moreover, these clouds tend to be
more organic by growing and shrinking in a symbiotic relationship to support the demand of
the community, which in turn sustains it.
 10/01/2023

Economics of the cloud

1
 10/01/2023

The amount of cost savings that cloud computing can introduce within an

enterprise is related to the specific scenario in which cloud services are used

and how they contribute to generate a profit for the enterprise.

In the case of a small startup, it is possible to completely leverage the cloud

for many aspects, such as:

IT infrastructure

Software development

CRM and ERP

In terms of the pricing models introduced by cloud computing, we can distinguish
three different strategies that are adopted by the providers:

Tiered pricing.
In this model, cloud services are offered in several tiers, each of which offers a
fixed computing specification and SLA at a specific price per unit of time. This
model is used by Amazon for pricing the EC2 service, which makes available
different server configurations in terms of computing capacity (CPU type and
speed, memory) that have different costs per hour.

2
 10/01/2023

Per-unit pricing.
This model is more suitable to cases where the principal source of revenue for the
cloud provider is determined in terms of units of specific services, such as data
transfer and memory allocation.
In this scenario customers can configure their systems more efficiently according
to the application needs. This model is used, for example, by GoGrid, which
makes customers pay according to RAM/hour units for the servers deployed in
the GoGrid cloud.

Subscription-based pricing.

This is the model used mostly by SaaS providers in which users

pay a periodic subscription fee for use of the software or the

specific component services that are integrated in their

applications.

3
Open challenges
Cloud definition

One of the most comprehensive formalizations is noted in the NIST working definition of cloud
computing.

It characterizes cloud computing as on-demand self-service, broad network access,
resource-pooling, rapid elasticity, and measured service; classifies services as SaaS, PaaS, and
IaaS; and categorizes deployment models as public, private, community, and hybrid clouds.

Despite the general agreement on the NIST definition, there are alternative taxonomies for
cloud services. David Linthicum, founder of BlueMountains Labs, provides a more detailed
classification,8 which comprehends 10 different classes and better suits the vision of cloud
computing within the enterprise. A different approach has been taken at the University of
California, Santa Barbara (UCSB) , which departs from the XaaS concept and tries to define
an ontology for cloud computing.
Cloud interoperability and standards

Vendor lock-in constitutes one of the major strategic barriers against the seamless
adoption of cloud computing at all stages.

In particular there is major fear on the part of enterprises in which IT constitutes the
significant part of their revenues.

Vendor lock-in can prevent a customer from switching to another competitor’s
solution, or when this is possible, it happens at considerable conversion cost and
requires significant amounts of time.

This can occur either because the customer wants to find a more suitable solution for
customer needs or because the vendor is no longer able to provide the required
service.

The presence of standards that are actually implemented and adopted in the cloud
computing community could give room for interoperability and then lessen the risks
resulting from vendor lock-in
 The standardization efforts are mostly concerned with the lower level of the cloud
computing architecture, which is the most popular and developed.

In particular, in the IaaS market, the use of a proprietary virtual machine format constitutes
the major reasons for the vendor lock-in, and efforts to provide virtual machine image
compatibility between IaaS vendors can possibly improve the level of interoperability
among them.

The Open Virtualization Format (OVF) is an attempt to provide a common format for
storing the information and metadata describing a virtual machine image. Even though the
OVF provides a full specification for packaging and distributing virtual machine images in
completely platform-independent fashion, it is supported by few vendors that use it to
import static virtual machine images.

The challenge is providing standards for supporting the migration of running instances, thus
allowing the real ability of switching from one infrastructure vendor to another in a
completely transparent manner.
Scalability and fault tolerance

The ability to scale on demand constitutes one of the most attractive features of cloud
computing. Clouds allow scaling beyond the limits of the existing in-house IT resources, whether
they are infrastructure (compute and storage) or applications services.

To implement such a capability, the cloud middleware has to be designed with the principle of
scalability along different dimensions in mind—for example, performance, size, and load. The
cloud middleware manages a huge number of resource and users, which rely on the cloud to
obtain the horsepower that they cannot obtain within the premises without bearing
considerable administrative and maintenance costs.

These costs are a reality for whomever develops, manages, and maintains the cloud middleware
and offers the service to customers. In this scenario, the ability to tolerate failure becomes
fundamental, sometimes even more important than providing an extremely efficient and
optimized system.

Hence, the challenge in this case is designing highly scalable and fault-tolerant systems that are
easy to manage and at the same time provide competitive performance.
Security, trust, and privacy
Security, trust, and privacy issues are major obstacles for massive adoption of cloud
computing.

The traditional cryptographic technologies are used to prevent data tampering and
access to sensitive information.

The massive use of virtualization technologies exposes the existing system to new
threats, which previously were not considered applicable.

For example, it might be possible that applications hosted in the cloud can process
sensitive information; such information can be stored within a cloud storage facility
using the most advanced technology in cryptography to protect data and then be
considered safe from any attempt to access it without the required permissions.
Although these data are processed in memory, they must necessarily be decrypted by the
legitimate application, but since the application is hosted in a managed virtual environment
it becomes accessible to the virtual machine manager that by program is designed to
access the memory pages of such an application.

In this case, what is experienced is a lack of control over the environment in which the
application is executed, which is made possible by leveraging the cloud.

The lack of control over their own data and processes also poses severe problems for the
trust we give to the cloud service provider and the level of privacy we want to have for our
data.
specific regulations can simply prevail over the agreement the provider is willing to
establish with us concerning the privacy of the information managed on our behalf.

Moreover, cloud services delivered to the end user can be the result of a complex
stack of services that are obtained by third parties via the primary cloud service
provider.

In this case there is a chain of responsibilities in terms of service delivery that can
introduce more vulnerability for the secure management of data, the enforcement of
privacy rules, and the trust given to the service provider
Organizational aspects

From an organizational point of view, the lack of control over the management of data
and processes poses not only security threats but also new problems that previously did
not exist.

Some interesting questions arise in considering the role of the IT department in this new
scenario. In particular, the following questions have to be considered:

What is the new role of the IT department in an enterprise that completely or
significantly relies on the cloud?

How will the compliance department perform its activity when there is a considerable
lack of control over application workflows?

What are the implications (political, legal, etc.) for organizations that lose control over
some aspects of their services?

What will be the perception of the end users of such services?
 Traditionally, when there was a problem with computer systems, organizations developed
strategies and solutions to cope with them, often by relying on local expertise and knowledge.

One of the major advantages of moving IT infrastructure and services to the cloud is to reduce
or completely remove the costs related to maintenance and support.

As a result, users of such infrastructure and services lose a reference to deal with for IT
troubleshooting.

At the same time, the existing IT staff is required to have a different kind of competency and,
in general, fewer skills, thus reducing their value.