Professional Documents
Culture Documents
Week 4 Microsoft Azure
Week 4 Microsoft Azure
Week 4 Microsoft Azure
Microsoft Azure :
Microsoft Azure is a growing collection of integrated cloud services which developers and IT
professionals use to build, deploy and manage applications through a global network of datacenters.
Azure helps to protect assets through a rigorous methodology and focus on security, privacy,
compliance and transparency.
• Prerequisites
A deployment user is required for FTP and local Git deployment to a web app.
az webapp deployment user set --user-name <username> --password <password>
Prepared by Divya B
Configure local Git deployment
App Service supports several ways to deploy content to a web app, such as FTP, local Git, GitHub, Visual
Studio Team Services, and Bitbucket. For this quickstart, you deploy by using local Git. That means you
deploy by using a Git command to push from a local repository to a repository in Azure.
Google Cloud Platform is a set of services that enables developers to build, test and deploy applications
on Google’s reliable infrastructure.
Google manages your application, database and storage servers so you don’t have to.
Managed services
Developer Tools and SDKs
Console and Administration
Virtual machines.
Managed platform.
Blob storage.
Block storage.
NoSQL datastore.
MySQL database.
Big Data analytics.
Google Cloud Platform has all the services your application architecture needs.
Compute
Storage
Services
Prepared by Divya B
Google Cloud Platform Services – from User end!
Consider to migrate your web application to Google Cloud Platform for better performance
using GoogleAppEngine.
Your application should go wherever your users go: Scale your application using
GoogleCloudEndpoints.
Integrate Google’s services into your Application using GoogleAPIs
Prepared by Divya B
WEEK 5
A formal contract between a Service Provider (SP) and a Service Consumer (SC)
Cloud Properties:
Common Infrastructure
Location-independence
– ubiquitous availability meeting performance requirements, with benefits deriving from latency
reduction and user experience enhancement.
Online connectivity
– an enabler of other attributes ensuring service access. Costs and performance impacts of network
architectures can be quantified using.. traditional methods.
• Utility pricing
– usage-sensitive or pay-per-use pricing, with benefits applying in environments with variable demand
levels.
• on-Demand Resources
– scalable, elastic resources provisioned and de-provisioned without delay or costs associated with
change.
Prepared by Divya B
Prepared by Divya B
MapReduce
– Text processing on massively scalable web data stored using BigTable and GFS distributed file system
• Example:
• Used by many different parallel applications which carry out large-scale computation involving
thousands of processors
– Map operation
– Reduce operation
• A configurable number of M ‘mapper’ processors and R ‘reducer’ processors are assigned to work on
the problem
Resources types
Physical resource
Logical resource
Resources Management
The term resource management refers to the operations used to control how capabilities provided by
Cloud resources and services cane be made available to other entities, whether users, applications,
services in an efficient manner.
Prepared by Divya B
Data Center Power Consumption
• Currently it is estimated that servers consume 0.5% of the world’s total electricity usage.
Green Computing
• Power aware
• Thermal aware
Cooling systems
Rack design
VM Management
Minimizing VM Instances
Prepared by Divya B
• Are multi-application oriented, not service oriented.
Resource provisioning
Resource allocation
Resource requirement mapping
Resource adaptation
Resource discovery
Resource brokering
Resource estimation
Resource modeling
• Operating system
• Energy
• Network throughput/bandwidth
• Load balancing mechanisms
• Information security
• Delays
• APIs/(Applications Programming Interfaces)
• Protocols
Prepared by Divya B
Resource provisioning approach
Prepared by Divya B
Resource Mapping Approaches
• Reliability
• Ease of deployment
• QoS
• Delay
• Control overhead
Prepared by Divya B
WEEK 6
CLOUD SECURITY I
Confidentiality
Integrity
Availability
Security Attacks
1. Interruption
2. Interception
3. Modification
4. Fabrication
Classes of Threats
Disclosure : - Snooping
Deception: -Modification, spoofing, repudiation of origin, denial of receipt
Disruption: -Modification
Usurpation: - Modification, spoofing, delay, denial of service
Prepared by Divya B
Goals of Security
Passive attacks
Two types:
Release of message contents:- It may be desirable to prevent the opponent from learning the contents
of the transmission.
Traffic analysis:- The opponent can determine the location and identity of communicating hosts, and
Prepared by Divya B
Active attacks
Involve some modification of the data stream or the creation of a false stream.
Four categories:
Security Services
• Confidentiality (privacy)
• Authentication (who created or sent the data)
• Integrity (has not been altered)
• Non-repudiation (the order is final)
• Access control (prevent misuse of resources)
• Availability (permanence, non-erasure)
Denial of Service Attacks
Virus that deletes files
Role of Security
Types of Attack
• Social engineering/phishing
• Physical break-ins, theft, and curb shopping
• Password attacks
Prepared by Divya B
• Buffer overflows
• Command injection
• Denial of service
• Exploitation of faulty application logic
• Snooping
• Packet manipulation or fabrication
• Backdoors
Network Security...
– Customer-side system administrator manages the same with provider handling platform,
infrastructure security
– Service levels, security, governance, compliance, liability, expectations of the customer & provider
are contractually defined
Security Risks
Prepared by Divya B
Recovery
• “Any offering that does not replicate the data and application infrastructure across multiple sites is
vulnerable to a total failure,” Gartner says. Ask your provider if it has “the ability to do a complete
restoration, and how long it will take.”
• Recovery Point Objective (RPO): The maximum amount of data that will be lost following an
interruption or disaster.
• Recovery Time Objective (RTO): The period of time allowed for recovery i.e., the time that is allowed
to elapse between the disaster and the activation of the secondary site.
Gartner warns. “Cloud services are especially difficult to investigate, because logging and data for
multiple customers may be co-located and may also be spread across an ever-changing set of hosts and
data centers.”
Virtualization
Two types:
– Full virtualization: VMs run on hypervisor that interacts with the hardware
– Para virtualization: VMs interact with the host OS.
Identity Management (IDM) – authenticate users and services based on credentials and characteristics
Similar attacks:
Prepared by Divya B
• Metadata (WSDL) spoofing attacks: Such attack involves malicious reengineering of Web
Services’metadata description
Network Probing
• Open-source tools have been used to probe ports (80 and 443)
• External probe: probe originating from a system outside EC2 and has an EC2 instance as destination
• Internal probe: originates from an EC2 instance, and has destination another EC2 instance
– External name
– Internal IP address
Prepared by Divya B
MIGRATION DECIDER
• Input :
Prepared by Divya B