Chapter-2: Cloud Computing

Architectures
2.1 Introduction
The elements and sub-elements needed for cloud computing represent the cloud
computing architecture. These elements are front-end platform, back-end
platform, cloud based delivery and a network. It consists of cloud services,
middleware, software components, resources, their geo-location and their
attributes. Organizations deploying cloud must take of all these issues. Cloud
architecture consists of a front-end (client-side) and a back-end (cloud
section). Front-end refers to the client devices that the user is using to access
the cloud computing system. Different interfaces exist for different applications.
For instance, e-mail is a web service that uses existing web browsers like
Google Chrome, Firefox, Mozilla etc. On the other hand, back-end involves the
cloud itself. It consists of servers, computers and data storage systems that are
used by the users. Every application has its own server for services. A central
server is established. The server follows some rules called as protocols. It uses a
special type of software, called as middleware, to communicate with the users
who are connected to the cloud server.

2.2 Components of Clouds---Reference Logical Model

The cloud computing reference model will establish a standardized process for
modelling clouds. The Cloud Computing Reference Model (CCRM) consists of
four supporting models as follows:-

a) Cloud Enablement Model: This is the core model of CCRM. It explains

the fundamental technology tiers of cloud computing capabilities
provided by the cloud platform and cloud service providers to potential
consumers of cloud-enabled technology.
b) Cloud Deployment Model: It describes the range of cloud deployment
scenarios available to your enterprise—internal/private cloud,
external/public cloud, hybrid/integrated cloud and community or vertical
cloud. These deployment scenarios may be mixed and matched.
c) Cloud Governance and Operations Model: It describes the governance,
security operations, support, management and monitoring requirements

1|Page
 for cloud computing to ensure that you have considered all of the
potential operational risks of adopting cloud for your organization.
d) Cloud Ecosystem Model: It considers the requirements of developing
and sustaining a cloud ecosystem comprised of cloud providers, cloud
consumers and cloud intermediaries, as well as the cloud network and
“cloud dial tone” necessary to ensure that the cloud is always there for
you. The cloud ecosystem also includes the various cloud enablement
technologies and cloud providers and consumers of those cloud enabled
technologies that comprise the cloud ecosystem.

The cloud computing reference model is drawn in figure 2.1.

Private cloud
Cloud business tier

Community cloud Cloud platform tier hybrid cloud

Cloud OS tier

Cloud virtualization tier

Public cloud

Figure 2.1: Cloud Computing Reference Model

The main components of CCRF are as follows:-

1. Cloud Enablement Model:

 Cloud virtualization tier.
 Cloud operating system tier.
 Cloud platform tier.
 Cloud business tier.
2. Cloud Deployment Model:
 Internal/ private cloud.
 External/ public cloud.
 Hybrid/integrated cloud.
 Community/ vertical/ shared by community of interest stakeholders.
3. Cloud Governance and Operations Model:
 Governance, culture and behaviour.
 Security and privacy.
 Management and monitoring.
 Operations and support.
4. Cloud Ecosystem Model:

2|Page
  Cloud network/ dial tone.
 Cloud ecosystem enablement.
 Cloud consumers and cloud providers.
 Cloud physical access, integration and distribution.

Logical architecture foundation

Logical architecture of cloud needs firstly the decomposition of the layers of cloud
architecture. NIST has provided with cloud reference architecture. According to NIST, it is a
high-level model consisting of three tiers of cloud capabilities “as-a-service”. NIST specifies
that there are three categories of cloud:- Infrastructure, Platform and Software—all” as a
“service” architecture. The following figure 2.2 shows NIST architecture-

Cloud Clients

(eg. Browsers, devices)

Cloud application cloud services

(eg. SaaS) (eg. Web services)

Cloud Platform cloud storage (e.g

App Server) (eg. Database)

Cloud Infrastructure

(eg. Physical/ virtual hardware)

Figure 2.2: six-tier Logical Cloud Stack

Figure 2.2, explicitly defines and identifies the “cloud services”.

From figure 2.1 and 2.2, it is easier to explain different tiers of cloud:-

1. Cloud Physical Tier: It provides the physical computing, storage,

network and security resources that are virtualized and cloud enabled to
support cloud requirements. Please understand that this physical tier
provides the substrate on which cloud virtualization technologies and
cloud operating systems platforms build to enable higher order cloud
patterns to be realized.

3|Page
 2. Cloud Virtualization Tier: It provides core physical hardware
virtualization and provides a potentially useful foundation for cloud
computing.
3. Cloud Operating System Tier: It provides the cloud computing “fabric”
as well as application virtualization, core cloud provisioning, metering,
billing load balancing, workflow and related functionality typical of cloud
platforms. This tier is represented by a wide variety of new cloud
platforms and cloud enablement technologies.
4. Cloud Platform Tier: It provides technical solutions, application and
messaging middleware, application servers etc. that compromise cloud
and/or application platforms as well as pre-integrated cloud and
application platforms themselves, offered via PaaS delivery models.
5. Cloud Business Tier: It comprises the business or mission exploitation
of cloud enabled business applications, software, data, content,
knowledge and associated analysis frameworks and other cloud
consumption models that facilitate and enable end user business value
from cloud consumer’s ability to access, bind and consume cloud
capabilities.

CCRM follows some rules and guidelines-

1. Cloud tiers enable higher-level tiers.

2. Each cloud tier, working from the bottom up in the CCRM enables the
cloud tier above it.
3. These tiers build upon one another but yet are independent.
4. Cloud tiers are individually atomic and individually accessible.
5. Cloud consumers can access and consume cloud-enabled resources
directly from any of these tiers, independent of the others via cloud API
and a portal or self-service user interface of some fashion.
6. The cloud enablement tiers help to organize various classes of cloud-
enabled resources into the CCRM.
7. Please note that the cloud consumers do not directly these ‘tiers’
directly but rather use cloud –enabled resources.
8. Each cloud tier must have the necessary cloud network/dial tone and
cloud ecosystem enablement capabilities in order to be discoverable,
provisionable and consumable as a service via the cloud.
9. Cloud providers and consumers must be able to find one another,
communicate and negotiate and then engage by establishing business and

4|Page
 technical relationships via a service contract and better technical
interfaces to cloud capabilities, with clear SLAs and QoS.

2.3 Types of Clouds

Users control cloud computing using networked client devices, such as PCs,
laptops, tablets and smart-phones. Three types of cloud are defined in
literature and are as follows:-

1. Private Cloud: It is a cloud infrastructure operated solely for a single

organization either managed internally or by a third-party or hosted
internally or externally. Self-run data centres are generally capital
intensive. They have a significant footprint, requiring allocations of
space, hardware and environmental controls. These assets have to be
refreshed periodically, resulting in additional capital expenditures.

2. Public Clouds: A cloud is said to be public when the services are

rendered over a network that is open for public use. Technically
speaking, there may be no or little difference between public and private
cloud architecture but security may be different for services that are made
available by a service provider for a public audience and when
communication is effected over a non-trusted network. In general, public
cloud service providers like Amazon AWS, Microsoft and Google own
and operate the infrastructure and offer access only via Internet i.e. no
direct connectivity is offered.

3. Hybrid Cloud: It is a composition of two or more clouds (private, public

or community) that remain distinct entities but are bound together,
offering the benefits of multiple deployment models. Please note that
hybrid can also mean the ability to connect collocation, managed
and/or dedicated services with cloud resources. Different use cases for
hybrid cloud composition exist.

Example 1, an organization may store sensitive client data in-house on a

private cloud application but interconnect that application to a billing
application provided on a public cloud as a service. Thus, here hybrid
cloud extends the capabilities of the enterprise to deliver a specific
business service through the addition of externally available public cloud
services.
5|Page
 Example 2, when organization use public cloud computing resources to
meet temporary capacity needs that cannot be met by the private cloud.
This capability enables hybrid clouds to employ cloud bursting for
scaling across clouds. Please note that cloud bursting is an application
deployment model in which an application runs in a private cloud or
data centre and “bursts” to a public cloud when demand for
computing capacity increases. Also note that the primary advantage
of cloud bursting and a hybrid cloud model is that an organization
only pays for extra compute resources when they are needed.

2.4 Cloud DBMS (CDBMS)—CLUSTERING AND REPLICATION

Cloud Database Management System (CDBMS) is defined as a distributed

database which provides computing as a service but not a product. The
challenge is to manage persistent data. The challenge is bigger now as the
database server existing in the cloud is less reliable (can fail easily). When this
happens then files related to DBMS may also corrupt. However, please note
that it is easy to recover the server from a failure in a virtualized
environment as compared to the physical environment. This is so because
the database administrator can simply replace with anew instance from the
database machine image. Two techniques may be used here:-

a) Clustering.
b) Replication.

Let us define these now.

Clustering: A technique in which multiple (many) database servers will

work together as a single logical database server in a clustered database
environment. It is very complex and costlier too. The need is of an expert
DBA-DATABASE ADMINISTRATOR. The advantage is that the database
clients do not know if some node fails and they continue operating. It
depends on the clusters. Note that more is the complexity of clustering,
more are the points of failure. Even if we do dynamic assignment of IP
addresses within a cloud, new issues do arise.

Replication: A technique in which the database is replicated and it

contains a main server known as database master. It is an alternative to
clustering technique. A single database server known as database master

6|Page
 replicates the data to one or more database slaves. The client applications
perform write transactions to the database master. The transactions which
become successful are then reflected to the database servers. The advantage
now is that it is easy to implement replication and that it does not need large
number of servers too. But clustering is more reliable than replication
method. This is so because in replication method if the master-database fails
then slave –database cannot work till master recovers from failure. This is
not the case during clustering.

2.5 Service Models

Three types of cloud computing services exist in industry. The term services
means to reuse components (every resource) across a provider’s network. In
SaaS, the software is available for service. It implies that you can use the
software but do not own it. In PaaS, the developer is the owner of application
and data. In IaaS, the administrator chooses and manages from the OS onwards
activities but has no control over the machines. In nutshell,

 Software is available for service (in SaaS)---use me (software but don’t

own it).
 Platform is available for service (in PaaS)--- use me (platform) to develop
web applications.
 Hardware and software is available for service (in IaaS)--- use me
(hardware and software) as VM.

Let us study these one by one in detail now.

2.5.1 SaaS (Software-as-a-Service)/Application-as-a-

Service(AaaS)
Application-as-a-Service (AaaS) or SaaS is defined as a software model in
which both the application and the relevant data is hosted on cloud by
independent developers that enables a user to access the software as and
when required from any location.

For example, e-mail sites, social media sites etc.

Even Microsoft Business Productivity Online Suite (BPOS) and CRM Online
are some examples of SaaS.

7|Page
SaaS is a software delivery business model in which a provider or 3rd party hosts
an application and makes it available to customers on a subscription basis. SaaS
customers use the software running on the provider’s infrastructure on a pay-as-
you-go basis. Customers do not have to commit for any long-term

contracts. Depending on the contract, customers can quit using the software at
any time. Please understand that in SaaS, the underlying infrastructure and
the software configuration are invisible to the users. So, the users have to
settle for the functionality that is provided. Also note that SaaS, uses a highly
multi-tenant architecture and user contexts are separated from one
another logically at both run-time and rest. Collaboration applications that
solve the same problem across many enterprises have been very successful in
SaaS arena. Just remember that as the hardware and software
configuration is transparent to the end-users so there is minimal if any
need for IT pro involvement. Even some SaaS applications can be customized
by the end-users. The point is that SaaS empowers business units to bypass IT
procurement processes. Enterprise architecture teams need to realize this and
teach these business units about the importance of governance. Also they should
design new governance processes or modify the existing ones to accommodate
SaaS.

Please remember the following points regarding SaaS/ AaaS:-

1. The customers rent software that is hosted by the vendor like Microsoft,
Amazon etc.
2. Internet connection is a must here.
3. It is analogous to our ASPs i.e. Application Service Providers, wherein
a provider hosts available applications/ software for the users and delivers
those over the web. Yet there are some differences between these two
(table 2.1). Let us tabulate these differences now.
ASP SaaS
1. ASP applications are usually 1. It is a multi-tenant, application
single-tenant with client-server hosted by the application
architecture hosted by a 3rd party developer, with regular updates
with HTML as a front-end. directly from the developer.
2. It may be a non-virtualized 2. It is shared. Virtualized servers,
environment with direct storage network and storage systems are
capability. the main constituents of its
resource pool.
3. It is not build to be web-based and 3. It is built to be web-based and
on Internet. used over public Internet.

8|Page
 Table 2.1: Compares ASP and SaaS

4. All customers can use the same software version.

5. Global accessibility and easier administration are some of its benefits.
6. Tasks like software deployment, software maintenance (changes), cloud
software testing, patching etc. will be all managed by the provider.
7. In nutshell, SaaS is what a provider hosts as software (service) that is
centrally located and that it can be made easily available to the customers
via Internet on pay-per-use basis.
8. So, commercial software is accessible through web.
9. APIs i.e. Application Programming Interfaces allow for integration
between different pieces of software.
10. Security is a serious issue here as the entire data is available in cloud.
11. Slow switching between different SaaS vendors.
12.Time critical applications i.e. applications that demand response time in
milliseconds, are not benefitted by SaaS.
13. Multi-tenancy means sharing of the resources by many users. SaaS has
two modes—simple multi-tenancy and fine-grained multi-tenancy. In
simple multi-tenancy case, every user will have their own resources that
are different from other users. On the other hand, in fine-grained multi-
tenancy all resources get shared except customer-related data.
14.Web applications like blogs, social networks, web content management
and WIKI services are all applications of SaaS only.
15.Enterprise services like desktop software, workflow management, supply
chain management, CRM etc. are all applications of SaaS only.
16.Clients are very much interested in moving their applications to SaaS
platforms as they can reduce the monitoring of many servers.
17. In SaaS cloud, the vendor supplies the hardware infrastructure, software
and applications. The customer interacts with the application through a
portal.
18. Some SaaS providers include MS LiveCRM, MS AZURE, Google Apps,
Trend Micro, Symantec and Zoho.
19. Cloud application has a global scope while SaaS has more of
centralized hosting platform.
20. SaaS is like “thin apps” in which client machines need only a web
browser with some sort of plug-in to provide additional functionality.

9|Page
 21.Applications reside on top of the stack cloud. Services are provided by
this layer. These services can be accessed by the end users through web
portals. Conventional applications like MS WORD, MS EXCEL etc. are
being accessed as a service in the web today.
22. Salesforce.com relies on SaaS model only. It offers business productivity
applications that reside fully on their servers. So, customers can
customize as per their needs now.

2.5.2 PaaS (Platform-as-a-Service)

In this model, the developer creates software using tools and other utilities of a
cloud provider. For example, websites designed, developed and hosted on
cloud. PaaS fills the needs of those who want to build and run custom
applications as services. These could be ISVs, value-added service providers,
enterprise IT shops etc. PaaS offers hosted application servers that have near-
finite scalability owing to their reliance on large resource pools. PaaS also
offers necessary supporting services like storage, security, integration,
infrastructure and development tools for a complete platform. A service
provider offers a pre-configured, virtualized application server environment to
which applications can be deployed by the development staff. Since the service
providers manage the hardware (patching, upgrades etc.), as well as application
server uptime, so the involvement of IT professionals is minimized. Please
understand that PaaS is suitable for brand-new applications, as legacy
applications often require extensive refactoring to comply with sandbox
rules.

Consider the case study of Accu Weather company. This company provides
weather forecasts. In needed better solutions to handle more than 4 billion daily
data requests. To increase scalability, the company began delivering content
from the cloud on Windows Azure platform. As a result the company could
bring down-time required for development and proofs of concept without
worrying about provisional infrastructure. It also gained on-demand scalability,
improved access to real-time weather data and cut IT costs by up to 40%. The
Vice President of this company quoted that “With MS AZURE we gained
velocity because we can be innovative without worrying abot complex
infrastructure. A proof of concept that might have taken three months to execute
now takes three days.”

Also note the following points regarding PaaS as a service:-

10 | P a g e
 1. It provides hardware, OS, storage and network capacity on pay-per-
use basis via Internet only.
2. It provides services for application development and deployment.
3. It allows users to create web applications rapidly. There is no overhead of
cost and complexity of buying and hardware /software management.
4. It is used to build multi-tenant applications i.e. the services that can be
accessed by multiple users simultaneously.
5. The applications can be deployed on cloud using tools and different
programming languages supported by a particular provider. Web
developer will simply write the code by using PaaS services. It is the job
of PaaS provider to upload that code and make it online available through
Internet.
6. More security as customer environments are separated from each other.
7. Internet connection is a must.
8. Google App Engine(GAE), LongJump, Force.com, WaveMaker, MS
AZURE, cloudbees are some of the PaaS providers.
9. The main aim of GAE is to run the user’s web application efficiently. It
maintains Java-Runtime-Environments (JRE) and python on the
application servers. It includes simple APIs to access Google services.
Now applications are able to integrate data services and other GAE
services like e-mail, image storages etc.
10. MS AZURE offers a service named as SQL AZURE that stores data in
the cloud.
11. When you are looking for a PaaS provider, the basic goal should be
reduced time-to-market and not the cost savings. Other factors like high
availability, security and scalability are also vital for developers and
cloud testers.
12. A good PaaS environment should support caching for cloud resources as
it increases performance. This needs APIs to put an object or a resource
in the cache.
13. PaaS environment must have a browser-based development studio with
an IDE for development, test and debugging of applications.
14. It must support very secure and on-demand collaboration throughout the
SDLC.
15. Hadoop software that enables applications to work easily with thousands
of nodes and peta-bytes of data and is based on Java. PaaS must be able
to monitor such operations.

11 | P a g e
2.5.3 IaaS (Infrastructure-as-a-Service)/ HaaS (Hardware-as-a-
Service)
IaaS is a model in which cloud provides both hardware and software.

For example, is like creation of Virtual Machines (VM) on cloud infrastructure.

With VM one can launch Windows Server, MS SQL Server, Oracle, MangoDB,
Sharepoint Server and Linux in minutes and then scale up from 1 to 1000s of
VM instances. VMs can be used on-demand, to get a scalable compute
infrastructure when you need flexible resources. It is also possible to create
VMs that run Windows, Linux and enterprise applications or capture your own
images to create custom VMs. IaaS is analogous to traditional hosting where a
business will use the hosted environment as a logical extension of the on-
premises data centre. Please note that the servers (physical and virtual) are
rented on an as-needed basis and the IT professionals who manage the
infrastructure have a full control of the software configuration. Also note
that some providers may even allow flexibility in hardware configuration
which makes the service more expensive when compared to an equivalent
PaaS offering. The development staff will build, test and deploy applications
with full awareness of the hardware and software configuration of the servers.

For instance, customers like WEBZEB, TELENOR, Avanade, Toyata etc. are
using VM over MS AZURE platform.

Case study on Telenor

Using MS AZURE based VMs, Telenor company has dramatically reduced the
cost needed for test, development and demo environments, reduced the time to
make the environments available to the project and saved on long-term
investment in hardware that would have only be used in the short term.

Case study on Toyota

Toyota is a company that has 16 websites that deliver more than 100 million
page views per month. To enhance site content, increase scalability and reduce
the cost of ownership, Toyota is rebuilding the site using the MS AZURE cloud
development environment.

12 | P a g e
In nutshell, please remember the following points regarding Iaas/HaaS:-

1. It is a virtual provider of computing resources like hardware, storage

services, devices, networking, OS, virtualization technology etc.
2. This service provider owns the required equipment and is responsible for
configuring, running and maintaining it.
3. It is defined as a process of making available the cloud computing
infrastructure resources i.e. servers, storage, network and Oss as an
on-demand service. Rather than purchasing servers, software, data
centre space or network items, clients instead buy those resources as a
fully outsourced service on demand.
4. Amazon Web Services (AWS) is an IaaS provider.
5. IaaS can be considered as a basic template for other services of cloud like
SaaS and PaaS.
6. IaaS provider will act promptly if the need is to scale-up or down and this
is known as auto-scaling.
7. It provides Elastic Load Balancing that auto-distributes the incoming
traffic related to an application to different instances of virtual
computers. So, elasticity is also possible.
8. It is platform independent service.
9. It charges only for the resources that are used.
10. It also supports multi-tenant architecture that represents several users
who can work on a single piece of hardware.
11. Scaling of resources can be done as per requirement.
12. Its scalability is therefore flexible.
13. No need of hardware administration and maintenance.
14. Location independence is another feature as users can access the service
from anywhere but with an Internet connection.
15. As cloud hosts are redundant, so if one network or server fails then
there is no effect on data centres due to multiple hardware resources. In
worst case, if the entire data centre fails then there would be secondary
and tertiary data centres for smooth functioning.
16. Lesser risk on ROI-Return On Investment.
17. IaaS is of two types:-
a) Computation as a service: Here, VM servers are charged per hour. It
depends on the VM capacity like RAM size and CPU, OS, features of
that VM.

13 | P a g e
 b) Data as a service: Herein, there is no restriction on storage space to
store the data related to the user. Charging is done on per GByte basis
for data transfer.
18. InstaCompute is an example of IaaS provider by Tata communications
that is cost-effective, flexible and reliable. It offers variable computing
power needed to meet different business needs as per requirements. It
allows removal of virtual servers, metered internet connectivity, storage
capacity and dynamic additions. It is secure, uses pay-per-use model and
assures service levels as per business requirements.
19. Even IaaS clouds can be of three types like private IaaS cloud, public
IaaS cloud, hybrid IaaS cloud.
20. Companies like Amazon EC2, Bluelock and GoGrid offer IaaS.
Amazon EC2 is a web service that offers dynamic scaling of computing
capacity in the cloud. Bluelock offers cloud services supported by
VMware cloud data centre services. These data cenres are very much
secured and also SAS-70 type-II certified. GoGrid offers customers with
a user-friendly web service interface.
21. IaaS provider offers template OS images for the virtual servers.
22. They also have APIs i.e. Application Programming Interfaces to add,
start, stop, access, configure and delete the virtual host machine and
storage.
2.6 Deployment Models

Three types of clouds are there- public, private and hybrid clouds. But
several other clouds also do exits and are discussed in this section.

2.6.1 Public Cloud/ External Cloud

A cloud is said to be public/external when the services are rendered over a
network that is open for public use. Technically speaking, there may be no
or little difference between public and private cloud architecture but security
may be different for services that are made available by a service provider for a
public audience and when communication is effected over a non-trusted
network. In general, public cloud service providers like Amazon AWS,
Microsoft and Google own and operate the infrastructure and offer access only
via Internet i.e. no direct connectivity is offered.

14 | P a g e
In general, it offers services over the Internet and are owned and operated by a
cloud provider. For example, email services, social networking sites etc. are all
aimed at general public. Please remember the following points regarding
public clouds (or external clouds):-

1. It offers services to the users on the principle of pay-by-use (explained

earlier).
2. They are run by third parties as they need a huge investment to build.
3. In this model, applications from different customers are mixed together
on storage systems, cloud servers and other infrastructures within the
cloud.
4. The customers can choose a location to deploy the application. This
mitigates latency, risks, time and costs for the users.
5. Data control and security are important tasks here.
6. Public cloud is always larger than an organization’s private cloud as it
provides the ability to scale-up, down and to transfer the risks of an
infrastructure from an organization to the cloud provider.
7. It is a better choice if the standardized workload for application is used by
several people, or you need to test and develop application code or if you
have SaaS applications from cloud vendor. Also it may be a choice if you
need incremental capacity i.e. to add compute capacity at peak times or if
you are using collaboration projects or even if you are doing an adhoc
software development.
8. In this type of cloud, the service providers charge the companies
according to their usage.
9. Please understand that here resources are owned or hosted by the
cloud service providers (company) and the services are sold to other
companies. This is shown in figure 2.3.

15 | P a g e
 Public
Cloud

Cloud Services like

Paas, IaaS or SaaS)

company-1

Company-2

Company-3
Figure 2.3: Public Cloud

10.No direct connectivity is provided by public cloud service providers like

Amazon AWS, MS and Google.

16 | P a g e
2.6.2 Private Cloud
Just as public cloud can be thought of as Internet, similarly private cloud can
be thought of as the intranet. Please remember the following points
regarding private or internal clouds:-

1. Private cloud or internal cloud is used when the data centre of the cloud is
to be operated for a specific business only.
2. It serves client with maximum security, quality of service and data
control.
3. The infrastructure is owned by the company and it has power over how
applications are deployed on it.
4. Now, with private clouds, the IT infrastructure of organizations can be
merged. This mitigates the electricity bills too.
5. They are limited to the organizational boundary.
6. They can be set up from MS, IBM, VMware, Eucalyptus, OpenStack etc.
7. It is to be used when security of your organization is of paramount
importance.
8. Your company has that much potential, in terms of money, that it can run
even a next generation cloud data centre most efficiently and effectively.
9. The cloud computing infrastructure that is designed for a single company
only cannot be shared with other organizations.
10. They are more costly and secure too.
11. The main objective of private cloud is not to sell the cloud services to
the external organizations but to take benefit of the cloud architecture by
denying the rights to manage your own data centre.
12. Private clouds are virtual distributed systems that depend on private
infrastructure only.
13. It provides internal users with dynamic provisioning of computing
resources.
14. So, security concerns are less critical here.
15. Testing a private cloud is cheaper than testing a public cloud.
16. But the problem is that private clouds cannot scale out easily in case of
heavy (peak) demands. That is,

17 | P a g e
 Public
Cloud

Company-1 Company-2
Figure 2.4: Private Clouds

To cope with all these problems, the only solution is to combine

both public and private clouds to get a hybrid cloud.
But before we discuss further about hybrid clouds, let us
tabulate the differences between public and private clouds first.
Public Cloud Private Cloud
1. Its owner is the cloud provider or 3rd 1. Its owner is an organization only.
party.
2. It involves lesser costs. 2. It involves more costs.
3. Scalability is on demand and 3. Scalability is limited to the
unlimited. infrastructure installed.
4. Lesser security. 4. More security.
5. Testing it is difficult as everything 5. Testing them is easier as it is a
is public. private cloud.
6. Performance is difficult to obtain. 6. Its performance is guaranteed.
7. Less management and control is 7. More management and control is
needed as it works on the concept of needed as it has a higher level of
virtualization. control over resources.

Table-2: Differences between Public and Private Clouds

18 | P a g e
It is a cloud infrastructure operated solely for a single organization either
managed internally or by a third-party or hosted internally or externally. Self-
run data centres are generally capital intensive. They have a significant
footprint, requiring allocations of space, hardware and environmental controls.
These assets have to be refreshed periodically, resulting in additional capital
expenditures.

2.6.3 Hybrid Cloud

The focus was to make cloud more secure and yet to provide the same services
and resource sharing. Then cloud infrastructures naturally evolved to what is
known as hybrid cloud. Hybrid/mixed clouds can be explained with the help of
an equation also:-

Hybrid Cloud = Public Cloud + Private Cloud

This means that now you can take the benefits of both internal network storage
as well as public data cloud that can be accessed from anywhere in the world
using Internet. Using broadband services along with the cloud the companies
can connect to larger networks to make use of available resources. There is no
need of a huge computer now to handle complex tasks like database indexing.
Please remember the following points regarding hybrid clouds:-

1. Better scalability and reliability as it allows companies to move from

public to private clouds.
2. Better sharing of resources on demand.
3. It is an approach of extending the infrastructure beyond the organizational
firewall with more security.
4. More important applications are stored on hybrid but lesser important
applications and data are stored on a public cloud.
5. An example of hybrid usage is like a patient’s record or some financial
matters that cannot be put on public cloud servers as it is sensitive
information. They can make use of hybrid clouds.
6. This type of cloud is used during cloud bursting. In this case, an
organization generally uses its own computing infrastructure but in case
of higher load requirements, the company can access clouds. Please
understand that this means that the company using hybrid cloud can
manage an internal cloud/ private cloud for its general usage and it
can migrate the entire application to the public cloud during heavy
peak hours.
19 | P a g e
 7. This can be shown diagrammatically also as in figure-4.

Public
Cloud

Migrated
Application

Private
cloud

Company-1 Company-2

Cloud Services (Paas, Iaas, SaaS)

Figure 2.5: Hybrid Clouds

8. The purpose is to lease public cloud services when private cloud capacity
is not sufficient.

20 | P a g e
 9. B. Sotomayor et al. quotes that “a hybrid cloud takes shape when a
private cloud is supplemented with computing capacity from public
clouds. And this method of temporarily renting a capacity to handle
spikes in load is known as cloud bursting.”
10.We can combine either private cloud with public cloud or even public
with the community clouds.
11.Let us now compare public cloud and community clouds:-

Public Cloud Community Cloud

1. Any user who signs up can use a 1. Only users within a particular
public cloud. industry segment/ group can use
it. These users have common
objectives.
2. It uses pay-per-usage model 2. It is more expensive as the site is
which is expensive. customized for use by the
company group.
3. Security is less. 3. More secure as limited users have
accounts.
4. The provider is not known to the 4. The provider is not known to the
consumer. consumer.
5. No objective of compliance to 5. Objective is to have a compliance
regulations by an organization. to regulations by an organization.

Table-3: Public Cloud versus Community Cloud

12. Similarly, we can compare a private cloud and a hybrid cloud:-

Private Cloud Hybrid Cloud
1. It is fully set-up by a company. 1. It uses the resources of a public
provider on a pay-per-use model.
2. Performance is limited. 2. More scalable and elastic as it
can use public resources to meet
load spikes.
3. Lesser flexible. 3. More flexible as it can develop
and test services on a public
cloud and later deploy then on a
private cloud.
4. It is costlier. 4. It is cheaper.

Table-4: Private Cloud versus Hybrid Cloud

2.6.4 Community Cloud

21 | P a g e
Community cloud is a type /variant of Private Cloud but it goes beyond a
business or an organization. It is implemented when several businesses have
similar requirements and perspective to share. They are accessible to members
of a particular community but are not available to general public.

For example, branches of educational organizations and government, military

and industry suppliers.

Just keep in mind the following points regarding community clouds:-

1. They are needed when there is a necessity for general services.

2. By creating virtual machines from the machines that are under-utilized, a
community cloud can be established.
3. This is shown in figure-3. That is,

Commun
ity

(cloud services like Iaas/PaaS/SaaS are used)

........
Company-1 Company-2 Company-3
Figure 2.6: Community Cloud

2.6.5 Throw-away Clouds

In New York, another type of cloud was used wherein the cloud was taken
on rent for short-term or one-time projects. This is similar to a situation in
which you are renting a car from an agency and the returning it. This means

22 | P a g e
 lower cost per day. Clouds can be very much similar to this. For example,
you can negotiate a portion of SAP out for a test drive and you drop it into
the cloud for the 99-day test drive.

The same concept can also be extended to VMWare also. Imagine a new car
lot that is open 24*7 with thousands of different types of models and you can
rent them. Please note that the point is that you don’t have to struggle for
setting up an environment just for a test drive when trial-period is also
short. Similarly in VMWare system, you just need to drop into a cloud or a
VMWare system and turn it ON. Also note that everything is configured
here and ready for you to explore. Such clouds are throwaway clouds.

2.6.6 Travelling Clouds

In 2007, MS UNIFIED COMMUNICATIONS Inc., tried to show their latest
wares for InfoWorld editors. Assume that the entire constellation of servers for
this scenario required 8 Windows Servers, with one server requiring 128-bit
operating system. This was quite large. In such a case, the product manager
hopped on a plane with a big USB hard drive and was tied up with
preconfigured MS Unified Comm. Constellation having active server directory,
SQL server for repository, file server etc. So, please note that what had to be
done by the manager was just to change a single IP address on the
Exchange Server for external connectivity. This is an example of travelling
cloud.

2.7 Cloud Interoperability and Standards

Clouds need to be standardized in two fields—standardizing parts of clod like
workloads, authentication and data access as well as on the parts that need to
work together. The Cloud Standards Coordination WIKI maintains a list of
some of these projects. The following table lists some of the cloud
standardization efforts made so far along with their URLs:-
Project Name URL Focus
CloudAudit www.cloudaudit.org Open, extensible and
secure interface,
namespace and
methodology for cloud
providers and their
consumers.
Cloud Computing www.cloudforum.org Common, agreed-on
Interoperability Forum framework for cloud
platforms to exchange
information in unified

23 | P a g e
 manner.
Cloud Security www.cloudsecurityalliance.org Recommended
Alliance practices for cloud
computing security.
Cloud Standards www.cloudstandardscustomercouncil.org Standards, security and
Customer Council interoperability issues
related to migration to
the cloud.
Cloud Storage www.snia.org/cloud Adoption of cloud
Initiative storage as a new
delivery model (Data-
Storage-as-a-Service).
Initiative sponsored by
the Storage
Networking Industry
Association (SNIA),
the creator and
promoter of Cloud
Data Management
Interface (CDMI).
SNIA includes
members from Oracle,
NetApp and EMC.
Delta Cloud www.incubator.apache.org/deltacloud Abstraction layer for
dealing with
differences among
IaaS providers. API
based on
representational state
transfer (REST). Has
libraries for seven
providers inclusive of
Amazon EC2,
Eucalyptus and
Rackspace.
Distributed www.dmtf.org/standards/cloud Management
Management Task interoperability for
Force [DMTF] cloud systems,
developer of Open
Virtualization
Framework (OVF).
IEEE P2301, Guide www.standards.ieee.org/develop/project/2301.html Standards based
for Cloud Portability options for application
and Interoperability interfaces, portability
Profiles interfaces,
management
interfaces,
interoperability
interfaces, file formats
and operation
conventions.
IEEE P2302, Draft www.standards.ieee.org/develop/project/2302.html Protocols for
Standard for exchanging data,
Intercloud Programmatic queries,
Interoperability and functions and
Federation. governance for cloud
sharing data or
functions.
OASIS Identity in the www.oasis-open.org/committees/tc_home.php?wg_abb rev Performs risk analysis

24 | P a g e
 Cloud (IDCloud) = id-cloud on collected use cases,
also develops
guidelines for reducing
vulnerabilities.
Open Cloud www.occi-wg.org REST-based interfaces
Computing Interface for management of
cloud resources like
computing, storage
and bandwidth.
Open Cloud www.opencloudconsortium.org Frameworks for
Consortium interoperating between
clouds and operation
of the Open Cloud
Testbed.
Open Data Centre www.opendatacentrealliance.org Unified customer
Alliance vision for long term
data centre
requirements,
developing usage
models for cloud
vendors.
Open Stack www.openstack.org Open source software
for running private
clouds, founded by
Rackspace and NASA.
Standards www.nist.gov/it1/cloud/sajacc.cfm Cloud standards are
Acceleration to obtained by providing
Jumpstart Adoption of use cases that can be
Cloud Computing supported on cloud
systems. Use cases
should show a set of
documented and
public cloud system
specifications.
The Open Group https://collaboration.opengroup.org/cloudcomputing/ Other cloud standards
Cloud Work Group organizations and this
cloud work group
together tell
enterprises on how to
implement cloud
services in their
companies.
Table: Cloud Standardization Efforts

2.8 Cloud Interoperability Use Cases

Cloud consumers and cloud providers interactions are shown with the help of
use cases with reference to cloud computing. Companies like NIST, OMG,
DMTF etc. have developed standards for data portability, cloud interoperability,
security and management. They have developed use cases for cloud
computing.

25 | P a g e
Role of NIST: NNIST defines a set of 21 use cases. They are put under 3
groups:-

a) Cloud Management Use Cases.

b) Cloud Interoperability Use Cases.
c) Cloud Security Use Cases.

Cloud Management Use Cases: It includes-

 Opening an account.
 Closing an account.
 Terminating an account.
 Copy data objects into a cloud.
 Copy data objects out of cloud.
 Erase data objects on a cloud.
 VM (Virtual Machine) Control-allocate VM instance.
 VM Control- Manage Virtual Machine Instance State.
 Query Cloud- Provider capabilities and capacities.

Cloud Interoperability Use Cases: It includes-

 Copy data objects between cloud providers.

 Dynamic operation dispatch to IaaS clouds.
 Cloud burst from data centre to cloud.
 To migrate a queuing-based application.
 To migrate VMs from one cloud provider to another.

Cloud Security Use Cases: It includes-

 Identity Management: User Account Provisioning.

 User authentication in the cloud.
 Data access authorization policy management in the cloud.
 User credential Synchronization between Enterprise and the cloud.
 eDiscovery.
 Security Monitoring.
 Sharing of access to data in a cloud.

Role of OMG: In an Open Cloud Manifesto, OMG gives a more abstract set of
use cases. These are much more generic than those published by NIST. Also
they relate more to deployment than to usage. The use cases ‘Changing Cloud
Vendors’ and ‘Hybrid Cloud’ are of interest from a standards perspective

26 | P a g e
because they are the main drivers for standards in cloud computing
environments. For example, use case ‘Changing Cloud Vendors’ motivates
organizations that do not want to be in a vendor lock-in situation.

The following use cases are supported by OMG:-

1. End User to Cloud: Applications running in the public cloud and

accessed by end users.
2. Enterprise to Cloud to End User: Applications running in the public
cloud and accessed by employees and customers.
3. Enterprise to Cloud: Applications running in the public cloud integrated
with internal IT capabilities.
4. Enterprise to Cloud to Enterprise: Applications running in the public
cloud and interoperating with partner applications (supply chain).
5. Private Cloud: A cloud hosted by an organization inside that
organization’s firewall.
6. Changing Cloud Vendors: An organization using cloud services decides
to switch cloud providers or work with additional providers.
7. Hybrid Cloud: Multiple clouds work together, coordinated by a cloud
broker that federates data, applications, user identity, security and other
details.

Role of DMTF: DMTF has also produced a list of 14 use cases specifically
related to cloud management and is as follows:-

1. Establish relationship.
2. Administer relationship.
3. Establish service contract.
4. Update service contract.
5. Contract reporting.
6. Contract billing.
7. Terminate service contract.
8. Provision resources.
9. Deploy service template.
10. Change resource capacity.
11. Monitor service resources.
12. Create service offerings.
13. Notification of service condition or event.

27 | P a g e
Conclusions: From these uses cases as above, four types of use cases relate to
consumer-provider interactions that would benefit from the existence of
standards. These interactions relate to interoperability and can be mapped to the
following four basic cloud interoperability use cases:-

1. User Authentication: A user who has established an identity with a

cloud provider can use the same identity with another cloud provider.
2. Workload Migration: A workload that executes in one cloud provider
can be uploaded to another cloud provider.
3. Data Migration: Data that resides in one cloud provider can be moved to
another cloud provider.
4. Workload Management: Custom tools developed for cloud workload
management can be used to manage multiple cloud resources from
different vendors.
2.9 Standards in Cloud Computing
The need is to address two issues—workload migration and data migration
use cases. Standards that fulfil these two criteria are most welcomed. This is so
because such standards would mitigate vendor lock-in concerns. This needs
standardization of virtual-machine image file formats and APIs for cloud
storage.

Standardization for the user-authentication use case has an advantage that

user identities based on OpenID or authentication protocols based on OAuth, for
instance, could be used across multiple providers that support these standards.

Standardization to support the workload management use case would

leverage any existing efforts related to the construction of workload
management clients and scripts that could be used across multiple providers.

As we know that cloud provides three types of services, basically—IaaS, PaaS

and SaaS. Let us now see how these three main services are benefitted from the
standardization.

IaaS and Standardization: IaaS is a service model that would be most

benefitted from the standardization because the main building blocks of IaaS
are workloads represented as virtual-machine images and storage units
that vary from typed data to raw data. For workload migration, standard
efforts like OVF and VHD would allow users to extract an image from one
provider and upload it to another provider. Given that most IaaS providers allow

28 | P a g e
consumers to install and run any OS, a more manual and time-consuming form
of migration would be to retrieve the image from the current provider, create a
new image on a new provider and reinstall software. This manual migration
would not require standards as long as there is a way to retrieve the application
state e.g. application data, files, running processes) from the source image and
move it to a new image.

For data migration, standards efforts such as CDMI and the Amazon S3 API,
which multiple providers support, would enable users to extract data from one
provider and upload it to a different provider. If a provider implements these
standard interfaces using SOAP or REST-based protocols, the cloud will offer
the advantages of ease of development and tool availability. But please note
that these standards are more useful for raw data that is not typed e.g.
virtual machine images, files, blobs, because the cloud resource in this case
acts as a container and usually does not require data transformation. For
typed data, data migration would occur similar to any other data migration task
—users must extract data from its original source, transform it to a format
compatible with the target source and upload it into the target source, which
could be a complex process. Also note that the effort required for
transformation will also depend on factors such as the similarity between
the target’s and source’s data storage technologies like moving from one
SQL-compatible database to another will be easier than moving from an object
database to a relational database and vice versa and also the similarity of the
interface operations like two SOAP-based interfaces can have completely
different operations.

PaaS and Standardization: The PaaS service model benefits less from
standardization than IaaS. Organizations implementing PaaS will get benefits
out of the development platform. The platform provides many capabilities out
of the box, like managed application environments, user authentication, data
storage, reliable messaging etc in form of libraries that can be integrated into
applications. This functionality is tied to a specific language and run-time
environment. For example, Google App Engine supports applications written
in Java, Python and Go. MS AZURE supports applications written in .NET and
more recently written applications in Java2, PHP and others. The incentives for
PaaS adoption are basically rapid development and deployment and the
potential for these applications to serve a greater number of clients. Buying
into PaaS means buying into a platform in the same way that organizations

29 | P a g e
traditionally have and is based on added value, skills, cost etc. providers can
make applications more interoperable by selecting platforms that support more
standardized tools and languages like JDBC, ODBC and SQL. For example,
the default data store in Google App Engine is the High Replication Data Store
that offers automatic replication of data across data centres. A user can access
the data store with a standard API or a low-level API. Please understand
that the trade-off is that the standard API, makes an application more
portable but offers less control and less provider-specific value-added
features than the low-level API, resulting in lowest common denominator
for features.

SaaS and Standardization: As we know that SaaS is a different model as it is

an licensing agreement to third-party software instead of a different deployment
model for existing resources that range from data storage to applications. SaaS
benefits from Standardization are limited than for PaaS. For SaaS offerings like
salesforce.com CRM, the user is the end-user. On the other hand, in other SaaS
offering like Google Maps the user can be a developer also who is integrating
functionality from these services into other applications. Here, again standard
APIs are useful as they facilitate the development process.

SaaS provider has its own processing logic. Also understand that the only
field where SaaS would benefit from standardization is data storage
because of the most important concern for SaaS consumers. For instance,
an online storage service got shut down and a SaaS provider lost access to 45%
of its customer data. In such a scenario, the consumer would have to extract its
data from SaaS provider, write logic to perform data transformations and then
upload data to a new SaaS provider. The standardized APIs could make this task
easier.
Note: Expecting PaaS and SaaS providers to standardize feature sets is equivalent to asking ERP
software vendors to standardize feature sets.

The question is that do clouds require new standards? The answer is here.

Interoperability refers to the ability of a collection of communicating

entities to share specific information and operate on it according to agreed
on operational semantics. As explained earlier, even though the community
desires standards for cloud interoperability, the reality is that existing standards
efforts are so far focusing on portability only i.e. the ability to migrate
workloads and data from one provider to another. While cloud

30 | P a g e
interoperability, as defined by Brownsword is the ability of resources on one
cloud provider to communicate with resources on another cloud provider.

For IaaS, there are two basic use cases that exercise this service model’s
potential for interoperability:-

USE CASE-1 (UC-1): Workload W 1 on Cloud C1 can communicate with Workload W2 on Cloud C2.

USE CASE-2 (UC-2): Workload W 1 on Cloud C1 can access Data Store DS in Cloud C2.

To support UC1, the following conditions must be true:

1. Workload W2 is accessible over the network and has a known address,

URI or other unique identifier.
2. Workload W1 is authorized to communicate with Workload W2.
3. Workload W2 exposes an interface that Workload W1 can use.

This is a common interoperability scenario between two systems that does not
require standards built especially for cloud. Standards like SOAP and REST
and other existing user-authentication standards could support this scenario if
the cloud meets the conditions as given above.

Please note that once workloads are running in a cloud instance, they
behave like any other server.

To support UC2, the following conditions must be true:

1. DS is accessible over the network and has a known address, URI, or other
unique identifier.
2. Workload W1 is authorized to access DS.
3. DS exposes an interface that Workload W1 can use.

Also note that this use case does benefit from standards for cloud data
access such as CDMI and the Amazon S3 API.

Basic Use Case

The basic use case that exercises the PaaS service model’s potential for
interoperability is similar to UC1 for IaaS:-

Application A1 deployed on cloud C1 can communicate with Application A2 on

cloud C2. Also similarly to supporting UC1 to support this use case the
following must be true:-

31 | P a g e
 1. Application A2 is accessible over the network and has a known address,
URI, or other unique identifier.
2. Application A1 is authorized to interact with Application A2.
3. Application A2 exposes an interface that Application A1 can use.

Note that this is also a common interoperability scenario that does not
require standards build specifically for the cloud. The basic use case
that exercises the SaaS service model’s potential for interoperability is
the same as for PaaS, except that it refers to interoperability between
SaaS products instead of between applications. Interoperability between
PaaS-deployed applications and IaaS workloads/data stores and SaaS
producst could also be supported the same way, if the cloud meets the
conditions as given above. The bottom line is that existing standards such as
those that support service-oriented systems can support real cloud
interoperability.

System interoperability too exists at different levels. Technical

interoperability is about exchanging data. Semantic interoperability is
about exchanging meaningful data. Organizational interoperability is
about participating in multi-organizational business processes. Also note
that standards like SOAP and REST enable technical or syntactic
interoperability but do not guarantee semantic or organizational
interoperability. Systems or data deployed inside cloud providers will have
to rely on documentation or formal/informal agreements to provide meaning
to the interaction (just as in any use case that required systems to
interoperate).

2.10 Scalability and Fault Tolerance in Clouds

1. Resource Management: When you deploy your application

and services to the Cloud, It provides the necessary virtual
machines, network bandwidth and other infrastructure resources.
Please understand that if machines go down for hardware
updates or because of unexpected failures, cloud locates new
virtual machines for your application automatically. Because
you will only pay for what you use, so you can start with a
smaller investment. Doing so avoids incurring the typical

32 | P a g e
 upfront costs required for an on-premises deployment. This can
be especially useful for smaller companies. In an on-premises
scenario, small organizations might not have the data centre
space, IT skills or hardware skills necessary to deploy their
applications successfully. For example, the automatic
infrastructure services that Microsoft Azure provides offer a low
barrier of entry for application deployment and management.

2. Dynamic Scaling: The process of scaling-out and scaling

back your application depending on resource requirements
is known as dynamic scaling. It is also known as elastic
scaling. With cloud services, you create roles that work together
to implement your application logic. For example, one web role
could host the ASP.NET front-end of your application. One or
more worker roles could perform necessary background tasks.
One or more virtual machines hosting each role are called as
role instances. Requests are load balanced across these
instances. Please understand that in this scenario, as resource
demands increase, you can provision new role instances to
handle the load. Also note that when demand decreases, you
can remove these instances so that you don’t have to pay for
unnecessary computing power. There are also options for
automatically scaling up and down based on pre-defined rules
and policies. This is very different from an on-premises
deployment where you must over-provision hardware to
anticipate peak demands if you want more control over
automatic scaling than he platform provides. It is also possible
to scale-out websites and virtual machines. If your application
requires fluctuating or unpredictable demands for computing
resources, cloud like MS AZURE allows you to easily adjust
your resource utilization to match the load.
3. High Availability and Durability: Cloud vendors like MS
AZURE, provides a platform for applications that can reliably
33 | P a g e
 store and access server data through its storage services. Cloud
applications like MS AZURE have MS AZURE-SQL
DATABASE for the same purpose. It ensures high availability
of compute resources. For websites, you can meet the
requirements of Service Level Agreement (SLA) with only a
single instance. Please note that for cloud services and virtual
machines, you can meet the SLA requirements by having at
least two instances per role or machine type. For virtual
machines, the instances must be interchangeable and load
balanced. It is the cloud vendor like MS AZURE that monitors
the actual hardware that hosts these virtual machines and
instances. Also note that vendor like MS AZURE is able to
respond quickly to hardware restarts or failures by
deploying new instances or moving application code and
processing to other working hardware. The cloud vendors
like AZURE ensures high availability and durability for data
stored by one of its storage services. MS AZURE storage
services replicate all data to at least three different servers. By
default, this storage also replicates to a secondary MS AZURE
region. Similarly, MS AZURE SQL DATABASE replicates all
data to guarantee availability and durability.
4. Highly Available Services: Say, there is an online store that is
deployed in MS AZURE. Note that as this online store is a
revenue generator, so it is important and critical to stay it
running. To achieve this objective, AZURE data centre
performs service monitoring and automatic instance
management. The online store must also stay responsive to
customer demand. The elastic scaling ability of MS AZURE
accomplishes this. During peak shopping times, new
instances can come online to handle the increased usage.
Also, the online store must not lose orders. Please understand
that both MS AZURE and AZURE SQL DATABASE
provide highly available and durable storage options to hold
34 | P a g e
 the order details and state throughout the order life cycle.
For the highest level of availability, you can deploy the same
application to multiple MS AZURE regions. Also note that it is
possible to design a service that remains available even if an
entire MS AZURE region experiences a temporary failure.
Doing this requires proper synchronization architecture and
procedures for routing users.
5. Periodic Workloads: Some applications like a demo or a utility
application that you want to make available only for several
days or weeks. They need not be run continuously. MS AZURE
allows you to easily create, deploy and share that application.
Note that once this purpose is achieved, you can remove the
application and you are charged only for the time it was
deployed.
Case Study: Consider a big company that runs complex data
analysis of sales numbers at the end of each month. Although
processing-intensive, the total time required to complete
analysis is at most two days. In an on-premises scenario, the
server required for this work would be under-utilized for the
majority of the month. In MS AZURE, the business would pay
only for the time the analysis application is running in the cloud.
Assume that the application architecture is designed for parallel
processing. The scale out features of MS AZURE would allow
the company to create large numbers of worker role instances
or virtual machines. Working together these can complete more
complex work in less time. In this case study, you should use
code or scripting to automatically deploy the application at the
appropriate time every month.
Note: Remove the deployment as just suspending the application is not sufficient,
as this will avoid charges for compute time.

6. Unpredictable Growth: All businesses have a goal of rapid and

sustainable growth. But growth is not easy to achieve if

35 | P a g e
 traditional on-premises model is used. If you do not meet the
expected growth even after spending huge dollars then it means
you have spent on maintaining underutilized hardware and
infrastructure. But if growth happens more quickly than
expected, you might be unable to handle the load. This results in
lost business and poor customer experience. For smaller
companies, there might not even be enough initial capital to
prepare for or keep up with rapid growth. For example, say
there is a small sports news portal (specialized part of website)
that makes money from advertising. Here, the amount of
revenue is directly proportional to the amount of traffic that
the site generates. In this case, initial capital for the venture is
limited. Also a company does not have the money required to
set up and run its own data-centre. But by designing the website
to run on MS AZURE, the company can easily deploy its
solution as an ASP.NET application. The application will use
MS AZURESQL DATABASE for relational data and blob
storage for pictures and videos. Please understand that if the
popularity of the website grows dramatically, the company
can increase the number of web role instances for its front-
end. The company can also increase the size of the AZURE
SQL DATABASE service. The blob storage has an in-built
scalability features within MS AZURE. Also understand that
if business decreases, the company can remove any
unnecessary instances. Also because its revenue is
proportional to the traffic on the site, MS AZURE helps the
company to start small, grow fast and reduce risk. If you use
MS AZURE in your company, then you have full control to find
out how you can manage your computing costs. You can decide
to implement automatic scaling through the use of the
AUTOSCALE feature or through the use AUTOSCALING
APPLICATION BLOCK. This can add or remove instances
based on custom rules (pre-determined amount). For example,
36 | P a g e
 you might have 8 instances during business hours and 4
instances during non-business hours. You can also keep the
number of instances constant and only increase them manually
through the web portal as demand increases over time. MS
AZURE provides you the flexibility to make the decisions that
are right for your business.
7. Workload Spikes: This workload pattern also works on the
principle of elastic scale, as explained earlier. Re-consider the
example of sports news portal once again. Now, even as its
business is steadily growing, there is still a possibility of
temporary spikes or bursts of activity. For example, assume
that another popular news outlet refers to the site. This means
that the number of visitors to the site could dramatically
increase in a single day.
Example 2, consider a service that processes daily reports at the
end of the day. When the business day closes, each office sends
in a report that the company headquarters processes. Please note
that because the process is only active a few hours each day,
it is also a candidate for elastic scaling and deployment. Also
note that MS AZURE is suitable for temporarily scaling out
an application to handle load spikes and then scaling back
after the event has passed.
8. Infrastructure Offloading: It has been observed that most of
the cloud scenarios make use of elastic scaling of MS AZURE.
Also, even applications that show steady workload patterns will
do a significant cost savings using MS AZURE cloud services.
Please note that it is difficult and costlier to manage your
own data-centre as it is costlier in terms of energy, people,
skills, hardware, software licensing and facilities. Also note
that it is difficult to understand how costs are tied to
individual applications. MS AZURE, however, makes those
costs to minimum and more and more transparent too.

37 | P a g e
 For example, MS AZURE VIRTUAL MACHINES (VM) and
VIRTUAL NETWORK (VN) provide an easier method of
migrating on-premises servers and networks to the cloud. But
transitioning on-premises applications to cloud services or
websites also alleviates the pressure on the on-premises data-
centre. MS AZURE and not these data centres are actually
responsible for providing the required computing and storage
resources for those applications. also MS AZURE provides a
pricing calculator for understanding specific costs. It also
provides a TOTAL COST OF OWNERSHIP (TCO) calculator
for estimating the overall cost reduction that cloud occur by
adopting MS AZURE.
9. Resource management, dynamic scaling and high availability
and durability are some of the main advantages of running
applications in cloud.
10. To ensure the highest levels of availability, for managing
unpredictable growth and for handling workload spikes, MS
AZURE is preferred.
11. Quick service, safe and secure service, multiple user
access, development environment and unlimited storage are
some of its benefits.
12. Lesser operational issues, more reliability, more flexibility,
innovative and easier communication among teams and
customers.
2.11 Cloud Solutions
The backing up of data to a remote, cloud-based server is known as cloud
backup or cloud computer backup. This data is accessible from multiple
distributed and connected resources that comprise a cloud. Cloud backup
solutions enable enterprises or individuals to store their data and computer files
on the Internet using a storage service provider rather than storing the data
locally on a physical disk like a hard disk. Backup providers enable consumers
to remotely access the service using a secure client log –in application to back
up files from the customer’s computers or data centre to the online storage

38 | P a g e
server using an encrypted connection. Please understand that to restore or
update a cloud back up, consumers need to use the service provider’s
specific client application or web browser interface. Also note that files and
data can be automatically saved to the cloud backup service on a regular
basis or the information can be automatically backed up anytime changes
are made. This is also known as cloud sync.

For enterprises, enterprise-grade cloud backup solutions are available that

typically add required features like archiving and disaster recovery.

2.12 Cloud Ecosystem

It is defined as a complex system of interdependent components which
work together to enable cloud services. By the term, ‘complex’ we mean both
the traditional elements of cloud (like software and infrastructure) as well as
integration of consultants, third parties, partners and anything related to
their environments. When we say, a cloud ecosystem, we say that there are five
major actors as follows:-

1. Service Providers: These are the companies that offer cloud services to
its customers and businesses. These companies run very big cloud data
centres (CDCs, to be discussed shortly). These CDCs host massively
virtualized, redundant software and hardware systems. These may
provide direct services to its customers. They are expert too in data centre
management and scalability.
2. Software Vendors: Cloud software (providing cloud services) run
differently than traditional software. They may perform the same task but
their architectures are different. Also note that sometimes an overlap
exists between software vendors and the service providers. Software
vendors observed that it is economically feasible to package software and
hardware together in the data centres. This will also optimize service
delivery in the cloud.
3. Enablers/ Implementers: These are the vendors that offer services to
provide end-to-end solutions with software integration from different
vendors. Many companies buy software licenses from vendors but are
unable to deploy it due to lack of expertise. So, enablers/implementers
can solve this problem by providing consulting services for those
purchased software licenses.

39 | P a g e
 4. Businesses: Any business that is benefitted with cloud will implement it.
This is so because every business needs to maintain their IT up-to-date
and want to minimize costs involved.
5. Independent Software Vendors: They are very expert in doing vertical
scaling i.e. adding resources like storage, processors etc. to expand the
processing capability. They build vertical applications on an existing
platform. And cloud provides a great platform for these independent
software vendors.
2.13 Duty Cycle
As we know that cloud data centres are having several servers. This increases
the energy consumptions. These servers are designed to be overloaded and
overdesigned for better reliability. They must support redundancy, error-
correcting RAM, parity disk drives, (n + 1) power supplies and so on. All this
needs energy to cool and power it, light the data centre, provide security etc.
And this concept of purposely overdesigning a true server for a constant
reliable operation is known as duty cycle.

2.14 Cloud Business Process Management

Every organization wants that its processes are current, updated and effective to
make it better. Business Process Management (BPM) is done during crisis. The
need is to produce suitable analysis and to identify the bottlenecks in a process.
And this can be easily done with cloud. BPM involves 6 phases as shown in
figure- .

Business Vision

Optimization Process Design

Monitoring Modelling

Execution

40 | P a g e
 Figure: Cloud BPM

Let us discuss these phases of BPM now.

Phase-1: Business Vision

The objectives and goals of any business are attached with its vision. Functions
are planned around them. Each function is in turn associated with a list of
processes. Thus, functions and processes help in achieving managerial goals.
This is the job of functional chief in business.

Phase-2: Process Design

The existing processes and the required processes need to be taken care of and
be designed. Proper process flow is needed.

Phase-3: Modelling

It takes design as an input and creates a business model.

Phase-4: Execution

The need is to develop such software that executes all these steps properly.
Buying is also an option but not an efficient solution. The process becomes
more complex when we mix software and humans.

Phase-5: Monitoring

Now the need is to track the identified processes, understand them and to build
statistics on them. All customer transactions must be monitored and made
better, if needed.

Phase-6: Process Optimization

Optimization here means minimization of potential bottlenecks, of costs etc. this

adds a ‘value’ to the system.

Examples/ tools/ BPM Software Products

IBM’s Business Process Manager on cloud offers business users a quick start.
No need of maintaining infrastructure. It delivers BPMS –BUSINESS
PROCESS MANAGEMENT SERVICE as a PaaS service platform.

Other examples of BPM on cloud are Oracle Fusion, Barium live, Elite BPM
Cloud, Billfish BPM, Cordys, Appian BPM suite etc.

41 | P a g e
Commercial BPMS available in market today are like IBM websphere process
management, Oracle BPM, MS BizTalk etc.

Open source software like Shark, Active BPEL, jBPM etc. are also available.

2.15 Testing Under Control

Testing of cloud can be done in two different ways as follows:-

1. Testing the Cloud.

2. Testing on Cloud.

Testing the Cloud means testing the cloud. It involves both verification and
validation of applications, environments and infrastructure that are made
available on pay-per-use model. It refers to testing of private, public and hybrid
clouds i.e. whether these meet the customer’s needs or not. Before migrating to
cloud, the applications in execution should ensure that the security and
reliability of the applications is still in place.

On the other hand, testing on Cloud refers to the cloud infrastructure to

perform traditional testing like performance, load, stress, security and
compatibility. Please understand that testing on cloud means testing
applications that use resources like hardware, software and infrastructure,
of the cloud. Testing-as-a-Service (TaaS) is a business model based on testing
services on the cloud. It is an extension of testing on cloud that delivers
application testing services in this pay-per-use model. TaaS is a new service
model. It provides a provider provision to perform software testing of a given
Application Under Test (AUT) in a cloud infrastructure based on customer
demand.

As we know that testing is limited in budget, time, costs, exponential number of

test cases, no reuse of tests and so on. But the unlimited storage of cloud, rapid
availability of infrastructure, more scalability, more support for distributed
testing environments etc. cloud testing is a better option. The cloud-based
infrastructure should be able to form a test-bed that is allocated to the testing
community. Even cloud testing is bound by service-level agreements. A huge
number of test cases and testing scenarios can be formed with cloud. It is also
called as on-demand testing. Cloud computing represents TaaS as a service
for SaaS and clouds. The need is to validate SaaS in a cloud environment like
42 | P a g e
software scalability, performance, security and service-level agreements. Better
quality of cloud-based applications. testing inter-operation capability and cloud
compatibility between cloud services and applications in cloud.

Advantages of TaaS

1. Reduced cost for quality of cloud.

2. Minimum test cycle time.
3. Real-time online validations are possible now as cloud provides on-
demand test services.
4. Easier to create test environment.
5. Website testers can automate and speed up web testing process now.
6. Present day web applications are very complex. Testing these web
applications is quite challenging task. In general, cloud-based testing
operates in a SaaS model. So no need of investment in any hardware or
software now.
7. It reduces test errors further as the infrastructure provided is standardized.
8. Better scalability during testing as per the demands.
9. Both functional and non-functional testing of mobile applications can be
done easily now as cloud is geographically distributed.

Tools for Cloud Testing

Some of the popular tools for cloud testing are CLOUDTEST, BLAZEMETER,
LOADSTORM, JANOVA, SILK PERFORMER CLOUDBURST FROM
BORLAND, HP QUALITY CENTRE etc.

2.16 Security Issues Associated with Clouds

Some of the security issues associated with clouds is as follows:-

1. In cloud computing, data is shared via Internet. Data is stored in a data

centre so that users can access from the cloud via these data centres.
Thus, the security is lost. Hacker can easily hack the data by any means.
Data should be protected during upload into the data centre.
2. Proper authentication of users is also must.
3. Timely availability of resources is also must.

43 | P a g e
 4. Cloud based applications are more vulnerable to attacks. A vulnerability
is a weakness in the system that can be exploited by a threat. The systems
need to be scanned properly.
5. Access control should be monitored so that only authentic users can use
cloud services.
6. Internet and mobile devices have opened new doors of data leaks.
7. A recent report by IDC which surveyed 244 respondents found that
security is the main challenge among cloud users today.
8. In another article by InfoWorld, it was stated that “...megabytes of
valuable customer or financial data could be compromised in just a few
seconds in a rogue data-centric mash-up is created” [4].

2.17 Cloud Security Controls

Several types of controls exist behind cloud security architecture. They are
as follows:-

1. Deterrent Controls: These controls are set in place to prevent any

purposeful attack on a cloud system. They are just like a warning sign and
do not reduce the actual vulnerability of a system.
2. Preventive Controls: These controls manage vulnerabilities. If attacks
were to occur, the preventive controls are in place to cover the attack and
reduce the damage and violation to the system’s security.
3. Corrective Controls: They are used to reduce the effect of an attack.
These controls take action as an attack is occurring.
4. Detective Controls: They are used to detect any attacks that may be
occurring to the system. In an event of an attack, the detective control
will signal the preventive or corrective controls to address the issue.

Summary
We have studied in this chapter that cloud computing is an Internet-based
computing that allows users to access resources on pay-per-use model.
Cloud is a new paradigm of computing that is changing the ways the
computational services are being used. A cloud computing platform has a
Cloud Service Provider (CSP) with a large number of systems connected to
it providing services to the clients via Internet. In addition to basic services,
cloud also provides TaaS, SeaaS, DaaS, MaaS as different services.

44 | P a g e
 Multiple Choice Questions [MCQs]
1. The biggest challenge of cloud computing today is-

a) Cost.
b) Security.
c) Time.
d) None of the above.

2. To make full use of interoperability principle of cloud computing-

a) Only use cloud provider located in UK.

b) Use hardware and software of a single vendor.
c) Use standard protocols.
d) None of the above.

3. TaaS is specialized form of-

a) Testing of Cloud.
b) Testing on Cloud.
c) IaaS.
d) None of the above.

4. Enablers are also called as-

a) Programmers.
b) Vendors.
c) Implementers.
d) None of the above.

5. BPM products on cloud model is-

a) Oracle Fusion.
b) Java Fusion.
c) DLLs.
d) None of the above.

45 | P a g e
 6. The ability of cloud consumers to copy data objects into or out of a cloud
is known as-

a) Data portability.
b) System portability.
c) Service portability.
d) None of the above.

7. Data in cloud computing is stored on-

a) Hard Disks.
b) Cloud Data Centres.
c) Pen Drives.
d) None of the above.

8. A technique in which multiple (many) database servers will work

together as a single logical database server in a clustered database
environment is known as-

a) Clustering.
b) Grid Computing.
c) Cloud Testing.
d) None of the above.

9. Shark is an-

a) Open source software.

b) Embedded software.
c) Real-time software.
d) None of the above.

10. The concept of purposely overdesigning a true server for a constant

reliable operation is known as-

a) CPU cycle.
b) Duty cycle.
c) Bicycle.

46 | P a g e
 d) None of the above.

Answers
1. b
2. c
3. b
4. c
5. a
6. a
7. b
8. a
9. a
10. b

Conceptual Short Questions with Answers

Q1. Define precloud computing?

Ans. 1 It is an email access via a single computer which also stores all email
messages. For example, Microsoft Outlook or Outlook Express.

Q2. What is Zvent?

Ans. 2 Zvent is a web search engine for local events. You can upload user event
schedule into the Zvents database and then anyone in user’s area can find out
what’s happening in the coming days.

Q3. How to manage web based projects?

Ans. 3 Different project management applications include additional functions

useful in management of group projects. These features may include group to-
do lists, web-based file sharing, message boards, time and cost tracking.

Q4. Name some task management applications in cloud.

Ans. 4 HiTask, Zoho Planner, Basecamp and GoPlan are some of the task
management applications in cloud.

Q5. Name some enterprise-level web-based expense reporting applications.

Ans. 5 Concur, ExpensePoint, TimeConsultant are some of them.

Q6. Name some web-based presentation programs.

47 | P a g e
Ans. 6 Google Presentations, Preezo, Zoho Show are some of them.

Q7. Name some web-based project management applications.

Ans. 7 AceProject, Basecamp, onProject are some of them.

Q8. What is Google calendar? How is it different from yahoo calendar?

Also explain what is Apple MobileMe Calender?

Ans. 8 Google Calender is free, fully featured and easy to use calendar
application that lets the user create both personal and shared calenders which
makes it useful for tracking business group, family and community schedules.
However, in Yahoo calendar there is an additional Add Task button.

MobileMe calendar is a web-based calendar that can be accessed from any

computer connected to Internet, Mac or Windows.

Q9. Name some web-based database applications.

Ans. 9 Dabble DB, MyWebDB, QuickBase, TeamDesk, Zoho Creator are some
of them.

Q10. Name some web-based word processing applications.

Ans. 10 Google Docs, ajaxWrite, Adobe Buzzword, KBdocs, Zoho Writer are
some of them.

Q11. What are the different types of cloud application requirements?

Ans. 11 Even cloud based requirements are of two types-

a) Functional requirements.
b) Non-functional requirements.

Functional requirements should cover the following points-

a) Required features.
b) Business goals.
c) User requirements.

Non-functional requirements should cover the following points-

a) Security.
b) Response time.
c) Services available.
48 | P a g e
 d) Backups to other clouds.
e) Extension to hybrid clouds.
f) Localization.
g) Compatibility with other cloud platforms.
h) Support for end-user devices like mobiles.

Q12. What is SOA for cloud applications?

Ans. 12 It is defined as a set of methodologies to design a cloud application

in form of interoperable units or services. These services are business
functionalities that are built as software modules or pieces of code. These
services can be reused for different other purposes within the cloud. Other
cloud developers are free to use and combine these services to create new
applications. Please note here that these functionalities or services are
loosely-coupled units (non-associated). SOA (Service-Oriented Architecture)
can be used to support communication between services too like data transfers.
Each of this interaction between services is self-independent. SOA enables
large applications to be broken into smaller components. They can be developed
independently. Each of these smaller components is known as a service only.
Later these components are assembled or loosely-coupled to meet business
needs. So, we can define SOA application as a modular, loosely-coupled set
of services designed to meet business needs. Since the services (or
components) can be easily ported to another platform so they have high cross-
platform interoperability. SOA services are ideal for deployment in cloud.

Q13. What are the benefits of SOA used for project work?

Ans. 13 According to the Gartner report,

a) More than 60% of SOA projects had a positive impact on their

organizations (to grow revenue).
b) SOA projects give positive returns within 10 months.
c) SOA reduces the cost of building IT systems.
d) SOA improves developer’s productivity too.

Q14. KR V & V company developed an application that they had to deploy

as a SaaS and make it available to global user community. Later the
project manager found that there was need to do performance testing with
large number of users as the user load was very high. But KR V & V

49 | P a g e
company could not afford to procure costly performance automation tools
for the purpose. So, what should this company do?

Ans. 14 KR V & V company should approach another company offering

TaaS services. This new TaaS based company decided to conduct performance
testing using HP’s Quality Center on a cloud computing platform by paying
only resource usage charges. The testing was done and then the application was
deployed as a SaaS.

Q15. Name some cloud-based testing services vendors.

Ans. 15 Cloud service vendors like SOASTA, HP Cloud, Testhouse,

Compuware, Load Impact, Neotys are some of the companies that allow
simulation of large web applications and checks their behaviour on a cloud
platform.

Q16. Write down the steps that are followed in using cloud-testing services.

Ans. 16. The following tests are followed for using cloud-testing services:-

S1: Select cloud test service provider.

S2: Develop user scenarios to test.

S3: Design test cases.

S4: Leverage cloud servers.

S5: Conduct testing.

S6: Analyze tests.

Q17. What is media cloud?

Ans. 17. Media Cloud is a system that lets you see the flow of the media.
Media cloud automatically builds an archive of news stories and blogs from the
web, applies language processing and gives you ways to analyze and visualize
data. This field is still in its infancy and more research needs to be done.

Q18. Write short notes on-

a) Cloud Stack.
b) Computing on Demand.
c) Cloud Sourcing.

50 | P a g e
 d) Cloud Analytics.
e) Resiliency.
f) Provisioning.
g) Cloud Governance.

Ans. 18.

a) Cloud Stack: It is an open source monolithic software platform that

groups computing resources to build Public, Private and Hybrid
Infrastructure as a Service (IaaS) clouds. It handles network, storage
and nodes that form a cloud infrastructure. Cloud stack platform is used
to install, manage and configure cloud computing environments. Some of
the benefits of cloud stack are as follows:-
a) Pay-per-use metering.
b) Network management.
c) AJAX based web GUI for management.
d) In-built high availability for hosts.
e) Virtual routers, firewalls and load balancers.

b) Computing on Demand (CoD): It is an enterprise model which

maintains computer resources and are made available to the user
enterprises as needed. Since demand for resources is dynamic, so the
vendor must maintain sufficient resources and this is a challenge for
them. Vendors like HP, MS, IBM, SALESFORCE, AMAZON SUN etc.
all provide on-demand services only as it allows them to create elastic
environments for better scaling.
c) Cloud Sourcing: A method in which cloud services and products are
outsourced to one or more cloud providers. It is the next future of
cloud computing. This concept allows the organizations to procure their
entire IT infrastructure from a cloud.
d) Cloud Analytics: It is also called as SaaS-based Business Intelligence
(BI). It is a type of cloud service model wherein the elements of data
analytics are provided with the help of a private or public cloud only.
Such applications are provided on utility-based or pay-per-use model.
For example, hosted data warehouses, cloud-based social media
analytics and SaaS BI. Cloud analytics will combine some or all of the
service models of cloud to deliver solutions.

51 | P a g e
 e) Resiliency: It is defined as the ability of a data centre and its
components to continue operating in case of any damage like power
breakdown, malfunctioning of equipment or natural disasters like
earthquakes etc.
f) Provisioning: It is the process of allocating a cloud provider’s
resources to the customer. By the term ‘provisioning’ we mean what,
how and when an organization can provide the cloud services. It helps in
managing workloads, resources, tasks and processes. It can be done in
three ways:-
1. Dynamic provisioning (like cloud bursting).
2. Contractual Provisioning (like customer and contractor sign an
agreement for required services).
3. Self-provisioning/ Cloud self-service (like a customer fills a form,
pay through credit card and then he gets resources within few hours).

g) Cloud Governance: It is defined as a sharing of responsibility between

the cloud provider and the user of cloud services. The main objective of
cloud service governance is to protect data and applications that are
located far-off (remotely). It manages contracts for SLAs, charging
through credit cards. But to make use of fine-grained services,
governance will help. It also involves defining of policies, design policies
and implementation policies.

Q19. How clouds are accessed?

Ans. 19. For cloud accessing, there are three ways:-

a) Platforms.
b) Web applications.
c) Web APIs.
d) Web Browsers.

Platforms show how a cloud computing environment is delivered to the end-

user. The objective is to support dynamic website development, web services
and web applications. Newer technologies like Ajax (Asynchronous JavaScript
and XML) creates interactive web applications [1, 2]. Similarly, Python
Django is a free open source web application framework developed in Python
language. It is used to create complex websites with database connectivity.

Web applications: Google Apps, Google Apps Premier Edition.

52 | P a g e
Web APIs: API stands for Application Programming Interface that has a set of
programs to access a web-based program. For example, GoGrid has an API
that allows developers to do monitored communications with its cloud hosting
infrastructure. It supports languages like JAVA2, PYTHON, PHP and Ruby.

Similarly, APEX API is very popular enterprise web service used today.

Web Browsers: Popular web browsers like Chrome, IE 8, Firefox, Safari etc.
are all used to get cloud services through Internet.

Q20. Distinguish between a traditional data centre and cloud data centre.

Ans. 20 The following table distinguishes between the same:-

Traditional Data Centre Cloud Data Centre

1. It has thousands of different 1. It has a fewer number of
applications. applications.
2. It has mixed hardware 2. It has homogeneous hardware
environment. environment.
3. It supports multiple 3. It supports standardized
management tools. management tools.
4. It needs frequent application 4. It has minimal application
patching and updating. patching and updating.
5. It includes complex workloads. 5. It includes simple workloads.

Exercise Questions
Q1. Explain different cloud standards. Also describe security standards.

Q2. What is a cloud ecosystem? Explain.

Q3. What is cloud outsourcing?

Q4. What is cloud testing? On what factor does it depends?

Q5. What are cloud testing challenges?

Q6. Write short note on cloud testing tools.

Q7. Explain TaaS.

Q9. Name some web-based spreadsheet applications.

[Hints: NumSum, Sheetster, Zoho Sheet, EditGrid etc. ]

53 | P a g e
Q10. Distinguish between functional requirements and non-functional
requirements?

54 | P a g e
55 | P a g e