ASSIGNMENT 2 FRONT SHEET

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit 16: Cloud Computing

Submission date Date Received 1st submission

Date Received 2nd

Re-submission Date
submission

Student Name NguyenVan Manh Student ID BHAF200048

Class BPIT17101 Assessor name Le Van Thuan

Student declaration

I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I
understand that making a false declaration is a form of malpractice.

Student’s signature Manh

Grading grid

P5 P6 P7 P8 M3 M4 D2 D3
❒ Summative Feedback: ❒ Resubmission Feedback:

Grade: Assessor Signature: Date:

Signature & Date:
Table of Contents
INTRODUCTION.............................................................................................................................................................. 3
CONTENT........................................................................................................................................................................ 3
I. CONFIGURE A CLOUD COMPUTING PLATFORM WITH A CLOUD SERVICE PROVIDER’S FRAMEWORK. &
IMPLEMENT A CLOUD PLATFORM USING OPEN SOURCE TOOLS.(P5, P6)......................................................................3
1. Create a database server.................................................................................................................................... 4
2. Connect the database to the source code and upload it to github.......................................................................9
3. Deploy website to heroku and run the project.................................................................................................. 15
4. The function of the application......................................................................................................................... 20
II. ANALYSE THE MOST COMMON PROBLEMS WHICH ARISE IN A CLOUD COMPUTING PLATFORM AND DISCUSS
APPROPRIATE SOLUTIONS TO THESE PROBLEMS.(P7)................................................................................................. 25
III. ASSESS THE MOST COMMON SECURITY ISSUES IN CLOUD ENVIRONMENTS.(P8)...............................................30
CONCLUSION................................................................................................................................................................ 31
REFERENCE................................................................................................................................................................... 32

INTRODUCTION
Continuing with the requirement to build a cloud computing system for ATN, I will make a report so that the company

can see more about Cloud Computing if they apply to their operation in real life. sacrifice.
In this report, I will clarify the issues and have the following items:

 A demo sample report can show the implementation functions.

 How to configure, deploy, and test services (Web Applications, Database Servers, Source Code Management,
 Server Logs) using service provider frameworks and open source tools.
 Images for built functions.
 Source code for the application is built.

Besides, there will be annexes to clarify the issues:

 Analysis of the most common problems of cloud computing platform.

 Possible solutions to these problems.
 Analyze the most common security issues in the cloud environment

CONTENT
I. CONFIGURE A CLOUD COMPUTING PLATFORM WITH A CLOUD SERVICE PROVIDER’S FRAMEWORK. & IMPLEMENT
A CLOUD PLATFORM USING OPEN SOURCE TOOLS.(P5, P6)
In order to be able to deploy the application to the cloud platform, we need to select a cloud service provider and
include a cloud service provider. I chose Heroku as a cloud platform to provide application drivers and github as a
data storage service provider, ec2 to do database management service
Below I will show you the steps to take:
1. Create a database server
First we need to visit https://aws.amazon.com/ login and create a server in ec2
then start the newly created server
Use xshell to access the newly started server with the server's ip.
and press ok to proceed to login to the server
Continue I proceed to install MariaDB server and proceed to run the service
the next step is to access the previously installed mariadb service

Create database:

I use WINSCP software to coppy the project’s database file to a machine

Import database from the databae into the newly create database

Next I proceed to create a remote connection to the database

You need to create a Heroku account to be able to use this service. If you already have an account, please log in. If
you do not have one, you must register an account to use the free Heroku service.
2. Connect the database to the source code and upload it to github
You need to create a Github account to use the service at the address: http://github.com/
After logging into Github, you need to create Repository to store the file.
Then I cloned the code to my computer

We proceed to move the code project into the folder we just cloned
The next step is to modify the connect.php file so that the project can connect to the database just created on the
ec2 server:
proceed to save and put the code on github:
3. Deploy website to heroku and run the project
You need to create a Heroku account to be able to use this service. If you already have an account, please log in. If
you do not have one, you must register an account to use the free Heroku service.
After successfully logging into Heroku website, the next step is to create a new App.
connect heroku to github and select Repositories to run
Scroll to the top and open the app to display the website
4. The function of the application
You want to login or want to buy a certain product, the first thing you need to do is register an account
Once you have successfully created an account, you proceed to log in to the website with the account you just
created
Upon successful login, the website will display all products. Users can search for products by typing search
keywords in the search bar
Users can click on each product to view product details
After viewing product details. when customers want to buy goods. Customers just need to enter the quantity and
press the add to button. Then the product will be automatically added to the cart
Source code: https://github.com/ManhCoder1201/manhbtec
App: https://asm2ccthuanlv.herokuapp.com/
Admin account: manh@gmail.com
Password:manh123
User account:1@gmail.com
Password:manh123
II. ANALYSE THE MOST COMMON PROBLEMS WHICH ARISE IN A CLOUD COMPUTING PLATFORM AND DISCUSS
APPROPRIATE SOLUTIONS TO THESE PROBLEMS.(P7)

Problem Solution
Lack of IT capacity  It is necessary to set up a section to investigate the necessary ITrelated factors that the
company needs to supplement.
 There is a high-quality technical department at the facility to be able to solve and assess
immediate issues.
 Improve IT capability from hardware to software as well as individual capacity of each
employee in the company
Investment costs  Properly assess the needs and capabilities of the company to be able to select the
are limited appropriate model to start using. And after gaining profits, continue to evaluate to
expand the model or apply other models in accordance with the current model of
thecompany.
 Calling investors from the beginning and showing them the potential of the project.
Technical barriers  It is necessary to take a team to learn the necessary experience and technical knowledge
in the company.
 There are periodic plans for employees as well as technicians to reinforce, improve and
update new skills and technologies for the development process.
 The first step can be to use full-service packages to minimize the technical requirements
to be able to manage the service (hiring management support or technical support
packages), when it is sufficient. New features converted through the company's
selfcontrol and cloud management.
Safety information  Hire a third party to take care of security and information security.
 But besides, it also needs a permanent department to monitor continuously and can
control the situation arising immediately, minimizing errors or serious errors to the
system.
Capital to  The plan should have a forecast of the capital needed and should have an excess of
modernize the capital to ensure that problems arising from budget issues can be addressed.
business process  Divide the entire plan into a continuous year plan to minimize the budget.
 In addition, there should be a plan to carry out the upgrade, maintenance, or
 replacement of damaged or obsolete parts periodically.
Flexibility and  A suitable deployment model is needed to support future flexibility and scalability
scalability of (recommendation: Hybrid Cloud).
resources  The company needs to be proactive and ready to expand and enhance its flexibility from
planning to factors such as employees, systems, hardware, ...
Policy issues  The policies of storage and manual data processing will have a lot of difference compared
to the application of Cloud Computing. Therefore, it is also necessary for the company to
make changes or replace policy provisions to meet and match the requirements and
current situation of the company
Transmission  Transmission is an important issue when using Cloud Computing, so invest heavily to use
problems a high-quality, stable and high-speed transmission to meet the demand. Real-time nature
of aggregate reporting tables as well as data.
 And there is a need to have preventive measures because they can always access the
Internet (user).
Business  Enterprises need to have proper awareness about Cloud Computing to be able to get
awareness assessments and make future implementation plans that are right and bring the highest
profit for the company.
IT staff skills  Supplementing knowledge and assisting employees to acquire knowledge and skills to use
new technology. Implement open IT support courses in employees.
 Add the requirement of recruiting necessary IT skills when applying to reduce retraining
time from scratch.
 There is a standing support department to be able to timely help with problems that arise
or cannot be processed to ensure the current progress and carry out the following.
Depends on the  As for transmission issues, Cloud Computing relies heavily on the Internet. Therefore, it is
Internet necessary to have a good internet connection system and the devices connected to the
cloud need alternative methods to connect to the internet such as wifi, direct cable, 3G,
4G, ...
 And besides, it is necessary to pre-check the internet connection problem first because it
is not always possible to access the internet or have phone waves to access 3G, 4G (for
example, in high mountains or in lost areas wave).
Security  Effective measures are needed in the security of the system.
 Signing cooperation with third parties to take care of security issues.
 Use services from reputable providers and high security capabilities.
 There is a team of experts to perform the management and handling of security-related
issues.
Privacy  There is a need for authorization to access (private or confidential information only
accounts with access to newly established features).
 Compliance with the signed and approved privacy elements in the required agreements
and service use is required.
 Comply with legal regulations on privacy and privacy protection of companies and
customers.
Reliability  Use services from reputable suppliers.
 Always comply with agreements and service requirements as well as comply with legal
regulations.
 Build credibility in the process of operation and development.
Legal issue  There will be different regulations in each country, so before applying it, you should
understand the law at the place where you intend to proceed and make reasonable
changes in the agreements and requests to use the service.
 There are required agreements and use of services with partner
Enforcement  Need to ensure technology and applications can be appropriate and enforceable in the
environment of their business by surveying methods and making appropriate choices.
Freedom  The control of data storage infrastructure should be delegated to ensure the integrity of
the data.
 Allow freedom to perform actions that each account has been decentralized and will be
responsible for each of those actions.
Long-term viability  Need to have a long-term development plan of Cloud Computing in the operation of the
company (financial planning, construction, consolidation, development, system updates,
cloud, ...)
Suitability of the  Consider the needs and capabilities of the company to make the right choice on the
platform platform to invest (public cloud, private cloud, hybrid cloud, community cloud).
Hacking  Hire DDoS protection tools.
 Sign contracts with service providers that have a high level of security and reputation in
securing their security and their ability to protect their systems.
 There must always be a department capable of handling situations involving hackers.
 Need to regularly and have investors to update and enhance the security and self-
protection of the system and apply new technologies to improve the system more.
Lost data  Sign a contract with a reputable service provider.
There are back up servers to store important information.
 Regularly back up information.
 Regularly check the hardware system, grid, network, ... of servers (if Private Cloud) to
avoid failure or physical errors leading to data confidentiality
Real-time control  Use stable and high-speed network system.
 Updating data continuously.
 Use useful technologies to speed up data management and aggregation.
 Use a service with real-time support from distributors.
Cloud management  Using a tool that supports common and useful cloud management, while ensuring
security and security to support cloud management (Apache CloudStack, OpenStack,
Microsoft Azure Cost Management).
 Collaborate with 3rd parties to support and undertake cloud management
Move data  Prepare step by step strategies (discover-design-build-testimplementation-audit)
Current, reliable  Check modernity and functions of technology.
technology  Testing and checking errors can appear and implement demo with small-scale projects in
a certain time.
 Need to select reputable partners and long-standing traditions in Cloud Coputing array
such as AWS or Google Cloud, ... to cooperate.
 Evaluate the efficiency and relevance of the current needs and capabilities of the
stakeholders (company resources, users, ...).
Service provider's  Read carefully SLA (service level agreement).
request  Read carefully the terms of use and requirements from the service provider.
 Detailed requests should be made to and provided and a review of their ability to
 respond and test of their ability to meet the requirements of the service provider.
 There is clarity about the requirements in the contract table and a thorough check before
signing.
Different in  A survey of customs at the place where it is expected to be conducted (preferably a
customs native speaker for reference).
 Conduct field surveys before implementing.
 After the survey, it is necessary to conduct an assessment and review to change some
details to suit the local customs (sometimes climate, weather and intellectual levels can
also affect the this element).
Viewing rights and  Use an automated system to constantly review and destroy possible viruses and have a
confidentialit y of department to handle, check and handle situations.
data  Clear permissions for each type of account (regular accounts cannot access documents
with high security, only the director's account can be viewed).

III. ASSESS THE MOST COMMON SECURITY ISSUES IN CLOUD ENVIRONMENTS.(P8)

Here are some common security issues in Cloud field and measures to solve and prevent that I have
synthesized.

Security issues Solve the issues

Shared cloud  Know and control who can access documents in the cloud.
service  Need for users (the company and the cloud users) know the risk of sharing records so
that they are more careful in deciding to share the file in the cloud.
 Regularly update the operating system as well as application software compatible with
the most suitable and latest versions possible.
 Combining operational models instead of individual models increases flexibility and
alternative uses to avoid stagnation in operation.
 Clearly assign and save important data in a private cloud or use Private Cloud to store
those important data
Distributed -Denial-  rivate Cloud to store those important data. Distributed -Denial-ofService Attacks (DDoS)
ofService Attacks  Enhance the combination of operational model frameworks.
(DDoS)  Prepare your spirit and tools (both hardware and software) to combat DDoS.
 Purchase more data transmission.
 Ensure the initial security and security of your server is the best possible.
 There is a human resources department and is available for DDoS retrospectives.
 Send the history as well as the methods of attack that have occurred to the department
or company that has the function and take care of the analysis and processing, to create
an effective prevention and protection plan.
Data loss or 
incomplete data  Information security according to circle method.
backup  Copy periodically and have a copy log. This gives us the ability to recover information at a
time.
 Need to constantly check the backup and have a backup plan for losing data.
 Setting out the circumstances may lead to data loss and a preventive plan.
 There is a team that can quickly process and recover data if a problem occurs that
minimizes the loss of data and its harmful effects.
Swindle  Using the two-factor authentication method (there are alternatives to connecting
external verification most of the contributions support SAML-based authentication
conventions).

Sifting spam  There is an automatic filtering system as well as preventing spam receiving.
 Regularly filter spam of the system.
 Limit suspicious connections from strange objects or accounts.
Employee's
negligence  Check carefully messages or attachments when there are suspicious signs such as strange
characters, strange links, unusually large data, ...
 Limit sharing personal security information through means such as phone, email, ...
 Check the location of the sender and reply to the email to confirm the identity and
reputation of the interacting person.
 Improve the security of secret phrases with uppercase, lowercase letters, special
 characters, ...
 Reinforcement of regular and regular operation models.
 Use SIEM device to distinguish and alarm when USB drives are linked to the server.
 Use endpoint coverage to track, identify and destroy threats from the server.
Take over control  An effective security system is needed.
 Need a permanent team is to constantly monitor and check the system.

CONCLUSION
After the report I clarified the problem:

 A demo sample report can show the implementation functions.

 How to configure, deploy, and test services (Web Applications, Database Servers, Source Code Management, Server
Logs) using service provider frameworks and open source tools.
 Images for built functions.
 Source code for the application is built.

Besides, there will be annexes to clarify the issues:

 Analysis of the most common problems of cloud computing platform.

 Possible solutions to these problems.
 Analyze the most common security issues in the cloud environment.
 Discuss how to fix these problems

REFERENCE