Cloud computing has leaped ahead as one of the biggest technological advances of the present time. In cloud, users can upload or retrieve their desired data from anywhere in the world at anytime, making this the most important and primary function in cloud computing technology. While this technology reduces the geographical barriers and improves the scalability in the way we compute, keeping data in a Cloud Data Center (CDC) faces numerous challenges from unauthorized users and hackers within the system. Creating proper Service Level Agreements (SLA) and providing high-end storage security is the biggest barrier being developed for better Quality of Service (QoS) and implementation of a safer cloud computing environment for the Cloud Service Users (CSU) as well as for the Cloud Service Providers (CSP). Therefore, cloud applications need to have increased QoS and effective security measures and policies set in place to provide better services and to decline unauthorized access. The purpose of this chapter is to examine the cloud computing technology behind innovative business approaches and establishing SLA in cloud computing applications. This chapter provides a clear understanding of different cloud computing security challenges, risks, attacks, and solutions that exist in the present heterogeneous cloud computing environment. Storage security, different cloud infrastructures, the many advantages, and limitations are also discussed.
TopIntroduction
Cloud computing is an Internet-based computing paradigm (Rohini, 2011), where by shared resources, software and information are provided to computers and other devices which are available to everyone as services (Lombardi & Pietro, 2010). This technology has changed the way of delivering computation in present scenarios. In all manners of businesses from private to governmental, everyone is now relying on the cloud applications in their everyday life. In a broader sense the term Utility Computing becomes more sophisticated in terms of cloud applications. Buyya et al in the literature (Buyya, Pandey, &Vecchiola, 2009) defined cloud computing as Cloud is a market-oriented distributed computing system consisting of a collection of inter-connected and virtualized computers that are dynamically provisioned and presented as one or more unified computing resources based on service-level agreements established through negotiation between the service provider and consumers. From this definition it is clear that cloud computing is a market-oriented business paradigm that is provisioned dynamically to deliver a more flexible business environment to the clients. This technology improves the scalability as well as easy to use for end users who avail themselves of this technology pay only for the particular service they require. Moreover cloud services can be expanded or reduced depending upon the user’s request by adding or removing Virtualized Machines (VM) in the system.
In the cloud, users can access their requested information from a shared resource pool, known as CDC, with minimum computer knowledge and vast computer resources to acquire the data. Users don’t need to know where the data is stored or how this data is being retrieved. They only need pay to the service provider for the services that they are using, based on their SLA (Schmietendorf, Dumke, & Reitz, 2004). Generally this approach is more acceptable for online business scenarios where users and service providers are both able to benefit from the services in a cloud computing environment. SLA is the contract between the vendors (typically the CSP) and the users (typically the CSU) with legal conditions and regulations applies for using the services. One of the major characteristics of SLA is the QoS being delivered to the customers (Chaves, Westphall, & Lamin, 2010) and it should cover a transparent aspect of cost, security, legal requirements for data placement, eco-efficiency and more (Lawrence, Djemame, W¨aldrich, Ziegler, & Zsigri, 2010; Buyya, Ranjan, & Calheiros, 2010). Choosing the correct vendor for a business and taking care of the right agreements is also an important factor for achieving success within the business (Zhu, 2010).
Some important issues of cloud computing can be drawn as follows: (1) large scale computing resources, (2) high scalability and elasticity, (3) shared resource pooling (virtualized and physical resources), (4) dynamic resource scheduling, (5) general purpose, (6) flexibility, etc. Cloud computing is a broader term combining several different types of service offerings. In general it can be distinguished among Software, Platform and Infrastructure as a Service (Qian, Luo, Du, & Guo, 2009; Bleikertz, 2010; Yan, Rong, & Zhao, 2009; Stanoevska-Slabeva & Wozniak, 2010), offered by the CSP. Armbrust et al defined cloud computing as (Stanoevska-Slabeva & Wozniak, 2010):
Cloud Computing refers to both the applications delivered as services over the Internet and the hardware and systems software in the datacenters that provide those services. The services themselves have long been referred to as Software as a Service (SaaS). The datacenter hardware and software is what we will call a Cloud. When a Cloud is made available in a pay-as-you-go manner to the general public, we call it a Public Cloud; the service being sold is Utility Computing. We use the term Private Cloud to refer to internal datacenters of a business or other organization, not made available to the general public. Thus, Cloud Computing is the sum of SaaS and Utility Computing, but does not include Private Clouds. People can be users or providers of SaaS, or users or providers of Utility Computing.